document/TranslateProject
2
0
Fork 0
mirror of https://github.com/LCTT/TranslateProject.git synced 2025-02-03 23:40:14 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #35 from LCTT/master

Browse Source 
Update Repo
This commit is contained in:
joeren 2015-05-12 09:37:54 +08:00
commit a8fc470ded
10 changed files with 819 additions and 178 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
translated/talk/20150124 Why does C++ promote an int to a float when a float cannot represent all int values.md → published/20150124 Why does C++ promote an int to a float when a float cannot represent all int values.md
View File

@ -1,7 +1,7 @@
既然float不能表示所有的int那为什么在类型转换时C++将int转换成float
---------
=============
#问题
###问题
代码如下:
@ -13,7 +13,7 @@ if (i == f) // 执行某段代码
编译器会将i转换成float类型然后比较这两个float的大小但是float能够表示所有的int吗为什么没有将int和float转换成double类型进行比较呢
#回答
###回答
在整型数的演变中,当`int`变成`unsigned`时,会丢掉负数部分(有趣的是,这样的话,`0u < -1`就是对的了
@ -32,11 +32,11 @@ if((double) i < (double) f)
顺便提一下,在这个问题中有趣的是,`unsigned`的优先级高于`int`,所以把`int`和`unsigned`进行比较时最终进行的是unsigned类型的比较开头提到的`0u < -1`就是这个道理我猜测这可能是在早些时候计算机发展初期当时的人们认为`unsigned``int`在所表示的数值范围上受到的限制更小现在还不需要符号位所以可以使用额外的位来表示更大的数值范围如果你觉得`int`可能会溢出那么就使用unsigned好了在使用16位表示的ints时这个担心会更明显
----
via:[stackoverflow](http://stackoverflow.com/questions/28010565/why-does-c-promote-an-int-to-a-float-when-a-float-cannot-represent-all-int-val/28011249#28011249)
via: [stackoverflow](http://stackoverflow.com/questions/28010565/why-does-c-promote-an-int-to-a-float-when-a-float-cannot-represent-all-int-val/28011249#28011249)
作者:[wintermute][a]
译者:[KayGuoWhu](https://github.com/KayGuoWhu)
校对:[校对者ID](https://github.com/校对者ID)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出

65
published/20150126 iptraf--A TCP or UDP Network Monitoring Utility.md Normal file
View File

@ -0,0 +1,65 @@
iptraf一个实用的TCP/UDP网络监控工具
================================================================================
[iptraf][1]是一个基于ncurses的IP局域网监控器用来生成包括TCP信息、UDP计数、ICMP和OSPF信息、以太网负载信息、节点状态信息、IP校验和错误等等统计数据。
它基于ncurses的用户界面可以使用户免于记忆繁琐的命令行开关。
### 特征 ###
- IP流量监控器用来显示你的网络中的IP流量变化信息。包括TCP标识信息、包以及字节计数ICMP细节OSPF包类型。
- 简单的和详细的接口统计数据包括IP、TCP、UDP、ICMP、非IP以及其他的IP包计数、IP校验和错误接口活动、包大小计数。
- TCP和UDP服务监控器能够显示常见的TCP和UDP应用端口上发送的和接收的包的数量。
- 局域网数据统计模块,能够发现在线的主机,并显示其上的数据活动统计信息。
- TCP、UDP、及其他协议的显示过滤器允许你只查看感兴趣的流量。
- 日志功能。
- 支持以太网、FDDI、ISDN、SLIP、PPP以及本地回环接口类型。
- 利用Linux内核内置的原始套接字接口允许它指iptraf能够用于各种支持的网卡上
- 全屏,菜单式驱动的操作。
###安装方法###
**Ubuntu以及其衍生版本**
sudo apt-get install iptraf
**Arch Linux以及其衍生版本**
sudo pacman -S iptra
**Fedora以及其衍生版本**
sudo yum install iptraf
### 用法 ###
如果不加任何命令行选项地运行**iptraf**命令,程序将进入一种交互模式,通过主菜单可以访问多种功能。
![](http://1102047360.rsc.cdn77.org/wp-content/uploads/2015/01/iptraf_1.png)
简易的上手导航菜单。
![](http://1102047360.rsc.cdn77.org/wp-content/uploads/2015/01/iptraf_2.png)
选择要监控的接口。
![](http://1102047360.rsc.cdn77.org/wp-content/uploads/2015/01/iptraf_3.png)
接口**ppp0**处的流量。
![](http://1102047360.rsc.cdn77.org/wp-content/uploads/2015/01/iptraf_4.png)
试试吧!
--------------------------------------------------------------------------------
via: http://www.unixmen.com/iptraf-tcpudp-network-monitoring-utility/
作者:[Enock Seth Nyamador][a]
译者:[DongShuaike](https://github.com/DongShuaike)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
[a]:http://www.unixmen.com/author/seth/
[1]:http://iptraf.seul.org/about.html

57
published/20150330 2 Ways to Create Your Own Docker Base Image.md Normal file
View File

