diff --git a/LCTT翻译规范.md b/LCTT翻译规范.md new file mode 100644 index 0000000000..b9a514f115 --- /dev/null +++ b/LCTT翻译规范.md @@ -0,0 +1,4 @@ +# Linux中国翻译规范 +1. 翻译中出现的专有名词,可参见Dict.md中的翻译。 +2. 英文人名,如无中文对应译名,一般不译。 +2. 缩写词,一般不须翻译,可考虑旁注中文全名。 \ No newline at end of file diff --git a/README.md b/README.md index 968c8434a1..7fbc7a5f36 100644 --- a/README.md +++ b/README.md @@ -51,113 +51,117 @@ LCTT的组成 * 2014/12/25 提升runningwater为Core Translators成员。 * 2015/04/19 发起 LFS-BOOK-7.7-systemd 项目。 * 2015/06/09 提升ictlyh和dongfengweixiao为Core Translators成员。 +* 2015/11/10 提升strugglingyouth、FSSlc、Vic020、alim0x为Core Translators成员。 活跃成员 ------------------------------- 目前 TP 活跃成员有: - CORE @wxy, -- CORE @carolinewuyan, - CORE @DeadFire, - CORE @geekpi, - CORE @GOLinux, -- CORE @reinoir, -- CORE @bazz2, -- CORE @zpl1025, - CORE @ictlyh, -- CORE @dongfengweixiao +- CORE @carolinewuyan, +- CORE @strugglingyouth, +- CORE @FSSlc +- CORE @zpl1025, +- CORE @runningwater, +- CORE @bazz2, +- CORE @Vic020, +- CORE @dongfengweixiao, +- CORE @alim0x, +- Senior @reinoir, - Senior @tinyeyeser, - Senior @vito-L, - Senior @jasminepeng, - Senior @willqian, - Senior @vizv, -- @ZTinoZ, -- @Vic020, -- @runningwater, -- @KayGuoWhu, -- @luoxcat, -- @alim0x, -- @2q1w2007, -- @theo-l, -- @FSSlc, -- @su-kaiyao, -- @blueabysm, -- @flsf, -- @martin2011qi, -- @SPccman, -- @wi-cuckoo, -- @Linchenguang, -- @linuhap, -- @crowner, -- @Linux-pdz, -- @H-mudcup, -- @yechunxiao19, -- @woodboow, -- @Stevearzh, -- @disylee, -- @cvsher, -- @wwy-hust, -- @johnhoow, -- @felixonmars, -- @TxmszLou, -- @shipsw, -- @scusjs, -- @wangjiezhe, -- @hyaocuk, -- @MikeCoder, -- @ZhouJ-sh, -- @boredivan, -- @goreliu, -- @l3b2w1, -- @JonathanKang, -- @NearTan, -- @jiajia9linuxer, -- @Love-xuan, -- @coloka, -- @owen-carter, -- @luoyutiantang, -- @JeffDing, -- @icybreaker, -- @tenght, -- @liuaiping, -- @mtunique, -- @rogetfan, -- @nd0104, -- @mr-ping, -- @szrlee, -- @lfzark, -- @CNprober, -- @DongShuaike, -- @ggaaooppeenngg, -- @haimingfg, -- @213edu, -- @Tanete, -- @guodongxiaren, -- @zzlyzq, -- @FineFan, -- @yujianxuechuan, -- @Medusar, -- @shaohaolin, -- @ailurus1991, -- @liaoishere, -- @CHINAANSHE, -- @stduolc, -- @yupmoon, -- @tomatoKiller, -- @zhangboyue, -- @kingname, -- @KevinSJ, -- @zsJacky, -- @willqian, -- @Hao-Ding, -- @JygjHappy, -- @Maclauring, -- @small-Wood, -- @cereuz, -- @fbigun, -- @lijhg, -- @soooogreen, +- ZTinoZ, +- theo-l, +- luoxcat, +- disylee, +- wi-cuckoo, +- haimingfg, +- KayGuoWhu, +- wwy-hust, +- martin2011qi, +- cvsher, +- su-kaiyao, +- flsf, +- SPccman, +- Stevearzh +- Linchenguang, +- oska874 +- Linux-pdz, +- 2q1w2007, +- felixonmars, +- wyangsun, +- MikeCoder, +- mr-ping, +- xiqingongzi +- H-mudcup, +- zhangboyue, +- goreliu, +- DongShuaike, +- TxmszLou, +- ZhouJ-sh, +- wangjiezhe, +- NearTan, +- icybreaker, +- shipsw, +- johnhoow, +- linuhap, +- boredivan, +- blueabysm, +- liaoishere, +- yechunxiao19, +- l3b2w1, +- XLCYun, +- KevinSJ, +- tenght, +- coloka, +- luoyutiantang, +- yupmoon, +- jiajia9linuxer, +- scusjs, +- tnuoccalanosrep, +- woodboow, +- 1w2b3l, +- crowner, +- mtunique, +- dingdongnigetou, +- CNprober, +- JonathanKang, +- Medusar, +- hyaocuk, +- szrlee, +- Xuanwo, +- nd0104, +- xiaoyu33, +- guodongxiaren, +- zzlyzq, +- yujianxuechuan, +- ailurus1991, +- ggaaooppeenngg, +- Ricky-Gong, +- lfzark, +- 213edu, +- Tanete, +- liuaiping, +- jerryling315, +- tomatoKiller, +- stduolc, +- shaohaolin, +- Timeszoro, +- rogetfan, +- FineFan, +- kingname, +- jasminepeng, +- JeffDing, +- CHINAANSHE, +(按提交行数排名前百) LFS 项目活跃成员有: @@ -169,7 +173,7 @@ LFS 项目活跃成员有: - @KevinSJ - @Yuking-net -(更新于2015/06/09,以Github contributors列表排名) +(更新于2015/11/29) 谢谢大家的支持! diff --git a/translated/tech/20150202 How to filter BGP routes in Quagga BGP router.md b/published/201510/20150202 How to filter BGP routes in Quagga BGP router.md similarity index 93% rename from translated/tech/20150202 How to filter BGP routes in Quagga BGP router.md rename to published/201510/20150202 How to filter BGP routes in Quagga BGP router.md index 53ce40cac6..17bf6fbbcc 100644 --- a/translated/tech/20150202 How to filter BGP routes in Quagga BGP router.md +++ b/published/201510/20150202 How to filter BGP routes in Quagga BGP router.md @@ -1,6 +1,6 @@ 如何使用 Quagga BGP(边界网关协议)路由器来过滤 BGP 路由 ================================================================================ -在[之前的文章][1]中,我们介绍了如何使用 Quagga 将 CentOS 服务器变成一个 BGP 路由器,也介绍了 BGP 对等体和前缀交换设置。在本教程中,我们将重点放在如何使用**前缀列表**和**路由映射**来分别控制数据注入和数据输出。 +在[之前的文章][1]中,我们介绍了如何使用 Quagga 将 CentOS 服务器变成一个 BGP 路由器,也介绍了 BGP 对等体和前缀交换设置。在本教程中,我们将重点放在如何使用**前缀列表(prefix-list)**和**路由映射(route-map)**来分别控制数据注入和数据输出。 之前的文章已经说过,BGP 的路由判定是基于前缀的收取和前缀的广播。为避免错误的路由,你需要使用一些过滤机制来控制这些前缀的收发。举个例子,如果你的一个 BGP 邻居开始广播一个本不属于它们的前缀,而你也将错就错地接收了这些不正常前缀,并且也将它转发到网络上,这个转发过程会不断进行下去,永不停止(所谓的“黑洞”就这样产生了)。所以确保这样的前缀不会被收到,或者不会转发到任何网络,要达到这个目的,你可以使用前缀列表和路由映射。前者是基于前缀的过滤机制,后者是更为常用的基于前缀的策略,可用于精调过滤机制。 @@ -36,15 +36,15 @@ 上面的命令创建了名为“DEMO-FRFX”的前缀列表,只允许存在 192.168.0.0/23 这个前缀。 -前缀列表的另一个牛X功能是支持子网掩码区间,请看下面的例子: +前缀列表的另一个强大功能是支持子网掩码区间,请看下面的例子: ip prefix-list DEMO-PRFX permit 192.168.0.0/23 le 24 -这个命令创建的前缀列表包含在 192.168.0.0/23 和 /24 之间的前缀,分别是 192.168.0.0/23, 192.168.0.0/24 and 192.168.1.0/24。运算符“le”表示小于等于,你也可以使用“ge”表示大于等于。 +这个命令创建的前缀列表包含在 192.168.0.0/23 和 /24 之间的前缀,分别是 192.168.0.0/23, 192.168.0.0/24 和 192.168.1.0/24。运算符“le”表示小于等于,你也可以使用“ge”表示大于等于。 一个前缀列表语句可以有多个允许或拒绝操作。每个语句都自动或手动地分配有一个序列号。 -如果存在多个前缀列表语句,则这些语句会按序列号顺序被依次执行。在配置前缀列表的时候,我们需要注意在所有前缀列表语句后面的**隐性拒绝**属性,就是说凡是不被明显允许的,都会被拒绝。 +如果存在多个前缀列表语句,则这些语句会按序列号顺序被依次执行。在配置前缀列表的时候,我们需要注意在所有前缀列表语句之后是**隐性拒绝**语句,就是说凡是不被明显允许的,都会被拒绝。 如果要设置成允许所有前缀,前缀列表语句设置如下: @@ -81,7 +81,7 @@ probability Match portion of routes defined by percentage value tag Match tag of route -如你所见,路由映射可以匹配很多属性,本教程需要匹配一个前缀。 +如你所见,路由映射可以匹配很多属性,在本教程中匹配的是前缀。 route-map DEMO-RMAP permit 10 match ip address prefix-list DEMO-PRFX @@ -163,7 +163,7 @@ 可以看到,router-A 有4条路由前缀到达 router-B,而 router-B 只接收3条。查看一下范围,我们就能知道只有被路由映射允许的前缀才能在 router-B 上显示出来,其他的前缀一概丢弃。 -**小提示**:如果接收前缀内容没有刷新,试试重置下 BGP 会话,使用这个命令:clear ip bgp neighbor-IP。本教程中命令如下: +**小提示**:如果接收前缀内容没有刷新,试试重置下 BGP 会话,使用这个命令:`clear ip bgp neighbor-IP`。本教程中命令如下: clear ip bgp 192.168.1.1 @@ -193,9 +193,9 @@ via: http://xmodulo.com/filter-bgp-routes-quagga-bgp-router.html 作者:[Sarmed Rahman][a] 译者:[bazz2](https://github.com/bazz2) -校对:[校对者ID](https://github.com/校对者ID) +校对:[wxy](https://github.com/wxy) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 [a]:http://xmodulo.com/author/sarmed -[1]:http://xmodulo.com/centos-bgp-router-quagga.html +[1]:https://linux.cn/article-4609-1.html diff --git a/published/201510/20150716 Interview--Larry Wall.md b/published/201510/20150716 Interview--Larry Wall.md new file mode 100644 index 0000000000..c08b46910c --- /dev/null +++ b/published/201510/20150716 Interview--Larry Wall.md @@ -0,0 +1,132 @@ +Larry Wall 专访——语言学、Perl 6 的设计和发布 +================================================================================ + +> 经历了15年的打造,Perl 6 终将在年底与大家见面。我们预先采访了它的作者了解一下新特性。 + +Larry Wall 是个相当有趣的人。他是编程语言 Perl 的创造者,这种语言被广泛的誉为将互联网粘在一起的胶水,也由于大量地在各种地方使用非字母的符号被嘲笑为‘只写’语言——以难以阅读著称。Larry 本人具有语言学背景,以其介绍 Perl 未来发展的演讲“[洋葱的状态][1](State of the Onion)”而闻名。(LCTT 译注:“洋葱的状态”是 Larry Wall 的年度演讲的主题,洋葱也是 Perl 基金会的标志。) + +在2015年布鲁塞尔的 FOSDEM 上,我们赶上了 Larry,问了问他为什么 Perl 6 花了如此长的时间(Perl 5 的发布时间是1994年),了解当项目中的每个人都各执己见时是多么的难以管理,以及他的语言学背景自始至终究竟给 Perl 带来了怎样的影响。做好准备,让我们来领略其中的奥妙…… + +![](http://www.linuxvoice.com/wp-content/uploads/2015/07/wall1.jpg) + +**Linux Voice:你曾经有过计划去寻找世界上某个地方的某种不见经传的语言,然后为它创造书写的文字,但你从未有机会去实现它。如果你能回到过去,你会去做么?** + +Larry Wall:你首先得是个年轻人才能搞得定!做这些事需要投入很大的努力和人力,以至于已经不适合那些上了年纪的人了。健康、活力是其中的一部分,同样也因为人们在年轻的时候更容易学习一门新的语言,只有在你学会了语言之后你才能写呀。 + +我自学了日语十年,由于我的音系学和语音学的训练我能说的比较流利——但要理解别人的意思对我来说还十分困难。所以到了日本我会问路,但我听不懂他们的回答! + +通常需要一门语言学习得足够好才能开发一个文字体系,并可以使用这种语言进行少量的交流。在你能够实际推广它和用本土人自己的文化教育他们前,那还需要一些年。最后才可以教授本土人如何以他们的文明书写。 + +当然如果在语言方面你有帮手 —— 经过别人的提醒我们不再使用“语言线人”来称呼他们了,那样显得我们像是在 CIA 工作的一样!—— 你可以通过他们的帮助来学习外语。他们不是老师,但他们会以另一种方式来启发你学习 —— 当然他们也能教你如何说。他们会拿着一根棍子,指着它说“这是一根棍子”,然后丢掉同时说“棒子掉下去了”。然后,你就可以记下一些东西并将其系统化。 + +大多数让人们有这样做的动力是翻译圣经。但是这只是其中的一方面;另一方面也是为了文化保护。传教士在这方面臭名昭著,因为人类学家认为人们应该基于自己的文明来做这件事。但有些人注定会改变他们的文化——他们可能是军队、或是商业侵入,如可口可乐或者缝纫机,或传教士。在这三者之间,传教士相对来讲伤害最小的了,如果他们恪守本职的话。 + +**LV:许多文字系统有本可依,相较而言你的发明就像是格林兰语…** + +印第安人照搬字母就发明了他们自己的语言,而且没有在这些字母上施加太多我们给这些字母赋予的涵义,这种做法相当随性。它们只要能够表达出人们的所思所想,使交流顺畅就行。经常是有些声调语言(Tonal language)使用的是西方文字拼写,并尽可能的使用拉丁文的字符变化,然后用重音符或数字标注出音调。 + +在你开始学习如何使用语音和语调表示之后,你也开始变得迷糊——或者你的书写就不如从前准确。或者你对话的时候像在讲英文,但发音开始无法匹配拼写。 + +**LV:当你在开发 Perl 的时候,你的语言学背景会不会使你认为:“这对程序设计语言真的非常重要”?** + +LW:我在人们是如何使用语言上想了很多。在现实的语言中,你有一套名词、动词和形容词的体系,并且你知道这些单词的词性。在现实的自然语言中,你时常将一个单词放到不同的位置。我所学的语言学理论也被称为法位学(phoenetic),它解释了这些在自然语言中工作的原理 —— 也就是有些你当做名词的东西,有时候你可以将它用作动词,并且人们总是这样做。 + +你能很好的将任何单词放在任何位置而进行沟通。我比较喜欢的例子是将一个整句用作为一个形容词。这句话会是这样的:“我不喜欢你的[我可以用任何东西来取代这个形容词的]态度”! + +所以自然语言非常灵活,因为聆听者非常聪明 —— 至少,相对于电脑而言 —— 你相信他们会理解你最想表达的意思,即使存在歧义。当然对电脑而言,你必须保证歧义不大。 + +> “在 Perl 6 中,我们试图让电脑更准确的了解我们。” + +可以说在 Perl 1到5上,我们针对歧义方面处理做得还不够。有时电脑会在不应该的时候迷惑。在 Perl 6上,我们找了许多方法,使得电脑对你所说的话能更准确的理解,就算用户并不清楚这底是字符串还是数字,电脑也能准确的知道它的类型。我们找到了内部以强类型存储,而仍然可以无视类型的“以此即彼”的方法。 + +![](http://www.linuxvoice.com/wp-content/uploads/2015/07/wall2.jpg) + +**LV:Perl 被视作互联网上的“胶水(glue)”语言已久,能将点点滴滴组合在一起。在你看来 Perl 6 的发布是否符合当前用户的需要,或者旨在招揽更多新用户,能使它重获新生吗?** + +LW:最初的设想是为 Perl 程序员带来更好的 Perl。但在看到了 Perl 5 上的不足后,很明显改掉这些不足会使 Perl 6更易用,就像我在讨论中提到过 —— 类似于 [托尔金(J. R. R. Tolkien) 在《指环王》前言中谈到的适用性一样][2]。 + +重点是“简单的东西应该简单,而困难的东西应该可以实现”。让我们回顾一下,在 Perl 2和3之间的那段时间。在 Perl 2上我们不能处理二进制数据或嵌入的 null 值 —— 只支持 C 语言风格的字符串。我曾说过“Perl 只是文本处理语言 —— 在文本处理语言里你并不需要这些功能”。 + +但当时发生了一大堆的问题,因为大多数的文本中会包含少量的二进制数据 —— 如网络地址(network addresses)及类似的东西。你使用二进制数据打开套接字,然后处理文本。所以通过支持二进制数据,语言的适用性(applicability)翻了一倍。 + +这让我们开始探讨在语言中什么应该简单。现在的 Perl 中有一条原则,是我们偷师了哈夫曼编码(Huffman coding)的做法,它在位编码系统中为字符采取了不同的尺寸,常用的字符占用的位数较少,不常用的字符占用的位数更多。 + +我们偷师了这种想法并将它作为 Perl 的一般原则,针对常用的或者说常输入的 —— 这些常用的东西必须简单或简洁。不过,另一方面,也显得更加的不规则(irregular)。在自然语言中也是这样的,最常用的动词实际上往往是最不规则的。 + +所以在这样的情况下需要更多的差异存在。我很喜欢一本书是 Umberto Eco 写的的《探寻完美的语言(The Search for the Perfect Language)》,说的并不是计算机语言;而是哲学语言,大体的意思是古代的语言也许是完美的,我们应该将它们带回来。 + +所有的这类语言错误的认为类似的事物其编码也应该总是类似的。但这并不是我们沟通的方式。如果你的农场中有许多动物,他们都有相近的名字,当你想杀一只鸡的时候说“走,去把 Blerfoo 宰了”,你的真实想法是宰了 Blerfee,但有可能最后死的是一头牛(LCTT 译注:这是杀鸡用牛刀的意思吗?哈哈)。 + +所以在这种时候我们其实更需要好好的将单词区分开,使沟通信道的冗余增加。常用的单词应该有更多的差异。为了达到更有效的通讯,还有一种自足(LCTT 译注:self-clocking ,自同步,[概念][3]来自电信和电子行业,此处译为“自足”更能体现涵义)编码。如果你在一个货物上看到过 UPC 标签(条形码),它就是一个自足编码,每对“条”和“空”总是以七个列宽为单位,据此你就知道“条”的宽度加起来总是这么宽。这就是自足。 + +在电子产品中还有另一种自足编码。在老式的串行传输协议中有停止和启动位,来保持同步。自然语言中也会包含这些。比如说,在写日语时,不用使用空格。由于书写方式的原因,他们会在每个词组的开头使用中文中的汉字字符,然后用音节表(syllabary)中的字符来结尾。 + +**LV:是平假名,对吗?** + +LW: 是的,平假名。所以在这一系统,每个词组的开头就自然就很重要了。同样的,在古希腊,大多数的动词都是搭配好的(declined 或 conjugated),所以它们的标准结尾是一种自足机制。在他们的书写体系中空格也是可有可无的 —— 引入空格是更近代的发明。 + +所以在计算机语言上也要如此,有的值也可以自足编码。在 Perl 上我们重度依赖这种方法,而且在 Perl 6 上相较于前几代这种依赖更重。当你使用表达式时,你要么得到的是一个词,要么得到的是插值(infix)操作符。当你想要得到一个词,你有可能得到的是一个前缀操作符,它也在相同的位置;同样当你想要得到一个插值操作符,你也可能得到的是前一个词的后缀。 + +但是反过来。如果编译器准确的知道它想要什么,你可以稍微重载(overload)它们,其它的让 Perl 来完成。所以在斜线“/”后面是单词时它会当成正则表达式,而斜线“/”在字串中时视作除法。而我们并不会重载所有东西,因为那只会使你失去自足冗余。 + +多数情况下我们提示的比较好的语法错误消息,是出于发现了一行中出现了两个关键词,然后我们尝试找出为什么一行会出现两个关键字 —— “哦,你一定漏掉了上一行的分号”,所以我们相较于很多其他的按步照班的解析器可以生成更好的错误消息。 + +![](http://www.linuxvoice.com/wp-content/uploads/2015/07/wall3.jpg) + +**LV:为什么 Perl 6 花了15年?当每个人对事物有不同看法时一定十分难于管理,而且正确和错误并不是绝对的。** + +LW:这必须要非常小心地平衡。刚开始会有许多的好的想法 —— 好吧,我并不是说那些全是好的想法。也有很多令人烦恼的地方,就像有361条 RFC [功能建议文件],而我也许只想要20条。我们需要坐下来,将它们全部看完,并忽略其中的解决方案,因为它们通常流于表象、视野狭隘。几乎每一条只针对一样事物,如若我们将它们全部拼凑起来,那简直是一堆垃圾。 + +> “掌握平衡时需要格外小心。毕竟在刚开始的时候总会有许多的好主意。” + +所以我们必须基于人们在使用 Perl 5 时的真实感受重新整理,寻找统一、深层的解决方案。这些 RFC 文档许多都提到了一个事实,就是类型系统的不足。通过引入更条理分明的类型系统,我们可以解决很多问题并且即聪明又紧凑。 + +同时我们开始关注其他方面:如何统一特征集并开始重用不同领域的想法,这并不需要它们在下层相同。我们有一种标准的书写配对(pair)的方式——好吧,在 Perl 里面有两种!但使用冒号书写配对的方法同样可以用于基数计数法或是任何进制的文本编号。同样也可以用于其他形式的引用(quoting)。在 Perl 里我们称它为“奇妙的一致”。 + +> “做了 Perl 6 的早期实现的朋友们,握着我的手说:“我们真的很需要一位语言的设计者。”” + +同样的想法涌现出来,你说“我已经熟悉了语法如何运作,但是我看见它也被用在别处”,所以说视角相同才能找出这种一致。那些提出各种想法和做了 Perl 6 的早期实现的人们回来看我,握着我的手说:“我们真的需要一位语言的设计者。您能作为我们的[仁慈独裁者][4](benevolent dictator)吗?”(LCTT 译注:Benevolent Dictator For Life,或 BDFL,指开源领袖,通常指对社区争议拥有最终裁决权的领袖,典故来自 Python 创始人 Guido van Rossum, 具体参考维基条目[解释][4]) + +所以我是语言的设计者,但总是听到:“不要管具体实现(implementation)!我们目睹了你对 Perl 5 做的那些,我们不想历史重演!”真是让我忍俊不禁,因为他们作为起步的核心和原先 Perl 5 的内部结构上几乎别无二致,也许这就是为什么一些早期的实现做的并不好的原因。 + +因为我们仍然在摸索我们的整个设计,其实现在做了许多 VM (虚拟机)该做什么和不该做什么的假设,所以最终这个东西就像面向对象的汇编语言一样。类似的问题在伊始阶段无处不在。然后 Pugs 这家伙走过来说:“用用看 Haskell 吧,它能让你们清醒的认识自己正在干什么,让我们用它来弄清楚下层的语义模型(semantic model)。” + +因此,我们明确了其中的一些语义模型,但更重要的是,我们开始建立符合那些语义模型的测试套件。在这之后,Parrot VM 继续进行开发,并且出现了另一个实现 Niecza ,它基于 .Net,是由一个年轻的家伙搞出来的。他很聪明,实现了 Perl 6 的一个很大的子集。不过他还是一个人干,并没有找到什么好方法让别人介入他的项目。 + +同时 Parrot 项目变得过于庞大,以至于任何人都不能真正的深入掌控它,并且很难重构。同时,开发 Rakudo 的人们觉得我们可能需要在更多平台上运行它,而不只是在 Parrot VM 上。 于是他们发明了所谓的可移植层 NQP ,即 “Not Quite Perl”。他们一开始将它移植到 JVM(Java虚拟机)上运行,与此同时,他们还秘密的开发了一个叫做 MoarVM 的 VM ,它去年才刚刚为人知晓。 + +无论 MoarVM 还是 JVM 在回归测试(regression test)中表现得十分接近 —— 在许多方面 Parrot 算是尾随其后。这样不挑剔 VM 真的很棒,我们也能开始考虑将 NQP 发扬光大。谷歌夏季编码大赛(Google Summer of Code project)的目标就是针对 JavaScript 的 NQP,这应该靠谱,因为 MoarVM 也同样使用 Node.js 作为日常处理。 + +我们可能要将今年余下的时光投在 MoarVM 上,直到 6.0 发布,方可休息片刻。 + +**LV:去年英国,政府开展编程年活动(Year of Code),来激发年轻人对编程的兴趣。针对活动的建议五花八门——类似为了让人们准确的认识到内存的使用你是否应该从低阶语言开始讲授,或是一门高阶语言。你对此作何看法?** + +LW:到现在为止,Python 社区在低阶方面的教学工作做得比我们要好。我们也很想在这一方面做点什么,这也是我们有蝴蝶 logo 的部分原因,以此来吸引七岁大小的女孩子! + +![Perl 6 : Camelia](https://upload.wikimedia.org/wikipedia/commons/thumb/8/85/Camelia.svg/640px-Camelia.svg.png) + +> “到现在为止,Python 社区在低阶方面的教学工作做得比我们要好。” + +我们认为将 Perl 6 作为第一门语言来学习是可行的。一大堆的将 Perl 5 作为第一门语言学习的人让我们吃惊。你知道,在 Perl 5 中有许多相当大的概念,如闭包,词法范围,和一些你通常在函数式编程中见到的特性。甚至在 Perl 6 中更是如此。 + +Perl 6 花了这么长时间的部分原因是我们尝试去坚持将近 50 种互不相同的原则,在设计语言的最后对于“哪点是最重要的规则”这个问题还是悬而未决。有太多的问题需要讨论。有时我们做出了决定,并已经工作了一段时间,才发现这个决定并不很正确。 + +之前我们并未针对并发程序设计或指定很多东西,直到 Jonathan Worthington 的出现,他非常巧妙的权衡了各个方面。他结合了一些其他语言诸如 Go 和 C# 的想法,将并发原语写的非常好。可组合性(Composability)是一个语言至关重要的一部分。 + +有很多的程序设计系统的并发和并行写的并不好 —— 比如线程和锁,不良的操作方式有很多。所以在我看来,额外花点时间看一下 Go 或者 C# 这种高阶原语的开发是很值得的 —— 那是一种关键字上的矛盾 —— 写的相当棒。 + +-------------------------------------------------------------------------------- + +via: http://www.linuxvoice.com/interview-larry-wall/ + +作者:[Mike Saunders][a] +译者:[martin2011qi](https://github.com/martin2011qi) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.linuxvoice.com/author/mike/ +[1]:https://en.wikipedia.org/wiki/Perl#State_of_the_Onion +[2]:http://tinyurl.com/nhpr8g2 +[3]:http://en.wikipedia.org/wiki/Self-clocking_signal +[4]:https://en.wikipedia.org/wiki/Benevolent_dictator_for_life \ No newline at end of file diff --git a/published/201510/20150821 Linux 4.3 Kernel To Add The MOST Driver Subsystem.md b/published/201510/20150821 Linux 4.3 Kernel To Add The MOST Driver Subsystem.md new file mode 100644 index 0000000000..40f63a4c8d --- /dev/null +++ b/published/201510/20150821 Linux 4.3 Kernel To Add The MOST Driver Subsystem.md @@ -0,0 +1,28 @@ +Linux 4.3 内核增加了 MOST 驱动子系统 +================================================================================ +当 4.2 内核还没有正式发布的时候,Greg Kroah-Hartman 就为他维护的各种子系统模块打开了4.3 的合并窗口。 + +之前 Greg KH 发起的拉取请求(pull request)里包含了 linux 4.3 的合并窗口更新,内容涉及驱动核心、TTY/串口、USB 驱动、字符/杂项以及暂存区内容。这些拉取申请没有提供任何震撼性的改变,大部分都是改进/附加/修改bug。暂存区内容又是大量的修正和清理,但是还是有一个新的驱动子系统。 + +Greg 提到了[4.3 的暂存区改变][2],“这里的很多东西,几乎全部都是细小的修改和改变。通常的 IIO 更新和新驱动,以及我们已经添加了的 MOST 驱动子系统,已经在源码树里整理了。ozwpan 驱动最终还是被删掉,因为它很明显被废弃了而且也没有人关心它。” + +MOST 驱动子系统是面向媒体的系统传输(Media Oriented Systems Transport)的简称。在 linux 4.3 新增的文档里面解释道,“MOST 驱动支持 LInux 应用程序访问 MOST 网络:汽车信息骨干网(Automotive Information Backbone),高速汽车多媒体网络的事实上的标准。MOST 定义了必要的协议、硬件和软件层,提供高效且低消耗的传输控制,实时的数据包传输,而只需要使用一个媒介(物理层)。目前使用的媒介是光线、非屏蔽双绞线(UTP)和同轴电缆。MOST 也支持多种传输速度,最高支持150Mbps。”如文档解释的,MOST 主要是关于 Linux 在汽车上的应用。 + +当 Greg KH 发出了他为 Linux 4.3 多个子系统做出的更新,但是他还没有打算提交 [KDBUS][5] 的内核代码。他之前已经放出了 [linux 4.3 的 KDBUS] 的开发计划,所以我们将需要等待官方的4.3 合并窗口,看看会发生什么。 + +-------------------------------------------------------------------------------- + +via: http://www.phoronix.com/scan.php?page=news_item&px=Linux-4.3-Staging-Pull + +作者:[Michael Larabel][a] +译者:[oska874](https://github.com/oska874) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.michaellarabel.com/ +[1]:http://www.phoronix.com/scan.php?page=search&q=Linux+4.2 +[2]:http://lkml.iu.edu/hypermail/linux/kernel/1508.2/02604.html +[3]:http://www.phoronix.com/scan.php?page=news_item&px=KDBUS-Not-In-Linux-4.2 +[4]:http://www.phoronix.com/scan.php?page=news_item&px=Linux-4.2-rc7-Released +[5]:http://www.phoronix.com/scan.php?page=search&q=KDBUS diff --git a/published/20150906 Installing NGINX and NGINX Plus With Ansible.md b/published/201510/20150906 Installing NGINX and NGINX Plus With Ansible.md similarity index 100% rename from published/20150906 Installing NGINX and NGINX Plus With Ansible.md rename to published/201510/20150906 Installing NGINX and NGINX Plus With Ansible.md diff --git a/published/201510/20150908 How to Run ISO Files Directly From the HDD with GRUB2.md b/published/201510/20150908 How to Run ISO Files Directly From the HDD with GRUB2.md new file mode 100644 index 0000000000..ae5ea004d4 --- /dev/null +++ b/published/201510/20150908 How to Run ISO Files Directly From the HDD with GRUB2.md @@ -0,0 +1,92 @@ +如何使用 GRUB 2 直接从硬盘运行 ISO 文件 +================================================================================ +![](https://www.maketecheasier.com/assets/uploads/2015/07/rundirectiso-featured.png) + +大多数 Linux 发行版都会提供一个可以从 USB 启动的 live 环境,以便用户无需安装即可测试系统。我们可以用它来评测这个发行版或仅仅是当成一个一次性系统,并且很容易将这些文件复制到一个 U 盘上,在某些情况下,我们可能需要经常运行同一个或不同的 ISO 镜像。GRUB 2 可以配置成直接从启动菜单运行一个 live 环境,而不需要烧录这些 ISO 到硬盘或 USB 设备。 + +### 获取和检查可启动的 ISO 镜像 ### + +为了获取 ISO 镜像,我们通常应该访问所需的发行版的网站下载与我们架构兼容的镜像文件。如果这个镜像可以从 U 盘启动,那它也应该可以从 GRUB 菜单启动。 + +当镜像下载完后,我们应该通过 MD5 校验检查它的完整性。这会输出一大串数字与字母合成的序列。 + +![](https://www.maketecheasier.com/assets/uploads/2015/07/rundirectiso-md5.png) + +将这个序列与下载页提供的 MD5 校验码进行比较,两者应该完全相同。 + +### 配置 GRUB 2 ### + +ISO 镜像文件包含了整个系统。我们要做的仅仅是告诉 GRUB 2 哪里可以找到 kernel 和 initramdisk 或 initram 文件系统(这取决于我们所使用的发行版)。 + +在下面的例子中,一个 Kubuntu 15.04 live 环境将被配置到 Ubuntu 14.04 机器的 Grub 启动菜单项。这应该能在大多数新的以 Ubuntu 为基础的系统上运行。如果你是其它系统并且想实现一些其它的东西,你可以从[这些文件][1]了解更多细节,但这会要求你拥有一点 GRUB 使用经验。 + +这个例子的文件 `kubuntu-15.04-desktop-amd64.iso` 放在位于 `/dev/sda1` 的 `/home/maketecheasier/TempISOs/` 上。 + +为了使 GRUB 2 能正确找到它,我们应该编辑 + + /etc/grub.d40-custom + +![](https://www.maketecheasier.com/assets/uploads/2015/07/rundirectiso-40-custom-empty.png) + + menuentry "Kubuntu 15.04 ISO" { + set isofile="/home/maketecheasier/TempISOs/kubuntu-15.04-desktop-amd64.iso" + loopback loop (hd0,1)$isofile + echo "Starting $isofile..." + linux (loop)/casper/vmlinuz.efi boot=casper iso-scan/filename=${isofile} quiet splash + initrd (loop)/casper/initrd.lz + } + +![](https://www.maketecheasier.com/assets/uploads/2015/07/rundirectiso-40-custom-new.png) + +### 分析上述代码 ### + +首先设置了一个变量名 `$menuentry` ,这是 ISO 文件的所在位置 。如果你想换一个 ISO ,你应该修改 `isofile="/path/to/file/name-of-iso-file-.iso"`. + +下一行是指定回环设备,且必须给出正确的分区号码。 + + loopback loop (hd0,1)$isofile + +注意 hd0,1 这里非常重要,它的意思是第一硬盘,第一分区 (`/dev/sda1`)。 + +GRUB 的命名在这里稍微有点困惑,对于硬盘来说,它从 “0” 开始计数,第一块硬盘为 #0 ,第二块为 #1 ,第三块为 #2 ,依此类推。但是对于分区来说,它从 “1” 开始计数,第一个分区为 #1 ,第二个分区为 #2 ,依此类推。也许这里有一个很好的原因,但肯定不是明智的(明显用户体验很糟糕).. + +在 Linux 中第一块硬盘,第一个分区是 `/dev/sda1` ,但在 GRUB2 中则是 `hd0,1` 。第二块硬盘,第三个分区则是 `hd1,3`, 依此类推. + +下一个重要的行是: + + linux (loop)/casper/vmlinuz.efi boot=casper iso-scan/filename=${isofile} quiet splash + +这会载入内核镜像,在新的 Ubuntu Live CD 中,内核被存放在 `/casper` 目录,并且命名为 `vmlinuz.efi` 。如果你使用的是其它系统,可能会没有 `.efi` 扩展名或内核被存放在其它地方 (可以使用归档管理器打开 ISO 文件在 `/casper` 中查找确认)。最后一个选项, `quiet splash` ,是一个常规的 GRUB 选项,改不改无所谓。 + +最后 + + initrd (loop)/casper/initrd.lz + +这会载入 `initrd` ,它负责载入 RAMDisk 到内存用于启动。 + +### 启动 live 系统 ### + +做完上面所有的步骤后,需要更新 GRUB2: + + sudo update-grub + +![](https://www.maketecheasier.com/assets/uploads/2015/07/rundirectiso-updare-grub.png) + +当重启系统后,应该可以看见一个新的、并且允许我们启动刚刚配置的 ISO 镜像的 GRUB 条目: + +![](https://www.maketecheasier.com/assets/uploads/2015/07/rundirectiso-grub-menu.png) + +选择这个新条目就允许我们像从 DVD 或 U 盘中启动一个 live 环境一样。 + +-------------------------------------------------------------------------------- + +via: https://www.maketecheasier.com/run-iso-files-hdd-grub2/ + +作者:[Attila Orosz][a] +译者:[Locez](https://github.com/locez) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.maketecheasier.com/author/attilaorosz/ +[1]:http://git.marmotte.net/git/glim/tree/grub2 \ No newline at end of file diff --git a/published/20150911 5 Useful Commands to Manage File Types and System Time in Linu--Part 3.md b/published/201510/20150911 5 Useful Commands to Manage File Types and System Time in Linu--Part 3.md similarity index 100% rename from published/20150911 5 Useful Commands to Manage File Types and System Time in Linu--Part 3.md rename to published/201510/20150911 5 Useful Commands to Manage File Types and System Time in Linu--Part 3.md diff --git a/published/20150914 How to Setup Node JS v4.0.0 on Ubuntu 14.04 or 15.04.md b/published/201510/20150914 How to Setup Node JS v4.0.0 on Ubuntu 14.04 or 15.04.md similarity index 100% rename from published/20150914 How to Setup Node JS v4.0.0 on Ubuntu 14.04 or 15.04.md rename to published/201510/20150914 How to Setup Node JS v4.0.0 on Ubuntu 14.04 or 15.04.md diff --git a/published/201510/20150914 Linux FAQs with Answers--How to check weather forecasts from the command line on Linux.md b/published/201510/20150914 Linux FAQs with Answers--How to check weather forecasts from the command line on Linux.md new file mode 100644 index 0000000000..dae869445b --- /dev/null +++ b/published/201510/20150914 Linux FAQs with Answers--How to check weather forecasts from the command line on Linux.md @@ -0,0 +1,72 @@ +Linux 有问必答:如何在 Linux 命令行下浏览天气预报 +================================================================================ +> **Q**: 我经常在 Linux 桌面查看天气预报。然而,是否有一种在终端环境下,不通过桌面小插件或者浏览器查询天气预报的方法? + +对于 Linux 桌面用户来说,有很多办法获取天气预报,比如使用专门的天气应用、桌面小插件,或者面板小程序。但是如果你的工作环境是基于终端的,这里也有一些在命令行下获取天气的手段。 + +其中有一个就是 [wego][1],**一个终端下的小巧程序**。使用基于 ncurses 的接口,这个命令行程序允许你查看当前的天气情况和之后的预报。它也会通过一个天气预报的 API 收集接下来 5 天的天气预报。 + +### 在 Linux 下安装 wego ### + +安装 wego 相当简单。wego 是用 Go 编写的,引起第一个步骤就是安装 [Go 语言][2]。然后再安装 wego。 + + $ go get github.com/schachmat/wego + +wego 会被安装到 $GOPATH/bin,所以要将 $GOPATH/bin 添加到 $PATH 环境变量。 + + $ echo 'export PATH="$PATH:$GOPATH/bin"' >> ~/.bashrc + $ source ~/.bashrc + +现在就可与直接从命令行启动 wego 了。 + + $ wego + +第一次运行 weg 会生成一个配置文件(`~/.wegorc`),你需要指定一个天气 API key。 +你可以从 [worldweatheronline.com][3] 获取一个免费的 API key。免费注册和使用。你只需要提供一个有效的邮箱地址。 + +![](https://farm6.staticflickr.com/5781/21317466341_5a368b0d26_c.jpg) + +你的 .wegorc 配置文件看起来会这样: + +![](https://farm6.staticflickr.com/5620/21121418558_df0d27cd0a_b.jpg) + +除了 API key,你还可以把你想要查询天气的地方、使用的城市/国家名称、语言配置在 `~/.wegorc` 中。 +注意,这个天气 API 的使用有限制:每秒最多 5 次查询,每天最多 250 次查询。 +当你重新执行 wego 命令,你将会看到最新的天气预报(当然是你的指定地方),如下显示。 + +![](https://farm6.staticflickr.com/5776/21121218110_dd51e03ff4_c.jpg) + +显示出来的天气信息包括:(1)温度,(2)风速和风向,(3)可视距离,(4)降水量和降水概率 +默认情况下会显示3 天的天气预报。如果要进行修改,可以通过参数改变天气范围(最多5天),比如要查看 5 天的天气预报: + + $ wego 5 + +如果你想检查另一个地方的天气,只需要提供城市名即可: + + $ wego Seattle + +### 问题解决 ### + +1. 可能会遇到下面的错误: + + user: Current not implemented on linux/amd64 + + 当你在一个不支持原生 Go 编译器的环境下运行 wego 时就会出现这个错误。在这种情况下你只需要使用 gccgo ——一个 Go 的编译器前端来编译程序即可。这一步可以通过下面的命令完成。 + + $ sudo yum install gcc-go + $ go get -compiler=gccgo github.com/schachmat/wego + +-------------------------------------------------------------------------------- + +via: http://ask.xmodulo.com/weather-forecasts-command-line-linux.html + +作者:[Dan Nanni][a] +译者:[oska874](https://github.com/oska874) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://ask.xmodulo.com/author/nanni +[1]:https://github.com/schachmat/wego +[2]:http://ask.xmodulo.com/install-go-language-linux.html +[3]:https://developer.worldweatheronline.com/auth/register diff --git a/translated/tech/20150917 TERMINATOR 0.98 INSTALL IN UBUNTU AND LINUX MINT.md b/published/201510/20150917 TERMINATOR 0.98 INSTALL IN UBUNTU AND LINUX MINT.md similarity index 66% rename from translated/tech/20150917 TERMINATOR 0.98 INSTALL IN UBUNTU AND LINUX MINT.md rename to published/201510/20150917 TERMINATOR 0.98 INSTALL IN UBUNTU AND LINUX MINT.md index d571566c62..983f68a687 100644 --- a/translated/tech/20150917 TERMINATOR 0.98 INSTALL IN UBUNTU AND LINUX MINT.md +++ b/published/201510/20150917 TERMINATOR 0.98 INSTALL IN UBUNTU AND LINUX MINT.md @@ -1,27 +1,28 @@ 在 Ubuntu 和 Linux Mint 上安装 Terminator 0.98 ================================================================================ -[Terminator][1],在一个窗口中有多个终端。该项目的目标之一是为管理终端提供一个有用的工具。它的灵感来自于类似 gnome-multi-term,quankonsole 等程序,这些程序关注于在窗格中管理终端。 Terminator 0.98 带来了更完美的标签功能,更好的布局保存/恢复,改进了偏好用户界面和多出 bug 修复。 +[Terminator][1],它可以在一个窗口内打开多个终端。该项目的目标之一是为摆放终端提供一个有用的工具。它的灵感来自于类似 gnome-multi-term,quankonsole 等程序,这些程序关注于按网格摆放终端。 Terminator 0.98 带来了更完美的标签功能,更好的布局保存/恢复,改进了偏好用户界面和多处 bug 修复。 ![](http://www.ewikitech.com/wp-content/uploads/2015/09/Screenshot-from-2015-09-17-094828.png) ###TERMINATOR 0.98 的更改和新特性 + - 添加了一个布局启动器,允许在不用布局之间简单切换(用 Alt + L 打开一个新的布局切换器); - 添加了一个新的手册(使用 F1 打开); - 保存的时候,布局现在会记住: - - * 最大化和全屏状态 - - * 窗口标题 - - * 激活的标签 - - * 激活的终端 - - * 每个终端的工作目录 -- 添加选项用于启用/停用非同质标签和滚动箭头; + - 最大化和全屏状态 + - 窗口标题 + - 激活的标签 + - 激活的终端 + - 每个终端的工作目录 +- 添加选项用于启用/停用非同类(non-homogenous)标签和滚动箭头; - 添加快捷键用于按行/半页/一页向上/下滚动; -- 添加使用 Ctrl+鼠标滚轮放大/缩小,Shift+鼠标滚轮向上/下滚动页面; -- 为下一个/上一个 profile 添加快捷键 +- 添加使用 Ctrl+鼠标滚轮来放大/缩小,Shift+鼠标滚轮向上/下滚动页面; +- 为下一个/上一个配置文件(profile)添加快捷键 - 改进自定义命令菜单的一致性 - 新增快捷方式/代码来切换所有/标签分组; - 改进监视插件 - 增加搜索栏切换; -- 清理和重新组织窗口偏好,包括一个完整的全局便签更新 +- 清理和重新组织偏好(preferences)窗口,包括一个完整的全局便签更新 - 添加选项用于设置 ActivityWatcher 插件静默时间 - 其它一些改进和 bug 修复 - [点击此处查看完整更新日志][2] @@ -37,10 +38,6 @@ Terminator 0.98 有可用的 PPA,首先我们需要在 Ubuntu/Linux Mint 上 如果你想要移除 Terminator,只需要在终端中运行下面的命令(可选) $ sudo apt-get remove terminator - - - - -------------------------------------------------------------------------------- @@ -48,7 +45,7 @@ via: http://www.ewikitech.com/articles/linux/terminator-install-ubuntu-linux-min 作者:[admin][a] 译者:[ictlyh](http://mutouxiaogui.cn/blog) -校对:[校对者ID](https://github.com/校对者ID) +校对:[wxy](https://github.com/wxy) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出 diff --git a/published/20150918 How To Add And Remove Bookmarks In Ubuntu Beginner Tip.md b/published/201510/20150918 How To Add And Remove Bookmarks In Ubuntu Beginner Tip.md similarity index 100% rename from published/20150918 How To Add And Remove Bookmarks In Ubuntu Beginner Tip.md rename to published/201510/20150918 How To Add And Remove Bookmarks In Ubuntu Beginner Tip.md diff --git a/translated/tech/20150918 Install Justniffer In Ubuntu 15.04.md b/published/201510/20150918 Install Justniffer In Ubuntu 15.04.md similarity index 60% rename from translated/tech/20150918 Install Justniffer In Ubuntu 15.04.md rename to published/201510/20150918 Install Justniffer In Ubuntu 15.04.md index 1d711ea08b..2aec58c91d 100644 --- a/translated/tech/20150918 Install Justniffer In Ubuntu 15.04.md +++ b/published/201510/20150918 Install Justniffer In Ubuntu 15.04.md @@ -1,28 +1,29 @@ 在 Ubuntu 15.04 上安装 Justniffer ================================================================================ ### 简介 ### +![](http://1426826955.rsc.cdn77.org/wp-content/uploads/2015/09/monitoring1.jpg) -[Justniffer][1] 是一个可用于替换 Snort 的网络协议分析器。它非常流行,可交互式地跟踪/探测一个网络连接。它能从实时环境中抓取流量,支持 “lipcap” 和 “tcpdump” 文件格式。它可以帮助用户分析一个用 wireshark 难以抓包的复杂网络。尤其是它可以有效的帮助分析应用层流量,能提取类似图像、脚本、HTML 等 http 内容。Justniffer 有助于理解不同组件之间是如何通信的。 +[Justniffer][1] 是一个可用于替代 Snort 的网络协议分析器。它非常流行,可交互式地跟踪/探测一个网络连接。它能从实时环境中抓取流量,支持 “lipcap” 和 “tcpdump” 文件格式。它可以帮助用户分析一个用 wireshark 难以抓包的复杂网络。尤其是它可以有效的帮助你分析应用层流量,能提取类似图像、脚本、HTML 等 http 内容。Justniffer 有助于理解不同组件之间是如何通信的。 ### 功能 ### -Justniffer 收集一个复杂网络的所有流量而不影响系统性能,这是 Justniffer 的一个优势,它还可以保存日志用于之后的分析,Justniffer 其它一些重要功能包括: +Justniffer 可以收集一个复杂网络的所有流量而不影响系统性能,这是 Justniffer 的一个优势,它还可以保存日志用于之后的分析,Justniffer 其它一些重要功能包括: -#### 1. 可靠的 TCP 流重建 #### +1. 可靠的 TCP 流重建 -它可以使用主机 Linux 内核的一部分用于记录并重现 TCP 片段和 IP 片段。 + 它可以使用主机 Linux 内核的一部分用于记录并重现 TCP 片段和 IP 片段。 -#### 2. 日志 #### +2. 日志 -保存日志用于之后的分析,并能自定义保存内容和时间。 + 保存日志用于之后的分析,并能自定义保存内容和时间。 -#### 3. 可扩展 #### +3. 可扩展 -可以通过外部 python、 perl 和 bash 脚本扩展来从分析报告中获取一些额外的结果。 + 可以通过外部的 python、 perl 和 bash 脚本扩展来从分析报告中获取一些额外的结果。 -#### 4. 性能管理 #### +4. 性能管理 -基于连接时间、关闭时间、响应时间或请求时间等提取信息。 + 基于连接时间、关闭时间、响应时间或请求时间等提取信息。 ### 安装 ### @@ -44,41 +45,41 @@ make 的时候失败了,然后我运行下面的命令并尝试重新安装服 $ sudo apt-get -f install -### 事例 ### +### 示例 ### 首先用 -v 选项验证安装的 Justniffer 版本,你需要用超级用户权限来使用这个工具。 $ sudo justniffer -V -事例输出: +示例输出: ![j](http://www.unixmen.com/wp-content/uploads/2015/09/j.png) -**1. 为 eth1 接口导出 apache 中的流量到终端** +**1、 以类似 apache 的格式导出 eth1 接口流量,显示到终端** $ sudo justniffer -i eth1 -事例输出: +示例输出: ![Selection_001](http://www.unixmen.com/wp-content/uploads/2015/09/Selection_0013.png) -**2. 可以永恒下面的选项跟踪正在运行的 tcp 流** +**2、 可以用下面的选项跟踪正在运行的 tcp 流** $ sudo justniffer -i eth1 -r -事例输出: +示例输出: ![Selection_002](http://www.unixmen.com/wp-content/uploads/2015/09/Selection_0023.png) -**3. 获取 web 服务器的响应时间** +**3、 获取 web 服务器的响应时长** $ sudo justniffer -i eth1 -a " %response.time" -事例输出: +示例输出: ![Selection_003](http://www.unixmen.com/wp-content/uploads/2015/09/Selection_0033.png) -**4. 使用 Justniffer 读取一个 tcpdump 抓取的文件** +**4、 使用 Justniffer 读取一个 tcpdump 抓取的文件** 首先,用 tcpdump 抓取流量。 @@ -88,33 +89,33 @@ make 的时候失败了,然后我运行下面的命令并尝试重新安装服 $ justniffer -f file.cap -事例输出: +示例输出: ![Selection_005](http://www.unixmen.com/wp-content/uploads/2015/09/Selection_0056.png) -**5. 只抓取 http 数据** +**5、 只抓取 http 数据** $ sudo justniffer -i eth1 -r -p "port 80 or port 8080" -事例输出: +示例输出: ![Selection_006](http://www.unixmen.com/wp-content/uploads/2015/09/Selection_0064.png) -**6. 从一个指定主机获取 http 数据** +**6、 获取一个指定主机 http 数据** $ justniffer -i eth1 -r -p "host 192.168.1.250 and tcp port 80" -事例输出: +示例输出: ![Selection_007](http://www.unixmen.com/wp-content/uploads/2015/09/Selection_0074.png) -**7. 以更精确的格式抓取数据** +**7、 以更精确的格式抓取数据** 当你输入 **justniffer -h** 的时候你可以看到很多用于以更精确的方式获取数据的格式关键字 $ justniffer -h -事例输出: +示例输出: ![Selection_008](http://www.unixmen.com/wp-content/uploads/2015/09/Selection_0083.png) @@ -122,15 +123,15 @@ make 的时候失败了,然后我运行下面的命令并尝试重新安装服 $ justniffer -i eth1 -l "%request.timestamp %request.header.host %request.url %response.time" -事例输出: +示例输出: ![Selection_009](http://www.unixmen.com/wp-content/uploads/2015/09/Selection_0094.png) -其中还有很多你可以探索的选项 +其中还有很多你可以探索的选项。 ### 总结 ### -Justniffer 是用于网络测试一个很好的工具。在我看来对于那些用 Snort 来进行网络探测的用户来说,Justniffer 是一个更简单的工具。它提供了很多 **格式关键字** 用于按照你的需要精确地提取数据。你可以用 .cap 文件格式记录网络信息,之后用于分析监视网络服务性能。 +Justniffer 是一个很好的用于网络测试的工具。在我看来对于那些用 Snort 来进行网络探测的用户来说,Justniffer 是一个更简单的工具。它提供了很多 **格式关键字** 用于按照你的需要精确地提取数据。你可以用 .cap 文件格式记录网络信息,之后用于分析监视网络服务性能。 **参考资料:** @@ -142,7 +143,7 @@ via: http://www.unixmen.com/install-justniffer-ubuntu-15-04/ 作者:[Rajneesh Upadhyay][a] 译者:[ictlyh](http://mutouxiaogui.cn/blog) -校对:[校对者ID](https://github.com/校对者ID) +校对:[wxy](https://github.com/wxy) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 diff --git a/translated/tech/20150921 How to Setup IonCube Loaders on Ubuntu 14.04 or 15.04.md b/published/201510/20150921 How to Setup IonCube Loaders on Ubuntu 14.04 or 15.04.md similarity index 70% rename from translated/tech/20150921 How to Setup IonCube Loaders on Ubuntu 14.04 or 15.04.md rename to published/201510/20150921 How to Setup IonCube Loaders on Ubuntu 14.04 or 15.04.md index 57652e7e44..365729905c 100644 --- a/translated/tech/20150921 How to Setup IonCube Loaders on Ubuntu 14.04 or 15.04.md +++ b/published/201510/20150921 How to Setup IonCube Loaders on Ubuntu 14.04 or 15.04.md @@ -1,10 +1,10 @@ 如何在Ubuntu 14.04 / 15.04中设置IonCube Loaders ================================================================================ -IonCube Loaders是PHP中用于辅助加速页面的加解密工具。它保护你的PHP代码不会被在未授权的计算机上查看。使用ionCube编码并加密PHP需要一个叫ionCube Loader的文件安装在web服务器上并提供给需要大量访问的PHP用。它在运行时处理并执行编码。PHP只需在‘php.ini’中添加一行就可以使用这个loader。 +IonCube Loaders是一个PHP中用于加解密的工具,并带有加速页面运行的功能。它也可以保护你的PHP代码不会查看和运行在未授权的计算机上。要使用ionCube编码、加密的PHP文件,需要在web服务器上安装一个叫ionCube Loader的文件,并需要让 PHP 可以访问到,很多 PHP 应用都在用它。它可以在运行时读取并执行编码过后的代码。PHP只需在‘php.ini’中添加一行就可以使用这个loader。 ### 前提条件 ### -在这篇文章中,我们将在Ubuntu14.04/15.04安装Ioncube Loader ,以便它可以在所有PHP模式中使用。本教程的唯一要求就是你系统安装了LEMP,并有“的php.ini”文件。 +在这篇文章中,我们将在Ubuntu14.04/15.04安装Ioncube Loader ,以便它可以在所有PHP模式中使用。本教程的唯一要求就是你系统安装了LEMP,并有“php.ini”文件。 ### 下载 IonCube Loader ### @@ -14,15 +14,15 @@ IonCube Loaders是PHP中用于辅助加速页面的加解密工具。它保护 ![download ioncube](http://blog.linoxide.com/wp-content/uploads/2015/09/download1.png) -下载完成后用下面的命令解压到"/usr/local/src/"。 +下载完成后用下面的命令解压到“/usr/local/src/"。 # tar -zxvf ioncube_loaders_lin_x86-64.tar.gz -C /usr/local/src/ ![extracting archive](http://blog.linoxide.com/wp-content/uploads/2015/09/2-extract.png) -解压完成后我们就可以看到所有的存在的模块。但是我们只需要我们安装的PHP版本的相关模块。 +解压完成后我们就可以看到所有提供的模块。但是我们只需要我们所安装的PHP版本的对应模块。 -要检查PHP版本,你可以运行下面的命令来找出相关的模块。 +要检查PHP版本,你可以运行下面的命令来找出相应的模块。 # php -v @@ -30,14 +30,14 @@ IonCube Loaders是PHP中用于辅助加速页面的加解密工具。它保护 根据上面的命令我们知道我们安装的是PHP 5.6.4,因此我们需要拷贝合适的模块到PHP模块目录下。 -首先我们在“/usr/local/”创建一个叫“ioncube”的目录并复制需要的ioncube loader到这里。 +首先我们在“/usr/local/”创建一个叫“ioncube”的目录并复制所需的ioncube loader到这里。 root@ubuntu-15:/usr/local/src/ioncube# mkdir /usr/local/ioncube root@ubuntu-15:/usr/local/src/ioncube# cp ioncube_loader_lin_5.6.so ioncube_loader_lin_5.6_ts.so /usr/local/ioncube/ ### PHP 配置 ### -我们要在位于"/etc/php5/cli/"文件夹下的"php.ini"中加入下面的配置行并重启web服务和php模块。 +我们要在位于"/etc/php5/cli/"文件夹下的"php.ini"中加入如下的配置行并重启web服务和php模块。 # vim /etc/php5/cli/php.ini @@ -54,7 +54,6 @@ IonCube Loaders是PHP中用于辅助加速页面的加解密工具。它保护 要为我们的网站测试ioncube loader。用下面的内容创建一个"info.php"文件并放在网站的web目录下。 - # vim /usr/share/nginx/html/info.php 加入phpinfo的脚本后重启web服务后用域名或者ip地址访问“info.php”。 @@ -63,7 +62,6 @@ IonCube Loaders是PHP中用于辅助加速页面的加解密工具。它保护 ![php info](http://blog.linoxide.com/wp-content/uploads/2015/09/php-info.png) -From the terminal issue the following command to verify the php version that shows the ionCube PHP Loader is Enabled. 在终端中运行下面的命令来验证php版本并显示PHP Loader已经启用了。 # php -v @@ -74,7 +72,7 @@ From the terminal issue the following command to verify the php version that sho ### 总结 ### -教程的最后你已经了解了在安装有nginx的Ubuntu中安装和配置ionCube Loader,如果你正在使用其他的web服务,这与其他服务没有明显的差别。因此做完这些安装Loader是很简单的,并且在大多数服务器上的安装都不会有问题。然而并没有一个所谓的“标准PHP安装”,服务可以通过许多方式安装,并启用或者禁用功能。 +教程的最后你已经了解了如何在安装有nginx的Ubuntu中安装和配置ionCube Loader,如果你正在使用其他的web服务,这与其他服务没有明显的差别。因此安装Loader是很简单的,并且在大多数服务器上的安装都不会有问题。然而并没有一个所谓的“标准PHP安装”,服务可以通过许多方式安装,并启用或者禁用功能。 如果你是在共享服务器上,那么确保运行了ioncube-loader-helper.php脚本,并点击链接来测试运行时安装。如果安装时你仍然遇到了问题,欢迎联系我们及给我们留下评论。 @@ -84,7 +82,7 @@ via: http://linoxide.com/ubuntu-how-to/setup-ioncube-loaders-ubuntu-14-04-15-04/ 作者:[Kashif Siddique][a] 译者:[geekpi](https://github.com/geekpi) -校对:[校对者ID](https://github.com/校对者ID) +校对:[wxy](https://github.com/wxy) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 diff --git a/published/20150921 Meet The New Ubuntu 15.10 Default Wallpaper.md b/published/201510/20150921 Meet The New Ubuntu 15.10 Default Wallpaper.md similarity index 100% rename from published/20150921 Meet The New Ubuntu 15.10 Default Wallpaper.md rename to published/201510/20150921 Meet The New Ubuntu 15.10 Default Wallpaper.md diff --git a/published/201510/20150921 Red Hat CEO Optimistic on OpenStack Revenue Opportunity.md b/published/201510/20150921 Red Hat CEO Optimistic on OpenStack Revenue Opportunity.md new file mode 100644 index 0000000000..f09b4a5473 --- /dev/null +++ b/published/201510/20150921 Red Hat CEO Optimistic on OpenStack Revenue Opportunity.md @@ -0,0 +1,41 @@ +红帽 CEO 对 OpenStack 收益表示乐观 +================================================================================ +得益于围绕 Linux 和云不断发展的平台与基础设施技术,红帽正在持续快速发展。红帽宣布在九月二十一日完成了 2016 财年第二季度的财务业绩,再次超过预期。 + +![](http://www.serverwatch.com/imagesvr_ce/1212/icon-redhatcloud-r.jpg) + +这一季度,红帽的收入为 5 亿 4 百万美元,和去年同比增长 13%。净收入为 5 千 1 百万美元,超过了 2015 财年第二季度的 4 千 7 百万美元。 + +展望未来,红帽为下一季度和全年提供了积极的目标。对于第三季度,红帽希望指导收益能在 5亿1千9百万美元和5亿2千3百万美元之间,和去年同期相比增长 15%。 + +对于 2016 财年,红帽的全年指导目标是 20亿4千4百万美元,和去年相比增长 14%。 + +红帽 CFO Frank Calderoni 在电话会议上指出,红帽最高的 30 个订单差不多甚至超过了 1 百万美元。其中有 4 个订单超过 5 百万美元,还有一个超过 1 千万美元。 + +从近几年的经验来看,红帽产品的交叉销售非常成功,全部订单中有超过 65% 的订单包括了一个或多个红帽应用和新兴技术产品组件。 + +Calderoni 说 “我们希望这些技术,例如中间件、RHEL OpenStack 平台、OpenShift、云管理和存储能持续推动收益增长。” + +### OpenStack ### + +在电话会议中,红帽 CEO Jim Whitehurst 多次问到 OpenStack 的预期收入。Whitehurst 说得益于安装程序的改进,最近发布的 Red Hat OpenStack Platform 7.0 向前垮了一大步。 + +Whitehurst 提到:“在识别硬件和使用方面它做的很好,当然,这也意味着在硬件识别并正确使用它们方便还有很多工作要做。” + +Whitehurst 说他已经开始注意到很多的生产应用程序开始迁移到 OpenStack 云上来。他也警告说在产业化方面迁移到 OpenStack 大部分只是尝鲜,还并没有成为主流。 + +对于竞争对手, Whitehurst 尤其提到了微软、惠普和 Mirantis。在他看来,很多组织仍然会使用多种操作系统,如果他们部分使用了微软产品,会更倾向于开源方案作为替代选项。Whitehurst 说在云方面他还没有看到太多和惠普面对面的竞争,但和 Mirantis 则确实如此。 + +Whitehurst 说 “我们也有几次胜利,客户从 Mirantis 转到了 RHEL。” + +-------------------------------------------------------------------------------- + +via: http://www.serverwatch.com/server-news/red-hat-ceo-optimistic-on-openstack-revenue-opportunity.html + +作者:[Sean Michael Kerner][a] +译者:[ictlyh](http://mutouxiaogui.cn/blog) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.serverwatch.com/author/Sean-Michael-Kerner-101580.htm \ No newline at end of file diff --git a/translated/tech/20150923 How To Upgrade From Oracle 11g To Oracle 12c.md b/published/201510/20150923 How To Upgrade From Oracle 11g To Oracle 12c.md similarity index 83% rename from translated/tech/20150923 How To Upgrade From Oracle 11g To Oracle 12c.md rename to published/201510/20150923 How To Upgrade From Oracle 11g To Oracle 12c.md index 921b5d958f..3d27b772d8 100644 --- a/translated/tech/20150923 How To Upgrade From Oracle 11g To Oracle 12c.md +++ b/published/201510/20150923 How To Upgrade From Oracle 11g To Oracle 12c.md @@ -1,12 +1,8 @@ 如何将 Oracle 11g 升级到 Orcale 12c ================================================================================ -大家好。 +大家好。今天我们来学习一下如何将 Oracle 11g 升级到 Oracle 12c。开始吧。 -今天我们来学习一下如何将 Oracle 11g 升级到 Oracle 12c。开始吧。 - -在此,我使用的是 CentOS 7 64 位 Linux 发行版。 - -我假设你已经在你的系统上安装了 Oracle 11g。这里我会展示一下安装 Oracle 11g 时我的操作步骤。 +在此,我使用的是 CentOS 7 64 位 Linux 发行版。我假设你已经在你的系统上安装了 Oracle 11g。这里我会展示一下安装 Oracle 11g 时我的操作步骤。 我在 Oracle 11g 上选择 “Create and configure a database”,如下图所示。 @@ -16,7 +12,7 @@ ![](http://www.unixmen.com/wp-content/uploads/2015/09/11g212cimage2.png) -然后你输入安装 Oracle 11g 的所有路径以及密码。下面是我自己的 Oracle 11g 安装配置。确保你正确输入了 Oracle 的密码。 +然后你输入安装 Oracle 11g 的各种路径以及密码。下面是我自己的 Oracle 11g 安装配置。确保你正确输入了 Oracle 的密码。 ![](http://www.unixmen.com/wp-content/uploads/2015/09/11g212cimage3.png) @@ -30,7 +26,7 @@ 你需要从该[链接][1]上下载两个 zip 文件。下载并解压两个文件到相同目录。文件名为 **linuxamd64_12c_database_1of2.zip** & **linuxamd64_12c_database_2of2.zip**。提取或解压完后,它会创建一个名为 database 的文件夹。 -注意:升级到 12c 之前,请确保在你的 CentOS 上已经安装了所有必须的软件包并且 path 环境变量也已经正确配置,还有其它前提条件也已经满足。 +注意:升级到 12c 之前,请确保在你的 CentOS 上已经安装了所有必须的软件包,并且所有的路径变量也已经正确配置,还有其它前提条件也已经满足。 下面是必须使用正确版本安装的一些软件包 @@ -47,13 +43,11 @@ 在因特网上搜索正确的 rpm 版本。 -你也可以用一个查询处理多个软件包,然后在输出中查找正确版本。例如: - -在终端中输入下面的命令 +你也可以用一个查询处理多个软件包,然后在输出中查找正确版本。例如,在终端中输入下面的命令: rpm -q binutils compat-libstdc++ gcc glibc libaio libgcc libstdc++ make sysstat unixodbc -你的系统中必须安装了以下软件包(版本可能较新会旧) +你的系统中必须安装了以下软件包(版本可能或新或旧) - binutils-2.23.52.0.1-12.el7.x86_64 - compat-libcap1-1.10-3.el7.x86_64 @@ -83,11 +77,7 @@ 你也需要 unixODBC-2.3.1 或更新版本的驱动。 -我希望你安装 Oracle 11g 的时候已经在你的 CentOS 7 上创建了名为 oracle 的用户。 - -让我们以用户 oracle 登录 CentOS。 - -以用户 oracle 登录到 CentOS 之后,在你的 CentOS上打开一个终端。 +我希望你安装 Oracle 11g 的时候已经在你的 CentOS 7 上创建了名为 oracle 的用户。让我们以用户 oracle 登录 CentOS。以用户 oracle 登录到 CentOS 之后,在你的 CentOS上打开一个终端。 使用终端更改工作目录并导航到你解压两个 zip 文件的目录。在终端中输入以下命令开始安装 12c。 @@ -119,15 +109,15 @@ ![](http://www.unixmen.com/wp-content/uploads/2015/09/11g212cimage11.png) -第七步,像下面这样使用默认的选择继续下一步。 +对于第七步,像下面这样使用默认的选择继续下一步。 ![](http://www.unixmen.com/wp-content/uploads/2015/09/11g212cimage12.png) -在第九步,你会看到一个类似下面这样的总结报告。 +在第九步中,你会看到一个类似下面这样的总结报告。 ![](http://www.unixmen.com/wp-content/uploads/2015/09/11g212cimage13.png) -如果一切正常,你可以点击步骤九中的 install 开始安装,进入步骤十。 +如果一切正常,你可以点击第九步中的 install 开始安装,进入第十步。 ![](http://www.unixmen.com/wp-content/uploads/2015/09/11g212cimage14.png) @@ -135,7 +125,7 @@ 要有耐心,一步一步走下来最后它会告诉你成功了。否则,在谷歌上搜索做必要的操作解决问题。再一次说明,由于你可能会遇到的错误有很多,我无法在这里提供所有详细介绍。 -现在,只需要按照下面屏幕指令配置监听器 +现在,只需要按照下面屏幕指令配置监听器。 配置完监听器之后,它会启动数据库升级助手(Database Upgrade Assistant)。选择 Upgrade Oracle Database。 @@ -157,7 +147,7 @@ via: http://www.unixmen.com/upgrade-from-oracle-11g-to-oracle-12c/ 作者:[Mohammad Forhad Iftekher][a] 译者:[ictlyh](http://www.mutouxiaogui.cn/blog/) -校对:[校对者ID](https://github.com/校对者ID) +校对:[wxy](https://github.com/wxy) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 diff --git a/translated/share/20150923 Xenlism WildFire--Minimal Icon Theme For Linux Desktop.md b/published/201510/20150923 Xenlism WildFire--Minimal Icon Theme For Linux Desktop.md similarity index 62% rename from translated/share/20150923 Xenlism WildFire--Minimal Icon Theme For Linux Desktop.md rename to published/201510/20150923 Xenlism WildFire--Minimal Icon Theme For Linux Desktop.md index 5bd7655a9e..0049dd5a6e 100644 --- a/translated/share/20150923 Xenlism WildFire--Minimal Icon Theme For Linux Desktop.md +++ b/published/201510/20150923 Xenlism WildFire--Minimal Icon Theme For Linux Desktop.md @@ -1,12 +1,12 @@ -Xenlism WildFire: 一个精美的 Linux 桌面版主题 +Xenlism WildFire: Linux 桌面的极简风格图标主题 ================================================================================ ![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/09/Xenlism-icon-theme-linux-3.png) -有那么一段时间,我一直使用一个主题,没有更换过。可能是在最近的一段时间都没有一款主题能满足我的需求。有那么一些我认为是[Ubuntu 上最好的图标主题][1],比如 Numix 和 Moka,并且,我一直也对 Numix 比较满意。 +有那么一段时间我没更换主题了,可能最近的一段时间没有一款主题能让我眼前一亮了。我考虑过更换 [Ubuntu 上最好的图标主题][1],但是它们和 Numix 和 Moka 差不多,而且我觉得 Numix 也不错。 -但是,一段时间后,我使用了[Xenslim WildFire][2],并且我必须承认,他看起来太好了。Minimail 是当前比较流行的设计趋势。并且 Xenlism 完美的表现了它。平滑和美观。Xenlism 收到了诺基亚的 Meego 和苹果图标的影响。 +但是前几天我试了试 [Xenslim WildFire][2],我必须承认,它看起来太棒了。极简风格是设计界当前的流行趋势,而 Xenlism 完美的表现了这种风格。平滑而美观,Xenlism 显然受到了诺基亚的 Meego 和苹果图标的影响。 -让我们来看一下他的几个不同应用的图标: +让我们来看一下它的几个不同应用的图标: ![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/09/Xenlism-icons.png) @@ -14,15 +14,15 @@ Xenlism WildFire: 一个精美的 Linux 桌面版主题 ![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/09/Xenlism-icons-1.png) -主题开发者,[Nattapong Pullkhow][3], 说,这个图标主题最适合 GNOME,但是在 Unity 和 KDE,Mate 上也表现良好。 +主题开发者 [Nattapong Pullkhow][3] 说,这个图标主题最适合 GNOME,但是在 Unity 和 KDE,Mate 上也表现良好。 ### 安装 Xenlism Wildfire ### -Xenlism Theme 大约有 230 MB, 对于一个主题来说确实很大,但是考虑到它支持的庞大的软件数量,这个大小,确实也不是那么令人吃惊。 +Xenlism Theme 大约有 230 MB, 对于一个主题来说确实很大,但是考虑到它所支持的庞大的软件数量,这个大小,确实也不是那么令人吃惊。 #### 在 Ubuntu/Debian 上安装 Xenlism #### -在 Ubuntu 的变种中安装前,用以下的命令添加 GPG 秘钥: +在 Ubuntu 系列中安装之前,用以下的命令添加 GPG 秘钥: sudo apt-key adv --keyserver keys.gnupg.net --recv-keys 90127F5B @@ -42,7 +42,7 @@ Xenlism Theme 大约有 230 MB, 对于一个主题来说确实很大,但是考 sudo nano /etc/pacman.conf - 添加如下的代码块,在配置文件中: +添加如下的代码块,在配置文件中: [xenlism-arch] SigLevel = Never @@ -55,17 +55,17 @@ Xenlism Theme 大约有 230 MB, 对于一个主题来说确实很大,但是考 #### 使用 Xenlism 主题 #### -在 Ubuntu Unity, [可以使用 Unity Tweak Tool 来改变主题][4]. In GNOME, [使用 Gnome Tweak Tool 改变主题][5]. 我确信你会接下来的步骤,如果你不会,请来信通知我,我会继续完善这篇文章。 +在 Ubuntu Unity, [可以使用 Unity Tweak Tool 来改变主题][4]。 在 GNOME 中,[使用 Gnome Tweak Tool 改变主题][5]。 我确信你会接下来的步骤,如果你不会,请来信通知我,我会继续完善这篇文章。 这就是 Xenlism 在 Ubuntu 15.04 Unity 中的截图。同时也使用了 Xenlism 桌面背景。 ![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/09/Xenlism-icons-2.png) -这看来真棒,不是吗?如果你试用了,并且喜欢他,你可以感谢他的开发者: +这看来真棒,不是吗?如果你试用了,并且喜欢它,你可以感谢它的开发者: -> [Xenlism is a stunning minimal icon theme for Linux. Thanks @xenatt for this beautiful theme.][6] +> [Xenlism 是一个用于 Linux 的、令人兴奋的极简风格的图标主题,感谢 @xenatt 做出这么漂亮的主题。][6] -我希望你喜欢他。同时也希望你分享你对这个主题的看法,或者你喜欢的主题。Xenlism 真的很棒,可能会替换掉你最喜欢的主题。 +我希望你喜欢它。同时也希望你分享你对这个主题的看法,或者你喜欢的主题。Xenlism 真的很棒,可能会替换掉你最喜欢的主题。 -------------------------------------------------------------------------------- @@ -73,7 +73,7 @@ via: http://itsfoss.com/xenlism-wildfire-theme/ 作者:[Abhishek][a] 译者:[MikeCoder](https://github.com/MikeCoder) -校对:[校对者ID](https://github.com/校对者ID) +校对:[wxy](https://github.com/wxy) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 diff --git a/published/20150925 HTTP 2 Now Fully Supported in NGINX Plus.md b/published/201510/20150925 HTTP 2 Now Fully Supported in NGINX Plus.md similarity index 100% rename from published/20150925 HTTP 2 Now Fully Supported in NGINX Plus.md rename to published/201510/20150925 HTTP 2 Now Fully Supported in NGINX Plus.md diff --git a/published/201510/20150930 Debian dropping the Linux Standard Base.md b/published/201510/20150930 Debian dropping the Linux Standard Base.md new file mode 100644 index 0000000000..c854ba8dfe --- /dev/null +++ b/published/201510/20150930 Debian dropping the Linux Standard Base.md @@ -0,0 +1,65 @@ +Debian 拋弃 Linux 标准规范(LSB) +======================= + +Linux 标准规范(LSB)是一个意图定义 Linux 发行版为第三方程序所提供的服务和应用层 ABI(Application Binary Interfaces,程序二进制界面) 的[规范][1]。但 Debian 项目内的某些人正在质疑是否值得维持兼容 LSB,他们认为,该项工作的工作量巨大,但好处有限。 + +LSB 于2001年首次公布,其模型建立在 [POSIX][2] 和[单一 UNIX 规范(Single UNIX Specification)][3]的基础之上。目前,LSB 由 Linux 基金会的一个[工作小组][4]维护。最新的版本是于2015年6月发布的 [LSB 5.0][5]。它定义了五个 LSB 模块(核芯(core)、桌面、语言、成像(imaging)和试用)。 + +每个模块都包含了一系列所需的库及其强制性版本,外加对每个库的公共函数和数据定义的描述。这些模块还包括命名和组织规范,如[文件系统层次标准(FHS,Filesystem Hierarchy Standard)][6]中的文件系统布局或象 Freedesktop 的[XDG 基础目录(XDG Base Directory)][7]规范这样的目录规范。 + +似乎只是一个巧合,就在 LSB 5.0 发布的同一周,Debian 项目内部针对其是否值得保持兼容 LSB 进行了一次讨论。在另一个贴子中,在提及兼容 LSB 后,Didier Raboud 顺势[提议][8]将 Debian 的兼容工作维持在最低水平。他说,目前的情况是,Debian 的“lsb-*” 元包( meta-packages)试图规定该标准中提及的库的正确版本,但事实上却没有人去检查所有的符号和数据定义是否满足要求。 + +另外,LSB 还不断在膨胀;他说, LSB 4.1 版(接近 Debian “jessie” 发布时的最新版本)包含“*1493个组件、1672个库、38491条命令、30176个类和716202个接口*”。似乎没有人有兴趣检查 Debian 包中的这些细节,他解释道,又补充说,“*去年在 DebConf 上我举行过一次 LSB BoF,后来又与很多人讨论过 src:lsb,我收回自己的‘几乎没有人在意’的说法*”。但,重要的是,Debian 似乎并不仅局限于兴趣的缺乏: + + 我认为,这个问题的关键在于是否值得去玩这整个游戏:我还没听说有哪个软件通过 LSB 包来发行。LSB 认证的应用清单上只有 6个公司的_8_个应用,其中仅有一个是针对不低于 LSB 4 的。 + +Raboud 提议 Debian 摈弃除了 [lsb-base][9] 包(目前包括一个用于启动系统所需的小的 shell 函数集合)和 [lsb-release][10] 包(提供一个简单工具,用户可用它查询发行版的身份以及该发行版宣称的与哪个 LSB 级别兼容)之外的所有内容。 + +[后来][11],他又称,将 LSB 基本上改变为“*Debian 和 FLOSS 世界中的所有的其它人所_实际_做的任何事*”可能会使得该标准(以及在 Debian 为支持它所做的工作)更有价值。但此时他再次质疑是否有人会对推动这个目标有兴趣。 + +如果说他最初称 LSB 中缺乏兴趣没有足够的证据,随后整整三个月之内没有任何人对维持 LSB 兼容的包提供支持,并进行了两次拋弃它们的投票。最后,9月17日,Raboud [宣布][12]他已经抽掉 `src:lsb` 包(如前所述,保留了`lsb-base` 和 `lsb-release`),将将其上载到 “unstable” 归档中。这个最小的工具集可以让感兴趣的用户在启动了下一个 Debian 版本后查询它是否兼容 LSB:结果将为“否”。 + +Raboud 补充说,即便摈弃了兼容 LSB,Debian 仍计划继续兼容 FHS: + + 但 Debian 并没有放弃所有的 LSB:我们仍将严格遵守 FHS(直到 Debian Policy 版本 2.3;虽然今年8月已经发布了3.0),而且我们的 SysV 启动脚本几乎全部遵循 VIII.22.{2-8}。但请不要误解,此次 src:lsb 上载明确说明我们将离开 LSB。 + +在该宣告之后,Nikolaus Rath [回应][13]称某些私有应用依赖`/lib`和`/lib64`中的符号链接`ld-lsb.so*`,而这些符号链接由`lsb-*`包提供。Raboud 则[建议][14]应改由`libc6`包提供;该包维护人员Aurelien Jarno [称][15],如果提供这样一个补丁,他将会接受它。 + +似乎唯一的遗留问题只是某些打印机驱动包会依赖 LSB 兼容。Raboud 称,在其首个贴子中已经说明,据他所知,实际发布的唯一一个依赖 LSB 兼容的包为 [OpenPrinting][16] 驱动程序。Michael Biebl [称][17],主归档中有这样一个驱动包;Raboud 则[回应][18]说,他认为这个有问题的包应该被移到非自由仓库,因其包括了一个二进制驱动。 + +于是,这个问题看上去已经尘埃落定,至于对于目前的 Debian 开发周期来说是如此的状况。很自然的是,未来让人更感觉兴趣的是,如果该决定存在一些影响的话,那么人们将会看到它对更广泛的 LSB 接受度有何影响。正如 Raboud 所说的那样,被认证为 LSB 兼容的发行版数量很[少][19]。人们很难不会注意到这些发行版很大程度上是“企业”的变种。 + +也许,对某些商业领域来说,LSB 仍很重要,但很难知道有多少那些企业发行版的客户真正关心 LSB 认证标签。然而,如果 Debian 的经验靠得住的话,对这种认证的一般兴趣可能会急剧下降。 + +---- + +via:https://lwn.net/Articles/658809/ + +作者:Nathan Willis +译者:[Yuking](https://github.com/Yuking-net) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译, +[Linux中国](https://linux.cn/) 荣誉推出 + + +[1]:http://refspecs.linuxfoundation.org/lsb.shtml +[2]:https://en.wikipedia.org/wiki/POSIX +[3]:https://en.wikipedia.org/wiki/Single_UNIX_Specification +[4]:http://www.linuxfoundation.org/collaborate/workgroups/lsb +[5]:http://www.linuxfoundation.org/collaborate/workgroups/lsb/lsb-50 +[6]:http://www.linuxfoundation.org/collaborate/workgroups/lsb/fhs +[7]:http://standards.freedesktop.org/basedir-spec/basedir-spec-0.6.html +[8]:https://lwn.net/Articles/658838/ +[9]:https://packages.debian.org/sid/lsb-base +[10]:https://packages.debian.org/sid/lsb-release +[11]:https://lwn.net/Articles/658842/ +[12]:https://lwn.net/Articles/658843/ +[13]:https://lwn.net/Articles/658846/ +[14]:https://lwn.net/Articles/658847/ +[15]:https://lwn.net/Articles/658848/ +[16]:http://www.linuxfoundation.org/collaborate/workgroups/openprinting/ +[17]:https://lwn.net/Articles/658844/ +[18]:https://lwn.net/Articles/658845/ +[19]:https://www.linuxbase.org/lsb-cert/productdir.php?by_lsb + diff --git a/published/20150930 Install and use Ansible (Automation Tool) in CentOS 7.md b/published/201510/20150930 Install and use Ansible (Automation Tool) in CentOS 7.md similarity index 100% rename from published/20150930 Install and use Ansible (Automation Tool) in CentOS 7.md rename to published/201510/20150930 Install and use Ansible (Automation Tool) in CentOS 7.md diff --git a/published/201510/20151005 pyinfo() A good looking phpinfo-like python script.md b/published/201510/20151005 pyinfo() A good looking phpinfo-like python script.md new file mode 100644 index 0000000000..480abefef8 --- /dev/null +++ b/published/201510/20151005 pyinfo() A good looking phpinfo-like python script.md @@ -0,0 +1,42 @@ +pyinfo():一个像 phpinfo 一样的 Python 脚本 +================================================================================ +作为一个热衷于 php 的家伙,我已经习惯了使用 `phpinfo()` 函数来让我轻松访问 php.ini 里的配置和加载的模块等信息。当然我也想要使用一个不存在的 `pyinfo()` 函数,但没有成功。按下 CTRL-E,google 一下是否有人实现了它? + +是的,有人已经实现了。但是,对我来说它非常难看。荒谬!因为我无法忍受丑陋的布局,*咳咳*,我不得不亲自动手来改改。我用找到的代码,并重新进行布局使之更好看点。Python 官方网站的布局看起来不错,那么何不借用他们的颜色和背景图片呢?是的,这听起来像一个计划。 + +- [Gist 代码地址][1] +- [下载地址][2] +- [例子][3] + +提醒你下,我仅仅在 Python 2.6.4 上运行过它,所以在别的版本上可能有风险(将它移植到任何其他版本它应该是没有问题的)。要使用它,只需要导入该文件, 并调用`pyinfo()`函数得到它的返回值打印到屏幕上。好嘞! + +如果你在使用 [mod_wsgi][4] 时没有得到正确的返回结果,你可以如下运行它(当然得替换路径): + +``` +def application(environ, start_response): + import sys + path = 'YOUR_WWW_ROOT_DIRECTORY' + if path not in sys.path: + sys.path.append(path) + from pyinfo import pyinfo + output = pyinfo() + start_response('200 OK', [('Content-type', 'text/html')]) + return [output] +``` +--- + +via:http://bran.name/articles/pyinfo-a-good-looking-phpinfo-like-python-script/ + +作者:[Bran van der Meer][a] +译者:[strugglingyouth](https://github.com/strugglingyouth) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译, +[Linux中国](https://linux.cn/) 荣誉推出 + + +[a]:http://bran.name/resume/ +[1]:https://gist.github.com/951825#file_pyinfo.py +[2]:http://bran.name/dump/pyinfo.zip +[3]:http://bran.name/dump/pyinfo/index.py +[4]:http://code.google.com/p/modwsgi/ diff --git a/published/201510/20151007 How To Download Videos Using youtube-dl In Linux.md b/published/201510/20151007 How To Download Videos Using youtube-dl In Linux.md new file mode 100644 index 0000000000..4d268e4c23 --- /dev/null +++ b/published/201510/20151007 How To Download Videos Using youtube-dl In Linux.md @@ -0,0 +1,93 @@ +如何在 Linux 中使用 youtube-dl 下载视频 +================================================================================ +![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/10/Download-YouTube-Videos.jpeg) + +我知道你已经看过[如何下载 YouTube 视频][1]。但那些工具大部分都采用图形用户界面的方式。我会向你展示如何通过终端使用 youtube-dl 下载 YouTube 视频。 + +### youtube-dl ### + +[youtube-dl][2] 是基于 Python 的命令行小工具,允许你从 YouTube.com、Dailymotion、Google Video、Photobucket、Facebook、Yahoo、Metacafe、Depositfiles 以及其它一些类似网站中下载视频。它是用 pygtk 编写的,需要 Python 解析器来运行,对平台要求并不严格。它能够在 Unix、Windows 或者 Mac OS X 系统上运行。 + +youtube-dl 支持断点续传。如果在下载的过程中 youtube-dl 被杀死了(例如通过 Ctrl-C 或者丢失网络连接),你只需要使用相同的 YouTube 视频 URL 再次运行它。只要当前目录中有下载的部分文件,它就会自动恢复没有完成的下载,也就是说,你不需要[下载管理器][3]来恢复下载。 + +#### 安装 youtube-dl #### + +如果你运行的是基于 Ubuntu 的 Linux 发行版,你可以使用下面的命令安装: + + sudo apt-get install youtube-dl + +对于任何 Linux 发行版,你都可以通过下面的命令行在你的系统上快速安装 youtube-dl: + + sudo wget https://yt-dl.org/downloads/latest/youtube-dl -O/usr/local/bin/youtube-dl + +获取到该文件后,为了能正常执行你需要给脚本设置可执行权限。 + + sudo chmod a+rx /usr/local/bin/youtube-dl + +#### 使用 youtube-dl 下载视频: #### + +要下载一个视频文件,只需要运行下面的命令。其中 “VIDEO_URL” 是你想要下载视频的 url。 + + youtube-dl VIDEO_URL + +#### 以多种格式下载 YouTube 视频: #### + +现在 YouTube 视频有不同的分辨率,首先你需要检查指定的 YouTube 视频可用的视频格式。可以使用 “-F” 选项运行 youtube-dl。它会向你显示出可用的格式。 + + youtube-dl -F http://www.youtube.com/watch?v=BlXaGWbFVKY + +它的输出类似于: + + Setting language + BlXaGWbFVKY: Downloading video webpage + BlXaGWbFVKY: Downloading video info webpage + BlXaGWbFVKY: Extracting video information + Available formats: + 37 : mp4 [1080×1920] + 46 : webm [1080×1920] + 22 : mp4 [720×1280] + 45 : webm [720×1280] + 35 : flv [480×854] + 44 : webm [480×854] + 34 : flv [360×640] + 18 : mp4 [360×640] + 43 : webm [360×640] + 5 : flv [240×400] + 17 : mp4 [144×176] + +在可用的视频格式中,选择你需要的一种。例如,如果你想下载 MP4 格式的,你可以: + + youtube-dl -f 17 http://www.youtube.com/watch?v=BlXaGWbFVKY + +#### 使用 youtube-dl 下载视频字幕 #### + +首先检查是否有可用的视频字幕。使用下面的命令列出视频所有可用的字幕: + + youtube-dl --list-subs https://www.youtube.com/watch?v=Ye8mB6VsUHw + +下载所有字幕,但不包括视频: + + youtube-dl --all-subs --skip-download https://www.youtube.com/watch?v=Ye8mB6VsUHw + +#### 下载整个播放列表 #### + +运行下面的命令下载整个播放列表。其中 “playlist_url” 是你希望下载的播放列表的 url。 + + youtube-dl -cit playlist_url + +youtube-dl 是一个多功能的命令行工具,它提供了很多功能。难怪这个命令行工具这么流行。 + +-------------------------------------------------------------------------------- + +via: http://itsfoss.com/download-youtube-linux/ + +作者:[alimiracle][a] +译者:[ictlyh](http://mutouxiaogui.cn/blog/) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:http://itsfoss.com/author/ali/ +[1]:http://itsfoss.com/download-youtube-videos-ubuntu/ +[2]:https://rg3.github.io/youtube-dl/ +[3]:https://linux.cn/article-6209-1.html \ No newline at end of file diff --git a/published/201510/20151007 Open Source Media Player MPlayer 1.2 Released.md b/published/201510/20151007 Open Source Media Player MPlayer 1.2 Released.md new file mode 100644 index 0000000000..95a777e6f1 --- /dev/null +++ b/published/201510/20151007 Open Source Media Player MPlayer 1.2 Released.md @@ -0,0 +1,57 @@ +开源媒体播放器 MPlayer 1.2 发布 +================================================================================ +![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/10/MPlayer-1.2.jpg) + +在 [MPlayer][1] 1.1 发布将近3年后,新版 MPlayer 终于在上周发布了。在新版本 MPlayer 1.2 中带来了对许多新编码的解码支持。 + +MPlayer 是一款跨平台的开源媒体播放器。它的名字是“Movie Player”的缩写。MPlayer 是 Linux 上最老牌的媒体播放器之一,在过去的15年里,它还带动出现了许多其他媒体播放器。著名的基于 MPlayer 的媒体播放器有: + +- [MPV][2] +- SMPlayer +- KPlayer +- GNOME MPlayer +- Deepin Player(深度影音) + +#### MPlayer 1.2 更新了些什么? #### + +- 兼容 FFmpeg 2.8 +- 对 H.265/HEVC 的 VDPAU 硬件加速 +- 通过 FFmpeg 支持一些新的编码解码 +- 改善电视与数字视频广播支持 +- 界面优化 +- libdvdcss/libdvdnav 包外部依赖 + +#### 在 Linux 安装 MPlayer 1.2 #### + +大多数 Linux 发行版仓库中还是 MPlayer 1.1 版本。如果你想使用新的 MPlayer 1.2 版本,你需要从源码手动编译,这对新手来说可能有点棘手。 + +我是在 Ubuntu 15.04 上安装的 MPlayer 1.2。除了需要安装 yasm 的地方以外,对所有 Linux 发行版来说安装说明都是一样的。 + +打开一个终端,运行下列命令: + + wget http://www.mplayerhq.hu/MPlayer/releases/MPlayer-1.2.tar.xz + tar xvf MPlayer-1.1.1.tar.xz + cd MPlayer-1.2 + sudo apt-get install yasm + ./configure + +在你运行 make 的时候,在你的终端屏幕上会显示一些东西,并且你需要一些时间来编译它。保持耐心。 + + make + sudo make install + +如果你觉得从源码编译不大习惯的话,我建议你等待 MPlayer 1.2 提交到你的 Linux 发行版仓库中,或者用其它的播放器替代,比如 MPV。 + +-------------------------------------------------------------------------------- + +via: http://itsfoss.com/mplayer-1-2-released/ + +作者:[Abhishek][a] +译者:[alim0x](https://github.com/alim0x) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:http://itsfoss.com/author/abhishek/ +[1]:https://www.mplayerhq.hu/ +[2]:http://mpv.io/ diff --git a/translated/tech/20151007 Productivity Tools And Tips For Linux.md b/published/201510/20151007 Productivity Tools And Tips For Linux.md similarity index 85% rename from translated/tech/20151007 Productivity Tools And Tips For Linux.md rename to published/201510/20151007 Productivity Tools And Tips For Linux.md index a3245013fa..3bc56cc9f6 100644 --- a/translated/tech/20151007 Productivity Tools And Tips For Linux.md +++ b/published/201510/20151007 Productivity Tools And Tips For Linux.md @@ -1,4 +1,4 @@ -Linux产能工具及其使用技巧 +Linux 产能工具及其使用技巧 ================================================================================ ![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/10/Productivity-Tips-Linux.jpg) @@ -6,7 +6,7 @@ Linux产能工具及其使用技巧 ### Linux产能工具及其使用技巧 ### -再次说明,我在写下本文时正在使用的是Ubuntu。但是,我将要在这里展示给大家产能工具及其使用技巧却适用于外面的大多数Linux发行版。 +再次说明,我在写下本文时正在使用的是Ubuntu。但是,我将要在这里展示给大家产能工具及其使用技巧却适用于市面上的大多数Linux发行版。 #### 外界的音乐 #### @@ -36,14 +36,14 @@ Ctrl+ C和Ctrl+V是我们日常计算机生活中不可缺少的一部分,它 如果你正忙着处理其它事情,而此时一个桌面通知闪了出来又逐渐消失了,你会怎么做?你会想要看看通知都说了什么,不是吗?最近通知指示器就是用于处理此项工作,它会保留一个最近所有通知的历史记录。这样,你就永远不会错过桌面通知了。 -你可以阅读[最近通知指示器这里][13]。 +你可以在此阅读[最近通知指示器][13]。 #### 终端技巧 #### 不,我不打算给你们展示所有那些Linux命令技巧和快捷方法,那会写满整个博客了。我打算给你们展示一些终端黑技巧,你可以用它们来提高你的生产力。 - **修改**sudo**密码超时**:默认情况下,sudo命令要求你在15分钟后再次输入密码,这真是让人讨厌。实际上,你可以修改默认的sudo密码超时。[此教程][14]会给你展示如何来实现。 -- **获取命令完成的桌面通知**:这是IT朋友们之间的一个常见的玩笑,开发者们花费大量时间来等待程序编译完成,而这不完全是正确的。但是,它确实影响到了生产力,因为在你等待程序编译完成时,你可以做其它事情,并忘了你在终端中运行的命令。一个更好的途径,就是在一个命令完成时,让它显示桌面通知。这样,你就不会长时间被打断,并且可以回到之前想要做的事情上。请阅读[如何获取命令完成的桌面通知][15]。 +- **获取命令完成的桌面通知**:这是IT朋友们之间的一个常见的玩笑——开发者们花费大量时间来等待程序编译完成——然而这不完全是正确的。但是,它确实影响到了生产力,因为在你等待程序编译完成时,你可以做其它事情,并忘了你在终端中运行的命令。一个更好的途径,就是在一个命令完成时,让它显示桌面通知。这样,你就不会长时间被打断,并且可以回到之前想要做的事情上。请阅读[如何获取命令完成的桌面通知][15]。 我知道,这不是一篇全面涵盖了**提升生产力**的文章。但是,这些小应用和小技巧可以在实际生活中帮助你在你宝贵的时间中做得更多。 @@ -55,20 +55,20 @@ via: http://itsfoss.com/productivity-tips-ubuntu/ 作者:[Abhishek][a] 译者:[GOLinux](https://github.com/GOLinux) -校对:[校对者ID](https://github.com/校对者ID) +校对:[wxy](https://github.com/wxy) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 [a]:http://itsfoss.com/author/abhishek/ [1]:http://www.helpscout.net/blog/music-productivity/ -[2]:http://itsfoss.com/ambient-noise-music-player-ubuntu/ +[2]:https://linux.cn/article-5233-1.html [3]:http://www.noisli.com/ [4]:https://en.wikipedia.org/wiki/Pomodoro_Technique [5]:http://manuel-kehl.de/projects/go-for-it/ [6]:http://todotxt.com/ -[7]:http://itsfoss.com/go-for-it-to-do-app-in-linux/ +[7]:https://linux.cn/article-5337-1.html [8]:http://itsfoss.com/indicator-stickynotes-windows-like-sticky-note-app-for-ubuntu/ -[9]:http://itsfoss.com/install-google-keep-ubuntu-1310/ +[9]:https://linux.cn/article-2634-1.html [10]:https://evernote.com/ [11]:http://itsfoss.com/5-evernote-alternatives-linux/ [12]:https://esite.ch/tag/diodon/ diff --git a/published/201510/20151012 10 Useful Utilities For Linux Users.md b/published/201510/20151012 10 Useful Utilities For Linux Users.md new file mode 100644 index 0000000000..99bfe6869a --- /dev/null +++ b/published/201510/20151012 10 Useful Utilities For Linux Users.md @@ -0,0 +1,263 @@ + 10 个给 Linux 用户的有用工具 +================================================================================ +![](http://1426826955.rsc.cdn77.org/wp-content/uploads/2014/09/linux-656x445.png) + +### 引言 ### + +在本教程中,我已经收集了10个给 Linux 用户的有用工具,其中包括各种网络监控,系统审计和一些其它实用的命令,它可以帮助用户提高工作效率。我希望你会喜欢他们。 + +#### 1. w #### + +显示谁登录了系统并执行了哪些程序。 + + $w + +![](http://1426826955.rsc.cdn77.org/wp-content/uploads/2015/10/Selection_023.png) + +不显示头部信息(LCTT译注:原文此处有误) + + $w -h + +显示指定用户的信息 + + $w + +![](http://1426826955.rsc.cdn77.org/wp-content/uploads/2015/10/Selection_024.png) + +#### 2. nmon #### + +Nmon(nigel’s monitor 的简写)是一个显示系统性能信息的工具。 + + $ sudo apt-get install nmon + +---------- + + $ nmon + +![](http://1426826955.rsc.cdn77.org/wp-content/uploads/2015/10/Selection_001.png) + +nmon 可以显示与 netwrok,cpu, memory 和磁盘使用情况的信息。 + +**nmon 显示 cpu 信息 (按 c)** + +![](http://1426826955.rsc.cdn77.org/wp-content/uploads/2015/10/Selection_002.png) + +**nmon 显示 network 信息 (按 n)** + +![](http://1426826955.rsc.cdn77.org/wp-content/uploads/2015/10/Selection_003.png) + +**nman 显示 disk 信息 (按 d)** + +![](http://1426826955.rsc.cdn77.org/wp-content/uploads/2015/10/Selection_004.png) + +#### 3. ncdu #### + +是一个支持光标的`du`程序,这个命令是用来分析各种目录占用的磁盘空间。 + + $apt-get install ncdu + +---------- + + $ncdu / + +![](http://1426826955.rsc.cdn77.org/wp-content/uploads/2015/10/Selection_006.png) + +最终的输出: + +![](http://1426826955.rsc.cdn77.org/wp-content/uploads/2015/10/Selection_007.png) + +按 n 则通过文件名来排序,按 s 则按文件大小来排序(默认的)。 + +#### 4. slurm #### + +一个基于网络接口的带宽监控命令行程序,它会用字符来显示文本图形。 + + $ apt-get install slurm + +例如: + + $ slurm -i + +---------- + + $ slurm -i eth1 + +![](http://1426826955.rsc.cdn77.org/wp-content/uploads/2015/10/Selection_0091.png) + +**选项** + +- 按 **l** 显示 lx/tx 指示灯. +- 按 **c** 切换到经典模式. +- 按 **r** 刷新屏幕. +- 按 **q** 退出. + +#### 5.findmnt #### + +Findmnt 命令用于查找挂载的文件系统。它用来列出安装设备,当需要时也可以挂载或卸载设备,它是 util-linux 软件包的一部分。 + +例子: + + $findmnt + +![](http://1426826955.rsc.cdn77.org/wp-content/uploads/2015/10/Selection_0101.png) + +以列表格式输出。 + + $ findmnt -l + +![](http://1426826955.rsc.cdn77.org/wp-content/uploads/2015/10/Selection_0111.png) + +列出在 fstab 中挂载的文件系统。 + + $ findmnt -s + +![](http://1426826955.rsc.cdn77.org/wp-content/uploads/2015/10/Selection_0122.png) + +按文件类型列出已挂载的文件系统。 + + $ findmnt -t ext4 + +![](http://1426826955.rsc.cdn77.org/wp-content/uploads/2015/10/Selection_0131.png) + +#### 6. dstat #### + +一种灵活的组合工具,它可用于监控内存,进程,网络和磁盘性能,它可以用来取代 ifstat, iostat, dmstat 等。 + + $apt-get install dstat + +例如: + +查看有关 cpu,硬盘和网络的详细信息。 + + $ dstat + +![](http://1426826955.rsc.cdn77.org/wp-content/uploads/2015/10/Selection_0141.png) + +**-c** cpu + + $ dstat -c + +![](http://1426826955.rsc.cdn77.org/wp-content/uploads/2015/10/Selection_0151.png) + +**-d** 磁盘 + + $ dstat -d + +![](http://1426826955.rsc.cdn77.org/wp-content/uploads/2015/10/Selection_0161.png) + +显示 cpu、磁盘等的详细信息。 + + $ dstat -cdl -D sda1 + +![](http://1426826955.rsc.cdn77.org/wp-content/uploads/2015/10/Selection_017.png) + +#### 7. saidar #### + +另一种基于命令行的系统统计数据监控工具,提供了有关磁盘使用,网络,内存,交换分区等信息。 + + $ sudo apt-get install saidar + +例如: + + $ saidar + +![](http://1426826955.rsc.cdn77.org/wp-content/uploads/2015/10/Selection_0181.png) + +启用彩色输出 + + $ saider -c + +![](http://1426826955.rsc.cdn77.org/wp-content/uploads/2015/10/Selection_0191.png) + +#### 8. ss #### + +ss(socket statistics)是一个很好的替代 netstat 的选择,它从内核空间收集信息,比 netstat 的性能更好。 + +例如: + +列出所有的连接 + + $ ss |less + +![](http://1426826955.rsc.cdn77.org/wp-content/uploads/2015/10/Selection_0201.png) + +列出 tcp 流量 + + $ ss -A tcp + +![](http://1426826955.rsc.cdn77.org/wp-content/uploads/2015/10/Selection_0211.png) + +列出进程名和 pid + + $ ss -ltp + +![](http://1426826955.rsc.cdn77.org/wp-content/uploads/2015/10/Selection_0221.png) + +#### 9. ccze #### + +一个美化日志显示的工具 :). + + $ apt-get install ccze + +例如: + + $ tailf /var/log/syslog | ccze + +![](http://1426826955.rsc.cdn77.org/wp-content/uploads/2015/10/Selection_0231.png) + +列出 ccze 模块: + + $ ccze -l + +![](http://1426826955.rsc.cdn77.org/wp-content/uploads/2015/10/Selection_0241.png) + +将日志保存为 html 文件。 + + tailf /var/log/syslog | ccze -h > /home/tux/Desktop/rajneesh.html + +![](http://1426826955.rsc.cdn77.org/wp-content/uploads/2015/10/Selection_025.png) + +#### 10. ranwhen.py #### + +一种基于 Python 的终端工具,它可以用来以图形方式显示系统活动状态。详细信息以一个丰富多彩的柱状图来展示。 + +安装 python(LCTT 译注:一般来说,你应该已经有了 python,不需要此步): + + $ sudo apt-add-repository ppa:fkrull/deadsnakes + +更新系统: + + $ sudo apt-get update + +下载 python: + + $ sudo apt-get install python3.2 + +[点此下载 ranwhen.py][1] + + $ unzip ranwhen-master.zip && cd ranwhen-master + +运行工具。 + + $ python3.2 ranwhen.py + +![](http://1426826955.rsc.cdn77.org/wp-content/uploads/2015/10/Selection_026.png) + +### 结论 ### + +这都是些不常见但重要的 Linux 管理工具。他们可以在日常生活中帮助用户。在我们即将发表的文章中,我们会尽量多带来些管理员/用户工具。 + +玩得愉快! + +-------------------------------------------------------------------------------- + +via: http://www.unixmen.com/10-useful-utilities-linux-users/ + +作者:[Rajneesh Upadhyay][a] +译者:[strugglingyouth](https://github.com/strugglingyouth) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.unixmen.com/author/rajneesh/ +[1]:https://github.com/p-e-w/ranwhen/archive/master.zip diff --git a/published/201510/20151012 Linux FAQs with Answers--How to change USB device permission permanently on Linux.md b/published/201510/20151012 Linux FAQs with Answers--How to change USB device permission permanently on Linux.md new file mode 100644 index 0000000000..051a15638f --- /dev/null +++ b/published/201510/20151012 Linux FAQs with Answers--How to change USB device permission permanently on Linux.md @@ -0,0 +1,53 @@ +Linux 有问必答:如何在 Linux 中永久修改 USB 设备权限 +================================================================================ +> **提问**:当我尝试在 Linux 中运行 USB GPS 接收器时我遇到了下面来自 gpsd 的错误。 +> +> gpsd[377]: gpsd:ERROR: read-only device open failed: Permission denied +> gpsd[377]: gpsd:ERROR: /dev/ttyUSB0: device activation failed. +> gpsd[377]: gpsd:ERROR: device open failed: Permission denied - retrying read-only +> +> 看上去 gpsd 没有权限访问 USB 设备(/dev/ttyUSB0)。我该如何永久修改它在Linux上的权限? + +当你在运行一个会读取或者写入USB设备的进程时,进程的用户/组必须有权限这么做才行。当然你可以手动用`chmod`命令改变 USB 设备的权限,但是手动的权限改变只是暂时的。USB 设备会在下次重启时恢复它的默认权限。 + +![](https://farm6.staticflickr.com/5741/20848677843_202ff53303_c.jpg) + +作为一个永久的方式,你可以创建一个基于 udev 的 USB 权限规则,它可以根据你的选择分配任何权限模式。下面是该如何做。 + +首先,你需要找出 USB 设备的 vendorID 和 productID。使用`lsusb`命令。 + + $ lsusb -vvv + +![](https://farm1.staticflickr.com/731/20848677743_39f76eb403_c.jpg) + +上面`lsusb`的输出中,找出你的 USB 设备,并找出"idVendor"和"idProduct"字段。本例中,我们的结果是`idVendor (0x067b)`和 `idProduct (0x2303)` + +下面创建一个新的udev规则。 + + $ sudo vi /etc/udev/rules.d/50-myusb.rules + +---------- + + SUBSYSTEMS=="usb", ATTRS{idVendor}=="067b", ATTRS{idProduct}=="2303", GROUP="users", MODE="0666" + +用你自己的"idVendor"和"idProduct"来替换。**MODE="0666"**表示USB设备的权限。 + +现在重启电脑并重新加载 udev 规则: + + $ sudo udevadm control --reload + +接着验证下 USB 设备的权限。 + +![](https://farm1.staticflickr.com/744/21282872179_9a4a05d768_b.jpg) + +-------------------------------------------------------------------------------- + +via: http://ask.xmodulo.com/change-usb-device-permission-linux.html + +作者:[Dan Nanni][a] +译者:[geekpi](https://github.com/geekpi) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://ask.xmodulo.com/author/nanni diff --git a/published/201510/20151012 Linux FAQs with Answers--How to force password change at the next login on Linux.md b/published/201510/20151012 Linux FAQs with Answers--How to force password change at the next login on Linux.md new file mode 100644 index 0000000000..22c298c047 --- /dev/null +++ b/published/201510/20151012 Linux FAQs with Answers--How to force password change at the next login on Linux.md @@ -0,0 +1,54 @@ +Linux有问必答:如何强制在下次登录Linux时更换密码 +================================================================================ +> **提问**:我管理着一台多人共享的Linux服务器。我刚使用默认密码创建了一个新用户,但是我想用户在第一次登录时更换密码。有没有什么方法可以让他/她在下次登录时修改密码呢? + +在多用户Linux环境中,标准实践是使用一个默认的随机密码创建一个用户账户。成功登录后,新用户自己改变默认密码。出于安全考虑,经常建议“强制”用户在第一次登录时修改密码来确保这个一次性使用的密码不会再被使用。 + +下面是**如何强制用户在下次登录时修改他/她的密码**。 + +每个Linux用户都关联这不同的密码相关配置和信息。比如,记录着上次密码更改的日期、最小/最大的修改密码的天数、密码何时过期等等。 + +一个叫chage的命令行工具可以访问并调整密码过期相关配置。你可以使用这个工具来强制用户在下次登录修改密码、 + +要查看特定用户的过期信息(比如:alice),运行下面的命令。注意的是除了你自己之外查看其他任何用户的密码信息都需要root权限。 + + $ sudo chage -l alice + +![](https://c1.staticflickr.com/1/727/21955581605_5471e61ee0_c.jpg) + +### 强制用户修改密码 ### + +如果你想要强制用户去修改他/她的密码,使用下面的命令。 + + $ sudo chage -d0 + +原本“-d ”参数是用来设置密码的“年龄”(也就是上次修改密码起到1970/1/1起的天数)。因此“-d0”的意思是上次密码修改的时间是1970/1/1,这就让当前的密码过期了,也就强制让他在下次登录的时候修改密码了。 + +另外一个过期当前密码的方式是用passwd命令。 + + $ sudo passwd -e + +上面的命令和“chage -d0”作用一样,让当前用户的密码立即过期。 + +现在检查用户的信息,你会发现: + +![](https://c2.staticflickr.com/6/5770/21767501480_ba88f00d80_c.jpg) + +当你再次登录时候,你会被要求修改密码。你会在修改前被要求再验证一次当前密码。 + +![](https://c2.staticflickr.com/6/5835/21929638636_eed4d69cb9_c.jpg) + +要设置更全面的密码策略(如密码复杂性,防止重复使用),则可以使用PAM。参见[这篇文章][1]了解更多详情。 + +-------------------------------------------------------------------------------- + +via: http://ask.xmodulo.com/force-password-change-next-login-linux.html + +作者:[Dan Nanni][a] +译者:[geekpi](https://github.com/geekpi) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://ask.xmodulo.com/author/nanni +[1]:http://xmodulo.com/set-password-policy-linux.html diff --git a/published/201510/20151013 Mytodo--A ToDo List Manager For DIY Lovers.md b/published/201510/20151013 Mytodo--A ToDo List Manager For DIY Lovers.md new file mode 100644 index 0000000000..84ebd749f4 --- /dev/null +++ b/published/201510/20151013 Mytodo--A ToDo List Manager For DIY Lovers.md @@ -0,0 +1,55 @@ +Mytodo:为 DIY 爱好者准备的待办事项管理软件 +================================================================================ +![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/10/Mytodo-Linux.jpg) + +通常我关注的软件都是那些不用折腾并且易用的(对图形界面而言)。这就是我把 [Go For It][1] 待办事项程序归到 [Linux 产能工具][2] 列表的原因。今天,我要向你们展示另一款待办事项列表应用,和其它的待办事项软件有点不一样。 + +[Mytodo][3] 是个开源的待办事项列表程序,让你能够掌管一切。与其它类似的程序不同的是,Mytodo 更加面向 DIY 爱好者,因为它允许你配置服务器(如果你想在多台电脑上使用的话),除了主要的功能外还提供一个命令行界面。 + +它是用 Python 编写的,因此可以在所有 Linux 发行版以及其它操作系统,比如 Windows 上使用。 + +Mytodo 的一些主要特性: + +- 同时拥有图形界面和命令行界面 +- 配置你自己的服务器 +- 添加用户/密码 +- Python 编写 +- 可根据标签搜索 +- 待办事项可以在 [Conky][4] 显示 + +![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/10/Mytodo-list.jpeg) + +*图形界面* + +![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/10/Mytodo-list-cli.jpeg) + +*命令行* + +![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/10/Mytodo-list-conky.jpeg) + +*Conky 显示着待办事项* + +你可以在下面的 Github 链接里找到源码和配置介绍: + +- [下载和配置 Mytodo ][5] + +尽管有些人可能不大喜欢命令行和配置部分的内容,但它自然有它的乐趣所在。我建议你自己尝试一下,看看 Mytodo 是否符合我们的需求和口味。 + +图片致谢: https://pixabay.com/en/to-do-list-task-list-notes-written-734587 + +-------------------------------------------------------------------------------- + +via: http://itsfoss.com/mytodo-list-manager/ + +作者:[Abhishek][a] +译者:[alim0x](https://github.com/alim0x) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://itsfoss.com/author/abhishek/ +[1]:http://itsfoss.com/go-for-it-to-do-app-in-linux/ +[2]:https://linux.cn/article-6425-1.html +[3]:https://github.com/mohamed-aziz/mytodo +[4]:http://itsfoss.com/conky-gui-ubuntu-1304/ +[5]:https://github.com/mohamed-aziz/mytodo diff --git a/published/201510/20151015 New Collaborative Group to Speed Real-Time Linux.md b/published/201510/20151015 New Collaborative Group to Speed Real-Time Linux.md new file mode 100644 index 0000000000..34d14e2253 --- /dev/null +++ b/published/201510/20151015 New Collaborative Group to Speed Real-Time Linux.md @@ -0,0 +1,78 @@ +新的 RTL 协作组将加速实时 Linux 的发展 +================================================================================ +![](http://www.linux.com/images/stories/66866/Tux-150.png) + +在本周的 Linux 大会活动(LinuxCon)上 Linux 基金会(Linux Foundation)[宣称][1],实时Linux操作系统项目(RTL,Real-Time Linux)得到了新的资金支持,并预期这将促进该项目,使其自成立15年来第一次有机会在实时操作性上和其他的实时操作系统(RTOS,Real Time Operation System)一较高下。Linux 基金会将 RTL 组重组为一个新的项目,并命名为RTL协作组(Real-Time Linux Collaborative Project),该项目将获得更有力的资金支持,更多的开发人员将投入其中,并更加紧密地集成到 Linux 内核主线开发中。 + +根据 Linux 基金会的说法,RTL 项目并入 Linux基金会旗下后,“在研发方面将为业界节省数百万美元的费用。”同时此举也将“通过强有力的上游内核测试体系而改善本项目的代码质量”。 + +在过去的十几年中,RTL 项目的开发管理和经费资助主要由[开源自动化开发实验室] [2](OSADL,Open Source Automation Development Lab)承担,OSADL 将继续作为新合作项目的金牌成员之一,但其原来承担的资金资助工作将会在一月份移交给 Linux 基金会。RTL 项目和 [OSADL][3] 长久以来一直负责维护[内核的实时抢占(RT-Preempt 或 Preempt-RT)][4]补丁,并定期将其更新到 Linux 内核的主线上。 + +据长期以来一直担任 OSADL 总经理的 Carsten Emde 博士介绍,支持内核实时特性的工作已经完成了将近 90%。 “这就像盖房子,”他解释说。 “主要的部件,如墙壁,窗户和门都已经安装到位,就实时内核来说,类似的主要部件包括:高精度定时器(high-resolution timers),中断线程化机制(interrupt threads)和优先级可继承的互斥量(priority-inheritance mutexes)等。然后所剩下的就是需要一些边边角角的工作,就如同装修房子过程中还剩下铺设如地毯和墙纸等来完成最终的工程。” + +以 Emde 观点来看,从技术的角度来说,实时 Linux 的性能已经可以媲美绝大多数其他的实时操作系统 - 但前提是你要不厌其烦地把所有的补丁都打上。 Emde 的原话如下:“该项目(LCTT 译注,指RTL)的唯一目标就是提供一个满足实时性要求的 Linux 系统,使其无论运行状况如何恶劣都可以保证在确定的、可以预先定义的时间期限内对外界处理做出响应。这个目标已经实现,但需要你手动地将 RTL 提供的补丁添加到 Linux 内核主线的版本代码上,但将来的不用打补丁的实时 Linux 内核也能实现这个目标。唯一的,当然也是最重要的区别就是相应的维护工作将少得多,因为我们再也不用一次又一次移植那些独立于内核主线的补丁代码了。” + +新的 RTL 协作组将继续在 Thomas Gleixner 的指导下工作,Thomas Gleixner 在过去的十多年里一直是 RTL 的核心维护人员。本周,Gleixner 被任命为 Linux 基金会成员,并加入了一个特别的小组,小组成员包括 Linux 稳定内核维护者Greg Kroah-Hartman,Yocto 项目维护者 Richard Purdie 和 Linus Torvalds 本人。 + +据 Emde 介绍,RTL 的第二维护人 Steven Rostedt 来自 Red Hat 公司,他负责“维护旧的,但尚保持维护的内核版本”,他将和同样来自 Red Hat 的 Ingo Molnàr 继续参与该项目,Ingo 是 RTL 的关键开发人员,但近年来更多地从事咨询方面的工作。有些令人惊讶的是,Red Hat 竟然不是 RTL 协作组的成员之一。相反,谷歌作为唯一的白金会员占据了头把交椅,其他黄金会员包括国家仪器公司(NI,National Instruments),OSADL 和德州仪器(TI)。银卡会员包括Altera 公司,ARM,Intel 和 IBM。 + +###走向实时内核的漫长道路### + +当15年前 Linux 第一次出现在嵌入式设备上的时候,它所面临的嵌入式计算市场已经被其他的实时操作系统,譬如风河公司(WindRiver)的 VxWorks,所牢牢占据。VxWorks 从那时起到现在,一直在为众多的工控设备、航空电子设备以及交通运输应用提供着工业级别的高确定性的,硬实时的内核。微软后来也提供了一个支持实时性的操作系统版本- Windows CE,当时的 Linux 所面临的是来自潜在工业客户的公开嘲讽和层层阻力。他们认为那些从桌面系统改进来的 Linux 发行版本顶多适合要求不高的轻量级消费类电子产品,而不适合那些对硬实时要求更高的设备。 + +对于嵌入式 Linux 的先行者如 [MontaVista 公司][6]来说,其[早期的目标][5]很明确就是要改进 Linux 的实时能力。多年以来,对 Linux 的实时性能开发发展迅速,得到各种组织的支持,如[成立于2006年][7]的 OSADL,以及实时 Linux 基金会(RTLF,Real-Time Linux Foundation)。在2009年 [OSADL 与 RTLF 合并][8],OSADL 及其 RTL 组承担了所有的抢占式实时内核(Preempt-RT)补丁的维护工作和将补丁提交到上游内核主线的工作。除此之外 OSADL 还负责监管其他自动化相关的项目,例如[高可靠性 Linux][9](Safety Critical Linux)(译者注:指研究如何在关键系统上可靠安全地运行Linux)。 + +OSADL 对 RTL 的支持经历了三个阶段:拥护和推广,测试和质量评估,以及最后的资金支持。Emde 表示,在早期,OSADL 的角色仅限于写写推广的文章,制作专题报告,组织相关培训,以及“宣传” RTL 的优点。他说:“要让一个相当保守的工控行业接受象 Linux 之类的新技术及其基于社区的那种开发模式,首先就需要建立其对新事物的信任。从使用专有的实时操作系统转向改用 Linux 对公司意味着必须引入新的战略和流程,才能与社区进行互动。” + +后来,OSADL 改而提供技术性能数据,建立[质量评估和测试中心][10],并在和开源相关的法律事务问题和安全认证方面向行业成员提供帮助。 + +当 RTL 在实时性上变得愈加成熟的同时,相反地 Windows CE 却是江河日下,[其市场份额正在快速地被 RTL 所蚕食][11],一些与 RTL 竞争的实时 Linux 项目,主要是 [Xenomai][12] 也已开始集成 RTL。 + +“伴随 RTL 补丁的成功,以及明确的预期其最终会被完整集成到 Linux 内核主线代码中,导致 Xenomai 关注的重心发生了变化,”Emde 说。 “Xenomai 3.0 可与 RT 补丁结合起来使用,并提供了所谓的‘皮肤’,(LCTT 译注:一个封装层),使我们可以复用为其他系统编写的代码。不过,它们还没有完全统一起来,因为 Xenomai 使用了双内核方法,而RT 补丁只适用于单一的 Linux 内核。“ + +近些年来,RTL 组的资助来源越来越少,所以最终 OSADL 接过了这个重任。Emde 说:“当最近开发工作因缺少资金而陷入停滞时,OSADL 对 RTL 的支持进入到第三个重大阶段:开始直接资助 Thomas Gleixner 的工作。” + +正如 Emde 在其[10月5日的一篇博文][13]中所描述的那样,实时 Linux 的应用领域正在日益扩大,由其原来主要服务的工业控制扩大到了汽车行业和电信业等领域,这表明资助的来源也应该得到拓宽。Emde 原文写道:“仅仅靠来自工控行业的资金来支撑全部的工作是不合理的,因为电信等其他行业也在享用实时 Linux 内核。” + +当 Linux 基金会表明有兴趣提供资金支持时,OSADL 认为“单一的资助和控制渠道要有效得多”(LCTT 译注:指最终由Linux 基金会全盘接手了 RTL 项目),Emde 如是说。不过,他补充说,作为黄金级成员,OSADL 仍参与监管项目的工作,会继续从事其宣传和质量保证方面的活动。 + +###汽车行业期待 RTL 的崛起### + +Emde 表示,RTL 会继续在工业应用领域飞速发展并逐渐取代其他实时操作系统。而且,他补充说,RTL 在汽车行业发展也很迅猛,以后会扩大并应用到铁路和航空电子设备上。 + +的确,Linux 在汽车行业将扮演越来越重要的角色,这也是 Linux 基金对 RTL 所寄予厚望的原因之所在。RTL 工作组可能会与 Linux 基金会旗下的[车载Linux][14](AGL,Automotive Grade Linux)工作组展开合作。Emde 猜测,Google 高调参与的主要动因可能也是希望将 RTL 用于汽车控制。此外,德州仪器(TI)也非常期望将其 Jacinto 处理器应用于汽车行业。 + +面向车载 Linux 的项目(比如AGL)的目标是要扩大 Linux 在车载设备上的应用范围,其应用不是仅限于车载信息娱乐(IVI,In-Vehicle Infotainment),而是要进入到譬如集群控制和车载通讯领域,而这些领域目前主要使用的是 QNX 之类的实时操作系统。无人驾驶汽车在实时性上对操作系统也有很高的要求。 + +Emde 特别指出,OSADL 的 [SIL2LinuxMP][15] 项目可能会在将 RTL 引入到汽车工业领域上扮演重要的角色。SIL2LinuxMP 并不是专门针对汽车工业的项目,但随着 BMW 公司参与其中,汽车行业成为其很重要的应用领域之一。该项目的目标在于验证 RTL 在采用单核或多核 CPU 的标准化商用(COTS,Commercial Off-The-Shelf)板卡上运行所需的基本组件。它定义了引导程序、根文件系统、Linux 内核以及对应支持 RTL 的 C 库。 + +无人机和机器人使用实时 Linux 的时机也已成熟,Xenomai 系统早已用在许多机器人以及一些无人机中。不过,在更广泛的嵌入式 Linux 世界,包括了消费电子产品和物联网应用中,RTL 可以扮演的角色很有限。主要的障碍在于,无线通信和互联网本身会带来延迟。 + +Emde 说:“目前实时 Linux 主要还是应用于系统内部控制以及系统与周边外设之间的控制,在远程控制机器上作用不大。