document/TranslateProject
2
0
Fork 0
mirror of https://github.com/LCTT/TranslateProject.git synced 2025-01-13 22:30:37 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1 from LCTT/master

Browse Source 
更新
This commit is contained in:
Lv Feng 2016-11-10 20:48:59 +08:00 committed by GitHub
commit 95a34d27a3
38 changed files with 2999 additions and 1138 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
published/20160330 After a nasty computer virus sys admin looks to Linux.md Normal file
View File

@ -0,0 +1,54 @@
病毒过后,系统管理员投向了 Linux
=======================================================
![](https://opensource.com/sites/default/files/styles/image-full-size/public/images/business/OPENHERE_blue.png?itok=3eqp-7gT)
我开源事业的第一笔,是我在 2001 年作为一名兼职系统管理员,为大学工作的时候。成为了那个以教学为目的,不仅仅在大学中,还在学术界的其他领域建立商业案例研究的小组的一份子。
随着团队的发展渐渐地开始需要一个由文件服务、intranet 应用,域登录等功能构建而成的健壮的局域网。 我们的 IT 基础设施主要由跑着 Windows 98 的计算机组成,这些计算机对于大学的 IT 实验室来说已经太老了,就重新分配给了我们部门。
### 初探 Linux
一天作为大学IT采购计划的一部分我们部门收到了一台 IBM 服务器。 我们计划将其用作 Internet 网关,域控制站,文件服务器和备份服务器,以及 intranet 应用程序主机。
拆封后,我们注意到它附带了红帽 Linux 的 CD。 我们的 22 人团队(包括我)对 Linux 一无所知。 经过几天的研究,我找到了一位朋友的朋友,一位以 Linux RTOS Linux 的实时操作系统领域)编程为生的人,求助他如何安装。
光看着那朋友用 CD 驱动器载入第一张安装 CD 并进入 Anaconda 安装系统,我的头都晕了。 大约一个小时,我们完成了基本的安装,但仍然没有可用的 internet 连接。
又花了一个小时的折腾才使我们连接到互联网,但仍没有域登录或 Internet 网关功能。 经过一个周末的折腾,我们可以让我们的 Windows 98 机器作为 Linux PC 的代理,终于构出了一个正常工作的共享互联环境。 但域登录还需要一段时间。
我们用龟速的电话调制解调器下载了 [Samba][1],并手动配置它作为域控制站。文件服务也通过 NFS Kernel Server 开启了,随后为 Windows 98 的网络邻居创建了用户目录并进行了必要的调整和配置。
这个设置完美运行了一段时间,直到最终我们决定开始使用 Intranet 应用管理时间表和一些别的东西。 这个时候,我已经离开了该组织,并把大部分系统管理员的东西交给了接替我的人。
### 再遇 Linux
2004 年,我又重新装回了 Linux。我的妻子经营的一份独立员工安置业务使用来自 Monster.com 等服务的数据来打通客户与求职者的交流渠道。
作为我们两人中的计算机好点的那个,在计算机和互联网出故障的时候,维修就成了我的分内之事。我们还需要用许多工具尝试,从堆积如山的简历中筛选出她每天必须看的。
Windows [BSoD][2](蓝屏) 早已司空见惯,但只要我们的付费数据是安全的,那就还算可以容忍。为此我将不得不每周花几个小时去做备份。
一天,我们的电脑中了毒,并且通过简单的方法无法清除。我们并不了解磁盘上的数据发生了些什么。当磁盘彻底挂掉后,我们插入了一周前的辅助备份磁盘,但是一周后它也挂了。我们的第二个备份直接拒绝启动。是时候寻求专业帮助了,所以我们把电脑送到一家靠谱的维修店。两天以后,我们被告知一些恶意软件或病毒已经将某些种类的文件擦除殆尽,其中包括我们的付费数据。
这是对我妻子的商业计划的一个巨大的打击,同时意味着丢失合同并耽误了账单。我曾短期出国工作,并在台湾的 [Computex 2004][3] 购买了我的第一台笔记本电脑。 预装的是 Windows XP但我还是想换成 Linux。 我知道 Linux 已经为桌面端做好了准备,[Mandrake Linux][4] (曼德拉草) 是一个很不错的选择。 我第一次安装就很顺利。所有工作都执行的非常漂亮。我使用 [OpenOffice][5] 来满足我写作,演示文稿和电子表格的需求。
我们为我们的计算机买了新的硬盘驱动器,并为其安装了 Mandrake Linux。用 OpenOffice 替换了 Microsoft Office。 我们依靠 Web 邮件来满足邮件需求,并在 2004 年的 11 月迎来了 [Mozilla Firefox][6]。我的妻子马上从中看到了好处,因为没有崩溃或病毒/恶意软件感染!更重要的是,我们告别了困扰 Windows 98 和 XP 的频繁崩溃问题。 她一直使用这个发行版。
而我,开始尝试其他的发行版。 我爱上了 distro-hopping LCTT 译注:指在不同版本的 Linux 发行版之间频繁切换的 Linux 用户)和第一时间尝试新发行版的感觉。我也经常会在 Apache 和 NGINX 上尝试和测试 Web 应用程序,如 Drupal、Joomla 和 WordPress。现在我们 2006 年出生的儿子,在 Linux 下成长。 也对 Tux PaintGcompris 和 SMPlayer 非常满意。
--------------------------------------------------------------------------------
via: https://opensource.com/life/16/3/my-linux-story-soumya-sarkar
作者:[Soumya Sarkar][a]
译者:[martin2011qi](https://github.com/martin2011qi)
校对:[wxy](https://github.com/wxy)
[a]: https://opensource.com/users/ssarkarhyd
[1]: https://www.samba.org/
[2]: https://en.wikipedia.org/wiki/Blue_Screen_of_Death
[3]: https://en.wikipedia.org/wiki/Computex_Taipei
[4]: https://en.wikipedia.org/wiki/Mandriva_Linux
[5]: http://www.openoffice.org/
[6]: https://www.mozilla.org/en-US/firefox/new/

140
published/20160512 Rapid prototyping with docker-compose.md Normal file
View File

@ -0,0 +1,140 @@
通过 docker-compose 进行快速原型设计
========================================
在这篇文章中,我们将考察一个 Node.js 开发原型该原型用于从英国三个主要折扣网店查找“Raspberry PI Zero”的库存。
我写好了代码,然后经过一晚的鼓捣把它部署在 Aure 上的 Ubuntu 虚拟机上。Docker 和 docker-compose 工具使得部署和更新过程非常快。
### 还记得链接指令link
如果你已经阅读过 [Hands-on Docker tutorial][1],那么你应该已经可以使用命令行链接 Docker 容器。通过命令行将 Node.js 的计数器链接到 Redis 服务器,其命令可能如下所示:
```
$ docker run -d -P --name redis1
$ docker run -d hit_counter -p 3000:3000 --link redis1:redis
```
现在假设你的应用程序分为三层:
- Web 前端
- 处理长时间运行任务的批处理层
- Redis 或者 mongo 数据库
通过`--link`的显式链接只是管理几个容器是可以的,但是可能会因为我们向应用程序添加更多层或容器而失控。
### 加入 docker-compose
![](http://blog.alexellis.io/content/images/2016/05/docker-compose-logo-01.png)
*Docker Compose logo*
docker-compose 工具是标准 Docker 工具箱的一部分,也可以单独下载。 它提供了一组丰富的功能,通过纯文本 YAML 文件配置所有应用程序的部件。
上面的例子看起来像这样:
```
version: "2.0"
services:
redis1:
image: redis
hit_counter:
build: ./hit_counter
ports:
- 3000:3000
```
从 Docker 1.10 开始我们可以利用网络覆盖network overlays来帮助我们在多个主机上进行扩展。 在此之前,链接仅能工作在单个主机上。 `docker-compose scale` 命令可以用来在需要时带来更多的计算能力。
> 查看 docker.com 上的 [docker-compose][2] 参考
### 真实工作示例Raspberry PI 库存警示
![](http://blog.alexellis.io/content/images/2016/05/Raspberry_Pi_Zero_ver_1-3_1_of_3_large.JPG)
*新的 Raspberry PI Zero v1.3 图片,由 Pimoroni 提供*
Raspberry PI Zero 嗡嗡作响 - 它是一个极小的微型计算机,具有 1GHz CPU 和 512MB RAM可以运行完整的Linux、Docker、Node.js、Ruby 和其他许多流行的开源工具。 PI Zero 最好的优点之一就是它成本只有 5 美元。 这也意味着它销售的速度非常之快。
*如果你想在 PI 上尝试 Docker 和 Swarm请查看下面的教程[Docker Swarm on the PI Zero][3]*
### 原始网站whereismypizero.com
我发现一个网页,它使用屏幕抓取以找出 4-5 个最受欢迎的折扣网店是否有库存。
- 网站包含静态 HTML 网页
- 向每个折扣网店发出一个 XMLHttpRequest 访问 /public/api/
- 服务器向每个网店发出 HTTP 请求并执行抓屏
每一次对 /public/api/ 的调用,其执行花 3 秒钟,而使用 Apache Benchab我每秒只能完成 0.25 个请求。
### 重新发明轮子
零售商似乎并不介意 whereismypizero.com 抓取他们的网站的商品库存信息,所以我开始从头写一个类似的工具。 我尝试通过缓存和解耦 web 层来处理更多的抓取请求。 Redis 是执行这项工作的完美工具。 它允许我设置一个自动过期的键/值对(即一个简单的缓存),还可以通过 pub/sub 在 Node.js 进程之间传输消息。
> 复刻或者追踪放在 github 上的代码: [alexellis/pi_zero_stock][4]
如果之前使用过 Node.js你肯定知道它是单线程的并且任何 CPU 密集型任务,如解析 HTML 或 JSON 都可能导致速度放缓。一种缓解这种情况的方法是使用一个工作进程和 Redis 消息通道作为它和 web 层之间的连接组织。
- Web 层
- 使用 200 代表缓冲命中(该商店的 Redis 键存在)
- 使用 202 代表高速缓存未命中(该商店的 Redis 键不存在,因此发出消息)
- 因为我们只是读一个 Redis 键,响应时间非常快。
- 库存抓取器
- 执行 HTTP 请求
- 用于在不同类型的网店上抓屏
- 更新 Redis 键的缓存失效时间为 60 秒
- 另外,锁定一个 Redis 键,以防止对网店过多的 HTTP 请求。
```
version: "2.0"
services:
web:
build: ./web/
ports:
- "3000:3000"
stock_fetch:
build: ./stock_fetch/
redis:
image: redis
```
*来自示例的 docker-compose.yml 文件*
一旦本地正常工作,再向 Azure 的 Ubuntu 16.04 镜像云部署就轻车熟路,只花了不到 5 分钟。 我登录、克隆仓库并键入`docker compose up -d` 这就是所有的工作 - 快速实现整个系统的原型不会比这几个步骤更多。 任何人(包括 whereismypizero.com 的所有者)只需两行命令就可以部署新解决方案:
```
$ git clone https://github.com/alexellis/pi_zero_stock
$ docker-compose up -d
```
更新网站很容易,只需要一个`git pull`命令,然后执行`docker-compose up -d`命令,该命令需要带上`--build`参数。
如果你仍然手动链接你的 Docker 容器,请自己或使用如下我的代码尝试 Docker Compose
> 复刻或者追踪在 github 上的代码: [alexellis/pi_zero_stock][5]
### 一睹测试网站芳容
目前测试网站使用 docker-compose 部署:[stockalert.alexellis.io][6]
![](http://blog.alexellis.io/content/images/2016/05/Screen-Shot-2016-05-16-at-22-34-26-1.png)
*预览于 2016 年 5 月 16 日*
----------
via: http://blog.alexellis.io/rapid-prototype-docker-compose/
作者:[Alex Ellis][a]
译者:[firstadream](https://github.com/firstadream)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: http://blog.alexellis.io/author/alex/
[1]: http://blog.alexellis.io/handsondocker
[2]: https://docs.docker.com/compose/compose-file/
[3]: http://blog.alexellis.io/dockerswarm-pizero/
[4]: https://github.com/alexellis/pi_zero_stock
[5]: https://github.com/alexellis/pi_zero_stock
[6]: http://stockalert.alexellis.io/

191
published/20160531 Linux vs. Windows device driver model.md Normal file
View File

@ -0,0 +1,191 @@
Linux 与 Windows 的设备驱动模型比对架构、API 和开发环境比较
============================================================================================
> 名词缩写:
> - API 应用程序接口Application Program Interface
> - ABI 应用系统二进制接口Application Binary Interface
设备驱动是操作系统的一部分,它能够通过一些特定的编程接口便于硬件设备的使用,这样软件就可以控制并且运行那些设备了。因为每个驱动都对应不同的操作系统,所以你就需要不同的 Linux、Windows 或 Unix 设备驱动,以便能够在不同的计算机上使用你的设备。这就是为什么当你雇佣一个驱动开发者或者选择一个研发服务商提供者的时候,查看他们为各种操作系统平台开发驱动的经验是非常重要的。
![](https://c2.staticflickr.com/8/7289/26775594584_d2fe7483f9_c.jpg)
驱动开发的第一步是理解每个操作系统处理它的驱动的不同方式、底层驱动模型、它使用的架构、以及可用的开发工具。例如Linux 驱动程序模型就与 Windows 非常不同。虽然 Windows 提倡驱动程序开发和操作系统开发分别进行,并通过一组 ABI 调用来结合驱动程序和操作系统,但是 Linux 设备驱动程序开发不依赖任何稳定的 ABI 或 API所以它的驱动代码并没有被纳入内核中。每一种模型都有自己的优点和缺点但是如果你想为你的设备提供全面支持那么重要的是要全面的了解它们。
在本文中,我们将比较 Windows 和 Linux 设备驱动程序探索不同的架构API构建开发和分发希望让您比较深入的理解如何开始为每一个操作系统编写设备驱动程序。
### 1. 设备驱动架构
Windows 设备驱动程序的体系结构和 Linux 中使用的不同它们各有优缺点。差异主要受以下原因的影响Windows 是闭源操作系统,而 Linux 是开源操作系统。比较 Linux 和 Windows 设备驱动程序架构将帮助我们理解 Windows 和 Linux 驱动程序背后的核心差异。
#### 1.1. Windows 驱动架构
虽然 Linux 内核分发时带着 Linux 驱动,而 Windows 内核则不包括设备驱动程序。与之不同的是,现代 Windows 设备驱动程序编写使用 Windows 驱动模型WDM这是一种完全支持即插即用和电源管理的模型所以可以根据需要加载和卸载驱动程序。
处理来自应用的请求,是由 Windows 内核的中被称为 I/O 管理器的部分来完成的。I/O 管理器的作用是是转换这些请求到 I/O 请求数据包IO Request PacketsIRPIRP 可以被用来在驱动层识别请求并且传输数据。
Windows 驱动模型 WDM 提供三种驱动, 它们形成了三个层:
- 过滤Filter驱动提供关于 IRP 的可选附加处理。
- 功能Function驱动是实现接口和每个设备通信的主要驱动。
- 总线Bus驱动服务不同的配适器和不同的总线控制器来实现主机模式控制设备。
一个 IRP 通过这些层就像它们经过 I/O 管理器到达底层硬件那样。每个层能够独立的处理一个 IRP 并且把它们送回 I/O 管理器。在硬件底层中有硬件抽象层HAL它提供一个通用的接口到物理设备。
#### 1.2. Linux 驱动架构
相比于 Windows 设备驱动Linux 设备驱动架构根本性的不同就是 Linux 没有一个标准的驱动模型也没有一个干净分隔的层。每一个设备驱动都被当做一个能够自动的从内核中加载和卸载的模块来实现。Linux 为即插即用设备和电源管理设备提供一些方式,以便那些驱动可以使用它们来正确地管理这些设备,但这并不是必须的。
模式输出那些它们提供的函数,并通过调用这些函数和传入随意定义的数据结构来沟通。请求来自文件系统或网络层的用户应用,并被转化为需要的数据结构。模块能够按层堆叠,在一个模块进行处理之后,另外一个再处理,有些模块提供了对一类设备的公共调用接口,例如 USB 设备。
Linux 设备驱动程序支持三种设备:
- 实现一个字节流接口的字符Character设备。
- 用于存放文件系统和处理多字节数据块 IO 的块Block设备。
- 用于通过网络传输数据包的网络Network接口。
Linux 也有一个硬件抽象层HAL它实际扮演了物理硬件的设备驱动接口。
### 2. 设备驱动 API
Linux 和 Windows 驱动 API 都属于事件驱动类型:只有当某些事件发生的时候,驱动代码才执行——当用户的应用程序希望从设备获取一些东西,或者当设备有某些请求需要告知操作系统。
#### 2.1. 初始化
在 Windows 上,驱动被表示为 `DriverObject` 结构,它在 `DriverEntry` 函数的执行过程中被初始化。这些入口点也注册一些回调函数,用来响应设备的添加和移除、驱动卸载和处理新进入的 IRP。当一个设备连接的时候Windows 创建一个设备对象,这个设备对象在设备驱动后面处理所有应用请求。
相比于 WindowsLinux 设备驱动生命周期由内核模块的 `module_init``module_exit` 函数负责管理,它们分别用于模块的加载和卸载。它们负责注册模块来通过使用内核接口来处理设备的请求。这个模块需要创建一个设备文件(或者一个网络接口),为其所希望管理的设备指定一个数字识别号,并注册一些当用户与设备文件交互的时候所使用的回调函数。
#### 2.2. 命名和声明设备
##### 在 Windows 上注册设备
Windows 设备驱动在新连接设备时是由回调函数 `AddDevice` 通知的。它接下来就去创建一个设备对象device object用于识别该设备的特定的驱动实例。取决于驱动的类型设备对象可以是物理设备对象Physical Device ObjectPDO功能设备对象Function Device ObjectFDO或者过滤设备对象Filter Device Object FIDO。设备对象能够堆叠PDO 在底层。
设备对象在这个设备连接在计算机期间一直存在。`DeviceExtension` 结构能够被用于关联到一个设备对象的全局数据。
设备对象可以有如下形式的名字 `\Device\DeviceName`,这被系统用来识别和定位它们。应用可以使用 `CreateFile` API 函数来打开一个有上述名字的文件,获得一个可以用于和设备交互的句柄。
然而,通常只有 PDO 有自己的名字。未命名的设备能够通过设备级接口来访问。设备驱动注册一个或多个接口,以 128 位全局唯一标识符GUID来标示它们。用户应用能够使用已知的 GUID 来获取一个设备的句柄。
##### 在 Linux 上注册设备
在 Linux 平台上,用户应用通过文件系统入口访问设备,它通常位于 `/dev` 目录。在模块初始化的时候,它通过调用内核函数 `register_chrdev` 创建了所有需要的入口。应用可以发起 `open` 系统调用来获取一个文件描述符来与设备进行交互。这个调用后来被发送到回调函数,这个调用(以及将来对该返回的文件描述符的进一步调用,例如 `read`、`write` 或`close`)会被分配到由该模块安装到 `file_operations` 或者 `block_device_operations`这样的数据结构中的回调函数。
设备驱动模块负责分配和保持任何需要用于操作的数据结构。传送进文件系统回调函数的 `file` 结构有一个 `private_data` 字段,它可以被用来存放指向具体驱动数据的指针。块设备和网络接口 API 也提供类似的字段。
虽然应用使用文件系统的节点来定位设备,但是 Linux 在内部使用一个主设备号major numbers和次设备号minor numbers的概念来识别设备及其驱动。主设备号被用来识别设备驱动而次设备号由驱动使用来识别它所管理的设备。驱动为了去管理一个或多个固定的主设备号必须首先注册自己或者让系统来分配未使用的设备号给它。
目前Linux 为主次设备对major-minor pairs使用一个 32 位的值,其中 12 位分配主设备号,并允许多达 4096 个不同的设备。主次设备对对于字符设备和块设备是不同的,所以一个字符设备和一个块设备能使用相同的设备对而不导致冲突。网络接口是通过像 eth0 的符号名来识别,这些又是区别于主次设备的字符设备和块设备的。
#### 2.3. 交换数据
Linux 和 Windows 都支持在用户级应用程序和内核级驱动程序之间传输数据的三种方式:
- **缓冲型输入输出Buffered Input-Output** 它使用由内核管理的缓冲区。对于写操作,内核从用户空间缓冲区中拷贝数据到内核分配的缓冲区,并且把它传送到设备驱动中。读操作也一样,由内核将数据从内核缓冲区中拷贝到应用提供的缓冲区中。
- **直接型输入输出Direct Input-Output** 它不使用拷贝功能。代替它的是,内核在物理内存中钉死一块用户分配的缓冲区以便它可以一直留在那里,以便在数据传输过程中不被交换出去。
- **内存映射Memory mapping** 它也能够由内核管理,这样内核和用户空间应用就能够通过不同的地址访问同样的内存页。
##### **Windows 上的驱动程序 I/O 模式**
支持缓冲型 I/O 是 WDM 的内置功能。缓冲区能够被设备驱动通过在 IRP 结构中的 `AssociatedIrp.SystemBuffer` 字段访问。当需要和用户空间通讯的时候,驱动只需从这个缓冲区中进行读写操作。
Windows 上的直接 I/O 由内存描述符列表memory descriptor listsMDL介导。这种半透明的结构是通过在 IRP 中的 `MdlAddress` 字段来访问的。它们被用来定位由用户应用程序分配的缓冲区的物理地址,并在 I/O 请求期间钉死不动。
在 Windows 上进行数据传输的第三个选项称为 `METHOD_NEITHER`。 在这种情况下,内核需要传送用户空间的输入输出缓冲区的虚拟地址给驱动,而不需要确定它们有效或者保证它们映射到一个可以由设备驱动访问的物理内存地址。设备驱动负责处理这些数据传输的细节。
##### **Linux 上的驱动程序 I/O 模式**
Linux 提供许多函数例如,`clear_user`、`copy_to_user`、`strncpy_from_user` 和一些其它的用来在内核和用户内存之间进行缓冲区数据传输的函数。这些函数保证了指向数据缓存区指针的有效,并且通过在内存区域之间安全地拷贝数据缓冲区来处理数据传输的所有细节。
然而,块设备的驱动对已知大小的整个数据块进行操作,它可以在内核和用户地址区域之间被快速移动而不需要拷贝它们。这种情况是由 Linux 内核来自动处理所有的块设备驱动。块请求队列处理传送数据块而不用多余的拷贝,而 Linux 系统调用接口来转换文件系统请求到块请求中。
最终,设备驱动能够从内核地址区域分配一些存储页面(不可交换的)并且使用 `remap_pfn_range` 函数来直接映射这些页面到用户进程的地址空间。然后应用能获取这些缓冲区的虚拟地址并且使用它来和设备驱动交流。
### 3. 设备驱动开发环境
#### 3.1. 设备驱动框架
##### Windows 驱动程序工具包
Windows 是一个闭源操作系统。Microsoft 提供 Windows 驱动程序工具包以方便非 Microsoft 供应商开发 Windows 设备驱动。工具包中包含开发、调试、检验和打包 Windows 设备驱动等所需的所有内容。
Windows 驱动模型Windows Driver ModelWDM为设备驱动定义了一个干净的接口框架。Windows 保持这些接口的源代码和二进制的兼容性。编译好的 WDM 驱动通常是前向兼容性:也就是说,一个较旧的驱动能够在没有重新编译的情况下在较新的系统上运行,但是它当然不能够访问系统提供的新功能。但是,驱动不保证后向兼容性。
##### **Linux 源代码**
和 Windows 相对比Linux 是一个开源操作系统,因此 Linux 的整个源代码是用于驱动开发的 SDK。没有驱动设备的正式框架但是 Linux 内核包含许多提供了如驱动注册这样的通用服务的子系统。这些子系统的接口在内核头文件中描述。
尽管 Linux 有定义接口但这些接口在设计上并不稳定。Linux 不提供有关前向和后向兼容的任何保证。设备驱动对于不同的内核版本需要重新编译。没有稳定性的保证可以让 Linux 内核进行快速开发,因为开发人员不必去支持旧的接口,并且能够使用最好的方法解决手头的这些问题。
当为 Linux 写树内in-tree指当前 Linux 内核开发主干驱动程序时这种不断变化的环境不会造成任何问题因为它们作为内核源代码的一部分与内核本身同步更新。然而闭源驱动必须单独开发并且在树外out-of-tree必须维护它们以支持不同的内核版本。因此Linux 鼓励设备驱动程序开发人员在树内维护他们的驱动。
#### 3.2. 为设备驱动构建系统
Windows 驱动程序工具包为 Microsoft Visual Studio 添加了驱动开发支持,并包括用来构建驱动程序代码的编译器。开发 Windows 设备驱动程序与在 IDE 中开发用户空间应用程序没有太大的区别。Microsoft 提供了一个企业 Windows 驱动程序工具包,提供了类似于 Linux 命令行的构建环境。
Linux 使用 Makefile 作为树内和树外系统设备驱动程序的构建系统。Linux 构建系统非常发达,通常是一个设备驱动程序只需要少数行就产生一个可工作的二进制代码。开发人员可以使用任何 [IDE][5],只要它可以处理 Linux 源代码库和运行 `make` ,他们也可以很容易地从终端手动编译驱动程序。
#### 3.3. 文档支持
Windows 对于驱动程序的开发有良好的文档支持。Windows 驱动程序工具包包括文档和示例驱动程序代码,通过 MSDN 可获得关于内核接口的大量信息,并存在大量的有关驱动程序开发和 Windows 底层的参考和指南。
Linux 文档不是描述性的,但整个 Linux 源代码可供驱动开发人员使用缓解了这一问题。源代码树中的 Documentation 目录描述了一些 Linux 的子系统,但是有[几本书][4]介绍了关于 Linux 设备驱动程序开发和 Linux 内核概览,它们更详细。
Linux 没有提供设备驱动程序的指定样本,但现有生产级驱动程序的源代码可用,可以用作开发新设备驱动程序的参考。
#### 3.4. 调试支持
Linux 和 Windows 都有可用于追踪调试驱动程序代码的日志机制。在 Windows 上将使用 `DbgPrint` 函数,而在 Linux 上使用的函数称为 `printk`。然而,并不是每个问题都可以通过只使用日志记录和源代码来解决。有时断点更有用,因为它们允许检查驱动代码的动态行为。交互式调试对于研究崩溃的原因也是必不可少的。
Windows 通过其内核级调试器 `WinDbg` 支持交互式调试。这需要通过一个串行端口连接两台机器一台计算机运行被调试的内核另一台运行调试器和控制被调试的操作系统。Windows 驱动程序工具包包括 Windows 内核的调试符号,因此 Windows 的数据结构将在调试器中部分可见。
Linux 还支持通过 `KDB``KGDB` 进行的交互式调试。调试支持可以内置到内核并可在启动时启用。之后可以直接通过物理键盘调试系统或通过串行端口从另一台计算机连接到它。KDB 提供了一个简单的命令行界面这是唯一的在同一台机器上来调试内核的方法。然而KDB 缺乏源代码级调试支持。KGDB 通过串行端口提供了一个更复杂的接口。它允许使用像 GDB 这样标准的应用程序调试器来调试 Linux 内核,就像任何其它用户空间应用程序一样。
### 4. 设备驱动分发
##### 4.1. 安装设备驱动
在 Windows 上安装的驱动程序,是由被称为为 INF 的文本文件描述的,通常存储在 `C:\Windows\INF` 目录中。这些文件由驱动供应商提供,并且定义哪些设备由该驱动程序服务,哪里可以找到驱动程序的二进制文件,和驱动程序的版本等。
当一个新设备插入计算机时Windows 通过查看已经安装的驱动程序并且选择适当的一个加载。当设备被移除的时候,驱动会自动卸载它。
在 Linux 上,一些驱动被构建到内核中并且保持永久的加载。非必要的驱动被构建为内核模块,它们通常是存储在 `/lib/modules/kernel-version` 目录中。这个目录还包含各种配置文件,如 `modules.dep`,用于描述内核模块之间的依赖关系。
虽然 Linux 内核可以在自身启动时加载一些模块,但通常模块加载由用户空间应用程序监督。例如,`init` 进程可能在系统初始化期间加载一些模块,`udev` 守护程序负责跟踪新插入的设备并为它们加载适当的模块。
#### 4.2. 更新设备驱动
Windows 为设备驱动程序提供了稳定的二进制接口,因此在某些情况下,无需与系统一起更新驱动程序二进制文件。任何必要的更新由 Windows Update 服务处理,它负责定位、下载和安装适用于系统的最新版本的驱动程序。
然而Linux 不提供稳定的二进制接口,因此有必要在每次内核更新时重新编译和更新所有必需的设备驱动程序。显然,内置在内核中的设备驱动程序会自动更新,但是树外模块会产生轻微的问题。 维护最新的模块二进制文件的任务通常用 [DKMS][3] 来解决:这是一个当安装新的内核版本时自动重建所有注册的内核模块的服务。
#### 4.3. 安全方面的考虑
所有 Windows 设备驱动程序在 Windows 加载它们之前必须被数字签名。在开发期间可以使用自签名证书,但是分发给终端用户的驱动程序包必须使用 Microsoft 信任的有效证书进行签名。供应商可以从 Microsoft 授权的任何受信任的证书颁发机构获取软件出版商证书Software Publisher Certificate。然后此证书由 Microsoft 交叉签名,并且生成的交叉证书用于在发行之前签署驱动程序包。
Linux 内核也能配置为在内核模块被加载前校验签名,并禁止不可信的内核模块。被内核所信任的公钥集在构建时是固定的,并且是完全可配置的。由内核执行的检查,这个检查严格性在构建时也是可配置的,范围从简单地为不可信模块发出警告,到拒绝加载有效性可疑的任何东西。
### 5. 结论
如上所示Windows 和 Linux 设备驱动程序基础设施有一些共同点,例如调用 API 的方法,但更多的细节是相当不同的。最突出的差异源于 Windows 是由商业公司开发的封闭源操作系统这个事实。这使得 Windows 上有好的、文档化的、稳定的驱动 ABI 和正式框架,而在 Linux 上,更多的是源代码做了一个有益的补充。文档支持也在 Windows 环境中更加发达,因为 Microsoft 具有维护它所需的资源。
另一方面Linux 不会使用框架来限制设备驱动程序开发人员,并且内核和产品级设备驱动程序的源代码可以在需要的时候有所帮助。缺乏接口稳定性也有其作用,因为它意味着最新的设备驱动程序总是使用最新的接口,内核本身承载较小的后向兼容性负担,这带来了更干净的代码。
了解这些差异以及每个系统的具体情况是为您的设备提供有效的驱动程序开发和支持的关键的第一步。我们希望这篇文章对 Windows 和 Linux 设备驱动程序开发做的对比,有助于您理解它们,并在设备驱动程序开发过程的研究中,将此作为一个伟大的起点。
--------------------------------------------------------------------------------
via: http://xmodulo.com/linux-vs-windows-device-driver-model.html
作者:[Dennis Turpitka][a]
译者:[FrankXinqi &YangYang](https://github.com/FrankXinqi)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: http://xmodulo.com/author/dennis
[1]: http://xmodulo.com/linux-vs-windows-device-driver-model.html?format=pdf
[2]: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=PBHS9R4MB9RX4
[3]: http://xmodulo.com/build-kernel-module-dkms-linux.html
[4]: http://xmodulo.com/go/linux_device_driver_books
[5]: https://linux.cn/article-7704-1.html

69
published/20160806 How to Encrypt and Decrypt Files and Directories Using Tar and OpenSSL.md Normal file
View File