@ -0,0 +1,57 @@
两种方式创建你自己的 Docker 基本映像
================================================================================
欢迎大家,今天我们学习一下 docker 基本映像以及如何构建我们自己的 docker 基本映像。[Docker][1] 是一个开源项目,提供了一个可以打包、装载和运行任何应用的轻量级容器的开放平台。它没有语言支持、框架和打包系统的限制,从小型的家用电脑到高端服务器,在何时何地都可以运行。这使它们可以不依赖于特定软件栈和供应商,像一块块积木一样部署和扩展网络应用、数据库和后端服务。
Docker 映像是不可更改的只读层。Docker 使用 **Union File System** 在只读文件系统上增加可读写的文件系统但所有更改都发生在最顶层的可写层而其下的只读映像上的原始文件仍然不会改变。由于映像不会改变也就没有状态。基本映像是没有父类的那些映像。Docker 基本映像主要的好处是它允许我们有一个独立运行的 Linux 操作系统。
下面是我们如何可以创建自定义的基本映像的方式。
### 1. 使用 Tar 创建 Docker 基本映像 ###
我们可以使用 tar 构建我们自己的基本映像,我们从一个运行中的 Linux 发行版开始,将其打包为基本映像。这过程可能会有些不同,它取决于我们打算构建的发行版。在 Debian 发行版中,已经预带了 debootstrap。在开始下面的步骤之前我们需要安装 debootstrap。debootstrap 用来获取构建基本系统需要的包。这里,我们构建基于 Ubuntu 14.04 "Trusty" 的映像。要完成这些,我们需要在终端或者 shell 中运行以下命令。
$ sudo debootstrap trusty trusty > /dev/null
$ sudo tar -C trusty -c . | sudo docker import - trusty
![使用debootstrap构建docker基本映像](http://blog.linoxide.com/wp-content/uploads/2015/03/creating-base-image-debootstrap.png)
上面的命令为当前文件夹创建了一个 tar 文件并输出到标准输出中,"docker import - trusty" 通过管道从标准输入中获取这个 tar 文件并根据它创建一个名为 trusty 的基本映像。然后,如下所示,我们将运行映像内部的一条测试命令。
$ docker run trusty cat /etc/lsb-release
[Docker GitHub Repo][2] 中有一些允许我们快速构建基本映像的事例脚本.
### 2. 使用Scratch构建基本映像 ###
在 Docker registry 中,有一个被称为 Scratch 的使用空 tar 文件构建的特殊库:
$ tar cv --files-from /dev/null | docker import - scratch
![使用scratch构建docker基本映像](http://blog.linoxide.com/wp-content/uploads/2015/03/creating-base-image-using-scratch.png)
我们可以使用这个映像构建新的小容器:
FROM scratch
ADD script.sh /usr/local/bin/run.sh
CMD ["/usr/local/bin/run.sh"]
上面的 Dockerfile 文件来自一个很小的映像。这里,它首先从一个完全空的文件系统开始,然后它复制新建的 /usr/local/bin/run.sh 为 script.sh ,然后运行脚本 /usr/local/bin/run.sh。
### 结尾 ###
这这个教程中,我们学习了如何构建一个开箱即用的自定义 Docker 基本映像。构建一个 docker 基本映像是一个很简单的任务,因为这里有很多已经可用的包和脚本。如果我们想要在里面安装想要的东西,构建 docker 基本映像非常有用。如果有任何疑问,建议或者反馈,请在下面的评论框中写下来。非常感谢!享受吧 :-)
--------------------------------------------------------------------------------
via: http://linoxide.com/linux-how-to/2-ways-create-docker-base-image/
作者:[Arun Pyasi][a]
译者:[ictlyh](https://github.com/ictlyh)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
[a]:http://linoxide.com/author/arunp/
[1]:https://www.docker.com/
[2]:https://github.com/docker/docker/blob/master/contrib/mkimage-busybox.sh

71
translated/tech/20150507 Command Line Tool to Monitor Linux Containers Performance.md → published/20150507 Command Line Tool to Monitor Linux Containers Performance.md
View File

@ -1,6 +1,6 @@
监控Linux容器性能的命令行神器
监控 Linux 容器性能的命令行神器
================================================================================
ctop是一个新的基于命令行的工具它可用于在容器层级监控进程。容器通过利用控制器组cgroup的资源管理功能提供了操作系统层级的虚拟化环境。该工具收集来自cgroup的与内存、CPU、块输入输出和诸如拥有者、开机时间等相关的元数据,并以人性化的格式呈现给用户,这样就可以快速对系统健康状况进行评估。基于所获得的数据,它可以尝试推测潜在的容器技术。ctop也有助于在低内存环境中检测出谁在消耗大量的内存。
ctop是一个新的基于命令行的工具它可用于在容器层级监控进程。容器通过利用控制器组cgroup的资源管理功能提供了操作系统层级的虚拟化环境。该工具从cgroup收集与内存、CPU、块输入输出的相关数据以及拥有者、开机时间等元数据,并以人性化的格式呈现给用户,这样就可以快速对系统健康状况进行评估。基于所获得的数据,它可以尝试推测下层的容器技术。ctop也有助于在低内存环境中检测出谁在消耗大量的内存。
### 功能 ###
@ -8,11 +8,11 @@ ctop的一些功能如下
- 收集CPU、内存和块输入输出的度量值
- 收集与拥有者、容器技术和任务统计相关的信息
- 使用任何栏目对信息排序
- 通过任意栏对信息排序
- 以树状视图显示信息
- 折叠/展开cgroup树
- 选择并跟踪cgroup/容器
- 选择显示数据刷新时间框架
- 选择显示数据刷新的时间窗口
- 暂停刷新数据
- 检测基于systemd、Docker和LXC的容器
- 基于Docker和LXC的容器的高级特性
@ -21,7 +21,7 @@ ctop的一些功能如下
### 安装 ###
**ctop**是由Python写成的因此除了需要Python 2.6或其更高版本外(支持内建光标别无其它外部依赖。推荐使用Python的pip进行安装如果还没有安装pip请先安装然后使用pip安装ctop。
**ctop**是由Python写成的因此除了需要Python 2.6或其更高版本外(带有内建的光标支持别无其它外部依赖。推荐使用Python的pip进行安装如果还没有安装pip请先安装然后使用pip安装ctop。
*注意本文样例来自Ubuntu14.10)系统*
@ -84,19 +84,18 @@ ctop的一些功能如下
下面是ctop的输出样例
![ctop screen](http://blog.linoxide.com/wp-content/uploads/2015/05/ctop.png)
ctop屏幕
*ctop屏幕*
### 用法选项 ###
ctop [--tree] [--refresh=] [--columns=] [--sort-col=] [--follow=] [--fold=, ...] ctop (-h | --help)
一旦你进入ctop屏幕使用上和下箭头键在容器间导航。点击某个容器就选定了该容器按q或Ctrl+C退出容器。
当你进入ctop屏幕使用上和下箭头键在容器间导航。点击某个容器就选定了该容器按q或Ctrl+C退出容器。
现在,让我们来看看上面列出的那一堆选项究竟是怎么用的吧。
-h / --help - Show the help screen
----------
**-h / --help - 显示帮助信息**
poornima@poornima-Lenovo:~$ ctop -h
Usage: ctop [options]
@ -111,72 +110,66 @@ ctop屏幕
--sort-col=SORT_COL Select column to sort by initially. Can be changed
dynamically.
----------
--tree - Display tree view of the containers
**--tree - 显示容器的树形视图**
默认情况下,会显示列表视图
一旦你进入ctop窗口你可以使用F5按钮在树状/列表视图间切换。
你进入ctop窗口你可以使用F5按钮在树状/列表视图间切换。
--fold=<name> - Fold the <name> cgroup path in the tree view.
**--fold=<name> - 在树形视图中折叠名为 \<name> 的 cgroup 路径**
This option needs to be used in combination with --tree.
该选项需要与 --tree 选项组合使用。
----------
Eg: ctop --tree --fold=/user.slice
例子: ctop --tree --fold=/user.slice
![Output of 'ctop --fold'](http://blog.linoxide.com/wp-content/uploads/2015/05/ctop-fold.png)
ctop --fold的输出
*'ctop --fold'的输出*
在ctop窗口中使用+/-键来展开或折叠子cgroup。
注意在写本文时pip仓库中还没有最新版的ctop还不支持命令行的--fold选项
--follow= - Follow/Highlight the cgroup path.
**--follow= - 跟踪/高亮 cgroup 路径**
----------
Eg: ctop --follow=/user.slice/user-1000.slice
例子: ctop --follow=/user.slice/user-1000.slice
正如你在下面屏幕中所见到的那样,带有“/user.slice/user-1000.slice”路径的cgroup被高亮显示这让用户易于跟踪就算显示位置变了也一样。
![Output of 'ctop --follow'](http://blog.linoxide.com/wp-content/uploads/2015/05/ctop-follow.png)
ctop --follow的输出
*'ctop --follow'的输出*
你也可以使用f按钮来让高亮的行跟踪选定的容器。默认情况下跟踪是关闭的。
--refresh= - Refresh the display at the given rate. Default 1 sec
**--refresh= - 按指定频率刷新显示默认1秒**
这对于按每用户需求来显示改变刷新率时很有用。使用p按钮可以暂停刷新并选择文本。
--columns=<columns> - Can limit the display to selected <columns>. 'name' should be the first entry followed by other columns. By default, the columns include owner, processes,memory, cpu-sys, cpu-user, blkio, cpu-time.
**--columns=<columns> - 限定只显示选定的列。'name' 需要是第一个字段其后跟着其它字段。默认情况下字段包括owner, processes,memory, cpu-sys, cpu-user, blkio, cpu-time**
----------
Eg: ctop --columns=name,owner,type,memory
例子: ctop --columns=name,owner,type,memory
![Output of 'ctop --column'](http://blog.linoxide.com/wp-content/uploads/2015/05/ctop-column.png)
ctop --column的输出
-sort-col=<sort-col> - column using which the displayed data should be sorted. By default it is sorted using cpu-user
*'ctop --column'的输出*
----------
**-sort-col=<sort-col> - 按指定的列排序。默认使用 cpu-user 排序**
Eg: ctop --sort-col=blkio
例子: ctop --sort-col=blkio
如果有Docker和LXC支持的额外容器跟踪选项也是可用的
press 'a' - attach to console output
press 'a' - 接驳到终端输出
press 'e' - open a shell in the container context
press 'e' - 打开容器中的一个 shell
press 's' stop the container (SIGTERM)
press 's' - 停止容器 (SIGTERM)
press 'k' - kill the container (SIGKILL)
press 'k' - 杀死容器 (SIGKILL)
[ctop][1]当前还处于Jean-Tiare Le Bigot的开发希望我们能在该工具中见到像本地top命令一样的特性 :-)
目前 Jean-Tiare Le Bigot 还在积极开发 [ctop][1] 中,希望我们能在该工具中见到像本地 top 命令一样的特性 :-)
--------------------------------------------------------------------------------
@ -184,7 +177,7 @@ via: http://linoxide.com/how-tos/monitor-linux-containers-performance/
作者:[B N Poornima][a]
译者:[GOLinux](https://github.com/GOLinux)
校对:[校对者ID](https://github.com/校对者ID)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出