企图通过互联网实现实时控制恐怕不是一件可行的事情。” + +-------------------------------------------------------------------------------- + +via: http://www.linux.com/news/software/applications/858828-new-collaborative-group-to-speed-real-time-linux + +作者:[Eric Brown][a] +译者:[unicornx](https://github.com/unicornx) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.linux.com/community/forums/person/42808 +[1]:http://www.linuxfoundation.org/news-media/announcements/2015/10/linux-foundation-announces-project-advance-real-time-linux +[2]:http://archive.linuxgizmos.com/celebrating-the-open-source-automation-development-labs-first-birthday/ +[3]:https://www.osadl.org/ +[4]:http://linuxgizmos.com/adding-real-time-to-linux-with-preempt-rt/ +[5]:http://archive.linuxgizmos.com/real-time-linux-what-is-it-why-do-you-want-it-how-do-you-do-it-a/ +[6]:http://www.linux.com/news/embedded-mobile/mobile-linux/841651-embedded-linux-pioneer-montavista-spins-iot-linux-distribution +[7]:http://archive.linuxgizmos.com/industry-group-aims-linux-at-automation-apps/ +[8]:http://archive.linuxgizmos.com/industrial-linux-groups-merge/ +[9]:https://www.osadl.org/Safety-Critical-Linux.safety-critical-linux.0.html +[10]:http://www.osadl.org/QA-Farm-Realtime.qa-farm-about.0.html +[11]:http://www.linux.com/news/embedded-mobile/mobile-linux/818011-embedded-linux-keeps-growing-amid-iot-disruption-says-study +[12]:http://xenomai.org/ +[13]:https://www.osadl.org/Single-View.111+M5dee6946dab.0.html +[14]:http://www.linux.com/news/embedded-mobile/mobile-linux/833358-first-open-automotive-grade-linux-spec-released +[15]:http://www.osadl.org/SIL2LinuxMP.sil2-linux-project.0.html \ No newline at end of file diff --git a/published/201510/20151019 10 passwd command examples in Linux.md b/published/201510/20151019 10 passwd command examples in Linux.md new file mode 100644 index 0000000000..6e19bef6b2 --- /dev/null +++ b/published/201510/20151019 10 passwd command examples in Linux.md @@ -0,0 +1,149 @@ +10 个 Linux 中的 passwd 命令示例 +================================================================================ + +正如 **passwd** 命令的名称所示,其用于改变系统用户的密码。如果 passwd 命令由非 root 用户执行,那么它会询问当前用户的密码,然后设置调用该命令的用户的新密码。当此命令由超级用户 root 执行的话,就可以重新设置任何用户的密码,包括不知道当前密码的用户。 + +在这篇文章中,我们将用实例来介绍 passwd 命令。 + +#### 语法 : #### + + # passwd {options} {user_name} + +可以在 passwd 命令使用不同的选项,列表如下: + +![](http://www.linuxtechi.com/wp-content/uploads/2015/09/passwd-command-options.jpg) + +### 例1:更改系统用户的密码 ### + +当你使用非 root 用户登录时,比如我使用 ‘linuxtechi’ 登录的情况下,运行 passwd 命令它会重置当前登录用户的密码。 + + [linuxtechi@linuxworld ~]$ passwd + Changing password for user linuxtechi. + Changing password for linuxtechi. + (current) UNIX password: + New password: + Retype new password: + passwd: all authentication tokens updated successfully. + [linuxtechi@linuxworld ~]$ + +当你作为 root 用户登录后并运行 **passwd** 命令时,它默认情况下会重新设置 root 的密码,如果你在 passwd 命令后指定了用户名,它会重置该用户的密码。 + + [root@linuxworld ~]# passwd + [root@linuxworld ~]# passwd linuxtechi + +![](http://www.linuxtechi.com/wp-content/uploads/2015/09/passwd-command.jpg) + +**注意** : 系统用户的密码以加密的形式保存在 /etc/shadow 文件中。 + +### 例2:显示密码状态信息 ### + +要显示用户密码的状态信息,请在 passwd 命令后使用 **-S** 选项。 + + [root@linuxworld ~]# passwd -S linuxtechi + linuxtechi PS 2015-09-20 0 99999 7 -1 (Password set, SHA512 crypt.) + [root@linuxworld ~]# + +在上面的输出中,第一个字段显示的用户名,第二个字段显示密码状态(**PS = 密码设置,LK = 密码锁定,NP = 无密码**),第三个字段显示了上次修改密码的时间,后面四个字段分别显示了密码能更改的最小期限和最大期限,警告期限和没有使用该口令的时长。 + +### 例3:显示所有账号的密码状态信息 ### + +为了显示所有用户密码的状态信息需要使用 “**-aS**”选项在passwd 命令中,示例如下所示: + + root@localhost:~# passwd -Sa + +![](http://www.linuxtechi.com/wp-content/uploads/2015/09/passwd-sa.jpg) + +(LCTT译注:不同发行版/passwd 的行为不同。CentOS6.6 没有测试成功,但 Ubuntu 可以。) + +### 例4:使用 -d 选项删除用户的密码 ### + +用我做例子,删除 ‘**linuxtechi**‘ 用户的密码。 + + [root@linuxworld ~]# passwd -d linuxtechi + Removing password for user linuxtechi. + passwd: Success + [root@linuxworld ~]# + [root@linuxworld ~]# passwd -S linuxtechi + linuxtechi NP 2015-09-20 0 99999 7 -1 (Empty password.) + [root@linuxworld ~]# + +“**-d**” 选项将清空用户密码,并禁用用户登录。 + +### 例5:设置密码立即过期 ### + +在 passwd 命令中使用 '-e' 选项会立即使用户的密码过期,这将强制用户在下次登录时更改密码。 + + [root@linuxworld ~]# passwd -e linuxtechi + Expiring password for user linuxtechi. + passwd: Success + [root@linuxworld ~]# passwd -S linuxtechi + linuxtechi PS 1970-01-01 0 99999 7 -1 (Password set, SHA512 crypt.) + [root@linuxworld ~]# + +现在尝试用 linuxtechi 用户 SSH 连接到主机。 + +![](http://www.linuxtechi.com/wp-content/uploads/2015/09/passwd-expiry.jpg) + +### 例6:锁定系统用户的密码 ### + +在 passwd 命令中使用 ‘**-l**‘ 选项能锁定用户的密码,它会在密码的起始位置加上“!”。当他/她的密码被锁定时,用户将不能更改它的密码。 + + [root@linuxworld ~]# passwd -l linuxtechi + Locking password for user linuxtechi. + passwd: Success + [root@linuxworld ~]# passwd -S linuxtechi + linuxtechi LK 2015-09-20 0 99999 7 -1 (Password locked.) + [root@linuxworld ~]# + +### 例7:使用 -u 选项解锁用户密码 ### + + [root@linuxworld ~]# passwd -u linuxtechi + Unlocking password for user linuxtechi. + passwd: Success + [root@linuxworld ~]# + +### 例8:使用 -i 选项设置非活动时间 ### + +在 passwd 命令中使用 -i 选项用于设系统用户的非活动时间。当用户(我使用的是linuxtechi用户)密码过期后,用户再经过 ‘**n**‘ 天后(在我的情况下是10天)没有更改其密码,用户将不能登录。 + + [root@linuxworld ~]# passwd -i 10 linuxtechi + Adjusting aging data for user linuxtechi. + passwd: Success + [root@linuxworld ~]# + [root@linuxworld ~]# passwd -S linuxtechi + linuxtechi PS 2015-09-20 0 99999 7 10 (Password set, SHA512 crypt.) + [root@linuxworld ~]# + +### 例9:使用 -n 选项设置密码更改的最短时间 ### + +在下面的例子中,linuxtechi用户必须在90天内更改密码。0表示用户可以在任何时候更改它的密码。 + + [root@linuxworld ~]# passwd -n 90 linuxtechi + Adjusting aging data for user linuxtechi. + passwd: Success + [root@linuxworld ~]# passwd -S linuxtechi + linuxtechi PS 2015-09-20 90 99999 7 10 (Password set, SHA512 crypt.) + [root@linuxworld ~]# + +### 例10:使用 -w 选项设置密码过期前的警告期限 ### + +‘**-w**’ 选项在 passwd 命令中用于设置用户的警告期限。这意味着,n天之后,他/她的密码将过期。 + + [root@linuxworld ~]# passwd -w 12 linuxtechi + Adjusting aging data for user linuxtechi. + passwd: Success + [root@linuxworld ~]# passwd -S linuxtechi + linuxtechi PS 2015-09-20 90 99999 12 10 (Password set, SHA512 crypt.) + [root@linuxworld ~]# + +-------------------------------------------------------------------------------- + +via: http://www.linuxtechi.com/10-passwd-command-examples-in-linux/ + +作者:[Pradeep Kumar][a] +译者:[strugglingyouth](https://github.com/strugglingyouth) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.linuxtechi.com/author/pradeep/ diff --git a/published/201510/20151019 11 df command examples in Linux.md b/published/201510/20151019 11 df command examples in Linux.md new file mode 100644 index 0000000000..a5e3c827ba --- /dev/null +++ b/published/201510/20151019 11 df command examples in Linux.md @@ -0,0 +1,259 @@ + Linux 中 df 命令的11个例子 +================================================================================ + +df 即“可用磁盘”(disk free),用于显示文件系统的磁盘使用情况。默认情况下 df 命令将以每块 1K 的单位进行显示所有当前已挂载的文件系统,如果你想以人类易读的格式显示 df 命令的输出,像这样“df -h”使用 -h 选项。 + +在这篇文章中,我们将讨论 `df` 命令在 Linux 下11种不同的实例。 + +在 Linux 下 df 命令的基本格式为: + + # df {options} {mount_point_of_filesystem} + +在 df 命令中可用的选项有: + +![](http://www.linuxtechi.com/wp-content/uploads/2015/10/df-command-options.jpg) + +df 的样例输出 : + + [root@linux-world ~]# df + Filesystem 1K-blocks Used Available Use% Mounted on + /dev/mapper/vg00-root 17003304 804668 15311852 5% / + devtmpfs 771876 0 771876 0% /dev + tmpfs 777928 0 777928 0% /dev/shm + tmpfs 777928 8532 769396 2% /run + tmpfs 777928 0 777928 0% /sys/fs/cgroup + /dev/mapper/vg00-home 14987616 41000 14162232 1% /home + /dev/sda1 487652 62593 395363 14% /boot + /dev/mapper/vg00-var 9948012 48692 9370936 1% /var + /dev/mapper/vg00-sap 14987656 37636 14165636 1% /sap + [root@linux-world ~]# + +### 例1:使用 -a 选项列出所有文件系统的磁盘使用量 ### + +当我们在 df 命令中使用 `-a` 选项时,它会显示所有文件系统的磁盘使用情况。 + + [root@linux-world ~]# df -a + Filesystem 1K-blocks Used Available Use% Mounted on + rootfs 17003304 804668 15311852 5% / + proc 0 0 0 - /proc + sysfs 0 0 0 - /sys + devtmpfs 771876 0 771876 0% /dev + securityfs 0 0 0 - /sys/kernel/security + tmpfs 777928 0 777928 0% /dev/shm + devpts 0 0 0 - /dev/pts + tmpfs 777928 8532 769396 2% /run + tmpfs 777928 0 777928 0% /sys/fs/cgroup + cgroup 0 0 0 - /sys/fs/cgroup/systemd + pstore 0 0 0 - /sys/fs/pstore + cgroup 0 0 0 - /sys/fs/cgroup/cpuset + cgroup 0 0 0 - /sys/fs/cgroup/cpu,cpuacct + cgroup 0 0 0 - /sys/fs/cgroup/memory + cgroup 0 0 0 - /sys/fs/cgroup/devices + cgroup 0 0 0 - /sys/fs/cgroup/freezer + cgroup 0 0 0 - /sys/fs/cgroup/net_cls + cgroup 0 0 0 - /sys/fs/cgroup/blkio + cgroup 0 0 0 - /sys/fs/cgroup/perf_event + cgroup 0 0 0 - /sys/fs/cgroup/hugetlb + configfs 0 0 0 - /sys/kernel/config + /dev/mapper/vg00-root 17003304 804668 15311852 5% / + selinuxfs 0 0 0 - /sys/fs/selinux + systemd-1 0 0 0 - /proc/sys/fs/binfmt_misc + debugfs 0 0 0 - /sys/kernel/debug + hugetlbfs 0 0 0 - /dev/hugepages + mqueue 0 0 0 - /dev/mqueue + /dev/mapper/vg00-home 14987616 41000 14162232 1% /home + /dev/sda1 487652 62593 395363 14% /boot + /dev/mapper/vg00-var 9948012 48692 9370936 1% /var + /dev/mapper/vg00-sap 14987656 37636 14165636 1% /sap + [root@linux-world ~]# + +### 例2:以人类易读的格式显示 df 命令的输出 ### + +在 df 命令中使用`-h`选项,以人类易读的格式输出(例如,5K,500M 及 5G) + + [root@linux-world ~]# df -h + Filesystem Size Used Avail Use% Mounted on + /dev/mapper/vg00-root 17G 786M 15G 5% / + devtmpfs 754M 0 754M 0% /dev + tmpfs 760M 0 760M 0% /dev/shm + tmpfs 760M 8.4M 752M 2% /run + tmpfs 760M 0 760M 0% /sys/fs/cgroup + /dev/mapper/vg00-home 15G 41M 14G 1% /home + /dev/sda1 477M 62M 387M 14% /boot + /dev/mapper/vg00-var 9.5G 48M 9.0G 1% /var + /dev/mapper/vg00-sap 15G 37M 14G 1% /sap + [root@linux-world ~]# + +### 例3:显示特定文件系统已使用的空间 ### + +假如我们想显示 /sap 文件系统空间的使用情况。 + + [root@linux-world ~]# df -h /sap/ + Filesystem Size Used Avail Use% Mounted on + /dev/mapper/vg00-sap 15G 37M 14G 1% /sap + [root@linux-world ~]# + +### 例4:输出所有已挂载文件系统的类型 ### + +`-T` 选项用在 df 命令中用来显示文件系统的类型。 + + [root@linux-world ~]# df -T + Filesystem Type 1K-blocks Used Available Use% Mounted on + /dev/mapper/vg00-root ext4 17003304 804668 15311852 5% / + devtmpfs devtmpfs 771876 0 771876 0% /dev + tmpfs tmpfs 777928 0 777928 0% /dev/shm + tmpfs tmpfs 777928 8532 769396 2% /run + tmpfs tmpfs 777928 0 777928 0% /sys/fs/cgroup + /dev/mapper/vg00-home ext4 14987616 41000 14162232 1% /home + /dev/sda1 ext3 487652 62593 395363 14% /boot + /dev/mapper/vg00-var ext3 9948012 48696 9370932 1% /var + /dev/mapper/vg00-sap ext3 14987656 37636 14165636 1% /sap + [root@linux-world ~]# + +### 例5:按块大小输出文件系统磁盘使用情况 ### + + [root@linux-world ~]# df -k + Filesystem 1K-blocks Used Available Use% Mounted on + /dev/mapper/vg00-root 17003304 804668 15311852 5% / + devtmpfs 771876 0 771876 0% /dev + tmpfs 777928 0 777928 0% /dev/shm + tmpfs 777928 8532 769396 2% /run + tmpfs 777928 0 777928 0% /sys/fs/cgroup + /dev/mapper/vg00-home 14987616 41000 14162232 1% /home + /dev/sda1 487652 62593 395363 14% /boot + /dev/mapper/vg00-var 9948012 48696 9370932 1% /var + /dev/mapper/vg00-sap 14987656 37636 14165636 1% /sap + [root@linux-world ~]# + +### 例6:输出文件系统的 inode 信息 ### + +`-i` 选项用在 df 命令用于显示文件系统的 inode 信息。 + +所有文件系统的 inode 信息: + + [root@linux-world ~]# df -i + Filesystem Inodes IUsed IFree IUse% Mounted on + /dev/mapper/vg00-root 1089536 22031 1067505 3% / + devtmpfs 192969 357 192612 1% /dev + tmpfs 194482 1 194481 1% /dev/shm + tmpfs 194482 420 194062 1% /run + tmpfs 194482 13 194469 1% /sys/fs/cgroup + /dev/mapper/vg00-home 960992 15 960977 1% /home + /dev/sda1 128016 337 127679 1% /boot + /dev/mapper/vg00-var 640848 1235 639613 1% /var + /dev/mapper/vg00-sap 960992 11 960981 1% /sap + [root@linux-world ~]# + +特定文件系统的 inode 信息: + + [root@linux-world ~]# df -i /sap/ + Filesystem Inodes IUsed IFree IUse% Mounted on + /dev/mapper/vg00-sap 960992 11 960981 1% /sap + [root@linux-world ~]# + +### 例7:输出所有文件系统使用情况汇总 ### + +`-total` 选项在 df 命令中用于显示所有文件系统的磁盘使用情况汇总。 + + [root@linux-world ~]# df -h --total + Filesystem Size Used Avail Use% Mounted on + /dev/mapper/vg00-root 17G 786M 15G 5% / + devtmpfs 754M 0 754M 0% /dev + tmpfs 760M 0 760M 0% /dev/shm + tmpfs 760M 8.4M 752M 2% /run + tmpfs 760M 0 760M 0% /sys/fs/cgroup + /dev/mapper/vg00-home 15G 41M 14G 1% /home + /dev/sda1 477M 62M 387M 14% /boot + /dev/mapper/vg00-var 9.5G 48M 9.0G 1% /var + /dev/mapper/vg00-sap 15G 37M 14G 1% /sap + total 58G 980M 54G 2% - + [root@linux-world ~]# + +### 例8:只打印本地文件系统磁盘的使用情况 ### + +假设网络文件系统也挂载在 Linux 上,但我们只想显示本地文件系统的信息,这可以通过使用 df 命令的 `-l` 选项来实现。 + +![](http://www.linuxtechi.com/wp-content/uploads/2015/10/nfs4-fs-mount.jpg) + +只打印本地文件系统: + + [root@linux-world ~]# df -Thl + Filesystem Type Size Used Avail Use% Mounted on + /dev/mapper/vg00-root ext4 17G 791M 15G 6% / + devtmpfs devtmpfs 754M 0 754M 0% /dev + tmpfs tmpfs 760M 0 760M 0% /dev/shm + tmpfs tmpfs 760M 8.4M 752M 2% /run + tmpfs tmpfs 760M 0 760M 0% /sys/fs/cgroup + /dev/mapper/vg00-home ext4 15G 41M 14G 1% /home + /dev/sda1 ext3 477M 62M 387M 14% /boot + /dev/mapper/vg00-var ext3 9.5G 105M 8.9G 2% /var + /dev/mapper/vg00-sap ext3 15G 37M 14G 1% /sap + [root@linux-world ~]# + +### 例9:打印特定文件系统类型的磁盘使用情况 ### + +`-t` 选项在 df 命令中用来打印特定文件系统类型的信息,用 `-t` 指定文件系统的类型,如下所示: + +对于 ext4 : + + [root@linux-world ~]# df -t ext4 + Filesystem 1K-blocks Used Available Use% Mounted on + /dev/mapper/vg00-root 17003304 809492 15307028 6% / + /dev/mapper/vg00-home 14987616 41000 14162232 1% /home + [root@linux-world ~]# + +对于 nfs4 : + + [root@linux-world ~]# df -t nfs4 + Filesystem 1K-blocks Used Available Use% Mounted on + 192.168.1.5:/opensuse 301545472 266833920 19371008 94% /data + [root@linux-world ~]# + +### 例10:使用 -x 选项排除特定的文件系统类型 ### + +`-x` 或 `–exclude-type` 在 df 命令中用来在输出中排出某些文件系统类型。 + +假设我们想打印除 ext3 外所有的文件系统。 + + [root@linux-world ~]# df -x ext3 + Filesystem 1K-blocks Used Available Use% Mounted on + /dev/mapper/vg00-root 17003304 809492 15307028 6% / + devtmpfs 771876 0 771876 0% /dev + tmpfs 777928 0 777928 0% /dev/shm + tmpfs 777928 8540 769388 2% /run + tmpfs 777928 0 777928 0% /sys/fs/cgroup + /dev/mapper/vg00-home 14987616 41000 14162232 1% /home + 192.168.1.5:/opensuse 301545472 266834944 19369984 94% /data + [root@linux-world ~]# + +### 例11:在 df 命令的输出中只打印特定的字段 ### + +`-output={field_name1,field_name2...}` 选项用于显示 df 命令某些字段的输出。 + +可用的字段名有: `source`, `fstype`, `itotal`, `iused`, `iavail`, `ipcent`, `size`, `used`, `avail`, `pcent` 和 `target` + + [root@linux-world ~]# df --output=fstype,size,iused + Type 1K-blocks IUsed + ext4 17003304 22275 + devtmpfs 771876 357 + tmpfs 777928 1 + tmpfs 777928 423 + tmpfs 777928 13 + ext4 14987616 15 + ext3 487652 337 + ext3 9948012 1373 + ext3 14987656 11 + nfs4 301545472 451099 + [root@linux-world ~]# + +-------------------------------------------------------------------------------- + +via: http://www.linuxtechi.com/11-df-command-examples-in-linux/ + +作者:[Pradeep Kumar][a] +译者:[strugglingyouth](https://github.com/strugglingyouth) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.linuxtechi.com/author/pradeep/ diff --git a/published/201510/20151019 How-To--Compile the Latest Wine 32-bit on 64-bit Ubuntu (15.10).md b/published/201510/20151019 How-To--Compile the Latest Wine 32-bit on 64-bit Ubuntu (15.10).md new file mode 100644 index 0000000000..06e28304c3 --- /dev/null +++ b/published/201510/20151019 How-To--Compile the Latest Wine 32-bit on 64-bit Ubuntu (15.10).md @@ -0,0 +1,39 @@ +如何在 64 位 Ubuntu 15.10 中编译最新版 32 位 Wine +================================================================================ +Wine 发布了最新的1.7.53版本。此版本带来的大量性能提升,包括**XAudio**,**Direct3D**代码清理,改善**OLE对象嵌入**技术,更好的** Web Services dll**的实现,还有其他大量更新。 + +![](http://www.tuxarena.com/wp-content/uploads/2015/10/wine1753a.jpg) + +虽然有一个官方 [Wine][1] PPA,但目前只提供1.7.44版本,所以安装最新版本可以从源码编译安装。 + +[下载源码包][2]([直接下载地址在此][3])并解压 `tar -xf wine-1.7.53`。然后,安装如下依赖。 + + sudo apt-get install build-essential gcc-multilib libx11-dev:i386 libfreetype6-dev:i386 libxcursor-dev:i386 libxi-dev:i386 libxshmfence-dev:i386 libxxf86vm-dev:i386 libxrandr-dev:i386 libxinerama-dev:i386 libxcomposite-dev:i386 libglu1-mesa-dev:i386 libosmesa6-dev:i386 libpcap0.8-dev:i386 libdbus-1-dev:i386 libncurses5-dev:i386 libsane-dev:i386 libv4l-dev:i386 libgphoto2-dev:i386 liblcms2-dev:i386 gstreamer0.10-plugins-base:i386 libcapi20-dev:i386 libcups2-dev:i386 libfontconfig1-dev:i386 libgsm1-dev:i386 libtiff5-dev:i386 libmpg123-dev:i386 libopenal-dev:i386 libldap2-dev:i386 libgnutls-dev:i386 libjpeg-dev:i386 + +现在切换到 wine-1.7.53 解压后的文件夹,并输入: + + ./configure + make + sudo make install + +同样地,你也可以给配置脚本指定 prefix 参数。以普通用户安装 wine: + + ./configure --prefix=$HOME/usr/bin + make + make install + +这种情况下,Wine 将会安装在`$HOME/usr/bin/wine`,所以请检查`$HOME/usr/bin`在你的`PATH`变量中。 + +-------------------------------------------------------------------------------- + +via: http://www.tuxarena.com/2015/10/how-to-compile-latest-wine-32-bit-on-64-bit-ubuntu-15-10/ + +作者:Craciun Dan +译者:[VicYu/Vic020](http://vicyu.net) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[1]:https://launchpad.net/~ubuntu-wine/+archive/ubuntu/ppa +[2]:https://www.winehq.org/announce/1.7.53 +[3]:http://prdownloads.sourceforge.net/wine/wine-1.7.53.tar.bz2 diff --git a/published/201510/20151020 Five Years of LibreOffice Evolution (2010-2015).md b/published/201510/20151020 Five Years of LibreOffice Evolution (2010-2015).md new file mode 100644 index 0000000000..e21ebc06e9 --- /dev/null +++ b/published/201510/20151020 Five Years of LibreOffice Evolution (2010-2015).md @@ -0,0 +1,83 @@ +LibreOffice 这五年(2010-2015) +================================================================================ +注:youtube 视频 + + + +[LibreOffice][1],来自文档基金会(The Document Foundation)一个自由开源的令人惊叹的办公套件。LO (LibreOffice)在2010年9月28日由 [OpenOffice.org][2] 分支出来;而 OOo (OpenOffice.org)则是早期的 [StarOffice][3] 开源版本。LibreOffice 支持文字处理,创建与编辑电子表格,幻灯片,图表和图形,数据库,数学公式的创建和编辑等。 + +### 核心应用: ### + +- **Writer** – 文字处理器 +- **Calc** – 电子表格应用程序,类似于 Excel +- **Impress** – 应用演示,支持 Microsoft PowerPoint 的格式 +- **Draw** – 矢量图形编辑器 +- **Math** – 用于编写和​​编辑数学公式的特殊应用 +- **Base** – 数据库管理 + +![LibreOffice 3.3, 2011](https://github.com/paulcarroty/Articles/raw/master/LO_History/3.3/Help-License-Info.png) + +*LibreOffice 3.3, 2011* + +这是LibreOffice 的第一个版本 - 分支自 OpenOffice.org + +![LibreOffice 3.4](https://github.com/paulcarroty/Articles/raw/master/LO_History/3.4/1cc80d1cada204a061402785b2048f7clibreoffice-3.4.3.png) + +*LibreOffice 3.4* + +![LibreOffice 3.5](https://raw.githubusercontent.com/paulcarroty/Articles/master/LO_History/3.5/libreoffice35-large_001.jpg) + +*LibreOffice 3.5* + +![LibreOffice 3.6](https://github.com/paulcarroty/Articles/raw/master/LO_History/3.6/libreoffice-3.6.0.png) + +*LibreOffice 3.6* + +![Libre Office 4.0](https://github.com/paulcarroty/Articles/raw/master/LO_History/4.0/libreoffice-writer.png) + +*LibreOffice 4.0* + +![Libre Office 4.1](https://github.com/paulcarroty/Articles/raw/master/LO_History/4.1/Writer1.png) + +*LibreOffice 4.1* + +![Libre Office 4.2](https://github.com/paulcarroty/Articles/raw/master/LO_History/4.2/libreoffice-4.2.png) + +*Libre Office 4.2* + +![LibreOffice 4.3](https://github.com/paulcarroty/Articles/raw/master/LO_History/4.3/libreoffice.jpg) + +*LibreOffice 4.3* + +![LibreOffice 4.4](https://github.com/paulcarroty/Articles/raw/master/LO_History/4.4/LibreOffice_Writer_4_4_2.png) + +*LibreOffice 4.4* + +![Libre Office 5.0](https://github.com/paulcarroty/Articles/raw/master/LO_History/5.0/LibreOffice_Writer_5.0.png) + +*LibreOffice 5.0* + +### Libre Office 的发展,出自 Wikipedia ### + +![StarOffice major derivatives](https://commons.wikimedia.org/wiki/File%3AStarOffice_major_derivatives.svg) + +### LibreOffice 5.0 预览 ### + +注:youtube 视频 + + + +-------------------------------------------------------------------------------- + +via: https://tlhp.cf/libreoffice-5years-evolution/ + +作者:[Pavlo Rudyi][a] +译者:[strugglingyouth](https://github.com/strugglingyouth) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://tlhp.cf/author/paul/ +[1]:http://www.libreoffice.org/ +[2]:https://www.openoffice.org/ +[3]:http://www.staroffice.org/ diff --git a/published/201510/20151020 Linux History--24 Years Step by Step.md b/published/201510/20151020 Linux History--24 Years Step by Step.md new file mode 100644 index 0000000000..71a82faf8c --- /dev/null +++ b/published/201510/20151020 Linux History--24 Years Step by Step.md @@ -0,0 +1,299 @@ +Linux 的历史:24 年,一步一个脚印 +================================================================================ +注:youtube 视频 + + + +### 史前 ### + +没有 [C 编程语言][1] 和 [GNU 项目][2] 构成 Linux 环境,也就不可能有 Linux 的成功。 + +![](https://github.com/paulcarroty/Articles/raw/master/Linux_24/00-1.jpg) + +*Ken Thompson 和 Dennis Ritchie* + +[Ken Thompson][1] 和 [Dennis Ritchie][2] 在 1969-1970 创造了 Unix 操作系统。之后发布了新的 [C 编程语言][3],它是一种高级的、可移植的编程语言。 Linux 内核用 C 和一些汇编代码写成。 + +![Richard Matthew Stallman](https://github.com/paulcarroty/Articles/raw/master/Linux_24/00-2.jpg) + +*Richard Matthew Stallman* + +[Richard Matthew Stallman][4] 在 1984 年启动了 [GNU 项目][5]。最大的一个目标 - 完全自由的类-Unix 操作系统。 + +### 1991 – 元年 ### + +![](https://github.com/paulcarroty/Articles/raw/master/Linux_24/1991-1.jpg) + +*Linus Torvalds, 1991* + +[Linus Torvalds][5] 在芬兰赫尔辛基开始了 Linux 内核开发,他是为他的硬件 - Intel 30386 CPU 编写的程序。他也使用 Minix 和 GNU C 编译器。下面是 Linus Torvalds 给 Minix 新闻组的历史消息: + +> From: torvalds@klaava.Helsinki.FI (Linus Benedict Torvalds) +> Newsgroups: comp.os.minix +> Subject: What would you like to see most in minix? +> Summary: small poll for my new operating system +> Message-ID: +> Date: 25 Aug 91 20:57:08 GMT +> Organization: University of Helsinki +> +> +> Hello everybody out there using minix - +> +> I'm doing a (free) operating system (just a hobby, won't be big and +> professional like gnu) for 386(486) AT clones. This has been brewing +> since april, and is starting to get ready. I'd like any feedback on +> things people like/dislike in minix, as my OS resembles it somewhat +> (same physical layout of the file-system (due to practical reasons) +> among other things). +> +> I've currently ported bash(1.08) and gcc(1.40), and things seem to work. +> This implies that I'll get something practical within a few months, and +> I'd like to know what features most people would want. Any suggestions +> are welcome, but I won't promise I'll implement them :-) +> +> Linus (torvalds@kruuna.helsinki.fi) + +从此之后,Linux 开始得到了世界范围志愿者和专业专家的支持。Linus 的同事 Ari Lemmke 把它命名为 “Linux” - 这其实是他们的大学 ftp 服务器上的项目目录名称。 + +### 1992 ### + +![](https://github.com/paulcarroty/Articles/raw/master/Linux_24/1992-1.jpg) + +在 GPLv2 协议下发布了 0.12 版 Linux 内核。 + +### 1993 ### + +![Slackware 1.0 ](https://github.com/paulcarroty/Articles/raw/master/Linux_24/1993-1.png) + +Slackware 首次发布(LCTT 译注:Slackware Linux 是一个高度技术性的、干净的发行版,只有少量非常有限的个人设置) – 最早的 Linux 发行版,其领导者 Patrick Volkerding 也是最早的。其时,Linux 内核有 100 多个开发者。 + +![](https://github.com/paulcarroty/Articles/raw/master/Linux_24/1993-2.png) + +*Debian* + +Debian – 最大的 Linux 社区之一也创立于 1991 年。 + +### 1994 ### + +Linux 1.0 发布了,多亏了 XFree 86 项目,第一次有了 GUI。 + +![](https://github.com/paulcarroty/Articles/raw/master/Linux_24/1994-1.png) + +*Red Hat Linux* + +发布了 Red Hat Linux 1.0 + +![](https://github.com/paulcarroty/Articles/raw/master/Linux_24/1994-2.png) + +*S.u.S.E Linux* + +和 [S.u.S.E. Linux][6] 1.0。 + +### 1995 ### + +![](https://github.com/paulcarroty/Articles/raw/master/Linux_24/1995-1.png) + +*Red Hat Inc.* + +Bob Young 和 Marc Ewing 合并他们的本地业务为 [Red Hat Software][7]。Linux 移植到了很多硬件平台。 + +### 1996 ### + +![](https://github.com/paulcarroty/Articles/raw/master/Linux_24/1996-1.png) + +*Tux* + +企鹅 Tux 是 Linux 官方吉祥物,Linus Torvalds 参观了堪培拉国家动物园和水族馆之后有了这个想法。发布了 Linux 2.0,支持对称多处理器。开始开发 KDE。 + +### 1997 ### + +![](https://github.com/paulcarroty/Articles/raw/master/Linux_24/1997-1.jpg) + +*Miguel de Icaza* + +Miguel de Icaza 和 Federico Mena 开始开发 GNOME - 自由桌面环境和应用程序。Linus Torvalds 赢得了 Linux 商标冲突官司,Linux 成为了 Linus Torvalds 的注册商标。 + +### 1998 ### + +![](https://github.com/paulcarroty/Articles/raw/master/Linux_24/1998-1.jpg) + +*大教堂和集市* + +Eric S. Raymond 出版了文章 [The Cathedral and the Bazaar(大教堂和集市)][8] - 高度推荐阅读。Linux 得到了大公司的支持: IBM、Oracle、康柏。 + +![](https://github.com/paulcarroty/Articles/raw/master/Linux_24/1998-2.png) + +*Mandrake Linux* + +Mandrake Linux 首次发布 - 基于红帽 Linux 的发行版,带有 KDE 桌面环境。 + +### 1999 ### + +![](https://upload.wikimedia.org/wikipedia/commons/4/4f/KDE_1.1.jpg) + +第一个主要的 KDE 版本。 + +### 2000 ### + +![](https://github.com/paulcarroty/Articles/raw/master/Linux_24/2000-1.jpg) + +Dell 支持 Linux - 这是第一个支持的大硬件供应商。 + +### 2001 ### + +![](https://github.com/paulcarroty/Articles/raw/master/Linux_24/2001-1.jpg) + +*Revolution OS* + +纪录片 “Revolution OS(操作系统革命)” - GNU、Linux、开源、自由软件的 20 年历史,以及对 Linux 和开源界顶级黑客的采访。 + +### 2002 ### + +![](https://github.com/paulcarroty/Articles/raw/master/Linux_24/2002-1.jpg) + +*BitKeeper* + +Linux 开始使用 BitKeeper,这是一种商业版的分布式版本控制软件。 + +### 2003 ### + +![](https://github.com/paulcarroty/Articles/raw/master/Linux_24/2003-1.png) + +*SUSE* + +Novell 用 2.1 亿美元购买了 SUSE Linux AG。同年 SCO 集团 也开始了同 IBM 以及 Linux 社区关于 Unix 版权的艰难的法律诉讼。 + +![](https://github.com/paulcarroty/Articles/raw/master/Linux_24/2003-2.png) + +*Fedora* + +红帽和 Linux 社区首次发布了 Fedora Linux。 + +### 2004 ### + +![](https://github.com/paulcarroty/Articles/raw/master/Linux_24/2004-1.png) + +*X.ORG 基金会* + +XFree86 解散了并加入到 [X.Org 基金会][9], X 的开发更快了。 + +![](https://github.com/paulcarroty/Articles/raw/master/Linux_24/2004-2.jpg) + +Ubuntu 4.10 – Ubuntu 首次发布 + +### 2005 ### + +![](https://github.com/paulcarroty/Articles/raw/master/Linux_24/2005-1.png) + +*openSUSE* + +[openSUSE][10] 开始了,这是企业版 Novell’s OS 的免费版本。OpenOffice.org 开始支持 OpenDocument 标准。 + +### 2006 ### + +![](https://github.com/paulcarroty/Articles/raw/master/Linux_24/2006-1.png) + +一个新的 Linux 发行版,基于红帽企业版 Linux 的 Oracle Linux。微软和 Novell 开始在 IT 和专利保护方面进行合作。 + +### 2007 ### + +![](https://github.com/paulcarroty/Articles/raw/master/Linux_24/2007-1.jpg) + +*Dell Linux 笔记本* + +Dell 发布了第一个预装 Linux 的笔记本。 + +### 2008 ### + +![](https://github.com/paulcarroty/Articles/raw/master/Linux_24/2008-1.jpg) + +*KDE 4.0* + +KDE 4 发布了,但是不稳定,很多用户开始迁移到 GNOME。 + +### 2009 ### + +![](https://github.com/paulcarroty/Articles/raw/master/Linux_24/2009-1.jpg) + +*Red Hat* + +红帽 Linux 取得了成功 - 市值达 26亿2千万美元。 + +2009 年微软在 GPLv2 协议下向 Linux 内核提交了第一个补丁。 + +### 2010 ### + +![](https://github.com/paulcarroty/Articles/raw/master/Linux_24/2010-1.png) + +*Novell -> Attachmate* + +Novell 已 22亿美元卖给了 Attachmate Group, Inc。SUSE 和 Novell 成为了新公司的两款独立的产品。 + +[systemd][11] 首次发布,开始了 Linux 系统的革命。 + +### 2011 ### + +![](https://github.com/paulcarroty/Articles/raw/master/Linux_24/2011-1.png) + +*Unity 桌面,2011* + +Ubuntu Unity 发布,遭到很多用户的批评。 + +![](https://github.com/paulcarroty/Articles/raw/master/Linux_24/2011-2.png) + +*GNOME 3.0,2011* + +GNOME 3.0 发布, Linus Torvalds 评论为 “unholy mess” ,有很多负面评论。Linux 内核 3.0 发布。 + +### 2012 ### + +![](https://github.com/paulcarroty/Articles/raw/master/Linux_24/2012-1.png) + +*1500 万行代码* + +Linux 内核达到 1500 万行代码。微软成为主要贡献者之一。 + +### 2013 ### + +![](https://github.com/paulcarroty/Articles/raw/master/Linux_24/2013-1.png) + +Kali Linux 1.0 发布, 用于渗透测试和数字取证,基于 Debian 的 Linux 发行版。2014 年 CentOS 及其代码开发者加入到了红帽公司。 + +### 2014 ### + +![](https://github.com/paulcarroty/Articles/raw/master/Linux_24/2014-1.jpg) + +*Lennart Poettering 和 Kay Sievers* + +systemd 成为 Ubuntu 和所有主流 Linux 发行版的默认初始化程序。Ubuntu 有 2200 万用户。安卓的大进步 - 占了所有移动设备的 75% 份额。 + +### 2015 ### + +![](https://github.com/paulcarroty/Articles/raw/master/Linux_24/2015-1.jpg) + +发布了 Linux 4.0。Mandriva 公司清算,但还有很多分支,其中最流行的一个是 Mageia。 + +带着对 Linux 的热爱而执笔。 + +-------------------------------------------------------------------------------- + +via: https://tlhp.cf/linux-history/ + +作者:[Pavlo Rudyi][a] +译者:[ictlyh](http://mutouxiaogui.cn/blog) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://tlhp.cf/author/paul/ +[1]:https://en.wikipedia.org/wiki/C_(programming_language) +[2]:https://en.wikipedia.org/wiki/GNU_Project +[3]:https://en.wikipedia.org/wiki/Ken_Thompson +[4]:https://en.wikipedia.org/wiki/Dennis_Ritchie +[5]:https://en.wikipedia.org/wiki/Linus_Torvalds +[6]:https://en.wikipedia.org/wiki/SUSE_Linux_distributions +[7]:https://en.wikipedia.org/wiki/Red_Hat +[8]:https://en.wikipedia.org/wiki/The_Cathedral_and_the_Bazaar +[9]:http://www.x.org/ +[10]:https://en.opensuse.org/Main_Page +[11]:https://en.wikipedia.org/wiki/Systemd \ No newline at end of file diff --git a/published/20151012 The Brief History Of Aix HP-UX Solaris BSD And LINUX.md b/published/20151012 The Brief History Of Aix HP-UX Solaris BSD And LINUX.md new file mode 100644 index 0000000000..2f6780cdc2 --- /dev/null +++ b/published/20151012 The Brief History Of Aix HP-UX Solaris BSD And LINUX.md @@ -0,0 +1,101 @@ +UNIX 家族小史 +================================================================================ +![](http://1426826955.rsc.cdn77.org/wp-content/uploads/2015/05/linux-712x445.png) + +要记住,当一扇门在你面前关闭的时候,另一扇门就会打开。肯·汤普森([Ken Thompson][1]) 和丹尼斯·里奇([Dennis Richie][2]) 两个人就是这句名言很好的实例。他们俩是**20世纪**最优秀的信息技术专家之二,因为他们创造了最具影响力和创新性的软件之一: **UNIX**。 + +### UNIX 系统诞生于贝尔实验室 ### + +**UNIX** 最开始的名字是 **UNICS** (**UN**iplexed **I**nformation and **C**omputing **S**ervice),它有一个大家庭,并不是从石头缝里蹦出来的。UNIX的祖父是 **CTSS** (**C**ompatible **T**ime **S**haring **S**ystem),它的父亲是 **Multics** (**MULT**iplexed **I**nformation and **C**omputing **S**ervice),这个系统能支持大量用户通过交互式分时(timesharing)的方式使用大型机。 + +UNIX 诞生于 **1969** 年,由**肯·汤普森**以及后来加入的**丹尼斯·里奇**共同完成。这两位优秀的研究员和科学家在一个**通用电器 GE**和**麻省理工学院**的合作项目里工作,项目目标是开发一个叫 Multics 的交互式分时系统。 + +Multics 的目标是整合分时技术以及当时其他先进技术,允许用户在远程终端通过电话(拨号)登录到主机,然后可以编辑文档,阅读电子邮件,运行计算器,等等。 + +在之后的五年里,AT&T 公司为 Multics 项目投入了数百万美元。他们购买了 GE-645 大型机,聚集了贝尔实验室的顶级研究人员,例如肯·汤普森、 Stuart Feldman、丹尼斯·里奇、道格拉斯·麦克罗伊(M. Douglas McIlroy)、 Joseph F. Ossanna 以及 Robert Morris。但是项目目标太过激进,进度严重滞后。最后,AT&T 高层决定放弃这个项目。 + +贝尔实验室的管理层决定停止这个让许多研究人员无比纠结的操作系统上的所有遗留工作。不过要感谢汤普森,里奇和一些其他研究员,他们把老板的命令丢到一边,并继续在实验室里满怀热心地忘我工作,最终孵化出前无古人后无来者的 UNIX。 + +UNIX 的第一声啼哭是在一台 PDP-7 微型机上,它是汤普森测试自己在操作系统设计上的点子的机器,也是汤普森和 里奇一起玩 Space and Travel 游戏的模拟器。 + +> “我们想要的不仅是一个优秀的编程环境,而是能围绕这个系统形成团体。按我们自己的经验,通过远程访问和分时主机实现的公共计算,本质上不只是用终端输入程序代替打孔机而已,而是鼓励密切沟通。”丹尼斯·里奇说。 + +UNIX 是第一个靠近理想的系统,在这里程序员可以坐在机器前自由摆弄程序,探索各种可能性并随手测试。在 UNIX 整个生命周期里,它吸引了大量因其他操作系统限制而投身过来的高手做出无私贡献,因此它的功能模型一直保持上升趋势。 + +UNIX 在 1970 年因为 PDP-11/20 获得了首次资金注入,之后正式更名为 UNIX 并支持在 PDP-11/20 上运行。UNIX 带来的第一次用于实际场景中是在 1971 年,贝尔实验室的专利部门配备来做文字处理。 + +### UNIX 上的 C 语言革命 ### + +丹尼斯·里奇在 1972 年发明了一种叫 “**C**” 的高级编程语言 ,之后他和肯·汤普森决定用 “C” 重写 UNIX 系统,来支持更好的移植性。他们在那一年里编写和调试了差不多 100,000 行代码。在迁移到 “C” 语言后,系统可移植性非常好,只需要修改一小部分机器相关的代码就可以将 UNIX 移植到其他计算机平台上。 + +UNIX 第一次公开露面是 1973 年丹尼斯·里奇和肯·汤普森在操作系统原理(Operating Systems Principles)上发表的一篇论文,然后 AT&T 发布了 UNIX 系统第 5 版,并授权给教育机构使用,之后在 1975 年第一次以 **$20.000** 的价格授权企业使用 UNIX 第 6 版。应用最广泛的是 1980 年发布的 UNIX 第 7 版,任何人都可以购买授权,只是授权条款非常严格。授权内容包括源代码,以及用 PDP-11 汇编语言写的及其相关内核。反正,各种版本 UNIX 系统完全由它的用户手册确定。 + +### AIX 系统 ### + +在 **1983** 年,**微软**计划开发 **Xenix** 作为 MS-DOS 的多用户版继任者,他们在那一年花了 $8,000 搭建了一台拥有 **512 KB** 内存以及 **10 MB**硬盘并运行 Xenix 的 Altos 586。而到 1984 年为止,全世界 UNIX System V 第二版的安装数量已经超过了 100,000 。在 1986 年发布了包含因特网域名服务的 4.3BSD,而且 **IBM** 宣布 **AIX 系统**的安装数已经超过 250,000。AIX 基于 Unix System V 开发,这套系统拥有 BSD 风格的根文件系统,是两者的结合。 + +AIX 第一次引入了 **日志文件系统 (JFS)** 以及集成逻辑卷管理器 (Logical Volume Manager ,LVM)。IBM 在 1989 年将 AIX 移植到自己的 RS/6000 平台。2001 年发布的 5L 版是一个突破性的版本,提供了 Linux 友好性以及支持 Power4 服务器的逻辑分区。 + +在 2004 年发布的 AIX 5.3 引入了支持高级电源虚拟化( Advanced Power Virtualization,APV)的虚拟化技术,支持对称多线程、微分区,以及共享处理器池。 + +在 2007 年,IBM 同时发布 AIX 6.1 和 Power6 架构,开始加强自己的虚拟化产品。他们还将高级电源虚拟化重新包装成 PowerVM。 + +这次改进包括被称为 WPARs 的负载分区形式,类似于 Solaris 的 zones/Containers,但是功能更强。 + +### HP-UX 系统 ### + +**惠普 UNIX (Hewlett-Packard’s UNIX,HP-UX)** 源于 System V 第 3 版。这套系统一开始只支持 PA-RISC HP 9000 平台。HP-UX 第 1 版发布于 1984 年。 + +HP-UX 第 9 版引入了 SAM,一个基于字符的图形用户界面 (GUI),用户可以用来管理整个系统。在 1995 年发布的第 10 版,调整了系统文件分布以及目录结构,变得有点类似 AT&T SVR4。 + +第 11 版发布于 1997 年。这是 HP 第一个支持 64 位寻址的版本。不过在 2000 年重新发布成 11i,因为 HP 为特定的信息技术用途,引入了操作环境(operating environments)和分级应用(layered applications)的捆绑组(bundled groups)。 + +在 2001 年发布的 11.20 版宣称支持安腾(Itanium)系统。HP-UX 是第一个使用 ACLs(访问控制列表,Access Control Lists)管理文件权限的 UNIX 系统,也是首先支持内建逻辑卷管理器(Logical Volume Manager)的系统之一。 + +如今,HP-UX 因为 HP 和 Veritas 的合作关系使用了 Veritas 作为主文件系统。 + +HP-UX 目前的最新版本是 11iv3, update 4。 + +### Solaris 系统 ### + +Sun 的 UNIX 版本是 **Solaris**,用来接替 1992 年创建的 **SunOS**。SunOS 一开始基于 BSD(伯克利软件发行版,Berkeley Software Distribution)风格的 UNIX,但是 SunOS 5.0 版以及之后的版本都是基于重新包装为 Solaris 的 Unix System V 第 4 版。 + +SunOS 1.0 版于 1983 年发布,用于支持 Sun-1 和 Sun-2 平台。随后在 1985 年发布了 2.0 版。在 1987 年,Sun 和 AT&T 宣布合作一个项目以 SVR4 为基础将 System V 和 BSD 合并成一个版本。 + +Solaris 2.4 是 Sun 发布的第一个 Sparc/x86 版本。1994 年 11 月份发布的 SunOS 4.1.4 版是最后一个版本。Solaris 7 是首个 64 位 Ultra Sparc 版本,加入了对文件系统元数据记录的原生支持。 + +Solaris 9 发布于 2002 年,支持 Linux 特性以及 Solaris 卷管理器(Solaris Volume Manager)。之后,2005 年发布了 Solaris 10,带来许多创新,比如支持 Solaris Containers,新的 ZFS 文件系统,以及逻辑域(Logical Domains)。 + +目前 Solaris 最新的版本是 第 10 版,最后的更新发布于 2008 年。 + +### Linux ### + +到了 1991 年,用来替代商业操作系统的自由(free)操作系统的需求日渐高涨。因此,**Linus Torvalds** 开始构建一个自由的操作系统,最终成为 **Linux**。Linux 最开始只有一些 “C” 文件,并且使用了阻止商业发行的授权。Linux 是一个类 UNIX 系统但又不尽相同。 + +2015 年发布了基于 GNU Public License (GPL)授权的 3.18 版。IBM 声称有超过 1800 万行开源代码开源给开发者。 + +如今 GNU Public License 是应用最广泛的自由软件授权方式。根据开源软件原则,这份授权允许个人和企业自由分发、运行、通过拷贝共享、学习,以及修改软件源码。 + +### UNIX vs. Linux:技术概要 ### + +- Linux 鼓励多样性,Linux 的开发人员来自各种背景,有更多不同经验和意见。 +- Linux 比 UNIX 支持更多的平台和架构。 +- UNIX 商业版本的开发人员针对特定目标平台以及用户设计他们的操作系统。 +- **Linux 比 UNIX 有更好的安全性**,更少受病毒或恶意软件攻击。截止到现在,Linux 上大约有 60-100 种病毒,但是没有任何一种还在传播。另一方面,UNIX 上大约有 85-120 种病毒,但是其中有一些还在传播中。 +- 由于 UNIX 命令、工具和元素很少改变,甚至很多接口和命令行参数在后续 UNIX 版本中一直沿用。 +- 有些 Linux 开发项目以自愿为基础进行资助,比如 Debian。其他项目会维护一个和商业 Linux 的社区版,比如 SUSE 的 openSUSE 以及红帽的 Fedora。 +- 传统 UNIX 是纵向扩展,而另一方面 Linux 是横向扩展。 + +-------------------------------------------------------------------------------- + +via: http://www.unixmen.com/brief-history-aix-hp-ux-solaris-bsd-linux/ + +作者:[M.el Khamlichi][a] +译者:[zpl1025](https://github.com/zpl1025) +校对:[Caroline](https://github.com/carolinewuyan) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.unixmen.com/author/pirat9/ +[1]:http://www.unixmen.com/ken-thompson-unix-systems-father/ +[2]:http://www.unixmen.com/dennis-m-ritchie-father-c-programming-language/ diff --git a/translated/talk/20150823 How learning data structures and algorithms make you a better developer.md b/published/201511/20150823 How learning data structures and algorithms make you a better developer.md similarity index 51% rename from translated/talk/20150823 How learning data structures and algorithms make you a better developer.md rename to published/201511/20150823 How learning data structures and algorithms make you a better developer.md index 8125229719..27973b2f42 100644 --- a/translated/talk/20150823 How learning data structures and algorithms make you a better developer.md +++ b/published/201511/20150823 How learning data structures and algorithms make you a better developer.md @@ -1,41 +1,41 @@ -学习数据结构与算法分析如何帮助您成为更优秀的开发人员? +学习数据结构与算法分析如何帮助您成为更优秀的开发人员 ================================================================================ -> "相较于其它方式,我一直热衷于推崇围绕数据设计代码,我想这也是Git能够如此成功的一大原因[…]在我看来,区别程序员优劣的一大标准就在于他是否认为自己设计的代码或数据结构更为重要。" +> "相较于其它方式,我一直热衷于推崇围绕数据设计代码,我想这也是Git能够如此成功的一大原因[…]在我看来,区别程序员优劣的一大标准就在于他是否认为自己设计的代码还是数据结构更为重要。" -- Linus Torvalds --- -> "优秀的数据结构与简陋的代码组合远比倒过来的组合方式更好。" +> "优秀的数据结构与简陋的代码组合远比反之的组合更好。" -- Eric S. Raymond, The Cathedral and The Bazaar 学习数据结构与算法分析会让您成为一名出色的程序员。 -**数据结构与算法分析是一种解决问题的思维模式** 在您的个人知识库中,数据结构与算法分析的相关知识储备越多,您将具备应对并解决越多各类繁杂问题的能力。掌握了这种思维模式,您还将有能力针对新问题提出更多以前想不到的漂亮的解决方案。 +**数据结构与算法分析是一种解决问题的思维模式。** 在您的个人知识库中,数据结构与算法分析的相关知识储备越多,您将越多具备应对并解决各类繁杂问题的能力。掌握了这种思维模式,您还将有能力针对新问题提出更多以前想不到的漂亮的解决方案。 -您将***更深入地***了解,计算机如何完成各项操作。无论您是否是直接使用给定的算法,它都影响着您作出的各种技术决定。从计算机操作系统的内存分配到RDBMS的内在工作机制,以及网络堆栈如何实现将数据从地球的一个角落发送至另一个角落这些大大小小的工作的完成,都离不开基础的数据结构与算法,理解并掌握它将会让您更了解计算机的运作机理。 +您将*更深入地*了解,计算机如何完成各项操作。无论您是否是直接使用给定的算法,它都影响着您作出的各种技术决定。从计算机操作系统的内存分配到RDBMS的内在工作机制,以及网络协议如何实现将数据从地球的一个角落发送至另一个角落,这些大大小小的工作的完成,都离不开基础的数据结构与算法,理解并掌握它将会让您更了解计算机的运作机理。 -对算法广泛深入的学习能让为您应对大体系的问题储备解决方案。之前建模困难时遇到的问题如今通常都能融合进经典的数据结构中得到很好地解决。即使是最基础的数据结构,只要对它进行足够深入的钻研,您将会发现在每天的编程任务中都能经常用到这些知识。 +对算法广泛深入的学习能为您储备解决方案来应对大体系的问题。之前建模困难时遇到的问题如今通常都能融合进经典的数据结构中得到很好地解决。即使是最基础的数据结构,只要对它进行足够深入的钻研,您将会发现在每天的编程任务中都能经常用到这些知识。 -有了这种思维模式,在遇到磨棱两可的问题时,您会具备想出新的解决方案的能力。即使最初并没有打算用数据结构与算法解决相应问题的情况,当真正用它们解决这些问题时您会发现它们将非常有用。要意识到这一点,您至少要对数据结构与算法分析的基础知识有深入直观的认识。 +有了这种思维模式,在遇到磨棱两可的问题时,您将能够想出新奇的解决方案。即使最初并没有打算用数据结构与算法解决相应问题的情况,当真正用它们解决这些问题时您会发现它们将非常有用。要意识到这一点,您至少要对数据结构与算法分析的基础知识有深入直观的认识。 理论认识就讲到这里,让我们一起看看下面几个例子。 ###最短路径问题### -我们想要开发一个计算从一个国际机场出发到另一个国际机场的最短距离的软件。假设我们受限于以下路线: +我们想要开发一个软件来计算从一个国际机场出发到另一个国际机场的最短距离。假设我们受限于以下路线: ![](http://www.happybearsoftware.com/assets/posts/how-learning-data-structures-and-algorithms-makes-you-a-better-developer/airport-graph-d2e32b3344b708383e405d67a80c29ea.svg) -从这张画出机场各自之间的距离以及目的地的图中,我们如何才能找到最短距离,比方说从赫尔辛基到伦敦?**Dijkstra算法**是能让我们在最短的时间得到正确答案的适用算法。 +从这张画出机场各自之间的距离以及目的地的图中,我们如何才能找到最短距离,比方说从赫尔辛基到伦敦?**[Dijkstra算法][3]**是能让我们在最短的时间得到正确答案的适用算法。 -在所有可能的解法中,如果您曾经遇到过这类问题,知道可以用Dijkstra算法求解,您大可不必从零开始实现它,只需***知道***该算法能指向固定的代码库帮助您解决相关的实现问题。 +在所有可能的解法中,如果您曾经遇到过这类问题,知道可以用Dijkstra算法求解,您大可不必从零开始实现它,只需***知道***该算法的代码库能帮助您解决相关的实现问题。 -实现了该算法,您将深入理解一项著名的重要图论算法。您会发现实际上该算法太集成化,因此名为A*的扩展包经常会代替该算法使用。这个算法应用广泛,从机器人指引的功能实现到TCP数据包路由,以及GPS寻径问题都能应用到这个算法。 +如果你深入到该算法的实现中,您将深入理解一项著名的重要图论算法。您会发现实际上该算法比较消耗资源,因此名为[A*][4]的扩展经常用于代替该算法。这个算法应用广泛,从机器人寻路的功能实现到TCP数据包路由,以及GPS寻径问题都能应用到这个算法。 ###先后排序问题### -您想要在开放式在线课程平台上(如Udemy或Khan学院)学习某课程,有些课程之间彼此依赖。例如,用户学习牛顿力学机制课程前必须先修微积分课程,课程之间可以有多种依赖关系。用YAML表述举例如下: +您想要在开放式在线课程(MOOC,Massive Open Online Courses)平台上(如Udemy或Khan学院)学习某课程,有些课程之间彼此依赖。例如,用户学习牛顿力学(Newtonian Mechanics)课程前必须先修微积分(Calculus)课程,课程之间可以有多种依赖关系。用YAML表述举例如下: # Mapping from course name to requirements # @@ -54,16 +54,16 @@ astrophysics: [radioactivity, calculus] quantumn_mechanics: [atomic_physics, radioactivity, calculus] -鉴于以上这些依赖关系,作为一名用户,我希望系统能帮我列出必修课列表,让我在之后可以选择任意一门课程学习。如果我选择了`微积分`课程,我希望系统能返回以下列表: +鉴于以上这些依赖关系,作为一名用户,我希望系统能帮我列出必修课列表,让我在之后可以选择任意一门课程学习。如果我选择了微积分(calculus)课程,我希望系统能返回以下列表: arithmetic -> algebra -> trigonometry -> calculus 这里有两个潜在的重要约束条件: - 返回的必修课列表中,每门课都与下一门课存在依赖关系 - - 必修课列表中不能有重复项 + - 我们不希望列表中有任何重复课程 -这是解决数据间依赖关系的例子,解决该问题的排序算法称作拓扑排序算法(tsort)。它适用于解决上述我们用YAML列出的依赖关系图的情况,以下是在图中显示的相关结果(其中箭头代表`需要先修的课程`): +这是解决数据间依赖关系的例子,解决该问题的排序算法称作拓扑排序算法(tsort,topological sort)。它适用于解决上述我们用YAML列出的依赖关系图的情况,以下是在图中显示的相关结果(其中箭头代表`需要先修的课程`): ![](http://www.happybearsoftware.com/assets/posts/how-learning-data-structures-and-algorithms-makes-you-a-better-developer/course-graph-2f60f42bb0dc95319954ce34c02705a2.svg) @@ -79,16 +79,17 @@ 这符合我们上面描述的需求,用户只需选出`radioactivity`,就能得到在此之前所有必修课程的有序列表。 -在运用该排序算法之前,我们甚至不需要深入了解算法的实现细节。一般来说,选择不同的编程语言在其标准库中都会有相应的算法实现。即使最坏的情况,Unix也会默认安装`tsort`程序,运行`tsort`程序,您就可以实现该算法。 +在运用该排序算法之前,我们甚至不需要深入了解算法的实现细节。一般来说,你可能选择的各种编程语言在其标准库中都会有相应的算法实现。即使最坏的情况,Unix也会默认安装`tsort`程序,运行`man tsort` 来了解该程序。 ###其它拓扑排序适用场合### - - **工具** 使用诸如`make`的工具您可以声明任务之间的依赖关系,这里拓扑排序算法将从底层实现具有依赖关系的任务顺序执行的功能。 - - **有`require`指令的编程语言**,适用于要运行当前文件需先运行另一个文件的情况。这里拓扑排序用于识别文件运行顺序以保证每个文件只加载一次,且满足所有文件间的依赖关系要求。 - - **包含甘特图的项目管理工具**.甘特图能直观列出给定任务的所有依赖关系,在这些依赖关系之上能提供给用户任务完成的预估时间。我不常用到甘特图,但这些绘制甘特图的工具很可能会用到拓扑排序算法。 + - **类似`make`的工具** 可以让您声明任务之间的依赖关系,这里拓扑排序算法将从底层实现具有依赖关系的任务顺序执行的功能。 + - **具有`require`指令的编程语言**适用于要运行当前文件需先运行另一个文件的情况。这里拓扑排序用于识别文件运行顺序以保证每个文件只加载一次,且满足所有文件间的依赖关系要求。 + - **带有甘特图的项目管理工具**。甘特图能直观列出给定任务的所有依赖关系,在这些依赖关系之上能提供给用户任务完成的预估时间。我不常用到甘特图,但这些绘制甘特图的工具很可能会用到拓扑排序算法。 ###霍夫曼编码实现数据压缩### -[霍夫曼编码](http://en.wikipedia.org/wiki/Huffman_coding)是一种用于无损数据压缩的编码算法。它的工作原理是先分析要压缩的数据,再为每个字符创建一个二进制编码。字符出现的越频繁,编码赋值越小。因此在一个数据集中`e`可能会编码为`111`,而`x`会编码为`10010`。创建了这种编码模式,就可以串联无定界符,也能正确地进行解码。 + +[霍夫曼编码][5](Huffman coding)是一种用于无损数据压缩的编码算法。它的工作原理是先分析要压缩的数据,再为每个字符创建一个二进制编码。字符出现的越频繁,编码赋值越小。因此在一个数据集中`e`可能会编码为`111`,而`x`会编码为`10010`。创建了这种编码模式,就可以串联无定界符,也能正确地进行解码。 在gzip中使用的DEFLATE算法就结合了霍夫曼编码与LZ77一同用于实现数据压缩功能。gzip应用领域很广,特别适用于文件压缩(以`.gz`为扩展名的文件)以及用于数据传输中的http请求与应答。 @@ -96,10 +97,11 @@ - 您会理解为什么较大的压缩文件会获得较好的整体压缩效果(如压缩的越多,压缩率也越高)。这也是SPDY协议得以推崇的原因之一:在复杂的HTTP请求/响应过程数据有更好的压缩效果。 - 您会了解数据传输过程中如果想要压缩JavaScript/CSS文件,运行压缩软件是完全没有意义的。PNG文件也是类似,因为它们已经使用DEFLATE算法完成了压缩。 - - 如果您试图强行破译加密的信息,您可能会发现重复数据压缩质量越好,给定的密文单位bit的数据压缩将帮助您确定相关的[分组密码模式](http://en.wikipedia.org/wiki/Block_cipher_mode_of_operation). + - 如果您试图强行破译加密的信息,您可能会发现由于重复数据压缩质量更好,密文给定位的数据压缩率将帮助您确定相关的[分组密码工作模式][6](block cipher mode of operation.)。 ###下一步选择学习什么是困难的### -作为一名程序员应当做好持续学习的准备。为成为一名web开发人员,您需要了解标记语言以及Ruby/Python,正则表达式,SQL,JavaScript等高级编程语言,还需要了解HTTP的工作原理,如何运行UNIX终端以及面向对象的编程艺术。您很难有效地预览到未来的职业全景,因此选择下一步要学习哪些知识是困难的。 + +作为一名程序员应当做好持续学习的准备。为了成为一名web开发人员,您需要了解标记语言以及Ruby/Python、正则表达式、SQL、JavaScript等高级编程语言,还需要了解HTTP的工作原理,如何运行UNIX终端以及面向对象的编程艺术。您很难有效地预览到未来的职业全景,因此选择下一步要学习哪些知识是困难的。 我没有快速学习的能力,因此我不得不在时间花费上非常谨慎。我希望尽可能地学习到有持久生命力的技能,即不会在几年内就过时的技术。这意味着我也会犹豫这周是要学习JavaScript框架还是那些新的编程语言。 @@ -111,13 +113,14 @@ via: http://www.happybearsoftware.com/how-learning-data-structures-and-algorithm 作者:[Happy Bear][a] 译者:[icybreaker](https://github.com/icybreaker) -校对:[校对者ID](https://github.com/校对者ID) +校对:[Caroline](https://github.com/carolinewuyan) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出 [a]:http://www.happybearsoftware.com/ [1]:http://en.wikipedia.org/wiki/Huffman_coding [2]:http://en.wikipedia.org/wiki/Block_cipher_mode_of_operation - - - +[3]:http://en.wikipedia.org/wiki/Dijkstra's_algorithm +[4]:http://en.wikipedia.org/wiki/A*_search_algorithm +[5]:http://en.wikipedia.org/wiki/Huffman_coding +[6]:http://en.wikipedia.org/wiki/Block_cipher_mode_of_operation diff --git a/published/201511/20150827 The Strangest Most Unique Linux Distros.md b/published/201511/20150827 The Strangest Most Unique Linux Distros.md new file mode 100644 index 0000000000..a7dff335a4 --- /dev/null +++ b/published/201511/20150827 The Strangest Most Unique Linux Distros.md @@ -0,0 +1,88 @@ +那些奇特的 Linux 发行版本 +================================================================================ +从大多数消费者所关注的诸如 Ubuntu,Fedora,Mint 或 elementary OS 到更加复杂、轻量级和企业级的诸如 Slackware,Arch Linux 或 RHEL,这些发行版本我都已经见识过了。除了这些,难道没有其他别的了吗?其实 Linux 的生态系统是非常多样化的,对每个人来说,总有一款适合你。下面就让我们讨论一些稀奇古怪的小众 Linux 发行版本吧,它们代表着开源平台真正的多样性。 + +### Puppy Linux + +![strangest linux distros](http://2.bp.blogspot.com/--cSL2-6rIgA/VcwNc5hFebI/AAAAAAAAJzk/AgB55mVtJVQ/s1600/Puppy-Linux.png) + +它是一个仅有一个普通 DVD 光盘容量十分之一大小的操作系统,这就是 Puppy Linux。整个操作系统仅有 100MB 大小!并且它还可以从内存中运行,这使得它运行极快,即便是在老式的 PC 机上。 在操作系统启动后,你甚至可以移除启动介质!还有什么比这个更好的吗? 系统所需的资源极小,大多数的硬件都会被自动检测到,并且它预装了能够满足你基本需求的软件。[在这里体验 Puppy Linux 吧][1]. + +### Suicide Linux(自杀 Linux) + +![suicide linux](http://3.bp.blogspot.com/-dfeehRIQKpo/VdMgRVQqIJI/AAAAAAAAJz0/TmBs-n2K9J8/s1600/suicide-linux.jpg) + +这个名字吓到你了吗?我想应该是。 ‘任何时候 -注意是任何时候-一旦你远程输入不正确的命令,解释器都会创造性地将它重定向为 `rm -rf /` 命令,然后擦除你的硬盘’。它就是这么简单。我真的很想知道谁自信到将[Suicide Linux][2] 安装到生产机上。 **警告:千万不要在生产机上尝试这个!** 假如你感兴趣的话,现在可以通过一个简洁的[DEB 包][3]来获取到它。 + +### PapyrOS + +![top 10 strangest linux distros](http://3.bp.blogspot.com/-Q0hlEMCD9-o/VdMieAiXY1I/AAAAAAAAJ0M/iS_ZjVaZAk8/s1600/papyros.png) + +它的 “奇怪”是好的方面。PapyrOS 正尝试着将 Android 的 material design 设计语言引入到新的 Linux 发行版本上。尽管这个项目还处于早期阶段,看起来它已经很有前景。该项目的网页上说该系统已经完成了 80%,随后人们可以期待它的第一个 Alpha 发行版本。在该项目被宣告提出时,我们做了 [PapyrOS][4] 的小幅报道,从它的外观上看,它甚至可能会引领潮流。假如你感兴趣的话,可在 [Google+][5] 上关注该项目并可通过 [BountySource][6] 来贡献出你的力量。 + +### Qubes OS + +![10 most unique linux distros](http://3.bp.blogspot.com/-8aOtnTp3Yxk/VdMo_KWs4sI/AAAAAAAAJ0o/3NTqhaw60jM/s1600/qubes-linux.png) + +Qubes 是一个开源的操作系统,其设计通过使用[安全分级(Security by Compartmentalization)][14]的方法,来提供强安全性。其前提假设是不存在完美的没有 bug 的桌面环境。并通过实现一个‘安全隔离(Security by Isolation)’ 的方法,[Qubes Linux][7]试图去解决这些问题。Qubes 基于 Xen、X 视窗系统和 Linux,并可运行大多数的 Linux 应用,支持大多数的 Linux 驱动。Qubes 入选了 Access Innovation Prize 2014 for Endpoint Security Solution 决赛名单。 + +### Ubuntu Satanic Edition + +![top10 linux distros](http://3.bp.blogspot.com/-2Sqvb_lilC0/VdMq_ceoXnI/AAAAAAAAJ00/kot20ugVJFk/s1600/ubuntu-satanic.jpg) + +Ubuntu SE 是一个基于 Ubuntu 的发行版本。通过一个含有主题、壁纸甚至来源于某些天才新晋艺术家的重金属音乐的综合软件包,“它同时带来了最好的自由软件和免费的金属音乐” 。尽管这个项目看起来不再积极开发了, Ubuntu Satanic Edition 甚至在其名字上都显得奇异。 [Ubuntu SE (Slightly NSFW)][8]。 + +### Tiny Core Linux + +![10 strange linux distros](http://2.bp.blogspot.com/-ZtIVjGMqdx0/VdMv136Pz1I/AAAAAAAAJ1E/-q34j-TXyUY/s1600/tiny-core-linux.png) + +Puppy Linux 还不够小?试试这个吧。 Tiny Core Linux 是一个 12MB 大小的图形化 Linux 桌面!是的,你没有看错。一个主要的补充说明:它不是一个完整的桌面,也并不完全支持所有的硬件。它只含有能够启动进入一个非常小巧的 X 桌面,支持有线网络连接的核心部件。它甚至还有一个名为 Micro Core Linux 的没有 GUI 的版本,仅有 9MB 大小。[Tiny Core Linux][9]。 + +### NixOS + +![top 10 unique and special linux distros](http://4.bp.blogspot.com/-idmCvIxtxeo/VdcqcggBk1I/AAAAAAAAJ1U/DTQCkiLqlLk/s1600/nixos.png) + +它是一个资深用户所关注的 Linux 发行版本,有着独特的打包和配置管理方式。在其他的发行版本中,诸如升级的操作可能是非常危险的。升级一个软件包可能会引起其他包无法使用,而升级整个系统感觉还不如重新安装一个。在那些你不能安全地测试由一个配置的改变所带来的结果的更改之上,它们通常没有“重来”这个选项。在 NixOS 中,整个系统由 Nix 包管理器按照一个纯功能性的构建语言的描述来构建。这意味着构建一个新的配置并不会重写先前的配置。大多数其他的特色功能也遵循着这个模式。Nix 相互隔离地存储所有的软件包。有关 NixOS 的更多内容请看[这里][10]。 + +### GoboLinux + +![strangest linux distros](http://4.bp.blogspot.com/-rOYfBXg-UiU/VddCF7w_xuI/AAAAAAAAJ1w/Nf11bOheOwM/s1600/gobolinux.jpg) + +这是另一个非常奇特的 Linux 发行版本。它与其他系统如此不同的原因是它有着独特的重新整理的文件系统。它有着自己独特的子目录树,其中存储着所有的文件和程序。GoboLinux 没有专门的包数据库,因为其文件系统就是它的数据库。在某些方面,这类重整有些类似于 OS X 上所看到的功能。 + +### Hannah Montana Linux + +![strangest linux distros](http://1.bp.blogspot.com/-3P22pYfih6Y/VdcucPOv4LI/AAAAAAAAJ1g/PszZDbe83sQ/s1600/hannah-montana-linux.jpg) + +它是一个基于 Kubuntu 的 Linux 发行版本,它有着汉娜·蒙塔娜( Hannah Montana) 主题的开机启动界面、KDM(KDE Display Manager)、图标集、ksplash、plasma、颜色主题和壁纸(I'm so sorry)。[这是它的链接][12]。这个项目现在不再活跃了。 + +### RLSD Linux + +它是一个极其精简、小巧、轻量和安全可靠的,基于 Linux 文本的操作系统。开发者称 “它是一个独特的发行版本,提供一系列的控制台应用和自带的安全特性,对黑客或许有吸引力。” [RLSD Linux][13]. + +我们还错过了某些更加奇特的发行版本吗?请让我们知晓吧。 + +-------------------------------------------------------------------------------- + +via: http://www.techdrivein.com/2015/08/the-strangest-most-unique-linux-distros.html + +作者:Manuel Jose +译者:[FSSlc](https://github.com/FSSlc) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出 + +[1]:http://puppylinux.org/main/Overview%20and%20Getting%20Started.htm +[2]:http://qntm.org/suicide +[3]:http://sourceforge.net/projects/suicide-linux/files/ +[4]:http://www.techdrivein.com/2015/02/papyros-material-design-linux-coming-soon.html +[5]:https://plus.google.com/communities/109966288908859324845/stream/3262a3d3-0797-4344-bbe0-56c3adaacb69 +[6]:https://www.bountysource.com/teams/papyros +[7]:https://www.qubes-os.org/ +[8]:http://ubuntusatanic.org/ +[9]:http://tinycorelinux.net/ +[10]:https://nixos.org/ +[11]:http://www.gobolinux.org/ +[12]:http://hannahmontana.sourceforge.net/ +[13]:http://rlsd2.dimakrasner.com/ +[14]:https://en.wikipedia.org/wiki/Compartmentalization_(information_security) \ No newline at end of file diff --git a/published/201511/20150831 How to switch from NetworkManager to systemd-networkd on Linux.md b/published/201511/20150831 How to switch from NetworkManager to systemd-networkd on Linux.md new file mode 100644 index 0000000000..658d6c033d --- /dev/null +++ b/published/201511/20150831 How to switch from NetworkManager to systemd-networkd on Linux.md @@ -0,0 +1,165 @@ +如何在 Linux 上从 NetworkManager 切换为 systemd-network +================================================================================ +在 Linux 世界里,对 [systemd][1] 的采用一直是激烈争论的主题,它的支持者和反对者之间的战火仍然在燃烧。到了今天,大部分主流 Linux 发行版都已经采用了 systemd 作为默认的初始化(init)系统。 + +正如其作者所说,作为一个 “从未完成、从未完善、但一直追随技术进步” 的系统,systemd 已经不只是一个初始化进程,它被设计为一个更广泛的系统以及服务管理平台,这个平台是一个包含了不断增长的核心系统进程、库和工具的生态系统。 + +**systemd** 的其中一部分是 **systemd-networkd**,它负责 systemd 生态中的网络配置。使用 systemd-networkd,你可以为网络设备配置基础的 DHCP/静态 IP 网络。它还可以配置虚拟网络功能,例如网桥、隧道和 VLAN。systemd-networkd 目前还不能直接支持无线网络,但你可以使用 wpa_supplicant 服务配置无线适配器,然后把它和 **systemd-networkd** 联系起来。 + +在很多 Linux 发行版中,NetworkManager 仍然作为默认的网络配置管理器。和 NetworkManager 相比,**systemd-networkd** 仍处于积极的开发状态,还缺少一些功能。例如,它还不能像 NetworkManager 那样能让你的计算机在任何时候通过多种接口保持连接。它还没有为更高层面的脚本编程提供 ifup/ifdown 钩子函数。但是,systemd-networkd 和其它 systemd 组件(例如用于域名解析的 **resolved**、NTP 的**timesyncd**,用于命名的 udevd)结合的非常好。随着时间增长,**systemd-networkd**只会在 systemd 环境中扮演越来越重要的角色。 + +如果你对 **systemd-networkd** 的进步感到高兴,从 NetworkManager 切换到 systemd-networkd 是值得你考虑的一件事。如果你强烈反对 systemd,对 NetworkManager 或[基础网络服务][2]感到很满意,那也很好。 + +但对于那些想尝试 systemd-networkd 的人,可以继续看下去,在这篇指南中学会在 Linux 中怎么从 NetworkManager 切换到 systemd-networkd。 + +### 需求 ### + +systemd 210 及其更高版本提供了 systemd-networkd。因此诸如 Debian 8 "Jessie" (systemd 215)、 Fedora 21 (systemd 217)、 Ubuntu 15.04 (systemd 219) 或更高版本的 Linux 发行版和 systemd-networkd 兼容。 + +对于其它发行版,在开始下一步之前先检查一下你的 systemd 版本。 + + $ systemctl --version + +### 从 NetworkManager 切换到 Systemd-networkd ### + +从 NetworkManager 切换到 systemd-networkd 其实非常简答(反过来也一样)。 + +首先,按照下面这样先停用 NetworkManager 服务,然后启用 systemd-networkd。 + + $ sudo systemctl disable NetworkManager + $ sudo systemctl enable systemd-networkd + +你还要启用 **systemd-resolved** 服务,systemd-networkd用它来进行域名解析。该服务还实现了一个缓存式 DNS 服务器。 + + $ sudo systemctl enable systemd-resolved + $ sudo systemctl start systemd-resolved + +当启动后,**systemd-resolved** 就会在 /run/systemd 目录下某个地方创建它自己的 resolv.conf。但是,把 DNS 解析信息存放在 /etc/resolv.conf 是更普遍的做法,很多应用程序也会依赖于 /etc/resolv.conf。因此为了兼容性,按照下面的方式创建一个到 /etc/resolv.conf 的符号链接。 + + $ sudo rm /etc/resolv.conf + $ sudo ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf + +### 用 systemd-networkd 配置网络连接 ### + +要用 systemd-networkd 配置网络服务,你必须指定带.network 扩展名的配置信息文本文件。这些网络配置文件保存到 /etc/systemd/network 并从这里加载。当有多个文件时,systemd-networkd 会按照字母顺序一个个加载并处理。 + +首先创建 /etc/systemd/network 目录。 + + $ sudo mkdir /etc/systemd/network + +#### DHCP 网络 #### + +首先来配置 DHCP 网络。对于此,先要创建下面的配置文件。文件名可以任意,但记住文件是按照字母顺序处理的。 + + $ sudo vi /etc/systemd/network/20-dhcp.network + +---------- + + [Match] + Name=enp3* + + [Network] + DHCP=yes + +正如你上面看到的,每个网络配置文件包括了一个或多个 “sections”,每个 “section”都用 [XXX] 开头。每个 section 包括了一个或多个键值对。`[Match]` 部分决定这个配置文件配置哪个(些)网络设备。例如,这个文件匹配所有名称以 ens3 开头的网络设备(例如 enp3s0、 enp3s1、 enp3s2 等等)对于匹配的接口,然后启用 [Network] 部分指定的 DHCP 网络配置。 + +### 静态 IP 网络 ### + +如果你想给网络设备分配一个静态 IP 地址,那就新建下面的配置文件。 + + $ sudo vi /etc/systemd/network/10-static-enp3s0.network + +---------- + + [Match] + Name=enp3s0 + + [Network] + Address=192.168.10.50/24 + Gateway=192.168.10.1 + DNS=8.8.8.8 + +正如你猜测的, enp3s0 接口地址会被指定为 192.168.10.50/24,默认网关是 192.168.10.1, DNS 服务器是 8.8.8.8。这里微妙的一点是,接口名 enp3s0 事实上也匹配了之前 DHCP 配置中定义的模式规则。但是,根据词汇顺序,文件 "10-static-enp3s0.network" 在 "20-dhcp.network" 之前被处理,对于 enp3s0 接口静态配置比 DHCP 配置有更高的优先级。 + +一旦你完成了创建配置文件,重启 systemd-networkd 服务或者重启机器。 + + $ sudo systemctl restart systemd-networkd + +运行以下命令检查服务状态: + + $ systemctl status systemd-networkd + $ systemctl status systemd-resolved + +![](https://farm1.staticflickr.com/719/21010813392_76abe123ed_c.jpg) + +### 用 systemd-networkd 配置虚拟网络设备 ### + +**systemd-networkd** 同样允许你配置虚拟网络设备,例如网桥、VLAN、隧道、VXLAN、绑定等。你必须在用 .netdev 作为扩展名的文件中配置这些虚拟设备。 + +这里我展示了如何配置一个桥接接口。 + +#### Linux 网桥 #### + +如果你想创建一个 Linux 网桥(br0) 并把物理接口(eth1) 添加到网桥,你可以新建下面的配置。 + + $ sudo vi /etc/systemd/network/bridge-br0.netdev + +---------- + + [NetDev] + Name=br0 + Kind=bridge + +然后按照下面这样用 .network 文件配置网桥接口 br0 和从接口 eth1。 + + $ sudo vi /etc/systemd/network/bridge-br0-slave.network + +---------- + + [Match] + Name=eth1 + + [Network] + Bridge=br0 + +---------- + + $ sudo vi /etc/systemd/network/bridge-br0.network + +---------- + + [Match] + Name=br0 + + [Network] + Address=192.168.10.100/24 + Gateway=192.168.10.1 + DNS=8.8.8.8 + +最后,重启 systemd-networkd。 + + $ sudo systemctl restart systemd-networkd + +你可以用 [brctl 工具][3] 来验证是否创建好了网桥 br0。 + +### 总结 ### + +当 systemd 誓言成为 Linux 的系统管理器时,有类似 systemd-networkd 的东西来管理网络配置也就不足为奇。但是在现阶段,systemd-networkd 看起来更适合于网络配置相对稳定的服务器环境。对于桌面/笔记本环境,它们有多种临时有线/无线接口,NetworkManager 仍然是比较好的选择。 + +对于想进一步了解 systemd-networkd 的人,可以参考官方[man 手册][4]了解完整的支持列表和关键点。 + +-------------------------------------------------------------------------------- + +via: http://xmodulo.com/switch-from-networkmanager-to-systemd-networkd.html + +作者:[Dan Nanni][a] +译者:[ictlyh](http://mutouxiaogui.cn/blog) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://xmodulo.com/author/nanni +[1]:http://xmodulo.com/use-systemd-system-administration-debian.html +[2]:http://xmodulo.com/disable-network-manager-linux.html +[3]:http://xmodulo.com/how-to-configure-linux-bridge-interface.html +[4]:http://www.freedesktop.org/software/systemd/man/systemd.network.html diff --git a/published/201511/20150909 Superclass--15 of the world's best living programmers.md b/published/201511/20150909 Superclass--15 of the world's best living programmers.md new file mode 100644 index 0000000000..89a42d29d7 --- /dev/null +++ b/published/201511/20150909 Superclass--15 of the world's best living programmers.md @@ -0,0 +1,427 @@ +超神们:15 位健在的世界级程序员! +================================================================================ + +当开发人员说起世界顶级程序员时,他们的名字往往会被提及。 + +好像现在程序员有很多,其中不乏有许多优秀的程序员。但是哪些程序员更好呢? + +虽然这很难客观评价,不过在这个话题确实是开发者们津津乐道的。ITworld 深入程序员社区,避开四溅的争执口水,试图找出可能存在的所谓共识。事实证明,屈指可数的某些名字经常是讨论的焦点。 + +![](http://images.techhive.com/images/article/2015/09/superman-620x465-100611650-orig.jpg) + +*图片来源: [tom_bullock CC BY 2.0][1]* + +下面就让我们来看看这些世界顶级的程序员吧! + +### 玛格丽特·汉密尔顿(Margaret Hamilton) ### + +![](http://images.techhive.com/images/article/2015/09/margaret_hamilton-620x465-100611764-orig.jpg) + +*图片来源: [NASA][2]* + +**成就: 阿波罗飞行控制软件背后的大脑** + +生平: 查尔斯·斯塔克·德雷珀实验室(Charles Stark Draper Laboratory)软件工程部的主任,以她为首的团队负责设计和打造 NASA 的阿波罗的舰载飞行控制器软件和空间实验室(Skylab)的任务。基于阿波罗这段的工作经历,她又后续开发了[通用系统语言(Universal Systems Language)][5]和[开发先于事实( Development Before the Fact)][6]的范例。开创了[异步软件、优先调度和超可靠的软件设计][7]理念。被认为发明了“[软件工程( software engineering)][8]”一词。1986年获[奥古斯塔·埃达·洛夫莱斯奖(Augusta Ada Lovelace Award)][9],2003年获 [NASA 杰出太空行动奖(Exceptional Space Act Award)][10]。 + +评论: + +> “汉密尔顿发明了测试,使美国计算机工程规范了很多” —— [ford_beeblebrox][11] + +> “我认为在她之前(不敬地说,包括高德纳(Knuth)在内的)计算机编程是(另一种形式上留存的)数学分支。然而这个宇宙飞船的飞行控制系统明确地将编程带入了一个崭新的领域。” —— [Dan Allen][12] + +> “... 她引入了‘软件工程’这个术语 — 并作出了最好的示范。” —— [David Hamilton][13] + +> “真是个坏家伙” [Drukered][14] + + +### 唐纳德·克努斯(Donald Knuth),即 高德纳 ### + +![](http://images.techhive.com/images/idge/imported/imageapi/2014/10/08/17/slide_donald_knuth-620x465-100502872-orig.jpg) + +*图片来源: [vonguard CC BY-SA 2.0][15]* + +**成就: 《计算机程序设计艺术(The Art of Computer Programming,TAOCP)》 作者** + +生平: 撰写了[编程理论的权威书籍][16]。发明了数字排版系统 Tex。1971年,[ACM(美国计算机协会)葛丽丝·穆雷·霍普奖(Grace Murray Hopper Award)][17] 的首位获奖者。1974年获 ACM [图灵奖(A. M. Turing)][18],1979年获[美国国家科学奖章(National Medal of Science)][19],1995年获IEEE[约翰·冯·诺依曼奖章(John von Neumann Medal)][20]。1998年入选[计算机历史博物馆(Computer History Museum)名人录(Hall of Fellows)][21]。 + +评论: + +> “... 写的计算机编程艺术(The Art of Computer Programming,TAOCP)可能是有史以来计算机编程方面最大的贡献。”—— [佚名][22] + +> “唐·克努斯的 TeX 是我所用过的计算机程序中唯一一个几乎没有 bug 的。真是让人印象深刻!”—— [Jaap Weel][23] + +> “如果你要问我的话,我只能说太棒了!” —— [Mitch Rees-Jones][24] + +### 肯·汤普逊(Ken Thompson) ### + +![](http://images.techhive.com/images/idge/imported/imageapi/2014/10/08/17/slide_ken-thompson-620x465-100502874-orig.jpg) + +*图片来源: [Association for Computing Machinery][25]* + +**成就: Unix 之父** + +生平:与[丹尼斯·里奇(Dennis Ritchie)][26]共同创造了 Unix。创造了 [B 语言][27]、[UTF-8 字符编码方案][28]、[ed 文本编辑器][29],同时也是 Go 语言的共同开发者。(和里奇)共同获得1983年的[图灵奖(A.M. Turing Award )][30],1994年获 [IEEE 计算机先驱奖( IEEE Computer Pioneer Award)][31],1998年获颁[美国国家科技奖章( National Medal of Technology )][32]。在1997年入选[计算机历史博物馆(Computer History Museum)名人录(Hall of Fellows)][33]。 + +评论: + +> “... 可能是有史以来最能成事的程序员了。Unix 内核,Unix 工具,国际象棋程序世界冠军 Belle,Plan 9,Go 语言。” —— [Pete Prokopowicz][34] + +> “肯所做出的贡献,据我所知无人能及,是如此的根本、实用、经得住时间的考验,时至今日仍在使用。” —— [Jan Jannink][35] + + +### 理查德·斯托曼(Richard Stallman) ### + +![](http://images.techhive.com/images/idge/imported/imageapi/2014/10/08/17/slide_richard_stallman-620x465-100502868-orig.jpg) + +*图片来源: [Jiel Beaumadier CC BY-SA 3.0][135]* + +**成就: Emacs 和 GCC 缔造者** + +生平: 成立了 [GNU 工程(GNU Project)] [36],并创造了它的许多核心工具,如 [Emacs、GCC、GDB][37] 和 [GNU Make][38]。还创办了[自由软件基金会(Free Software Foundation)] [39]。1990年荣获 ACM 的[葛丽丝·穆雷·霍普奖( Grace Murray Hopper Award)][40],1998年获 [EFF 先驱奖(Pioneer Award)][41]. + +评论: + +> “... 在 Symbolics 对阵 LMI 的战斗中,独自一人与一众 Lisp 黑客好手对码。” —— [Srinivasan Krishnan][42] + +> “通过他在编程上的精湛造诣与强大信念,开辟了一整套编程与计算机的亚文化。” —— [Dan Dunay][43] + +> “我可以不赞同这位伟人的很多方面,不必盖棺论定,他不可否认都已经是一位伟大的程序员了。” —— [Marko Poutiainen][44] + +> “试想 Linux 如果没有 GNU 工程的前期工作会怎么样。(多亏了)斯托曼的炸弹!” —— [John Burnette][45] + +### 安德斯·海尔斯伯格(Anders Hejlsberg) ### + +![](http://images.techhive.com/images/idge/imported/imageapi/2014/10/08/17/slide_anders_hejlsberg-620x465-100502873-orig.jpg) + +*图片来源: [D.Begley CC BY 2.0][46]* + +**成就: 创造了Turbo Pascal** + +生平: [Turbo Pascal 的原作者][47],是最流行的 Pascal 编译器和第一个集成开发环境。而后,[领导了 Turbo Pascal 的继任者 Delphi][48] 的构建。[C# 的主要设计师和架构师][49]。2001年荣获[ Dr. Dobb 的杰出编程奖(Dr. Dobb's Excellence in Programming Award )][50]。 + +评论: + +> “他用汇编语言为当时两个主流的 PC 操作系统(DOS 和 CPM)编写了 [Pascal] 编译器。用它来编译、链接并运行仅需几秒钟而不是几分钟。” —— [Steve Wood][51] + +> “我佩服他 - 他创造了我最喜欢的开发工具,陪伴着我度过了三个关键的时期直至我成为一位专业的软件工程师。” —— [Stefan Kiryazov][52] + +### Doug Cutting ### + +![](http://images.techhive.com/images/idge/imported/imageapi/2014/10/08/17/slide_doug_cutting-620x465-100502871-orig.jpg) + +图片来源: [vonguard CC BY-SA 2.0][53] + +**成就: 创造了 Lucene** + +生平: [开发了 Lucene 搜索引擎以及 Web 爬虫 Nutch][54] 和用于大型数据集的分布式处理套件 [Hadoop][55]。一位强有力的开源支持者(Lucene、Nutch 以及 Hadoop 都是开源的)。前 [Apache 软件基金(Apache Software Foundation)的理事][56]。 + +评论: + + +> “...他就是那个既写出了优秀搜索框架(lucene/solr),又为世界开启大数据之门(hadoop)的男人。” —— [Rajesh Rao][57] + +> “他在 Lucene 和 Hadoop(及其它工程)的创造/工作中为世界创造了巨大的财富和就业...” —— [Amit Nithianandan][58] + +### Sanjay Ghemawat ### + +![](http://images.techhive.com/images/idge/imported/imageapi/2014/10/08/17/slide_sanjay_ghemawat-620x465-100502876-orig.jpg) + +*图片来源: [Association for Computing Machinery][59]* + +**成就: 谷歌核心架构师** + +生平: [协助设计和实现了一些谷歌大型分布式系统的功能][60],包括 MapReduce、BigTable、Spanner 和谷歌文件系统(Google File System)。[创造了 Unix 的 ical ][61]日历系统。2009年入选[美国国家工程院(National Academy of Engineering)][62]。2012年荣获 [ACM-Infosys 基金计算机科学奖( ACM-Infosys Foundation Award in the Computing Sciences)][63]。 + +评论: + + +> “Jeff Dean的僚机。” —— [Ahmet Alp Balkan][64] + +### Jeff Dean ### + +![](http://images.techhive.com/images/idge/imported/imageapi/2014/10/08/17/slide_jeff_dean-620x465-100502866-orig.jpg) + +*图片来源: [Google][65]* + +**成就: 谷歌搜索索引背后的大脑** + +生平:协助设计和实现了[许多谷歌大型分布式系统的功能][66],包括网页爬虫,索引搜索,AdSense,MapReduce,BigTable 和 Spanner。2009年入选[美国国家工程院( National Academy of Engineering)][67]。2012年荣获ACM 的[SIGOPS 马克·维瑟奖( SIGOPS Mark Weiser Award)][68]及[ACM-Infosys基金计算机科学奖( ACM-Infosys Foundation Award in the Computing Sciences)][69]。 + +评论: + +> “... 带来了在数据挖掘(GFS、MapReduce、BigTable)上的突破。” —— [Natu Lauchande][70] + +> “... 设计、构建并部署 MapReduce 和 BigTable,和以及数不清的其它东西” —— [Erik Goldman][71] + +### 林纳斯·托瓦兹(Linus Torvalds) ### + +![](http://images.techhive.com/images/article/2015/09/linus_torvalds-620x465-100611765-orig.jpg) + +*图片来源: [Krd CC BY-SA 4.0][72]* + +**成就: Linux缔造者** + +生平:创造了 [Linux 内核][73]与[开源的版本控制系统 Git][74]。收获了许多奖项和荣誉,包括有1998年的 [EFF 先驱奖(EFF Pioneer Award)][75],2000年荣获[英国电脑学会(British Computer Society)授予的洛夫莱斯勋章(Lovelace Medal)][76],2012年荣获[千禧技术奖(Millenium Technology Prize)][77]还有2014年[IEEE计算机学会( IEEE Computer Society)授予的计算机先驱奖(Computer Pioneer Award)][78]。同样入选了2008年的[计算机历史博物馆( Computer History Museum)名人录(Hall of Fellows)][79]与2012年的[互联网名人堂(Internet Hall of Fame )][80]。 + +评论: + +> “他只用了几年的时间就写出了 Linux 内核,而 GNU Hurd(GNU 开发的内核)历经25年的开发却丝毫没有准备发布的意思。他的成就就是带来了希望。” —— [Erich Ficker][81] + +> “托沃兹可能是程序员的程序员。” —— [Dan Allen][82] + +> “他真的很棒。” —— [Alok Tripathy][83] + +### 约翰·卡马克(John Carmack) ### + +![](http://images.techhive.com/images/idge/imported/imageapi/2014/10/08/17/slide_john_carmack-620x465-100502867-orig.jpg) + +*图片来源: [QuakeCon CC BY 2.0][84]* + +**成就: 毁灭战士的缔造者** + +生平: ID 社联合创始人,打造了德军总部3D(Wolfenstein 3D)、毁灭战士(Doom)和雷神之锤(Quake)等所谓的即时 FPS 游戏。引领了[切片适配刷新(adaptive tile refresh)][86], [二叉空间分割(binary space partitioning)][87],表面缓存(surface caching)等开创性的计算机图像技术。2001年入选[互动艺术与科学学会名人堂(Academy of Interactive Arts and Sciences Hall of Fame)][88],2007年和2008年荣获工程技术类[艾美奖(Emmy awards)][89]并于2010年由[游戏开发者甄选奖( Game Developers Choice Awards)][90]授予终生成就奖。 + +评论: + +> “他在写第一个渲染引擎的时候不到20岁。这家伙这是个天才。我若有他四分之一的天赋便心满意足了。” —— [Alex Dolinsky][91] + +> “... 德军总部3D(Wolfenstein 3D)、毁灭战士(Doom)还有雷神之锤(Quake)在那时都是革命性的,影响了一代游戏设计师。” —— [dniblock][92] + +> “一个周末他几乎可以写出任何东西....” —— [Greg Naughton][93] + +> “他是编程界的莫扎特... ” —— [Chris Morris][94] + +### 法布里斯·贝拉(Fabrice Bellard) ### + +![](http://images.techhive.com/images/idge/imported/imageapi/2014/10/08/17/slide_fabrice_bellard-620x465-100502870-orig.jpg) + +*图片来源: [Duff][95]* + +**成就: 创造了 QEMU** + +生平: 创造了[一系列耳熟能详的开源软件][96],其中包括硬件模拟和虚拟化的平台 QEMU,用于处理多媒体数据的 FFmpeg,微型C编译器(Tiny C Compiler)和 一个可执行文件压缩软件 LZEXE。2000年和2001年[C语言混乱代码大赛(Obfuscated C Code Contest)的获胜者][97]并在2011年荣获[Google-O'Reilly 开源奖(Google-O'Reilly Open Source Award )][98]。[计算 Pi 最多位数][99]的前世界纪录保持着。 + +评论: + + +> “我觉得法布里斯·贝拉做的每一件事都是那么显著而又震撼。” —— [raphinou][100] + +> “法布里斯·贝拉是世界上最高产的程序员...” —— [Pavan Yara][101] + +> “他就像软件工程界的尼古拉·特斯拉(Nikola Tesla)。” —— [Michael Valladolid][102] + +> “自80年代以来,他一直高产出一系列的成功作品。” —— [Michael Biggins][103] + +### Jon Skeet ### + +![](http://images.techhive.com/images/idge/imported/imageapi/2014/10/08/17/slide_jon_skeet-620x465-100502863-orig.jpg) + +*图片来源: [Craig Murphy CC BY 2.0][104]* + +**成就: Stack Overflow 的传说级贡献者** + +生平: Google 工程师,[深入解析C#(C# in Depth)][105]的作者。保持着[有史以来在 Stack Overflow 上最高的声誉][106],平均每月解答390个问题。 + +评论: + + +> “他根本不需要调试器,只要他盯一下代码,错误之处自会原形毕露。” —— [Steven A. Lowe][107] + +> “如果他的代码没有通过编译,那编译器应该道歉。” —— [Dan Dyer][108] + +> “他根本不需要什么编程规范,他的代码就是编程规范。” —— [佚名][109] + +### 亚当·安捷罗(Adam D'Angelo) ### + +![](http://images.techhive.com/images/idge/imported/imageapi/2014/10/08/17/slide_image_adam_dangelo-620x465-100502875-orig.jpg) + +*图片来源: [Philip Neustrom CC BY 2.0][110]* + +**成就: Quora 的创办人之一** + +生平: 还是 Facebook 工程师时,[为其搭建了 news feed 功能的基础][111]。直至其离开并联合创始了 Quora,已经成为了 Facebook 的CTO和工程 VP。2001年以高中生的身份在[美国计算机奥林匹克(USA Computing Olympiad)上第八位完成比赛][112]。2004年ACM国际大学生编程大赛(International Collegiate Programming Contest)[获得银牌的团队 - 加利福尼亚技术研究所( California Institute of Technology)][113]的成员。2005年入围 Topcoder 大学生[算法编程挑战赛(Algorithm Coding Competition)][114]。 + +评论: + +> “一位程序设计全才。” —— [佚名][115] + +> "我做的每个好东西,他都已有了六个。" —— [马克.扎克伯格(Mark Zuckerberg)][116] + +### Petr Mitrechev ### + +![](http://images.techhive.com/images/idge/imported/imageapi/2014/10/08/17/slide_petr_mitrichev-620x465-100502869-orig.jpg) + +*图片来源: [Facebook][117]* + +**成就: 有史以来最具竞技能力的程序员之一** + +生平: 在国际信息学奥林匹克(International Olympiad in Informatics)中[两次获得金牌][118](2000,2002)。在2006,[赢得 Google Code Jam][119] 同时也是[TopCoder Open 算法大赛冠军][120]。也同样,两次赢得 Facebook黑客杯(Facebook Hacker Cup)([2011][121],[2013][122])。写这篇文章的时候,[TopCoder 榜中排第二][123] (即:Petr)、在 [Codeforces 榜同样排第二][124]。 + +评论: + +> “他是竞技程序员的偶像,即使在印度也是如此...” —— [Kavish Dwivedi][125] + +### Gennady Korotkevich ### + +![](http://images.techhive.com/images/idge/imported/imageapi/2014/10/08/17/slide_gennady_korot-620x465-100502864-orig.jpg) + +*图片来源: [Ishandutta2007 CC BY-SA 3.0][126]* + +**成就: 竞技编程小神童** + +生平: 国际信息学奥林匹克(International Olympiad in Informatics)中最小参赛者(11岁),[6次获得金牌][127] (2007-2012)。2013年 ACM 国际大学生编程大赛(International Collegiate Programming Contest)[获胜队伍][128]成员及[2014 Facebook 黑客杯(Facebook Hacker Cup)][129]获胜者。写这篇文章的时候,[Codeforces 榜排名第一][130] (即:Tourist)、[TopCoder榜第一][131]。 + +评论: + +> “一个编程神童!” —— [Prateek Joshi][132] + +> “Gennady 真是棒,也是为什么我在白俄罗斯拥有一个强大开发团队的例证。” —— [Chris Howard][133] + +> “Tourist 真是天才” —— [Nuka Shrinivas Rao][134] + +-------------------------------------------------------------------------------- + +via: http://www.itworld.com/article/2823547/enterprise-software/158256-superclass-14-of-the-world-s-best-living-programmers.html#slide1 + +作者:[Phil Johnson][a] +译者:[martin2011qi](https://github.com/martin2011qi) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.itworld.com/author/Phil-Johnson/ +[1]:https://www.flickr.com/photos/tombullock/15713223772 +[2]:https://commons.wikimedia.org/wiki/File:Margaret_Hamilton_in_action.jpg +[3]:http://klabs.org/home_page/hamilton.htm +[4]:https://www.youtube.com/watch?v=DWcITjqZtpU&feature=youtu.be&t=3m12s +[5]:http://www.htius.com/Articles/r12ham.pdf +[6]:http://www.htius.com/Articles/Inside_DBTF.htm +[7]:http://www.nasa.gov/home/hqnews/2003/sep/HQ_03281_Hamilton_Honor.html +[8]:http://www.nasa.gov/50th/50th_magazine/scientists.html +[9]:https://books.google.com/books?id=JcmV0wfQEoYC&pg=PA321&lpg=PA321&dq=ada+lovelace+award+1986&source=bl&ots=qGdBKsUa3G&sig=bkTftPAhM1vZ_3VgPcv-38ggSNo&hl=en&sa=X&ved=0CDkQ6AEwBGoVChMI3paoxJHWxwIVA3I-Ch1whwPn#v=onepage&q=ada%20lovelace%20award%201986&f=false +[10]:http://history.nasa.gov/alsj/a11/a11Hamilton.html +[11]:https://www.reddit.com/r/pics/comments/2oyd1y/margaret_hamilton_with_her_code_lead_software/cmrswof +[12]:http://qr.ae/RFEZLk +[13]:http://qr.ae/RFEZUn +[14]:https://www.reddit.com/r/pics/comments/2oyd1y/margaret_hamilton_with_her_code_lead_software/cmrv9u9 +[15]:https://www.flickr.com/photos/44451574@N00/5347112697 +[16]:http://cs.stanford.edu/~uno/taocp.html +[17]:http://awards.acm.org/award_winners/knuth_1013846.cfm +[18]:http://amturing.acm.org/award_winners/knuth_1013846.cfm +[19]:http://www.nsf.gov/od/nms/recip_details.jsp?recip_id=198 +[20]:http://www.ieee.org/documents/von_neumann_rl.pdf +[21]:http://www.computerhistory.org/fellowawards/hall/bios/Donald,Knuth/ +[22]:http://www.quora.com/Who-are-the-best-programmers-in-Silicon-Valley-and-why/answers/3063 +[23]:http://www.quora.com/Respected-Software-Engineers/Who-are-some-of-the-best-programmers-in-the-world/answer/Jaap-Weel +[24]:http://qr.ae/RFE94x +[25]:http://amturing.acm.org/photo/thompson_4588371.cfm +[26]:https://www.youtube.com/watch?v=JoVQTPbD6UY +[27]:https://www.bell-labs.com/usr/dmr/www/bintro.html +[28]:http://doc.cat-v.org/bell_labs/utf-8_history +[29]:http://c2.com/cgi/wiki?EdIsTheStandardTextEditor +[30]:http://amturing.acm.org/award_winners/thompson_4588371.cfm +[31]:http://www.computer.org/portal/web/awards/cp-thompson +[32]:http://www.uspto.gov/about/nmti/recipients/1998.jsp +[33]:http://www.computerhistory.org/fellowawards/hall/bios/Ken,Thompson/ +[34]:http://www.quora.com/Computer-Programming/Who-is-the-best-programmer-in-the-world-right-now/answer/Pete-Prokopowicz-1 +[35]:http://qr.ae/RFEWBY +[36]:https://groups.google.com/forum/#!msg/net.unix-wizards/8twfRPM79u0/1xlglzrWrU0J +[37]:http://www.emacswiki.org/emacs/RichardStallman +[38]:https://www.gnu.org/gnu/thegnuproject.html +[39]:http://www.emacswiki.org/emacs/FreeSoftwareFoundation +[40]:http://awards.acm.org/award_winners/stallman_9380313.cfm +[41]:https://w2.eff.org/awards/pioneer/1998.php +[42]:http://www.quora.com/Respected-Software-Engineers/Who-are-some-of-the-best-programmers-in-the-world/answer/Greg-Naughton/comment/4146397 +[43]:http://qr.ae/RFEaib +[44]:http://www.quora.com/Software-Engineering/Who-are-some-of-the-greatest-currently-active-software-architects-in-the-world/answer/Marko-Poutiainen +[45]:http://qr.ae/RFEUqp +[46]:https://www.flickr.com/photos/begley/2979906130 +[47]:http://www.taoyue.com/tutorials/pascal/history.html +[48]:http://c2.com/cgi/wiki?AndersHejlsberg +[49]:http://www.microsoft.com/about/technicalrecognition/anders-hejlsberg.aspx +[50]:http://www.drdobbs.com/windows/dr-dobbs-excellence-in-programming-award/184404602 +[51]:http://qr.ae/RFEZrv +[52]:http://www.quora.com/Software-Engineering/Who-are-some-of-the-greatest-currently-active-software-architects-in-the-world/answer/Stefan-Kiryazov +[53]:https://www.flickr.com/photos/vonguard/4076389963/ +[54]:http://www.wizards-of-os.org/archiv/sprecher/a_c/doug_cutting.html +[55]:http://hadoop.apache.org/ +[56]:https://www.linkedin.com/in/cutting +[57]:http://www.quora.com/Respected-Software-Engineers/Who-are-some-of-the-best-programmers-in-the-world/answer/Shalin-Shekhar-Mangar/comment/2293071 +[58]:http://www.quora.com/Who-are-the-best-programmers-in-Silicon-Valley-and-why/answer/Amit-Nithianandan +[59]:http://awards.acm.org/award_winners/ghemawat_1482280.cfm +[60]:http://research.google.com/pubs/SanjayGhemawat.html +[61]:http://www.quora.com/Google/Who-is-Sanjay-Ghemawat +[62]:http://www8.nationalacademies.org/onpinews/newsitem.aspx?RecordID=02062009 +[63]:http://awards.acm.org/award_winners/ghemawat_1482280.cfm +[64]:http://www.quora.com/Google/Who-is-Sanjay-Ghemawat/answer/Ahmet-Alp-Balkan +[65]:http://research.google.com/people/jeff/index.html +[66]:http://research.google.com/people/jeff/index.html +[67]:http://www8.nationalacademies.org/onpinews/newsitem.aspx?RecordID=02062009 +[68]:http://news.cs.washington.edu/2012/10/10/uw-cse-ph-d-alum-jeff-dean-wins-2012-sigops-mark-weiser-award/ +[69]:http://awards.acm.org/award_winners/dean_2879385.cfm +[70]:http://www.quora.com/Computer-Programming/Who-is-the-best-programmer-in-the-world-right-now/answer/Natu-Lauchande +[71]:http://www.quora.com/Respected-Software-Engineers/Who-are-some-of-the-best-programmers-in-the-world/answer/Cosmin-Negruseri/comment/28399 +[72]:https://commons.wikimedia.org/wiki/File:LinuxCon_Europe_Linus_Torvalds_05.jpg +[73]:http://www.linuxfoundation.org/about/staff#torvalds +[74]:http://git-scm.com/book/en/Getting-Started-A-Short-History-of-Git +[75]:https://w2.eff.org/awards/pioneer/1998.php +[76]:http://www.bcs.org/content/ConWebDoc/14769 +[77]:http://www.zdnet.com/blog/open-source/linus-torvalds-wins-the-tech-equivalent-of-a-nobel-prize-the-millennium-technology-prize/10789 +[78]:http://www.computer.org/portal/web/pressroom/Linus-Torvalds-Named-Recipient-of-the-2014-IEEE-Computer-Society-Computer-Pioneer-Award +[79]:http://www.computerhistory.org/fellowawards/hall/bios/Linus,Torvalds/ +[80]:http://www.internethalloffame.org/inductees/linus-torvalds +[81]:http://qr.ae/RFEeeo +[82]:http://qr.ae/RFEZLk +[83]:http://www.quora.com/Software-Engineering/Who-are-some-of-the-greatest-currently-active-software-architects-in-the-world/answer/Alok-Tripathy-1 +[84]:https://www.flickr.com/photos/quakecon/9434713998 +[85]:http://doom.wikia.com/wiki/John_Carmack +[86]:http://thegamershub.net/2012/04/gaming-gods-john-carmack/ +[87]:http://www.shamusyoung.com/twentysidedtale/?p=4759 +[88]:http://www.interactive.org/special_awards/details.asp?idSpecialAwards=6 +[89]:http://www.itworld.com/article/2951105/it-management/a-fly-named-for-bill-gates-and-9-other-unusual-honors-for-tech-s-elite.html#slide8 +[90]:http://www.gamechoiceawards.com/archive/lifetime.html +[91]:http://qr.ae/RFEEgr +[92]:http://www.itworld.com/answers/topic/software/question/whos-best-living-programmer#comment-424562 +[93]:http://www.quora.com/Respected-Software-Engineers/Who-are-some-of-the-best-programmers-in-the-world/answer/Greg-Naughton +[94]:http://money.cnn.com/2003/08/21/commentary/game_over/column_gaming/ +[95]:http://dufoli.wordpress.com/2007/06/23/ammmmaaaazing-night/ +[96]:http://bellard.org/ +[97]:http://www.ioccc.org/winners.html#B +[98]:http://www.oscon.com/oscon2011/public/schedule/detail/21161 +[99]:http://bellard.org/pi/pi2700e9/ +[100]:https://news.ycombinator.com/item?id=7850797 +[101]:http://www.quora.com/Respected-Software-Engineers/Who-are-some-of-the-best-programmers-in-the-world/answer/Erik-Frey/comment/1718701 +[102]:http://www.quora.com/Respected-Software-Engineers/Who-are-some-of-the-best-programmers-in-the-world/answer/Erik-Frey/comment/2454450 +[103]:http://qr.ae/RFEjhZ +[104]:https://www.flickr.com/photos/craigmurphy/4325516497 +[105]:http://www.amazon.co.uk/gp/product/1935182471?ie=UTF8&tag=developetutor-21&linkCode=as2&camp=1634&creative=19450&creativeASIN=1935182471 +[106]:http://stackexchange.com/leagues/1/alltime/stackoverflow +[107]:http://meta.stackexchange.com/a/9156 +[108]:http://meta.stackexchange.com/a/9138 +[109]:http://meta.stackexchange.com/a/9182 +[110]:https://www.flickr.com/photos/philipn/5326344032 +[111]:http://www.crunchbase.com/person/adam-d-angelo +[112]:http://www.exeter.edu/documents/Exeter_Bulletin/fall_01/oncampus.html +[113]:http://icpc.baylor.edu/community/results-2004 +[114]:https://www.topcoder.com/tc?module=Static&d1=pressroom&d2=pr_022205 +[115]:http://qr.ae/RFfOfe +[116]:http://www.businessinsider.com/in-new-alleged-ims-mark-zuckerberg-talks-about-adam-dangelo-2012-9#ixzz369FcQoLB +[117]:https://www.facebook.com/hackercup/photos/a.329665040399024.91563.133954286636768/553381194694073/?type=1 +[118]:http://stats.ioinformatics.org/people/1849 +[119]:http://googlepress.blogspot.com/2006/10/google-announces-winner-of-global-code_27.html +[120]:http://community.topcoder.com/tc?module=SimpleStats&c=coder_achievements&d1=statistics&d2=coderAchievements&cr=10574855 +[121]:https://www.facebook.com/notes/facebook-hacker-cup/facebook-hacker-cup-finals/208549245827651 +[122]:https://www.facebook.com/hackercup/photos/a.329665040399024.91563.133954286636768/553381194694073/?type=1 +[123]:http://community.topcoder.com/tc?module=AlgoRank +[124]:http://codeforces.com/ratings +[125]:http://www.quora.com/Respected-Software-Engineers/Who-are-some-of-the-best-programmers-in-the-world/answer/Venkateswaran-Vicky/comment/1960855 +[126]:http://commons.wikimedia.org/wiki/File:Gennady_Korot.jpg +[127]:http://stats.ioinformatics.org/people/804 +[128]:http://icpc.baylor.edu/regionals/finder/world-finals-2013/standings +[129]:https://www.facebook.com/hackercup/posts/10152022955628845 +[130]:http://codeforces.com/ratings +[131]:http://community.topcoder.com/tc?module=AlgoRank +[132]:http://www.quora.com/Computer-Programming/Who-is-the-best-programmer-in-the-world-right-now/answer/Prateek-Joshi +[133]:http://www.quora.com/Computer-Programming/Who-is-the-best-programmer-in-the-world-right-now/answer/Prateek-Joshi/comment/4720779 +[134]:http://www.quora.com/Computer-Programming/Who-is-the-best-programmer-in-the-world-right-now/answer/Prateek-Joshi/comment/4880549 +[135]:http://commons.wikimedia.org/wiki/File:Jielbeaumadier_richard_stallman_2010.jpg \ No newline at end of file diff --git a/sources/tech/20150914 Display Awesome Linux Logo With Basic Hardware Info Using screenfetch and linux_logo Tools.md b/published/201511/20150914 Display Awesome Linux Logo With Basic Hardware Info Using screenfetch and linux_logo Tools.md similarity index 59% rename from sources/tech/20150914 Display Awesome Linux Logo With Basic Hardware Info Using screenfetch and linux_logo Tools.md rename to published/201511/20150914 Display Awesome Linux Logo With Basic Hardware Info Using screenfetch and linux_logo Tools.md index 6640454f07..564fb33e1e 100644 --- a/sources/tech/20150914 Display Awesome Linux Logo With Basic Hardware Info Using screenfetch and linux_logo Tools.md +++ b/published/201511/20150914 Display Awesome Linux Logo With Basic Hardware Info Using screenfetch and linux_logo Tools.md @@ -1,88 +1,88 @@ -Display Awesome Linux Logo With Basic Hardware Info Using screenfetch and linux_logo Tools +用 screenfetch 和 linux_logo 显示带有酷炫 Linux 标志的基本硬件信息 ================================================================================ -Do you want to display a super cool logo of your Linux distribution along with basic hardware information? Look no further try awesome screenfetch and linux_logo utilities. +想在屏幕上显示出你的 Linux 发行版的酷炫标志和基本硬件信息吗?