@ -0,0 +1,69 @@
怎样用 Tar 和 OpenSSL 给文件和目录加密及解密
=========
当你有重要的敏感数据的时候,给你的文件和目录额外加一层保护是至关重要的,特别是当你需要通过网络与他人传输数据的时候。
由于这个原因,我在寻找一个可疑在 Linux 上加密及解密文件和目录的实用程序,幸运的是我找到了一个用 tarLinux 的一个压缩打包工具)和 OpenSSL 来解决的方案。借助这两个工具,你真的可以毫不费力地创建和加密 tar 归档文件。
在这篇文章中,我们将了解如何使用 OpenSSL 创建和加密 tar 或 gzgzip另一种压缩文件归档文件
牢记使用 OpenSSL 的常规方式是:
```
# openssl command command-options arguments
```
### 在 Linux 中加密文件
要加密当前工作目录的内容(根据文件的大小,这可能需要一点时间):
```
# tar -czf - * | openssl enc -e -aes256 -out secured.tar.gz
```
上述命令的解释:
1. `enc` - openssl 命令使用加密进行编码
2. `-e`  用来加密输入文件的 `enc` 命令选项,这里是指前一个 tar 命令的输出
3. `-aes256`  加密用的算法
4. `-out`  用于指定输出文件名的 `enc` 命令选项,这里文件名是 `secured.tar.gz`
### 在 Linux 中解密文件
要解密上述 tar 归档内容,使用以下命令。
```
# openssl enc -d -aes256 -in secured.tar.gz | tar xz -C test
```
上述命令的解释:
1. `-d`  用于解密文件
2. `-C`  提取内容到 `test` 子目录
下图展示了加解密过程,以及当你尝试执行以下操作时会发生什么:
1. 以传统方式提取 tar 包的内容
2. 使用了错误的密码的时候
3. 当你输入正确的密码的时候
[![在 Linux 中加密和解密 Tar 归档文件](http://www.tecmint.com/wp-content/uploads/2016/08/Encrypt-Decrypt-Tar-Archive-Files-in-Linux.png)][1]
*在 Linux 中加密和解密 Tar 归档文件*
当你在本地网络或因特网工作的时候,你可以随时通过加密来保护你和他人共享的重要文本或文件,这有助于降低将其暴露给恶意攻击者的风险。
我们研究了一种使用 OpenSSL一个 openssl 命令行工具)加密 tar 包的简单技术你可以参考它的手册页man page来获取更多信息和有用的命令。
--------------------------------------------------------------------------------
via: http://www.tecmint.com/encrypt-decrypt-files-tar-openssl-linux/
作者:[Gabriel Cánepa][a]
译者:[OneNewLife](https://github.com/OneNewLife)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: http://www.tecmint.com/author/gacanepa/
[1]:http://www.tecmint.com/wp-content/uploads/2016/08/Encrypt-Decrypt-Tar-Archive-Files-in-Linux.png

12
translated/talk/20160912 Adobe's new CIO shares leadership advice for starting a new role.md → published/20160912 Adobe's new CIO shares leadership advice for starting a new role.md
View File

@ -1,13 +1,13 @@
Adobe 的新任首席信息官CIO股份领导对于开始一个新职位的忠告
Adobe 的新任首席信息官CIO对于开始一个新领导职位的建议
====
![](https://enterprisersproject.com/sites/default/files/styles/620x350/public/images/CIO_Leadership_3.png?itok=QWUGMw-V)
我目前的几个月在一家十分受人尊敬的基于云的技术公司担任新的 CIO 一职。我的首要任务之一就是熟悉组织的人、文化和当务之急的事件。
作为这一目标的一部分,我访问了所有主要的网站。而在印度,上任不到两个月时,我被问道:“你打算做什么?你的计划是什么?” 我回答道,这个问题不会让经验丰富的 CIOs 感到吃惊,我现在仍然处于探索模式,我在做的主要是聆听和学习。
作为这一目标的一部分,我访问了所有主要的网站。而在印度,上任不到两个月时,我被问道:“你打算做什么?你的计划是什么?” 我回答道,这个问题不会让经验丰富的 CIO 们感到吃惊:我现在仍然处于探索模式,我在做的主要是聆听和学习。
我从来没有在入职时制定一份蓝图说我要做什么。我知道一些 CIOs 拥有一本关于他要怎么做的”剧本“。他会煽动整个组织将他的计划付诸行动。
我从来没有在入职时制定一份蓝图说我要做什么。我知道一些 CIO 拥有一本关于他要怎么做的”剧本“。他会煽动整个组织将他的计划付诸行动。
是的,在有些地方是完全崩坏了并无法发挥作用的情况下,这种行动可能是有意义的。但是,当我进入到一个公司时,我的策略是先开始一个探索的过程。我不想带入任何先入为主的观念,比如什么事应该是什么样子的,哪些工作和哪些是有冲突的,而哪些不是。
@ -25,13 +25,13 @@ Adobe 的新任首席信息官CIO股份领导对于开始一个新职位
### 了解客户
从很早开始,我们就收到客户的会面请求。与客户会面是一种很好的方式来启发你对 IT 机构未来的的思考,包括各种我们可以改进的地方,如技术、客户和消费者
从很早开始,我们就收到客户的会面请求。与客户会面是一种很好的方式来启发你对 IT 机构未来的的思考,包括各种我们可以改进的地方,如技术、客户和消费者
### 对未来的计划
作为一个新上任的领导者,我有一个全新的视角用以考虑组织的未来,而不会有挑战和障碍来干扰我。
CIOs 所需要做的就是推动 IT 进化到下一代。当我会见我的员工是,我问他们我们可以开始定位我们三到五年后的未来。这意味着开始讨论方案和当务之急的事。
CIO 所需要做的就是推动 IT 进化到下一代。当我会见我的员工时,我问他们我们三到五年后的未来可以做什么,以便我们可以开始尽早定位。这意味着开始讨论方案和当务之急的事。
从那以后,它使领导小组团结在一起,所以我们能够共同来组建我们的下一代体系——它的使命、愿景、组织模式和操作规范。如果你开始从内而外的改变,那么它会渗透到业务和其他你所做的一切事情上。
@ -43,7 +43,7 @@ via: https://enterprisersproject.com/article/2016/9/adobes-new-cio-shares-leader
作者:[Cynthia Stoddard][a]
译者:[Chao-zhi](https://github.com/Chao-zhi)
校对:[校对者ID](https://github.com/校对者ID)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出

30
translated/tech/20161011 COOLEST PRIVACY FOCUSED OPEN SOURCE CHAT APP WIRE COMES TO LINUX.md → published/20161011 COOLEST PRIVACY FOCUSED OPEN SOURCE CHAT APP WIRE COMES TO LINUX.md
View File

@ -1,18 +1,18 @@
WIRE一个极酷、专注于个人隐私的开源聊天应用程序已经来到了 LINUX
Wire一个极酷、专注于个人隐私的开源聊天应用程序已经来到了 Linux
===========
[![开源聊天应用程序 WIRE 来到了 Linux 上](https://itsfoss.com/wp-content/uploads/2016/10/wire-on-desktop-linux.jpeg)][21]
回到大约两年前,[Skype][20]背后的一些开发人员发行了一个漂亮的新聊天应用个程序:[Wire][19]。当我说它漂亮的时候只是谈论它的“外貌”。Wire 具有一个许多其他聊天应用程序所没有的整洁优美的“外貌”,但这并不是它最大的卖点。
回到大约两年前,一些曾开发 [Skype][20] 的开发人员发行了一个漂亮的新聊天应用个程序:[Wire][19]。当我说它漂亮的时候只是谈论它的“外貌”。Wire 具有一个许多其他聊天应用程序所没有的整洁优美的“外貌”,但这并不是它最大的卖点。
从一开始Wire 就推销自己是[世界上最注重隐私的聊天应用程序][18]。无论是文本、语音电话,还是图表、图像等基本的内容,它都提供端到端的加密。
WhatsApp 也提供‘端到端加密’,但是考虑一下它的所有者[Facebook 为了吸引用户而把 WhatsApp 的数据分享出去][17]。我不太相信 WhatsApp 以及它的加密手段。
WhatsApp 也提供‘端到端加密’,但是考虑一下它的所有者 [Facebook 为了吸引用户而把 WhatsApp 的数据分享出去][17]。我不太相信 WhatsApp 以及它的加密手段。
使 Wire 对于我们这些 FOSS【自由/开源软件】爱好者来说更加特殊的是,几个月前[Wire 开源了][16]。几个月下来我们开发了一个针对 Linux 的 beta 版本 Wire 桌面应用程序。
使 Wire 对于我们这些 FOSS(自由/开源软件)爱好者来说更加重要的是,几个月前 [Wire 开源了][16]。几个月下来我们见到了一个用于 Linux 的 beta 版本 Wire 桌面应用程序。
除了一个包装器以外,桌面版的 Wire 并没有比 web 版多任何东西。感谢[Electron 开源项目][15]提供了一种开发跨平台桌面应用程序的简单方式。许多其他应用程序也通过使用 Electron 为 Linux 带去了一个本地桌面应用程序,包括[Skype][14]。
除了一个包装器以外,桌面版的 Wire 并没有比 web 版多任何东西。感谢 [Electron 开源项目][15]提供了一种开发跨平台桌面应用程序的简单方式。许多其他应用程序也通过使用 Electron 为 Linux 带去了一个本地桌面应用程序,包括 [Skype][14]。
### WIRE 的特性:
@ -35,31 +35,29 @@ Wire 有一些更棒的特性,尤其是和[Snapchat][13]类似的音频过滤
在安装 Wire 到 Linux 上之前,让我先警告你它目前还处于 beta 阶段。所以,如果你遇到一些故障,请不要生气。
Wire 有一个 64 位系统可使用的 .deb 客户机。如果你有一台[32 位或者 64 位系统][12]的电脑,你可以使用这些技巧来找到它。你可以从下面的链接下载 .deb 文件。
Wire 有一个 64 位系统可使用的 .deb 客户端。如果你有一台 [32 位或者 64 位系统][12]的电脑,你可以使用这些技巧来找到它。你可以从下面的链接下载 .deb 文件。
[下载 Linux 版 Wire [Beta]][11]
- [下载 Linux 版 Wire [Beta]][11]
如果感兴趣的话,你也可以看一看它的源代码:
[桌面版 Wire 源代码][10]
- [桌面版 Wire 源代码][10]
这是 Wire 的默认界面,看起来像[初级 Loki 操作系统][9]:
这是 Wire 的默认界面,看起来像 [elementary OS Loki][9]:
[![Linux 上的 Wire 桌面应用程序](https://itsfoss.com/wp-content/uploads/2016/10/Wire-desktop-appl-linux.jpeg)][8]
![Linux 上的 Wire 桌面应用程序](https://itsfoss.com/wp-content/uploads/2016/10/Wire-desktop-appl-linux.jpeg)
你看,它们甚至能在这儿得到机器人:)
你看,他们甚至还弄了一个机器人:)
你已经开始使用 Wire 了吗?如果是,你的体验是什么样的?如果没有,你将尝试一下吗?因为它现在是[开源的][7]并且可以在 Linux 上使用。
--------------------------------------------------------------------------------
via: https://itsfoss.com/wire-messaging-linux/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+ItsFoss+%28Its+FOSS%21+An+Open+Source+Blog%29
作者:[ Abhishek Prakash ][a]
via: https://itsfoss.com/wire-messaging-linux/
作者:[Abhishek Prakash][a]
译者:[ucasFL](https://github.com/ucasFL)
校对:[校对者ID](https://github.com/校对者ID)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出

73
translated/tech/20161019 How to Install Git and Setup Git Account in RHEL.md → published/20161019 How to Install Git and Setup Git Account in RHEL.md
View File

@ -1,50 +1,45 @@
OneNewLife translated
怎样在 RHELCentOS 和 Fedora 上安装 Git 并设置 Git 账号
怎样在 RHEL、CentOS 和 Fedora 上安装 Git 及设置 Git 账号
=========
对于新手来说Git 是一个免费、开源、高效的分布式版本控制系统VCS它是为了给广泛的小规模软件开发项目提供速度、高性能以及数据一致性而设计的。
对于新手来说Git 是一个自由、开源、高效的分布式版本控制系统VCS它是基于速度、高性能以及数据一致性而设计的,以支持从小规模到大体量的软件开发项目
Git 是一个软件仓库,它可以让你追踪你的软件改动,回滚到之前的版本以及创建新版本的目录和文件
Git 是一个可以让你追踪软件改动、版本回滚以及创建另外一个版本的目录和文件的软件仓库
Git 主要是用 C 语言来写的,当中还混入了 Perl 和各种各样的 shell 脚本。它主要在 Linux 内核上运行,并且有以下列举的卓越的性能:
Git 主要是用 C 语言来写的,混杂了少量的 Perl 脚本和各种 shell 脚本。它主要在 Linux 内核上运行,并且有以下列举的卓越的性能:
1. 容易上手
2. 运行速度飞快且大部分操作在本地进行,因此,它为需要与远程服务器通信的集中式系统提供了巨大的速度。
3. 高性能
4. 提供数据一致性检查
5. 启用低开销的本地分支
6. 提供非常便利的暂存区
7. 可以集成其它工具来维持大量工作流
- 易于上手
- 运行速度飞快,且大部分操作在本地进行,因此,它极大的提升了那些需要与远程服务器通信的集中式系统的速度。
- 高效
- 提供数据一致性检查
- 支持低开销的本地分支
- 提供非常便利的暂存区
- 可以集成其它工具来支持多种工作流
在这篇操作指南中,我们将介绍在 CentOS/RHEL 7/6 和 Fedora 20-24 Linux 发行版上安装 Git 的必要步骤以及怎么配置 Git以便于你可以快速开始参与工作。
在这篇操作指南中,我们将介绍在 CentOS/RHEL 7/6 和 Fedora 20-24 Linux 发行版上安装 Git 的必要步骤以及怎么配置 Git以便于你可以快速开始工作。
### 使用 Yum 安装 Git
我们应该从系统默认的仓库安装 Git并通过运行以下 [YUM 包管理器][8] 的更新命令来确保你系统的软件包都是最新的:
我们从系统默认的仓库安装 Git并通过运行以下 [YUM 包管理器][8] 的更新命令来确保你系统的软件包都是最新的:
```
# yum update
```
接着,通过以下命令来安装 Git
```
# yum install git
```
在 Git 成功安装之后,你可以通过以下命令来显示 Git 安装的版本:
```
# git --version
```
[![检查 Git 的安装版本](http://www.tecmint.com/wp-content/uploads/2016/10/Check-Git-Version.png)][7]
![检查 Git 的安装版本](http://www.tecmint.com/wp-content/uploads/2016/10/Check-Git-Version.png)
检查 Git 安装的版本
*检查 Git 安装的版本*
注意:从系统默认仓库安装的 Git 会是比较旧的版本。如果你想拥有最新版的 Git请考虑使用以下说明来编译源代码进行安装。
@ -55,7 +50,6 @@ Git 主要是用 C 语言来写的,当中还混入了 Perl 和各种各样的
```
# yum groupinstall "Development Tools"
# yum install gettext-devel openssl-devel perl-CPAN perl-devel zlib-devel
```
安装所需的软件依赖包之后,转到官方的 [Git 发布页面][6],抓取最新版的 Git 并使用下列命令编译它的源代码:
@ -68,39 +62,36 @@ Git 主要是用 C 语言来写的,当中还混入了 Perl 和各种各样的
# ./configure --prefix=/usr/local
# make install
# git --version
```
[![检查 Git 的安装版本](http://www.tecmint.com/wp-content/uploads/2016/10/Check-Git-Source-Version.png)][5]
![检查 Git 的安装版本](http://www.tecmint.com/wp-content/uploads/2016/10/Check-Git-Source-Version.png)
检查 Git 的安装版本
*检查 Git 的安装版本*
**推荐阅读:** [Linux 下 11 个最好用的 Git 客户端和 Git 仓库查看器][4]
**推荐阅读:** [Linux 下 11 个最好用的 Git 客户端和 Git 仓库查看器][4]
### 在 Linux 设置 Git 账户
在这个环节中,我们将介绍如何使用正确的用户信息(如:姓名、邮件地址)和 `git config` 命令来设置 Git 账户,以避免出现提交错误。
注意:确保将用户名替换为在你的系统上创建和使用的 Git 用户的真实名称。
注意:确保将下面的 `username` 替换为在你的系统上创建和使用的 Git 用户的真实名称。
你可以使用下面的 [useradd 命令][3] 创建一个 Git 用户,其中 `-m` 选项用于在 `/home` 目录下创建用户主目录,`-s` 选项用于指定用户默认的 shell。
```
# useradd -m -s /bin/bash username
# passwd username
```
现在,将新用户添加到 `wheel` 用户组以启用其使用 `sudo` 命令的权限:
```
# usermod username -aG wheel
```
[![创建 Git 用户账号](http://www.tecmint.com/wp-content/uploads/2016/10/Create-Git-User-Account.png)][2]
![创建 Git 用户账号](http://www.tecmint.com/wp-content/uploads/2016/10/Create-Git-User-Account.png)
创建 Git 用户账号
*创建 Git 用户账号*
然后通过以下命令使用新用户配置 Git
@ -108,40 +99,36 @@ Git 主要是用 C 语言来写的,当中还混入了 Perl 和各种各样的
# su username
$ sudo git config --global user.name "Your Name"
$ sudo git config --global user.email "you@example.com"
```
现在通过下面的命令校验 Git 的配置。
```
$ sudo git config --list
```
如果配置没有错误的话,你应该能够查看具有以下详细信息的输出:
如果配置没有错误的话,你应该能够看到类似以下详细信息的输出:
```
user.name=username
user.email= username@some-domian.com
```
[![在 Linux 设置 Git 用户](http://www.tecmint.com/wp-content/uploads/2016/10/Setup-Git-Account.png)][1]
>在 Linux 设置 Git 用户
![在 Linux 设置 Git 用户](http://www.tecmint.com/wp-content/uploads/2016/10/Setup-Git-Account.png)
##### 总结
*在 Linux 设置 Git 用户*
### 总结
在这个简单的教程中,我们已经了解怎么在你的 Linux 系统上安装 Git 以及配置它。我相信你应该可以驾轻就熟。
--------------------------------------------------------------------------------
编译自: http://www.tecmint.com/install-git-centos-fedora-redhat/
作者:[Aaron Kili ][a]
via: http://www.tecmint.com/install-git-centos-fedora-redhat/
作者:[Aaron Kili][a]
译者:[OneNewLife](https://github.com/OneNewLife)
校对:[校对者ID](https://github.com/校对者ID)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
@ -153,4 +140,4 @@ user.email= username@some-domian.com
[5]:http://www.tecmint.com/wp-content/uploads/2016/10/Check-Git-Source-Version.png
[6]:https://github.com/git/git/releases
[7]:http://www.tecmint.com/wp-content/uploads/2016/10/Check-Git-Version.png
[8]:http://www.tecmint.com/20-linux-yum-yellowdog-updater-modified-commands-for-package-mangement/
[8]:https://linux.cn/article-2272-1.html

58
translated/tech/20161025 How To Download A RPM Package With All Dependencies In CentOS.md → published/20161025 How To Download A RPM Package With All Dependencies In CentOS.md
View File