31
sources/news/20150511 Ubuntu Devs Propose Stateless Persistent Network Interface Names for Ubuntu and Debian.md Normal file
View File

@ -0,0 +1,31 @@
Ubuntu Devs Propose Stateless Persistent Network Interface Names for Ubuntu and Debian
======================================================================================
*Networks are detected in an unpredictable and unstable order*
**Martin Pitt, a renown Ubuntu and Debian developer, came with the proposal of enabling stateless persistent network interface names in the upcoming versions of the Ubuntu Linux and Debian GNU/Linux operating systems.**
According to Mr. Pitt, it appears that the problem lies in the automatic detection of network interfaces within the Linux kernel. As such, network interfaces are detected in an unstable and unpredictable order. However, it order to connect to a certain network interface in ifupdown or networkd users will need to identify it first using a stable name.
"The general schema for this is to have an udev rule which does some matches to identify a particular interface, and assings a NAME="foo" to it," says Martin Pitt in an email to the Ubuntu mailinglist. "Interfaces with an explicit NAME= get called just like this, and others just get a kernel driver default, usually ethN, wlanN, or sometimes others (some wifi drivers have their own naming schemas)."
**Sever solutions appeared over the years: mac, biosdevname, and ifnames**
Apparently, several solutions are available for this problem, including an installation of an udev rule in /lib/udev/rules.d/75-persistent-net-generator.rules that creates a MAC address at first boot and writes it to /etc/udev/rules.d/70-persistent-net.rules, which is currently used by default in Ubuntu and applies to most hardware components.
Other solutions include biosdevname, a package that reads port or index numbers, and slot names from the BIOS and writes them to /lib/udev/rules.d/71-biosdevname.rules, and ifnames, a persistent name generator that automatically checks the BIOS and/or firmware for index numbers or slot names, similar to biosdevname.
However, the difference between ifnames and biosdevname is that the latter falls back to slot names, such as PCI numbers, and then to the MAC address and writes to /lib/udev/rules.d/80-net-setup-link.rules. All of these solutions can be combined, and Martin Pitt proposes to replace the first solution that is now used by default with the ifnames one.
If a new solution is implemented, a lot of networking issues will be resolved in Ubuntu, especially the cloud version. In addition, it will provide for stable network interface names for all new Ubuntu installations, and resolve many other problems related to system-image, etc.
--------------------------------------------------------------------------------
via: http://news.softpedia.com/news/Ubuntu-Devs-Propose-Stateless-Persistent-Network-Interface-Names-for-Ubuntu-and-Debian-480730.shtml
作者:[Marius Nestor][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
[a]:http://news.softpedia.com/editors/browse/marius-nestor

73
sources/talk/20150511 Open Source History--Why Did Linux Succeed.md Normal file
View File