不用找了,来试试超赞的 screenfetch 和 linux_logo 工具。 -### Say hello to screenfetch ### +### 来看看 screenfetch 吧 ### -screenFetch is a CLI bash script to show system/theme info in screenshots. It runs on a Linux, OS X, FreeBSD and many other Unix-like system. From the man page: +screenFetch 是一个能够在截屏中显示系统/主题信息的命令行脚本。它可以在 Linux,OS X,FreeBSD 以及其它的许多类Unix系统上使用。来自 man 手册的说明: -> This handy Bash script can be used to generate one of those nifty terminal theme information + ASCII distribution logos you see in everyone's screenshots nowadays. It will auto-detect your distribution and display an ASCII version of that distribution's logo and some valuable information to the right. +> 这个方便的 Bash 脚本可以用来生成那些漂亮的终端主题信息和用 ASCII 构成的发行版标志,就像如今你在别人的截屏里看到的那样。它会自动检测你的发行版并显示 ASCII 版的发行版标志,并且在右边显示一些有价值的信息。 -#### Installing screenfetch on Linux #### +#### 在 Linux 上安装 screenfetch #### -Open the Terminal application. Simply type the following [apt-get command][1] on a Debian or Ubuntu or Mint Linux based system: +打开终端应用。在基于 Debian 或 Ubuntu 或 Mint 的系统上只需要输入下列 [apt-get 命令][1]: $ sudo apt-get install screenfetch ![](http://s0.cyberciti.org/uploads/cms/2015/09/ubuntu-debian-linux-apt-get-install-screenfetch.jpg) -Fig.01: Installing screenfetch using apt-get +*图一:用 apt-get 安装 screenfetch* -#### Installing screenfetch Mac OS X #### +#### 在 Mac OS X 上安装 screenfetch #### -Type the following command: +输入下列命令: $ brew install screenfetch ![](http://s0.cyberciti.org/uploads/cms/2015/09/apple-mac-osx-install-screenfetch.jpg) -Fig.02: Installing screenfetch using brew command +*图二:用 brew 命令安装 screenfetch* -#### Installing screenfetch on FreeBSD #### +#### 在 FreeBSD 上安装 screenfetch #### -Type the following pkg command: +输入下列 pkg 命令: $ sudo pkg install sysutils/screenfetch ![](http://s0.cyberciti.org/uploads/cms/2015/09/freebsd-install-pkg-screenfetch.jpg) -Fig.03: FreeBSD install screenfetch using pkg +*图三:在 FreeBSD 用 pkg 安装 screenfetch* -#### Installing screenfetch on Fedora Linux #### +#### 在 Fedora 上安装 screenfetch #### -Type the following dnf command: +输入下列 dnf 命令: $ sudo dnf install screenfetch ![](http://s0.cyberciti.org/uploads/cms/2015/09/fedora-dnf-install-screenfetch.jpg) -Fig.04: Fedora Linux 22 install screenfetch using dnf +*图四:在 Fedora 22 用 dnf 安装 screenfetch* -#### How do I use screefetch utility? #### +#### 我该怎么使用 screefetch 工具? #### -Simply type the following command: +只需输入以下命令: $ screenfetch -Here is the output from various operating system: +这是不同系统的输出: -![](http://s0.cyberciti.org/uploads/cms/2015/09/fedora-screenfetch-300x193.jpg) +![](http://s0.cyberciti.org/uploads/cms/2015/09/fedora-screenfetch.jpg) -Screenfetch on Fedora +*Fedora 上的 Screenfetch* -![](http://s0.cyberciti.org/uploads/cms/2015/09/screenfetch-osx-300x213.jpg) +![](http://s0.cyberciti.org/uploads/cms/2015/09/screenfetch-osx.jpg) -Screenfetch on OS X +*OS X 上的 Screenfetch* -![](http://s0.cyberciti.org/uploads/cms/2015/09/screenfetch-freebsd-300x143.jpg) +![](http://s0.cyberciti.org/uploads/cms/2015/09/screenfetch-freebsd.jpg) -Screenfetch on FreeBSD +*FreeBSD 上的 Screenfetch* -![](http://s0.cyberciti.org/uploads/cms/2015/09/debian-ubutnu-screenfetch-outputs-300x279.jpg) +![](http://s0.cyberciti.org/uploads/cms/2015/09/debian-ubutnu-screenfetch-outputs.jpg) -Screenfetch on Debian Linux +*Debian 上的 Screenfetch* -#### Take screenshot #### +#### 获取截屏 #### -To take a screenshot and to save a file, enter: +要获取截屏并保存成文件,输入: $ screenfetch -s -You will see a screenshot file at ~/Desktop/screenFetch-*.jpg. To take a screenshot and upload to imgur directly, enter: +你会看到一个文件 ~/Desktop/screenFetch-*.jpg。获取截屏并直接上传到 imgur,输入: - $ screenfetch -su imgur + $ screenfetch -su imgur -**Sample outputs:** +**输出示例:** -/+:. veryv@Viveks-MacBook-Pro :++++. OS: 64bit Mac OS X 10.10.5 14F27 @@ -100,49 +100,49 @@ You will see a screenshot file at ~/Desktop/screenFetch-*.jpg. To take a screens `ossssssssssssssssssssss/ RAM: 6405MB / 8192MB :ooooooooooooooooooo+. `:+oo+/:-..-:/+o+/- - + Taking shot in 3.. 2.. 1.. 0. ==> Uploading your screenshot now...your screenshot can be viewed at http://imgur.com/HKIUznn -You can visit [http://imgur.com/HKIUznn][2] to see uploaded screenshot. +你可以访问 [http://imgur.com/HKIUznn][2] 来查看上传的截屏。 -### Say hello to linux_logo ### +### 再来看看 linux_logo ### -The linux_logo program generates a color ANSI picture of a penguin which includes some system information obtained from the /proc filesystem. +linux_logo 程序生成一个彩色的 ANSI 版企鹅图片,还包含一些来自 /proc 的系统信息。 -#### Installation #### +#### 安装 #### -Simply type the following command as per your Linux distro. +只需按照你的 Linux 发行版输入对应的命令: #### Debian/Ubutnu/Mint #### # apt-get install linux_logo -#### CentOS/RHEL/Older Fedora #### +#### CentOS/RHEL/旧版 Fedora #### # yum install linux_logo -#### Fedora Linux v22+ or newer #### +#### Fedora Linux v22+ 或更新版本 #### # dnf install linux_logo -#### Run it #### +#### 运行它 #### -Simply type the following command: +只需输入下列命令: - $ linux_logo + $ linux_logo ![](http://s0.cyberciti.org/uploads/cms/2015/09/debian-linux_logo.jpg) -linux_logo in action +*运行 linux_logo* -#### But wait, there's more! #### +#### 等等,还有更多! #### -You can see a list of compiled in logos using: +你可以用这个命令查看内置的标志列表: $ linux_logo -f -L list -**Sample outputs:** +**输出示例:** Available Built-in Logos: Num Type Ascii Name Description @@ -176,47 +176,47 @@ You can see a list of compiled in logos using: 28 Banner Yes sourcemage Source Mage GNU/Linux large 29 Banner Yes suse SUSE Logo 30 Banner Yes ubuntu Ubuntu Logo - + Do "linux_logo -L num" where num is from above to get the appropriate logo. Remember to also use -a to get ascii version. -To see aix logo, enter: +查看 aix 的标志,输入: $ linux_logo -f -L aix -To see openbsd logo: +查看 openbsd 的标志: $ linux_logo -f -L openbsd -Or just see some random Linux logo: +或者只是随机看看一些 Linux 标志: $ linux_logo -f -L random_xy -You [can combine bash for loop as follows to display various logos][3], enter: +你[可以像下面那样结合 bash 的循环来显示不同的标志][3],输入: ![](http://s0.cyberciti.org/uploads/cms/2015/09/linux-logo-fun.gif) -Gif 01: linux_logo and bash for loop for fun and profie +*动图1: linux_logo 和 bash 循环,既有趣又能发朋友圈耍酷* -### Getting help ### +### 获取帮助 ### -Simply type the following command: +输入下列命令: $ screefetch -h $ linux_logo -h -**References** +**参考** -- [screenFetch home page][4] -- [linux_logo home page][5] +- [screenFetch 主页][4] +- [linux_logo 主页][5] -------------------------------------------------------------------------------- via: http://www.cyberciti.biz/hardware/howto-display-linux-logo-in-bash-terminal-using-screenfetch-linux_logo/ 作者:Vivek Gite -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) +译者:[alim0x](https://github.com/alim0x) +校对:[wxy](https://github.com/wxy) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 @@ -224,4 +224,4 @@ via: http://www.cyberciti.biz/hardware/howto-display-linux-logo-in-bash-terminal [2]:http://imgur.com/HKIUznn [3]:http://www.cyberciti.biz/faq/bash-for-loop/ [4]:https://github.com/KittyKatt/screenFetch -[5]:https://github.com/deater/linux_logo \ No newline at end of file +[5]:https://github.com/deater/linux_logo diff --git a/translated/tech/20150921 Configure PXE Server In Ubuntu 14.04.md b/published/201511/20150921 Configure PXE Server In Ubuntu 14.04.md similarity index 70% rename from translated/tech/20150921 Configure PXE Server In Ubuntu 14.04.md rename to published/201511/20150921 Configure PXE Server In Ubuntu 14.04.md index eab3fb5224..8689a180ce 100644 --- a/translated/tech/20150921 Configure PXE Server In Ubuntu 14.04.md +++ b/published/201511/20150921 Configure PXE Server In Ubuntu 14.04.md @@ -1,9 +1,9 @@ - - 在 Ubuntu 14.04 中配置 PXE 服务器 +在 Ubuntu 14.04 中配置 PXE 服务器 ================================================================================ + ![](https://www.maketecheasier.com/assets/uploads/2015/09/pxe-featured.jpg) -PXE(Preboot Execution Environment--预启动执行环境)服务器允许用户从网络中启动 Linux 发行版并且可以同时在数百台 PC 中安装而不需要 Linux ISO 镜像。如果你客户端的计算机没有 CD/DVD 或USB 引导盘,或者如果你想在大型企业中同时安装多台计算机,那么 PXE 服务器可以帮你节省时间和金钱。 +PXE(Preboot Execution Environment--预启动执行环境)服务器允许用户从网络中启动 Linux 发行版并且可以不需要 Linux ISO 镜像就能同时在数百台 PC 中安装。如果你客户端的计算机没有 CD/DVD 或USB 引导盘,或者如果你想在大型企业中同时安装多台计算机,那么 PXE 服务器可以帮你节省时间和金钱。 在这篇文章中,我们将告诉你如何在 Ubuntu 14.04 配置 PXE 服务器。 @@ -11,11 +11,11 @@ PXE(Preboot Execution Environment--预启动执行环境)服务器允许用 开始前,你需要先设置 PXE 服务器使用静态 IP。在你的系统中要使用静态 IP 地址,需要编辑 “/etc/network/interfaces” 文件。 -1. 打开 “/etc/network/interfaces” 文件. +打开 “/etc/network/interfaces” 文件. sudo nano /etc/network/interfaces - 作如下修改: +作如下修改: # 回环网络接口 auto lo @@ -43,23 +43,23 @@ DHCP,TFTP 和 NFS 是 PXE 服务器的重要组成部分。首先,需要更 ### 配置 DHCP 服务: ### -DHCP 代表动态主机配置协议(Dynamic Host Configuration Protocol),并且它主要用于动态分配网络配置参数,如用于接口和服务的 IP 地址。在 PXE 环境中,DHCP 服务器允许客户端请求并自动获得一个 IP 地址来访问网络。 +DHCP 代表动态主机配置协议(Dynamic Host Configuration Protocol),它主要用于动态分配网络配置参数,如用于接口和服务的 IP 地址。在 PXE 环境中,DHCP 服务器允许客户端请求并自动获得一个 IP 地址来访问网络。 -1. 编辑 “/etc/default/dhcp3-server” 文件. +1、编辑 “/etc/default/dhcp3-server” 文件. sudo nano /etc/default/dhcp3-server - 作如下修改: +作如下修改: INTERFACES="eth0" 保存 (Ctrl + o) 并退出 (Ctrl + x) 文件. -2. 编辑 “/etc/dhcp3/dhcpd.conf” 文件: +2、编辑 “/etc/dhcp3/dhcpd.conf” 文件: sudo nano /etc/dhcp/dhcpd.conf - 作如下修改: +作如下修改: default-lease-time 600; max-lease-time 7200; @@ -74,29 +74,29 @@ DHCP 代表动态主机配置协议(Dynamic Host Configuration Protocol), 保存文件并退出。 -3. 启动 DHCP 服务. +3、启动 DHCP 服务. sudo /etc/init.d/isc-dhcp-server start ### 配置 TFTP 服务器: ### -TFTP 是一种文件传输协议,类似于 FTP。它不用进行用户认证也不能列出目录。TFTP 服务器总是监听网络上的 PXE 客户端。当它检测到网络中有 PXE 客户端请求 PXE 服务器时,它将提供包含引导菜单的网络数据包。 +TFTP 是一种文件传输协议,类似于 FTP,但它不用进行用户认证也不能列出目录。TFTP 服务器总是监听网络上的 PXE 客户端的请求。当它检测到网络中有 PXE 客户端请求 PXE 服务时,它将提供包含引导菜单的网络数据包。 -1. 配置 TFTP 时,需要编辑 “/etc/inetd.conf” 文件. +1、配置 TFTP 时,需要编辑 “/etc/inetd.conf” 文件. sudo nano /etc/inetd.conf - 作如下修改: +作如下修改: tftp dgram udp wait root /usr/sbin/in.tftpd /usr/sbin/in.tftpd -s /var/lib/tftpboot - 保存文件并退出。 +保存文件并退出。 -2. 编辑 “/etc/default/tftpd-hpa” 文件。 +2、编辑 “/etc/default/tftpd-hpa” 文件。 sudo nano /etc/default/tftpd-hpa - 作如下修改: +作如下修改: TFTP_USERNAME="tftp" TFTP_DIRECTORY="/var/lib/tftpboot" @@ -105,14 +105,14 @@ TFTP 是一种文件传输协议,类似于 FTP。它不用进行用户认证 RUN_DAEMON="yes" OPTIONS="-l -s /var/lib/tftpboot" - 保存文件并退出。 +保存文件并退出。 -3. 使用 `xinetd` 让 boot 服务在每次系统开机时自动启动,并启动tftpd服务。 +3、 使用 `xinetd` 让 boot 服务在每次系统开机时自动启动,并启动tftpd服务。 sudo update-inetd --enable BOOT sudo service tftpd-hpa start -4. 检查状态。 +4、检查状态。 sudo netstat -lu @@ -123,7 +123,7 @@ TFTP 是一种文件传输协议,类似于 FTP。它不用进行用户认证 ### 配置 PXE 启动文件 ### -现在,你需要将 PXE 引导文件 “pxelinux.0” 放在 TFTP 根目录下。为 TFTP 创建一个目录,并复制 syslinux 在 “/usr/lib/syslinux/” 下提供的所有引导程序文件到 “/var/lib/tftpboot/” 下,操作如下: +现在,你需要将 PXE 引导文件 “pxelinux.0” 放在 TFTP 根目录下。为 TFTP 创建目录结构,并从 “/usr/lib/syslinux/” 复制 syslinux 提供的所有引导程序文件到 “/var/lib/tftpboot/” 下,操作如下: sudo mkdir /var/lib/tftpboot sudo mkdir /var/lib/tftpboot/pxelinux.cfg @@ -135,13 +135,13 @@ TFTP 是一种文件传输协议,类似于 FTP。它不用进行用户认证 PXE 配置文件定义了 PXE 客户端启动时显示的菜单,它能引导并与 TFTP 服务器关联。默认情况下,当一个 PXE 客户端启动时,它会使用自己的 MAC 地址指定要读取的配置文件,所以我们需要创建一个包含可引导内核列表的默认文件。 -编辑 PXE 服务器配置文件使用可用的安装选项。. +编辑 PXE 服务器配置文件,使用有效的安装选项。 -编辑 “/var/lib/tftpboot/pxelinux.cfg/default,” +编辑 “/var/lib/tftpboot/pxelinux.cfg/default”: sudo nano /var/lib/tftpboot/pxelinux.cfg/default - 作如下修改: +作如下修改: DEFAULT vesamenu.c32 TIMEOUT 100 @@ -183,12 +183,12 @@ PXE 配置文件定义了 PXE 客户端启动时显示的菜单,它能引导 ### 为 PXE 服务器添加 Ubuntu 14.04 桌面启动镜像 ### -对于这一步,Ubuntu 内核和 initrd 文件是必需的。要获得这些文件,你需要 Ubuntu 14.04 桌面 ISO 镜像。你可以通过以下命令下载 Ubuntu 14.04 ISO 镜像到 /mnt 目录: +对于这一步需要 Ubuntu 内核和 initrd 文件。要获得这些文件,你需要 Ubuntu 14.04 桌面 ISO 镜像。你可以通过以下命令下载 Ubuntu 14.04 ISO 镜像到 /mnt 目录: sudo cd /mnt sudo wget http://releases.ubuntu.com/14.04/ubuntu-14.04.3-desktop-amd64.iso -**注意**: 下载用的 URL 可能会改变,因为 ISO 镜像会进行更新。如果上面的网址无法访问,看看这个网站,了解最新的下载链接。 +**注意**: 下载用的 URL 可能会改变,因为 ISO 镜像会进行更新。如果上面的网址无法访问,看看[这个网站][4],了解最新的下载链接。 挂载 ISO 文件,使用以下命令将所有文件复制到 TFTP文件夹中: @@ -199,9 +199,9 @@ PXE 配置文件定义了 PXE 客户端启动时显示的菜单,它能引导 ### 将导出的 ISO 目录配置到 NFS 服务器上 ### -现在,你需要通过 NFS 协议安装源镜像。你还可以使用 HTTP 和 FTP 来安装源镜像。在这里,我已经使用 NFS 导出 ISO 内容。 +现在,你需要通过 NFS 协议来设置“安装源镜像( Installation Source Mirrors)”。你还可以使用 HTTP 和 FTP 来安装源镜像。在这里,我已经使用 NFS 输出 ISO 内容。 -要配置 NFS 服务器,你需要编辑 “etc/exports” 文件。 +要配置 NFS 服务器,你需要编辑 “/etc/exports” 文件。 sudo nano /etc/exports @@ -209,7 +209,7 @@ PXE 配置文件定义了 PXE 客户端启动时显示的菜单,它能引导 /var/lib/tftpboot/Ubuntu/14.04/amd64 *(ro,async,no_root_squash,no_subtree_check) -保存文件并退出。为使更改生效,启动 NFS 服务。 +保存文件并退出。为使更改生效,输出并启动 NFS 服务。 sudo exportfs -a sudo /etc/init.d/nfs-kernel-server start @@ -218,9 +218,9 @@ PXE 配置文件定义了 PXE 客户端启动时显示的菜单,它能引导 ### 配置网络引导 PXE 客户端 ### -PXE 客户端可以被任何具备 PXE 网络引导的系统来启用。现在,你的客户端可以启动并安装 Ubuntu 14.04 桌面,需要在系统的 BIOS 中设置 “Boot From Network” 选项。 +PXE 客户端可以是任何支持 PXE 网络引导的计算机系统。现在,你的客户端只需要在系统的 BIOS 中设置 “从网络引导(Boot From Network)” 选项就可以启动并安装 Ubuntu 14.04 桌面。 -现在你可以去做 - 用网络引导启动你的 PXE 客户端计算机,你现在应该看到一个子菜单,显示了我们创建的 Ubuntu 14.04 桌面。 +现在准备出发吧 - 用网络引导启动你的 PXE 客户端计算机,你现在应该看到一个子菜单,显示了我们创建的 Ubuntu 14.04 桌面的菜单项。 ![pxe](https://www.maketecheasier.com/assets/uploads/2015/09/pxe.png) @@ -241,7 +241,7 @@ via: https://www.maketecheasier.com/configure-pxe-server-ubuntu/ 作者:[Hitesh Jethva][a] 译者:[strugglingyouth](https://github.com/strugglingyouth) -校对:[校对者ID](https://github.com/校对者ID) +校对:[wxy](https://github.com/wxy) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 @@ -249,3 +249,4 @@ via: https://www.maketecheasier.com/configure-pxe-server-ubuntu/ [1]:https://en.wikipedia.org/wiki/Preboot_Execution_Environment [2]:https://help.ubuntu.com/community/PXEInstallServer [3]:https://www.flickr.com/photos/jhcalderon/3681926417/ +[4]:http://releases.ubuntu.com/14.04/ diff --git a/published/201511/20150929 A Developer's Journey into Linux Containers.md b/published/201511/20150929 A Developer's Journey into Linux Containers.md new file mode 100644 index 0000000000..7245883635 --- /dev/null +++ b/published/201511/20150929 A Developer's Journey into Linux Containers.md @@ -0,0 +1,128 @@ +一位开发者的 Linux 容器之旅 +================================================================================ +![](https://deis.com/images/blog-images/dev_journey_0.jpg) + +我告诉你一个秘密:使得我的应用程序进入到全世界的 DevOps 云计算之类的东西对我来说仍然有一点神秘。但随着时间流逝,我意识到理解大规模的机器增减和应用程序部署的来龙去脉对一个开发者来说是非常重要的知识。这类似于成为一个专业的音乐家,当然你肯定需要知道如何使用你的乐器,但是,如果你不知道一个录音棚是如何工作的,或者如何适应一个交响乐团,那么你在这样的环境中工作会变得非常困难。 + +在软件开发的世界里,使你的代码进入我们的更大的世界如同把它编写出来一样重要。DevOps 重要,而且是很重要。 + +因此,为了弥合开发(Dev)和部署(Ops)之间的空隙,我会从头开始介绍容器技术。为什么是容器?因为有强力的证据表明,容器是机器抽象的下一步:使计算机成为场所而不再是一个东西。理解容器是我们共同的旅程。 + +在这篇文章中,我会介绍容器化(containerization)背后的概念。包括容器和虚拟机的区别,以及容器构建背后的逻辑以及它是如何适应应用程序架构的。我会探讨轻量级的 Linux 操作系统是如何适应容器生态系统。我还会讨论使用镜像创建可重用的容器。最后我会介绍容器集群如何使你的应用程序可以快速扩展。 + +在后面的文章中,我会一步一步向你介绍容器化一个示例应用程序的过程,以及如何为你的应用程序容器创建一个托管集群。同时,我会向你展示如何使用 Deis 将你的示例应用程序部署到你本地系统以及多种云供应商的虚拟机上。 + +让我们开始吧。 + +### 虚拟机的好处 ### + +为了理解容器如何适应事物发展,你首先要了解容器的前任:虚拟机。 + +[虚拟机][1] (virtual machine (VM))是运行在物理宿主机上的软件抽象。配置一个虚拟机就像是购买一台计算机:你需要定义你想要的 CPU 数目、RAM 和磁盘存储容量。配置好了机器后,你为它加载操作系统,以及你想让虚拟机支持的任何服务器或者应用程序。 + +虚拟机允许你在一台硬件主机上运行多个模拟计算机。这是一个简单的示意图: + +![](https://deis.com/images/blog-images/dev_journey_1.png) + +虚拟机可以让你能充分利用你的硬件资源。你可以购买一台巨大的、轰隆作响的机器,然后在上面运行多个虚拟机。你可以有一个数据库虚拟机以及很多运行相同版本的定制应用程序的虚拟机所构成的集群。你可以在有限的硬件资源获得很多的扩展能力。如果你觉得你需要更多的虚拟机而且你的宿主硬件还有容量,你可以添加任何你需要的虚拟机。或者,如果你不再需要一个虚拟机,你可以关闭该虚拟机并删除虚拟机镜像。 + +### 虚拟机的局限 ### + +但是,虚拟机确实有局限。 + +如上面所示,假如你在一个主机上创建了三个虚拟机。主机有 12 个 CPU,48 GB 内存和 3TB 的存储空间。每个虚拟机配置为有 4 个 CPU,16 GB 内存和 1TB 存储空间。到现在为止,一切都还好。主机有这个容量。 + +但这里有个缺陷。所有分配给一个虚拟机的资源,无论是什么,都是专有的。每台机器都分配了 16 GB 的内存。但是,如果第一个虚拟机永不会使用超过 1GB 分配的内存,剩余的 15 GB 就会被浪费在那里。如果第三个虚拟机只使用分配的 1TB 存储空间中的 100GB,其余的 900GB 就成为浪费空间。 + +这里没有资源的流动。每台虚拟机拥有分配给它的所有资源。因此,在某种方式上我们又回到了虚拟机之前,把大部分金钱花费在未使用的资源上。 + +虚拟机还有*另一个*缺陷。让它们跑起来需要很长时间。如果你处于基础设施需要快速增长的情形,即使增加虚拟机是自动的,你仍然会发现你的很多时间都浪费在等待机器上线。 + +### 来到:容器 ### + +概念上来说,容器是一个 Linux 进程,Linux 认为它只是一个运行中的进程。该进程只知道它被告知的东西。另外,在容器化方面,该容器进程也分配了它自己的 IP 地址。这点很重要,重要的事情讲三遍,这是第二遍。**在容器化方面,容器进程有它自己的 IP 地址。**一旦给予了一个 IP 地址,该进程就是宿主网络中可识别的资源。然后,你可以在容器管理器上运行命令,使容器 IP 映射到主机中能访问公网的 IP 地址。建立了该映射,无论出于什么意图和目的,容器就是网络上一个可访问的独立机器,从概念上类似于虚拟机。 + +这是第三遍,容器是拥有不同 IP 地址从而使其成为网络上可识别的独立 Linux 进程。下面是一个示意图: + +![](https://deis.com/images/blog-images/dev_journey_2.png) + +容器/进程以动态、合作的方式共享主机上的资源。如果容器只需要 1GB 内存,它就只会使用 1GB。如果它需要 4GB,就会使用 4GB。CPU 和存储空间利用也是如此。CPU、内存和存储空间的分配是动态的,和典型虚拟机的静态方式不同。所有这些资源的共享都由容器管理器来管理。 + +最后,容器能非常快速地启动。 + +因此,容器的好处是:**你获得了虚拟机独立和封装的好处,而抛弃了静态资源专有的缺陷**。另外,由于容器能快速加载到内存,在扩展到多个容器时你能获得更好的性能。 + +### 容器托管、配置和管理 ### + +托管容器的计算机运行着被剥离的只剩下主要部分的某个 Linux 版本。现在,宿主计算机流行的底层操作系统是之前提到的 [CoreOS][2]。当然还有其它,例如 [Red Hat Atomic Host][3] 和 [Ubuntu Snappy][4]。 + +该 Linux 操作系统被所有容器所共享,减少了容器足迹的重复和冗余。每个容器只包括该容器特有的部分。下面是一个示意图: + +![](https://deis.com/images/blog-images/dev_journey_3.png) + +你可以用它所需的组件来配置容器。一个容器组件被称为**层(layer)**。层是一个容器镜像,(你会在后面的部分看到更多关于容器镜像的介绍)。你从一个基本层开始,这通常是你想在容器中使用的操作系统。(容器管理器只提供你所要的操作系统在宿主操作系统中不存在的部分。)当你构建你的容器配置时,你需要添加层,例如你想要添加网络服务器时这个层就是 Apache,如果容器要运行脚本,则需要添加 PHP 或 Python 运行时环境。 + +分层非常灵活。如果应用程序或者服务容器需要 PHP 5.2 版本,你相应地配置该容器即可。如果你有另一个应用程序或者服务需要 PHP 5.6 版本,没问题,你可以使用 PHP 5.6 配置该容器。不像虚拟机,更改一个版本的运行时依赖时你需要经过大量的配置和安装过程;对于容器你只需要在容器配置文件中重新定义层。 + +所有上面描述的容器的各种功能都由一个称为容器管理器(container manager)的软件控制。现在,最流行的容器管理器是 [Docker][5] 和 [Rocket][6]。上面的示意图展示了容器管理器是 Docker,宿主操作系统是 CentOS 的主机情景。 + +### 容器由镜像构成 ### + +当你需要将我们的应用程序构建到容器时,你就要编译镜像。镜像代表了你的容器需要完成其工作的容器模板。(容器里可以在容器里面,如下图)。镜像存储在注册库(registry)中,注册库通过网络访问。 + +从概念上讲,注册库类似于一个使用 Java 的人眼中的 [Maven][7] 仓库、使用 .NET 的人眼中的 [NuGet][8] 服务器。你会创建一个列出了你应用程序所需镜像的容器配置文件。然后你使用容器管理器创建一个包括了你的应用程序代码以及从容器注册库中下载的部分资源。例如,如果你的应用程序包括了一些 PHP 文件,你的容器配置文件会声明你会从注册库中获取 PHP 运行时环境。另外,你还要使用容器配置文件声明需要复制到容器文件系统中的 .php 文件。容器管理器会封装你应用程序的所有东西为一个独立容器,该容器将会在容器管理器的管理下运行在宿主计算机上。 + +这是一个容器创建背后概念的示意图: + +![](https://deis.com/images/blog-images/dev_journey_4.png) + +让我们仔细看看这个示意图。 + +(1)代表一个定义了你容器所需东西以及你容器如何构建的容器配置文件。当你在主机上运行容器时,容器管理器会读取该配置文件,从云上的注册库中获取你需要的容器镜像,(2)将镜像作为层添加到你的容器中。 + +另外,如果组成镜像需要其它镜像,容器管理器也会获取这些镜像并把它们作为层添加进来。(3)容器管理器会将需要的文件复制到容器中。 + +如果你使用了配置(provisioning)服务,例如 [Deis][9],你刚刚创建的应用程序容器做成镜像,(4)配置服务会将它部署到你选择的云供应商上,比如类似 AWS 和 Rackspace 云供应商。 + +### 集群中的容器 ### + +好了。这里有一个很好的例子说明了容器比虚拟机提供了更好的配置灵活性和资源利用率。但是,这并不是全部。 + +容器真正的灵活是在集群中。记住,每个容器有一个独立的 IP 地址。因此,能把它放到负载均衡器后面。将容器放到负载均衡器后面,这就上升了一个层面。 + +你可以在一个负载均衡容器后运行容器集群以获得更高的性能和高可用计算。这是一个例子: + +![](https://deis.com/images/blog-images/dev_journey_5.png) + +假如你开发了一个资源密集型的应用程序,例如图片处理。使用类似 [Deis][9] 的容器配置技术,你可以创建一个包括了你图片处理程序以及你图片处理程序需要的所有资源的容器镜像。然后,你可以部署一个或多个容器镜像到主机上的负载均衡器下。一旦创建了容器镜像,你可以随时使用它。当系统繁忙时可以添加更多的容器实例来满足手中的工作。 + +这里还有更多好消息。每次添加实例到环境中时,你不需要手动配置负载均衡器以便接受你的容器镜像。你可以使用服务发现技术让容器告知均衡器它可用。然后,一旦获知,均衡器就会将流量分发到新的结点。 + +### 全部放在一起 ### + +容器技术完善了虚拟机缺失的部分。类似 CoreOS、RHEL Atomic、和 Ubuntu 的 Snappy 宿主操作系统,和类似 Docker 和 Rocket 的容器管理技术结合起来,使得容器变得日益流行。 + +尽管容器变得更加越来越普遍,掌握它们还是需要一段时间。但是,一旦你懂得了它们的窍门,你可以使用类似 [Deis][9] 这样的配置技术使容器创建和部署变得更加简单。 + +从概念上理解容器和进一步实际使用它们完成工作一样重要。但我认为不实际动手把想法付诸实践,概念也难以理解。因此,我们该系列的下一阶段就是:创建一些容器。 + +-------------------------------------------------------------------------------- + +via: https://deis.com/blog/2015/developer-journey-linux-containers + +作者:[Bob Reselman][a] +译者:[ictlyh](http://www.mutouxiaogui.cn/blog/) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://deis.com/blog +[1]:https://en.wikipedia.org/wiki/Virtual_machine +[2]:https://coreos.com/using-coreos/ +[3]:http://www.projectatomic.io/ +[4]:https://developer.ubuntu.com/en/snappy/ +[5]:https://www.docker.com/ +[6]:https://coreos.com/blog/rocket/ +[7]:https://en.wikipedia.org/wiki/Apache_Maven +[8]:https://www.nuget.org/ +[9]:http://deis.com/learn \ No newline at end of file diff --git a/published/201511/20151007-Fix-Shell-Script-Opens-In-Text Editor In Ubuntu.md b/published/201511/20151007-Fix-Shell-Script-Opens-In-Text Editor In Ubuntu.md new file mode 100644 index 0000000000..da44814e11 --- /dev/null +++ b/published/201511/20151007-Fix-Shell-Script-Opens-In-Text Editor In Ubuntu.md @@ -0,0 +1,39 @@ +修复 Shell 脚本在 Ubuntu 中的默认打开方式 +================================================================================ +![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/10/Run-Shell-Script-on-Double-Click.jpg) + +当你双击一个脚本(.sh文件)的时候,你想要做的是什么?通常的想法是执行它。但是在Ubuntu下面却不是这样,或者我应该更确切地说是在Files(Nautilus)中。你可能会疯狂地大叫“运行文件,运行文件”,但是文件没有运行而是用Gedit打开了。 + +我知道你也许会说文件有可执行权限么?我会说是的。脚本有可执行权限但是当我双击它的时候,它还是用文本编辑器打开了。我不希望这样,如果你遇到了同样的问题,我想你也许也想要这样。 + +我知道你或许已经被建议在终端下面执行,我知道这个可行,但是这不是一个在GUI下不能运行的借口是么? + +这篇教程中,我们会看到**如何在双击后运行shell脚本。** + +#### 修复在Ubuntu中shell脚本用文本编辑器打开的方式 #### + +shell脚本用文件编辑器打开的原因是Files(Ubuntu中的文件管理器)中的默认行为设置。在更早的版本中,它或许会询问你是否运行文件或者用编辑器打开。默认的行为在新的版本中被修改了。 + +要修复这个,进入文件管理器,并在菜单中点击**选项**: + +![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/10/execute-shell-program-ubuntu-1.png) + +接下来在**文件选项(Files Preferences)**中进入**行为(Behavior)**标签中,你会看到**可执行的文本文件(Executable Text Files)**选项。 + +默认情况下,它被设置成“在打开时显示文本文件(View executable text files when they are opend)”。我建议你把它改成“每次询问(Ask each time)”,这样你可以选择是执行还是编辑了,当然了你也可以选择“在打开时云可执行文本文件(Run executable text files when they are opend)”。你可以自行选择。 + +![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/10/execute-shell-program-ubuntu-2.png) + +我希望这个贴士可以帮你修复这个小“问题”。欢迎提出问题和建议。 + +-------------------------------------------------------------------------------- + +via: http://itsfoss.com/shell-script-opens-text-editor/ + +作者:[Abhishek][a] +译者:[geekpi](https://github.com/geekpi) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:http://itsfoss.com/author/abhishek/ diff --git a/published/201511/20151012 Curious about Linux Try Linux Desktop on the Cloud.md b/published/201511/20151012 Curious about Linux Try Linux Desktop on the Cloud.md new file mode 100644 index 0000000000..2d2985bc34 --- /dev/null +++ b/published/201511/20151012 Curious about Linux Try Linux Desktop on the Cloud.md @@ -0,0 +1,44 @@ +好奇 Linux?试试云端的 Linux 桌面 +================================================================================ +Linux 在桌面操作系统市场上只占据了非常小的份额,从目前的调查结果来看,估计只有2%的市场份额;对比来看,丰富多变的 Windows 系统占据了接近90%的市场份额。对于 Linux 来说,要挑战 Windows 在桌面操作系统市场的垄断,需要有一个让用户学习不同的操作系统的简单方式。如果你相信传统的 Windows 用户会再买一台机器来使用 Linux,那你就太天真了。我们只能去试想用户重新分区,设置引导程序来使用双系统,或者跳过所有步骤回到一个最简单的方法。 + +![](http://www.linuxlinks.com/portal/content/reviews/Cloud/CloudComputing.png) + +我们实验过一系列让用户试操作 Linux 的无风险的使用方法,不涉及任何分区管理,包括 CD/DVD 光盘、USB 存储棒和桌面虚拟化软件等等。通过实验,我强烈推荐使用 VMware 的 VMware Player 或者 Oracle VirtualBox 虚拟机,对于桌面操作系统或者便携式电脑的用户,这是一种安装运行多操作系统的相对简单而且免费的的方法。每一台虚拟机和其他虚拟机相隔离,但是共享 CPU、内存、网络接口等等。虚拟机仍需要一定的资源来安装运行 Linux,也需要一台相当强劲的主机。但对于一个好奇心不大的人,这样做实在是太麻烦了。 + +要打破用户传统的使用观念是非常困难的。很多 Windows 用户可以尝试使用 Linux 提供的自由软件,但也有太多要学习的 Linux 系统知识。这会花掉他们相当一部分时间才能习惯 Linux 的工作方式。 + +当然了,对于一个第一次在 Linux 上操作的新手,有没有一个更高效的方法呢?答案是肯定的,接着往下看看云实验平台。 + +### LabxNow ### + +![LabxNow](http://www.linuxlinks.com/portal/content/reviews/Cloud/Screenshot-LabxNow.png) + +LabxNow 提供了一个免费服务,方便广大用户通过浏览器来访问远程 Linux 桌面。开发者将其加强为一个用户个人远程实验室(用户可以在系统里运行、开发任何程序),用户可以在任何地方通过互联网登入远程实验室。 + +这项服务现在可以为个人用户提供2核处理器,4GB RAM和10GB的固态硬盘,运行在128G RAM的4 AMD 6272处理器上。 + +#### 配置参数: #### + +- 系统镜像:基于 Ubuntu 14.04 的 Xface 4.10,RHEL 6.5,CentOS(Gnome桌面),Oracle +- 硬件: CPU - 1核或者2核;内存: 512MB, 1GB, 2GB or 4GB +- 超快的网络数据传输 +- 可以运行在所有流行的浏览器上 +- 可以安装任意程序,可以运行任何程序 – 这是一个非常棒的方法,可以随意做实验学习你想学的任何知识,没有 一点风险 +- 添加、删除、管理、制定虚拟机非常方便 +- 支持虚拟机共享,远程桌面 + +你所需要的只是一台有稳定网络的设备。不用担心虚拟专用系统(VPS)、域名、或者硬件带来的高费用。LabxNow提供了一个在 Ubuntu、RHEL 和 CentOS 上实验的非常好的方法。它给 Windows 用户提供一个极好的环境,让他们探索美妙的 Linux 世界。说得深入一点,它可以让用户随时随地在里面工作,而没有了要在每台设备上安装 Linux 的压力。点击下面这个链接进入 [www.labxnow.org/labxweb/][1]。 + +另外还有一些其它服务(大部分是收费服务)可以让用户使用 Linux,包括 Cloudsigma 环境的7天使用权和Icebergs.io (通过HTML5实现root权限)。但是现在,我推荐 LabxNow。 + +-------------------------------------------------------------------------------- + +来自: http://www.linuxlinks.com/article/20151003095334682/LinuxCloud.html + +译者:[sevenot](https://github.com/sevenot) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[1]:https://www.labxnow.org/labxweb/ diff --git a/published/201511/20151012 How To Use iPhone In Antergos Linux.md b/published/201511/20151012 How To Use iPhone In Antergos Linux.md new file mode 100644 index 0000000000..e9bbca215a --- /dev/null +++ b/published/201511/20151012 How To Use iPhone In Antergos Linux.md @@ -0,0 +1,81 @@ +如何在 Antergos Linux 中使用 iPhone +================================================================================ +![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/10/iPhone-Antergos-Arch-Linux.jpg) + +在Arch Linux中使用iPhone遇到麻烦了么?iPhone和Linux从来都没有很好地集成。本教程中,我会向你展示如何在Antergos Linux中使用iPhone,对于同样基于Arch的的Linux发行版如Manjaro也应该同样管用。 + +我最近购买了一台全新的iPhone 6S,当我连接到Antergos Linux中要拷贝一些照片时,它完全没有检测到它。我看见iPhone正在被充电并且我已经允许了iPhone“信任这台电脑”,但是还是完全没有检测到。我尝试运行`dmseg`但是没有关于iPhone或者Apple的信息。有趣的是我当我安装好了[libimobiledevice][1],这个就可以解决[iPhone在Ubuntu中的挂载问题][2]。 + +我会向你展示如何在Antergos中使用运行iOS 9的iPhone 6S。这会有更多的命令行,但是我假设你用的是ArchLinux,并不惧怕使用终端(也不应该惧怕)。 + +### 在Arch Linux中挂载iPhone ### + +**第一步**:如果已经插入,请拔下你的iPhone。 + +**第二步**:现在,打开终端输入下面的命令来安装必要的包。如果它们已经安装过了也没有关系。 + + sudo pacman -Sy ifuse usbmuxd libplist libimobiledevice + +**第三步**: 这些库和程序安装完成后,重启系统。 + + sudo reboot + +**第四步**:创建一个iPhone的挂载目录,我建议在家目录中创建一个iPhone目录。 + + mkdir ~/iPhone + +**第五步**:解锁你的手机并插入,如果询问是否信任该计算机,请允许信任。 + +![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/10/iPhone-mount-Antergos-Linux-2.jpeg) + +**第六步**: 看看这时iPhone是否已经被机器识别了。 + + dmesg | grep -i iphone + +这时就该显示iPhone和Apple的结果了。就像这样: + + [ 31.003392] ipheth 2-1:4.2: Apple iPhone USB Ethernet device attached + [ 40.950883] ipheth 2-1:4.2: Apple iPhone USB Ethernet now disconnected + [ 47.471897] ipheth 2-1:4.2: Apple iPhone USB Ethernet device attached + [ 82.967116] ipheth 2-1:4.2: Apple iPhone USB Ethernet now disconnected + [ 106.735932] ipheth 2-1:4.2: Apple iPhone USB Ethernet device attached + +这意味着这时iPhone已经被Antergos/Arch成功地识别了。 + +**第七步**: 设置完成后是时候挂载iPhone了,使用下面的命令: + + ifuse ~/iPhone + +由于我们在家目录中创建了挂载目录,你不需要root权限就可以在家目录中看见。如果命令成功了,你就不会看见任何输出。 + +回到Files看下iPhone是否已经识别。对于我而言,在Antergos中看上去这样: + +![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/10/iPhone-mount-Antergos-Linux.jpeg) + +你可以在这个目录中访问文件。从这里复制文件或者复制到里面。 + +![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/10/iPhone-mount-Antergos-Linux-1.jpeg) + +**第八步**: 当你想要卸载的时候,使用这个命令: + + sudo umount ~/iPhone + +### 对你有用么? ### + +我知道这并不是非常方便和理想,iPhone应该像其他USB设备那样工作,但是事情并不总是像人们想的那样。好的是一点小的DIY就能解决这个问题带来了一点成就感(至少对我而言)。我必须要说的是Antergos应该修复这个问题让iPhone可以默认挂载。 + +这个技巧对你有用么?如果你有任何问题或者建议,欢迎留下评论。 + +-------------------------------------------------------------------------------- + +via: http://itsfoss.com/iphone-antergos-linux/ + +作者:[Abhishek][a] +译者:[geekpi](https://github.com/geekpi) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://itsfoss.com/author/abhishek/ +[1]:http://www.libimobiledevice.org/ +[2]:http://itsfoss.com/mount-iphone-ipad-ios-7-ubuntu-13-10/ diff --git a/published/201511/20151012 How to Monitor Stock Prices from Ubuntu Command Line Using Mop.md b/published/201511/20151012 How to Monitor Stock Prices from Ubuntu Command Line Using Mop.md new file mode 100644 index 0000000000..50e64ca9ad --- /dev/null +++ b/published/201511/20151012 How to Monitor Stock Prices from Ubuntu Command Line Using Mop.md @@ -0,0 +1,92 @@ +命令行下使用 Mop 监视股票价格 +================================================================================ +![](https://www.maketecheasier.com/assets/uploads/2015/09/mop-featured-new.jpg) + +有一份隐性收入通常很不错,特别是当你可以轻松的协调业余和全职工作。如果你的日常工作使用了联网的电脑,交易股票就是一个获取额外收入的很流行的选项。 + +但是目前只有很少的股票监视软件可以运行在 linux 上,其中大多数还是基于图形界面的。如果你是一个 Linux 专家,并且大量的工作时间是在没有图形界面的电脑上呢?你是不是就没办法了?不,还是有一些命令行下的股票追踪工具,包括Mop,也就是本文要聊一聊的工具。 + +### Mop ### + +Mop,如上所述,是一个命令行下连续显示和更新美股和独立股票信息的工具。使用 GO 语言实现的,是 Michael Dvorkin 的智慧结晶。 + +### 下载安装 ### + +因为这个项目使用 GO 实现的,所以你要做的第一步是在你的计算机上安装这种编程语言,下面就是在 Debian 系的系统,比如 Ubuntu 上安装 GO 的步骤: + + sudo apt-get install golang + mkdir ~/workspace + echo 'export GOPATH="$HOME/workspace"' >> ~/.bashrc + source ~/.bashrc + +GO 安装好后的下一步是安装 Mop 工具和配置环境,你要做的是运行下面的命令: + + sudo apt-get install git + go get github.com/michaeldv/mop + cd $GOPATH/src/github.com/michaeldv/mop + make install + export PATH="$PATH:$GOPATH/bin" + +完成之后就可以运行下面的命令执行 Mop: + + cmd + +### 特性 ### + +当你第一次运行 Mop 时,你会看到类似下面的输出信息: + +![](https://www.maketecheasier.com/assets/uploads/2015/09/mop-first-run.jpg) + +如你所见,这些输出信息—— 周期性自动刷新 ——包含了主要几个交易所和个股的信息。 + +### 添加删除股票 ### + +Mop 允许你轻松的从输出列表上添加/删除个股信息。要添加,你全部要做的是按“+”和输入股票名称。举个例子,下图就是添加 Facebook (FB) 到列表里。 + +![](https://www.maketecheasier.com/assets/uploads/2015/09/mop-add-stock.png) + +我按下了“+”键,就出现了包含文本“Add tickers:”的一列,提示我添加股票名称—— 我添加了 FB 然后按下回车。输出列表更新了,我添加的新股票也出现在列表了: + +![](https://www.maketecheasier.com/assets/uploads/2015/09/mop-stock-added.png) + +类似的,你可以使用“-”键和提供股票名称删除一个股票。 + +#### 根据价格分组 #### + +还有一个把股票分组的办法:依据他们的股价升跌,你所要做的就是按下“g”键。接下来,股票会分组显示:升的在一起使用绿色字体显示,而下跌的股票会黑色字体显示。 + +如下所示: + +![](https://www.maketecheasier.com/assets/uploads/2015/09/mop-group-stocks-profit-loss.png) + +#### 列排序 #### + +Mop 同时也允许你根据不同的列类型改变排序规则。这种用法需要你按下“o”(这个命令默认使用第一列的值来排序),然后使用左右键来选择你要排序的列。完成之后按下回车对内容重新排序。 + +举个例子,下面的截图就是根据输出内容的第一列、按照字母表排序之后的结果。 + +![](https://www.maketecheasier.com/assets/uploads/2015/09/mop-change-order.png) + +**注意**: 为了更好的理解,和前面的截屏对比一下。 + +#### 其他选项 #### + +其它的可用选项包括“p”:暂停市场和股票信息更新,“q”或者“esc” 来退出命令行程序,“?”显示帮助页。 + +![](https://www.maketecheasier.com/assets/uploads/2015/09/mop-help.png) + +### 结论 ### + +Mop 是一个基础的股票监控工具,并没有提供太多的特性,只提供了它所声称的功能。很明显,这个工具并不是为专业股票交易者提供的,而仅仅为你在只有命令行的机器上得体的提供了一个跟踪股票信息的选择。 + +-------------------------------------------------------------------------------- + +via: https://www.maketecheasier.com/monitor-stock-prices-ubuntu-command-line/ + +作者:[Himanshu Arora][a] +译者:[oska874](https://github.com/oska874) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.maketecheasier.com/author/himanshu/ diff --git a/published/201511/20151012 How to Setup DockerUI--a Web Interface for Docker.md b/published/201511/20151012 How to Setup DockerUI--a Web Interface for Docker.md new file mode 100644 index 0000000000..10ead7542e --- /dev/null +++ b/published/201511/20151012 How to Setup DockerUI--a Web Interface for Docker.md @@ -0,0 +1,113 @@ +用浏览器管理 Docker +================================================================================ +Docker 越来越流行了。在一个容器里面而不是虚拟机里运行一个完整的操作系统是一种非常棒的技术和想法。docker 已经通过节省工作时间来拯救了成千上万的系统管理员和开发人员。这是一个开源技术,提供一个平台来把应用程序当作容器来打包、分发、共享和运行,而不用关注主机上运行的操作系统是什么。它没有开发语言、框架或打包系统的限制,并且可以在任何时间、任何地点运行,从小型计算机到高端服务器都可以。运行 docker 容器和管理它们可能会花费一点点努力和时间,所以现在有一款基于 web 的应用程序-DockerUI,可以让管理和运行容器变得很简单。DockerUI 是一个对那些不熟悉 Linux 命令行,但又很想运行容器化程序的人很有帮助的工具。DockerUI 是一个开源的基于 web 的应用程序,它最值得称道的是它华丽的设计和用来运行和管理 docker 的简洁的操作界面。 + +下面会介绍如何在 Linux 上安装配置 DockerUI。 + +### 1. 安装 docker ### + +首先,我们需要安装 docker。我们得感谢 docker 的开发者,让我们可以简单的在主流 linux 发行版上安装 docker。为了安装 docker,我们得在对应的发行版上使用下面的命令。 + +#### Ubuntu/Fedora/CentOS/RHEL/Debian #### + +docker 维护者已经写了一个非常棒的脚本,用它可以在 Ubuntu 15.04/14.10/14.04、 CentOS 6.x/7、 Fedora 22、 RHEL 7 和 Debian 8.x 这几个 linux 发行版上安装 docker。这个脚本可以识别出我们的机器上运行的 linux 的发行版本,然后将需要的源库添加到文件系统、并更新本地的安装源目录,最后安装 docker 及其依赖库。要使用这个脚本安装docker,我们需要在 root 用户或者 sudo 权限下运行如下的命令, + + # curl -sSL https://get.docker.com/ | sh + +#### OpenSuse/SUSE Linux 企业版 #### + +要在运行了 OpenSuse 13.1/13.2 或者 SUSE Linux Enterprise Server 12 的机器上安装 docker,我们只需要简单的执行zypper 命令。运行下面的命令就可以安装最新版本的docker: + + # zypper in docker + +#### ArchLinux #### + +docker 在 ArchLinux 的官方源和社区维护的 AUR 库中可以找到。所以在 ArchLinux 上我们有两种方式来安装 docker。使用官方源安装,需要执行下面的 pacman 命令: + + # pacman -S docker + +如果要从社区源 AUR 安装 docker,需要执行下面的命令: + + # yaourt -S docker-git + +### 2. 启动 ### + +安装好 docker 之后,我们需要运行 docker 守护进程,然后才能运行并管理 docker 容器。我们需要使用下列命令来确认 docker 守护进程已经安装并运行了。 + +#### 在 SysVinit 上#### + + # service docker start + +#### 在Systemd 上#### + + # systemctl start docker + +### 3. 安装 DockerUI ### + +安装 DockerUI 比安装 docker 要简单很多。我们仅仅需要从 docker 注册库上拉取 dockerui ,然后在容器里面运行。要完成这些,我们只需要简单的执行下面的命令: + + # docker run -d -p 9000:9000 --privileged -v /var/run/docker.sock:/var/run/docker.sock dockerui/dockerui + +![Starting DockerUI Container](http://blog.linoxide.com/wp-content/uploads/2015/09/starting-dockerui-container.png) + +在上面的命令里,dockerui 使用的默认端口是9000,我们需要使用`-p` 命令映射默认端口。使用`-v` 标志我们可以指定docker 的 socket。如果主机使用了 SELinux 那么就得使用`--privileged` 标志。 + +执行完上面的命令后,我们要检查 DockerUI 容器是否运行了,或者使用下面的命令检查: + + # docker ps + +![Running Docker Containers](http://blog.linoxide.com/wp-content/uploads/2015/09/running-docker-containers.png) + +### 4. 拉取 docker 镜像 ### + +现在我们还不能直接使用 DockerUI 拉取镜像,所以我们需要在命令行下拉取 docker 镜像。要完成这些我们需要执行下面的命令。 + + # docker pull ubuntu + +![Docker Image Pull](http://blog.linoxide.com/wp-content/uploads/2015/10/docker-image-pull.png) + +上面的命令将会从 docker 官方源 [Docker Hub][1]拉取一个标志为 ubuntu 的镜像。类似的我们可以从 Hub 拉取需要的其它镜像。 + +### 4. 管理 ### + +启动了 DockerUI 容器之后,我们可以用它来执行启动、暂停、终止、删除以及 DockerUI 提供的其它操作 docker 容器的命令。 + +首先,我们需要在 web 浏览器里面打开 dockerui:在浏览器里面输入 http://ip-address:9000 或者 http://mydomain.com:9000,具体要根据你的系统配置。默认情况下登录不需要认证,但是可以配置我们的 web 服务器来要求登录认证。要启动一个容器,我们需要有包含我们要运行的程序的镜像。 + +#### 创建 #### + +创建容器我们需要在 Images 页面里,点击我们想创建的容器的镜像 id。然后点击 `Create` 按钮,接下来我们就会被要求输入创建容器所需要的属性。这些都完成之后,我们需要点击按钮`Create` 完成最终的创建。 + +![Creating Docker Container](http://blog.linoxide.com/wp-content/uploads/2015/10/creating-docker-container.png) + +#### 停止 #### + +要停止一个容器,我们只需要跳转到`Containers` 页面,然后选取要停止的容器。然后在 Action 的子菜单里面按下 Stop 就行了。 + +![Managing Container](http://blog.linoxide.com/wp-content/uploads/2015/10/managing-container.png) + +#### 暂停与恢复 #### + +要暂停一个容器,只需要简单的选取目标容器,然后点击 Pause 就行了。恢复一个容器只需要在 Actions 的子菜单里面点击 Unpause 就行了。 + +#### 删除 #### + +类似于我们上面完成的任务,杀掉或者删除一个容器或镜像也是很简单的。只需要检查、选择容器或镜像,然后点击 Kill 或者 Remove 就行了。 + +### 结论 ### + +DockerUI 使用了 docker 远程 API 提供了一个很棒的管理 docker 容器的 web 界面。它的开发者们完全使用 HTML 和 JS 设计、开发了这个应用。目前这个程序还处于开发中,并且还有大量的工作要完成,所以我们并不推荐将它应用在生产环境。它可以帮助用户简单的完成管理容器和镜像,而且只需要一点点工作。如果想要为 DockerUI 做贡献,可以访问它们的 [Github 仓库][2]。如果有问题、建议、反馈,请写在下面的评论框,这样我们就可以修改或者更新我们的内容。谢谢。 + +-------------------------------------------------------------------------------- + +via: http://linoxide.com/linux-how-to/setup-dockerui-web-interface-docker/ + +作者:[Arun Pyasi][a] +译者:[oska874](https://github.com/oska874) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://linoxide.com/author/arunp/ +[1]:https://hub.docker.com/ +[2]:https://github.com/crosbymichael/dockerui/ diff --git a/published/201511/20151012 How to Setup Red Hat Ceph Storage on CentOS 7.0.md b/published/201511/20151012 How to Setup Red Hat Ceph Storage on CentOS 7.0.md new file mode 100644 index 0000000000..4f00be2f90 --- /dev/null +++ b/published/201511/20151012 How to Setup Red Hat Ceph Storage on CentOS 7.0.md @@ -0,0 +1,251 @@ +如何在 CentOS 7.0 上配置 Ceph 存储 +================================================================================ +Ceph 是一个将数据存储在单一分布式计算机集群上的开源软件平台。当你计划构建一个云时,你首先需要决定如何实现你的存储。开源的 Ceph 是红帽原生技术之一,它基于称为 RADOS 的对象存储系统,用一组网关 API 表示块、文件、和对象模式中的数据。由于它自身开源的特性,这种便携存储平台能在公有云和私有云上安装和使用。Ceph 集群的拓扑结构是按照备份和信息分布设计的,这种内在设计能提供数据完整性。它的设计目标就是容错、通过正确配置能运行于商业硬件和一些更高级的系统。 + +Ceph 能在任何 Linux 发行版上安装,但为了能正确运行,它需要最近的内核以及其它最新的库。在这篇指南中,我们会使用最小化安装的 CentOS-7.0。 + +### 系统资源 ### + + **CEPH-STORAGE** + OS: CentOS Linux 7 (Core) + RAM:1 GB + CPU:1 CPU + DISK: 20 + Network: 45.79.136.163 + FQDN: ceph-storage.linoxide.com + + **CEPH-NODE** + OS: CentOS Linux 7 (Core) + RAM:1 GB + CPU:1 CPU + DISK: 20 + Network: 45.79.171.138 + FQDN: ceph-node.linoxide.com + +### 安装前的配置 ### + +在安装 Ceph 存储之前,我们要在每个节点上完成一些步骤。第一件事情就是确保每个节点的网络已经配置好并且能相互访问。 + +**配置 Hosts** + +要在每个节点上配置 hosts 条目,要像下面这样打开默认的 hosts 配置文件(LCTT 译注:或者做相应的 DNS 解析)。 + + # vi /etc/hosts + +---------- + + 45.79.136.163 ceph-storage ceph-storage.linoxide.com + 45.79.171.138 ceph-node ceph-node.linoxide.com + +**安装 VMware 工具** + +工作环境是 VMWare 虚拟环境时,推荐你安装它的 open VM 工具。你可以使用下面的命令安装。 + + #yum install -y open-vm-tools + +**配置防火墙** + +如果你正在使用启用了防火墙的限制性环境,确保在你的 Ceph 存储管理节点和客户端节点中开放了以下的端口。 + + 你必须在你的 Admin Calamari 节点开放 80、2003、以及4505-4506 端口,并且允许通过 80 号端口到 CEPH 或 Calamari 管理节点,以便你网络中的客户端能访问 Calamari web 用户界面。 + +你可以使用下面的命令在 CentOS 7 中启动并启用防火墙。 + + #systemctl start firewalld + #systemctl enable firewalld + +运行以下命令使 Admin Calamari 节点开放上面提到的端口。 + + #firewall-cmd --zone=public --add-port=80/tcp --permanent + #firewall-cmd --zone=public --add-port=2003/tcp --permanent + #firewall-cmd --zone=public --add-port=4505-4506/tcp --permanent + #firewall-cmd --reload + +在 Ceph Monitor 节点,你要在防火墙中允许通过以下端口。 + + #firewall-cmd --zone=public --add-port=6789/tcp --permanent + +然后允许以下默认端口列表,以便能和客户端以及监控节点交互,并发送数据到其它 OSD。 + + #firewall-cmd --zone=public --add-port=6800-7300/tcp --permanent + +如果你工作在非生产环境,建议你停用防火墙以及 SELinux 设置,在我们的测试环境中我们会停用防火墙以及 SELinux。 + + #systemctl stop firewalld + #systemctl disable firewalld + +**系统升级** + +现在升级你的系统并重启使所需更改生效。 + + #yum update + #shutdown -r 0 + +### 设置 Ceph 用户 ### + +现在我们会新建一个单独的 sudo 用户用于在每个节点安装 ceph-deploy工具,并允许该用户无密码访问每个节点,因为它需要在 Ceph 节点上安装软件和配置文件而不会有输入密码提示。 + +运行下面的命令在 ceph-storage 主机上新建有独立 home 目录的新用户。 + + [root@ceph-storage ~]# useradd -d /home/ceph -m ceph + [root@ceph-storage ~]# passwd ceph + +节点中新建的每个用户都要有 sudo 权限,你可以使用下面展示的命令赋予 sudo 权限。 + + [root@ceph-storage ~]# echo "ceph ALL = (root) NOPASSWD:ALL" | sudo tee /etc/sudoers.d/ceph + ceph ALL = (root) NOPASSWD:ALL + + [root@ceph-storage ~]# sudo chmod 0440 /etc/sudoers.d/ceph + +### 设置 SSH 密钥 ### + +现在我们会在 Ceph 管理节点生成 SSH 密钥并把密钥复制到每个 Ceph 集群节点。 + +在 ceph-node 运行下面的命令复制它的 ssh 密钥到 ceph-storage。 + + [root@ceph-node ~]# ssh-keygen + Generating public/private rsa key pair. + Enter file in which to save the key (/root/.ssh/id_rsa): + Created directory '/root/.ssh'. + Enter passphrase (empty for no passphrase): + Enter same passphrase again: + Your identification has been saved in /root/.ssh/id_rsa. + Your public key has been saved in /root/.ssh/id_rsa.pub. + The key fingerprint is: + 5b:*:*:*:*:*:*:*:*:*:c9 root@ceph-node + The key's randomart image is: + +--[ RSA 2048]----+ + +---------- + + [root@ceph-node ~]# ssh-copy-id ceph@ceph-storage + +![SSH key](http://blog.linoxide.com/wp-content/uploads/2015/10/k3.png) + +### 配置 PID 数目 ### + +要配置 PID 数目的值,我们会使用下面的命令检查默认的内核值。默认情况下,是一个小的最大线程数 32768。 + +如下图所示通过编辑系统配置文件配置该值为一个更大的数。 + +![更改 PID 值](http://blog.linoxide.com/wp-content/uploads/2015/10/3-PID-value.png) + +### 配置管理节点服务器 ### + +配置并验证了所有网络后,我们现在使用 ceph 用户安装 ceph-deploy。通过打开文件检查 hosts 条目。 + + #vim /etc/hosts + ceph-storage 45.79.136.163 + ceph-node 45.79.171.138 + +运行下面的命令添加它的库。 + + #rpm -Uhv http://ceph.com/rpm-giant/el7/noarch/ceph-release-1-0.el7.noarch.rpm + +![添加 Ceph 仓仓库](http://blog.linoxide.com/wp-content/uploads/2015/10/k1.png) + +或者创建一个新文件并更新 Ceph 库参数,别忘了替换你当前的 Release 和版本号。 + + [root@ceph-storage ~]# vi /etc/yum.repos.d/ceph.repo + +---------- + + [ceph-noarch] + name=Ceph noarch packages + baseurl=http://ceph.com/rpm-{ceph-release}/{distro}/noarch + enabled=1 + gpgcheck=1 + type=rpm-md + gpgkey=https://ceph.com/git/?p=ceph.git;a=blob_plain;f=keys/release.asc + +之后更新你的系统并安装 ceph-deploy 软件包。 + +### 安装 ceph-deploy 软件包 ### + +我们运行下面的命令以及 ceph-deploy 安装命令来更新系统以及最新的 ceph 库和其它软件包。 + + #yum update -y && yum install ceph-deploy -y + + +### 配置集群 ### + +使用下面的命令在 ceph 管理节点新建一个目录并进入新目录,用于收集所有输出文件和日志。 + + #mkdir ~/ceph-cluster + #cd ~/ceph-cluster + +---------- + + #ceph-deploy new storage + +![设置 ceph 集群](http://blog.linoxide.com/wp-content/uploads/2015/10/k4.png) + +如果成功执行了上面的命令,你会看到它新建了配置文件。 + +现在配置 Ceph 默认的配置文件,用任意编辑器打开它并在会影响你公共网络的 global 参数下面添加以下两行。 + + #vim ceph.conf + osd pool default size = 1 + public network = 45.79.0.0/16 + +### 安装 Ceph ### + +现在我们准备在和 Ceph 集群相关的每个节点上安装 Ceph。我们使用下面的命令在 ceph-storage 和 ceph-node 上安装 Ceph。 + + #ceph-deploy install ceph-node ceph-storage + +![安装 ceph](http://blog.linoxide.com/wp-content/uploads/2015/10/k5.png) + +处理所有所需仓库和安装所需软件包会需要一些时间。 + +当两个节点上的 ceph 安装过程都完成后,我们下一步会通过在相同节点上运行以下命令创建监视器并收集密钥。 + + #ceph-deploy mon create-initial + +![Ceph 初始化监视器](http://blog.linoxide.com/wp-content/uploads/2015/10/k6.png) + +### 设置 OSDs 和 OSD 守护进程 ### + +现在我们会设置磁盘存储,首先运行下面的命令列出你所有可用的磁盘。 + + #ceph-deploy disk list ceph-storage + +结果中会列出你存储节点中使用的磁盘,你会用它们来创建 OSD。让我们运行以下包括你磁盘名称的命令。 + + #ceph-deploy disk zap storage:sda + #ceph-deploy disk zap storage:sdb + +为了最后完成 OSD 配置,运行下面的命令配置日志磁盘以及数据磁盘。 + + #ceph-deploy osd prepare storage:sdb:/dev/sda + #ceph-deploy osd activate storage:/dev/sdb1:/dev/sda1 + +你需要在所有节点上运行相同的命令,它会清除你磁盘上的所有东西。之后为了集群能运转起来,我们需要使用以下命令从 ceph 管理节点复制不同的密钥和配置文件到所有相关节点。 + + #ceph-deploy admin ceph-node ceph-storage + +### 测试 Ceph ### + +我们快完成了 Ceph 集群设置,让我们在 ceph 管理节点上运行下面的命令检查正在运行的 ceph 状态。 + + #ceph status + #ceph health + HEALTH_OK + +如果你在 ceph status 中没有看到任何错误信息,就意味着你成功地在 CentOS 7 上安装了 ceph 存储集群。 + +### 总结 ### + +在这篇详细的文章中我们学习了如何使用两台安装了 CentOS 7 的虚拟机设置 Ceph 存储集群,这能用于备份或者作为用于处理其它虚拟机的本地存储。我们希望这篇文章能对你有所帮助。当你试着安装的时候记得分享你的经验。 + +-------------------------------------------------------------------------------- + +via: http://linoxide.com/storage/setup-red-hat-ceph-storage-centos-7-0/ + +作者:[Kashif Siddique][a] +译者:[ictlyh](http://mutouxiaogui.cn/blog/) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://linoxide.com/author/kashifs/ \ No newline at end of file diff --git a/published/201511/20151012 Linux FAQs with Answers--How to find information about built-in kernel modules on Linux.md b/published/201511/20151012 Linux FAQs with Answers--How to find information about built-in kernel modules on Linux.md new file mode 100644 index 0000000000..ada766b696 --- /dev/null +++ b/published/201511/20151012 Linux FAQs with Answers--How to find information about built-in kernel modules on Linux.md @@ -0,0 +1,53 @@ +Linux有问必答:如何找出Linux中内置模块的信息 +================================================================================ +> **提问**:我想要知道Linux系统中内核内置的模块,以及每个模块有哪些参数。有什么方法可以得到内置模块和设备驱动的列表,以及它们的详细信息呢? + +现代Linux内核正在随着时间变化而迅速增长,以支持大量的硬件、文件系统和网络功能。在此期间,“可加载模块(loadable kernel modules,[LKM])”的引入防止内核变得越来越臃肿,以及在不同的环境中灵活地扩展功能及硬件支持,而不必重新构建内核。 + +最新的Linux发行版的内核只带了相对较小的“内置模块(built-in modules)”,其余的特定硬件驱动或者自定义功能作为“可加载模块”来让你选择地加载或卸载。 + +内置模块被静态地编译进了内核。不像可加载内核模块可以动态地使用`modprobe`、`insmod`、`rmmod`、`modinfo`或者`lsmod`等命令地加载、卸载、查询模块,内置的模块总是在启动时就加载进了内核,不会被这些命令管理。 + +### 找出内置模块列表 ### + +要得到内置模块列表,运行下面的命令。 + + $ cat /lib/modules/$(uname -r)/modules.builtin + +![](https://farm1.staticflickr.com/697/21481933835_ef6b9c71e1_c.jpg) + +你也可以用下面的命令来查看有哪些内置模块: + +![](https://farm6.staticflickr.com/5643/21295025949_57f5849c36_c.jpg) + +### 找出内置模块参数 ### + +每个内核模块无论是内置的还是可加载的都有一系列的参数。对于可加载模块,`modinfo`命令可以显示它们的参数信息。然而这个命令对内置模块没有用。你会得到下面的错误。 + + modinfo: ERROR: Module XXXXXX not found. + +如果你想要查看内置模块的参数,以及它们的值,你可以在 **/sys/module** 下检查它们的内容。 + +在 /sys/module目录下,你可以找到内核模块(包含内置和可加载的)命名的子目录。进入每个模块目录,这里有个“parameters”目录,列出了这个模块所有的参数。 + +比如你要找出tcp_cubic(内核默认的TCP实现)模块的参数。你可以这么做: + + $ ls /sys/module/tcp_cubic/parameters + +接着阅读这个文件查看每个参数的值。 + + $ cat /sys/module/tcp_cubic/parameters/tcp_friendliness + +![](https://farm6.staticflickr.com/5639/21293886250_a199b9c8f7_c.jpg) + +-------------------------------------------------------------------------------- + +via: http://ask.xmodulo.com/find-information-builtin-kernel-modules-linux.html + +作者:[Dan Nanni][a] +译者:[geekpi](https://github.com/geekpi) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://ask.xmodulo.com/author/nanni diff --git a/published/201511/20151012 What is a good IDE for R on Linux.md b/published/201511/20151012 What is a good IDE for R on Linux.md new file mode 100644 index 0000000000..36cd1ecda9 --- /dev/null +++ b/published/201511/20151012 What is a good IDE for R on Linux.md @@ -0,0 +1,62 @@ +Linux 上好用的 R 语言 IDE +================================================================================ + +前一段时间,我已经介绍过 [Linux 上针对 C/C++ 语言的最好 IDE][1]。很显然 C 或 C++ 并不是现存的唯一的编程语言,是时间讨论某些更加特别的语言了。 + +假如你做过一些统计工作,很可能你已经见识过 [R 语言][2] 了。假如你还没有,我真的非常推荐这门专为统计和数据挖掘而生的开源编程语言。若你拥有编程背景,它的语法可能会使你感到有些不适应,但希望它的向量化操作所带来的快速能够吸引到你。简而言之,请尝试使用一下这门语言。而要做到这一点,使用一个好的 IDE 来入门或许会更好。R 作为一门跨平台的语言,有着一大把好用的 IDE,它们使得用 R 语言进行数据分析变得更惬意。假如你非常钟意一个特定的编辑器,这里也有一些好用的插件来将它转变为一个成熟的 R 语言的 IDE。 + +下面就让我们见识一下 Linux 环境下 5 个针对 R 语言的好用 IDE吧。 + +### 1. RStudio ### + +![](https://c1.staticflickr.com/1/603/22093054381_431383ab60_c.jpg) + +就让我们以或许是最为人们喜爱的 R IDE —— [RStudio][3] 来开始我们的介绍吧。除了一般 IDE 所提供的诸如语法高亮、代码补全等功能,RStudio 还因其集成了 R 语言帮助文档、强大的调试器、多视图系统而突出。如果你准备入门 R 语言,我只建议你将 RStudio 作为你的 R 语言控制台,一方面用它来实时测试代码是很完美的,另外对象浏览器可以帮助你理解你正在处理的是哪类数据。最后,真正征服我的是它集成了图形显示器,使得你能够更轻松地将图形输出为图片文件。至于它不好的方面, RStudio 缺乏快捷键和高级设置来使得它成为一个完美的 IDE。然而,它有一个以 AGPL 协议发布的免费版本, Linux 用户没有借口不去试试这个 IDE。 + +### 2. 带有 ESS 插件的 Emacs ### + +![](https://c2.staticflickr.com/6/5824/22056857776_a14a4e7e1b_c.jpg) + +在我的前一个有关 IDE 的文章中,很多朋友对我所给出的清单中没有 Emacs 而感到失望。对于这个,我的主要理由是 Emacs 可以说是 IDE 里面的“通配符”:你可以将它放到任意语言的 IDE 清单中。但对于 [带有 ESS 插件的 R][4] 来说,事情就变得有些不同了。Emacs Speaks Statistics (ESS) 是一个令人惊异的插件,它将完全改变你使用 Emacs 编辑器的方式,真的非常适合 R 编程者的需求。与 RStudio 类似,带有 ESS 的 Emacs 拥有多视图,它有两个面板:一个显示代码,另一个则是一个 R 控制台,使得实时地测试代码和探索数据对象变得更加容易。但 ESS 真正的长处是可以和你已安装的其他 Emacs 插件无缝集成,以及它的高级配置选项。简而言之,如果你喜欢你的 Emacs 快捷键,你将能够在 R 语言开发环境下使用它们。然而,当你在 ESS 中处理大量数据时,我已经听闻并经历了一些效率低下的问题。尽管这个问题不是很重大,但足以让我更偏好 RStudio。 + +### 3. Vim 及 Vim-R-plugin ### + +![](https://c1.staticflickr.com/1/680/22056923916_abe3531bb4_b.jpg) + +在谈论完 Emacs 后,因为我不想去讨论 Emacs 和 Vim 的优劣,所以我尽力给予 Vim 同样的待遇,下面介绍 [Vim R 插件][5]。使用名为 tmux 的终端工具,这个工具使得在开启一个 R 控制台的同时,又书写 R 代码成为可能。但最为重要的是,它还为 Vim 带来了 R 语言的语法高亮和自动补全。你还可以轻易地获取 R 帮助文档和浏览数据对象。但再次强调,这些强大的功能来源于它大量的自定义选项和 Vim 的速度。假如你被这些功能所诱惑,我希望你能够通读有关介绍如何安装这个插件并设置相关环境的[文档][6]。 + +### 4. 带有 RGedit 的 Gedit ### + +![](https://c1.staticflickr.com/1/761/22056923956_1413f60b42_c.jpg) + +若 Emacs 和 Vim 都不是你的菜,而你恰好喜欢默认的 Gnome 编辑器,则 [RGedit][7] 就是专门为你而生的:它是 Gedit 的一个专门编辑 R 代码的插件。Gedit 比你以为的更强大,配上大量的插件,就有可能用它来做许许多多的事情。而 RGedit 恰好就是你编辑 R 代码所需要的那款插件。它支持传统的语法高亮并在屏幕下方集成了 R 控制台,但它还有一大类独特的功能,例如多文件编辑、代码折叠、文件查看器,甚至还有一个 GUI 的向导用来从 snippets 产生代码。尽管我对 Gedit 并不感冒,但我必须承认这些功能比一般插件的功能更好,并且在你花费很长时间去分析数据时它会有很大的帮助。唯一的不足是它的最后一次更新是 2013 年。我真的希望这个项目能够被重新焕发新生。 + +### 5. RKWard ### + +![](https://c2.staticflickr.com/6/5643/21896132829_2ea8f3a320_c.jpg) + +最后的并不意味着最不重要,作为这个清单的最后,[RKWard][8] 是一个 KDE 环境下的 R 语言 IDE。我最喜爱它的一点是它的名称。但说老实话,它的包管理系统和类似电子表格的数据编辑器排在我最喜欢它的理由的第二位。除了这些,它还包含一个简单的用来画图和导入数据的系统,另外它还可以使用插件来扩展功能。假如你不是一个 KDE 迷,或许你有点不喜欢这个,但若你是,我真的建议你考虑使用它。 + +总的来说,无论你是否刚入门 R 语言,这些 IDE 对你或许都有些帮助。假如你更偏好某个软件它自身所代表的东西或者是偏好针对你喜爱的编辑器的插件,这些都没有什么问题,我确信你将感激这些软件所提供的某些功能。同时我还确信我遗漏了很多好的针对 R 语言的 IDE,或许它们值得罗列在这个清单上。鉴于你们在上一篇针对 C/C++ 的最好 IDE 这个话题中陈述了很多非常有用的评论,我也邀请你们在这里做出同样精彩的评论并分享出你的知识。 + +关于 Linux 下针对 R 语言的好用编辑器,你有什么看法呢?请在下面的评论中让我们知晓。 + +-------------------------------------------------------------------------------- + +via: http://xmodulo.com/good-ide-for-r-on-linux.html + +作者:[Adrien Brochard][a] +译者:[FSSlc](https://github.com/FSSlc) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://xmodulo.com/author/adrien +[1]:http://xmodulo.com/good-ide-for-c-cpp-linux.html +[2]:https://www.r-project.org/ +[3]:https://www.rstudio.com/ +[4]:http://ess.r-project.org/ +[5]:http://www.vim.org/scripts/script.php?script_id=2628 +[6]:http://www.lepem.ufc.br/jaa/r-plugin.html +[7]:http://rgedit.sourceforge.net/ +[8]:https://rkward.kde.org/ diff --git a/published/201511/20151019 Linux FAQs with Answers--How to install Ubuntu desktop behind a proxy.md b/published/201511/20151019 Linux FAQs with Answers--How to install Ubuntu desktop behind a proxy.md new file mode 100644 index 0000000000..80a79534ca --- /dev/null +++ b/published/201511/20151019 Linux FAQs with Answers--How to install Ubuntu desktop behind a proxy.md @@ -0,0 +1,61 @@ +Linux有问必答: 当使用代理服务器连接互联网时如何安装 Ubuntu 桌面版 +================================================================================ +> **提问:** 我的电脑连接到的公司网络是使用HTTP代理连上互联网的。当我想使用CD-ROM安装Ubuntu时,安装在尝试获取文件时被停滞了,可能是由于代理的原因。然而问题是Ubuntu的安装程序从来没有在安装过程中提示我配置代理。我该怎样通过代理服务器安装Ubuntu桌面版? + +不像Ubuntu服务器版,Ubuntu桌面版的安装非常自动化,没有留下太多的自定义空间,就像自定义磁盘分区,手动网络设置,包选择等等。虽然这种简单的,一键安装被认为是用户友好的,但却是那些寻找“高级安装模式”来定制自己的Ubuntu桌面安装的用户不希望的。 + +除此之外,默认的Ubuntu桌面版安装器的一个大问题是缺少代理设置。如果你电脑在代理后面,你会看到Ubuntu在准备下载文件的时候停滞了。 + +![](https://c2.staticflickr.com/6/5683/22195372232_cea81a5e45_c.jpg) + +这篇文章描述了如何解除Ubuntu安装限制以及**如何通过代理服务器安装Ubuntu桌面**。 + +基本的想法是这样的。首先启动到live Ubuntu桌面中而不是直接启动Ubuntu安装器,配置代理设置并且手动在live Ubuntu中启动Ubuntu安装器。下面是步骤。 + +从Ubuntu桌面版CD/DVD或者USB启动后,在欢迎页面点击“Try Ubuntu”。 + +![](https://c1.staticflickr.com/1/586/22195371892_3816ba09c3_c.jpg) + +当你进入live Ubuntu后,点击左边的设置图标。 + +![](https://c1.staticflickr.com/1/723/22020327738_058610c19d_c.jpg) + +进入网络菜单。 + +![](https://c2.staticflickr.com/6/5675/22021212239_ba3901c8bf_c.jpg) + +手动配置代理。 + +![](https://c1.staticflickr.com/1/735/22020025040_59415e0b9a_c.jpg) + +接下来,打开终端。 + +![](https://c2.staticflickr.com/6/5642/21587084823_357b5c48cb_c.jpg) + +输入下面的命令进入root会话。 + + $ sudo su + +最后以root权限输入下面的命令。 + + # ubiquity gtk_ui + +它会启动基于GUI的Ubuntu安装器。 + +![](https://c1.staticflickr.com/1/723/22020025090_cc64848b6c_c.jpg) + +接着完成剩余的安装。 + +![](https://c1.staticflickr.com/1/628/21585344214_447020e9d6_c.jpg) + +-------------------------------------------------------------------------------- + +via: http://ask.xmodulo.com/install-ubuntu-desktop-behind-proxy.html + +作者:[Dan Nanni][a] +译者:[geekpi](https://github.com/geekpi) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://ask.xmodulo.com/author/nanni diff --git a/published/201511/20151019 Nautilus File Search Is About To Get A Big Power Up.md b/published/201511/20151019 Nautilus File Search Is About To Get A Big Power Up.md new file mode 100644 index 0000000000..b38d77c28e --- /dev/null +++ b/published/201511/20151019 Nautilus File Search Is About To Get A Big Power Up.md @@ -0,0 +1,38 @@ +Nautilus 的文件搜索将迎来巨大提升 +================================================================================ +![](http://www.omgubuntu.co.uk/wp-content/uploads/2015/10/nautilus-new-search-filters.jpg) + +*在Nautilus中搜索零散文件和文件夹将会将会变得相当简单。* + +[GNOME文件管理器][1]中正在开发一个新的**搜索过滤器**。它大量使用 GNOME 漂亮的弹出式菜单,以通过简单的方法来缩小搜索结果并精确地找到你所需要的。 + +开发者Georges Stavracas正致力于开发新的UI,他[说][2]这个新的界面“更干净、更合理、更直观”。 + +根据他[上传到Youtube][3]的视频来展示的新方式-他还没有嵌入它-他没有错。 + +> 他在他的博客中写到:“ Nautilus 有非常复杂但是强大的内部组成,它允许我们做很多事情。事实上在代码上存在各种可能。那么,为何它曾经看上去这么糟糕?” + +这个问题的部分原因比较令人吃惊:新的搜索过滤器界面向用户展示了“强大的内部组成”。搜索结果可以根据类型、名字或者日期范围来进行过滤。 + +对于像 Nautilus 这类 app 的任何修改有可能让一些用户不安,因此像这样帮助性的、直接的新UI会带来一些争议。 + +虽然对于不满的担心貌似会影响进度(毫无疑问,虽然像[移除输入优先搜索][4]的争议自2014年以来一直在争论)。GNOME 3.18 在[上个月发布了][5],给 Nautilus 引入了新的文件进度对话框,以及远程共享的更好整合,包括 Google Drive。 + +Stavracas 的搜索过滤器还没被合并进 Files 的 trunk 中,但是复刻的搜索 UI 已经初步计划在明年春天的 GNOME 3.20 中实现。 + +-------------------------------------------------------------------------------- + +via: http://www.omgubuntu.co.uk/2015/10/new-nautilus-search-filter-ui + +作者:[Joey-Elijah Sneddon][a] +译者:[geekpi](https://github.com/geekpi) +校对:[Caroline](https://github.com/carolinewuyan) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://plus.google.com/117485690627814051450/?rel=author +[1]:https://wiki.gnome.org/Apps/Nautilus +[2]:http://feaneron.com/2015/10/12/the-new-search-for-gnome-files-aka-nautilus/ +[3]:https://www.youtube.com/watch?v=X2sPRXDzmUw +[4]:http://www.omgubuntu.co.uk/2014/01/ubuntu-14-04-nautilus-type-ahead-patch +[5]:http://www.omgubuntu.co.uk/2015/09/gnome-3-18-release-new-features diff --git a/published/201511/20151027 How To Install Retro Terminal In Linux.md b/published/201511/20151027 How To Install Retro Terminal In Linux.md new file mode 100644 index 0000000000..3284f0d465 --- /dev/null +++ b/published/201511/20151027 How To Install Retro Terminal In Linux.md @@ -0,0 +1,74 @@ +Linux 下如何安装 Retro Terminal +================================================================================ +![Retro Terminal in Linux](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/10/Retro-Terminal-Linux.jpeg) + +你有怀旧情节?那就试试 **安装复古终端应用** [cool-retro-term][1] 来一瞥过去的时光吧。顾名思义,`cool-retro-term` 是一个兼具酷炫和怀旧的终端。 + +你还记得那段遍地都是 CRT 显示器、终端屏幕闪烁不停的时光吗?现在你并不需要穿越到过去来见证那段时光。假如你观看背景设置在上世纪 90 年代的电影,你就可以看到大量带有绿色或黑底白字的显像管显示器。这种极客光环让它们看起来非常酷! + +若你已经厌倦了你机器中终端的外表,正寻找某些炫酷且‘新奇’的东西,则 `cool-retro-term` 将会带给你一个复古的终端外表,使你可以重温过去。你也可以改变它的颜色、动画类型并添加一些额外的特效。 + +下面是不同外观下 `cool-retro-term` 的一些截图: + +![Retro Terminal](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/10/Retro-Terminal-Linux-1.jpeg) + +![Retro Terminal Linux](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/10/Retro-Terminal-Linux-2.jpeg) + +![Vintage Terminal](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/10/Retro-Terminal-Linux-3.jpeg) + +### 在基于 Ubuntu 的 Linux 发行版本下安装 cool-retro-term ### + +如果想在基于 Ubuntu 的 Linux 发行版本下安装 cool-retro-term,例如 Linux Mint,elementary OS, Linux Lite 等,可以使用下面的 PPA: + + sudo add-apt-repository ppa:noobslab/apps + sudo apt-get update + sudo apt-get install cool-retro-term + +### 在基于 Arch 的 Linux 发行版本下安装 cool-retro-term ### + +若你想在诸如 [Antergos][2] 和 [Manjaro][3] 等基于 Arch 的 Linux 发行版本下安装 cool-retro-term ,则可以使用下面的命令: + + sudo pacman -S cool-retro-term + +### 从源代码安装 cool-retro-term ### + +如果你想从源代码安装这个应用,那么首先你需要安装一些依赖。在基于 Ubuntu 的发行版本中,已知的依赖有: + + sudo apt-get install git build-essential qmlscene qt5-qmake qt5-default qtdeclarative5-dev qtdeclarative5-controls-plugin qtdeclarative5-qtquick2-plugin libqt5qml-graphicaleffects qtdeclarative5-dialogs-plugin qtdeclarative5-localstorage-plugin qtdeclarative5-window-plugin + +对于其他发行版本,已知的依赖可以在 [cool-retro-term 的 github 页面][4] 中找到。 + +现在使用下面的命令来编译这个程序吧: + + git clone https://github.com/Swordfish90/cool-retro-term.git + cd cool-retro-term + qmake && make + +一旦程序编译成功,你就可以使用下面的命令来运行它了: + + ./cool-retro-term + +假如你想把这个应用放在程序菜单中以便快速找到,这样你就不用再每次手动地用命令来启动它,则你可以使用下面的命令: + + sudo cp cool-retro-term.desktop /usr/share/applications + +在这里你可以学到更多的终端技巧。在 Linux 中享受这个复古的终端吧 :) + +稿件来自: [Abhishek Prakash][5] + +-------------------------------------------------------------------------------- + +via: http://itsfoss.com/cool-retro-term/ + +作者:[Abhishek Prakash][a] +译者:[FSSlc](https://github.com/FSSlc) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://itsfoss.com/author/abhishek/ +[1]:https://github.com/Swordfish90/cool-retro-term +[2]:http://itsfoss.com/tag/antergos/ +[3]:https://manjaro.github.io/ +[4]:https://github.com/Swordfish90/cool-retro-term +[5]:http://itsfoss.com/author/abhishek/ diff --git a/published/201511/20151027 How To Show Desktop In GNOME 3.md b/published/201511/20151027 How To Show Desktop In GNOME 3.md new file mode 100644 index 0000000000..08933c0cb7 --- /dev/null +++ b/published/201511/20151027 How To Show Desktop In GNOME 3.md @@ -0,0 +1,64 @@ +如何在 GNOME 3 中显示桌面 +================================================================================ +![How to show desktop in GNOME 3](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/10/Show-Desktop-in-GNOME-3.jpg) + +你**如何在 GNOME 3 中显示桌面**?GNOME是一个很棒的桌面环境但是它更加专注于在程序间切换。如果你想关闭所有运行中的窗口,仅仅显示桌面呢? + +在Windows中,你可以按下Windows+D。在Ubuntu Unity中,可以用Ctrl+Super+D快捷键。不过由于一些原因,GNOME禁用了显示桌面的快捷键。 + +当你按下Super+D或者Ctrl+Super+D,什么都不会发生。如果你想要看到桌面,你得一个个最小化窗口。如果你有好几个打开的窗口那么这会非常不方便。 + +在本教程中,我将会向你展示在[GNOME 3][1]中添加显示桌面的快捷键。 + +### 在GNOME 3 中添加显示桌面的快捷键 ### + +我在本教程的使用的是带有GNOME 3.18的[Antergos Linux][2],但是这些步骤对于任何GNOME 3版本的Linux发行版都适用。同时,Antergos也使用了[Numix主题][3]作为默认主题。因此你也许不会看到平常的GNOME图标。但是我相信步骤是一目了然的,很容易就能理解。 + +#### 第一步 #### + +进入系统设置。点击右上角,在下拉列表中,点击系统设置图标。 + +![System Settings in GNOME Antergos Linux](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/10/Show-Desktop-GNOME-1.png) + +#### 第二步 #### + +当你在系统设置中时,寻找Keyboard设置。 + +![Keyboard settings in GNOME 3](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/10/Show-Desktop-GNOME-2.png) + +#### 第三步 #### + +在这里,选择**Shortcuts**标签并在左边拦选择**Navigation**。向下滚动一点查找**Hide all normal windows**。你会看见它已经被禁用了。 + +![Shortcut keys in GNOME 3](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/10/Show-Desktop-GNOME-3.jpeg) + +#### 第四步 #### + +在“Hide all normla windows”上面点击一下。你会看到它变成了**New accelerator**。现在无论你按下哪个键,它都会被指定为显示桌面的快捷键。 + +如果你不小心按下了错误的组合键,只要按下退格它就会被禁用。再次点击并使用需要的组合键。 + +![Shortcut key edit in GNOME 3](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/10/Show-Desktop-GNOME-4.jpeg) + +#### 第五步 #### + +一旦设置了组合键,只要关闭系统设置。不用保存设置因为更改是立即生效的。在本例中,我使用Ctrl+Super+D来与我在Ubuntu Unity中的使用习惯保持一致。 + +![Keyboard shortcut edit in GNOME](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/10/Show-Desktop-GNOME-5.jpeg) + +就是这样。享受GNOME 3中的显示桌面快捷键吧。我希望这篇教程对你们有用。有任何问题、建议或者留言都欢迎:) + +-------------------------------------------------------------------------------- + +via: http://itsfoss.com/show-desktop-gnome-3/ + +作者:[Abhishek][a] +译者:[geekpi](https://github.com/geekpi) +校对:[Caroline](https://github.com/carolinewuyan) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://itsfoss.com/author/abhishek/ +[1]:https://www.gnome.org/gnome-3/ +[2]:http://itsfoss.com/tag/antergos/ +[3]:https://linux.cn/article-3281-1.html diff --git a/published/201511/20151027 How to Use SSHfs to Mount a Remote Filesystem on Linux.md b/published/201511/20151027 How to Use SSHfs to Mount a Remote Filesystem on Linux.md new file mode 100644 index 0000000000..cd2274071f --- /dev/null +++ b/published/201511/20151027 How to Use SSHfs to Mount a Remote Filesystem on Linux.md @@ -0,0 +1,72 @@ +如何在 Linux 上使用 SSHfs 挂载一个远程文件系统 +================================================================================ +你曾经想过用安全 shell 挂载一个远程文件系统到本地吗?如果有的话,SSHfs 也许就是你所需要的。它通过使用 SSH 和 Fuse(LCTT 译注:Filesystem in Userspace,用户态文件系统,是 Linux 中用于挂载某些网络空间,如 SSH,到本地文件系统的模块) 允许你挂载远程计算机(或者服务器)到本地。 + +**注意**: 这篇文章假设你明白[SSH 如何工作并在你的系统中配置 SSH][1]。 + +### 准备 ### + +在使用 SSHfs 挂载之前,需要进行一些设置 - 在你的系统上安装 SSHfs 以及 fuse 软件包。你还需要为 fuse 创建一个组,添加用户到组,并创建远程文件系统将会驻留的目录。 + +要在 Ubuntu Linux 上安装两个软件包,只需要在终端窗口输入以下命令: + + sudo apt-get install sshfs fuse + +![ubuntu 安装 sshfs-fuse](https://www.maketecheasier.com/assets/uploads/2015/10/sshfs-install-fuse-ubuntu.jpg) + +如果你使用的不是 Ubuntu,那就在你的发行版软件包管理器中搜索软件包名称。最好搜索和 fuse 或 SSHfs 相关的关键字,因为取决于你运行的系统,软件包名称可能稍微有些不同。 + +在你的系统上安装完软件包之后,就该创建好 fuse 组了。在你安装 fuse 的时候,应该会在你的系统上创建一个组。如果没有的话,在终端窗口中输入以下命令以便在你的 Linux 系统中创建组: + + sudo groupadd fuse + +添加了组之后,把你的用户添加到这个组。 + + sudo gpasswd -a "$USER" fuse + +![sshfs 添加用户到组 fuse](https://www.maketecheasier.com/assets/uploads/2015/10/sshfs-add-user-to-fuse-group.png) + +别担心上面命令的 `$USER`。shell 会自动用你自己的用户名替换。处理了和组相关的工作之后,就是时候创建要挂载远程文件的目录了。 + + mkdir ~/remote_folder + +在你的系统上创建了本地目录之后,就可以通过 SSHfs 挂载远程文件系统了。 + +### 挂载远程文件系统 ### + +要在你的机器上挂载远程文件系统,你需要在终端窗口中输入一段较长的命令。 + + sshfs -o idmap=user username@ip.address:/remote/file/system/ ~/remote + +![sshfs 挂载文件系统到本地目录1](https://www.maketecheasier.com/assets/uploads/2015/10/sshfs-mount-file-system-to-local-folder.png) + +**注意**: 也可以通过 SSH 密钥文件挂载 SSHfs 文件系统。只需要在上面的命中用 `sshfs -o IdentityFile=~/.ssh/keyfile`, 替换 `sshfs -o idmap=user` 部分。 + +输入这个命令之后,会提示你输入远程用户的密码。如果登录成功了,你的远程文件系统就会被挂载到之前创建的 `~/remote_folder` 目录。 + +![sshfs挂载文件系统到本地目录2](https://www.maketecheasier.com/assets/uploads/2015/10/sshfs-mount-file-system-to-local-folder-2.jpg) + +使用完了你的远程文件系统,想要卸载它?容易吗?只需要在终端输入下面的命令: + + sudo umount ~/remote_folder + +这个简单的命令会断开远程连接同时清空 remote_folder 目录。 + +### 总结 ### + +在 Linux 上有很多工具可以用于访问远程文件并挂载到本地。但是如之前所说,如果有的话,也只有很少的工具能充分利用 SSH 的强大功能。我希望在这篇指南的帮助下,也能认识到 SSHfs 是一个多么强大的工具。 + +你觉得 SSHfs 怎么样呢?在下面的评论框里告诉我们吧! + +-------------------------------------------------------------------------------- + +via: https://www.maketecheasier.com/sshfs-mount-remote-filesystem-linux/ + +作者:[Derrik Diener][a] +译者:[ictlyh](http://mutouxiaogui.cn/blog/) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.maketecheasier.com/author/derrikdiener/ +[1]:https://www.maketecheasier.com/setup-ssh-ubuntu/ \ No newline at end of file diff --git a/published/201511/20151104 How to Create New File Systems or Partitions in the Terminal on Linux.md b/published/201511/20151104 How to Create New File Systems or Partitions in the Terminal on Linux.md new file mode 100644 index 0000000000..cce93c0d02 --- /dev/null +++ b/published/201511/20151104 How to Create New File Systems or Partitions in the Terminal on Linux.md @@ -0,0 +1,87 @@ +如何在 Linux 终端下创建新的文件系统/分区 +================================================================================ +![](https://www.maketecheasier.com/assets/uploads/2015/03/cfdisk-feature-image.png) + +在 Linux 中创建分区或新的文件系统通常意味着一件事:安装 Gnome Parted 分区编辑器(GParted)。对于大多数 Linux 用户而言,这是唯一的办法。不过,你是否考虑过在终端创建这些分区和文件系统?当然可以!以下就是方法! + +### 使用 CFdisk 创建一个基本的 Linux 分区 ### + +以下是如何在命令行中创建一个基本的 Linux 分区的正确方案。要做的第一件事就是先打开你的终端。若你已打开,你需要找到你想要创建分区的磁盘。这可以使用一个简单的命令来找到。 + + lsblk + +![cfdisk-lsblk](https://www.maketecheasier.com/assets/uploads/2015/03/cfdisk-lsblk.png) + +当你运行了 `lsblk`,你应该会看到当前系统上每个磁盘的详细列表。看看这个列表,然后找出你想要使用的磁盘。在本文中,我将使用 `sdb` 来进行演示。 + +在终端输入这个命令。它会显示一个功能强大的基于终端的分区编辑程序。 + + sudo cfdisk /dev/sdb + +![cfdisk-empty-layout](https://www.maketecheasier.com/assets/uploads/2015/03/cfdisk-empty-layout.png) + +**注意**: 使用在 `lsblk` 命令输出的你想要使用的磁盘来替换 `sdb`。 + +当输入此命令后,你将进入分区编辑器中,然后访问你想改变的磁盘。 + +由于磁盘分区的不同,这取决于用户的需求,这部分的指南将在 **如何建立一个分离的 Linux home/root 分区布局**。 + +首先,需要创建根分区。这需要根据磁盘的字节数来进行分割。我测试的磁盘是 32 GB。 + +在 CFdisk 中使用键盘上的方向键选择需要分配的空间。你找到后,请使用箭头键选择 [ NEW ],然后按 Enter 键。 + +![cfdisk-create-root-partition](https://www.maketecheasier.com/assets/uploads/2015/03/cfdisk-create-root-partition.png) + +该程序会要求你输入分区大小。一旦你指定好大小后,按 Enter 键。这将被称为根分区(或 /dev/sdb1)。 + +接下来该创建 home 分区(/dev/sdb2)了。你需要在 CFdisk 中再选择一些空闲分区。使用箭头选择 [ NEW ] 选项,然后按 Enter 键。输入你的 home 分区的大小,然后按 Enter 键来创建它。 + +![cfdisk-create-home-partition](https://www.maketecheasier.com/assets/uploads/2015/03/cfdisk-create-home-partition.png) + +最后,需要创建交换分区。像前两次一样,先找一些空闲分区,并使用箭头选择 [ NEW ] 选项。之后,算下你 Linux 想使用多大的交换分区。 + +**注意**: 交换分区通常和计算机的内存差不多大。 + +![cfdisk-specify-partition-type-swap](https://www.maketecheasier.com/assets/uploads/2015/03/cfdisk-specify-partition-type-swap.png) + +现在,创建了交换分区,该指定其类型。使用上下箭头来选择它。之后,使用左右箭头选择 [ TYPE ] 。找到 Linux swap 选项,然后按 Enter 键。 + +![cfdisk-write-partition-table](https://www.maketecheasier.com/assets/uploads/2015/03/cfdisk-write-partition-table.jpg) + +所有分区创建后。然后就是将其写入到磁盘。使用右箭头键,选择 [ WRITE ] 选项,然后按 Enter 键。这将直接将新创建的分布写入到磁盘中。 + +### 使用 mkfs 创建文件系统 ### + +有时候,你并不需要一个整个重新分区,你只想要创建一个文件系统而已。你可以在终端直接使用 `mkfs` 命令来实现。 + +![cfdisk-mkfs-list-partitions-lsblk](https://www.maketecheasier.com/assets/uploads/2015/10/cfdisk-mkfs-list-partitions-lsblk.png) + +首先,找出你要使用的磁盘。在终端输入 `lsblk` 找出来。它会打印出列表,之后只要找到你想创建文件系统的分区或盘符。 + +在这个例子中,我将使用第二个硬盘的 `/dev/sdb1` 作为第一个分区。可以对 `/dev/sdb` 使用 mkfs(这将会使用整个分区)。 + +![cfdisk-mkfs-make-file-system-ext4](https://www.maketecheasier.com/assets/uploads/2015/10/cfdisk-mkfs-make-file-system-ext4.png) + +要在一个特定的分区上创建新文件系统,只需输入 + + sudo mkfs.ext4 /dev/sdb1 + +在终端。应当指出的是,`mkfs.ext4` 可以换成任何你想要使用的的文件系统。 + +### 结论 ### + +虽然使用图形工具编辑文件系统和分区更容易,但终端可以说是更有效的。终端的加载速度更快,点击几个按钮即可。GParted 和其它工具一样,它也是一个完整的工具。我希望在本教程的帮助下,你会明白如何在终端中高效的编辑文件系统。 + +你是否更喜欢使用基于终端的方法在 Linux 上编辑分区?不管是不是,请在下面告诉我们。 + +-------------------------------------------------------------------------------- + +via: https://www.maketecheasier.com/create-file-systems-partitions-terminal-linux/ + +作者:[Derrik Diener][a] +译者:[strugglingyouth](https://github.com/strugglingyouth) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.maketecheasier.com/author/derrikdiener/ diff --git a/published/201511/20151104 Ubuntu Software Centre To Be Replaced in 16.04 LTS.md b/published/201511/20151104 Ubuntu Software Centre To Be Replaced in 16.04 LTS.md new file mode 100644 index 0000000000..b8b10719bf --- /dev/null +++ b/published/201511/20151104 Ubuntu Software Centre To Be Replaced in 16.04 LTS.md @@ -0,0 +1,53 @@ +Ubuntu 软件中心将在 16.04 LTS 中被替换 +================================================================================ +![The USC Will Be Replaced](http://www.omgubuntu.co.uk/wp-content/uploads/2011/09/usc1.jpg) + +*Ubuntu 软件中心将在 Ubuntu 16.04 LTS 中被替换。* + +Ubuntu Xenial Xerus 桌面用户将会发现,这个熟悉的(并有些繁琐的)Ubuntu 软件中心将不再可用。 + +按照目前的计划,GNOME 的 [软件应用(Software application)][1] 将作为基于 Unity 7 的桌面的默认包管理工具。 + +![GNOME Software](http://www.omgubuntu.co.uk/wp-content/uploads/2013/09/gnome-software.jpg) + +*GNOME 软件应用* + +作为这次变化的一个结果是,会新开发插件来支持软件中心的评级、评论和应用程序付费的功能。 + +该决定是在伦敦的 Canonical 总部最近举行的一次桌面峰会中通过的。 + +“相对于 Ubuntu 软件中心,我们认为我们在 GNOME 软件中心(sic)添加 Snaps 支持上能做的更好。所以,现在看起来我们将使用 GNOME 软件中心来取代 [Ubuntu 软件中心]”,Ubuntu 桌面经理 Will Cooke 在 Ubuntu 在线峰会解释说。 + +GNOME 3.18 架构与也将出现在 Ubuntu 16.04 中,其中一些应用程序将更新到 GNOME 3.20 , ‘这么做也是有道理的’,Will Cooke 补充说。 + +我们最近在 Twitter 上做了一项民意调查,询问如何在 Ubuntu 上安装软件。结果表明,只有少数人怀念现在的软件中心... + +你使用什么方式在 Ubuntu 上安装软件? + +- 软件中心 +- 终端 + +### 在 Ubuntu 16.04 其他应用程序也将会减少 ### + +Ubuntu 软件中心并不是唯一一个在 Xenial Xerus 中被丢弃的。 + +光盘刻录工具 Brasero 和即时通讯工具 **Empathy** 也将从默认镜像中删除。 + +虽然这些应用程序还在不断的开发,但随着笔记本减少了光驱以及基于移动网络的聊天服务,它们看起来越来越过时了。 + +如果你还在使用它们请不要惊慌:Brasero 和 Empathy 将 **仍然可以通过存档在 Ubuntu 上安装**。 + +也并不全是丢弃和替换,默认还包括了一个新的桌面应用程序:GNOME 日历。 + +-------------------------------------------------------------------------------- + +via: http://www.omgubuntu.co.uk/2015/11/the-ubuntu-software-centre-is-being-replace-in-16-04-lts + +作者:[Sam Tran][a] +译者:[strugglingyouth](https://github.com/strugglingyouth) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://plus.google.com/111008502832304483939?rel=author +[1]:https://wiki.gnome.org/Apps/Software diff --git a/published/201511/20151105 How to Manage Your To-Do Lists in Ubuntu Using Go For It Application.md b/published/201511/20151105 How to Manage Your To-Do Lists in Ubuntu Using Go For It Application.md new file mode 100644 index 0000000000..81a298a227 --- /dev/null +++ b/published/201511/20151105 How to Manage Your To-Do Lists in Ubuntu Using Go For It Application.md @@ -0,0 +1,84 @@ +如何在 Ubuntu 上用 Go For It 管理您的待办清单 +================================================================================ +![](https://www.maketecheasier.com/assets/uploads/2015/10/gfi-featured1.jpg) + +任务管理可以说是工作及日常生活中最重要也最具挑战性的事情之一。当您在工作中承担越来越多的责任时,您的表现将与您管理任务的能力直接挂钩。 + +若您的工作有部分需要在电脑上完成,那么您一定很乐意知道,有多款应用软件自称可以为您减轻任务管理的负担。即便这些软件中的大多数都是为 Windows 用户服务的,在 Linux 系统中仍然有不少选择。在本文中,我们就来讨论这样一款软件:Go For It. + +### Go For It ### + +[Go For It][1] (GFI) 由 Manuel Kehl 开发,他声称:“这是款简单易用且时尚优雅的生产力软件,以待办清单(To-Do List)为主打特色,并整合了一个能让你专注于当前事务的定时器。”这款软件的定时器功能尤其有趣,它还可以让您在继续工作之前暂停下来,放松一段时间。 + +### 下载并安装 ### + +使用基于 Debian 系统(如Ubuntu)的用户可以通过运行以下终端命令轻松地安装这款软件: + + sudo add-apt-repository ppa:mank319/go-for-it + sudo apt-get update + sudo apt-get install go-for-it + +以上命令执行完毕后,您就可以使用这条命令运行这款应用软件了: + + go-for-it + +### 使用及配置### + +当你第一次运行 GFI 时,它的界面是长这样的: + +![gfi-first-run](https://www.maketecheasier.com/assets/uploads/2015/10/gfi-first-run1.png) + +可以看到,界面由三个标签页组成,分别是*待办* (To-Do),*定时器* (Timer)和*完成* (Done)。*待办*页是一个任务列表(上图所示的4个任务是默认生成的——您可以点击头部的方框删除它们),*定时器*页内含有任务定时器,而*完成*页则是已完成任务的列表。底部有个文本框,您可以在此输入任务描述,并点击“+”号将任务添加到上面的列表中。 + +举个例子,我将一个名为“MTE-research-work”的任务添加到了列表中,并点击选中了它,如下图所示: + +![gfi-task-added](https://www.maketecheasier.com/assets/uploads/2015/10/gfi-task-added1.png) + +然后我进入*定时器*页,在这里我可以看到一个为当前“MTE-reaserch-work”任务设定的定时器,定时25分钟。 + +![gfi-active-task-timer](https://www.maketecheasier.com/assets/uploads/2015/10/gfi-active-task-timer.png) + +当然,您可以将定时器设定为你喜欢的任何值。然而我并没有修改,而是直接点击下方的“开始 (Start)”按钮启动定时器。一旦剩余时间为60秒,GFI 就会给出一个提示。 + +![gfi-first-notification-new](https://www.maketecheasier.com/assets/uploads/2015/10/gfi-first-notification-new.jpg) + +一旦时间到,它会提醒我休息5分钟。 + +![gfi-time-up-notification-new](https://www.maketecheasier.com/assets/uploads/2015/10/gfi-time-up-notification-new.jpg) + +5分钟过后,我可以为我的任务再次开启定时器。 + +![gfi-break-time-up-new](https://www.maketecheasier.com/assets/uploads/2015/10/gfi-break-time-up-new.jpg) + +任务完成以后,您可以点击*定时器*页中的“完成 (Done)”按钮,然后这个任务就会从*待办*页被转移到*完成*页。 + +![gfi-task-done](https://www.maketecheasier.com/assets/uploads/2015/10/gfi-task-done1.png) + +GFI 也能让您稍微调整一些它的设置。例如,下图所示的设置窗口就包含了一些选项,让您修改默认的任务时长,休息时长和提示时刻。 + +![gfi-settings](https://www.maketecheasier.com/assets/uploads/2015/10/gfi-settings1.png) + +值得一提的是,GFI 是以 TODO.txt 格式保存待办清单的,这种格式方便了移动设备之间的同步,也让您能使用其他前端程序来编辑任务——更多详情请阅读[这里][2]。 + +您还可以通过以下视频观看 GFI 的动态展示。 + +注:youtube 视频 + + +### 结论### + +正如您所看到的,GFI 是一款简洁明了且易于使用的任务管理软件。虽然它没有提供非常丰富的功能,但它实现了它的承诺,定时器的整合特别有用。如果您正在寻找一款实现了基础功能,并且开源的 Linux 任务管理软件,Go For It 值得您一试。 + +-------------------------------------------------------------------------------- + +via: https://www.maketecheasier.com/to-do-lists-ubuntu-go-for-it/ + +作者:[Himanshu Arora][a] +译者:[Ricky-Gong](https://github.com/Ricky-Gong) +校对:[Caroline](https://github.com/carolinewuyan) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.maketecheasier.com/author/himanshu/ +[1]:http://manuel-kehl.de/projects/go-for-it/ +[2]:http://todotxt.com/ diff --git a/published/201511/20151105 Linux FAQs with Answers--How to change default Java version on Linux.md b/published/201511/20151105 Linux FAQs with Answers--How to change default Java version on Linux.md new file mode 100644 index 0000000000..a2daadcc11 --- /dev/null +++ b/published/201511/20151105 Linux FAQs with Answers--How to change default Java version on Linux.md @@ -0,0 +1,51 @@ +Linux 有问必答:如何在 Linux 中改变默认的 Java 版本 +================================================================================ +> **提问**:当我尝试在Linux中运行一个Java程序时,我遇到了一个错误。看上去像程序编译所使用的Java版本与我本地的不同。我该如何在Linux上切换默认的Java版本? + + +当Java程序编译时,编译环境会设置一个“target”变量来设置程序可以运行的最低Java版本。如果你Linux系统上运行的程序不能满足最低的JRE版本要求,那么你会在运行的时候遇到下面的错误。 + + Exception in thread "main" java.lang.UnsupportedClassVersionError: com/xmodulo/hmon/gui/NetConf : Unsupported major.minor version 51.0 + +比如,程序在Java JRE 1.7下编译,但是系统只有Java JRE 1.6。 + +要解决这个问题,你需要改变默认的Java版本到Java JRE 1.7或者更高(假设JRE已经安装了)。 + +首先,试用下面的update-alternatives命令**检查你系统上可用的Java版本**: + + $ sudo update-alternatives --display java + +![](https://c2.staticflickr.com/6/5663/22661333316_81fe1ab7da_c.jpg) + +本例中,总共安装了4个不同的Java版本:OpenJDK JRE 1.6、Oracle Java JRE 1.6、OpenJDK JRE 1.7 和 Oracle Java JRE 1.7。现在默认的Java版本是OpenJDK JRE 1.6。 + +如果没有安装需要的Java JRE,你可以参考[这些指导][1]来完成安装。 + +现在有可用的候选版本,你可以用下面的命令在可用的Java JRE之间**切换默认的Java版本**: + + $ sudo update-alternatives --config java + +看到提示的时候,选择你想试用的Java版本。本例中,我们选择Oracle Java JRE 1.7。 + +![](https://c2.staticflickr.com/6/5651/22066181083_b9c4c5b676_c.jpg) + +现在用下面的命令验证默认的Java版本。 + + $ java -version + +![](https://c1.staticflickr.com/1/634/22499411280_1d702a4101_c.jpg) + +最后,如果你定义了JAVA_HOME环境变量,根据你设置的Java版本更新变量。 + +-------------------------------------------------------------------------------- + +via: http://ask.xmodulo.com/change-default-java-version-linux.html + +作者:[Dan Nanni][a] +译者:[geekpi](https://github.com/geekpi) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://ask.xmodulo.com/author/nanni +[1]:http://ask.xmodulo.com/install-java-runtime-linux.html diff --git a/published/201511/20151105 Linux FAQs with Answers--How to find which shell I am using on Linux.md b/published/201511/20151105 Linux FAQs with Answers--How to find which shell I am using on Linux.md new file mode 100644 index 0000000000..e9e3aeabcc --- /dev/null +++ b/published/201511/20151105 Linux FAQs with Answers--How to find which shell I am using on Linux.md @@ -0,0 +1,77 @@ +Linux 有问必答:如何知道当前正在使用的 shell 是哪个? +================================================================================ +> **问题**: 我经常在命令行中切换 shell。是否有一个快速简便的方法来找出我当前正在使用的 shell 呢?此外,我怎么能找到当前 shell 的版本? + +### 找到你当前正在使用的 Shell 版本 ### + +有多种方式可以查看你目前在使用什么 shell,最简单的方法就是通过使用 shell 的特殊参数。 + +其一,[一个名为 "$$" 的特殊参数][1] 表示当前你正在运行的 shell 实例的 PID。此参数是只读的,不能被修改。所以,下面的命令也将显示你正在运行的 shell 的名字: + + $ ps -p $$ + + PID TTY TIME CMD + 21666 pts/4 00:00:00 bash + +上述命令可在所有可用的 shell 中工作。 + +如果你不使用 csh,找到当前使用的 shell 的另外一个办法是使用特殊参数 “$0” ,它表示当前正在运行的 shell 或 shell 脚本的名称。这是 Bash 的一个特殊参数,但也可用在其他 shell 中,如 sh、zsh、tcsh 或 dash。使用 echo 命令可以查看你目前正在使用的 shell 的名称。 + + $ echo $0 + + bash + +不要被一个叫做 $SHELL 的单独的环境变量所迷惑,它被设置为你的默认 shell 的完整路径。因此,这个变量并不一定指向你当前使用的 shell。例如,即使你在终端中调用不同的 shell,$SHELL 也保持不变。 + + $ echo $SHELL + + /bin/shell + +![](https://c2.staticflickr.com/6/5688/22544087680_4a9c180485_c.jpg) + +因此,找出当前的shell,你应该使用 $$ 或 $0,但不是 $SHELL。 + +### 找出当前 Shell 的版本 ### + +一旦你知道你使用的是哪个 shell,你可能想知道此 shell 的版本。为此,在命令行中输入 shell 并在后面加上 “--version” 参数可以查看版本信息。例如: + +**对于** bash **shell** : + + $ bash --version + + GNU bash, version 4.3.30(1)-release (x86_64-pc-linux-gnu) + Copyright (C) 2013 Free Software Foundation, Inc. + License GPLv3+: GNU GPL version 3 or later + + This is free software; you are free to change and redistribute it. + There is NO WARRANTY, to the extent permitted by law. + +**对于** zsh **shell**: + + $ zsh --version + + zsh 5.0.7 (x86_64-pc-linux-gnu) + +**对于** tcsh **shell**: + $ tcsh --version + + tcsh 6.18.01 (Astron) 2012-02-14 (x86_64-unknown-linux) options wide,nls,dl,al,kan,rh,nd,color,filec + +对于某些 shell,你还可以使用 shell 特定的变量(例如,$BASH_VERSION 或 $ZSH_VERSION)。 + + $ echo $BASH_VERSION + + 4.3.8(1)-release + +-------------------------------------------------------------------------------- + +via: http://ask.xmodulo.com/which-shell-am-i-using.html + +作者:[Dan Nanni][a] +译者:[strugglingyouth](https://github.com/strugglingyouth) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://ask.xmodulo.com/author/nanni +[1]:http://ask.xmodulo.com/process-id-pid-shell-script.html diff --git a/published/201511/20151109 Open Source Alternatives to LastPass.md b/published/201511/20151109 Open Source Alternatives to LastPass.md new file mode 100644 index 0000000000..32819f9a07 --- /dev/null +++ b/published/201511/20151109 Open Source Alternatives to LastPass.md @@ -0,0 +1,131 @@ +LastPass 的开源替代品 +================================================================================ +LastPass是一个跨平台的密码管理程序。在Linux平台中,它可作为Firefox, Chrome和Opera浏览器的插件使用。LastPass Sesame支持Ubuntu/Debian与Fedora系统。此外,LastPass还有安装在Firefox Portable的便携版,可将其安装在USB设备上。再加上适用于Ubuntu/Debian, Fedora和openSUSE的LastPass Pocket, 其具有良好的跨平台覆盖性。虽然LastPass备受好评,但它是一个专有软件。此外,LastPass最近被LogMeIn收购。如果你在找一个开源的替代品,这篇文章可能会对你有所帮助。 + +我们正面临着信息大爆炸。无论你是要在线经营生意,找工作,还是只为了休闲来进行阅读,互联网都是一个海量的信息源。在这种情况下,长期保留信息是很困难的。然而,及时地获取某些特定信息非常重要。密码就是这样的一个例子。 + +作为一个电脑用户,你可能会面临在不同服务或网站使用相同或不同密码的困境。这个事情非常复杂,因为有些网站会限制你对密码的选择。比如,一个网站可能会限制密码的最小位数,大写字母,数字或者特殊字符,这使得在所有网站使用统一密码变得不可能。更重要的是,不在不同网站中使用同一密码有安全方面的原因。这样就不可避免地意味着人们经常会有很多密码要记。一个解决方案是将所有的密码写下来。然而,这种做法也极度的不安全。 + +为了解决需要记忆无穷多串密码的问题,目前比较流行的解决方案是使用密码管理软件。事实上,这类软件对于活跃的互联网用户来说极为实用。它使得你获取、管理和安全保存所有密码变得极为容易,而大多数密码都是用软件或文件系统加密过的。因此,用户只需要记住一个简单的密码就可以获取到其它所有密码。密码管理软件鼓励用户对于不同服务去采用独一无二的,非直观的高强度的密码。 + +为了让大家更深入地了解Linux软件的质量,我将介绍4款优秀的、可替代LastPass的开源软件。 + +### KeePassX ### + +![KeePassX软件截图](http://www.linuxlinks.com/portal/content/reviews/Utilities/Screenshot-KeePassX.png) + +KeePassX是KeePass的多平台移植,是一款开源、跨平台的密码管理软件。这款软件可以帮助你以安全的方式保管密码。你可以将所有密码保存在一个数据库中,而这个数据库被一个主密码或密码盘来保管。这使得用户只需要记住一个单一的主密码或插入密码盘即可解锁整个数据库。 + +密码数据库使用AES(即Rijndael)或者TwoFish算法进行加密,密钥长度为256位。 + +该软件功能包括: + +- 管理模式丰富 + - 通过标题使每条密码更容易被识别 + - 可设置密码过期时间 + - 可插入附件 + - 可为不同分组或密码自定义标志 + - 在分组中对密码排序 +- 搜索功能:可在特定分组或整个数据库中搜索 +- 自动键入: 这个功能允许你在登录网站时只需要按下几个键。KeePassX可以帮助你输入剩下的密码。自动键入通过读取当前窗口的标题,对密码数据库进行搜索来获取相应的密码 +- 数据库安全性强,用户可通过密码或一个密钥文件(可存储在CD或U盘中)访问数据库(或两者) +- 安全密码自动生成 +- 具有预防措施,获取用星号隐藏的密码并检查其安全性 +- 加密 - 用256位密钥,通过AES(高级加密标准)或TwoFish算法加密数据库, +- 密码可以导入或导出。可从PwManager文件(*.pwm)或KWallet文件(*.xml)中导入密码,可导出为文本(*.txt)格式。 + +--- +- 软件官网:[www.keepassx.org][1] +- 开发者:KeepassX Team +- 软件许可证:GNU GPL V2 +- 版本号:0.4.3 + +### Encryptr ### + +![Encryptr软件截图](http://www.linuxlinks.com/portal/content/reviews/Utilities/Screenshot-Encryptr.png) + +Encryptr是一个开源的、零知识(zero-knowledge)的、基于云端的密码管理/电子钱包软件,以Crypton为基础开发。Crypton是一个Javascript库,允许开发者利用其开发应用来上传文件至服务器,而服务器无法知道用户所存储的文件内容。 + +Encryptr可将你的敏感信息,比如密码、信用卡数据、PIN码、或认证码存储在云端。然而,由于它基于零知识的Cypton框架开发,Encryptr可保证只有用户才拥有访问或读取秘密信息的权限。 + +由于其跨平台的特性,Encryptr允许用户随时随地、安全地通过一个账户从云端获取机密信息。 + +软件特性包括: + +- 使用非常安全的零知识Crypton框架,只在你的本地加密/解密数据 +- 易于使用 +- 基于云端 +- 可存储三种类型的数据:密码、信用卡账号以及通用的键值对 +- 可对每条密码设置“备注”项 +- 过滤和搜索密码 +- 对密码进行本地加密缓存,以节省载入时间 + +--- +- 软件官网: [encryptr.org][2] +- 开发者: Tommy Williams +- 软件许可证: GNU GPL v3 +- 版本号: 1.2.0 + +### RatticDB ### + +![RatticDB软件截图](http://www.linuxlinks.com/portal/content/reviews/Utilities/Screenshot-RatticDB.png) + +RatticDB是一个开源的、基于Django的密码管理服务。 + +RatticDB被设计为一个“密码生命周期管理工具”而不是单单一个“密码存储工具”。RatticDB致力于及时提醒用户哪些密码在何时需要更改。它不提供应用层面的密码加密。 + +软件特性包括: + +- 简洁的ACL设计 +- 可改变队列功能,可让用户知晓何时需要更改某应用的密码 +- 支持Ansible配置 + +--- + +- 软件官网: [rattic.org][3] +- 开发者: Daniel Hall +- 软件许可证: GNU GPL v2 +- 版本号: 1.3.1 + +### Seahorse ### + +![Seahorse软件截图](http://www.linuxlinks.com/portal/content/reviews/Security/Screenshot-Seahorse.png) + +Seahorse是一个GnuPG(GNU隐私保护软件)的Gnome前端界面。它的目标是提供一个易于使用密钥管理工具,以及一个易于使用的界面来控制加密操作。 + +Seahorse是一个工具,用来提供安全传输和数据存储服务。数据加密和数字密钥生成操作可以轻易通过GUI来操作,密钥管理操作也可以轻易通过直观的界面来进行。 + +此外,Seahorse包含一个Gedit插件,可以使用鹦鹉螺文件管理器管理文件,一个管理剪贴板中事物的小程序,一个存储私密密码的代理,还有一个GnuPG和OpenSSH的密钥管理工具。 + +软件特性包括: + +- 对文本进行加密/解密/签名 +- 管理密钥及密钥环 +- 将密钥及密钥环与密钥服务器同步 +- 密码签名及发布 +- 将密码缓存起来,无需多次重复键入 +- 对密钥及密钥环进行备份 +- 可添加一个GDK支持格式的图片作为OpenGPG图片ID +- 生成SSH密钥,对其进行验证及储存 +- 多语言支持 + +--- + +- 软件官网: [www.gnome.org/projects/seahorse][4] +- 开发者: Jacob Perkins, Jose Carlos, Garcia Sogo, Jean Schurger, Stef Walter, Adam Schreiber +- 软件许可证: GNU GPL v2 +- 版本号: 3.18.0 + +-------------------------------------------------------------------------------- + +via: http://www.linuxlinks.com/article/20151108125950773/LastPassAlternatives.html + +译者:[StdioA](https://github.com/StdioA) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[1]:http://www.keepassx.org/ +[2]:https://encryptr.org/ +[3]:http://rattic.org/ +[4]:http://www.gnome.org/projects/seahorse/ diff --git a/published/201511/20151116 Linux FAQs with Answers--How to set JAVA_HOME environment variable automatically on Linux.md b/published/201511/20151116 Linux FAQs with Answers--How to set JAVA_HOME environment variable automatically on Linux.md new file mode 100644 index 0000000000..f9368ec48b --- /dev/null +++ b/published/201511/20151116 Linux FAQs with Answers--How to set JAVA_HOME environment variable automatically on Linux.md @@ -0,0 +1,48 @@ +Linux 有问必答:如何在 Linux 上自动设置 JAVA_HOME 环境变量 +================================================================================ +> **问题**:我需要在我的 Linux 机器上编译 Java 程序。为此我已经安装了 JDK (Java Development Kit),而现在我正试图设置 JAVA\_HOME 环境变量使其指向安装好的 JDK 。关于在 Linux 上设置 JAVA\_HOME 环境变量,最受推崇的办法是什么? + +许多 Java 程序或基于 Java 的*集成开发环境* (IDE)都需要设置好 JAVA_HOME 环境变量。该变量应指向 *Java 开发工具包* (JDK)或 *Java 运行时环境* (JRE)的安装目录。JDK 不仅包含了 JRE 提供的一切,还带有用于编译 Java 程序的额外的二进制代码和库文件(例如编译器,调试器及 JavaDoc 文档生成器)。JDK 是用来构建 Java 程序的,如果只是运行已经构建好的 Java 程序,单独一份 JRE 就足够了。 + +当您正试图设置 JAVA\_HOME 环境变量时,麻烦的事情在于 JAVA\_HOME 变量需要根据以下几点而改变:(1) 您是否安装了 JDK 或 JRE;(2) 您安装了哪个版本;(3) 您安装的是 Oracle JDK 还是 Open JDK。 + +因此每当您的开发环境或运行时环境发生改变(例如为 JDK 更新版本)时,您需要根据实际情况调整 JAVA\_HOME 变量,而这种做法是繁重且缺乏效率的。 + +以下 export 命令能为您**自动设置** JAVA\_HOME 环境变量,而无须顾及上述的因素。 + +若您安装的是 JRE: + + export JAVA_HOME=$(dirname $(dirname $(readlink -f $(which java)))) + +若您安装的是 JDK: + + export JAVA_HOME=$(dirname $(dirname $(readlink -f $(which javac)))) + +根据您的情况,将上述命令中的一条写入 ~/.bashrc(或 /etc/profile)文件中,它就会永久地设置好 JAVA\_HOME 变量。 + +注意,由于 java 或 javac 可以建立起多个层次的符号链接,为此"readlink -f"命令是用来获取它们真正的执行路径的。 + +举个例子,假如您安装的是 Oracle JRE 7,那么上述的第一条 export 命令将自动设置 JAVA\_HOME 为: + + /usr/lib/jvm/java-7-oracle/jre + +若您安装的是 Open JDK 第8版,那么第二条 export 命令将设置 JAVA\_HOME 为: + + /usr/lib/jvm/java-8-openjdk-amd64 + +![](https://c1.staticflickr.com/1/700/22961948071_c73a3261dd_c.jpg) + +简而言之,这些 export 命令会在您重装/升级您的JDK/JRE,或[更换默认 Java 版本][1]时自动更新 JAVA\_HOME 变量。您不再需要手动调整它。 + +-------------------------------------------------------------------------------- + +via: http://ask.xmodulo.com/set-java_home-environment-variable-linux.html + +作者:[Dan Nanni][a] +译者:[Ricky-Gong](https://github.com/Ricky-Gong) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://ask.xmodulo.com/author/nanni +[1]:http://ask.xmodulo.com/change-default-java-version-linux.html diff --git a/published/201511/20151117 N1--The Next Generation Open Source Email Client.md b/published/201511/20151117 N1--The Next Generation Open Source Email Client.md new file mode 100644 index 0000000000..b2cbb4c4ea --- /dev/null +++ b/published/201511/20151117 N1--The Next Generation Open Source Email Client.md @@ -0,0 +1,48 @@ +N1:下一代开源邮件客户端 +================================================================================ +![N1 Open Source email client](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/11/N1-email-client.png) + +当我们谈论到Linux中的邮件客户端,通常 Thunderbird、Geary 和 [Evolution][3] 就会出现在我们的脑海。作为对这些大咖们的挑战,一款新的开源邮件客户端正在涌入市场。 + +### 设计和功能 ### + +[N1][4]是一个设计与功能并重的新一代开源邮件客户端。作为一个开源软件,N1目前支持 Linux 和 Mac OS X,Windows的版本还在开发中。 + +N1宣传它自己为“可扩展的开源邮件客户端”,因为它包含了 Javascript 插件框架,任何人都可以为它创建强大的新功能。可扩展是一个非常流行的功能,它帮助[开源编辑器Atom][5]变得流行。N1同样把重点放在了可扩展上面。 + +除了可扩展性,N1同样着重设计了程序的外观。下面N1的截图就是个很好的例子: + +![N1 Open Source email client on Mac OS X](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/11/N1-email-client-1.jpeg) + +*Mac OS X上的N1客户端。图片来自:N1* + +除了这个功能,N1兼容上百个邮件服务提供商,包括Gmail、Yahoo、iCloud、Microsoft Exchange等等,这个桌面应用提供了离线功能。 + +### 目前只能邀请使用 ### + +我不知道为什么每个人都选择了 OnePlus 的‘只能邀请使用’的市场策略。目前,N1桌面端只能被邀请才能下载。你可以用下面的链接请求一个邀请。N1团队会在几天内邮件给你下载链接。 + + +- [请求N1邀请][6] + +### 感兴趣了么? ### + +我并不是桌面邮件客户端的粉丝,但是 N1 的确引起了我的兴趣,让我想要试一试。你呢? + +-------------------------------------------------------------------------------- + +via: http://itsfoss.com/n1-open-source-email-client/ + +作者:[Abhishek][a] +译者:[geekpi](https://github.com/geekpi) +校对:[Caroline](https://github.com/carolinewuyan) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://itsfoss.com/author/abhishek/ +[1]:https://www.mozilla.org/en-US/thunderbird/ +[2]:https://wiki.gnome.org/Apps/Geary +[3]:https://help.gnome.org/users/evolution/stable/ +[4]:https://nylas.com/N1/ +[5]:http://itsfoss.com/atom-stable-released/ +[6]:https://invite.nylas.com/download diff --git a/published/201511/20151123 How to Install NVIDIA 358.16 Driver in Ubuntu 15.10 or 14.04.md b/published/201511/20151123 How to Install NVIDIA 358.16 Driver in Ubuntu 15.10 or 14.04.md new file mode 100644 index 0000000000..6ec1bdc1ec --- /dev/null +++ b/published/201511/20151123 How to Install NVIDIA 358.16 Driver in Ubuntu 15.10 or 14.04.md @@ -0,0 +1,68 @@ +如何在 Ubuntu 15.10,14.04 中安装 NVIDIA 358.16 驱动程序 +================================================================================ +![nvidia-logo-1](http://ubuntuhandbook.org/wp-content/uploads/2015/06/nvidia-logo-1.png) + +[NVIDIA 358.16][1] —— NVIDIA 358 系列的第一个稳定版本已经发布,并对 358.09 中(测试版)做了一些修正,以及一些小的改进。 + +NVIDIA 358 增加了一个新的 **nvidia-modeset.ko** 内核模块,可以配合 nvidia.ko 内核模块工作来调用 GPU 显示引擎。在以后发布版本中,**nvidia-modeset.ko** 内核驱动程序将被用于模式设置接口的基础,该接口由内核的直接渲染管理器(DRM)所提供。 + +新的驱动程序也有新的 GLX 协议扩展,以及在 OpenGL 驱动中分配大量内存的系统内存分配新机制。新的 GPU **GeForce 805A** 和 **GeForce GTX 960A** 都支持。NVIDIA 358.16 也支持 X.Org 1.18 服务器和 OpenGL 4.3。 + +### 如何在 Ubuntu 中安装 NVIDIA 358.16 : ### + +> **请不要在生产设备上安装,除非你知道自己在做什么以及如何才能恢复。** + +对于官方的二进制文件,请到 [nvidia.com/object/unix.html][1] 查看。 + +对于那些喜欢 Ubuntu PPA 的,我建议你使用 [显卡驱动 PPA][2]。到目前为止,支持 Ubuntu 16.04, Ubuntu 15.10, Ubuntu 15.04, Ubuntu 14.04。 + +**1. 添加 PPA.** + +通过按 `Ctrl+Alt+T` 快捷键来从 Unity 桌面打开终端。当打启动应用后,粘贴下面的命令并按回车键: + + sudo add-apt-repository ppa:graphics-drivers/ppa + +![nvidia-ppa](http://ubuntuhandbook.org/wp-content/uploads/2015/08/nvidia-ppa.jpg) + +它会要求你输入密码。输入密码后,密码不会显示在屏幕上,按 Enter 继续。 + +**2. 刷新并安装新的驱动程序** + +添加 PPA 后,逐一运行下面的命令刷新软件库并安装新的驱动程序: + + sudo apt-get update + + sudo apt-get install nvidia-358 nvidia-settings + +### (如果需要的话,) 卸载: ### + +开机从 GRUB 菜单进入恢复模式,进入根控制台。然后逐一运行下面的命令: + +重新挂载文件系统为可写: + + mount -o remount,rw / + +删除所有的 nvidia 包: + + apt-get purge nvidia* + +最后返回菜单并重新启动: + + reboot + +要禁用/删除显卡驱动 PPA,点击系统设置下的**软件和更新**,然后导航到**其他软件**标签。 + +-------------------------------------------------------------------------------- + +via: http://ubuntuhandbook.org/index.php/2015/11/install-nvidia-358-16-driver-ubuntu-15-10/ + +作者:[Ji m][a] +译者:[strugglingyouth](https://github.com/strugglingyouth) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://ubuntuhandbook.org/index.php/about/ +[1]:http://www.nvidia.com/Download/driverResults.aspx/95921/en-us +[2]:http://www.nvidia.com/object/unix.html +[3]:https://launchpad.net/~graphics-drivers/+archive/ubuntu/ppa diff --git a/published/201511/20151123 Install Intel Graphics Installer in Ubuntu 15.10.md b/published/201511/20151123 Install Intel Graphics Installer in Ubuntu 15.10.md new file mode 100644 index 0000000000..bf6b5c3b11 --- /dev/null +++ b/published/201511/20151123 Install Intel Graphics Installer in Ubuntu 15.10.md @@ -0,0 +1,46 @@ +在 Ubuntu 15.10 上安装 Intel Graphics 安装器 +================================================================================ +![Intel graphics installer](http://ubuntuhandbook.org/wp-content/uploads/2015/11/intel_logo.jpg) + +Intel 最近发布了一个新版本的 Linux Graphics 安装器。在新版本中,将不支持 Ubuntu 15.04,而必须用 Ubuntu 15.10 Wily。 + +> Linux 版 Intel® Graphics 安装器可以让你很容易的为你的 Intel Graphics 硬件安装最新版的图形与视频驱动。它能保证你一直使用最新的增强与优化功能,并能够安装到 Intel Graphics Stack 中,来保证你在你的 Intel 图形硬件下,享受到最佳的用户体验。*现在 Linux 版的 Intel® Graphics 安装器支持最新版的 Ubuntu。* + +![intel-graphics-installer](http://ubuntuhandbook.org/wp-content/uploads/2015/11/intel-graphics-installer.jpg) + +### 安装 ### + +**1.** 从[这个链接页面][1]中下载该安装器。当前支持 Ubuntu 15.10 的版本是1.2.1版。你可以在**系统设置 -> 详细信息**中检查你的操作系统(32位或64位)的类型。 + +![download-intel-graphics-installer](http://ubuntuhandbook.org/wp-content/uploads/2015/11/download-intel-graphics-installer.jpg) + +**2.** 一旦下载完成,到下载目录中点击 .deb 安装包,用 Ubuntu 软件中心打开它,然最后点击“安装”按钮。 + +![install-via-software-center](http://ubuntuhandbook.org/wp-content/uploads/2015/11/install-via-software-center.jpg) + +**3.** 为了让系统信任 Intel Graphics 安装器,你需要通过下面的命令来为它添加密钥。 + +用快捷键`Ctrl+Alt+T`或者在 Unity Dash 中的“应用程序启动器”中打开终端。依次粘贴运行下面的命令。 + + wget --no-check-certificate https://download.01.org/gfx/RPM-GPG-KEY-ilg -O - | sudo apt-key add - + + wget --no-check-certificate https://download.01.org/gfx/RPM-GPG-KEY-ilg-2 -O - | sudo apt-key add - + +![trust-intel](http://ubuntuhandbook.org/wp-content/uploads/2015/11/trust-intel.jpg) + +注意:在运行第一个命令的过程中,如果密钥下载完成后,光标停住不动并且一直闪烁的话,就像上面图片显示的那样,输入你的密码(输入时不会看到什么有变化)然后回车就行了。 + +最后通过 Unity Dash 或应用程序启动器打开 Intel Graphics 安装器。 + +-------------------------------------------------------------------------------- + +via: http://ubuntuhandbook.org/index.php/2015/11/install-intel-graphics-installer-in-ubuntu-15-10/ + +作者:[Ji m][a] +译者:[XLCYun](https://github.com/XLCYun) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://ubuntuhandbook.org/index.php/about/ +[1]:https://01.org/linuxgraphics/downloads diff --git a/published/201511/Learn with Linux--Master Your Math with These Linux Apps.md b/published/201511/Learn with Linux--Master Your Math with These Linux Apps.md new file mode 100644 index 0000000000..7d8c9e1b5c --- /dev/null +++ b/published/201511/Learn with Linux--Master Your Math with These Linux Apps.md @@ -0,0 +1,126 @@ +与 Linux 一起学习:使用这些 Linux 应用来征服你的数学学习 +================================================================================ +![](https://www.maketecheasier.com/assets/uploads/2015/07/learnmath-featured.png) + +这篇文章是[与 Linux 一起学习][1]系列的一部分: + +- [与 Linux 一起学习: 学习类型][2] +- [与 Linux 一起学习: 物理模拟][3] +- [与 Linux 一起学习: 学习音乐][4] +- [与 Linux 一起学习: 两个地理应用程序][5] +- [与 Linux 一起学习: 使用这些 Linux 应用来征服你的数学学习][6] + +Linux 提供了大量的教育软件和许多优秀的工具来帮助各种年龄段和年级的学生学习和练习各种各样的习题,这通常是以交互的方式进行。“与 Linux 一起学习”这一系列的文章则为这些各种各样的教育软件和应用提供了一个介绍。 + +数学是计算机的核心。如果有人预期一个类如 GNU/ Linux 这样的伟大的操作系统精确而严格,那么这就是数学所起到的作用。如果你在寻求一些数学应用程序,那么你将不会感到失望。Linux 提供了很多优秀的工具使得数学看起来和你曾经做过的一样令人畏惧,但实际上他们会简化你使用它的方式。 + +### Gnuplot ### + +Gnuplot 是一个适用于不同平台的命令行脚本化和多功能的图形工具。尽管它的名字中带有“GNU”,但是它并不是 GNU 操作系统的一部分。虽然不是自由授权,但它是免费软件(这意味着它受版权保护,但免费使用)。 + +要在 Ubuntu 系统(或者衍生系统)上安装 `gnuplot`,输入: + + sudo apt-get install gnuplot gnuplot-x11 + +进入一个终端窗口。启动该程序,输入: + + gnuplot + +你会看到一个简单的命令行界面: + +![learnmath-gnuplot](https://www.maketecheasier.com/assets/uploads/2015/07/learnmath-gnuplot.png) + +在其中您可以直接输入函数开始。绘图命令将绘制一个曲线图。 + +输入内容,例如, + + plot sin(x)/x + +随着`gnuplot的`提示,将会打开一个新的窗口,图像便会在里面呈现。 + +![learnmath-gnuplot-plot1](https://www.maketecheasier.com/assets/uploads/2015/07/learnmath-gnuplot-plot1.png) + +你也可以即时设置设置这个图的不同属性,比如像这样指定“title” + + plot sin(x) title 'Sine Function', tan(x) title 'Tangent' + +![learnmath-gnuplot-plot2](https://www.maketecheasier.com/assets/uploads/2015/07/learnmath-gnuplot-plot2.png) + +你可以做的更深入一点,使用`splot`命令绘制3D图形: + + splot sin(x*y/20) + +![learnmath-gnuplot-plot3](https://www.maketecheasier.com/assets/uploads/2015/07/learnmath-gnuplot-plot3.png) + +这个图形窗口有几个基本的配置选项, + +![learnmath-gnuplot-options](https://www.maketecheasier.com/assets/uploads/2015/07/learnmath-gnuplot-options.png) + +但是`gnuplot`的真正力量在于在它的命令行和脚本功能,`gnuplot`更完整的文档在[Duke大学网站][8]上面[找到][7],带有这个了不起的教程的原始版本。 + +### Maxima ### + +[Maxima][9]是一个源于 Macsyma 开发的一个计算机代数系统,根据它的 SourceForge 页面所述: + +> “Maxima 是一个操作符号和数值表达式的系统,包括微分,积分,泰勒级数,拉普拉斯变换,常微分方程,线性方程组,多项式,集合,列表,向量,矩阵和张量等。Maxima 通过精确的分数,任意精度的整数和可变精度浮点数产生高精度的计算结果。Maxima 可以以二维和三维的方式绘制函数和数据。“ + +大多数Ubuntu衍生系统都有 Maxima 二进制包以及它的图形界面,要安装这些软件包,输入: + + sudo apt-get install maxima xmaxima wxmaxima + +在终端窗口中,Maxima 是一个没有什么 UI 的命令行工具,但如果你开始 wxmaxima,你会进入一个简单但功能强大的图形用户界面。 + +![learnmath-maxima](https://www.maketecheasier.com/assets/uploads/2015/07/learnmath-maxima.png) + +你可以通过简单的输入来开始。(提示:回车会增加更多的行,如果你想计算一个表达式,使用“Shift + Enter”。) + +Maxima 可以用于一些简单的问题,因此也可以作为一个计算器: + +![learnmath-maxima-1and1](https://www.maketecheasier.com/assets/uploads/2015/07/learnmath-maxima-1and1.png) + +以及一些更复杂的问题: + +![learnmath-maxima-functions](https://www.maketecheasier.com/assets/uploads/2015/07/learnmath-maxima-functions.png) + +它使用`gnuplot`使得绘制简单: + +![learnmath-maxima-plot](https://www.maketecheasier.com/assets/uploads/2015/07/learnmath-maxima-plot.png) + +或者绘制一些复杂的图形。 + +![learnmath-maxima-plot2](https://www.maketecheasier.com/assets/uploads/2015/07/learnmath-maxima-plot2.png) + +(它需要 gnuplot-X11 的软件包来显示它们。) + +除了将表达式表示为图形,Maxima 也可以用 latex 格式导出它们,或者通过右键快捷菜单进行一些常用操作. + +![learnmath-maxima-menu](https://www.maketecheasier.com/assets/uploads/2015/07/learnmath-maxima-menu.png) + +不过其主菜单还是提供了大量重磅功能,当然 Maxima 的功能远不止如此,这里也有一个广泛使用的[在线文档][10]。 + +### 总结 ### + +数学不是一门容易的学科,这些在 Linux 上的优秀软件也没有使得数学更加容易,但是这些应用使得使用数学变得更加的简单和方便。以上两种应用都只是介绍一下 Linux 所提供的。如果你是认真从事数学和需要更多的功能与丰富的文档,那你更应该看看这些 [Mathbuntu][11] 项目。 + +-------------------------------------------------------------------------------- + +via: https://www.maketecheasier.com/learn-linux-maths/ + +作者:[Attila Orosz][a] +译者:[KnightJoker](https://github.com/KnightJoker/KnightJoker) +校对:[wxyD](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.maketecheasier.com/author/attilaorosz/ +[1]:https://www.maketecheasier.com/series/learn-with-linux/ +[2]:https://www.maketecheasier.com/learn-to-type-in-linux/ +[3]:https://www.maketecheasier.com/linux-physics-simulation/ +[4]:https://www.maketecheasier.com/linux-learning-music/ +[5]:https://www.maketecheasier.com/linux-geography-apps/ +[6]:https://www.maketecheasier.com/learn-linux-maths/ +[7]:http://www.gnuplot.info/documentation.html +[8]:http://people.duke.edu/~hpgavin/gnuplot.html +[9]:http://maxima.sourceforge.net/ +[10]:http://maxima.sourceforge.net/documentation.html +[11]:http://www.mathbuntu.org/ \ No newline at end of file diff --git a/published/201511/LetsEncrypt.md b/published/201511/LetsEncrypt.md new file mode 100644 index 0000000000..c1c4a40ea0 --- /dev/null +++ b/published/201511/LetsEncrypt.md @@ -0,0 +1,112 @@ +# SSL/TLS 加密新纪元 - Let's Encrypt + +根据 Let's Encrypt 官方博客消息,Let's Encrypt 服务将在下周(11 月 16 日)正式对外开放。 + +Let's Encrypt 项目是由互联网安全研究小组(ISRG,Internet Security Research Group)主导并开发的一个新型数字证书认证机构(CA,Certificate Authority)。该项目旨在开发一个自由且开放的自动化 CA 套件,并向公众提供相关的证书免费签发服务以降低安全通讯的财务、技术和教育成本。在过去的一年中,互联网安全研究小组拟定了 [ACME 协议草案][1],并首次实现了使用该协议的应用套件:服务端 [Boulder][2] 和客户端 [letsencrypt][3]。 + +至于为什么 Let's Encrypt 让我们如此激动,以及 HTTPS 协议如何保护我们的通讯请参考[浅谈 HTTPS 和 SSL/TLS 协议的背景与基础][4]。 + +## ACME 协议 + +Let's Encrypt 的诞生离不开 ACME(Automated Certificate Management Environment,自动证书管理环境)协议的拟定。 + +说到 ACME 协议,我们不得不提一下传统 CA 的认证方式。Let's Encrypt 服务所签发的证书为域名认证证书(DV,Domain-validated Certificate),签发这类证书需要域名所有者完成以下至少一种挑战(Challenge)以证明自己对域名的所有权: + +* 验证申请人对域名的 Whois 信息中邮箱的控制权; +* 验证申请人对域名的常见管理员邮箱(如以 `admin@`、`postmaster@` 开头的邮箱等)的控制权; +* 在 DNS 的 TXT 记录中发布一条 CA 提供的字符串; +* 在包含域名的网址中特定路径发布一条 CA 提供的字符串。 + +不难发现,其中最容易实现自动化的一种操作必然为最后一条,ACME 协议中的 [Simple HTTP][5] 认证即是用一种类似的方法对从未签发过任何证书的域名进行认证。该协议要求在访问 `http://域名/.well-known/acme-challenge/指定字符串` 时返回特定的字符串。 + +然而实现该协议的客户端 [letsencrypt][3] 做了更多——它不仅可以通过 ACME 协议配合服务端 [Boulder][2] 的域名进行独立(standalone)的认证工作,同时还可以自动配置常见的服务器软件(目前支持 Nginx 和 Apache)以完成认证。 + +## Let's Encrypt 免费证书签发服务 + +对于大多数网站管理员来讲,想要对自己的 Web 服务器进行加密需要一笔不小的支出进行证书签发并且难以配置。根据早些年 SSL Labs 公布的 [2010 年互联网 SSL 调查报告(PDF)][6] 指出超过半数的 Web 服务器没能正确使用 Web 服务器证书,主要的问题有证书不被浏览器信任、证书和域名不匹配、证书过期、证书信任链没有正确配置、使用已知有缺陷的协议和算法等。而且证书过期后的续签和泄漏后的吊销仍需进行繁琐的人工操作。 + +幸运的是 Let's Encrypt 免费证书签发服务在经历了漫长的开发和测试之后终于来临,在 Let's Encrypt 官方 CA 被广泛信任之前,IdenTrust 的根证书对 Let's Encrypt 的二级 CA 进行了交叉签名使得大部分浏览器已经信任 Let's Encrypt 签发的证书。 + +## 使用 letsencrypt + +由于当前 Let's Encrypt 官方的证书签发服务还未公开,你只能尝试开发版本。这个版本会签发一个 CA 标识为 `happy hacker fake CA` 的测试证书,注意这个证书不受信任。 + +要获取开发版本请直接 `$ git clone https://github.com/letsencrypt/letsencrypt`。 + +以下的[使用方法][7]摘自 Let's Encrypt 官方网站。 + +### 签发证书 + +`letsencrypt` 工具可以协助你处理证书请求和验证工作。 + +#### 自动配置 Web 服务器 + +下面的操作将会自动帮你将新证书配置到 Nginx 和 Apache 中。 + +``` +$ letsencrypt run +``` + +#### 独立签发证书 + +下面的操作将会将新证书置于当前目录下。 + +``` +$ letsencrypt -d example.com auth +``` + +### 续签证书 + +默认情况下 `letsencrypt` 工具将协助你跟踪当前证书的有效期限并在需要时自动帮你续签。如果需要手动续签,执行下面的操作。 + +``` +$ letsencrypt renew --cert-path example-cert.pem +``` + +### 吊销证书 + +列出当前托管的证书菜单以吊销。 + +``` +$ letsencrypt revoke +``` + +你也可以吊销某一个证书或者属于某个私钥的所有证书。 + +``` +$ letsencrypt revoke --cert-path example-cert.pem +``` + +``` +$ letsencrypt revoke --key-path example-key.pem +``` + +## Docker 化 letsencrypt + +如果你不想让 letsencrypt 自动配置你的 Web 服务器的话,使用 Docker 跑一份独立的版本将是一个不错的选择。你所要做的只是在装有 Docker 的系统中执行: + +``` +$ sudo docker run -it --rm -p 443:443 -p 80:80 --name letsencrypt \ + -v "/etc/letsencrypt:/etc/letsencrypt" \ + -v "/var/lib/letsencrypt:/var/lib/letsencrypt" \ + quay.io/letsencrypt/letsencrypt:latest auth +``` + +你就可以快速的为自己的 Web 服务器签发一个免费而且受信任的 DV 证书啦! + +## Let's Encrypt 的注意事项 + +* Let's Encrypt 当前发行的 DV 证书仅能验证域名的所有权,并不能验证其所有者身份; +* Let's Encrypt 不像其他 CA 那样对安全事故有保险赔付; +* Let's Encrypt 目前不提共 Wildcard 证书; +* Let's Encrypt 的有效时间仅为 90 天,逾期需要续签(可自动续签)。 + +对于 Let's Encrypt 的介绍就到这里,让我们一起目睹这场互联网的安全革命吧。 + +[1]: https://github.com/letsencrypt/acme-spec +[2]: https://github.com/letsencrypt/boulder +[3]: https://github.com/letsencrypt/letsencrypt +[4]: https://linux.cn/article-5175-1.html +[5]: https://letsencrypt.github.io/acme-spec/#simple-http +[6]: https://community.qualys.com/servlet/JiveServlet/download/38-1636/Qualys_SSL_Labs-State_of_SSL_2010-v1.6.pdf +[7]: https://letsencrypt.org/howitworks/ diff --git a/published/20151109 How to Set Up AWStats On Ubuntu Server.md b/published/20151109 How to Set Up AWStats On Ubuntu Server.md new file mode 100644 index 0000000000..7bea4e40d8 --- /dev/null +++ b/published/20151109 How to Set Up AWStats On Ubuntu Server.md @@ -0,0 +1,107 @@ +如何在 Ubuntu 服务器中配置 AWStats +================================================================================ +![](https://www.maketecheasier.com/assets/uploads/2015/10/Apache_awstats_featured.jpg) + +AWStats 是一个开源的网站分析报告工具,可以生成强大的网站、流媒体、FTP 或邮件服务器的访问统计图。此日志分析器以 CGI 或命令行方式进行工作,并在网页中以图表的形式尽可能的显示你日志中所有的信息。它可以“部分”读取信息文件,以便能够频繁并快速处理大量的日志文件。它支持绝大多数 Web 服务器日志文件格式,包括 Apache,IIS 等。 + +本文将帮助你在 Ubuntu 上安装配置 AWStats。 + +### 安装 AWStats 包 ### + +默认情况下,AWStats 的包可以在 Ubuntu 仓库中找到。 + +可以通过运行下面的命令来安装: + + sudo apt-get install awstats + +接下来,你需要启用 Apache 的 CGI 模块。 + +运行以下命令来启动 CGI: + + sudo a2enmod cgi + +现在,重新启动 Apache 以使改变生效。 + + sudo /etc/init.d/apache2 restart + +### 配置 AWStats ### + +你需要为你想要查看统计的每个域或网站创建一个配置文件。在这个例子中,我们将为 “test.com” 创建一个配置文件。 + +要完成此步,你可以通过复制 AWStats 的默认配置文件来配置你要统计的域。 + + sudo cp /etc/awstats/awstats.conf /etc/awstats/awstats.test.com.conf + +现在,你需要在配置文件中做一些修改: + + sudo nano /etc/awstats/awstats.test.com.conf + +像下面这样修改一下: + + # Change to Apache log file, by default it's /var/log/apache2/access.log + LogFile="/var/log/apache2/access.log" + + # Change to the website domain name + SiteDomain="test.com" + HostAliases="www.test.com localhost 127.0.0.1" + + # When this parameter is set to 1, AWStats adds a button on report page to allow to "update" statistics from a web browser + AllowToUpdateStatsFromBrowser=1 + +保存并关闭文件。 + +修改配置文件后,你需要用服务器的当前日志建立初步统计。你可以这样做: + + sudo /usr/lib/cgi-bin/awstats.pl -config=test.com -update + +输出会是这个样子: + +![awtstats](https://www.maketecheasier.com/assets/uploads/2015/10/awtstats.png) + +### 为 Apache 配置 AWStats ### + +接下来,你需要配置 Apache2 来显示统计数据。现在你需要将 “cgi-bin” 文件夹中的内容复制到 Apache 默认根目录下。默认它是在 “/usr/lib/cgi-bin”。 + +运行以下命令来完成此步: + + sudo cp -r /usr/lib/cgi-bin /var/www/html/ + sudo chown www-data:www-data /var/www/html/cgi-bin/ + sudo chmod -R 755 /var/www/html/cgi-bin/ + +### 测试 AWStats ### + +现在,您可以通过访问 url “http://your-server-ip/cgi-bin/awstats.pl?config=test.com.” 来查看 AWStats 的页面。 + +它的页面像下面这样: + +![awstats_page](https://www.maketecheasier.com/assets/uploads/2015/10/awstats_page.jpg) + +### 设置定时任务来更新日志 ### + +建议你创建一个定时任务,使用新创建的日志条目定期更新 AWStats 的数据库,然后统计会定期更新。这也将节省你的时间。 + +要做到这一点,你需要编辑 “/etc/crontab” 文件: + + sudo nano /etc/crontab + +添加下面那一行来让 AWStats 每十分钟更新一次。 + + */10 * * * * root /usr/lib/cgi-bin/awstats.pl -config=test.com -update + +保存并关闭文件。 + +### 结论 ### + +AWStats 是一个非常有用的工具,可以让你对网站的状况了如指掌,并能协助你分析网站。它非常容易安装和配置。如果你有任何疑问,请在下面发表评论。 + +-------------------------------------------------------------------------------- + +via: https://www.maketecheasier.com/set-up-awstats-ubuntu/ + +作者:[Hitesh Jethva][a] +译者:[strugglingyouth](https://github.com/strugglingyouth) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.maketecheasier.com/author/hiteshjethva/ diff --git a/published/20151123 LNAV--Ncurses based log file viewer.md b/published/20151123 LNAV--Ncurses based log file viewer.md new file mode 100644 index 0000000000..d51ebe8e76 --- /dev/null +++ b/published/20151123 LNAV--Ncurses based log file viewer.md @@ -0,0 +1,81 @@ +LNAV:基于 Ncurses 的日志文件阅读器 +================================================================================ +日志文件导航器(Logfile Navigator,简称 lnav),是一个基于 curses 的,用于查看和分析日志文件的工具。和文本阅读器/编辑器相比, lnav 的好处是它充分利用了可以从日志文件中获取的语义信息,例如时间戳和日志等级。利用这些额外的语义信息, lnav 可以处理像这样的事情:来自不同文件的交错的信息;按照时间生成信息直方图;支持在文件中导航的快捷键。它希望使用这些功能可以使得用户可以快速有效地定位和解决问题。 + +### lnav 功能 ### + +#### 支持以下日志文件格式: #### + +Syslog、Apache 访问日志、strace、tcsh 历史以及常见的带时间戳的日志文件。读入文件的时候回自动检测文件格式。 + +#### 直方图视图: #### + +以时间区划来显示日志信息数量。这对于大概了解在一长段时间内发生了什么非常有用。 + +#### 过滤器: #### + +只显示那些匹配或不匹配一些正则表达式的行。对于移除大量你不感兴趣的日志行非常有用。 + +#### 即时操作: #### + +在你输入到时候会同时完成检索;当添加了新日志行的时候会自动加载和搜索;加载行的时候会应用过滤器;另外,还会在你输入 SQL 查询的时候检查其正确性。 + +#### 自动显示后文: #### + +日志文件视图会自动往下滚动到新添加到文件中的行。只需要向上滚动就可以锁定当前视图,然后向下滚动到底部恢复显示后文。 + +#### 按照日期顺序排序行: #### + +从所有文件中加载的日志行会按照日期进行排序。使得你不需要手动从不同文件中收集日志信息。 + +#### 语法高亮: #### + +错误和警告会用红色和黄色显示。高亮还可用于: SQL 关键字、XML 标签、Java 文件行号和括起来的字符串。 + +#### 导航: #### + +有快捷键用于跳转到下一个或上一个错误或警告,按照指定的时间向后或向前翻页。 + +#### 用 SQL 查询日志: #### + +每个日志文件行都相当于数据库中的一行,可以使用 SQL 进行查询。可以使用的列取决于查看的日志文件类型。 + +#### 命令和搜索历史: #### + +会自动保存你之前输入的命令和搜素,因此你可以在会话之间使用它们。 + +#### 压缩文件: #### + +会实时自动检测和解压压缩的日志文件。 + +### 在 ubuntu 15.10 上安装 lnav #### + +打开终端运行下面的命令 + + sudo apt-get install lnav + +### 使用 lnav ### + +如果你想使用 lnav 查看日志,你可以使用下面的命令,默认它会显示 syslogs + + lnav + +![](http://www.ubuntugeek.com/wp-content/uploads/2015/11/51.png) + +如果你想查看特定的日志,那么需要指定路径。如果你想看 CPU 日志,在你的终端里运行下面的命令 + + lnav /var/log/cups + +![](http://www.ubuntugeek.com/wp-content/uploads/2015/11/6.png) + +-------------------------------------------------------------------------------- + +via: http://www.ubuntugeek.com/lnav-ncurses-based-log-file-viewer.html + +作者:[ruchi][a] +译者:[ictlyh](http://mutouxiaogui.cn/blog/) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.ubuntugeek.com/author/ubuntufix diff --git a/published/20151125 How to Install GIMP 2.8.16 in Ubuntu 16.04 or 15.10 or 14.04.md b/published/20151125 How to Install GIMP 2.8.16 in Ubuntu 16.04 or 15.10 or 14.04.md new file mode 100644 index 0000000000..7c2e304403 --- /dev/null +++ b/published/20151125 How to Install GIMP 2.8.16 in Ubuntu 16.04 or 15.10 or 14.04.md @@ -0,0 +1,59 @@ +如何在 Ubuntu 16.04,15.10,14.04 中安装 GIMP 2.8.16 +================================================================================ +![GIMP 2.8.16](http://ubuntuhandbook.org/wp-content/uploads/2015/11/gimp-icon.png) + +GIMP 图像编辑器 2.8.16 版本在其20岁生日时发布了。下面是如何安装或升级 GIMP 在 Ubuntu 16.04, Ubuntu 15.10, Ubuntu 14.04, Ubuntu 12.04 及其衍生版本中,如 Linux Mint 17.x/13, Elementary OS Freya。 + +GIMP 2.8.16 支持 OpenRaster 文件中的层组,修复了 PSD 中的层组支持以及各种用户界面改进,修复了 OSX 上的构建系统,以及更多新的变化。请阅读 [官方声明][1]。 + +![GIMP image editor 2.8,16](http://ubuntuhandbook.org/wp-content/uploads/2014/08/gimp-2-8-14.jpg) + +### 如何安装或升级: ### + +多亏了 Otto Meier,[Ubuntu PPA][2] 中最新的 GIMP 包可用于当前所有的 Ubuntu 版本和其衍生版。 + +**1. 添加 GIMP PPA** + +从 Unity Dash 中打开终端,或通过 Ctrl+Alt+T 快捷键打开。在它打开它后,粘贴下面的命令并回车: + + sudo add-apt-repository ppa:otto-kesselgulasch/gimp + +![add GIMP PPA](http://ubuntuhandbook.org/wp-content/uploads/2015/11/gimp-ppa.jpg) + +输入你的密码,密码不会在终端显示,然后回车继续。 + +**2. 安装或升级编辑器** + +在添加了 PPA 后,启动 **Software Updater**(在 Mint 中是 Software Manager)。检查更新后,你将看到 GIMP 的更新列表。点击 “Install Now” 进行升级。 + +![upgrade-gimp2816](http://ubuntuhandbook.org/wp-content/uploads/2015/11/upgrade-gimp2816.jpg) + +对于那些喜欢 Linux 命令的,按顺序执行下面的命令,刷新仓库的缓存然后安装 GIMP: + + sudo apt-get update + + sudo apt-get install gimp + +**3. (可选的) 卸载** + +如果你想卸载或降级 GIMP 图像编辑器。从软件中心直接删除它,或者按顺序运行下面的命令来将 PPA 清除并降级软件: + + sudo apt-get install ppa-purge + + sudo ppa-purge ppa:otto-kesselgulasch/gimp + +就这样。玩的愉快! + +-------------------------------------------------------------------------------- + +via: http://ubuntuhandbook.org/index.php/2015/11/how-to-install-gimp-2-8-16-in-ubuntu-16-04-15-10-14-04/ + +作者:[Ji m][a] +译者:[strugglingyouth](https://github.com/strugglingyouth) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://ubuntuhandbook.org/index.php/about/ +[1]:http://www.gimp.org/news/2015/11/22/20-years-of-gimp-release-of-gimp-2816/ +[2]:https://launchpad.net/~otto-kesselgulasch/+archive/ubuntu/gimp diff --git a/published/20151125 The tar command explained.md b/published/20151125 The tar command explained.md new file mode 100644 index 0000000000..22244bf89c --- /dev/null +++ b/published/20151125 The tar command explained.md @@ -0,0 +1,143 @@ +tar 命令使用介绍 +================================================================================ +Linux [tar][1] 命令是归档或分发文件时的强大武器。GNU tar 归档包可以包含多个文件和目录,还能保留其文件权限,它还支持多种压缩格式。Tar 表示 "**T**ape **Ar**chiver",这种格式是 POSIX 标准。 + +### Tar 文件格式 ### + +tar 压缩等级简介: + +- **无压缩** 没有压缩的文件用 .tar 结尾。 +- **Gzip 压缩** Gzip 格式是 tar 使用最广泛的压缩格式,它能快速压缩和提取文件。用 gzip 压缩的文件通常用 .tar.gz 或 .tgz 结尾。这里有一些如何[创建][2]和[解压][3] tar.gz 文件的例子。 +- **Bzip2 压缩** 和 Gzip 格式相比 Bzip2 提供了更好的压缩比。创建压缩文件也比较慢,通常采用 .tar.bz2 结尾。 +- **Lzip(LAMA)压缩** Lizp 压缩结合了 Gzip 快速的优势,以及和 Bzip2 类似(甚至更好) 的压缩率。尽管有这些好处,这个格式并没有得到广泛使用。 +- **Lzop 压缩** 这个压缩选项也许是 tar 最快的压缩格式,它的压缩率和 gzip 类似,但也没有广泛使用。 + +常见的格式是 tar.gz 和 tar.bz2。如果你想快速压缩,那么就是用 gzip。如果归档文件大小比较重要,就是用 tar.bz2。 + +### tar 命令用来干什么? ### + +下面是一些使用 tar 命令的常见情形。 + +- 备份服务器或桌面系统 +- 文档归档 +- 软件分发 + +### 安装 tar ### + +大部分 Linux 系统默认都安装了 tar。如果没有,这里有安装 tar 的命令。 + +#### CentOS #### + +在 CentOS 中,以 root 用户在 shell 中执行下面的命令安装 tar。 + + yum install tar + +#### Ubuntu #### + +下面的命令会在 Ubuntu 上安装 tar。“sudo” 命令确保 apt 命令是以 root 权限运行的。 + + sudo apt-get install tar + +#### Debian #### + +下面的 apt 命令在 Debian 上安装 tar。 + + apt-get install tar + +#### Windows #### + +tar 命令在 Windows 也可以使用,你可以从 Gunwin 项目[http://gnuwin32.sourceforge.net/packages/gtar.htm][4]中下载它。 + +### 创建 tar.gz 文件 ### + +下面是在 shell 中运行 [tar 命令][5] 的一些例子。下面我会解释这些命令行选项。 + + tar pczf myarchive.tar.gz /home/till/mydocuments + +这个命令会创建归档文件 myarchive.tar.gz,其中包括了路径 /home/till/mydocuments 中的文件和目录。**命令行选项解释**: + +- **[p]** 这个选项表示 “preserve”,它指示 tar 在归档文件中保留文件属主和权限信息。 +- **[c]** 表示创建。要创建文件时不能缺少这个选项。 +- **[z]** z 选项启用 gzip 压缩。 +- **[f]** file 选项告诉 tar 创建一个归档文件。如果没有这个选项 tar 会把输出发送到标准输出( LCTT 译注:如果没有指定,标准输出默认是屏幕,显然你不会想在屏幕上显示一堆乱码,通常你可以用管道符号送到其它程序去)。 + +#### Tar 命令示例 #### + +**示例 1: 备份 /etc 目录** + +创建 /etc 配置目录的一个备份。备份保存在 root 目录。 + + tar pczvf /root/etc.tar.gz /etc + +![用 tar 备份 /etc 目录](https://www.howtoforge.com/images/linux-tar-command/big/create-tar.png) + +要以 root 用户运行命令确保 /etc 中的所有文件都会被包含在备份中。这次,我在命令中添加了 [v] 选项。这个选项表示 verbose,它告诉 tar 显示所有被包含到归档文件中的文件名。 + +**示例 2: 备份你的 /home 目录** + +创建你的 home 目录的备份。备份会被保存到 /backup 目录。 + + tar czf /backup/myuser.tar.gz /home/myuser + +用你的用户名替换 myuser。这个命令中,我省略了 [p] 选项,也就不会保存权限。 + +**示例 3: 基于文件的 MySQL 数据库备份** + +在大部分 Linux 发行版中,MySQL 数据库保存在 /var/lib/mysql。你可以使用下面的命令来查看: + + ls /var/lib/mysql + +![使用 tar 基于文件备份 MySQL](https://www.howtoforge.com/images/linux-tar-command/big/tar_backup_mysql.png) + +用 tar 备份 MySQL 数据文件时为了保持数据一致性,首先停用数据库服务器。备份会被写到 /backup 目录。 + +1) 创建 backup 目录 + + mkdir /backup + chmod 600 /backup + +2) 停止 MySQL,用 tar 进行备份并重新启动数据库。 + + service mysql stop + tar pczf /backup/mysql.tar.gz /var/lib/mysql + service mysql start + ls -lah /backup + +![基于文件的 MySQL 备份](https://www.howtoforge.com/images/linux-tar-command/big/tar-backup-mysql2.png) + +### 提取 tar.gz 文件### + +提取 tar.gz 文件的命令是: + + tar xzf myarchive.tar.gz + +#### tar 命令选项解释 #### + +- **[x]** x 表示提取,提取 tar 文件时这个命令不可缺少。 +- **[z]** z 选项告诉 tar 要解压的归档文件是 gzip 格式。 +- **[f]** 该选项告诉 tar 从一个文件中读取归档内容,本例中是 myarchive.tar.gz。 + +上面的 tar 命令会安静地提取 tar.gz 文件,除非有错误信息。如果你想要看提取了哪些文件,那么添加 “v” 选项。 + + tar xzvf myarchive.tar.gz + +**[v]** 选项表示 verbose,它会向你显示解压的文件名。 + +![提取 tar.gz 文件](https://www.howtoforge.com/images/linux-tar-command/big/tar-xfz.png) + +-------------------------------------------------------------------------------- + +via: https://www.howtoforge.com/tutorial/linux-tar-command/ + +作者:[howtoforge][a] +译者:[ictlyh](http://mutouxiaogui.cn/blog/) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.howtoforge.com/ +[1]:https://en.wikipedia.org/wiki/Tar_(computing) +[2]:http://www.faqforge.com/linux/create-tar-gz/ +[3]:http://www.faqforge.com/linux/extract-tar-gz/ +[4]:http://gnuwin32.sourceforge.net/packages/gtar.htm +[5]:http://www.faqforge.com/linux/tar-command/ \ No newline at end of file diff --git a/published/201508/Part 1 - Introduction to RAID, Concepts of RAID and RAID Levels.md b/published/RAID/Part 1 - Introduction to RAID, Concepts of RAID and RAID Levels.md similarity index 100% rename from published/201508/Part 1 - Introduction to RAID, Concepts of RAID and RAID Levels.md rename to published/RAID/Part 1 - Introduction to RAID, Concepts of RAID and RAID Levels.md diff --git a/published/201508/Part 2 - Creating Software RAID0 (Stripe) on ‘Two Devices’ Using ‘mdadm’ Tool in Linux.md b/published/RAID/Part 2 - Creating Software RAID0 (Stripe) on ‘Two Devices’ Using ‘mdadm’ Tool in Linux.md similarity index 100% rename from published/201508/Part 2 - Creating Software RAID0 (Stripe) on ‘Two Devices’ Using ‘mdadm’ Tool in Linux.md rename to published/RAID/Part 2 - Creating Software RAID0 (Stripe) on ‘Two Devices’ Using ‘mdadm’ Tool in Linux.md diff --git a/published/201508/Part 3 - Setting up RAID 1 (Mirroring) using 'Two Disks' in Linux.md b/published/RAID/Part 3 - Setting up RAID 1 (Mirroring) using 'Two Disks' in Linux.md similarity index 100% rename from published/201508/Part 3 - Setting up RAID 1 (Mirroring) using 'Two Disks' in Linux.md rename to published/RAID/Part 3 - Setting up RAID 1 (Mirroring) using 'Two Disks' in Linux.md diff --git a/published/201508/Part 4 - Creating RAID 5 (Striping with Distributed Parity) in Linux.md b/published/RAID/Part 4 - Creating RAID 5 (Striping with Distributed Parity) in Linux.md similarity index 100% rename from published/201508/Part 4 - Creating RAID 5 (Striping with Distributed Parity) in Linux.md rename to published/RAID/Part 4 - Creating RAID 5 (Striping with Distributed Parity) in Linux.md diff --git a/published/201508/Part 5 - Setup RAID Level 6 (Striping with Double Distributed Parity) in Linux.md b/published/RAID/Part 5 - Setup RAID Level 6 (Striping with Double Distributed Parity) in Linux.md similarity index 100% rename from published/201508/Part 5 - Setup RAID Level 6 (Striping with Double Distributed Parity) in Linux.md rename to published/RAID/Part 5 - Setup RAID Level 6 (Striping with Double Distributed Parity) in Linux.md diff --git a/published/201508/Part 6 - Setting Up RAID 10 or 1+0 (Nested) in Linux.md b/published/RAID/Part 6 - Setting Up RAID 10 or 1+0 (Nested) in Linux.md similarity index 100% rename from published/201508/Part 6 - Setting Up RAID 10 or 1+0 (Nested) in Linux.md rename to published/RAID/Part 6 - Setting Up RAID 10 or 1+0 (Nested) in Linux.md diff --git a/published/201508/Part 7 - Growing an Existing RAID Array and Removing Failed Disks in Raid.md b/published/RAID/Part 7 - Growing an Existing RAID Array and Removing Failed Disks in Raid.md similarity index 100% rename from published/201508/Part 7 - Growing an Existing RAID Array and Removing Failed Disks in Raid.md rename to published/RAID/Part 7 - Growing an Existing RAID Array and Removing Failed Disks in Raid.md diff --git a/published/RAID/Part 8 - How to Recover Data and Rebuild Failed Software RAID's.md b/published/RAID/Part 8 - How to Recover Data and Rebuild Failed Software RAID's.md new file mode 100644 index 0000000000..82233aacda --- /dev/null +++ b/published/RAID/Part 8 - How to Recover Data and Rebuild Failed Software RAID's.md @@ -0,0 +1,167 @@ +在 Linux 下使用 RAID(八):当软件 RAID 故障时如何恢复和重建数据 +================================================================================ + +在阅读过 [RAID 系列][1] 前面的文章后你已经对 RAID 比较熟悉了。回顾前面几个软件 RAID 的配置,我们对每一个都做了详细的解释,使用哪一个取决与你的具体情况。 + +![Recover Rebuild Failed Software RAID's](http://www.tecmint.com/wp-content/uploads/2015/10/Recover-Rebuild-Failed-Software-RAID.png) + +*恢复并重建故障的软件 RAID - 第8部分* + +在本文中,我们将讨论当一个磁盘发生故障时如何重建软件 RAID 阵列并且不会丢失数据。为方便起见,我们仅考虑RAID 1 的配置 - 但其方法和概念适用于所有情况。 + +#### RAID 测试方案 #### + +在进一步讨论之前,请确保你已经配置好了 RAID 1 阵列,可以按照本系列第3部分提供的方法:[在 Linux 中如何创建 RAID 1(镜像)][2]。 + +在目前的情况下,仅有的变化是: + +1. 使用不同版本 CentOS(v7),而不是前面文章中的(v6.5)。 +2. 磁盘容量发生改变, /dev/sdb 和 /dev/sdc(各8GB)。 + +此外,如果 SELinux 设置为 enforcing 模式,你需要将相应的标签添加到挂载 RAID 设备的目录中。否则,当你试图挂载时,你会碰到这样的警告信息: + +![SELinux RAID Mount Error](http://www.tecmint.com/wp-content/uploads/2015/10/SELinux-RAID-Mount-Error.png) + +*启用 SELinux 时 RAID 挂载错误* + +通过以下命令来解决: + + # restorecon -R /mnt/raid1 + +### 配置 RAID 监控 ### + +存储设备损坏的原因很多(尽管固态硬盘大大减少了这种情况发生的可能性),但不管是什么原因,可以肯定问题随时可能发生,你需要准备好替换发生故障的部分,并确保数据的可用性和完整性。 + +首先建议是。虽然你可以查看 `/proc/mdstat` 来检查 RAID 的状态,但有一个更好的和节省时间的方法,使用监控 + 扫描模式运行 mdadm,它将警报通过电子邮件发送到一个预定义的收件人。 + +要这样设置,在 `/etc/mdadm.conf` 添加以下行: + + MAILADDR user@ + +我自己的设置如下: + + MAILADDR gacanepa@localhost + +![RAID Monitoring Email Alerts](http://www.tecmint.com/wp-content/uploads/2015/10/RAID-Monitoring-Email-Alerts.png) + +*监控 RAID 并使用电子邮件进行报警* + +要让 mdadm 运行在监控 + 扫描模式中,以 root 用户添加以下 crontab 条目: + + @reboot /sbin/mdadm --monitor --scan --oneshot + +默认情况下,mdadm 每隔60秒会检查 RAID 阵列,如果发现问题将发出警报。你可以通过添加 `--delay` 选项到crontab 条目上面,后面跟上秒数,来修改默认行为(例如,`--delay` 1800意味着30分钟)。 + +最后,确保你已经安装了一个邮件用户代理(MUA),如[mutt 或 mailx][3]。否则,你将不会收到任何警报。 + +在一分钟内,我们就会看到 mdadm 发送的警报。 + +### 模拟和更换发生故障的 RAID 存储设备 ### + +为了给 RAID 阵列中的存储设备模拟一个故障,我们将使用 `--manage` 和 `--set-faulty` 选项,如下所示: + + # mdadm --manage --set-faulty /dev/md0 /dev/sdc1 + +这将导致 /dev/sdc1 被标记为 faulty,我们可以在 /proc/mdstat 看到: + +![Stimulate Issue with RAID Storage](http://www.tecmint.com/wp-content/uploads/2015/10/Stimulate-Issue-with-RAID-Storage.png) + +*在 RAID 存储设备上模拟问题* + +更重要的是,让我们看看是不是收到了同样的警报邮件: + +![Email Alert on Failed RAID Device](http://www.tecmint.com/wp-content/uploads/2015/10/Email-Alert-on-Failed-RAID-Device.png) + +*RAID 设备故障时发送邮件警报* + +在这种情况下,你需要从软件 RAID 阵列中删除该设备: + + # mdadm /dev/md0 --remove /dev/sdc1 + +然后,你可以直接从机器中取出,并将其使用备用设备来取代(/dev/sdd 中类型为 fd 的分区是以前创建的): + + # mdadm --manage /dev/md0 --add /dev/sdd1 + +幸运的是,该系统会使用我们刚才添加的磁盘自动重建阵列。我们可以通过标记 /dev/sdb1 为 faulty 来进行测试,从阵列中取出后,并确认 tecmint.txt 文件仍然在 /mnt/raid1 是可访问的: + + # mdadm --detail /dev/md0 + # mount | grep raid1 + # ls -l /mnt/raid1 | grep tecmint + # cat /mnt/raid1/tecmint.txt + +![Confirm Rebuilding RAID Array](http://www.tecmint.com/wp-content/uploads/2015/10/Rebuilding-RAID-Array.png) + +*确认 RAID 重建* + +上面图片清楚的显示,添加 /dev/sdd1 到阵列中来替代 /dev/sdc1,数据的重建是系统自动完成的,不需要干预。 + +虽然要求不是很严格,有一个备用设备是个好主意,这样更换故障的设备就可以在瞬间完成了。要做到这一点,先让我们重新添加 /dev/sdb1 和 /dev/sdc1: + + # mdadm --manage /dev/md0 --add /dev/sdb1 + # mdadm --manage /dev/md0 --add /dev/sdc1 + +![Replace Failed Raid Device](http://www.tecmint.com/wp-content/uploads/2015/10/Replace-Failed-Raid-Device.png) + +*取代故障的 Raid 设备* + +### 从冗余丢失中恢复数据 ### + +如前所述,当一个磁盘发生故障时, mdadm 将自动重建数据。但是,如果阵列中的2个磁盘都故障时会发生什么?让我们来模拟这种情况,通过标记 /dev/sdb1 和 /dev/sdd1 为 faulty: + + # umount /mnt/raid1 + # mdadm --manage --set-faulty /dev/md0 /dev/sdb1 + # mdadm --stop /dev/md0 + # mdadm --manage --set-faulty /dev/md0 /dev/sdd1 + +此时尝试以同样的方式重新创建阵列就(或使用 `--assume-clean` 选项)可能会导致数据丢失,因此不到万不得已不要使用。 + +让我们试着从 /dev/sdb1 恢复数据,例如,在一个类似的磁盘分区(/dev/sde1 - 注意,这需要你执行前在/dev/sde 上创建一个 fd 类型的分区)上使用 `ddrescue`: + + # ddrescue -r 2 /dev/sdb1 /dev/sde1 + +![Recovering Raid Array](http://www.tecmint.com/wp-content/uploads/2015/10/Recovering-Raid-Array.png) + +*恢复 Raid 阵列* + +请注意,到现在为止,我们还没有触及 /dev/sdb 和 /dev/sdd,这是 RAID 阵列的一部分分区。 + +现在,让我们使用 /dev/sde1 和 /dev/sdf1 来重建阵列: + + # mdadm --create /dev/md0 --level=mirror --raid-devices=2 /dev/sd[e-f]1 + +请注意,在真实的情况下,你需要使用与原来的阵列中相同的设备名称,即设备失效后替换的磁盘的名称应该是 /dev/sdb1 和 /dev/sdc1。 + +在本文中,我选择了使用额外的设备来重新创建全新的磁盘阵列,是为了避免与原来的故障磁盘混淆。 + +当被问及是否继续写入阵列时,键入 Y,然后按 Enter。阵列被启动,你也可以查看它的进展: + + # watch -n 1 cat /proc/mdstat + +当这个过程完成后,你就应该能够访问 RAID 的数据: + +![Confirm Raid Content](http://www.tecmint.com/wp-content/uploads/2015/10/Raid-Content.png) + +*确认 Raid 数据* + +### 总结 ### + +在本文中,我们回顾了从 RAID 故障和冗余丢失中恢复数据。但是,你要记住,这种技术是一种存储解决方案,不能取代备份。 + +本文中介绍的方法适用于所有 RAID 中,其中的概念我将在本系列的最后一篇(RAID 管理)中涵盖它。 + +如果你对本文有任何疑问,随时给我们以评论的形式说明。我们期待倾听阁下的心声! + +-------------------------------------------------------------------------------- + +via: http://www.tecmint.com/recover-data-and-rebuild-failed-software-raid/ + +作者:[Gabriel Cánepa][a] +译者:[strugglingyouth](https://github.com/strugglingyouth) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.tecmint.com/author/gacanepa/ +[1]:https://linux.cn/article-6085-1.html +[2]:https://linux.cn/article-6093-1.html +[3]:http://www.tecmint.com/send-mail-from-command-line-using-mutt-command/ diff --git a/published/RAID/Part 9 - How to Manage Software RAID's in Linux with 'Mdadm' Tool.md b/published/RAID/Part 9 - How to Manage Software RAID's in Linux with 'Mdadm' Tool.md new file mode 100644 index 0000000000..775e82aba5 --- /dev/null +++ b/published/RAID/Part 9 - How to Manage Software RAID's in Linux with 'Mdadm' Tool.md @@ -0,0 +1,162 @@ +在 Linux 下使用 RAID(九):如何使用 ‘Mdadm’ 工具管理软件 RAID +================================================================================ + +无论你以前有没有使用 RAID 阵列的经验,以及是否完成了 [此 RAID 系列][1] 的所有教程,一旦你在 Linux 中熟悉了 `mdadm --manage` 命令的使用,管理软件 RAID 将不是很复杂的任务。 + +![在 Linux 中使用 mdadm 管理 RAID 设备 - 第9部分](http://www.tecmint.com/wp-content/uploads/2015/10/Manage-Raid-with-Mdadm-Tool-in-Linux.jpg) + +*在 Linux 中使用 mdadm 管理 RAID 设备 - 第9部分* + +在本教程中,我们会再介绍此工具提供的功能,这样当你需要它,就可以派上用场。 + +#### RAID 测试方案 #### + +在本系列的最后一篇文章中,我们将使用一个简单的 RAID 1(镜像)阵列,它由两个 8GB 的磁盘(/dev/sdb 和 /dev/sdc)和一个备用设备(/dev/sdd)来演示,但在此使用的方法也适用于其他类型的配置。也就是说,放心去用吧,把这个页面添加到浏览器的书签,然后让我们开始吧。 + +### 了解 mdadm 的选项和使用方法 ### + +幸运的是,mdadm 有一个内建的 `--help` 参数来对每个主要的选项提供说明文档。 + +因此,让我们开始输入: + + # mdadm --manage --help + +就会使我们看到 `mdadm --manage` 能够执行哪些任务: + +![Manage RAID with mdadm Tool](http://www.tecmint.com/wp-content/uploads/2015/10/mdadm-Usage-in-Linux.png) + +*使用 mdadm 工具来管理 RAID* + +正如我们在上面的图片看到,管理一个 RAID 阵列可以在任意时间执行以下任务: + +- (重新)将设备添加到阵列中 +- 把设备标记为故障 +- 从阵列中删除故障设备 +- 使用备用设备更换故障设备 +- 先创建部分阵列 +- 停止阵列 +- 标记阵列为 ro(只读)或 rw(读写) + +### 使用 mdadm 工具管理 RAID 设备 ### + +需要注意的是,如果用户忽略 `--manage` 选项,mdadm 默认使用管理模式。请记住这一点,以避免出现最坏的情况。 + +上图中的高亮文本显示了管理 RAID 的基本语法: + + # mdadm --manage RAID options devices + +让我们来演示几个例子。 + +#### ​例1:为 RAID 阵列添加设备 #### + +你通常会添加新设备来更换故障的设备,或者使用空闲的分区以便在出现故障时能及时替换: + + # mdadm --manage /dev/md0 --add /dev/sdd1 + +![Add Device to Raid Array](http://www.tecmint.com/wp-content/uploads/2015/10/Add-Device-to-Raid-Array.png) + +*添加设备到 Raid 阵列* + +#### ​例2:把一个 RAID 设备标记为故障并从阵列中移除 #### + +在从逻辑阵列中删除该设备前,这是强制性的步骤,然后才能从机器中取出它 - 注意顺序(如果弄错了这些步骤,最终可能会造成实际设备的损害): + + # mdadm --manage /dev/md0 --fail /dev/sdb1 + +请注意在前面的例子中,知道如何添加备用设备来自动更换出现故障的磁盘。在此之后,[恢复和重建 raid 数据][2] 就开始了: + +![Recover and Rebuild Raid Data](http://www.tecmint.com/wp-content/uploads/2015/10/Recover-and-Rebuild-Raid-Data.png) + +*恢复和重建 raid 数据* + +一旦设备已被手动标记为故障,你就可以安全地从阵列中删除它: + + # mdadm --manage /dev/md0 --remove /dev/sdb1 + +#### 例3:重新添加设备,来替代阵列中已经移除的设备 #### + +到现在为止,我们有一个工作的 RAID 1 阵列,它包含了2个活动的设备:/dev/sdc1 和 /dev/sdd1。现在让我们试试重新添加 /dev/sdb1 到/dev/md0: + + # mdadm --manage /dev/md0 --re-add /dev/sdb1 + +我们会碰到一个错误: + + # mdadm: --re-add for /dev/sdb1 to /dev/md0 is not possible + +因为阵列中的磁盘已经达到了最大的数量。因此,我们有两个选择:a)将 /dev/sdb1 添加为备用的,如例1;或 b)从阵列中删除 /dev/sdd1 然后重新添加 /dev/sdb1。 + +我们选择选项 b),先停止阵列然后重新启动: + + # mdadm --stop /dev/md0 + # mdadm --assemble /dev/md0 /dev/sdb1 /dev/sdc1 + +如果上面的命令不能成功添加 /dev/sdb1 到阵列中,使用例1中的命令来完成。 + +mdadm 能检测到新添加的设备并将其作为备用设备,当添加完成后它会开始重建数据,它也被认为是 RAID 中的活动设备: + +![Raid Rebuild Status](http://www.tecmint.com/wp-content/uploads/2015/10/Raid-Rebuild-Status.png) + +*重建 Raid 的状态* + +#### 例4:使用特定磁盘更换 RAID 设备 #### + +在阵列中使用备用磁盘更换磁盘很简单: + + # mdadm --manage /dev/md0 --replace /dev/sdb1 --with /dev/sdd1 + +![Replace Raid Device](http://www.tecmint.com/wp-content/uploads/2015/10/Replace-Raid-device.png) + +*更换 Raid 设备* + +这会导致 `--replace` 指定的设备被标记为故障,而 `--with`指定的设备添加到 RAID 中来替代它: + +![Check Raid Rebuild Status](http://www.tecmint.com/wp-content/uploads/2015/10/Check-Raid-Rebuild-Status.png) + +*检查 Raid 重建状态* + +#### ​例5:标记 RAID 阵列为 ro 或 rw #### + +创建阵列后,你必须在它上面创建一个文件系统并将其挂载到一个目录下才能使用它。你可能不知道,RAID 也可以被设置为 ro,使其只读;或者设置为 rw,就可以同时写入了。 + +要标记该设备为 ro,首先需要将其卸载: + + # umount /mnt/raid1 + # mdadm --manage /dev/md0 --readonly + # mount /mnt/raid1 + # touch /mnt/raid1/test1 + +![Set Permissions on Raid Array](http://www.tecmint.com/wp-content/uploads/2015/10/Set-Permissions-on-Raid-Array.png) + +*在 RAID 阵列上设置权限* + +要配置阵列允许写入操作需要使用 `--readwrite` 选项。请注意,在设置 rw 标志前,你需要先卸载设备并停止它: + + # umount /mnt/raid1 + # mdadm --manage /dev/md0 --stop + # mdadm --assemble /dev/md0 /dev/sdc1 /dev/sdd1 + # mdadm --manage /dev/md0 --readwrite + # touch /mnt/raid1/test2 + +![Allow Read Write Permission on Raid](http://www.tecmint.com/wp-content/uploads/2015/10/Allow-Write-Permission-on-Raid.png) + +*配置 Raid 允许读写操作* + +### 总结 ### + +在本系列中,我们已经解释了如何建立一个在企业环境中使用的软件 RAID 阵列。如果你按照这些文章所提供的例子进行配置,在 Linux 中你会充分领会到软件 RAID 的价值。 + +如果你碰巧任何问题或有建议,请随时使用下面的方式与我们联系。 + +-------------------------------------------------------------------------------- + +via: http://www.tecmint.com/manage-software-raid-devices-in-linux-with-mdadm/ + +作者:[GABRIEL CÁNEPA][a] +译者:[strugglingyouth](https://github.com/strugglingyouth) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.tecmint.com/author/gacanepa/ +[1]:https://linux.cn/article-6085-1.html +[2]:https://linux.cn/article-6448-1.html diff --git a/translated/tech/RHCE/Part 1 - RHCE Series--How to Setup and Test Static Network Routing.md b/published/RHCE/Part 1 - RHCE Series--How to Setup and Test Static Network Routing.md similarity index 61% rename from translated/tech/RHCE/Part 1 - RHCE Series--How to Setup and Test Static Network Routing.md rename to published/RHCE/Part 1 - RHCE Series--How to Setup and Test Static Network Routing.md index 03038b92d5..2e20280ecd 100644 --- a/translated/tech/RHCE/Part 1 - RHCE Series--How to Setup and Test Static Network Routing.md +++ b/published/RHCE/Part 1 - RHCE Series--How to Setup and Test Static Network Routing.md @@ -1,27 +1,28 @@ -RHCE 系列第一部分:如何设置和测试静态网络路由 +RHCE 系列(一):如何设置和测试静态网络路由 ================================================================================ RHCE(Red Hat Certified Engineer,红帽认证工程师)是红帽公司的一个认证,红帽向企业社区贡献开源操作系统和软件,同时它还给公司提供训练、支持和咨询服务。 ![RHCE 考试准备指南](http://www.tecmint.com/wp-content/uploads/2015/07/RHCE-Exam-Series-by-TecMint.jpg) -RHCE 考试准备指南 +*RHCE 考试准备指南* -这个 RHCE 是基于性能的考试(代号 EX300),面向那些拥有更多的技能、知识和能力的红帽企业版 Linux(RHEL)系统高级系统管理员。 +这个 RHCE 是一个绩效考试(代号 EX300),面向那些拥有更多的技能、知识和能力的红帽企业版 Linux(RHEL)系统高级系统管理员。 **重要**: [红帽认证系统管理员][1] (Red Hat Certified System Administrator,RHCSA)认证要求先有 RHCE 认证。 以下是基于红帽企业版 Linux 7 考试的考试目标,我们会在该 RHCE 系列中分别介绍: - 第一部分:如何在 RHEL 7 中设置和测试静态路由 -- 第二部分:如果进行包过滤、网络地址转换和设置内核运行时参数 -- 第三部分:如果使用 Linux 工具集产生和发送系统活动报告 +- 第二部分:如何进行包过滤、网络地址转换和设置内核运行时参数 +- 第三部分:如何使用 Linux 工具集产生和发送系统活动报告 - 第四部分:使用 Shell 脚本进行自动化系统维护 -- 第五部分:如果配置本地和远程系统日志 -- 第六部分:如果配置一个 Samba 服务器或 NFS 服务器(译者注:Samba 是在 Linux 和 UNI X系统上实现 SMB 协议的一个免费软件,由服务器及客户端程序构成。SMB,Server Messages Block,信息服务块,是一种在局域网上共享文件和打印机的一种通信协议,它为局域网内的不同计算机之间提供文件及打印机等资源的共享服务。) -- 第七部分:为收发邮件配置完整的 SMTP 服务器 -- 第八部分:在 RHEL 7 上设置 HTTPS 和 TLS -- 第九部分:设置网络时间协议 -- 第十部分:如何配置一个 Cache-Only DNS 服务器 +- 第五部分:如何在 RHEL 7 中管理系统日志(配置、轮换和导入到数据库) +- 第六部分:设置 Samba 服务器并配置 FirewallD 和 SELinux 支持客户端文件共享 +- 第七部分:设置 NFS 服务器及基于 Kerberos 认证的客户端 +- 第八部分:在 Apache 上使用网络安全服务(NSS)通过 TLS 提供 HTTPS 服务 +- 第九部分:如何使用无客户端配置来设置 Postfix 邮件服务器(SMTP) +- 第十部分:在 RHEL/CentOS 7 中设置网络时间协议(NTP)服务器 +- 第十一部分:如何配置一个只缓存的 DNS 服务器 在你的国家查看考试费用和注册考试,可以到 [RHCE 认证][2] 网页。 @@ -29,31 +30,31 @@ RHCE 考试准备指南 ![在 RHEL 中设置静态网络路由](http://www.tecmint.com/wp-content/uploads/2015/07/Setup-Static-Network-Routing-in-RHEL-7.jpg) -RHCE 系列第一部分:设置和测试网络静态路由 +*RHCE 系列第一部分:设置和测试网络静态路由* 请注意我们不会作深入的介绍,但以这种方式组织内容能帮助你开始第一步并继续后面的内容。 ### 红帽企业版 Linux 7 中的静态路由 ### -现代网络的一个奇迹就是有很多可用的设备能将一组计算机连接起来,不管是在一个房间里少量的机器还是在一栋建筑物、城市、国家或者大洲之间的多台机器。 +现代网络的一个奇迹就是有很多可用设备能将一组计算机连接起来,不管是在一个房间里少量的机器还是在一栋建筑物、城市、国家或者大洲之间的多台机器。 然而,为了能在任意情形下有效的实现这些,需要对网络包进行路由,或者换句话说,它们从源到目的地的路径需要按照某种规则。 -静态路由是为网络包指定一个路由的过程,而不是使用网络设备提供的默认网关。除非另有指定,否则通过路由,网络包会被导向默认网关;基于预定义的标准,例如数据包目的地,使用静态路由可以定义其它路径。 +静态路由是为网络包指定一个路由的过程,而不是使用网络设备提供的默认网关。除非另有指定静态路由,网络包会被导向默认网关;而静态路由则基于预定义标准所定义的其它路径,例如数据包目的地。 -我们在该篇指南中会考虑以下场景。我们有一台红帽企业版 Linux 7,连接到路由器 1号 [192.168.0.1] 以访问因特网以及 192.168.0.0/24 中的其它机器。 +我们在该篇指南中会考虑以下场景。我们有一台 RHEL 7,连接到 1号路由器 [192.168.0.1] 以访问因特网以及 192.168.0.0/24 中的其它机器。 -第二个路由器(路由器 2号)有两个网卡:enp0s3 同样通过网络连接到路由器 1号,以便连接RHEL 7 以及相同网络中的其它机器,另外一个网卡(enp0s8)用于授权访问内部服务所在的 10.0.0.0/24 网络,例如 web 或数据库服务器。 +第二个路由器(2号路由器)有两个网卡:enp0s3 同样连接到路由器1号以访问互联网,及与 RHEL 7 和同一网络中的其它机器通讯,另外一个网卡(enp0s8)用于授权访问内部服务所在的 10.0.0.0/24 网络,例如 web 或数据库服务器。 该场景可以用下面的示意图表示: ![静态路由网络示意图](http://www.tecmint.com/wp-content/uploads/2015/07/Static-Routing-Network-Diagram.png) -静态路由网络示意图 +*静态路由网络示意图* -在这篇文章中我们会集中介绍在 RHEL 7 中设置路由表,确保它能通过路由器 1号访问因特网以及通过路由器 2号访问内部网络。 +在这篇文章中我们会集中介绍在 RHEL 7 中设置路由表,确保它能通过1号路由器访问因特网以及通过2号路由器访问内部网络。 -在 RHEL 7 中,你会通过命令行用 [命令 ip][3] 配置和显示设备和路由。这些更改能在运行的系统中及时生效,但由于重启后不会保存,我们会使用 /etc/sysconfig/network-scripts 目录下的 ifcfg-enp0sX 和 route-enp0sX 文件永久保存我们的配置。 +在 RHEL 7 中,你可以通过命令行用 [ip 命令][3] 配置和显示设备和路由。这些更改能在运行的系统中及时生效,但由于重启后不会保存,我们会使用 `/etc/sysconfig/network-scripts` 目录下的 `ifcfg-enp0sX` 和 `route-enp0sX` 文件永久保存我们的配置。 首先,让我们打印出当前的路由表: @@ -61,15 +62,15 @@ RHCE 系列第一部分:设置和测试网络静态路由 ![在 Linux 中检查路由表](http://www.tecmint.com/wp-content/uploads/2015/07/Check-Current-Routing-Table.png) -检查当前路由表 +*检查当前路由表* 从上面的输出中,我们可以得出以下结论: - 默认网关的 IP 是 192.168.0.1,可以通过网卡 enp0s3 访问。 -- 系统启动的时候,它启用了到 169.254.0.0/16 的 zeroconf 路由(只是在本例中)。也就是说,如果机器设置为通过 DHCP 获取一个 IP 地址,但是由于某些原因失败了,它就会在该网络中自动分配到一个地址。这一行的意思是,该路由会允许我们通过 enp0s3 和其它没有从 DHCP 服务器中成功获得 IP 地址的机器机器连接。 -- 最后,但同样重要的是,我们也可以通过 IP 地址是 192.168.0.18 的 enp0s3 和 192.168.0.0/24 网络中的其它机器连接。 +- 系统启动的时候,它启用了到 169.254.0.0/16 的 zeroconf 路由(只是在本例中)。也就是说,如果机器设置通过 DHCP 获取 IP 地址,但是由于某些原因失败了,它就会在上述网段中自动分配到一个地址。这一行的意思是,该路由会允许我们通过 enp0s3 和其它没有从 DHCP 服务器中成功获得 IP 地址的机器机器相连接。 +- 最后,但同样重要的是,我们也可以通过 IP 地址是 192.168.0.18 的 enp0s3 与 192.168.0.0/24 网络中的其它机器连接。 -下面是这样的配置中你需要做的一些典型任务。除非另有说明,下面的任务都在路由器 2号上进行。 +下面是这样的配置中你需要做的一些典型任务。除非另有说明,下面的任务都在2号路由器上进行。 确保正确安装了所有网卡: @@ -88,7 +89,7 @@ RHCE 系列第一部分:设置和测试网络静态路由 # ip addr del 10.0.0.17 dev enp0s8 # ip addr add 10.0.0.18 dev enp0s8 -现在,请注意你只能添加一个通过已经能访问的网关到目标网络的路由。因为这个原因,我们需要在 192.168.0.0/24 范围中给 enp0s3 分配一个 IP 地址,这样我们的 RHEL 7 才能连接到它: +现在,请注意你只能添加一个通过网关到目标网络的路由,网关需要可以访问到。因为这个原因,我们需要在 192.168.0.0/24 范围中给 enp0s3 分配一个 IP 地址,这样我们的 RHEL 7 才能连接到它: # ip addr add 192.168.0.19 dev enp0s3 @@ -101,7 +102,7 @@ RHCE 系列第一部分:设置和测试网络静态路由 # systemctl stop firewalld # systemctl disable firewalld -回到我们的 RHEL 7(192.168.0.18),让我们配置一个通过 192.168.0.19(路由器 2号的 enp0s3)到 10.0.0.0/24 的路由: +回到我们的 RHEL 7(192.168.0.18),让我们配置一个通过 192.168.0.19(2号路由器的 enp0s3)到 10.0.0.0/24 的路由: # ip route add 10.0.0.0/24 via 192.168.0.19 @@ -111,7 +112,7 @@ RHCE 系列第一部分:设置和测试网络静态路由 ![显示网络路由表](http://www.tecmint.com/wp-content/uploads/2015/07/Show-Network-Routing.png) -确认网络路由表 +*确认网络路由表* 同样,在你尝试连接的 10.0.0.0/24 网络的机器中添加对应的路由: @@ -131,13 +132,13 @@ RHCE 系列第一部分:设置和测试网络静态路由 192.168.0.18 也就是我们的 RHEL 7 机器的 IP 地址。 -另外,我们还可以使用 [tcpdump][4](需要通过 yum install tcpdump 安装)来检查我们 RHEL 7 和 10.0.0.20 中 web 服务器之间的 TCP 双向通信。 +另外,我们还可以使用 [tcpdump][4](需要通过 `yum install tcpdump` 安装)来检查我们 RHEL 7 和 10.0.0.20 中 web 服务器之间的 TCP 双向通信。 首先在第一台机器中启用日志: # tcpdump -qnnvvv -i enp0s3 host 10.0.0.20 -在同一个系统上的另一个终端,让我们通过 telnet 连接到 web 服务器的 80 号端口(假设 Apache 正在监听该端口;否则在下面命令中使用正确的端口): +在同一个系统上的另一个终端,让我们通过 telnet 连接到 web 服务器的 80 号端口(假设 Apache 正在监听该端口;否则应在下面命令中使用正确的监听端口): # telnet 10.0.0.20 80 @@ -145,7 +146,7 @@ tcpdump 日志看起来像下面这样: ![检查服务器之间的网络连接](http://www.tecmint.com/wp-content/uploads/2015/07/Tcpdump-logs.png) -检查服务器之间的网络连接 +*检查服务器之间的网络连接* 通过查看我们 RHEL 7(192.168.0.18)和 web 服务器(10.0.0.20)之间的双向通信,可以看出已经正确地初始化了连接。 @@ -162,7 +163,7 @@ tcpdump 日志看起来像下面这样: # Device used to connect to default gateway. Replace X with the appropriate number. GATEWAYDEV=enp0sX -当需要为每个网卡设置特定的变量和值时(正如我们在路由器 2号上面做的),你需要编辑 /etc/sysconfig/network-scripts/ifcfg-enp0s3 和 /etc/sysconfig/network-scripts/ifcfg-enp0s8 文件。 +当需要为每个网卡设置特定的变量和值时(正如我们在2号路由器上面做的),你需要编辑 `/etc/sysconfig/network-scripts/ifcfg-enp0s3` 和 `/etc/sysconfig/network-scripts/ifcfg-enp0s8` 文件。 下面是我们的例子, @@ -184,23 +185,23 @@ tcpdump 日志看起来像下面这样: NAME=enp0s8 ONBOOT=yes -分别对应 enp0s3 和 enp0s8。 +其分别对应 enp0s3 和 enp0s8。 -由于要为我们的客户端机器(192.168.0.18)进行路由,我们需要编辑 /etc/sysconfig/network-scripts/route-enp0s3: +由于要为我们的客户端机器(192.168.0.18)进行路由,我们需要编辑 `/etc/sysconfig/network-scripts/route-enp0s3`: 10.0.0.0/24 via 192.168.0.19 dev enp0s3 -现在重启系统你可以在路由表中看到该路由规则。 +现在`reboot`你的系统,就可以在路由表中看到该路由规则。 ### 总结 ### -在这篇文章中我们介绍了红帽企业版 Linux 7 的静态路由。尽管场景可能不同,这里介绍的例子说明了所需的原理以及进行该任务的步骤。结束之前,我还建议你看一下 Linux 文档项目中 [第四章 4][5] 保护和优化 Linux 部分,以了解这里介绍主题的更详细内容。 +在这篇文章中我们介绍了红帽企业版 Linux 7 的静态路由。尽管场景可能不同,这里介绍的例子说明了所需的原理以及进行该任务的步骤。结束之前,我还建议你看一下 Linux 文档项目(The Linux Documentation Project)网站上的《安全加固和优化 Linux(Securing and Optimizing Linux)》的[第四章][5],以了解这里介绍主题的更详细内容。 -免费电子书 Securing & Optimizing Linux: The Hacking Solution (v.3.0) - 这本 800 多页的电子书全面收集了 Linux 安全的小技巧以及如果安全和简便的使用它们去配置基于 Linux 的应用和服务。 +免费电子书《Securing and Optimizing Linux: The Hacking Solution (v.3.0)》 - 这本 800 多页的电子书全面收集了 Linux 安全的小技巧以及如果安全和简便的使用它们去配置基于 Linux 的应用和服务。 ![Linux 安全和优化](http://www.tecmint.com/wp-content/uploads/2015/07/Linux-Security-Optimization-Book.gif) -Linux 安全和优化 +*Linux 安全和优化* [马上下载][6] @@ -214,12 +215,12 @@ via: http://www.tecmint.com/how-to-setup-and-configure-static-network-routing-in 作者:[Gabriel Cánepa][a] 译者:[ictlyh](https://github.com/ictlyh) -校对:[校对者ID](https://github.com/校对者ID) +校对:[wxy](https://github.com/wxy) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出 [a]:http://www.tecmint.com/author/gacanepa/ -[1]:http://www.tecmint.com/rhcsa-exam-reviewing-essential-commands-system-documentation/ +[1]:https://linux.cn/article-6133-1.html [2]:https://www.redhat.com/en/services/certification/rhce [3]:http://www.tecmint.com/ip-command-examples/ [4]:http://www.tecmint.com/12-tcpdump-commands-a-network-sniffer-tool/ diff --git a/translated/tech/RHCE/Part 2 - How to Perform Packet Filtering Network Address Translation and Set Kernel Runtime Parameters.md b/published/RHCE/Part 2 - How to Perform Packet Filtering Network Address Translation and Set Kernel Runtime Parameters.md similarity index 63% rename from translated/tech/RHCE/Part 2 - How to Perform Packet Filtering Network Address Translation and Set Kernel Runtime Parameters.md rename to published/RHCE/Part 2 - How to Perform Packet Filtering Network Address Translation and Set Kernel Runtime Parameters.md index 74b162be1c..38baedd754 100644 --- a/translated/tech/RHCE/Part 2 - How to Perform Packet Filtering Network Address Translation and Set Kernel Runtime Parameters.md +++ b/published/RHCE/Part 2 - How to Perform Packet Filtering Network Address Translation and Set Kernel Runtime Parameters.md @@ -1,16 +1,17 @@ -RHCE 第二部分 - 如何进行包过滤、网络地址转换和设置内核运行时参数 +RHCE 系列(二):如何进行包过滤、网络地址转换和设置内核运行时参数 ================================================================================ -正如第一部分(“[设置静态网络路由][1]”)承诺的,在这篇文章(RHCE 系列第二部分),我们首先介绍红帽企业版 Linux 7中包过滤和网络地址转换原理,然后再介绍某些条件发送变化或者需要激活时设置运行时内核参数以改变运行时内核行为。 + +正如第一部分(“[设置静态网络路由][1]”)提到的,在这篇文章(RHCE 系列第二部分),我们首先介绍红帽企业版 Linux 7(RHEL)中包过滤和网络地址转换(NAT)的原理,然后再介绍在某些条件发生变化或者需要变动时设置运行时内核参数以改变运行时内核行为。 ![RHEL 中的网络包过滤](http://www.tecmint.com/wp-content/uploads/2015/07/Network-Packet-Filtering-in-RHEL.jpg) -RHCE 第二部分:网络包过滤 +*RHCE 第二部分:网络包过滤* ### RHEL 7 中的网络包过滤 ### -当我们讨论数据包过滤的时候,我们指防火墙读取每个尝试通过它的数据包的包头所进行的处理。然后,根据系统管理员之前定义的规则,通过采取所要求的动作过滤数据包。 +当我们讨论数据包过滤的时候,我们指防火墙读取每个试图通过它的数据包的包头所进行的处理。然后,根据系统管理员之前定义的规则,通过采取所要求的动作过滤数据包。 -正如你可能知道的,从 RHEL 7 开始,管理防火墙的默认服务是 [firewalld][2]。类似 iptables,它和 Linux 内核的 netfilter 模块交互以便检查和操作网络数据包。不像 iptables,Firewalld 的更新可以立即生效,而不用中断活跃的连接 - 你甚至不需要重启服务。 +正如你可能知道的,从 RHEL 7 开始,管理防火墙的默认服务是 [firewalld][2]。类似 iptables,它和 Linux 内核的 netfilter 模块交互以便检查和操作网络数据包。但不像 iptables,Firewalld 的更新可以立即生效,而不用中断活跃的连接 - 你甚至不需要重启服务。 Firewalld 的另一个优势是它允许我们定义基于预配置服务名称的规则(之后会详细介绍)。 @@ -18,27 +19,27 @@ Firewalld 的另一个优势是它允许我们定义基于预配置服务名称 ![静态路由网络示意图](http://www.tecmint.com/wp-content/uploads/2015/07/Static-Routing-Network-Diagram.png) -静态路由网络示意图 +*静态路由网络示意图* -然而,你应该记得,由于还没有介绍包过滤,为了简化例子,我们停用了路由器 2号 的防火墙。现在让我们来看看如何可以使接收的数据包发送到目的地的特定服务或端口。 +然而,你应该记得,由于还没有介绍包过滤,为了简化例子,我们停用了2号路由器的防火墙。现在让我们来看看如何使接收的数据包发送到目的地的特定服务或端口。 -首先,让我们添加一条永久规则允许从 enp0s3 (192.168.0.19) 到 enp0s8 (10.0.0.18) 的绑定流量: +首先,让我们添加一条永久规则允许从 enp0s3 (192.168.0.19) 到 enp0s8 (10.0.0.18) 的入站流量: # firewall-cmd --permanent --direct --add-rule ipv4 filter FORWARD 0 -i enp0s3 -o enp0s8 -j ACCEPT -上面的命令会把规则保存到 /etc/firewalld/direct.xml: +上面的命令会把规则保存到 `/etc/firewalld/direct.xml` 中: # cat /etc/firewalld/direct.xml ![在 CentOS 7 中检查 Firewalld 保存的规则](http://www.tecmint.com/wp-content/uploads/2015/07/Check-Firewalld-Save-Rules.png) -检查 Firewalld 保存的规则 +*检查 Firewalld 保存的规则* 然后启用规则使其立即生效: # firewall-cmd --direct --add-rule ipv4 filter FORWARD 0 -i enp0s3 -o enp0s8 -j ACCEPT -现在你可以从 RHEL 7 中通过 telnet 登录到 web 服务器并再次运行 [tcpdump][3] 监视两台机器之间的 TCP 流量,这次路由器 2号已经启用了防火墙。 +现在你可以从 RHEL 7 中通过 telnet 到 web 服务器并再次运行 [tcpdump][3] 监视两台机器之间的 TCP 流量,这次2号路由器已经启用了防火墙。 # telnet 10.0.0.20 80 # tcpdump -qnnvvv -i enp0s3 host 10.0.0.20 @@ -61,19 +62,19 @@ Firewalld 的另一个优势是它允许我们定义基于预配置服务名称 我强烈建议你看看 Fedora Project Wiki 中的 [Firewalld Rich Language][4] 文档更详细地了解关于富规则的内容。 -### RHEL 7 中的网络地址转换 ### +### RHEL 7 中的网络地址转换(NAT) ### -网络地址转换(NAT)是为专用网络中的一组计算机(也可能是其中的一台)分配一个独立的公共 IP 地址的过程。结果,在内部网络中仍然可以用它们自己的私有 IP 地址区别,但外部“看来”它们是一样的。 +网络地址转换(NAT)是为专用网络中的一组计算机(也可能是其中的一台)分配一个独立的公共 IP 地址的过程。这样,在内部网络中仍然可以用它们自己的私有 IP 地址来区别,但外部“看来”它们是一样的。 -另外,网络地址转换使得内部网络中的计算机发送请求到外部资源(例如因特网)然后只有源系统能接收到对应的响应成为可能。 +另外,网络地址转换使得内部网络中的计算机发送请求到外部资源(例如因特网),然后只有源系统能接收到对应的响应成为可能。 现在让我们考虑下面的场景: ![RHEL 中的网络地址转换](http://www.tecmint.com/wp-content/uploads/2015/07/Network-Address-Translation-Diagram.png) -网络地址转换 +*网络地址转换* -在路由器 2 中,我们会把 enp0s3 接口移动到外部区域,enp0s8 到内部区域,伪装或者说 NAT 默认是启用的: +在2号路由器中,我们会把 enp0s3 接口移动到外部区域(external),enp0s8 到内部区域(external),伪装(masquerading)或者说 NAT 默认是启用的: # firewall-cmd --list-all --zone=external # firewall-cmd --change-interface=enp0s3 --zone=external @@ -81,7 +82,7 @@ Firewalld 的另一个优势是它允许我们定义基于预配置服务名称 # firewall-cmd --change-interface=enp0s8 --zone=internal # firewall-cmd --change-interface=enp0s8 --zone=internal --permanent -对于我们当前的设置,内部区域 - 以及和它一起启用的任何东西都是默认区域: +对于我们当前的设置,内部区域(internal) - 以及和它一起启用的任何东西都是默认区域: # firewall-cmd --set-default-zone=internal @@ -89,44 +90,44 @@ Firewalld 的另一个优势是它允许我们定义基于预配置服务名称 # firewall-cmd --reload -最后,在 web 服务器中添加路由器 2 为默认网关: +最后,在 web 服务器中添加2号路由器为默认网关: # ip route add default via 10.0.0.18 -现在你会发现在 web 服务器中你可以 ping 路由器 1 和外部网站(例如 tecmint.com): +现在你会发现在 web 服务器中你可以 ping 1号路由器和外部网站(例如 tecmint.com): # ping -c 2 192.168.0.1 # ping -c 2 tecmint.com ![验证网络路由](http://www.tecmint.com/wp-content/uploads/2015/07/Verify-Network-Routing.png) -验证网络路由 +*验证网络路由* ### 在 RHEL 7 中设置内核运行时参数 ### -在 Linux 中,允许你更改、启用以及停用内核运行时参数,RHEL 也不例外。/proc/sys 接口允许你当操作条件发生变化时实时设置运行时参数以改变系统行为而不需太多麻烦。 +在 Linux 中,允许你更改、启用以及停用内核运行时参数,RHEL 也不例外。当操作条件发生变化时,`/proc/sys` 接口(sysctl)允许你实时设置运行时参数改变系统行为,而不需太多麻烦。 -为了实现这个目的,会用内建的 echo shell 写 /proc/sys/ 中的文件,其中 很可能是以下目录中的一个: +为了实现这个目的,会用 shell 内建的 echo 写 `/proc/sys/` 中的文件,其中 `` 一般是以下目录中的一个: - dev: 连接到机器中的特定设备的参数。 - fs: 文件系统配置(例如 quotas 和 inodes)。 - kernel: 内核配置。 - net: 网络配置。 -- vm: 内核虚拟内存的使用。 +- vm: 内核的虚拟内存的使用。 要显示所有当前可用值的列表,运行 # sysctl -a | less -在第一部分中,我们通过以下命令改变了 net.ipv4.ip_forward 参数的值以允许 Linux 机器作为一个路由器。 +在第一部分中,我们通过以下命令改变了 `net.ipv4.ip_forward` 参数的值以允许 Linux 机器作为一个路由器。 # echo 1 > /proc/sys/net/ipv4/ip_forward -另一个你可能想要设置的运行时参数是 kernel.sysrq,它会启用你键盘上的 Sysrq 键,以使系统更好的运行一些底层函数,例如如果由于某些原因冻结了后重启系统: +另一个你可能想要设置的运行时参数是 `kernel.sysrq`,它会启用你键盘上的 `Sysrq` 键,以使系统更好的运行一些底层功能,例如如果由于某些原因冻结了后重启系统: # echo 1 > /proc/sys/kernel/sysrq -要显示特定参数的值,可以按照下面方式使用 sysctl: +要显示特定参数的值,可以按照下面方式使用 `sysctl`: # sysctl @@ -135,28 +136,29 @@ Firewalld 的另一个优势是它允许我们定义基于预配置服务名称 # sysctl net.ipv4.ip_forward # sysctl kernel.sysrq -一些参数,例如上面提到的一个,只需要一个值,而其它一些(例如 fs.inode-state)要求多个值: +有些参数,例如上面提到的某个,只需要一个值,而其它一些(例如 `fs.inode-state`)要求多个值: ![在 Linux 中查看内核参数](http://www.tecmint.com/wp-content/uploads/2015/07/Check-Kernel-Parameters.png) -查看内核参数 +*查看内核参数* 不管什么情况下,做任何更改之前你都需要阅读内核文档。 -请注意系统重启后这些设置会丢失。要使这些更改永久生效,我们需要添加内容到 /etc/sysctl.d 目录的 .conf 文件,像下面这样: +请注意系统重启后这些设置会丢失。要使这些更改永久生效,我们需要添加内容到 `/etc/sysctl.d` 目录的 .conf 文件,像下面这样: # echo "net.ipv4.ip_forward = 1" > /etc/sysctl.d/10-forward.conf (其中数字 10 表示相对同一个目录中其它文件的处理顺序)。 -并用下面命令启用更改 +并用下面命令启用更改: # sysctl -p /etc/sysctl.d/10-forward.conf ### 总结 ### 在这篇指南中我们解释了基本的包过滤、网络地址变换和在运行的系统中设置内核运行时参数并使重启后能持久化。我希望这些信息能对你有用,如往常一样,我们期望收到你的回复! -别犹豫,在下面的表格中和我们分享你的疑问、评论和建议吧。 + +别犹豫,在下面的表单中和我们分享你的疑问、评论和建议吧。 -------------------------------------------------------------------------------- @@ -164,12 +166,12 @@ via: http://www.tecmint.com/perform-packet-filtering-network-address-translation 作者:[Gabriel Cánepa][a] 译者:[ictlyh](https://github.com/ictlyh) -校对:[校对者ID](https://github.com/校对者ID) +校对:[wxy](https://github.com/wxy) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出 [a]:http://www.tecmint.com/author/gacanepa/ -[1]:http://www.tecmint.com/how-to-setup-and-configure-static-network-routing-in-rhel/ +[1]:https://linux.cn/article-6451-1.html [2]:http://www.tecmint.com/firewalld-rules-for-centos-7/ [3]:http://www.tecmint.com/12-tcpdump-commands-a-network-sniffer-tool/ [4]:https://fedoraproject.org/wiki/Features/FirewalldRichLanguage \ No newline at end of file diff --git a/translated/tech/RHCE/Part 3 - How to Produce and Deliver System Activity Reports Using Linux Toolsets.md b/published/RHCE/Part 3 - How to Produce and Deliver System Activity Reports Using Linux Toolsets.md similarity index 69% rename from translated/tech/RHCE/Part 3 - How to Produce and Deliver System Activity Reports Using Linux Toolsets.md rename to published/RHCE/Part 3 - How to Produce and Deliver System Activity Reports Using Linux Toolsets.md index 7a373cd76b..b60fdfe39d 100644 --- a/translated/tech/RHCE/Part 3 - How to Produce and Deliver System Activity Reports Using Linux Toolsets.md +++ b/published/RHCE/Part 3 - How to Produce and Deliver System Activity Reports Using Linux Toolsets.md @@ -1,32 +1,32 @@ -RHCE 第三部分 - 如何使用 Linux 工具集产生和发送系统活动报告 +RHCE 系列(三):如何使用 Linux 工具集生成和发送系统活动报告 ================================================================================ -作为一个系统工程师,你经常需要生成一些显示系统资源利用率的报告,以便确保:1)正最佳利用它们,2)防止出现瓶颈,3)确保可扩展性,以及其它原因。 +作为一个系统工程师,你经常需要生成一些显示系统资源利用率的报告,以便确保:1)正在合理利用系统,2)防止出现瓶颈,3)确保可扩展性,以及其它原因。 ![监视 Linux 性能活动报告](http://www.tecmint.com/wp-content/uploads/2015/08/Monitor-Linux-Performance-Activity-Reports.jpg) -RHCE 第三部分:监视 Linux 性能活动报告 +*RHCE 第三部分:监视 Linux 性能活动报告* -除了著名的用于检测磁盘、内存和 CPU 使用率的原生 Linux 工具 - 可以给出很多例子,红帽企业版 Linux 7 还提供了两个额外的工具集用于为你的报告增加可以收集的数据:sysstat 和 dstat。 +除了著名的用于检测磁盘、内存和 CPU 使用率的原生 Linux 工具 - 可以给出很多例子,红帽企业版 Linux 7 还提供了另外两个可以为你的报告更多数据的工具套装:sysstat 和 dstat。 在这篇文章中,我们会介绍两者,但首先让我们来回顾一下传统工具的使用。 ### 原生 Linux 工具 ### -使用 df,你可以报告磁盘空间以及文件系统的 inode 使用情况。你需要监视两者,因为缺少磁盘空间会阻止你保存更多文件(甚至会导致系统崩溃),就像耗尽 inode 意味着你不能将文件链接到对应的数据结构,从而导致同样的结果:你不能将那些文件保存到磁盘中。 +使用 df,你可以报告磁盘空间以及文件系统的 inode 使用情况。你需要监视这两者,因为缺少磁盘空间会阻止你保存更多文件(甚至会导致系统崩溃),就像耗尽 inode 意味着你不能将文件链接到对应的数据结构,从而导致同样的结果:你不能将那些文件保存到磁盘中。 # df -h [以人类可读形式显示输出] # df -h --total [生成总计] ![检查 Linux 总的磁盘使用](http://www.tecmint.com/wp-content/uploads/2015/08/Check-Linux-Total-Disk-Usage.png) -检查 Linux 总的磁盘使用 +*检查 Linux 总的磁盘使用* # df -i [显示文件系统的 inode 数目] # df -i --total [生成总计] ![检查 Linux 总的 inode 数目](http://www.tecmint.com/wp-content/uploads/2015/08/Check-Linux-Total-inode-Numbers.png) -检查 Linux 总的 inode 数目 +*检查 Linux 总的 inode 数目* 用 du,你可以估计文件、目录或文件系统的文件空间使用。 @@ -37,7 +37,7 @@ RHCE 第三部分:监视 Linux 性能活动报告 ![检查 Linux 目录磁盘大小](http://www.tecmint.com/wp-content/uploads/2015/08/Check-Linux-Directory-Disk-Size.png) -检查 Linux 目录磁盘大小 +*检查 Linux 目录磁盘大小* 别错过了: @@ -56,7 +56,7 @@ RHCE 第三部分:监视 Linux 性能活动报告 ![检查 Linux 系统性能](http://www.tecmint.com/wp-content/uploads/2015/08/Check-Linux-Systerm-Performance.png) -检查 Linux 系统性能 +*检查 Linux 系统性能* 正如你从上面图片看到的,vmstat 的输出分为很多列:proc(process)、memory、swap、io、system、和 CPU。每个字段的意义可以在 vmstat man 手册的 FIELD DESCRIPTION 部分找到。 @@ -66,20 +66,20 @@ RHCE 第三部分:监视 Linux 性能活动报告 ![Vmstat Linux 性能监视](http://www.tecmint.com/wp-content/uploads/2015/08/Vmstat-Linux-Peformance-Monitoring.png) -Vmstat Linux 性能监视 +*Vmstat Linux 性能监视* 请注意当磁盘上的文件被更改时,活跃内存的数量增加,写到磁盘的块数目(bo)和属于用户进程的 CPU 时间(us)也是这样。 -或者一个保存大文件到磁盘时(dsync 引发): +或者直接保存一个大文件到磁盘时(由 dsync 标志引发): # vmstat -a 1 5 # dd if=/dev/zero of=dummy.out bs=1M count=1000 oflag=dsync ![Vmstat Linux 磁盘性能监视](http://www.tecmint.com/wp-content/uploads/2015/08/VmStat-Linux-Disk-Performance-Monitoring.png) -Vmstat Linux 磁盘性能监视 +*Vmstat Linux 磁盘性能监视* -在这个例子中,我们可以看到很大数目的块被写入到磁盘(bo),这正如预期的那样,同时 CPU 处理任务之前等待 IO 操作完成的时间(wa)也增加了。 +在这个例子中,我们可以看到大量的块被写入到磁盘(bo),这正如预期的那样,同时 CPU 处理任务之前等待 IO 操作完成的时间(wa)也增加了。 **别错过**: [Vmstat – Linux 性能监视][3] @@ -90,22 +90,22 @@ Vmstat Linux 磁盘性能监视 sysstat 软件包包含以下工具: - sar (收集、报告、或者保存系统活动信息)。 -- sadf (以多种方式显式 sar 收集的数据)。 +- sadf (以多种方式显示 sar 收集的数据)。 - mpstat (报告处理器相关的统计信息)。 - iostat (报告 CPU 统计信息和设备以及分区的 IO统计信息)。 - pidstat (报告 Linux 任务统计信息)。 - nfsiostat (报告 NFS 的输出/输出统计信息)。 - cifsiostat (报告 CIFS 统计信息) -- sa1 (收集并保存系统活动日常文件的二进制数据)。 -- sa2 (在 /var/log/sa 目录写每日报告)。 +- sa1 (收集并保存二进制数据到系统活动每日数据文件中)。 +- sa2 (在 /var/log/sa 目录写入每日报告)。 -dstat 为这些工具提供的功能添加了一些额外的特性,以及更多的计数器和更大的灵活性。你可以通过运行 yum info sysstat 或者 yum info dstat 找到每个工具完整的介绍,或者安装完成后分别查看每个工具的 man 手册。 +dstat 比这些工具所提供的功能更多一些,并且提供了更多的计数器和更大的灵活性。你可以通过运行 yum info sysstat 或者 yum info dstat 找到每个工具完整的介绍,或者安装完成后分别查看每个工具的 man 手册。 安装两个软件包: # yum update && yum install sysstat dstat -sysstat 主要的配置文件是 /etc/sysconfig/sysstat。你可以在该文件中找到下面的参数: +sysstat 主要的配置文件是 `/etc/sysconfig/sysstat`。你可以在该文件中找到下面的参数: # How long to keep log files (in days). # If value is greater than 28, then log files are kept in @@ -119,17 +119,17 @@ sysstat 主要的配置文件是 /etc/sysconfig/sysstat。你可以在该文件 # Compression program to use. ZIP="bzip2" -sysstat 安装完成后,/etc/cron.d/sysstat 中会添加和启用两个 cron 作业。第一个作业每 10 分钟运行系统活动计数工具并在 /var/log/sa/saXX 中保存报告,其中 XX 是该月的一天。 +sysstat 安装完成后,`/etc/cron.d/sysstat` 中会添加和启用两个 cron 任务。第一个任务每 10 分钟运行系统活动计数工具,并在 `/var/log/sa/saXX` 中保存报告,其中 XX 是该月的一天。 -因此,/var/log/sa/sa05 会包括该月份第 5 天所有的系统活动报告。这里假设我们在上面的配置文件中对 HISTORY 变量使用默认的值: +因此,`/var/log/sa/sa05` 会包括该月份第 5 天所有的系统活动报告。这里假设我们在上面的配置文件中对 HISTORY 变量使用默认的值: */10 * * * * root /usr/lib64/sa/sa1 1 1 -第二个作业在每天夜间 11:53 生成每日进程计数总结并把它保存到 /var/log/sa/sarXX 文件,其中 XX 和之前例子中的含义相同: +第二个任务在每天夜间 11:53 生成每日进程计数总结并把它保存到 `/var/log/sa/sarXX` 文件,其中 XX 和之前例子中的含义相同: 53 23 * * * root /usr/lib64/sa/sa2 -A -例如,你可能想要输出该月份第 6 天从上午 9:30 到晚上 5:30 的系统统计信息到一个 LibreOffice Calc 或 Microsoft Excel 可以查看的 .csv 文件(它也允许你创建表格和图片): +例如,你可能想要输出该月份第 6 天从上午 9:30 到晚上 5:30 的系统统计信息到一个 LibreOffice Calc 或 Microsoft Excel 可以查看的 .csv 文件(这样就可以让你创建表格和图片了): # sadf -s 09:30:00 -e 17:30:00 -dh /var/log/sa/sa06 -- | sed 's/;/,/g' > system_stats20150806.csv @@ -137,7 +137,7 @@ sysstat 安装完成后,/etc/cron.d/sysstat 中会添加和启用两个 cron ![Linux 系统统计信息](http://www.tecmint.com/wp-content/uploads/2015/08/Linux-System-Statistics.png) -Linux 系统统计信息 +*Linux 系统统计信息* 最后,让我们看看 dstat 提供什么功能。请注意如果不带参数运行,dstat 默认使用 -cdngy(表示 CPU、磁盘、网络、内存页、和系统统计信息),并每秒添加一行(可以在任何时候用 Ctrl + C 中断执行): @@ -145,15 +145,15 @@ Linux 系统统计信息 ![Linux 磁盘统计检测](http://www.tecmint.com/wp-content/uploads/2015/08/dstat-command.png) -Linux 磁盘统计检测 +*Linux 磁盘统计检测* 要输出统计信息到 .csv 文件,可以用 -output 标记后面跟一个文件名称。让我们来看看在 LibreOffice Calc 中该文件看起来是怎样的: ![检测 Linux 统计信息输出](http://www.tecmint.com/wp-content/uploads/2015/08/Monitor-Linux-Statistics-Output.png) -检测 Linux 统计信息输出 +*检测 Linux 统计信息输出* -我强烈建议你查看 dstat 的 man 手册,为了方便你的阅读用 PDF 格式包括本文以及 sysstat 的 man 手册。你会找到其它能帮助你创建自定义的详细系统活动报告的选项。 +为了更多的阅读体验,我强烈建议你查看 [dstat][5] 和 [sysstat][6] 的 pdf 格式 man 手册。你会找到其它能帮助你创建自定义的详细系统活动报告的选项。 **别错过**: [Sysstat – Linux 的使用活动检测工具][4] @@ -161,7 +161,7 @@ Linux 磁盘统计检测 在该指南中我们解释了如何使用 Linux 原生工具以及 RHEL 7 提供的特定工具来生成系统使用报告。在某种情况下,你可能像依赖最好的朋友那样依赖这些报告。 -你很可能使用过这篇指南中我们没有介绍到的其它工具。如果真是这样的话,用下面的表格和社区中的其他成员一起分享吧,也可以是任何其它的建议/疑问/或者评论。 +你很可能使用过这篇指南中我们没有介绍到的其它工具。如果真是这样的话,用下面的表单和社区中的其他成员一起分享吧,也可以是任何其它的建议/疑问/或者评论。 我们期待你的回复。 @@ -171,12 +171,14 @@ via: http://www.tecmint.com/linux-performance-monitoring-and-file-system-statist 作者:[Gabriel Cánepa][a] 译者:[ictlyh](https://github.com/ictlyh) -校对:[校对者ID](https://github.com/校对者ID) +校对:[wxy](https://github.com/wxy) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出 [a]:http://www.tecmint.com/author/gacanepa/ -[1]:http://www.tecmint.com/how-to-check-disk-space-in-linux/ +[1]:https://linux.cn/article-6466-1.html [2]:http://www.tecmint.com/check-linux-disk-usage-of-files-and-directories/ -[3]:http://www.tecmint.com/linux-performance-monitoring-with-vmstat-and-iostat-commands/ -[4]:http://www.tecmint.com/install-sysstat-in-linux/ \ No newline at end of file +[3]:https://linux.cn/article-4024-1.html +[4]:https://linux.cn/article-4028-1.html +[5]:http://www.tecmint.com/wp-content/pdf/dstat.pdf +[6]:http://www.tecmint.com/wp-content/pdf/sysstat.pdf \ No newline at end of file diff --git a/translated/tech/RHCE/Part 4 - Using Shell Scripting to Automate Linux System Maintenance Tasks.md b/published/RHCE/Part 4 - Using Shell Scripting to Automate Linux System Maintenance Tasks.md similarity index 81% rename from translated/tech/RHCE/Part 4 - Using Shell Scripting to Automate Linux System Maintenance Tasks.md rename to published/RHCE/Part 4 - Using Shell Scripting to Automate Linux System Maintenance Tasks.md index 37a3dbe11c..fdf0d29c96 100644 --- a/translated/tech/RHCE/Part 4 - Using Shell Scripting to Automate Linux System Maintenance Tasks.md +++ b/published/RHCE/Part 4 - Using Shell Scripting to Automate Linux System Maintenance Tasks.md @@ -1,20 +1,20 @@ -第四部分 - 使用 Shell 脚本自动化 Linux 系统维护任务 +RHCE 系列(四): 使用 Shell 脚本自动化 Linux 系统维护任务 ================================================================================ -之前我听说高效系统管理员/工程师的其中一个特点是懒惰。一开始看起来很矛盾,但作者接下来解释了其中的原因: +之前我听说高效的系统管理员的一个特点是懒惰。一开始看起来很矛盾,但作者接下来解释了其中的原因: ![自动化 Linux 系统维护任务](http://www.tecmint.com/wp-content/uploads/2015/08/Automate-Linux-System-Maintenance-Tasks.png) -RHCE 系列:第四部分 - 自动化 Linux 系统维护任务 +*RHCE 系列:第四部分 - 自动化 Linux 系统维护任务* -如果一个系统管理员花费大量的时间解决问题以及做重复的工作,你就应该怀疑他这么做是否正确。换句话说,一个高效的系统管理员/工程师应该制定一个计划使得尽量花费少的时间去做重复的工作,以及通过使用该系列中第三部分 [使用 Linux 工具集监视系统活动报告][1] 介绍的工具预见问题。因此,尽管看起来他/她没有做很多的工作,但那是因为 shell 脚本帮助完成了他的/她的大部分任务,这也就是本章我们将要探讨的东西。 +如果一个系统管理员花费大量的时间解决问题以及做重复的工作,你就应该怀疑他这么做是否正确。换句话说,一个高效的系统管理员/工程师应该制定一个计划使得其尽量花费少的时间去做重复的工作,以及通过使用本系列中第三部分 [使用 Linux 工具集监视系统活动报告][1] 介绍的工具来预见问题。因此,尽管看起来他/她没有做很多的工作,但那是因为 shell 脚本帮助完成了他的/她的大部分任务,这也就是本章我们将要探讨的东西。 ### 什么是 shell 脚本? ### -简单的说,shell 脚本就是一个由 shell 一步一步执行的程序,而 shell 是在 Linux 内核和端用户之间提供接口的另一个程序。 +简单的说,shell 脚本就是一个由 shell 一步一步执行的程序,而 shell 是在 Linux 内核和最终用户之间提供接口的另一个程序。 -默认情况下,RHEL 7 中用户使用的 shell 是 bash(/bin/bash)。如果你想知道详细的信息和历史背景,你可以查看 [维基页面][2]。 +默认情况下,RHEL 7 中用户使用的 shell 是 bash(/bin/bash)。如果你想知道详细的信息和历史背景,你可以查看这个[维基页面][2]。 -关于这个 shell 提供的众多功能的介绍,可以查看 **man 手册**,也可以从 ([Bash 命令][3])下载 PDF 格式。除此之外,假设你已经熟悉 Linux 命令(否则我强烈建议你首先看一下 **Tecmint.com** 中的文章 [从新手到系统管理员指南][4] )。现在让我们开始吧。 +关于这个 shell 提供的众多功能的介绍,可以查看 **man 手册**,也可以从 ([Bash 命令][3])处下载 PDF 格式。除此之外,假设你已经熟悉 Linux 命令(否则我强烈建议你首先看一下 **Tecmint.com** 中的文章 [从新手到系统管理员指南][4] )。现在让我们开始吧。 ### 写一个脚本显示系统信息 ### @@ -27,7 +27,7 @@ RHCE 系列:第四部分 - 自动化 Linux 系统维护任务 #!/bin/bash - # RHCE 系列第四部分事例脚本 + # RHCE 系列第四部分示例脚本 # 该脚本会返回以下这些系统信息: # -主机名称: echo -e "\e[31;43m***** HOSTNAME INFORMATION *****\e[0m" @@ -67,9 +67,9 @@ RHCE 系列:第四部分 - 自动化 Linux 系统维护任务 ![服务器监视 Shell 脚本](http://www.tecmint.com/wp-content/uploads/2015/08/Server-Monitoring-Shell-Script.png) -服务器监视 Shell 脚本 +*服务器监视 Shell 脚本* -该功能用以下命令提供: +颜色功能是由以下命令提供的: echo -e "\e[COLOR1;COLOR2m\e[0m" @@ -79,13 +79,13 @@ RHCE 系列:第四部分 - 自动化 Linux 系统维护任务 你想使其自动化的任务可能因情况而不同。因此,我们不可能在一篇文章中覆盖所有可能的场景,但是我们会介绍使用 shell 脚本可以使其自动化的三种典型任务: -**1)** 更新本地文件数据库, 2) 查找(或者删除)有 777 权限的文件, 以及 3) 文件系统使用超过定义的阀值时发出警告。 +1) 更新本地文件数据库, 2) 查找(或者删除)有 777 权限的文件, 以及 3) 文件系统使用超过定义的阀值时发出警告。 让我们在脚本目录中新建一个名为 `auto_tasks.sh` 的文件并添加以下内容: #!/bin/bash - # 自动化任务事例脚本: + # 自动化任务示例脚本: # -更新本地文件数据库: echo -e "\e[4;32mUPDATING LOCAL FILE DATABASE\e[0m" updatedb @@ -123,16 +123,16 @@ RHCE 系列:第四部分 - 自动化 Linux 系统维护任务 ![查找 777 权限文件的 Shell 脚本](http://www.tecmint.com/wp-content/uploads/2015/08/Shell-Script-to-Find-777-Permissions.png) -查找 777 权限文件的 Shell 脚本 +*查找 777 权限文件的 Shell 脚本* ### 使用 Cron ### -想更进一步提高效率,你不会想只是坐在你的电脑前手动执行这些脚本。相反,你会使用 cron 来调度这些任务周期性地执行,并把结果通过邮件发动给预定义的接收者或者将它们保存到使用 web 浏览器可以查看的文件中。 +想更进一步提高效率,你不会想只是坐在你的电脑前手动执行这些脚本。相反,你会使用 cron 来调度这些任务周期性地执行,并把结果通过邮件发动给预先指定的接收者,或者将它们保存到使用 web 浏览器可以查看的文件中。 下面的脚本(filesystem_usage.sh)会运行有名的 **df -h** 命令,格式化输出到 HTML 表格并保存到 **report.html** 文件中: #!/bin/bash - # Sample script to demonstrate the creation of an HTML report using shell scripting + # 演示使用 shell 脚本创建 HTML 报告的示例脚本 # Web directory WEB_DIR=/var/www/html # A little CSS and table layout to make the report look a little nicer @@ -177,7 +177,7 @@ RHCE 系列:第四部分 - 自动化 Linux 系统维护任务 ![服务器监视报告](http://www.tecmint.com/wp-content/uploads/2015/08/Server-Monitoring-Report.png) -服务器监视报告 +*服务器监视报告* 你可以添加任何你想要的信息到那个报告中。添加下面的 crontab 条目在每天下午的 1:30 运行该脚本: @@ -193,12 +193,12 @@ via: http://www.tecmint.com/using-shell-script-to-automate-linux-system-maintena 作者:[Gabriel Cánepa][a] 译者:[ictlyh](https://github.com/ictlyh) -校对:[校对者ID](https://github.com/校对者ID) +校对:[wxy](https://github.com/wxy) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 [a]:http://www.tecmint.com/author/gacanepa/ -[1]:http://www.tecmint.com/linux-performance-monitoring-and-file-system-statistics-reports/ +[1]:https://linux.cn/article-6512-1.html [2]:https://en.wikipedia.org/wiki/Bash_%28Unix_shell%29 [3]:http://www.tecmint.com/wp-content/pdf/bash.pdf [4]:http://www.tecmint.com/60-commands-of-linux-a-guide-from-newbies-to-system-administrator/ diff --git a/translated/tech/RHCE/Part 5 - How to Manage System Logs (Configure, Rotate and Import Into Database) in RHEL 7.md b/published/RHCE/Part 5 - How to Manage System Logs (Configure, Rotate and Import Into Database) in RHEL 7.md similarity index 73% rename from translated/tech/RHCE/Part 5 - How to Manage System Logs (Configure, Rotate and Import Into Database) in RHEL 7.md rename to published/RHCE/Part 5 - How to Manage System Logs (Configure, Rotate and Import Into Database) in RHEL 7.md index a37c9610fd..ab4ddd5a32 100644 --- a/translated/tech/RHCE/Part 5 - How to Manage System Logs (Configure, Rotate and Import Into Database) in RHEL 7.md +++ b/published/RHCE/Part 5 - How to Manage System Logs (Configure, Rotate and Import Into Database) in RHEL 7.md @@ -1,26 +1,24 @@ -第五部分 - 如何在 RHEL 7 中管理系统日志(配置、旋转以及导入到数据库) +RHCE 系列(五):如何在 RHEL 7 中管理系统日志(配置、轮换以及导入到数据库) ================================================================================ -为了确保你的 RHEL 7 系统安全,你需要通过查看日志文件监控系统中发生的所有活动。这样,你就可以检测任何不正常或有潜在破坏的活动并进行系统故障排除或者其它恰当的操作。 +为了确保你的 RHEL 7 系统安全,你需要通过查看日志文件来监控系统中发生的所有活动。这样,你就可以检测到任何不正常或有潜在破坏的活动并进行系统故障排除或者其它恰当的操作。 -![Linux 中使用 Rsyslog 和 Logrotate 旋转日志文件](http://www.tecmint.com/wp-content/uploads/2015/08/Manage-and-Rotate-Linux-Logs-Using-Rsyslog-Logrotate.jpg) +![Linux 中使用 Rsyslog 和 Logrotate 轮换日志文件](http://www.tecmint.com/wp-content/uploads/2015/08/Manage-and-Rotate-Linux-Logs-Using-Rsyslog-Logrotate.jpg) -(译者注:[日志旋转][9]是系统管理中归档每天产生的日志文件的自动化过程) - -RHCE 考试 - 第五部分:使用 Rsyslog 和 Logrotate 管理系统日志 +*RHCE 考试 - 第五部分:使用 Rsyslog 和 Logrotate 管理系统日志* 在 RHEL 7 中,[rsyslogd][1] 守护进程负责系统日志,它从 /etc/rsyslog.conf(该文件指定所有系统日志的默认路径)和 /etc/rsyslog.d 中的所有文件(如果有的话)读取配置信息。 ### Rsyslogd 配置 ### -快速浏览一下 [rsyslog.conf][2] 会是一个好的开端。该文件分为 3 个主要部分:模块(rsyslong 按照模块化设计),全局指令(用于设置 rsyslogd 守护进程的全局属性),以及规则。正如你可能猜想的,最后一个部分指示获取,显示以及在哪里保存什么的日志(也称为选择子),这也是这篇博文关注的重点。 +快速浏览一下 [rsyslog.conf][2] 会是一个好的开端。该文件分为 3 个主要部分:模块(rsyslong 按照模块化设计),全局指令(用于设置 rsyslogd 守护进程的全局属性),以及规则。正如你可能猜想的,最后一个部分指示记录或显示什么以及在哪里保存(也称为选择子(selector)),这也是这篇文章关注的重点。 