@ -1,13 +1,13 @@
在CentOS下根据依赖性来下载RPM软件
===
怎样在 CentOS 里下载 RPM 包及其所有依赖
========
![在CentOS下根据依赖性来下载RPM软件包](https://www.ostechnix.com/wp-content/uploads/2016/10/Download-a-package-720x340.png)
![怎样在 CentOS 下下载 RPM 包及其所有依赖包](https://www.ostechnix.com/wp-content/uploads/2016/10/Download-a-package-720x340.png)
前几天我尝试去创建一个我们在CentOS 7下经常使用的软件的本地仓库。当然我们可以使用 curl 或者 wget 下载任何软件包然而这些命令并不能下载要求的依赖软件包。你必须去花一些时间而且手动的去寻找和下载被安装的软件所依赖的软件包。然而,这并不是我们必须要做的事情。在这个简短的教程中我将会带领你学习如何根据依赖性来下载软件包的两种方法。我已经在CentOS 7 下进行了测试,尽管这些相同的步骤或许在其他基于 RPM 管理系统的发行版上也可以工作,例如 RHELFedora 和 Scientific Linux。
前几天我尝试去创建一个仅包含了我们经常 CentOS 7 下使用的软件的本地仓库。当然我们可以使用 curl 或者 wget 下载任何软件包然而这些命令并不能下载要求的依赖软件包。你必须去花一些时间而且手动的去寻找和下载被安装的软件所依赖的软件包。然而,我们并不是必须这样。在这个简短的教程中,我将会带领你以两种方式下载软件包及其所有依赖包。我已经在 CentOS 7 下进行了测试,不过这些相同的步骤或许在其他基于 RPM 管理系统的发行版上也可以工作,例如 RHELFedora 和 Scientific Linux。
### 方法 1-利用“Downloadonly”插件来根据依赖性来下载RPM软件
### 方法 1 利用 “Downloadonly” 插件下载 RPM 软件包及其所有依赖
我们可以通过 yum 命令的“Downloadonly”插件来很容易地根据依赖性来下载RPM软件包。
我们可以通过 yum 命令的 “Downloadonly” 插件下载 RPM 软件包及其所有依赖包。
为了安装 Downloadonly 插件,以 root 身份运行以下命令。
@ -15,13 +15,13 @@
yum install yum-plugin-downloadonly
```
现在,运行以下命令去下载一个 RPM 软件包
现在,运行以下命令去下载一个 RPM 软件包
```
yum install --downloadonly <package-name>
```
默认情况下,这个命令将会下载并把软件包保存到 /var/cache/yum/ 在 rhel-{arch}-channel/packageslocation然而你可以下载和保存软件包到任何位置你可以通过 “downloaddir” 选项来指定。
默认情况下,这个命令将会下载并把软件包保存到 `/var/cache/yum/``rhel-{arch}-channel/packageslocation` 目录,不过,你也可以下载和保存软件包到任何位置,你可以通过 `downloaddir` 选项来指定。
```
yum install --downloadonly --downloaddir=<directory> <package-name>
@ -86,9 +86,9 @@ Total 331 kB/s | 3.0 MB 00:00:09
exiting because "Download Only" specified
```
[![rootserver1_001](http://www.ostechnix.com/wp-content/uploads/2016/10/root@server1_001.png)][6]
![rootserver1_001](http://www.ostechnix.com/wp-content/uploads/2016/10/root@server1_001.png)
现在去你指定的目录位置下你将会看到那里有下载好的软件包和依赖的软件。在我这种情况下,我已经把软件包下载到/root/mypackages/ 目录下。
现在去你指定的目录位置下你将会看到那里有下载好的软件包和依赖的软件。在我这种情况下,我已经把软件包下载到 `/root/mypackages/` 目录下。
让我们来查看一下内容。
@ -108,10 +108,9 @@ mailcap-2.1.41-2.el7.noarch.rpm
[![rootserver1_003](http://www.ostechnix.com/wp-content/uploads/2016/10/root@server1_003-1.png)][5]
正如你在上面输出所看到的, httpd软件包已经被依据所有依赖性下载完成了.
正如你在上面输出所看到的, httpd软件包已经被依据所有依赖性下载完成了
请注意,这个插件适用于 “yum install/yum update” 而且并不适用于 “yum groupinstall”。默认情况下这个插件将会下载仓库中最新可用的软件包。然而你可以通过指定版本号来下载某个特定的软件版本。
请注意,这个插件适用于 `yum install/yum update` 但是并不适用于 `yum groupinstall`。默认情况下,这个插件将会下载仓库中最新可用的软件包。然而你可以通过指定版本号来下载某个特定的软件版本。
例子:
@ -119,29 +118,28 @@ mailcap-2.1.41-2.el7.noarch.rpm
yum install --downloadonly --downloaddir=/root/mypackages/ httpd-2.2.6-40.el7
```
Also, you can download multiple packages at once as shown below.
此外,你也可以如下一次性下载多个包:
```
yum install --downloadonly --downloaddir=/root/mypackages/ httpd vsftpd
```
### 方法 2-使用 Yumdownloader 工具来根据依赖性下载 RPM 软件包,
### 方法 2 使用 “Yumdownloader” 工具来下载 RPM 软件包及其所有依赖包
“Yumdownloader” 是一款简单,但是却十分有用的命令行工具,它可以一次性下载任何 RPM 软件包及其所有依赖包。
Yumdownloader是一款简单但是却十分有用的命令行工具它可以一次性根据依赖性下载任何 RPM 软件包
以 root 身份运行如下命令安装 Yumdownloader 工具
以 root 身份运行如下命令安装 “Yumdownloader” 工具。
```
yum install yum-utils
```
一旦安装完成,运行如下命令去下载一个软件包,例如 httpd
一旦安装完成,运行如下命令去下载一个软件包,例如 httpd
```
yumdownloader httpd
```
为了根据所有依赖性下载软件包,我们使用 _resolve 参数:
为了根据所有依赖性下载软件包,我们使用 `--resolve` 参数:
```
yumdownloader --resolve httpd
@ -149,18 +147,19 @@ yumdownloader --resolve httpd
默认情况下Yumdownloader 将会下载软件包到当前工作目录下。
为了将软件下载到一个特定的目录下,我们使用 _destdir 参数:
为了将软件下载到一个特定的目录下,我们使用 `--destdir` 参数:
```
yumdownloader --resolve --destdir=/root/mypackages/ httpd
```
或者
或者
```
yumdownloader --resolve --destdir /root/mypackages/ httpd
```
终端输出:
终端输出
```
Loaded plugins: fastestmirror
@ -188,9 +187,10 @@ Loading mirror speeds from cached hostfile
(5/5): httpd-2.4.6-40.el7.centos.4.x86_64.rpm | 2.7 MB 00:00:19
```
[![rootserver1_004](http://www.ostechnix.com/wp-content/uploads/2016/10/root@server1_004-1.png)][3]
![rootserver1_004](http://www.ostechnix.com/wp-content/uploads/2016/10/root@server1_004-1.png)
让我们确认一下软件包是否被下载到我们指定的目录下。
```
ls /root/mypackages/
```
@ -205,7 +205,7 @@ httpd-tools-2.4.6-40.el7.centos.4.x86_64.rpm
mailcap-2.1.41-2.el7.noarch.rpm
```
[![rootserver1_005](http://www.ostechnix.com/wp-content/uploads/2016/10/root@server1_005.png)][2]
![rootserver1_005](http://www.ostechnix.com/wp-content/uploads/2016/10/root@server1_005.png)
不像 Downloadonly 插件Yumdownload 可以下载一组相关的软件包。
@ -213,7 +213,7 @@ mailcap-2.1.41-2.el7.noarch.rpm
yumdownloader "@Development Tools" --resolve --destdir /root/mypackages/
```
在我看来,我更喜欢 Yumdownloader 应用在 Yum 上面。但是,两者都是十分简单易懂而且可以完成相同的工作。
在我看来,我喜欢 Yumdownloader 更胜于 Yum 的 Downloadonly 插件。但是,两者都是十分简单易懂而且可以完成相同的工作。
这就是今天所有的内容,如果你觉得这份引导教程有用,清在你的社交媒体上面分享一下去让更多的人知道。
@ -224,10 +224,8 @@ yumdownloader "@Development Tools" --resolve --destdir /root/mypackages/
via: https://www.ostechnix.com/download-rpm-package-dependencies-centos/
作者:[SK][a]
译者:[LinuxBars](https://github.com/LinuxBars)
校对:[校对者ID](https://github.com/校对者ID)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出

202
published/20161026 How To Setup A WiFi Network In Arch Linux Using Terminal.md Normal file
View File

@ -0,0 +1,202 @@
如何在 Arch Linux 的终端里设定 WiFi 网络
===
![How To Setup A WiFi In Arch Linux Using Terminal](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/how-to-connect-to-wifi-in-arch-linux-cli_orig.jpg)
如果你使用的是其他 [Linux 发行版][16] 而不是 [Arch][15] CLI那么可能会不习惯在终端里设置 WiFi。尽管整个过程有点简单不过我还是要讲一下。在这篇文章里我将带领新手们通过一步步的设置向导把你们的 Arch Linux 接入到你的 WiFi 网络里。
在 Linux 里有很多程序来设置无线连接,我们可以用 **ip****iw** 来配置因特网连接,但是对于新手来说有点复杂。所以我们会使用 **netctl** 命令,这是一个基于命令行的工具,用来通过配置文件来设置和管理网络连接。
注意:所有的设定都需要 root 权限,或者你也可以使用 sudo 命令来完成。
### 搜索网络
运行下面的命令来查看你的网络接口:
```
iwconfig
```
运行如下命令启用你的网络接口,如果没有启用的话:
```
ip link set  interface up
```
运行下面的命令搜索可用的 WiFi 网络。可以向下翻页来查看。
```
iwlist interface scan | less
```
**注意:** 命令里的 interface 是之前用 **iwconfig** 获取到的实际网络接口。
扫描完,如果不使用该接口可以运行如下命令关闭:
```
ip link set interface down
```
### 使用 netctl 配置 Wi-Fi
在使用 `netctl` 设置连接之前,你必须先检查一下你的网卡在 Linux 下的兼容性。
运行命令:
```
lspci -k
```
这条命令是用来检查内核是否加载了你的无线网卡驱动。输出必须是像这样的:
![arch linux wifi kernel compatibility ](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/arch-wifi-find-kernel-compatibility_orig.png)
如果内核没有加载驱动,你就必须使用有线连接来安装一下。这里是 Linux 无线网络的官方维基页面:[https://wireless.wiki.kernel.org/][11]。
如果你的无线网卡和 Linux 兼容,你可以使用 `netctl configuration`
`netctl` 使用配置文件,这是一个包含连接信息的文件。创建这个文件有简单和困难两种方式。
#### 简单方式 Wifi-menu
如果你想用 `wifi-menu`,必须安装 `dialog`
1. 运行命令: `wifi-menu`
2. 选择你的网络
![wifi-menu to setup wifi in arch](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/wifi-menu-to-setup-wifi-in-arch_orig.png)
3. 输入正确的密码并等待
![wifi-menu setup wifi password in arch](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/wifi-menu-type-wifi-password-in-arch.png?605)
如果没有连接失败的信息,你可以用下面的命令确认下:
```
ping -c 3 www.google.com
```
哇!如果你看到正在 ping意味着网络设置成功。你现在已经在 Arch Linux 下连上 WiFi 了。如果有任何问题,可以倒回去重来。也许漏了什么。
#### 困难方式
比起上面的 `wifi-menu` 命令,这种方式会难一点点,所以我叫做困难方式。在上面的命令里,网络配置会自动生成。而在困难方式里,我们将手动修改配置文件。不过不要担心,也没那么难。那我们开始吧!
1. 首先第一件事,你必须要知道网络接口的名字,通常会是 `wlan0``wlp2s0`,但是也有很多例外。要确认你自己的网络接口,输入 `iwconfig` 命令并记下来。
[![scan wifi networks in arch linux cli](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/scan-wifi-networks-in-arch-linux-cli_orig.png)][8]     
2. 运行命令:
```
cd /etc/netctl/examples
```
在这个目录里,有很多不同的配置文件例子。
3. 拷贝将用到的配置文件例子到 `/etc/netctl/your_profile`
```
cp /etc/netctl/examples/wireless-wpa /etc/netctl/your_profile
```
4. 你可以用这个命令来查看配置文件内容: `cat /etc/netctl/your_profile`
![view network profile in arch linux](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/view-network-profile-in-arch-linux_orig.png)
5. 用 `vi` 或者 `nano` 编辑你的配置文件的下面几个部分:
```
nano /etc/netctl/your_profile
```
- `Interface`:比如说 `wlan0`
- `ESSID`:你的无线网络名字
- `key`:你的无线网络密码
**注意:** 
如果你不知道怎么用 `nano`,打开文件后,编辑要修改的地方,完了按 `ctrl+o`,然后回车,然后按 `ctrl+x`
![edit network profile in arch](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/edit-network-profile-in-arch_orig.png)
### 运行 netctl
1. 运行命令:
```
cd /etc/netctl
ls
```
你一定会看到 `wifi-menu` 生成的配置文件,比如 `wlan0-SSID`;或者你选择了困难方式,你一定会看到你自己创建的配置文件。
2. 运行命令启动连接配置:`netctl start your_profile`。
3. 用下面的命令测试连接:
```
ping -c 3 www.google.com
```
输出看上去像这样:
![check internet connection in arch linux](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/check-internet-connection-in-arch-linux_orig.png)      
4. 最后,你必须运行下面的命令:`netctl enable your_profile`。 
```
netctl enable your_profile
```
这样将创建并激活一个 systemd 服务,然后开机时自动启动。然后欢呼吧!你在你的 Arch Linux 里配置好 wifi 网络啦。
### 其他工具
你还可以使用其他程序来设置无线连接:
iw
1. `iw dev wlan0 link`  状态
2. `iw dev wlan0 scan`  搜索网络
3. `iw dev wlan0 connect your_essid`  连接到开放网络
4. `iw dev wlan0 connect your_essid key your_key` - 使用 16 进制密钥连接到 WEP 加密的网络
wpa_supplicant
- [https://wiki.archlinux.org/index.php/WPA_supplicant][4]
Wicd
- [https://wiki.archlinux.org/index.php/wicd][3]
NetworkManager
- [https://wiki.archlinux.org/index.php/NetworkManager][2]
### 总结
会了吧!我提供了在 **Arch Linux** 里接入 WiFI 网络的三种方式。这里有一件事我再强调一下,当你执行第一条命令的时候,请记住你的网络接口名字。在接下来搜索网络的命令里,请使用你的网络接口名字比如 `wlan0``wlp2s0`(上一个命令里得到的),而不是用 interface 这个词。如果你碰到任何问题,可以在下面的评论区里直接留言给我。然后别忘了在你的朋友圈里和大家分享这篇文章哦。谢谢!
--------------------------------------------------------------------------------
via: http://www.linuxandubuntu.com/home/how-to-setup-a-wifi-in-arch-linux-using-terminal
作者:[Mohd Sohail][a]
译者:[zpl1025](https://github.com/zpl1025)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: http://www.linuxandubuntu.com/contact-us.html
[1]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/wifi-menu-to-setup-wifi-in-arch_orig.png
[2]:https://wiki.archlinux.org/index.php/NetworkManager
[3]:https://wiki.archlinux.org/index.php/wicd
[4]:https://wiki.archlinux.org/index.php/WPA_supplicant
[5]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/check-internet-connection-in-arch-linux_orig.png
[6]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/edit-network-profile-in-arch_orig.png
[7]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/view-network-profile-in-arch-linux_orig.png
[8]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/scan-wifi-networks-in-arch-linux-cli_orig.png
[9]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/wifi-menu-type-wifi-password-in-arch_orig.png?605
[10]:http://www.linuxandubuntu.com/home/5-best-arch-linux-based-linux-distributions
[11]:https://wireless.wiki.kernel.org/
[12]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/arch-wifi-find-kernel-compatibility_orig.png
[13]:http://www.linuxandubuntu.com/home/arch-linux-take-your-linux-knowledge-to-next-level-review
[14]:http://www.linuxandubuntu.com/home/category/arch-linux
[15]:http://www.linuxandubuntu.com/home/arch-linux-take-your-linux-knowledge-to-next-level-review
[16]:http://linuxandubuntu.com/home/category/distros

37
translated/tech/20161102 Generate a strong password from the command line.md → published/20161102 Generate a strong password from the command line.md
View File

@ -38,35 +38,31 @@ pwgen 14 1
你也可以使用以下标记:
<small style="transition: height 0.15s ease-out, width 0.15s ease-out; font-size: 14.45px;"></small>
```
-c 或 --capitalize
- -c 或 --capitalize
生成的密码中至少包含一个大写字母
-A 或 --no-capitalize
- -A 或 --no-capitalize
生成的密码中不含大写字母
-n 或 --numerals
- -n 或 --numerals
生成的密码中至少包含一个数字
-0 或 --no-numerals
- -0 或 --no-numerals
生成的密码中不含数字
-y 或 --symbols
- -y 或 --symbols
生成的密码中至少包含一个特殊字符
-s 或 --secure
- -s 或 --secure
生成一个完全随机的密码
-B 或 --ambiguous
生成的密码中不含模糊字符 (ambiguous characters)
-h 或 --help
- -B 或 --ambiguous
生成的密码中不含易混淆字符 (ambiguous characters)
- -h 或 --help
输出帮助信息
-H 或 --sha1=path/to/file[#seed]
- -H 或 --sha1=path/to/file[#seed]
使用指定文件的 sha1 哈希值作为随机生成器
-C
- -C
按列输出生成的密码
-1
- -1
不按列输出生成的密码
-v 或 --no-vowels
- -v 或 --no-vowels
不使用任何元音,以免意外生成让人讨厌的单词
```
### 使用 gpg 生成高强度密码
@ -76,10 +72,9 @@ pwgen 14 1
gpg --gen-random --armor 1 14
```
* * *
### 其它方法
当然,可能还有很多方法可以生成一个高强度密码。比方说,你可以添加以下 bash shell 方法到 `~/.bashrc` 文件:
Of course, there are many other ways to generate a strong password. For example, you can add the following bash shell function to your `~/.bashrc` file:
```
genpasswd() {
@ -94,10 +89,8 @@ genpasswd() {
via: https://www.rosehosting.com/blog/generate-password-linux-command-line/
作者:[RoseHosting][a]
译者:[GHLandy](https://github.com/GHLandy)
校对:[校对者ID](https://github.com/校对者ID)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出

34
published/20161104 The iconic text editor Vim celebrates 25 years.md Normal file
View File

@ -0,0 +1,34 @@
标志性文本编辑器 Vim 迎来其 25 周年纪念日
===============
![标志性文本编辑器 Vim 迎来其 25 周年纪念日](https://opensource.com/sites/default/files/styles/image-full-size/public/images/life/osdc-lead-happybirthday.png?itok=38SOo5_T "标志性文本编辑器 Vim 迎来其 25 周年纪念日")
*图片由 [Oscar Cortez][8] 提供。由 Opensource.com 编辑,遵循 [CC BY-SA 2.0][7] 协议发布。*
让我们把时钟往回拨一点。不,别停…再来一点……好了!在 25 年前当你的某些专家同事还在蹒跚学步时Bram Moolenaar 已经开始为他的 Amiga 计算机开发一款文本编辑器。他曾经是 Unix 上的 vi 用户,但 Amiga 上却没有与其类似的编辑器。在三年的开发之后1991 年 11 月 2 日,他发布了“仿 vi 编辑器 (Vi IMitation)”(也就是 [Vim][6])的第一个版本。
两年之后,随着 2.0 版本的发布Vim 的功能集已经超过了 vi所以这款编辑器的全称也被改为了“vi 增强版 (Vi IMproved)”。现在,刚刚度过 25 岁生日的 Vim已经可以在绝大部分平台上运行——Windows、OS/2、OpenVMS、BSD、Android、iOS——并且已在 OS X 及很多 Linux 发行版上成为标配软件。它受到了许多赞誉,也受到了许多批评,不同组织或开发者也会围绕它来发起争论,甚至有些面试官会问:“你用 Emacs 还是 Vim”Vim 已拥有自由许可证,它基于[慈善软件证书( charityware license][5](“帮助乌干达的可怜儿童”)发布,该证书与 GPL 兼容。
Vim 是一个灵活的、可扩展的编辑器,带有一个强大的插件系统,被深入集成到许多开发工具,并且可以编辑上百种编程语言或文件类型的文件。 在 Vim 诞生二十五年后Bram Moolenaar 仍然在主导开发并维护它——这真是一个壮举Vim 曾经在超过 20 年的时间里数次间歇中断开发,但在 2016 年 9 月,它发布了 [8.0 版本](https://linux.cn/article-7766-1.html)添加了许多新功能为现代程序员用户提供了更多方便。很多年来Vim 在官网上售卖 T 恤及 logo 贴纸,所得的销售款为支持 [ICCF][4]——一个帮助乌干达儿童的德国慈善机构做出了巨大贡献。Vim 所支持的慈善项目深受 Moolenaar 喜爱Mooleaar 本人也去过乌干达,在基巴莱的一个儿童中心做志愿者。
Vim 在开源历史上记下了有趣的一笔:一个工程,在 25 年中,坚持由一个稳定的核心贡献者维护,拥有超多的用户,但很多人从未了解过它的历史。如果你想简单的了解 Vim[请访问它的网站][3],或者你可以读一读 [Vim 入门的一些小技巧][2],或者在 Opensource.com 阅读一位 [Vim 新用户的故事][1]。
--------------------------------------------------------------------------------
via: https://opensource.com/life/16/11/happy-birthday-vim-25
作者:[D Ruth Bavousett][a]
译者:[StdioA](https://github.com/StdioA)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://opensource.com/users/druthb
[1]:https://opensource.com/business/16/8/7-reasons-love-vim
[2]:https://opensource.com/life/16/7/tips-getting-started-vim
[3]:http://www.vim.org/
[4]:http://iccf-holland.org/
[5]:http://vimdoc.sourceforge.net/htmldoc/uganda.html#license
[6]:http://www.vim.org/
[7]:https://creativecommons.org/licenses/by-sa/2.0/
[8]:https://www.flickr.com/photos/drastudio/7161064915/in/photolist-bUNk7t-d1eWDm-7X6nmx-7AUchG-7AQpe8-9ob1yW-YZfUi-5LqxMi-9rye8j-7xptiR-9AE5Pe-duq1Wu-7DvLFt-7Mt7TN-7xRZHa-e19sFi-7uc6u3-dV7YuK-9DRH37-6oQE3u-9u3TG9-9jbg3J-7ELgDS-5Sgp87-8NXn1u-7ZSBk7-9kytY5-7f1cMC-3sdkMh-8SWLRX-8ebBMm-pfRPHJ-9wsSQW-8iZj4Z-pCaSMa-ejZLDj-7NnKCZ-9PjXb1-92hxHD-7LbXSZ-7cAZuB-7eJgiE-7VKc9d-8Yuun8-9tZReM-dxp7r8-9NH1R4-7QfoWB-7RGWtU-7NCPf9

2
sources/talk/20161102 Arch Linux - In a world of polish DIY never felt so good.md
View File

@ -1,3 +1,5 @@
Rusking Translating...
# Arch Linux: In a world of polish, DIY never felt so good
![Tripple Renault photo by Gilles Paire via Shutterstock ](https://regmedia.co.uk/2016/10/31/tripple_renault_photo_by_gilles_paire_via_shutterstock.jpg?x=648&y=348&crop=1)

87
sources/talk/20161104 Open Source Vs Closed Source.md Normal file
View File

@ -0,0 +1,87 @@
[
![open source vs closed source](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/open-source-vs-closed-source_orig.jpg)
][2]There are many differences between **open source operating system** and **closed source operating system**. Here we have written few of them.
### What Is Open Source? It's Freedom!
[
![what is open source?](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/what-is-open-source.jpg?250)
][1]
This is the most important thing that a user should possess. I may or may not be modifying the code but someone who wants to modify the code for good purposes should not be restricted. And a user should be allowed to share the software if he likes it. And this is all possible with **open source** software.
The **closed source** operating systems have really scaring license terms. Moreover do all the people read the license terms?, Nope, most of them  just click Accept.
* * *
### Cost
Nearly all of the open source operating systems are free of cost. People only donate voluntarily. And a single installation **CD/DVD or USB** can be used to install the OS in as many computers as possible.
Closed source operating systems are very costly when compared with open source OSs and if you are building a PC, it may cost you at least $100 per PC.
We could use the money that we may spend on closed source software to buy better.
### Choice
There are numerous open source operating systems out there. So if you dont like a distro then you can try others and at least a single operating system will be suitable for you.
Distros like Ubuntu studio, Bio Linux, Edubuntu, Kali Linux, Qubes, SteamOS are some of the distros that are created for the particular type of users.
Is there anything called choice in closed source operating systems? I dont think so.
### Privacy
There is no need for **Open source operating systems** to collect user data. They are not going show any personalized ads or sell your data to third parties. If the developers need money they will ask for donations or display ads on their website. ADs will always be related to Linux, so it also helps us.
You might have known how a major closed source operating system(you know what its name is) is said to be collecting users data which caused many people to turn down their free upgrade offer. Many users of that OS had even turned off updates to avoid any upgrade, it means they preferred security risk to free upgrade.
### Security
Open source software are mostly secure. They are not secure because of less market share but the way they are made. Qubes Os is one of the most secure OS that isolates the running software from one another.
Closed source operating systems compromise security for usability making them more vulnerable.
### Hardware support
Many of us might have an old PC that we dont want to throw away and at that situation lightweight distros that are capable of giving a new life to them. Here is a list of lightweight operating systems you can try these distros [5 Lightweight Linux for old computers][3]. Linux based OSs comes with drivers for almost all devices, so there wont be any need to search and install drivers.
Many a time closed source operating systems scrap support for older hardware forcing the user to buy new hardware. We may have to search and install drivers ourself.
### Community Support
Nearly all of the **open source OSes** have user forums where you can ask questions and get answers from other users. People share tips and tricks and help each other. Experienced Linux users love to help newbies, so they always try their best to help them.
**Closed source OSes **community is not even comparable to open source OS community. Questions asked might even go unanswered.
### Monetisation
Making many out of OSes will be tough. Developers accept donations from users and get some money from ads that are displayed on their website. Most of the donations are used to pay hosting bills and developers salary.
Many of the closed source OSes not only make money from licensing their software but also through targeted ads.
### Crapware
I accept some of the open source operating systems provide some software that we may not use in our lifetime and some people consider them as crapware. But there are distros that provide the minimal installation that contain no unwanted software. So, crapware is not really a problem.
All the closed source operating systems contain crapware installed by the manufacturer and will force as to do a clean installation.
Open source software is more like a philosophy . Its a way of sharing and learning. Its even good for the economy.
So, we have listed things that we know. If you think we have missed some points, then please do comment and let us know.
--------------------------------------------------------------------------------
via: http://www.linuxandubuntu.com/home/open-source-vs-closed-source
作者:[Mohd Sohail][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://www.linkedin.com/in/mohdsohail
[1]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/what-is-open-source_orig.jpg?250
[2]:http://www.linuxandubuntu.com/home/open-source-vs-closed-source
[3]:http://www.linuxandubuntu.com/home/5-lightweight-linux-for-old-computers

54
sources/talk/20161104 Build Strong Real-Time Streaming Apps with Apache Calcite.md Normal file
View File

@ -0,0 +1,54 @@
# Build Strong Real-Time Streaming Apps with Apache Calcite
![Calcite](https://www.linux.com/sites/lcom/files/styles/rendered_file/public/calcite.jpg?itok=CUZmjPjy "Calcite ")
Calcite is a data framework that lets you to build custom database functionality, explains Microsoft developer Atri Sharma in this preview to his upcoming talk at Apache: Big Data Europe, Nov. 14-16 in Seville, Spain.[Creative Commons Zero][2]Wikimedia Commons: Parent Géry
The [Apache Calcite][7] data management framework contains many pieces of a typical database management system but omits others, such as storage of data and algorithms to process data. In his talk at the upcoming [Apache: Big Data][6] conference in Seville, Spain, Atri Sharma, a Software Engineer for Azure Data Lake at Microsoft, will talk about developing applications using [Apache Calcite][5]'s advanced query planning capabilities. We spoke with Sharma to learn more about Calcite and how existing applications can take advantage of its functionality.
![Atri Sharma](https://www.linux.com/sites/lcom/files/styles/floated_images/public/atri-sharma.jpg?itok=77cvZWfw "Atri Sharma")
Atri Sharma, Software Engineer, Azure Data Lake, Microsoft[Used with permission][1]
**Linux.com: Can you provide some background on Apache Calcite? What does it do?**
Atri Sharma: Calcite is a framework that is the basis of many database kernels. Calcite empowers you to build your custom database functionality and use the required resources from Calcite. For example, Hive uses Calcite for cost-based query optimization, Drill and Kylin use Calcite for SQL parsing and optimization, and Apex uses Calcite for streaming SQL.
**Linux.com: What are some features that make Apache Calcite different from other frameworks?**
Atri: Calcite is unique in the sense that it allows you to build your own data platform. Calcite does not manage your data directly but rather allows you to use Calcite's libraries to define your own components. For eg, instead of providing a generic query optimizer, it allows defining custom query optimizers using the Planners available in Calcite.
**Linux.com: Apache Calcite itself does not store or process data. How does that affect application development?**
Atri: Calcite is a dependency in the kernel of your database. It is targeted for data management platforms that wish to extend their functionalities without writing a lot of functionality from scratch.
**Linux.com: Who should be using it? Can you give some examples?**
Atri: Any data management platform looking to extend their functionalities should use Calcite. We are the foundation of your next high-performance database!
Specifically, I think the biggest examples would be Hive using Calcite for query optimization and Flink for parsing and streaming SQL processing. Hive and Flink are full-fledged data management engines, and they use Calcite for highly specialized purposes. This is a good case study for applications of Calcite to further strengthen the core of a data management platform.
**Linux.com: What are some new features that youre looking forward to?**
Atri: Streaming SQL enhancements are something I am very excited about. These features are exciting because they will enable users of Calcite to develop real-time streaming applications much faster, and the strength and capabilities of these applications will be manifold. Streaming applications are the new de facto, and the strength to have query optimization in streaming SQL will be very useful for a large crowd. Also, there is discussion ongoing about temporal tables, so watch out for more!
--------------------------------------------------------------------------------
via: https://www.linux.com/news/build-strong-real-time-streaming-apps-apache-calcite
作者:[AMBER ANKERHOLZ][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://www.linux.com/users/aankerholz
[1]:https://www.linux.com/licenses/category/used-permission
[2]:https://www.linux.com/licenses/category/creative-commons-zero
[3]:https://www.linux.com/files/images/atri-sharmajpg
[4]:https://www.linux.com/files/images/calcitejpg
[5]:https://calcite.apache.org/
[6]:http://events.linuxfoundation.org/events/apache-big-data-europe
[7]:https://calcite.apache.org/

248
sources/tech/20160229 dpkg commands to manage packages on Debian Based Systems.md Normal file
View File

@ -0,0 +1,248 @@
# dpkg commands to manage packages on Debian Based Systems
[dpkg][7] stands for Debian package manager (dpkg). dpkg is a command-line tool to install, build, remove and manage Debian packages. dpkg uses Aptitude (primary and more user-friendly) as a front-end to perform all the actions.
Other utility such as dpkg-deb and dpkg-query uses dpkg as a front-end to perform some action.
Now a days most of the administrator using Apt, [Apt-Get][6] & Aptitude to manage packages easily without headache and its robust management too.
Even though still we need to use dpkg to perform some software installation where its necessary. Some other package manger utilities which are being used widely in Linux are [yum][5], [dnf][4], [apt-get][3], dpkg, [rpm][2], [Zypper][1], pacman, urpmi, etc.,
Now, im going to play on our Ubuntu 15.10 box to explain and cover mostly used dpkg commands with examples.
#### 1) Common syntax/file location for dpkg
See below for common syntax/ file location of dpkg which will help you if you want to check more about it.
<iframe marginwidth="0" marginheight="0" scrolling="no" frameborder="0" height="90" width="728" id="_mN_gpt_827143833" style="border-width: 0px; border-style: initial; font-style: inherit; font-variant: inherit; font-weight: inherit; font-stretch: inherit; font-size: inherit; line-height: inherit; font-family: inherit; vertical-align: baseline;"></iframe>
```
[General syntax for dpkg]
$ dpkg -[command] [.deb package name]
$ dpkg -[command] [package name]
[dpkg releated files location]
$ /var/lib/dpkg
[This file contain modified package info by dpkg command like (install, remove, etc..,)]
$ /var/lib/dpkg/status
[This file contain available package list]
$ /var/lib/dpkg/status
```
#### 2) Install/Upgrade the package
Use the below command to install/upgrade .deb packge on Debian based systems such as Debian, Mint, Ubuntu & elementryOS, etc..,. Here im going to install Atom through atom-amd64.deb file. It will upgrade if its installed other wise install a fresh one.
```
[Install/Upgrade dpkg packages]
$ sudo dpkg -i atom-amd64.deb
Selecting previously unselected package atom.
(Reading database ... 426102 files and directories currently installed.)
Preparing to unpack atom-amd64.deb ...
Unpacking atom (1.5.3) over (1.5.3) ...
Setting up atom (1.5.3) ...
Processing triggers for gnome-menus (3.13.3-6ubuntu1) ...
Processing triggers for bamfdaemon (0.5.2~bzr0+15.10.20150627.1-0ubuntu1) ...
Rebuilding /usr/share/applications/bamf-2.index...
Processing triggers for desktop-file-utils (0.22-1ubuntu3) ...
Processing triggers for mime-support (3.58ubuntu1) ...
```
#### 3) Install a package from folder
Use the below command to install the packages recursively from directory on Debian based systems such as Debian, Mint, Ubuntu & elementryOS, etc,. This will install all the *.deb packages under the /opt/software directory.
```
$ sudo dpkg -iR /opt/software
Selecting previously unselected package atom.
(Reading database ... 423303 files and directories currently installed.)
Preparing to unpack /opt/software/atom-amd64.deb ...
Unpacking atom (1.5.3) ...
Setting up atom (1.5.3) ...
Processing triggers for gnome-menus (3.13.3-6ubuntu1) ...
Processing triggers for bamfdaemon (0.5.2~bzr0+15.10.20150627.1-0ubuntu1) ...
Rebuilding /usr/share/applications/bamf-2.index...
Processing triggers for desktop-file-utils (0.22-1ubuntu3) ...
Processing triggers for mime-support (3.58ubuntu1) ...
```
#### 4) Print the Installed packages list
Use the below command to List all installed packages, along with package version and description on Debian based systems such as Debian, Mint, Ubuntu & elementryOS, etc..,.
```
$ dpkg -l
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-===========================-==================================-============-================================================================
ii account-plugin-aim 3.12.10-0ubuntu2 amd64 Messaging account plugin for AIM
ii account-plugin-facebook 0.12+15.10.20150723-0ubuntu1 all GNOME Control Center account plugin for single signon - facebook
ii account-plugin-flickr 0.12+15.10.20150723-0ubuntu1 all GNOME Control Center account plugin for single signon - flickr
ii account-plugin-google 0.12+15.10.20150723-0ubuntu1 all GNOME Control Center account plugin for single signon
ii account-plugin-jabber 3.12.10-0ubuntu2 amd64 Messaging account plugin for Jabber/XMPP
ii account-plugin-salut 3.12.10-0ubuntu2 amd64 Messaging account plugin for Local XMPP (Salut)
.
.
```
#### 5) Check particular Installed package
Use the below command to List individual installed package, along with package version and description on Debian based systems such as Debian, Mint, Ubuntu & elementryOS, etc..,.
<iframe marginwidth="0" marginheight="0" scrolling="no" frameborder="0" height="90" width="728" id="_mN_gpt_827143833" style="border-width: 0px; border-style: initial; font-style: inherit; font-variant: inherit; font-weight: inherit; font-stretch: inherit; font-size: inherit; line-height: inherit; font-family: inherit; vertical-align: baseline;"></iframe>
```
$ dpkg -l atom
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-==========-=========-===================-============================================
ii atom 1.5.3 amd64 A hackable text editor for the 21st Century.
```
#### 6) Check package Installed Location
Use the below command to Check package Installed Location on Debian based systems such as Debian, Mint, Ubuntu & elementryOS, etc..,.
```
$ dpkg -L atom
/.
/usr
/usr/bin
/usr/bin/atom
/usr/share
/usr/share/lintian
/usr/share/lintian/overrides
/usr/share/lintian/overrides/atom
/usr/share/pixmaps
/usr/share/pixmaps/atom.png
/usr/share/doc
```
#### 7) View deb package content
Use the below command to View deb package content, It will show list of files on inside .deb package.
```
$ dpkg -c atom-amd64.deb
drwxr-xr-x root/root 0 2016-02-13 02:13 ./
drwxr-xr-x root/root 0 2016-02-13 02:13 ./usr/
drwxr-xr-x root/root 0 2016-02-13 02:13 ./usr/bin/
-rwxr-xr-x root/root 3067 2016-02-13 02:13 ./usr/bin/atom
drwxr-xr-x root/root 0 2016-02-13 02:13 ./usr/share/
drwxr-xr-x root/root 0 2016-02-13 02:13 ./usr/share/lintian/
drwxr-xr-x root/root 0 2016-02-13 02:13 ./usr/share/lintian/overrides/
-rw-r--r-- root/root 299 2016-02-13 02:13 ./usr/share/lintian/overrides/atom
drwxr-xr-x root/root 0 2016-02-13 02:13 ./usr/share/pixmaps/
-rw-r--r-- root/root 643183 2016-02-13 02:13 ./usr/share/pixmaps/atom.png
drwxr-xr-x root/root 0 2016-02-13 02:13 ./usr/share/doc/
.
.
```
#### 8) Display details about package
Use the below command to Display detailed information about package, package group, version, maintainer, Architecture, display depends packages, description, etc.,.
```
$ dpkg -s atom
Package: atom
Status: install ok installed
Priority: optional
Section: devel
Installed-Size: 213496
Maintainer: GitHub <atom@github.com>Architecture: amd64
Version: 1.5.3
Depends: git, gconf2, gconf-service, libgtk2.0-0, libudev0 | libudev1, libgcrypt11 | libgcrypt20, libnotify4, libxtst6, libnss3, python, gvfs-bin, xdg-utils, libcap2
Recommends: lsb-release
Suggests: libgnome-keyring0, gir1.2-gnomekeyring-1.0
Description: A hackable text editor for the 21st Century.
Atom is a free and open source text editor that is modern, approachable, and hackable to the core.</atom@github.com>
```
#### 9) Find what package owns the file
Use the below command to find out what package does file belong.
```
$ dpkg -S /usr/bin/atom
atom: /usr/bin/atom
```
#### 10) Remove/Delete package
Use the below command to Remove/Delete an installed package except configuration files.
<iframe marginwidth="0" marginheight="0" scrolling="no" frameborder="0" height="90" width="728" id="_mN_gpt_827143833" style="border-width: 0px; border-style: initial; font-style: inherit; font-variant: inherit; font-weight: inherit; font-stretch: inherit; font-size: inherit; line-height: inherit; font-family: inherit; vertical-align: baseline;"></iframe>
```
$ sudo dpkg -r atom
(Reading database ... 426404 files and directories currently installed.)
Removing atom (1.5.3) ...
Processing triggers for gnome-menus (3.13.3-6ubuntu1) ...
Processing triggers for bamfdaemon (0.5.2~bzr0+15.10.20150627.1-0ubuntu1) ...
Rebuilding /usr/share/applications/bamf-2.index...
Processing triggers for desktop-file-utils (0.22-1ubuntu3) ...
Processing triggers for mime-support (3.58ubuntu1) ...
```
#### 11) Purge package
Use the below command to Remove/Delete everything including configuration files.
```
$ sudo dpkg -P atom
(Reading database ... 426404 files and directories currently installed.)
Removing atom (1.5.3) ...
Processing triggers for gnome-menus (3.13.3-6ubuntu1) ...
Processing triggers for bamfdaemon (0.5.2~bzr0+15.10.20150627.1-0ubuntu1) ...
Rebuilding /usr/share/applications/bamf-2.index...
Processing triggers for desktop-file-utils (0.22-1ubuntu3) ...
Processing triggers for mime-support (3.58ubuntu1) ...
```
#### 12) Read more about dpkg
Use the below commands to read more about dpkg command information.
```
$ dpkg -help
or
$ man dpkg
```
Enjoy….)
--------------------------------------------------------------------------------
via: http://www.2daygeek.com/dpkg-command-examples/
作者:[MAGESH MARUTHAMUTHU ][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:http://www.2daygeek.com/author/magesh/
[1]:http://www.2daygeek.com/zypper-command-examples/
[2]:http://www.2daygeek.com/rpm-command-examples/
[3]:http://www.2daygeek.com/apt-get-apt-cache-command-examples/
[4]:http://www.2daygeek.com/dnf-command-examples/
[5]:http://www.2daygeek.com/yum-command-examples/
[6]:http://www.2daygeek.com/apt-get-apt-cache-command-examples/
[7]:https://wiki.debian.org/Teams/Dpkg
[8]:http://www.2daygeek.com/author/magesh/

144
sources/tech/20160512 Rapid prototyping with docker-compose.md
View File

@ -1,144 +0,0 @@
Translating by Firstadream
Rapid prototyping with docker-compose
========================================
In this write-up we'll look at a Node.js prototype for **finding stock of the Raspberry PI Zero** from three major outlets in the UK.
I wrote the code and deployed it to an Ubuntu VM in Azure within a single evening of hacking. Docker and the docker-compose tool made the deployment and update process extremely quick.
### Remember linking?
If you've already been through the [Hands-On Docker tutorial][1] then you will have experience linking Docker containers on the command line. Linking a Node hit counter to a Redis server on the command line may look like this:
```
$ docker run -d -P --name redis1
$ docker run -d hit_counter -p 3000:3000 --link redis1:redis
```
Now imagine your application has three tiers
- Web front-end
- Batch tier for processing long running tasks
- Redis or mongo database
Explicit linking through `--link` is just about manageable with a couple of containers, but can get out of hand as we add more tiers or containers to the application.
### Enter docker-compose
![](http://blog.alexellis.io/content/images/2016/05/docker-compose-logo-01.png)
>Docker Compose logo
The docker-compose tool is part of the standard Docker Toolbox and can also be downloaded separately. It provides a rich set of features to configure all of an application's parts through a plain-text YAML file.
The above example would look like this:
```
version: "2.0"
services:
redis1:
image: redis
hit_counter:
build: ./hit_counter
ports:
- 3000:3000
```
From Docker 1.10 onwards we can take advantage of network overlays to help us scale out across multiple hosts. Prior to this linking only worked across a single host. The `docker-compose scale` command can be used to bring on more computing power as the need arises.
>View the [docker-compose][2] reference on docker.com
### Real-world example: Raspberry PI Stock Alert
![](http://blog.alexellis.io/content/images/2016/05/Raspberry_Pi_Zero_ver_1-3_1_of_3_large.JPG)
>The new Raspberry PI Zero v1.3 image courtesy of Pimoroni
There is a huge buzz around the Raspberry PI Zero - a tiny microcomputer with a 1GHz CPU and 512MB RAM capable of running full Linux, Docker, Node.js, Ruby and many other popular open-source tools. One of the best things about the PI Zero is that costs only 5 USD. That also means that stock gets snapped up really quickly.
*If you want to try Docker or Swarm on the PI check out the tutorial below.*
>[Docker Swarm on the PI Zero][3]
### Original site: whereismypizero.com
I found a webpage which used screen scraping to find whether 4-5 of the most popular outlets had stock.
- The site contained a static HTML page
- Issued one XMLHttpRequest per outlet accessing /public/api/
- The server issued the HTTP request to each shop and performed the scraping
Every call to /public/api/ took 3 seconds to execute and using Apache Bench (ab) I was only able to get through 0.25 requests per second.
### Reinventing the wheel
The retailers didn't seem to mind whereismypizero.com scraping their sites for stock, so I set about writing a similar tool from the ground up. I had the intention of handing a much higher amount of requests per second through caching and de-coupling the scrape from the web tier. Redis was the perfect tool for the job. It allowed me to set an automatically expiring key/value pair (i.e. a simple cache) and also to transmit messages between Node processes through pub/sub.
>Fork or star the code on Github: [alexellis/pi_zero_stock][4]
If you've worked with Node.js before then you will know it is single-threaded and that any CPU intensive tasks such as parsing HTML or JSON could lead to a slow-down. One way to mitigate that is to use a second worker process and a Redis messaging channel as connective tissue between this and the web tier.
- Web tier
-Gives 200 for cache hit (Redis key exists for store)
-Gives 202 for cache miss (Redis key doesn't exist, so issues message)
-Since we are only ever reading a Redis key the response time is very quick.
- Stock Fetcher
-Performs HTTP request
-Scrapes for different types of web stores
-Updates a Redis key with a cache expire of 60 seconds
-Also locks a Redis key to prevent too many in-flight HTTP requests to the web stores.
```
version: "2.0"
services:
web:
build: ./web/
ports:
- "3000:3000"
stock_fetch:
build: ./stock_fetch/
redis:
image: redis
```
*The docker-compose.yml file from the example.*
Once I had this working locally deploying to an Ubuntu 16.04 image in the cloud (Azure) took less than 5 minutes. I logged in, cloned the repository and typed in `docker compose up -d`. That was all it took - rapid prototyping a whole system doesn't get much better. Anyone (including the owner of whereismypizero.com) can deploy the new solution with just two lines:
```
$ git clone https://github.com/alexellis/pi_zero_stock
$ docker-compose up -d
```
Updating the site is easy and just involves a `git pull` followed by a `docker-compose up -d` with the `--build` argument passed along.
If you are still linking your Docker containers manually, try Docker Compose for yourself or my code below:
>Fork or star the code on Github: [alexellis/pi_zero_stock][5]
### Check out the test site
The test site is currently deployed now using docker-compose.
>[stockalert.alexellis.io][6]
![](http://blog.alexellis.io/content/images/2016/05/Screen-Shot-2016-05-16-at-22-34-26-1.png)
Preview as of 16th of May 2016
----------
via: http://blog.alexellis.io/rapid-prototype-docker-compose/
作者:[Alex Ellis][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: http://blog.alexellis.io/author/alex/
[1]: http://blog.alexellis.io/handsondocker
[2]: https://docs.docker.com/compose/compose-file/
[3]: http://blog.alexellis.io/dockerswarm-pizero/
[4]: https://github.com/alexellis/pi_zero_stock
[5]: https://github.com/alexellis/pi_zero_stock
[6]: http://stockalert.alexellis.io/

282
sources/tech/20160513 aria2 (Command Line Downloader) command examples.md Normal file
View File

@ -0,0 +1,282 @@
# aria2 (Command Line Downloader) command examples
[aria2][4] is a Free, open source, lightweight multi-protocol & multi-source command-line download utility. It supports HTTP/HTTPS, FTP, SFTP, BitTorrent and Metalink. aria2 can be manipulated via built-in JSON-RPC and XML-RPC interfaces. aria2 automatically validates chunks of data while downloading a file. It can download a file from multiple sources/protocols and tries to utilize your maximum download bandwidth. By default all the Linux Distribution included aria2, so we can install easily from official repository. some of the GUI download manager using aria2 as a plugin to improve the download speed like [uget][3].
#### Aria2 Features
* HTTP/HTTPS GET support
* HTTP Proxy support
* HTTP BASIC authentication support
* HTTP Proxy authentication support
* FTP support(active, passive mode)
* FTP through HTTP proxy(GET command or tunneling)
* Segmented download
* Cookie support
* It can run as a daemon process.
* BitTorrent protocol support with fast extension.
* Selective download in multi-file torrent
* Metalink version 3.0 support(HTTP/FTP/BitTorrent).
* Limiting download/upload speed
#### 1) Install aria2 on Linux
We can easily install aria2 command line downloader to all the Linux Distribution such as Debian, Ubuntu, Mint, RHEL, CentOS, Fedora, suse, openSUSE, Arch Linux, Manjaro, Mageia, etc.. Just fire the below command to install. For CentOS, RHEL systems we need to enable [uget][2] or [RPMForge][1] repository.
```
[For Debian, Ubuntu & Mint]
$ sudo apt-get install aria2
[For CentOS, RHEL, Fedora 21 and older Systems]
# yum install aria2
[Fedora 22 and later systems]
# dnf install aria2
[For suse & openSUSE]
# zypper install wget
[Mageia]
# urpmi aria2
[For Debian, Ubuntu & Mint]
$ sudo pacman -S aria2
```
#### 2) Download Single File
The below command will download the file from given URL and stores in current directory, while downloading the file we can see the (date, time, download speed & download progress) of file.
```
# aria2c https://download.owncloud.org/community/owncloud-9.0.0.tar.bz2
[#986c80 19MiB/21MiB(90%) CN:1 DL:3.0MiB]
03/22 09:49:13 [NOTICE] Download complete: /opt/owncloud-9.0.0.tar.bz2
Download Results:
gid |stat|avg speed |path/URI
======+====+===========+=======================================================
986c80|OK | 3.0MiB/s|/opt/owncloud-9.0.0.tar.bz2
Status Legend:
(OK):download completed.
```
#### 3) Save the file with different name
We can save the file with different name & format while initiate downloading, using -o (lowercase) option. Here we are going to save the filename with owncloud.zip.
```
# aria2c -o owncloud.zip https://download.owncloud.org/community/owncloud-9.0.0.tar.bz2
[#d31304 16MiB/21MiB(74%) CN:1 DL:6.2MiB]
03/22 09:51:02 [NOTICE] Download complete: /opt/owncloud.zip
Download Results:
gid |stat|avg speed |path/URI
======+====+===========+=======================================================
d31304|OK | 7.3MiB/s|/opt/owncloud.zip
Status Legend:
(OK):download completed.
```
#### 4) Limit download speed
By default aria2 utilize full bandwidth for downloading file and we cant use anything on server before download completion (Which will affect other service accessing bandwidth). So better use max-download-limit option to avoid further issue while downloading big size file.
```
# aria2c --max-download-limit=500k https://download.owncloud.org/community/owncloud-9.0.0.tar.bz2
[#7f9fbf 21MiB/21MiB(99%) CN:1 DL:466KiB]
03/22 09:54:51 [NOTICE] Download complete: /opt/owncloud-9.0.0.tar.bz2
Download Results:
gid |stat|avg speed |path/URI
======+====+===========+=======================================================
7f9fbf|OK | 462KiB/s|/opt/owncloud-9.0.0.tar.bz2
Status Legend:
(OK):download completed.
```
#### 5) Download Multiple Files
The below command will download more then on file from the location and stores in current directory, while downloading the file we can see the (date, time, download speed & download progress) of file.
```
# aria2c -Z https://download.owncloud.org/community/owncloud-9.0.0.tar.bz2 ftp://ftp.gnu.org/gnu/wget/wget-1.17.tar.gz
[DL:1.7MiB][#53533c 272KiB/21MiB(1%)][#b52bb1 768KiB/3.6MiB(20%)]
03/22 10:25:54 [NOTICE] Download complete: /opt/wget-1.17.tar.gz
[#53533c 18MiB/21MiB(86%) CN:1 DL:3.2MiB]
03/22 10:25:59 [NOTICE] Download complete: /opt/owncloud-9.0.0.tar.bz2
Download Results:
gid |stat|avg speed |path/URI
======+====+===========+=======================================================
b52bb1|OK | 2.8MiB/s|/opt/wget-1.17.tar.gz
53533c|OK | 3.4MiB/s|/opt/owncloud-9.0.0.tar.bz2
Status Legend:
(OK):download completed.
```
#### 6) Resume Incomplete download
Make sure, whenever going to download big size of file (eg: ISO Images), i advise you to use -c option which will help us to resume the existing incomplete download from the state and complete as usual when we are facing any network connectivity issue or system problems. Otherwise when you are download again, it will initiate the fresh download and store to different file name (append .1 to the filename automatically). Note: If any interrupt happen, aria2 save file with .aria2 extension.
<iframe marginwidth="0" marginheight="0" scrolling="no" frameborder="0" height="90" width="728" id="_mN_gpt_827143833" style="border-width: 0px; border-style: initial; font-style: inherit; font-variant: inherit; font-weight: inherit; font-stretch: inherit; font-size: inherit; line-height: inherit; font-family: inherit; vertical-align: baseline;"></iframe>
```
# aria2c -c https://download.owncloud.org/community/owncloud-9.0.0.tar.bz2
[#db0b08 8.2MiB/21MiB(38%) CN:1 DL:3.1MiB ETA:4s]^C
03/22 10:09:26 [NOTICE] Shutdown sequence commencing... Press Ctrl-C again for emergency shutdown.
03/22 10:09:26 [NOTICE] Download GID#db0b08bf55d5908d not complete: /opt/owncloud-9.0.0.tar.bz2
Download Results:
gid |stat|avg speed |path/URI
======+====+===========+=======================================================
db0b08|INPR| 3.3MiB/s|/opt/owncloud-9.0.0.tar.bz2
Status Legend:
(INPR):download in-progress.
aria2 will resume download if the transfer is restarted.
# aria2c -c https://download.owncloud.org/community/owncloud-9.0.0.tar.bz2
[#873d08 21MiB/21MiB(98%) CN:1 DL:2.7MiB]
03/22 10:09:57 [NOTICE] Download complete: /opt/owncloud-9.0.0.tar.bz2
Download Results:
gid |stat|avg speed |path/URI
======+====+===========+=======================================================
873d08|OK | 1.9MiB/s|/opt/owncloud-9.0.0.tar.bz2
Status Legend:
(OK):download completed.
```
#### 7) Get the input from file
Alternatively wget can get the list of input URLs from file and start downloading. We need to create a file and store each URL in separate line. Add -i option with aria2 command to perform this action.
```
# aria2c -i test-aria2.txt
[DL:3.9MiB][#b97984 192KiB/21MiB(0%)][#673c8e 2.5MiB/3.6MiB(69%)]
03/22 10:14:22 [NOTICE] Download complete: /opt/wget-1.17.tar.gz
[#b97984 19MiB/21MiB(90%) CN:1 DL:2.5MiB]
03/22 10:14:30 [NOTICE] Download complete: /opt/owncloud-9.0.0.tar.bz2
Download Results:
gid |stat|avg speed |path/URI
======+====+===========+=======================================================
673c8e|OK | 4.3MiB/s|/opt/wget-1.17.tar.gz
b97984|OK | 2.5MiB/s|/opt/owncloud-9.0.0.tar.bz2
Status Legend:
(OK):download completed.
```
#### 8) Download using 2 connections per host
The maximum number of connections to one server for each download. By default this will establish one connection to each host. We can establish more then one connection to each host to speedup download by adding -x2 (2 means, two connection) option with aria2 command
```
# aria2c -x2 https://download.owncloud.org/community/owncloud-9.0.0.tar.bz2
[#ddd4cd 18MiB/21MiB(83%) CN:1 DL:5.0MiB]
03/22 10:16:27 [NOTICE] Download complete: /opt/owncloud-9.0.0.tar.bz2
Download Results:
gid |stat|avg speed |path/URI
======+====+===========+=======================================================
ddd4cd|OK | 5.5MiB/s|/opt/owncloud-9.0.0.tar.bz2
Status Legend:
(OK):download completed.
```
#### 9) Download Torrent Files
We can directly download a Torrent files using aria2 command.
```
# aria2c https://torcache.net/torrent/C86F4E743253E0EBF3090CCFFCC9B56FA38451A3.torrent?title=[kat.cr]irudhi.suttru.2015.official.teaser.full.hd.1080p.pathi.team.sr
[#388321 0B/0B CN:1 DL:0B]
03/22 20:06:14 [NOTICE] Download complete: /opt/[kat.cr]irudhi.suttru.2015.official.teaser.full.hd.1080p.pathi.team.sr.torrent
03/22 20:06:14 [ERROR] Exception caught
Exception: [BtPostDownloadHandler.cc:98] errorCode=25 Could not parse BitTorrent metainfo
Download Results:
gid |stat|avg speed |path/URI
======+====+===========+=======================================================
388321|OK | 11MiB/s|/opt/[kat.cr]irudhi.suttru.2015.official.teaser.full.hd.1080p.pathi.team.sr.torrent
Status Legend:
(OK):download completed.
```
#### 10) Download BitTorrent Magnet URI
Also we can directly download a Torrent files through BitTorrent Magnet URI using aria2 command.
```
# aria2c 'magnet:?xt=urn:btih:248D0A1CD08284299DE78D5C1ED359BB46717D8C'
```
#### 11) Download BitTorrent Metalink
Also we can directly download a Metalink file using aria2 command.
```
# aria2c https://curl.haxx.se/metalink.cgi?curl=tar.bz2
```
#### 12) Download a file from password protected site
Alternatively we can download a file from password protected site. The below command will download the file from password protected site.
```
# aria2c --http-user=xxx --http-password=xxx https://download.owncloud.org/community/owncloud-9.0.0.tar.bz2
# aria2c --ftp-user=xxx --ftp-password=xxx ftp://ftp.gnu.org/gnu/wget/wget-1.17.tar.gz
```
#### 13) Read more about aria2
If you want to know more option which is available for wget, you can grep the details on your terminal itself by firing below commands..
```
# man aria2c
or
# aria2c --help
```
Enjoy…)
--------------------------------------------------------------------------------
via: http://www.2daygeek.com/aria2-command-line-download-utility-tool/
作者:[MAGESH MARUTHAMUTHU][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:http://www.2daygeek.com/author/magesh/
[1]:http://www.2daygeek.com/aria2-command-line-download-utility-tool/
[2]:http://www.2daygeek.com/aria2-command-line-download-utility-tool/
[3]:http://www.2daygeek.com/install-uget-download-manager-on-ubuntu-centos-debian-fedora-mint-rhel-opensuse/
[4]:https://aria2.github.io/

59
sources/tech/20160602 Building a data science portfolio - Storytelling with data.md
View File

@ -1,3 +1,6 @@
@poodarchu 翻译中
Building a data science portfolio: Storytelling with data
========
@ -419,13 +422,13 @@ data["class_size"].head()
Out[4]:
| | CSD | BOROUGH | SCHOOL CODE | SCHOOL NAME | GRADE | PROGRAM TYPE | CORE SUBJECT (MS CORE and 9-12 ONLY) | CORE COURSE (MS CORE and 9-12 ONLY) | SERVICE CATEGORY(K-9* ONLY) | NUMBER OF STUDENTS / SEATS FILLED | NUMBER OF SECTIONS | AVERAGE CLASS SIZE | SIZE OF SMALLEST CLASS | SIZE OF LARGEST CLASS | DATA SOURCE | SCHOOLWIDE PUPIL-TEACHER RATIO |
| --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- |
| 0 | 1 | M | M015 | P.S. 015 Roberto Clemente | 0K | GEN ED | - | - | - | 19.0 | 1.0 | 19.0 | 19.0 | 19.0 | ATS | NaN |
| 1 | 1 | M | M015 | P.S. 015 Roberto Clemente | 0K | CTT | - | - | - | 21.0 | 1.0 | 21.0 | 21.0 | 21.0 | ATS | NaN |
| 2 | 1 | M | M015 | P.S. 015 Roberto Clemente | 01 | GEN ED | - | - | - | 17.0 | 1.0 | 17.0 | 17.0 | 17.0 | ATS | NaN |
| 3 | 1 | M | M015 | P.S. 015 Roberto Clemente | 01 | CTT | - | - | - | 17.0 | 1.0 | 17.0 | 17.0 | 17.0 | ATS | NaN |
| 4 | 1 | M | M015 | P.S. 015 Roberto Clemente | 02 | GEN ED | - | - | - | 15.0 | 1.0 | 15.0 | 15.0 | 15.0 | ATS | NaN |
| | CSD | BOROUGH | SCHOOL CODE | SCHOOL NAME | GRADE | PROGRAM TYPE | CORE SUBJECT (MS CORE and 9-12 ONLY) | CORE COURSE (MS CORE and 9-12 ONLY) | SERVICE CATEGORY(K-9* ONLY) | NUMBER OF STUDENTS / SEATS FILLED | NUMBER OF SECTIONS | AVERAGE CLASS SIZE | SIZE OF SMALLEST CLASS | SIZE OF LARGEST CLASS | DATA SOURCE | SCHOOLWIDE PUPIL-TEACHER RATIO |
| ---- | ---- | ------- | ----------- | ------------------------- | ----- | ------------ | ------------------------------------ | ----------------------------------- | --------------------------- | --------------------------------- | ------------------ | ------------------ | ---------------------- | --------------------- | ----------- | ------------------------------ |
| 0 | 1 | M | M015 | P.S. 015 Roberto Clemente | 0K | GEN ED | - | - | - | 19.0 | 1.0 | 19.0 | 19.0 | 19.0 | ATS | NaN |
| 1 | 1 | M | M015 | P.S. 015 Roberto Clemente | 0K | CTT | - | - | - | 21.0 | 1.0 | 21.0 | 21.0 | 21.0 | ATS | NaN |
| 2 | 1 | M | M015 | P.S. 015 Roberto Clemente | 01 | GEN ED | - | - | - | 17.0 | 1.0 | 17.0 | 17.0 | 17.0 | ATS | NaN |
| 3 | 1 | M | M015 | P.S. 015 Roberto Clemente | 01 | CTT | - | - | - | 17.0 | 1.0 | 17.0 | 17.0 | 17.0 | ATS | NaN |
| 4 | 1 | M | M015 | P.S. 015 Roberto Clemente | 02 | GEN ED | - | - | - | 15.0 | 1.0 | 15.0 | 15.0 | 15.0 | ATS | NaN |
As you can see above, it looks like the `DBN` is actually a combination of `CSD`, `BOROUGH`, and `SCHOOL CODE`. For those unfamiliar with New York City, it is composed of `5` boroughs. Each borough is an organizational unit, and is about the same size as a fairly large US City.`DBN` stands for `District Borough Number`. It looks like `CSD` is the District, `BOROUGH` is the borough, and when combined with the `SCHOOL CODE`, forms the `DBN`. Theres no systematized way to find insights like this in data, and it requires some exploration and playing around to figure out.
@ -468,13 +471,13 @@ survey.head()
```
Out[16]:
| | N_p | N_s | N_t | aca_p_11 | aca_s_11 | aca_t_11 | aca_tot_11 | bn | com_p_11 | com_s_11 | ... | t_q8c_1 | t_q8c_2 | t_q8c_3 | t_q8c_4 | t_q9 | t_q9_1 | t_q9_2 | t_q9_3 | t_q9_4 | t_q9_5 |
| --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- |
| 0 | 90.0 | NaN | 22.0 | 7.8 | NaN | 7.9 | 7.9 | M015 | 7.6 | NaN | ... | 29.0 | 67.0 | 5.0 | 0.0 | NaN | 5.0 | 14.0 | 52.0 | 24.0 | 5.0 |
| 1 | 161.0 | NaN | 34.0 | 7.8 | NaN | 9.1 | 8.4 | M019 | 7.6 | NaN | ... | 74.0 | 21.0 | 6.0 | 0.0 | NaN | 3.0 | 6.0 | 3.0 | 78.0 | 9.0 |
| 2 | 367.0 | NaN | 42.0 | 8.6 | NaN | 7.5 | 8.0 | M020 | 8.3 | NaN | ... | 33.0 | 35.0 | 20.0 | 13.0 | NaN | 3.0 | 5.0 | 16.0 | 70.0 | 5.0 |
| 3 | 151.0 | 145.0 | 29.0 | 8.5 | 7.4 | 7.8 | 7.9 | M034 | 8.2 | 5.9 | ... | 21.0 | 45.0 | 28.0 | 7.0 | NaN | 0.0 | 18.0 | 32.0 | 39.0 | 11.0 |
| 4 | 90.0 | NaN | 23.0 | 7.9 | NaN | 8.1 | 8.0 | M063 | 7.9 | NaN | ... | 59.0 | 36.0 | 5.0 | 0.0 | NaN | 10.0 | 5.0 | 10.0 | 60.0 | 15.0 |
| | N_p | N_s | N_t | aca_p_11 | aca_s_11 | aca_t_11 | aca_tot_11 | bn | com_p_11 | com_s_11 | ... | t_q8c_1 | t_q8c_2 | t_q8c_3 | t_q8c_4 | t_q9 | t_q9_1 | t_q9_2 | t_q9_3 | t_q9_4 | t_q9_5 |
| ---- | ----- | ----- | ---- | -------- | -------- | -------- | ---------- | ---- | -------- | -------- | ---- | ------- | ------- | ------- | ------- | ---- | ------ | ------ | ------ | ------ | ------ |
| 0 | 90.0 | NaN | 22.0 | 7.8 | NaN | 7.9 | 7.9 | M015 | 7.6 | NaN | ... | 29.0 | 67.0 | 5.0 | 0.0 | NaN | 5.0 | 14.0 | 52.0 | 24.0 | 5.0 |
| 1 | 161.0 | NaN | 34.0 | 7.8 | NaN | 9.1 | 8.4 | M019 | 7.6 | NaN | ... | 74.0 | 21.0 | 6.0 | 0.0 | NaN | 3.0 | 6.0 | 3.0 | 78.0 | 9.0 |
| 2 | 367.0 | NaN | 42.0 | 8.6 | NaN | 7.5 | 8.0 | M020 | 8.3 | NaN | ... | 33.0 | 35.0 | 20.0 | 13.0 | NaN | 3.0 | 5.0 | 16.0 | 70.0 | 5.0 |
| 3 | 151.0 | 145.0 | 29.0 | 8.5 | 7.4 | 7.8 | 7.9 | M034 | 8.2 | 5.9 | ... | 21.0 | 45.0 | 28.0 | 7.0 | NaN | 0.0 | 18.0 | 32.0 | 39.0 | 11.0 |
| 4 | 90.0 | NaN | 23.0 | 7.9 | NaN | 8.1 | 8.0 | M063 | 7.9 | NaN | ... | 59.0 | 36.0 | 5.0 | 0.0 | NaN | 10.0 | 5.0 | 10.0 | 60.0 | 15.0 |
5 rows × 2773 columns
@ -513,13 +516,13 @@ data["class_size"].head()
Out[18]:
| | CSD | BOROUGH | SCHOOL CODE | SCHOOL NAME | GRADE | PROGRAM TYPE | CORE SUBJECT (MS CORE and 9-12 ONLY) | CORE COURSE (MS CORE and 9-12 ONLY) | SERVICE CATEGORY(K-9* ONLY) | NUMBER OF STUDENTS / SEATS FILLED | NUMBER OF SECTIONS | AVERAGE CLASS SIZE | SIZE OF SMALLEST CLASS | SIZE OF LARGEST CLASS | DATA SOURCE | SCHOOLWIDE PUPIL-TEACHER RATIO | DBN |
| --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- | --- |
| 0 | 1 | M | M015 | P.S. 015 Roberto Clemente | 0K | GEN ED | - | - | - | 19.0 | 1.0 | 19.0 | 19.0 | 19.0 | ATS | NaN | 01M015 |
| 1 | 1 | M | M015 | P.S. 015 Roberto Clemente | 0K | CTT | - | - | - | 21.0 | 1.0 | 21.0 | 21.0 | 21.0 | ATS | NaN | 01M015 |
| 2 | 1 | M | M015 | P.S. 015 Roberto Clemente | 01 | GEN ED | - | - | - | 17.0 | 1.0 | 17.0 | 17.0 | 17.0 | ATS | NaN | 01M015 |
| 3 | 1 | M | M015 | P.S. 015 Roberto Clemente | 01 | CTT | - | - | - | 17.0 | 1.0 | 17.0 | 17.0 | 17.0 | ATS | NaN | 01M015 |
| 4 | 1 | M | M015 | P.S. 015 Roberto Clemente | 02 | GEN ED | - | - | - | 15.0 | 1.0 | 15.0 | 15.0 | 15.0 | ATS | NaN | 01M015 |
| | CSD | BOROUGH | SCHOOL CODE | SCHOOL NAME | GRADE | PROGRAM TYPE | CORE SUBJECT (MS CORE and 9-12 ONLY) | CORE COURSE (MS CORE and 9-12 ONLY) | SERVICE CATEGORY(K-9* ONLY) | NUMBER OF STUDENTS / SEATS FILLED | NUMBER OF SECTIONS | AVERAGE CLASS SIZE | SIZE OF SMALLEST CLASS | SIZE OF LARGEST CLASS | DATA SOURCE | SCHOOLWIDE PUPIL-TEACHER RATIO | DBN |
| ---- | ---- | ------- | ----------- | ------------------------- | ----- | ------------ | ------------------------------------ | ----------------------------------- | --------------------------- | --------------------------------- | ------------------ | ------------------ | ---------------------- | --------------------- | ----------- | ------------------------------ | ------ |
| 0 | 1 | M | M015 | P.S. 015 Roberto Clemente | 0K | GEN ED | - | - | - | 19.0 | 1.0 | 19.0 | 19.0 | 19.0 | ATS | NaN | 01M015 |
| 1 | 1 | M | M015 | P.S. 015 Roberto Clemente | 0K | CTT | - | - | - | 21.0 | 1.0 | 21.0 | 21.0 | 21.0 | ATS | NaN | 01M015 |
| 2 | 1 | M | M015 | P.S. 015 Roberto Clemente | 01 | GEN ED | - | - | - | 17.0 | 1.0 | 17.0 | 17.0 | 17.0 | ATS | NaN | 01M015 |
| 3 | 1 | M | M015 | P.S. 015 Roberto Clemente | 01 | CTT | - | - | - | 17.0 | 1.0 | 17.0 | 17.0 | 17.0 | ATS | NaN | 01M015 |
| 4 | 1 | M | M015 | P.S. 015 Roberto Clemente | 02 | GEN ED | - | - | - | 15.0 | 1.0 | 15.0 | 15.0 | 15.0 | ATS | NaN | 01M015 |
There are several rows for each high school (as you can see by the repeated `DBN` and `SCHOOL NAME` fields). However, if we take a look at the `sat_results` dataset, it only has one row per high school:
@ -531,13 +534,13 @@ data["sat_results"].head()
Out[21]:
| | DBN | SCHOOL NAME | Num of SAT Test Takers | SAT Critical Reading Avg. Score | SAT Math Avg. Score | SAT Writing Avg. Score |
| --- | --- | --- | --- | --- | --- | --- |
| 0 | 01M292 | HENRY STREET SCHOOL FOR INTERNATIONAL STUDIES | 29 | 355 | 404 | 363 |
| 1 | 01M448 | UNIVERSITY NEIGHBORHOOD HIGH SCHOOL | 91 | 383 | 423 | 366 |
| 2 | 01M450 | EAST SIDE COMMUNITY SCHOOL | 70 | 377 | 402 | 370 |
| 3 | 01M458 | FORSYTH SATELLITE ACADEMY | 7 | 414 | 401 | 359 |
| 4 | 01M509 | MARTA VALLE HIGH SCHOOL | 44 | 390 | 433 | 384 |
| | DBN | SCHOOL NAME | Num of SAT Test Takers | SAT Critical Reading Avg. Score | SAT Math Avg. Score | SAT Writing Avg. Score |
| ---- | ------ | ---------------------------------------- | ---------------------- | ------------------------------- | ------------------- | ---------------------- |
| 0 | 01M292 | HENRY STREET SCHOOL FOR INTERNATIONAL STUDIES | 29 | 355 | 404 | 363 |
| 1 | 01M448 | UNIVERSITY NEIGHBORHOOD HIGH SCHOOL | 91 | 383 | 423 | 366 |
| 2 | 01M450 | EAST SIDE COMMUNITY SCHOOL | 70 | 377 | 402 | 370 |
| 3 | 01M458 | FORSYTH SATELLITE ACADEMY | 7 | 414 | 401 | 359 |
| 4 | 01M509 | MARTA VALLE HIGH SCHOOL | 44 | 390 | 433 | 384 |
In order to combine these datasets, well need to find a way to condense datasets like `class_size` to the point where theres only a single row per high school. If not, there wont be a way to compare SAT scores to class size. We can accomplish this by first understanding the data better, then by doing some aggregation. With the `class_size`dataset, it looks like `GRADE` and `PROGRAM TYPE` have multiple values for each school. By restricting each field to a single value, we can filter most of the duplicate rows. In the below code, we:

69
sources/tech/20160604 Microfluidic cooling may prevent the demise of Moore's Law.md
View File

@ -1,69 +0,0 @@
**************Translating By messon007**************
Microfluidic cooling may prevent the demise of Moore's Law
============================================================
![](http://tr1.cbsistatic.com/hub/i/r/2015/12/09/a7cb82d1-96e8-43b5-bfbd-d4593869b230/resize/620x/9607388a284e3a61a39f4399a9202bd7/networkingistock000042544852agsandrew.jpg)
>Image: iStock/agsandrew
Existing technology's inability to keep microchips cool is fast becoming the number one reason why [Moore's Law][1] may soon meet its demise.
In the ongoing need for digital speed, scientists and engineers are working hard to squeeze more transistors and support circuitry onto an already-crowded piece of silicon. However, as complex as that seems, it pales in comparison to the [problem of heat buildup][2].
"Right now, we're limited in the power we can put into microchips," says John Ditri, principal investigator at Lockheed Martin in [this press release][3]. "One of the biggest challenges is managing the heat. If you can manage the heat, you can use fewer chips, and that means using less material, which results in cost savings as well as reduced system size and weight. If you manage the heat and use the same number of chips, you'll get even greater performance in your system."
Resistance to the flow of electrons through silicon causes the heat, and packing so many transistors in such a small space creates enough heat to destroy components. One way to eliminate heat buildup is to reduce the flow of electrons by [using photonics at the chip level][4]. However, photonic technology is not without its set of problems.
SEE: [Silicon photonics will revolutionize data centers in 2015][5]
### Microfluid cooling might be the answer
To seek out other solutions, the Defense Advanced Research Projects Agency (DARPA) has initiated a program called [ICECool Applications][6] (Intra/Interchip Enhanced Cooling). "ICECool is exploring disruptive thermal technologies that will mitigate thermal limitations on the operation of military electronic systems while significantly reducing the size, weight, and power consumption," explains the [GSA website FedBizOpps.gov][7].
What is unique about this method of cooling is the push to use a combination of intra- and/or inter-chip microfluidic cooling and on-chip thermal interconnects.
![](http://tr4.cbsistatic.com/hub/i/r/2016/05/25/fd3d0d17-bd86-4d25-a89a-a7050c4d59c4/resize/300x/e9c18034bde66526310c667aac92fbf5/microcooling-1.png)
>MicroCooling 1 Image: DARPA
The [DARPA ICECool Application announcement][8] notes, "Such miniature intra- and/or inter-chip passages (see right) may take the form of axial micro-channels, radial passages, and/or cross-flow passages, and may involve micro-pores and manifolded structures to distribute and re-direct liquid flow, including in the form of localized liquid jets, in the most favorable manner to meet the specified heat flux and heat density metrics."
Using the above technology, engineers at Lockheed Martin have experimentally demonstrated how on-chip cooling is a significant improvement. "Phase I of the ICECool program verified the effectiveness of Lockheed's embedded microfluidic cooling approach by showing a four-times reduction in thermal resistance while cooling a thermal demonstration die dissipating 1 kW/cm2 die-level heat flux with multiple local 30 kW/cm2 hot spots," mentions the Lockheed Martin press release.
In phase II of the Lockheed Martin project, the engineers focused on RF amplifiers. The press release continues, "Utilizing its ICECool technology, the team has been able to demonstrate greater than six times increase in RF output power from a given amplifier while still running cooler than its conventionally cooled counterpart."
### Moving to production
Confident of the technology, Lockheed Martin is already designing and building a functional microfluidic cooled transmit antenna. Lockheed Martin is also collaborating with Qorvo to integrate its thermal solution with Qorvo's high-performance [GaN process][9].
The authors of the research paper [DARPA's Intra/Interchip Enhanced Cooling (ICECool) Program][10] suggest ICECool Applications will produce a paradigm shift in the thermal management of electronic systems. "ICECool Apps performers will define and demonstrate intra-chip and inter-chip thermal management approaches that are tailored to specific applications and this approach will be consistent with the materials sets, fabrication processes, and operating environment of the intended application."
If this microfluidic technology is as successful as scientists and engineers suggest, it seems Moore's Law does have a fighting chance.
For more about networking, subscribe to our Data Centers newsletter.
[SUBSCRIBE](https://secure.techrepublic.com/user/login/?regSource=newsletter-button&position=newsletter-button&appId=true&redirectUrl=http%3A%2F%2Fwww.techrepublic.com%2Farticle%2Fmicrofluidic-cooling-may-prevent-the-demise-of-moores-law%2F&)
--------------------------------------------------------------------------------
via: http://www.techrepublic.com/article/microfluidic-cooling-may-prevent-the-demise-of-moores-law/
作者:[Michael Kassner][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: http://www.techrepublic.com/search/?a=michael+kassner
[1]: http://www.intel.com/content/www/us/en/history/museum-gordon-moore-law.html
[2]: https://books.google.com/books?id=mfec2Zw_b7wC&pg=PA154&lpg=PA154&dq=does+heat+destroy+transistors&source=bl&ots=-aNdbMD7FD&sig=XUUiaYG_6rcxHncx4cI4Cqe3t20&hl=en&sa=X&ved=0ahUKEwif4M_Yu_PMAhVL7oMKHW3GC3cQ6AEITTAH#v=onepage&q=does%20heat%20destroy%20transis
[3]: http://www.lockheedmartin.com/us/news/press-releases/2016/march/160308-mst-cool-technology-turns-down-the-heat-on-high-tech-equipment.html
[4]: http://www.techrepublic.com/article/silicon-photonics-will-revolutionize-data-centers-in-2015/
[5]: http://www.techrepublic.com/article/silicon-photonics-will-revolutionize-data-centers-in-2015/
[6]: https://www.fbo.gov/index?s=opportunity&mode=form&id=0be99f61fbac0501828a9d3160883b97&tab=core&_cview=1
[7]: https://www.fbo.gov/index?s=opportunity&mode=form&id=0be99f61fbac0501828a9d3160883b97&tab=core&_cview=1
[8]: https://www.fbo.gov/index?s=opportunity&mode=form&id=0be99f61fbac0501828a9d3160883b97&tab=core&_cview=1
[9]: http://electronicdesign.com/communications/what-s-difference-between-gaas-and-gan-rf-power-amplifiers
[10]: http://www.csmantech.org/Digests/2013/papers/050.pdf

77
sources/tech/20160806 How to Encrypt and Decrypt Files and Directories Using Tar and OpenSSL.md
View File

