document/TranslateProject
2
0
Fork 0
mirror of https://github.com/LCTT/TranslateProject.git synced 2025-02-03 23:40:14 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of https://github.com/LCTT/TranslateProject

Browse Source
This commit is contained in:
wi-cuckoo 2015-08-12 13:03:03 +08:00
commit 6daf5f87a3
34 changed files with 2431 additions and 1913 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
translated/tech/20150504 How to access a Linux server behind NAT via reverse SSH tunnel.md → published/20150504 How to access a Linux server behind NAT via reverse SSH tunnel.md
View File

@ -1,18 +1,18 @@
如何通过反向 SSH 隧道访问 NAT 后面的 Linux 服务器
================================================================================
你在家里运行着一台 Linux 服务器,访问它需要先经过 NAT 路由器或者限制性防火墙。现在你想不在家的时候用 SSH 登录到这台服务器。你如何才能做到呢SSH 端口转发当然是一种选择。但是,如果你需要处理多嵌套的 NAT 环境,端口转发可能会变得非常棘手。另外,在多种 ISP 特定条件下可能会受到干扰,例如阻塞转发端口的限制性 ISP 防火墙、或者在用户间共享 IPv4 地址的运营商级 NAT。
你在家里运行着一台 Linux 服务器,它放在一个 NAT 路由器或者限制性防火墙后面。现在你想在外出时用 SSH 登录到这台服务器。你如何才能做到呢SSH 端口转发当然是一种选择。但是,如果你需要处理多嵌套的 NAT 环境,端口转发可能会变得非常棘手。另外,在多种 ISP 特定条件下可能会受到干扰,例如阻塞转发端口的限制性 ISP 防火墙、或者在用户间共享 IPv4 地址的运营商级 NAT。
### 什么是反向 SSH 隧道? ###
SSH 端口转发的一种替代方案是 **反向 SSH 隧道**。反向 SSH 隧道的概念非常简单。对于此,在限制性家庭网络之外你需要另一台主机(所谓的“中继主机”),你能从当前所在地通过 SSH 登录。你可以用有公共 IP 地址的 [VPS 实例][1] 配置一个中继主机。然后要做的就是从你家庭网络服务器中建立一个到公共中继主机的永久 SSH 隧道。有了这个隧道,你就可以从中继主机中连接“回”家庭服务器(这就是为什么称之为 “反向” 隧道)。不管你在哪里、你家庭网络中的 NAT 或 防火墙限制多么严,只要你可以访问中继主机,你就可以连接到家庭服务器。
SSH 端口转发的一种替代方案是 **反向 SSH 隧道**。反向 SSH 隧道的概念非常简单。使用这种方案,在你的受限的家庭网络之外你需要另一台主机(所谓的“中继主机”),你能从当前所在地通过 SSH 登录到它。你可以用有公网 IP 地址的 [VPS 实例][1] 配置一个中继主机。然后要做的就是从你的家庭网络服务器中建立一个到公网中继主机的永久 SSH 隧道。有了这个隧道,你就可以从中继主机中连接“回”家庭服务器(这就是为什么称之为 “反向” 隧道)。不管你在哪里、你家庭网络中的 NAT 或 防火墙限制多么严,只要你可以访问中继主机,你就可以连接到家庭服务器。
![](https://farm8.staticflickr.com/7742/17162647378_c7d9f10de8_b.jpg)
### 在 Linux 上设置反向 SSH 隧道 ###
让我们来看看怎样创建和使用反向 SSH 隧道。我们有如下假设。我们会设置一个从家庭服务器到中继服务器的反向 SSH 隧道,然后我们可以通过中继服务器从客户端计算机 SSH 登录到家庭服务器。**中继服务器** 的公共 IP 地址是 1.1.1.1。
让我们来看看怎样创建和使用反向 SSH 隧道。我们做如下假设我们会设置一个从家庭服务器homeserver到中继服务器relayserver的反向 SSH 隧道然后我们可以通过中继服务器从客户端计算机clientcomputer SSH 登录到家庭服务器。本例中的**中继服务器** 的公网 IP 地址是 1.1.1.1。
在家庭主机上,按照以下方式打开一个到中继服务器的 SSH 连接。
在家庭服务器上,按照以下方式打开一个到中继服务器的 SSH 连接。
homeserver~$ ssh -fN -R 10022:localhost:22 relayserver_user@1.1.1.1
@ -20,11 +20,11 @@ SSH 端口转发的一种替代方案是 **反向 SSH 隧道**。反向 SSH 隧
“-R 10022:localhost:22” 选项定义了一个反向隧道。它转发中继服务器 10022 端口的流量到家庭服务器的 22 号端口。
用 “-fN” 选项,当你用一个 SSH 服务器成功通过验证时 SSH 会进入后台运行。当你不想在远程 SSH 服务器执行任何命令、就像我们的例子中只想转发端口的时候非常有用。
用 “-fN” 选项,当你成功通过 SSH 服务器验证时 SSH 会进入后台运行。当你不想在远程 SSH 服务器执行任何命令,就像我们的例子中只想转发端口的时候非常有用。
运行上面的命令之后,你就会回到家庭主机的命令行提示框中。
登录到中继服务器,确认 127.0.0.1:10022 绑定到了 sshd。如果是的话就表示已经正确设置了反向隧道。
登录到中继服务器,确认 127.0.0.1:10022 绑定到了 sshd。如果是的话就表示已经正确设置了反向隧道。
relayserver~$ sudo netstat -nap | grep 10022
@ -36,13 +36,13 @@ SSH 端口转发的一种替代方案是 **反向 SSH 隧道**。反向 SSH 隧
relayserver~$ ssh -p 10022 homeserver_user@localhost
需要注意的一点是你在本地输入的 SSH 登录/密码应该是家庭服务器的,而不是中继服务器的,因为你是通过隧道的本地端点登录到家庭服务器。因此不要输入中继服务器的登录/密码。成功登陆后,你就在家庭服务器上了。
需要注意的一点是你在上面为localhost输入的 SSH 登录/密码应该是家庭服务器的,而不是中继服务器的,因为你是通过隧道的本地端点登录到家庭服务器,因此不要错误输入中继服务器的登录/密码。成功登录后,你就在家庭服务器上了。
### 通过反向 SSH 隧道直接连接到网络地址变换后的服务器 ###
上面的方法允许你访问 NAT 后面的 **家庭服务器**,但你需要登录两次:首先登录到 **中继服务器**,然后再登录到**家庭服务器**。这是因为中继服务器上 SSH 隧道的端点绑定到了回环地址127.0.0.1)。
事实上,有一种方法可以只需要登录到中继服务器就能直接访问网络地址变换之后的家庭服务器。要做到这点,你需要让中继服务器上的 sshd 不仅转发回环地址上的端口,还要转发外部主机的端口。这通过指定中继服务器上运行的 sshd 的 **网关端口** 实现。
事实上,有一种方法可以只需要登录到中继服务器就能直接访问NAT之后的家庭服务器。要做到这点,你需要让中继服务器上的 sshd 不仅转发回环地址上的端口,还要转发外部主机的端口。这通过指定中继服务器上运行的 sshd 的 **GatewayPorts** 实现。
打开**中继服务器**的 /etc/ssh/sshd_conf 并添加下面的行。
@ -74,23 +74,23 @@ SSH 端口转发的一种替代方案是 **反向 SSH 隧道**。反向 SSH 隧
tcp 0 0 1.1.1.1:10022 0.0.0.0:* LISTEN 1538/sshd: dev
不像之前的情况,现在隧道的端点是 1.1.1.1:10022中继服务器的公 IP 地址),而不是 127.0.0.1:10022。这就意味着从外部主机可以访问隧道的端
不像之前的情况,现在隧道的端点是 1.1.1.1:10022中继服务器的公 IP 地址),而不是 127.0.0.1:10022。这就意味着从外部主机可以访问隧道的另一端。
现在在任何其它计算机(客户端计算机),输入以下命令访问网络地址变换之后的家庭服务器。
clientcomputer~$ ssh -p 10022 homeserver_user@1.1.1.1
在上面的命令中1.1.1.1 是中继服务器的公共 IP 地址,家庭服务器用户必须是和家庭服务器相关联的用户账户。这是因为你真正登录到的主机是家庭服务器,而不是中继服务器。后者只是中继你的 SSH 流量到家庭服务器。
在上面的命令中1.1.1.1 是中继服务器的公共 IP 地址,homeserver_user必须是家庭服务器上的用户账户。这是因为你真正登录到的主机是家庭服务器,而不是中继服务器。后者只是中继你的 SSH 流量到家庭服务器。
### 在 Linux 上设置一个永久反向 SSH 隧道 ###
现在你已经明白了怎样创建一个反向 SSH 隧道,然后把隧道设置为 “永久”这样隧道启动后就会一直运行不管临时的网络拥塞、SSH 超时、中继主机重启,等等)。毕竟,如果隧道不是一直有效,你不能可靠的登录到你的家庭服务器。
现在你已经明白了怎样创建一个反向 SSH 隧道,然后把隧道设置为 “永久”这样隧道启动后就会一直运行不管临时的网络拥塞、SSH 超时、中继主机重启,等等)。毕竟,如果隧道不是一直有效,你不能可靠的登录到你的家庭服务器。
对于永久隧道,我打算使用一个叫 autossh 的工具。正如名字暗示的,这个程序允许你不管任何理由自动重启 SSH 会话。因此对于保存一个反向 SSH 隧道有效非常有用。
对于永久隧道,我打算使用一个叫 autossh 的工具。正如名字暗示的,这个程序可以让你的 SSH 会话无论因为什么原因中断都会自动重连。因此对于保持一个反向 SSH 隧道非常有用。
第一步,我们要设置从家庭服务器到中继服务器的[无密码 SSH 登录][2]。这样的话autossh 可以不需要用户干预就能重启一个损坏的反向 SSH 隧道。
下一步,在初始化隧道的家庭服务器上[安装 autossh][3]。
下一步,在建立隧道的家庭服务器上[安装 autossh][3]。
在家庭服务器上,用下面的参数运行 autossh 来创建一个连接到中继服务器的永久 SSH 隧道。
@ -113,7 +113,7 @@ SSH 端口转发的一种替代方案是 **反向 SSH 隧道**。反向 SSH 隧
### 总结 ###
在这篇博文中,我介绍了你如何能从外部通过反向 SSH 隧道访问限制性防火墙或 NAT 网关之后的 Linux 服务器。尽管我介绍了家庭网络中的一个使用事例,在企业网络中使用时你尤其要小心。这样的一个隧道可能被视为违反公司政策,因为它绕过了企业的防火墙并把企业网络暴露给外部攻击。这很可能被误用或者滥用。因此在使用之前一定要记住它的作用。
在这篇博文中,我介绍了你如何能从外部通过反向 SSH 隧道访问限制性防火墙或 NAT 网关之后的 Linux 服务器。这里我介绍了家庭网络中的一个使用事例,在企业网络中使用时你尤其要小心。这样的一个隧道可能被视为违反公司政策,因为它绕过了企业的防火墙并把企业网络暴露给外部攻击。这很可能被误用或者滥用。因此在使用之前一定要记住它的作用。
--------------------------------------------------------------------------------
@ -121,11 +121,11 @@ via: http://xmodulo.com/access-linux-server-behind-nat-reverse-ssh-tunnel.html
作者:[Dan Nanni][a]
译者:[ictlyh](https://github.com/ictlyh)
校对:[校对者ID](https://github.com/校对者ID)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
[a]:http://xmodulo.com/author/nanni
[1]:http://xmodulo.com/go/digitalocean
[2]:http://xmodulo.com/how-to-enable-ssh-login-without.html
[3]:http://ask.xmodulo.com/install-autossh-linux.html
[2]:https://linux.cn/article-5444-1.html
[3]:https://linux.cn/article-5459-1.html

98
translated/tech/20150629 Autojump--An Advanced 'cd' Command to Quickly Navigate Linux Filesystem.md → published/20150629 Autojump--An Advanced 'cd' Command to Quickly Navigate Linux Filesystem.md
View File

@ -1,53 +1,54 @@
Autojump 一个高级的cd命令用以快速浏览 Linux 文件系统
Autojump:一个可以在 Linux 文件系统快速导航的高级 cd 命令
================================================================================
对于那些主要通过控制台或终端使用 Linux 命令行来工作的 Linux 用户来说,他们真切地感受到了 Linux 的强大。 然而在 Linux 的分层文件系统中进行浏览有时或许是一件头疼的事,尤其是对于那些新手来说。
对于那些主要通过控制台或终端使用 Linux 命令行来工作的 Linux 用户来说,他们真切地感受到了 Linux 的强大。 然而在 Linux 的分层文件系统中进行导航有时或许是一件头疼的事,尤其是对于那些新手来说。
现在,有一个用 Python 写的名为 `autojump` 的 Linux 命令行实用程序,它是 Linux [cd][1]’命令的高级版本。
![Autojump 命令](http://www.tecmint.com/wp-content/uploads/2015/06/Autojump-Command.jpg)
Autojump 浏览 Linux 文件系统的最快方式
*Autojump Linux 文件系统导航的最快方式*
这个应用原本由 Joël Schaerer 编写,现在由 +William Ting 维护。
Autojump 应用从用户那里学习并帮助用户在 Linux 命令行中进行更轻松的目录浏览。与传统的 `cd` 命令相比autojump 能够更加快速地浏览至目的目录。
Autojump 应用可以从用户那里学习并帮助用户在 Linux 命令行中进行更轻松的目录导航。与传统的 `cd` 命令相比autojump 能够更加快速地导航至目的目录。
#### autojump 的特色 ####
- 免费且开源的应用,在 GPL V3 协议下发布。
- 自主学习的应用,从用户的浏览习惯中学习。
- 更快速地浏览。不必包含子目录的名称。
- 对于大多数的标准 Linux 发行版本,能够在软件仓库中下载得到,它们包括 Debian (testing/unstable), Ubuntu, Mint, Arch, Gentoo, Slackware, CentOS, RedHat and Fedora。
- 自由开源的应用,在 GPL V3 协议下发布。
- 自主学习的应用,从用户的导航习惯中学习。
- 更快速地导航。不必包含子目录的名称。
- 对于大多数的标准 Linux 发行版本,能够在软件仓库中下载得到,它们包括 Debian (testing/unstable), Ubuntu, Mint, Arch, Gentoo, Slackware, CentOS, RedHat Fedora。
- 也能在其他平台中使用,例如 OS X(使用 Homebrew) 和 Windows (通过 Clink 来实现)
- 使用 autojump 你可以跳至任何特定的目录或一个子目录。你还可以打开文件管理器来到达某个目录,并查看你在某个目录中所待时间的统计数据。
- 使用 autojump 你可以跳至任何特定的目录或一个子目录。你还可以用文件管理器打开某个目录,并查看你在某个目录中所待时间的统计数据。
#### 前提 ####
- 版本号不低于 2.6 的 Python
### 第 1 步: 做一次全局系统升级 ###
### 第 1 步: 做一次完整的系统升级 ###
1.**root** 用户的身份,做一次系统更新或升级,以此保证你安装有最新版本的 Python。
1**root** 用户的身份,做一次系统更新或升级,以此保证你安装有最新版本的 Python。
# apt-get update && apt-get upgrade && apt-get dist-upgrade [APT based systems]
# yum update && yum upgrade [YUM based systems]
# dnf update && dnf upgrade [DNF based systems]
# apt-get update && apt-get upgrade && apt-get dist-upgrade [基于 APT 的系统]
# yum update && yum upgrade [基于 YUM 的系统]
# dnf update && dnf upgrade [基于 DNF 的系统]
**注** : 这里特别提醒,在基于 YUM 或 DNF 的系统中,更新和升级执行相同的行动,大多数时间里它们是通用的,这点与基于 APT 的系统不同。
### 第 2 步: 下载和安装 Autojump ###
2. 正如前面所言,在大多数的 Linux 发行版本的软件仓库中, autojump 都可获取到。通过包管理器你就可以安装它。但若你想从源代码开始来安装它,你需要克隆源代码并执行 python 脚本,如下面所示:
2 正如前面所言,在大多数的 Linux 发行版本的软件仓库中, autojump 都可获取到。通过包管理器你就可以安装它。但若你想从源代码开始来安装它,你需要克隆源代码并执行 python 脚本,如下面所示:
#### 从源代码安装 ####
若没有安装 git请安装它。我们需要使用它来克隆 git 仓库。
# apt-get install git [APT based systems]
# yum install git [YUM based systems]
# dnf install git [DNF based systems]
# apt-get install git [基于 APT 的系统]
# yum install git [基于 YUM 的系统]
# dnf install git [基于 DNF 的系统]
一旦安装完 git常规用户身份登录,然后像下面那样来克隆 autojump
一旦安装完 git普通用户身份登录,然后像下面那样来克隆 autojump
$ git clone git://github.com/joelthelion/autojump.git
@ -55,29 +56,29 @@ Autojump 应用从用户那里学习并帮助用户在 Linux 命令行中进行
$ cd autojump
下载,赋予脚本文件可执行权限,并以 root 用户身份来运行安装脚本。
下载,赋予安装脚本文件可执行权限,并以 root 用户身份来运行安装脚本。
# chmod 755 install.py
# ./install.py
#### 从软件仓库中安装 ####
3. 假如你不想麻烦,你可以以 **root** 用户身份从软件仓库中直接安装它:
3 假如你不想麻烦,你可以以 **root** 用户身份从软件仓库中直接安装它:
在 Debian, Ubuntu, Mint 及类似系统中安装 autojump :
# apt-get install autojump (注: 这里原文为 autojumo 应该为 autojump)
# apt-get install autojump
为了在 Fedora, CentOS, RedHat 及类似系统中安装 autojump, 你需要启用 [EPEL 软件仓库][2]。
# yum install epel-release
# yum install autojump
OR
# dnf install autojump
### 第 3 步: 安装后的配置 ###
4. 在 Debian 及其衍生系统 (Ubuntu, Mint,…) 中, 激活 autojump 应用是非常重要的。
4 在 Debian 及其衍生系统 (Ubuntu, Mint,…) 中, 激活 autojump 应用是非常重要的。
为了暂时激活 autojump 应用,即直到你关闭当前会话或打开一个新的会话之前让 autojump 均有效,你需要以常规用户身份运行下面的命令:
@ -89,7 +90,7 @@ Autojump 应用从用户那里学习并帮助用户在 Linux 命令行中进行
### 第 4 步: Autojump 的预测试和使用 ###
5. 如先前所言, autojump 将只跳到先前 `cd` 命令到过的目录。所以在我们开始测试之前,我们要使用 `cd` 切换到一些目录中去,并创建一些目录。下面是我所执行的命令。
5 如先前所言, autojump 将只跳到先前 `cd` 命令到过的目录。所以在我们开始测试之前,我们要使用 `cd` 切换到一些目录中去,并创建一些目录。下面是我所执行的命令。
$ cd
$ cd
@ -120,45 +121,45 @@ Autojump 应用从用户那里学习并帮助用户在 Linux 命令行中进行
现在,我们已经切换到过上面所列的目录,并为了测试创建了一些目录,一切准备就绪,让我们开始吧。
**需要记住的一点** : `j` 是 autojump 的一个装,你可以使用 j 来代替 autojump 相反亦可。
**需要记住的一点** : `j` 是 autojump 的一个装,你可以使用 j 来代替 autojump 相反亦可。
6. 使用 -v 选项查看安装的 autojump 的版本。
6 使用 -v 选项查看安装的 autojump 的版本。
$ j -v
or
$ autojump -v
![查看 Autojump 的版本](http://www.tecmint.com/wp-content/uploads/2015/06/Check-Autojump-Version.png)
查看 Autojump 的版本
*查看 Autojump 的版本*
7. 跳到先前到过的目录 /var/www
7 跳到先前到过的目录 /var/www
$ j www
![跳到目录](http://www.tecmint.com/wp-content/uploads/2015/06/Jump-To-Directory.png)
跳到目录
*跳到目录*
8. 跳到先前到过的子目录‘/home/avi/autojump-test/b 而不键入子目录的全名。
8 跳到先前到过的子目录‘/home/avi/autojump-test/b 而不键入子目录的全名。
$ jc b
![跳到子目录](http://www.tecmint.com/wp-content/uploads/2015/06/Jump-to-Child-Directory.png)
跳到子目录
*跳到子目录*
9. 使用下面的命令,你就可以从命令行打开一个文件管理器,例如 GNOME Nautilus ,而不是跳到一个目录。
9 使用下面的命令,你就可以从命令行打开一个文件管理器,例如 GNOME Nautilus ,而不是跳到一个目录。
$ jo www
![跳到目录](http://www.tecmint.com/wp-content/uploads/2015/06/Jump-to-Direcotory.png)
![打开目录](http://www.tecmint.com/wp-content/uploads/2015/06/Jump-to-Direcotory.png)
跳到目录
*打开目录*
![在文件管理器中打开目录](http://www.tecmint.com/wp-content/uploads/2015/06/Open-Directory-in-File-Browser.png)
在文件管理器中打开目录
*在文件管理器中打开目录*
你也可以在一个文件管理器中打开一个子目录。
@ -166,19 +167,19 @@ Autojump 应用从用户那里学习并帮助用户在 Linux 命令行中进行
![打开子目录](http://www.tecmint.com/wp-content/uploads/2015/06/Open-Child-Directory1.png)
打开子目录
*打开子目录*
![在文件管理器中打开子目录](http://www.tecmint.com/wp-content/uploads/2015/06/Open-Child-Directory-in-File-Browser1.png)
在文件管理器中打开子目录
*在文件管理器中打开子目录*
10. 查看每个文件夹的关键权重和在所有目录权重中的总关键权重的相关统计数据。文件夹的关键权重代表在这个文件夹中所花的总时间。 目录权重是列表中目录的数目。(注: 在这一句中,我觉得原文中的 if 应该为 is)
10、 查看每个文件夹的权重和全部文件夹计算得出的总权重的统计数据。文件夹的权重代表在这个文件夹中所花的总时间。 文件夹权重是该列表中目录的数字。(LCTT 译注: 在这一句中,我觉得原文中的 if 应该为 is)
$ j --stat
![查看目录统计数据](http://www.tecmint.com/wp-content/uploads/2015/06/Check-Statistics.png)
![查看文件夹统计数据](http://www.tecmint.com/wp-content/uploads/2015/06/Check-Statistics.png)
查看目录统计数据
*查看文件夹统计数据*
**提醒** : autojump 存储其运行日志和错误日志的地方是文件夹 `~/.local/share/autojump/`。千万不要重写这些文件,否则你将失去你所有的统计状态结果。
@ -186,15 +187,15 @@ Autojump 应用从用户那里学习并帮助用户在 Linux 命令行中进行
![Autojump 的日志](http://www.tecmint.com/wp-content/uploads/2015/06/Autojump-Logs.png)
Autojump 的日志
*Autojump 的日志*
11. 假如需要,你只需运行下面的命令就可以查看帮助 :
11 假如需要,你只需运行下面的命令就可以查看帮助 :
$ j --help
![Autojump 的帮助和选项](http://www.tecmint.com/wp-content/uploads/2015/06/Autojump-help-options.png)
Autojump 的帮助和选项
*Autojump 的帮助和选项*
### 功能需求和已知的冲突 ###
@ -204,18 +205,19 @@ Autojump 的帮助和选项
### 结论: ###
假如你是一个命令行用户, autojump 是你必备的实用程序。它可以简化许多事情。它是一个在命令行中浏览 Linux 目录的绝佳的程序。请自行尝试它,并在下面的评论框中让我知晓你宝贵的反馈。保持联系,保持分享。喜爱并分享,帮助我们更好地传播。
假如你是一个命令行用户, autojump 是你必备的实用程序。它可以简化许多事情。它是一个在命令行中导航 Linux 目录的绝佳的程序。请自行尝试它,并在下面的评论框中让我知晓你宝贵的反馈。保持联系,保持分享。喜爱并分享,帮助我们更好地传播。
--------------------------------------------------------------------------------
via: http://www.tecmint.com/autojump-a-quickest-way-to-navigate-linux-filesystem/
作者:[Avishek Kumar][a]
译者:[FSSlc](https://github.com/FSSlc)
校对:[校对者ID](https://github.com/校对者ID)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:http://www.tecmint.com/author/avishek/
[1]:http://www.tecmint.com/cd-command-in-linux/
[2]:http://www.tecmint.com/how-to-enable-epel-repository-for-rhel-centos-6-5/
[2]:https://linux.cn/article-2324-1.html
[3]:http://www.tecmint.com/manage-linux-filenames-with-special-characters/

120
translated/tech/20150717 How to Configure Chef (server or client) on Ubuntu 14.04 or 15.04.md → published/20150717 How to Configure Chef (server or client) on Ubuntu 14.04 or 15.04.md
View File

@ -1,6 +1,6 @@
如何在Ubuntu 14.04/15.04上配置Chef(服务端/客户端)
如何在 Ubuntu 上安装配置管理系统 Chef (大厨)
================================================================================
Chef是对于信息技术专业人员的一款配置管理和自动化工具,它可以配置和管理你的设备无论它在本地还是在云上。它可以用于加速应用部署并协调多个系统管理员和开发人员的工作,涉及到成百甚至上千的服务器和程序来支持大量的客户群。chef最有用的是让设备变成代码。一旦你掌握了Chef你可以获得一流的网络IT支持来自动化管理你的云端设备或者终端用户。
Chef是面对IT专业人员的一款配置管理和自动化工具它可以配置和管理你的基础设施无论它在本地还是在云上。它可以用于加速应用部署并协调多个系统管理员和开发人员的工作,这涉及到可支持大量的客户群的成百上千的服务器和程序。chef最有用的是让基础设施变成代码。一旦你掌握了Chef你可以获得一流的网络IT支持来自动化管理你的云端基础设施或者终端用户。
下面是我们将要在本篇中要设置和配置Chef的主要组件。
@ -10,34 +10,13 @@ Chef是对于信息技术专业人员的一款配置管理和自动化工具
我们将在下面的基础环境下设置Chef配置管理系统。
注:表格
<table width="701" style="height: 284px;">
<tbody>
<tr>
<td width="660" colspan="2"><strong>管理和配置工具Chef</strong></td>
</tr>
<tr>
<td width="220"><strong>基础操作系统</strong></td>
<td width="492">Ubuntu 14.04.1 LTS&nbsp;(x86_64)</td>
</tr>
<tr>
<td width="220"><strong>Chef Server</strong></td>
<td width="492">Version 12.1.0</td>
</tr>
<tr>
<td width="220"><strong>Chef Manage</strong></td>
<td width="492">Version 1.17.0</td>
</tr>
<tr>
<td width="220"><strong>Chef Development Kit</strong></td>
<td width="492">Version 0.6.2</td>
</tr>
<tr>
<td width="220"><strong>内存和CPU</strong></td>
<td width="492">4 GB&nbsp; , 2.0+2.0 GHZ</td>
</tr>
</tbody>
</table>
|管理和配置工具Chef||
|-------------------------------|---|
|基础操作系统|Ubuntu 14.04.1 LTS&nbsp;(x86_64)|
|Chef Server|Version 12.1.0|
|Chef Manage|Version 1.17.0|
|Chef Development Kit|Version 0.6.2|
|内存和CPU|4 GB&nbsp; , 2.0+2.0 GHz|
### Chef服务端的安装和配置 ###
@ -45,15 +24,15 @@ Chef服务端是核心组件它存储配置以及其他和工作站交互的
我使用下面的命令来下载和安装它。
**1) 下载Chef服务端**
####1) 下载Chef服务端
root@ubuntu-14-chef:/tmp# wget https://web-dl.packagecloud.io/chef/stable/packages/ubuntu/trusty/chef-server-core_12.1.0-1_amd64.deb
**2) 安装Chef服务端**
####2) 安装Chef服务端
root@ubuntu-14-chef:/tmp# dpkg -i chef-server-core_12.1.0-1_amd64.deb
**3) 重新配置Chef服务端**
####3) 重新配置Chef服务端
现在运行下面的命令来启动所有的chef服务端服务这步也许会花费一些时间因为它有许多不同一起工作的服务组成来创建一个正常运作的系统。
@ -64,35 +43,35 @@ chef服务端启动命令'chef-server-ctl reconfigure'需要运行两次,这
Chef Client finished, 342/350 resources updated in 113.71139964 seconds
opscode Reconfigured!
**4) 重启系统 **
####4) 重启系统
安装完成后重启系统使系统能最好的工作不然我们或许会在创建用户的时候看到下面的SSL连接错误。
ERROR: Errno::ECONNRESET: Connection reset by peer - SSL_connect
**5) 创建心的管理员**
####5) 创建新的管理员
运行下面的命令来创建一个新的用它自己的配置的管理员账户。创建过程中用户的RSA私钥会自动生成并需要被保存到一个安全的地方。--file选项会保存RSA私钥到指定的路径下。
运行下面的命令来创建一个新的管理员账户及其配置。创建过程中用户的RSA私钥会自动生成,它需要保存到一个安全的地方。--file选项会保存RSA私钥到指定的路径下。
root@ubuntu-14-chef:/tmp# chef-server-ctl user-create kashi kashi kashi kashif.fareedi@gmail.com kashi123 --filename /root/kashi.pem
### Chef服务端的管理设置 ###
Chef Manage是一个针对企业Chef用户的管理控制台启用了可视化的web用户界面并可以管理节点、数据包、规则、环境、配置和基于角色的访问控制RBAC
Chef Manage是一个针对企业Chef用户的管理控制台提供了可视化的web用户界面可以管理节点、数据包、规则、环境、Cookbook 和基于角色的访问控制RBAC
**1) 下载Chef Manage**
####1) 下载Chef Manage
从官网复制链接下载chef manage的安装包。
从官网复制链接下载chef manage的安装包。
root@ubuntu-14-chef:~# wget https://web-dl.packagecloud.io/chef/stable/packages/ubuntu/trusty/opscode-manage_1.17.0-1_amd64.deb
**2) 安装Chef Manage**
####2) 安装Chef Manage
使用下面的命令在root的家目录下安装它。
root@ubuntu-14-chef:~# chef-server-ctl install opscode-manage --path /root
**3) 重启Chef Manage和服务端**
####3) 重启Chef Manage和服务端
安装完成后我们需要运行下面的命令来重启chef manage和服务端。
@ -101,28 +80,27 @@ Chef Manage是一个针对企业Chef用户的管理控制台它启用了可
### Chef Manage网页控制台 ###
我们可以使用localhost访问网页控制台以及fqdn,并用已经创建的管理员登录
我们可以使用localhost或它的全称域名来访问网页控制台,并用已经创建的管理员登录
![chef amanage](http://blog.linoxide.com/wp-content/uploads/2015/07/5-chef-web.png)
**1) Chef Manage创建新的组织 **
####1) Chef Manage创建新的组织
你或许被要求创建新的组织或者接受其他阻止的邀请。如下所示,使用缩写和全名来创建一个新的组织。
你或许被要求创建新的组织,或者也可以接受其他组织的邀请。如下所示,使用缩写和全名来创建一个新的组织。
![Create Org](http://blog.linoxide.com/wp-content/uploads/2015/07/7-create-org.png)
**2) 用命令行创建心的组织 **
####2) 用命令行创建新的组织
We can also create new Organization from the command line by executing the following command.
我们同样也可以运行下面的命令来创建新的组织。
root@ubuntu-14-chef:~# chef-server-ctl org-create linux Linoxide Linux Org. --association_user kashi --filename linux.pem
### 设置工作站 ###
我们已经完成安装chef服务端现在我们可以开始创建任何recipes、cookbooks、属性和其他任何的我们想要对Chef的修改。
我们已经完成安装chef服务端现在我们可以开始创建任何recipes[基础配置元素](https://docs.chef.io/recipes.html)、cookbooks[基础配置集](https://docs.chef.io/cookbooks.html)attributes[节点属性](https://docs.chef.io/attributes.html)和其他任何的我们想要对Chef的修改。
**1) 在Chef服务端上创建新的用户和组织 **
####1) 在Chef服务端上创建新的用户和组织
为了设置工作站,我们用命令行创建一个新的用户和组织。
@ -130,25 +108,23 @@ We can also create new Organization from the command line by executing the follo
root@ubuntu-14-chef:~# chef-server-ctl org-create blogs Linoxide Blogs Inc. --association_user bloger --filename blogs.pem
**2) 下载工作站入门套件 **
####2) 下载工作站入门套件
Now Download and Save starter-kit from the chef manage web console on a workstation and use it to work with Chef server.
在工作站的网页控制台中下面并保存入门套件用于与服务端协同工作
在工作站的网页控制台中下载保存入门套件,它用于与服务端协同工作
![Starter Kit](http://blog.linoxide.com/wp-content/uploads/2015/07/8-download-kit.png)
**3) 点击"Proceed"下载套件 **
####3) 下载套件后,点击"Proceed"
![starter kit](http://blog.linoxide.com/wp-content/uploads/2015/07/9-download-kit.png)
### 于工作站的Chef开发套件设置 ###
### 于工作站的Chef开发套件设置 ###
Chef开发套件是一款包含所有开发chef所需工具的软件包。它捆绑了由Chef开发的带Chef客户端的工具。
Chef开发套件是一款包含开发chef所需的所有工具的软件包。它捆绑了由Chef开发的带Chef客户端的工具。
**1) 下载 Chef DK**
####1) 下载 Chef DK
We can Download chef development kit from its official web link and choose the required operating system to get its chef development tool kit.
我们可以从它的官网链接中下载开发包并选择操作系统来得到chef开发包。
我们可以从它的官网链接中下载开发包并选择操作系统来下载chef开发包。
![Chef DK](http://blog.linoxide.com/wp-content/uploads/2015/07/10-CDK.png)
@ -156,13 +132,13 @@ We can Download chef development kit from its official web link and choose the r
root@ubuntu-15-WKS:~# wget https://opscode-omnibus-packages.s3.amazonaws.com/ubuntu/12.04/x86_64/chefdk_0.6.2-1_amd64.deb
**1) Chef开发套件安装**
####2) Chef开发套件安装
使用dpkg命令安装开发套件
root@ubuntu-15-WKS:~# dpkg -i chefdk_0.6.2-1_amd64.deb
**3) Chef DK 验证**
####3) Chef DK 验证
使用下面的命令验证客户端是否已经正确安装。
@ -195,7 +171,7 @@ We can Download chef development kit from its official web link and choose the r
Verification of component 'chefspec' succeeded.
Verification of component 'package installation' succeeded.
**连接Chef服务端**
####4) 连接Chef服务端
我们将创建 ~/.chef并从chef服务端复制两个用户和组织的pem文件到chef的文件到这个目录下。
@ -209,7 +185,7 @@ We can Download chef development kit from its official web link and choose the r
kashi.pem 100% 1678 1.6KB/s 00:00
linux.pem 100% 1678 1.6KB/s 00:00
** 编辑配置来管理chef环境 **
####5) 编辑配置来管理chef环境
现在使用下面的内容创建"~/.chef/knife.rb"。
@ -231,13 +207,13 @@ We can Download chef development kit from its official web link and choose the r
root@ubuntu-15-WKS:/# mkdir cookbooks
**测试Knife配置**
####6) 测试Knife配置
运行“knife user list”和“knife client list”来验证knife是否在工作。
root@ubuntu-15-WKS:/.chef# knife user list
第一次运行的时候可能会到下面的错误这是因为工作站上还没有chef服务端的SSL证书。
第一次运行的时候可能会到下面的错误这是因为工作站上还没有chef服务端的SSL证书。
ERROR: SSL Validation failure connecting to host: 172.25.10.173 - SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed
ERROR: Could not establish a secure connection to the server.
@ -245,24 +221,24 @@ We can Download chef development kit from its official web link and choose the r
If your Chef Server uses a self-signed certificate, you can use
`knife ssl fetch` to make knife trust the server's certificates.
要从上面的命令中恢复运行下面的命令来获取ssl整数并重新运行knife user和client list这时候应该就可以了。
要从上面的命令中恢复运行下面的命令来获取ssl证书,并重新运行knife user和client list这时候应该就可以了。
root@ubuntu-15-WKS:/.chef# knife ssl fetch
WARNING: Certificates from 172.25.10.173 will be fetched and placed in your trusted_cert
directory (/.chef/trusted_certs).
knife没有办法验证这些是有效的证书。你应该在下载时候验证这些证书的真实性。
knife没有办法验证这些是有效的证书。你应该在下载时候验证这些证书的真实性。
在/.chef/trusted_certs/ubuntu-14-chef_test_com.crt下面添加ubuntu-14-chef.test.com的证书。
在/.chef/trusted_certs/ubuntu-14-chef_test_com.crt下面添加ubuntu-14-chef.test.com的证书。
在上面的命令取得ssl证书后接着运行下面的命令。
root@ubuntu-15-WKS:/.chef#knife client list
kashi-linux
### 与chef服务端交互的新节点 ###
### 配置与chef服务端交互的新节点 ###
节点是执行所有设备自动化的chef客户端。因此是时侯添加新的服务端到我们的chef环境下在配置完chef-server和knife工作站后配置新的节点与chef-server交互
节点是执行所有基础设施自动化的chef客户端。因此在配置完chef-server和knife工作站后通过配置新的与chef-server交互的节点来添加新的服务端到我们的chef环境下
我们使用下面的命令来添加新的节点与chef服务端工作。
@ -291,16 +267,16 @@ We can Download chef development kit from its official web link and choose the r
172.25.10.170 to file /tmp/install.sh.26024/metadata.txt
172.25.10.170 trying wget...
之后我们可以在knife节点列表下看到新创建的节点也会新节点列表下创建新的客户端。
之后我们可以在knife节点列表下看到新创建的节点也会新节点创建新的客户端。
root@ubuntu-15-WKS:~# knife node list
mydns
相似地我们只要提供ssh证书通过上面的knife命令来创建多个节点到chef设备上
相似地我们只要提供ssh证书通过上面的knife命令就可以在chef设施上创建多个节点
### 总结 ###
本篇我们学习了chef管理工具并通过安装和配置设置浏览了它的组件。我希望你在学习安装和配置Chef服务端以及它的工作站和客户端节点中获得乐趣。
本篇我们学习了chef管理工具并通过安装和配置设置基本了解了它的组件。我希望你在学习安装和配置Chef服务端以及它的工作站和客户端节点中获得乐趣。
--------------------------------------------------------------------------------
@ -308,7 +284,7 @@ via: http://linoxide.com/ubuntu-how-to/install-configure-chef-ubuntu-14-04-15-04
作者:[Kashif Siddique][a]
译者:[geekpi](https://github.com/geekpi)
校对:[校对者ID](https://github.com/校对者ID)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出