@ -0,0 +1,73 @@
Open Source History: Why Did Linux Succeed?
================================================================================
> Why did Linux, the Unix-like operating system kernel started by Linus Torvalds in 1991 that became central to the open source world, succeed where so many similar projects, including GNU HURD and the BSDs, fail?
![](http://thevarguy.com/site-files/thevarguy.com/files/imagecache/medium_img/uploads/2015/05/linux.jpg)
One of the most puzzling questions about the history of free and open source is this: Why did Linux succeed so spectacularly, whereas similar attempts to build a free or open source, Unix-like operating system kernel met with considerably less success? I don't know the answer to that question. But I have rounded up some theories, which I'd like to lay out here.
First, though, let me make clear what I mean when I write that Linux was a great success. I am defining it in opposition primarily to the variety of other Unix-like operating system kernels, some of them open and some not, that proliferated around the time Linux was born. [GNU][1] HURD, the free-as-in-freedom kernel whose development began in [May 1991][2], is one of them. Others include Unices that most people today have never heard of, such as various derivatives of the Unix variant developed at the University of California at Berkeley, BSD; Xenix, Microsoft's take on Unix; academic Unix clones including Minix; and the original Unix developed under the auspices of AT&T, which was vitally important in academic and commercial computing circles during earlier decades, but virtually disappeared from the scene by the 1990s.
#### Related ####
- [Open Source History: Tracing the Origins of Hacker Culture and the Hacker Ethic][3]
- [Unix and Personal Computers: Reinterpreting the Origins of Linux][4]
I'd also like to make clear that I'm writing here about kernels, not complete operating systems. To a great extent, the Linux kernel owes its success to the GNU project as a whole, which produced the crucial tools, including compilers, a debugger and a BASH shell implementation, that are necessary to build a Unix-like operating system. But GNU developers never created a viable version of the the HURD kernel (although they are [still trying][5]). Instead, Linux ended up as the kernel that glued the rest of the GNU pieces together, even though that had never been in the GNU plans.
So it's worth asking why Linux, a kernel launched by Linus Torvalds, an obscure programmer in Finland, in 1991—the same year as HURD—endured and thrived within a niche where so many other Unix-like kernels, many of which enjoyed strong commercial backing and association with the leading Unix hackers of the day, failed to take off. To that end, here are a few theories pertaining to that question that I've come across as I've researched the history of the free and open source software worlds, along with the respective strengths and weaknesses of these various explanations.
### Linux Adopted a Decentralized Development Approach ###
This is the argument that comes out of Eric S. Raymond's essay, "[The Cathedral and the Bazaar][6]," and related works, which make the case that software develops best when a large number of contributors collaborate continuously within a relatively decentralized organizational structure. That was generally true of Linux, in contrast to, for instance, GNU HURD, which took a more centrally directed approach to code development—and, as a result, "had been evidently failing" to build a complete operating system for a decade, in Raymond's view.
To an extent, this explanation makes sense, but it has some significant flaws. For one, Torvalds arguably assumed a more authoritative role in directing Linux code development—deciding which contributions to include and reject—than Raymond and others have wanted to recognize. For another, this reasoning does not explain why GNU succeeded in producing so much software besides a working kernel. If only decentralized development works well in the free/open source software world, then all of GNU's programming efforts should have been a bust—which they most certainly were not.
### Linux is Pragmatic; GNU is Ideological ###
Personally, I find this explanation—which supposes that Linux grew so rapidly because its founder was a pragmatist who initially wrote the kernel just to be able to run a tailored Unix OS on his computer at home, not as part of a crusade to change the world through free software, as the GNU project aimed to do—the most compelling.
Still, it has some weaknesses that make it less than completely satisfying. In particular, while Torvalds himself adopted pragmatic principles, not all members of the community that coalesced around his project, then or today, have done the same. Yet, Linux has succeeded all the same.
Moreover, if pragmatism was the key to Linux's endurance, then why, again, was GNU successful in building so many other tools besides a kernel? If having strong political beliefs about software prevents you from pursuing successful projects, GNU should have been an outright failure, not an endeavor that produced a number of software packages that remain foundational to the IT world today.
Last but not least, many of the other Unix variants of the late 1980s and early 1990s, especially several BSD off-shoots, were the products of pragmatism. Their developers aimed to build Unix variants that could be more freely shared than those restricted by expensive commercial licenses, but they were not deeply ideological about programming or sharing code. Neither was Torvalds, and it is therefore difficult to explain Linux's success, and the failure of other Unix projects, in terms of ideological zeal.
### Operating System Design ###
There are technical differences between Linux and some other Unix variants that are important to keep in mind when considering the success of Linux. Richard Stallman, the founder of the GNU project, pointed to these in explaining, in an email to me, why HURD development had lagged: "It is true that the GNU Hurd is not a practical success. Part of the reason is that its basic design made it somewhat of a research project. (I chose that design thinking it was a shortcut to get a working kernel in a hurry.)"
Linux is also different from other Unix variants in the sense that Torvalds wrote all of the Linux code himself. Having a Unix of his own, free of other people's code, was one of his stated intentions when he [first announced Linux][7] in August 1991. This characteristic sets Linux apart from most of the other Unix variants that existed at that time, which derived their code bases from either AT&T Unix or Berkeley's BSD.
I'm not a computer scientist, so I'm not qualified to decide whether the Linux code was simply superior to that of the other Unices, explaining why Linux succeeded. But that's an argument someone might make—although it does not account for the disparity in culture and personnel between Linux and other Unix kernels, which, to me, seem more important than code in understanding Linux's success.
### The "Community" Put Its Support Behind Linux ###
Stallman also wrote that "mainly the reason" for Linux's success was that "Torvalds made Linux free software, and since then more of the community's effort has gone into Linux than into the Hurd." That's not exactly a complete explanation for Linux's trajectory, since it does not account for why the community of free software developers followed Torvalds instead of HURD or another Unix. But it nonetheless highlights this shift as a large part of how Linux prevailed.
A fuller account of the free software community's decision to endorse Linux would have to explain why developers did so even though, at first, Linux was a very obscure project—much more so, by any measure, than some of the other attempts at the time to create a freer Unix, such as NET BSD and 386/BSD—as well as one whose affinity with the goals of the free software movement was not at first clear. Originally, Torvalds released Linux under a license that simply prevented its commercial use. It was considerably later that he switched to the GNU General Public License, which protects the openness of source code.
So, those are the explanations I've found for Linux's success as an open source operating system kernel—a success which, to be sure, has been measured in some respects (desktop Linux never became what its proponents hoped, for instance). But Linux has also become foundational to the computing world in ways that no other Unix-like OS has. Maybe Apple OS X and iOS, which derive from BSD, come close, but they don't play such a central role as Linux in powering the Internet, among other things.
Have other ideas on why Linux became what it did, or why its counterparts in the Unix world have now almost all sunk into obscurity? (I know: BSD variants still have a following today, and some commercial Unices remain important enough for [Red Hat][8] (RHT) to be [courting their users][9]. But none of these Unix holdouts have conquered everything from Web servers to smartphones in the way Linux has.) I'd be delighted to hear them.
--------------------------------------------------------------------------------
via: http://thevarguy.com/open-source-application-software-companies/050415/open-source-history-why-did-linux-succeed
作者:[hristopher Tozzi][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:http://thevarguy.com/author/christopher-tozzi
[1]:http://gnu.org/
[2]:http://www.gnu.org/software/hurd/history/hurd-announce
[3]:http://thevarguy.com/open-source-application-software-companies/042915/open-source-history-tracing-origins-hacker-culture-and-ha
[4]:http://thevarguy.com/open-source-application-software-companies/042715/unix-and-personal-computers-reinterpreting-origins-linux
[5]:http://thevarguy.com/open-source-application-software-companies/042015/30-years-hurd-lives-gnu-updates-open-source-
[6]:http://www.catb.org/esr/writings/cathedral-bazaar/cathedral-bazaar/
[7]:https://groups.google.com/forum/#!topic/comp.os.minix/dlNtH7RRrGA[1-25]
[8]:http://www.redhat.com/
[9]:http://thevarguy.com/open-source-application-software-companies/032614/red-hat-grants-certification-award-unix-linux-migration-a