@ -1,77 +0,0 @@
OneNewLife translating
# How to Encrypt and Decrypt Files and Directories Using Tar and OpenSSL
When you have important sensitive data, then its crucial to have an extra layer of security to your files and directories, specially when you need to transmit the data with others over a network.
Thats the reason, I am looking for a utility to encrypt and decrypt certain files and directories in Linux, luckily I found a solution that tar with OpenSSL can do the trick, yes with the help of these two tools you can easily create and encrypt tar archive file without any hassle.
In this article, we will see how to create and encrypt a tar or gz (gzip) archive file with OpenSSL:
Remember that the conventional form of using OpenSSL is:
```
# openssl command command-options arguments
```
#### Encrypt Files in Linux
To encrypt the contents of the current working directory (depending on the size of the files, this may take a while):
```
# tar -czf - * | openssl enc -e -aes256 -out secured.tar.gz
```
Explanation of the above command:
1. `enc`  openssl command to encode with ciphers
2. `-e`  a enc command option to encrypt the input file, which in this case is the output of the tar command
3. `-aes256`  the encryption cipher
4. `-out`  enc option used to specify the name of the out filename, secured.tar.gz
#### Decrypt Files in Linux
To decrypt a tar archive contents, use the following command.
```
# openssl enc -d -aes256 -in secured.tar.gz | tar xz -C test
```
Explanation of the above command:
1. `-d`  used to decrypt the files
2. `-C`  extract in subdirectory named test
The following image shows the encryption process and what happens when you try to:
1. extract the contents of the tarball the traditional way
2. use the wrong password, and
3. when you enter the right password
[![Encrypt or Decrypt Tar Archive File in Linux](http://www.tecmint.com/wp-content/uploads/2016/08/Encrypt-Decrypt-Tar-Archive-Files-in-Linux.png)][1]
Encrypt or Decrypt Tar Archive File in Linux
When you are working on a local network or the Internet, you can always secure your vital documents or files that you share with others by encrypting them, this can help reduce the risk of exposing them to malicious attackers.
We looked at a simple technique of encrypting tarballs using OpenSSL, a openssl command line tool. You can refer to its man page for more information and useful commands.
As usual, for any additional thoughts or simple tips that you wish to share with us, use the feedback form below and in the upcoming tip, we shall look at a way of translating rwx permissions into octal form.
--------------------------------------------------------------------------------
via: http://www.tecmint.com/encrypt-decrypt-files-tar-openssl-linux/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+tecmint+%28Tecmint%3A+Linux+Howto%27s+Guide%29
作者:[Gabriel Cánepa][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: http://www.tecmint.com/author/gacanepa/
[1]:http://www.tecmint.com/wp-content/uploads/2016/08/Encrypt-Decrypt-Tar-Archive-Files-in-Linux.png

148
sources/tech/20161018 Suspend to Idle.md Normal file
View File

@ -0,0 +1,148 @@
bjwrkj 翻译中..
# Suspend to Idle
### Introduction
The Linux kernel supports a variety of sleep states.  These states provide power savings by placing the various parts of the system into low power modes.  The four sleep states are suspend to idle, power-on standby (standby), suspend to ram, and suspend to disk.  These are also referred to sometimes by their ACPI state: S0, S1, S3, and S4, respectively.  Suspend to idle is purely software driven and involves keeping the CPUs in their deepest idle state as much as possible.  Power-on standby involves placing devices in low power states and powering off all non-boot CPUs.  Suspend to ram takes this further by powering off all CPUs and putting the memory into self-refresh.  Lastly, suspend to disk gets the greatest power savings through powering off as much of the system as possible, including the memory.  The contents of memory are written to disk, and on resume this is read back into memory.
This blog post focuses on the implementation of suspend to idle.  As described above, suspend to idle is a software implemented sleep state.  The system goes through a normal platform suspend where it freezes the user space and puts peripherals into low-power states.  However, instead of powering off and hotplugging out CPUs, the system is quiesced and forced into an idle cpu state.  With peripherals in low power mode, no IRQs should occur, aside from wake related irqs.  These wake irqs could be timers set to wake the system (RTC, generic timers, etc), or other sources like power buttons, USB, and other peripherals.
During freeze, a special cpuidle function is called as processors enter idle.  This enter_freeze() function can be as simple as calling the cpuidle enter() function, or can be much more complex.  The complexity of the function is dependent on the SoCs requirements and methods for placing the SoC into lower power modes.
### Prerequisites
### Platform suspend_ops
Typically, to support S2I, a system must implement a platform_suspend_ops and provide at least minimal suspend support.  This meant filling in at least the valid() function in the platform_suspend_ops.  If suspend-to-idle and suspend-to-ram was to be supported, the suspend_valid_only_mem would be used for the valid function.
Recently, however, automatic support for S2I was added to the kernel.  Sudeep Holla proposed a change that would provide S2I support on systems without requiring the implementation of platform_suspend_ops.  This patch set was accepted and will be part of the 4.9 release.  The patch can be found at:  [https://lkml.org/lkml/2016/8/19/474][1]
With suspend_ops defined, the system will report the valid platform suspend states when the /sys/power/state is read.
```
# cat /sys/power/state
```
freeze mem_
This example shows that both S0 (suspend to idle) and S3 (suspend to ram) are supported on this platform.  With Sudeeps change, only freeze will show up for platforms which do not implement platform_suspend_ops.
### Wake IRQ support
Once the system is placed into a sleep state, the system must receive wake events which will resume the system.  These wake events are generated from devices on the system.  It is important to make sure that device drivers utilize wake irqs and configure themselves to generate wake events upon receiving wake irqs.  If wake devices are not identified properly, the system will take the interrupt and then go back to sleep and will not resume.
Once devices implement proper wake API usage, they can be used to generate wake events.  Make sure DT files also specify wake sources properly.  An example of configuring a wakeup-source is the following (arch/arm/boot/dst/am335x-evm.dts):
```
    gpio_keys: volume_keys@0 {__
               compatible = “gpio-keys”;
               #address-cells = <1>;
               #size-cells = <0>;
               autorepeat;
               switch@9 {
                       label = “volume-up”;
                       linux,code = <115>;
                       gpios = <&gpio0 2 GPIO_ACTIVE_LOW>;
                       wakeup-source;
               };
               switch@10 {
                       label = “volume-down”;
                       linux,code = <114>;
                       gpios = <&gpio0 3 GPIO_ACTIVE_LOW>;
                       wakeup-source;
               };
       };
```
As you can see, two gpio keys are defined to be wakeup-sources.  Either of these keys, when pressed, would generate a wake event during suspend.
An alternative to DT configuration is if the device driver itself configures wake support in the code using the typical wakeup facilities.
### Implementation
### Freeze function
Systems should define a enter_freeze() function in their cpuidle driver if they want to take full advantage of suspend to idle.  The enter_freeze() function uses a slightly different function prototype than the enter() function.  As such, you cant just specify the enter() for both enter and enter_freeze.  At a minimum, it will directly call the enter() function.  If no enter_freeze() is specified, the suspend will occur, but the extra things that would have occurred if enter_freeze() was present, like tick_freeze() and stop_critical_timings(), will not occur.  This results in timer IRQs waking up the system.  This will not result in a resume, as the system will go back into suspend after handling the IRQ.
During suspend, minimal interrupts should occur (ideally none).
The picture below shows a plot of power usage vs time.  The two spikes on the graph are the suspend and the resume.  The small periodic spikes before and after the suspend are the system exiting idle to do bookkeeping operations, scheduling tasks, and handling timers.  It takes a certain period of time for the system to go back into the deeper idle state due to latency.
![blog-picture-one](http://www.linaro.org/wp-content/uploads/2016/10/blog-picture-one-1024x767.png)
Power Usage Time Progression
The ftrace capture shown below displays the activity on the 4 CPUs before, during, and after the suspend/resume operation.  As you can see, during the suspend, no IPIs or IRQs are handled.  
![blog-picture-2](http://www.linaro.org/wp-content/uploads/2016/10/blog-picture-2-1024x577.png)
Ftrace capture of Suspend/Resume
### Idle State Support
You must determine which idle states support freeze.  During freeze, the power code will determine the deepest idle state that supports freeze.  This is done by iterating through the idle states and looking for which states have defined enter_freeze().  The cpuidle driver or SoC specific suspend code must determine which idle states should implement freeze and it must configure them by specifying the freeze function for all applicable idle states for each cpu.
As an example, the Qualcomm platform will set the enter_freeze function during the suspend init function in the platform suspend code.  This is done after the cpuidle driver is initialized so that all structures are defined and in place.
### Driver support for Suspend/Resume
You may encounter buggy drivers during your first successful suspend operation.  Many drivers have not had robust testing of suspend/resume paths.  You may even find that suspend may not have much to do because pm_runtime has already done everything you would have done in the suspend.  Because the user space is frozen, the devices should already be idled and pm_runtime disabled.
### Testing
Testing for suspend to idle can be done either manually, or through using something that does an auto suspend (script/process/etc), auto sleep or through something like Android where if a wakelock is not held the system continuously tried to suspend.  If done manually, the following will place the system in freeze:
```
/ # echo freeze > /sys/power/state
[  142.580832] PM: Syncing filesystems … done.
[  142.583977] Freezing user space processes … (elapsed 0.001 seconds) done.
[  142.591164] Double checking all user space processes after OOM killer disable… (elapsed 0.000 seconds)
[  142.600444] Freezing remaining freezable tasks … (elapsed 0.001 seconds) done._
_[  142.608073] Suspending console(s) (use no_console_suspend to debug)
[  142.708787] mmc1: Reset 0x1 never completed.
[  142.710608] msm_otg 78d9000.phy: USB in low power mode
[  142.711379] PM: suspend of devices complete after 102.883 msecs
[  142.712162] PM: late suspend of devices complete after 0.773 msecs
[  142.712607] PM: noirq suspend of devices complete after 0.438 msecs
< system suspended >
….
< wake irq triggered >
[  147.700522] PM: noirq resume of devices complete after 0.216 msecs
[  147.701004] PM: early resume of devices complete after 0.353 msecs
[  147.701636] msm_otg 78d9000.phy: USB exited from low power mode
[  147.704492] PM: resume of devices complete after 3.479 msecs
[  147.835599] Restarting tasks … done.
/ #
```
In the above example, it should be noted that the MMC driver was responsible for 100ms of that 102.883ms.  Some device drivers will still have work to do when suspending.  This may be flushing of data out to disk or other tasks which take some time.
If the system has freeze defined, it will try to suspend the system.  If it does not have freeze capabilities, you will see the following:
```
/ # echo freeze > /sys/power/state 
sh: write error: Invalid argument
/ #
```
### Future Developments
There are two areas where work is currently being done on Suspend to Idle on ARM platforms.  The first area was mentioned earlier in the platform_suspend_ops prerequisite section.  The work to always allow for the freeze state was accepted and will be part of the 4.9 kernel.  The other area that is being worked on is the freeze_function support.
The freeze_function implementation is currently required if you want the best response/performance.  However, since most SoCs will use the ARM cpuidle driver, it makes sense for the ARM cpuidle driver to implement its own generic freeze_function.  And in fact, ARM is working to add this generic support.  A SoC vendor should only have to implement specialized freeze_functions if they implement their own cpuidle driver or require additional provisioning before entering their deepest freezable idle state.
--------------------------------------------------------------------------------
via: http://www.linaro.org/blog/suspend-to-idle/
作者:[Andy Gross][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:http://www.linaro.org/author/andygross/
[1]:https://lkml.org/lkml/2016/8/19/474

2
sources/tech/20161024 Getting Started with Webpack 2.md → sources/tech/20161024 Getting Started with Webpack 2.md
View File

@ -1,3 +1,5 @@
OneNewLife translating
# Getting Started with Webpack 2
![](https://cdn-images-1.medium.com/max/2000/1*yI44h8Df-l-2LUqvXIi8JQ.png)

73
sources/tech/20161024 Physical RAM attack can root Android and possibly other devices.md
View File

@ -1,73 +0,0 @@
wcnnbdk1 translating
Physical RAM attack can root Android and possibly other devices
===
>Attackers can reliably flip bits in physical memory cells in order to compromise mobile devices and computers
![](http://images.techhive.com/images/idgnsImport/2015/08/id-2969037-security1-100606370-large.jpg)
Researchers have devised a new way to compromise Android devices without exploiting any software vulnerabilities and instead taking advantage of a physical design weakness in RAM chips. The attack technique could also affect other ARM and x86-based devices and computers.
The attack stems from the push over the past decade to pack more DRAM (dynamic random-access memory) capacity onto increasingly smaller chips, which can lead to memory cells on adjacent rows leaking electric charges to one another under certain conditions.
For example, repeated and rapid accessing of physical memory locations -- an action now dubbed "hammering" -- can cause the bit values from adjacent locations to flip from 0 to 1 or the other way around.
While such electrical interference has been known for a while and has been studied by vendors from a reliability standpoint -- because memory corruption can lead to system crashes -- researchers have shown that it can also have serious security implications when triggered in a controlled manner.
In March 2015, researchers from Google's Project Zero [presented two privilege escalation exploits][7] based on this memory "row hammer" effect on the x86-64 CPU architecture. One of the exploits allowed code to escape the Google Chrome sandbox and be executed directly on the OS and the other gained kernel-level privileges on a Linux machine.
Since then, other researchers have further investigated the problem and have shown that it could be [exploited from websites through JavaScript][6] or [could affect virtualized servers][5] running in cloud environments. However, there have been doubts about whether the technique would also work on the significantly different ARM architecture used in smartphones and other mobile devices.
But now, a team of researchers from the VUSec Group at Vrije Universiteit Amsterdam in the Netherlands, the Graz University of Technology in Austria, and the University of California in Santa Barbara has demonstrated not only are Rowhammer attacks possible on ARM, but they're even easier to pull off than on x86.
The researchers dubbed their new attack Drammer, which stands for deterministic Rowhammer, and plan to present it Wednesday at the 23rd ACM Conference on Computer and Communications Security in Vienna. The attack builds upon previous Rowhammer techniques devised and demonstrated in the past.
The VUSec researchers have created a malicious Android application that doesn't require any permissions and gains root privileges when it is executed by using undetectable memory bit flipping.
The researchers tested 27 Android devices from different manufacturers, 21 using ARMv7 (32-bit) and six using ARMv8 (64-bit) architectures. They managed to flip bits on 17 of the ARMv7 devices and one of the ARMv8 devices, indicating they are vulnerable to the attack.
Furthermore, Drammer can be combined with other Android vulnerabilities such as [Stagefright][4] or [BAndroid][3] to build remote attacks that don't require users to manually download the malicious app.
Google is aware of this type of attack. "After researchers reported this issue to our Vulnerability Rewards Program, we worked closely with them to deeply understand it in order to better secure our users," a Google representative said in an emailed statement. "Weve developed a mitigation which we will include in our upcoming November security bulletin.”
Google's mitigation complicates the attack, but it doesn't fix the underlying problem, according to the VUSec researchers.
In fact, fixing what is essentially a hardware issue in software is impossible. Hardware vendors are investigating the problem and may be able to fix it in future memory chips, but chips present in existing devices will likely remain vulnerable.
Even worse, it's hard to say which devices are affected because there are many factors that come into play and haven't yet been fully investigated, the researchers said. For example, a memory controller might behave differently when the device battery level is under a certain threshold, so a device that doesn't appear to be vulnerable under a full charge might be vulnerable when its battery is low, the researchers explained.
Also, there's an adage in cybersecurity: Attacks always get better, they never get worse. Rowhammer attacks have grown from theoretical to practical but probabilistic and now to practical and deterministic. This means that a device that does not appear to be affected today could be proven vulnerable to an improved Rowhammer technique tomorrow.
Drammer was demonstrated on Android because the researchers wanted to investigate the impact on ARM-based devices, but the underlying technique likely applies to all architectures and operating systems. The new attack is also a vast improvement over past techniques that required either luck or special features that are present only on certain platforms and easily disabled.
Drammer relies on DMA (direct memory access) buffers used by many hardware subsystems, including graphics, network, and sound. While Drammer is implemented using Android's ION memory allocator, APIs and methods to allocate DMA buffers are present in all operating systems, and this warning is one of the paper's major contributions.
"For the very first time, we show that we can do targeted, fully reliable and deterministic Rowhammer without any special feature," said Cristiano Giuffrida, one of the VUSec researchers. "The memory massaging part is not even Android specific. It will work on any Linux platform -- and we suspect also on other operating systems -- because it exploits the inherent properties of the memory management inside the OS kernel."
"I expect that we're going to see many other flavors of this attack on different platforms," added Herbert Bos, a professor at Vrije Universiteit Amsterdam and leader of the VUSec Systems Security research group.
Along with their [paper][2], the researchers have released an Android app that can test if an Android device is vulnerable to Rowhammer -- at least to the currently known techniques. The app is not yet available on Google Play but can be downloaded from the [VUSec Drammer website][1] to be installed manually. An open-source Rowhammer simulator that can help other researchers investigate this issue further is also available.
--------------------------------------------------------------------------------
via:http://www.csoonline.com/article/3134726/security/physical-ram-attack-can-root-android-and-possibly-other-devices.html
作者:[Lucian Constantin][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: http://www.csoonline.com/author/Lucian-Constantin/
[1]:https://www.vusec.net/projects/drammer/
[2]:https://vvdveen.com/publications/drammer.pdf
[3]:https://www.vusec.net/projects/bandroid/
[4]:http://www.csoonline.com/article/3045836/security/new-stagefright-exploit-puts-millions-of-android-devices-at-risk.html
[5]:http://www.infoworld.com/article/3105889/security/flip-feng-shui-attack-on-cloud-vms-exploits-hardware-weaknesses.html
[6]:http://www.computerworld.com/article/2954582/security/researchers-develop-astonishing-webbased-attack-on-a-computers-dram.html
[7]:http://www.computerworld.com/article/2895898/google-researchers-hack-computers-using-dram-electrical-leaks.html
[8]:http://csoonline.com/newsletters/signup.html

180
sources/tech/20161025 3 Ways to Delete All Files in a Directory Except One or Few Files with Extensions.md
View File

@ -1,180 +0,0 @@
yangmingming translating
# 3 Ways to Delete All Files in a Directory Except One or Few Files with Extensions
Sometimes you get into a situation where you need to delete all files in a directory or simply cleanup a directory by removing all files except files of a given type (ending with a particular extension).
In this article, we will show you how to delete files in a directory except certain file extensions or types using rm, find and globignore commands.
Before we move any further, let us start by briefly having a look at one important concept in Linux filename pattern matching, which will enable us to deal with our issue at hand.
In Linux, a shell pattern is a string that consists of the following special characters, which are referred to as wildcards or metacharacters:
1. `*`  matches zero or more characters
2. `?`  matches any single character
3. `[seq]`  matches any character in seq
4. `[!seq]`  matches any character not in seq
There are three possible methods we shall explore here, and these include:
### Delete Files Using Extended Pattern Matching Operators
The different extended pattern matching operators are listed below, where pattern-list is a list containing one or more filenames, separated using the `|` character:
1. `*(pattern-list)`  matches zero or more occurrences of the specified patterns
2. `?(pattern-list)`  matches zero or one occurrence of the specified patterns
3. +(pattern-list)  matches one or more occurrences of the specified patterns
4. `@(pattern-list)`  matches one of the specified patterns
5. `!(pattern-list)`  matches anything except one of the given patterns
To use them, enable the extglob shell option as follows:
```
# shopt -s extglob
```
#### 1. To delete all files in a directory except filename, type the command below:
```
$ rm -v !("filename")
```
[![Delete All Files Except One File in Linux](http://www.tecmint.com/wp-content/uploads/2016/10/DeleteAll-Files-Except-One-File-in-Linux.png)][9]
Delete All Files Except One File in Linux
#### 2. To delete all files with the exception of filename1 and filename2:
```
$ rm -v !("filename1"|"filename2")
```
[![Delete All Files Except Few Files in Linux](http://www.tecmint.com/wp-content/uploads/2016/10/Delete-All-Files-Except-Few-Files-in-Linux.png)][8]
Delete All Files Except Few Files in Linux
#### 3. The example below shows how to remove all files other than all `.zip` files interactively:
```
$ rm -i !(*.zip)
```
[![Delete All Files Except Zip Files in Linux](http://www.tecmint.com/wp-content/uploads/2016/10/Delete-All-Files-Except-Zip-Files-in-Linux.png)][7]
Delete All Files Except Zip Files in Linux
#### 4. Next, you can delete all files in a directory apart from all `.zip` and `.odt` files as follows, while displaying what is being done:
```
$ rm -v !(*.zip|*.odt)
```
[![Delete All Files Except Certain File Extensions](http://www.tecmint.com/wp-content/uploads/2016/10/Delete-All-Files-Except-Certain-File-Extensions.png)][6]
Delete All Files Except Certain File Extensions
Once you have all the required commands, turn off the extglob shell option like so:
```
$ shopt -u extglob
```
### Delete Files Using Linux find Command
Under this method, we can [use find command exclusively][5] with appropriate options or in conjunction with xargscommand by employing a pipeline as in the forms below:
```
$ find /directory/ -type f -not -name 'PATTERN' -delete
$ find /directory/ -type f -not -name 'PATTERN' -print0 | xargs -0 -I {} rm {}
$ find /directory/ -type f -not -name 'PATTERN' -print0 | xargs -0 -I {} rm [options] {}
```
#### 5. The following command will delete all files apart from `.gz` files in the current directory:
```
$ find . -type f -not -name '*.gz'-delete
```
[![Command find - Remove All Files Except .gz Files](http://www.tecmint.com/wp-content/uploads/2016/10/Remove-All-Files-Except-gz-Files.png)][4]
Command find Remove All Files Except .gz Files
#### 6. Using a pipeline and xargs, you can modify the case above as follows:
```
$ find . -type f -not -name '*gz' -print0 | xargs -0 -I {} rm -v {}
```
[![Remove Files Using find and xargs Commands](http://www.tecmint.com/wp-content/uploads/2016/10/Remove-Files-Using-Find-and-Xargs-Command.png)][3]
Remove Files Using find and xargs Commands
#### 7. Let us look at one additional example, the command below will wipe out all files excluding `.gz`, `.odt`, and `.jpg` files in the current directory:
```
$ find . -type f -not \(-name '*gz' -or -name '*odt' -or -name '*.jpg' \) -delete
```
[![Remove All Files Except File Extensions](http://www.tecmint.com/wp-content/uploads/2016/10/Remove-All-Files-Except-File-Extensions.png)][2]
Remove All Files Except File Extensions
### Delete Files Using Bash GLOBIGNORE Variable
This last approach however, only works with bash. Here, the GLOBIGNORE variable stores a colon-separated pattern-list (filenames) to be ignored by pathname expansion.
To employ this method, move into the directory that you wish to clean up, then set the GLOBIGNORE variable as follows:
```
$ cd test
$ GLOBIGNORE=*.odt:*.iso:*.txt
```
In this instance, all files other than `.odt`, `.iso`, and `.txt` files with be removed from the current directory.
Now run the command to clean up the directory:
```
$ rm -v *
```
Afterwards, turn off GLOBIGNORE variable:
```
$ unset GLOBIGNORE
```
[![Delete Files Using Bash GLOBIGNORE Variable](http://www.tecmint.com/wp-content/uploads/2016/10/Delete-Files-Using-Bash-GlobIgnore.png)][1]
Delete Files Using Bash GLOBIGNORE Variable
Note: To understand the meaning of the flags employed in the commands above, refer to the man pages of each command we have used in the various illustrations.
Thats all! If you have any other command line techniques in mind for the same purpose, do not forget to share with us via our feedback section below.
--------------------------------------------------------------------------------
via: http://www.tecmint.com/delete-all-files-in-directory-except-one-few-file-extensions/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+tecmint+%28Tecmint%3A+Linux+Howto%27s+Guide%29
作者:[ Aaron Kili][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: http://www.tecmint.com/author/aaronkili/
[1]:http://www.tecmint.com/wp-content/uploads/2016/10/Delete-Files-Using-Bash-GlobIgnore.png
[2]:http://www.tecmint.com/wp-content/uploads/2016/10/Remove-All-Files-Except-File-Extensions.png
[3]:http://www.tecmint.com/wp-content/uploads/2016/10/Remove-Files-Using-Find-and-Xargs-Command.png
[4]:http://www.tecmint.com/wp-content/uploads/2016/10/Remove-All-Files-Except-gz-Files.png
[5]:http://www.tecmint.com/35-practical-examples-of-linux-find-command/
[6]:http://www.tecmint.com/wp-content/uploads/2016/10/Delete-All-Files-Except-Certain-File-Extensions.png
[7]:http://www.tecmint.com/wp-content/uploads/2016/10/Delete-All-Files-Except-Zip-Files-in-Linux.png
[8]:http://www.tecmint.com/wp-content/uploads/2016/10/Delete-All-Files-Except-Few-Files-in-Linux.png
[9]:http://www.tecmint.com/wp-content/uploads/2016/10/DeleteAll-Files-Except-One-File-in-Linux.png

201
sources/tech/20161026 How To Setup A WiFi Network In Arch Linux Using Terminal.md
View File

@ -1,201 +0,0 @@
zpl1025
How To Setup A WiFi Network In Arch Linux Using Terminal
===
![How To Setup A WiFi In Arch Linux Using Terminal](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/how-to-connect-to-wifi-in-arch-linux-cli_orig.jpg)
If you're using [Linux distro][16] other than [Arch][15] CLI then it's one of the toughest tasks to setup WiFi on [Arch Linux][14] using terminal. Though the process is slightly straight forward. In this article, I'll walk you newbies through the step-by-step setup guide to connect your Arch Linux to your  WiFi network.There are a lot of programs to setup a wireless connection in Linux, we could use **ip** and **iw** to configure an Internet connection, but it would be a little complicated for newbies. So we'll use **netctl**, it's a cli-based tool used to configure and manage network connections via profiles.
Note: You must be root for all the configurations, also you can use sudo.
### Scanning Network
Run the command to know the name of your network interface -
```
iwconfig
```
Run the command - 
```
ip link set  _interface_ up
```
Run the command to search the available WiFi networks. Now move down to look for your WiFi network.
```
iwlist interface scan | less
```
**Note:** Where interface is your network interface that you found using the above  **iwconfig** command.
Run the command -
```
ip link set interface down
```
### Setup A Wi-Fi Using netctl:
Before configure a connection with netctl you must check the compatibility of your network card with Linux.
1. Run the command:
```
lspci -k
```
This command is to check if kernel loaded the driver for wireless card. The output must look like this:
[![arch linux wifi kernel compatibility ](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/arch-wifi-find-kernel-compatibility_orig.png)][12]
If the kernel didn't load the driver, you must install it using an Ethernet connection. Here is the Official Linux Wireless Wiki: [https://wireless.wiki.kernel.org/][11]
If your wireless card is compatible with Linux, you can start with **netctl configuration**.
**netctl** works with profiles, profile is a file that contains information about connection. A profile can be created by the hard way or the easy way.
### The Easy Way Wifi-menu
If you want use wifi-menu, dialog must be installed.
1. Run the command: wifi-menu
2.  Select your Network
[![wifi-menu to setup wifi in arch](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/wifi-menu-to-setup-wifi-in-arch_orig.png)][1] |
3. Type the correct password and wait.
[![wifi-menu setup wifi password in arch](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/wifi-menu-type-wifi-password-in-arch.png?605)][9]
If you don't have a failed connection message, then you can prove it typing the command:
```
ping -c 3 www.google.com
```
Hurrah! If you're watching it pinging, then the network is setup successfully. You're now connected to WiFi network in Arch Linux. If you've any error then follow the above steps again. Perhaps you've missed something to do.
### The Hard Way
In camparison to the above wifi-menu method, this method is a little hard. That's I call it the hard way. In the above command, the network profile was setup automatically. In this method, we'll setup the profile manually. But don't worry this is not going to be much more complicated. So let's get started!
1. The first thing that you must do is know the name of your interface, generally the name is wlan0/wlp2s0, but there are many exceptions. To know the name of your interface, you must type the command iwconfig and note it down.
[![scan wifi networks in arch linux cli](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/scan-wifi-networks-in-arch-linux-cli_orig.png)][8]     
2. Run the command:
```
cd /etc/netctl/examples
```
In this subdirectory you can see different profile examples.
3.Copy your profile example to **_/etc/netctl/your_profile_**
```
cp /etc/netctl/examples/wireless-wpa /etc/netctl/your_profile
```
4. You can see the profile content typing: cat /etc/netctl/your_profile
[![view network profile in arch linux](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/view-network-profile-in-arch-linux_orig.png)][7]
5. Edit the following fields of your profile using vi or nano:
```
nano /etc/netctl/your_profile
```
1. **Interface**: it would be wlan0
2. **ESSID**: The name of your Internet connection
3. **key**: The password of your Internet connection**Note:** 
If you don't know how to use nano, only edit your text, when you finish type ctrl+o and return, then type ctrl+x.
[![edit network profile in arch](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/edit-network-profile-in-arch_orig.png)][6]
### Running netctl
1. Run the command:
```
cd /etc/netctl
ls
```
You must see the profile created by wifi-menu, for example wlan0-SSID; or if you used the hard way then you must see the profile created by yourself.
2. Start your connection profile typing the command: netctl start your_profile.
3. Test your connection typing:
```
ping -c 3 www.google.com
```
The output must look like this:[![check internet connection in arch linux](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/check-internet-connection-in-arch-linux_orig.png)][5]       
6. Finally, you must run the following command: netctl enable your_profile. 
```
netctl enable your_profile
```
This will create and enable a systemd service that will start when the computer boots. So it's time shout Hurrah! You've setup wifi network in your Arch Linux.
### Other Utilities
Also, you can use other programs to setup a wireless connection: For example iw -
iw
1. iw dev wlan0 link  status
2. iw dev wlan0 scan  Scanning networks
3. iw dev wlan0 connect your_essid  Connecting to open network
4. iw dev wlan0 connect your_essid key your_key - Connecting to WEP encrypted network using hexadecimal key.
wpa_supplicant
[https://wiki.archlinux.org/index.php/WPA_supplicant][4]
Wicd
[https://wiki.archlinux.org/index.php/wicd][3]
NetworkManager
[https://wiki.archlinux.org/index.php/NetworkManager][2]
### Conclusion
So there you go! I have mentioned 3 ways to connect to a WiFi network in your  **Arch Linux** . One thing that I want to focus here is that when you're exeuting first command, please note down the interface. In the next command where we're scanning networks, don't just use interface but the name of your interface such wlan0 or wlp2s0 (you got from previous command). If you have any problem, then do talk to me in the comment section below. Also don't forget to share this article with your friends on social media. Thank you!
--------------------------------------------------------------------------------
via: http://www.linuxandubuntu.com/home/how-to-setup-a-wifi-in-arch-linux-using-terminal
作者:[Mohd Sohail][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: http://www.linuxandubuntu.com/contact-us.html
[1]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/wifi-menu-to-setup-wifi-in-arch_orig.png
[2]:https://wiki.archlinux.org/index.php/NetworkManager
[3]:https://wiki.archlinux.org/index.php/wicd
[4]:https://wiki.archlinux.org/index.php/WPA_supplicant
[5]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/check-internet-connection-in-arch-linux_orig.png
[6]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/edit-network-profile-in-arch_orig.png
[7]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/view-network-profile-in-arch-linux_orig.png
[8]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/scan-wifi-networks-in-arch-linux-cli_orig.png
[9]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/wifi-menu-type-wifi-password-in-arch_orig.png?605
[10]:http://www.linuxandubuntu.com/home/5-best-arch-linux-based-linux-distributions
[11]:https://wireless.wiki.kernel.org/
[12]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/arch-wifi-find-kernel-compatibility_orig.png
[13]:http://www.linuxandubuntu.com/home/arch-linux-take-your-linux-knowledge-to-next-level-review
[14]:http://www.linuxandubuntu.com/home/category/arch-linux
[15]:http://www.linuxandubuntu.com/home/arch-linux-take-your-linux-knowledge-to-next-level-review
[16]:http://linuxandubuntu.com/home/category/distros

163
sources/tech/20161026 Applying the Linus Torvalds Good Taste Coding Requirement.md Normal file
View File