178
published/20150717 How to collect NGINX metrics - Part 2.md Normal file
View File

@ -0,0 +1,178 @@
如何收集 NGINX 指标(第二篇)
================================================================================
![](http://www.datadoghq.com/wp-content/uploads/2015/07/NGINX_hero_2.png)
### 如何获取你所需要的 NGINX 指标 ###
如何获取需要的指标取决于你正在使用的 NGINX 版本以及你希望看到哪些指标。(参见 [如何监控 NGINX第一篇][1] 来深入了解NGINX指标。自由开源的 NGINX 和商业版的 NGINX Plus 都有可以报告指标度量的状态模块NGINX 也可以在其日志中配置输出特定指标:
**指标可用性**
| 指标 | [NGINX (开源)](https://www.datadoghq.com/blog/how-to-collect-nginx-metrics/#open-source) | [NGINX Plus](https://www.datadoghq.com/blog/how-to-collect-nginx-metrics/#plus) | [NGINX 日志](https://www.datadoghq.com/blog/how-to-collect-nginx-metrics/#logs)|
|-----|------|-------|-----|
|accepts接受 / accepted已接受|x|x| |
|handled已处理|x|x| |
|dropped已丢弃|x|x| |
|active活跃|x|x| |
|requests (请求数)/ total全部请求数|x|x| |
|4xx 代码||x|x|
|5xx 代码||x|x|
|request time请求处理时间|||x|
#### 指标收集NGINX开源版 ####
开源版的 NGINX 会在一个简单的状态页面上显示几个与服务器状态有关的基本指标,它们由你启用的 HTTP [stub status module][2] 所提供。要检查该模块是否已启用,运行以下命令:
nginx -V 2>&1 | grep -o with-http_stub_status_module
如果你看到终端输出了 **http_stub_status_module**,说明该状态模块已启用。
如果该命令没有输出,你需要启用该状态模块。你可以在[从源代码构建 NGINX ][3]时使用 `--with-http_stub_status_module` 配置参数:
./configure \
… \
--with-http_stub_status_module
make
sudo make install
在验证该模块已经启用或你自己启用它后,你还需要修改 NGINX 配置文件,来给状态页面设置一个本地可访问的 URL例如 /nginx_status
server {
location /nginx_status {
stub_status on;
access_log off;
allow 127.0.0.1;
deny all;
}
}
nginx 配置中的 server 块通常并不放在主配置文件中(例如:/etc/nginx/nginx.conf而是放在主配置会加载的辅助配置文件中。要找到主配置文件首先运行以下命令
nginx -t
打开列出的主配置文件,在以 http 块结尾的附近查找以 include 开头的行,如:
include /etc/nginx/conf.d/*.conf;
在其中一个包含的配置文件中,你应该会找到主 **server** 块,你可以如上所示配置 NGINX 的指标输出。更改任何配置后,通过执行以下命令重新加载配置文件:
nginx -s reload
现在,你可以浏览状态页看到你的指标:
Active connections: 24
server accepts handled requests
1156958 1156958 4491319
Reading: 0 Writing: 18 Waiting : 6
请注意,如果你希望从远程计算机访问该状态页面,则需要将远程计算机的 IP 地址添加到你的状态配置文件的白名单中,在上面的配置文件中的白名单仅有 127.0.0.1。
NGINX 的状态页面是一种快速查看指标状况的简单方法,但当连续监测时,你需要按照标准间隔自动记录该数据。监控工具箱 [Nagios][4] 或者 [Datadog][5],以及收集统计信息的服务 [collectD][6] 已经可以解析 NGINX 的状态信息了。
#### 指标收集: NGINX Plus ####
商业版的 NGINX Plus 通过它的 ngx_http_status_module 提供了比开源版 NGINX [更多的指标][7]。NGINX Plus 以字节流的方式提供这些额外的指标提供了关于上游系统和高速缓存的信息。NGINX Plus 也会报告所有的 HTTP 状态码类型1XX2XX3XX4XX5XX的计数。一个 NGINX Plus 状态报告例子[可在此查看][8]
![NGINX Plus status board](https://d33tyra1llx9zy.cloudfront.net/blog/images/2015-06-nginx/status_plus-2.png)
NGINX Plus 在状态仪表盘中的“Active”连接的定义和开源 NGINX 通过 stub_status_module 收集的“Active”连接指标略有不同。在 NGINX Plus 指标中“Active”连接不包括Waiting状态的连接即“Idle”连接
NGINX Plus 也可以输出 [JSON 格式的指标][9],可以用于集成到其他监控系统。在 NGINX Plus 中,你可以看到 [给定的上游服务器组][10]的指标和健康状况,或者简单地从上游服务器的[单个服务器][11]得到响应代码的计数:
{"1xx":0,"2xx":3483032,"3xx":0,"4xx":23,"5xx":0,"total":3483055}
要启动 NGINX Plus 指标仪表盘,你可以在 NGINX 配置文件的 http 块内添加状态 server 块。 (参见上一节,为收集开源版 NGINX 指标而如何查找相关的配置文件的说明。)例如,要设置一个状态仪表盘 http://your.ip.address:8080/status.html和一个 JSON 接口http://your.ip.address:8080/status可以添加以下 server 块来设定:
server {
listen 8080;
root /usr/share/nginx/html;
location /status {
status;
}
location = /status.html {
}
}
当你重新加载 NGINX 配置后,状态页就可以用了:
nginx -s reload
关于如何配置扩展状态模块,官方 NGINX Plus 文档有 [详细介绍][13] 。
#### 指标收集NGINX 日志 ####
NGINX 的 [日志模块][14] 会把可自定义的访问日志写到你配置的指定位置。你可以通过[添加或移除变量][15]来自定义日志的格式和包含的数据。要存储详细的日志,最简单的方法是添加下面一行在你配置文件的 server 块中(参见上上节,为收集开源版 NGINX 指标而如何查找相关的配置文件的说明。):
access_log logs/host.access.log combined;
更改 NGINX 配置文件后,执行如下命令重新加载配置文件:
nginx -s reload
默认包含的 “combined” 的日志格式,会包括[一系列关键的数据][17],如实际的 HTTP 请求和相应的响应代码。在下面的示例日志中NGINX 记录了请求 /index.html 时的 200成功状态码和访问不存在的请求文件 /fail 的 404未找到错误。
127.0.0.1 - - [19/Feb/2015:12:10:46 -0500] "GET /index.html HTTP/1.1" 200 612 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.111 Safari 537.36"
127.0.0.1 - - [19/Feb/2015:12:11:05 -0500] "GET /fail HTTP/1.1" 404 570 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.111 Safari/537.36"
你可以通过在 NGINX 配置文件中的 http 块添加一个新的日志格式来记录请求处理时间:
log_format nginx '$remote_addr - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent $request_time '
'"$http_referer" "$http_user_agent"';
并修改配置文件中 **server** 块的 access_log 行:
access_log logs/host.access.log nginx;
重新加载配置文件后(运行 `nginx -s reload`),你的访问日志将包括响应时间,如下所示。单位为秒,精度到毫秒。在这个例子中,服务器接收到一个对 /big.pdf 的请求时,发送 33973115 字节后返回 206成功状态码。处理请求用时 0.202 秒202毫秒
127.0.0.1 - - [19/Feb/2015:15:50:36 -0500] "GET /big.pdf HTTP/1.1" 206 33973115 0.202 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.111 Safari/537.36"
你可以使用各种工具和服务来解析和分析 NGINX 日志。例如,[rsyslog][18] 可以监视你的日志,并将其传递给多个日志分析服务;你也可以使用自由开源工具,比如 [logstash][19] 来收集和分析日志;或者你可以使用一个统一日志记录层,如 [Fluentd][20] 来收集和解析你的 NGINX 日志。
### 结论 ###
监视 NGINX 的哪一项指标将取决于你可用的工具,以及监控指标所提供的信息是否满足你们的需要。举例来说,错误率的收集是否足够重要到需要你们购买 NGINX Plus ,还是架设一个可以捕获和分析日志的系统就够了?
在 Datadog 中,我们已经集成了 NGINX 和 NGINX Plus这样你就可以以最小的设置来收集和监控所有 Web 服务器的指标。[在本文中][21]了解如何用 NGINX Datadog 来监控 ,并开始 [Datadog 的免费试用][22]吧。
--------------------------------------------------------------------------------
via: https://www.datadoghq.com/blog/how-to-collect-nginx-metrics/
作者K Young
译者:[strugglingyouth](https://github.com/strugglingyouth)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
[1]:https://www.datadoghq.com/blog/how-to-monitor-nginx/
[2]:http://nginx.org/en/docs/http/ngx_http_stub_status_module.html
[3]:http://wiki.nginx.org/InstallOptions
[4]:https://exchange.nagios.org/directory/Plugins/Web-Servers/nginx
[5]:http://docs.datadoghq.com/integrations/nginx/
[6]:https://collectd.org/wiki/index.php/Plugin:nginx
[7]:http://nginx.org/en/docs/http/ngx_http_status_module.html#data
[8]:http://demo.nginx.com/status.html
[9]:http://demo.nginx.com/status
[10]:http://demo.nginx.com/status/upstreams/demoupstreams
[11]:http://demo.nginx.com/status/upstreams/demoupstreams/0/responses
[12]:https://www.datadoghq.com/blog/how-to-collect-nginx-metrics/#open-source
[13]:http://nginx.org/en/docs/http/ngx_http_status_module.html#example
[14]:http://nginx.org/en/docs/http/ngx_http_log_module.html
[15]:http://nginx.org/en/docs/http/ngx_http_log_module.html#log_format
[16]:https://www.datadoghq.com/blog/how-to-collect-nginx-metrics/#open-source
[17]:http://nginx.org/en/docs/http/ngx_http_log_module.html#log_format
[18]:http://www.rsyslog.com/
[19]:https://www.elastic.co/products/logstash
[20]:http://www.fluentd.org/
[21]:https://www.datadoghq.com/blog/how-to-monitor-nginx-with-datadog/
[22]:https://www.datadoghq.com/blog/how-to-collect-nginx-metrics/#sign-up
[23]:https://github.com/DataDog/the-monitor/blob/master/nginx/how_to_collect_nginx_metrics.md
[24]:https://github.com/DataDog/the-monitor/issues

36
translated/tech/20150728 Understanding Shell Commands Easily Using 'Explain Shell' Script in Linux.md → published/20150728 Understanding Shell Commands Easily Using 'Explain Shell' Script in Linux.md
View File

@ -1,16 +1,16 @@
在Linux中利用"Explain Shell"脚本更容易地理解Shell命令
轻松使用“Explain Shell”脚本来理解 Shell 命令
================================================================================
在某些时刻, 当我们在Linux平台上工作时我们所有人都需要shell命令的帮助信息。 尽管内置的帮助像man pages、whatis命令是有帮助的 但man pages的输出非常冗长 除非是个有linux经验的人不然从大量的man pages中获取帮助信息是非常困难的而whatis命令的输出很少超过一行 这对初学者来说是不够的。
我们在Linux上工作时每个人都会遇到需要查找shell命令的帮助信息的时候。 尽管内置的帮助像man pages、whatis命令有所助益 但man pages的输出非常冗长 除非是个有linux经验的人不然从大量的man pages中获取帮助信息是非常困难的而whatis命令的输出很少超过一行 这对初学者来说是不够的。
![Explain Shell Commands in Linux Shell](http://www.tecmint.com/wp-content/uploads/2015/07/Explain-Shell-Commands-in-Linux-Shell.jpeg)
在Linux Shell中解释Shell命令
*在Linux Shell中解释Shell命令*
有一些第三方应用程序, 像我们在[Commandline Cheat Sheet for Linux Users][1]提及过的'cheat'命令。Cheat是个杰出的应用程序即使计算机没有联网也能提供shell命令的帮助 但是它仅限于预先定义好的命令。
有一些第三方应用程序, 像我们在[Linux 用户的命令行速查表][1]提及过的'cheat'命令。cheat是个优秀的应用程序即使计算机没有联网也能提供shell命令的帮助 但是它仅限于预先定义好的命令。
Jackson写了一小段代码它能非常有效地在bash shell里面解释shell命令可能最美之处就是你不需要安装第三方包了。他把包含这段代码的的文件命名为”explain.sh“
Jackson写了一小段代码它能非常有效地在bash shell里面解释shell命令可能最美之处就是你不需要安装第三方包了。他把包含这段代码的的文件命名为“explain.sh”
#### Explain工具的特性 ####
#### explain.sh工具的特性 ####
- 易嵌入代码。
- 不需要安装第三方工具。
@ -18,22 +18,22 @@ Jackson写了一小段代码它能非常有效地在bash shell里面解释she
- 需要网络连接才能工作。
- 纯命令行工具。
- 可以解释bash shell里面的大部分shell命令。
- 无需root账户参与
- 无需使用root账户。
**先决条件**
唯一的条件就是'curl'包了。 在如今大多数Linux发行版里面已经预安装了culr包 如果没有你可以按照下面的命令来安装。
唯一的条件就是'curl'包了。 在如今大多数Linux发行版里面已经预安装了curl包, 如果没有你可以按照下面的命令来安装。
# apt-get install curl [On Debian systems]
# yum install curl [On CentOS systems]
### 在Linux上安装explain.sh工具 ###
我们要将下面这段代码插入'~/.bashrc'文件LCTT注: 若没有该文件可以自己新建一个)中。我们必须为每个用户以及对应的'.bashrc'文件插入这段代码,笔者建议你不要加在root用户下。
我们要将下面这段代码插入'~/.bashrc'文件LCTT注: 若没有该文件可以自己新建一个)中。我们要为每个用户以及对应的'.bashrc'文件插入这段代码,但是建议你不要加在root用户下。
我们注意到.bashrc文件的第一行代码以#)开始, 这个是可选的并且只是为了区分余下的代码。
# explain.sh 标记代码的开始, 我们将代码插入.bashrc文件的底部。
\# explain.sh 标记代码的开始, 我们将代码插入.bashrc文件的底部。
# explain.sh begins
explain () {
@ -53,7 +53,7 @@ Jackson写了一小段代码它能非常有效地在bash shell里面解释she
### explain.sh工具的使用 ###
在插入代码并保存之后你必须退出当前的会话然后重新登录来使改变生效LCTT你也可以直接使用命令“source~/.bashrc”来让改变生效。每件事情都是交由curl命令处理 它负责将需要解释的命令以及命令选项传送给mankier服务然后将必要的信息打印到Linux命令行。不必说的就是使用这个工具你总是需要连接网络。
在插入代码并保存之后你必须退出当前的会话然后重新登录来使改变生效LCTT译注:你也可以直接使用命令`source~/.bashrc` 来让改变生效。每件事情都是交由curl命令处理 它负责将需要解释的命令以及命令选项传送给mankier服务然后将必要的信息打印到Linux命令行。不必说的就是使用这个工具你总是需要连接网络。
让我们用explain.sh脚本测试几个笔者不懂的命令例子。
@ -63,7 +63,7 @@ Jackson写了一小段代码它能非常有效地在bash shell里面解释she
![Get Help on du Command](http://www.tecmint.com/wp-content/uploads/2015/07/Get-Help-on-du-Command.png)
获得du命令的帮助
*获得du命令的帮助*
**2.如果你忘了'tar -zxvf'的作用,你可以简单地如此做:**
@ -71,7 +71,7 @@ Jackson写了一小段代码它能非常有效地在bash shell里面解释she
![Tar Command Help](http://www.tecmint.com/wp-content/uploads/2015/07/Tar-Command-Help.png)
Tar命令帮助
*Tar命令帮助*
**3.我的一个朋友经常对'whatis'以及'whereis'命令的使用感到困惑,所以我建议他:**
@ -86,7 +86,7 @@ Tar命令帮助
![Whatis Whereis Commands Help](http://www.tecmint.com/wp-content/uploads/2015/07/Whatis-Whereis-Commands-Help.png)
Whatis/Whereis命令的帮助
*Whatis/Whereis命令的帮助*
你只需要使用“Ctrl+c”就能退出交互模式。
@ -96,11 +96,11 @@ Whatis/Whereis命令的帮助
![Get Help on Multiple Commands](http://www.tecmint.com/wp-content/uploads/2015/07/Get-Help-on-Multiple-Commands.png)
获取多条命令的帮助
*获取多条命令的帮助*
同样地你可以请求你的shell来解释任何shell命令。 前提是你需要一个可用的网络。输出的信息是基于解释的需要从服务器中生成的,因此输出的结果是不可定制的。
同样地你可以请求你的shell来解释任何shell命令。 前提是你需要一个可用的网络。输出的信息是基于需要解释的命令,从服务器中生成的,因此输出的结果是不可定制的。
对于我来说这个工具真的很有用并且它已经荣幸地添加在我的.bashrc文件中。你对这个项目有什么想法它对你有用么它的解释令你满意吗请让我知道吧
对于我来说这个工具真的很有用并且它已经荣幸地添加在我的.bashrc文件中。你对这个项目有什么想法它对你有用么它的解释令你满意吗请让我知道吧
请在下面评论为我们提供宝贵意见,喜欢并分享我们以及帮助我们得到传播。
@ -110,7 +110,7 @@ via: http://www.tecmint.com/explain-shell-commands-in-the-linux-shell/
作者:[Avishek Kumar][a]
译者:[dingdongnigetou](https://github.com/dingdongnigetou)
校对:[校对者ID](https://github.com/校对者ID)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出

43
translated/tech/20150730 Must-Know Linux Commands For New Users.md → published/20150730 Must-Know Linux Commands For New Users.md
View File

@ -1,11 +1,12 @@
新手应知应会的Linux命令
================================================================================
![Manage system updates via the command line with dnf on Fedora.](http://www.linux.com/images/stories/41373/fedora-cli.png)
在Fedora上通过命令行使用dnf来管理系统更新
基于Linux的系统的优点之一就是你可以通过终端中使用命令该ing来管理整个系统。使用命令行的优势在于你可以使用相同的知识和技能来管理随便哪个Linux发行版。
*在Fedora上通过命令行使用dnf来管理系统更新*
对于各个发行版以及桌面环境DE而言要一致地使用图形化用户界面GUI却几乎是不可能的因为它们都提供了各自的用户界面。要明确的是有那么些情况你需要在不同的发行版上使用不同的命令来部署某些特定的任务但是或多或少它们的概念和意图却仍然是一致的。
基于Linux的系统最美妙的一点就是你可以在终端中使用命令行来管理整个系统。使用命令行的优势在于你可以使用相同的知识和技能来管理随便哪个Linux发行版。
对于各个发行版以及桌面环境DE而言要一致地使用图形化用户界面GUI却几乎是不可能的因为它们都提供了各自的用户界面。要明确的是有些情况下在不同的发行版上需要使用不同的命令来执行某些特定的任务但是基本来说它们的思路和目的是一致的。
在本文中我们打算讨论Linux用户应当掌握的一些基本命令。我将给大家演示怎样使用命令行来更新系统、管理软件、操作文件以及切换到root这些操作将在三个主要发行版上进行Ubuntu也包括其定制版和衍生版还有DebianopenSUSE以及Fedora。
@ -15,7 +16,7 @@
Linux是基于安全设计的但事实上是任何软件都有缺陷会导致安全漏洞。所以保持你的系统更新到最新是十分重要的。这么想吧运行过时的操作系统就像是你坐在全副武装的坦克里头而门却没有锁。武器会保护你吗任何人都可以进入开放的大门对你造成伤害。同样在你的系统中也有没有打补丁的漏洞这些漏洞会危害到你的系统。开源社区不像专利世界在漏洞补丁方面反应是相当快的所以如果你保持系统最新你也获得了安全保证。
留意新闻站点,了解安全漏洞。如果发现了一个漏洞,请阅读之,然后在补丁出来的第一时间更新。不管怎样,在生产机器上,你每星期必须至少运行一次更新命令。如果你运行这一台复杂的服务器,那么就要额外当心了。仔细阅读变更日志,以确保更新不会搞坏你的自定义服务。
留意新闻站点,了解安全漏洞。如果发现了一个漏洞,了解它,然后在补丁出来的第一时间更新。不管怎样,在生产环境上,你每星期必须至少运行一次更新命令。如果你运行着一台复杂的服务器,那么就要额外当心了。仔细阅读变更日志,以确保更新不会搞坏你的自定义服务。
**Ubuntu**牢记一点你在升级系统或安装不管什么软件之前都必须要刷新仓库也就是repos。在Ubuntu上你可以使用下面的命令来更新系统第一个命令用于刷新仓库
@ -29,7 +30,7 @@ Linux是基于安全设计的但事实上是任何软件都有缺陷
sudo apt-get dist-upgrade
**openSUSE**如果你是在openSUSE上你可以使用以下命令来更新系统照例第一个命令的意思是更新仓库
**openSUSE**如果你是在openSUSE上你可以使用以下命令来更新系统照例第一个命令的意思是更新仓库
sudo zypper refresh
sudo zypper up
@ -42,7 +43,7 @@ Linux是基于安全设计的但事实上是任何软件都有缺陷
### 软件安装与移除 ###
你只可以安装那些你系统上启用的仓库中可用的包,各个发行版默认都附带有并启用了一些官方或者第三方仓库。
**Ubuntu**: To install any package on Ubuntu, first update the repo and then use this syntax:
**Ubuntu**要在Ubuntu上安装包首先更新仓库然后使用下面的语句
sudo apt-get install [package_name]
@ -75,9 +76,9 @@ Linux是基于安全设计的但事实上是任何软件都有缺陷
### 如何管理第三方软件? ###
在一个庞大的开发者社区中,这些开发者们为用户提供了许多的软件。不同的发行版有不同的机制来使用这些第三方软件,将它们提供给用户。同时也取决于开发者怎样将这些软件提供给用户,有些开发者会提供二进制包,而另外一些开发者则将软件发布到仓库中。
在一个庞大的开发者社区中,这些开发者们为用户提供了许多的软件。不同的发行版有不同的机制来将这些第三方软件提供给用户。当然,同时也取决于开发者怎样将这些软件提供给用户,有些开发者会提供二进制包,而另外一些开发者则将软件发布到仓库中。
Ubuntu严重依赖于PPA个人包归档但是不幸的是它却没有提供一个内建工具来帮助用于搜索这些PPA仓库。在安装软件前你将需要通过Google搜索PPA然后手工添加该仓库。下面就是添加PPA到系统的方法
Ubuntu很多地方都用到PPA个人包归档但是不幸的是它却没有提供一个内建工具来帮助用于搜索这些PPA仓库。在安装软件前你将需要通过Google搜索PPA然后手工添加该仓库。下面就是添加PPA到系统的方法
sudo add-apt-repository ppa:<repository-name>
@ -85,7 +86,7 @@ Ubuntu严重依赖于PPA个人包归档但是不幸的是它却
sudo add-apt-repository ppa:libreoffice/ppa
它会要你按下回车键来导入钥。完成后,使用'update'命令来刷新仓库,然后安装该包。
它会要你按下回车键来导入钥。完成后,使用'update'命令来刷新仓库,然后安装该包。
openSUSE拥有一个针对第三方应用的优雅的解决方案。你可以访问software.opensuse.org一键点击搜索并安装相应包它会自动将对应的仓库添加到你的系统中。如果你想要手工添加仓库可以使用该命令
@ -97,13 +98,13 @@ openSUSE拥有一个针对第三方应用的优雅的解决方案。你可以访
sudo zypper refresh
sudo zypper install libreoffice
Fedora用户只需要添加RPMFusionfree和non-free仓库一起),该仓库包含了大量的应用。如果你需要添加仓库,命令如下:
Fedora用户只需要添加RPMFusion包括自由软件和非自由软件仓库),该仓库包含了大量的应用。如果你需要添加仓库,命令如下:
dnf config-manager --add-repo http://www.example.com/example.repo
dnf config-manager --add-repo http://www.example.com/example.repo
### 一些基本命令 ###
我已经写了一些关于使用CLI来管理你系统上的文件的[文章][1],下面介绍一些基本米ing令,这些命令在所有发行版上都经常会用到。
我已经写了一些关于使用CLI来管理你系统上的文件的[文章][1],下面介绍一些基本令,这些命令在所有发行版上都经常会用到。
拷贝文件或目录到一个新的位置:
@ -113,13 +114,13 @@ dnf config-manager --add-repo http://www.example.com/example.repo
cp path_of_files/* path_of_the_directory_where_you_want_to_copy/
将一个文件从某个位置移动到另一个位置(尾斜杠是说在该目录中):
将一个文件从某个位置移动到另一个位置(尾斜杠是说在该目录中):
mv path_of_file_1 path_of_the_directory_where_you_want_to_move/
mv path_of_file_1 path_of_the_directory_where_you_want_to_move/
将所有文件从一个位置移动到另一个位置:
mv path_of_directory_where_files_are/* path_of_the_directory_where_you_want_to_move/
mv path_of_directory_where_files_are/* path_of_the_directory_where_you_want_to_move/
删除一个文件:
@ -135,11 +136,11 @@ dnf config-manager --add-repo http://www.example.com/example.repo
### 创建新目录 ###
要创建一个新目录,首先输入你要创建的目录的位置。比如说你想要在你的Documents目录中创建一个名为'foundation'的文件夹。让我们使用 cd 即change directory改变目录命令来改变目录
要创建一个新目录,首先进入到你要创建该目录的位置。比如说你想要在你的Documents目录中创建一个名为'foundation'的文件夹。让我们使用 cd 即change directory改变目录命令来改变目录
cd /home/swapnil/Documents
(替换'swapnil'为你系统中的用户)
(替换'swapnil'为你系统中的用户
然后,使用 mkdir 命令来创建该目录:
@ -149,13 +150,13 @@ dnf config-manager --add-repo http://www.example.com/example.repo
mdkir /home/swapnil/Documents/foundation
如果你想要创建父-子目录,那是指目录中的目录,那么可以使用 -p 选项。它会在指定路径中创建所有目录:
如果你想要连父目录一起创建,那么可以使用 -p 选项。它会在指定路径中创建所有目录:
mdkir -p /home/swapnil/Documents/linux/foundation
### 成为root ###
你或许需要成为root或者具有sudo权力的用户来实施一些管理任务如管理软件包或者对根目录或其下的文件进行一些修改。其中一个例子就是编辑'fstab'文件,该文件记录了挂载的硬驱动器。它在'etc'目录中,而该目录又在根目录中,你只能作为超级用户来修改该文件。在大多数的发行版中,你可以通过'切换用户'来成为root。比如说在openSUSE上我想要成为root因为我要在根目录中工作你可以使用下面的命令之一
你或许需要成为root或者具有sudo权力的用户来实施一些管理任务如管理软件包或者对根目录或其下的文件进行一些修改。其中一个例子就是编辑'fstab'文件,该文件记录了挂载的硬驱动器。它在'etc'目录中,而该目录又在根目录中,你只能作为超级用户来修改该文件。在大多数的发行版中,你可以通过'su'来成为root。比如说在openSUSE上我想要成为root因为我要在根目录中工作你可以使用下面的命令之一
sudo su -
@ -165,7 +166,7 @@ dnf config-manager --add-repo http://www.example.com/example.repo
该命令会要求输入密码然后你就具有root特权了。记住一点千万不要以root用户来运行系统除非你知道你正在做什么。另外重要的一点需要注意的是你以root什么对目录或文件进行修改后会将它们的拥有关系从该用户或特定的服务改变为root。你必须恢复这些文件的拥有关系否则该服务或用户就不能访问或写入到那些文件。要改变用户命令如下
sudo chown -R user:user /path_of_file_or_directory
sudo chown -R 用户:组 文件或目录名
当你将其它发行版上的分区挂载到系统中时,你可能经常需要该操作。当你试着访问这些分区上的文件时,你可能会碰到权限拒绝错误,你只需要改变这些分区的拥有关系就可以访问它们了。需要额外当心的是,不要改变根目录的权限或者拥有关系。
@ -177,7 +178,7 @@ via: http://www.linux.com/learn/tutorials/842251-must-know-linux-commands-for-ne
作者:[Swapnil Bhartiya][a]
译者:[GOLinux](https://github.com/GOLinux)
校对:[校对者ID](https://github.com/校对者ID)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出

14
translated/tech/20150806 Linux FAQs with Answers--How to install git on Linux.md → published/20150806 Linux FAQs with Answers--How to install git on Linux.md
View File