rsyslog.conf 中典型的一行如下所示: ![Rsyslogd 配置](http://www.tecmint.com/wp-content/uploads/2015/08/Rsyslogd-Configuration.png) -Rsyslogd 配置 +*Rsyslogd 配置* -在上面的图片中,我们可以看到一个选择子包括了一个或多个用分号分隔的设备:优先级(Facility:Priority)对,其中设备描述了消息类型(参考 [RFC 3164 4.1.1 章节][3] 查看 rsyslog 可用的完整设备列表),优先级指示它的严重性,这可能是以下几种之一: +在上面的图片中,我们可以看到一个选择子包括了一个或多个用分号分隔的“设备:优先级”(Facility:Priority)对,其中设备描述了消息类型(参考 [RFC 3164 4.1.1 章节][3],查看 rsyslog 可用的完整设备列表),优先级指示它的严重性,这可能是以下几种之一: - debug - info @@ -31,7 +29,7 @@ Rsyslogd 配置 - alert - emerg -尽管自身并不是一个优先级,关键字 none 意味着指定设备没有任何优先级。 +尽管 none 并不是一个优先级,不过它意味着指定设备没有任何优先级。 **注意**:给定一个优先级表示该优先级以及之上的消息都应该记录到日志中。因此,上面例子中的行指示 rsyslogd 守护进程记录所有优先级为 info 以及以上(不管是什么设备)的除了属于 mail、authpriv、以及 cron 服务(不考虑来自这些设备的消息)的消息到 /var/log/messages。 @@ -47,7 +45,7 @@ Rsyslogd 配置 #### 创建自定义日志文件 #### -要把所有的守护进程消息记录到 /var/log/tecmint.log,我们需要在 rsyslog.conf 或者 /etc/rsyslog.d 目录中的单独文件(易于管理)添加下面一行: +要把所有的守护进程消息记录到 /var/log/tecmint.log,我们需要在 rsyslog.conf 或者 /etc/rsyslog.d 目录中的单独文件(这样易于管理)添加下面一行: daemon.* /var/log/tecmint.log @@ -55,19 +53,19 @@ Rsyslogd 配置 # systemctl restart rsyslog -在随机重启两个守护进程之前和之后查看自定义日志的内容: +在随便重启两个守护进程之前和之后查看下自定义日志的内容: ![Linux 创建自定义日志文件](http://www.tecmint.com/wp-content/uploads/2015/08/Create-Custom-Log-File.png) -创建自定义日志文件 +*创建自定义日志文件* 作为一个自学练习,我建议你重点关注设备和优先级,添加额外的消息到已有的日志文件或者像上面那样创建一个新的日志文件。 -### 使用 Logrotate 旋转日志 ### +### 使用 Logrotate 轮换日志 ### -为了防止日志文件无限制增长,logrotate 工具用于旋转、压缩、移除或者通过电子邮件发送日志,从而减轻管理会产生大量日志文件系统的困难。 +为了防止日志文件无限制增长,logrotate 工具用于轮换、压缩、移除或者通过电子邮件发送日志,从而减轻管理会产生大量日志文件系统的困难。(译者注:[日志轮换][9](rotate)是系统管理中归档每天产生的日志文件的自动化过程) -Logrotate 作为一个 cron 作业(/etc/cron.daily/logrotate)每天运行,并从 /etc/logrotate.conf 和 /etc/logrotate.d 中的文件(如果有的话)读取配置信息。 +Logrotate 作为一个 cron 任务(/etc/cron.daily/logrotate)每天运行,并从 /etc/logrotate.conf 和 /etc/logrotate.d 中的文件(如果有的话)读取配置信息。 对于 rsyslog,即使你可以在主文件中为指定服务包含设置,为每个服务创建单独的配置文件能帮助你更好地组织设置。 @@ -75,27 +73,27 @@ Logrotate 作为一个 cron 作业(/etc/cron.daily/logrotate)每天运行, ![Logrotate 配置](http://www.tecmint.com/wp-content/uploads/2015/08/Logrotate-Configuration.png) -Logrotate 配置 +*Logrotate 配置* -在上面的例子中,logrotate 会为 /var/log/wtmp 进行以下操作:尝试每个月旋转一次,但至少文件要大于 1MB,然后用 0664 权限、用户 root、组 utmp 创建一个新的日志文件。下一步只保存一个归档日志,正如旋转指令指定的: +在上面的例子中,logrotate 会为 /var/log/wtmp 进行以下操作:尝试每个月轮换一次,但至少文件要大于 1MB,然后用 0664 权限、用户 root、组 utmp 创建一个新的日志文件。下一步只保存一个归档日志,正如轮换指令指定的: ![每月 Logrotate 日志](http://www.tecmint.com/wp-content/uploads/2015/08/Logrotate-Logs-Monthly.png) -每月 Logrotate 日志 +*每月 Logrotate 日志* 让我们再来看看 /etc/logrotate.d/httpd 中的另一个例子: -![旋转 Apache 日志文件](http://www.tecmint.com/wp-content/uploads/2015/08/Rotate-Apache-Log-Files.png) +![轮换 Apache 日志文件](http://www.tecmint.com/wp-content/uploads/2015/08/Rotate-Apache-Log-Files.png) -旋转 Apache 日志文件 +*轮换 Apache 日志文件* 你可以在 logrotate 的 man 手册([man logrotate][4] 和 [man logrotate.conf][5])中阅读更多有关它的设置。为了方便你的阅读,本文还提供了两篇文章的 PDF 格式。 -作为一个系统工程师,很可能由你决定多久按照什么格式保存一次日志,取决于你是否有一个单独的分区/逻辑卷给 /var。否则,你真的要考虑删除旧日志以节省存储空间。另一方面,根据你公司和客户内部的政策,为了以后的安全审核,你可能被迫要保留多个日志。 +作为一个系统工程师,很可能由你决定多久按照什么格式保存一次日志,这取决于你是否有一个单独的分区/逻辑卷给 `/var`。否则,你真的要考虑删除旧日志以节省存储空间。另一方面,根据你公司和客户内部的政策,为了以后的安全审核,你可能必须要保留多个日志。 #### 保存日志到数据库 #### -当然检查日志可能是一个很繁琐的工作(即使有类似 grep 工具和正则表达式的帮助)。因为这个原因,rsyslog 允许我们把它们导出到数据库(OTB 支持的关系数据库管理系统包括 MySQL、MariaDB、PostgreSQL 和 Oracle)。 +当然检查日志可能是一个很繁琐的工作(即使有类似 grep 工具和正则表达式的帮助)。因为这个原因,rsyslog 允许我们把它们导出到数据库(OTB 支持的关系数据库管理系统包括 MySQL、MariaDB、PostgreSQL 和 Oracle 等)。 指南的这部分假设你已经在要管理日志的 RHEL 7 上安装了 MariaDB 服务器和客户端: @@ -104,10 +102,9 @@ Logrotate 配置 然后使用 `mysql_secure_installation` 工具为 root 用户设置密码以及其它安全考量: - ![保证 MySQL 数据库安全](http://www.tecmint.com/wp-content/uploads/2015/08/Secure-MySQL-Database.png) -保证 MySQL 数据库安全 +*保证 MySQL 数据库安全* 注意:如果你不想用 MariaDB root 用户插入日志消息到数据库,你也可以配置用另一个用户账户。如何实现的介绍已经超出了本文的范围,但在 [MariaDB 知识][6] 中有详细解析。为了简单在这篇指南中我们会使用 root 账户。 @@ -117,7 +114,7 @@ Logrotate 配置 ![保存服务器日志到数据库](http://www.tecmint.com/wp-content/uploads/2015/08/Save-Server-Logs-to-Database.png) -保存服务器日志到数据库 +*保存服务器日志到数据库* 最后,添加下面的行到 /etc/rsyslog.conf: @@ -132,18 +129,18 @@ Logrotate 配置 #### 使用 SQL 语法查询日志 #### -现在执行一些会改变日志的操作(例如停止和启动服务),然后登陆到你的 DB 服务器并使用标准的 SQL 命令显示和查询日志: +现在执行一些会改变日志的操作(例如停止和启动服务),然后登录到你的数据库服务器并使用标准的 SQL 命令显示和查询日志: USE Syslog; SELECT ReceivedAt, Message FROM SystemEvents; ![在数据库中查询日志](http://www.tecmint.com/wp-content/uploads/2015/08/Query-Logs-in-Database.png) -在数据库中查询日志 +*在数据库中查询日志* ### 总结 ### -在这篇文章中我们介绍了如何设置系统日志,如果旋转日志以及为了简化查询如何重定向消息到数据库。我们希望这些技巧能对你准备 [RHCE 考试][8] 和日常工作有所帮助。 +在这篇文章中我们介绍了如何设置系统日志,如果轮换日志以及为了简化查询如何重定向消息到数据库。我们希望这些技巧能对你准备 [RHCE 考试][8] 和日常工作有所帮助。 正如往常,非常欢迎你的反馈。用下面的表单和我们联系吧。 @@ -153,7 +150,7 @@ via: http://www.tecmint.com/manage-linux-system-logs-using-rsyslogd-and-logrotat 作者:[Gabriel Cánepa][a] 译者:[ictlyh](http://www.mutouxiaogui.cn/blog/) -校对:[校对者ID](https://github.com/校对者ID) +校对:[wxy](https://github.com/wxy) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出 @@ -165,5 +162,5 @@ via: http://www.tecmint.com/manage-linux-system-logs-using-rsyslogd-and-logrotat [5]:http://www.tecmint.com/wp-content/pdf/logrotate.conf.pdf [6]:https://mariadb.com/kb/en/mariadb/create-user/ [7]:https://github.com/sematext/rsyslog/blob/master/plugins/ommysql/createDB.sql -[8]:http://www.tecmint.com/how-to-setup-and-configure-static-network-routing-in-rhel/ +[8]:https://linux.cn/article-6451-1.html [9]:https://en.wikipedia.org/wiki/Log_rotation \ No newline at end of file diff --git a/translated/tech/RHCE/Part 6 - Setting Up Samba and Configure FirewallD and SELinux to Allow File Sharing on Linux or Windows Clients.md b/published/RHCE/Part 6 - Setting Up Samba and Configure FirewallD and SELinux to Allow File Sharing on Linux or Windows Clients.md similarity index 80% rename from translated/tech/RHCE/Part 6 - Setting Up Samba and Configure FirewallD and SELinux to Allow File Sharing on Linux or Windows Clients.md rename to published/RHCE/Part 6 - Setting Up Samba and Configure FirewallD and SELinux to Allow File Sharing on Linux or Windows Clients.md index cb8fa59954..a439469b81 100644 --- a/translated/tech/RHCE/Part 6 - Setting Up Samba and Configure FirewallD and SELinux to Allow File Sharing on Linux or Windows Clients.md +++ b/published/RHCE/Part 6 - Setting Up Samba and Configure FirewallD and SELinux to Allow File Sharing on Linux or Windows Clients.md @@ -1,4 +1,4 @@ -安装 Samba 并配置 Firewalld 和 SELinux 使得能在 Linux 和 Windows 之间共享文件 - 第六部分 +RHCE 系列(六):安装 Samba 并配置 Firewalld 和 SELinux 让 Linux 和 Windows 共享文件 ================================================================================ 由于计算机很少作为一个独立的系统工作,作为一个系统管理员或工程师,就应该知道如何在有多种类型的服务器之间搭设和维护网络。 @@ -6,9 +6,9 @@ ![在 Linux 中配置 Samba 进行文件共享](http://www.tecmint.com/wp-content/uploads/2015/09/setup-samba-file-sharing-on-linux-windows-clients.png) -RHCE 系列第六部分 - 设置 Samba 文件共享 +*RHCE 系列第六部分 - 设置 Samba 文件共享* -如果有人叫你设置文件服务器用于协作或者配置很可能有多种不同类型操作系统和设备的企业环境,这篇文章就能派上用场。 +如果有人让你设置文件服务器用于协作或者配置很可能有多种不同类型操作系统和设备的企业环境,这篇文章就能派上用场。 由于你可以在网上找到很多关于 Samba 和 NFS 背景和技术方面的介绍,在这篇文章以及后续文章中我们就省略了这些部分直接进入到我们的主题。 @@ -22,7 +22,7 @@ RHCE 系列第六部分 - 设置 Samba 文件共享 ![测试安装 Samba](http://www.tecmint.com/wp-content/uploads/2015/09/Testing-Setup-for-Samba.png) -测试安装 Samba +*测试安装 Samba* 在 box1 中安装以下软件包: @@ -36,7 +36,7 @@ RHCE 系列第六部分 - 设置 Samba 文件共享 ### 步骤二: 设置通过 Samba 进行文件共享 ### -Samba 这么重要的原因之一是它为 SMB/CIFS 客户端(译者注:SMB 是微软和英特尔制定的一种通信协议,CIFS 是其中一个版本,更详细的介绍可以参考[Wiki][6])提供了文件和打印设备,这使得客户端看起来服务器就是一个 Windows 系统(我必须承认写这篇文章的时候我有一点激动,因为这是我多年前作为一个新手 Linux 系统管理员的第一次设置)。 +Samba 这么重要的原因之一是它为 SMB/CIFS 客户端(LCTT 译注:SMB 是微软和英特尔制定的一种通信协议,CIFS 是其中一个版本,更详细的介绍可以参考 [Wiki][6])提供了文件和打印设备,这使得服务器在客户端看起来就是一个 Windows 系统(我必须承认写这篇文章的时候我有一点激动,因为这是我多年前作为一个新手 Linux 系统管理员的第一次设置)。 **添加系统用户并设置权限和属性** @@ -91,9 +91,9 @@ Samba 这么重要的原因之一是它为 SMB/CIFS 客户端(译者注:SMB ![测试 Samba 配置](http://www.tecmint.com/wp-content/uploads/2015/09/Test-Samba-Configuration.png) -测试 Samba 配置 +*测试 Samba 配置* -如果你要添加另一个公开的共享目录(意味着没有任何验证),在 /etc/samba/smb.conf 中创建另一章节,在共享目录名称下面复制上面的章节,只需要把 public=no 更改为 public=yes 并去掉有效用户和写列表命令。 +如果你要添加另一个公开的共享目录(意味着不需要任何验证),在 /etc/samba/smb.conf 中创建另一章节,在共享目录名称下面复制上面的章节,只需要把 public=no 更改为 public=yes 并去掉有效用户(valid users)和写列表(write list)命令。 ### 步骤五: 添加 Samba 用户 ### @@ -102,7 +102,7 @@ Samba 这么重要的原因之一是它为 SMB/CIFS 客户端(译者注:SMB # smbpasswd -a user1 # smbpasswd -a user2 -最后,重启 Samda,启用系统启动时自动启动服务,并确保共享目录对网络客户端可用: +最后,重启 Samda,并让系统启动时自动启动该服务,确保共享目录对网络客户端可用: # systemctl start smb # systemctl enable smb @@ -112,7 +112,7 @@ Samba 这么重要的原因之一是它为 SMB/CIFS 客户端(译者注:SMB ![验证 Samba 共享](http://www.tecmint.com/wp-content/uploads/2015/09/Verify-Samba-Share.png) -验证 Samba 共享 +*验证 Samba 共享* 到这里,已经正确安装和配置了 Samba 文件服务器。现在让我们在 RHEL 7 和 Windows 8 客户端中测试该配置。 @@ -120,12 +120,11 @@ Samba 这么重要的原因之一是它为 SMB/CIFS 客户端(译者注:SMB 首先,确保客户端可以访问 Samba 共享: -# smbclient –L 192.168.0.18 -U user2 - + # smbclient –L 192.168.0.18 -U user2 ![在 Linux 上挂载 Samba 共享](http://www.tecmint.com/wp-content/uploads/2015/09/Mount-Samba-Share-on-Linux.png) -在 Linux 上挂载 Samba 共享 +*在 Linux 上挂载 Samba 共享* (为 user1 重复上面的命令) @@ -135,11 +134,11 @@ Samba 这么重要的原因之一是它为 SMB/CIFS 客户端(译者注:SMB ![挂载 Samba 网络共享](http://www.tecmint.com/wp-content/uploads/2015/09/Mount-Samba-Network-Share.png) -挂载 Samba 网络共享 +*挂载 Samba 网络共享* (其中 /media/samba 是一个已有的目录) -或者在 /etc/fstab 文件中添加下面的条目自动挂载: +或者在 /etc/fstab 文件中添加下面的条目以自动挂载: **fstab** @@ -147,7 +146,7 @@ Samba 这么重要的原因之一是它为 SMB/CIFS 客户端(译者注:SMB //192.168.0.18/finance /media/samba cifs credentials=/media/samba/.smbcredentials,defaults 0 0 -其中隐藏文件 /media/samba/.smbcredentials(它的权限被设置为 600 和 root:root)有两行,指示允许使用共享的账户的用户名和密码: +其中隐藏文件 /media/samba/.smbcredentials(它的权限被设置为 600 和 root:root)有两行内容,指示允许使用共享的账户的用户名和密码: **.smbcredentials** @@ -162,17 +161,17 @@ Samba 这么重要的原因之一是它为 SMB/CIFS 客户端(译者注:SMB ![在 Samba 共享中创建文件](http://www.tecmint.com/wp-content/uploads/2015/09/Create-File-in-Samba-Share.png) -在 Samba 共享中创建文件 +*在 Samba 共享中创建文件* 正如你看到的,用权限 0770 和属主 user1:finance 创建了文件。 ### 步骤七: 在 Windows 上挂载 Samba 共享 ### -要在 Windows 上挂载 Samba 共享,进入 ‘我的计算机’ 并选择 ‘计算机’,‘网络驱动映射’。下一步,为要映射的驱动分配一个字母并用不同的认证检查连接(下面的截图使用我的母语西班牙语): +要在 Windows 上挂载 Samba 共享,进入 ‘我的计算机’ 并选择 ‘计算机’,‘网络驱动映射’。下一步,为要映射的驱动分配一个驱动器盘符并用不同的认证身份检查是否可以连接(下面的截图使用我的母语西班牙语): ![在 Windows 中挂载 Samba 共享](http://www.tecmint.com/wp-content/uploads/2015/09/Mount-Samba-Share-in-Windows.png) -在 Windows 中挂载 Samba 共享 +*在 Windows 中挂载 Samba 共享* 最后,让我们新建一个文件并检查权限和属性: @@ -188,7 +187,7 @@ Samba 这么重要的原因之一是它为 SMB/CIFS 客户端(译者注:SMB 在这篇文章中我们不仅介绍了如何使用不同操作系统设置 Samba 服务器和两个客户端,也介绍了[如何配置 Firewalld][3] 和 [服务器中的 SELinux][4] 以获取所需的组协作功能。 -最后,同样重要的是,我推荐阅读网上的 [smb.conf man 手册][5] 查看其它可能针对你的情况比本文中介绍的场景更加合适的配置命令。 +最后,同样重要的是,我推荐阅读网上的 [smb.conf man 手册][5] ,查看其它比本文中介绍的场景更加合适你的场景的配置命令。 正如往常,欢迎在下面的评论框中留下你的评论或建议。 @@ -198,7 +197,7 @@ via: http://www.tecmint.com/setup-samba-file-sharing-for-linux-windows-clients/ 作者:[Gabriel Cánepa][a] 译者:[ictlyh](http://www.mutouxiaogui.cn/blog/) -校对:[校对者ID](https://github.com/校对者ID) +校对:[wxy](https://github.com/wxy) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 diff --git a/translated/tech/RHCE/Part 7 - Setting Up NFS Server with Kerberos-based Authentication for Linux Clients.md b/published/RHCE/Part 7 - Setting Up NFS Server with Kerberos-based Authentication for Linux Clients.md similarity index 82% rename from translated/tech/RHCE/Part 7 - Setting Up NFS Server with Kerberos-based Authentication for Linux Clients.md rename to published/RHCE/Part 7 - Setting Up NFS Server with Kerberos-based Authentication for Linux Clients.md index 5eba70cd7a..a05935f7c1 100644 --- a/translated/tech/RHCE/Part 7 - Setting Up NFS Server with Kerberos-based Authentication for Linux Clients.md +++ b/published/RHCE/Part 7 - Setting Up NFS Server with Kerberos-based Authentication for Linux Clients.md @@ -1,11 +1,10 @@ -第七部分 - 在 Linux 客户端配置基于 Kerberos 身份验证的 NFS 服务器 +RHCE 系列(七):在 Linux 客户端配置基于 Kerberos 身份验证的 NFS 服务器 ================================================================================ -在本系列的前一篇文章,我们回顾了[如何在可能包括多种类型操作系统的网络上配置 Samba 共享][1]。现在,如果你需要为一组类-Unix 客户端配置文件共享,很自然的你会想到网络文件系统,或简称 NFS。 - +在本系列的前一篇文章,我们回顾了[如何在可能包括多种类型操作系统的网络上配置 Samba 共享][1]。现在,如果你需要为一组类 Unix 客户端配置文件共享,很自然的你会想到网络文件系统,或简称 NFS。 ![设置使用 Kerberos 进行身份验证的 NFS 服务器](http://www.tecmint.com/wp-content/uploads/2015/09/Setting-Kerberos-Authentication-with-NFS.jpg) -RHCE 系列:第七部分 - 设置使用 Kerberos 进行身份验证的 NFS 服务器 +*RHCE 系列:第七部分 - 设置使用 Kerberos 进行身份验证的 NFS 服务器* 在这篇文章中我们会介绍配置基于 Kerberos 身份验证的 NFS 共享的整个流程。假设你已经配置好了一个 NFS 服务器和一个客户端。如果还没有,可以参考 [安装和配置 NFS 服务器][2] - 它列出了需要安装的依赖软件包并解释了在进行下一步之前如何在服务器上进行初始化配置。 @@ -24,28 +23,26 @@ RHCE 系列:第七部分 - 设置使用 Kerberos 进行身份验证的 NFS 服 #### 创建 NFS 组并配置 NFS 共享目录 #### -1. 新建一个名为 nfs 的组并给它添加用户 nfsnobody,然后更改 /nfs 目录的权限为 0770,组属主为 nfs。于是,nfsnobody(对应请求用户)在共享目录有写的权限,你就不需要在 /etc/exports 文件中使用 no_root_squash(译者注:设为 root_squash 意味着在访问 NFS 服务器上的文件时,客户机上的 root 用户不会被当作 root 用户来对待)。 +1、 新建一个名为 nfs 的组并给它添加用户 nfsnobody,然后更改 /nfs 目录的权限为 0770,组属主为 nfs。于是,nfsnobody(对应请求用户)在共享目录有写的权限,你就不需要在 /etc/exports 文件中使用 no_root_squash(LCTT 译注:设为 root_squash 意味着在访问 NFS 服务器上的文件时,客户机上的 root 用户不会被当作 root 用户来对待)。 # groupadd nfs # usermod -a -G nfs nfsnobody # chmod 0770 /nfs # chgrp nfs /nfs -2. 像下面那样更改 export 文件(/etc/exports)只允许从 box1 使用 Kerberos 安全验证的访问(sec=krb5)。 +2、 像下面那样更改 export 文件(/etc/exports)只允许从 box1 使用 Kerberos 安全验证的访问(sec=krb5)。 **注意**:anongid 的值设置为之前新建的组 nfs 的 GID: **exports – 添加 NFS 共享** ----------- - /nfs box1(rw,sec=krb5,anongid=1004) -3. 再次 exprot(-r)所有(-a)NFS 共享。为输出添加详情(-v)是个好主意,因为它提供了发生错误时解决问题的有用信息: +3、 再次 exprot(-r)所有(-a)NFS 共享。为输出添加详情(-v)是个好主意,因为它提供了发生错误时解决问题的有用信息: # exportfs -arv -4. 重启并启用 NFS 服务器以及相关服务。注意你不需要启动 nfs-lock 和 nfs-idmapd,因为系统启动时其它服务会自动启动它们: +4、 重启并启用 NFS 服务器以及相关服务。注意你不需要启动 nfs-lock 和 nfs-idmapd,因为系统启动时其它服务会自动启动它们: # systemctl restart rpcbind nfs-server nfs-lock nfs-idmap # systemctl enable rpcbind nfs-server @@ -61,14 +58,12 @@ RHCE 系列:第七部分 - 设置使用 Kerberos 进行身份验证的 NFS 服 正如你看到的,为了简便,NFS 服务器和 KDC 在同一台机器上,当然如果你有更多可用机器你也可以把它们安装在不同的机器上。两台机器都在 `mydomain.com` 域。 -最后同样重要的是,Kerberos 要求客户端和服务器中至少有一个域名解析的基本模式和[网络时间协议][5]服务,因为 Kerberos 身份验证的安全一部分基于时间戳。 +最后同样重要的是,Kerberos 要求客户端和服务器中至少有一个域名解析的基本方式和[网络时间协议][5]服务,因为 Kerberos 身份验证的安全一部分基于时间戳。 为了配置域名解析,我们在客户端和服务器中编辑 /etc/hosts 文件: **host 文件 – 为域添加 DNS** ----------- - 192.168.0.18 box1.mydomain.com box1 192.168.0.20 box2.mydomain.com box2 @@ -82,10 +77,9 @@ RHCE 系列:第七部分 - 设置使用 Kerberos 进行身份验证的 NFS 服 # chronyc tracking - ![用 Chrony 同步服务器时间](http://www.tecmint.com/wp-content/uploads/2015/09/Synchronize-Time-with-Chrony.png) -用 Chrony 同步服务器时间 +*用 Chrony 同步服务器时间* ### 安装和配置 Kerberos ### @@ -109,7 +103,7 @@ RHCE 系列:第七部分 - 设置使用 Kerberos 进行身份验证的 NFS 服 ![创建 Kerberos 数据库](http://www.tecmint.com/wp-content/uploads/2015/09/Create-Kerberos-Database.png) -创建 Kerberos 数据库 +*创建 Kerberos 数据库* 下一步,使用 kadmin.local 工具为 root 创建管理权限: @@ -129,7 +123,7 @@ RHCE 系列:第七部分 - 设置使用 Kerberos 进行身份验证的 NFS 服 ![添加 Kerberos 到 NFS 服务器](http://www.tecmint.com/wp-content/uploads/2015/09/Create-Kerboros-for-NFS.png) -添加 Kerberos 到 NFS 服务器 +*添加 Kerberos 到 NFS 服务器* 为 root/admin 获取和缓存票据授权票据(ticket-granting ticket): @@ -138,7 +132,7 @@ RHCE 系列:第七部分 - 设置使用 Kerberos 进行身份验证的 NFS 服 ![缓存 Kerberos](http://www.tecmint.com/wp-content/uploads/2015/09/Cache-kerberos-Ticket.png) -缓存 Kerberos +*缓存 Kerberos* 真正使用 Kerberos 之前的最后一步是保存被授权使用 Kerberos 身份验证的规则到一个密钥表文件(在服务器中): @@ -154,7 +148,7 @@ RHCE 系列:第七部分 - 设置使用 Kerberos 进行身份验证的 NFS 服 ![挂载 NFS 共享](http://www.tecmint.com/wp-content/uploads/2015/09/Mount-NFS-Share.png) -挂载 NFS 共享 +*挂载 NFS 共享* 现在让我们卸载共享,在客户端中重命名密钥表文件(模拟它不存在)然后试着再次挂载共享目录: @@ -163,7 +157,7 @@ RHCE 系列:第七部分 - 设置使用 Kerberos 进行身份验证的 NFS 服 ![挂载/卸载 Kerberos NFS 共享](http://www.tecmint.com/wp-content/uploads/2015/09/Mount-Unmount-Kerberos-NFS-Share.png) -挂载/卸载 Kerberos NFS 共享 +*挂载/卸载 Kerberos NFS 共享* 现在你可以使用基于 Kerberos 身份验证的 NFS 共享了。 @@ -177,12 +171,12 @@ via: http://www.tecmint.com/setting-up-nfs-server-with-kerberos-based-authentica 作者:[Gabriel Cánepa][a] 译者:[ictlyh](http://www.mutouxiaogui.cn/blog/) -校对:[校对者ID](https://github.com/校对者ID) +校对:[wxy](https://github.com/wxy) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 [a]:http://www.tecmint.com/author/gacanepa/ -[1]:http://www.tecmint.com/setup-samba-file-sharing-for-linux-windows-clients/ +[1]:https://linux.cn/article-6550-1.html [2]:http://www.tecmint.com/configure-nfs-server/ [3]:http://www.tecmint.com/selinux-essentials-and-control-filesystem-access/ [4]:http://www.tecmint.com/firewalld-rules-for-centos-7/ diff --git a/translated/talk/The history of Android/06 - The history of Android.md b/published/The history of Android/06 - The history of Android.md similarity index 61% rename from translated/talk/The history of Android/06 - The history of Android.md rename to published/The history of Android/06 - The history of Android.md index 030bb83ca8..363fd85a84 100644 --- a/translated/talk/The history of Android/06 - The history of Android.md +++ b/published/The history of Android/06 - The history of Android.md @@ -1,48 +1,48 @@ -The history of Android +安卓编年史(6) ================================================================================ ![T-Mobile G1](http://cdn.arstechnica.net/wp-content/uploads/2014/04/t-mobile_g1.jpg) -T-Mobile G1 -T-Mobile供图 + +*T-Mobile G1 [T-Mobile供图]* ### 安卓1.0——谷歌系app和实体硬件的引入 ### -到了2008年10月,安卓1.0已经准备好发布,这个系统在[T-Mobile G1][1](又以HTC Dream为人周知)上初次登台。G1进入了被iPhone 3G和[Nokia 1680 classic][2]所主宰的市场。(这些手机并列获得了2008年[销量最佳手机][3]称号,各自卖出了350万台。)G1的销量数字已难以获得,但T-Mobile宣称截至2009年4月该设备的销量突破了100万台。无论从哪方面来说这在竞争中都处于落后地位。 +到了2008年10月,安卓1.0已经准备好发布,这个系统在[T-Mobile G1][1](又以HTC Dream为人周知)上初次登台。G1进入了被iPhone 3G和[Nokia 1680 classic][2]所主宰的市场。(这些手机并列获得了2008年[销量最佳手机][3]称号,各自卖出了350万台。)G1的具体销量数字已难以获得,但T-Mobile宣称截至2009年4月该设备的销量突破了100万台。无论从哪方面来说这在竞争中都处于落后地位。 -G1拥有单核528Mhz的ARM 11处理器,一个Adreno 130的GPU,192MB内存,以及多达256MB的存储空间供给系统以及应用使用。它有一块3.2英寸,320x480分辨率的显示屏,被布置在一个含有实体全键盘的滑动结构之上。所以尽管安卓软件的确走过了很长的一段路,硬件也是的。时至今日,我们可以在厂商的一个手表中得到比这更好的参数:最新的[三星智能手表][4]拥有512MB内存以及1GHz的双核处理器。 +G1拥有单核528Mhz的ARM 11处理器,一个Adreno 130的GPU,192MB内存,以及多达256MB的存储空间提供给系统以及应用使用。它有一块3.2英寸、320x480分辨率的显示屏,被布置在一个含有实体全键盘的滑动结构之上。所以尽管安卓软件的确走过了很长的一段路,硬件也是的。时至今日,我们可以在一个厂商提供手表中得到比这更好的参数:最新的[三星智能手表][4]拥有512MB内存以及1GHz的双核处理器。 -当iPhone有着最少数量的按键的时候,G1确实完全相反的,按键几乎支持每个硬件控制。它有拨通和挂断按钮,home键,后退,以及菜单键,一个相机快门键,音量控制键,一个轨迹球,当然,还有50个键盘按钮。未来安卓设备将会慢慢离开按键多多的界面设计,几乎每部新旗舰都在减少按键的数量。 +当iPhone有着最少数量的按键的时候,G1确实完全相反的,按键几乎支持每个硬件控制。它有拨通和挂断按钮,home键,后退,以及菜单键,一个相机快门键,音量控制键,一个轨迹球,当然,还有50个键盘按键。未来安卓设备将会慢慢离开按键多多的界面设计,几乎每部新旗舰都在减少按键的数量。 但是这是第一次,人们见到了运行在实机上的安卓,而不是跑在一个令人沮丧的慢吞吞的模拟器上。安卓1.0没有iPhone那样顺滑流畅,闪亮耀眼,或拥有那么多的新闻报道。它也不像Windows Mobile 6.5那样才华横溢。但这仍然是个好的开始。 ![安卓1.0和0.9的默认应用列表。](http://cdn.arstechnica.net/wp-content/uploads/2013/12/apps.png) -安卓1.0和0.9的默认应用列表。 -Ron Amadeo供图 -安卓1.0的核心与两个月前发布的beta版本相比看起来并没有什么引人注目的不同,但消费者产品带来了不少应用,包括一套完整的谷歌系应用。日历,电子邮件,Gmail,即时通讯,市场,设置,语音拨号,以及YouTube都是全新登场。那时候,音乐是智能手机上占据主宰地位的媒体类型,其王者是iTunes音乐商店。谷歌没有自家的音乐服务,所以它选择了亚马逊并绑定了亚马逊MP3商店。 +*安卓1.0和0.9的默认应用列表。[Ron Amadeo供图]* -安卓最重要的新增是谷歌商店的首次登场,叫做“安卓市场Beta”。与此同时大部分公司满足于将它们的软件目录称作一些不同的“应用商店”——意思是一个出售应用的商店,并且只出售应用——谷歌明显有着更大的野心。它搭配了一个更为通用的名字,“安卓市场”。这个名字的想法是安卓市场不仅仅拥有应用,还拥有一切你的安卓设备所需要的东西。 +安卓1.0的核心与两个月前发布的beta版本相比看起来并没有什么引人注目的不同,但这个消费产品带来了不少应用,包括一套完整的谷歌系应用。日历,电子邮件,Gmail,即时通讯,市场,设置,语音拨号,以及YouTube都是全新登场。那时候,音乐是智能手机上占据主宰地位的媒体类型,其王者是iTunes音乐商店。谷歌没有自家的音乐服务,所以它选择了亚马逊并绑定了亚马逊MP3商店。 + +安卓最重要的新增内容是首次登场的谷歌商店,叫做“安卓市场Beta”。与此同时大部分公司满足于将它们的软件目录称作各种“应用商店”——意思是一个出售应用的商店,并且只出售应用——谷歌明显有着更大的野心。它搭配了一个更为通用的名字,“安卓市场”。这个名字的想法是安卓市场不仅仅拥有应用,还拥有一切你的安卓设备所需要的东西。 ![第一个安卓市场客户端。截图展示了主页,“我的下载”,一个应用页面,以及一个应用权限页面。](http://cdn.arstechnica.net/wp-content/uploads/2013/12/market.png) -第一个安卓市场客户端。截图展示了主页,“我的下载”,一个应用页面,以及一个应用权限页面。 -[Google][5]供图 -那时候,安卓市场只提供应用和游戏,开发者们甚至还不能为它们收费。苹果的App Store相对与安卓市场有4个月的先发优势,但是谷歌的主要差异化在于安卓的商店几乎是完全开放的。在iPhone上,应用受制于苹果的审查,必须遵循设计和技术指南。潜在的新应用不允许在功能上复制已有应用。在安卓市场,开发者可以自由地做任何想做的,包括开发替代已有的应用。控制的缺失会转变成祝福同时也是诅咒。它允许开发者革新已有的功能,但同时意味着甚至是毫无价值的垃圾应用也被允许进入市场。 +*第一个安卓市场客户端。截图展示了主页,“我的下载”,一个应用页面,以及一个应用权限页面。[[Google][5]供图]* -现在,这个客户端是又一个不再能够和谷歌服务器通讯的应用。幸运的是,它也是在因特网上被[真正记录][6]的为数不多的早期安卓应用之一。主页提供了通向一般区域的连接,像应用,游戏,搜索,以及下载,顶部有横向滚动显示的特色应用图标。搜索结果和“我的下载”页面以滚动列表的方式显示应用,显示应用名,开发者,费用(在那时都是免费的),以及评分。单独的应用页面展示了一个简短的描述,安装数,用户评论和评分,以及最重要的安装按钮。早期的安卓市场不支持图片,开发者唯一能使用的区域是应用描述,还有着500字的限制。这使得类似维护一个更新日志变的十分困难,因为只有描述的位置可以供其使用。 +那时候,安卓市场只提供应用和游戏,开发者们甚至还不能为它们收费。苹果的App Store相对与安卓市场有4个月的先发优势,但是谷歌的主要差异化在于安卓的商店几乎是完全开放的。在iPhone上,应用受制于苹果的审查,必须遵循设计和技术指南。潜在的新应用不允许在功能上复制已有应用。在安卓市场,开发者可以自由地做任何想做的,包括开发替代已有的应用。控制的缺失导致福祸相依。它允许开发者革新已有的功能,但同时意味着甚至是毫无价值的垃圾应用也被允许进入市场。 + +时至今日,这个安卓市场的客户端是又一个不再能够和谷歌服务器通讯的应用。幸运的是,它也是在因特网上被[真正记录][6]的为数不多的早期安卓应用之一。主页提供了通向一般区域的连接,像应用,游戏,搜索,以及下载,顶部有横向滚动显示的特色应用图标。搜索结果和“我的下载”页面以滚动列表的方式显示应用,显示应用名,开发者,费用(在那时都是免费的),以及评分。单独的应用页面展示了一个简短的描述,安装数,用户评论和评分,以及最重要的安装按钮。早期的安卓市场不支持图片,开发者唯一能使用的区域是应用描述,还有着500字的限制。这使得类似维护一个更新日志变的十分困难,因为只有描述的位置可以供其使用。 就在安装之前,安卓市场显示了应用所需要的权限。这是苹果直至2012年之前都避免做的,那年一个iOS应用被发现在用户不知情的情况下[将完整的通讯录上传][7]到云端。权限显示给出了一个完整的应用用到的权限列表,尽管这个版本强迫用户同意应用权限。界面有个“OK”按钮,但是除了后退按钮没有办法取消。 ![Gmail展示收件箱,打开菜单的收件箱。 ](http://cdn.arstechnica.net/wp-content/uploads/2013/12/gmail1.01.png) -Gmail展示收件箱,打开菜单的收件箱。 -Ron Amadeo供图 -下一个重要的应用也许就是Gmail。大多数基本的功能此时已经准备好了。未读邮件以加粗显示,标签是个有颜色的标记。在收件箱中每封独立邮件显示着主题,发件人,以及一个会话中的回复数。Gmail加星标志也在这里——快速点击即可给邮件加星或取消。一如往常,对于早期版本的安卓,菜单里有收件箱视图应有的所有按钮。但是,一旦打开了一封邮件,界面看起来就更加的现代了,“回复”和“转发”按钮永久固定在了屏幕底部。各个独立回复可以点击它们来展开和收缩。 +*Gmail展示收件箱,打开菜单的收件箱。[Ron Amadeo供图]* + +下一个重要的应用也许就是Gmail。大多数基本的功能此时已经准备好了。未读邮件以加粗显示,标签是个有颜色的标记。在收件箱中每封独立邮件显示着主题,发件人,以及一个会话中的回复数。Gmail加星标志也在这里——快速点击即可给邮件加星或取消。一如往常,对于早期版本的安卓,菜单里有收件箱视图应有的所有按钮。但是,一旦打开了一封邮件,界面看起来就更加的现代了,“回复”和“转发”按钮永久固定在了屏幕底部。单独回复可以点击它们来展开和收缩。 圆角,阴影,以及气泡图标给了整个应用“卡通”的外表,但是这是个好的开始。安卓的功能第一哲学真正从此开始:Gmail支持标签,邮件会话,搜索,以及邮件推送。 ![Gmail在安卓1.0的标签视图,写邮件界面,以及设置。](http://cdn.arstechnica.net/wp-content/uploads/2013/12/gmail3.png) -Gmail在安卓1.0的标签视图,写邮件界面,以及设置。 -Ron Amadeo供图 + +*Gmail在安卓1.0的标签视图,写邮件界面,以及设置。[Ron Amadeo供图]* 但是如果你认为Gmail很丑,电子邮件应用又拉低了下限。它没有分离的收件箱或文件夹视图——所有东西都糊在一个界面。应用呈现给你一个文件夹列表,点击一个文件夹会以内嵌的方式展开内容。未读邮件左侧有条绿色的线指示,这就是电子邮件应用的界面。这个应用支持IMAP和POP3,但是没有Exchange。 @@ -58,7 +58,7 @@ Ron Amadeo供图 via: http://arstechnica.com/gadgets/2014/06/building-android-a-40000-word-history-of-googles-mobile-os/6/ -译者:[alim0x](https://github.com/alim0x) 校对:[校对者ID](https://github.com/校对者ID) +译者:[alim0x](https://github.com/alim0x) 校对:[wxy](https://github.com/wxy) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 diff --git a/translated/talk/The history of Android/07 - The history of Android.md b/published/The history of Android/07 - The history of Android.md similarity index 51% rename from translated/talk/The history of Android/07 - The history of Android.md rename to published/The history of Android/07 - The history of Android.md index 583e847d6e..9777963d63 100644 --- a/translated/talk/The history of Android/07 - The history of Android.md +++ b/published/The history of Android/07 - The history of Android.md @@ -1,90 +1,90 @@ -安卓编年史 +安卓编年史(7) ================================================================================ ![电子邮件应用的所有界面。前两张截图展示了标签/收件箱结合的视图,最后一张截图展示了一封邮件。](http://cdn.arstechnica.net/wp-content/uploads/2014/01/email2lol.png) -电子邮件应用的所有界面。前两张截图展示了标签/收件箱结合的视图,最后一张截图展示了一封邮件。 -Ron Amadeo供图 -邮件视图是——令人惊讶的!——白色。安卓的电子邮件应用从历史角度来说算是个打了折扣的Gmail应用,你可以在这里看到紧密的联系。读邮件以及写邮件视图几乎没有任何修改地就从Gmail那里直接取过来使用。 +*电子邮件应用的所有界面。前两张截图展示了标签/收件箱结合的视图,最后一张截图展示了一封邮件。 [Ron Amadeo供图]* + +邮件视图是——令人惊讶的!居然是白色。安卓的电子邮件应用从历史角度来说算是个打了折扣的Gmail应用,你可以在这里看到紧密的联系。读邮件以及写邮件视图几乎没有任何修改地就从Gmail那里直接取过来使用。 ![即时通讯应用。截图展示了服务提供商选择界面,朋友列表,以及一个对话。](http://cdn.arstechnica.net/wp-content/uploads/2013/12/IM2.png) -即时通讯应用。截图展示了服务提供商选择界面,朋友列表,以及一个对话。 -Ron Amadeo供图 -在Google Hangouts之前,甚至是Google Talk之前,就有“IM”——安卓1.0带来的唯一一个即时通讯客户端。令人惊奇的是,它支持多种IM服务:用户可以从AIM,Google Talk,Windows Live Messenger以及Yahoo中挑选。还记得操作系统开发者什么时候关心过互通性吗? +*即时通讯应用。截图展示了服务提供商选择界面,朋友列表,以及一个对话。[Ron Amadeo供图]* -朋友列表是聊天中带有白色聊天气泡的黑色背景界面。状态用一个带颜色的圆形来指示,右侧的小安卓机器人指示出某人正在使用移动设备。IM应用相比Google Hangouts远比它有沟通性,这真是十分神奇的。绿色代表着某人正在使用设备并且已经登录,黄色代表着他们登录了但处于空闲状态,红色代表他们手动设置状态为忙,不想被打扰,灰色表示离线。现在Hangouts只显示用户是否打开了应用。 +在Google Hangouts之前,甚至是Google Talk之前,就有了“IM”——安卓1.0带来的唯一一个即时通讯客户端。令人惊奇的是,它支持多种IM服务:用户可以从AIM,Google Talk,Windows Live Messenger以及Yahoo中挑选。还记得操作系统开发者什么时候关心过互通性吗? + +朋友列表是黑色背景界面,如果在聊天中则带有白色聊天气泡。状态用一个带颜色的圆形来指示,右侧的小安卓机器人指示出某人正在使用移动设备。IM应用相比Google Hangouts远比它有沟通性,这真是十分神奇的。绿色代表着某人正在使用设备并且已经登录,黄色代表着他们登录了但处于空闲状态,红色代表他们手动设置状态为忙,不想被打扰,灰色表示离线。现在Hangouts只显示用户是否打开了应用。 聊天对话界面明显基于信息应用,聊天的背景从白色和蓝色被换成了白色和绿色。但是没人更改信息输入框的颜色,所以加上橙色的高亮效果,界面共使用了白色,绿色,蓝色和橙色。 ![安卓1.0上的YouTube。截图展示了主界面,打开菜单的主界面,分类界面,视频播放界面。](http://cdn.arstechnica.net/wp-content/uploads/2013/12/yt5000.png) -安卓1.0上的YouTube。截图展示了主界面,打开菜单的主界面,分类界面,视频播放界面。 -Ron Amadeo供图 -YouTube仅仅以G1的320p屏幕和3G网络速度可能不会有今天这样的移动意识,但谷歌的视频服务在安卓1.0上就被置入发布了。主界面看起来就像是安卓市场调整过的版本,顶部带有一个横向滚动选择部分,下面有垂直滚动分类列表。谷歌的一些分类选择还真是奇怪:“最热门”和“最多观看”有什么区别? +*安卓1.0上的YouTube。截图展示了主界面,打开菜单的主界面,分类界面,视频播放界面。[Ron Amadeo供图]* -一个谷歌没有意识到YouTube最终能达到多庞大的标志——有一个视频分类是“最近更新”。在今天,每分钟有[100小时时长的视频][1]上传到Youtube上,如果这个分类能正常工作的话,它会是一个快速滚动的视频列表,快到以至于变为一片无法阅读的模糊。 +以G1的320p屏幕和3G网络速度,YouTube可能不会有今天这样的手机上的表现,但谷歌的视频服务在安卓1.0上就被置入发布了。主界面看起来就像是安卓市场调整过的版本,顶部带有一个横向滚动选择部分,下面有垂直滚动分类列表。谷歌的一些分类选择还真是奇怪:“最热门”和“最多观看”有什么区别? -菜单含有搜索,喜爱,分类,设置。设置(没有图片)是有史以来最简陋的,只有个清除搜索历史的选项。分类都是一样的平淡,仅仅是个黑色的文本列表。 +这是一个谷歌没有意识到YouTube最终能达到多庞大的标志——有一个视频分类是“最近更新”。在今天,每分钟有[100小时时长的视频][1]上传到Youtube上,如果这个分类能正常工作的话,它会是一个快速滚动的视频列表,快到以至于变为一片无法阅读的模糊。 + +菜单含有搜索,喜爱,分类,设置。设置(没有该图片)是有史以来最简陋的,只有个清除搜索历史的选项。分类都是一样的平淡,仅仅是个黑色的文本列表。 最后一张截图展示了视频播放界面,只支持横屏模式。尽管自动隐藏的播放控制有个进度条,但它还是很奇怪地包含了后退和前进按钮。 ![YouTube的视频菜单,描述页面,评论。](http://cdn.arstechnica.net/wp-content/uploads/2013/12/yt3.png) -YouTube的视频菜单,描述页面,评论。 -Ron Amadeo供图 -每个视频的更多选项可以通过点击菜单按钮来打开。在这里你可以把视频标记为喜爱,查看详细信息,以及阅读评论。所有的这些界面,和视频播放一样,是锁定横屏模式的。 +*YouTube的视频菜单,描述页面,评论。[Ron Amadeo供图]* + +每个视频的更多选项可以通过点击菜单按钮来打开。在这里你可以把视频标记为“喜爱”,查看详细信息,以及阅读评论。所有的这些界面,和视频播放一样,是锁定横屏模式的。 然而“共享”不会打开一个对话框,它只是向Gmail邮件中加入了视频的链接。想要把链接通过短信或即时消息发送给别人是不可能的。你可以阅读评论,但是没办法评价他们或发表自己的评论。你同样无法给视频评分或赞。 ![相机应用的拍照界面,菜单,照片浏览模式。](http://cdn.arstechnica.net/wp-content/uploads/2013/12/camera.png) -相机应用的拍照界面,菜单,照片浏览模式。 -Ron Amadeo供图 -在实体机上跑上真正的安卓意味着相机功能可以正常运作,即便那里没什么太多可关注的。左边的黑色方块是相机的界面,原本应该显示取景器图像,但SDK的截图工具没办法捕捉下来。G1有个硬件实体的拍照键(还记得吗?),所以相机没必要有个屏幕上的快门键。相机没有曝光,白平衡,或HDR设置——你可以拍摄照片,仅此而已。 +*相机应用的拍照界面,菜单,照片浏览模式。[Ron Amadeo供图]* + +在实体机上跑真正的安卓意味着相机功能可以正常运作,即便那里没什么太多可关注的。左边的黑色方块是相机的界面,原本应该显示取景器图像,但SDK的截图工具没办法捕捉下来。G1有个硬件实体的拍照键(还记得吗?),所以相机没必要有个屏幕上的快门键。相机没有曝光,白平衡,或HDR设置——你可以拍摄照片,仅此而已。 菜单按钮显示两个选项:跳转到相册应用和带有两个选项的设置界面。第一个设置选项是是否给照片加上地理标记,第二个是在每次拍摄后显示提示菜单,你可以在上面右边看到截图。同样的,你目前还只能拍照——还不支持视频拍摄。 ![日历的月视图,打开菜单的周视图,日视图,以及日程。](http://cdn.arstechnica.net/wp-content/uploads/2013/12/calviews.png) -日历的月视图,打开菜单的周视图,日视图,以及日程。 -Ron Amadeo供图 + +*日历的月视图,打开菜单的周视图,日视图,以及日程。[Ron Amadeo供图]* 就像这个时期的大多数应用一样,日历的主命令界面是菜单。菜单用来切换视图,添加新事件,导航至当天,选择要显示的日程,以及打开设置。菜单扮演着每个单独按钮的入口的作用。 月视图不能显示约会事件的文字。每个日期旁边有个侧边,约会会显示为侧边上的绿色部分,通过位置来表示约会是在一天中的什么时候。周视图同样不能显示预约文字——G1的320×480的显示屏像素还不够密——所以你会在日历中看到一个带有颜色指示条的白块。唯一一个显示文字的是日程和日视图。你可以用滑动来切换日期——左右滑动切换周和日,上下滑动切换月份和日程。 ![设置主界面,无线设置,关于页面的底部。](http://cdn.arstechnica.net/wp-content/uploads/2013/12/settings.png) -设置主界面,无线设置,关于页面的底部。 -Ron Amadeo供图 -安卓1.0最终带来了设置界面。这个界面是个带有文字的黑白界面,粗略地分为各个部分。每个列表项边的下箭头让人误以为点击它会展开折叠的更多东西,但是触摸列表项的任何位置只会加载下一屏幕。所有的界面看起来确实无趣,都差不多一样,但是嘿,这可是设置啊。 +*设置主界面,无线设置,关于页面的底部。[Ron Amadeo供图]* -任何带有开/关状态的选项都使用了卡通风的复选框。安卓1.0最初的复选框真是奇怪——就算是在“未选中”状态时,它们还是有个灰色的勾选标记在里面。安卓把勾选标记当作了灯泡,打开时亮起来,关闭的时候变得黯淡,但这不是复选框的工作方式。然而我们最终还是见到了“关于”页面。安卓1.0运行Linux内核2.6.25版本。 +安卓1.0最终带来了设置界面。这个界面是个带有文字的黑白界面,粗略地分为各个部分。每个列表项边上的下箭头让人误以为点击它会展开折叠的更多东西,但是触摸列表项的任何位置只会加载下一屏幕。所有的界面看起来确实无趣,都差不多一样,但是嘿,这可是设置啊。 + +任何带有开/关状态的选项都使用了卡通风格的复选框。安卓1.0最初的复选框真是奇怪——就算是在“未选中”状态时,它们还是有个灰色的勾选标记在里面。安卓把勾选标记当作了灯泡,打开时亮起来,关闭的时候变得黯淡,但这不是复选框的工作方式。然而我们最终还是见到了“关于”页面。安卓1.0运行Linux内核2.6.25版本。 设置界面意味着我们终于可以打开安全设置并更改锁屏。安卓1.0只有两种风格,安卓0.9那样的灰色方形锁屏,以及需要你在9个点组成的网格中画出图案的图形解锁。像这样的滑动图案相比PIN码更加容易记忆和输入,尽管它没有增加多少安全性。 ![语音拨号,图形锁屏,电池低电量警告,时间设置。](http://cdn.arstechnica.net/wp-content/uploads/2013/12/grabbag.png) -语音拨号,图形锁屏,电池低电量警告,时间设置。 -Ron Amadeo供图 -语音功能和语音拨号一同来到了1.0。这个特性以各种功能实现在AOSP徘徊了一段时间,然而它是一个简单的拨打号码和联系人的语音命令应用。语音拨号是个和谷歌未来的语音产品完全无关的应用,但是,它的工作方式和非智能机上的语音拨号一样。 +*语音拨号,图形锁屏,电池低电量警告,时间设置。[Ron Amadeo供图]* + +语音功能和语音拨号一同来到了1.0。这个特性以各种功能实现在AOSP徘徊了一段时间,然而它是一个简单的拨打号码和联系人的语音命令应用。语音拨号是个和谷歌未来的语音产品完全无关的应用,它的工作方式和非智能机上的语音拨号一样。 关于最后一个值得注意的,当电池电量低于百分之十五的时候会触发低电量弹窗。这是个有趣的图案,它把电源线错误的一端插入手机。谷歌,那可不是(现在依然不是)手机应该有的充电方式。 -安卓1.0是个伟大的开头,但是功能上仍然有许多缺失。实体键盘和大量硬件按钮被强制要求配备,因为不带有十字方向键或轨迹球的安卓设备依然不被允许销售。另外,基本的智能手机功能比如自动旋转依然缺失。内置应用不可能像今天这样通过安卓市场来更新。所有的谷歌系应用和系统交织在一起。如果谷歌想要升级一个单独的应用,需要通过运营商推送整个系统的更新。安卓依然还有许多工作要做。 +安卓1.0是个伟大的开端,但是功能上仍然有许多缺失。强制配备了实体键盘和大量硬件按钮,因为不带有十字方向键或轨迹球的安卓设备依然不被允许销售。另外,基本的智能手机功能比如自动旋转依然缺失。内置应用不可能像今天这样通过安卓市场来更新。所有的谷歌系应用和系统交织在一起。如果谷歌想要升级一个单独的应用,需要通过运营商推送整个系统的更新。安卓依然还有许多工作要做。 ### 安卓1.1——第一个真正的增量更新 ### ![安卓1.1的所有新特性:语音搜索,安卓市场付费应用支持,谷歌纵横,设置中的新“系统更新”选项。](http://cdn.arstechnica.net/wp-content/uploads/2013/12/11.png) -安卓1.1的所有新特性:语音搜索,安卓市场付费应用支持,谷歌纵横,设置中的新“系统更新”选项。 -Ron Amadeo供图 -安卓1.0发布四个半月后,2009年2月,安卓在安卓1.1中得到了它的第一个公开更新。系统方面没有太多变化,谷歌向1.1中添加新东西现如今也都已被关闭。谷歌语音搜索是安卓向云端语音搜索的第一个突击,它在应用抽屉里有自己的图标。尽管这个应用已经不能与谷歌服务器通讯,你可以[在iPhone上][2]看到它以前是怎么工作的。它还没有语音操作,但你可以说出想要搜索的,结果会显示在一个简单的谷歌搜索中。 +*安卓1.1的所有新特性:语音搜索,安卓市场付费应用支持,谷歌纵横,设置中的新“系统更新”选项。[Ron Amadeo供图]* -安卓市场添加了对付费应用的支持,但是就像beta客户端中一样,这个版本的安卓市场不再能够连接Google Play服务器。我们最多能够看到分类界面,你可以在免费应用,付费应用和全部应用中选择。 +安卓1.0发布四个半月后,2009年2月,安卓在安卓1.1中得到了它的第一个公开更新。系统方面没有太多变化,谷歌向1.1中添加的新东西现如今也都已被关闭。谷歌语音搜索是安卓向云端语音搜索的第一个突击,它在应用抽屉里有自己的图标。尽管这个应用已经不能与谷歌服务器通讯,你可以[在iPhone上][2]看到它以前是怎么工作的。它还没有语音操作,但你可以说出想要搜索的,结果会显示在一个简单的谷歌搜索中。 + +安卓市场添加了对付费应用的支持,但是就像beta客户端中一样,这个版本的安卓市场已经不能连接Google Play服务器。我们最多能够看到分类界面,你可以在免费应用、付费应用和全部应用中选择。 地图添加了[谷歌纵横][3],一个向朋友分享自己位置的方法。纵横在几个月前为了支持Google+而被关闭并且不再能够工作。地图菜单里有个纵横的选项,但点击它现在只会打开一个带载入中圆圈的画面,并永远停留在这里。 -安卓世界的系统更新来得更加迅速——或者至少是一条在运营商和OEM推送之前获得更新的途径——谷歌向“关于手机”界面添加了检查系统更新按钮。 +安卓世界的系统更新来得更加迅速——或者至少是一条在运营商和OEM推送之前获得更新的途径——谷歌也在“关于手机”界面添加了检查系统更新按钮。 ---------- @@ -98,7 +98,7 @@ Ron Amadeo供图 via: http://arstechnica.com/gadgets/2014/06/building-android-a-40000-word-history-of-googles-mobile-os/7/ -译者:[alim0x](https://github.com/alim0x) 校对:[校对者ID](https://github.com/校对者ID) +译者:[alim0x](https://github.com/alim0x) 校对:[wxy](https://github.com/wxy) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 diff --git a/sources/share/20150824 Great Open Source Collaborative Editing Tools.md b/sources/share/20150824 Great Open Source Collaborative Editing Tools.md index 4696862569..c4746bc482 100644 --- a/sources/share/20150824 Great Open Source Collaborative Editing Tools.md +++ b/sources/share/20150824 Great Open Source Collaborative Editing Tools.md @@ -1,4 +1,3 @@ -cygmris is translating... Great Open Source Collaborative Editing Tools ================================================================================ In a nutshell, collaborative writing is writing done by more than one person. There are benefits and risks of collaborative working. Some of the benefits include a more integrated / co-ordinated approach, better use of existing resources, and a stronger, united voice. For me, the greatest advantage is one of the most transparent. That's when I need to take colleagues' views. Sending files back and forth between colleagues is inefficient, causes unnecessary delays and leaves people (i.e. me) unhappy with the whole notion of collaboration. With good collaborative software, I can share notes, data and files, and use comments to share thoughts in real-time or asynchronously. Working together on documents, images, video, presentations, and tasks is made less of a chore. diff --git a/sources/share/20150901 5 best open source board games to play online.md b/sources/share/20150901 5 best open source board games to play online.md index 5df980d1db..c14fecc697 100644 --- a/sources/share/20150901 5 best open source board games to play online.md +++ b/sources/share/20150901 5 best open source board games to play online.md @@ -1,4 +1,3 @@ -Translating by H-mudcup 5 best open source board games to play online ================================================================================ I have always had a fascination with board games, in part because they are a device of social interaction, they challenge the mind and, most importantly, they are great fun to play. In my misspent youth, myself and a group of friends gathered together to escape the horrors of the classroom, and indulge in a little escapism. The time provided an outlet for tension and rivalry. Board games help teach diplomacy, how to make and break alliances, bring families and friends together, and learn valuable lessons. diff --git a/sources/share/20151007 Open Source Media Player MPlayer 1.2 Released.md b/sources/share/20151007 Open Source Media Player MPlayer 1.2 Released.md deleted file mode 100644 index 52a6887786..0000000000 --- a/sources/share/20151007 Open Source Media Player MPlayer 1.2 Released.md +++ /dev/null @@ -1,64 +0,0 @@ -alim0x translating - -Open Source Media Player MPlayer 1.2 Released -================================================================================ -![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/10/MPlayer-1.2.jpg) - -Almost three years after [MPlaayer][1] 1.1, the new version of MPlayer has been released last week. MPlayer 1.2 brings up support for many new codecs in this release. - -MPlayer is a cross-platform, open source media player. Its name is an abbreviation of “Movie Player”. MPlayer has been one of the oldest video players for Linux and during last 15 years, it has inspired a number of other media players. Some of the famous media players based on MPlayer are: - -- [MPV][2] -- SMPlayer -- KPlayer -- GNOME MPlayer -- Deepin Player - -#### What’s new in MPlayer 1.2? #### - -- Compatibility with FFmpeg 2.8 -- VDPAU hardware acceleration for H.265/HEVC -- A number of new codecs supported via FFmpeg -- Improvements in TV and DVB support -- GUI improvements -- external dependency on libdvdcss/libdvdnav packages - -#### Install MPlayer 1.2 in Linux #### - -Most Linux distributions are still having MPlayer 1.1. If you want to use the new MPlayer 1.2, you’ll have to compile it from the source code which could be tricky at times for beginners. - -I have used Ubuntu 15.04 for the installation of MPlayer 1.2. Installation instructions will remain the same for all Linux distributions except the part where you need to install yasm. - -Open a terminal and use the following commands: - - wget http://www.mplayerhq.hu/MPlayer/releases/MPlayer-1.2.tar.xz - - tar xvf MPlayer-1.1.1.tar.xz - - cd MPlayer-1.2 - - sudo apt-get install yasm - - ./configure - -When you run make, it will throw a number of things on the terminal screen and takes some time to build it. Have patience. - - make - - sudo make install - -If you feel uncomfortable using the source code, I advise you to either wait forMPlayer 1.2 to land in the repositories of your Linux distribution or use an alternate like MPV. - --------------------------------------------------------------------------------- - -via: http://itsfoss.com/mplayer-1-2-released/ - -作者:[Abhishek][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 - -[a]:http://itsfoss.com/author/abhishek/ -[1]:https://www.mplayerhq.hu/ -[2]:http://mpv.io/ diff --git a/sources/share/20151028 Bossie Awards 2015--The best open source application development tools.md b/sources/share/20151028 Bossie Awards 2015--The best open source application development tools.md new file mode 100644 index 0000000000..10da3e7cdc --- /dev/null +++ b/sources/share/20151028 Bossie Awards 2015--The best open source application development tools.md @@ -0,0 +1,336 @@ +Bossie Awards 2015: The best open source application development tools +================================================================================ +InfoWorld's top picks among platforms, frameworks, databases, and all the other tools that programmers use + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-app-dev-100613767-orig.jpg) + +### The best open source development tools ### + +There must be a better way, right? The developers are the ones who find it. This year's winning projects in the application development category include client-side frameworks, server-side frameworks, mobile frameworks, databases, languages, libraries, editors, and yeah, Docker. These are our top picks among all of the tools that make it faster and easier to build better applications. + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-docker-100613773-orig.jpg) + +### Docker ### + +The darling of container fans almost everywhere, [Docker][2] provides a low-overhead way to isolate an application or service’s environment, which serves its stated goal of being an open platform for building, shipping, and running distributed applications. Docker has been widely supported, even among those seeking to replace the Docker container format with an alternative, more secure runtime and format, specifically Rkt and AppC. Heck, Microsoft Visual Studio now supports deploying into a Docker container too. + +Docker’s biggest impact has been on virtual machine environments. Since Docker containers run inside the operating system, many more Docker containers than virtual machines can run in a given amount of RAM. This is important because RAM is usually the scarcest and most expensive resource in a virtualized environment. + +There are hundreds of thousands of runnable public images on Docker Hub, of which a few hundred are official, and the rest are from the community. You describe Docker images with a Dockerfile and build images locally from the Docker command line. You can add both public and private image repositories to Docker Hub. + +-- Martin Heller + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-nodejs-iojs-100613778-orig.jpg) + +### Node.js and io.js ### + +[Node.js][2] -- and its recently reunited fork [io.js][3] -- is a platform built on [Google Chrome's V8 JavaScript runtime][4] for building fast, scalable, network applications. Node uses an event-driven, nonblocking I/O model without threads. In general, Node tends to take less memory and CPU resources than other runtime engines, such as Java and the .Net Framework. For example, a typical Node.js Web server can run well in a 512MB instance on Cloud Foundry or a 512MB Docker container. + +The Node repository on GitHub has more than 35,000 stars and more than 8,000 forks. The project, sponsored primarily by Joyent, has more than 600 contributors. Some of the more famous Node applications are 37Signals, [Ancestry.com][5], Chomp, the Wall Street Journal online, FeedHenry, [GE.com][6], Mockingbird, [Pearson.com][7], Shutterstock, and Uber. The popular IoT back-end Node-RED is built on Node, as are many client apps, such as Brackets and Nuclide. + +-- Martin Heller + +![](rticle/2015/09/bossies-2015-angularjs-100613766-orig.jpg) + +### AngularJS ### + +[AngularJS][8] (or simply Angular, among friends) is a Model-View-Whatever (MVW) JavaScript AJAX framework that extends HTML with markup for dynamic views and data binding. Angular is especially good for developing single-page Web applications and linking HTML forms to models and JavaScript controllers. + +The weird sounding Model-View-Whatever pattern is an attempt to include the Model-View-Controller, Model-View-ViewModel, and Model-View-Presenter patterns under one moniker. The differences among these three closely related patterns are the sorts of topics that programmers love to argue about fiercely; the Angular developers decided to opt out of the discussion. + +Basically, Angular automatically synchronizes data from your UI (view) with your JavaScript objects (model) through two-way data binding. To help you structure your application better and make it easy to test, AngularJS teaches the browser how to do dependency injection and inversion of control. + +Angular was created by Google and open-sourced under the MIT license; there are currently more than 1,200 contributors to the project on GitHub, and the repository has more than 40,000 stars and 18,000 forks. The Angular site lists [210 “neat things” built with Angular][9]. + +-- Martin Heller + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-react-100613782-orig.jpg) + +### React ### + +[React][10] is a JavaScript library for building a UI or view, typically for single-page applications. Note that React does not implement anything having to do with a model or controller. React pages can render on the server or the client; rendering on the server (with Node.js) is typically much faster. People often combine React with AngularJS to create complete applications. + +React combines JavaScript and HTML in a single file, optionally a JSX component. React fans like the way JSX components combine views and their related functionality in one file, though that flies in the face of the last decade of Web development trends, which were all about separating the markup and the code. React fans also claim that you can’t understand it until you’ve tried it. Perhaps you should; the React repository on GitHub has 26,000 stars. + +[React Native][11] implements React with native iOS controls; the React Native command line uses Node and Xcode. [ReactJS.Net][12] integrates React with [ASP.Net][13] and C#. React is available under a BSD license with a patent license grant from Facebook. + +-- Martin Heller + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-atom-100613768-orig.jpg) + +### Atom ### + +[Atom][14] is an open source, hackable desktop editor from GitHub, based on Web technologies. It’s a full-featured tool with a fuzzy finder; fast projectwide search and replace; multiple cursors and selections; multiple panes, snippets, code folding; and the ability to import TextMate grammars and themes. Out of the box, Atom displayed proper syntax highlighting for every programming language on which I tried it, except for F# and C#; I fixed that easily by loading those packages from within Atom. Not surprising, Atom has tight integration with GitHub. + +The skeleton of Atom has been separated from the guts and called the Electron shell, providing an open source way to build cross-platform desktop apps with Web technologies. Visual Studio Code is built on the Electron shell, as are a number of proprietary and open source apps, including Slack and Kitematic. Facebook Nuclide adds significant functionality to Atom, including remote development and support for Flow, Hack, and Mercurial. + +On the downside, updating Atom packages can become painful, especially if you have many of them installed. The Nuclide packages seem to be the worst offenders -- they not only take a long time to update, they run CPU-intensive Node processes to do so. + +-- Martin Heller + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-brackets-100613769-orig.jpg) + +### Brackets ### + +[Brackets][15] is a lightweight editor for Web design that Adobe developed and open-sourced, drawing heavily on other open source projects. The idea is to build better tooling for JavaScript, HTML, CSS, and related open Web technologies. Brackets itself is written in JavaScript, HTML, and CSS, and the developers use Brackets to build Brackets. The editor portion is based on another open source project, CodeMirror, and the Brackets native shell is based on Google’s Chromium Embedded Framework. + +Brackets features a clean UI, with the ability to open a quick inline editor that displays all of the related CSS for some HTML, or all of the related JavaScript for some scripting, and a live preview for Web pages that you are editing. New in Brackets 1.4 is instant search in files, easier preferences editing, the ability to enable and disable extensions individually, improved text rendering on Macs, and Greek and Cyrillic character support. Last November, Adobe started shipping a preview version of Extract for Brackets, which can pull out design information from Photoshop files, as part of the default download for Brackets. + +-- Martin Heller + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-typescript-100613786-orig.jpg) + +### TypeScript ### + +[TypeScript][16] is a portable, duck-typed superset of JavaScript that compiles to plain JavaScript. The goal of the project is to make JavaScript usable for large applications. In pursuit of that goal, TypeScript adds optional types, classes, and modules to JavaScript, and it supports tools for large-scale JavaScript applications. Typing gets rid of some of the nonsensical and potentially buggy default behavior in JavaScript, for example: + + > 1 + "1" + '11' + +“Duck” typing means that the type checking focuses on the shape of the data values; TypeScript describes basic types, interfaces, and classes. While the current version of JavaScript does not support traditional, class-based, object-oriented programming, the ECMAScript 6 specification does. TypeScript compiles ES6 classes into plain, compatible JavaScript, with prototype-based objects, unless you enable ES6 output using the `--target` compiler option. + +Visual Studio includes TypeScript in the box, starting with Visual Studio 2013 Update 2. You can also edit TypeScript in Visual Studio Code, WebStorm, Atom, Sublime Text, and Eclipse. + +When using an external JavaScript library, or new host API, you'll need to use a declaration file (.d.ts) to describe the shape of the library. You can often find declaration files in the [DefinitelyTyped][17] repository, either by browsing, using the [TSD definition manager][18], or using NuGet. + +TypeScript’s GitHub repository has more than 6,000 stars. + +-- Martin Heller + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-swagger-100613785-orig.jpg) + +### Swagger ### + +[Swagger][19] is a language-agnostic interface to RESTful APIs, with tooling that gives you interactive documentation, client SDK generation, and discoverability. It’s one of several recent attempts to codify the description of RESTful APIs, in the spirit of WSDL for XML Web Services (2000) and CORBA for distributed object interfaces (1991). + +The tooling makes Swagger especially interesting. [Swagger-UI][20] automatically generates beautiful documentation and a live API sandbox from a Swagger-compliant API. The [Swagger codegen][21] project allows generation of client libraries automatically from a Swagger-compliant server. + +[Swagger Editor][22] lets you edit Swagger API specifications in YAML inside your browser and preview documentations in real time. Valid Swagger JSON descriptions can then be generated and used with the full Swagger tooling. + +The [Swagger JS][23] library is a fast way to enable a JavaScript client to communicate with a Swagger-enabled server. Additional clients exist for Clojure, Go, Java, .Net, Node.js, Perl, PHP, Python, Ruby, and Scala. + +The [Amazon API Gateway][24] is a managed service for API management at scale. It can import Swagger specifications using an open source [Swagger Importer][25] tool. + +Swagger and friends use the Apache 2.0 license. + +-- Martin Heller + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-polymer-100613781-orig.jpg) + +### Polymer ### + +The [Polymer][26] library is a lightweight, “sugaring” layer on top of the Web components APIs to help in building your own Web components. It adds several features for greater ease in building complex elements, such as creating custom element registration, adding markup to your element, configuring properties on your element, setting the properties with attributes, data binding with mustache syntax, and internal styling of elements. + +Polymer also includes libraries of prebuilt elements. The Iron library includes elements for working with layout, user input, selection, and scaffolding apps. The Paper elements implement Google's Material Design. The Gold library includes elements for credit card input fields for e-commerce, the Neon elements implement animations, the Platinum library implements push messages and offline caching, and the Google Web Components library is exactly what it says; it includes wrappers for YouTube, Firebase, Google Docs, Hangouts, Google Maps, and Google Charts. + +Polymer Molecules are elements that wrap other JavaScript libraries. The only Molecule currently implemented is for marked, a Markdown library. The Polymer repository on GitHub currently has 12,000 stars. The software is distributed under a BSD-style license. + +-- Martin Heller + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-ionic-100613775-orig.jpg) + +### Ionic ### + +The [Ionic][27] framework is a front-end SDK for building hybrid mobile apps, using Angular.js and Cordova, PhoneGap, or Trigger.io. Ionic was designed to be similar in spirit to the Android and iOS SDKs, and to do a minimum of DOM manipulation and use hardware-accelerated transitions to keep the rendering speed high. Ionic is focused mainly on the look and feel and UI interaction of your app. + +In addition to the framework, Ionic encompasses an ecosystem of mobile development tools and resources. These include Chrome-based tools, Angular extensions for Cordova capabilities, back-end services, a development server, and a shell View App to enable testers to use your Ionic code on their devices without the need for you to distribute beta apps through the App Store or Google Play. + +Appery.io integrated Ionic into its low-code builder in July 2015. Ionic’s GitHub repository has more than 18,000 stars and more than 3,000 forks. Ionic is distributed under an MIT license and currently runs in UIWebView for iOS 7 and later, and in Android 4.1 and up. + +-- Martin Heller + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-cordova-100613771-orig.jpg) + +### Cordova ### + +[Apache Cordova][28] is the open source project spun off when Adobe acquired PhoneGap from Nitobi. Cordova is a set of device APIs, plus some tooling, that allows a mobile app developer to access native device functionality like the camera and accelerometer from JavaScript. When combined with a UI framework like Angular, it allows a smartphone app to be developed with only HTML, CSS, and JavaScript. By using Cordova plug-ins for multiple devices, you can generate hybrid apps that share a large portion of their code but also have access to a wide range of platform capabilities. The HTML5 markup and code runs in a WebView hosted by the Cordova shell. + +Cordova is one of the cross-platform mobile app options supported by Visual Studio 2015. Several companies offer online builders for Cordova apps, similar to the Adobe PhoneGap Build service. Online builders save you from having to install and maintain most of the device SDKs on which Cordova relies. + +-- Martin Heller + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-famous-100613774-orig.jpg) + +### Famous Engine ### + +The high-performance Famo.us JavaScript framework introduced last year has become the [Famous Engine][29] and [Famous Framework][30]. The Famous Engine runs in a mixed mode, with the DOM and WebGL under a single coordinate system. As before, Famous structures applications in a scene graph hierarchy, but now it produces very little garbage (reducing the garbage collector overhead) and sustains 60FPS animations. + +The Famous Physics engine has been refactored to its own, fine-grained module so that you can load only the features you need. Other improvements since last year include streamlined eventing, improved sizing, decoupling the scene graph from the rendering pipeline by using a draw command buffer, and switching to a fully open MIT license. + +The new Famous Framework is an alpha-stage developer preview built on the Famous Engine; its goal is creating reusable, composable, and interchangeable UI widgets and applications. Eventually, Famous hopes to replace the jQuery UI widgets with Famous Framework widgets, but while it's promising, the Famous Framework is nowhere near production-ready. + +-- Martin Heller + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-mongodb-rev-100614248-orig.jpg) + +### MongoDB ### + +[MongoDB][31] is no stranger to the Bossies or to the ever-growing and ever-competitive NoSQL market. If you still aren't familiar with this very popular technology, here's a brief overview: MongoDB is a cross-platform document-oriented database, favoring JSON-like documents with dynamic schemas that make data integration easier and faster. + +MongoDB has attractive features, including but not limited to ad hoc queries, flexible indexing, replication, high availability, automatic sharding, load balancing, and aggregation. + +The big, bold move with [version 3.0 this year][32] was the new WiredTiger storage engine. We can now have document-level locking. This makes “normal” applications a whole lot more scalable and makes MongoDB available to more use cases. + +MongoDB has a growing open source ecosystem with such offerings as the [TokuMX engine][33], from the famous MySQL bad boys Percona. The long list of MongoDB customers includes heavy hitters such as Craigslist, eBay, Facebook, Foursquare, Viacom, and the New York Times. + +-- Andrew Oliver + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-couchbase-100614851-orig.jpg) + +### Couchbase ### + +[Couchbase][34] is another distributed, document-oriented database that has been making waves in the NoSQL world for quite some time now. Couchbase and MongoDB often compete, but they each have their sweet spots. Couchbase tends to outperform MongoDB when doing more in memory is possible. + +Additionally, Couchbase’s mobile features allow you to disconnect and ship a database in compact format. This allows you to scale down as well as up. This is useful not just for mobile devices but also for specialized applications, like shipping medical records across radio waves in Africa. + +This year Couchbase added N1QL, a SQL-based query language that did away with Couchbase’s biggest obstacle, requiring static views. The new release also introduced multidimensional scaling. This allows individual scaling of services such as querying, indexing, and data storage to improve performance, instead of adding an entire, duplicate node. + +-- Andrew C. Oliver + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-cassandra-100614852-orig.jpg) + +### Cassandra ### + +[Cassandra][35] is the other white meat of column family databases. HBase might be included with your favorite Hadoop distribution, but Cassandra is the one people deliberately deploy for specialized applications. There are good reasons for this. + +Cassandra was designed for high workloads of both writes and reads where millisecond consistency isn't as important as throughput. HBase is optimized for reads and greater write consistency. To a large degree, Cassandra tends to be used for operational systems and HBase more for data warehouse and batch-system-type use cases. + +While Cassandra has not received as much attention as other NoSQL databases and slipped into a quiet period a couple years back, it is widely used and deployed, and it's a great fit for time series, product catalog, recommendations, and other applications. If you want to keep a cluster up “no matter what” with multiple masters and multiple data centers, and you need to scale with lots of reads and lots of writes, Cassandra might just be your Huckleberry. + +-- Andrew C. Oliver + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-orientdb-100613780-orig.jpg) + +### OrientDB ### + +[OrientDB][36] is an interesting hybrid in the NoSQL world, combining features from a document database, where individual documents can have multiple fields without necessarily defining a schema, and a graph database, which consists of a set of nodes and edges. At a basic level, OrientDB considers the document as a vertex, and relationships between fields as graph edges. Because the relationships between elements are part of the record, no costly joins are required when querying data. + +Like most databases today, OrientDB offers linear scalability via a distributed architecture. Adding capacity is a matter of simply adding more nodes to the cluster. Queries are written in a variant of SQL that is extended to support graph concepts. It's not exactly SQL, but data analysts shouldn't have too much trouble adapting. Language bindings are available for most commonly used languages, such as R, Scala, .Net, and C, and those integrating OrientDB into their applications will find an active user community to get help from. + +-- Steven Nunez + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-rethinkdb-100613783-orig.jpg) + +### RethinkDB ### + +[RethinkDB][37] is a scalable, real-time JSON database with the ability to continuously push updated query results to applications that subscribe to changes. There are official RethinkDB drivers for Ruby, Python, and JavaScript/Node.js, and community-supported drivers for more than a dozen other languages, including C#, Go, and PHP. + +It’s temping to confuse RethinkDB with real-time sync APIs, such as Firebase and PubNub. RethinkDB can be run as a cloud service like Firebase and PubNub, but you can also install it on your own hardware or Docker containers. RethinkDB does more than synchronize: You can run arbitrary RethinkDB queries, including table joins, subqueries, geospatial queries, and aggregation. Finally, RethinkDB is designed to be accessed from an application server, not a browser. + +Where MongoDB requires you to poll the database to see changes, RethinkDB lets you subscribe to a stream of changes to a query result. You can shard and scale RethinkDB easily, unlike MongoDB. Also unlike relational databases, RethinkDB does not give you full ACID support or strong schema enforcement, although it can perform joins. + +The RethinkDB repository has 10,000 stars on GitHub, a remarkably high number for a database. It is licensed with the Affero GPL 3.0; the drivers are licensed with Apache 2.0. + +-- Martin Heller + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-rust-100613784-orig.jpg) + +### Rust ### + +[Rust][38] is a syntactically C-like systems programming language from Mozilla Research that guarantees memory safety and offers painless concurrency (that is, no data races). It does not have a garbage collector and has minimal runtime overhead. Rust is strongly typed with type inference. This is all promising. + +Rust was designed for performance. It doesn’t yet demonstrate great performance, however, so now the mantra seems to be that it runs as fast as C++ code that implements all the safety checks built into Rust. I’m not sure whether I believe that, as in many cases the strictest safety checks for C/C++ code are done by static and dynamic analysis and testing, which don’t add any runtime overhead. Perhaps Rust performance will come with time. + +So far, the only tools for Rust are the Cargo package manager and the rustdoc documentation generator, plus a couple of simple Rust plug-ins for programming editors. As far as we have heard, there is no shipping software that was actually built with Rust. Now that Rust has reached the 1.0 milestone, we might expect that to change. + +Rust is distributed with a dual Apache 2.0 and MIT license. With 13,000 stars on its GitHub repository, Rust is certainly attracting attention, but when and how it will deliver real benefits remains to be seen. + +-- Martin Heller + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-opencv-100613779-orig.jpg) + +### OpenCV ### + +[OpenCV][39] (Open Source Computer Vision Library) is a computer vision and machine learning library that contains about 500 algorithms, such as face detection, moving object tracking, image stitching, red-eye removal, machine learning, and eye movement tracking. It runs on Windows, Mac OS X, Linux, Android, and iOS. + +OpenCV has official C++, C, Python, Java, and MATLAB interfaces, and wrappers in other languages such as C#, Perl, and Ruby. CUDA and OpenCL interfaces are under active development. OpenCV was originally (1999) an Intel Research project in Russia; from there it moved to the robotics research lab Willow Garage (2008) and finally to [OpenCV.org][39] (2012) with a core team at Itseez, current source on GitHub, and stable snapshots on SourceForge. + +Users of OpenCV include Google, Yahoo, Microsoft, Intel, IBM, Sony, Honda, and Toyota. There are currently more than 6,000 stars and 5,000 forks on the GitHub repository. The project uses a BSD license. + +-- Martin Heller + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-llvm-100613777-orig.jpg) + +### LLVM ### + +The [LLVM Project][40] is a collection of modular and reusable compiler and tool chain technologies, which originated at the University of Illinois. LLVM has grown to include a number of subprojects, several of which are interesting in their own right. LLVM is distributed with Debian, Ubuntu, and Apple Xcode, among others, and it’s used in commercial products from the likes of Adobe (including After Effects), Apple (including Objective-C and Swift), Cray, Intel, NVIDIA, and Siemens. A few of the open source projects that depend on LLVM are PyPy, Mono, Rubinius, Pure, Emscripten, Rust, and Julia. Microsoft has recently contributed LLILC, a new LLVM-based compiler for .Net, to the .Net Foundation. + +The main LLVM subprojects are the core libraries, which provide optimization and code generation; Clang, a C/C++/Objective-C compiler that’s about three times faster than GCC; LLDB, a much faster debugger than GDB; libc++, an implementation of the C++ 11 Standard Library; and OpenMP, for parallel programming. + +-- Martin Heller + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-main-100613823-orig.jpg) + +### Read about more open source winners ### + +InfoWorld's Best of Open Source Awards for 2014 celebrate more than 100 open source projects, from the bottom of the stack to the top. Follow these links to more open source winners: + +[Bossie Awards 2015: The best open source applications][41] + +[Bossie Awards 2015: The best open source application development tools][42] + +[Bossie Awards 2015: The best open source big data tools][43] + +[Bossie Awards 2015: The best open source data center and cloud software][44] + +[Bossie Awards 2015: The best open source desktop and mobile software][45] + +[Bossie Awards 2015: The best open source networking and security software][46] + +-------------------------------------------------------------------------------- + +via: http://www.infoworld.com/article/2982920/open-source-tools/bossie-awards-2015-the-best-open-source-application-development-tools.html + +作者:[InfoWorld staff][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.infoworld.com/author/InfoWorld-staff/ +[1]:https://www.docker.com/ +[2]:https://nodejs.org/en/ +[3]:https://iojs.org/en/ +[4]:https://developers.google.com/v8/?hl=en +[5]:http://www.ancestry.com/ +[6]:http://www.ge.com/ +[7]:https://www.pearson.com/ +[8]:https://angularjs.org/ +[9]:https://builtwith.angularjs.org/ +[10]:https://facebook.github.io/react/ +[11]:https://facebook.github.io/react-native/ +[12]:http://reactjs.net/ +[13]:http://asp.net/ +[14]:https://atom.io/ +[15]:http://brackets.io/ +[16]:http://www.typescriptlang.org/ +[17]:http://definitelytyped.org/ +[18]:http://definitelytyped.org/tsd/ +[19]:http://swagger.io/ +[20]:https://github.com/swagger-api/swagger-ui +[21]:https://github.com/swagger-api/swagger-codegen +[22]:https://github.com/swagger-api/swagger-editor +[23]:https://github.com/swagger-api/swagger-js +[24]:http://aws.amazon.com/cn/api-gateway/ +[25]:https://github.com/awslabs/aws-apigateway-importer +[26]:https://www.polymer-project.org/ +[27]:http://ionicframework.com/ +[28]:https://cordova.apache.org/ +[29]:http://famous.org/ +[30]:http://famous.org/framework/ +[31]:https://www.mongodb.org/ +[32]:http://www.infoworld.com/article/2878738/nosql/first-look-mongodb-30-for-mature-audiences.html +[33]:http://www.infoworld.com/article/2929772/nosql/mongodb-crossroads-growth-or-openness.html +[34]:http://www.couchbase.com/nosql-databases/couchbase-server +[35]:https://cassandra.apache.org/ +[36]:http://orientdb.com/ +[37]:http://rethinkdb.com/ +[38]:https://www.rust-lang.org/ +[39]:http://opencv.org/ +[40]:http://llvm.org/ +[41]:http://www.infoworld.com/article/2982622/bossie-awards-2015-the-best-open-source-applications.html +[42]:http://www.infoworld.com/article/2982920/bossie-awards-2015-the-best-open-source-application-development-tools.html +[43]:http://www.infoworld.com/article/2982429/bossie-awards-2015-the-best-open-source-big-data-tools.html +[44]:http://www.infoworld.com/article/2982923/bossie-awards-2015-the-best-open-source-data-center-and-cloud-software.html +[45]:http://www.infoworld.com/article/2982630/bossie-awards-2015-the-best-open-source-desktop-and-mobile-software.html +[46]:http://www.infoworld.com/article/2982962/bossie-awards-2015-the-best-open-source-networking-and-security-software.html \ No newline at end of file diff --git a/sources/share/20151028 Bossie Awards 2015--The best open source applications.md b/sources/share/20151028 Bossie Awards 2015--The best open source applications.md new file mode 100644 index 0000000000..29fced5cc9 --- /dev/null +++ b/sources/share/20151028 Bossie Awards 2015--The best open source applications.md @@ -0,0 +1,238 @@ +Bossie Awards 2015: The best open source applications +================================================================================ +InfoWorld's top picks in open source business applications, enterprise integration, and middleware + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-applications-100614669-orig.jpg) + +### The best open source applications ### + +Applications -- ERP, CRM, HRM, CMS, BPM -- are not only fertile ground for three-letter acronyms, they're the engines behind every modern business. Our top picks in the category include back- and front-office solutions, marketing automation, lightweight middleware, heavyweight middleware, and other tools for moving data around, mixing it together, and magically transforming it into smarter business decisions. + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-xtuple-100614684-orig.jpg) + +### xTuple ### + +Small and midsize companies with light manufacturing or distribution needs have a friend in [xTuple][1]. This modular ERP/CRM combo bundles operations and financial control, product and inventory management, and CRM and sales support. Its relatively simple install lets you deploy all of the modules or only what you need today -- helping trim support costs without sacrificing customization later. + +This summer’s release brought usability improvements to the UI and a generous number of bug fixes. Recent updates also yielded barcode scanning and label printing for mobile warehouse workers, an enhanced workflow module (built with Plv8, a wrapper around Google’s V8 JavaScript engine that lets you write stored procedures for PostgreSQL in JavaScript), and quality management tools that are sure to get mileage on shop floors. + +The xTuple codebase is JavaScript from stem to stern. The server components can all be installed locally, in xTuple’s cloud, or deployed as an appliance. A mobile Web client, and mobile CRM features, augment a good native desktop client. + +-- James R. Borck + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-odoo-100614678-orig.jpg) + +### Odoo ### + +[Odoo][2] used to be known as OpenERP. Last year the company raised private capital and broadened its scope. Today Odoo is a one-stop shop for back office and customer-facing applications -- replete with content management, business intelligence, and e-commerce modules. + +Odoo 8 fronts accounting, invoicing, project management, resource planning, and customer relationship management tools with a flexible Web interface that can be tailored to your company’s workflow. Add-on modules for warehouse management and HR, as well as for live chat and analytics, round out the solution. + +This year saw Odoo focused primarily on usability updates. A recently released sales planner helps sales groups track KPIs, and a new tips feature lends in-context help. Odoo 9 is right around the corner with alpha builds showing customer portals, Web form creation tools, mobile and VoIP services, and integration hooks to eBay and Amazon. + +Available for Windows and Linux, and as a SaaS offering, Odoo gives small and midsized companies an accessible set of tools to manage virtually every aspect of their business. + +-- James R. Borck + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-idempiere-100614673-orig.jpg) + +### iDempiere ### + +Small and midsize companies have great choices in Odoo and xTuple. Larger manufacturing and distribution companies will need something more. For them, there’s [iDempiere][3] -- a well maintained offshoot of ADempiere with OSGi modularity. + +iDempiere implements a fully loaded ERP, supply chain, and CRM suite right out of the box. Built with Java, iDempiere supports both PostgreSQL and Oracle Database, and it can be customized extensively through modules built to the OSGi specification. iDempiere is perfectly suited to managing complex business scenarios involving multiple partners, requiring dynamic reporting, or employing point-of-sale and warehouse services. + +Being enterprise-ready comes with a price. iDempiere’s feature-rich tools and complexity impose a steep learning curve and require a commitment to integration support. Of course, those costs are offset by savings from the software’s free GPL2 licensing. iDempiere’s easy install script, small resource footprint, and clean interface also help alleviate some of the startup pains. There’s even a virtual appliance available on Sourceforge to get you started. + +-- James R. Borck + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-suitecrm-100614680-orig.jpg) + +### SuiteCRM ### + +SugarCRM held the sweet spot in open source CRM since, well, forever. Then last year Sugar announced it would no longer contribute to the open source Community Edition. Into the ensuing vacuum rushed [SuiteCRM][4] – a fork of the final Sugar code. + +SuiteCRM 7.2 creates an experience on a par with SugarCRM Professional’s marketing, sales, and service tools. With add-on modules for workflow, reporting, and security, as well as new innovations like Lucene-driven search, taps for social media, and a beta reveal of new desktop notifications, SuiteCRM is on solid footing. + +The Advanced Open Sales module provides a familiar migration path from Sugar, while commercial support is available from the likes of [SalesAgility][5], the company that forked SuiteCRM in the first place. In little more than a year, SuiteCRM rescued the code, rallied an inspired community, and emerged as a new leader in open source CRM. Who needs Sugar? + +-- James R. Borck + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-civicrm-100614671-orig.jpg) + +### CiviCRM ### + +We typically focus attention on CRM vis-à-vis small and midsize business requirements. But nonprofit and advocacy groups need to engage with their “customers” too. Enter [CiviCRM][6]. + +CiviCRM addresses the needs of nonprofits with tools for fundraising and donation processing, membership management, email tracking, and event planning. Granular access control and security bring role-based permissions to views, keeping paid staff and volunteers partitioned and productive. This year CiviCRM continued to develop with new features like simple A/B testing and monitoring for email campaigns. + +CiviCRM deploys as a plug-in to your WordPress, Drupal, or Joomla content management system -- a dead-simple install if you already have one of these systems in place. If you don’t, CiviCRM is an excellent reason to deploy the CMS. It’s a niche-filling solution that allows nonprofits to start using smarter, tailored tools for managing constituencies, without steep hurdles and training costs. + +-- James R. Borck + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-mautic-100614677-orig.jpg) + +### Mautic ### + +For marketers, the Internet -- Web, email, social, all of it -- is the stuff dreams are made on. [Mautic][7] allows you to create Web and email campaigns that track and nurture customer engagement, then roll all of the data into detailed reports to gain insight into customer needs and wants and how to meet them. + +Open source options in marketing automation are few, but Mautic’s extensibility stands out even against closed solutions like IBM’s Silverpop. Mautic even integrates with popular third-party email marketing solutions (MailChimp, Constant Contact) and social media platforms (Facebook, Twitter, Google+, Instagram) with quick-connect widgets. + +The developers of Mautic could stand to broaden the features for list segmentation and improve the navigability of their UI. Usability is also hindered by sparse documentation. But if you’re willing to rough it out long enough to learn your way, you’ll find a gem -- and possibly even gold -- in Mautic. + +-- James R. Borck + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-orangehrm-100614679-orig.jpg) + +### OrangeHRM ### + +The commercial software market in the human resource management space is rather fragmented, with Talent, HR, and Workforce Management startups all vying for a slice of the pie. It’s little wonder the open source world hasn’t found much direction either, with the most ambitious HRM solutions often locked inside larger ERP distributions. [OrangeHRM][8] is a standout. + +OrangeHRM tackles employee administration from recruitment and applicant tracking to performance reviews, with good audit trails throughout. An employee portal provides self-serve access to personal employment information, time cards, leave requests, and personnel documents, helping reduce demands on HR staff. + +OrangeHRM doesn’t yet address niche aspects like talent management (social media, collaboration, knowledge banks), but it’s remarkably full-featured. Professional and Enterprise options offer more advanced functionality (in areas such as recruitment, training, on/off-boarding, document management, and mobile device access), while community modules are available for the likes of Active Directory/LDAP integration, advanced reporting, and even insurance benefit management. + +-- James R. Borck + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-libreoffice-100614675-orig.jpg) + +### LibreOffice ### + +[LibreOffice][9] is the easy choice for best open source office productivity suite. Originally forked from OpenOffice, Libre has been moving at a faster clip than OpenOffice ever since, drawing more developers and producing more new features than its rival. + +LibreOffice 5.0, released only last month, offers UX improvements that truly enhance usability (like visual previews to style changes in the sidebar), brings document editing to Android devices (previously a view-only prospect), and finally delivers on a 64-bit Windows codebase. + +LibreOffice still lacks a built-in email client and a personal information manager, not to mention the real-time