@ -0,0 +1,163 @@
# Applying the Linus Torvalds “Good Taste” Coding Requirement
In [a recent interview with Linus Torvalds][1], the creator of Linux, at approximately 14:20 in the interview, he made a quick point about coding with “good taste”. Good taste? The interviewer prodded him for details and Linus came prepared with illustrations.
He presented a code snippet. But this wasnt “good taste” code. This snippet was an example of poor taste in order to provide some initial contrast.
![](https://d262ilb51hltx0.cloudfront.net/max/1200/1*X2VgEA_IkLvsCS-X4iPY7g.png)
Its a function, written in C, that removes an object from a linked list. It contains 10 lines of code.
He called attention to the if-statement at the bottom. It was _this_ if-statement that he criticized.
I paused the video and studied the slide. I had recently written code very similar. Linus was effectively saying I had poor taste. I swallowed my pride and continued the video.
Linus explained to the audience, as I already knew, that when removing an object from a linked list, there are two cases to consider. If the object is at the start of the list there is a different process for its removal than if it is in the middle of the list. And this is the reason for the “poor taste” if-statement.
But if he admits it is necessary, then why is it so bad?
Next he revealed a second slide to the audience. This was his example of the same function, but written with “good taste”.
![](https://d262ilb51hltx0.cloudfront.net/max/1200/1*GHFLYFB3vDQeakMyUGPglw.png)
The original 10 lines of code had now been reduced to 4.
But it wasnt the line count that mattered. It was that if-statement. Its gone. No longer needed. The code has been refactored so that, regardless of the objects position in the list, the same process is applied to remove it.
Linus explained the new code, the elimination of the edge case, and that was it. The interview then moved on to the next topic.
I studied the code for a moment. Linus was right. The second slide _was_better. If this was a test to determine good taste from poor taste, I would have failed. The thought that it may be possible to eliminate that conditional statement had never occurred to me. And I had written it more than once, since I commonly work with linked lists.
Whats good about this illustration isnt just that it teaches you a better way to remove an item from a linked list, but that it makes you consider that the code youve written, the little algorithms youve sprinkled throughout the program, may have room for improvement in ways youve never considered.
So this was my focus as I went back and reviewed the code in my most recent project. Perhaps it was serendipitous that it also happened to be written in C.
To the best of my ability to discern, the crux of the “good taste” requirement is the elimination of edge cases, which tend to reveal themselves as conditional statements. The fewer conditions you test for, the better your code “_tastes”_.
Here is one particular example of an improvement I made that I wanted to share.
Initializing Grid Edges
Below is an algorithm I wrote to initialize the points along the edge of a grid, which is represented as a multidimensional array: grid[rows][cols].
Again, the purpose of this code was to only initialize the values of the points that reside on the edge of the gridso only the top row, bottom row, left column, and right column.
To accomplish this I initially looped over every point in the grid and used conditionals to test for the edges. This is what it looked like:
```
for (r = 0; r < GRID_SIZE; ++r) {
for (c = 0; c < GRID_SIZE; ++c) {
```
```
// Top Edge
if (r == 0)
grid[r][c] = 0;
```
```
// Left Edge
if (c == 0)
grid[r][c] = 0;
```
```
// Right Edge
if (c == GRID_SIZE - 1)
grid[r][c] = 0;
```
```
// Bottom Edge
if (r == GRID_SIZE - 1)
grid[r][c] = 0;
}
}
```
Even though it works, in hindsight, there are some issues with this construct.
1. ComplexityThe use 4 conditional statements inside 2 embedded loops seems overly complex.
2. EfficiencyGiven that GRID_SIZE has a value of 64, this loop performs 4096 iterations in order to set values for only the 256 edge points.
Linus would probably agree, this is not very _tasty_.
So I did some tinkering with it. After a little bit I was able to reduce the complexity to only a single for_-_loop containing four conditionals. It was only a slight improvement in complexity, but a large improvement in performance, because it only performed 256 loop iterations, one for each point along the edge.
```
for (i = 0; i < GRID_SIZE * 4; ++i) {
```
```
// Top Edge
if (i < GRID_SIZE)
grid[0][i] = 0;
```
```
// Right Edge
else if (i < GRID_SIZE * 2)
grid[i - GRID_SIZE][GRID_SIZE - 1] = 0;
```
```
// Left Edge
else if (i < GRID_SIZE * 3)
grid[i - (GRID_SIZE * 2)][0] = 0;
```
```
// Bottom Edge
else
grid[GRID_SIZE - 1][i - (GRID_SIZE * 3)] = 0;
}
```
An improvement, yes. But it looked really ugly. Its not exactly code that is easy to follow. Based on that alone, I wasnt satisfied.
I continued to tinker. Could this really be improved further? In fact, the answer was _YES_. And what I eventually came up with was so astoundingly simple and elegant that I honestly couldnt believe it took me this long to find it.
Below is the final version of the code. It has _one for-loop_ and _no conditionals_. Moreover, the loop only performs 64 iterations. It vastly improves both complexity and efficiency.
```
for (i = 0; i < GRID_SIZE; ++i) {
```
```
// Top Edge
grid[0][i] = 0;
// Bottom Edge
grid[GRID_SIZE - 1][i] = 0;
```
```
// Left Edge
grid[i][0] = 0;
```
```
// Right Edge
grid[i][GRID_SIZE - 1] = 0;
}
```
This code initializes four different edge points for each loop iteration. Its not complex. Its highly efficient. Its easy to read. Compared to the original version, and even the second version, they are like night and day.
I was quite satisfied.
--------------------------------------------------------------------------------
via: https://medium.com/@bartobri/applying-the-linus-tarvolds-good-taste-coding-requirement-99749f37684a
作者:[Brian Barto][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://medium.com/@bartobri?source=post_header_lockup
[1]:https://www.ted.com/talks/linus_torvalds_the_mind_behind_linux

209
sources/tech/20161030 I dont understand Pythons Asyncio.md Normal file
View File

@ -0,0 +1,209 @@
Translating by firstadream
# I don't understand Python's Asyncio
Recently I started looking into Python's new [asyncio][4] module a bit more. The reason for this is that I needed to do something that works better with evented IO and I figured I might give the new hot thing in the Python world a try. Primarily what I learned from this exercise is that I it's a much more complex system than I expected and I am now at the point where I am very confident that I do not know how to use it properly.
It's not conceptionally hard to understand and borrows a lot from Twisted, but it has so many elements that play into it that I'm not sure any more how the individual bits and pieces are supposed to go together. Since I'm not clever enough to actually propose anything better I just figured I share my thoughts about what confuses me instead so that others might be able to use that in some capacity to understand it.
### The Primitives
<cite>asyncio</cite> is supposed to implement asynchronous IO with the help of coroutines. Originally implemented as a library around the <cite>yield</cite> and <cite>yield from</cite> expressions it's now a much more complex beast as the language evolved at the same time. So here is the current set of things that you need to know exist:
* event loops
* event loop policies
* awaitables
* coroutine functions
* old style coroutine functions
* coroutines
* coroutine wrappers
* generators
* futures
* concurrent futures
* tasks
* handles
* executors
* transports
* protocols
In addition the language gained a few special methods that are new:
* <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">__aenter__</tt> and <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">__aexit__</tt> for asynchronous <cite>with</cite> blocks
* <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">__aiter__</tt> and <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">__anext__</tt> for asynchronous iterators (async loops and async comprehensions). For extra fun that protocol already changed once. In 3.5 it returns an awaitable (a coroutine) in Python 3.6 it will return a newfangled async generator.
* <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">__await__</tt> for custom awaitables
That's quite a bit to know and the documentation covers those parts. However here are some notes I made on some of those things to understand them better:
### Event Loops
The event loop in asyncio is a bit different than you would expect from first look. On the surface it looks like each thread has one event loop but that's not really how it works. Here is how I think this works:
* if you are the main thread an event loop is created when you call <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">asyncio.get_event_loop()</tt>
* if you are any other thread, a runtime error is raised from <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">asyncio.get_event_loop()</tt>
* You can at any point <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">asyncio.set_event_loop()</tt> to bind an event loop with the current thread. Such an event loop can be created with the <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">asyncio.new_event_loop()</tt> function.
* Event loops can be used without being bound to the current thread.
* <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">asyncio.get_event_loop()</tt> returns the thread bound event loop, it does not return the currently running event loop.
The combination of these behaviors is super confusing for a few reasons. First of all you need to know that these functions are delegates to the underlying event loop policy which is globally set. The default is to bind the event loop to the thread. Alternatively one could in theory bind the event loop to a greenlet or something similar if one would so desire. However it's important to know that library code does not control the policy and as such cannot reason that asyncio will scope to a thread.
Secondly asyncio does not require event loops to be bound to the context through the policy. An event loop can work just fine in isolation. However this is the first problem for library code as a coroutine or something similar does not know which event loop is responsible for scheduling it. This means that if you call <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">asyncio.get_event_loop()</tt> from within a coroutine you might not get the event loop back that ran you. This is also the reason why all APIs take an optional explicit loop parameter. So for instance to figure out which coroutine is currently running one cannot invoke something like this:
```
def get_task():
loop = asyncio.get_event_loop()
try:
return asyncio.Task.get_current(loop)
except RuntimeError:
return None
```
Instead the loop has to be passed explicitly. This furthermore requires you to pass through the loop explicitly everywhere in library code or very strange things will happen. Not sure what the thinking for that design is but if this is not being fixed (that for instance <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">get_event_loop()</tt> returns the actually running loop) then the only other change that makes sense is to explicitly disallow explicit loop passing and require it to be bound to the current context (thread etc.).
Since the event loop policy does not provide an identifier for the current context it also is impossible for a library to "key" to the current context in any way. There are also no callbacks that would permit to hook the tearing down of such a context which further limits what can be done realistically.
### Awaitables and Coroutines
In my humble opinion the biggest design mistake of Python was to overload iterators so much. They are now being used not just for iteration but also for various types of coroutines. One of the biggest design mistakes of iterators in Python is that <cite>StopIteration</cite> bubbles if not caught. This can cause very frustrating problems where an exception somewhere can cause a generator or coroutine elsewhere to abort. This is a long running issue that Jinja for instance has to fight with. The template engine internally renders into a generator and when a template for some reason raises a <cite>StopIteration</cite> the rendering just ends there.
Python is slowly learning the lesson of overloading this system more. First of all in 3.something the asyncio module landed and did not have language support. So it was decorators and generators all the way down. To implemented the <cite>yield from</cite> support and more, the <cite>StopIteration</cite>was overloaded once more. This lead to surprising behavior like this:
```
>>> def foo(n):
... if n in (0, 1):
... return [1]
... for item in range(n):
... yield item * 2
...
>>> list(foo(0))
[]
>>> list(foo(1))
[]
>>> list(foo(2))
[0, 2]
```
No error, no warning. Just not the behavior you expect. This is because a <cite>return</cite> with a value from a function that is a generator actually raises a <cite>StopIteration</cite> with a single arg that is not picked up by the iterator protocol but just handled in the coroutine code.
With 3.5 and 3.6 a lot changed because now in addition to generators we have coroutine objects. Instead of making a coroutine by wrapping a generator there is no a separate object which creates a coroutine directly. It's implemented by prefixing a function with <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">async</tt>. For instance <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">async def x()</tt> will make such a coroutine. Now in 3.6 there will be separate async generators that will raise <cite>AsyncStopIteration</cite> to keep it apart. Additionally with Python 3.5 and later there is now a future import (<tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">generator_stop</tt>) that will raise a <cite>RuntimeError</cite> if code raises <cite>StopIteration</cite> in an iteration step.
Why am I mentioning all this? Because the old stuff does not really go away. Generators still have <cite>send</cite> and <cite>throw</cite> and coroutines still largely behave like generators. That is a lot of stuff you need to know now for quite some time going forward.
To unify a lot of this duplication we have a few more concepts in Python now:
* awaitable: an object with an <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">__await__</tt> method. This is for instance implemented by native coroutines and old style coroutines and some others.
* coroutinefunction: a function that returns a native coroutine. Not to be confused with a function returning a coroutine.
* a coroutine: a native coroutine. Note that old asyncio coroutines are not considered coroutines by the current documentation as far as I can tell. At the very least <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">inspect.iscoroutine</tt> does not consider that a coroutine. It's however picked up by the future/awaitable branches.
In particularly confusing is that <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">asyncio.iscoroutinefunction</tt> and <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">inspect.iscoroutinefunction</tt> are doing different things. Same with <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">inspect.iscoroutine</tt> and <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">inspect.iscoroutinefunction</tt>. Note that even though inspect does not know anything about asycnio legacy coroutine functions in the type check, it is apparently aware of them when you check for awaitable status even though it does not conform to <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">__await__</tt>.
### Coroutine Wrappers
Whenever you run <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">async def</tt> Python invokes a thread local coroutine wrapper. It's set with <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">sys.set_coroutine_wrapper</tt> and it's a function that can wrap this. Looks a bit like this:
```
>>> import sys
>>> sys.set_coroutine_wrapper(lambda x: 42)
>>> async def foo():
... pass
...
>>> foo()
__main__:1: RuntimeWarning: coroutine 'foo' was never awaited
42
```
In this case I never actually invoke the original function and just give you a hint of what this can do. As far as I can tell this is always thread local so if you swap out the event loop policy you need to figure out separately how to make this coroutine wrapper sync up with the same context if that's something you want to do. New threads spawned will not inherit that flag from the parent thread.
This is not to be confused with the asyncio coroutine wrapping code.
### Awaitables and Futures
Some things are awaitables. As far as I can see the following things are considered awaitable:
* native coroutines
* generators that have the fake <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">CO_ITERABLE_COROUTINE</tt> flag set (we will cover that)
* objects with an <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">__await__</tt> method
Essentially these are all objects with an <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">__await__</tt> method except that the generators don't for legacy reasons. Where does the <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">CO_ITERABLE_COROUTINE</tt> flag come from? It comes from a coroutine wrapper (now to be confused with <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">sys.set_coroutine_wrapper</tt>) that is <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">@asyncio.coroutine</tt>. That through some indirection will wrap the generator with <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">types.coroutine</tt> (to to be confused with<tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">types.CoroutineType</tt> or <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">asyncio.coroutine</tt>) which will re-create the internal code object with the additional flag <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">CO_ITERABLE_COROUTINE</tt>.
So now that we know what those things are, what are futures? First we need to clear up one thing: there are actually two (completely incompatible) types of futures in Python 3. <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">asyncio.futures.Future</tt> and <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">concurrent.futures.Future</tt>. One came before the other but they are also also both still used even within asyncio. For instance <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">asyncio.run_coroutine_threadsafe()</tt> will dispatch a coroutine to a event loop running in another thread but it will then return a<tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">concurrent.futures.Future</tt> object instead of a <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">asyncio.futures.Future</tt> object. This makes sense because only the <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">concurrent.futures.Future</tt> object is thread safe.
So now that we know there are two incompatible futures we should clarify what futures are in asyncio. Honestly I'm not entirely sure where the differences are but I'm going to call this "eventual" for the moment. It's an object that eventually will hold a value and you can do some handling with that eventual result while it's still computing. Some variations of this are called deferreds, others are called promises. What the exact difference is is above my head.
What can you do with a future? You can attach a callback that will be invoked once it's ready or you can attach a callback that will be invoked if the future fails. Additionally you can <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">await</tt> it (it implements <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">__await__</tt> and is thus awaitable). Additionally futures can be cancelled.
So how do you get such a future? By calling <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">asyncio.ensure_future</tt> on an awaitable object. This will also make a good old generator into such a future. However if you read the docs you will read that <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">asyncio.ensure_future</tt> actually returns a <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">Task</tt>. So what's a task?
### Tasks
A task is a future that is wrapping a coroutine in particular. It works like a future but it also has some extra methods to extract the current stack of the contained coroutine. We already saw the tasks mentioned earlier because it's the main way to figure out what an event loop is currently doing via <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">Task.get_current</tt>.
There is also a difference in how cancellation works for tasks and futures but that's beyond the scope of this. Cancellation is its own entire beast. If you are in a coroutine and you know you are currently running you can get your own task through <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">Task.get_current</tt> as mentioned but this requires knowledge of what event loop you are dispatched on which might or might not be the thread bound one.
It's not possible for a coroutine to know which loop goes with it. Also the <cite>Task</cite> does not provide that information through a public API. However if you did manage to get hold of a task you can currently access <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">task._loop</tt> to find back to the event loop.
### Handles
In addition to all of this there are handles. Handles are opaque objects of pending executions that cannot be awaited but they can be cancelled. In particular if you schedule the execution of a call with <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">call_soon</tt> or <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">call_soon_threadsafe</tt> (and some others) you get that handle you can then use to cancel the execution as a best effort attempt but you can't wait for the call to actually take place.
### Executors
Since you can have multiple event loops but it's not obvious what the use of more than one of those things per thread is the obvious assumption can be made that a common setup is to have N threads with an event loop each. So how do you inform another event loop about doing some work? You cannot schedule a callback into an event loop in another thread _and_ get the result back. For that you need to use executors instead.
Executors come from <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">concurrent.futures</tt> for instance and they allow you to schedule work into threads that itself is not evented. For instance if you use <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">run_in_executor</tt> on the event loop to schedule a function to be called in another thread. The result is then returned as an asyncio coroutine instead of a concurrent coroutine like <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">run_coroutine_threadsafe</tt> would do. I did not yet have enough mental capacity to figure out why those APIs exist, how you are supposed to use and when which one. The documentation suggests that the executor stuff could be used to build multiprocess things.
### Transports and Protocols
I always though those would be the confusing things but that's basically a verbatim copy of the same concepts in Twisted. So read those docs if you want to understand them.
### How to use asyncio
Now that we know roughly understand asyncio I found a few patterns that people seem to use when they write asyncio code:
* pass the event loop to all coroutines. That appears to be what a part of the community is doing. Giving a coroutine knowledge about what loop is going to schedule it makes it possible for the coroutine to learn about its task.
* alternatively you require that the loop is bound to the thread. That also lets a coroutine learn about that. Ideally support both. Sadly the community is already torn of what to do.
* If you want to use contextual data (think thread locals) you are a bit out of luck currently. The most popular workaround is apparently atlassian's <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">aiolocals</tt> which basically requires you to manually propagate contextual information into coroutines spawned since the interpreter does not provide support for this. This means that if you have a utility library spawning coroutines you will lose context.
* Ignore that the old coroutine stuff in Python exists. Use 3.5 only with the new <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">async def</tt>keyword and co. In particular you will need that anyways to somewhat enjoy the experience because with older versions you do not have async context managers which turn out to be very necessary for resource management.
* Learn to restart the event loop for cleanup. This is something that took me longer to realize than I wish it did but the sanest way to deal with cleanup logic that is written in async code is to restart the event loop a few times until nothing pending is left. Since sadly there is no common pattern to deal with this you will end up with some ugly workaround at time. For instance <cite>aiohttp</cite>'s web support also does this pattern so if you want to combine two cleanup logics you will probably have to reimplement the utility helper that it provides since that helper completely tears down the loop when it's done. This is also not the first library I saw do this :(
* Working with subprocesses is non obvious. You need to have an event loop running in the main thread which I suppose is listening in on signal events and then dispatches it to other event loops. This requires that the loop is notified via<tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">asyncio.get_child_watcher().attach_loop(...)</tt>.
* Writing code that supports both async and sync is somewhat of a lost cause. It also gets dangerous quickly when you start being clever and try to support <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">with</tt> and <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">async with</tt> on the same object for instance.
* If you want to give a coroutine a better name to figure out why it was not being awaited, setting <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">__name__</tt> doesn't help. You need to set <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">__qualname__</tt> instead which is what the error message printer uses.
* Sometimes internal type conversations can screw you over. In particular the <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">asyncio.wait()</tt>function will make sure all things passed are futures which means that if you pass coroutines instead you will have a hard time finding out if your coroutine finished or is pending since the input objects no longer match the output objects. In that case the only real sane thing to do is to ensure that everything is a future upfront.
### Context Data
Aside from the insane complexity and lack of understanding on my part of how to best write APIs for it my biggest issue is the complete lack of consideration for context local data. This is something that the node community learned by now. <tt class="docutils literal" style="font-family: &quot;Ubuntu Mono&quot;, Consolas, &quot;Deja Vu Sans Mono&quot;, &quot;Bitstream Vera Sans Mono&quot;, Monaco, &quot;Courier New&quot;; font-size: 0.9em; background: rgb(238, 238, 238);">continuation-local-storage</tt> exists but has been accepted as implemented too late. Continuation local storage and similar concepts are regularly used to enforce security policies in a concurrent environment and corruption of that information can cause severe security issues.
The fact that Python does not even have any store at all for this is more than disappointing. I was looking into this in particular because I'm investigating how to best support [Sentry's breadcrumbs][3] for asyncio and I do not see a sane way to do it. There is no concept of context in asyncio, there is no way to figure out which event loop you are working with from generic code and without monkeypatching the world this information will not be available.
Node is currently going through the process of [finding a long term solution for this problem][2]. That this is not something to be left ignored can be seen by this being a recurring issue in all ecosystems. It comes up with JavaScript, Python and the .NET environment. The problem [is named async context propagation][1] and solutions go by many names. In Go the context package needs to be used and explicitly passed to all goroutines (not a perfect solution but at least one). .NET has the best solution in the form of local call contexts. It can be a thread context, an web request context, or something similar but it's automatically propagating unless suppressed. This is the gold standard of what to aim for. Microsoft had this solved since more than 15 years now I believe.
I don't know if the ecosystem is still young enough that logical call contexts can be added but now might still be the time.
### Personal Thoughts
Man that thing is complex and it keeps getting more complex. I do not have the mental capacity to casually work with asyncio. It requires constantly updating the knowledge with all language changes and it has tremendously complicated the language. It's impressive that an ecosystem is evolving around it but I can't help but get the impression that it will take quite a few more years for it to become a particularly enjoyable and stable development experience.
What landed in 3.5 (the actual new coroutine objects) is great. In particular with the changes that will come up there is a sensible base that I wish would have been in earlier versions. The entire mess with overloading generators to be coroutines was a mistake in my mind. With regards to what's in asyncio I'm not sure of anything. It's an incredibly complex thing and super messy internally. It's hard to comprehend how it works in all details. When you can pass a generator, when it has to be a real coroutine, what futures are, what tasks are, how the loop works and that did not even come to the actual IO part.
The worst part is that asyncio is not even particularly fast. David Beazley's live demo hacked up asyncio replacement is twice as fast as it. There is an enormous amount of complexity that's hard to understand and reason about and then it fails on it's main promise. I'm not sure what to think about it but I know at least that I don't understand asyncio enough to feel confident about giving people advice about how to structure code for it.
--------------------------------------------------------------------------------
via: http://lucumr.pocoo.org/2016/10/30/i-dont-understand-asyncio/
作者:[Armin Ronacher][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:http://lucumr.pocoo.org/about/
[1]:https://docs.google.com/document/d/1tlQ0R6wQFGqCS5KeIw0ddoLbaSYx6aU7vyXOkv-wvlM/edit
[2]:https://github.com/nodejs/node-eps/pull/18
[3]:https://docs.sentry.io/learn/breadcrumbs/
[4]:https://docs.python.org/3/library/asyncio.html

146
sources/tech/20161102 How to Convert Files to UTF-8 Encoding in Linux.md Normal file
View File

@ -0,0 +1,146 @@
# How to Convert Files to UTF-8 Encoding in Linux
In this guide, we will describe what character encoding and cover a few examples of converting files from one character encoding to another using a command line tool. Then finally, we will look at how to convert several files from any character set (charset) to UTF-8 encoding in Linux.
As you may probably have in mind already, a computer does not understand or store letters, numbers or anything else that we as humans can perceive except bits. A bit has only two possible values, that is either a `0` or `1`, `true` or `false`, `yes` or `no`. Every other thing such as letters, numbers, images must be represented in bits for a computer to process.
In simple terms, character encoding is a way of informing a computer how to interpret raw zeroes and ones into actual characters, where a character is represented by set of numbers. When we type text in a file, the words and sentences we form are cooked-up from different characters, and characters are organized into a charset.
There are various encoding schemes out there such as ASCII, ANSI, Unicode among others. Below is an example of ASCII encoding.
```
Character bits
A 01000001
B 01000010
```
In Linux, the iconv command line tool is used to convert text from one form of encoding to another.
You can check the encoding of a file using the file command, by using the `-i` or `--mime` flag which enables printing of mime type string as in the examples below:
```
$ file -i Car.java
$ file -i CarDriver.java
```
[
![Check File Encoding in Linux](http://www.tecmint.com/wp-content/uploads/2016/10/Check-File-Encoding-in-Linux.png)
][3]
Check File Encoding in Linux
The syntax for using iconv is as follows:
```
$ iconv option
$ iconv options -f from-encoding -t to-encoding inputfile(s) -o outputfile
```
Where `-f` or `--from-code` means input encoding and `-t` or `--to-encoding` specifies output encoding.
To list all known coded character sets, run the command below:
```
$ iconv -l
```
[
![List Coded Charsets in Linux](http://www.tecmint.com/wp-content/uploads/2016/10/List-Coded-Charsets-in-Linux.png)
][2]
List Coded Charsets in Linux
### Convert Files from UTF-8 to ASCII Encoding
Next, we will learn how to convert from one encoding scheme to another. The command below converts from ISO-8859-1 to UTF-8 encoding.
Consider a file named `input.file` which contains the characters:
```
<EFBFBD> <20> <20> <20>
```
Let us start by checking the encoding of the characters in the file and then view the file contents. Closely, we can convert all the characters to ASCII encoding.
After running the iconv command, we then check the contents of the output file and the new encoding of the characters as below.
```
$ file -i input.file
$ cat input.file
$ iconv -f ISO-8859-1 -t UTF-8//TRANSLIT input.file -o out.file
$ cat out.file
$ file -i out.file
```
[
![Convert UTF-8 to ASCII in Linux](http://www.tecmint.com/wp-content/uploads/2016/10/Converts-UTF8-to-ASCII-in-Linux.png)
][1]
Convert UTF-8 to ASCII in Linux
Note: In case the string `//IGNORE` is added to to-encoding, characters that cant be converted and an error is displayed after conversion.
Again, supposing the string `//TRANSLIT` is added to to-encoding as in the example above (ASCII//TRANSLIT), characters being converted are transliterated as needed and if possible. Which implies in the event that a character cant be represented in the target character set, it can be approximated through one or more similar looking characters.
Consequently, any character that cant be transliterated and is not in target character set is replaced with a question mark `(?)` in the output.
### Convert Multiple Files to UTF-8 Encoding
Coming back to our main topic, to convert multiple or all files in a directory to UTF-8 encoding, you can write a small shell script called encoding.sh as follows:
```
#!/bin/bash
#enter input encoding here
FROM_ENCODING="value_here"
#output encoding(UTF-8)
TO_ENCODING="UTF-8"
#convert
CONVERT=" iconv -f $FROM_ENCODING -t $TO_ENCODING"
#loop to convert multiple files
for file in *.txt; do
$CONVERT "$file" -o "${file%.txt}.utf8.converted"
done
exit 0
```
Save the file, then make the script executable. Run it from the directory where your files (`*.txt`) are located.
```
$ chmod +x encoding.sh
$ ./encoding.sh
```
Important: You can as well use this script for general conversion of multiple files from one given encoding to another, simply play around with the values of the `FROM_ENCODING` and `TO_ENCODING`variable, not forgetting the output file name `"${file%.txt}.utf8.converted"`.
For more information, look through the iconv man page.
```
$ man iconv
```
To sum up this guide, understanding encoding and how to convert from one character encoding scheme to another is necessary knowledge for every computer user more so for programmers when it comes to dealing with text.
Lastly, you can get in touch with us by using the comment section below for any questions or feedback.
--------------------------------------------------------------------------------
via: http://www.tecmint.com/convert-files-to-utf-8-encoding-in-linux/#
作者:[Aaron Kili][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:http://www.tecmint.com/author/aaronkili/
[1]:http://www.tecmint.com/wp-content/uploads/2016/10/Converts-UTF8-to-ASCII-in-Linux.png
[2]:http://www.tecmint.com/wp-content/uploads/2016/10/List-Coded-Charsets-in-Linux.png
[3]:http://www.tecmint.com/wp-content/uploads/2016/10/Check-File-Encoding-in-Linux.png

2
sources/tech/20161103 98 percent of developers use open source at work.md
View File

@ -1,3 +1,5 @@
translating------geekpi
# 98 percent of developers use open source at work
![developer using open source](http://i0.wp.com/opensourceforu.com/wp-content/uploads/2016/07/developer.jpg?resize=750%2C500)

2
sources/tech/20161103 Perl and the birth of the dynamic web.md
View File

@ -1,3 +1,5 @@
**************Translating by messon007******************
# Perl and the birth of the dynamic web
>The fascinating story of Perl's role in the dynamic web spans newsgroups and mailing lists, computer science labs, and continents.

283
sources/tech/20161104 4 Easy Ways To Generate A Strong Password In Linux.md Normal file
View File

@ -0,0 +1,283 @@
# 4 Easy Ways To Generate A Strong Password In Linux
![Generate a strong password in Linux](https://www.ostechnix.com/wp-content/uploads/2016/11/password-720x340.jpg)
Image Courtesy: Google.
Yesterday, We have covered how to [force users to use a strong password in DEB based systems][8]such as Debian, Ubuntu, Linux Mint, Elementary OS etc. You might wonder how a strong password looks like, and how could I create one? No worries! Here is the 4 easy ways to generate a strong password in Linux. Of course, there are many free tools and ways to accomplish this task, however I consider these methods are simple, and straightforward. Let us get started.
Download  [Free EBook: “Getting started with Ubuntu 16.04”][7]
### 1\. Generate a strong password in Linux using OpenSSL
OpenSSL is available for all Unix-like distributions, Solaris, Mac OS X, and Windows.
To generate a random password with OpenSSL, fire up your Terminal and run the following command:
```
openssl rand 14 -base64
```
Here, -base64 string will make sure the password can be typed on a keyboard.
Sample output:
```
wXCHXlxuhrFrFMQLqik=
```
[
![sksk_003](http://www.ostechnix.com/wp-content/uploads/2016/11/sk@sk_003.png)
][6]
The above command will generate a random and strong password with length of 14 characters. Remember It is always recommend to generate 14 characters password. Of course you can generate any length of characters using openssl.
For more details, refer the man pages.
```
man openssl
```
### 2\. Generate a strong password in Linux using Pwgen
pwgen is simple, yet useful command line utility to generate a random and strong password in seconds. It designs secure passwords that can be easily memorized by humans. It is available in the most Unix-like operating systems.
To install pwgen in DEB based systems, run:
```
sudo apt-get install pwgen
```
In RPM based systems:
```
sudo yum install pwgen
```
In Arch based systems:
```
sudo pacman -S pwgen
```
Once pwgen installed, generate a random and strong password with length of 14 letters using command:
```
pwgen 14 1
```
Sample output:
```
Choo4aicozai3a
```
[
![sksk_004](http://www.ostechnix.com/wp-content/uploads/2016/11/sk@sk_004.png)
][5]
The above command will create only one password with length of 14 characters. To create 2 different passwords with length of 14 characters, run:
```
pwgen 14 2
```
Sample output:
```
xee7seerez6Kau Aeshu0geveeji8
```
To crate 100 different passwords (Not necessary though) with length of 14 characters, run:
```
pwgen 14
```
Sample output:
```
kaeNg3EiVei4ei Oo0iehiJaix5Ae aenuv2eree2Quo iaT7zahH1eN2Aj Bie2owaiFahsie
gaan9zu5Xeh5ah ahGeeth8ea5ooh Ir0ueda5poogh5 uo0ohqu2ufaiX2 Mei0pee6Og3zae
Oofeiceer8Aipu sheew3aeReidir Dee4Heib2eim2o eig6jar8giPhae Zahde9nae1Niew
quatol5Oi3Bah2 quue4eebaiNgaa oGoahieSh5oL4m aequeeQue2piti laige5seePhugo
iiGo9Uthee4ros WievaiQu2xech6 shaeve0maaK3ae ool8Pai2eighis EPheiRiet1ohci
ZieX9outhoht8N Uh1UoPhah2Thee reaGhohZae5idi oiG4ooshiyi5in keePh1ohshei8y
aim5Eevah2thah Xaej8tha5eisho IeGie1Anaalaev gaoY3ohthooh3x chaebeesahTh8e
soh7oosieY5eiD ahmoh6Ihii6que Shoowoo5dahbah ieW0aiChubee7I Caet6aikai6aex
coo1du2Re9aika Ohnei5Egoh7leV aiyie6Ahdeipho EiV0aeToeth1da iNgaesu4eeyu0S
Eeb1suoV3naera railai2Vaina8u xu3OhVee1reeyu Og0eavae3oohoh audahneihaeK8a
foo6iechi5Eira oXeixoh6EwuboD we1eiDahNgoh9s ko1Eeju1iedu1z aeP7achiisohr7
phang5caeGei5j ait4Shuo5Aitai no4eis9Tohd8oh Quiet6oTaaQuei Dei2pu2NaefeCa
Shiim9quiuy0ku yiewooph3thieL thu8Aphai1ieDa Phahnahch1Aam1 oocex7Yaith8oo
eraiGaech5ahNg neixa3malif5Ya Eux7chah8ahXix eex1lahXae4Mei uGhahzonu6airu
yah8uWahn3jeiW Yi4ye4Choongie io1Vo3aiQuahpi rie4Rucheet6ae Dohbieyaeleis5
xi1Zaushohbei7 jeeb9EiSiech0u eewo0Oow7ielie aiquooZamah5th kouj7Jaivohx9o
biyeeshesaDi9e she9ooj3zuw6Ah Eit7dei1Yei5la xohN0aeSheipaa Eeg9Phob6neema
eengoneo4saeL4 aeghi4feephu6W eiWash2Vie1mee chieceish5ioPe ool4Hongo7ef1o
jahBe1pui9thou eeV2choohoa4ee Ohmae0eef4ic8I Eet0deiyohdiew Ke9ue5thohzei3
aiyoxeiva8Maih gieRahgh8anahM ve2ath9Eyi5iet quohg6ok3Ahgee theingaech5Nef
```
[
![sksk_005](https://www.ostechnix.com/wp-content/plugins/lazy-load/images/1x1.trans.gif)
][4]
To include at least 1 number in the password run:
```
pwgen 14 1 -n 1
```
Sample output:
```
xoiFush3ceiPhe
```
There are also some useful options available to use with pwgen command.
```
-c or --capitalize (Include at least one capital letter in the password)
-A or --no-capitalize (Don't include capital letters in the password)
-n or --numerals (Include at least one number in the password)
-0 or --no-numerals (Don't include numbers in the password)
-y or --symbols (Include at least one special symbol in the password)
-s or --secure (Generate completely random passwords)
-B or --ambiguous (Don't include ambiguous characters in the password)
-h or --help (Print a help message)
-H or --sha1=path/to/file[#seed] (Use sha1 hash of given file as a (not so) random generator)
-C (Print the generated passwords in columns)
-1 (Don't print the generated passwords in columns)
-v or --no-vowels (Do not use any vowels so as to avoid accidental nasty words)
```
For more details, check the man pages.
```
man pwgen
```
### 3\. Generate a strong password in Linux using GPG
GPG (GnuPG or GNU Privacy Guard), is free command-line program and replacement of Symantecs PGP cryptographic software. It is available for Unix-like operating systems, Microsoft Windows and Android versions.
To generate a random and strong password with length of 14 characters using GPG, run the following command from the Terminal:
```
gpg --gen-random --armor 1 14
```
Sample output:
```
DkmsrUy3klzzbIbavx8=
```
[
![sksk_006](https://www.ostechnix.com/wp-content/plugins/lazy-load/images/1x1.trans.gif)
][3]
The above command will generate a secure, random, strong and base64 encoded password.
### 4\. Generate a strong password in Linux using Perl
Perl is available in the most Linux distributions default repositories. Install it using the package manager.
For example, to install Perl on DEB based systems run:
```
sudo apt-get install perl
```
To install Perl on RPM based systems, run:
```
sudo yum install perl
```
On Arch based systems:
```
sudo pacman -S perl
```
Once Perl installed, create a file:
```
vi password.pl
```
Add the following contents in it.
```
#!/usr/bin/perl
my @alphanumeric = ('a'..'z', 'A'..'Z', 0..9);
my $randpassword = join '', map $alphanumeric[rand @alphanumeric], 0..8;
print "$randpassword\n"
```
[
![sksk_001](http://www.ostechnix.com/wp-content/uploads/2016/11/sk@sk_001.png)
][2]
Save and close the file.
Now, go to the location where you saved the file, and run the following command:
```
perl password.pl
```
Replace password.pl with your own filename.
Sample output:
```
3V4CJJnYd
```
[
![sksk_002](http://www.ostechnix.com/wp-content/uploads/2016/11/sk@sk_002.png)
][1]
Note: I couldnt find the original author of this script. If anyone know the authors name, please let me know in the comment section below. I will add the author name in this guide.
Please note that you must memorize or keep the passwords you have generated in a safe place in your computer. I recommend you to memorize the password and delete it from your system. It is much better in case your system is compromised by any hackers.
Thats all for today folks. I will here with another interesting article soon. Until then, stay tuned with OSTechNix.
Happy Weekend!
Cheers!!
--------------------------------------------------------------------------------
via: https://www.ostechnix.com/4-easy-ways-to-generate-a-strong-password-in-linux/
作者:[ SK ][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://www.ostechnix.com/author/sk/
[1]:http://www.ostechnix.com/wp-content/uploads/2016/11/sk@sk_002.png
[2]:http://www.ostechnix.com/wp-content/uploads/2016/11/sk@sk_001.png
[3]:http://www.ostechnix.com/wp-content/uploads/2016/11/sk@sk_006.png
[4]:http://www.ostechnix.com/wp-content/uploads/2016/11/sk@sk_005.png
[5]:http://www.ostechnix.com/wp-content/uploads/2016/11/sk@sk_004.png
[6]:http://www.ostechnix.com/wp-content/uploads/2016/11/sk@sk_003.png
[7]:http://ostechnix.tradepub.com/free/w_ubun08/prgm.cgi?a=1
[8]:https://www.ostechnix.com/force-users-use-strong-passwords-debian-ubuntu/