@ -1,15 +1,15 @@
Linux问答 -- 如何在Linux上安装Git
Linux有问必答:如何在Linux上安装Git
================================================================================
> **问题:** 我尝试从一个Git公共仓库克隆项目但出现了这样的错误提示“git: command not found”。 请问我该如何安装Git [注明一下是哪个Linux发行版]?
> **问题:** 我尝试从一个Git公共仓库克隆项目但出现了这样的错误提示“git: command not found”。 请问我该如何在某某发行版上安装Git
Git是一个流行的并且开源版本控制系统VCS最初是为Linux环境开发的。跟CVS或者SVN这些版本控制系统不同的是Git的版本控制被认为是“分布式的”某种意义上git的本地工作目录可以作为一个功能完善的仓库来使用它具备完整的历史记录和版本追踪能力。在这种工作模型之下各个协作者将内容提交到他们的本地仓库中与之相对的会直接提交到核心仓库如果有必要再有选择性地推送到核心仓库。这就为Git这个版本管理系统带来了大型协作系统所必须的可扩展能力和冗余能力。
Git是一个流行的开源版本控制系统VCS最初是为Linux环境开发的。跟CVS或者SVN这些版本控制系统不同的是Git的版本控制被认为是“分布式的”某种意义上git的本地工作目录可以作为一个功能完善的仓库来使用它具备完整的历史记录和版本追踪能力。在这种工作模型之下各个协作者将内容提交到他们的本地仓库中与之相对的会总是提交到核心仓库如果有必要再有选择性地推送到核心仓库。这就为Git这个版本管理系统带来了大型协作系统所必须的可扩展能力和冗余能力。
![](https://farm1.staticflickr.com/341/19433194168_c79d4570aa_b.jpg)
### 使用包管理器安装Git ###
Git已经被所有的主Linux发行版所支持。所以安装它最简单的方法就是使用各个Linux发行版的包管理器。
Git已经被所有的主Linux发行版所支持。所以安装它最简单的方法就是使用各个Linux发行版的包管理器。
**Debian, Ubuntu, 或 Linux Mint**
@ -18,6 +18,8 @@ Git已经被所有的主力Linux发行版所支持。所以安装它最简单的
**Fedora, CentOS 或 RHEL**
$ sudo yum install git
$ sudo dnf install git
**Arch Linux**
@ -33,7 +35,7 @@ Git已经被所有的主力Linux发行版所支持。所以安装它最简单的
### 从源码安装Git ###
如果由于某些原因你希望从源码安装Git安装如下介绍操作。
如果由于某些原因你希望从源码安装Git按照如下介绍操作。
**安装依赖包**
@ -65,7 +67,7 @@ via: http://ask.xmodulo.com/install-git-linux.html
作者:[Dan Nanni][a]
译者:[mr-ping](https://github.com/mr-ping)
校对:[校对者ID](https://github.com/校对者ID)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出

98
published/20150807 How To--Temporarily Clear Bash Environment Variables on a Linux and Unix-like System.md Normal file
View File

@ -0,0 +1,98 @@
如何在 Linux 上运行命令前临时清空 Bash 环境变量
================================================================================
我是个 bash shell 用户。我想临时清空 bash shell 环境变量。但我不想删除或者 unset 一个输出的环境变量。我怎样才能在 bash 或 ksh shell 的临时环境中运行程序呢?
你可以在 Linux 或类 Unix 系统中使用 env 命令设置并打印环境。env 命令可以按命令行指定的变量来修改环境,之后再执行程序。
### 如何显示当前环境? ###
打开终端应用程序并输入下面的其中一个命令:
printenv
env
输出样例:
![Fig.01 Unix/Linux 列出所有环境变量](http://s0.cyberciti.org/uploads/faq/2015/08/env-unix-linux-command-output.jpg)
*Fig.01 Unix/Linux 列出所有环境变量*
### 统计环境变量数目 ###
输入下面的命令:
env | wc -l
printenv | wc -l # 或者
输出样例:
20
### 在干净的 bash/ksh/zsh 环境中运行程序 ###
语法如下所示:
env -i your-program-name-here arg1 arg2 ...
例如,要在不使用 http_proxy 和/或任何其它环境变量的情况下运行 wget 程序。临时清除所有 bash/ksh/zsh 环境变量并运行 wget 程序:
env -i /usr/local/bin/wget www.cyberciti.biz
env -i wget www.cyberciti.biz # 或者
这当你想忽视任何已经设置的环境变量来运行命令时非常有用。我每天都会多次使用这个命令,以便忽视 http_proxy 和其它我设置的环境变量。
#### 例子:使用 http_proxy ####
$ wget www.cyberciti.biz
--2015-08-03 23:20:23-- http://www.cyberciti.biz/
Connecting to 10.12.249.194:3128... connected.
Proxy request sent, awaiting response... 200 OK
Length: unspecified [text/html]
Saving to: 'index.html'
index.html [ <=> ] 36.17K 87.0KB/s in 0.4s
2015-08-03 23:20:24 (87.0 KB/s) - 'index.html' saved [37041]
#### 例子:忽视 http_proxy ####
$ env -i /usr/local/bin/wget www.cyberciti.biz
--2015-08-03 23:25:17-- http://www.cyberciti.biz/
Resolving www.cyberciti.biz... 74.86.144.194
Connecting to www.cyberciti.biz|74.86.144.194|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]
Saving to: 'index.html.1'
index.html.1 [ <=> ] 36.17K 115KB/s in 0.3s
2015-08-03 23:25:18 (115 KB/s) - 'index.html.1' saved [37041]
-i 选项使 env 命令完全忽视它继承的环境。但是,它并不会阻止你的命令(例如 wget 或 curl设置新的变量。同时也要注意运行 bash/ksh shell 的副作用:
env -i env | wc -l ## 空的 ##
# 现在运行 bash ##
env -i bash
## bash 设置了新的环境变量 ##
env | wc -l
#### 例子:设置一个环境变量 ####
语法如下:
env var=value /path/to/command arg1 arg2 ...
## 或 ##
var=value /path/to/command arg1 arg2 ...
例如设置 http_proxy:
env http_proxy="http://USER:PASSWORD@server1.cyberciti.biz:3128/" /usr/local/bin/wget www.cyberciti.biz
--------------------------------------------------------------------------------
via: http://www.cyberciti.biz/faq/linux-unix-temporarily-clearing-environment-variables-command/
作者Vivek Gite
译者:[ictlyh](https://github.com/ictlyh)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出

61
published/20150810 For Linux, Supercomputers R Us.md Normal file
View File

@ -0,0 +1,61 @@
有了 Linux你就可以搭建自己的超级计算机
================================================================================
> 几乎所有超级计算机上运行的系统都是 Linux其中包括那些由树莓派Raspberry Pi板卡和 PlayStation 3游戏机组成的计算机。
![Credit: Michel Ngilen, CC BY 2.0, via Wikimedia Commons](http://images.techhive.com/images/article/2015/08/playstation_3-100602985-primary.idge.jpg)
*题图来源By Michel Ngilen,[ CC BY 2.0 ], via Wikimedia Commons*
超级计算机是一种严肃的工具,做的都是高大上的计算。它们往往从事于严肃的用途,比如原子弹模拟、气候模拟和高等物理学。当然,它们的花费也很高大上。在最新的超级计算机 [Top500][1] 排名中,中国国防科技大学研制的天河 2 号位居第一,而天河 2 号的建造耗资约 3.9 亿美元!
但是,也有一个超级计算机,是由博伊西州立大学电气和计算机工程系的一名在读博士 Joshua Kiepert [用树莓派构建完成][2]的其建造成本低于2000美元。
不,这不是我编造的。它一个真实的超级计算机,由超频到 1GHz 的 [B 型树莓派][3]的 ARM11 处理器与 VideoCore IV GPU 组成。每个都配备了 512MB 的内存、一对 USB 端口和 1 个 10/100 BaseT 以太网端口。
那么天河 2 号和博伊西州立大学的超级计算机有什么共同点吗?它们都运行 Linux 系统。世界最快的超级计算机[前 500 强中有 486][4] 个也同样运行的是 Linux 系统。这是从 20 多年前就开始的格局。而现在的趋势是超级计算机开始由廉价单元组成,因为 Kiepert 的机器并不是唯一一个无所谓预算的超级计算机。
麻省大学达特茅斯分校的物理学副教授 Gaurav Khanna 创建了一台超级计算机仅用了[不足 200 台的 PlayStation3 视频游戏机][5]。
PlayStation 游戏机由一个 3.2 GHz 的基于 PowerPC 的 Power 处理器所驱动。每个都配有 512M 的内存。你现在仍然可以花 200 美元买到一个尽管索尼将在年底逐步淘汰它们。Khanna 仅用了 16 个 PlayStation 3 构建了他第一台超级计算机,所以你也可以花费不到 4000 美元就拥有你自己的超级计算机。
这些机器可能是用玩具建成的但他们不是玩具。Khanna 已经用它做了严肃的天体物理学研究。一个白帽子黑客组织使用了类似的 [PlayStation 3 超级计算机在 2008 年破解了 SSL 的 MD5 哈希算法][6]。
两年后,美国空军研究实验室研制的 [Condor Cluster使用了 1760 个索尼的 PlayStation 3 的处理器][7]和168 个通用的图形处理单元。这个低廉的超级计算机,每秒运行约 500 TFLOP ,即每秒可进行 500 万亿次浮点运算。
其他的一些便宜且适用于构建家庭超级计算机的构件包括,专业并行处理板卡,比如信用卡大小的 [99 美元的 Parallella 板卡][8],以及高端显卡,比如 [Nvidia 的 Titan Z][9] 和 [ AMD 的 FirePro W9100][10]。这些高端板卡的市场零售价约 3000 美元,一些想要一台梦幻般的机器的玩家为此参加了[英特尔极限大师赛:英雄联盟世界锦标赛][11],要是甚至有机会得到了第一名的话,能获得超过 10 万美元奖金。另一方面,一个能够自己提供超过 2.5TFLOPS 计算能力的计算机,对于科学家和研究人员来说,这为他们提供了一个可以拥有自己专属的超级计算机的经济的方法。
而超级计算机与 Linux 的连接,这一切都始于 1994 年戈达德航天中心的第一个名为 [Beowulf 超级计算机][13]。
按照我们的标准Beowulf 不能算是最优越的。但在那个时期,作为第一台自制的超级计算机,它的 16 个英特尔486DX 处理器和 10Mbps 的以太网总线,是个伟大的创举。[Beowulf 是由美国航空航天局的承建商 Don Becker 和 Thomas Sterling 所设计的][14],是第一台“创客”超级计算机。它的“计算部件” 486DX PC成本仅有几千美元。尽管它的速度只有个位数的 GFLOPS 吉拍每秒10亿次浮点运算[Beowulf][15] 表明了你可以用商用现货COTS硬件和 Linux 创建超级计算机。
我真希望我参与创建了一部分,但是我 1994 年就离开了戈达德,开始了作为一名全职的科技记者的职业生涯。该死。
但是尽管我只是使用笔记本的记者,我依然能够体会到 COTS 和开源软件是如何永远的改变了超级计算机。我希望现在读这篇文章的你也能。因为,无论是 Raspberry Pi 集群,还是超过 300 万个英特尔的 Ivy Bridge 和 Xeon Phi 芯片的庞然大物,几乎所有当代的超级计算机都可以追溯到 Beowulf。
--------------------------------------------------------------------------------
via: http://www.computerworld.com/article/2960701/linux/for-linux-supercomputers-r-us.html
作者:[Steven J. Vaughan-Nichols][a]
译者:[xiaoyu33](https://github.com/xiaoyu33)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:http://www.computerworld.com/author/Steven-J.-Vaughan_Nichols/
[1]:http://www.top500.org/
[2]:http://www.zdnet.com/article/build-your-own-supercomputer-out-of-raspberry-pi-boards/
[3]:https://www.raspberrypi.org/products/model-b/
[4]:http://www.zdnet.com/article/linux-still-rules-supercomputing/
[5]:http://www.nytimes.com/2014/12/23/science/an-economical-way-to-save-progress.html?smid=fb-nytimes&smtyp=cur&bicmp=AD&bicmlukp=WT.mc_id&bicmst=1409232722000&bicmet=1419773522000&_r=4
[6]:http://www.computerworld.com/article/2529932/cybercrime-hacking/researchers-hack-verisign-s-ssl-scheme-for-securing-web-sites.html
[7]:http://phys.org/news/2010-12-air-playstation-3s-supercomputer.html
[8]:http://www.zdnet.com/article/parallella-the-99-linux-supercomputer/
[9]:http://blogs.nvidia.com/blog/2014/03/25/titan-z/
[10]:http://www.amd.com/en-us/press-releases/Pages/amd-flagship-professional-2014apr7.aspx
[11]:http://en.intelextrememasters.com/news/check-out-the-intel-extreme-masters-katowice-prize-money-distribution/
[13]:http://www.beowulf.org/overview/history.html
[14]:http://yclept.ucdavis.edu/Beowulf/aboutbeowulf.html
[15]:http://www.beowulf.org/

100
sources/talk/20150806 5 heroes of the Linux world.md
View File

@ -1,100 +0,0 @@
Translating by ZTinoZ
5 heroes of the Linux world
================================================================================
Who are these people, seen and unseen, whose work affects all of us every day?
![Image courtesy Christopher Michel/Flickr](http://core0.staticworld.net/images/article/2015/07/penguin-100599348-orig.jpg)
Image courtesy [Christopher Michel/Flickr][1]
### High-flying penguins ###
Linux and open source is driven by passionate people who write best-of-breed software and then release the code to the public so anyone can use it, without any strings attached. (Well, there is one string attached and thats licence.)
Who are these people? These heroes of the Linux world, whose work affects all of us every day. Allow me to introduce you.
![Image courtesy Swapnil Bhartiya](http://images.techhive.com/images/article/2015/07/swap-klaus-100599357-orig.jpg)
Image courtesy Swapnil Bhartiya
### Klaus Knopper ###
Klaus Knopper, an Austrian developer who lives in Germany, is the founder of Knoppix and Adriana Linux, which he developed for his blind wife.
Knoppix holds a very special place in heart of those Linux users who started using Linux before Ubuntu came along. What makes Knoppix so special is that it popularized the concept of Live CD. Unlike Windows or Mac OS X, you could run the entire operating system from the CD without installing anything on the system. It allowed new users to test Linux on their systems without formatting the hard drive. The live feature of Linux alone contributed heavily to its popularity.
![Image courtesy Fórum Internacional Software Live/Flickr](http://images.techhive.com/images/article/2015/07/lennart-100599356-orig.jpg)
Image courtesy [Fórum Internacional Software Live/Flickr][2]
### Lennart Pottering ###
Lennart Pottering is yet another genius from Germany. He has written so many core components of a Linux (as well as BSD) system that its hard to keep track. Most of his work is towards the successors of aging or broken components of the Linux systems.
Pottering wrote the modern init system systemd, which shook the Linux world and created a [rift in the Debian community][3].
While Linus Torvalds has no problems with systemd, and praises it, he is not a huge fan of the way systemd developers (including the co-author Kay Sievers,) respond to bug reports and criticism. At one point Linus said on the LKML (Linux Kernel Mailing List) that he would [never work with Sievers][4].
Lennart is also the author of Pulseaudio, sound server on Linux and Avahi, zero-configuration networking (zeroconf) implementation.
![Image courtesy Meego Com/Flickr](http://images.techhive.com/images/article/2015/07/jim-zemlin-100599362-orig.jpg)
Image courtesy [Meego Com/Flickr][5]
### Jim Zemlin ###
Jim Zemlin isn't a developer, but as founder of The Linux Foundation he is certainly one of the most important figures of the Linux world.
In 2007, The Linux Foundation was formed as a result of merger between two open source bodies: the Free Standards Group and the Open Source Development Labs. Zemlin was the executive director of the Free Standards Group. Post-merger Zemlin became the executive director of The Linux Foundation and has held that position since.
Under his leadership, The Linux Foundation has become the central figure in the modern IT world and plays a very critical role for the Linux ecosystem. In order to ensure that key developers like Torvalds and Kroah-Hartman can focus on Linux, the foundation sponsors them as fellows.
Zemlin also made the foundation a bridge between companies so they can collaborate on Linux while at the same time competing in the market. The foundation also organizes many conferences around the world and [offers many courses for Linux developers][6].
People may think of Zemlin as Linus Torvalds' boss, but he refers to himself as "Linus Torvalds' janitor."
![Image courtesy Coscup/Flickr](http://images.techhive.com/images/article/2015/07/greg-kh-100599350-orig.jpg)
Image courtesy [Coscup/Flickr][7]
### Greg Kroah-Hartman ###
Greg Kroah-Hartman is known as second-in-command of the Linux kernel. The gentle giant is the maintainer of the stable branch of the kernel and of staging subsystem, USB, driver core, debugfs, kref, kobject, and the [sysfs][8] kernel subsystems along with many other components of a Linux system.
He is also credited for device drivers for Linux. One of his jobs is to travel around the globe, meet hardware makers and persuade them to make their drivers available for Linux. The next time you plug some random USB device to your system and it works out of the box, thank Kroah-Hartman. (Don't thank the distro. Some distros try to take credit for the work Kroah-Hartman or the Linux kernel did.)
Kroah-Hartman previously worked for Novell and then joined the Linux Foundation as a fellow, alongside Linus Torvalds.
Kroah-Hartman is the total opposite of Linus and never rants (at least publicly). One time there was some ripple was when he stated that [Canonical doesnt contribute much to the Linux kernel][9].
On a personal level, Kroah-Hartman is extremely helpful to new developers and users and is easily accessible.
![Image courtesy Swapnil Bhartiya](http://images.techhive.com/images/article/2015/07/linus-swapnil-100599349-orig.jpg)
Image courtesy Swapnil Bhartiya
### Linus Torvalds ###
No collection of Linux heroes would be complete without Linus Torvalds. He is the author of the Linux kernel, the most used open source technology on the planet and beyond. His software powers everything from space stations to supercomputers, military drones to mobile devices and tiny smartwatches. Linus remains the authority on the Linux kernel and makes the final decision on which patches to merge to the kernel.
Linux isn't Torvalds' only contribution open source. When he got fed-up with the existing software revision control systems, which his kernel heavily relied on, he wrote his own, called Git. Git enjoys the same reputation as Linux; it is the most used version control system in the world.
Torvalds is also a passionate scuba diver and when he found no decent dive logs for Linux, he wrote his own and called it SubSurface.
Torvalds is [well known for his rants][10] and once admitted that his ego is as big as a small planet. But he is also known for admitting his mistakes if he realizes he was wrong.
--------------------------------------------------------------------------------
via: http://www.itworld.com/article/2955001/linux/5-heros-of-the-linux-world.html
作者:[Swapnil Bhartiya][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:http://www.itworld.com/author/Swapnil-Bhartiya/
[1]:https://flic.kr/p/siJ25M
[2]:https://flic.kr/p/uTzj54
[3]:http://www.itwire.com/business-it-news/open-source/66153-systemd-fallout-two-debian-technical-panel-members-resign
[4]:http://www.linuxveda.com/2014/04/04/linus-torvalds-systemd-kay-sievers/
[5]:https://flic.kr/p/9Lnhpu
[6]:http://www.itworld.com/article/2951968/linux/linux-foundation-offers-cheaper-courses-and-certifications-for-india.html
[7]:https://flic.kr/p/hBv8Pp
[8]:https://en.wikipedia.org/wiki/Sysfs
[9]:https://www.youtube.com/watch?v=CyHAeGBFS8k
[10]:http://www.itworld.com/article/2873200/operating-systems/11-technologies-that-tick-off-linus-torvalds.html

149
sources/tech/20150209 Install OpenQRM Cloud Computing Platform In Debian.md
View File

@ -1,149 +0,0 @@
Install OpenQRM Cloud Computing Platform In Debian
================================================================================
### Introduction ###
**openQRM** is a web-based open source Cloud computing and datacenter management platform that integrates flexibly with existing components in enterprise data centers.
It supports the following virtualization technologies:
- KVM,
- XEN,
- Citrix XenServer,
- VMWare ESX,
- LXC,
- OpenVZ.
The Hybrid Cloud Connector in openQRM supports a range of private or public cloud providers to extend your infrastructure on demand via **Amazon AWS**, **Eucalyptus** or **OpenStack**. It, also, automates provisioning, virtualization, storage and configuration management, and it takes care of high-availability. A self-service cloud portal with integrated billing system enables end-users to request new servers and application stacks on-demand.
openQRM is available in two different flavours such as:
- Enterprise Edition
- Community Edition
You can view the difference between both editions [here][1].
### Features ###
- Private/Hybrid Cloud Computing Platform;
- Manages physical and virtualized server systems;
- Integrates with all major open and commercial storage technologies;
- Cross-platform: Linux, Windows, OpenSolaris, and *BSD;
- Supports KVM, XEN, Citrix XenServer, VMWare ESX(i), lxc, OpenVZ and VirtualBox;
- Support for Hybrid Cloud setups using additional Amazon AWS, Eucalyptus, Ubuntu UEC cloud resources;
- Supports P2V, P2P, V2P, V2V Migrations and High-Availability;
- Integrates with the best Open Source management tools like puppet, nagios/Icinga or collectd;
- Over 50 plugins for extended features and integration with your infrastructure;
- Self-Service Portal for end-users;
- Integrated billing system.
### Installation ###
Here, we will install openQRM in Ubuntu 14.04 LTS. Your server must atleast meet the following requirements.
- 1 GB RAM;
- 100 GB Hdd;
- Optional: Virtualization enabled (VT for Intel CPUs or AMD-V for AMD CPUs) in Bios.
First, install make package to compile openQRM source package.
sudo apt-get update
sudo apt-get upgrade
sudo apt-get install make
Then, run the following commands one by one to install openQRM.
Download the latest available version [from here][2].
wget http://sourceforge.net/projects/openqrm/files/openQRM-Community-5.1/openqrm-community-5.1.tgz
tar -xvzf openqrm-community-5.1.tgz
cd openqrm-community-5.1/src/
sudo make
sudo make install
sudo make start
During installation, youll be asked to update the php.ini file.
![~-openqrm-community-5.1-src_001](http://180016988.r.cdn77.net/wp-content/uploads/2015/02/sk@server-openqrm-community-5.1-src_001.png)
Enter mysql root user password.
![~-openqrm-community-5.1-src_002](http://180016988.r.cdn77.net/wp-content/uploads/2015/02/sk@server-openqrm-community-5.1-src_002.png)
Re-enter password:
![~-openqrm-community-5.1-src_003](http://180016988.r.cdn77.net/wp-content/uploads/2015/02/sk@server-openqrm-community-5.1-src_003.png)
Select the mail server configuration type.
![~-openqrm-community-5.1-src_004](http://180016988.r.cdn77.net/wp-content/uploads/2015/02/sk@server-openqrm-community-5.1-src_004.png)
If youre not sure, select Local only. In our case, I go with **Local only** option.
![~-openqrm-community-5.1-src_005](http://180016988.r.cdn77.net/wp-content/uploads/2015/02/sk@server-openqrm-community-5.1-src_005.png)
Enter your system mail name, and finally enter the Nagios administration password.
![~-openqrm-community-5.1-src_007](http://180016988.r.cdn77.net/wp-content/uploads/2015/02/sk@server-openqrm-community-5.1-src_007.png)
The above commands will take long time depending upon your Internet connection to download all packages required to run openQRM. Be patient.
Finally, youll get the openQRM configuration URL along with username and password.
![~_002](http://180016988.r.cdn77.net/wp-content/uploads/2015/02/sk@debian-_002.png)
### Configuration ###
After installing openQRM, open up your web browser and navigate to the URL: **http://ip-address/openqrm**.
For example, in my case http://192.168.1.100/openqrm.
The default username and password is: **openqrm/openqrm**.
![Mozilla Firefox_003](http://180016988.r.cdn77.net/wp-content/uploads/2015/02/Mozilla-Firefox_003.png)
Select a network card to use for the openQRM management network.
![openQRM Server - Mozilla Firefox_004](http://180016988.r.cdn77.net/wp-content/uploads/2015/02/openQRM-Server-Mozilla-Firefox_004.png)
Select a database type. In our case, I selected mysql.
![openQRM Server - Mozilla Firefox_006](http://180016988.r.cdn77.net/wp-content/uploads/2015/02/openQRM-Server-Mozilla-Firefox_006.png)
Now, configure the database connection and initialize openQRM. Here, I use **openQRM** as database name, and user as **root** and debian as password for the database. Be mindful that you should enter the mysql root user password that you have created while installing openQRM.
![openQRM Server - Mozilla Firefox_012](http://180016988.r.cdn77.net/wp-content/uploads/2015/02/openQRM-Server-Mozilla-Firefox_012.png)
Congratulations!! openQRM has been installed and configured.
![openQRM Server - Mozilla Firefox_013](http://180016988.r.cdn77.net/wp-content/uploads/2015/02/openQRM-Server-Mozilla-Firefox_013.png)
### Update openQRM ###
To update openQRM at any time run the following command:
cd openqrm/src/
make update
What we have done so far is just installed and configured openQRM in our Ubuntu server. For creating, running Virtual Machines, managing Storage, integrating additional systems and running your own private Cloud, I suggest you to read the [openQRM Administrator Guide][3].
Thats all now. Cheers! Happy weekend!!
--------------------------------------------------------------------------------
via: http://www.unixmen.com/install-openqrm-cloud-computing-platform-debian/
作者:[SK][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
[a]:http://www.unixmen.com/author/sk/
[1]:http://www.openqrm-enterprise.com/products/edition-comparison.html
[2]:http://sourceforge.net/projects/openqrm/files/?source=navbar
[3]:http://www.openqrm-enterprise.com/fileadmin/Documents/Whitepaper/openQRM-Enterprise-Administrator-Guide-5.2.pdf

183
sources/tech/20150518 How to set up a Replica Set on MongoDB.md
View File

@ -1,183 +0,0 @@
Translating by Ping
How to set up a Replica Set on MongoDB
================================================================================
MongoDB has become the most famous NoSQL database on the market. MongoDB is document-oriented, and its scheme-free design makes it a really attractive solution for all kinds of web applications. One of the features that I like the most is Replica Set, where multiple copies of the same data set are maintained by a group of mongod nodes for redundancy and high availability.
This tutorial describes how to configure a Replica Set on MonoDB.
The most common configuration for a Replica Set involves one primary and multiple secondary nodes. The replication will then be initiated from the primary toward the secondaries. Replica Sets can not only provide database protection against unexpected hardware failure and service downtime, but also improve read throughput of database clients as they can be configured to read from different nodes.
### Set up the Environment ###
In this tutorial, we are going to set up a Replica Set with one primary and two secondary nodes.
![](https://farm8.staticflickr.com/7667/17801038505_529a5224a1.jpg)
In order to implement this lab, we will use three virtual machines (VMs) running on VirtualBox. I am going to install Ubuntu 14.04 on the VMs, and install official packages for Mongodb.
I am going to set up a necessary environment on one VM instance, and then clone it to the other two VM instances. Thus pick one VM named master, and perform the following installations.
First, we need to add the MongoDB key for apt:
$ sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 7F0CEB10
Then we need to add the official MongoDB repository to our source.list:
$ sudo su
# echo "deb http://repo.mongodb.org/apt/ubuntu "$(lsb_release -sc)"/mongodb-org/3.0 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-3.0.list
Let's update repositories and install MongoDB.
$ sudo apt-get update
$ sudo apt-get install -y mongodb-org
Now let's make some changes in /etc/mongodb.conf.
auth = true
dbpath=/var/lib/mongodb
logpath=/var/log/mongodb/mongod.log
logappend=true
keyFile=/var/lib/mongodb/keyFile
replSet=myReplica
The first line is to make sure that we are going to have authentication on our database. keyFile is to set up a keyfile that is going to be used by MongoDB to replicate between nodes. replSet sets up the name of our replica set.
Now we are going to create our keyfile, so that it can be in all our instances.
$ echo -n "MyRandomStringForReplicaSet" | md5sum > keyFile
This will create keyfile that contains a MD5 string, but it has some noise that we need to clean up before using it in MongoDB. Use the following command to clean it up:
$ echo -n "MyReplicaSetKey" | md5sum|grep -o "[0-9a-z]\+" > keyFile
What grep command does is to print MD5 string with no spaces or other characters that we don't want.
Now we are going to make the keyfile ready for use:
$ sudo cp keyFile /var/lib/mongodb
$ sudo chown mongodb:nogroup keyFile
$ sudo chmod 400 keyFile
Now we have our Ubuntu VM ready to be cloned. Power it off, and clone it to the other VMs.
![](https://farm9.staticflickr.com/8729/17800903865_9876a9cc9c.jpg)
I name the cloned VMs secondary1 and secondary2. Make sure to reinitialize the MAC address of cloned VMs and clone full disks.
![](https://farm6.staticflickr.com/5333/17613392900_6de45c9450.jpg)
All three VM instances should be on the same network to communicate with each other. For this, we are going to attach all three VMs to "Internet Network".
It is recommended that each VM instances be assigned a static IP address, as opposed to DHCP IP address, so that the VMs will not lose connectivity among themselves when a DHCP server assigns different IP addresses to them.
Let's edit /etc/networks/interfaces of each VM as follows.
On primary:
auto eth1
iface eth1 inet static
address 192.168.50.2
netmask 255.255.255.0
On secondary1:
auto eth1
iface eth1 inet static
address 192.168.50.3
netmask 255.255.255.0
On secondary2:
auto eth1
iface eth1 inet static
address 192.168.50.4
netmask 255.255.255.0
Another file that needs to be set up is /etc/hosts, because we don't have DNS. We need to set the hostnames in /etc/hosts.
On primary:
127.0.0.1 localhost primary
192.168.50.2 primary
192.168.50.3 secondary1
192.168.50.4 secondary2
On secondary1:
127.0.0.1 localhost secondary1
192.168.50.2 primary
192.168.50.3 secondary1
192.168.50.4 secondary2
On secondary2:
127.0.0.1 localhost secondary2
192.168.50.2 primary
192.168.50.3 secondary1
192.168.50.4 secondary2
Check connectivity among themselves by using ping command:
$ ping primary
$ ping secondary1
$ ping secondary2
### Set up a Replica Set ###
After verifying connectivity among VMs, we can go ahead and create the admin user so that we can start working on the Replica Set.
On primary node, open /etc/mongodb.conf, and comment out two lines that start with auth and replSet:
dbpath=/var/lib/mongodb
logpath=/var/log/mongodb/mongod.log
logappend=true
#auth = true
keyFile=/var/lib/mongodb/keyFile
#replSet=myReplica
Restart mongod daemon.
$ sudo service mongod restart
Create an admin user after conencting to MongoDB:
> use admin
> db.createUser({
user:"admin",
pwd:"
})
$ sudo service mongod restart
Connect to MongoDB and use these commands to add secondary1 and secondary2 to our Replicat Set.
> use admin
> db.auth("admin","myreallyhardpassword")
> rs.initiate()
> rs.add ("secondary1:27017")
> rs.add("secondary2:27017")
Now that we have our Replica Set, we can start working on our project. Consult the [official driver documentation][1] to see how to connect to a Replica Set. In case you want to query from shell, you have to connect to primary instance to insert or query the database. Secondary nodes will not let you do that. If you attempt to access the database on a secondary node, you will get this error message:
myReplica:SECONDARY>
myReplica:SECONDARY> show databases
2015-05-10T03:09:24.131+0000 E QUERY Error: listDatabases failed:{ "note" : "from execCommand", "ok" : 0, "errmsg" : "not master" }
at Error ()
at Mongo.getDBs (src/mongo/shell/mongo.js:47:15)
at shellHelper.show (src/mongo/shell/utils.js:630:33)
at shellHelper (src/mongo/shell/utils.js:524:36)
at (shellhelp2):1:1 at src/mongo/shell/mongo.js:47
I hope you find this tutorial useful. You can use Vagrant to automate your local environments and help you code faster.
--------------------------------------------------------------------------------
via: http://xmodulo.com/setup-replica-set-mongodb.html
作者:[Christopher Valerio][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:http://xmodulo.com/author/valerio
[1]:http://docs.mongodb.org/ecosystem/drivers/

4
sources/tech/20150728 Process of the Linux kernel building.md
View File

@ -1,3 +1,5 @@
Translating by Ezio
Process of the Linux kernel building
================================================================================
Introduction
@ -671,4 +673,4 @@ via: https://github.com/0xAX/linux-insides/blob/master/Misc/how_kernel_compiled.
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出

174
sources/tech/20150730 How to Setup iTOP (IT Operational Portal) on CentOS 7.md
View File