collaborative document editing available in Microsoft Office. But Libre can run off of a USB flash disk for portability, natively supports a greater number of graphic and file formats, and creates hybrid PDFs with embedded ODF files for full-on editing. Libre even imports Apple Pages documents, in addition to opening and saving all Microsoft Office formats. + +LibreOffice has done a solid job of tightening its codebase and delivering enhancements at a regular clip. With a new cloud version under development, LibreOffice will soon be more liberating than ever. + +-- James R. Borck + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-bonita-100614672-orig.jpg) + +### Bonita BPM ### + +Open source BPM has become a mature, cost-effective alternative to the top proprietary solutions. Having led the charge since 2009, Bonitasoft continues to raise the bar. The new [Bonita BPM 7][10] release impresses with innovative features that simplify code generation and shorten development cycles for BPM app creation. + +Most important to the new version, though, is better abstraction of underlying core business logic from UI and data components, allowing UIs and processes to be developed independently. This new MVC approach reduces downtime for live upgrades (no more recompilation!) and eases application maintenance. + +Bonita contains a winning set of connectors to a broad range of enterprise systems (ERP, CRM, databases) as well as to Web services. Complementing its process weaving tools, a new form designer (built on AngularJS/Bootstrap) goes a long way toward improving UI creation for the Web-centric and mobile workforce. + +-- James R. Borck + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-camunda-100614670-orig.jpg) + +### Camunda BPM ### + +Many open source solutions, like Bonita BPM, offer solid, drop-in functionality. Dig into the code base, though, and you may find it’s not the cleanest to build upon. Enterprise Java developers who hang out under the hood should check out [Camunda BPM][11]. + +Forked from Alfresco Activiti (a creation of former Red Hat jBPM developers), Camunda BPM delivers a tight, Java-based BPMN 2.0 engine in support of human workflow activities, case management, and systems process automation that can be embedded in your Java apps or run as a container service in Tomcat. Camunda’s ecosystem offers an Eclipse plug-in for process modeling and the Cockpit dashboard brings real-time monitoring and management over running processes. + +The Enterprise version adds WebSphere and WebLogic Server support. Additional incentives for the Enterprise upgrade include Saxon-driven XSLT templating (sidestepping the scripting engine) and add-ons to improve process management and exception handling. + +Camunda is a solid BPM engine ready for build-out and one of the first open source process managers to introduce DMN (Decision Model and Notation) support, which helps to simplify complex rules-based modeling alongside BPMN. DMN support is currently at the alpha stage. + +-- James R. Borck + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-talend-100614681-orig.jpg) + +### Talend Open Studio ### + +No open source ETL or EAI solution comes close to [Talend Open Studio][12] in functionality, performance, or support of modern integration trends. This year Talend unleashed Open Studio 6, a new version with a streamlined UI and smarter tooling that brings it more in line with Talend’s cloud-based offering. + +Using Open Studio you can visually design, test, and debug orchestrations that connect, transform, and synchronize data across a broad range of real-time applications and data resources. Talend’s wealth of connectors provides support for most any endpoint -- from flat files to Hadoop to Amazon S3. Packaged editions focus on specific scenarios such as big data integration, ESB, and data integrity monitoring. + +New support for Java 8 brings a speed boost. The addition of support for MariaDB and for in-memory processing with MemSQL, as well as updates to the ESB engine, keep Talend in step with the community’s needs. Version 6 was a long time coming, but no less welcome for that. Talend Open Studio is still first in managing complex data integration -- in-house, in the cloud, or increasingly, a combination of the two. + +-- James R. Borck + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-warewolf-100614683-orig.jpg) + +### Warewolf ESB ### + +Complex integration patterns may demand the strengths of a Talend to get the job done. But for many lightweight microservices, the overhead of a full-fledged enterprise integration solution is extreme overkill. + +[Warewolf ESB][13] combines a streamlined .Net-based process engine with visual development tools to provide for dead simple messaging and application payload routing in a native Windows environment. The Warewolf ESB is an “easy service bus,” not an enterprise service bus. + +Drag-and-drop tooling in the design studio makes quick work of configuring connections and logic flows. Built-in wizardry handles Web services definitions and database calls, and it can even tap Windows DLLs and the command line directly. Using the visual debugger, you can inspect execution streams (if not yet actually step through them), then package everything for remote deployment. + +Warewolf is still a .40.5 release and undergoing major code changes. It also lacks native connectors, easy transforms, and any means of scalability management. Be aware that the precompiled install demands collection of some usage statistics (I wish they would stop that). But Warewolf ESB is fast, free, and extensible. It’s a quirky, upstart project that offers definite benefits to Windows integration architects. + +-- James R. Borck + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-knime-100614674-orig.jpg) + +### KNIME ### + +[KNIME][14] takes a code-free approach to predictive analytics. Using a graphical workbench, you wire together workflows from an abundant library of processing nodes, which handle data access, transformation, analysis, and visualization. With KNIME, you can pull data from databases and big data platforms, run ETL transformations, perform data mining with R, and produce custom reports in the end. + +The company was busy this year rolling out the KNIME 2.12 update. The new release introduces MongoDB support, XPath nodes with autoquery creation, and a new view controller (based on the D3 JavaScript library) that creates interactive data visualizations on the fly. It also includes additional statistical nodes and a REST interface (KNIME Server edition) that provides services-based access to workflows. + +KNIME’s core analytics engine is free open source. The company offers several fee-based extensions for clustering and collaboration. (A portion of your licensing fee actually funds the open source project.) KNIME Server (on-premise or cloud) ups the ante with security, collaboration, and workflow repositories -- all serving to inject analytics more productively throughout your business lines. + +-- James R. Borck + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-teiid-100614682-orig.jpg) + +### Teiid ### + +[Teiid][15] is a data virtualization system that allows applications to use data from multiple, heterogeneous data stores. Currently a JBoss project, Teiid is backed by years of development from MetaMatrix and a long history of addressing the data access needs of the largest enterprise environments. I even see [uses for Teiid in Hadoop and big data environments][16]. + +In essence, Teiid allows you to connect all of your data sources into a “virtual” mega data source. You can define caching semantics, transforms, and other “configuration not code” transforms to load from multiple data sources using plain old SQL, XQuery, or procedural queries. + +Teiid is primarily accessible through JBDC and has built-in support for Web services. Red Hat sells Teiid as [JBoss Data Virtualization][17]. + +-- Andrew C. Oliver + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-main-100614676-orig.jpg) + +### Read about more open source winners ### + +InfoWorld's Best of Open Source Awards for 2014 celebrate more than 100 open source projects, from the bottom of the stack to the top. Follow these links to more open source winners: + +[Bossie Awards 2015: The best open source applications][18] + +[Bossie Awards 2015: The best open source application development tools][19] + +[Bossie Awards 2015: The best open source big data tools][20] + +[Bossie Awards 2015: The best open source data center and cloud software][21] + +[Bossie Awards 2015: The best open source desktop and mobile software][22] + +[Bossie Awards 2015: The best open source networking and security software][23] + +-------------------------------------------------------------------------------- + +via: http://www.infoworld.com/article/2982622/open-source-tools/bossie-awards-2015-the-best-open-source-applications.html + +作者:[InfoWorld staff][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.infoworld.com/author/InfoWorld-staff/ +[1]:http://xtuple.org/ +[2]:http://odoo.com/ +[3]:http://idempiere.org/ +[4]:http://suitecrm.com/ +[5]:http://salesagility.com/ +[6]:http://civicrm.org/ +[7]:https://www.mautic.org/ +[8]:http://www.orangehrm.com/ +[9]:http://libreoffice.org/ +[10]:http://www.bonitasoft.com/ +[11]:http://camunda.com/ +[12]:http://talend.com/ +[13]:http://warewolf.io/ +[14]:http://www.knime.org/ +[15]:http://teiid.jboss.org/ +[16]:http://www.infoworld.com/article/2922180/application-development/database-virtualization-or-i-dont-want-to-do-etl-anymore.html +[17]:http://www.jboss.org/products/datavirt/overview/ +[18]:http://www.infoworld.com/article/2982622/bossie-awards-2015-the-best-open-source-applications.html +[19]:http://www.infoworld.com/article/2982920/bossie-awards-2015-the-best-open-source-application-development-tools.html +[20]:http://www.infoworld.com/article/2982429/bossie-awards-2015-the-best-open-source-big-data-tools.html +[21]:http://www.infoworld.com/article/2982923/bossie-awards-2015-the-best-open-source-data-center-and-cloud-software.html +[22]:http://www.infoworld.com/article/2982630/bossie-awards-2015-the-best-open-source-desktop-and-mobile-software.html +[23]:http://www.infoworld.com/article/2982962/bossie-awards-2015-the-best-open-source-networking-and-security-software.html \ No newline at end of file diff --git a/sources/share/20151028 Bossie Awards 2015--The best open source big data tools.md b/sources/share/20151028 Bossie Awards 2015--The best open source big data tools.md new file mode 100644 index 0000000000..0cf65ea3a8 --- /dev/null +++ b/sources/share/20151028 Bossie Awards 2015--The best open source big data tools.md @@ -0,0 +1,287 @@ +Bossie Awards 2015: The best open source big data tools +================================================================================ +InfoWorld's top picks in distributed data processing, streaming analytics, machine learning, and other corners of large-scale data analytics + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-big-data-100613944-orig.jpg) + +### The best open source big data tools ### + +How many Apache projects can sit on a pile of big data? Fire up your Hadoop cluster, and you might be able to count them. Among this year's Bossies in big data, you'll find the fastest, widest, and deepest newfangled solutions for large-scale SQL, stream processing, sort-of stream processing, and in-memory analytics, not to mention our favorite maturing members of the Hadoop ecosystem. It seems everyone has a nail to drive into MapReduce's coffin. + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-spark-100613962-orig.jpg) + +### Spark ### + +With hundreds of contributors, [Spark][1] is one of the most active and fastest-growing Apache projects, and with heavyweights like IBM throwing their weight behind the project and major corporations bringing applications into large-scale production, the momentum shows no signs of letting up. + +The sweet spot for Spark continues to be machine learning. Highlights since last year include the replacement of the SchemaRDD with a Dataframes API, similar to those found in R and Pandas, making data access much simpler than with the raw RDD interface. Also new are ML pipelines for building repeatable machine learning workflows, expanded and optimized support for various storage formats, simpler interfaces to machine learning algorithms, improvements in the display of cluster resources usage, and task tracking. + +On by default in Spark 1.5 is the off-heap memory manager, Tungsten, which offers much faster processing by fine-tuning data structure layout in memory. Finally, the new website, [spark-packages.org][2], with more than 100 third-party libraries, adds many useful features from the community. + +-- Steven Nunez + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-storm-100614149-orig.jpg) + +### Storm ### + +[Apache Storm][3] is a Clojure-based distributed computation framework primarily for streaming real-time analytics. Storm is based on the [disruptor pattern][4] for low-latency complex event processing created LMAX. Unlike Spark, Storm can do single events as opposed to “micro-batches,” and it has a lower memory footprint. In my experience, it scales better for streaming, especially when you’re mainly streaming to ingest data into other data sources. + +Storm’s profile has been eclipsed by Spark, but Spark is inappropriate for many streaming applications. Storm is frequently used with Apache Kafka. + +-- Andrew C. Oliver + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-h2o-100613950-orig.jpg) + +### H2O ### + +[H2O][5] is a distributed, in-memory processing engine for machine learning that boasts an impressive array of algorithms. Previously only available for R users, version 3.0 adds Python and Java language bindings, as well as a Spark execution engine for the back end. The best way to view H20 is as a very large memory extension of your R environment. Instead of working directly on large data sets, the R extensions communicate via a REST API with the H2O cluster, where H2O does the heavy lifting. + +Several useful R packages such as ddply have been wrapped, allowing you to use them on data sets larger than the amount of RAM on the local machine. You can run H2O on EC2, on a Hadoop/YARN cluster, and on Docker containers. With Sparkling Water (Spark plus H2O) you can access Spark RDDs on the cluster side by side to, for example, process a data frame with Spark before passing it to an H2O machine learning algorithm. + +-- Steven Nunez + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-apex-100613943-orig.jpg) + +### Apex ### + +[Apex][6] is an enterprise-grade, big data-in-motion platform that unifies stream processing as well as batch processing. A native YARN application, Apex processes streaming data in a scalable, fault-tolerant manner and provides all the common stream operators out of the box. One of the best things about Apex is that it natively supports the common event processing guarantees (exactly once, at least once, at most once). Formerly a commercial product by DataTorrent, Apex's roots show in the quality of the documentation, examples, code, and design. Devops and application development are cleanly separated, and user code generally doesn't have to be aware that it is running in a streaming cluster. + +A related project, [Malhar][7], offers more than 300 commonly used operators and application templates that implement common business logic. The Malhar libraries significantly reduce the time it takes to develop an Apex application, and there are connectors (operators) for storage, file systems, messaging systems, databases, and nearly anything else you might want to connect to from an application. The operators can all be extended or customized to meet individual business's requirements. All Malhar components are available under the Apache license. + +-- Steven Nunez + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-druid-100613947-orig.jpg) + +### Druid ### + +[Druid][8], which moved to a commercially friendly Apache license in February of this year, is best described as a hybrid, “event streams meet OLAP” solution. Originally developed to analyze online events for ad markets, Druid allows users to do arbitrary and interactive exploration of time series data. Some of the key features include low-latency ingest of events, fast aggregations, and approximate and exact calculations. + +At the heart of Druid is a custom data store that uses specialized nodes to handle each part of the problem. Real-time ingest is managed by real-time nodes (JVMs) that eventually flush data to historical nodes that are responsible for data that has aged. Broker nodes direct queries in a scatter-gather fashion to both real-time and historical nodes to give the user a complete picture of events. Benchmarked at a sustained 500K events per second and 1 million events per second peak, Druid is ideal as a real-time dashboard for ad-tech, network traffic, and other activity streams. + +-- Steven Nunez + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-flink-100613949-orig.jpg) + +### Flink ### + +At its core, [Flink][9] is a data flow engine for event streams. Although superficially similar to Spark, Flink takes a different approach to in-memory processing. First, Flink was designed from the start as a stream processor. Batch is simply a special case of a stream with a beginning and an end, and Flink offers APIs for dealing with each case, the DataSet API (batch) and the DataStream API. Developers coming from the MapReduce world should feel right at home working with the DataSet API, and porting applications to Flink should be straightforward. In many ways Flink mirrors the simplicity and consistency that helped make Spark so popular. Like Spark, Flink is written in Scala. + +The developers of Flink clearly thought out usage and operations too: Flink works natively with YARN and Tez, and it uses an off-heap memory management scheme to work around some of the JVM limitations. A peek at the Flink JIRA site shows a healthy pace of development, and you’ll find an active community on the mailing lists and on StackOverflow as well. + +-- Steven Nunez + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-elastic-100613948-orig.jpg) + +### Elasticsearch ### + +[Elasticsearch][10] is a distributed document search server based on [Apache Lucene][11]. At its heart, Elasticsearch builds indices on JSON-formatted documents in nearly real time, enabling fast, full-text, schema-free queries. Combined with the open source Kibana dashboard, you can create impressive visualizations of your real-time data in a simple point-and-click fashion. + +Elasticsearch is easy to set up and easy to scale, automatically making use of new hardware by rebalancing shards as required. The query syntax isn't at all SQL-like, but it is intuitive enough for anyone familiar with JSON. Most users won't be interacting at that level anyway. Developers can use the native JSON-over-HTTP interface or one of the several language bindings available, including Ruby, Python, PHP, Perl, .Net, Java, and JavaScript. + +-- Steven Nunez + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-slamdata-100613961-orig.jpg) + +### SlamData ### + +If you are seeking a user-friendly tool to visualize and understand your newfangled NoSQL data, take a look at [SlamData][12]. SlamData allows you to query nested JSON data using familiar SQL syntax, without relocation or transformation. + +One of the technology’s main features is its connectors. From MongoDB to HBase, Cassandra, and Apache Spark, SlamData taps external data sources with the industry's most advanced “pushdown” processing technology, performing transformations and analytics close to the data. + +While you might ask, “Wouldn’t I be better off building a data lake or data warehouse?” consider the companies that were born in NoSQL. Skipping the ETL and simply connecting a visualization tool to a replica offers distinct advantages -- not only in terms of how up-to-date the data is, but in how many moving parts you have to maintain. + +-- Andrew C. Oliver + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-drill-100613946-orig.jpg) + +### Drill ### + +[Drill][13] is a distributed system for interactive analysis of large-scale data sets, inspired by [Google's Dremel][14]. Designed for low-latency analysis of nested data, Drill has a stated design goal of scaling to 10,000 servers and querying petabytes of data and trillions of records. + +Nested data can be obtained from a variety of data sources (such as HDFS, HBase, Amazon S3, and Azure Blobs) and in multiple formats (including JSON, Avro, and protocol buffers), and you don't need to specify a schema up front (“schema on read”). + +Drill uses ANSI SQL:2003 for its query language, so there's no learning curve for data engineers to overcome, and it allows you to join data across multiple data sources (for example, joining a table in HBase with logs in HDFS). Finally, Drill offers ODBC and JDBC interfaces to connect your favorite BI tools. + +-- Steven Nunez + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-hbase-100613951-orig.jpg) + +### HBase ### + +[HBase][15] reached the 1.x milestone this year and continues to improve. Like other nonrelational distributed datastores, HBase excels at returning search results very quickly and for this reason is often used to back search engines, such as the ones at eBay, Bloomberg, and Yahoo. As a stable and mature software offering, HBase does not get fresh features as frequently as newer projects, but that's often good for enterprises. + +Recent improvements include the addition of high-availability region servers, support for rolling upgrades, and YARN compatibility. Features in the works include scanner updates that promise to improve performance and the ability to use HBase as a persistent store for streaming applications like Storm and Spark. HBase can also be queried SQL style via the [Phoenix][16] project, now out of incubation, whose SQL compatibility is steadily improving. Phoenix recently added a Spark connector and the ability to add custom user-defined functions. + +-- Steven Nunez + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-hive-100613952-orig.jpg) + +### Hive ### + +Although stable and mature for several years, [Hive][17] reached the 1.0 version milestone this year and continues to be the best solution when really heavy SQL lifting (many petabytes) is required. The community continues to focus on improving the speed, scale, and SQL compliance of Hive. Currently at version 1.2, significant improvements since its last Bossie include full ACID semantics, cross-data center replication, and a cost-based optimizer. + +Hive 1.2 also brought improved SQL compliance, making it easier for organizations to use it to off-load ETL jobs from their existing data warehouses. In the pipeline are speed improvements with an in-memory cache called LLAP (which, from the looks of the JIRAs, is about ready for release), the integration of Spark machine learning libraries, and improved SQL constructs like nonequi joins, interval types, and subqueries. + +-- Steven Nunez + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-kylin-100613955-orig.jpg) + +### Kylin ### + +[Kylin][18] is an application developed at eBay for processing very large OLAP cubes via ANSI SQL, a task familiar to most data analysts. If you think about how many items are on sale now and in the past at eBay, and all the ways eBay might want to slice and dice data related to those items, you will begin to understand the types of queries Kylin was designed for. + +Like most other analysis applications, Kylin supports multiple access methods, including JDBC, ODBC, and a REST API for programmatic access. Although Kylin is still in incubation at Apache, and the community nascent, the project is well documented and the developers are responsive and eager to understand customer use cases. Getting up and running with a starter cube was a snap. If you have a need for analysis of extremely large cubes, you should take a look at Kylin. + +-- Steven Nunez + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-cdap-100613945-orig.jpg) + +### CDAP ### + +[CDAP][19] (Cask Data Access Platform) is a framework running on top of Hadoop that abstracts away the complexity of building and running big data applications. CDAP is organized around two core abstractions: data and applications. CDAP Datasets are logical representations of data that behave uniformly regardless of the underlying storage layer; CDAP Streams provide similar support for real-time data. + +Applications use CDAP services for things such as distributed transactions and service discovery to shield developers from the low-level details of Hadoop. CDAP comes with a data ingestion framework and a few prebuilt applications and “packs” for common tasks like ETL and website analytics, along with support for testing, debugging, and security. Like most formerly commercial (closed source) projects, CDAP benefits from good documentation, tutorials, and examples. + +-- Steven Nunez + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-ranger-100613960-orig.jpg) + +### Ranger ### + +Security has long been a sore spot with Hadoop. It isn’t (as is frequently reported) that Hadoop is “insecure” or “has no security.” Rather, the truth was more that Hadoop had too much security, though not in a good way. I mean that every component had its own authentication and authorization implementation that wasn’t integrated with the rest of platform. + +Hortonworks acquired XA/Secure in May, and [a few renames later][20] we have [Ranger][21]. Ranger pulls many of the key components of Hadoop together under one security umbrella, allowing you to set a “policy” that ties your Hadoop security to your existing ACL-based Active Directory authentication and authorization. Ranger gives you one place to manage Hadoop access control, one place to audit, one place to manage the encryption, and a pretty Web page to do it from. + +-- Andrew C. Oliver + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-mesos-100613957-orig.jpg) + +### Mesos ### + +[Mesos][22], developed at the [AMPLab][23] at U.C. Berkeley that also brought us Spark, takes a different approach to managing cluster computing resources. The best way to describe Mesos is as a distributed microkernel for the data center. Mesos provides a minimal set of operating system mechanisms like inter-process communications, disk access, and memory to higher-level applications, called “frameworks” in Mesos-speak, that run in what is analogous to user space. Popular frameworks for Mesos include [Chronos][24] and [Aurora][25] for building ETL pipelines and job scheduling, and a few big data processing applications including Hadoop, Storm, and Spark, which have been ported to run as Mesos frameworks. + +Mesos applications (frameworks) negotiate for cluster resources using a two-level scheduling mechanism, so writing a Mesos application is unlikely to feel like a familiar experience to most developers. Although Mesos is a young project, momentum is growing, and with Spark being an exceptionally good fit for Mesos, we're likely to see more from Mesos in the coming years. + +-- Steven Nunez + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-nifi-100613958-orig.jpg) + +### NiFi ### + +[NiFi][26] is an incubating Apache project to automate the flow of data between systems. It doesn't operate in the traditional space that Kafka and Storm do, but rather in the space between external devices and the data center. NiFi was originally developed by the NSA and donated to the open source community in 2014. It has a strong community of developers and users within various government agencies. + +NiFi isn't like anything else in the current big data ecosystem. It is much closer to a tradition EAI (enterprise application integration) tool than a data processing platform, although simple transformations are possible. One interesting feature is the ability to debug and change data flows in real time. Although not quite a REPL (read, eval, print loop), this kind of paradigm dramatically shortens the development cycle by not requiring a compile-deploy-test-debug workflow. Other interesting features include a strong “chain of custody,” where each piece of data can be tracked from beginning to end, along with any changes made along the way. You can also prioritize data flows so that time-sensitive information can be received as quickly as possible, bypassing less time-critical events. + +-- Steven Nunez + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-kafka-100613954-orig.jpg) + +### Kafka ### + +[Kafka][27] has emerged as the de-facto standard for distributed publish-subscribe messaging in the big data space. Its design allows brokers to support thousands of clients at high rates of sustained message throughput, while maintaining durability through a distributed commit log. Kafka does this by maintaining what is essentially a single log file in HDFS. Since HDFS is a distributed storage system that keeps redundant copies, Kafka is protected. + +When consumers want to read messages, Kafka looks up their offset in the central log and sends them. Because messages are not deleted immediately, adding consumers or replaying historical messages does not impose additional costs. Kafka has been benchmarked at 2 million writes per second by its developers at LinkedIn. Despite Kafka’s sub-1.0 version number, Kafka is a mature and stable product, in use in some of the largest clusters in the world. + +-- Steven Nunez + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-opentsdb-100613959-orig.jpg) + +### OpenTSDB ### + +[OpenTSDB][28] is a time series database built on HBase. It was designed specifically for analyzing data collected from applications, mobile devices, networking equipment, and other hardware devices. The custom HBase schema used to store the time series data has been designed for fast aggregations and minimal storage requirements. + +By using HBase as the underlying storage layer, OpenTSDB gains the distributed and reliable characteristics of that system. Users don't interact with HBase directly; instead events are written to the system via the time series daemon (TSD), which can be scaled out as required to handle high-throughput situations. There are a number of prebuilt connectors to publish data to OpenTSDB, and clients to read data from Ruby, Python, and other languages. OpenTSDB isn't strong on creating interactive graphics, but several third-party tools fill that gap. If you are already using HBase and want a simple way to store event data, OpenTSDB might be just the thing. + +-- Steven Nunez + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-jupyter-100613953-orig.jpg) + +### Jupyter ### + +Everybody's favorite notebook application went generic. [Jupyter][29] is “the language-agnostic parts of IPython” spun out into an independent package. Although Jupyter itself is written in Python, the system is modular. Now you can have an IPython-like interface, along with notebooks for sharing code, documentation, and data visualizations, for nearly any language you like. + +At least [50 language][30] kernels are already supported, including LISP, R, Ruby, F#, Perl, and Scala. In fact, even IPython itself is simply a Python module for Jupyter. Communication with the language kernel is via a REPL (read, eval, print loop) protocol, similar to [nREPL][31] or [Slime][32]. It is nice to see such a useful piece of software receiving significant [nonprofit funding][33] to further its development, such as parallel execution and multi-user notebooks. Behold, open source at its best. + +-- Steven Nunez + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-zeppelin-100613963-orig.jpg) + +### Zeppelin ### + +While still in incubation, [Apache Zeppelin][34] is nevertheless stirring the data analytics and visualization pot. The Web-based notebook enables users to ingest, discover, analyze, and visualize their data. The notebook also allows you to collaborate with others to make data-driven, interactive documents incorporating a growing number of programming languages. + +This technology also boasts an integration with Spark and an interpreter concept allowing any language or data processing back end to be plugged into Zeppelin. Currently Zeppelin supports interpreters such as Scala, Python, SparkSQL, Hive, Markdown, and Shell. + +Zeppelin is still immature. I wanted to put a demo up but couldn’t find an easy way to disable “shell” as an execution option (among other things). However, it already looks better visually than IPython Notebook, which is the popular incumbent in this space. If you don’t want to spring for DataBricks Cloud or need something open source and extensible, this is the most promising distributed computing notebook around -- especially if you’re a Sparky type. + +-- Andrew C. Oliver + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-main-100613956-orig.jpg) + +### Read about more open source winners ### + +InfoWorld's Best of Open Source Awards for 2014 celebrate more than 100 open source projects, from the bottom of the stack to the top. Follow these links to more open source winners: + +[Bossie Awards 2015: The best open source applications][35] + +[Bossie Awards 2015: The best open source application development tools][36] + +[Bossie Awards 2015: The best open source big data tools][37] + +[Bossie Awards 2015: The best open source data center and cloud software][38] + +[Bossie Awards 2015: The best open source desktop and mobile software][39] + +[Bossie Awards 2015: The best open source networking and security software][40] + +-------------------------------------------------------------------------------- + +via: http://www.infoworld.com/article/2982429/open-source-tools/bossie-awards-2015-the-best-open-source-big-data-tools.html + +作者:[InfoWorld staff][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.infoworld.com/author/InfoWorld-staff/ +[1]:https://spark.apache.org/ +[2]:http://spark-packages.org/ +[3]:https://storm.apache.org/ +[4]:https://lmax-exchange.github.io/disruptor/ +[5]:http://h2o.ai/product/ +[6]:https://www.datatorrent.com/apex/ +[7]:https://github.com/DataTorrent/Malhar +[8]:https://druid.io/ +[9]:https://flink.apache.org/ +[10]:https://www.elastic.co/products/elasticsearch +[11]:http://lucene.apache.org/ +[12]:http://teiid.jboss.org/ +[13]:https://drill.apache.org/ +[14]:http://research.google.com/pubs/pub36632.html +[15]:http://hbase.apache.org/ +[16]:http://phoenix.apache.org/ +[17]:https://hive.apache.org/ +[18]:https://kylin.incubator.apache.org/ +[19]:http://cdap.io/ +[20]:http://www.infoworld.com/article/2973381/application-development/apache-ranger-chuck-norris-hadoop-security.html +[21]:https://ranger.incubator.apache.org/ +[22]:http://mesos.apache.org/ +[23]:https://amplab.cs.berkeley.edu/ +[24]:http://nerds.airbnb.com/introducing-chronos/ +[25]:http://aurora.apache.org/ +[26]:http://nifi.apache.org/ +[27]:https://kafka.apache.org/ +[28]:http://opentsdb.net/ +[29]:http://jupyter.org/ +[30]:http://https//github.com/ipython/ipython/wiki/IPython-kernels-for-other-languages +[31]:https://github.com/clojure/tools.nrepl +[32]:https://github.com/slime/slime +[33]:http://blog.jupyter.org/2015/07/07/jupyter-funding-2015/ +[34]:https://zeppelin.incubator.apache.org/ +[35]:http://www.infoworld.com/article/2982622/bossie-awards-2015-the-best-open-source-applications.html +[36]:http://www.infoworld.com/article/2982920/bossie-awards-2015-the-best-open-source-application-development-tools.html +[37]:http://www.infoworld.com/article/2982429/bossie-awards-2015-the-best-open-source-big-data-tools.html +[38]:http://www.infoworld.com/article/2982923/bossie-awards-2015-the-best-open-source-data-center-and-cloud-software.html +[39]:http://www.infoworld.com/article/2982630/bossie-awards-2015-the-best-open-source-desktop-and-mobile-software.html +[40]:http://www.infoworld.com/article/2982962/bossie-awards-2015-the-best-open-source-networking-and-security-software.html \ No newline at end of file diff --git a/sources/share/20151028 Bossie Awards 2015--The best open source data center and cloud software.md b/sources/share/20151028 Bossie Awards 2015--The best open source data center and cloud software.md new file mode 100644 index 0000000000..5640c75137 --- /dev/null +++ b/sources/share/20151028 Bossie Awards 2015--The best open source data center and cloud software.md @@ -0,0 +1,261 @@ +Bossie Awards 2015: The best open source data center and cloud software +================================================================================ +InfoWorld's top picks of the year in open source platforms, infrastructure, management, and orchestration software + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-data-center-cloud-100613986-orig.jpg) + +### The best open source data center and cloud software ### + +You might have heard about this new thing called Docker containers. Developers love them because you can build them with a script, add services in layers, and push them right from your MacBook Pro to a server for testing. It works because they're superlightweight, unlike those now-archaic virtual machines. Containers -- and other lightweight approaches to deliver services -- are changing the shape of operating systems, applications, and the tools to manage them. Our Bossie winners in data center and cloud are leading the charge. + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-docker-100613987-orig.jpg) + +### Docker Machine, Compose, and Swarm ### + +Docker’s open source container technology has been adopted by the major public clouds and is being built into the next version of Windows Server. Allowing developers and operations teams to separate applications from infrastructure, Docker is a powerful data center automation tool. + +However, containers are only part of the Docker story. Docker also provides a series of tools that allow you to use the Docker API to automate the entire container lifecycle, as well as handling application design and orchestration. + +[Machine][1] allows you to automate the provisioning of Docker Containers. Starting with a command line, you can use a single line of code to target one or more hosts, deploy the Docker engine, and even join it to a Swarm cluster. There’s support for most hypervisors and cloud platforms – all you need are your access credentials. + +[Swarm][2] handles clustering and scheduling, and it can be integrated with Mesos for more advanced scheduling capabilities. You can use Swarm to build a pool of container hosts, allowing your apps to scale out as demand increases. Applications and all of their dependencies can be defined with [Compose][3], which lets you link containers together into a distributed application and launch them as a group. Compose descriptions work across platforms, so you can take a developer configuration and quickly deploy in production. + +-- Simon Bisson + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-coreos-rkt-100613985-orig.jpg) + +### CoreOS and Rkt ### + +A thin, lightweight server OS, [CoreOS][4] is based on Google’s Chromium OS. Instead of using a package manager to install functions, it’s designed to be used with Linux containers. By using containers to extend a thin core, CoreOS allows you to quickly deploy applications, working well on cloud infrastructures. + +CoreOS’s container management tooling, fleet, is designed to treat a cluster of CoreOS servers as a single unit, with tools for managing high availability and for deploying containers to the cluster based on resource availability. A cross-cluster key/value store, etcd, handles device management and supports service discovery. If a node fails, etcd can quickly restore state on a new replica, giving you a distributed configuration management platform that’s linked to CoreOS’s automated update service. + +While CoreOS is perhaps best known for its Docker support, the CoreOS team is developing its own container runtime, rkt, with its own container format, the App Container Image. Also compatible with Docker containers, rkt has a modular architecture that allows different containerization systems (even hardware virtualization, in a proof of concept from Intel) to be plugged in. However, rkt is still in the early stages of development, so isn’t quite production ready. + +-- Simon Bisson + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-rancheros-100613997-orig.jpg) + +### RancherOS ### + +As we abstract more and more services away from the underlying operating system using containers, we can start thinking about what tomorrow’s operating system will look like. Similar to our applications, it’s going to be a modular set of services running on a thin kernel, self-configuring to offer only the services our applications need. + +[RancherOS][5] is a glimpse of what that OS might look like. Blending the Linux kernel with Docker, RancherOS is a minimal OS suitable for hosting container-based applications in cloud infrastructures. Instead of using standard Linux packaging techniques, RancherOS leverages Docker to host Linux user-space services and applications in separate container layers. A low-level Docker instance is first to boot, hosting system services in their own containers. Users' applications run in a higher-level Docker instance, separate from the system containers. If one of your containers crashes, the host keeps running. + +RancherOS is only 20MB in size, so it's easy to replicate across a data center. It’s also designed to be managed using automation tools, not manually, with API-level access that works with Docker’s management tools as well as with Rancher Labs’ own cloud infrastructure and management tools. + +-- Simon Bisson + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-kubernetes-100613991-orig.jpg) + +### Kubernetes ### + +Google’s [Kubernetes][6] container orchestration system is designed to manage and run applications built in Docker and Rocket containers. Focused on managing microservice applications, Kubernetes lets you distribute your containers across a cluster of hosts, while handling scaling and ensuring managed services run reliably. + +With containers providing an application abstraction layer, Kubernetes is an application-centric management service that supports many modern development paradigms, with a focus on user intent. That means you launch applications, and Kubernetes will manage the containers to run within the parameters you set, using the Kubernetes scheduler to make sure it gets the resources it needs. Containers are grouped into pods and managed by a replication engine that can recover failed containers or add more pods as applications scale. + +Kubernetes powers Google’s own Container Engine, and it runs on a range of other cloud and data center services, including AWS and Azure, as well as vSphere and Mesos. Containers can be either loosely or tightly coupled, so applications not designed for cloud PaaS operations can be migrated to the cloud as a tightly coupled set of containers. Kubernetes also supports rapid deployment of applications to a cluster, giving you an endpoint for a continuous delivery process. + +-- Simon Bisson + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-mesos-100613993-orig.jpg) + +### Mesos ### + +Turning a data center into a private or public cloud requires more than a hypervisor. It requires a new operating layer that can manage the data center resources as if they were a single computer, handling resources and scheduling. Described as a “distributed systems kernel,” [Apache Mesos][7] allows you to manage thousands of servers, using containers to host applications and APIs to support parallel application development. + +At the heart of Mesos is a set of daemons that expose resources to a central scheduler. Tasks are distributed across nodes, taking advantage of available CPU and memory. One key approach is the ability for applications to reject offered resources if they don’t meet requirements. It’s an approach that works well for big data applications, and you can use Mesos to run Hadoop and Cassandra distributed databases, as well as Apache’s own Spark data processing engine. There’s also support for the Jenkins continuous integration server, allowing you to run build and test workers in parallel on a cluster of servers, dynamically adjusting the tasks depending on workload. + +Designed to run on Linux and Mac OS X, Mesos has also recently been ported to Windows to support the development of scalable parallel applications on Azure. + +-- Simon Bisson + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-smartos-100614849-orig.jpg) + +### SmartOS and SmartDataCenter ### + +Joyent’s [SmartDataCenter][8] is the software that runs its public cloud, adding a management platform on top of its [SmartOS][9] thin server OS. A descendent of OpenSolaris that combines Zones containers and the KVM hypervisor, SmartOS is an in-memory operating system, quick to boot from a USB stick and run on bare-metal servers. + +Using SmartOS, you can quickly deploy a set of lightweight servers that can be programmatically managed via a set of JSON APIs, with functionality delivered via virtual machines, downloaded by built-in image management tools. Through the use of VMs, all userland operations are isolated from the underlying OS, reducing the security exposure of both the host and guests. + +SmartDataCenter runs on SmartOS servers, with one server running as a dedicated management node, and the rest of a cluster operating as compute nodes. You can get started with a Cloud On A Laptop build (available as a VMware virtual appliance) that lets you experiment with the management server. In a live data center, you’ll deploy SmartOS on your servers, using ZFS to handle storage – which includes your local image library. Services are deployed as images, with components stored in an object repository. + +The combination of SmartDataCenter and SmartOS builds on the experience of Joyent’s public cloud, giving you a tried and tested set of tools that can help you bootstrap your own cloud data center. It’s an infrastructure focused on virtual machines today, but laying the groundwork for tomorrow. A related Joyent project, [sdc-docker][10], exposes an entire SmartDataCenter cluster as a single Docker host, driven by native Docker commands. + +-- Simon Bisson + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-sensu-100614850-orig.jpg) + +### Sensu ### + +Managing large-scale data centers isn’t about working with server GUIs, it’s about automating scripts based on information from monitoring tools and services, routing information from sensors and logs, and then delivering actions to applications. One tool that’s beginning to offer this functionality is [Sensu][11], often described as a “monitoring router.” + +Scripts running across your data center deliver information to Sensu, which then routes it to the appropriate handler, using a publish-and-subscribe architecture based on RabbitMQ. Servers can be distributed, delivering published check results to handler code. You might see results in email, or in a Slack room, or in Sensu’s own dashboards. Message formats are defined in JSON files, or mutators used to format data on the fly, and messages can be filtered to one or more event handlers. + +Sensu is still a relatively young tool, but it’s one that shows a lot of promise. If you’re going to automate your data center, you’re going to need a tool like this not only to show you what’s happening, but to deliver that information where it’s most needed. A commercial option adds support for integration with third-party applications, but much of what you need to manage a data center is in the open source release. + +-- Simon Bisson + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-prometheus-100613996-orig.jpg) + +### Prometheus ### + +Managing a modern data center is a complex task. Racks of servers need to be treated like cattle rather than pets, and you need a monitoring system designed to handle hundreds and thousands of nodes. Monitoring applications presents special challenges, and that’s where [Prometheus][12] comes in to play. A service monitoring system designed to deliver alerts to operators, Prometheus can run on everything from a single laptop to a highly available cluster of monitoring servers. + +Time series data is captured and stored, then compared against patterns to identify faults and problems. You’ll need to expose data on HTTP endpoints, using a YAML file to configure the server. A browser-based reporting tool handles displaying data, with an expression console where you can experiment with queries. Dashboards can be created with a GUI builder, or written using a series of templates, letting you deliver application consoles that can be managed using version control systems such as Git. + +Captured data can be managed using expressions, which make it easy to aggregate data from several sources -- for example, letting you bring performance data from a series of Web endpoints into one store. An experimental alert manager module delivers alerts to common collaboration and devops tools, including Slack and PagerDuty. Official client libraries for common languages like Go and Java mean it’s easy to add Prometheus support to your applications and services, while third-party options extend Prometheus to Node.js and .Net. + +-- Simon Bisson + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-elk-100613988-orig.jpg) + +### Elasticsearch, Logstash, and Kibana ### + +Running a modern data center generates a lot of data, and it requires tools to get information out of that data. That’s where the combination of Elasticsearch, Logstash, and Kibana, often referred to as the ELK stack, comes into play. + +Designed to handle scalable search across a mix of content types, including structured and unstructured documents, [Elasticsearch][13] builds on Apache’s Lucene information retrieval tools, with a RESTful JSON API. It’s used to provide search for sites like Wikipedia and GitHub, using a distributed index with automated load balancing and routing. + +Under the fabric of a modern cloud is a physical array of servers, running as VM hosts. Monitoring many thousands of servers needs centralized logs. [Logstash][14] harvests and filters the logs generated by those servers (and by the applications running on them), using a forwarder on each physical and virtual machine. Logstash-formatted data is then delivered to Elasticsearch, giving you a search index that can be quickly scaled as you add more servers. + +At a higher level, [Kibana][15] adds a visualization layer to Elasticsearch, providing a Web dashboard for exploring and analyzing the data. Dashboards can be created around custom searches and shared with your team, providing a quick, easy-to-digest devops information feed. + +-- Simon Bisson + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-ansible-100613984-orig.jpg) + +### Ansible ### + +Managing server configuration is a key element of any devops approach to managing a modern data center or a cloud infrastructure. Configuration management tooling that takes a desired state approach to simplifies systems management at cloud scale, using server and application descriptions to handle server and application deployment. + +[Ansible][16] offers a minimal management service, using SSH to manage Unix nodes and PowerShell to work with Windows servers, with no need to deploy agents. An Ansible Playbook describes the state of a server or service in YAML, deploying Ansible modules to servers that handle configuration and removing them once the service is running. You can use Playbooks to orchestrate tasks -- for example, deploying several Web endpoints with a single script. + +It’s possible to make module creation and Playbook delivery part of a continuous delivery process, using build tools to deliver configurations and automate deployment. Ansible can pull in information from cloud service providers, simplifying management of virtual machines and networks. Monitoring tools in Ansible are able to trigger additional deployments automatically, helping manage and control cloud services, as well as working to manage resources used by large-scale data platforms like Hadoop. + +-- Simon Bisson + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-jenkins-100613990-orig.jpg) + +### Jenkins ### + +Getting continuous delivery right requires more than a structured way of handling development; it also requires tools for managing test and build. That’s where the [Jenkins][17] continuous integration server comes in. Jenkins works with your choice of source control, your test harnesses, and your build server. It’s a flexible tool, initially designed for working with Java but now extended to support Web and mobile development and even to build Windows applications. + +Jenkins is perhaps best thought of as a switching network, shunting files through a test and build process, and responding to signals from the various tools you’re using – thanks to a library of more than 1,000 plug-ins. These include tools for integrating Jenkins with both local Git instances and GitHub so that it's possible to extend a continuous development model into your build and delivery processes. + +Using an automation tool like Jenkins is as much about adopting a philosophy as it is about implementing a build process. Once you commit to continuous integration as part of a continuous delivery model, you’ll be running test and build cycles as soon as code is delivered to your source control release branch – and delivering it to users as soon as it’s in the main branch. + +-- Simon Bisson + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-nodejs-iojs-100613995-orig.jpg) + +### Node.js and io.js ### + +Modern cloud applications are built using different design patterns from the familiar n-tier enterprise and Web apps. They’re distributed, event-driven collections of services that can be quickly scaled and can support many thousands of simultaneous users. One key technology in this new paradigm is [Node.js][18], used by many major cloud platforms and easy to install as part of a thin server or container on cloud infrastructure. + +Key to the success of Node.js is the Npm package format, which allows you to quickly install extensions to the core Node.js service. These include frameworks like Express and Seneca, which help build scalable applications. A central registry handles package distribution, and dependencies are automatically installed. + +While the [io.js][19] fork exposed issues with project governance, it also allowed a group of developers to push forward adding ECMAScript 6 support to an Npm-compatible engine. After reconciliation between the two teams, the Node.js and io.js codebases have been merged, with new releases now coming from the io.js code repository. + +Other forks, like Microsoft’s io.js fork to add support for its 64-bit Chakra JavaScript engine alongside Google’s V8, are likely to be merged back into the main branch over the next year, keeping the Node.js platform evolving and cementing its role as the preferred host for cloud-scale microservices. + +-- Simon Bisson + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-seneca-100613998-orig.jpg) + +### Seneca ### + +The developers of the [Seneca][20] microservice framework have a motto: “Build it now, scale it later!” It’s an apt maxim for anyone thinking about developing microservices, as it allows you to start small, then add functionality as your service grows. + +Seneca is at heart an implementation of the [actor/message design pattern][21], focused on using Node.js as a switching engine that takes in messages, processes their contents, and sends an appropriate response, either to the message originator or to another service. By focusing on the message patterns that map to business use cases, it’s relatively easy to take Seneca and quickly build a minimum viable product for your application. A plug-in architecture makes it easy to integrate Seneca with other tools and to quickly add functionality to your services. + +You can easily add new patterns to your codebase or break existing patterns into separate services as the needs of your application grow or change. One pattern can also call another, allowing quick code reuse. It’s also easy to add Seneca to a message bus, so you can use it as a framework for working with data from Internet of things devices, as all you need to do is define a listening port where JSON data is delivered. + +Services may not be persistent, and Seneca gives you the option of using a built-in object relational mapping layer to handle data abstraction, with plug-ins for common databases. + +-- Simon Bisson + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-netcore-aspnet-100613994-orig.jpg) + +### .Net Core and ASP.Net vNext ### + +Microsoft’s [open-sourcing of .Net][22] is bringing much of the company’s Web platform into the open. The new [.Net Core][23] release runs on Windows, on OS X, and on Linux. Currently migrating from Microsoft’s Codeplex repository to GitHub, .Net Core offers a more modular approach to .Net, allowing you to install the functions you need as you need them. + +Currently under development is [ASP.Net 5][24], an open source version of the Web platform, which runs on .Net Core. You can work with it as the basis of Web apps using Microsoft’s MVC 6 framework. There’s also support for the new SignalR libraries, which add support for WebSockets and other real-time communications protocols. + +If you’re planning on using Microsoft’s new Nano server, you’ll be writing code against .Net Core, as it’s designed for thin environments. The new DNX, the .Net Execution environment, simplifies deployment of ASP.Net applications on a wide range of platforms, with tools for packaging code and for booting a runtime on a host. Features are added using the NuGet package manager, letting you use only the libraries you want. + +Microsoft’s open source .Net is still very young, but there’s a commitment in Redmond to ensure it’s successful. Support in Microsoft’s own next-generation server operating systems means it has a place in both the data center and the cloud. + +-- Simon Bisson + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-glusterfs-100613989-orig.jpg) + +### GlusterFS ### + +[GlusterFS][25] is a distributed file system. Gluster aggregates various storage servers into one large parallel network file system. You can [even use it in place of HDFS in a Hadoop cluster][26] or in place of an expensive SAN system -- or both. While HDFS is great for Hadoop, having a general-purpose distributed file system that doesn’t require you to transfer data to another location to analyze it is a key advantage. + +In an era of commoditized hardware, commoditized computing, and increased performance and latency requirements, buying a big, fat expensive EMC SAN and hoping it fits all of your needs (it won’t) is no longer your sole viable option. GlusterFS was acquired by Red Hat in 2011. + +-- Andrew C. Oliver + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-main-100613992-orig.jpg) + +### Read about more open source winners ### + +InfoWorld's Best of Open Source Awards for 2014 celebrate more than 100 open source projects, from the bottom of the stack to the top. Follow these links to more open source winners: + +[Bossie Awards 2015: The best open source applications][27] + +[Bossie Awards 2015: The best open source application development tools][28] + +[Bossie Awards 2015: The best open source big data tools][29] + +[Bossie Awards 2015: The best open source data center and cloud software][30] + +[Bossie Awards 2015: The best open source desktop and mobile software][31] + +[Bossie Awards 2015: The best open source networking and security software][32] + +-------------------------------------------------------------------------------- + +via: http://www.infoworld.com/article/2982923/open-source-tools/bossie-awards-2015-the-best-open-source-data-center-and-cloud-software.html + +作者:[InfoWorld staff][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.infoworld.com/author/InfoWorld-staff/ +[1]:https://www.docker.com/docker-machine +[2]:https://www.docker.com/docker-swarm +[3]:https://www.docker.com/docker-compose +[4]:https://coreos.com/ +[5]:http://rancher.com/rancher-os/ +[6]:http://kubernetes.io/ +[7]:https://mesos.apache.org/ +[8]:https://github.com/joyent/sdc +[9]:https://smartos.org/ +[10]:https://github.com/joyent/sdc-docker +[11]:https://sensuapp.org/ +[12]:http://prometheus.io/ +[13]:https://www.elastic.co/products/elasticsearch +[14]:https://www.elastic.co/products/logstash +[15]:https://www.elastic.co/products/kibana +[16]:http://www.ansible.com/home +[17]:https://jenkins-ci.org/ +[18]:https://nodejs.org/en/ +[19]:https://iojs.org/en/ +[20]:http://senecajs.org/ +[21]:http://www.infoworld.com/article/2976422/application-development/how-to-use-actors-in-distributed-applications.html +[22]:http://www.infoworld.com/article/2846450/microsoft-net/microsoft-open-sources-server-side-net-launches-visual-studio-2015-preview.html +[23]:https://dotnet.github.io/core/ +[24]:http://www.asp.net/vnext +[25]:http://www.gluster.org/ +[26]:http://www.gluster.org/community/documentation/index.php/Hadoop +[27]:http://www.infoworld.com/article/2982622/bossie-awards-2015-the-best-open-source-applications.html +[28]:http://www.infoworld.com/article/2982920/bossie-awards-2015-the-best-open-source-application-development-tools.html +[29]:http://www.infoworld.com/article/2982429/bossie-awards-2015-the-best-open-source-big-data-tools.html +[30]:http://www.infoworld.com/article/2982923/bossie-awards-2015-the-best-open-source-data-center-and-cloud-software.html +[31]:http://www.infoworld.com/article/2982630/bossie-awards-2015-the-best-open-source-desktop-and-mobile-software.html +[32]:http://www.infoworld.com/article/2982962/bossie-awards-2015-the-best-open-source-networking-and-security-software.html \ No newline at end of file diff --git a/sources/share/20151028 Bossie Awards 2015--The best open source desktop and mobile software.md b/sources/share/20151028 Bossie Awards 2015--The best open source desktop and mobile software.md new file mode 100644 index 0000000000..83b2b24a2e --- /dev/null +++ b/sources/share/20151028 Bossie Awards 2015--The best open source desktop and mobile software.md @@ -0,0 +1,223 @@ +Bossie Awards 2015: The best open source desktop and mobile software +================================================================================ +InfoWorld's top picks in open source productivity tools, desktop utilities, and mobile apps + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-desktop-mobile-100614439-orig.jpg) + +### The best open source desktop and mobile software ### + +Open source on the desktop has a long and distinguished history, and many of our Bossie winners in this category go back many years. Packed with features and still improving, some of these tools offer compelling alternatives to pricey commercial software. Others are utilities that we lean on daily for one reason or another -- the can openers and potato peelers of desktop productivity. One or two of them either plug holes in Windows, or they go the distance where Windows falls short. + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-libreoffice-100614436-orig.jpg) + +### LibreOffice ### + +With the major release of version 5 in August, the Document Foundation’s [LibreOffice][1] offers a completely redesigned user interface, better compatibility with Microsoft Office (including good-but-not-great DOCX, XLSX, and PPTX file format support), and significant improvements to Calc, the spreadsheet application. + +Set against a turbulent background, the LibreOffice effort split from OpenOffice.org in 2010. In 2011, Oracle announced it would no longer support OpenOffice.org, and handed the trademark to the Apache Software Foundation. Since then, it has become [increasingly clear][2] that LibreOffice is winning the race for developers, features, and users. + +-- Woody Leonhard + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-firefox-100614426-orig.jpg) + +### Firefox ### + +In the battle of the big browsers, [Firefox][3] gets our vote over its longtime open source rival Chromium for two important reasons: + +• **Memory use**. Chromium, like its commercial cousin Chrome, has a nasty propensity to glom onto massive amounts of memory. + +• **Privacy**. Witness the [recent controversy][4] over Chromium automatically downloading a microphone snooping program to respond to “OK, Google.” + +Firefox may not have the most features or the down-to-the-millisecond fastest rendering engine. But it’s solid, stingy with resources, highly extensible, and most of all, it comes with no strings attached. There’s no ulterior data-gathering motive. + +-- Woody Leonhard + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-thunderbird-100614433-orig.jpg) + +### Thunderbird ### + +A longtime favorite email client, Mozilla’s [Thunderbird][5], may be getting a bit long in the tooth, but it’s still supported and showing signs of life. The latest version, 38.2, arrived in August, and there are plans for more development. + +Mozilla officially pulled its people off the project back in July 2012, but a hardcore group of volunteers, led by Kent James and the all-volunteer Thunderbird Council, continues to toil away. While you won’t find the latest email innovations in Thunderbird, you will find a solid core of basic functions based on local storage. If having mail in the cloud spooks you, it’s a good, private alternative. And if James goes ahead with his idea of encrypting Thunderbird mail end-to-end, there may be significant new life in the old bird. + +-- Woody Leonhard + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-notepad-100614432-orig.jpg) + +### Notepad++ ### + +If Windows Notepad handles all of your text editing (and source code editing and HTML editing) needs, more power to ya. For Windows users who yearn for a little bit more in a text editor, there’s Don Ho’s [Notepad++][6], which is the editor I turn to, over and over again. + +With tabbed views, drag-and-drop, color-coded hints for completing HTML commands, bookmarks, macro recording, shortcut keys, and every text encoding format you’re likely to encounter, Notepad++ takes text to a new level. We get frequent updates, too, with the latest in August. + +-- Woody Leonhard + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-vlc-100614435-orig.jpg) + +### VLC ### + +The stalwart [VLC][7] (formerly known as VideoLan Client) runs almost any kind of media file on almost any platform. Yes, it even works as a remote control on Apple Watch. + +The tiled Universal app version for Windows 10, in the Windows Store, draws some criticism for instability and lack of control, but in most cases VLC works, and it works well -- without external codecs. It even supports Blu-ray formats with two new libraries. + +The desktop version is a must-have for Windows 10, unless you’re ready to run the advertising gauntlets that are the Universal Groove Music and Movies & TV apps from Microsoft. VLC received a major [feature update][8] in February and a comprehensive bug fix in April. + +-- Woody Leonhard + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-7-zip-100614429-orig.jpg) + +### 7-Zip ### + +Long recognized as the preeminent open source ZIP archive manager for Windows, [7-Zip][9] works like a champ, even on the Windows 10 desktop. Full coverage for RAR files, which can be problematic in Windows, combine with password-protected file creation and support for self-extracting ZIPs. It’s one of those programs that just works. + +Yes, it would be nice to get a more modern file picker. Yes, it would be interesting to see a tiled Universal app version. But even without the fancy bells and whistles, 7-Zip deserves a place on every Windows desktop. + +-- Woody Leonhard + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-handbrake-100614427-orig.jpg) + +### Handbrake ### + +If you want to convert your DVDs (or video files in any commonly used format) into a file in some other format, or simply scrape them off a silver coaster, [Handbrake][10] is the way to do it. If you’re a Windows user, Handbrake is almost indispensible, since Microsoft doesn’t believe in ripping DVDs. + +Handbrake presents a number of handy presets for optimizing conversions for your target device (iPod, iPad, Android Tablet, and so on) It’s simple, and it’s fast. With the latest round of bug fixes released in June, Handbrake’s keeping up on maintenance -- and it works fine on the Windows 10 desktop. + +-- Woody Leonhard + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-keepass-100614430-orig.jpg) + +### KeePass ### + +I’ll confess that I almost gave up on [KeePass][11] because the primary download site goes to Sourceforge. That means you have to be extremely careful which boxes are checked and what you click on (and when) as you attempt to download and install the software. While KeePass itself is 100 percent clean open source (GNU GPL), Sourceforge doesn’t feel so constrained, and its [installers reek of crapware][12]. + +One of many local-file password storage programs, KeePass distinguishes itself with broad scope, as well as its ability to run on all sorts of platforms, no installation required. KeePass will save not only passwords, but also credit card information and freely structured information. It provides a strong random password generator, and the database itself is locked with AES and Twofish, so nobody’s going to crack it. And it’s kept up to date, with a new stable release last month. + +-- Woody Leonhard + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-virtualbox-100614434-orig.jpg) + +### VirtualBox ### + +With a major release published in July, Oracle’s open source [VirtualBox][13] -- available for Windows, OS X, Linux, even Solaris --continues to give commercial counterparts VMware Workstation, VMware Fusion, Parallels Desktop, and Microsoft’s Hyper-V a hard run for their money. The Oracle team is still getting the final Windows 10 bugs ironed out, but come to think of it, so is Microsoft. + +VirtualBox doesn’t quite match the performance or polish of the VMware and Parallels products, but it’s getting closer. Version 5 brought long-awaited drag-and-drop support, making it easier to move files between VMs and host. + +I prefer VirtualBox over Hyper-V because it’s easy to control external devices. In Hyper-V, for example, getting sound to work is a pain in the neck, but in VirtualBox it only takes a click in setup. The shared clipboard between VM and host works wonders. Running speed on both is roughly the same, with a slight advantage to Hyper-V. But managing VirtualBox machines is much easier. + +-- Woody Leonhard + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-inkscape-100614428-orig.jpg) + +### Inkscape ### + +If you stand in awe of the designs created with Adobe Illustrator (or even CorelDraw), take a close look at [Inkscape][14]. Scalable vector images never looked so good. + +Version 0.91, released in January, uses a new internal graphics rendering engine called Cairo, sponsored by Google, to make the app run faster and allow for more accurate rendering. Inkscape will read and write SVG, PNG, PDF, even EPS, and many other formats. It can export Flash XML Graphics, HTML5 Canvas, and XAML, among others. + +There’s a strong community around Inkscape, and it’s built for easy extensibility. It’s available for Windows, OS X, and Linux. + +-- Woody Leonhard + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-keepassdroid-100614431-orig.jpg) + +### KeePassDroid ### + +Trying to remember all of the passwords we need today is impossible, and creating new ones to meet stringent password policy requirements can be agonizing. A port of KeePass for Android, [KeePassDroid][15] brings sanity preserving password management to mobile devices. + +Like KeyPass, KeyPassDroid makes creating and accessing passwords easy, requiring you to recall only a single master password. It supports both DES and Twofish algorithms for encrypting all passwords, and it goes a step further by encrypting the entire password database, not only the password fields. Notes and other password pertinent information are encrypted too. + +While KeePassDroid's interface is minimal -- dated, some would say -- it gets the job done with bare-bones efficiency. Need to generate passwords that have certain character sets and lengths? KeePassDroid can do that with ease. With more than a million downloads on the Google Play Store, you could say this app definitely fills a need. + +-- Victor R. Garza + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-prey-100615300-orig.jpg) + +### Prey ### + +Loss or theft of mobile devices is all too common these days. While there are many tools in the enterprise to manage and erase data either misplaced or stolen from an organization, [Prey][16] facilitates the recovery of the phone, laptop, or tablet, and not just the wiping of potentially sensitive information from the device. + +Prey is a Web service that works with an open source installed agent for Linux, OS X, Windows, Android, and iOS devices. Prey tracks your lost or stolen device by using either the device's GPS, the native geolocation provided by newer operating systems, or an associated Wi-Fi hotspot to home in on the location. + +If your smartphone is lost or stolen, send a text message to the device to activate Prey. For stolen tablets or laptops, use the Prey Project's cloud-based control panel to select the device as missing. The Prey agent on