129
sources/tech/20161104 Create a simple wallpaper with Fedora and Inkscape.md Normal file
View File

@ -0,0 +1,129 @@
### Create a simple wallpaper with Fedora and Inkscape
![inkscape-wallpaper](https://cdn.fedoramagazine.org/wp-content/uploads/2016/10/inkscape-wallpaper-945x400.png)
In our previous two Inkscape articles, we have [covered the basics of using Inkscape, creating objects,][18] and [doing some basic manipulations and color changes.][17]
In this next installment, we are going to put all these new skills together, and create our first composition — a simple wallpaper.
### Changing the document size
When going through the previous tutorials, you probably noticed the default document size shown on the main canvas window as a black bordered rectangle. The default document size in Inkscape is the A4 paper size:
[
![Screenshot from 2016-09-07 08-37-01](https://1504253206.rsc.cdn77.org/wp-content/uploads/2016/10/Screenshot-from-2016-09-07-08-37-01.png)
][16]
For this wallpaper, we are going to resize the the document to **1024px x 768px**. To change the document size, Go to `File` > `Document Properties…` . In the Custom Size section of the Document Properties dialog, enter the width of 1024px, and a height of 768px:
[
![Screenshot from 2016-09-07 09-00-00](https://1504253206.rsc.cdn77.org/wp-content/uploads/2016/10/Screenshot-from-2016-09-07-09-00-00.png)
][15]
The document outline on the page should now look something like this:
[
![Screenshot from 2016-09-07 09-01-03](https://1504253206.rsc.cdn77.org/wp-content/uploads/2016/10/Screenshot-from-2016-09-07-09-01-03.png)
][14]
### Drawing the background
Next up, we are going to draw a rectangle as big as the document. So choose the using **rectangle tool, ** draw a rectangle, and adjust the size of the rectangle using the Tools Control bar.
[
![rect](https://1504253206.rsc.cdn77.org/wp-content/uploads/2016/10/rect.png)
][13]
Next up, add a Gradient Fill to the rectangle. [If you need a refresher on adding gradients, check out the previous adding colours article.][12]
[
![Screenshot from 2016-09-07 09-41-13](https://1504253206.rsc.cdn77.org/wp-content/uploads/2016/10/Screenshot-from-2016-09-07-09-41-13.png)
][11]
Your rectangle might also have a stroke colour set. Use the fill and stroke dialog to set the stroke paint to **none**.
[
![Screenshot from 2016-09-07 09-44-15](https://1504253206.rsc.cdn77.org/wp-content/uploads/2016/10/Screenshot-from-2016-09-07-09-44-15.png)
][10]
### Drawing the pattern
Next we are going to draw a triangle. Use the star / polygon tool with 3 points. You can** PRESS and HOLD DOWN CTRL** key, to give your triangle an angle and symmetry.
[
![Screenshot from 2016-09-07 09-52-38](https://1504253206.rsc.cdn77.org/wp-content/uploads/2016/10/Screenshot-from-2016-09-07-09-52-38.png)
][9]
Select the triangle and press **CTRL+D**, to duplicate it (the duplicated figure will overlap the existing one), **so be sure to move it after duplicating.**
[
![Screenshot from 2016-09-07 10-44-01](https://1504253206.rsc.cdn77.org/wp-content/uploads/2016/10/Screenshot-from-2016-09-07-10-44-01.png)
][8]
Select one of the triangles as shown, and go to **OBJECT > FLIP-HORIZONTAL**
[
![Screenshot from 2016-09-07 09-57-23](https://1504253206.rsc.cdn77.org/wp-content/uploads/2016/10/Screenshot-from-2016-09-07-09-57-23.png)
][7][
![Screenshot from 2016-09-07 09-57-42](https://1504253206.rsc.cdn77.org/wp-content/uploads/2016/10/Screenshot-from-2016-09-07-09-57-42.png)
][6]
Recolour your three triangles to three colors that look good with your background.
[
![Screenshot from 2016-09-07 09-58-52](https://1504253206.rsc.cdn77.org/wp-content/uploads/2016/10/Screenshot-from-2016-09-07-09-58-52.png)
][5]
Select all your triangles, and duplicate them again to fill out your pattern:
[
![Screenshot from 2016-09-07 10-49-25](https://1504253206.rsc.cdn77.org/wp-content/uploads/2016/10/Screenshot-from-2016-09-07-10-49-25.png)
][4]
### Exporting your background
Finally, we need to export our document as a PNG file. Open up the export dialog with** FILE > EXPORT PNG**, select the file location and name, make sure the Drawing  tab is pressed, and click on **EXPORT**
[
![Screenshot from 2016-09-07 11-07-05](https://1504253206.rsc.cdn77.org/wp-content/uploads/2016/10/Screenshot-from-2016-09-07-11-07-05-1.png)
][3]
Let no tool be a barrier to your imagination. Come up with beautiful wallpapers and submit the designs for [FEDORA 25 wallpapers][2]. Your design might get lucky enough to be used by thousands of Fedora users. Here are some examples of wallpapers created with Inkscape and the techniques above:
[
![back1](https://1504253206.rsc.cdn77.org/wp-content/uploads/2016/10/back1.png)
][1]
![back2](https://1504253206.rsc.cdn77.org/wp-content/uploads/2016/10/back2.png)
--------------------------------------------------------------------------------
via: https://fedoramagazine.org/inkscape-design-imagination/
作者:[a2batic][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:http://a2batic.id.fedoraproject.org/
[1]:https://1504253206.rsc.cdn77.org/wp-content/uploads/2016/10/back1.png
[2]:https://fedoramagazine.org/keeping-fedora-beautiful-contribute-wallpaper/
[3]:https://1504253206.rsc.cdn77.org/wp-content/uploads/2016/10/Screenshot-from-2016-09-07-11-07-05-1.png
[4]:https://1504253206.rsc.cdn77.org/wp-content/uploads/2016/10/Screenshot-from-2016-09-07-10-49-25.png
[5]:https://1504253206.rsc.cdn77.org/wp-content/uploads/2016/10/Screenshot-from-2016-09-07-09-58-52.png
[6]:https://1504253206.rsc.cdn77.org/wp-content/uploads/2016/10/Screenshot-from-2016-09-07-09-57-42.png
[7]:https://1504253206.rsc.cdn77.org/wp-content/uploads/2016/10/Screenshot-from-2016-09-07-09-57-23.png
[8]:https://1504253206.rsc.cdn77.org/wp-content/uploads/2016/10/Screenshot-from-2016-09-07-10-44-01.png
[9]:https://1504253206.rsc.cdn77.org/wp-content/uploads/2016/10/Screenshot-from-2016-09-07-09-52-38.png
[10]:https://1504253206.rsc.cdn77.org/wp-content/uploads/2016/10/Screenshot-from-2016-09-07-09-44-15.png
[11]:https://1504253206.rsc.cdn77.org/wp-content/uploads/2016/10/Screenshot-from-2016-09-07-09-41-13.png
[12]:https://fedoramagazine.org/inkscape-adding-colour/
[13]:https://1504253206.rsc.cdn77.org/wp-content/uploads/2016/10/rect.png
[14]:https://1504253206.rsc.cdn77.org/wp-content/uploads/2016/10/Screenshot-from-2016-09-07-09-01-03.png
[15]:https://1504253206.rsc.cdn77.org/wp-content/uploads/2016/10/Screenshot-from-2016-09-07-09-00-00.png
[16]:https://1504253206.rsc.cdn77.org/wp-content/uploads/2016/10/Screenshot-from-2016-09-07-08-37-01.png
[17]:https://fedoramagazine.org/inkscape-adding-colour/
[18]:https://fedoramagazine.org/getting-started-inkscape-fedora/
[19]:https://fedoramagazine.org/inkscape-design-imagination/

111
sources/tech/20161104 How to design and add your own font on Linux with Glyphr.md Normal file
View File

@ -0,0 +1,111 @@
# How to design and add your own font on Linux with Glyphr
LibreOffice already offers a galore of fonts, and users can always download and add more. However, if you want to create your own custom font, you can do it easily by using Glyphr. Glyphr is a new open source vector font designer with an intuitive and easy to use graphical interface and a rich set of features that will take care every aspect of the font design. Although the application is still in early development, it is already pretty good. Heres a quick guide showing how to design your own custom fonts on Glyphr, and how to add them on LibreOffice once youre done.
First of all, we need to download Glyphr from the official git repository ([https://github.com/glyphr-studio/Glyphr-Studio-Desktop][14]). It is available in binary form, in both 32 and 64 bits. Once the file is downloaded, navigate to the destination, unzip the file, enter the newly created folder, right click on the “Glyphr Studio” binary file and select “Run”.
[
![](https://www.howtoforge.com/images/how-to-design-and-add-your-own-font-on-linux-with-glyphr/pic_1.png)
][13]
This will launch the application giving you three options. One is to create a new font set from scratch. The second is to load an existing project that can be of a Glyphr Studio Project form, and Open or True Type font, or an SVG font. The third is to load one of the two example sets so that you can modify these instead of working on a new set from the ground up. I will select the first option to showcase a few basic design concepts.
[
![](https://www.howtoforge.com/images/how-to-design-and-add-your-own-font-on-linux-with-glyphr/pic_2.png)
][12]
Once you enter the editor screen, you may select the letter that you want to design from the panel on the left side of the screen, and then indulge in the design work on the drawing area that is on the right. I will start with the letter “A” by clicking on its icon.
[
![](https://www.howtoforge.com/images/how-to-design-and-add-your-own-font-on-linux-with-glyphr/pic_3.png)
][11]
To design something on the drawing board, we can select either the “shapes” tools from the top left of the board which are a rectangle, an oval, and a path share, or use the first item of the second row of the tools that is the path editing tool. Click on that and start putting points on the board to create shapes. The more points you add, the greater the shaping options that youll have on the next step.
[
![](https://www.howtoforge.com/images/how-to-design-and-add-your-own-font-on-linux-with-glyphr/pic_4.png)
][10]
To move the points and thus share the path differently, you will need to select the path edit tool that is to the right of the path editing tool and click on the shape to reveal the points. Then you may drag them into position as you like.
[
![](https://www.howtoforge.com/images/how-to-design-and-add-your-own-font-on-linux-with-glyphr/pic_5.png)
][9]
Finally, the shape edit tool lets you select a shape and drag it into position, change its dimension or even rotate it.
[
![](https://www.howtoforge.com/images/how-to-design-and-add-your-own-font-on-linux-with-glyphr/pic_6.png)
][8]
Another useful set of design actions are the copy-paste, flip-rotate options that are offered on the left panel after you enter the letter design phase. For example, lets suppose that I am creating the “B” letter of my font set, and that I want to mirror the upper side of what Ive done to the bottom so as to keep a good level of coherence in the design.
[
![](https://www.howtoforge.com/images/how-to-design-and-add-your-own-font-on-linux-with-glyphr/pic_7.png)
][7]
Now, to do this, I must choose the shape editing tool to select the part that I want to mirror, click on the copy action, then click on the past right above it, drag the pasted shape where I want it to be and then click on the flip horizontally or vertically depending on what I am trying to achieve.
[
![](https://www.howtoforge.com/images/how-to-design-and-add-your-own-font-on-linux-with-glyphr/pic_8.png)
][6]
[
![](https://www.howtoforge.com/images/how-to-design-and-add-your-own-font-on-linux-with-glyphr/pic_9.png)
][5]
There are tons of more things that I could showcase in the design aspect of the application, but theres really no point in doing so. If youre interested you can dive in and discover the numerical-based editing, the curving, the guiding, and many more.
Fonts however arent only about individual letters design, and you can discover other aspects of the font design by clicking on the “Navigate” menu on the top left of the application and adjust the kerning between specific pairs of characters, add ligatures, add components, and set general font settings.
[
![](https://www.howtoforge.com/images/how-to-design-and-add-your-own-font-on-linux-with-glyphr/pic_10.png)
][4]
You may even give your new font a “test drive” so that you can get the idea of how well your font settings and kerning works and what to do in order to optimize them.
[
![](https://www.howtoforge.com/images/how-to-design-and-add-your-own-font-on-linux-with-glyphr/pic_11.png)
][3]
After the design and optimization are done, you may export your new font set on either a true type font format, or an svg.
[
![](https://www.howtoforge.com/images/how-to-design-and-add-your-own-font-on-linux-with-glyphr/pic_12.png)
][2]
To add the font on your system, open it with the font viewer and click on the “Install” option. If that doesnt work, create a new folder in your home directory named as “.fonts” and place the font file inside it. Alternatively, you may open the file manager as root, navigate to /usr/share/fonts/opentype, create a new folder there and paste the font file inside. Then open a terminal and run this command to clear the cache: “sudo fc-cache -f -v”
This should add the new font on LibreOffice, and also to any other text application in your system like Gedit for example.
[
![](https://www.howtoforge.com/images/how-to-design-and-add-your-own-font-on-linux-with-glyphr/pic_13.png)
][1]
--------------------------------------------------------------------------------
via: https://www.howtoforge.com/tutorial/how-to-design-and-add-your-own-font-on-linux-with-glyphr/
作者:[Bill Toulas][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://twitter.com/howtoforgecom
[1]:https://www.howtoforge.com/images/how-to-design-and-add-your-own-font-on-linux-with-glyphr/big/pic_13.png
[2]:https://www.howtoforge.com/images/how-to-design-and-add-your-own-font-on-linux-with-glyphr/big/pic_12.png
[3]:https://www.howtoforge.com/images/how-to-design-and-add-your-own-font-on-linux-with-glyphr/big/pic_11.png
[4]:https://www.howtoforge.com/images/how-to-design-and-add-your-own-font-on-linux-with-glyphr/big/pic_10.png
[5]:https://www.howtoforge.com/images/how-to-design-and-add-your-own-font-on-linux-with-glyphr/big/pic_9.png
[6]:https://www.howtoforge.com/images/how-to-design-and-add-your-own-font-on-linux-with-glyphr/big/pic_8.png
[7]:https://www.howtoforge.com/images/how-to-design-and-add-your-own-font-on-linux-with-glyphr/big/pic_7.png
[8]:https://www.howtoforge.com/images/how-to-design-and-add-your-own-font-on-linux-with-glyphr/big/pic_6.png
[9]:https://www.howtoforge.com/images/how-to-design-and-add-your-own-font-on-linux-with-glyphr/big/pic_5.png
[10]:https://www.howtoforge.com/images/how-to-design-and-add-your-own-font-on-linux-with-glyphr/big/pic_4.png
[11]:https://www.howtoforge.com/images/how-to-design-and-add-your-own-font-on-linux-with-glyphr/big/pic_3.png
[12]:https://www.howtoforge.com/images/how-to-design-and-add-your-own-font-on-linux-with-glyphr/big/pic_2.png
[13]:https://www.howtoforge.com/images/how-to-design-and-add-your-own-font-on-linux-with-glyphr/big/pic_1.png
[14]:https://github.com/glyphr-studio/Glyphr-Studio-Desktop

54
translated/talk/my-open-source-story/20160330 After a nasty computer virus sys admin looks to Linux.md
View File

@ -1,54 +0,0 @@
病毒过后,系统管理员看上了 Linux
=======================================================
![](https://opensource.com/sites/default/files/styles/image-full-size/public/images/business/OPENHERE_blue.png?itok=3eqp-7gT)
我开源事业的第一笔,是我在 2001 年作为一名兼职系统管理员,为大学工作的时候。作为那个以教学为目的,不仅仅在大学中,还在学术界的其他领域建立商业案例研究的小组的一份子。
随着团队的发展渐渐地开始需求一个由文件服务intranet 应用domain logons 等,构建的健壮的局域网络。 我们的 IT 基础设施主要由跑着 Windows 98 的计算机组成,这些计算机对于大学的 IT 实验室来说已经太老了,就重新分配给了我们部门。
### 初探 Linux
一天作为大学IT采购计划的一部分我们部门收到了一台 IBM 服务器。 我们计划将其用作 Internet 网关,域控制站,文件服务器和备份服务器,以及 intranet 应用程序主机。
拆封后,我们注意到它附带了红帽 Linux 的 CD。 我们的 22 人团队(包括我)对 Linux 一无所知。 经过几天的研究,我找到了一位朋友的朋友,一位以 Linux RTOS 编程为生的人。 求助他如何安装。
光看着那朋友用 CD 驱动器载入第一张安装 CD 并进入 Anaconda 安装系统,我的头都晕了。 大约一个小时,我们完成了基本的安装,但仍然没有可用的 internet 连接。
另一个小时的折腾使我们连接到互联网,但仍没有 domain logons 或 Internet 网关功能。 经过一个周末的折腾,我们可以通过 Windows 98 的终端接受 Linux PC 的 IP 作为代理,终于构出了一个正常工作的共享互联环境。 但 domain logons 还需要一段时间。
我们用龟速的电话调制解调器下载了 [Samba][1],并手动配置它作为域控制站。文件服务也通过 NFS Kernel Server 开启了,随后为 Windows 98 的网络邻居创建用户目录并进行了必要的调整和配置。
这个设置完美运行了一段时间,直到最终我们决定开始使用 Intranet 应用管理时间表和一些别的东西。 这个时候,我已经离开了组织,并把大部分系统管理员的东西交给了接替我的人。
### 再遇 Linux
2004 年,我又重新装回了 Linux。我的妻子经营的一份独立的员工安置业务使用来自 Monster.com 等服务的数据来打通客户与求职者的交流渠道。
作为我们两人中的计算机好点的那个,在计算机和互联网出故障的时候,维修就成了我的分内之事。我们还需要用许多工具尝试,从堆积如山的简历中筛选出她每天必须看的。
Windows [BSoDs][2](蓝屏) 早已司空见惯,但只要我们的付费数据是安全的,那就还算可以容忍。为此我将不得不每周花几个小时去做备份。
一天,我们的电脑中了毒,并且通过简单的方法无法清除。我们并不了解磁盘上的数据发生了些什么。当磁盘彻底挂掉后,我们插入了一周前的从备份磁盘,但是一周后它也挂了。我们的第二个备份直接拒绝启动。是时候寻求专业帮助了,所以我们把电脑送到一家靠谱的维修店。两天以后,我们被告知一些恶意软件或病毒已经将某些文件类型擦除殆尽,其中包括我们的付费数据。
这是对我妻子的商业计划的一个巨大的打击,同时意味着丢失合同并耽误了账单。我曾短期出国工作,并在台湾的 [Computex 2004][3] 购买了我的第一台笔记本电脑。 预装的是 Windows XP但我还是想换成 Linux。 我知道 Linux 已经为桌面端做好了准备,[Mandrake Linux][4] 是一个很不错的选择。 我第一次安装就很顺利。所有工作都执行的非常漂亮。我使用 [OpenOffice][5] 来满足我写作,演示文稿和电子表格的需求。
我们为我们的计算机获得了新的硬盘驱动器,并为其安装了 Mandrake Linux。用 OpenOffice 替换了 Microsoft Office。 我们依靠网络邮件来满足邮件需求,并在 2004 年的 11 月迎来了 [Mozilla Firefox][6]。我的妻子马上从中看到了好处,因为没有崩溃或病毒/恶意软件感染。更重要的是,我们告别了困扰 Windows 98 和 XP 的频繁崩溃问题。 她延续使用相同的分布。
而我,开始尝试其他的发行版。 我爱上了 distro-hopping (译注:用于描述在不同版本的 Linux 发行版之间频繁切换的 Linux 用户的术语)和第一时间尝试新发行版的感觉。我也经常会在 Apache 和 NGINX 上尝试和测试 Web 应用程序,如 DrupalJoomla 和 WordPress。现在我们 2006 年出生的儿子,在 Linux 下成长。 也对 Tux PaintGcompris 和 SMPlayer 非常满意。
--------------------------------------------------------------------------------
via: https://opensource.com/life/16/3/my-linux-story-soumya-sarkar
作者:[Soumya Sarkar][a]
译者:[martin2011qi](https://github.com/martin2011qi)
校对:[校对者ID](https://github.com/校对者ID)
[a]: https://opensource.com/users/ssarkarhyd
[1]: https://www.samba.org/
[2]: https://en.wikipedia.org/wiki/Blue_Screen_of_Death
[3]: https://en.wikipedia.org/wiki/Computex_Taipei
[4]: https://en.wikipedia.org/wiki/Mandriva_Linux
[5]: http://www.openoffice.org/
[6]: https://www.mozilla.org/en-US/firefox/new/

195
translated/talk/【翻译完成】20160531 Linux vs. Windows device driver model.md
View File