@ -1,174 +0,0 @@
How to Setup iTOP (IT Operational Portal) on CentOS 7
================================================================================
iTOP is a simple, Open source web based IT Service Management tool. It has all of ITIL functionality that includes with Service desk, Configuration Management, Incident Management, Problem Management, Change Management and Service Management. iTop relays on Apache/IIS, MySQL and PHP, so it can run on any operating system supporting these applications. Since iTop is a web based application you dont need to deploy any client software on each users PC. A simple web browser is enough to perform day to day operations of an IT environment with iTOP.
To install and configure iTOP we will be using CentOS 7 as base operating with basic LAMP Stack environment installed on it that will cover its almost all prerequisites.
### Downloading iTOP ###
iTop download package is present on SourceForge, we can get its link from their official website [link][1].
![itop download](http://blog.linoxide.com/wp-content/uploads/2015/07/1-itop-download.png)
We will the download link from here and get this zipped file on server with wget command as below.
[root@centos-007 ~]# wget http://downloads.sourceforge.net/project/itop/itop/2.1.0/iTop-2.1.0-2127.zip
### iTop Extensions and Web Setup ###
By using unzip command we will extract the downloaded packages in the document root directory of our apache web server in a new directory with name itop.
[root@centos-7 ~]# ls
iTop-2.1.0-2127.zip
[root@centos-7 ~]# unzip iTop-2.1.0-2127.zip -d /var/www/html/itop/
List the folder to view installation packages in it.
[root@centos-7 ~]# ls -lh /var/www/html/itop/
total 68K
-rw-r--r--. 1 root root 1.4K Dec 17 2014 INSTALL
-rw-r--r--. 1 root root 35K Dec 17 2014 LICENSE
-rw-r--r--. 1 root root 23K Dec 17 2014 README
drwxr-xr-x. 19 root root 4.0K Jul 14 13:10 web
Here is all the extensions that we can install.
[root@centos-7 2.x]# ls
authent-external itop-backup itop-config-mgmt itop-problem-mgmt itop-service-mgmt-provider itop-welcome-itil
authent-ldap itop-bridge-virtualization-storage itop-datacenter-mgmt itop-profiles-itil itop-sla-computation version.xml
authent-local itop-change-mgmt itop-endusers-devices itop-request-mgmt itop-storage-mgmt wizard-icons
installation.xml itop-change-mgmt-itil itop-incident-mgmt-itil itop-request-mgmt-itil itop-tickets
itop-attachments itop-config itop-knownerror-mgmt itop-service-mgmt itop-virtualization-mgmt
Now from the extracted web directory, moving through different data models we will migrate the required extensions from the datamodels into the web extensions directory of web document root directory with copy command.
[root@centos-7 2.x]# pwd
/var/www/html/itop/web/datamodels/2.x
[root@centos-7 2.x]# cp -r itop-request-mgmt itop-service-mgmt itop-service-mgmt itop-config itop-change-mgmt /var/www/html/itop/web/extensions/
### Installing iTop Web Interface ###
Most of our server side settings and configurations are done.Finally we need to complete its web interface installation process to finalize the setup.
Open your favorite web browser and access the WordPress web directory in your web browser using your server IP or FQDN like.
http://servers_ip_address/itop/web/
You will be redirected towards the web installation process for iTop. Lets configure it as per your requirements like we did here in this tutorial.
#### Prerequisites Validation ####
At the stage you will be prompted for welcome screen with prerequisites validation ok. If you get some warning then you have to make resolve it by installing its prerequisites.
![mcrypt missing](http://blog.linoxide.com/wp-content/uploads/2015/07/2-itop-web-install.png)
At this stage one optional package named php mcrypt will be missing. Download the following rpm package then try to install php mcrypt package.
[root@centos-7 ~]#yum localinstall php-mcrypt-5.3.3-1.el6.x86_64.rpm libmcrypt-2.5.8-9.el6.x86_64.rpm.
After successful installation of php-mcrypt library we need to restart apache web service, then reload the web page and this time its prerequisites validation should be OK.
#### Install or Upgrade iTop ####
Here we will choose the fresh installation as we have not installed iTop previously on our server.
![Install New iTop](http://blog.linoxide.com/wp-content/uploads/2015/07/3.png)
#### iTop License Agreement ####
Chose the option to accept the terms of the licenses of all the components of iTop and click "NEXT".
![License Agreement](http://blog.linoxide.com/wp-content/uploads/2015/07/4.png)
#### Database Configuration ####
Here we the do Configuration of the database connection by giving our database servers credentials and then choose from the option to create new database as shown.
![DB Connection](http://blog.linoxide.com/wp-content/uploads/2015/07/5.png)
#### Administrator Account ####
In this step we will configure an Admin account by filling out its login details as.
![Admin Account](http://blog.linoxide.com/wp-content/uploads/2015/07/6.png)
#### Miscellaneous Parameters ####
Let's choose the additional parameters whether you want to install with demo contents or with fresh database and proceed forward.
![Misc Parameters](http://blog.linoxide.com/wp-content/uploads/2015/07/7.png)
### iTop Configurations Management ###
The options below allow you to configure the type of elements that are to be managed inside iTop like all the base objects that are mandatory in the iTop CMDB, Manage Data Center devices, storage device and virtualization.
![Conf Management](http://blog.linoxide.com/wp-content/uploads/2015/07/8.png)
#### Service Management ####
Select from the choices that best describes the relationships between the services and the IT infrastructure in your IT environment. So we are choosing Service Management for Service Providers here.
![Service Management](http://blog.linoxide.com/wp-content/uploads/2015/07/9.png)
#### iTop Tickets Management ####
From the different available options we will Select the ITIL Compliant Tickets Management option to have different types of ticket for managing user requests and incidents.
![Ticket Management](http://blog.linoxide.com/wp-content/uploads/2015/07/10.png)
#### Change Management Options ####
Select the type of tickets you want to use in order to manage changes to the IT infrastructure from the available options. We are going to choose ITIL change management option here.
![ITIL Change](http://blog.linoxide.com/wp-content/uploads/2015/07/11.png)
#### iTop Extensions ####
In this section we can select the additional extensions to install or we can unchecked the ones that you want to skip.
![iTop Extensions](http://blog.linoxide.com/wp-content/uploads/2015/07/13.png)
### Ready to Start Web Installation ###
Now we are ready to start installing the components that we choose in previous steps. We can also drop down these installation parameters to view our configuration from the drop down.
Once you are confirmed with the installation parameters click on the install button.
![Installation Parameters](http://blog.linoxide.com/wp-content/uploads/2015/07/16.png)
Let's wait for the progress bar to complete the installation process. It might takes few minutes to complete its installation process.
![iTop Installation Process](http://blog.linoxide.com/wp-content/uploads/2015/07/17.png)
### iTop Installation Done ###
Our iTop installation setup is complete, just need to do a simple manual operation as shown and then click to enter iTop.
![iTop Done](http://blog.linoxide.com/wp-content/uploads/2015/07/18.png)
### Welcome to iTop (IT Operational Portal) ###
![itop welcome note](http://blog.linoxide.com/wp-content/uploads/2015/07/20.png)
### iTop Dashboard ###
You can manage configuration of everything from here Servers, computers, Contacts, Locations, Contracts, Network devices…. You can create your own. Just the fact, that the installed CMDB module is great which is an essential part of every bigger IT.
![iTop Dashboard](http://blog.linoxide.com/wp-content/uploads/2015/07/19.png)
### Conclusion ###
ITOP is one of the best Open Source Service Desk solutions. We have successfully installed and configured it on our CentOS 7 cloud host. So, the most powerful aspect of iTop is the ease with which it can be customized via its “extensions”. Feel free to comment if you face any trouble during its setup.
--------------------------------------------------------------------------------
via: http://linoxide.com/tools/setup-itop-centos-7/
作者:[Kashif Siddique][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:http://linoxide.com/author/kashifs/
[1]:http://www.combodo.com/spip.php?page=rubrique&id_rubrique=8

92
sources/tech/20150803 Linux Logging Basics.md
View File

@ -1,92 +0,0 @@
FSSlc translating
Linux Logging Basics
================================================================================
First well describe the basics of what Linux logs are, where to find them, and how they get created. If you already know this stuff, feel free to skip to the next section.
### Linux System Logs ###
Many valuable log files are automatically created for you by Linux. You can find them in your /var/log directory. Here is what this directory looks like on a typical Ubuntu system:
![](http://www.loggly.com/ultimate-guide/wp-content/uploads/2015/05/Linux-system-log-terminal.png)
Some of the most important Linux system logs include:
- /var/log/syslog or /var/log/messages stores all global system activity data, including startup messages. Debian-based systems like Ubuntu store this in /var/log/syslog. RedHat-based systems like RHEL or CentOS store this in /var/log/messages.
- /var/log/auth.log or /var/log/secure stores logs from the Pluggable Authentication Module (pam) including successful logins, failed login attempts, and authentication methods. Ubuntu and Debian store authentication messages in /var/log/auth.log. RedHat and CentOS store this data in /var/log/secure.
- /var/log/kern stores kernel error and warning data, which is particularly helpful for troubleshooting custom kernels.
- /var/log/cron stores information about cron jobs. Use this data to verify that your cron jobs are running successfully.
Digital Ocean has a thorough [tutorial][1] on these files and how rsyslog creates them on common distributions like RedHat and CentOS.
Applications also write log files in this directory. For example, popular servers like Apache, Nginx, MySQL, and more can write log files here. Some of these log files are written by the application itself. Others are created through syslog (see below).
### Whats Syslog? ###
How do Linux system log files get created? The answer is through the syslog daemon, which listens for log messages on the syslog socket /dev/log and then writes them to the appropriate log file.
The word “syslog” is an overloaded term and is often used in short to refer to one of these:
1. **Syslog daemon** — a program to receive, process, and send syslog messages. It can [send syslog remotely][2] to a centralized server or write it to a local file. Common examples include rsyslogd and syslog-ng. In this usage, people will often say “sending to syslog.”
1. **Syslog protocol** — a transport protocol specifying how logs can be sent over a network and a data format definition for syslog messages (below). Its officially defined in [RFC-5424][3]. The standard ports are 514 for plaintext logs and 6514 for encrypted logs. In this usage, people will often say “sending over syslog.”
1. **Syslog messages** — log messages or events in the syslog format, which includes a header with several standard fields. In this usage, people will often say “sending syslog.”
Syslog messages or events include a header with several standard fields, making analysis and routing easier. They include the timestamp, the name of the application, the classification or location in the system where the message originates, and the priority of the issue.
Here is an example log message with the syslog header included. Its from the sshd daemon, which controls remote logins to the system. This message describes a failed login attempt:
<34>1 2003-10-11T22:14:15.003Z server1.com sshd - - pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=10.0.2.2
### Syslog Format and Fields ###
Each syslog message includes a header with fields. Fields are structured data that makes it easier to analyze and route the events. Here is the format we used to generate the above syslog example. You can match each value to a specific field name.
<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% %msg%n
Below, youll find descriptions of some of the most commonly used syslog fields when searching or troubleshooting issues.
#### Timestamp ####
The [timestamp][4] field (2003-10-11T22:14:15.003Z in the example) indicates the time and date that the message was generated on the system sending the message. That time can be different from when another system receives the message. The example timestamp breaks down like this:
- **2003-10-11** is the year, month, and day.
- **T** is a required element of the TIMESTAMP field, separating the date and the time.
- **22:14:15.003** is the 24-hour format of the time, including the number of milliseconds (**003**) into the next second.
- **Z** is an optional element, indicating UTC time. Instead of Z, the example could have included an offset, such as -08:00, which indicates that the time is offset from UTC by 8 hours, PST.
#### Hostname ####
The [hostname][5] field (server1.com in the example above) indicates the name of the host or system that sent the message.
#### App-Name ####
The [app-name][6] field (sshd:auth in the example) indicates the name of the application that sent the message.
#### Priority ####
The priority field or [pri][7] for short (<34> in the example above) tells you how urgent or severe the event is. Its a combination of two numerical fields: the facility and the severity. The severity ranges from the number 7 for debug events all the way to 0 which is an emergency. The facility describes which process created the event. It ranges from 0 for kernel messages to 23 for local application use.
Pri can be output in two ways. The first is as a single number prival which is calculated as the facility field value multiplied by 8, then the result is added to the severity field value: (facility)(8) + (severity). The second is pri-text which will output in the string format “facility.severity.” The latter format can often be easier to read and search but takes up more storage space.
--------------------------------------------------------------------------------
via: http://www.loggly.com/ultimate-guide/logging/linux-logging-basics/
作者:[Jason Skowronski][a1]
作者:[Amy Echeverri][a2]
作者:[Sadequl Hussain][a3]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
[a1]:https://www.linkedin.com/in/jasonskowronski
[a2]:https://www.linkedin.com/in/amyecheverri
[a3]:https://www.linkedin.com/pub/sadequl-hussain/14/711/1a7
[1]:https://www.digitalocean.com/community/tutorials/how-to-view-and-configure-linux-logs-on-ubuntu-and-centos
[2]:https://docs.google.com/document/d/11LXZxWlkNSHkcrCWTUdnLRf_CiZz9kK0cr3yGM_BU_0/edit#heading=h.y2e9tdfk1cdb
[3]:https://tools.ietf.org/html/rfc5424
[4]:https://tools.ietf.org/html/rfc5424#section-6.2.3
[5]:https://tools.ietf.org/html/rfc5424#section-6.2.4
[6]:https://tools.ietf.org/html/rfc5424#section-6.2.5
[7]:https://tools.ietf.org/html/rfc5424#section-6.2.1

117
sources/tech/20150803 Troubleshooting with Linux Logs.md
View File

@ -1,117 +0,0 @@
translation by strugglingyouth
Troubleshooting with Linux Logs
================================================================================
Troubleshooting is the main reason people create logs. Often youll want to diagnose why a problem happened with your Linux system or application. An error message or a sequence of events can give you clues to the root cause, indicate how to reproduce the issue, and point out ways to fix it. Here are a few use cases for things you might want to troubleshoot in your logs.
### Cause of Login Failures ###
If you want to check if your system is secure, you can check your authentication logs for failed login attempts and unfamiliar successes. Authentication failures occur when someone passes incorrect or otherwise invalid login credentials, often to ssh for remote access or su for local access to another users permissions. These are logged by the [pluggable authentication module][1], or pam for short. Look in your logs for strings like Failed password and user unknown. Successful authentication records include strings like Accepted password and session opened.
Failure Examples:
pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=10.0.2.2
Failed password for invalid user hoover from 10.0.2.2 port 4791 ssh2
pam_unix(sshd:auth): check pass; user unknown
PAM service(sshd) ignoring max retries; 6 > 3
Success Examples:
Accepted password for hoover from 10.0.2.2 port 4792 ssh2
pam_unix(sshd:session): session opened for user hoover by (uid=0)
pam_unix(sshd:session): session closed for user hoover
You can use grep to find which users accounts have the most failed logins. These are the accounts that potential attackers are trying and failing to access. This example is for an Ubuntu system.
$ grep "invalid user" /var/log/auth.log | cut -d ' ' -f 10 | sort | uniq -c | sort -nr
23 oracle
18 postgres
17 nagios
10 zabbix
6 test
Youll need to write a different command for each application and message because there is no standard format. Log management systems that automatically parse logs will effectively normalize them and help you extract key fields like username.
Log management systems can extract the usernames from your Linux logs using automated parsing. This lets you see an overview of the users and filter on them with a single click. In this example, we can see that the root user logged in over 2,700 times because we are filtering the logs to show login attempts only for the root user.
![](http://www.loggly.com/ultimate-guide/wp-content/uploads/2015/05/Screen-Shot-2015-03-12-at-11.05.36-AM.png)
Log management systems also let you view graphs over time to spot unusual trends. If someone had one or two failed logins within a few minutes, it might be that a real user forgot his or her password. However, if there are hundreds of failed logins or they are all different usernames, its more likely that someone is trying to attack the system. Here you can see that on March 12, someone tried to login as test and nagios several hundred times. This is clearly not a legitimate use of the system.
![](http://www.loggly.com/ultimate-guide/wp-content/uploads/2015/05/Screen-Shot-2015-03-12-at-11.12.18-AM.png)
### Cause of Reboots ###
Sometimes a server can stop due to a system crash or reboot. How do you know when it happened and who did it?
#### Shutdown Command ####
If someone ran the shutdown command manually, you can see it in the auth log file. Here you can see that someone remotely logged in from the IP 50.0.134.125 as the user ubuntu and then shut the system down.
Mar 19 18:36:41 ip-172-31-11-231 sshd[23437]: Accepted publickey for ubuntu from 50.0.134.125 port 52538 ssh
Mar 19 18:36:41 ip-172-31-11-231 23437]:sshd[ pam_unix(sshd:session): session opened for user ubuntu by (uid=0)
Mar 19 18:37:09 ip-172-31-11-231 sudo: ubuntu : TTY=pts/1 ; PWD=/home/ubuntu ; USER=root ; COMMAND=/sbin/shutdown -r now
#### Kernel Initializing ####
If you want to see when the server restarted regardless of reason (including crashes) you can search logs from the kernel initializing. Youd search for the facility kernel messages and Initializing cpu.
Mar 19 18:39:30 ip-172-31-11-231 kernel: [ 0.000000] Initializing cgroup subsys cpuset
Mar 19 18:39:30 ip-172-31-11-231 kernel: [ 0.000000] Initializing cgroup subsys cpu
Mar 19 18:39:30 ip-172-31-11-231 kernel: [ 0.000000] Linux version 3.8.0-44-generic (buildd@tipua) (gcc version 4.6.3 (Ubuntu/Linaro 4.6.3-1ubuntu5) ) #66~precise1-Ubuntu SMP Tue Jul 15 04:01:04 UTC 2014 (Ubuntu 3.8.0-44.66~precise1-generic 3.8.13.25)
### Detect Memory Problems ###
There are lots of reasons a server might crash, but one common cause is running out of memory.
When your system is low on memory, processes are killed, typically in the order of which ones will release the most resources. The error occurs when your system is using all of its memory and a new or existing process attempts to access additional memory. Look in your log files for strings like Out of Memory or for kernel warnings like to kill. These strings indicate that your system intentionally killed the process or application rather than allowing the process to crash.
Examples:
[33238.178288] Out of memory: Kill process 6230 (firefox) score 53 or sacrifice child
[29923450.995084] select 5230 (docker), adj 0, size 708, to kill
You can find these logs using a tool like grep. This example is for Ubuntu:
$ grep “Out of memory” /var/log/syslog
[33238.178288] Out of memory: Kill process 6230 (firefox) score 53 or sacrifice child
Keep in mind that grep itself uses memory, so you might cause an out of memory error just by running grep. This is another reason its a fabulous idea to centralize your logs!
### Log Cron Job Errors ###
The cron daemon is a scheduler that runs processes at specified dates and times. If the process fails to run or fails to finish, then a cron error appears in your log files. You can find these files in /var/log/cron, /var/log/messages, and /var/log/syslog depending on your distribution. There are many reasons a cron job can fail. Usually the problems lie with the process rather than the cron daemon itself.
By default, cron jobs output through email using Postfix. Here is a log showing that an email was sent. Unfortunately, you cannot see the contents of the message here.
Mar 13 16:35:01 PSQ110 postfix/pickup[15158]: C3EDC5800B4: uid=1001 from=<hoover>
Mar 13 16:35:01 PSQ110 postfix/cleanup[15727]: C3EDC5800B4: message-id=<20150310110501.C3EDC5800B4@PSQ110>
Mar 13 16:35:01 PSQ110 postfix/qmgr[15159]: C3EDC5800B4: from=<hoover@loggly.com>, size=607, nrcpt=1 (queue active)
Mar 13 16:35:05 PSQ110 postfix/smtp[15729]: C3EDC5800B4: to=<hoover@loggly.com>, relay=gmail-smtp-in.l.google.com[74.125.130.26]:25, delay=4.1, delays=0.26/0/2.2/1.7, dsn=2.0.0, status=sent (250 2.0.0 OK 1425985505 f16si501651pdj.5 - gsmtp)
You should consider logging the cron standard output to help debug problems. Here is how you can redirect your cron standard output to syslog using the logger command. Replace the echo command with your own script and helloCron with whatever you want to set the appName to.
*/5 * * * * echo Hello World 2>&1 | /usr/bin/logger -t helloCron
Which creates the log entries:
Apr 28 22:20:01 ip-172-31-11-231 CRON[15296]: (ubuntu) CMD (echo 'Hello World!' 2>&1 | /usr/bin/logger -t helloCron)
Apr 28 22:20:01 ip-172-31-11-231 helloCron: Hello World!
Each cron job will log differently based on the specific type of job and how it outputs data. Hopefully there are clues to the root cause of problems within the logs, or you can add additional logging as needed.
--------------------------------------------------------------------------------
via: http://www.loggly.com/ultimate-guide/logging/troubleshooting-with-linux-logs/
作者:[Jason Skowronski][a1]
作者:[Amy Echeverri][a2]
作者:[Sadequl Hussain][a3]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
[a1]:https://www.linkedin.com/in/jasonskowronski
[a2]:https://www.linkedin.com/in/amyecheverri
[a3]:https://www.linkedin.com/pub/sadequl-hussain/14/711/1a7
[1]:http://linux.die.net/man/8/pam.d

3
sources/tech/20150806 Installation Guide for Puppet on Ubuntu 15.04.md
View File

@ -1,3 +1,4 @@
Translating by ZTinoZ
Installation Guide for Puppet on Ubuntu 15.04
================================================================================
Hi everyone, today in this article we'll learn how to install puppet to manage your server infrastructure running ubuntu 15.04. Puppet is an open source software configuration management tool which is developed and maintained by Puppet Labs that allows us to automate the provisioning, configuration and management of a server infrastructure. Whether we're managing just a few servers or thousands of physical and virtual machines to orchestration and reporting, puppet automates tasks that system administrators often do manually which frees up time and mental space so sysadmins can work on improving other aspects of your overall setup. It ensures consistency, reliability and stability of the automated jobs processed. It facilitates closer collaboration between sysadmins and developers, enabling more efficient delivery of cleaner, better-designed code. Puppet is available in two solutions configuration management and data center automation. They are **puppet open source and puppet enterprise**. Puppet open source is a flexible, customizable solution available under the Apache 2.0 license, designed to help system administrators automate the many repetitive tasks they regularly perform. Whereas puppet enterprise edition is a proven commercial solution for diverse enterprise IT environments which lets us get all the benefits of open source puppet, plus puppet apps, commercial-only enhancements, supported modules and integrations, and the assurance of a fully supported platform. Puppet uses SSL certificates to authenticate communication between master and agent nodes.
@ -426,4 +427,4 @@ via: http://linoxide.com/linux-how-to/install-puppet-ubuntu-15-04/
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:http://linoxide.com/author/arunp/
[1]:https://docs.puppetlabs.com/puppet/latest/reference/config_file_main.html
[1]:https://docs.puppetlabs.com/puppet/latest/reference/config_file_main.html

99
sources/tech/20150807 How To--Temporarily Clear Bash Environment Variables on a Linux and Unix-like System.md
View File

@ -1,99 +0,0 @@
Translating by ictlyh
How To: Temporarily Clear Bash Environment Variables on a Linux and Unix-like System
================================================================================
I'm a bash shell user. I would like to temporarily clear bash shell environment variables. I do not want to delete or unset an exported environment variable. How do I run a program in a temporary environment in bash or ksh shell?
You can use the env command to set and print environment on a Linux or Unix-like systems. The env command executes utility after modifying the environment as specified on the command line.
### How do I display my current environment? ###
Open the terminal application and type any one of the following command:
printenv
OR
env
Sample outputs:
![Fig.01: Unix/Linux: List All Environment Variables Command](http://s0.cyberciti.org/uploads/faq/2015/08/env-unix-linux-command-output.jpg)
Fig.01: Unix/Linux: List All Environment Variables Command
### Counting your environment variables ###
Type the following command:
env | wc -l
printenv | wc -l
Sample outputs:
20
### Run a program in a clean environment in bash/ksh/zsh ###
The syntax is as follows:
env -i your-program-name-here arg1 arg2 ...
For example, run the wget program without using http_proxy and/or all other variables i.e. temporarily clear all bash/ksh/zsh environment variables and run the wget program:
env -i /usr/local/bin/wget www.cyberciti.biz
env -i wget www.cyberciti.biz
This is very useful when you want to run a command ignoring any environment variables you have set. I use this command many times everyday to ignore the http_proxy and other environment variable I have set.
#### Example: With the http_proxy ####
$ wget www.cyberciti.biz
--2015-08-03 23:20:23-- http://www.cyberciti.biz/
Connecting to 10.12.249.194:3128... connected.
Proxy request sent, awaiting response... 200 OK
Length: unspecified [text/html]
Saving to: 'index.html'
index.html [ <=> ] 36.17K 87.0KB/s in 0.4s
2015-08-03 23:20:24 (87.0 KB/s) - 'index.html' saved [37041]
#### Example: Ignore the http_proxy ####
$ env -i /usr/local/bin/wget www.cyberciti.biz
--2015-08-03 23:25:17-- http://www.cyberciti.biz/
Resolving www.cyberciti.biz... 74.86.144.194
Connecting to www.cyberciti.biz|74.86.144.194|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]
Saving to: 'index.html.1'
index.html.1 [ <=> ] 36.17K 115KB/s in 0.3s
2015-08-03 23:25:18 (115 KB/s) - 'index.html.1' saved [37041]
The option -i causes env command to completely ignore the environment it inherits. However, it does not prevent your command (such as wget or curl) setting new variables. Also, note down the side effect of running bash/ksh shell:
env -i env | wc -l ## empty ##
# Now run bash ##
env -i bash
## New enviroment set by bash program ##
env | wc -l
#### Example: Set an environmental variable ####
The syntax is:
env var=value /path/to/command arg1 arg2 ...
## OR ##
var=value /path/to/command arg1 arg2 ...
For example set http_proxy:
env http_proxy="http://USER:PASSWORD@server1.cyberciti.biz:3128/" \
/usr/local/bin/wget www.cyberciti.biz
--------------------------------------------------------------------------------
via: http://www.cyberciti.biz/faq/linux-unix-temporarily-clearing-environment-variables-command/
作者Vivek Gite
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出

62
sources/tech/20150811 Darkstat is a Web Based Network Traffic Analyzer--Install it on Linux.md Normal file
View File

@ -0,0 +1,62 @@
Darkstat is a Web Based Network Traffic Analyzer Install it on Linux
================================================================================
Darkstat is a simple, web based network traffic analyzer application. It works on many popular operating systems like Linux, Solaris, Mac and AIX. It keeps running in the background as a daemon and continues collecting and sniffing network data and presents it in easily understandable format within its web interface. It can generate traffic reports for hosts, identify which ports are open on some particular host and is IPV 6 complaint application. Lets see how we can install and configure it on Linux operating system.
### Installing Darkstat on Linux ###
**Install Darkstat on Fedora/CentOS/RHEL:**
In order to install it on Fedora/RHEL and CentOS Linux distributions, run following command on the terminal.
sudo yum install darkstat
**Install Darkstat on Ubuntu/Debian:**
Run following on the terminal to install it on Ubuntu and Debian.
sudo apt-get install darkstat
Congratulations, Darkstat has been installed on your Linux system now.
### Configuring Darkstat ###
In order to run this application properly, we need to perform some basic configurations. Edit /etc/darkstat/init.cfg file in Gedit text editor by running the following command on the terminal.
sudo gedit /etc/darkstat/init.cfg
![](http://linuxpitstop.com/wp-content/uploads/2015/08/13.png)
Edit Darkstat
Change START_DARKSTAT parameter to “yes” and provide your network interface in “INTERFACE”. Make sure to uncomment DIR, PORT, BINDIP, and LOCAL parameters here. If you wish to bind the web interface for Darkstat to some specific IP, provide it in BINDIP section.
### Starting Darkstat Daemon ###
Once the installation and configuration for Darkstat is complete, run following command to start its daemon.
sudo /etc/init.d/darkstat start
![Restarting Darkstat](http://linuxpitstop.com/wp-content/uploads/2015/08/23.png)
You can configure Darkstat to start on system boot by running the following command:
chkconfig darkstat on
Launch your browser and load **http://localhost:666** and it will display the web based graphical interface for Darkstat. Start using this tool to analyze your network traffic.
![Darkstat](http://linuxpitstop.com/wp-content/uploads/2015/08/32.png)
### Conclusion ###
It is a lightweight tool with very low memory footprints. The key reason for the popularity of this tool is simplicity, ease of configuration and usage. It is a must-have application for System and Network Administrators.
--------------------------------------------------------------------------------
via: http://linuxpitstop.com/install-darkstat-on-ubuntu-linux/
作者:[Aun][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
[a]:http://linuxpitstop.com/author/aun/

203
sources/tech/20150811 How to Install Snort and Usage in Ubuntu 15.04.md Normal file
View File

@ -0,0 +1,203 @@
How to Install Snort and Usage in Ubuntu 15.04
================================================================================
Intrusion detection in a network is important for IT security. Intrusion Detection System used for the detection of illegal and malicious attempts in the network. Snort is well-known open source intrusion detection system. Web interface (Snorby) can be used for better analysis of alerts. Snort can be used as an intrusion prevention system with iptables/pf firewall. In this article, we will install and configure an open source IDS system snort.
### Snort Installation ###
#### Prerequisite ####
Data Acquisition library (DAQ) is used by the snort for abstract calls to packet capture libraries. It is available on snort website. Downloading process is shown in the following screenshot.
![downloading_daq](http://blog.linoxide.com/wp-content/uploads/2015/07/downloading_daq.png)
Extract it and run ./configure, make and make install commands for DAQ installation. However, DAQ required other tools therefore ./configure script will generate following errors .
flex and bison error
![flexandbison_error](http://blog.linoxide.com/wp-content/uploads/2015/07/flexandbison_error.png)
libpcap error.
![libpcap error](http://blog.linoxide.com/wp-content/uploads/2015/07/libpcap-error.png)
Therefore first install flex/bison and libcap before DAQ installation which is shown in the figure.
![install_flex](http://blog.linoxide.com/wp-content/uploads/2015/07/install_flex.png)
Installation of libpcap development library is shown below
![libpcap-dev installation](http://blog.linoxide.com/wp-content/uploads/2015/07/libpcap-dev-installation.png)
After installation of necessary tools, again run ./configure script which will show following output.
![without_error_configure](http://blog.linoxide.com/wp-content/uploads/2015/07/without_error_configure.png)
make and make install commands result is shown in the following screens.
![make install](http://blog.linoxide.com/wp-content/uploads/2015/07/make-install.png)
![make](http://blog.linoxide.com/wp-content/uploads/2015/07/make.png)
After successful installation of DAQ, now we will install snort. Downloading using wget is shown in the below figure.
![downloading_snort](http://blog.linoxide.com/wp-content/uploads/2015/07/downloading_snort.png)
Extract compressed package using below given command.
#tar -xvzf snort-2.9.7.3.tar.gz
![snort_extraction](http://blog.linoxide.com/wp-content/uploads/2015/07/snort_extraction.png)
Create installation directory and set prefix parameter in the configure script. It is also recommended to enable sourcefire flag for Packet Performance Monitoring (PPM).
#mkdir /usr/local/snort
#./configure --prefix=/usr/local/snort/ --enable-sourcefire
![snort_installation](http://blog.linoxide.com/wp-content/uploads/2015/07/snort_installation.png)
Configure script generates error due to missing libpcre-dev , libdumbnet-dev and zlib development libraries.
error due to missing libpcre library.
![pcre-error](http://blog.linoxide.com/wp-content/uploads/2015/07/pcre-error.png)
error due to missing dnet (libdumbnet) library.
![libdnt error](http://blog.linoxide.com/wp-content/uploads/2015/07/libdnt-error.png)
configure script generate error due to missing zlib library.
![zlib error](http://blog.linoxide.com/wp-content/uploads/2015/07/zlib-error.png)
Installation of all required development libraries is shown in the next screenshots.
# aptitude install libpcre3-dev
![libpcre3-dev install](http://blog.linoxide.com/wp-content/uploads/2015/07/libpcre3-dev-install.png)
# aptitude install libdumbnet-dev
![libdumnet-dev installation](http://blog.linoxide.com/wp-content/uploads/2015/07/libdumnet-dev-installation.png)
# aptitude install zlib1g-dev
![zlibg-dev installation](http://blog.linoxide.com/wp-content/uploads/2015/07/zlibg-dev-installation.png)
After installation of above required libraries for snort, again run the configure scripts without any error.
Run make & make install commands for the compilation and installations of snort in /usr/local/snort directory.
#make
![make snort](http://blog.linoxide.com/wp-content/uploads/2015/07/make-snort.png)
#make install
![make install snort](http://blog.linoxide.com/wp-content/uploads/2015/07/make-install-snort.png)
Finally snort running from /usr/local/snort/bin directory. Currently it is in promisc mode (packet dump mode) of all traffic on eth0 interface.
![snort running](http://blog.linoxide.com/wp-content/uploads/2015/07/snort-running.png)
Traffic dump by the snort interface is shown in following figure.
![traffic](http://blog.linoxide.com/wp-content/uploads/2015/07/traffic1.png)
#### Rules and Configuration of Snort ####
Snort installation from source code required rules and configuration setting therefore now we will copy rules and configuration under /etc/snort directory. We have created single bash scripts for rules and configuration setting. It is used for following snort setting.
- Creation of snort user for snort IDS service on linux.
- Creation of directories and files under /etc directory for snort configuration.
- Permission setting and copying data from etc directory of snort source code.
- Remove # (comment sign) from rules path in snort.conf file.
#!/bin/bash##PATH of source code of snort
snort_src="/home/test/Downloads/snort-2.9.7.3"
echo "adding group and user for snort..."
groupadd snort &> /dev/null
useradd snort -r -s /sbin/nologin -d /var/log/snort -c snort_idps -g snort &> /dev/null#snort configuration
echo "Configuring snort..."mkdir -p /etc/snort
mkdir -p /etc/snort/rules
touch /etc/snort/rules/black_list.rules
touch /etc/snort/rules/white_list.rules
touch /etc/snort/rules/local.rules
mkdir /etc/snort/preproc_rules
mkdir /var/log/snort
mkdir -p /usr/local/lib/snort_dynamicrules
chmod -R 775 /etc/snort
chmod -R 775 /var/log/snort
chmod -R 775 /usr/local/lib/snort_dynamicrules
chown -R snort:snort /etc/snort
chown -R snort:snort /var/log/snort
chown -R snort:snort /usr/local/lib/snort_dynamicrules
###copy configuration and rules from etc directory under source code of snort
echo "copying from snort source to /etc/snort ....."
echo $snort_src
echo "-------------"
cp $snort_src/etc/*.conf* /etc/snort
cp $snort_src/etc/*.map /etc/snort##enable rules
sed -i 's/include \$RULE\_PATH/#include \$RULE\_PATH/' /etc/snort/snort.conf
echo "---DONE---"
Change the snort source directory in the script and run it. Following output appear in case of success.
![running script](http://blog.linoxide.com/wp-content/uploads/2015/08/running_script.png)
Above script copied following files/directories from snort source into /etc/snort configuration file.
![files copied](http://blog.linoxide.com/wp-content/uploads/2015/08/created.png)
Snort configuration file is very complex however following necessary changes are required in snort.conf for IDS proper working.
ipvar HOME_NET 192.168.1.0/24 # LAN side
----------
ipvar EXTERNAL_NET !$HOME_NET # WAN side
![veriable set](http://blog.linoxide.com/wp-content/uploads/2015/08/12.png)
var RULE_PATH /etc/snort/rules # snort signature path
var SO_RULE_PATH /etc/snort/so_rules #rules in shared libraries
var PREPROC_RULE_PATH /etc/snort/preproc_rules # Preproces path
var WHITE_LIST_PATH /etc/snort/rules # dont scan
var BLACK_LIST_PATH /etc/snort/rules # Must scan
![main path](http://blog.linoxide.com/wp-content/uploads/2015/08/rule-path.png)
include $RULE_PATH/local.rules # file for custom rules
remove comment sign (#) from other rules such as ftp.rules,exploit.rules etc.
![path rules](http://blog.linoxide.com/wp-content/uploads/2015/08/path-rules.png)
Now [Download community][1] rules and extract under /etc/snort/rules directory. Enable community and emerging threats rules in snort.conf file.
![wget_rules](http://blog.linoxide.com/wp-content/uploads/2015/08/wget_rules.png)
![community rules](http://blog.linoxide.com/wp-content/uploads/2015/08/community-rules1.png)
Run following command to test the configuration file after above mentioned changes.
#snort -T -c /etc/snort/snort.conf
![snort running](http://blog.linoxide.com/wp-content/uploads/2015/08/snort-final.png)
### Conclusion ###
In this article our focus was on the installation and configuration of an open source IDPS system snort on Ubuntu distribution. By default it is used for the monitoring of events however it can con configured inline mode for the protection of network. Snort rules can be tested and analysed in offline mode using pcap capture file.
--------------------------------------------------------------------------------
via: http://linoxide.com/security/install-snort-usage-ubuntu-15-04/
作者:[nido][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:http://linoxide.com/author/naveeda/
[1]:https://www.snort.org/downloads/community/community-rules.tar.gz