151
sources/tech/20150511 Fix Various Update Errors In Ubuntu 14.04.md Normal file
View File

@ -0,0 +1,151 @@
Fix Various Update Errors In Ubuntu 14.04
================================================================================
![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2014/09/Fix_Ubuntu_Update_Error.jpeg)
Who hasnt come across an error while doing an update in Ubuntu? Update errors are common and plenty in Ubuntu and other Linux distributions based on Ubuntu. These errors occur for various reasons and can be fixed easily. In this article, we shall see various types of frequently occurring update errors in Ubuntu and how to fix them.
### Problem With MergeList ###
When you run update in terminal, you may encounter an error “[problem with MergeList][1]” like below:
> E:Encountered a section with no Package: header,
>
> E:Problem with MergeList /var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_precise_universe_binary-i386_Packages,
>
> E:The package lists or status file could not be parsed or opened.
To fix this error, use the following commands:
sudo rm -r /var/lib/apt/lists/*
sudo apt-get clean && sudo apt-get update
### Failed to download repository information -1 ###
There are actually two types of [failed to download repository information errors][2]. If your error read like this:
> W:Failed to fetch bzip2:/var/lib/apt/lists/partial/in.archive.ubuntu.com_ubuntu_dists_oneiric_restricted_binary-i386_Packages Hash Sum mismatch,
>
> W:Failed to fetch bzip2:/var/lib/apt/lists/partial/in.archive.ubuntu.com_ubuntu_dists_oneiric_multiverse_binary-i386_Packages Hash Sum mismatch,
>
> E:Some index files failed to download. They have been ignored, or old ones used instead
Then you can use the following commands to fix it:
sudo rm -rf /var/lib/apt/lists/*
sudo apt-get update
### Failed to download repository information -2 ###
Th other type of failed to download repository information error is because of outdated PPA. Usually, when you run Update Manager and see an error like this:
![](Th other type of failed to download repository information error is because of outdated PPA. Usually, when you run Update Manager and see an error like this:)
You can run sudo apt-get update to see what PPAs are failing. And you can remove it from the sources list. You can follow this screenshot guide to [fix failed to download repository information error][3].
### Failed to download package files error ###
A similar error is [failed to download package files error][4] like this:
![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2014/09/Ubuntu_Update_error.jpeg)
This can be easily fixed by changing the software sources to Main server. Go to Software & Updates and in there changed the download server to Main server:
![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2014/09/Change_server_Ubuntu.jpeg)
### Partial upgrade error ###
Running updates in terminal may throw this [partial upgrade error][5]:
> Not all updates can be installed
>
> Run a partial upgrade, to install as many updates as possible
Run the following command in terminal to fix this error:
sudo apt-get install -f
### error while loading shared libraries ###
This is more of an installation error than update error. If you try to install a program from source code, you may encounter this error:
> error while loading shared libraries:
>
> cannot open shared object file: No such file or directory
This error can be fixed by running the following command in terminal:
sudo /sbin/ldconfig -v
You can find more details on this [error while loading shared libraries][6].
### Could not get lock /var/cache/apt/archives/lock ###
This error happens when another program is using APT. Suppose you are installing some thing in Ubuntu Software Center and trying to run apt in terminal.
> E: Could not get lock /var/cache/apt/archives/lock open (11: Resource temporarily unavailable)
>
> E: Unable to lock directory /var/cache/apt/archives/
Normally, this should be fine if you close all other programs using apt but if the problem persists, use the following command:
sudo rm /var/lib/apt/lists/lock
If the above command doesnt work, try this command:
sudo killall apt-get
More details about this error can be found [here][7].
### GPG error: The following signatures couldnt be verified ###
Adding a PPA may result in the following [GPG error: The following signatures couldnt be verified][8] when you try to run an update in terminal:
> W: GPG error: http://repo.mate-desktop.org saucy InRelease: The following signatures couldnt be verified because the public key is not available: NO_PUBKEY 68980A0EA10B4DE8
All we need to do is to fetch this public key in the system. Get the key number from the message. In the above message, the key is 68980A0EA10B4DE8. This key can be used in the following manner:
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 68980A0EA10B4DE8
Once the key has been added, run an update again and it will be fine.
### BADSIG error ###
Another signature related Ubuntu update error is [BADSIG error][9] which looks something like this:
> W: A error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://extras.ubuntu.com precise Release: The following signatures were invalid: BADSIG 16126D3A3E5C1192 Ubuntu Extras Archive Automatic Signing Key
>
> W: GPG error: http://ppa.launchpad.net precise Release:
>
> The following signatures were invalid: BADSIG 4C1CBC1B69B0E2F4 Launchpad PPA for Jonathan French W: Failed to fetch http://extras.ubuntu.com/ubuntu/dists/precise/Release
To fix this BADSIG error, use the following commands in terminal:
sudo apt-get clean
cd /var/lib/apt
sudo mv lists oldlist
sudo mkdir -p lists/partial
sudo apt-get clean
sudo apt-get update
That compiles the list of frequent **Ubuntu update errors** you may encounter. I hope this helps you to get rid of these errors. Have you encountered any other update error in Ubuntu as well? Do mention it in comments and Ill try to do a quick tutorial on it.
--------------------------------------------------------------------------------
via: http://itsfoss.com/fix-update-errors-ubuntu-1404/
作者:[Abhishek][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:http://itsfoss.com/author/abhishek/
[1]:http://itsfoss.com/how-to-fix-problem-with-mergelist/
[2]:http://itsfoss.com/solve-ubuntu-error-failed-to-download-repository-information-check-your-internet-connection/
[3]:http://itsfoss.com/failed-to-download-repository-information-ubuntu-13-04/
[4]:http://itsfoss.com/fix-failed-download-package-files-error-ubuntu/
[5]:http://itsfoss.com/fix-partial-upgrade-error-elementary-os-luna-quick-tip/
[6]:http://itsfoss.com/solve-open-shared-object-file-quick-tip/
[7]:http://itsfoss.com/fix-ubuntu-install-error/
[8]:http://itsfoss.com/solve-gpg-error-signatures-verified-ubuntu/
[9]:http://itsfoss.com/solve-badsig-error-quick-tip/