@ -1,195 +0,0 @@
Finish Translated
Linux vs. Windows 设备驱动模型架构APIs 和开发环境比较
============================================================================================
API Application Program Interface 应用程序接口
ABI application binary interfaces 应用系统二进制接口
设备驱动是操作系统的一部分,他能够通过一些特定的编程接口提升硬件设备的使用,这样软件就可以控制并且运行那些设备了。因为每个驱动都对应不同的操作系统,所以你就需要不同的 LinuxWindows 或 Unix 设备驱动,以便能够在不同的计算机上使用你的设备。这就是当雇佣一个驱动开发者或者选择一个研发服务商提供者的时候,查看他们为各种操作系统平台开发驱动的经验是非常重要的。
![](https://c2.staticflickr.com/8/7289/26775594584_d2fe7483f9_c.jpg)
驱动开发的第一步是理解每个操作系统处理它驱动的不同方式、底层驱动模型、它使用的架构、以及可用的开发工具。例如Linux 驱动程序模型就与 Windows 非常不同。虽然 Windows 提倡驱动程序开发和操作系统开发分别进行,并通过一组 ABI 调用来结合驱动程序和操作系统,但是 Linux 设备驱动程序开发不依赖任何稳定的 ABI 或 API所以它的驱动代码并没有被纳入内核中。每一个模型都有自己的优点和缺点但是如果你想为你的设备提供全面支持那么重要的是要全面的了解他们,。
在本文中,我们将比较 Windows 和 Linux 设备驱动程序探索不同的架构API开发和分布希望为您提供一个比较深入理解关于如何开始为每一个操作系统编写设备驱动程序。
### 1. 设备驱动架构
Windows 设备驱动程序的体系结构和 Linux 中使用的是不同他们有自己的优点和缺点。差异主要受以下原因的影响Windows 是闭源操作系统,而 Linux 是开源操作系统。比较 Linux 和 Windows 设备驱动程序架构将帮助我们理解 Windows 和 Linux 驱动程序背后的核心差异。
#### 1.1. Windows 驱动架构
虽然 Linux 内核由 Linux 驱动来分配,但 Windows 内核不包括设备驱动程序。相反的是,现代 Windows 设备驱动程序编写使用 Windows 驱动模型WDM这是一种完全支持即插即用和电源管理的模型所以可以根据需要加载和卸载驱动程序。
处理来自应用的请求,是由 Windows 内核的一部分调用 I/O 管理器来完成的。I/O 管理器的作用是是转换这些请求到 I/O 请求数据包IRPsIRPs 可以被用来在驱动层识别请求并且传输数据。
Windows 驱动模型 WDM 提供三中驱动, 他们形成了三个层:
- 过滤驱动提供关于 IRPs 的可选附加处理。
- 功能驱动是实现接口和每个设备通信的主要驱动。
- 总线驱动服务不同的配适器和不同的总线控制器,来实现主机模式控制设备。
An IRP 通过这些层就像他们经过 I/O 管理器到达底层硬件那样。每个层能够独立的处理一个 IRP 并且把他们送回 I/O 管理器。在硬件底层中有硬件抽象层HAL它提供一个通用的接口到物理设备。
#### 1.2. Linux 驱动架构
相比于 Windows 设备驱动Linux 设备驱动架构核心的不同就是 Linux 没有一个标准的驱动模型也没有一个干净独立的层。每一个设备驱动都被当做一个能够自动的从内核中加载和卸载模块来实现。Linux 为即插即用设备和电源管理设备提供一些方式,以便那些驱动可以使用它们来正确地管理这些设备,但这并不是必须的。
Linux 提供的外部模块和通信功能通过调用那些函数并且传送在随机数据结构中。来自用户应用的请求实际来自文件系统层或者网络层,它们被转化为需要的数据结构。模块能够被存储在层中,通过一些提供接口到一个设备群的模块处理一个一个的请求,例如 USB 设备。
Linux 设备驱动程序支持三种设备:
- 实现一个字节流接口的字符设备。
- 主机文件系统和支持多字节块的数据展示的块设备。
- 用于通过网络转换数据包的网络接口。
Linux 也有一个硬件抽象层HAL它像一个接口一样连接硬件和设备驱动。
### 2. 设备驱动 APIs
Linux 和 Windows 驱动 API 都属于事件驱动类型:只有当某些事件发生的时候,驱动代码才执行:当用户的应用程序希望从设备获取一些东西,或者当设备有某些请求需要告知操作系统。
#### 2.1. 初始化
在 Windows 上,驱动被表示为驱动对象结构,驱动对象结构在驱动入口函数的执行过程中被初始化。这些入口点也注册一些回调函数对设备的添加和移除、驱动卸载,和处理新进入的 IRP 做出回应。当一个设备连接的时候Windows 创建一个设备对象,这个设备对象处理所有应用请求来代表设备驱动。
相比于 WindowsLinux 设备驱动生命周期由内核模块的 module_init 和 module_exit 函数负责管理,他们分别用于模块的加载和卸载。他们负责注册模块并通过使用内核接口来处理设备的请求。这个模块需要穿件一个设备文件(或者一个网络接口),说明一些它希望管理的数字识别器,和注册一些回调函数,当用户和设备文件交互的时候使用。
#### 2.2. 命名和声明设备
##### **在 Windows 上注册设备**
Windows 设备驱动是由回调函数 AddDevice 在新连接设备时被通知的。它接下来就超过去创建一个用于识别这种特殊驱动的设备对象。取决于驱动的类型设备对象可以是物理设备对象PDO函数设备对象FDO或者过滤设备对象FIDO。设备对象能够使用PDO来存储在底层。
设备对象在这个设备连接在计算机的时候一直存在。设备扩展结构能够被用于使用一个设备对象来辅助全局设备。
设备对象可以有如下形式的名字 **\Device\DeviceName** 这些被系统用来识别和定位他们。一个应用使用 CreateFile API 函数来打开一个有上述名字的文件,获得一个可以用于和设备交互的句柄。
然而,通常只有 PDO 有自己的名字。未命名的设备能够通过设备级结构来访问。设备驱动寄存器的一个或多个结构能够通过 128 位全局唯一标识符GUIDs来识别他们。用户应用能够使用全局唯一标识符来获取一个句柄。
##### **在 Linux 上注册设备**
在 Linux 平台上,用户应用通过位于 /dev 目录的文件系统入口访问设备。在模块初始化的时候,它通过调用内核函数 register_chrdev创建了所有需要的入口。这个调用后来被发送到回调函数这个回调函数以及具有返回的描述符的进一步的系统调用例如读、写或关闭是通过模块安装在结构中就像file_operations 或者 block_device_operations。
设备驱动模块负责分配和保持任何需要用于运行的数据结构。一个传送进入系统文件回调函数的文件结构有一个 private_data 字段,它可以被用来存放指向具体驱动数据的指针。块设备和网络接口 API 也提供类似的字段。
虽然其他系统的应用使用文件系统节点来定位设备,但是 Linux 使用一个主设备和次设备号的概念来识别设备和他们的内部驱动。主设备号被用来识别设备驱动,而次设备号由驱动使用来识别被它管理的设备。驱动为了去管理一个或多个固定的主设备号,必须首先注册自己或者让系统来分配未使用的设备号给它。
目前Linux 为主次设备对使用一个32位的值其中12位分配主设备号并允许多达4096个不同的设备。主次设备对对于字符设备和块设备是不同的所以一个字符设备和一个块设备能使用相同的设备对而不导致冲突。网络接口是通过像 eth0 的标志名来识别,这些又是区别于主次设备的字符设备和块设备的。
#### 2.3. 交换数据
Linux 和 Windows 都支持在用户级应用程序和内核级驱动程序之间传输数据的三种方式:
- **缓冲型输入输出** 它使用由内核管理的缓冲区。对于写操作,内核从用户空间缓冲区中拷贝数据到内核分配缓冲区,并且把它传送到设备驱动中。读操作是一样的,由内核将数据从内核缓冲区中拷贝到应用提供的缓冲区中。
- **直接型输入输出** 它不使用拷贝功能。代替它的是,内核在物理内存中引导用户分配缓冲区,这样他就能够保存这些数据,在数据传输过程中而不被换出。
- **内存映射** 它也能够由内核管理,这样内核和用户空间应用就能够通过不同的地址访问同样的内存页。
##### **Windows 上的 I/O 模式**
支持缓冲型 I/O 是 WDM 的一种内置功能。缓冲区能够通过在 IRP 结构中的 AssociatedIrp.SystemBuffer 字符访问设备驱动。当需要和用户空间交流的时候,驱动只需从缓冲区中进行读写操作。
Windows 上的直接 I/O 由内存描述符列表MDLs介导。这种半透明的结构是通过在 IRP 中的 MdlAddress 字段来访问的。它们被用来定位由用户应用程序分配的缓冲区的物理地址,并在 I/O 请求的持续时间内固定。
在 Windows 上进行数据传输的第三个选项称为 METHOD_NEITHER。 在这种情况下,内核需要传送用户空间输入输出缓冲区的虚拟地址到驱动,而不需要确定他们有效或者保证他们映射到一个由设备驱动访问的物理储存器。设备驱动也负责处理数据传输的细节。
##### **Linux 上的驱动程序 I/O 模式**
Linux 提供许多函数例如clear_user, copy_to_user, strncpy_from_user 和一些其他的用来在内核和用户内存之间展示缓冲区数据传输。这些函数保证了指向数据缓存区指针的有效,并且通过在存储器区域之间安全拷贝数据缓冲区来处理数据传输的所有细节。
然而,块设备的驱动对已知大小的整个数据块进行操作,它可以被快速移动在内核和用户地址区域之间而不需要拷贝他们。这些情况都是由 Linux 内核来自动处理所有的块设备驱动。块请求队列处理传送数据块而没有多余的拷贝,而 Linux 系统调用接口来转换文件系统请求到块请求中。
最终,设备驱动能够为内核地址区域分配一些存储页面(不可用于交换)并且使用 remap_pfn_range 函数来直接映射页面到用户进程的地址空间。然后应用能获取缓冲区的虚拟地址并且使用它来和设备驱动交流。
### 3. 设备驱动开发环境
#### 3.1. 设备驱动框架
##### **Windows 驱动程序工具包**
Windows 是一个闭源操作系统。Microsoft 提供 Windows 驱动程序工具包以方便非 Microsoft 供应商开发 Windows 设备驱动。工具包中包含开发,调试,检验和 Windows 设备驱动包等所需的所有内容。
Windows 驱动模型为设备驱动定义了一个干净的接口框架。Windows 保持这些接口的源和二进制兼容性。编译 WDM 驱动通常需要前向兼容性:也就是说,一个较旧的驱动能够在没有重新编译的情况下在较新的系统上运行,但是它当然不能够访问系统提供的新功能。但是,驱动不保证后向兼容性。
##### **Linux 源代码**
和 Windows 相对比Linux 是一个开源操作系统,因此 Linux 的整个源代码是用于驱动开发的 SDK。没有驱动设备的正式框架但是 Linux 内核包含许多如提供驱动注册的通用服务的子系统。这些子系统的接口被描述为内核头文件。
尽管 Linux 有定义接口这些接口在设计上并不稳定。Linux 不提供有关前向和后向兼容的任何保证。设备驱动对于不同的内核版本需要重新编译。没有稳定性的保证允许 Linux 内核的快速开发,因为开发人员不必去支持旧的借口,并且能够使用最好的方法解决手头的这些问题。
当为 Linux 写树内驱动程序时这种不断变化的环境不会造成任何问题因为它们作为内核源代码的一部分与内核本身同步更新。然而闭源驱动必须单独开发并且在树外并且必须维护它们以支持不同的内核版本。因此Linux 鼓励设备驱动程序开发人员来维持他们的树内驱动。
#### 3.2. 为设备驱动构建系统
Windows 驱动程序工具包为 Microsoft Visual Studio 添加了驱动开发支持,并包括用来构建驱动程序代码的编译器。开发 Windows 设备驱动程序与在 IDE 中开发用户空间应用程序没有太大的区别。Microsoft 提供了一个企业 Windows 驱动程序工具包,使其能够构建类似于 Linux 的命令行环境。
Linux 使用 Makefile 作为树内和树外系统设备驱动程序的构建系统。Linux 构建系统非常发达,通常是一个设备驱动程序只需要少数行就产生一个可工作的二进制代码。开发人员可以使用任何[IDE][5],只要它可以处理 Linux 源代码库和运行 make ,或者他们可以很容易地从终端手动编译驱动程序。
#### 3.3. 文档支持
Windows 具有对于驱动程序的开发的良好文档支持。Windows 驱动程序工具包包括文档和示例驱动程序代码,通过 MSDN 可获得关于内核接口的大量信息,并存在大量的有关驱动程序开发和 Windows 内部的参考和指南。
Linux 文档不是描述性的,但这缓解了整个 Linux 源代码可供驱动开发人员使用。源代码树中的文档目录记录了一些 Linux 的子系统,但是有更详尽的关于 Linux 设备驱动程序开发和 Linux 内核概述的[multiple books][4]。
Linux 不提供指定的设备驱动程序的样本,但现有生产驱动程序的源代码可用,可以用作开发新设备驱动程序的参考。
#### 3.4. 调试支持
Linux 和 Windows 都有可用于追踪调试驱动程序代码的日志记录工具。在 Windows 上将使用 DbgPrint 函数,而在 Linux 上使用的函数称为 printk。然而并不是每个问题都可以通过只使用日志记录和源代码来解决。有时断点更有用因为它们允许检查驱动代码的动态行为。交互式调试对于研究崩溃的原因也是必不可少的。
Windows 通过其内核级调试器 WinDbg 支持交互式调试。这需要通过一个串行端口连接两台机器一台计算机运行调试内核另一台运行调试器和控制被调试的操作系统。Windows 驱动程序工具包包括 Windows 内核的调试符号,因此 Windows 数据结构将在调试器中部分可见。
Linux 还支持通过 KDB 和 KGDB 进行的交互式调试。调试支持可以内置到内核也可以在启动时同时启用。之后可以直接通过物理键盘调试系统或通过串行端口从另一台计算机连接到它。KDB 提供了一个简单的命令行界面这是唯一的在同一台机器上来调试内核的方法。然而KDB 缺乏源代码级调试支持。KGDB 通过串行端口提供了一个更复杂的接口。它允许使用像 GDB 这样的标准应用程序调试器来调试 Linux 内核,就像任何其他用户空间应用程序一样。
### 4. 设备驱动分配
##### 4.1. 安装设备驱动
在 Windows 上安装的驱动程序,是由被称为为 INF 的文本文件描述的,通常存储在 C:\Windows\INF 目录中。这些文件由驱动供应商提供,并且定义哪些是由驱动程序服务的设备,哪里可以找到驱动程序的二进制文件,和驱动程序的版本等。
当一个新设备插入计算机时Windows 通过查看已经安装的驱动程序并且选择适当的一个加载。当设备被移除的时候,驱动会自动卸载它。
在 Linux 上,一些驱动被构建到内核中并且保持永久的加载。非必要的驱动被构建为内核模块,这通常是存储在/lib/modules/kernel-version 目录中。这个目录还包含各种配置文件,如 modules.dep用于描述内核模块之间的依赖关系。
虽然 Linux 内核可以自身在启动时加载一些模块但通常模块加载由用户空间应用程序监督。例如init 进程可能在系统初始化期间加载一些模块udev 守护程序负责跟踪新插入的设备并为它们加载适当的模块。
#### 4.2. 更新设备驱动
Windows 为设备驱动程序提供了稳定的二进制接口,因此在某些情况下,无需与系统一起更新驱动程序二进制文件。任何必要的更新由 Windows Update 服务处理Windows 服务负责定位,下载和安装适用于最新版本系统的驱动程序。
然而Linux 不提供稳定的二进制接口,因此有必要在每次内核更新时重新编译和更新所有必需的设备驱动程序。显然,内置在内核中的设备驱动程序会自动更新,但是树外模块会产生轻微的问题。 维护最新的模块二进制文件的任务通常用[DKMS] [3]来解决:一个当安装新的内核版本时自动重建所有注册的内核模块的服务。
#### 4.3. 安全注意事项
所有 Windows 设备驱动程序必须在 Windows 加载它们之前进行数字签名。在开发期间可以使用自签名证书,但是分发给终端用户的驱动程序包必须使用 Microsoft 信任的有效证书进行签名。供应商可以从 Microsoft 授权的任何受信任的证书颁发机构获取软件出版商证书。然后,此证书由 Microsoft 交叉签名,并且生成的交叉证书用于在发行之前签署驱动程序包。
Linux 内核还可以配置为验证正在加载的内核模块的签名,并禁止不可信的内核模块。被内核所信任的公钥集在构建时是固定的,并且是完全可配置的。由内核执行的检查,它的严格性在构建时也是可配置的,范围从简单地为不可信模块发出警告,到拒绝加载任何可疑的有效性。
### 5. 结论
如上所示Windows 和 Linux 设备驱动程序基础设施有一些共同点,例如调用 API 的方法,但更多的细节是相当不同的。最突出的差异源于 Windows 是由商业公司开发的封闭源操作系统这个事实。这是 Windows 上使变的非常好,文档化,稳定的驱动程序 ABI 和正式框架的一个要求,而在 Linux 上,更多的是到源代码的一个很好的补充。文档支持也在 Windows 环境中更加发达,因为 Microsoft 具有所需的资源来维护它。
另一方面Linux 不会使用框架限制设备驱动程序开发人员,并且内核和生产设备驱动程序的源代码可以在需要的时候有所帮助。缺乏接口稳定性也有意义,因为它意味着最新的设备驱动程序总是使用最新的接口,内核本身承载较小的后向兼容性负担,这带来了更干净的代码。
了解这些差异以及每个系统的具体情况是为您的设备提供有效的驱动程序开发和支持的关键的第一步。我们希望这篇文章 Windows 和 Linux 设备驱动程序开发的对比,有助于您理解它们,并在设备驱动程序开发过程的研究中,将此作为一个伟大的起点。
--------------------------------------------------------------------------------
via: http://xmodulo.com/linux-vs-windows-device-driver-model.html
作者:[Dennis Turpitka][a]
译者:[译者ID](https://github.com/FrankXinqi(&YangYang))
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: http://xmodulo.com/author/dennis
[1]: http://xmodulo.com/linux-vs-windows-device-driver-model.html?format=pdf
[2]: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=PBHS9R4MB9RX4
[3]: http://xmodulo.com/build-kernel-module-dkms-linux.html
[4]: http://xmodulo.com/go/linux_device_driver_books
[5]: http://xmodulo.com/good-ide-for-c-cpp-linux.html

68
translated/tech/20160604 Microfluidic cooling may prevent the demise of Moore's Law.md Normal file
View File

@ -0,0 +1,68 @@
微流冷却技术可能让摩尔定律起死回生
============================================================
![](http://tr1.cbsistatic.com/hub/i/r/2015/12/09/a7cb82d1-96e8-43b5-bfbd-d4593869b230/resize/620x/9607388a284e3a61a39f4399a9202bd7/networkingistock000042544852agsandrew.jpg)
>Image: iStock/agsandrew
现有的技术无法对微芯片进行有效的冷却,这正快速成为摩尔定律消亡的第一原因。
随着对数字计算速度的需求,科学家和工程师正努力地将更多的晶体管和支撑电路放在已经很拥挤的硅片上。的确,它非常地复杂,然而,和复杂性相比,热量聚积引起的问题更严重。
洛克希德马丁公司首席研究员John Ditri在新闻稿中说到当前我们可以放入微芯片的功能是有限的最主要的原因之一是发热的管理。如果你能管理好发热你可以用较少的芯片较少的材料那样就可以节约成本并能减少系统的大小和重量。如果你能管理好发热用相同数量的芯片将能获得更好的系统性能。
硅对电子流动的阻力产生了热量,在如此小的空间封装如此多的晶体管累积了足以毁坏元器件的热量。一种消除热累积的方法是在芯片层用光子学技术减少电子的流动,然而光子学技术有它的一系列问题。
SEE:2015年硅光子将引起数据中心的革命 [Silicon photonics will revolutionize data centers in 2015][5]
### 微流冷却技术可能是问题的解决之道
为了寻找其他解决办法国防高级研究计划局DARPA发起了一个关于ICECool应用[ICECool Applications][6] (片内/片间增强冷却技术)的项目。GSA网站 [GSA website FedBizOpps.gov][7] 报道ICECool正在探索革命性的热技术其将减轻热耗对军用电子系统的限制同时能显著减小军用电子系统的尺寸重量和功耗。
微流冷却方法的独特之处在于组合使用片内和(或)片间微流冷却技术和片上热互连技术。
![](http://tr4.cbsistatic.com/hub/i/r/2016/05/25/fd3d0d17-bd86-4d25-a89a-a7050c4d59c4/resize/300x/e9c18034bde66526310c667aac92fbf5/microcooling-1.png)
>MicroCooling 1 Image: DARPA
DARPA ICECool应用项目 [DARPA ICECool Application announcement][8] 指出, 这种微型片内和(或)片间通道可采用轴向微通道,径向通道和(或)横流通道,采用微孔和歧管结构及局部液体喷射形式来疏散和重新引导微流,从而以最有利的方式来满足指定的散热指标。
通过上面的技术洛克希德马丁的工程师已经实验性地证明了片上冷却是如何得到显著改善的。洛克希德马丁新闻报道ICECool项目的第一阶段发现当冷却具有多个局部30kW/cm2热点发热为1kw/cm2的芯片时热阻减少了4倍进而验证了洛克希德的嵌入式微流冷却方法的有效性。
第二阶段洛克希德马丁的工程师聚焦于RF放大器。通过ICECool的技术团队演示了RF的输出功率可以得到6倍的增长而放大器仍然比其常规冷却的更凉。
### 投产
出于对技术的信心,洛克希德马丁已经在设计和制造实用的微流冷却发射天线。 Lockheed Martin还与Qorvo合作将其热解决方案与Qorvo的高性能GaN工艺 [GaN process][9] 集成.
研究论文 [DARPA's Intra/Interchip Enhanced Cooling (ICECool) Program][10] 的作者认为ICECool将使电子系统的热管理模式发生改变。ICECool应用的执行者将根据应用来定制片内和片间的热管理方法这个方法需要兼顾应用的材料制造工艺和工作环境。
如果微流冷却能像科学家和工程师所说的成功的话,似乎摩尔定律会起死回生。
更多的关于网络的信息请订阅Data Centers newsletter。
[SUBSCRIBE](https://secure.techrepublic.com/user/login/?regSource=newsletter-button&position=newsletter-button&appId=true&redirectUrl=http%3A%2F%2Fwww.techrepublic.com%2Farticle%2Fmicrofluidic-cooling-may-prevent-the-demise-of-moores-law%2F&)
--------------------------------------------------------------------------------
via: http://www.techrepublic.com/article/microfluidic-cooling-may-prevent-the-demise-of-moores-law/
作者:[Michael Kassner][a]
译者:[messon007](https://github.com/messon007)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: http://www.techrepublic.com/search/?a=michael+kassner
[1]: http://www.intel.com/content/www/us/en/history/museum-gordon-moore-law.html
[2]: https://books.google.com/books?id=mfec2Zw_b7wC&pg=PA154&lpg=PA154&dq=does+heat+destroy+transistors&source=bl&ots=-aNdbMD7FD&sig=XUUiaYG_6rcxHncx4cI4Cqe3t20&hl=en&sa=X&ved=0ahUKEwif4M_Yu_PMAhVL7oMKHW3GC3cQ6AEITTAH#v=onepage&q=does%20heat%20destroy%20transis
[3]: http://www.lockheedmartin.com/us/news/press-releases/2016/march/160308-mst-cool-technology-turns-down-the-heat-on-high-tech-equipment.html
[4]: http://www.techrepublic.com/article/silicon-photonics-will-revolutionize-data-centers-in-2015/
[5]: http://www.techrepublic.com/article/silicon-photonics-will-revolutionize-data-centers-in-2015/
[6]: https://www.fbo.gov/index?s=opportunity&mode=form&id=0be99f61fbac0501828a9d3160883b97&tab=core&_cview=1
[7]: https://www.fbo.gov/index?s=opportunity&mode=form&id=0be99f61fbac0501828a9d3160883b97&tab=core&_cview=1
[8]: https://www.fbo.gov/index?s=opportunity&mode=form&id=0be99f61fbac0501828a9d3160883b97&tab=core&_cview=1
[9]: http://electronicdesign.com/communications/what-s-difference-between-gaas-and-gan-rf-power-amplifiers
[10]: http://www.csmantech.org/Digests/2013/papers/050.pdf

71
translated/tech/20161024 Physical RAM attack can root Android and possibly other devices.md Normal file
View File

@ -0,0 +1,71 @@
针对物理 RAM 的攻击可以取得 Android 设备的根权限,其它设备也存在这样的可能
===
>攻击者确实可以在物理存储单元中实现位翻转来达到侵入(这里把 compromise 翻译成了侵入,感觉还是有点词不达意)移动设备与计算机的目的
![](http://images.techhive.com/images/idgnsImport/2015/08/id-2969037-security1-100606370-large.jpg)
研究者们发现了一种新的在不利用任何软件漏洞情况下,利用 RAM 芯片物理设计上的弱点来侵入 Android 设备的方式。这种攻击技术同样可以影响到其它如 ARM 和 X86 架构的设备与计算机。
攻击起源于过去十多年中将更多的 DRAM动态随机存取存储器容量封装进越来越小的芯片中这将导致存储单元在特定情况下电子在相邻的两行中从一边泄漏到另一边。这里翻译的有点不太通顺特别是这 row 的概念,只是查看了维基百科有了大致了解,结合起来看可能会更有助理解 https://en.wikipedia.org/wiki/Row_hammer
例如,反复且快速的访问相同的物理储存位置 -- 一种被称为 “hammering” (这里 hammering 实在不知道该如何处理,用英文原文似乎也挺好的,在读英文内容的时候也会带来一定的便利)的行为 -- 可以导致相邻位置的位值从 0 反转成 1或者相反。
虽然这样的电子干扰已经被生产商知晓并且从可靠性角度研究了一段时间了 -- 因为内存错误能够导致系统崩溃 -- 研究者展示了在可控方式的触发下它所存在的严重安全隐患。
在 2015 年 4 月,来自谷歌 Project Zero 项目的研究者公布了两份基于内存 “row hammer” 对于 x86-64 CPU 架构的 [提权利用][7]。其中一份利用可以使代码从谷歌的 Chrome 浏览器沙盒里逃逸并且直接在系统上执行,另一份可以在 Linux 机器上获取高级权限。(这里的 kernel-level 不太确定该如何处理,这个可以参看 https://en.wikipedia.org/wiki/Privilege_level
此后,其他的研究者进行了更深入的调查并且展示了[通过网站中 JaveScript 脚本进行利用的方式][6]甚至能够影响运行在云环境下的[虚拟服务器][5]。然而,对于这项技术是否可以应用在智能手机和移动设备大量使用的 ARM 架构中还是有疑问的。
现在,一队成员来自荷兰阿姆斯特丹自由大学,奥地利格拉茨技术大学和加州大学圣塔芭芭拉分校的 VUSec 小组,已经证明了 Rowhammer 不仅仅可以应用在 ARM 架构上并且甚至比在 x86 架构上更容易。
研究者们将他们的新攻击命名为 Drammer代表了 Rowhammer 确实存在,并且计划于周三在维也纳举办的第 23 届 ACM 计算机与通信安全大会上展示。这种攻击建立在之前就被发现与实现的 Rowhammer 技术之上。
VUSec 小组的研究者已经制造了一个适用于 Android 设备的恶意应用,当它被执行的时候利用不易察觉的内存位反转在不需要任何权限的情况下就可以获取设备根权限。
研究者们测试了来自不同制造商的 27 款 Android 设备21 款使用 ARMv732-bit指令集架构其它 6 款使用 ARMv864-bit指令集架构。他们成功的在 17 款 ARMv7 设备和 1 款 ARMv8 设备上实现了为反转,表明了这些设备是易受攻击的。
此外Drammer 能够与其它的 Android 漏洞组合使用,例如 [Stagefright][4] 或者 [BAndroid][3] 来实现无需用户手动下载恶意应用的远程攻击。
谷歌已经注意到了这一类型的攻击。“在研究者向漏洞奖励计划(这里应该是特指谷歌的那个吧,不知道把它翻译成中文是否合适)报告了这个问题之后,我们与他们进行了密切的沟通来深入理解这个问题以便我们更好的保护用户,”一位谷歌的代表在一份邮件申明中这样说到。“我们已经开发了一个缓解方案(这里将 mitigation 翻成了缓解方案不知是否妥当,这又是一个有丰富含义的概念 https://en.wikipedia.org/wiki/Vulnerability_management将会包含在十一月的安全更新中。”
VUSec 的研究者认为,谷歌的缓解方案将会使得攻击过程更为复杂,但是它不能修复潜在的问题。
事实上,从软件上去修复一个由硬件导致的问题是不现实的。硬件供应商正在研究相关问题并且有可能在将来的内存芯片中被修复,但是在现有设备的芯片中风险依然存在。
更糟的是,研究者们说,由于有许多因素会影响到攻击的成功与否并且这些因素尚未被研究透彻,因此很难去说有哪些设备会被影响到。例如,内存控制器可能会在不同的电量的情况下展现不同的行为,因此一个设备可能在满电的情况下没有风险,当它处于低电量的情况下就是有风险的。
同样的在网络安全中有这样一句俗语Attacks always get getter, they never get worse.这里借用“道高一尺魔高一仗。”不知是否合适Rowhammer 攻击已经从理论变成了变成了现实,同样的他可能也会从现在的简单实现变成确确实实的存在。(这一句凭自己的理解翻的)这意味着今天某个设备是不被影响的,在明天就有可能被改进后的 Rowhammer 技术证明它是存在风险的。
Drammer 在 Android 上实现是因为研究者期望研究基于 ARM 设备的影响,但是潜在的技术可以被使用在所有的架构与操作系统上。新的攻击相较于之前建立在运气与特殊特性与特定平台之上并且十分容易失效的技术已经是一个巨大的进步了。
Drammer 依靠被大量硬件子系统所使用的 DMA直接存储访问缓存其中包括了图形网络声音。Drammer 的实现采用了所有操作系统上都有的 Android 的 ION内存分配器接口与方法这个特征这里将 warning 翻译成了特征,纯粹是自己的理解,不知是否妥当)是文章中主要的贡献之一。
"破天荒的,我们成功的展示了我们可以做到,在不依赖任何特定的特性情况下完全可靠的证明了 Rowhammer“ VUSec 小组中的其中一位研究者, Cristiano Giuffrida 这样说道。”攻击所利用的内存位置并非是 Android 独有的。攻击在任何的 Linux 平台上都能工作 -- 我们甚至怀疑其它操作系统也可以 -- 因为它利用的是操作系统内核内存管理中固有的特性。“
”我期待我们可以看到更多针对其它平台的攻击的变种,“阿姆斯特丹自由大学的教授兼 VUSec 系统安全研究小组的领导者Herbert Bos 补充道。
在他们的[文章][2]之外,研究者们也释出了一个 Android 应用来测试 Android 设备在受到 Rowhammer 攻击时是否会有风险 -- 在当前所知的技术条件下。应用还没有传上[谷歌应用商店][Google Play],可以从 [VUSec Drammer 网站][1] 下载来手动安装。一个开源的 Rowhammer 模拟器同样能够帮助其他的研究者来更深入的研究这个问题。
--------------------------------------------------------------------------------
via:http://www.csoonline.com/article/3134726/security/physical-ram-attack-can-root-android-and-possibly-other-devices.html
作者:[Lucian Constantin][a]
译者:[wcnnbdk1](https://github.com/wcnnbdk1)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: http://www.csoonline.com/author/Lucian-Constantin/
[1]:https://www.vusec.net/projects/drammer/
[2]:https://vvdveen.com/publications/drammer.pdf
[3]:https://www.vusec.net/projects/bandroid/
[4]:http://www.csoonline.com/article/3045836/security/new-stagefright-exploit-puts-millions-of-android-devices-at-risk.html
[5]:http://www.infoworld.com/article/3105889/security/flip-feng-shui-attack-on-cloud-vms-exploits-hardware-weaknesses.html
[6]:http://www.computerworld.com/article/2954582/security/researchers-develop-astonishing-webbased-attack-on-a-computers-dram.html
[7]:http://www.computerworld.com/article/2895898/google-researchers-hack-computers-using-dram-electrical-leaks.html
[8]:http://csoonline.com/newsletters/signup.html

178
translated/tech/20161025 3 Ways to Delete All Files in a Directory Except One or Few Files with Extensions.md Executable file
View File

@ -0,0 +1,178 @@
# 删除在一个目录下除了一个或者一些带扩展名文件的其他所有文件的三种方法
有的时候,你可能会遇到这种情况,你需要删除一个目录下的所有文件,或者只是简单的通过删除除了一些指定类型(以指定扩展名结尾)的文件来清空一个目录。
在这篇文章,我们将会向你展现如何通过 rm、 find 和 globignore 命令删除一个目录下除了指定文件后缀或者类型的的文件。
在我们进一步深入之前,让我们开始简要的了解一下 Linux 中的一个重要的概念 —— 文件名模式匹配,它可以让我们解决眼前的问题。
在 Linux 下,一个 shell 模式一个包含以下特殊字符的字符串,称为通配符或者元字符:
1. `*`  匹配 0 个或者多个字符
2. `?`  匹配任意单个字符
3. `[seq]`  匹配序列中的任意一个字符
4. `[!seq]`  匹配任意一个不再序列中的字符
我们将在这儿探索三种可能的办法,包括:
### 使用扩展模式匹配操作符删除文件
下来列出了不同的扩展模式匹配操作符,这些模式列表是一个用 `|` 分割包含一个或者多个文件名的列表:
1. `*(pattern-list)`  匹配 0 个或者多个出现的指定模式
2. `?(pattern-list)`  匹配 0 个或者 1 个出现的指定模式
4. `@(pattern-list)`  匹配 1 个或者多个出现的指定模式
5. `!(pattern-list)`  匹配除了一个指定模式之外的任何内容
为了使用它们,像下面一样打开 extglob shell 选项:
```
# shopt -s extglob
```
#### 1. 输入以下命令,删除一个目录下除了 filename 之外的所有文件
```
$ rm -v !("filename")
```
[![删除 Linux 下除了一个文件之外的所有文件](http://www.tecmint.com/wp-content/uploads/2016/10/DeleteAll-Files-Except-One-File-in-Linux.png)][9]
删除 Linux 下除了一个文件之外的所有文件
#### 2. 删除除了 filename1 和 filename2 之外的所有文件
```
$ rm -v !("filename1"|"filename2")
```
[![在 Linux 下删除除了一些文件之外的所有文件](http://www.tecmint.com/wp-content/uploads/2016/10/Delete-All-Files-Except-Few-Files-in-Linux.png)][8]
在 Linux 下删除除了一些文件之外的所有文件
#### 3. 下面的例子显示如何通过交互模式删除除了 `.zip` 之外的所有文件
```
$ rm -i !(*.zip)
```
[![在 Linux 下删除除了 Zip 文件之外的所有文件](http://www.tecmint.com/wp-content/uploads/2016/10/Delete-All-Files-Except-Zip-Files-in-Linux.png)][7]
在 Linux 下删除除了 Zip 文件之外的所有文件
#### 4. 接下来,通过如下的方式你可以删除一个目录下除了所有的`.zip` 和 `.odt` 文件的所有文件,并且在删除的时候,显示正在删除的文件:
```
$ rm -v !(*.zip|*.odt)
```
[![删除除了指定文件扩展的所有文件](http://www.tecmint.com/wp-content/uploads/2016/10/Delete-All-Files-Except-Certain-File-Extensions.png)][6]
删除除了指定文件扩展的所有文件
一旦你已经执行了所有需要的命令,使用如下的方式关闭 extglob shell 选项。
```
$ shopt -u extglob
```
### 使用 Linux 下的 find 命令删除文件
在这种方法下,我们可以[只使用 find 命令][5]的适当的选项或者采用管道配合 xargs 命令,如下所示:
```
$ find /directory/ -type f -not -name 'PATTERN' -delete
$ find /directory/ -type f -not -name 'PATTERN' -print0 | xargs -0 -I {} rm {}
$ find /directory/ -type f -not -name 'PATTERN' -print0 | xargs -0 -I {} rm [options] {}
```
#### 5. 下面的命令将会删除当前目录下除了 `.gz` 之外的所有文件
```
$ find . -type f -not -name '*.gz' -delete
```
[![find 命令 —— 删除 .gz 之外的所有文件](http://www.tecmint.com/wp-content/uploads/2016/10/Remove-All-Files-Except-gz-Files.png)][4]
find 命令 —— 删除 .gz 之外的所有文件
#### 6. 使用管道和 xargs你可以通过如下的方式修改上面的例子
```
$ find . -type f -not -name '*gz' -print0 | xargs -0 -I {} rm -v {}
```
[![使用 find 和 xargs 命令删除文件](http://www.tecmint.com/wp-content/uploads/2016/10/Remove-Files-Using-Find-and-Xargs-Command.png)][3]
使用 find 和 xargs 命令删除文件
#### 7. 让我们看一个额外的例子,下面的命令行将会抹除掉当前目录下除了 `.gz``.odt` 和 `.jpg` 之外的所有文件:
```
$ find . -type f -not \(-name '*gz' -or -name '*odt' -or -name '*.jpg' \) -delete
```
[![删除除了指定扩展文件的所有文件](http://www.tecmint.com/wp-content/uploads/2016/10/Remove-All-Files-Except-File-Extensions.png)][2]
删除除了指定扩展文件的所有文件
### 通过 bash 中的 GLOBIGNORE 变量删除文件
然而,最后的方法,只适用于 bash。 GLOBIGNORE 变量存储了一个通过路径名扩展忽略的分离的模式(或者文件名)列表。
为了使用这种方法,移动到要删除文件的目录,像下面这样设置 GLOBIGNORE 变量:
```
$ cd test
$ GLOBIGNORE=*.odt:*.iso:*.txt
```
在这种情况下,除了 `.odt``.iso` 和 `.txt` 之外的所有文件,都将从当前目录删除。
现在,运行如下的命令清空这个目录:
```
$ rm -v *
```
之后,关闭 GLOBIGNORE 变量:
```
$ unset GLOBIGNORE
```
[![使用 bash 变量 GLOBIGNORE 删除文件](http://www.tecmint.com/wp-content/uploads/2016/10/Delete-Files-Using-Bash-GlobIgnore.png)][1]
使用 bash 变量 GLOBIGNORE 删除文件
注:为了理解上面的命令行采用的标识的意思,请参考我们在每一个插图中使用的命令对应的 man 手册。
就这些了!如果你心里有实现相同目录的其他命令行技术,不要忘了通过下面的反馈部分分享给我们。
--------------------------------------------------------------------------------
via: http://www.tecmint.com/delete-all-files-in-directory-except-one-few-file-extensions/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+tecmint+%28Tecmint%3A+Linux+Howto%27s+Guide%29
作者:[ Aaron Kili][a]
译者:[yangmingming](https://github.com/yangmingming)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: http://www.tecmint.com/author/aaronkili/
[1]:http://www.tecmint.com/wp-content/uploads/2016/10/Delete-Files-Using-Bash-GlobIgnore.png
[2]:http://www.tecmint.com/wp-content/uploads/2016/10/Remove-All-Files-Except-File-Extensions.png
[3]:http://www.tecmint.com/wp-content/uploads/2016/10/Remove-Files-Using-Find-and-Xargs-Command.png
[4]:http://www.tecmint.com/wp-content/uploads/2016/10/Remove-All-Files-Except-gz-Files.png
[5]:http://www.tecmint.com/35-practical-examples-of-linux-find-command/
[6]:http://www.tecmint.com/wp-content/uploads/2016/10/Delete-All-Files-Except-Certain-File-Extensions.png
[7]:http://www.tecmint.com/wp-content/uploads/2016/10/Delete-All-Files-Except-Zip-Files-in-Linux.png
[8]:http://www.tecmint.com/wp-content/uploads/2016/10/Delete-All-Files-Except-Few-Files-in-Linux.png
[9]:http://www.tecmint.com/wp-content/uploads/2016/10/DeleteAll-Files-Except-One-File-in-Linux.png