101
sources/tech/20150811 How to download apk files from Google Play Store on Linux.md Normal file
View File

@ -0,0 +1,101 @@
FSSlc translating
How to download apk files from Google Play Store on Linux
================================================================================
Suppose you want to install an Android app on your Android device. However, for whatever reason, you cannot access Google Play Store on the Android device. What can you do then? One way to install the app without Google Play Store access is to download its APK file using some other means, and then [install the APK][1] file on the Android device manually.
There are several ways to download official APK files from Google Play Store on non-Android devices such as regular computers and laptops. For example, there are browser plugins (e.g., for [Chrome][2] or [Firefox][3]) or online APK archives that allow you to download APK files using a web browser. If you do not trust these closed-source plugins or third-party APK repositories, there is yet another way to download official APK files manually, and that is via an open-source Linux app called [GooglePlayDownloader][4].
GooglePlayDownloader is a Python-based GUI application that enables you to search and download APK files from Google Play Store. Since this is completely open-source, you can be assured while using it. In this tutorial, I am going to show how to download an APK file from Google Play Store using GooglePlayDownloader in Linux environment.
### Python requirement ###
GooglePlayDownloader requires Python with SNI (Server Name Indication) support for SSL/TLS communication. This feature comes with Python 2.7.9 or higher. This leaves out older distributions such as Debian 7 Wheezy or earlier, Ubuntu 14.04 or earlier, or CentOS/RHEL 7 or earlier. Assuming that you have a Linux distribution with Python 2.7.9 or higher, proceed to install GooglePlayDownloader as follows.
### Install GooglePlayDownloader on Ubuntu ###
On Ubuntu, you can use the official deb build. One catch is that you may need to install one required dependency manually.
#### On Ubuntu 14.10 ####
Download [python-ndg-httpsclient][5] deb package, which is a missing dependency on older Ubuntu distributions. Also download GooglePlayDownloader's official deb package.
$ wget http://mirrors.kernel.org/ubuntu/pool/main/n/ndg-httpsclient/python-ndg-httpsclient_0.3.2-1ubuntu4_all.deb
$ wget http://codingteam.net/project/googleplaydownloader/download/file/googleplaydownloader_1.7-1_all.deb
We are going to use [gdebi command][6] to install those two deb files as follows. The gdebi command will automatically handle any other dependencies.
$ sudo apt-get install gdebi-core
$ sudo gdebi python-ndg-httpsclient_0.3.2-1ubuntu4_all.deb
$ sudo gdebi googleplaydownloader_1.7-1_all.deb
#### On Ubuntu 15.04 or later ####
Recent Ubuntu distributions ship all required dependencies, and thus the installation is straightforward as follows.
$ wget http://codingteam.net/project/googleplaydownloader/download/file/googleplaydownloader_1.7-1_all.deb
$ sudo apt-get install gdebi-core
$ sudo gdebi googleplaydownloader_1.7-1_all.deb
### Install GooglePlayDownloader on Debian ###
Due to its Python requirement, GooglePlayDownloader cannot be installed on Debian 7 Wheezy or earlier unless you upgrade its stock Python.
#### On Debian 8 Jessie and higher: ####
$ wget http://codingteam.net/project/googleplaydownloader/download/file/googleplaydownloader_1.7-1_all.deb
$ sudo apt-get install gdebi-core
$ sudo gdebi googleplaydownloader_1.7-1_all.deb
### Install GooglePlayDownloader on Fedora ###
Since GooglePlayDownloader was originally developed for Debian based distributions, you need to install it from the source if you want to use it on Fedora.
First, install necessary dependencies.
$ sudo yum install python-pyasn1 wxPython python-ndg_httpsclient protobuf-python python-requests
Then install it as follows.
$ wget http://codingteam.net/project/googleplaydownloader/download/file/googleplaydownloader_1.7.orig.tar.gz
$ tar -xvf googleplaydownloader_1.7.orig.tar.gz
$ cd googleplaydownloader-1.7
$ chmod o+r -R .
$ sudo python setup.py install
$ sudo sh -c "echo 'python /usr/lib/python2.7/site-packages/googleplaydownloader-1.7-py2.7.egg/googleplaydownloader/googleplaydownloader.py' > /usr/bin/googleplaydownloader"
### Download APK Files from Google Play Store with GooglePlayDownloader ###
Once you installed GooglePlayDownloader, you can download APK files from Google Play Store as follows.
First launch the app by typing:
$ googleplaydownloader
![](https://farm1.staticflickr.com/425/20229024898_105396fa68_b.jpg)
At the search bar, type the name of the app you want to download from Google Play Store.
![](https://farm1.staticflickr.com/503/20230360479_925f5da613_b.jpg)
Once you find the app in the search list, choose the app, and click on "Download selected APK(s)" button. You will find the downloaded APK file in your home directory. Now you can move the APK file to the Android device of your choice, and install it manually.
Hope this helps.
--------------------------------------------------------------------------------
via: http://xmodulo.com/download-apk-files-google-play-store.html
作者:[Dan Nanni][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:http://xmodulo.com/author/nanni
[1]:http://xmodulo.com/how-to-install-apk-file-on-android-phone-or-tablet.html
[2]:https://chrome.google.com/webstore/detail/apk-downloader/cgihflhdpokeobcfimliamffejfnmfii
[3]:https://addons.mozilla.org/en-us/firefox/addon/apk-downloader/
[4]:http://codingteam.net/project/googleplaydownloader
[5]:http://packages.ubuntu.com/vivid/python-ndg-httpsclient
[6]:http://xmodulo.com/how-to-install-deb-file-with-dependencies.html

323
sources/tech/RHCSA Series/RHCSA Series--Part 02--How to Perform File and Directory Management.md
View File

@ -1,323 +0,0 @@
[translating by xiqingongzi]
RHCSA Series: How to Perform File and Directory Management Part 2
================================================================================
In this article, RHCSA Part 2: File and directory management, we will review some essential skills that are required in the day-to-day tasks of a system administrator.
![RHCSA: Perform File and Directory Management Part 2](http://www.tecmint.com/wp-content/uploads/2015/03/RHCSA-Part2.png)
RHCSA: Perform File and Directory Management Part 2
### Create, Delete, Copy, and Move Files and Directories ###
File and directory management is a critical competence that every system administrator should possess. This includes the ability to create / delete text files from scratch (the core of each programs configuration) and directories (where you will organize files and other directories), and to find out the type of existing files.
The [touch command][1] can be used not only to create empty files, but also to update the access and modification times of existing files.
![touch command example](http://www.tecmint.com/wp-content/uploads/2015/03/touch-command-example.png)
touch command example
You can use `file [filename]` to determine a files type (this will come in handy before launching your preferred text editor to edit it).
![file command example](http://www.tecmint.com/wp-content/uploads/2015/03/file-command-example.png)
file command example
and `rm [filename]` to delete it.
![Linux rm command examples](http://www.tecmint.com/wp-content/uploads/2015/03/rm-command-examples.png)
rm command example
As for directories, you can create directories inside existing paths with `mkdir [directory]` or create a full path with `mkdir -p [/full/path/to/directory].`
![mkdir command example](http://www.tecmint.com/wp-content/uploads/2015/03/mkdir-command-example.png)
mkdir command example
When it comes to removing directories, you need to make sure that theyre empty before issuing the `rmdir [directory]` command, or use the more powerful (handle with care!) `rm -rf [directory]`. This last option will force remove recursively the `[directory]` and all its contents so use it at your own risk.
### Input and Output Redirection and Pipelining ###
The command line environment provides two very useful features that allows to redirect the input and output of commands from and to files, and to send the output of a command to another, called redirection and pipelining, respectively.
To understand those two important concepts, we must first understand the three most important types of I/O (Input and Output) streams (or sequences) of characters, which are in fact special files, in the *nix sense of the word.
- Standard input (aka stdin) is by default attached to the keyboard. In other words, the keyboard is the standard input device to enter commands to the command line.
- Standard output (aka stdout) is by default attached to the screen, the device that “receives” the output of commands and display them on the screen.
- Standard error (aka stderr), is where the status messages of a command is sent to by default, which is also the screen.
In the following example, the output of `ls /var` is sent to stdout (the screen), as well as the result of ls /tecmint. But in the latter case, it is stderr that is shown.
![Linux input output redirect](http://www.tecmint.com/wp-content/uploads/2015/03/Linux-input-output-redirect.png)
Input and Output Example
To more easily identify these special files, they are each assigned a file descriptor, an abstract representation that is used to access them. The essential thing to understand is that these files, just like others, can be redirected. What this means is that you can capture the output from a file or script and send it as input to another file, command, or script. This will allow you to store on disk, for example, the output of commands for later processing or analysis.
To redirect stdin (fd 0), stdout (fd 1), or stderr (fd 2), the following operators are available.
注:表格
<table cellspacing="0" border="0">
<colgroup width="226"></colgroup>
<colgroup width="743"></colgroup>
<tbody>
<tr>
<td align="CENTER" height="24" bgcolor="#999999" style="border: 1px solid #000000;"><b><span style="font-size: medium;">Redirection Operator</span></b></td>
<td align="CENTER" bgcolor="#999999" style="border: 1px solid #000000;"><b><span style="font-size: medium;">Effect</span></b></td>
</tr>
<tr class="alt">
<td align="CENTER" height="18" style="border: 1px solid #000000;"><b><span style="font-family: Courier New;">&gt;</span></b></td>
<td align="LEFT" style="border: 1px solid #000000;">Redirects standard output to a file containing standard output. If the destination file exists, it will be overwritten.</td>
</tr>
<tr>
<td align="CENTER" height="18" style="border: 1px solid #000000;"><b><span style="font-family: Courier New;">&gt;&gt;</span></b></td>
<td align="LEFT" style="border: 1px solid #000000;">Appends standard output to a file.</td>
</tr>
<tr class="alt">
<td align="CENTER" height="18" style="border: 1px solid #000000;"><b><span style="font-family: Courier New;">2&gt;</span></b></td>
<td align="LEFT" style="border: 1px solid #000000;">Redirects standard error to a file containing standard output. If the destination file exists, it will be overwritten.</td>
</tr>
<tr>
<td align="CENTER" height="18" style="border: 1px solid #000000;"><b><span style="font-family: Courier New;">2&gt;&gt;</span></b></td>
<td align="LEFT" style="border: 1px solid #000000;">Appends standard error to the existing file.</td>
</tr>
<tr class="alt">
<td align="CENTER" height="18" style="border: 1px solid #000000;"><b><span style="font-family: Courier New;">&amp;&gt;</span></b></td>
<td align="LEFT" style="border: 1px solid #000000;">Redirects both standard output and standard error to a file; if the specified file exists, it will be overwritten.</td>
</tr>
<tr>
<td align="CENTER" height="18" style="border: 1px solid #000000;"><b><span style="font-family: Courier New;">&lt;</span></b></td>
<td align="LEFT" style="border: 1px solid #000000;">Uses the specified file as standard input.</td>
</tr>
<tr class="alt">
<td align="CENTER" height="18" style="border: 1px solid #000000;"><b><span style="font-family: Courier New;">&lt;&gt;</span></b></td>
<td align="LEFT" style="border: 1px solid #000000;">The specified file is used for both standard input and standard output.</td>
</tr>
</tbody>
</table>
As opposed to redirection, pipelining is performed by adding a vertical bar `(|)` after a command and before another one.
Remember:
- Redirection is used to send the output of a command to a file, or to send a file as input to a command.
- Pipelining is used to send the output of a command to another command as input.
#### Examples Of Redirection and Pipelining ####
**Example 1: Redirecting the output of a command to a file**
There will be times when you will need to iterate over a list of files. To do that, you can first save that list to a file and then read that file line by line. While it is true that you can iterate over the output of ls directly, this example serves to illustrate redirection.
# ls -1 /var/mail > mail.txt
![Redirect output of command tot a file](http://www.tecmint.com/wp-content/uploads/2015/03/Redirect-output-to-a-file.png)
Redirect output of command tot a file
**Example 2: Redirecting both stdout and stderr to /dev/null**
In case we want to prevent both stdout and stderr to be displayed on the screen, we can redirect both file descriptors to `/dev/null`. Note how the output changes when the redirection is implemented for the same command.
# ls /var /tecmint
# ls /var/ /tecmint &> /dev/null
![Redirecting stdout and stderr ouput to /dev/null](http://www.tecmint.com/wp-content/uploads/2015/03/Redirecting-stdout-stderr-ouput.png)
Redirecting stdout and stderr ouput to /dev/null
#### Example 3: Using a file as input to a command ####
While the classic syntax of the [cat command][2] is as follows.
# cat [file(s)]
You can also send a file as input, using the correct redirection operator.
# cat < mail.txt
![Linux cat command examples](http://www.tecmint.com/wp-content/uploads/2015/03/cat-command-examples.png)
cat command example
#### Example 4: Sending the output of a command as input to another ####
If you have a large directory or process listing and want to be able to locate a certain file or process at a glance, you will want to pipeline the listing to grep.
Note that we use to pipelines in the following example. The first one looks for the required keyword, while the second one will eliminate the actual `grep command` from the results. This example lists all the processes associated with the apache user.
# ps -ef | grep apache | grep -v grep
![Send output of command as input to another](http://www.tecmint.com/wp-content/uploads/2015/03/Send-output-of-command-as-input-to-another1.png)
Send output of command as input to another
### Archiving, Compressing, Unpacking, and Uncompressing Files ###
If you need to transport, backup, or send via email a group of files, you will use an archiving (or grouping) tool such as [tar][3], typically used with a compression utility like gzip, bzip2, or xz.
Your choice of a compression tool will be likely defined by the compression speed and rate of each one. Of these three compression tools, gzip is the oldest and provides the least compression, bzip2 provides improved compression, and xz is the newest and provides the best compression. Typically, files compressed with these utilities have .gz, .bz2, or .xz extensions, respectively.
注:表格
<table cellspacing="0" border="0">
<colgroup width="165"></colgroup>
<colgroup width="137"></colgroup>
<colgroup width="366"></colgroup>
<tbody>
<tr>
<td align="CENTER" height="24" bgcolor="#999999" style="border: 1px solid #000000;"><b><span style="font-size: medium;">Command</span></b></td>
<td align="CENTER" bgcolor="#999999" style="border: 1px solid #000000;"><b><span style="font-size: medium;">Abbreviation</span></b></td>
<td align="CENTER" bgcolor="#999999" style="border: 1px solid #000000;"><b><span style="font-size: medium;">Description</span></b></td>
</tr>
<tr class="alt">
<td align="LEFT" height="18" style="border: 1px solid #000000;"><span style="font-family: Courier New;"> &ndash;create</span></td>
<td align="LEFT" style="border: 1px solid #000000;">c</td>
<td align="LEFT" style="border: 1px solid #000000;">Creates a tar archive</td>
</tr>
<tr>
<td align="LEFT" height="18" style="border: 1px solid #000000;"><span style="font-family: Courier New;"> &ndash;concatenate</span></td>
<td align="LEFT" style="border: 1px solid #000000;">A</td>
<td align="LEFT" style="border: 1px solid #000000;">Appends tar files to an archive</td>
</tr>
<tr class="alt">
<td align="LEFT" height="18" style="border: 1px solid #000000;"><span style="font-family: Courier New;"> &ndash;append</span></td>
<td align="LEFT" style="border: 1px solid #000000;">r</td>
<td align="LEFT" style="border: 1px solid #000000;">Appends non-tar files to an archive</td>
</tr>
<tr>
<td align="LEFT" height="18" style="border: 1px solid #000000;"><span style="font-family: Courier New;"> &ndash;update</span></td>
<td align="LEFT" style="border: 1px solid #000000;">u</td>
<td align="LEFT" style="border: 1px solid #000000;">Appends files that are newer than those in an archive</td>
</tr>
<tr class="alt">
<td align="LEFT" height="18" style="border: 1px solid #000000;"><span style="font-family: Courier New;"> &ndash;diff or &ndash;compare</span></td>
<td align="LEFT" style="border: 1px solid #000000;">d</td>
<td align="LEFT" style="border: 1px solid #000000;">Compares an archive to files on disk</td>
</tr>
<tr>
<td align="LEFT" height="20" style="border: 1px solid #000000;"><span style="font-family: Courier New;"> &ndash;list</span></td>
<td align="LEFT" style="border: 1px solid #000000;">t</td>
<td align="LEFT" style="border: 1px solid #000000;">Lists the contents of a tarball</td>
</tr>
<tr class="alt">
<td align="LEFT" height="18" style="border: 1px solid #000000;"><span style="font-family: Courier New;"> &ndash;extract or &ndash;get</span></td>
<td align="LEFT" style="border: 1px solid #000000;">x</td>
<td align="LEFT" style="border: 1px solid #000000;">Extracts files from an archive</td>
</tr>
</tbody>
</table>
注:表格
<table cellspacing="0" border="0">
<colgroup width="258"></colgroup>
<colgroup width="152"></colgroup>
<colgroup width="803"></colgroup>
<tbody>
<tr>
<td align="CENTER" height="24" bgcolor="#999999" style="border: 1px solid #000001;"><b><span style="font-size: medium;">Operation modifier</span></b></td>
<td align="CENTER" bgcolor="#999999" style="border: 1px solid #000001;"><b><span style="font-size: medium;">Abbreviation</span></b></td>
<td align="CENTER" bgcolor="#999999" style="border: 1px solid #000001;"><b><span style="font-size: medium;">Description</span></b></td>
</tr>
<tr class="alt">
<td align="LEFT" height="24" style="border: 1px solid #000001;"><span style="font-family: Courier New;">&mdash;</span>directory dir</td>
<td align="LEFT" style="border: 1px solid #000001;"><span style="font-family: Courier New;"> C</span></td>
<td align="LEFT" style="border: 1px solid #000001;">Changes to directory dir before performing operations</td>
</tr>
<tr>
<td align="LEFT" height="24" style="border: 1px solid #000001;"><span style="font-family: Courier New;">&mdash;</span>same-permissions and <span style="font-family: Courier New;">&mdash;</span>same-owner</td>
<td align="LEFT" style="border: 1px solid #000001;"><span style="font-family: Courier New;"> p</span></td>
<td align="LEFT" style="border: 1px solid #000001;">Preserves permissions and ownership information, respectively.</td>
</tr>
<tr class="alt">
<td align="LEFT" height="24" style="border: 1px solid #000001;"><span style="font-family: Courier New;"> &ndash;verbose</span></td>
<td align="LEFT" style="border: 1px solid #000001;"><span style="font-family: Courier New;"> v</span></td>
<td align="LEFT" style="border: 1px solid #000001;">Lists all files as they are read or extracted; if combined with &ndash;list, it also displays file sizes, ownership, and timestamps</td>
</tr>
<tr>
<td align="LEFT" height="24" style="border: 1px solid #000001;"><span style="font-family: Courier New;">&mdash;</span>exclude file</td>
<td align="LEFT" style="border: 1px solid #000001;"><span style="font-family: Courier New;"> &mdash;</span></td>
<td align="LEFT" style="border: 1px solid #000001;">Excludes file from the archive. In this case, file can be an actual file or a pattern.</td>
</tr>
<tr class="alt">
<td align="LEFT" height="24" style="border: 1px solid #000001;"><span style="font-family: Courier New;">&mdash;</span>gzip or <span style="font-family: Courier New;">&mdash;</span>gunzip</td>
<td align="LEFT" style="border: 1px solid #000001;"><span style="font-family: Courier New;"> z</span></td>
<td align="LEFT" style="border: 1px solid #000001;">Compresses an archive through gzip</td>
</tr>
<tr>
<td align="LEFT" height="24" style="border: 1px solid #000001;"><span style="font-family: Courier New;"> &ndash;bzip2</span></td>
<td align="LEFT" style="border: 1px solid #000001;"><span style="font-family: Courier New;"> j</span></td>
<td align="LEFT" height="24" style="border: 1px solid #000001;">Compresses an archive through bzip2</td>
</tr>
<tr class="alt">
<td align="LEFT" height="24" style="border: 1px solid #000001;"><span style="font-family: Courier New;"> &ndash;xz</span></td>
<td align="LEFT" style="border: 1px solid #000001;"><span style="font-family: Courier New;"> J</span></td>
<td align="LEFT" style="border: 1px solid #000001;">Compresses an archive through xz</td>
</tr>
</tbody>
</table>
#### Example 5: Creating a tarball and then compressing it using the three compression utilities ####
You may want to compare the effectiveness of each tool before deciding to use one or another. Note that while compressing small files, or a few files, the results may not show much differences, but may give you a glimpse of what they have to offer.
# tar cf ApacheLogs-$(date +%Y%m%d).tar /var/log/httpd/* # Create an ordinary tarball
# tar czf ApacheLogs-$(date +%Y%m%d).tar.gz /var/log/httpd/* # Create a tarball and compress with gzip
# tar cjf ApacheLogs-$(date +%Y%m%d).tar.bz2 /var/log/httpd/* # Create a tarball and compress with bzip2
# tar cJf ApacheLogs-$(date +%Y%m%d).tar.xz /var/log/httpd/* # Create a tarball and compress with xz
![Linux tar command examples](http://www.tecmint.com/wp-content/uploads/2015/03/tar-command-examples.png)
tar command examples
#### Example 6: Preserving original permissions and ownership while archiving and when ####
If you are creating backups from users home directories, you will want to store the individual files with the original permissions and ownership instead of changing them to that of the user account or daemon performing the backup. The following example preserves these attributes while taking the backup of the contents in the `/var/log/httpd` directory:
# tar cJf ApacheLogs-$(date +%Y%m%d).tar.xz /var/log/httpd/* --same-permissions --same-owner
### Create Hard and Soft Links ###
In Linux, there are two types of links to files: hard links and soft (aka symbolic) links. Since a hard link represents another name for an existing file and is identified by the same inode, it then points to the actual data, as opposed to symbolic links, which point to filenames instead.
In addition, hard links do not occupy space on disk, while symbolic links do take a small amount of space to store the text of the link itself. The downside of hard links is that they can only be used to reference files within the filesystem where they are located because inodes are unique inside a filesystem. Symbolic links save the day, in that they point to another file or directory by name rather than by inode, and therefore can cross filesystem boundaries.
The basic syntax to create links is similar in both cases:
# ln TARGET LINK_NAME # Hard link named LINK_NAME to file named TARGET
# ln -s TARGET LINK_NAME # Soft link named LINK_NAME to file named TARGET
#### Example 7: Creating hard and soft links ####
There is no better way to visualize the relation between a file and a hard or symbolic link that point to it, than to create those links. In the following screenshot you will see that the file and the hard link that points to it share the same inode and both are identified by the same disk usage of 466 bytes.
On the other hand, creating a hard link results in an extra disk usage of 5 bytes. Not that youre going to run out of storage capacity, but this example is enough to illustrate the difference between a hard link and a soft link.
![Difference between a hard link and a soft link](http://www.tecmint.com/wp-content/uploads/2015/03/hard-soft-link.png)
Difference between a hard link and a soft link
A typical usage of symbolic links is to reference a versioned file in a Linux system. Suppose there are several programs that need access to file fooX.Y, which is subject to frequent version updates (think of a library, for example). Instead of updating every single reference to fooX.Y every time theres a version update, it is wiser, safer, and faster, to have programs look to a symbolic link named just foo, which in turn points to the actual fooX.Y.
Thus, when X and Y change, you only need to edit the symbolic link foo with a new destination name instead of tracking every usage of the destination file and updating it.
### Summary ###
In this article we have reviewed some essential file and directory management skills that must be a part of every system administrators tool-set. Make sure to review other parts of this series as well in order to integrate these topics with the content covered in this tutorial.
Feel free to let us know if you have any questions or comments. We are always more than glad to hear from our readers.
--------------------------------------------------------------------------------
via: http://www.tecmint.com/file-and-directory-management-in-linux/
作者:[Gabriel Cánepa][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:http://www.tecmint.com/author/gacanepa/
[1]:http://www.tecmint.com/8-pratical-examples-of-linux-touch-command/
[2]:http://www.tecmint.com/13-basic-cat-command-examples-in-linux/
[3]:http://www.tecmint.com/18-tar-command-examples-in-linux/

3
sources/tech/RHCSA Series/RHCSA Series--Part 03--How to Manage Users and Groups in RHEL 7.md
View File

@ -1,3 +1,4 @@
[translated by xiqingongzi]
RHCSA Series: How to Manage Users and Groups in RHEL 7 Part 3
================================================================================
Managing a RHEL 7 server, as it is the case with any other Linux server, will require that you know how to add, edit, suspend, or delete user accounts, and grant users the necessary permissions to files, directories, and other system resources to perform their assigned tasks.
@ -245,4 +246,4 @@ via: http://www.tecmint.com/rhcsa-exam-manage-users-and-groups/
[2]:http://www.tecmint.com/usermod-command-examples/
[3]:http://www.tecmint.com/ls-interview-questions/
[4]:http://www.tecmint.com/file-and-directory-management-in-linux/
[5]:http://www.tecmint.com/rhcsa-exam-reviewing-essential-commands-system-documentation/
[5]:http://www.tecmint.com/rhcsa-exam-reviewing-essential-commands-system-documentation/

254
sources/tech/RHCSA Series/RHCSA Series--Part 04--Editing Text Files with Nano and Vim or Analyzing text with grep and regexps.md
View File

@ -1,254 +0,0 @@
RHCSA Series: Editing Text Files with Nano and Vim / Analyzing text with grep and regexps Part 4
================================================================================
Every system administrator has to deal with text files as part of his daily responsibilities. That includes editing existing files (most likely configuration files), or creating new ones. It has been said that if you want to start a holy war in the Linux world, you can ask sysadmins what their favorite text editor is and why. We are not going to do that in this article, but will present a few tips that will be helpful to use two of the most widely used text editors in RHEL 7: nano (due to its simplicity and easiness of use, specially to new users), and vi/m (due to its several features that convert it into more than a simple editor). I am sure that you can find many more reasons to use one or the other, or perhaps some other editor such as emacs or pico. Its entirely up to you.
![Learn Nano and vi Editors](http://www.tecmint.com/wp-content/uploads/2015/03/Learn-Nano-and-vi-Editors.png)
RHCSA: Editing Text Files with Nano and Vim Part 4
### Editing Files with Nano Editor ###
To launch nano, you can either just type nano at the command prompt, optionally followed by a filename (in this case, if the file exists, it will be opened in edition mode). If the file does not exist, or if we omit the filename, nano will also be opened in edition mode but will present a blank screen for us to start typing:
![Nano Editor](http://www.tecmint.com/wp-content/uploads/2015/03/Nano-Editor.png)
Nano Editor
As you can see in the previous image, nano displays at the bottom of the screen several functions that are available via the indicated shortcuts (^, aka caret, indicates the Ctrl key). To name a few of them:
- Ctrl + G: brings up the help menu with a complete list of functions and descriptions:Ctrl + X: exits the current file. If changes have not been saved, they are discarded.
- Ctrl + R: lets you choose a file to insert its contents into the present file by specifying a full path.
![Nano Editor Help Menu](http://www.tecmint.com/wp-content/uploads/2015/03/Nano-Help.png)
Nano Editor Help Menu
- Ctrl + O: saves changes made to a file. It will let you save the file with the same name or a different one. Then press Enter to confirm.
![Nano Editor Save Changes Mode](http://www.tecmint.com/wp-content/uploads/2015/03/Nano-Save-Changes.png)
Nano Editor Save Changes Mode
- Ctrl + X: exits the current file. If changes have not been saved, they are discarded.
- Ctrl + R: lets you choose a file to insert its contents into the present file by specifying a full path.
![Nano: Insert File Content to Parent File](http://www.tecmint.com/wp-content/uploads/2015/03/Insert-File-Content.png)
Nano: Insert File Content to Parent File
will insert the contents of /etc/passwd into the current file.
- Ctrl + K: cuts the current line.
- Ctrl + U: paste.
- Ctrl + C: cancels the current operation and places you at the previous screen.
To easily navigate the opened file, nano provides the following features:
- Ctrl + F and Ctrl + B move the cursor forward or backward, whereas Ctrl + P and Ctrl + N move it up or down one line at a time, respectively, just like the arrow keys.
- Ctrl + space and Alt + space move the cursor forward and backward one word at a time.
Finally,
- Ctrl + _ (underscore) and then entering X,Y will take you precisely to Line X, column Y, if you want to place the cursor at a specific place in the document.
![Navigate to Line Numbers in Nano](http://www.tecmint.com/wp-content/uploads/2015/03/Column-Numbers.png)
Navigate to Line Numbers in Nano
The example above will take you to line 15, column 14 in the current document.
If you can recall your early Linux days, specially if you came from Windows, you will probably agree that starting off with nano is the best way to go for a new user.
### Editing Files with Vim Editor ###
Vim is an improved version of vi, a famous text editor in Linux that is available on all POSIX-compliant *nix systems, such as RHEL 7. If you have the chance and can install vim, go ahead; if not, most (if not all) the tips given in this article should also work.
One of vims distinguishing features is the different modes in which it operates:
- Command mode will allow you to browse through the file and enter commands, which are brief and case-sensitive combinations of one or more letters. If you need to repeat one of them a certain number of times, you can prefix it with a number (there are only a few exceptions to this rule). For example, yy (or Y, short for yank) copies the entire current line, whereas 4yy (or 4Y) copies the entire current line along with the next three lines (4 lines in total).
- In ex mode, you can manipulate files (including saving a current file and running outside programs or commands). To enter ex mode, we must type a colon (:) starting from command mode (or in other words, Esc + :), directly followed by the name of the ex-mode command that you want to use.
- In insert mode, which is accessed by typing the letter i, we simply enter text. Most keystrokes result in text appearing on the screen.
- We can always enter command mode (regardless of the mode were working on) by pressing the Esc key.
Lets see how we can perform the same operations that we outlined for nano in the previous section, but now with vim. Dont forget to hit the Enter key to confirm the vim command!
To access vims full manual from the command line, type :help while in command mode and then press Enter:
![vim Edito Help Menu](http://www.tecmint.com/wp-content/uploads/2015/03/vim-Help-Menu.png)
vim Edito Help Menu
The upper section presents an index list of contents, with defined sections dedicated to specific topics about vim. To navigate to a section, place the cursor over it and press Ctrl + ] (closing square bracket). Note that the bottom section displays the current file.
1. To save changes made to a file, run any of the following commands from command mode and it will do the trick:
:wq!
:x!
ZZ (yes, double Z without the colon at the beginning)
2. To exit discarding changes, use :q!. This command will also allow you to exit the help menu described above, and return to the current file in command mode.
3. Cut N number of lines: type Ndd while in command mode.
4. Copy M number of lines: type Myy while in command mode.
5. Paste lines that were previously cutted or copied: press the P key while in command mode.
6. To insert the contents of another file into the current one:
:r filename
For example, to insert the contents of `/etc/fstab`, do:
![Insert Content of File in vi Editor](http://www.tecmint.com/wp-content/uploads/2015/03/Insert-Content-vi-Editor.png)
Insert Content of File in vi Editor
7. To insert the output of a command into the current document:
:r! command
For example, to insert the date and time in the line below the current position of the cursor:
![Insert Time an Date in vi Editor](http://www.tecmint.com/wp-content/uploads/2015/03/Insert-Time-and-Date-in-vi-Editor.png)
Insert Time an Date in vi Editor
In another article that I wrote for, ([Part 2 of the LFCS series][1]), I explained in greater detail the keyboard shortcuts and functions available in vim. You may want to refer to that tutorial for further examples on how to use this powerful text editor.
### Analyzing Text with Grep and Regular Expressions ###
By now you have learned how to create and edit files using nano or vim. Say you become a text editor ninja, so to speak now what? Among other things, you will also need how to search for regular expressions inside text.
A regular expression (also known as “regex” or “regexp“) is a way of identifying a text string or pattern so that a program can compare the pattern against arbitrary text strings. Although the use of regular expressions along with grep would deserve an entire article on its own, let us review the basics here:
**1. The simplest regular expression is an alphanumeric string (i.e., the word “svm”) or two (when two are present, you can use the | (OR) operator):**
# grep -Ei 'svm|vmx' /proc/cpuinfo
The presence of either of those two strings indicate that your processor supports virtualization:
![Regular Expression Example](http://www.tecmint.com/wp-content/uploads/2015/03/Regular-Expression-Example.png)
Regular Expression Example
**2. A second kind of a regular expression is a range list, enclosed between square brackets.**
For example, `c[aeiou]t` matches the strings cat, cet, cit, cot, and cut, whereas `[a-z]` and `[0-9]` match any lowercase letter or decimal digit, respectively. If you want to repeat the regular expression X certain number of times, type `{X}` immediately following the regexp.
For example, lets extract the UUIDs of storage devices from `/etc/fstab`:
# grep -Ei '[0-9a-f]{8}-([0-9a-f]{4}-){3}[0-9a-f]{12}' -o /etc/fstab
![Extract String from a File in Linux](http://www.tecmint.com/wp-content/uploads/2015/03/Extract-String-from-a-File.png)
Extract String from a File
The first expression in brackets `[0-9a-f]` is used to denote lowercase hexadecimal characters, and `{8}` is a quantifier that indicates the number of times that the preceding match should be repeated (the first sequence of characters in an UUID is a 8-character long hexadecimal string).
The parentheses, the `{4}` quantifier, and the hyphen indicate that the next sequence is a 4-character long hexadecimal string, and the quantifier that follows `({3})` denote that the expression should be repeated 3 times.
Finally, the last sequence of 12-character long hexadecimal string in the UUID is retrieved with `[0-9a-f]{12}`, and the -o option prints only the matched (non-empty) parts of the matching line in /etc/fstab.
**3. POSIX character classes.**
注:表格
<table cellspacing="0" border="0">
<colgroup width="201"></colgroup>
<colgroup width="440"></colgroup>
<tbody>
<tr>
<td align="center" height="25" bgcolor="#999999" style="border: 1px solid #000000;"><b>Character Class</b></td>
<td align="center" bgcolor="#999999" style="border: 1px solid #000000;"><b>Matches…</b></td>
</tr>
<tr class="alt">
<td align="left" height="21" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;[[:alnum:]]</td>
<td align="left" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;Any alphanumeric [a-zA-Z0-9] character</td>
</tr>
<tr>
<td align="left" height="21" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;[[:alpha:]]</td>
<td align="left" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;Any alphabetic [a-zA-Z] character</td>
</tr>
<tr class="alt">
<td align="left" height="21" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;[[:blank:]]</td>
<td align="left" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;Spaces or tabs</td>
</tr>
<tr>
<td align="left" height="21" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;[[:cntrl:]]</td>
<td align="left" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;Any control characters (ASCII 0 to 32)</td>
</tr>
<tr class="alt">
<td align="left" height="21" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;[[:digit:]]</td>
<td align="left" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;Any numeric digits [0-9]</td>
</tr>
<tr>
<td align="left" height="21" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;[[:graph:]]</td>
<td align="left" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;Any visible characters</td>
</tr>
<tr class="alt">
<td align="left" height="21" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;[[:lower:]]</td>
<td align="left" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;Any lowercase [a-z] character</td>
</tr>
<tr>
<td align="left" height="21" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;[[:print:]]</td>
<td align="left" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;Any non-control characters</td>
</tr>
<tr class="alt">
<td align="left" height="21" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;[[:space:]]</td>
<td align="left" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;Any whitespace</td>
</tr>
<tr>
<td align="left" height="21" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;[[:punct:]]</td>
<td align="left" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;Any punctuation marks</td>
</tr>
<tr class="alt">
<td align="left" height="21" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;[[:upper:]]</td>
<td align="left" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;Any uppercase [A-Z] character</td>
</tr>
<tr>
<td align="left" height="21" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;[[:xdigit:]]</td>
<td align="left" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;Any hex digits [0-9a-fA-F]</td>
</tr>
<tr class="alt">
<td align="left" height="21" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;[:word:]</td>
<td align="left" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;Any letters, numbers, and underscores [a-zA-Z0-9_]</td>
</tr>
</tbody>
</table>
For example, we may be interested in finding out what the used UIDs and GIDs (refer to [Part 2][2] of this series to refresh your memory) are for real users that have been added to our system. Thus, we will search for sequences of 4 digits in /etc/passwd:
# grep -Ei [[:digit:]]{4} /etc/passwd
![Search For a String in File](http://www.tecmint.com/wp-content/uploads/2015/03/Search-For-String-in-File.png)
Search For a String in File
The above example may not be the best case of use of regular expressions in the real world, but it clearly illustrates how to use POSIX character classes to analyze text along with grep.
### Conclusion ###
In this article we have provided some tips to make the most of nano and vim, two text editors for the command-line users. Both tools are supported by extensive documentation, which you can consult in their respective official web sites (links given below) and using the suggestions given in [Part 1][3] of this series.
#### Reference Links ####
- [http://www.nano-editor.org/][4]
- [http://www.vim.org/][5]
--------------------------------------------------------------------------------
via: http://www.tecmint.com/rhcsa-exam-how-to-use-nano-vi-editors/
作者:[Gabriel Cánepa][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:http://www.tecmint.com/author/gacanepa/
[1]:http://www.tecmint.com/vi-editor-usage/
[2]:http://www.tecmint.com/file-and-directory-management-in-linux/
[3]:http://www.tecmint.com/rhcsa-exam-reviewing-essential-commands-system-documentation/
[4]:http://www.nano-editor.org/
[5]:http://www.vim.org/