any device can then take a screenshot of the active applications, turn on the camera to catch a thief's image, reset the device to the factory settings, or fully lock down the device. + +Should you want to retrieve your lost items, the Prey Project strongly suggests you contact your local police to have them assist you. + +-- Victor R. Garza + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-orbot-100615299-orig.jpg) + +### Orbot ### + +The premiere proxy application for Android, [Orbot][17] leverages the volunteer-operated network of virtual tunnels called Tor (The Onion Router) to keep all communications private. Orbot works with companion applications [Orweb][18] for secure Web browsing and [ChatSecure][19] for secure chat. In fact, any Android app that allows its proxy settings to be changed can be secured with Orbot. + +One thing to remember about the Tor network is that it's designed for secure, lightweight communications, not for pulling down torrents or watching YouTube videos. Surfing media-rich sites like Facebook can be painfully slow. Your Orbot communications won't be blazing fast, but they will stay private and confidential. + +-- Victor R. Garza + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-tails-100615301-orig.jpg) + +### Tails ### + +[Tails][20], or The Amnesic Incognito Live System, is a Linux Live OS that can be booted from a USB stick, DVD, or SD card. It’s often used covertly in the Deep Web to secure traffic when purchasing illicit substances, but it can also be used to avoid tracking, support freedom of speech, circumvent censorship, and promote liberty. + +Leveraging Tor (The Onion Router), Tails keeps all communications secure and private and promises to leave no trace on any computer after it’s used. It performs disk encryption with LUKS, protects instant messages with OTR, encrypts Web traffic with the Tor Browser and HTTPS Everywhere, and securely deletes files via Nautilus Wipe. Tails even has an office suite, image editor, and the like. + +Now, it's always possible to be traced while using any system if you're not careful, so be vigilant when using Tails and follow good privacy practices, like turning off JavaScript while using Tor. And be aware that Tails isn't necessarily going to be speedy, even while using a fiber connect, but that's what you pay for anonymity. + +-- Victor R. Garza + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-main-100614438-orig.jpg) + +### Read about more open source winners ### + +InfoWorld's Best of Open Source Awards for 2014 celebrate more than 100 open source projects, from the bottom of the stack to the top. Follow these links to more open source winners: + +[Bossie Awards 2015: The best open source applications][21] + +[Bossie Awards 2015: The best open source application development tools][22] + +[Bossie Awards 2015: The best open source big data tools][23] + +[Bossie Awards 2015: The best open source data center and cloud software][24] + +[Bossie Awards 2015: The best open source desktop and mobile software][25] + +[Bossie Awards 2015: The best open source networking and security software][26] + +-------------------------------------------------------------------------------- + +via: http://www.infoworld.com/article/2982630/open-source-tools/bossie-awards-2015-the-best-open-source-desktop-and-mobile-software.html + +作者:[InfoWorld staff][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.infoworld.com/author/InfoWorld-staff/ +[1]:https://www.libreoffice.org/download/libreoffice-fresh/ +[2]:http://lwn.net/Articles/637735/ +[3]:https://www.mozilla.org/en-US/firefox/new/ +[4]:https://nakedsecurity.sophos.com/2015/06/24/not-ok-google-privacy-advocates-take-on-the-chromium-team-and-win/ +[5]:https://www.mozilla.org/en-US/thunderbird/ +[6]:https://notepad-plus-plus.org/ +[7]:http://www.videolan.org/vlc/index.html +[8]:http://www.videolan.org/press/vlc-2.2.0.html +[9]:http://www.7-zip.org/ +[10]:https://handbrake.fr/ +[11]:http://keepass.info/ +[12]:http://www.infoworld.com/article/2931753/open-source-software/sourceforge-the-end-cant-come-too-soon.html +[13]:https://www.virtualbox.org/ +[14]:https://inkscape.org/en/download/windows/ +[15]:http://www.keepassdroid.com/ +[16]:http://preyproject.com/ +[17]:https://www.torproject.org/docs/android.html.en +[18]:https://guardianproject.info/apps/orweb/ +[19]:https://guardianproject.info/apps/chatsecure/ +[20]:https://tails.boum.org/ +[21]:http://www.infoworld.com/article/2982622/bossie-awards-2015-the-best-open-source-applications.html +[22]:http://www.infoworld.com/article/2982920/bossie-awards-2015-the-best-open-source-application-development-tools.html +[23]:http://www.infoworld.com/article/2982429/bossie-awards-2015-the-best-open-source-big-data-tools.html +[24]:http://www.infoworld.com/article/2982923/bossie-awards-2015-the-best-open-source-data-center-and-cloud-software.html +[25]:http://www.infoworld.com/article/2982630/bossie-awards-2015-the-best-open-source-desktop-and-mobile-software.html +[26]:http://www.infoworld.com/article/2982962/bossie-awards-2015-the-best-open-source-networking-and-security-software.html \ No newline at end of file diff --git a/sources/share/20151028 Bossie Awards 2015--The best open source networking and security software.md b/sources/share/20151028 Bossie Awards 2015--The best open source networking and security software.md new file mode 100644 index 0000000000..129ce3eff4 --- /dev/null +++ b/sources/share/20151028 Bossie Awards 2015--The best open source networking and security software.md @@ -0,0 +1,162 @@ +Bossie Awards 2015: The best open source networking and security software +================================================================================ +InfoWorld's top picks of the year among open source tools for building, operating, and securing networks + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-net-sec-100614459-orig.jpg) + +### The best open source networking and security software ### + +BIND, Sendmail, OpenSSH, Cacti, Nagios, Snort -- open source software seems to have been invented for networks, and many of the oldies and goodies are still going strong. Among our top picks in the category this year, you'll find a mix of stalwarts, mainstays, newcomers, and upstarts perfecting the arts of network management, security monitoring, vulnerability assessment, rootkit detection, and much more. + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-icinga-100614482-orig.jpg) + +### Icinga 2 ### + +Icinga began life as a fork of system monitoring application Nagios. [Icinga 2][1] was completely rewritten to give users a modern interface, support for multiple databases, and an API to integrate numerous extensions. With out-of-the-box load balancing, notifications, and configuration, Icinga 2 shortens the time to installation for complex environments. Icinga 2 supports Graphite natively, giving administrators real-time performance graphing without any fuss. But what puts Icinga back on the radar this year is its release of Icinga Web 2, a graphical front end with drag-and-drop customizable dashboards and streamlined monitoring tools. + +Administrators can view, filter, and prioritize problems, while keeping track of which actions have already been taken. A new matrix view lets administrators view hosts and services on one page. You can view events over a particular time period or filter incidents to understand which ones need immediate attention. Icinga Web 2 may boast a new interface and zippier performance, but all the usual commands from Icinga Classic and Icinga Web are still available. That means there is no downtime trying to learn a new version of the tool. + +-- Fahmida Rashid + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-zenoss-100614465-orig.jpg) + +### Zenoss Core ### + +Another open source stalwart, [Zenoss Core][2] gives network administrators a complete, one-stop solution for tracking and managing all of the applications, servers, storage, networking components, virtualization tools, and other elements of an enterprise infrastructure. Administrators can make sure the hardware is running efficiently and take advantage of the modular design to plug in ZenPacks for extended functionality. + +Zenoss Core 5, released in February of this year, takes the already powerful tool and improves it further, with an enhanced user interface and expanded dashboard. The Web-based console and dashboards were already highly customizable and dynamic, and the new version now lets administrators mash up multiple component charts onto a single chart. Think of it as the tool for better root cause and cause/effect analysis. + +Portlets give additional insights for network mapping, device issues, daemon processes, production states, watch lists, and event views, to name a few. And new HTML5 charts can be exported outside the tool. The Zenoss Control Center allows out-of-band management and monitoring of all Zenoss components. Zenoss Core has new tools for online backup and restore, snapshots and rollbacks, and multihost deployment. Even more important, deployments are faster with full Docker support. + +-- Fahmida Rashid + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-opennms-100614461-orig.jpg) + +### OpenNMS ### + +An extremely flexible network management solution, [OpenNMS][3] can handle any network management task, whether it's device management, application performance monitoring, inventory control, or events management. With IPv6 support, a robust alerts system, and the ability to record user scripts to test Web applications, OpenNMS has everything network administrators and testers need. OpenNMS has become, as now a mobile dashboard, called OpenNMS Compass, lets networking pros keep an eye on their network even when they're out and about. + +The iOS version of the app, which is available on the [iTunes App Store][4], displays outages, nodes, and alarms. The next version will offer additional event details, resource graphs, and information about IP and SNMP interfaces. The Android version, available on [Google Play][5], displays network availability, outages, and alarms on the dashboard, as well as the ability to acknowledge, escalate, or clear alarms. The mobile clients are compatible with OpenNMS Horizon 1.12 or greater and OpenNMS Meridian 2015.1.0 or greater. + +-- Fahmida Rashid + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-onion-100614460-orig.jpg) + +### Security Onion ### + +Like an onion, network security monitoring is made of many layers. No single tool will give you visibility into every attack or show you every reconnaissance or foot-printing session on your company network. [Security Onion][6] bundles scores of proven tools into one handy Ubuntu distro that will allow you to see who's inside your network and help keep the bad guys out. + +Whether you're taking a proactive approach to network security monitoring or following up on a potential attack, Security Onion can assist. Consisting of sensor, server, and display layers, the Onion combines full network packet capture with network-based and host-based intrusion detection, and it serves up all of the various logs for inspection and analysis. + +The star-studded network security toolchain includes Netsniff-NG for packet capture, Snort and Suricata for rules-based network intrusion detection, Bro for analysis-based network monitoring, OSSEC for host intrusion detection, and Sguil, Squert, Snorby, and ELSA (Enterprise Log Search and Archive) for display, analysis, and log management. It’s a carefully vetted collection of tools, all wrapped in a wizard-driven installer and backed by thorough documentation, that can help you get from zero to monitoring as fast as possible. + +-- Victor R. Garza + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-kali-100614458-orig.jpg) + +Kali Linux + +The team behind [Kali Linux][7] revamped the popular security Linux distribution this year to make it faster and even more versatile. Kali sports a new 4.0 kernel, improved hardware and wireless driver support, and a snappier interface. The most popular tools are easily accessible from a dock on the side of the screen. The biggest change? Kali Linux is now a rolling distribution, with a continuous stream of software updates. Kali's core system is based on Debian Jessie, and the team will pull packages continuously from Debian Testing, while continuing to add new Kali-flavored features on top. + +The distribution still comes jam-packed with tools for penetration testing, vulnerability analysis, security forensics, Web application analysis, wireless networking and assessment, reverse engineering, and exploitation tools. Now the distribution has an upstream version checking system that will automatically notify users when updates are available for the individual tools. The distribution also features ARM images for a range of devices, including Raspberry Pi, Chromebook, and Odroids, as well as updates to the NetHunter penetration testing platform that runs on Android devices. There are other changes too: Metasploit Community/Pro is no longer included, because Kali 2.0 is not yet [officially supported by Rapid7][8]. + +-- Fahmida Rashid + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-openvas-100614462-orig.jpg) + +### OpenVAS ### + +[OpenVAS][9], the Open Vulnerability Assessment System, is a framework that combines multiple services and tools to offer vulnerability scanning and vulnerability management. The scanner is coupled with a weekly feed of network vulnerability tests, or you can use a feed from a commercial service. The framework includes a command-line interface (so it can be scripted) and an SSL-secured, browser-based interface via the [Greenbone Security Assistant][10]. OpenVAS accommodates various plug-ins for additional functionality. Scans can be scheduled or run on-demand. + +Multiple OpenVAS installations can be controlled through a single master, which makes this a scalable vulnerability assessment tool for enterprises. The project is as compatible with standards as can be: Scan results and configurations are stored in a SQL database, where they can be accessed easily by external reporting tools. Client tools access the OpenVAS Manager via the XML-based stateless OpenVAS Management Protocol, so security administrators can extend the functionality of the framework. The software can be installed from packages or source code to run on Windows or Linux, or downloaded as a virtual appliance. + +-- Matt Sarrel + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-owasp-100614463-orig.jpg) + +### OWASP ### + +[OWASP][11], the Open Web Application Security Project, is a nonprofit organization with worldwide chapters focused on improving software security. The community-driven organization provides test tools, documentation, training, and almost anything you could imagine that’s related to assessing software security and best practices for developing secure software. Several OWASP projects have become valuable components of many a security practitioner's toolkit: + +[ZAP][12], the Zed Attack Proxy Project, is a penetration test tool for finding vulnerabilities in Web applications. One of the design goals of ZAP was to make it easy to use so that developers and functional testers who aren't security experts can benefit from using it. ZAP provides automated scanners and a set of manual test tools. + +The [Xenotix XSS Exploit Framework][13] is an advanced cross-site scripting vulnerability detection and exploitation framework that runs scans within browser engines to get real-world results. The Xenotix Scanner Module uses three intelligent fuzzers, and it can run through nearly 5,000 distinct XSS payloads. An API lets security administrators extend and customize the exploit toolkit. + +[O-Saft][14], or the OWASP SSL advanced forensic tool, is an SSL auditing tool that shows detailed information about SSL certificates and tests SSL connections. This command-line tool can run online or offline to assess SSL security such as ciphers and configurations. O-Saft provides built-in checks for common vulnerabilities, and you can easily extend these through scripting. In May 2015 a simple GUI was added as an optional download. + +[OWTF][15], the Offensive Web Testing Framework, is an automated test tool that follows OWASP testing guidelines and the NIST and PTES standards. The framework uses both a Web UI and a CLI, and it probes Web and application servers for common vulnerabilities such as improper configuration and unpatched software. + +-- Matt Sarrel + +![](http://core0.staticworld.net/images/article/2015/09/bossies-2015-beef-100614456-orig.jpg) + +### BeEF ### + +The Web browser has become the most common vector for attacks against clients. [BeEF][15], the Browser Exploitation Framework Project, is a widely used penetration tool to assess Web browser security. BeEF helps you expose the security weaknesses of client systems using client-side attacks launched through the browser. BeEF sets up a malicious website, which security administrators visit from the browser they want to test. BeEF then sends commands to attack the Web browser and use it to plant software on the client machine. Administrators can then launch attacks on the client machine as if they were zombies. + +BeEF comes with commonly used modules like a key logger, a port scanner, and a Web proxy, plus you can write your own modules or send commands directly to the zombified test machine. BeEF comes with a handful of demo Web pages to help you get started and makes it very easy to write additional Web pages and attack modules so you can customize testing to your environment. BeEF is a valuable test tool for assessing browser and endpoint security and for learning how browser-based attacks are launched. Use it to put together a demo to show your users how malware typically infects client devices. + +-- Matt Sarrel + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-unhide-100614464-orig.jpg) + +### Unhide ### + +[Unhide][16] is a forensic tool that locates open TCP/UDP ports and hidden process on UNIX, Linux, and Windows. Hidden ports and processes can be the result of rootkit or LKM (loadable kernel module) activity. Rootkits can be difficult to find and remove because they are designed to be stealthy, hiding themselves from the OS and user. A rootkit can use LKMs to hide its processes or impersonate other processes, allowing it to run on machines undiscovered for a long time. Unhide can provide the assurance that administrators need to know their systems are clean. + +Unhide is really two separate scripts: one for processes and one for ports. The tool interrogates running processes, threads, and open ports and compares this info to what's registered with the system as active, reporting discrepancies. Unhide and WinUnhide are extremely lightweight scripts that run from the command line to produce text output. They're not pretty, but they are extremely useful. Unhide is also included in the [Rootkit Hunter][17] project. + +-- Matt Sarrel + +![](http://images.techhive.com/images/article/2015/09/bossies-2015-main-100614457-orig.jpg) + +Read about more open source winners + +InfoWorld's Best of Open Source Awards for 2014 celebrate more than 100 open source projects, from the bottom of the stack to the top. Follow these links to more open source winners: + +[Bossie Awards 2015: The best open source applications][18] + +[Bossie Awards 2015: The best open source application development tools][19] + +[Bossie Awards 2015: The best open source big data tools][20] + +[Bossie Awards 2015: The best open source data center and cloud software][21] + +[Bossie Awards 2015: The best open source desktop and mobile software][22] + +[Bossie Awards 2015: The best open source networking and security software][23] + +-------------------------------------------------------------------------------- + +via: http://www.infoworld.com/article/2982962/open-source-tools/bossie-awards-2015-the-best-open-source-networking-and-security-software.html + +作者:[InfoWorld staff][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.infoworld.com/author/InfoWorld-staff/ +[1]:https://www.icinga.org/icinga/icinga-2/ +[2]:http://www.zenoss.com/ +[3]:http://www.opennms.org/ +[4]:https://itunes.apple.com/us/app/opennms-compass/id968875097?mt=8 +[5]:https://play.google.com/store/apps/details?id=com.opennms.compass&hl=en +[6]:http://blog.securityonion.net/p/securityonion.html +[7]:https://www.kali.org/ +[8]:https://community.rapid7.com/community/metasploit/blog/2015/08/12/metasploit-on-kali-linux-20 +[9]:http://www.openvas.org/ +[10]:http://www.greenbone.net/ +[11]:https://www.owasp.org/index.php/Main_Page +[12]:https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project +[13]:https://www.owasp.org/index.php/O-Saft +[14]:https://www.owasp.org/index.php/OWASP_OWTF +[15]:http://www.beefproject.com/ +[16]:http://www.unhide-forensics.info/ +[17]:http://www.rootkit.nl/projects/rootkit_hunter.html +[18]:http://www.infoworld.com/article/2982622/bossie-awards-2015-the-best-open-source-applications.html +[19]:http://www.infoworld.com/article/2982920/bossie-awards-2015-the-best-open-source-application-development-tools.html +[20]:http://www.infoworld.com/article/2982429/bossie-awards-2015-the-best-open-source-big-data-tools.html +[21]:http://www.infoworld.com/article/2982923/bossie-awards-2015-the-best-open-source-data-center-and-cloud-software.html +[22]:http://www.infoworld.com/article/2982630/bossie-awards-2015-the-best-open-source-desktop-and-mobile-software.html +[23]:http://www.infoworld.com/article/2982962/bossie-awards-2015-the-best-open-source-networking-and-security-software.html \ No newline at end of file diff --git a/sources/share/20151104 Optimize Web Delivery with these Open Source Tools.md b/sources/share/20151104 Optimize Web Delivery with these Open Source Tools.md new file mode 100644 index 0000000000..aaf8a7292d --- /dev/null +++ b/sources/share/20151104 Optimize Web Delivery with these Open Source Tools.md @@ -0,0 +1,195 @@ +Optimize Web Delivery with these Open Source Tools +================================================================================ +Web proxy software forwards HTTP requests without modifying traffic in any way. They can be configured as a transparent proxy with no client-side configuration required. They can also be used as a reverse proxy front-end to websites; here the cache serves an unlimited number of clients for one or some web servers. + +Web proxies are versatile tools. They have a wide variety of uses, from caching web, DNS and other lookups, to speeding up the delivery of a web server / reducing bandwidth consumption. Web proxy software can also harden security by filtering traffic and anonymizing connections, and offer media-range limitations. This software is used by high-profile, high-traffic websites such as The New York Times, The Guardian, and social media and content sites such as Twitter, Facebook, and Wikipedia. + +Web caches have become a vital mechanism for optimising the amount of data that is delivered in a given period of time. Good web caches also help to minimise latency, serving pages as quickly as possible. This helps to prevent the end user from becoming impatient having to wait for content to be delivered. Web caches optimise the data flow between client and server. They also help to converse bandwidth by caching frequently-delivered content. If you need to reduce server load and improve delivery speed of your content, it is definitely worth exploring the benefits offered by web cache software. + +To provide an insight into the quality of software available for Linux, I feature below 5 excellent open source web proxy tools. Some of the them are full-featured; a couple of them have very modest resource needs. + +### Squid ### + +Squid is a high-performance open source proxy caching server and web cache daemon. It supports FTP, Internet Gopher, HTTPS, TLS, and SSL. It handles all requests in a single, non-blocking, I/O-driven process over IPv4 or IPv6. + +Squid consists of a main server program squid, a Domain Name System lookup program dnsserver, some optional programs for rewriting requests and performing authentication, together with some management and client tools. + +Squid offers a rich access control, authorization and logging environment to develop web proxy and content serving applications. + +Features include: + +- Web proxy: + - Caching to reduce access time and bandwidth use + - Keeps meta data and especially hot objects cached in RAM + - Caches DNS lookups + - Supports non-blocking DNS lookups + - Implements negative chacking of failed requests +- Squid caches can be arranged in a hierarchy or mesh for additional bandwidth savings +- Enforce site-usage policies with extensive access controls +- Anonymize connections, such as disabling or changing specific header fields in a client's HTTP request +- Reverse proxy +- Media-range limitations +- Supports SSL +- Support for IPv6 +- Error Page Localization - error pages presented by Squid may now be localized per-request to match the visitors local preferred language +- Connection Pinning (for NTLM Auth Passthrough) - a workaround which permits Web servers to use Microsoft NTLM Authentication instead of HTTP standard authentication through a web proxy +- Quality of Service (QoS) Flow support + - Select a TOS/Diffserv value to mark local hits + - Select a TOS/Diffserv value to mark peer hits + - Selectively mark only sibling or parent requests + - Allows any HTTP response towards clients to have the TOS value of the response coming from the remote server preserved + - Mask certain bits in the TOS received from the remote server, before copying the value to the TOS send towards clients +- SSL Bump (for HTTPS Filtering and Adaptation) - Squid-in-the-middle decryption and encryption of CONNECT tunneled SSL traffic, using configurable client- and server-side certificates +- eCAP Adaptation Module support +- ICAP Bypass and Retry enhancements - ICAP is now extended with full bypass and dynamic chain routing to handle multiple adaptation services. +- ICY streaming protocol support - commonly known as SHOUTcast multimedia streams +- Dynamic SSL Certificate Generation +- Support for the Internet Content Adaptation Protocol (ICAP) +- Full request logging +- Anonymize connections + +- Website: [www.squid-cache.org][1] +- Developer: National Laboratory for Applied Networking Research (NLANR) and Internet volunteers +- License: GNU GPL v2 +- Version Number: 4.0.1 + +### Privoxy ### + +Privoxy (Privacy Enhancing Proxy) is a non-caching Web proxy with advanced filtering capabilities for enhancing privacy, modifying web page data and HTTP headers, controlling access, and removing ads and other obnoxious Internet junk. Privoxy has a flexible configuration and can be customized to suit individual needs and tastes. It supports both stand-alone systems and multi-user networks. + +Privoxy uses the concept of actions in order to manipulate the data stream between the browser and remote sites. + +Features include: + +- Highly configurable - completely personalize your installation +- Ad blocking +- Cookie management +- Supports "Connection: keep-alive". Outgoing connections can be kept alive independently from the client +- Supports IPv6 +- Tagging which allows to change the behaviour based on client and server headers +- Run as an "intercepting" proxy +- Sophisticated actions and filters for manipulating both server and client headers +- Can be chained with other proxies +- Integrated browser-based configuration and control utility. Browser-based tracing of rule and filter effects. Remote toggling +- Web page filtering (text replacements, removes banners based on size, invisible "web-bugs" and HTML annoyances, etc) +- Modularized configuration that allows for standard settings and user settings to reside in separate files, so that installing updated actions files won't overwrite individual user settings +- Support for Perl Compatible Regular Expressions in the configuration files, and a more sophisticated and flexible configuration syntax +- GIF de-animation +- Bypass many click-tracking scripts (avoids script redirection) +- User-customizable HTML templates for most proxy-generated pages (e.g. "blocked" page) +- Auto-detection and re-reading of config file changes +- Most features are controllable on a per-site or per-location basis + +- Website: [www.privoxy.org][2] +- Developer: Fabian Keil (lead developer), David Schmidt, and many other contributors +- License: GNU GPL v2 +- Version Number: 3.4.2 + +### Varnish Cache ### + +Varnish Cache is a web accelerator written with performance and flexibility in mind. It's modern architecture offers significantly better performance. It typically speeds up delivery with a factor of 300 - 1000x, depending on your architecture. Varnish stores web pages in memory so the web servers do not have to create the same web page repeatedly. The web server only recreates a page when it is changed. When content is served from memory this happens a lot faster then anything. + +Additionally Varnish can serve web pages much faster then any application server is capable of - giving the website a significant speed enhancement. + +For a cost-effective configuration, Varnish Cache uses between 1-16GB and a SSD disk. + +Features include: + +- Modern design +- VCL - a very flexible configuration language. The VCL configuration is translated to C, compiled, loaded and executed giving flexibility and speed +- Load balancing using both a round-robin and a random director, both with a per-backend weighting +- DNS, Random, Hashing and Client IP based Directors +- Load balance between multiple backends +- Support for Edge Side Includes including stitching together compressed ESI fragments +- Heavily threaded +- URL rewriting +- Cache multiple vhosts with a single Varnish +- Log data is stored in shared memory +- Basic health-checking of backends +- Graceful handling of "dead" backends +- Administered by a command line interface +- Use In-line C to extend Varnish +- Can be used on the same system as Apache +- Run multiple Varnish on the same system +- Support for HAProxy's PROXY protocol. This is a protocol adds a small header on each incoming TCP connection that describes who the real client is, added by (for example) an SSL terminating process +- Warm and cold VCL states +- Plugin support with Varnish Modules, called VMODs +- Backends defined through VMODs +- Gzip Compression and Decompression +- HTTP Streaming Pass & Fetch +- Saint and Grace mode. Saint Mode allows for unhealthy backends to be blacklisted for a period of time, preventing them from serving traffic when using Varnish as a load balancer. Grace mode allows Varnish to serve an expired version of a page or other asset in cases where Varnish is unable to retrieve a healthy response from the backend +- Experimental support for Persistent Storage, without LRU eviction + +- Website: [www.varnish-cache.org][3] +- Developer: Varnish Software +- License: FreeBSD +- Version Number: 4.1.0 + +### Polipo ### + +Polipo is an open source caching HTTP proxy which has modest resource needs. + +It listens to requests for web pages from your browser and forwards them to web servers, and forwards the servers’ replies to your browser. In the process, it optimises and cleans up the network traffic. It is similar in spirit to WWWOFFLE, but the implementation techniques are more like the ones ones used by Squid. + +Polipo aims at being a compliant HTTP/1.1 proxy. It should work with any web site that complies with either HTTP/1.1 or the older HTTP/1.0. + +Features include: + +- HTTP 1.1, IPv4 & IPv6, traffic filtering and privacy-enhancement +- Uses HTTP/1.1 pipelining if it believes that the remote server supports it, whether the incoming requests are pipelined or come in simultaneously on multiple connections +- Cache the initial segment of an instance if the download has been interrupted, and, if necessary, complete it later using Range requests +- Upgrade client requests to HTTP/1.1 even if they come in as HTTP/1.0, and up- or downgrade server replies to the client's capabilities +- Complete support for IPv6 (except for scoped (link-local) addresses) +- Use as a bridge between the IPv4 and IPv6 Internets +- Content-filtering +- Can use a technique known as Poor Man's Multiplexing to reduce latency +- SOCKS 4 and SOCKS 5 protocol support +- HTTPS proxying +- Behaves as a transparent proxy +- Run Polipo together with Privoxy or tor + +- Website: [www.pps.univ-paris-diderot.fr/~jch/software/polipo/][4] +- Developer: Juliusz Chroboczek, Christopher Davis +- License: MIT License +- Version Number: 1.1.1 + +### Tinyproxy ### + +Tinyproxy is a lightweight open source web proxy daemon. It is designed to be fast and yet small. It is useful for cases such as embedded deployments where a full featured HTTP proxy is required, but the system resources for a larger proxy are unavailable. + +Tinyproxy is very useful in a small network setting, where a larger proxy would either be too resource intensive, or a security risk. One of the key features of Tinyproxy is the buffering connection concept. In effect, Tinyproxy will buffer a high speed response from a server, and then relay it to a client at the highest speed the client will accept. This feature greatly reduces the problems with sluggishness on the net. + +Features: + +- Easy to modify +- Anonymous mode - allows specification of individual HTTP headers that should be allowed through, and which should be blocked +- HTTPS support - Tinyproxy allows forwarding of HTTPS connections without modifying traffic in any way through the CONNECT method +- Remote monitoring - access proxy statistics from afar, letting you know exactly how busy the proxy is +- Load average monitoring - configure software to refuse connections after the server load reaches a certain point +- Access control - configure to only allow connections from certain subnets or IP addresses +- Secure - run without any special privileges, thus minimizing the chance of system compromise +- URL based filtering - allows domain and URL-based black- and whitelisting +- Transparent proxying - configure as a transparent proxy, so that a proxy can be used without any client-side configuration +- Proxy chaining - use an upstream proxy server for outbound connections, instead of direct connections to the target server, creating a so-called proxy chain +- Privacy features - restrict both what data comes to your web browser from the HTTP server (e.g., cookies), and to restrict what data is allowed through from your web browser to the HTTP server (e.g., version information) +- Small footprint - the memory footprint is about 2MB with glibc, and the CPU load increases linearly with the number of simultaneous connections (depending on the speed of the connection). Tinyproxy can be run on an old machine without affecting performance + +- Website: [banu.com/tinyproxy][5] +- Developer: Robert James Kaes and contributors +- License: GNU GPL v2 +- Version Number: 1.8.3 + +-------------------------------------------------------------------------------- + +via: http://www.linuxlinks.com/article/20151101020309690/WebDelivery.html + +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[1]:http://www.squid-cache.org/ +[2]:http://www.privoxy.org/ +[3]:https://www.varnish-cache.org/ +[4]:http://www.pps.univ-paris-diderot.fr/%7Ejch/software/polipo/ +[5]:https://banu.com/tinyproxy/ \ No newline at end of file diff --git a/sources/share/20151123 7 ways hackers can use Wi-Fi against you.md b/sources/share/20151123 7 ways hackers can use Wi-Fi against you.md new file mode 100644 index 0000000000..1cf33a33dc --- /dev/null +++ b/sources/share/20151123 7 ways hackers can use Wi-Fi against you.md @@ -0,0 +1,70 @@ +Translating by ZTinoZ +7 ways hackers can use Wi-Fi against you +================================================================================ +![Image courtesy Thinkstock](http://core0.staticworld.net/images/article/2015/11/intro_title-100626673-orig.jpg) + +### 7 ways hackers can use Wi-Fi against you ### + +Wi-Fi — oh so convenient, yet oh so dangerous. Here are seven ways you could be giving away your identity through a Wi-Fi connection and what to do instead. + +![Image courtesy Thinkstock](http://core0.staticworld.net/images/article/2015/11/1_free-hotspots-100626674-orig.jpg) + +### Using free hotspots ### + +They seem to be everywhere, and their numbers are expected to [quadruple over the next four years][1]. But many of them are untrustworthy, created just so your login credentials, to email or even more sensitive accounts, can be picked up by hackers using “sniffers” — software that captures any information you submit over the connection. The best defense against sniffing hackers is to use a VPN (virtual private network). A VPN keeps your private data protected because it encrypts what you input. + +![Image courtesy Thinkstock](http://core0.staticworld.net/images/article/2015/11/2_online-banking-100626675-orig.jpg) + +### Banking online ### + +You might think that no one needs to be warned against banking online using free Wi-Fi, but cybersecurity firm Kaspersky Lab says that [more than 100 banks worldwide have lost $900 million][2] from cyberhacking, so it would seem that a lot of people are doing it. If you want to use the free Wi-Fi in a coffee shop because you’re confident it will be legitimate, confirm the exact network name with the barista. It’s pretty easy for [someone else in the shop with a router to set up an open connection][3] with a name that seems like it would be the name of the shop’s Wi-Fi. + +![Image courtesy Thinkstock](http://core0.staticworld.net/images/article/2015/11/3_keeping-wifi-on-100626676-orig.jpg) + +### Keeping Wi-Fi on all the time ### + +When your phone’s Wi-Fi is automatically enabled, you can be connected to an unsecure network without even realizing it. Use your phone’s [location-based Wi-Fi feature][4], if it’s available. It will turn off your Wi-Fi when you’re away from your saved networks and will turn back on when you’re within range. + +![Image courtesy Thinkstock](http://core0.staticworld.net/images/article/2015/11/4_not-using-firewall-100626677-orig.jpg) + +### Not using a firewall ### + +A firewall is your first line of defense against malicious intruders. It’s meant to let good traffic through your computer on a network and keep hackers and malware out. You should turn it off only when your antivirus software has its own firewall. + +![Image courtesy Thinkstock](http://core0.staticworld.net/images/article/2015/11/5_browsing-unencrypted-sites-100626678-orig.jpg) + +### Browsing unencrypted websites ### + +Sad to say, [55% of the Web’s top 1 million sites don’t offer encryption][5]. An unencrypted website allows all data transmissions to be viewed by the prying eyes of hackers. Your browser will indicate when a site is secure (you’ll see a gray padlock with Mozilla Firefox, for example, and a green lock icon with Chrome). But even a secure website can’t protect you from sidejackers, who can steal the cookies from a website you visited, whether it’s a valid site or not, through a public network. + +![Image courtesy Thinkstock](http://core0.staticworld.net/images/article/2015/11/6_updating-security-software-100626679-orig.jpg) + +### Not updating your security software ### + +If you want to ensure that your own network is well protected, upgrade the firmware of your router. All you have to do is go to your router’s administration page to check. Normally, you can download the newest firmware right from the manufacturer’s site. + +![Image courtesy Thinkstock](http://core0.staticworld.net/images/article/2015/11/7_securing-home-wifi-100626680-orig.jpg) + +### Not securing your home Wi-Fi ### + +Needless to say, it is important to set up a password that is not too easy to guess, and change your connection’s default name. You can also filter your MAC address so your router will recognize only certain devices. + +**Josh Althuser** is an open software advocate, Web architect and tech entrepreneur. Over the past 12 years, he has spent most of his time advocating for open-source software and managing teams and projects, as well as providing enterprise-level consultancy for Web applications and helping bring their products to the market. You may connect with him on [Twitter][6]. + +-------------------------------------------------------------------------------- + +via: http://www.networkworld.com/article/3003170/mobile-security/7-ways-hackers-can-use-wi-fi-against-you.html + +作者:[Josh Althuser][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://twitter.com/JoshAlthuser +[1]:http://www.pcworld.com/article/243464/number_of_wifi_hotspots_to_quadruple_by_2015_says_study.html +[2]:http://www.nytimes.com/2015/02/15/world/bank-hackers-steal-millions-via-malware.html?hp&action=click&pgtype=Homepage&module=first-column-region%C2%AEion=top-news&WT.nav=top-news&_r=3 +[3]:http://news.yahoo.com/blogs/upgrade-your-life/banking-online-not-hacked-182159934.html +[4]:http://pocketnow.com/2014/10/15/should-you-leave-your-smartphones-wifi-on-or-turn-it-off +[5]:http://www.cnet.com/news/chrome-becoming-tool-in-googles-push-for-encrypted-web/ +[6]:https://twitter.com/JoshAlthuser diff --git a/sources/share/20151130 eSpeak--Text To Speech Tool For Linux.md b/sources/share/20151130 eSpeak--Text To Speech Tool For Linux.md new file mode 100644 index 0000000000..3fc07db228 --- /dev/null +++ b/sources/share/20151130 eSpeak--Text To Speech Tool For Linux.md @@ -0,0 +1,64 @@ +eSpeak: Text To Speech Tool For Linux +================================================================================ +![Text to speech tool in Linux](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/11/Text-to-speech-Linux.jpg) + +[eSpeak][1] is a command line tool for Linux that converts text to speech. This is a compact speech synthesizer that provides support to English and many other languages. It is written in C. + +eSpeak reads the text from the standard input or the input file. The voice generated, however, is nowhere close to a human voice. But it is still a compact and handy tool if you want to use it in your projects. + +Some of the main features of eSpeak are: + +- A command line tool for Linux and Windows +- Speaks text from a file or from stdin +- Shared library version for use by other programs +- SAPI5 version for Windows, so it can be used with screen-readers and other programs that support the Windows SAPI5 interface. +- Ported to other platforms, including Android, Mac OSX etc. +- Several voice characteristics to choose from +- speech output can be saved as [.WAV file][2] +- SSML ([Speech Synthesis Markup Language][3]) is supported partially along with HTML +- Tiny in size, the complete program with language support etc is under 2 MB. +- Can translate text into phoneme codes, so it could be adapted as a front end for another speech synthesis engine. +- Development tools available for producing and tuning phoneme data. + +### Install eSpeak ### + +To install eSpeak in Ubuntu based system, use the command below in a terminal: + + sudo apt-get install espeak + +eSpeak is an old tool and I presume that it should be available in the repositories of other Linux distributions such as Arch Linux, Fedora etc. You can install eSpeak easily using dnf, pacman etc. + +To use eSpeak, just use it like: espeak and press enter to hear it aloud. Use Ctrl+C to close the running program. + +![eSpeak command line](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/11/eSpeak-example.png) + +There are several other options available. You can browse through them through the help section of the program. + +### GUI version: Gespeaker ### + +If you prefer the GUI version over the command line, you can install Gespeaker that provides a GTK front end to eSpeak. + +Use the command below to install Gespeaker: + + sudo apt-get install gespeaker + +The interface is straightforward and easy to use. You can explore it all by yourself. + +![eSpeak GUI tool for text to speech in Ubuntu](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/11/eSpeak-GUI.png) + +While such tools might not be useful for general computing need, it could be handy if you are working on some projects where text to speech conversion is required. I let you decide the usage of this speech synthesizer. + +-------------------------------------------------------------------------------- + +via: http://itsfoss.com/espeak-text-speech-linux/ + +作者:[Abhishek][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://itsfoss.com/author/abhishek/ +[1]:http://espeak.sourceforge.net/ +[2]:http://en.wikipedia.org/wiki/WAV +[3]:http://en.wikipedia.org/wiki/Speech_Synthesis_Markup_Language \ No newline at end of file diff --git a/sources/talk/20101020 19 Years of KDE History--Step by Step.md b/sources/talk/20101020 19 Years of KDE History--Step by Step.md new file mode 100644 index 0000000000..b5abb96572 --- /dev/null +++ b/sources/talk/20101020 19 Years of KDE History--Step by Step.md @@ -0,0 +1,220 @@ +19 Years of KDE History: Step by Step +================================================================================ +注:youtube 视频 + + +### Introduction ### + +KDE – one of most functional desktop environment ever. It’s open source and free for use. 19 years ago, 14 october 1996 german programmer Matthias Ettrich has started a development of this beautiful environment. KDE provides the shell and many applications for everyday using. Today KDE uses the hundred thousand peoples over the world on Unix and Windows operating system. 19 years – serious age for software projects. Time to return and see how it begin. + +K Desktop Environment has some new aspects: new design, good look & feel, consistency, easy to use, powerful applications for typical desktop work and special use cases. Name “KDE” is an easy word hack with “Common Desktop Environment”, “K” – “Cool”. The first KDE version used proprietary Trolltech’s Qt framework (parent of Qt) with dual licensing: open source QPL(Q public license) and proprietary commercial license. In 2000 Trolltech released some Qt libraries under GPL; Qt 4.5 was released in LGPL 2.1. Since 2009 KDE is compiled for three products: Plasma Workspaces (Shell), KDE Applications, KDE Platform as KDE Software compilation. + +### Releases ### + +#### Pre-Release – 14 October 1996 #### + +![](https://github.com/paulcarroty/Articles/raw/master/KDE_History/im/0b3.png) + +Kool Desktop Environment. Word “Kool” will be dropped in future. In the beginning, all components were released to the developer community separately without any coordinated timeframe throughout the overall project. First communication of KDE via mailing list, that was called kde@fiwi02.wiwi.uni-Tubingen.de. + +#### KDE 1.0 – July 12, 1998 #### + +![](https://github.com/paulcarroty/Articles/raw/master/KDE_History/im/10.png) + +This version received mixed reception. Many criticized the use of the Qt software framework – back then under the FreeQt license which was claimed to not be compatible with free software – and advised the use of Motif or LessTif instead. Despite that criticism, KDE was well received by many users and made its way into the first Linux distributions. + +![28 January 1999](https://github.com/paulcarroty/Articles/raw/master/KDE_History/im/11.png) + +28 January 1999 + +An update, **K Desktop Environment 1.1**, was faster, more stable and included many small improvements. It also included a new set of icons, backgrounds and textures. Among this overhauled artwork was a new KDE logo by Torsten Rahn consisting of the letter K in front of a gear which is used in revised form to this day. + +#### KDE 2.0 – October 23, 2000 #### + +![](https://github.com/paulcarroty/Articles/raw/master/KDE_History/im/20.png) + +Major updates: * DCOP (Desktop COmmunication Protocol), a client-to-client communications protocol * KIO, an application I/O library. * KParts, a component object model * KHTML, an HTML 4.0 compliant rendering and drawing engine + +![26 February 2001](https://github.com/paulcarroty/Articles/raw/master/KDE_History/im/21.png) + +26 February 2001 + +**K Desktop Environment 2.1** release inaugurated the media player noatun, which used a modular, plugin design. For development, K Desktop Environment 2.1 was bundled with KDevelop. + +![15 August 2001](https://github.com/paulcarroty/Articles/raw/master/KDE_History/im/22.png) + +15 August 2001 + +The **KDE 2.2** release featured up to a 50% improvement in application startup time on GNU/Linux systems and increased stability and capabilities for HTML rendering and JavaScript; some new features in KMail. + +#### KDE 3.0 – April 3, 2002 #### + +![](https://github.com/paulcarroty/Articles/raw/master/KDE_History/im/30.png) + +K Desktop Environment 3.0 introduced better support for restricted usage, a feature demanded by certain environments such as kiosks, Internet cafes and enterprise deployments, which disallows the user from having full access to all capabilities of a piece of software. + +![28 January 2003](https://github.com/paulcarroty/Articles/raw/master/KDE_History/im/31.png) + +28 January 2003 + +**K Desktop Environment 3.1** introduced new default window (Keramik) and icon (Crystal) styles as well as several feature enhancements. + +![3 February 2004](https://github.com/paulcarroty/Articles/raw/master/KDE_History/im/32.png) + +3 February 2004 + +**K Desktop Environment 3.2** included new features, such as inline spell checking for web forms and emails, improved e-mail and calendaring support, tabs in Konqueror and support for Microsoft Windows desktop sharing protocol (RDP). + +![19 August 2004](https://github.com/paulcarroty/Articles/raw/master/KDE_History/im/33.png) + +19 August 2004 + +**K Desktop Environment 3.3** focused on integrating different desktop components. Kontact was integrated with Kolab, a groupware application, and Kpilot. Konqueror was given better support for instant messaging contacts, with the capability to send files to IM contacts and support for IM protocols (e.g., IRC). + +![16 March 2005](https://github.com/paulcarroty/Articles/raw/master/KDE_History/im/34.png) + +16 March 2005 + +**K Desktop Environment 3.4** focused on improving accessibility. The update added a text-to-speech system with support for Konqueror, Kate, KPDF, the standalone application KSayIt and text-to-speech synthesis on the desktop. + +![29 November 2005](https://github.com/paulcarroty/Articles/raw/master/KDE_History/im/35.png) + +29 November 2005 + +**The K Desktop Environment 3.5** release added SuperKaramba, which provides integrated and simple-to-install widgets to the desktop. Konqueror was given an ad-block feature and became the second web browser to pass the Acid2 CSS test. + +#### KDE SC 4.0 – January 11, 2008 #### + +![](https://github.com/paulcarroty/Articles/raw/master/KDE_History/im/400.png) + +The majority of development went into implementing most of the new technologies and frameworks of KDE 4. Plasma and the Oxygen style were two of the biggest user-facing changes. Dolphin replaces Konqueror as file manager, Okular – default document viewer. + +![29 July 2008](https://github.com/paulcarroty/Articles/raw/master/KDE_History/im/401.png) + +29 July 2008 + +**KDE 4.1** includes a shared emoticon theming system which is used in PIM and Kopete, and DXS, a service that lets applications download and install data from the Internet with one click. Also introduced are GStreamer, QuickTime 7, and DirectShow 9 Phonon backends. New applications: * Dragon Player * Kontact * Skanlite – software for scanners * Step – physics simulator * New games: Kdiamond, Kollision, KBreakout and others + +![27 January 2009](https://github.com/paulcarroty/Articles/raw/master/KDE_History/im/402.png) + +27 January 2009 + +**KDE 4.2** is considered a significant improvement beyond KDE 4.1 in nearly all aspects, and a suitable replacement for KDE 3.5 for most users. + +![4 August 2009](https://github.com/paulcarroty/Articles/raw/master/KDE_History/im/403.png) + +4 August 2009 + +**KDE 4.3** fixed over 10,000 bugs and implemented almost 2,000 feature requests. Integration with other technologies, such as PolicyKit, NetworkManager & Geolocation services, was another focus of this release. + +![9 February 2010](https://github.com/paulcarroty/Articles/raw/master/KDE_History/im/404.png) + +9 February 2010 + +**KDE SC 4.4** is based on version 4.6 of the Qt 4 toolkit. New application – KAddressBook, first release of Kopete. + +![10 August 2010](https://github.com/paulcarroty/Articles/raw/master/KDE_History/im/405.png) + +10 August 2010 + +**KDE SC 4.5** has some new features: integration of the WebKit library, an open-source web browser engine, which is used in major browsers such as Apple Safari and Google Chrome. KPackageKit replaced Kpackage. + +![26 January 2011](https://github.com/paulcarroty/Articles/raw/master/KDE_History/im/406.png) + +26 January 2011 + +**KDE SC 4.6** has better OpenGL compositing along with the usual myriad of fixes and features. + +![27 July 2011](https://github.com/paulcarroty/Articles/raw/master/KDE_History/im/407.png) + +27 July 2011 + +**KDE SC 4.7** has updated KWin with OpenGL ES 2.0 compatible, Qt Quick, Plasma Desktop with many enhancements and a lot of new functions in general applications. 12k bugs if fixed. + +![25 January 2012](https://github.com/paulcarroty/Articles/raw/master/KDE_History/im/408.png) + +25 January 2012 + +**KDE SC 4.8**: better KWin performance and Wayland support, new design of Doplhin. + +![1 August 2012](https://github.com/paulcarroty/Articles/raw/master/KDE_History/im/409.png) + +1 August 2012 + +**KDE SC 4.9**: several improvements to the Dolphin file manager, including the reintroduction of in-line file renaming, back and forward mouse buttons, improvement of the places panel and better usage of file metadata. + +![6 February 2013](https://github.com/paulcarroty/Articles/raw/master/KDE_History/im/410.png) + +6 February 2013 + +**KDE SC 4.10**: many of the default Plasma widgets were rewritten in QML, and Nepomuk, Kontact and Okular received significant speed improvements. + +![14 August 2013](https://github.com/paulcarroty/Articles/raw/master/KDE_History/im/411.png) + +14 August 2013 + +**KDE SC 4.11**: Kontact and Nepomuk received many optimizations. The first generation Plasma Workspaces entered maintenance-only development mode. + +![18 December 2013](https://github.com/paulcarroty/Articles/raw/master/KDE_History/im/412.png) + +18 December 2013 + +**KDE SC 4.12**: Kontact received substantial improvements, many small improvements. + +![16 April 2014](https://github.com/paulcarroty/Articles/raw/master/KDE_History/im/413.png) + +18 December 2013 + +**KDE SC 4.13**: Nepomuk semantic desktop search was replaced with KDE’s in house Baloo. KDE SC 4.13 was released in 53 different translations. + +![20 August 2014](https://github.com/paulcarroty/Articles/raw/master/KDE_History/im/414.png) + +18 December 2013 + +**KDE SC 4.14**: he release primarily focused on stability, with numerous bugs fixed and few new features added. This was the final KDE SC 4 release. + +#### KDE Plasma 5.0 – July 15, 2014 #### + +![](https://github.com/paulcarroty/Articles/raw/master/KDE_History/im/500.png) + +KDE Plasma 5 – 5th generation of KDE. Massive impovements in design and system, new default theme – Breeze, complete migration to QML, better performance with OpenGL, better HiDPI displays support. + +![11 November 2014](https://github.com/paulcarroty/Articles/raw/master/KDE_History/im/501.png) + +11 November 2014 + +**KDE Plasma 5.1**: Ported missing features from Plasma 4. + +![27 January 2015](https://github.com/paulcarroty/Articles/raw/master/KDE_History/im/502.png) + +27 January 2015 + +**KDE Plasma 5.2**: New components: BlueDevil, KSSHAskPass, Muon, SDDM theme configuration, KScreen, GTK+ style configuration and KDecoration. + +![28 April 2015](https://github.com/paulcarroty/Articles/raw/master/KDE_History/im/503.png) + +28 April 2015 + +**KDE Plasma 5.3**: Tech preview of Plasma Media Center. New Bluetooth and touchpad applets. Enhanced power management. + +![25 August 2015](https://github.com/paulcarroty/Articles/raw/master/KDE_History/im/504.png) + +25 August 2015 + +**KDE Plasma 5.4**: Initial Wayland session, new QML-based audio volume applet, and alternative full-screen application launcher. + +Big thanks to the [KDE][1] developers and community, Wikipedia for [descriptions][2] and all my readers. Be free and use the open source software like a KDE. + +-------------------------------------------------------------------------------- + +via: https://tlhp.cf/kde-history/ + +作者:[Pavlo RudyiCategories][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://tlhp.cf/author/paul/ +[1]:https://www.kde.org/ +[2]:https://en.wikipedia.org/wiki/KDE_Plasma_5 \ No newline at end of file diff --git a/sources/talk/20150716 Interview--Larry Wall.md b/sources/talk/20150716 Interview--Larry Wall.md deleted file mode 100644 index f3fea9c596..0000000000 --- a/sources/talk/20150716 Interview--Larry Wall.md +++ /dev/null @@ -1,127 +0,0 @@ -translating... - -Interview: Larry Wall -================================================================================ -> Perl 6 has been 15 years in the making, and is now due to be released at the end of this year. We speak to its creator to find out what’s going on. - -Larry Wall is a fascinating man. He’s the creator of Perl, a programming language that’s widely regarded as the glue holding the internet together, and mocked by some as being a “write-only” language due to its density and liberal use of non-alphanumeric characters. Larry also has a background in linguistics, and is well known for delivering entertaining “State of the Onion” presentations about the future of Perl. - -At FOSDEM 2015 in Brussels, we caught up with Larry to ask him why Perl 6 has taken so long (Perl 5 was released in 1994), how difficult it is to manage a project when everyone has strong opinions and pulling in different directions, and how his background in linguistics influenced the design of Perl from the start. Get ready for some intriguing diversions… - -![](http://www.linuxvoice.com/wp-content/uploads/2015/07/wall1.jpg) - -**Linux Voice: You once had a plan to go and find an undocumented language somewhere in the world and create a written script for it, but you never had the opportunity to fulfil this plan. Is that something you’d like to go back and do now?** - -Larry Wall: You have to be kind of young to be able to carry that off! It’s actually a lot of hard work, and organisations that do these things don’t tend to take people in when they’re over a certain age. Partly this is down to health and vigour, but also because people are much better at picking up new languages when they’re younger, and you have to learn the language before making a script for it. - -I started trying to teach myself Japanese about 10 years ago, and I could speak it quite well, because of my phonology and phonetics training – but it’s very hard for me to understand what anybody says. So I can go to Japan and ask for directions, but I can’t really understand the answers! - -> “With Perl 6, we found some ways to make the computer more sure about what the user is talking about.” - -So usually learning a language well enough to develop a writing system, and to at least be conversational in the language, takes some period of years before you can get to the point where you can actually do literacy and start educating people on their own culture, as it were. And then you teach them to write about their own culture as well. - -Of course, if you have language helpers – and we were told not to call them “language informants”, or everyone would think we were working for the CIA! – if you have these people, you can get them to come in and help you learn the foreign language. They are not teachers but there are ways of eliciting things from someone who’s not a language teacher – they can still teach you how to speak. They can take a stick and point to it and say “that’s a stick”, and drop it and say “the stick falls”. Then you start writing things down and systematising things. - -The motivation that most people have, going out to these groups, is to translate the Bible into their languages. But that’s only one part of it; the other is also culture preservation. Missionaries get kind of a bad rep on that, because anthropologists think they should be left to sit their in their own culture. But somebody is probably going to change their culture anyway – it’s usually the army, or businesses coming in, like Coca Cola or the sewing machine people, or missionaries. And of those three, the missionaries are the least damaging, if they’re doing their job right. - -**LV: Many writing systems are based on existing scripts, and then you have invented ones like Greenlandic…** - -LW: The Cherokee invented their own just by copying letters, and they have no mapping much to what we think of letters, and it’s fairly arbitrary in that sense. It just has to represent how the people themselves think of the language, and sufficiently well to communicate. Often there will be variations on Western orthography, using characters from Latin where possible. Tonal languages have to mark the tones somehow, by accents or by numbers. - -As soon as you start leaning towards a phoenetic or phonological representation, then you also start to lose dialectical differences – or you have to write the dialectal differences. Or you have conventional spelling like we have in English, but pronunciation that doesn’t really match it. - -**LV: When you started working on Perl, what did you take from your background in linguistics that made you think: “this is really important in a programming language”?** - -LW: I thought a lot about how people use languages. In real languages, you have a system of nouns and verbs and adjectives, and you kind of know which words are which type. And in real natural languages, you have a lot of instances of shoving one word into a different slot. The linguistic theory I studied was called tagmemics, and it accounts for how this works in a natural language – that you could have something that you think of as a noun, but you can verb it, and people do that all time. - -You can pretty much shove anything in any slot, and you can communicate. One of my favourite examples is shoving an entire sentence in as an adjective. The sentence goes like this: “I don’t like your I-can-use-anything-as-an-adjective attitude”! - -So natural language is very flexible this way because you have a very intelligent listener – or at least, compared with a computer – who you can rely on to figure out what you must have meant, in case of ambiguity. Of course, in a computer language you have to manage the ambiguity much more closely. - -Arguably in Perl 1 through to 5 we didn’t manage it quite adequately enough. Sometimes the computer was confused when it really shouldn’t be. With Perl 6, we discovered some ways to make the computer more sure about what the user is talking about, even if the user is confused about whether something is really a string or a number. The computer knows the exact type of it. We figured out ways of having stronger typing internally but still have the allomorphic “you can use this as that” idea. - -![](http://www.linuxvoice.com/wp-content/uploads/2015/07/wall2.jpg) - -**LV: For a long time Perl was seen as the “glue” language of the internet, for fitting bits and pieces together. Do you see Perl 6 as a release to satisfy the needs of existing users, or as a way to bring in new people, and bring about a resurgence in the language?** - -LW: The initial intent was to make a better Perl for Perl programmers. But as we looked at the some of the inadequacies of Perl 5, it became apparent that if we fixed these inadequacies, Perl 6 would be more applicable, as I mentioned in my talk – like how J. R. R. Tolkien talked about applicability [see http://tinyurl.com/nhpr8g2]. - -The idea that “easy things should be easy and hard things should be possible” goes way back, to the boundary between Perl 2 and Perl 3. In Perl 2, we couldn’t handle binary data or embedded nulls – it was just C-style strings. I said then that “Perl is just a text processing language – you don’t need those things in a text processing language”. - -But it occurred to me at the time that there were a large number of problems that were mostly text, and had a little bit of binary data in them – network addresses and things like that. You use binary data to open the socket but then text to process it. So the applicability of the language more than doubled by making it possible to handle binary data. - -That began a trade-off about what things should be easy in a language. Nowadays we have a principle in Perl, and we stole the phrase Huffman coding for it, from the bit encoding system where you have different sizes for characters. Common characters are encoded in a fewer number of bits, and rarer characters are encoded in more bits. - -> “There had to be a very careful balancing act. There were just so many good ideas at the beginning.” - -We stole that idea as a general principle for Perl, for things that are commonly used, or when you have to type them very often – the common things need to be shorter or more succinct. Another bit of that, however, is that they’re allowed to be more irregular. In natural language, it’s actually the most commonly used verbs that tend to be the most irregular. - -And there’s a reason for that, because you need more differentiation of them. One of my favourite books is called The Search for the Perfect Language by Umberto Eco, and it’s not about computer languages; it’s about philosophical languages, and the whole idea that maybe some ancient language was the perfect language and we should get back to it. - -All of those languages make the mistake of thinking that similar things should always be encoded similarly. But that’s not how you communicate. If you have a bunch of barnyard animals, and they all have related names, and you say “Go out and kill the Blerfoo”, but you really wanted them to kill the Blerfee, you might get a cow killed when you want a chicken killed. - -So in realms like that it’s actually better to differentiate the words, for more redundancy in the communication channel. The common words need to have more of that differentiation. It’s all about communicating efficiently, and then there’s also this idea of self-clocking codes. If you look at a UPC label on a product – a barcode – that’s actually a self-clocking code where each pair of bars and spaces is always in a unit of seven columns wide. You rely on that – you know the width of the bars will always add up to that. So it’s self-clocking. - -There are other self-clocking codes used in electronics. In the old transmission serial protocols there were stop and start bits so you could keep things synced up. Natural languages also do this. For instance, in the writing of Japanese, they don’t use spaces. Because the way they write it, they will have a Kanji character from Chinese at the head of each phrase, and then the endings are written in the a syllabary. - -**LV: Hiragana, right?** - -LW: Yes, Hiragana. So naturally the head of each phrase really stands out with this system. Similarly, in ancient Greek, most of the verbs were declined or conjugated. So they had standard endings were sort-of a clocking mechanism. Spaces were optional in their writing system as well – it was a more modern invention to put the spaces in. - -So similarly in computer languages, there’s value in having a self-clocking code. We rely on this heavily in Perl, and even more heavily in Perl 6 than in previous releases. The idea that when you’re parsing an expression, you’re either expecting a term or an infix operator. When you’re expecting a term you might also get a prefix operator – that’s kind-of in the same expectation slot – and when you’re expecting an infix you might also get a postfix for the previous term. - -But it flips back and forth. And if the compiler actually knows which it is expecting, you can overload those a little bit, and Perl does this. So a slash when it’s expecting a term will introduce a regular expression, whereas a slash when you’re expecting an infix will be division. On the other hand, we don’t want to overload everything, because then you lose the self-clocking redundancy. - -Most of our best error messages, for syntax errors, actually come out of noticing that you have two terms in a row. And then we try to figure out why there are two terms in a row – “oh, you must have left a semicolon out on the previous line”. So we can produce much better error messages than the more ad-hoc parsers. - -![](http://www.linuxvoice.com/wp-content/uploads/2015/07/wall3.jpg) - -**LV: Why has Perl 6 taken fifteen years? It must be hard overseeing a language when everyone has different opinions about things, and there’s not always the right way to do things, and the wrong way.** - -LW: There had to be a very careful balancing act. There were just so many good ideas at the beginning – well, I don’t want to say they were all good ideas. There were so many pain points, like there were 361 RFCs [feature proposal documents] when I expected maybe 20. We had to sit back and actually look at them all, and ignore the proposed solutions, because they were all over the map and all had tunnel vision. Each one many have just changed one thing, but if we had done them all, it would’ve been a complete mess. - -So we had to re-rationalise based on how people were actually hurting when they tried to use Perl 5. We started to look at the unifying, underlying ideas. Many of these RFCs were based on the fact that we had an inadequate type system. By introducing a more coherent type system we could fix many problems in a sane fashion and a cohesive fashion. - -And we started noticing other ways how we could unify the featuresets and start reusing ideas in different areas. Not necessarily that they were the same thing underneath. We have a standard way of writing pairs – well, two ways in Perl! But the way of writing pairs with a colon could also be reused for radix notation, or for literal numbers in any base. It could also be used for various alternative forms of quoting. We say in Perl that it’s “strangely consistent”. - -> “People who made early implementations of Perl 6 came back to me, cap in hand, and said “We really need a language designer.”” - -Similar ideas pop up, and you say “I’m already familiar with how that syntax works, but I see it’s being used for something else”. So it took some unity of vision to find these unifications. People who had the various ideas and made early implementations of Perl 6 came back to me, cap-in-hand, and said “We really need a language designer. Could you be our benevolent dictator?” - -So I was the language designer, but I was almost explicitly told: “Stay out of the implementation! We saw what you did made out of Perl 5, and we don’t like it!” It was really funny because the innards of the new implementation started looking a whole lot like Perl 5 inside, and maybe that’s why some of the early implementations didn’t work well. - -Because we were still feeling our way into the whole design, the implementations made a lot of assumptions about what VM should do and shouldn’t do, so we ended up with something like an object oriented assembly language. That sort of problem was fairly pervasive at the beginning. Then the Pugs guys came along and said “Let’s use Haskell, because it makes you think very clearly about what you’re doing. Let’s use it to clarify our semantic model underneath.” - -So we nailed down some of those semantic models, but more importantly, we started building the test suite at that point, to be consistent with those semantic models. Then after that, the Parrot VM continued developing, and then another implementation, Niecza, came along and it was based on .NET. It was by a young fellow who was very smart and implemented a large subset of Perl 6, but he was kind of a loner, didn’t really figure out a way to get other people involved in his project. - -At the same time the Parrot project was getting too big for anyone to really manage it inside, and very difficult to refactor. At that point the fellows working on Rakudo decided that we probably needed to be on more platforms than just the Parrot VM. So they invented a portability layer called NQP which stands for “Not Quite Perl”. They ported it to first of all run on the JVM (Java Virtual Machine), and while they were doing that they were also secretly working on a new VM called MoarVM. That became public a little over a year ago. - -Both MoarVM and JVM run a pretty much equivalent set of regression tests – Parrot is kind-of trailing back in some areas. So that has been very good to flush out VM-specific assumptions, and we’re starting to think about NQP targeting other things. There was a Google Summer of Code project year to target NQP to JavaScript, and that might fit right in, because MoarVM also uses Node.js for much of its more mundane processing. - -We probably need to concentrate on MoarVM for the rest of this year, until we actually define 6.0, and then the rest will catch up. - -**LV: Last year in the UK, the government kicked off the Year of Code, an attempt to get young people interested in programming. There are lots of opinions about how this should be done – like whether you should teach low-level languages at the start, so that people really understand memory usage, or a high-level language. What’s your take on that?