405
sources/tech/20150511 OpenSSL command line Root and Intermediate CA including OCSP, CRL and revocation.md Normal file
View File

@ -0,0 +1,405 @@
OpenSSL command line Root and Intermediate CA including OCSP, CRL and revocation
================================================================================
These are quick and dirty notes on generating a certificate authority (CA), intermediate certificate authorities and end certificates using OpenSSL. It includes OCSP, CRL and CA Issuer information and specific issue and expiry dates.
We'll set up our own root CA. We'll use the root CA to generate an example intermediate CA. We'll use the intermediate CA to sign end user certificates.
### Root CA ###
Create and move in to a folder for the root ca:
mkdir ~/SSLCA/root/
cd ~/SSLCA/root/
Generate a 8192-bit long SHA-256 RSA key for our root CA:
openssl genrsa -aes256 -out rootca.key 8192
Example output:
Generating RSA private key, 8192 bit long modulus
.........++
....................................................................................................................++
e is 65537 (0x10001)
If you want to password-protect this key, add the option `-aes256`.
Create the self-signed root CA certificate `ca.crt`; you'll need to provide an identity for your root CA:
openssl req -sha256 -new -x509 -days 1826 -key rootca.key -out rootca.crt
Example output:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:NL
State or Province Name (full name) [Some-State]:Zuid Holland
Locality Name (eg, city) []:Rotterdam
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Sparkling Network
Organizational Unit Name (eg, section) []:Sparkling CA
Common Name (e.g. server FQDN or YOUR name) []:Sparkling Root CA
Email Address []:
Create a few files where the CA will store it's serials:
touch certindex
echo 1000 > certserial
echo 1000 > crlnumber
Place the CA config file. This file has stubs for CRL and OCSP endpoints.
# vim ca.conf
[ ca ]
default_ca = myca
[ crl_ext ]
issuerAltName=issuer:copy
authorityKeyIdentifier=keyid:always
[ myca ]
dir = ./
new_certs_dir = $dir
unique_subject = no
certificate = $dir/rootca.crt
database = $dir/certindex
private_key = $dir/rootca.key
serial = $dir/certserial
default_days = 730
default_md = sha1
policy = myca_policy
x509_extensions = myca_extensions
crlnumber = $dir/crlnumber
default_crl_days = 730
[ myca_policy ]
commonName = supplied
stateOrProvinceName = supplied
countryName = optional
emailAddress = optional
organizationName = supplied
organizationalUnitName = optional
[ myca_extensions ]
basicConstraints = critical,CA:TRUE
keyUsage = critical,any
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer
keyUsage = digitalSignature,keyEncipherment,cRLSign,keyCertSign
extendedKeyUsage = serverAuth
crlDistributionPoints = @crl_section
subjectAltName = @alt_names
authorityInfoAccess = @ocsp_section
[ v3_ca ]
basicConstraints = critical,CA:TRUE,pathlen:0
keyUsage = critical,any
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer
keyUsage = digitalSignature,keyEncipherment,cRLSign,keyCertSign
extendedKeyUsage = serverAuth
crlDistributionPoints = @crl_section
subjectAltName = @alt_names
authorityInfoAccess = @ocsp_section
[alt_names]
DNS.0 = Sparkling Intermidiate CA 1
DNS.1 = Sparkling CA Intermidiate 1
[crl_section]
URI.0 = http://pki.sparklingca.com/SparklingRoot.crl
URI.1 = http://pki.backup.com/SparklingRoot.crl
[ocsp_section]
caIssuers;URI.0 = http://pki.sparklingca.com/SparklingRoot.crt
caIssuers;URI.1 = http://pki.backup.com/SparklingRoot.crt
OCSP;URI.0 = http://pki.sparklingca.com/ocsp/
OCSP;URI.1 = http://pki.backup.com/ocsp/
If you need to set a specific certificate start / expiry date, add the following to `[myca]`
# format: YYYYMMDDHHMMSS
default_enddate = 20191222035911
default_startdate = 20181222035911
### Creating Intermediate 1 CA ###
Generate the intermediate CA's private key:
openssl genrsa -out intermediate1.key 4096
Generate the intermediate1 CA's CSR:
openssl req -new -sha256 -key intermediate1.key -out intermediate1.csr
Example output:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:NL
State or Province Name (full name) [Some-State]:Zuid Holland
Locality Name (eg, city) []:Rotterdam
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Sparkling Network
Organizational Unit Name (eg, section) []:Sparkling CA
Common Name (e.g. server FQDN or YOUR name) []:Sparkling Intermediate CA
Email Address []:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
Make sure the subject (CN) of the intermediate is different from the root.
Sign the intermediate1 CSR with the Root CA:
openssl ca -batch -config ca.conf -notext -in intermediate1.csr -out intermediate1.crt
Example Output:
Using configuration from ca.conf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName :PRINTABLE:'NL'
stateOrProvinceName :ASN.1 12:'Zuid Holland'
localityName :ASN.1 12:'Rotterdam'
organizationName :ASN.1 12:'Sparkling Network'
organizationalUnitName:ASN.1 12:'Sparkling CA'
commonName :ASN.1 12:'Sparkling Intermediate CA'
Certificate is to be certified until Mar 30 15:07:43 2017 GMT (730 days)
Write out database with 1 new entries
Data Base Updated
Generate the CRL (both in PEM and DER):
openssl ca -config ca.conf -gencrl -keyfile rootca.key -cert rootca.crt -out rootca.crl.pem
openssl crl -inform PEM -in rootca.crl.pem -outform DER -out rootca.crl
Generate the CRL after every certificate you sign with the CA.
If you ever need to revoke the this intermediate cert:
openssl ca -config ca.conf -revoke intermediate1.crt -keyfile rootca.key -cert rootca.crt
### Configuring the Intermediate CA 1 ###
Create a new folder for this intermediate and move in to it:
mkdir ~/SSLCA/intermediate1/
cd ~/SSLCA/intermediate1/
Copy the Intermediate cert and key from the Root CA:
cp ~/SSLCA/root/intermediate1.key ./