148
translated/tech/20150209 Install OpenQRM Cloud Computing Platform In Debian.md Normal file
View File

@ -0,0 +1,148 @@
在 Debian 中安装 OpenQRM 云计算平台
================================================================================
### 简介 ###
**openQRM**是一个基于 Web 的开源云计算和数据中心管理平台,可灵活地与企业数据中心的现存组件集成。
它支持下列虚拟技术:
- KVM,
- XEN,
- Citrix XenServer,
- VMWare ESX,
- LXC,
- OpenVZ.
openQRM 中的杂交云连接器通过 **Amazon AWS**, **Eucalyptus****OpenStack** 来支持一系列的私有或公有云提供商,以此来按需扩展你的基础设施。它也自动地进行资源调配、 虚拟化、 存储和配置管理,且关注高可用性。集成计费系统的自助服务云门户可使终端用户按需请求新的服务器和应用堆栈。
openQRM 有两种不同风格的版本可获取:
- 企业版
- 社区版
你可以在[这里][1] 查看这两个版本间的区别。
### 特点 ###
- 私有/杂交的云计算平台;
- 可管理物理或虚拟的服务器系统;
- 可与所有主流的开源或商业的存储技术集成;
- 跨平台: Linux, Windows, OpenSolaris, and BSD;
- 支持 KVM, XEN, Citrix XenServer, VMWare ESX(i), lxc, OpenVZ 和 VirtualBox;
- 支持使用额外的 Amazon AWS, Eucalyptus, Ubuntu UEC 等云资源来进行杂交云设置;
- 支持 P2V, P2P, V2P, V2V 迁移和高可用性;
- 集成最好的开源管理工具 如 puppet, nagios/Icinga 或 collectd;
- 有超过 50 个插件来支持扩展功能并与你的基础设施集成;
- 针对终端用户的自助门户;
- 集成计费系统.
### 安装 ###
在这里我们将在 in Debian 7.5 上安装 openQRM。你的服务器必须至少满足以下要求
- 1 GB RAM;
- 100 GB Hdd(硬盘驱动器);
- 可选: Bios 支持虚拟化(Intel CPUs 的 VT 或 AMD CPUs AMD-V).
首先,安装 `make` 软件包来编译 openQRM 源码包:
sudo apt-get update
sudo apt-get upgrade
sudo apt-get install make
然后,逐次运行下面的命令来安装 openQRM。
从[这里][2] 下载最新的可用版本:
wget http://sourceforge.net/projects/openqrm/files/openQRM-Community-5.1/openqrm-community-5.1.tgz
tar -xvzf openqrm-community-5.1.tgz
cd openqrm-community-5.1/src/
sudo make
sudo make install
sudo make start
安装期间,你将被询问去更新文件 `php.ini`
![~-openqrm-community-5.1-src_001](http://180016988.r.cdn77.net/wp-content/uploads/2015/02/sk@server-openqrm-community-5.1-src_001.png)
输入 mysql root 用户密码。
![~-openqrm-community-5.1-src_002](http://180016988.r.cdn77.net/wp-content/uploads/2015/02/sk@server-openqrm-community-5.1-src_002.png)
再次输入密码:
![~-openqrm-community-5.1-src_003](http://180016988.r.cdn77.net/wp-content/uploads/2015/02/sk@server-openqrm-community-5.1-src_003.png)
选择邮件服务器配置类型。
![~-openqrm-community-5.1-src_004](http://180016988.r.cdn77.net/wp-content/uploads/2015/02/sk@server-openqrm-community-5.1-src_004.png)
假如你不确定该如何选择,可选择 `Local only`。在我们的这个示例中,我选择了 **Local only** 选项。
![~-openqrm-community-5.1-src_005](http://180016988.r.cdn77.net/wp-content/uploads/2015/02/sk@server-openqrm-community-5.1-src_005.png)
输入你的系统邮件名称,并最后输入 Nagios 管理员密码。
![~-openqrm-community-5.1-src_007](http://180016988.r.cdn77.net/wp-content/uploads/2015/02/sk@server-openqrm-community-5.1-src_007.png)
根据你的网络连接状态,上面的命令可能将花费很长的时间来下载所有运行 openQRM 所需的软件包,请耐心等待。
最后你将得到 openQRM 配置 URL 地址以及相关的用户名和密码。
![~_002](http://180016988.r.cdn77.net/wp-content/uploads/2015/02/sk@debian-_002.png)
### 配置 ###
在安装完 openQRM 后,打开你的 Web 浏览器并转到 URL: **http://ip-address/openqrm**
例如,在我的示例中为 http://192.168.1.100/openqrm 。
默认的用户名和密码是: **openqrm/openqrm**
![Mozilla Firefox_003](http://180016988.r.cdn77.net/wp-content/uploads/2015/02/Mozilla-Firefox_003.png)
选择一个网卡来给 openQRM 管理网络使用。
![openQRM Server - Mozilla Firefox_004](http://180016988.r.cdn77.net/wp-content/uploads/2015/02/openQRM-Server-Mozilla-Firefox_004.png)
选择一个数据库类型,在我们的示例中,我选择了 mysql。
![openQRM Server - Mozilla Firefox_006](http://180016988.r.cdn77.net/wp-content/uploads/2015/02/openQRM-Server-Mozilla-Firefox_006.png)
现在,配置数据库连接并初始化 openQRM 在这里,我使用 **openQRM** 作为数据库名称, **root** 作为用户的身份,并将 debian 作为数据库的密码。 请小心,你应该输入先前在安装 openQRM 时创建的 mysql root 用户密码。
![openQRM Server - Mozilla Firefox_012](http://180016988.r.cdn77.net/wp-content/uploads/2015/02/openQRM-Server-Mozilla-Firefox_012.png)
祝贺你!! openQRM 已经安装并配置好了。
![openQRM Server - Mozilla Firefox_013](http://180016988.r.cdn77.net/wp-content/uploads/2015/02/openQRM-Server-Mozilla-Firefox_013.png)
### 更新 openQRM ###
在任何时候可以使用下面的命令来更新 openQRM
cd openqrm/src/
make update
到现在为止,我们做的只是在我们的 Ubuntu 服务器中安装和配置 openQRM 至于 创建、运行虚拟,管理存储,额外的系统集成和运行你自己的私有云等内容,我建议你阅读 [openQRM 管理员指南][3]。
就是这些了,欢呼吧!周末快乐!
--------------------------------------------------------------------------------
via: http://www.unixmen.com/install-openqrm-cloud-computing-platform-debian/
作者:[SK][a]
译者:[FSSlc](https://github.com/FSSlc)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
[a]:http://www.unixmen.com/author/sk/
[1]:http://www.openqrm-enterprise.com/products/edition-comparison.html
[2]:http://sourceforge.net/projects/openqrm/files/?source=navbar
[3]:http://www.openqrm-enterprise.com/fileadmin/Documents/Whitepaper/openQRM-Enterprise-Administrator-Guide-5.2.pdf

183
translated/tech/20150518 How to set up a Replica Set on MongoDB.md Normal file
View File

@ -0,0 +1,183 @@
如何配置MongoDB副本集Replica Set
================================================================================
MongoDB已经成为市面上最知名的NoSQL数据库。MongoDB是面向文档的它的无模式设计使得它在各种各样的WEB应用当中广受欢迎。最让我喜欢的特性之一是它的副本集副本集将同一数据的多份拷贝放在一组mongod节点上从而实现数据的冗余以及高可用性。
这篇教程将向你介绍如何配置一个MongoDB副本集。
副本集的最常见配置涉及到一个主节点以及多个副节点。这之后启动的复制行为会从这个主节点到其他副节点。副本集不止可以针对意外的硬件故障和停机事件对数据库提供保护,同时也因为提供了更多的结点从而提高了数据库客户端数据读取的吞吐量。
### 配置环境 ###
这个教程里,我们会配置一个包括一个主节点以及两个副节点的副本集。
![](https://farm8.staticflickr.com/7667/17801038505_529a5224a1.jpg)
为了达到这个目的我们使用了3个运行在VirtualBox上的虚拟机。我会在这些虚拟机上安装Ubuntu 14.04并且安装MongoDB官方包。
我会在一个虚拟机实例上配置好需要的环境然后将它克隆到其他的虚拟机实例上。因此选择一个名为master的虚拟机执行以下安装过程。
首先我们需要在apt中增加一个MongoDB密钥
$ sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 7F0CEB10
然后将官方的MongoDB仓库添加到source.list中
$ sudo su
# echo "deb http://repo.mongodb.org/apt/ubuntu "$(lsb_release -sc)"/mongodb-org/3.0 multiverse" | sudo tee /etc/apt/sources.list.d/mongodb-org-3.0.list
接下来更新apt仓库并且安装MongoDB。
$ sudo apt-get update
$ sudo apt-get install -y mongodb-org
现在对/etc/mongodb.conf做一些更改
auth = true
dbpath=/var/lib/mongodb
logpath=/var/log/mongodb/mongod.log
logappend=true
keyFile=/var/lib/mongodb/keyFile
replSet=myReplica
第一行的作用是确认我们的数据库需要验证才可以使用的。keyfile用来配置用于MongoDB结点间复制行为的密钥文件。replSet用来为副本集设置一个名称。
接下来我们创建一个用于所有实例的密钥文件。
$ echo -n "MyRandomStringForReplicaSet" | md5sum > keyFile
这将会创建一个含有MD5字符串的密钥文件但是由于其中包含了一些噪音我们需要对他们清理后才能正式在MongoDB中使用。
$ echo -n "MyReplicaSetKey" | md5sum|grep -o "[0-9a-z]\+" > keyFile
grep命令的作用的是把将空格等我们不想要的内容过滤掉之后的MD5字符串打印出来。
现在我们对密钥文件进行一些操作,让它真正可用。
$ sudo cp keyFile /var/lib/mongodb
$ sudo chown mongodb:nogroup keyFile
$ sudo chmod 400 keyFile
接下来关闭此虚拟机。将其Ubuntu系统克隆到其他虚拟机上。
![](https://farm9.staticflickr.com/8729/17800903865_9876a9cc9c.jpg)
这是克隆后的副节点1和副节点2。确认你已经将它们的MAC地址重新初始化并且克隆整个硬盘。
![](https://farm6.staticflickr.com/5333/17613392900_6de45c9450.jpg)
请注意,三个虚拟机示例需要在同一个网络中以便相互通讯。因此,我们需要它们弄到“互联网"上去。
这里推荐给每个虚拟机设置一个静态IP地址而不是使用DHCP。这样它们就不至于在DHCP分配IP地址给他们的时候失去连接。
像下面这样编辑每个虚拟机的/etc/networks/interfaces文件。
在主结点上:
auto eth1
iface eth1 inet static
address 192.168.50.2
netmask 255.255.255.0
在副结点1上:
auto eth1
iface eth1 inet static
address 192.168.50.3
netmask 255.255.255.0
在副结点2上:
auto eth1
iface eth1 inet static
address 192.168.50.4
netmask 255.255.255.0
由于我们没有DNS服务所以需要设置设置一下/etc/hosts这个文件手工将主机名称放到次文件中。
在主结点上:
127.0.0.1 localhost primary
192.168.50.2 primary
192.168.50.3 secondary1
192.168.50.4 secondary2
在副结点1上:
127.0.0.1 localhost secondary1
192.168.50.2 primary
192.168.50.3 secondary1
192.168.50.4 secondary2
在副结点2上:
127.0.0.1 localhost secondary2
192.168.50.2 primary
192.168.50.3 secondary1
192.168.50.4 secondary2
使用ping命令检查各个结点之间的连接。
$ ping primary
$ ping secondary1
$ ping secondary2
### 配置副本集 ###
验证各个结点可以正常连通后,我们就可以新建一个管理员用户,用于之后的副本集操作。
在主节点上,打开/etc/mongodb.conf文件将auth和replSet两项注释掉。
dbpath=/var/lib/mongodb
logpath=/var/log/mongodb/mongod.log
logappend=true
#auth = true
keyFile=/var/lib/mongodb/keyFile
#replSet=myReplica
重启mongod进程。
$ sudo service mongod restart
连接MongoDB后新建管理员用户。
> use admin
> db.createUser({
user:"admin",
pwd:"
})
$ sudo service mongod restart
连接到MongoDB用以下命令将secondary1和secondary2节点添加到我们的副本集中。
> use admin
> db.auth("admin","myreallyhardpassword")
> rs.initiate()
> rs.add ("secondary1:27017")
> rs.add("secondary2:27017")
现在副本集到手了,可以开始我们的项目了。参照 [official driver documentation][1] 来了解如何连接到副本集。如果你想要用Shell来请求数据那么你需要连接到主节点上来插入或者请求数据副节点不行。如果你执意要尝试用附件点操作那么以下错误信息就蹦出来招呼你了。
myReplica:SECONDARY>
myReplica:SECONDARY> show databases
2015-05-10T03:09:24.131+0000 E QUERY Error: listDatabases failed:{ "note" : "from execCommand", "ok" : 0, "errmsg" : "not master" }
at Error ()
at Mongo.getDBs (src/mongo/shell/mongo.js:47:15)
at shellHelper.show (src/mongo/shell/utils.js:630:33)
at shellHelper (src/mongo/shell/utils.js:524:36)
at (shellhelp2):1:1 at src/mongo/shell/mongo.js:47
希望这篇教程能对你有所帮助。你可以使用Vagrant来自动完成你的本地环境配置并且加速你的代码。
--------------------------------------------------------------------------------
via: http://xmodulo.com/setup-replica-set-mongodb.html
作者:[Christopher Valerio][a]
译者:[mr-ping](https://github.com/mr-ping)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:http://xmodulo.com/author/valerio
[1]:http://docs.mongodb.org/ecosystem/drivers/

237
translated/tech/20150717 How to collect NGINX metrics - Part 2.md
View File

@ -1,237 +0,0 @@
如何收集NGINX指标 - 第2部分
================================================================================
![](http://www.datadoghq.com/wp-content/uploads/2015/07/NGINX_hero_2.png)
### 如何获取你所需要的NGINX指标 ###
如何获取需要的指标取决于你正在使用的 NGINX 版本。(参见 [the companion article][1] 将深入探索NGINX指标。免费开源版的 NGINX 和商业版的 NGINX 都有指标度量的状态模块NGINX 也可以在其日志中配置指标模块:
注:表格
<table>
<colgroup>
<col style="text-align: left;">
<col style="text-align: center;">
<col style="text-align: center;">
<col style="text-align: center;"> </colgroup>
<thead>
<tr>
<th rowspan="2" style="text-align: left;">Metric</th>
<th colspan="3" style="text-align: center;">Availability</th>
</tr>
<tr>
<th style="text-align: center;"><a href="https://www.datadoghq.com/blog/how-to-collect-nginx-metrics/#open-source">NGINX (open-source)</a></th>
<th style="text-align: center;"><a href="https://www.datadoghq.com/blog/how-to-collect-nginx-metrics/#plus">NGINX Plus</a></th>
<th style="text-align: center;"><a href="https://www.datadoghq.com/blog/how-to-collect-nginx-metrics/#logs">NGINX logs</a></th>
</tr>
</thead>
<tbody>
<tr>
<td style="text-align: left;">accepts / accepted</td>
<td style="text-align: center;">x</td>
<td style="text-align: center;">x</td>
<td style="text-align: center;"></td>
</tr>
<tr>
<td style="text-align: left;">handled</td>
<td style="text-align: center;">x</td>
<td style="text-align: center;">x</td>
<td style="text-align: center;"></td>
</tr>
<tr>
<td style="text-align: left;">dropped</td>
<td style="text-align: center;">x</td>
<td style="text-align: center;">x</td>
<td style="text-align: center;"></td>
</tr>
<tr>
<td style="text-align: left;">active</td>
<td style="text-align: center;">x</td>
<td style="text-align: center;">x</td>
<td style="text-align: center;"></td>
</tr>
<tr>
<td style="text-align: left;">requests / total</td>
<td style="text-align: center;">x</td>
<td style="text-align: center;">x</td>
<td style="text-align: center;"></td>
</tr>
<tr>
<td style="text-align: left;">4xx codes</td>
<td style="text-align: center;"></td>
<td style="text-align: center;">x</td>
<td style="text-align: center;">x</td>
</tr>
<tr>
<td style="text-align: left;">5xx codes</td>
<td style="text-align: center;"></td>
<td style="text-align: center;">x</td>
<td style="text-align: center;">x</td>
</tr>
<tr>
<td style="text-align: left;">request time</td>
<td style="text-align: center;"></td>
<td style="text-align: center;"></td>
<td style="text-align: center;">x</td>
</tr>
</tbody>
</table>
#### 指标收集NGINX开源版 ####
开源版的 NGINX 会显示几个与服务器状态有关的指标在状态页面上,只要你启用了 HTTP [stub status module][2] 。要检查模块是否被加载,运行以下命令:
nginx -V 2>&1 | grep -o with-http_stub_status_module
如果你看到 http_stub_status_module 被输出在终端,说明状态模块已启用。
如果该命令没有输出,你需要启用状态模块。你可以使用 --with-http_stub_status_module 参数去配置 [building NGINX from source][3]:
./configure \
… \
--with-http_stub_status_module
make
sudo make install
验证模块已经启用或你自己启用它后,你还需要修改 NGINX 配置文件为状态页面设置本地访问的 URL例如/ nginx_status
server {
location /nginx_status {
stub_status on;
access_log off;
allow 127.0.0.1;
deny all;
}
}
nginx 配置中的 server 块通常并不在主配置文件中(例如,/etc/nginx/nginx.conf但主配置中会加载补充的配置文件。要找到主配置文件首先运行以下命令
nginx -t
打开主配置文件,在以 http 模块结尾的附近查找以 include 开头的行包,如:
include /etc/nginx/conf.d/*.conf;
在所包含的配置文件中,你应该会找到主服务器模块,你可以如上所示修改 NGINX 的指标报告。更改任何配置后,通过执行以下命令重新加载配置文件:
nginx -s reload
现在,你可以查看指标的状态页:
Active connections: 24
server accepts handled requests
1156958 1156958 4491319
Reading: 0 Writing: 18 Waiting : 6
请注意,如果你正试图从远程计算机访问状态页面,则需要将远程计算机的 IP 地址添加到你的状态配置文件的白名单中,在上面的配置文件中 127.0.0.1 仅在白名单中。
nginx 的状态页面是一中查看指标快速又简单的方法,但当连续监测时,你需要每隔一段时间自动记录该数据。然后通过监控工具箱 [Nagios][4] 或者 [Datadog][5],以及收集统计信息的服务 [collectD][6] 来分析已保存的 NGINX 状态信息。
#### 指标收集: NGINX Plus ####
商业版的 NGINX Plus 通过 ngx_http_status_module 提供的可用指标比开源版 NGINX 更多 [many more metrics][7] 。NGINX Plus 附加了更多的字节流指标以及负载均衡系统和高速缓存的信息。NGINX Plus 还报告所有的 HTTP 状态码类型1XX2XX3XX4XX5XX的计数。一个简单的 NGINX Plus 状态报告 [here][8]。
![NGINX Plus status board](https://d33tyra1llx9zy.cloudfront.net/blog/images/2015-06-nginx/status_plus-2.png)
*注: NGINX Plus 在状态仪表盘"Active”连接定义的收集指标的状态模块和开源 NGINX 的略有不同。在 NGINX Plus 指标中,活动连接不包括等待状态(又叫空闲连接)连接。*
NGINX Plus 也集成了其他监控系统的报告 [JSON格式指标][9] 。用 NGINX Plus 时,你可以看到 [负载均衡服务器组的][10]指标和健康状况,或着再向下能取得的仅是响应代码计数[从单个服务器][11]在负载均衡服务器中:
{"1xx":0,"2xx":3483032,"3xx":0,"4xx":23,"5xx":0,"total":3483055}
启动 NGINX Plus 指标仪表盘,你可以在 NGINX 配置文件的 http 块内添加状态 server 块。 ([参见上一页][12]查找相关的配置文件,收集开源 NGINX 版指标的说明。例如设立以下一个状态仪表盘在http//your.ip.address8080/status.html 和一个 JSON 接口 http//your.ip.address8080/status可以添加以下 server block 来设定:
server {
listen 8080;
root /usr/share/nginx/html;
location /status {
status;
}
location = /status.html {
}
}
一旦你重新加载 NGINX 配置,状态页就会被加载:
nginx -s reload
关于如何配置扩展状态模块,官方 NGINX Plus 文档有 [详细介绍][13] 。
#### 指标收集NGINX日志 ####
NGINX 的 [日志模块][14] 写到配置可以自定义访问日志到指定文件。你可以自定义日志的格式和时间通过 [添加或移除变量][15]。捕获日志的详细信息最简单的方法是添加下面一行在你配置文件的server 块中(参见[此节][16] 通过加载配置文件的信息来收集开源 NGINX 的指标):
access_log logs/host.access.log combined;
更改 NGINX 配置文件后,必须要重新加载配置文件:
nginx -s reload
“combined” 的日志格式,只包含默认参数,包括[一些关键数据][17],如实际的 HTTP 请求和相应的响应代码。在下面的示例日志中NGINX 记录了200成功状态码当请求 /index.html 时和404未找到错误不存在的请求文件 /fail。
127.0.0.1 - - [19/Feb/2015:12:10:46 -0500] "GET /index.html HTTP/1.1" 200 612 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.111 Safari 537.36"
127.0.0.1 - - [19/Feb/2015:12:11:05 -0500] "GET /fail HTTP/1.1" 404 570 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.111 Safari/537.36"
你可以记录请求处理的时间通过添加一个新的日志格式在 NGINX 配置文件中的 http 块:
log_format nginx '$remote_addr - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent $request_time '
'"$http_referer" "$http_user_agent"';
通过修改配置文件中 server 块的 access_log 行:
access_log logs/host.access.log nginx;
重新加载配置文件(运行 nginx -s reload你的访问日志将包括响应时间如下图所示。单位为秒毫秒。在这种情况下服务器接收 /big.pdf 的请求时发送33973115字节后返回206成功状态码。处理请求用时0.202秒202毫秒
127.0.0.1 - - [19/Feb/2015:15:50:36 -0500] "GET /big.pdf HTTP/1.1" 206 33973115 0.202 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.111 Safari/537.36"
你可以使用各种工具和服务来收集和分析 NGINX 日志。例如,[rsyslog][18] 可以监视你的日志,并将其传递给多个日志分析服务;你也可以使用免费的开源工具,如[logstash][19]来收集和分析日志;或者你可以使用一个统一日志记录层,如[Fluentd][20]来收集和分析你的 NGINX 日志。
### 结论 ###
监视 NGINX 的哪一项指标将取决于你提供的工具,以及是否由给定指标证明监控指标的开销。例如,通过收集和分析日志来定位问题是非常重要的在 NGINX Plus 或者 运行的系统中。
在 Datadog 中,我们已经集成了 NGINX 和 NGINX Plus这样你就可以以最小的设置来收集和监控所有 Web 服务器的指标。了解如何用 NGINX Datadog来监控 [在本文中][21],并开始使用 [免费的Datadog][22]。
----------
原文在这 [on GitHub][23]。问题,更正,补充等?请[让我们知道][24]。
--------------------------------------------------------------------------------
via: https://www.datadoghq.com/blog/how-to-collect-nginx-metrics/
作者K Young
译者:[strugglingyouth](https://github.com/strugglingyouth)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
[1]:https://www.datadoghq.com/blog/how-to-monitor-nginx/
[2]:http://nginx.org/en/docs/http/ngx_http_stub_status_module.html
[3]:http://wiki.nginx.org/InstallOptions
[4]:https://exchange.nagios.org/directory/Plugins/Web-Servers/nginx
[5]:http://docs.datadoghq.com/integrations/nginx/
[6]:https://collectd.org/wiki/index.php/Plugin:nginx
[7]:http://nginx.org/en/docs/http/ngx_http_status_module.html#data
[8]:http://demo.nginx.com/status.html
[9]:http://demo.nginx.com/status
[10]:http://demo.nginx.com/status/upstreams/demoupstreams
[11]:http://demo.nginx.com/status/upstreams/demoupstreams/0/responses
[12]:https://www.datadoghq.com/blog/how-to-collect-nginx-metrics/#open-source
[13]:http://nginx.org/en/docs/http/ngx_http_status_module.html#example
[14]:http://nginx.org/en/docs/http/ngx_http_log_module.html
[15]:http://nginx.org/en/docs/http/ngx_http_log_module.html#log_format
[16]:https://www.datadoghq.com/blog/how-to-collect-nginx-metrics/#open-source
[17]:http://nginx.org/en/docs/http/ngx_http_log_module.html#log_format
[18]:http://www.rsyslog.com/
[19]:https://www.elastic.co/products/logstash
[20]:http://www.fluentd.org/
[21]:https://www.datadoghq.com/blog/how-to-monitor-nginx-with-datadog/
[22]:https://www.datadoghq.com/blog/how-to-collect-nginx-metrics/#sign-up
[23]:https://github.com/DataDog/the-monitor/blob/master/nginx/how_to_collect_nginx_metrics.md
[24]:https://github.com/DataDog/the-monitor/issues

174
translated/tech/20150730 How to Setup iTOP (IT Operational Portal) on CentOS 7.md Normal file
View File

@ -0,0 +1,174 @@
如何在CentOS上安装iTOP(IT操作门户)
================================================================================
iTOP简单来说是一个简单的基于网络的开源IT服务管理工具。它有所有的ITIL功能包括服务台、配置管理、事件管理、问题管理、更改管理和服务管理。iTOP依赖于Apache/IIS、MySQL和PHP因此它可以运行在任何支持这些软件的操作系统中。因为iTOP是一个网络程序因此你不必在用户的PC端任何客户端程序。一个简单的浏览器就足够每天的IT环境操作了。
我们要在一台有满足基本需求的LAMP环境的CentOS 7上安装和配置iTOP。
### 下载 iTOP ###
iTOP的下载包现在在SOurceForge上我们可以从这获取它的官方[链接][1]。
![itop download](http://blog.linoxide.com/wp-content/uploads/2015/07/1-itop-download.png)
我们从这里的连接用wget命令获取压缩文件
[root@centos-007 ~]# wget http://downloads.sourceforge.net/project/itop/itop/2.1.0/iTop-2.1.0-2127.zip
### iTop扩展和网络安装 ###
使用unzip命令解压到apache根目录下的itop文件夹下。
[root@centos-7 ~]# ls
iTop-2.1.0-2127.zip
[root@centos-7 ~]# unzip iTop-2.1.0-2127.zip -d /var/www/html/itop/
列出安装包中的内容。
[root@centos-7 ~]# ls -lh /var/www/html/itop/
total 68K
-rw-r--r--. 1 root root 1.4K Dec 17 2014 INSTALL
-rw-r--r--. 1 root root 35K Dec 17 2014 LICENSE
-rw-r--r--. 1 root root 23K Dec 17 2014 README
drwxr-xr-x. 19 root root 4.0K Jul 14 13:10 web
这些是我们可以安装的扩展。
[root@centos-7 2.x]# ls
authent-external itop-backup itop-config-mgmt itop-problem-mgmt itop-service-mgmt-provider itop-welcome-itil
authent-ldap itop-bridge-virtualization-storage itop-datacenter-mgmt itop-profiles-itil itop-sla-computation version.xml
authent-local itop-change-mgmt itop-endusers-devices itop-request-mgmt itop-storage-mgmt wizard-icons
installation.xml itop-change-mgmt-itil itop-incident-mgmt-itil itop-request-mgmt-itil itop-tickets
itop-attachments itop-config itop-knownerror-mgmt itop-service-mgmt itop-virtualization-mgmt
在解压的目录下通过不同的数据模型用复制命令迁移需要的扩展从datamodels复制到web扩展目录下。
[root@centos-7 2.x]# pwd
/var/www/html/itop/web/datamodels/2.x
[root@centos-7 2.x]# cp -r itop-request-mgmt itop-service-mgmt itop-service-mgmt itop-config itop-change-mgmt /var/www/html/itop/web/extensions/
### 安装 iTop web界面 ###
大多数服务端设置和配置已经完成了。最后我们安装web界面来完成安装。
打开浏览器使用ip地址或者FQDN来访问WordPress web目录。
http://servers_ip_address/itop/web/
你会被重定向到iTOP的web安装页面。让我们按照要求配置就像在这篇教程中做的那样。
#### 先决要求验证 ####
这一步你就会看到验证完成的欢迎界面。如果你看到了一些警告信息,你需要先安装这些软件来解决这些问题。
![mcrypt missing](http://blog.linoxide.com/wp-content/uploads/2015/07/2-itop-web-install.png)
这一步一个叫php mcrypt的可选包丢失了。下载下面的rpm包接着尝试安装php mcrypt包。
[root@centos-7 ~]#yum localinstall php-mcrypt-5.3.3-1.el6.x86_64.rpm libmcrypt-2.5.8-9.el6.x86_64.rpm.
成功安装完php-mcrypt后我们需要重启apache服务接着刷新页面这时验证应该已经OK。
#### 安装或者升级 iTop ####
现在我们要在没有安装iTOP的服务器上选择全新安装。
![Install New iTop](http://blog.linoxide.com/wp-content/uploads/2015/07/3.png)
#### iTop 许可协议 ####
勾选同意iTOP所有组件的许可协议并点击“NEXT”。
![License Agreement](http://blog.linoxide.com/wp-content/uploads/2015/07/4.png)
#### 数据库配置 ####
现在我们输入数据库凭据来配置数据库连接,接着选择如下选择创建新数据库。
![DB Connection](http://blog.linoxide.com/wp-content/uploads/2015/07/5.png)
#### 管理员账户 ####
这一步中我们会输入它的登录信息来配置管理员账户。
![Admin Account](http://blog.linoxide.com/wp-content/uploads/2015/07/6.png)
#### 杂项参数 ####
让我们选择额外的参数来选择你是否需要安装一个演示内容或者使用全新的数据库,接着下一步。
![Misc Parameters](http://blog.linoxide.com/wp-content/uploads/2015/07/7.png)
### iTop 配置管理 ###
下面的选项允许你配置在iTOP要管理的元素类型像CMDB、数据中心设备、存储设备和虚拟化这些东西在iTOP中是必须的。
![Conf Management](http://blog.linoxide.com/wp-content/uploads/2015/07/8.png)
#### 服务管理 ####
选择一个最能描述你的IT设备和环境之间的关系的选项。因此我们这里选择为服务提供商的服务管理。
![Service Management](http://blog.linoxide.com/wp-content/uploads/2015/07/9.png)
#### iTop Tickets 管理 ####
从不同的可用选项我们选择符合ITIL Tickets管理选项来管理不同类型的用户请求和事件。
![Ticket Management](http://blog.linoxide.com/wp-content/uploads/2015/07/10.png)
#### 改变管理选项 ####
选择不同的ticket类型以便管理可用选项中的IT设备更改。我们选择ITTL更改管理选项。
![ITIL Change](http://blog.linoxide.com/wp-content/uploads/2015/07/11.png)
#### iTop 扩展 ####
这一节我们选择额外的扩展来安装或者不选直接跳过。
![iTop Extensions](http://blog.linoxide.com/wp-content/uploads/2015/07/13.png)
### 准备开始web安装 ###
现在我们开始准备安装先前先前选择的组件。我们也可以下拉这些安装参数来浏览我们的配置。
确认安装参数后点击安装按钮。
![Installation Parameters](http://blog.linoxide.com/wp-content/uploads/2015/07/16.png)
让我们等待进度条来完成安装步骤。它也许会花费几分钟来完成安装步骤。
![iTop Installation Process](http://blog.linoxide.com/wp-content/uploads/2015/07/17.png)
### iTop安装完成 ###
我们的iTOP安装已经完成了只要如下一个简单的手动操作就可以进入到iTOP。
![iTop Done](http://blog.linoxide.com/wp-content/uploads/2015/07/18.png)
### 欢迎来到iTop (IT操作门户) ###
![itop welcome note](http://blog.linoxide.com/wp-content/uploads/2015/07/20.png)
### iTop 面板 ###
你这里可以配置任何东西服务、计算机、通讯录、位置、合同、网络设备等等。你可以创建你自己的。事实是刚安装的CMDB模块是每一个IT人员的必备模块。
![iTop Dashboard](http://blog.linoxide.com/wp-content/uploads/2015/07/19.png)
### 总结 ###
ITOP是一个最棒的开源桌面服务解决方案。我们已经在CentOS 7上成功地安装和配置了。因此iTOP最强大的一方面是它可以很简单地通过扩展来自定义。如果你在安装中遇到任何问题欢迎评论。
--------------------------------------------------------------------------------
via: http://linoxide.com/tools/setup-itop-centos-7/
作者:[Kashif Siddique][a]
译者:[geekpi](https://github.com/geekpi)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:http://linoxide.com/author/kashifs/
[1]:http://www.combodo.com/spip.php?page=rubrique&id_rubrique=8

90
translated/tech/20150803 Linux Logging Basics.md Normal file
View File

@ -0,0 +1,90 @@
Linux 日志基础
================================================================================
首先,我们将描述有关 Linux 日志是什么,到哪儿去找它们以及它们是如何创建的基础知识。如果你已经知道这些,请随意跳至下一节。
### Linux 系统日志 ###
许多有价值的日志文件都是由 Linux 自动地为你创建的。你可以在 `/var/log` 目录中找到它们。下面是在一个典型的 Ubuntu 系统中这个目录的样子:
![](http://www.loggly.com/ultimate-guide/wp-content/uploads/2015/05/Linux-system-log-terminal.png)
一些最为重要的 Linux 系统日志包括:
- `/var/log/syslog``/var/log/messages` 存储所有的全局系统活动数据,包括开机信息。基于 Debian 的系统如 Ubuntu 在 `/var/log/syslog` 目录中存储它们,而基于 RedHat 的系统如 RHEL 或 CentOS 则在 `/var/log/messages` 中存储它们。
- `/var/log/auth.log``/var/log/secure` 存储来自可插拔认证模块(PAM)的日志包括成功的登录失败的登录尝试和认证方式。Ubuntu 和 Debian 在 `/var/log/auth.log` 中存储认证信息,而 RedHat 和 CentOS 则在 `/var/log/secure` 中存储该信息。
- `/var/log/kern` 存储内核错误和警告数据,这对于排除与自定义内核相关的故障尤为实用。
- `/var/log/cron` 存储有关 cron 作业的信息。使用这个数据来确保你的 cron 作业正成功地运行着。
Digital Ocean 有一个完整的关于这些文件及 rsyslog 如何在常见的发行版本如 RedHat 和 CentOS 中创建它们的 [教程][1] 。
应用程序也会在这个目录中写入日志文件。例如像 ApacheNginxMySQL 等常见的服务器程序可以在这个目录中写入日志文件。其中一些日志文件由应用程序自己创建,其他的则通过 syslog (具体见下文)来创建。
### 什么是 Syslog ###
Linux 系统日志文件是如何创建的呢?答案是通过 syslog 守护程序,它在 syslog
套接字 `/dev/log` 上监听日志信息,然后将它们写入适当的日志文件中。
单词“syslog” 是一个重载的条目,并经常被用来简称如下的几个名称之一:
1. **Syslog 守护进程** — 一个用来接收,处理和发送 syslog 信息的程序。它可以[远程发送 syslog][2] 到一个集中式的服务器或写入一个本地文件。常见的例子包括 rsyslogd 和 syslog-ng。在这种使用方式中人们常说 "发送到 syslog."
1. **Syslog 协议** — 一个指定日志如何通过网络来传送的传输协议和一个针对 syslog 信息(具体见下文) 的数据格式的定义。它在 [RFC-5424][3] 中被正式定义。对于文本日志,标准的端口是 514对于加密日志端口是 6514。在这种使用方式中人们常说"通过 syslog 传送."
1. **Syslog 信息** — syslog 格式的日志信息或事件,它包括一个带有几个标准域的文件头。在这种使用方式中,人们常说"发送 syslog."
Syslog 信息或事件包括一个带有几个标准域的 header ,使得分析和路由更方便。它们包括时间戳,应用程序的名称,在系统中信息来源的分类或位置,以及事件的优先级。
下面展示的是一个包含 syslog header 的日志信息,它来自于 sshd 守护进程,它控制着到该系统的远程登录,这个信息描述的是一次失败的登录尝试:
<34>1 2003-10-11T22:14:15.003Z server1.com sshd - - pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=10.0.2.2
### Syslog 格式和域 ###
每条 syslog 信息包含一个带有域的 header这些域是结构化的数据使得分析和路由事件更加容易。下面是我们使用的用来产生上面的 syslog 例子的格式,你可以将每个值匹配到一个特定的域的名称上。
<%pri%>%protocol-version% %timestamp:::date-rfc3339% %HOSTNAME% %app-name% %procid% %msgid% %msg%n
下面,你将看到一些在查找或排错时最常使用的 syslog 域:
#### 时间戳 ####
[时间戳][4] (上面的例子为 2003-10-11T22:14:15.003Z) 暗示了在系统中发送该信息的时间和日期。这个时间在另一系统上接收该信息时可能会有所不同。上面例子中的时间戳可以分解为:
- **2003-10-11** 年,月,日.
- **T** 为时间戳的必需元素,它将日期和时间分离开.
- **22:14:15.003** 是 24 小时制的时间,包括进入下一秒的毫秒数(**003**).
- **Z** 是一个可选元素,指的是 UTC 时间,除了 Z这个例子还可以包括一个偏移量例如 -08:00这意味着时间从 UTC 偏移 8 小时,即 PST 时间.
#### 主机名 ####
[主机名][5] 域(在上面的例子中对应 server1.com) 指的是主机的名称或发送信息的系统.
#### 应用名 ####
[应用名][6] 域(在上面的例子中对应 sshd:auth) 指的是发送信息的程序的名称.
#### 优先级 ####
优先级域或缩写为 [pri][7] (在上面的例子中对应 <34>) 告诉我们这个事件有多紧急或多严峻。它由两个数字域组成:设备域和紧急性域。紧急性域从代表 debug 类事件的数字 7 一直到代表紧急事件的数字 0 。设备域描述了哪个进程创建了该事件。它从代表内核信息的数字 0 到代表本地应用使用的 23 。
Pri 有两种输出方式。第一种是以一个单独的数字表示,可以这样计算:先用设备域的值乘以 8再加上紧急性域的值(设备域)(8) + (紧急性域)。第二种是 pri 文本,将以“设备域.紧急性域” 的字符串格式输出。后一种格式更方便阅读和搜索,但占据更多的存储空间。
--------------------------------------------------------------------------------
via: http://www.loggly.com/ultimate-guide/logging/linux-logging-basics/
作者:[Jason Skowronski][a1]
作者:[Amy Echeverri][a2]
作者:[Sadequl Hussain][a3]
译者:[FSSlc](https://github.com/FSSlc)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
[a1]:https://www.linkedin.com/in/jasonskowronski
[a2]:https://www.linkedin.com/in/amyecheverri
[a3]:https://www.linkedin.com/pub/sadequl-hussain/14/711/1a7
[1]:https://www.digitalocean.com/community/tutorials/how-to-view-and-configure-linux-logs-on-ubuntu-and-centos
[2]:https://docs.google.com/document/d/11LXZxWlkNSHkcrCWTUdnLRf_CiZz9kK0cr3yGM_BU_0/edit#heading=h.y2e9tdfk1cdb
[3]:https://tools.ietf.org/html/rfc5424
[4]:https://tools.ietf.org/html/rfc5424#section-6.2.3
[5]:https://tools.ietf.org/html/rfc5424#section-6.2.4
[6]:https://tools.ietf.org/html/rfc5424#section-6.2.5
[7]:https://tools.ietf.org/html/rfc5424#section-6.2.1

117
translated/tech/20150803 Troubleshooting with Linux Logs.md Normal file
View File

@ -0,0 +1,117 @@
在 Linux 中使用日志来排错
================================================================================
人们创建日志的主要原因是排错。通常你会诊断为什么问题发生在你的 Linux 系统或应用程序中。错误信息或一些列事件可以给你提供造成根本原因的线索,说明问题是如何发生的,并指出如何解决它。这里有几个使用日志来解决的样例。
### 登录失败原因 ###
如果你想检查你的系统是否安全,你可以在验证日志中检查登录失败的和登录成功但可疑的用户。当有人通过不正当或无效的凭据来登录时会出现认证失败,经常使用 SSH 进行远程登录或 su 到本地其他用户来进行访问权。这些是由[插入式验证模块][1]来记录,或 PAM 进行短期记录。在你的日志中会看到像 Failed 这样的字符串密码和未知的用户。成功认证记录包括像 Accepted 这样的字符串密码并打开会话。
失败的例子:
pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=10.0.2.2
Failed password for invalid user hoover from 10.0.2.2 port 4791 ssh2
pam_unix(sshd:auth): check pass; user unknown
PAM service(sshd) ignoring max retries; 6 > 3
成功的例子:
Accepted password for hoover from 10.0.2.2 port 4792 ssh2
pam_unix(sshd:session): session opened for user hoover by (uid=0)
pam_unix(sshd:session): session closed for user hoover
你可以使用 grep 来查找哪些用户失败登录的次数最多。这些都是潜在的攻击者正在尝试和访问失败的账户。这是一个在 ubuntu 系统上的例子。
$ grep "invalid user" /var/log/auth.log | cut -d ' ' -f 10 | sort | uniq -c | sort -nr
23 oracle
18 postgres
17 nagios
10 zabbix
6 test
由于没有标准格式,所以你需要为每个应用程序的日志使用不同的命令。日志管理系统,可以自动分析日志,将它们有效的归类,帮助你提取关键字,如用户名。
日志管理系统可以使用自动解析功能从 Linux 日志中提取用户名。这使你可以看到用户的信息并能单个的筛选。在这个例子中我们可以看到root 用户登录了 2700 次,因为我们筛选的日志显示尝试登录的只有 root 用户。
![](http://www.loggly.com/ultimate-guide/wp-content/uploads/2015/05/Screen-Shot-2015-03-12-at-11.05.36-AM.png)
日志管理系统也让你以时间为做坐标轴的图标来查看使你更容易发现异常。如果有人在几分钟内登录失败一次或两次它可能是一个真正的用户而忘记了密码。但是如果有几百个失败的登录并且使用的都是不同的用户名它更可能是在试图攻击系统。在这里你可以看到在3月12日有人试图登录 Nagios 几百次。这显然​​不是一个合法的系统用户。
![](http://www.loggly.com/ultimate-guide/wp-content/uploads/2015/05/Screen-Shot-2015-03-12-at-11.12.18-AM.png)
### 重启的原因 ###
有时候,一台服务器由于系统崩溃或重启而宕机。你怎么知道它何时发生,是谁做的?
#### 关机命令 ####
如果有人手动运行 shutdown 命令,你可以看到它的身份在验证日志文件中。在这里,你可以看到,有人从 IP 50.0.134.125 上作为 ubuntu 的用户远程登录了,然后关闭了系统。
Mar 19 18:36:41 ip-172-31-11-231 sshd[23437]: Accepted publickey for ubuntu from 50.0.134.125 port 52538 ssh
Mar 19 18:36:41 ip-172-31-11-231 23437]:sshd[ pam_unix(sshd:session): session opened for user ubuntu by (uid=0)
Mar 19 18:37:09 ip-172-31-11-231 sudo: ubuntu : TTY=pts/1 ; PWD=/home/ubuntu ; USER=root ; COMMAND=/sbin/shutdown -r now
#### 内核初始化 ####
如果你想看看服务器重新启动的所有原因(包括崩溃),你可以从内核初始化日志中寻找。你需要搜索内核设施和初始化 cpu 的信息。
Mar 19 18:39:30 ip-172-31-11-231 kernel: [ 0.000000] Initializing cgroup subsys cpuset
Mar 19 18:39:30 ip-172-31-11-231 kernel: [ 0.000000] Initializing cgroup subsys cpu
Mar 19 18:39:30 ip-172-31-11-231 kernel: [ 0.000000] Linux version 3.8.0-44-generic (buildd@tipua) (gcc version 4.6.3 (Ubuntu/Linaro 4.6.3-1ubuntu5) ) #66~precise1-Ubuntu SMP Tue Jul 15 04:01:04 UTC 2014 (Ubuntu 3.8.0-44.66~precise1-generic 3.8.13.25)
### 检测内存问题 ###
有很多原因可能导致服务器崩溃,但一个普遍的原因是内存用尽。
当你系统的内存不足时,进程会被杀死,通常会杀死使用最多资源的进程。当系统正在使用的内存发生错误并且有新的或现有的进程试图使用更多的内存。在你的日志文件查找像 Out of Memory 这样的字符串,内核也会发出杀死进程的警告。这些信息表明系统故意杀死进程或应用程序,而不是允许进程崩溃。
例如:
[33238.178288] Out of memory: Kill process 6230 (firefox) score 53 or sacrifice child
[29923450.995084] select 5230 (docker), adj 0, size 708, to kill
你可以使用像 grep 这样的工具找到这些日志。这个例子是在 ubuntu 中:
$ grep “Out of memory” /var/log/syslog
[33238.178288] Out of memory: Kill process 6230 (firefox) score 53 or sacrifice child
请记住grep 也要使用内存,所以导致内存不足的错误可能只是运行的 grep。这是另一个分析日志的独特方法
### 定时任务错误日志 ###
cron 守护程序是一个调度器只在指定的日期和时间运行进程。如果进程运行失败或无法完成,那么 cron 的错误出现在你的日志文件中。你可以找到这些文件在 /var/log/cron/var/log/messages和 /var/log/syslog 中具体取决于你的发行版。cron 任务失败原因有很多。通常情况下,问题出在进程中而不是 cron 守护进程本身。
默认情况下cron 作业会通过电子邮件发送信息。这里是一个日志中记录的发送电子邮件的内容。不幸的是,你不能看到邮件的内容在这里。
Mar 13 16:35:01 PSQ110 postfix/pickup[15158]: C3EDC5800B4: uid=1001 from=<hoover>
Mar 13 16:35:01 PSQ110 postfix/cleanup[15727]: C3EDC5800B4: message-id=<20150310110501.C3EDC5800B4@PSQ110>
Mar 13 16:35:01 PSQ110 postfix/qmgr[15159]: C3EDC5800B4: from=<hoover@loggly.com>, size=607, nrcpt=1 (queue active)
Mar 13 16:35:05 PSQ110 postfix/smtp[15729]: C3EDC5800B4: to=<hoover@loggly.com>, relay=gmail-smtp-in.l.google.com[74.125.130.26]:25, delay=4.1, delays=0.26/0/2.2/1.7, dsn=2.0.0, status=sent (250 2.0.0 OK 1425985505 f16si501651pdj.5 - gsmtp)
你应该想想 cron 在日志中的标准输出以帮助你定位问题。这里展示你可以使用 logger 命令重定向 cron 标准输出到 syslog。用你的脚本来代替 echo 命令helloCron 可以设置为任何你想要的应用程序的名字。
*/5 * * * * echo Hello World 2>&1 | /usr/bin/logger -t helloCron
它创建的日志条目:
Apr 28 22:20:01 ip-172-31-11-231 CRON[15296]: (ubuntu) CMD (echo 'Hello World!' 2>&1 | /usr/bin/logger -t helloCron)
Apr 28 22:20:01 ip-172-31-11-231 helloCron: Hello World!
每个 cron 作业将根据作业的具体类型以及如何输出数据来记录不同的日志。希望在日志中有问题根源的线索,也可以根据需要添加额外的日志记录。
--------------------------------------------------------------------------------
via: http://www.loggly.com/ultimate-guide/logging/troubleshooting-with-linux-logs/
作者:[Jason Skowronski][a1]
作者:[Amy Echeverri][a2]
作者:[Sadequl Hussain][a3]
译者:[strugglingyouth](https://github.com/strugglingyouth)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
[a1]:https://www.linkedin.com/in/jasonskowronski
[a2]:https://www.linkedin.com/in/amyecheverri
[a3]:https://www.linkedin.com/pub/sadequl-hussain/14/711/1a7
[1]:http://linux.die.net/man/8/pam.d

263
translated/tech/20150811 fdupes--A Comamndline Tool to Find and Delete Duplicate Files in Linux.md Normal file
View File

@ -0,0 +1,263 @@
fdupes——Linux中查找并删除重复文件的命令行工具
================================================================================
对于大多数计算机用户而言查找并替换重复的文件是一个常见的需求。查找并移除重复文件真是一项领人不胜其烦的工作它耗时又耗力。如果你的机器上跑着GNU/Linux那么查找重复文件会变得十分简单这多亏了`**fdupes**`工具。
![Find and Delete Duplicate Files in Linux](http://www.tecmint.com/wp-content/uploads/2015/08/find-and-delete-duplicate-files-in-linux.png)
Fdupes——在Linux中查找并删除重复文件
### fdupes是啥东东 ###
**Fdupes**是Linux下的一个工具它由**Adrian Lopez**用C编程语言编写并基于MIT许可证发行该应用程序可以在指定的目录及子目录中查找重复的文件。Fdupes通过对比文件的MD5签名以及逐字节比较文件来识别重复内容可以为Fdupes指定大量的选项以实现对文件的列出、删除、替换到文件副本的硬链接等操作。
对比以下列顺序开始:
**大小对比 > 部分 MD5 签名对比 > 完整 MD5 签名对比 > 逐字节对比**
### 安装 fdupes 到 Linux ###
在基于**Debian**的系统上,如**Ubuntu**和**Linux Mint**安装最新版fdupes用下面的命令手到擒来。
$ sudo apt-get install fdupes
在基于CentOS/RHEL和Fedora的系统上你需要开启[epel仓库][1]来安装fdupes包。
# yum install fdupes
# dnf install fdupes [On Fedora 22 onwards]
**注意**自Fedora 22之后默认的包管理器yum被dnf取代了。
### fdupes命令咋个搞 ###
1.作为演示的目的,让我们来在某个目录(比如 tecmint下创建一些重复文件命令如下
$ mkdir /home/"$USER"/Desktop/tecmint && cd /home/"$USER"/Desktop/tecmint && for i in {1..15}; do echo "I Love Tecmint. Tecmint is a very nice community of Linux Users." > tecmint${i}.txt ; done
在执行以上命令后让我们使用ls[命令][2]验证重复文件是否创建。
$ ls -l
total 60
-rw-r--r-- 1 tecmint tecmint 65 Aug 8 11:22 tecmint10.txt
-rw-r--r-- 1 tecmint tecmint 65 Aug 8 11:22 tecmint11.txt
-rw-r--r-- 1 tecmint tecmint 65 Aug 8 11:22 tecmint12.txt
-rw-r--r-- 1 tecmint tecmint 65 Aug 8 11:22 tecmint13.txt
-rw-r--r-- 1 tecmint tecmint 65 Aug 8 11:22 tecmint14.txt
-rw-r--r-- 1 tecmint tecmint 65 Aug 8 11:22 tecmint15.txt
-rw-r--r-- 1 tecmint tecmint 65 Aug 8 11:22 tecmint1.txt
-rw-r--r-- 1 tecmint tecmint 65 Aug 8 11:22 tecmint2.txt
-rw-r--r-- 1 tecmint tecmint 65 Aug 8 11:22 tecmint3.txt
-rw-r--r-- 1 tecmint tecmint 65 Aug 8 11:22 tecmint4.txt
-rw-r--r-- 1 tecmint tecmint 65 Aug 8 11:22 tecmint5.txt
-rw-r--r-- 1 tecmint tecmint 65 Aug 8 11:22 tecmint6.txt
-rw-r--r-- 1 tecmint tecmint 65 Aug 8 11:22 tecmint7.txt
-rw-r--r-- 1 tecmint tecmint 65 Aug 8 11:22 tecmint8.txt
-rw-r--r-- 1 tecmint tecmint 65 Aug 8 11:22 tecmint9.txt
上面的脚本创建了**15**个文件名称分别为tecmint1.txttecmint2.txt……tecmint15.txt并且每个文件的数据相同
"I Love Tecmint. Tecmint is a very nice community of Linux Users."
2.现在在**tecmint**文件夹内搜索重复的文件。
$ fdupes /home/$USER/Desktop/tecmint
/home/tecmint/Desktop/tecmint/tecmint13.txt
/home/tecmint/Desktop/tecmint/tecmint8.txt
/home/tecmint/Desktop/tecmint/tecmint11.txt
/home/tecmint/Desktop/tecmint/tecmint3.txt
/home/tecmint/Desktop/tecmint/tecmint4.txt
/home/tecmint/Desktop/tecmint/tecmint6.txt
/home/tecmint/Desktop/tecmint/tecmint7.txt
/home/tecmint/Desktop/tecmint/tecmint9.txt
/home/tecmint/Desktop/tecmint/tecmint10.txt
/home/tecmint/Desktop/tecmint/tecmint2.txt
/home/tecmint/Desktop/tecmint/tecmint5.txt
/home/tecmint/Desktop/tecmint/tecmint14.txt
/home/tecmint/Desktop/tecmint/tecmint1.txt
/home/tecmint/Desktop/tecmint/tecmint15.txt
/home/tecmint/Desktop/tecmint/tecmint12.txt
3.使用**-r**选项在每个目录包括其子目录中递归搜索重复文件。
它会递归搜索所有文件和文件夹,花一点时间来扫描重复文件,时间的长短取决于文件和文件夹的数量。在此其间,终端中会显示全部过程,像下面这样。
$ fdupes -r /home
Progress [37780/54747] 69%
4.使用**-S**选项来查看某个文件夹内找到的重复文件的大小。
$ fdupes -S /home/$USER/Desktop/tecmint
65 bytes each:
/home/tecmint/Desktop/tecmint/tecmint13.txt
/home/tecmint/Desktop/tecmint/tecmint8.txt
/home/tecmint/Desktop/tecmint/tecmint11.txt
/home/tecmint/Desktop/tecmint/tecmint3.txt
/home/tecmint/Desktop/tecmint/tecmint4.txt
/home/tecmint/Desktop/tecmint/tecmint6.txt
/home/tecmint/Desktop/tecmint/tecmint7.txt
/home/tecmint/Desktop/tecmint/tecmint9.txt
/home/tecmint/Desktop/tecmint/tecmint10.txt
/home/tecmint/Desktop/tecmint/tecmint2.txt
/home/tecmint/Desktop/tecmint/tecmint5.txt
/home/tecmint/Desktop/tecmint/tecmint14.txt
/home/tecmint/Desktop/tecmint/tecmint1.txt
/home/tecmint/Desktop/tecmint/tecmint15.txt
/home/tecmint/Desktop/tecmint/tecmint12.txt
5.你可以同时使用**-S**和**-r**选项来查看所有涉及到的目录和子目录中的重复文件的大小,如下:
$ fdupes -Sr /home/avi/Desktop/
65 bytes each:
/home/tecmint/Desktop/tecmint/tecmint13.txt
/home/tecmint/Desktop/tecmint/tecmint8.txt
/home/tecmint/Desktop/tecmint/tecmint11.txt
/home/tecmint/Desktop/tecmint/tecmint3.txt
/home/tecmint/Desktop/tecmint/tecmint4.txt
/home/tecmint/Desktop/tecmint/tecmint6.txt
/home/tecmint/Desktop/tecmint/tecmint7.txt
/home/tecmint/Desktop/tecmint/tecmint9.txt
/home/tecmint/Desktop/tecmint/tecmint10.txt
/home/tecmint/Desktop/tecmint/tecmint2.txt
/home/tecmint/Desktop/tecmint/tecmint5.txt
/home/tecmint/Desktop/tecmint/tecmint14.txt
/home/tecmint/Desktop/tecmint/tecmint1.txt
/home/tecmint/Desktop/tecmint/tecmint15.txt
/home/tecmint/Desktop/tecmint/tecmint12.txt
107 bytes each:
/home/tecmint/Desktop/resume_files/r-csc.html
/home/tecmint/Desktop/resume_files/fc.html
6.不同于在一个或所有文件夹内递归搜索,你可以选择按要求有选择性地在两个或三个文件夹内进行搜索。不必再提醒你了吧,如有需要,你可以使用**-S**和/或**-r**选项。
$ fdupes /home/avi/Desktop/ /home/avi/Templates/
7.要删除重复文件,同时保留一个副本,你可以使用`**-d**`选项。使用该选项,你必须额外小心,否则最终结果可能会是文件/数据的丢失。郑重提醒,此操作不可恢复。
$ fdupes -d /home/$USER/Desktop/tecmint
[1] /home/tecmint/Desktop/tecmint/tecmint13.txt
[2] /home/tecmint/Desktop/tecmint/tecmint8.txt
[3] /home/tecmint/Desktop/tecmint/tecmint11.txt
[4] /home/tecmint/Desktop/tecmint/tecmint3.txt
[5] /home/tecmint/Desktop/tecmint/tecmint4.txt
[6] /home/tecmint/Desktop/tecmint/tecmint6.txt
[7] /home/tecmint/Desktop/tecmint/tecmint7.txt
[8] /home/tecmint/Desktop/tecmint/tecmint9.txt
[9] /home/tecmint/Desktop/tecmint/tecmint10.txt
[10] /home/tecmint/Desktop/tecmint/tecmint2.txt
[11] /home/tecmint/Desktop/tecmint/tecmint5.txt
[12] /home/tecmint/Desktop/tecmint/tecmint14.txt
[13] /home/tecmint/Desktop/tecmint/tecmint1.txt
[14] /home/tecmint/Desktop/tecmint/tecmint15.txt
[15] /home/tecmint/Desktop/tecmint/tecmint12.txt
Set 1 of 1, preserve files [1 - 15, all]:
你可能注意到了,所有重复的文件被列了出来,并给出删除提示,一个一个来,或者指定范围,或者一次性全部删除。你可以选择一个范围,就像下面这样,来删除指定范围内的文件。
Set 1 of 1, preserve files [1 - 15, all]: 2-15
[-] /home/tecmint/Desktop/tecmint/tecmint13.txt
[+] /home/tecmint/Desktop/tecmint/tecmint8.txt
[-] /home/tecmint/Desktop/tecmint/tecmint11.txt
[-] /home/tecmint/Desktop/tecmint/tecmint3.txt
[-] /home/tecmint/Desktop/tecmint/tecmint4.txt
[-] /home/tecmint/Desktop/tecmint/tecmint6.txt
[-] /home/tecmint/Desktop/tecmint/tecmint7.txt
[-] /home/tecmint/Desktop/tecmint/tecmint9.txt
[-] /home/tecmint/Desktop/tecmint/tecmint10.txt
[-] /home/tecmint/Desktop/tecmint/tecmint2.txt
[-] /home/tecmint/Desktop/tecmint/tecmint5.txt
[-] /home/tecmint/Desktop/tecmint/tecmint14.txt
[-] /home/tecmint/Desktop/tecmint/tecmint1.txt
[-] /home/tecmint/Desktop/tecmint/tecmint15.txt
[-] /home/tecmint/Desktop/tecmint/tecmint12.txt
8.从安全角度出发,你可能想要打印`**fdupes**`的输出结果到文件中,然后检查文本文件来决定要删除什么文件。这可以降低意外删除文件的风险。你可以这么做:
$ fdupes -Sr /home > /home/fdupes.txt
**注意**:你可以替换`**/home**`为你想要的文件夹。同时,如果你想要递归搜索并打印大小,可以使用`**-r**`和`**-S**`选项。
9.你可以使用`**-f**`选项来忽略每个匹配集中的首个文件。
首先列出该目录中的文件。
$ ls -l /home/$USER/Desktop/tecmint
total 20
-rw-r--r-- 1 tecmint tecmint 65 Aug 8 11:22 tecmint9 (3rd copy).txt
-rw-r--r-- 1 tecmint tecmint 65 Aug 8 11:22 tecmint9 (4th copy).txt
-rw-r--r-- 1 tecmint tecmint 65 Aug 8 11:22 tecmint9 (another copy).txt
-rw-r--r-- 1 tecmint tecmint 65 Aug 8 11:22 tecmint9 (copy).txt
-rw-r--r-- 1 tecmint tecmint 65 Aug 8 11:22 tecmint9.txt
然后,忽略掉每个匹配集中的首个文件。
$ fdupes -f /home/$USER/Desktop/tecmint
/home/tecmint/Desktop/tecmint9 (copy).txt
/home/tecmint/Desktop/tecmint9 (3rd copy).txt
/home/tecmint/Desktop/tecmint9 (another copy).txt
/home/tecmint/Desktop/tecmint9 (4th copy).txt
10.检查已安装的fdupes版本。
$ fdupes --version
fdupes 1.51
11.如果你需要关于fdupes的帮助可以使用`**-h**`开关。
$ fdupes -h
Usage: fdupes [options] DIRECTORY...
-r --recurse for every directory given follow subdirectories
encountered within
-R --recurse: for each directory given after this option follow
subdirectories encountered within (note the ':' at
the end of the option, manpage for more details)
-s --symlinks follow symlinks
-H --hardlinks normally, when two or more files point to the same
disk area they are treated as non-duplicates; this
option will change this behavior
-n --noempty exclude zero-length files from consideration
-A --nohidden exclude hidden files from consideration
-f --omitfirst omit the first file in each set of matches
-1 --sameline list each set of matches on a single line
-S --size show size of duplicate files
-m --summarize summarize dupe information
-q --quiet hide progress indicator
-d --delete prompt user for files to preserve and delete all
others; important: under particular circumstances,
data may be lost when using this option together
with -s or --symlinks, or when specifying a
particular directory more than once; refer to the
fdupes documentation for additional information
-N --noprompt together with --delete, preserve the first file in
each set of duplicates and delete the rest without
prompting the user
-v --version display fdupes version
-h --help display this help message
到此为止了。让我知道你到现在为止你是怎么在Linux中查找并删除重复文件的同时也让我知道你关于这个工具的看法。在下面的评论部分中提供你有价值的反馈吧别忘了为我们点赞并分享帮助我们扩散哦。
我正在使用另外一个移除重复文件的工具,它叫**fslint**。很快就会把使用心得分享给大家哦,你们一定会喜欢看的。
--------------------------------------------------------------------------------
via: http://www.tecmint.com/fdupes-find-and-delete-duplicate-files-in-linux/
作者:[GOLinux](https://github.com/GOLinux)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
[a]:http://www.tecmint.com/author/avishek/
[1]:http://www.tecmint.com/how-to-enable-epel-repository-for-rhel-centos-6-5/
[2]:http://www.tecmint.com/15-basic-ls-command-examples-in-linux/