cp ~/SSLCA/root/intermediate1.crt ./
Create the index files:
touch certindex
echo 1000 > certserial
echo 1000 > crlnumber
Create a new `ca.conf` file:
# vim ca.conf
[ ca ]
default_ca = myca
[ crl_ext ]
issuerAltName=issuer:copy
authorityKeyIdentifier=keyid:always
[ myca ]
dir = ./
new_certs_dir = $dir
unique_subject = no
certificate = $dir/intermediate1.crt
database = $dir/certindex
private_key = $dir/intermediate1.key
serial = $dir/certserial
default_days = 365
default_md = sha1
policy = myca_policy
x509_extensions = myca_extensions
crlnumber = $dir/crlnumber
default_crl_days = 365
[ myca_policy ]
commonName = supplied
stateOrProvinceName = supplied
countryName = optional
emailAddress = optional
organizationName = supplied
organizationalUnitName = optional
[ myca_extensions ]
basicConstraints = critical,CA:FALSE
keyUsage = critical,any
subjectKeyIdentifier = hash
authorityKeyIdentifier = keyid:always,issuer
keyUsage = digitalSignature,keyEncipherment
extendedKeyUsage = serverAuth
crlDistributionPoints = @crl_section
subjectAltName = @alt_names
authorityInfoAccess = @ocsp_section
[alt_names]
DNS.0 = example.com
DNS.1 = example.org
[crl_section]
URI.0 = http://pki.sparklingca.com/SparklingIntermidiate1.crl
URI.1 = http://pki.backup.com/SparklingIntermidiate1.crl
[ocsp_section]
caIssuers;URI.0 = http://pki.sparklingca.com/SparklingIntermediate1.crt
caIssuers;URI.1 = http://pki.backup.com/SparklingIntermediate1.crt
OCSP;URI.0 = http://pki.sparklingca.com/ocsp/
OCSP;URI.1 = http://pki.backup.com/ocsp/
Change the `[alt_names]` section to whatever you need as Subject Alternative names. Remove it including the `subjectAltName = @alt_names` line if you don't want a Subject Alternative Name.
If you need to set a specific certificate start / expiry date, add the following to `[myca]`
# format: YYYYMMDDHHMMSS
default_enddate = 20191222035911
default_startdate = 20181222035911
Generate an empty CRL (both in PEM and DER):
openssl ca -config ca.conf -gencrl -keyfile rootca.key -cert rootca.crt -out rootca.crl.pem
openssl crl -inform PEM -in rootca.crl.pem -outform DER -out rootca.crl
### Creating end user certificates ###
We use this new intermediate CA to generate an end user certificate. Repeat these steps for every end user certificate you want to sign with this CA.
mkdir enduser-certs
Generate the end user's private key:
openssl genrsa -out enduser-certs/enduser-example.com.key 4096
Generate the end user's CSR:
openssl req -new -sha256 -key enduser-certs/enduser-example.com.key -out enduser-certs/enduser-example.com.csr
Example output:
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:NL
State or Province Name (full name) [Some-State]:Noord Holland
Locality Name (eg, city) []:Amsterdam
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Example Inc
Organizational Unit Name (eg, section) []:IT Dept
Common Name (e.g. server FQDN or YOUR name) []:example.com
Email Address []:
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
Sign the end user's CSR with the Intermediate 1 CA:
openssl ca -batch -config ca.conf -notext -in enduser-certs/enduser-example.com.csr -out enduser-certs/enduser-example.com.crt
Example output:
Using configuration from ca.conf
Check that the request matches the signature
Signature ok
The Subject's Distinguished Name is as follows
countryName :PRINTABLE:'NL'
stateOrProvinceName :ASN.1 12:'Noord Holland'
localityName :ASN.1 12:'Amsterdam'
organizationName :ASN.1 12:'Example Inc'
organizationalUnitName:ASN.1 12:'IT Dept'
commonName :ASN.1 12:'example.com'
Certificate is to be certified until Mar 30 15:18:26 2016 GMT (365 days)
Write out database with 1 new entries
Data Base Updated
Generate the CRL (both in PEM and DER):
openssl ca -config ca.conf -gencrl -keyfile intermediate1.key -cert intermediate1.crt -out intermediate1.crl.pem
openssl crl -inform PEM -in intermediate1.crl.pem -outform DER -out intermediate1.crl
Generate the CRL after every certificate you sign with the CA.
If you ever need to revoke the this end users cert:
openssl ca -config ca.conf -revoke enduser-certs/enduser-example.com.crt -keyfile intermediate1.key -cert intermediate1.crt
Example output:
Using configuration from ca.conf
Revoking Certificate 1000.
Data Base Updated
Create the certificate chain file by concatenating the Root and intermediate 1 certificates together.
cat ../root/rootca.crt intermediate1.crt > enduser-certs/enduser-example.com.chain
Send the following files to the end user:
enduser-example.com.crt
enduser-example.com.key
enduser-example.com.chain
You can also let the end user supply their own CSR and just send them the .crt file. Do not delete that from the server, otherwise you cannot revoke it.
### Validating the certificate ###
You can validate the end user certificate against the chain using the following command:
openssl verify -CAfile enduser-certs/enduser-example.com.chain enduser-certs/enduser-example.com.crt
enduser-certs/enduser-example.com.crt: OK
You can also validate it against the CRL. Concatenate the PEM CRL and the chain together first:
cat ../root/rootca.crt intermediate1.crt intermediate1.crl.pem > enduser-certs/enduser-example.com.crl.chain
Verify the certificate:
openssl verify -crl_check -CAfile enduser-certs/enduser-example.com.crl.chain enduser-certs/enduser-example.com.crt
Output when not revoked:
enduser-certs/enduser-example.com.crt: OK
Output when revoked:
enduser-certs/enduser-example.com.crt: CN = example.com, ST = Noord Holland, C = NL, O = Example Inc, OU = IT Dept
error 23 at 0 depth lookup:certificate revoked
--------------------------------------------------------------------------------
via: https://raymii.org/s/tutorials/OpenSSL_command_line_Root_and_Intermediate_CA_including_OCSP_CRL%20and_revocation.html
作者Remy van Elst
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出