0
translated/tech/RHCSA Series/RHCSA Series--Part 01--Reviewing Essential Commands and System Documentation.md → translated/tech/RHCSA/RHCSA Series--Part 01--Reviewing Essential Commands and System Documentation.md
View File

325
translated/tech/RHCSA/RHCSA Series--Part 02--How to Perform File and Directory Management.md Normal file
View File

@ -0,0 +1,325 @@
RHCSA 系列: 如何执行文件并进行文件管理 Part 2
================================================================================
在本篇(RHCSA 第二篇:文件和目录管理)中,我们江回顾一些系统管理员日常任务需要的技能
![RHCSA: Perform File and Directory Management Part 2](http://www.tecmint.com/wp-content/uploads/2015/03/RHCSA-Part2.png)
RHCSA : 运行文件以及进行文件夹管理 - 第二章
### 创建,删除,复制和移动文件及目录 ###
文件和目录管理是每一个系统管理员都应该掌握的必要的技能.它包括了从头开始的创建、删除文本文件(每个程序的核心配置)以及目录(你用来组织文件和其他目录),以及识别存在的文件的类型
[touch 命令][1] 不仅仅能用来创建空文件,还能用来更新已存在的文件的权限和时间表
![touch command example](http://www.tecmint.com/wp-content/uploads/2015/03/touch-command-example.png)
touch 命令示例
你可以使用 `file [filename]`来判断一个文件的类型 (在你用文本编辑器编辑之前,判断类型将会更方便编辑).
![file command example](http://www.tecmint.com/wp-content/uploads/2015/03/file-command-example.png)
file 命令示例
使用`rm [filename]` 可以删除文件
![Linux rm command examples](http://www.tecmint.com/wp-content/uploads/2015/03/rm-command-examples.png)
rm 命令示例
对于目录,你可以使用`mkdir [directory]`在已经存在的路径中创建目录,或者使用 `mkdir -p [/full/path/to/directory].`带全路径创建文件夹
![mkdir command example](http://www.tecmint.com/wp-content/uploads/2015/03/mkdir-command-example.png)
mkdir 命令示例
当你想要去删除目录时,在你使用`rmdir [directory]` 前,你需要先确保目录是空的,或者使用更加强力的命令(小心使用它)`rm -rf [directory]`.后者会强制删除`[directory]`以及他的内容.所以使用这个命令存在一定的风险
### 输入输出重定向以及管道 ###
命令行环境提供了两个非常有用的功能:允许命令重定向的输入和输出到文件和发送到另一个文件,分别称为重定向和管道
To understand those two important concepts, we must first understand the three most important types of I/O (Input and Output) streams (or sequences) of characters, which are in fact special files, in the *nix sense of the word.
为了理解这两个重要概念,我们首先需要理解通常情况下三个重要的输入输出流的形式
- 标准输入 (aka stdin) 是指默认使用键盘链接. 换句话说,键盘是输入命令到命令行的标准输入设备。
- 标准输出 (aka stdout) 是指默认展示再屏幕上, 显示器接受输出命令,并且展示在屏幕上。
- 标准错误 (aka stderr), 是指命令的状态默认输出, 同时也会展示在屏幕上
In the following example, the output of `ls /var` is sent to stdout (the screen), as well as the result of ls /tecmint. But in the latter case, it is stderr that is shown.
在下面的例子中,`ls /var`的结果被发送到stdout(屏幕展示)就像ls /tecmint 的结果。但在后一种情况下,它是标准错误输出。
![Linux input output redirect](http://www.tecmint.com/wp-content/uploads/2015/03/Linux-input-output-redirect.png)
输入和输出命令实例
为了更容易识别这些特殊文件,每个文件都被分配有一个文件描述符(用于控制他们的抽象标识)。主要要理解的是,这些文件就像其他人一样,可以被重定向。这就意味着你可以从一个文件或脚本中捕获输出,并将它传送到另一个文件、命令或脚本中。你就可以在在磁盘上存储命令的输出结果,用于稍后的分析
To redirect stdin (fd 0), stdout (fd 1), or stderr (fd 2), the following operators are available.
注:表格
<table cellspacing="0" border="0">
<colgroup width="226"></colgroup>
<colgroup width="743"></colgroup>
<tbody>
<tr>
<td align="CENTER" height="24" bgcolor="#999999" style="border: 1px solid #000000;"><b><span style="font-size: medium;">转向操作</span></b></td>
<td align="CENTER" bgcolor="#999999" style="border: 1px solid #000000;"><b><span style="font-size: medium;">效果</span></b></td>
</tr>
<tr class="alt">
<td align="CENTER" height="18" style="border: 1px solid #000000;"><b><span style="font-family: Courier New;">&gt;</span></b></td>
<td align="LEFT" style="border: 1px solid #000000;">标准输出到一个文件。如果目标文件存在,内容就会被重写</td>
</tr>
<tr>
<td align="CENTER" height="18" style="border: 1px solid #000000;"><b><span style="font-family: Courier New;">&gt;&gt;</span></b></td>
<td align="LEFT" style="border: 1px solid #000000;">添加标准输出到文件尾部</td>
</tr>
<tr class="alt">
<td align="CENTER" height="18" style="border: 1px solid #000000;"><b><span style="font-family: Courier New;">2&gt;</span></b></td>
<td align="LEFT" style="border: 1px solid #000000;">标准错误输出到一个文件。如果目标文件存在,内容就会被重写</td>
</tr>
<tr>
<td align="CENTER" height="18" style="border: 1px solid #000000;"><b><span style="font-family: Courier New;">2&gt;&gt;</span></b></td>
<td align="LEFT" style="border: 1px solid #000000;">添加标准错误输出到文件尾部.</td>
</tr>
<tr class="alt">
<td align="CENTER" height="18" style="border: 1px solid #000000;"><b><span style="font-family: Courier New;">&amp;&gt;</span></b></td>
<td align="LEFT" style="border: 1px solid #000000;">标准错误和标准输出都到一个文件。如果目标文件存在,内容就会被重写</td>
</tr>
<tr>
<td align="CENTER" height="18" style="border: 1px solid #000000;"><b><span style="font-family: Courier New;">&lt;</span></b></td>
<td align="LEFT" style="border: 1px solid #000000;">使用特定的文件做标准输出</td>
</tr>
<tr class="alt">
<td align="CENTER" height="18" style="border: 1px solid #000000;"><b><span style="font-family: Courier New;">&lt;&gt;</span></b></td>
<td align="LEFT" style="border: 1px solid #000000;">使用特定的文件做标准输出和标准错误</td>
</tr>
</tbody>
</table>
相比与重定向,管道是通过在命令后添加一个竖杠`(|)`再添加另一个命令 .
记得:
- 重定向是用来定向命令的输出到一个文件,或定向一个文件作为输入到一个命令。
- 管道是用来将命令的输出转发到另一个命令作为输入。
#### 重定向和管道的使用实例 ####
** 例1将一个命令的输出到文件 **
有些时候你需要遍历一个文件列表。要做到这样你可以先将该列表保存到文件中然后再按行读取该文件。虽然你可以遍历直接ls的输出不过这个例子是用来说明重定向。
# ls -1 /var/mail > mail.txt
![Redirect output of command tot a file](http://www.tecmint.com/wp-content/uploads/2015/03/Redirect-output-to-a-file.png)
将一个命令的输出到文件
** 例2重定向stdout和stderr到/dev/null **
如果不想让标准输出和标准错误展示在屏幕上,我们可以把文件描述符重定向到 `/dev/null` 请注意在执行这个命令时该如何更改输出
# ls /var /tecmint
# ls /var/ /tecmint &> /dev/null
![Redirecting stdout and stderr ouput to /dev/null](http://www.tecmint.com/wp-content/uploads/2015/03/Redirecting-stdout-stderr-ouput.png)
重定向stdout和stderr到/dev/null
#### 例3使用一个文件作为命令的输入 ####
当官方的[cat 命令][2]的语法如下时
# cat [file(s)]
您还可以使用正确的重定向操作符传送一个文件作为输入。
# cat < mail.txt
![Linux cat command examples](http://www.tecmint.com/wp-content/uploads/2015/03/cat-command-examples.png)
cat 命令实例
#### 例4发送一个命令的输出作为另一个命令的输入 ####
如果你有一个较大的目录或进程列表并且想快速定位你或许需要将列表通过管道传送给grep
接下来我们使用管道在下面的命令中,第一个是查找所需的关键词,第二个是除去产生的 `grep command`.这个例子列举了所有与apache用户有关的进程
# ps -ef | grep apache | grep -v grep
![Send output of command as input to another](http://www.tecmint.com/wp-content/uploads/2015/03/Send-output-of-command-as-input-to-another1.png)
发送一个命令的输出作为另一个命令的输入
### 归档,压缩,解包,解压文件 ###
如果你需要传输,备份,或者通过邮件发送一组文件,你可以使用一个存档(或文件夹)如 [tar][3]工具通常使用gzipbzip2或XZ压缩工具.
您选择的压缩工具每一个都有自己的定义的压缩速度和速率的。这三种压缩工具gzip是最古老和提供最小压缩的工具bzip2提供经过改进的压缩以及XZ提供最信和最好的压缩。通常情况下这些文件都是被压缩的如.gz .bz2或.xz
注:表格
<table cellspacing="0" border="0">
<colgroup width="165"></colgroup>
<colgroup width="137"></colgroup>
<colgroup width="366"></colgroup>
<tbody>
<tr>
<td align="CENTER" height="24" bgcolor="#999999" style="border: 1px solid #000000;"><b><span style="font-size: medium;">命令</span></b></td>
<td align="CENTER" bgcolor="#999999" style="border: 1px solid #000000;"><b><span style="font-size: medium;">缩写</span></b></td>
<td align="CENTER" bgcolor="#999999" style="border: 1px solid #000000;"><b><span style="font-size: medium;">描述</span></b></td>
</tr>
<tr class="alt">
<td align="LEFT" height="18" style="border: 1px solid #000000;"><span style="font-family: Courier New;"> &ndash;create</span></td>
<td align="LEFT" style="border: 1px solid #000000;">c</td>
<td align="LEFT" style="border: 1px solid #000000;">创建一个tar归档</td>
</tr>
<tr>
<td align="LEFT" height="18" style="border: 1px solid #000000;"><span style="font-family: Courier New;"> &ndash;concatenate</span></td>
<td align="LEFT" style="border: 1px solid #000000;">A</td>
<td align="LEFT" style="border: 1px solid #000000;">向归档中添加tar文件</td>
</tr>
<tr class="alt">
<td align="LEFT" height="18" style="border: 1px solid #000000;"><span style="font-family: Courier New;"> &ndash;append</span></td>
<td align="LEFT" style="border: 1px solid #000000;">r</td>
<td align="LEFT" style="border: 1px solid #000000;">向归档中添加非tar文件</td>
</tr>
<tr>
<td align="LEFT" height="18" style="border: 1px solid #000000;"><span style="font-family: Courier New;"> &ndash;update</span></td>
<td align="LEFT" style="border: 1px solid #000000;">u</td>
<td align="LEFT" style="border: 1px solid #000000;">添加比归档中的文件更新的文件</td>
</tr>
<tr class="alt">
<td align="LEFT" height="18" style="border: 1px solid #000000;"><span style="font-family: Courier New;"> &ndash;diff or &ndash;compare</span></td>
<td align="LEFT" style="border: 1px solid #000000;">d</td>
<td align="LEFT" style="border: 1px solid #000000;">将归档和硬盘的文件夹进行对比</td>
</tr>
<tr>
<td align="LEFT" height="20" style="border: 1px solid #000000;"><span style="font-family: Courier New;"> &ndash;list</span></td>
<td align="LEFT" style="border: 1px solid #000000;">t</td>
<td align="LEFT" style="border: 1px solid #000000;">列举一个tar的压缩包</td>
</tr>
<tr class="alt">
<td align="LEFT" height="18" style="border: 1px solid #000000;"><span style="font-family: Courier New;"> &ndash;extract or &ndash;get</span></td>
<td align="LEFT" style="border: 1px solid #000000;">x</td>
<td align="LEFT" style="border: 1px solid #000000;">从归档中解压文件</td>
</tr>
</tbody>
</table>
注:表格
<table cellspacing="0" border="0">
<colgroup width="258"></colgroup>
<colgroup width="152"></colgroup>
<colgroup width="803"></colgroup>
<tbody>
<tr>
<td align="CENTER" height="24" bgcolor="#999999" style="border: 1px solid #000001;"><b><span style="font-size: medium;">操作参数</span></b></td>
<td align="CENTER" bgcolor="#999999" style="border: 1px solid #000001;"><b><span style="font-size: medium;">缩写</span></b></td>
<td align="CENTER" bgcolor="#999999" style="border: 1px solid #000001;"><b><span style="font-size: medium;">描述</span></b></td>
</tr>
<tr class="alt">
<td align="LEFT" height="24" style="border: 1px solid #000001;"><span style="font-family: Courier New;">&mdash;</span>directory dir</td>
<td align="LEFT" style="border: 1px solid #000001;"><span style="font-family: Courier New;"> C</span></td>
<td align="LEFT" style="border: 1px solid #000001;">在执行操作前更改目录</td>
</tr>
<tr>
<td align="LEFT" height="24" style="border: 1px solid #000001;"><span style="font-family: Courier New;">&mdash;</span>same-permissions and <span style="font-family: Courier New;">&mdash;</span>same-owner</td>
<td align="LEFT" style="border: 1px solid #000001;"><span style="font-family: Courier New;"> p</span></td>
<td align="LEFT" style="border: 1px solid #000001;">分别保留权限和所有者信息</td>
</tr>
<tr class="alt">
<td align="LEFT" height="24" style="border: 1px solid #000001;"><span style="font-family: Courier New;"> &ndash;verbose</span></td>
<td align="LEFT" style="border: 1px solid #000001;"><span style="font-family: Courier New;"> v</span></td>
<td align="LEFT" style="border: 1px solid #000001;">列举所有文件用于读取或提取,这里包含列表,并显示文件的大小、所有权和时间戳</td>
</tr>
<tr>
<td align="LEFT" height="24" style="border: 1px solid #000001;"><span style="font-family: Courier New;">&mdash;</span>exclude file</td>
<td align="LEFT" style="border: 1px solid #000001;"><span style="font-family: Courier New;"> &mdash;</span></td>
<td align="LEFT" style="border: 1px solid #000001;">排除存档文件。在这种情况下,文件可以是一个实际的文件或目录。</td>
</tr>
<tr class="alt">
<td align="LEFT" height="24" style="border: 1px solid #000001;"><span style="font-family: Courier New;">&mdash;</span>gzip or <span style="font-family: Courier New;">&mdash;</span>gunzip</td>
<td align="LEFT" style="border: 1px solid #000001;"><span style="font-family: Courier New;"> z</span></td>
<td align="LEFT" style="border: 1px solid #000001;">使用gzip压缩文件</td>
</tr>
<tr>
<td align="LEFT" height="24" style="border: 1px solid #000001;"><span style="font-family: Courier New;"> &ndash;bzip2</span></td>
<td align="LEFT" style="border: 1px solid #000001;"><span style="font-family: Courier New;"> j</span></td>
<td align="LEFT" height="24" style="border: 1px solid #000001;">使用bzip2压缩文件</td>
</tr>
<tr class="alt">
<td align="LEFT" height="24" style="border: 1px solid #000001;"><span style="font-family: Courier New;"> &ndash;xz</span></td>
<td align="LEFT" style="border: 1px solid #000001;"><span style="font-family: Courier New;"> J</span></td>
<td align="LEFT" style="border: 1px solid #000001;">使用xz压缩文件</td>
</tr>
</tbody>
</table>
#### 例5创建一个文件然后使用三种压缩工具压缩####
在决定使用一个或另一个工具之前,您可能想比较每个工具的压缩效率。请注意压缩小文件或几个文件,结果可能不会有太大的差异,但可能会给你看出他们的差异
# tar cf ApacheLogs-$(date +%Y%m%d).tar /var/log/httpd/* # Create an ordinary tarball
# tar czf ApacheLogs-$(date +%Y%m%d).tar.gz /var/log/httpd/* # Create a tarball and compress with gzip
# tar cjf ApacheLogs-$(date +%Y%m%d).tar.bz2 /var/log/httpd/* # Create a tarball and compress with bzip2
# tar cJf ApacheLogs-$(date +%Y%m%d).tar.xz /var/log/httpd/* # Create a tarball and compress with xz
![Linux tar command examples](http://www.tecmint.com/wp-content/uploads/2015/03/tar-command-examples.png)
tar 命令实例
#### 例6归档时同时保存原始权限和所有权 ####
如果你创建的是用户的主目录的备份,你需要要存储的个人文件与原始权限和所有权,而不是通过改变他们的用户帐户或守护进程来执行备份。下面的命令可以在归档时保留文件属性
# tar cJf ApacheLogs-$(date +%Y%m%d).tar.xz /var/log/httpd/* --same-permissions --same-owner
### 创建软连接和硬链接 ###
在Linux中有2种类型的链接文件硬链接和软也称为符号链接。因为硬链接文件代表另一个名称是由同一点确定然后链接到实际的数据符号链接指向的文件名而不是实际的数据
此外硬链接不占用磁盘上的空间而符号链接做占用少量的空间来存储的链接本身的文本。硬链接的缺点就是要求他们必须在同一个innode内。而符号链接没有这个限制符号链接因为只保存了文件名和目录名,所以可以跨文件系统.
创建链接的基本语法看起来是相似的:
# ln TARGET LINK_NAME #从Link_NAME到Target的硬链接
# ln -s TARGET LINK_NAME #从Link_NAME到Target的软链接
#### 例7创建硬链接和软链接 ####
没有更好的方式来形象的说明一个文件和一个指向它的符号链接的关系而不是创建这些链接。在下面的截图中你会看到文件的硬链接指向它共享相同的节点都是由466个字节的磁盘使用情况确定。
另一方面在别的磁盘创建一个硬链接将占用5个字节并不是说你将耗尽存储容量而是这个例子足以说明一个硬链接和软链接之间的区别。
![Difference between a hard link and a soft link](http://www.tecmint.com/wp-content/uploads/2015/03/hard-soft-link.png)
软连接和硬链接之间的不同
符号链接的典型用法是在Linux系统的版本文件参考。假设有需要一个访问文件foo X.Y 想图书馆一样经常被访问你想更新一个就可以而不是更新所有的foo X.Y,这时使用软连接更为明智和安全。有文件被看成foo X.Y的链接符号从而找到foo X.Y
这样的话当你的X和Y发生变化后你只需更新一个文件而不是更新每个文件。
### 总结 ###
在这篇文章中,我们回顾了一些基本的文件和目录管理技能,这是每个系统管理员的工具集的一部分。请确保阅读了本系列的其他部分,以及复习并将这些主题与本教程所涵盖的内容相结合。
如果你有任何问题或意见,请随时告诉我们。我们总是很高兴从读者那获取反馈.
--------------------------------------------------------------------------------
via: http://www.tecmint.com/file-and-directory-management-in-linux/
作者:[Gabriel Cánepa][a]
译者:[xiqingongzi](https://github.com/xiqingongzi)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:http://www.tecmint.com/author/gacanepa/
[1]:http://www.tecmint.com/8-pratical-examples-of-linux-touch-command/
[2]:http://www.tecmint.com/13-basic-cat-command-examples-in-linux/
[3]:http://www.tecmint.com/18-tar-command-examples-in-linux/

258
translated/tech/RHCSA/RHCSA Series--Part 04--Editing Text Files with Nano and Vim or Analyzing text with grep and regexps.md Normal file
View File

@ -0,0 +1,258 @@
RHCSA 系列:使用 Nano 和 Vim 编辑文本文件/使用 grep 和 regexps 分析文本 Part 4
================================================================================
作为系统管理员的日常职责的一部分,每个系统管理员都必须处理文本文件,这包括编辑现存文件(大多可能是配置文件),或创建新的文件。有这样一个说法,假如你想在 Linux 世界中挑起一场圣战,你可以询问系统管理员们,什么是他们最喜爱的编辑器以及为什么。在这篇文章中,我们并不打算那样做,但我们将向你呈现一些技巧,这些技巧对使用两款在 RHEL 7 中最为常用的文本编辑器: nano(由于其简单和易用,特别是对于新手来说) 和 vi/m(由于其自身的几个特色使得它不仅仅是一个简单的编辑器)来说都大有裨益。我确信你可以找到更多的理由来使用其中的一个或另一个,或许其他的一些编辑器如 emacs 或 pico。这完全取决于你。
![学习 Nano 和 vi 编辑器](http://www.tecmint.com/wp-content/uploads/2015/03/Learn-Nano-and-vi-Editors.png)
RHCSA: 使用 Nano 和 Vim 编辑文本文件 Part 4
### 使用 Nano 编辑器来编辑文件 ###
要启动 nano你可以在命令提示符下输入 `nano`,或选择性地跟上一个文件名(在这种情况下,若文件存在,它将在编辑模式中被打开)。若文件不存在,或我们省略了文件名, nano 也将在 编辑模式下开启,但将为我们开启一个空白屏以便开始输入:
![Nano 编辑器](http://www.tecmint.com/wp-content/uploads/2015/03/Nano-Editor.png)
Nano 编辑器
正如你在上一张图片中所见的那样, nano 在屏幕的底部呈现出一些功能,它们可以通过暗指的快捷键来触发(^,即插入记号,代指 Ctrl 键)。它们中的一些是:
- Ctrl + G: 触发一个帮助菜单,带有一个关于功能和相应的描述的完整列表;
- Ctrl + X: 离开当前文件,假如更改没有被保存,则它们将被丢弃;
- Ctrl + R: 通过指定一个完整的文件路径,让你选择一个文件来将该文件的内容插入到当前文件中;
![Nano 编辑器帮助菜单](http://www.tecmint.com/wp-content/uploads/2015/03/Nano-Help.png)
Nano 编辑器帮助菜单
- Ctrl + O: 保存更改到一个文件。它将让你用一个与源文件相同或不同的名称来保存该文件,然后按 Enter 键来确认。
![Nano 编辑器保存更改模式](http://www.tecmint.com/wp-content/uploads/2015/03/Nano-Save-Changes.png)
Nano 编辑器的保存更改模式
- Ctrl + X: 离开当前文件,假如更改没有被保存,则它们将被丢弃;
- Ctrl + R: 通过指定一个完整的文件路径,让你选择一个文件来将该文件的内容插入到当前文件中;
![Nano: 插入文件内容到主文件中](http://www.tecmint.com/wp-content/uploads/2015/03/Insert-File-Content.png)
Nano: 插入文件内容到主文件中
上图的操作将把 `/etc/passwd` 的内容插入到当前文件中。
- Ctrl + K: 剪切当前行;
- Ctrl + U: 粘贴;
- Ctrl + C: 取消当前的操作并返回先前的屏幕;
为了轻松地在打开的文件中浏览, nano 提供了下面的功能:
- Ctrl + F 和 Ctrl + B 分别先前或向后移动光标;而 Ctrl + P 和 Ctrl + N 则分别向上或向下移动一行,功能与箭头键相同;
- Ctrl + space 和 Alt + space 分别向前或向后移动一个单词;
最后,
- 假如你想将光标移动到文档中的特定位置,使用 Ctrl + _ (下划线) 并接着输入 X,Y 将准确地带你到 第 X 行,第 Y 列。
![在 nano 中定位到具体的行,列](http://www.tecmint.com/wp-content/uploads/2015/03/Column-Numbers.png)
在 nano 中定位到具体的行和列
上面的例子将带你到当前文档的第 15 行,第 14 列。
假如你可以回忆起你早期的 Linux 岁月,特别是当你刚从 Windows 迁移到 Linux 中,你就可能会同意:对于一个新手来说,使用 nano 来开始学习是最好的方式。
### 使用 Vim 编辑器来编辑文件 ###
Vim 是 vi 的加强版本,它是 Linux 中一个著名的文本编辑器,可在所有兼容 POSIX 的 *nix 系统中获取到,例如在 RHEL 7 中。假如你有机会并可以安装 Vim请继续假如不能这篇文章中的大多数(若不是全部)的提示也应该可以正常工作。
Vim 的一个出众的特点是可以在多个不同的模式中进行操作:
- 命令模式将允许你在文件中跳转和输入命令,这些命令是由一个或多个字母组成的简洁且对大小写敏感的组合。假如你想重复执行某个命令特定次,你可以在这个命令前加上需要重复的次数(这个规则只有极少数例外)。例如, yy(或 Yyank 的缩写)可以复制整个当前行,而 4yy(或 4Y)则复制整个当前行到接着的 3 行(总共 4 行)。
- 在 ex 模式中,你可以操作文件(包括保存当前文件和运行外部的程序或命令)。要进入 ex 模式,你必须在命令模式前(或其他词前Esc + )输入一个冒号(:),再直接跟上你想使用的 ex 模式命令的名称。
- 对于插入模式,可以输入字母 i 进入,我们只需要输入文字即可。大多数的键击结果都将出现在屏幕中的文本中。
- 我们总是可以通过敲击 Esc 键来进入命令模式(无论我们正工作在哪个模式下)。
现在,让我们看看如何在 vim 中执行在上一节列举的针对 nano 的相同的操作。不要忘记敲击 Enter 键来确认 vim 命令。
为了从命令行中获取 vim 的完整手册,在命令模式下键入 `:help` 并敲击 Enter 键:
![vim 编辑器帮助菜单](http://www.tecmint.com/wp-content/uploads/2015/03/vim-Help-Menu.png)
vim 编辑器帮助菜单
上面的小节呈现出一个目录列表,而定义过的小节则主要关注 Vim 的特定话题。要浏览某一个小节,可以将光标放到它的上面,然后按 Ctrl + ] (闭方括号)。注意,底部的小节展示的是当前文件的内容。
1. 要保存更改到文件,在命令模式中运行下面命令中的任意一个,就可以达到这个目的:
```
:wq!
:x!
ZZ (是的,两个 ZZ,前面无需添加冒号)
```
2. 要离开并丢弃更改,使用 `:q!`。这个命令也将允许你离开上面描述过的帮助菜单,并返回到命令模式中的当前文件。
3. 剪切 N 行:在命令模式中键入 `Ndd`
4. 复制 M 行:在命令模式中键入 `Myy`
5. 粘贴先前剪贴或复制过的行:在命令模式中按 `P`键。
6. 要插入另一个文件的内容到当前文件:
:r filename
例如,插入 `/etc/fstab` 的内容,可以这样做:
[在 vi 编辑器中插入文件的内容](http://www.tecmint.com/wp-content/uploads/2015/03/Insert-Content-vi-Editor.png)
在 vi 编辑器中插入文件的内容
7. 插入一个命名的输出到当前文档:
:r! command
例如,要在光标所在的当前位置后面插入日期和时间:
![在 vi 编辑器中插入时间和日期](http://www.tecmint.com/wp-content/uploads/2015/03/Insert-Time-and-Date-in-vi-Editor.png)
在 vi 编辑器中插入时间和日期
在另一篇我写的文章中,([LFCS 系列的 Part 2][1]),我更加详细地解释了在 vim 中可用的键盘快捷键和功能。或许你可以参考那个教程来查看如何使用这个强大的文本编辑器的更深入的例子。
### 使用 Grep 和正则表达式来分析文本 ###
到现在为止,你已经学习了如何使用 nano 或 vim 创建和编辑文件。打个比方说,假如你成为了一个文本编辑器忍者 那又怎样呢? 在其他事情上,你也需要知道如何在文本中搜索正则表达式。
正则表达式(也称为 "regex" 或 "regexp") 是一种识别一个特定文本字符串或模式的方式,使得一个程序可以将这个模式和任意的文本字符串相比较。尽管利用 grep 来使用正则表达式值得用一整篇文章来描述,这里就让我们复习一些基本的知识:
**1. 最简单的正则表达式是一个由数字和字母构成的字符串(即,单词 "svm") 或两个(在使用两个字符串时,你可以使用 `|`(或) 操作符)**
# grep -Ei 'svm|vmx' /proc/cpuinfo
上面命令的输出结果中若有这两个字符串之一的出现,则标志着你的处理器支持虚拟化:
![正则表达式示例](http://www.tecmint.com/wp-content/uploads/2015/03/Regular-Expression-Example.png)
正则表达式示例
**2. 第二种正则表达式是一个范围列表,由方括号包裹。**
例如, `c[aeiou]t` 匹配字符串 cat,cet,cit,cot 和 cut`[a-z]``[0-9]` 则相应地匹配小写字母或十进制数字。假如你想重复正则表达式 X 次,在正则表达式的后面立即输入 `{X}`即可。
例如,让我们从 `/etc/fstab` 中析出存储设备的 UUID
# grep -Ei '[0-9a-f]{8}-([0-9a-f]{4}-){3}[0-9a-f]{12}' -o /etc/fstab
![在 Linux 中从一个文件中析出字符串](http://www.tecmint.com/wp-content/uploads/2015/03/Extract-String-from-a-File.png)
从一个文件中析出字符串
方括号中的第一个表达式 `[0-9a-f]` 被用来表示小写的十六进制字符,`{8}`是一个量词,暗示前面匹配的字符串应该重复的次数(在一个 UUID 中的开头序列是一个 8 个字符长的十六进制字符串)。
在圆括号中,量词 `{4}`和连字符暗示下一个序列是一个 4 个字符长的十六进制字符串,接着的量词 `({3})`表示前面的表达式要重复 3 次。
最后,在 UUID 中的最后一个 12 个字符长的十六进制字符串可以由 `[0-9a-f]{12}` 取得, `-o` 选项表示只打印出在 `/etc/fstab`中匹配行中的匹配的(非空)部分。
**3. POSIX 字符类 **
注:表格
<table cellspacing="0" border="0">
<colgroup width="201"></colgroup>
<colgroup width="440"></colgroup>
<tbody>
<tr>
<td align="center" height="25" bgcolor="#999999" style="border: 1px solid #000000;"><b>字符类</b></td>
<td align="center" bgcolor="#999999" style="border: 1px solid #000000;"><b>匹配 …</b></td>
</tr>
<tr class="alt">
<td align="left" height="21" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;[[:alnum:]]</td>
<td align="left" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;任意字母或数字 [a-zA-Z0-9] </td>
</tr>
<tr>
<td align="left" height="21" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;[[:alpha:]]</td>
<td align="left" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;任意字母 [a-zA-Z] </td>
</tr>
<tr class="alt">
<td align="left" height="21" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;[[:blank:]]</td>
<td align="left" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;空格或制表符</td>
</tr>
<tr>
<td align="left" height="21" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;[[:cntrl:]]</td>
<td align="left" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;任意控制字符 (ASCII 码的 0 至 32)</td>
</tr>
<tr class="alt">
<td align="left" height="21" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;[[:digit:]]</td>
<td align="left" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;任意数字 [0-9]</td>
</tr>
<tr>
<td align="left" height="21" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;[[:graph:]]</td>
<td align="left" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;任意可见字符</td>
</tr>
<tr class="alt">
<td align="left" height="21" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;[[:lower:]]</td>
<td align="left" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;任意小写字母 [a-z] </td>
</tr>
<tr>
<td align="left" height="21" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;[[:print:]]</td>
<td align="left" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;任意非控制字符 <td>
</tr>
<tr class="alt">
<td align="left" height="21" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;[[:space:]]</td>
<td align="left" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;任意空格</td>
</tr>
<tr>
<td align="left" height="21" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;[[:punct:]]</td>
<td align="left" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;任意标点字符</td>
</tr>
<tr class="alt">
<td align="left" height="21" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;[[:upper:]]</td>
<td align="left" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;任意大写字母 [A-Z] </td>
</tr>
<tr>
<td align="left" height="21" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;[[:xdigit:]]</td>
<td align="left" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;任意十六进制数字 [0-9a-fA-F]</td>
</tr>
<tr class="alt">
<td align="left" height="21" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;[:word:]</td>
<td align="left" bgcolor="#FFFFFF" style="border: 1px solid #000000;">&nbsp;任意字母,数字和下划线 [a-zA-Z0-9_]</td>
</tr>
</tbody>
</table>
例如,我们可能会对查找已添加到我们系统中给真实用户的 UID 和 GID(参考这个系列的 [Part 2][2]来回忆起这些知识)感兴趣。那么,我们将在 `/etc/passwd` 文件中查找 4 个字符长的序列:
# grep -Ei [[:digit:]]{4} /etc/passwd
![在文件中查找一个字符串](http://www.tecmint.com/wp-content/uploads/2015/03/Search-For-String-in-File.png)
在文件中查找一个字符串
上面的示例可能不是真实世界中使用正则表达式的最好案例,但它清晰地启发了我们如何使用 POSIX 字符类来使用 grep 分析文本。
### 总结 ###
在这篇文章中,我们已经提供了一些技巧来最大地利用针对命令行用户的两个文本编辑器 nano 和 vim这两个工具都有相关的扩展文档可供阅读你可以分别查询它们的官方网站(链接在下面给出)以及使用这个系列中的 [Part 1][3] 给出的建议。
#### 参考文件链接 ####
- [http://www.nano-editor.org/][4]
- [http://www.vim.org/][5]
--------------------------------------------------------------------------------
via: http://www.tecmint.com/rhcsa-exam-how-to-use-nano-vi-editors/
作者:[Gabriel Cánepa][a]
译者:[FSSlc](https://github.com/FSSlc)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:http://www.tecmint.com/author/gacanepa/
[1]:http://www.tecmint.com/vi-editor-usage/
[2]:http://www.tecmint.com/file-and-directory-management-in-linux/
[3]:http://www.tecmint.com/rhcsa-exam-reviewing-essential-commands-system-documentation/
[4]:http://www.nano-editor.org/
[5]:http://www.vim.org/