77
translated/tech/20150126 iptraf--A TCP or UDP Network Monitoring Utility.md
View File

@ -1,77 +0,0 @@
iptraf:一个实用的TCP/UDP网络监控工具
================================================================================
[iptraf][1]是一个基于ncursesncurses-based)的IP局域网监控器用来生成包括TCP信息UDP计数ICMP和OSPF信息以太网加载信息结点状态信息IP校验和错误等等统计数据。
它基于ncurses的用户界面帮助用户免于记忆繁琐的命令行开关。
### 特征 ###
- 拥有一个IP流量监控器用来显示你的网络中的流量变化信息。包括TCP标识信息包以及字节计数ICMP细节OSPF包类型。
- 拥有普通和详细的交互统计数据显示了IPTCPUDPICMP非IP以及其他的IP包计数IP校验和错误交互活动包尺寸计数。这里一些专业术语拿不定
- 拥有一个TCP和UDP服务监控器能够显示普通TCP和UDP应用端口上发送的和接收的包的数量。
- 拥有一个局域网数据统计模块,能够检查到(discover)处于活动状态的主机,并显示其上正在运行的数据活动的统计信息。
- 拥有TCPUDP以及其他协议的显示过滤器display filters允许你只查看感兴趣的流量。
- 日志功能。
- 支持以太网FDDIISDNSLIPPPP以及loopback接口类型interface types)。
- 利用Linux内核内置的built-in原始套接字接口允许它指iptraf能够用于许多种网卡上这句话翻译不好
- 全屏,菜单式驱动的操作。
安装方法
### Ubuntu以及其衍生版本 ###
sudo apt-get install iptraf
### Arch Linux以及其衍生版本 ###
sudo pacman -S iptra
### Fedora以及其衍生版本 ###
sudo yum install iptraf
### 用法 ###
如果不加任何命令行选项地运行**iptraf**命令,程序将进入一种交互模式,通过主菜单可以访问多种设备(various facilities)
![](http://180016988.r.cdn77.net/wp-content/uploads/2015/01/iptraf_1.png)
简易的上手导航菜单。
![](http://180016988.r.cdn77.net/wp-content/uploads/2015/01/iptraf_2.png)
为monitor选择界面接口
![](http://180016988.r.cdn77.net/wp-content/uploads/2015/01/iptraf_3.png)
接口 **pp0** 处的流量。
![](http://180016988.r.cdn77.net/wp-content/uploads/2015/01/iptraf_4.png)
开始吧!
--------------------------------------------------------------------------------
via: http://www.unixmen.com/iptraf-tcpudp-network-monitoring-utility/
作者:[Enock Seth Nyamador][a]
译者:[DongShuaike](https://github.com/DongShuaike)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
[a]:http://www.unixmen.com/author/seth/
[1]:http://iptraf.seul.org/about.html

57
translated/tech/20150330 2 Ways to Create Your Own Docker Base Image.md
View File

@ -1,57 +0,0 @@
创建你自己的Docker基本映像的2中方式
================================================================================
欢迎大家今天我们学习一下docker基本映像以及如何构建我们自己的docker基本映像。[Docker][1]是一个开源项目,为打包,装载和运行任何应用提供开发平台的轻量级容器。它没有语言支持,框架和打包系统的限制,从小型的家用电脑到高端的服务器,在何时何地都可以运行。这使它们成为不依赖于特定栈和供应商,很好的部署和扩展网络应用,数据库和后端服务的构建块。
Docker映像是不可更改的只读层。Docker使用**Union File System**在只读文件系统上增加读写文件系统。但所有更改都发生在最顶层的可写层最底部在只读映像上的原始文件仍然不会改变。由于映像不会改变也就没有状态。基本映像是没有父类的那些映像。Docker基本映像主要的好处是它允许我们有一个独立允许的Linux操作系统。
下面是我们如何可以创建自定义基本映像的方式。
### 1. 使用Tar创建Docker基本映像 ###
我们可以使用tar构建我们自己的基本映像我们从将要打包为基本映像的运行中的Linux发行版开始构建。这过程可以会有些不同它取决于我们打算构建的发行版。在Linux的发行版Debian中已经预装了debootstrap。在开始下面的步骤之前我们需要安装debootstrap。debootstrap用来获取构建基本系统需要的包。这里我们构建基于Ubuntu 14.04 "Trusty" 的映像。做这些我们需要在终端或者shell中运行以下命令。
$ sudo debootstrap trusty trusty > /dev/null
$ sudo tar -C trusty -c . | sudo docker import - trusty
![使用debootstrap构建docker基本映像](http://blog.linoxide.com/wp-content/uploads/2015/03/creating-base-image-debootstrap.png)
上面的命令为当前文件夹创建了一个tar文件并输出到STDOUT中"docker import - trusty"从STDIN中获取这个tar文件并根据它创建一个名为trusty的基本映像。然后如下所示我们将运行映像内部的一条测试命令。
$ docker run trusty cat /etc/lsb-release
[Docker GitHub Repo][2] 中有一些允许我们快速构建基本映像的事例脚本.
### 2. 使用Scratch构建基本映像 ###
在Docker的注册表中有一个被称为Scratch的使用空tar文件构建的特殊库
$ tar cv --files-from /dev/null | docker import - scratch
![使用scratch构建docker基本映像](http://blog.linoxide.com/wp-content/uploads/2015/03/creating-base-image-using-scratch.png)
我们可以使用这个映像构建新的小容器:
FROM scratch
ADD script.sh /usr/local/bin/run.sh
CMD ["/usr/local/bin/run.sh"]
上面的Docker文件来自一个很小的映像。这里它首先从一个完全空的文件系统开始然后它复制新建的/usr/local/bin/run.sh为script.sh然后运行脚本/usr/local/bin/run.sh。
### 结尾 ###
这这个教程中我们学习了如果构建一个自定义的Docker基本映像。构建一个docker基本映像是一个很简单的任务因为这里有很多已经可用的包和脚本。如果我们想要在里面安装想要的东西构建docker基本映像非常有用。如果有任何疑问建议或者反馈请在下面的评论框中写下来。非常感谢享受吧 :-)
--------------------------------------------------------------------------------
via: http://linoxide.com/linux-how-to/2-ways-create-docker-base-image/
作者:[Arun Pyasi][a]
译者:[ictlyh](https://github.com/ictlyh)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
[a]:http://linoxide.com/author/arunp/
[1]:https://www.docker.com/
[2]:https://github.com/docker/docker/blob/master/contrib/mkimage-busybox.sh