** - -LW: Up until now, the Python community has done a much better job of getting into the lower levels of education than we have. We’d like to do something in that space too, and that’s partly why we have the butterfly logo, because it’s going to be appealing to seven year old girls! - -But we do think that Perl 6 will be learnable as a first language. A number of people have surprised us by learning Perl 5 as their first language. And you know, there are a number of fairly powerful concepts even in Perl 5, like closures, lexical scoping, and features you generally get from functional programming. Even more so in Perl 6. - -> “Until now, the Python community has done a much better job of getting into the lower levels of education.” - -Part of the reason the Perl 6 has taken so long is that we have around 50 different principles we try to stick to, and in language design you’re end up juggling everything and saying “what’s really the most important principle here”? There has been a lot of discussion about a lot of different things. Sometimes we commit to a decision, work with it for a while, and then realise it wasn’t quite the right decision. - -We didn’t design or specify pretty much anything about concurrent programming until someone came along who was smart enough about it and knew what the different trade-offs were, and that’s Jonathan Worthington. He has blended together ideas from other languages like Go and C#, with concurrent primitives that compose well. Composability is important in the rest of the language. - -There are an awful lot of concurrent and parallel programming systems that don’t compose well – like threads and locks, and there have been lots of ways to do it poorly. So in one sense, it’s been worth waiting this extra time to see some of these languages like Go and C# develop really good high-level primitives – that’s sort of a contradiction in terms – that compose well. - --------------------------------------------------------------------------------- - -via: http://www.linuxvoice.com/interview-larry-wall/ - -作者:[Mike Saunders][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:http://www.linuxvoice.com/author/mike/ diff --git a/sources/talk/20150818 A Linux User Using Windows 10 After More than 8 Years--See Comparison.md b/sources/talk/20150818 A Linux User Using Windows 10 After More than 8 Years--See Comparison.md index cf472613c4..22a0acdbf1 100644 --- a/sources/talk/20150818 A Linux User Using Windows 10 After More than 8 Years--See Comparison.md +++ b/sources/talk/20150818 A Linux User Using Windows 10 After More than 8 Years--See Comparison.md @@ -1,3 +1,4 @@ +sevenot translating A Linux User Using ‘Windows 10′ After More than 8 Years – See Comparison ================================================================================ Windows 10 is the newest member of windows NT family of which general availability was made on July 29, 2015. It is the successor of Windows 8.1. Windows 10 is supported on Intel Architecture 32 bit, AMD64 and ARMv7 processors. @@ -341,4 +342,4 @@ via: http://www.tecmint.com/a-linux-user-using-windows-10-after-more-than-8-year 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出 [a]:http://www.tecmint.com/author/avishek/ -[1]:https://www.microsoft.com/en-us/software-download/windows10ISO \ No newline at end of file +[1]:https://www.microsoft.com/en-us/software-download/windows10ISO diff --git a/sources/talk/20150820 LinuxCon's surprise keynote speaker ​Linus Torvalds muses about open-source software.md b/sources/talk/20150820 LinuxCon's surprise keynote speaker ​Linus Torvalds muses about open-source software.md deleted file mode 100644 index c045233630..0000000000 --- a/sources/talk/20150820 LinuxCon's surprise keynote speaker ​Linus Torvalds muses about open-source software.md +++ /dev/null @@ -1,46 +0,0 @@ -LinuxCon's surprise keynote speaker ​Linus Torvalds muses about open-source software -================================================================================ -> In a broad-ranging question and answer session, Linus Torvalds, Linux's founder, shared his thoughts on the current state of open source and Linux. - -**SEATTLE** -- [LinuxCon][1] attendees got an early Christmas present when the Wednesday morning "surprise" keynote speaker turned out to be Linux's founder, Linus Torvalds. - -![zemlin-and-torvalds-08192015-1.jpg](http://zdnet2.cbsistatic.com/hub/i/2015/08/19/9951f05a-fedf-4bf4-a4a1-3b4a15458de6/c19c89ded58025eccd090787ba40e803/zemlin-and-torvalds-08192015-1.jpg) - -Jim Zemlin and Linus Torvalds shooting the breeze at LinuxCon in Seattle. -- sjvn - -Jim Zemlin, the Linux Foundation's executive director, opened the question and answer session by quoting from a recent article about Linus, "[Torvalds may be the most influential individual economic force][2] of the past 20 years. ... Torvalds has, in effect, been as instrumental in retooling the production lines of the modern economy as Henry Ford was 100 years earlier." - -Torvalds replied, "I don't think I'm all that powerful, but I'm glad to get all the credit for open source." For someone who's arguably been more influential on technology than Bill Gates, Steve Jobs, or Larry Ellison, Torvalds remains amusingly modest. That's probably one reason [Torvalds, who doesn't suffer fools gladly][3], remains the unchallenged leader of Linux. - -It also helps that he doesn't take himself seriously, except when it comes to code quality. Zemlin reminded him that he was also described in the same article as being "5-feet, ho-hum tall with a paunch, ... his body type and gait resemble that of Tux, the penguin mascot of Linux." Torvald's reply was to grin and say "What is this? A roast?" He added that 5'8" was a perfectly good height. - -More seriously, Zemlin asked Torvalds what he thought about the current excitement over containers. Indeed, at times LinuxCon has felt like DockerCon. Torvalds replied, "I'm glad that the kernel is far removed from containers and other buzzwords. We only care about just the kernel. I'm so focused on the kernel I really don't care. I don't get involved in the politics above the kernel and I'm really happy that I don't know." - -Moving on, Zemlin asked Torvalds what he thought about the demand from the Internet of Things (IoT) for an even smaller Linux kernel. "Everyone has always wished for a smaller kernel," Torvalds said. "But, with all the modules it's still tens of MegaBytes in size. It's shocking that it used to fit into a MB. We'd like it to be mean lean, mean IT machine again." - -But, "Torvalds continued, "It's hard to get rid of unnecessary fat. Things tend to grow. Realistically I don't think we can get down to the sizes we were 20 years ago." - -As for security, the next topic, Torvalds said, "I'm at odds with the security community. They tend to see technology as black and white. If it's not security they don't care at all about it." The truth is "security is bugs. Most of the security issues we've had in the kernel hasn't been that big. Most of them have been really stupid and then some clever person takes advantage of it." - -The bottom line is, "We'll never get rid of bugs so security will never be perfect. We do try to be really careful about code. With user space we have to be very strict." But, "Bugs happen and all you can do is mitigate them. Open source is doing fairly well, but anyone who thinks we'll ever be completely secure is foolish." - -Zemlin concluded by asking Torvalds where he saw Linux ten years from now. Torvalds replied that he doesn't look at it this way. "I'm plodding, pedestrian, I look ahead six months, I don't plan 10 years ahead. I think that's insane." - -Sure, "companies plan ten years, and their plans use open source. Their whole process is very forward thinking. But I'm not worried about 10 years ahead. I look to the next release and the release beyond that." - -For Torvalds, who works at home where "the FedEx guy is no longer surprised to find me in my bathrobe at 2 in the afternoon," looking ahead a few months works just fine. And so do all the businesses -- both technology-based Amazon, Google, Facebook and more mainstream, WalMart, the New York Stock Exchange, and McDonalds -- that live on Linux every day. - --------------------------------------------------------------------------------- - -via: http://www.zdnet.com/article/linus-torvalds-muses-about-open-source-software/ - -作者:[Steven J. Vaughan-Nichols][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:http://www.zdnet.com/meet-the-team/us/steven-j-vaughan-nichols/ -[1]:http://events.linuxfoundation.org/events/linuxcon-north-america -[2]:http://www.bloomberg.com/news/articles/2015-06-16/the-creator-of-linux-on-the-future-without-him -[3]:http://www.zdnet.com/article/linus-torvalds-finds-gnome-3-4-to-be-a-total-user-experience-design-failure/ \ No newline at end of file diff --git a/sources/talk/20150820 Why did you start using Linux.md b/sources/talk/20150820 Why did you start using Linux.md index 3ddf90c560..5fb6a8d4fe 100644 --- a/sources/talk/20150820 Why did you start using Linux.md +++ b/sources/talk/20150820 Why did you start using Linux.md @@ -1,4 +1,3 @@ -KevinSJ translating Why did you start using Linux? ================================================================================ > In today's open source roundup: What got you started with Linux? Plus: IBM's Linux only Mainframe. And why you should skip Windows 10 and go with Linux diff --git a/sources/talk/20150821 Linux 4.3 Kernel To Add The MOST Driver Subsystem.md b/sources/talk/20150821 Linux 4.3 Kernel To Add The MOST Driver Subsystem.md deleted file mode 100644 index 3e225ac866..0000000000 --- a/sources/talk/20150821 Linux 4.3 Kernel To Add The MOST Driver Subsystem.md +++ /dev/null @@ -1,30 +0,0 @@ -- translating by Ezio - -Linux 4.3 Kernel To Add The MOST Driver Subsystem -================================================================================ - While the [Linux 4.2][1] kernel hasn't been officially released yet, Greg Kroah-Hartman sent in early his pull requests for the various subsystems he maintains for the Linux 4.3 merge window. - -The pull requests sent in by Greg KH on Thursday include the Linux 4.3 merge window updates for the driver core, TTY/serial, USB driver, char/misc, and the staging area. These pull requests don't offer any really shocking changes but mostly routine work on improvements / additions / bug-fixes. The staging area once again is heavy with various fixes and clean-ups but there's also a new driver subsystem. - -Greg mentioned of the [4.3 staging changes][2], "Lots of things all over the place, almost all of them trivial fixups and changes. The usual IIO updates and new drivers and we have added the MOST driver subsystem which is getting cleaned up in the tree. The ozwpan driver is finally being deleted as it is obviously abandoned and no one cares about it." - -The MOST driver subsystem is short for the Media Oriented Systems Transport. The documentation to be added in the Linux 4.3 kernel explains, "The Media Oriented Systems Transport (MOST) driver gives Linux applications access a MOST network: The Automotive Information Backbone and the de-facto standard for high-bandwidth automotive multimedia networking. MOST defines the protocol, hardware and software layers necessary to allow for the efficient and low-cost transport of control, real-time and packet data using a single medium (physical layer). Media currently in use are fiber optics, unshielded twisted pair cables (UTP) and coax cables. MOST also supports various speed grades up to 150 Mbps." As explained, MOST is mostly about Linux in automotive applications. - -While Greg KH sent in his various subsystem updates for Linux 4.3, he didn't yet propose the [KDBUS][5] kernel code be pulled. He's previously expressed plans for [KDBUS in Linux 4.3][3] so we'll wait until the 4.3 merge window officially gets going to see what happens. Stay tuned to Phoronix for more Linux 4.3 kernel coverage next week when the merge window will begin, [assuming Linus releases 4.2][4] this weekend. - --------------------------------------------------------------------------------- - -via: http://www.phoronix.com/scan.php?page=news_item&px=Linux-4.3-Staging-Pull - -作者:[Michael Larabel][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:http://www.michaellarabel.com/ -[1]:http://www.phoronix.com/scan.php?page=search&q=Linux+4.2 -[2]:http://lkml.iu.edu/hypermail/linux/kernel/1508.2/02604.html -[3]:http://www.phoronix.com/scan.php?page=news_item&px=KDBUS-Not-In-Linux-4.2 -[4]:http://www.phoronix.com/scan.php?page=news_item&px=Linux-4.2-rc7-Released -[5]:http://www.phoronix.com/scan.php?page=search&q=KDBUS \ No newline at end of file diff --git a/sources/talk/20150824 LinuxCon exclusive--Mark Shuttleworth says Snappy was born long before CoreOS and the Atomic Project.md b/sources/talk/20150824 LinuxCon exclusive--Mark Shuttleworth says Snappy was born long before CoreOS and the Atomic Project.md deleted file mode 100644 index 2c45b6064b..0000000000 --- a/sources/talk/20150824 LinuxCon exclusive--Mark Shuttleworth says Snappy was born long before CoreOS and the Atomic Project.md +++ /dev/null @@ -1,92 +0,0 @@ -LinuxCon exclusive: Mark Shuttleworth says Snappy was born long before CoreOS and the Atomic Project -================================================================================ -![](http://images.techhive.com/images/article/2015/08/mark-100608730-primary.idge.jpg) - -Mark Shuttleworth at LinuxCon Credit: Swapnil Bhartiya - -> Mark Shuttleworth, founder of Canonical and Ubuntu, made a surprise visit at LinuxCon. I sat down with him for a video interview and talked about Ubuntu on IBM’s new LinuxONE systems, Canonical’s plans for containers, open source in the enterprise space and much more. - -### You made a surprise entry during the keynote. What brought you to LinuxCon? ### - -**Mark Shuttleworth**: I am here at LinuxCon to support IBM and Canonical in their announcement of Ubuntu on their new Linux-only super-high-end mainframe LinuxONE. These are the biggest machines in the world, purpose-built to run only Linux. And we will be bringing Ubuntu to them, which is a real privilege for us and is going to be incredible for developers. - -![mark selfie](http://images.techhive.com/images/article/2015/08/mark-selfie-100608731-large.idge.jpg) - -Swapnil Bhartiya - -Mark Shuttleworth and Swapnil Bhartiya, mandatory selfie at LinuxCon - -### Only Red Hat and SUSE were supported on it. Why was Ubuntu missing from the mainframe scene? ### - -**Mark**: Ubuntu has always been about developers. It has been about enabling the free software platform from where it is collaboratively built to be available at no cost to developers in the world, so they are limited only by their imagination—not by money, not by geography. - -There was an incredible story told today about a 12-year-old kid who started out with Ubuntu; there are incredible stories about people building giant businesses with Ubuntu. And for me, being able to empower people, whether they come from one part of the world or another to express their ideas on free software, is what Ubuntu is all about. It's been a journey for us essentially, going to the platforms those developers care about, and just in the last year, we suddenly saw a flood of requests from companies who run mainframes, who are using Ubuntu for their infrastructure—70% of OpenStack deployments are on Ubuntu. Those same people said, “Look, there is the mainframe, and we like to unleash it and think of it as a region in the cloud.” So when IBM started talking to us, saying that they have this project in the works, it felt like a very natural fit: You are going to be able to take your Ubuntu laptop, build code there and ship it straight to every cloud, every virtualization environment, every bare metal in every architecture including the mainframe, and that's going to be beautiful. - -### Will Canonical be offering support for these systems? ### - -**Mark**: Yes. Ubuntu on z Systems is going to be completely supported. We will make long-term commitments to that. The idea is to bring together scale-out-fast cloud-like workloads, which is really born on Ubuntu; 70% of workloads on Amazon and other public clouds run on Ubuntu. Now you can think of running that on a mainframe if that makes sense to you. - -We are going to provide exactly the same platform that we do on the cloud, and we are going to provide that on the mainframe as well. We are also going to expose it to the OpenStack API so you can consume it on a mainframe with exactly the same tools and exactly the same processes that you would consume on a laptop, or OpenStack or public cloud resources. So all of the things that Ubuntu builds to make your life easy as a developer are going to be available across that full range of platforms and systems, and all of that is commercially supported. - -### Canonical is doing a lot of things: It is into enterprise, and it’s in the consumer space with mobile and desktop. So what is the core focus of Canonical now? ### - -**Mark**: The trick for us is to enable the reuse of specifically the same parts [of our technology] in as many useful ways as possible. So if you look at the work that we do at z Systems, it's absolutely defined by the work that we do on the cloud. We want to deliver exactly the same libraries on exactly the same date for the mainframe as we do for public clouds and for x86, ARM and Power servers today. - -We don't allow Ubuntu or our focus to fragment very dramatically because we don't allow different products managers to find Ubuntu in different ways in different environments. We just want to bring that standard experience that developers love to this new environment. - -Similarly if you look at the work we are doing on IoT [Internet of Things], Snappy Ubuntu is the heart of the phone. It’s the phone without the GUI. So the definitions, the tools, the kernels, the mechanisms are shared across those projects. So we are able to multiply the impact of the work. We have an incredible community, and we try to enable the community to do things that they want to do that we can’t do. So that's why we have so many buntus, and it's kind of incredible for me to see what they do with that. - -We also see the community climbing in. We see hundreds of developers working with Snappy for IoT, and we see developers working with Snappy on mobile, for personal computing as convergence becomes real. And, of course, there is the cloud server story: 70% of the world is Ubuntu, so there is a huge audience. We don't have to do all the work that we do; we just have to be open and willing to, kind of, do the core infrastructure and then reuse it as efficiently as possible. - -### Is Snappy a response to Atomic or CoreOS? ### - -**Mark**: Snappy as a project was born four years ago when we started working on the phone, which was long before the CoreOS, long before Atomic. I think the principles of atomicity, transactionality are beautiful, but remember: We needed to build the same things for the phone. And with Snappy, we have the ability to deliver transactional updates to any of these systems—phones, servers and cloud devices. - -Of course, it feels a little different because in order to provide those guarantees, we have to shape the system in such a way that we can guarantee the guarantees. And that's why Snappy is snappy; it's a new thing. It's not based on an old packaging system. Though we will keep both of them: All Snaps for us that Canonical makes, the core snaps that define the OS, are all built from Debian packages. They are two different faces of the same coin for us, and developers will use them as tools. We use the right tools for the job. - -There are couple of key advantages for Snappy over CoreOS and Atomic, and the main one is this: We took the view that we wanted the base idea to be extensible. So with Snappy, the core operating system is tiny. You make all the choices, and you take all the decisions about things you want to bolt on that: you want to bolt on Docker; you want to bolt on Kubernete; you want to bolt on Mesos; you want to bolt on Lattice from Pivotal; you want to bolt on OpenStack. Those are the things you choose to add with Snappy. Whereas with Atomic and CoreOS, it's one blob and you have to do it exactly the way they want you to do it. You have to live with the versions of software and the choices they make. - -Whereas with Snappy, we really preserve this idea of the choices you have got in Ubuntu are now transactionally available on Snappy systems. That makes the core much smaller, and it gives you the choice of different container systems, different container management systems, different cloud infrastructure systems or different apps of every description. I think that's the winning idea. In fullness of time, people will realize that they wanted to make those choices themselves; they just want Canonical to do the work of providing the updates in a really efficient manner. - -### There is so much competition in the container space with Docker, Rocket and many other players. Where will Canonical stand amid this competition? ### - -**Mark**: Canonical is focused on platform tools, and we see things like the Rocket and Docker as things super-useful for developers; we just make sure that those work best on Ubuntu. Docker, for years, ran only Ubuntu because we work very closely with them, and we are glad now that it's available everywhere else. But if you look at the numbers, the vast majority of Docker containers are on Ubuntu. Because we work really hard, as developers, you get the best experience with all of these tools on Ubuntu. We don't want to try and control everything, and it’s great for us to have those guys competing. - -I think in the end people will see that there is really two kinds of containers. 1) There are cases where a container is just like a VM machine. It feels like a whole machine, it runs all processes, all the logs and cron jobs are there. It's like a VM, just that it's much cheaper, much lighter, much faster, and that's LXD. 2) And then there would be process containers, which are like Docker or Rocket; they are there to run a specific application very fast. I think we lead the world in general machine container story, which is our hypervisor LXD, and I think Docker leads the story when it comes to applications containers, process containers. And those two work together really beautifully. - -### Microsoft and Canonical are working together on LXD? Can you tell us about this engagement? ### - -Mark: LXD is two things. First, it's an implementation on top of Canonical's work on the kernel so that you can start to create full machine containers on any host. But it's also a REST API. That’s the transitions from LXC to LXD. We got a daemon there so you can talk to the daemon over the network, if it's listening on the network, and says tell me about the containers on that machine, tell me about the file systems on that machine, the networks on that machine, start or stop the container. - -So LXD becomes a distributed hypervisor effectively. Very interestingly, last week Microsoft announced that they like REST API. It is very clean, very simple, very well engineered, and they are going to implement the same API for Windows machines. It's completely cross-platform, which means you will be able to talk to any machine—Linux or Windows. So it gives you very clean and simple APIs to talk about containers on any host on the network. - -Of course, we have led the work in [OpenStack to bind LXD to Nova][1], which is the control system to compute in OpenStack, so that's how we create a whole cloud with OpenStack API with the individual VMs being actually containers, so much denser, much faster, much lighter, much cheaper. - -### Open Source is becoming a norm in the enterprise segment. What do you think is driving the adoption of open source in the enterprise? ### - -**Mark**: The reason why open source has become so popular in the enterprise is because it enables them to go faster. We are all competing at some level, and if you can't make progress because you have to call up some vendor, you can't dig in and help yourself go faster, then you feel frustrated. And given the choice between frustration and at least the ability to dig into a problem, enterprises over time will always choose to give themselves the ability to dig in and help themselves. So that is why open source is phenomenal. - -I think it goes a bit deeper than that. I think people have started to realize as much as we compete, 99% of what we need to do is shared, and there is something meaningful about contributing to something that is shared. As I have seen Ubuntu go from something that developers love, to something that CIOs love that developers love Ubuntu. As that happens, it's not a one-way ticket. They often want to say how can we help contribute to make this whole thing go faster. - -We have always seen a curve of complexity, and open source has traditionally been higher up on the curve of complexity and therefore considered threatening or difficult or too uncertain for people who are not comfortable with the complexity. What's wonderful to me is that many open source projects have identified that as a blocker for their own future. So in Ubuntu we have made user experience, design and “making it easy” a first-class goal. We have done the same for OpenStack. With Ubuntu tools for OpenStack anybody can build an OpenStack cloud in an hour, and if you want, that cloud can run itself, scale itself, manage itself, can deal with failures. It becomes something you can just fire up and forget, which also makes it really cheap. It also makes it something that's not a distraction, and so by making open source easier and easier, we are broadening its appeal to consumers and into the enterprise and potentially into the government. - -### How open are governments to open source? Can you tell us about the utilization of open source by governments, especially in the U.S.? ### - -**Mark**: I don't track the usage in government, but part of government utilization in the modern era is the realization that how untrustworthy other governments might be. There is a desire for people to be able to say, “Look, I want to review or check and potentially self-build all the things that I depend on.” That's a really important mission. At the end of the day, some people see this as a game where maybe they can get something out of the other guy. I see it as a game where we can make a level playing field, where everybody gets to compete. I have a very strong interest in making sure that Ubuntu is trustworthy, which means the way we build it, the way we run it, the governance around it is such that people can have confidence in it as an independent thing. - -### You are quite vocal about freedom, privacy and other social issues on Google+. How do you see yourself, your company and Ubuntu playing a role in making the world a better place? ### - -**Mark**: The most important thing for us to do is to build confidence in trusted platforms, platforms that are freely available but also trustworthy. At any given time, there will always be people who can make arguments about why they should have access to something. But we know from history that at the end of the day, due process of law, justice, doesn't depend on the abuse of privacy, abuse of infrastructure, the abuse of data. So I am very strongly of the view that in the fullness of time, all of the different major actors will come to the view that their primary interest is in having something that is conceptually trustworthy. This isn't about what America can steal from Germany or what China can learn in Russia. This is about saying we’re all going to be able to trust our infrastructure; that's a generational journey. But I believe Ubuntu can be right at the center of people's thinking about that. - --------------------------------------------------------------------------------- - -via: http://www.itworld.com/article/2973116/linux/linuxcon-exclusive-mark-shuttleworth-says-snappy-was-born-long-before-coreos-and-the-atomic-project.html - -作者:[Swapnil Bhartiya][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:http://www.itworld.com/author/Swapnil-Bhartiya/ -[1]:https://wiki.openstack.org/wiki/HypervisorSupportMatrix \ No newline at end of file diff --git a/sources/talk/20150827 The Strangest Most Unique Linux Distros.md b/sources/talk/20150827 The Strangest Most Unique Linux Distros.md deleted file mode 100644 index 04ff47952a..0000000000 --- a/sources/talk/20150827 The Strangest Most Unique Linux Distros.md +++ /dev/null @@ -1,67 +0,0 @@ -The Strangest, Most Unique Linux Distros -================================================================================ -From the most consumer focused distros like Ubuntu, Fedora, Mint or elementary OS to the more obscure, minimal and enterprise focused ones such as Slackware, Arch Linux or RHEL, I thought I've seen them all. Couldn't have been any further from the truth. Linux eco-system is very diverse. There's one for everyone. Let's discuss the weird and wacky world of niche Linux distros that represents the true diversity of open platforms. - -![strangest linux distros](http://2.bp.blogspot.com/--cSL2-6rIgA/VcwNc5hFebI/AAAAAAAAJzk/AgB55mVtJVQ/s1600/Puppy-Linux.png) - -**Puppy Linux**: An operating system which is about 1/10th the size of an average DVD quality movie rip, that's Puppy Linux for you. The OS is just 100 MB in size! And it can run from RAM making it unusually fast even in older PCs. You can even remove the boot medium after the operating system has started! Can it get any better than that? System requirements are bare minimum, most hardware are automatically detected, and it comes loaded with software catering to your basic needs. [Experience Puppy Linux][1]. - -![suicide linux](http://3.bp.blogspot.com/-dfeehRIQKpo/VdMgRVQqIJI/AAAAAAAAJz0/TmBs-n2K9J8/s1600/suicide-linux.jpg) - -**Suicide Linux**: Did the name scare you? Well it should. 'Any time - any time - you type any remotely incorrect command, the interpreter creatively resolves it into rm -rf / and wipes your hard drive'. Simple as that. I really want to know the ones who are confident enough to risk their production machines with [Suicide Linux][2]. **Warning: DO NOT try this on production machines!** The whole thing is available in a neat [DEB package][3] if you're interested. - -![top 10 strangest linux distros](http://3.bp.blogspot.com/-Q0hlEMCD9-o/VdMieAiXY1I/AAAAAAAAJ0M/iS_ZjVaZAk8/s1600/papyros.png) - -**PapyrOS**: "Strange" in a good way. PapyrOS is trying to adapt the material design language of Android into their brand new Linux distribution. Though the project is in early stages, it already looks very promising. The project page says the OS is 80% complete and one can expect the first Alpha release anytime soon. We did a small write up on [PapyrOS][4] when it was announced and by the looks of it, PapyrOS might even become a trend-setter of sorts. Follow the project on [Google+][5] and contribute via [BountySource][6] if you're interested. - -![10 most unique linux distros](http://3.bp.blogspot.com/-8aOtnTp3Yxk/VdMo_KWs4sI/AAAAAAAAJ0o/3NTqhaw60jM/s1600/qubes-linux.png) - -**Qubes OS**: Qubes is an open-source operating system designed to provide strong security using a Security by Compartmentalization approach. The assumption is that there can be no perfect, bug-free desktop environment. And by implementing a 'Security by Isolation' approach, [Qubes Linux][7] intends to remedy that. Qubes is based on Xen, the X Window System, and Linux, and can run most Linux applications and supports most Linux drivers. Qubes was selected as a finalist of Access Innovation Prize 2014 for Endpoint Security Solution. - -![top10 linux distros](http://3.bp.blogspot.com/-2Sqvb_lilC0/VdMq_ceoXnI/AAAAAAAAJ00/kot20ugVJFk/s1600/ubuntu-satanic.jpg) - -**Ubuntu Satanic Edition**: Ubuntu SE is a Linux distribution based on Ubuntu. "It brings together the best of free software and free metal music" in one comprehensive package consisting of themes, wallpapers, and even some heavy-metal music sourced from talented new artists. Though the project doesn't look actively developed anymore, Ubuntu Satanic Edition is strange in every sense of that word. [Ubuntu SE (Slightly NSFW)][8]. - -![10 strange linux distros](http://2.bp.blogspot.com/-ZtIVjGMqdx0/VdMv136Pz1I/AAAAAAAAJ1E/-q34j-TXyUY/s1600/tiny-core-linux.png) - -**Tiny Core Linux**: Puppy Linux not small enough? Try this. Tiny Core Linux is a 12 MB graphical Linux desktop! Yep, you read it right. One major caveat: It is not a complete desktop nor is all hardware completely supported. It represents only the core needed to boot into a very minimal X desktop typically with wired internet access. There is even a version without the GUI called Micro Core Linux which is just 9MB in size. [Tiny Core Linux][9] folks. - -![top 10 unique and special linux distros](http://4.bp.blogspot.com/-idmCvIxtxeo/VdcqcggBk1I/AAAAAAAAJ1U/DTQCkiLqlLk/s1600/nixos.png) - -**NixOS**: A very experienced-user focused Linux distribution with a unique approach to package and configuration management. In other distributions, actions such as upgrades can be dangerous. Upgrading a package can cause other packages to break, upgrading an entire system is much less reliable than reinstalling from scratch. And top of all that you can't safely test what the results of a configuration change will be, there's no "Undo" so to speak. In NixOS, the entire operating system is built by the Nix package manager from a description in a purely functional build language. This means that building a new configuration cannot overwrite previous configurations. Most of the other features follow this pattern. Nix stores all packages in isolation from each other. [More about NixOS][10]. - -![strangest linux distros](http://4.bp.blogspot.com/-rOYfBXg-UiU/VddCF7w_xuI/AAAAAAAAJ1w/Nf11bOheOwM/s1600/gobolinux.jpg) - -**GoboLinux**: This is another very unique Linux distro. What makes GoboLinux so different from the rest is its unique re-arrangement of the filesystem. It has its own subdirectory tree, where all of its files and programs are stored. GoboLinux does not have a package database because the filesystem is its database. In some ways, this sort of arrangement is similar to that seen in OS X. [Get GoboLinux][11]. - -![strangest linux distros](http://1.bp.blogspot.com/-3P22pYfih6Y/VdcucPOv4LI/AAAAAAAAJ1g/PszZDbe83sQ/s1600/hannah-montana-linux.jpg) - -**Hannah Montana Linux**: Here is a Linux distro based on Kubuntu with a Hannah Montana themed boot screen, KDM, icon set, ksplash, plasma, color scheme, and wallpapers (I'm so sorry). [Link][12]. Project not active anymore. - -**RLSD Linux**: An extremely minimalistic, small, lightweight and security-hardened, text-based operating system built on Linux. "It's a unique distribution that provides a selection of console applications and home-grown security features which might appeal to hackers," developers claim. [RLSD Linux][13]. - -Did we miss anything even stranger? Let us know. - --------------------------------------------------------------------------------- - -via: http://www.techdrivein.com/2015/08/the-strangest-most-unique-linux-distros.html - -作者:Manuel Jose -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出 - -[1]:http://puppylinux.org/main/Overview%20and%20Getting%20Started.htm -[2]:http://qntm.org/suicide -[3]:http://sourceforge.net/projects/suicide-linux/files/ -[4]:http://www.techdrivein.com/2015/02/papyros-material-design-linux-coming-soon.html -[5]:https://plus.google.com/communities/109966288908859324845/stream/3262a3d3-0797-4344-bbe0-56c3adaacb69 -[6]:https://www.bountysource.com/teams/papyros -[7]:https://www.qubes-os.org/ -[8]:http://ubuntusatanic.org/ -[9]:http://tinycorelinux.net/ -[10]:https://nixos.org/ -[11]:http://www.gobolinux.org/ -[12]:http://hannahmontana.sourceforge.net/ -[13]:http://rlsd2.dimakrasner.com/ \ No newline at end of file diff --git a/sources/talk/20150909 Superclass--15 of the world's best living programmers.md b/sources/talk/20150909 Superclass--15 of the world's best living programmers.md deleted file mode 100644 index 70a9803b10..0000000000 --- a/sources/talk/20150909 Superclass--15 of the world's best living programmers.md +++ /dev/null @@ -1,389 +0,0 @@ -Superclass: 15 of the world’s best living programmers -================================================================================ -When developers discuss who the world’s top programmer is, these names tend to come up a lot. - -![](http://images.techhive.com/images/article/2015/09/superman-620x465-100611650-orig.jpg) - -Image courtesy [tom_bullock CC BY 2.0][1] - -It seems like there are lots of programmers out there these days, and lots of really good programmers. But which one is the very best? - -Even though there’s no way to really say who the best living programmer is, that hasn’t stopped developers from frequently kicking the topic around. ITworld has solicited input and scoured coder discussion forums to see if there was any consensus. As it turned out, a handful of names did frequently get mentioned in these discussions. - -Use the arrows above to read about 15 people commonly cited as the world’s best living programmer. - -![](http://images.techhive.com/images/article/2015/09/margaret_hamilton-620x465-100611764-orig.jpg) - -Image courtesy [NASA][2] - -### Margaret Hamilton ### - -**Main claim to fame: The brains behind Apollo’s flight control software** - -Credentials: As the Director of the Software Engineering Division at Charles Stark Draper Laboratory, she headed up the team which [designed and built][3] the on-board [flight control software for NASA’s Apollo][4] and Skylab missions. Based on her Apollo work, she later developed the [Universal Systems Language][5] and [Development Before the Fact][6] paradigm. Pioneered the concepts of [asynchronous software, priority scheduling, and ultra-reliable software design][7]. Coined the term “[software engineering][8].” Winner of the [Augusta Ada Lovelace Award][9] in 1986 and [NASA’s Exceptional Space Act Award in 2003][10]. - -Quotes: “Hamilton invented testing , she pretty much formalised Computer Engineering in the US.” [ford_beeblebrox][11] - -“I think before her (and without disrespect including Knuth) computer programming was (and to an extent remains) a branch of mathematics. However a flight control system for a spacecraft clearly moves programming into a different paradigm.” [Dan Allen][12] - -“... she originated the term ‘software engineering’ — and offered a great example of how to do it.” [David Hamilton][13] - -“What a badass” [Drukered][14] - -![](http://images.techhive.com/images/idge/imported/imageapi/2014/10/08/17/slide_donald_knuth-620x465-100502872-orig.jpg) - -Image courtesy [vonguard CC BY-SA 2.0][15] - -### Donald Knuth ### - -**Main claim to fame: Author of The Art of Computer Programming** - -Credentials: Wrote the [definitive book on the theory of programming][16]. Created the TeX digital typesetting system. [First winner of the ACM’s Grace Murray Hopper Award][17] in 1971. Winner of the ACM’s [A. M. Turing][18] Award in 1974, the [National Medal of Science][19] in 1979 and the IEEE’s [John von Neumann Medal][20] in 1995. Named a [Fellow at the Computer History Museum][21] in 1998. - -Quotes: “... wrote The Art of Computer Programming which is probably the most comprehensive work on computer programming ever.” [Anonymous][22] - -“There is only one large computer program I have used in which there are to a decent approximation 0 bugs: Don Knuth's TeX. That's impressive.” [Jaap Weel][23] - -“Pretty awesome if you ask me.” [Mitch Rees-Jones][24] - -![](http://images.techhive.com/images/idge/imported/imageapi/2014/10/08/17/slide_ken-thompson-620x465-100502874-orig.jpg) - -Image courtesy [Association for Computing Machinery][25] - -### Ken Thompson ### - -**Main claim to fame: Creator of Unix** - -Credentials: Co-creator, [along with Dennis Ritchie][26], of Unix. Creator of the [B programming language][27], the [UTF-8 character encoding scheme][28], the ed [text editor][29], and co-developer of the Go programming language. Co-winner (along with Ritchie) of the [A.M. Turing Award][30] in 1983, [IEEE Computer Pioneer Award][31] in 1994, and the [National Medal of Technology][32] in 1998. Inducted as a [fellow of the Computer History Museum][33] in 1997. - -Quotes: “... probably the most accomplished programmer ever. Unix kernel, Unix tools, world-champion chess program Belle, Plan 9, Go Language.” [Pete Prokopowicz][34] - -“Ken's contributions, more than anyone else I can think of, were fundamental and yet so practical and timeless they are still in daily use.“ [Jan Jannink][35] - -![](http://images.techhive.com/images/idge/imported/imageapi/2014/10/08/17/slide_richard_stallman-620x465-100502868-orig.jpg) - -Image courtesy Jiel Beaumadier CC BY-SA 3.0 - -### Richard Stallman ### - -**Main claim to fame: Creator of Emacs, GCC** - -Credentials: Founded the [GNU Project][36] and created many of its core tools, such as [Emacs, GCC, GDB][37], and [GNU Make][38]. Also founded the [Free Software Foundation][39]. Winner of the ACM's [Grace Murray Hopper Award][40] in 1990 and the [EFF's Pioneer Award in 1998][41]. - -Quotes: “... there was the time when he single-handedly outcoded several of the best Lisp hackers around, in the Symbolics vs LMI fight.” [Srinivasan Krishnan][42] - -“Through his amazing mastery of programming and force of will, he created a whole sub-culture in programming and computers.” [Dan Dunay][43] - -“I might disagree on many things with the great man, but he is still one of the most important programmers, alive or dead” [Marko Poutiainen][44] - -“Try to imagine Linux without the prior work on the GNu project. Stallman's the bomb, yo.” [John Burnette][45] - -![](http://images.techhive.com/images/idge/imported/imageapi/2014/10/08/17/slide_anders_hejlsberg-620x465-100502873-orig.jpg) - -Image courtesy [D.Begley CC BY 2.0][46] - -### Anders Hejlsberg ### - -**Main claim to fame: Creator of Turbo Pascal** - -Credentials: [The original author of what became Turbo Pascal][47], one of the most popular Pascal compilers and the first integrated development environment. Later, [led the building of Delphi][48], Turbo Pascal’s successor. [Chief designer and architect of C#][49]. Winner of [Dr. Dobb's Excellence in Programming Award][50] in 2001. - -Quotes: “He wrote the [Pascal] compiler in assembly language for both of the dominant PC operating systems of the day (DOS and CPM). It was designed to compile, link and run a program in seconds rather than minutes.” [Steve Wood][51] - -“I revere this guy - he created the development tools that were my favourite through three key periods along my path to becoming a professional software engineer.” [Stefan Kiryazov][52] - -![](http://images.techhive.com/images/idge/imported/imageapi/2014/10/08/17/slide_doug_cutting-620x465-100502871-orig.jpg) - -Image courtesy [vonguard CC BY-SA 2.0][53] - -### Doug Cutting ### - -**Main claim to fame: Creator of Lucene** - -Credentials: [Developed the Lucene search engine, as well as Nutch][54], a web crawler, and [Hadoop][55], a set of tools for distributed processing of large data sets. A strong proponent of open-source (Lucene, Nutch and Hadoop are all open-source). Currently [a former director of the Apache Software Foundation][56]. - -Quotes: “... he is the same guy who has written an exceptional search framework(lucene/solr) and opened the big-data gateway to the world(hadoop).” [Rajesh Rao][57] - -“His creation/work on Lucene and Hadoop (among other projects) has created a tremendous amount of wealth and employment for folks in the world….” [Amit Nithianandan][58] - -![](http://images.techhive.com/images/idge/imported/imageapi/2014/10/08/17/slide_sanjay_ghemawat-620x465-100502876-orig.jpg) - -Image courtesy [Association for Computing Machinery][59] - -### Sanjay Ghemawat ### - -**Main claim to fame: Key Google architect** - -Credentials: [Helped to design and implement some of Google’s large distributed systems][60], including MapReduce, BigTable, Spanner and Google File System. [Created Unix’s ical][61] calendaring system. Elected to the [National Academy of Engineering][62] in 2009. Winner of the [ACM-Infosys Foundation Award in the Computing Sciences][63] in 2012. - -Quote: “Jeff Dean's wingman.” [Ahmet Alp Balkan][64] - -![](http://images.techhive.com/images/idge/imported/imageapi/2014/10/08/17/slide_jeff_dean-620x465-100502866-orig.jpg) - -Image courtesy [Google][65] - -### Jeff Dean ### - -**Main claim to fame: The brains behind Google search indexing** - -Credentials: Helped to design and implement [many of Google’s large-scale distributed systems][66], including website crawling, indexing and searching, AdSense, MapReduce, BigTable and Spanner. Elected to the [National Academy of Engineering][67] in 2009. 2012 winner of the ACM’s [SIGOPS Mark Weiser Award][68] and the [ACM-Infosys Foundation Award in the Computing Sciences][69]. - -Quotes: “... for bringing breakthroughs in data mining( GFS, Map and Reduce, Big Table ).” [Natu Lauchande][70] - -“... conceived, built, and deployed MapReduce and BigTable, among a bazillion other things” [Erik Goldman][71] - -![](http://images.techhive.com/images/article/2015/09/linus_torvalds-620x465-100611765-orig.jpg) - -Image courtesy [Krd CC BY-SA 4.0][72] - -### Linus Torvalds ### - -**Main claim to fame: Creator of Linux** - -Credentials: Created the [Linux kernel][73] and [Git][74], an open source version control system. Winner of numerous awards and honors, including the [EFF Pioneer Award][75] in 1998, the [British Computer Society’s Lovelace Medal][76] in 2000, the [Millenium Technology Prize][77] in 2012 and the [IEEE Computer Society’s Computer Pioneer Award][78] in 2014. Also inducted into the [Computer History Museum’s Hall of Fellows][79] in 2008 and the [Internet Hall of Fame][80] in 2012. - -Quotes: “To put into prospective what an achievement this is, he wrote the Linux kernel in a few years while the GNU Hurd (a GNU-developed kernel) has been under development for 25 years and has still yet to release a production-ready example.” [Erich Ficker][81] - -“Torvalds is probably the programmer's programmer.” [Dan Allen][82] - -“He's pretty darn good.” [Alok Tripathy][83] - -![](http://images.techhive.com/images/idge/imported/imageapi/2014/10/08/17/slide_john_carmack-620x465-100502867-orig.jpg) - -Image courtesy [QuakeCon CC BY 2.0][84] - -### John Carmack ### - -**Main claim to fame: Creator of Doom** - -Credentials: Cofounded id Software and [created such influential FPS games][85] as Wolfenstein 3D, Doom and Quake. Pioneered such ground-breaking computer graphic techniques [adaptive tile refresh][86], [binary space partitioning][87], and surface caching. Inducted into the [Academy of Interactive Arts and Sciences Hall of Fame][88] in 2001, [won Emmy awards][89] in the Engineering & Technology category in 2007 and 2008, and given a lifetime achievement award by the [Game Developers Choice Awards][90] in 2010. - -Quotes: “He wrote his first rendering engine before he was 20 years old. The guy's a genius. I wish I were a quarter a programmer he is.” [Alex Dolinsky][91] - -“... Wolfenstein 3D, Doom and Quake were revolutionary at the time and have influenced a generation of game designers.” [dniblock][92] - -“He can write basically anything in a weekend....” [Greg Naughton][93] - -“He is the Mozart of computer coding….” [Chris Morris][94] - -![](http://images.techhive.com/images/idge/imported/imageapi/2014/10/08/17/slide_fabrice_bellard-620x465-100502870-orig.jpg) - -Image courtesy [Duff][95] - -### Fabrice Bellard ### - -**Main claim to fame: Creator of QEMU** - -Credentials: Created a [variety of well-known open-source software programs][96], including QEMU, a platform for hardware emulation and virtualization, FFmpeg, for handling multimedia data, the Tiny C Compiler and LZEXE, an executable file compressor. [Winner of the Obfuscated C Code Contest][97] in 2000 and 2001 and the [Google-O'Reilly Open Source Award][98] in 2011. Former world record holder for [calculating the most number of digits in Pi][99]. - -Quotes: “I find Fabrice Bellard's work remarkable and impressive.” [raphinou][100] - -“Fabrice Bellard is the most productive programmer in the world....” [Pavan Yara][101] - -“Hes like the Nikola Tesla of sofware engineering.” [Michael Valladolid][102] - -“He's a prolific serial achiever since the 1980s.” M[ichael Biggins][103] - -![](http://images.techhive.com/images/idge/imported/imageapi/2014/10/08/17/slide_jon_skeet-620x465-100502863-orig.jpg) - -Image courtesy [Craig Murphy CC BY 2.0][104] - -### Jon Skeet ### - -**Main claim to fame: Legendary Stack Overflow contributor** - -Credentials: Google engineer and author of [C# in Depth][105]. Holds [highest reputation score of all time on Stack Overflow][106], answering, on average, 390 questions per month. - -Quotes: “Jon Skeet doesn't need a debugger, he just stares down the bug until the code confesses” [Steven A. Lowe][107] - -“When Jon Skeet's code fails to compile the compiler apologises.” [Dan Dyer][108] - -“Jon Skeet's code doesn't follow a coding convention. It is the coding convention.” [Anonymous][109] - -![](http://images.techhive.com/images/idge/imported/imageapi/2014/10/08/17/slide_image_adam_dangelo-620x465-100502875-orig.jpg) - -Image courtesy [Philip Neustrom CC BY 2.0][110] - -### Adam D'Angelo ### - -**Main claim to fame: Co-founder of Quora** - -Credentials: As an engineer at Facebook, [built initial infrastructure for its news feed][111]. Went on to become CTO and VP of engineering at Facebook, before leaving to co-found Quora. [Eighth place finisher at the USA Computing Olympiad][112] as a high school student in 2001. Member of [California Institute of Technology’s silver medal winning team][113] at the ACM International Collegiate Programming Contest in 2004. [Finalist in the Algorithm Coding Competition][114] of Topcoder Collegiate Challenge in 2005. - -Quotes: “An "All-Rounder" Programmer.” [Anonymous][115] - -"For every good thing I make he has like six." [Mark Zuckerberg][116] - -![](http://images.techhive.com/images/idge/imported/imageapi/2014/10/08/17/slide_petr_mitrichev-620x465-100502869-orig.jpg) - -Image courtesy [Facebook][117] - -### Petr Mitrechev ### - -**Main claim to fame: One of the top competitive programmers of all time** - -Credentials: [Two-time gold medal winner][118] in the International Olympiad in Informatics (2000, 2002). In 2006, [won the Google Code Jam][119] and was also the [TopCoder Open Algorithm champion][120]. Also, two-time winner of the Facebook Hacker Cup ([2011][121], [2013][122]). At the time of this writing, [the second ranked algorithm competitor on TopCoder][123] (handle: Petr) and also [ranked second by Codeforces][124] - -Quote: “He is an idol in competitive programming even here in India…” [Kavish Dwivedi][125] - -![](http://images.techhive.com/images/idge/imported/imageapi/2014/10/08/17/slide_gennady_korot-620x465-100502864-orig.jpg) - -Image courtesy [Ishandutta2007 CC BY-SA 3.0][126] - -### Gennady Korotkevich ### - -**Main claim to fame: Competitive programming prodigy** - -Credentials: Youngest participant ever (age 11) and [6 time gold medalist][127] (2007-2012) in the International Olympiad in Informatics. Part of [the winning team][128] at the ACM International Collegiate Programming Contest in 2013 and winner of the [2014 Facebook Hacker Cup][129]. At the time of this writing, [ranked first by Codeforces][130] (handle: Tourist) and [first among algorithm competitors by TopCoder][131]. - -Quotes: “A programming prodigy!” [Prateek Joshi][132] - -“Gennady is definitely amazing, and visible example of why I have a large development team in Belarus.” [Chris Howard][133] - -“Tourist is genius” [Nuka Shrinivas Rao][134] - --------------------------------------------------------------------------------- - -via: http://www.itworld.com/article/2823547/enterprise-software/158256-superclass-14-of-the-world-s-best-living-programmers.html#slide1 - -作者:[Phil Johnson][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:http://www.itworld.com/author/Phil-Johnson/ -[1]:https://www.flickr.com/photos/tombullock/15713223772 -[2]:https://commons.wikimedia.org/wiki/File:Margaret_Hamilton_in_action.jpg -[3]:http://klabs.org/home_page/hamilton.htm -[4]:https://www.youtube.com/watch?v=DWcITjqZtpU&feature=youtu.be&t=3m12s -[5]:http://www.htius.com/Articles/r12ham.pdf -[6]:http://www.htius.com/Articles/Inside_DBTF.htm -[7]:http://www.nasa.gov/home/hqnews/2003/sep/HQ_03281_Hamilton_Honor.html -[8]:http://www.nasa.gov/50th/50th_magazine/scientists.html -[9]:https://books.google.com/books?id=JcmV0wfQEoYC&pg=PA321&lpg=PA321&dq=ada+lovelace+award+1986&source=bl&ots=qGdBKsUa3G&sig=bkTftPAhM1vZ_3VgPcv-38ggSNo&hl=en&sa=X&ved=0CDkQ6AEwBGoVChMI3paoxJHWxwIVA3I-Ch1whwPn#v=onepage&q=ada%20lovelace%20award%201986&f=false -[10]:http://history.nasa.gov/alsj/a11/a11Hamilton.html -[11]:https://www.reddit.com/r/pics/comments/2oyd1y/margaret_hamilton_with_her_code_lead_software/cmrswof -[12]:http://qr.ae/RFEZLk -[13]:http://qr.ae/RFEZUn -[14]:https://www.reddit.com/r/pics/comments/2oyd1y/margaret_hamilton_with_her_code_lead_software/cmrv9u9 -[15]:https://www.flickr.com/photos/44451574@N00/5347112697 -[16]:http://cs.stanford.edu/~uno/taocp.html -[17]:http://awards.acm.org/award_winners/knuth_1013846.cfm -[18]:http://amturing.acm.org/award_winners/knuth_1013846.cfm -[19]:http://www.nsf.gov/od/nms/recip_details.jsp?recip_id=198 -[20]:http://www.ieee.org/documents/von_neumann_rl.pdf -[21]:http://www.computerhistory.org/fellowawards/hall/bios/Donald,Knuth/ -[22]:http://www.quora.com/Who-are-the-best-programmers-in-Silicon-Valley-and-why/answers/3063 -[23]:http://www.quora.com/Respected-Software-Engineers/Who-are-some-of-the-best-programmers-in-the-world/answer/Jaap-Weel -[24]:http://qr.ae/RFE94x -[25]:http://amturing.acm.org/photo/thompson_4588371.cfm -[26]:https://www.youtube.com/watch?v=JoVQTPbD6UY -[27]:https://www.bell-labs.com/usr/dmr/www/bintro.html -[28]:http://doc.cat-v.org/bell_labs/utf-8_history -[29]:http://c2.com/cgi/wiki?EdIsTheStandardTextEditor -[30]:http://amturing.acm.org/award_winners/thompson_4588371.cfm -[31]:http://www.computer.org/portal/web/awards/cp-thompson -[32]:http://www.uspto.gov/about/nmti/recipients/1998.jsp -[33]:http://www.computerhistory.org/fellowawards/hall/bios/Ken,Thompson/ -[34]:http://www.quora.com/Computer-Programming/Who-is-the-best-programmer-in-the-world-right-now/answer/Pete-Prokopowicz-1 -[35]:http://qr.ae/RFEWBY -[36]:https://groups.google.com/forum/#!msg/net.unix-wizards/8twfRPM79u0/1xlglzrWrU0J -[37]:http://www.emacswiki.org/emacs/RichardStallman -[38]:https://www.gnu.org/gnu/thegnuproject.html -[39]:http://www.emacswiki.org/emacs/FreeSoftwareFoundation -[40]:http://awards.acm.org/award_winners/stallman_9380313.cfm -[41]:https://w2.eff.org/awards/pioneer/1998.php -[42]:http://www.quora.com/Respected-Software-Engineers/Who-are-some-of-the-best-programmers-in-the-world/answer/Greg-Naughton/comment/4146397 -[43]:http://qr.ae/RFEaib -[44]:http://www.quora.com/Software-Engineering/Who-are-some-of-the-greatest-currently-active-software-architects-in-the-world/answer/Marko-Poutiainen -[45]:http://qr.ae/RFEUqp -[46]:https://www.flickr.com/photos/begley/2979906130 -[47]:http://www.taoyue.com/tutorials/pascal/history.html -[48]:http://c2.com/cgi/wiki?AndersHejlsberg -[49]:http://www.microsoft.com/about/technicalrecognition/anders-hejlsberg.aspx -[50]:http://www.drdobbs.com/windows/dr-dobbs-excellence-in-programming-award/184404602 -[51]:http://qr.ae/RFEZrv -[52]:http://www.quora.com/Software-Engineering/Who-are-some-of-the-greatest-currently-active-software-architects-in-the-world/answer/Stefan-Kiryazov -[53]:https://www.flickr.com/photos/vonguard/4076389963/ -[54]:http://www.wizards-of-os.org/archiv/sprecher/a_c/doug_cutting.html -[55]:http://hadoop.apache.org/ -[56]:https://www.linkedin.com/in/cutting -[57]:http://www.quora.com/Respected-Software-Engineers/Who-are-some-of-the-best-programmers-in-the-world/answer/Shalin-Shekhar-Mangar/comment/2293071 -[58]:http://www.quora.com/Who-are-the-best-programmers-in-Silicon-Valley-and-why/answer/Amit-Nithianandan -[59]:http://awards.acm.org/award_winners/ghemawat_1482280.cfm -[60]:http://research.google.com/pubs/SanjayGhemawat.html -[61]:http://www.quora.com/Google/Who-is-Sanjay-Ghemawat -[62]:http://www8.nationalacademies.org/onpinews/newsitem.aspx?RecordID=02062009 -[63]:http://awards.acm.org/award_winners/ghemawat_1482280.cfm -[64]:http://www.quora.com/Google/Who-is-Sanjay-Ghemawat/answer/Ahmet-Alp-Balkan -[65]:http://research.google.com/people/jeff/index.html -[66]:http://research.google.com/people/jeff/index.html -[67]:http://www8.nationalacademies.org/onpinews/newsitem.aspx?RecordID=02062009 -[68]:http://news.cs.washington.edu/2012/10/10/uw-cse-ph-d-alum-jeff-dean-wins-2012-sigops-mark-weiser-award/ -[69]:http://awards.acm.org/award_winners/dean_2879385.cfm -[70]:http://www.quora.com/Computer-Programming/Who-is-the-best-programmer-in-the-world-right-now/answer/Natu-Lauchande -[71]:http://www.quora.com/Respected-Software-Engineers/Who-are-some-of-the-best-programmers-in-the-world/answer/Cosmin-Negruseri/comment/28399 -[72]:https://commons.wikimedia.org/wiki/File:LinuxCon_Europe_Linus_Torvalds_05.jpg -[73]:http://www.linuxfoundation.org/about/staff#torvalds -[74]:http://git-scm.com/book/en/Getting-Started-A-Short-History-of-Git -[75]:https://w2.eff.org/awards/pioneer/1998.php -[76]:http://www.bcs.org/content/ConWebDoc/14769 -[77]:http://www.zdnet.com/blog/open-source/linus-torvalds-wins-the-tech-equivalent-of-a-nobel-prize-the-millennium-technology-prize/10789 -[78]:http://www.computer.org/portal/web/pressroom/Linus-Torvalds-Named-Recipient-of-the-2014-IEEE-Computer-Society-Computer-Pioneer-Award -[79]:http://www.computerhistory.org/fellowawards/hall/bios/Linus,Torvalds/ -[80]:http://www.internethalloffame.org/inductees/linus-torvalds -[81]:http://qr.ae/RFEeeo -[82]:http://qr.ae/RFEZLk -[83]:http://www.quora.com/Software-Engineering/Who-are-some-of-the-greatest-currently-active-software-architects-in-the-world/answer/Alok-Tripathy-1 -[84]:https://www.flickr.com/photos/quakecon/9434713998 -[85]:http://doom.wikia.com/wiki/John_Carmack -[86]:http://thegamershub.net/2012/04/gaming-gods-john-carmack/ -[87]:http://www.shamusyoung.com/twentysidedtale/?p=4759 -[88]:http://www.interactive.org/special_awards/details.asp?idSpecialAwards=6 -[89]:http://www.itworld.com/article/2951105/it-management/a-fly-named-for-bill-gates-and-9-other-unusual-honors-for-tech-s-elite.html#slide8 -[90]:http://www.gamechoiceawards.com/archive/lifetime.html -[91]:http://qr.ae/RFEEgr -[92]:http://www.itworld.com/answers/topic/software/question/whos-best-living-programmer#comment-424562 -[93]:http://www.quora.com/Respected-Software-Engineers/Who-are-some-of-the-best-programmers-in-the-world/answer/Greg-Naughton -[94]:http://money.cnn.com/2003/08/21/commentary/game_over/column_gaming/ -[95]:http://dufoli.wordpress.com/2007/06/23/ammmmaaaazing-night/ -[96]:http://bellard.org/ -[97]:http://www.ioccc.org/winners.html#B -[98]:http://www.oscon.com/oscon2011/public/schedule/detail/21161 -[99]:http://bellard.org/pi/pi2700e9/ -[100]:https://news.ycombinator.com/item?id=7850797 -[101]:http://www.quora.com/Respected-Software-Engineers/Who-are-some-of-the-best-programmers-in-the-world/answer/Erik-Frey/comment/1718701 -[102]:http://www.quora.com/Respected-Software-Engineers/Who-are-some-of-the-best-programmers-in-the-world/answer/Erik-Frey/comment/2454450 -[103]:http://qr.ae/RFEjhZ -[104]:https://www.flickr.com/photos/craigmurphy/4325516497 -[105]:http://www.amazon.co.uk/gp/product/1935182471?ie=UTF8&tag=developetutor-21&linkCode=as2&camp=1634&creative=19450&creativeASIN=1935182471 -[106]:http://stackexchange.com/leagues/1/alltime/stackoverflow -[107]:http://meta.stackexchange.com/a/9156 -[108]:http://meta.stackexchange.com/a/9138 -[109]:http://meta.stackexchange.com/a/9182 -[110]:https://www.flickr.com/photos/philipn/5326344032 -[111]:http://www.crunchbase.com/person/adam-d-angelo -[112]:http://www.exeter.edu/documents/Exeter_Bulletin/fall_01/oncampus.html -[113]:http://icpc.baylor.edu/community/results-2004 -[114]:https://www.topcoder.com/tc?module=Static&d1=pressroom&d2=pr_022205 -[115]:http://qr.ae/RFfOfe -[116]:http://www.businessinsider.com/in-new-alleged-ims-mark-zuckerberg-talks-about-adam-dangelo-2012-9#ixzz369FcQoLB -[117]:https://www.facebook.com/hackercup/photos/a.329665040399024.91563.133954286636768/553381194694073/?type=1 -[118]:http://stats.ioinformatics.org/people/1849 -[119]:http://googlepress.blogspot.com/2006/10/google-announces-winner-of-global-code_27.html -[120]:http://community.topcoder.com/tc?module=SimpleStats&c=coder_achievements&d1=statistics&d2=coderAchievements&cr=10574855 -[121]:https://www.facebook.com/notes/facebook-hacker-cup/facebook-hacker-cup-finals/208549245827651 -[122]:https://www.facebook.com/hackercup/photos/a.329665040399024.91563.133954286636768/553381194694073/?type=1 -[123]:http://community.topcoder.com/tc?module=AlgoRank -[124]:http://codeforces.com/ratings -[125]:http://www.quora.com/Respected-Software-Engineers/Who-are-some-of-the-best-programmers-in-the-world/answer/Venkateswaran-Vicky/comment/1960855 -[126]:http://commons.wikimedia.org/wiki/File:Gennady_Korot.jpg -[127]:http://stats.ioinformatics.org/people/804 -[128]:http://icpc.baylor.edu/regionals/finder/world-finals-2013/standings -[129]:https://www.facebook.com/hackercup/posts/10152022955628845 -[130]:http://codeforces.com/ratings -[131]:http://community.topcoder.com/tc?module=AlgoRank -[132]:http://www.quora.com/Computer-Programming/Who-is-the-best-programmer-in-the-world-right-now/answer/Prateek-Joshi -[133]:http://www.quora.com/Computer-Programming/Who-is-the-best-programmer-in-the-world-right-now/answer/Prateek-Joshi/comment/4720779 -[134]:http://www.quora.com/Computer-Programming/Who-is-the-best-programmer-in-the-world-right-now/answer/Prateek-Joshi/comment/4880549 \ No newline at end of file diff --git a/sources/talk/20150910 The Free Software Foundation--30 years in.md b/sources/talk/20150910 The Free Software Foundation--30 years in.md deleted file mode 100644 index f782b2e876..0000000000 --- a/sources/talk/20150910 The Free Software Foundation--30 years in.md +++ /dev/null @@ -1,149 +0,0 @@ -The Free Software Foundation: 30 years in -================================================================================ -![](http://opensource.com/sites/default/files/styles/image-full-size/public/images/life/osdc_general_openfield.png?itok=tcXpYeHi) - -Welcome back, folks, to a new Six Degrees column. As usual, please send your thoughts on this piece to the comment box and your suggestions for future columns to [my inbox][1]. - -Now, I have to be honest with you all, this column went a little differently than I expected. - -A few weeks ago when thinking what to write, I mused over the notion of a piece about the [Free Software Foundation][2] celebrating its 30 year anniversary and how relevant and important its work is in today's computing climate. - -To add some meat I figured I would interview [John Sullivan][3], executive director of the FSF. My plan was typical of many of my pieces: thread together an interesting narrative and quote pieces of the interview to give it color. - -Well, that all went out the window when John sent me a tremendously detailed, thoughtful, and descriptive interview. I decided therefore to present it in full as the main event, and to add some commentary throughout. Thus, this is quite a long column, but I think it paints a fascinating picture of a fascinating organization. I recommend you grab a cup of something delicious and settle in for a solid read. - -### The sands of change ### - -The Free Software Foundation was founded in 1985. To paint a picture of what computing was like back then, the [Amiga 1000][4] was released, C++ was becoming a dominant language, [Aldus PageMaker][5] was announced, and networking was just starting to grow. Oh, and that year [Careless Whisper][6] by Wham! was a major hit. - -Things have changed a lot in 30 years. Back in 1985 the FSF was primarily focused on building free pieces of software that were primarily useful to nerdy computer people. These days we have software, services, social networks, and more to consider. - -I first wanted to get a sense of what John feels are most prominent risks to software freedom today. - -"I think there's widespread agreement on the biggest risks for computer user freedom today, but maybe not on the names for them." - -"The first is what we might as well just call 'tiny computers everywhere.' The free software movement has succeeded to the point where laptops, desktops, and servers can run fully free operating systems doing anything users of proprietary systems can do. There are still a few holes, but they'll be closed. The challenge that remains in this area is to cut through the billion dollar marketing budgets and legal regimes working against us to actually get the systems into users hands." - -"However, we have a serious problem on the set of computers whose primary common trait is that they are very small. Even though a car is not especially small, the computers in it are, so I include that form factor in this category, along with phones, tablets, glasses, watches, and so on. While these computers often have a basis in free software—for example, using the kernel Linux along with other free software like Android or GNU—their primary uses are to run proprietary applications and be shims for services that replace local computing with computing done on a server over which the user has no control. Since these devices serve vital functions, with some being primary means of communication for huge populations, some sitting very close to our bodies and our actual vital functions, some bearing responsibility for our physical safety, it is imperative that they run fully free systems under their users' control. Right now, they don't." - -John feels the risk here is not just the platforms and form factors, but the services integrates into them. - -"The services many of these devices talk to are the second major threat we face. It does us little good booting into a free system if we do our actual work and entertainment on companies' servers running software we have no access to at all. The point of free software is that we can see, modify, and share code. The existence of those freedoms even for nontechnical users provides a shield that prevents companies from controlling us. None of these freedoms exist for users of Facebook or Salesforce or Google Docs. Even more worrisome, we see a trend where people are accepting proprietary restrictions imposed on their local machines in order to have access to certain services. Browsers—including Firefox—are now automatically installing a DRM plugin in order to appease Netflix and other video giants. We need to work harder at developing free software decentralized replacements for media distribution that can actually empower users, artists, and user-artists, and for other services as well. For Facebook we have GNU social, pump.io, Diaspora, Movim, and others. For Salesforce, we have CiviCRM. For Google Docs, we have Etherpad. For media, we have GNU MediaGoblin. But all of these projects need more help, and many services don't have any replacement contenders yet." - -It is interesting that John mentions finding free software equivalents for common applications and services today. The FSF maintains a list of "High Priority Projects" that are designed to fill this gap. Unfortunately the capabilities of these projects varies tremendously and in an age where social media is so prominent, the software is only part of the problem: the real challenge is getting people to use it. - -This all begs the question of where the FSF fit in today's modern computing world. I am a fan of the FSF. I think the work they do is valuable and I contribute financially to support it too. They are an important organization for building an open computing culture, but all organizations need to grow, adjust, and adapt, particularly ones in the technology space. - -I wanted to get a better sense of what the FSF is doing today that it wasn't doing at it's inception. - -"We're speaking to a much larger audience than we were 30 years ago, and to a much broader audience. It's no longer just hackers and developers and researchers that need to know about free software. Everyone using a computer does, and it's quickly becoming the case that everyone uses a computer." - -John went on to provide some examples of these efforts. - -"We're doing coordinated public advocacy campaigns on issues of concern to the free software movement. Earlier in our history, we expressed opinions on these things, and took action on a handful, but in the last ten years we've put more emphasis on formulating and carrying out coherent campaigns. We've made especially significant noise in the area of Digital Restrictions Management (DRM) with Defective by Design, which I believe played a role in getting iTunes music off DRM (now of course, Apple is bringing DRM back with Apple Music). We've made attractive and useful introductory materials for people new to free software, like our [User Liberation animated video][7] and our [Email Self-Defense Guide][8]. - -We're also endorsing hardware that [respects users' freedoms][9]. Hardware distributors whose devices have been certified by the FSF to contain and require only free software can display a logo saying so. Expanding the base of free software users and the free software movement has two parts: convincing people to care, and then making it possible for them to act on that. Through this initiative, we encourage manufacturers and distributors to do the right thing, and we make it easy for users who have started to care about free software to buy what they need without suffering through hours and hours of research. We've certified a home WiFi router, 3D printers, laptops, and USB WiFi adapters, with more on the way. - -We're collecting all of the free software we can find in our [Free Software Directory][10]. We still have a long way to go on this—we're at only about 15,500 packages right now, and we can imagine many improvements to the design and function of the site—but I think this resource has great potential for helping users find the free software they need, especially users who aren't yet using a full GNU/Linux system. With the dangers inherent in downloading random programs off the Internet, there is a definite need for a curated collection like this. It also happens to provide a wealth of machine-readable data of use to researchers. - -We're acting as the fiscal sponsor for several specific free software projects, enabling them to raise funds for development. Most of these projects are part of GNU (which we continue to provide many kinds of infrastructure for), but we also sponsor [Replicant][11], a fully free fork of Android designed to give users the free-est mobile devices currently possible. - -We're helping developers use free software licenses properly, and we're following up on complaints about companies that aren't following the terms of the GPL. We help them fix their mistakes and distribute properly. RMS was in fact doing similar work with the precursors of the GPL very early on, but it's now an ongoing part of our work. - -Most of the specific things the FSF does now it wasn't doing 30 years ago, but the vision is little changed from the original paperwork—we aim to create a world where everything users want to do on any computer can be done using free software; a world where users control their computers and not the other way around." - -### A cult of personality ### - -There is little doubt in anyone's minds about the value the FSF brings. As John just highlighted, its efforts span not just the creation and licensing of free software, but also recognizing, certifying, and advocating a culture of freedom in technology. - -The head of the FSF is the inimitable Richard M. Stallman, commonly referred to as RMS. - -RMS is a curious character. He has demonstrated an unbelievable level of commitment to his ideas, philosophy, and ethical devotion to freedom in software. - -While he is sometimes mocked online for his social awkwardness, be it things said in his speeches, his bizarre travel requirements, or other sometimes cringeworthy moments, RMS's perspectives on software and freedom are generally rock-solid. He takes a remarkably consistent approach to his perspectives and he is clearly a careful thinker about not just his own thoughts but the wider movement he is leading. My only criticism is that I think from time to time he somewhat over-eggs the pudding with the voracity of his words. But hey, given his importance in our world, I would rather take an extra egg than no pudding for anyone. O.K., I get that the whole pudding thing here was strained... - -So RMS is a key part of the FSF, but the organization is also much more than that. There are employees, a board, and many contributors. I was curious to see how much of a role RMS plays these days in the FSF. John shared this with me. - -"RMS is the FSF's President, and does that work without receiving a salary from the FSF. He continues his grueling global speaking schedule, advocating for free software and computer user freedom in dozens of countries each year. In the course of that, he meets with government officials as well as local activists connected with all varieties of social movements. He also raises funds for the FSF and inspires many people to volunteer." - -"In between engagements, he does deep thinking on issues facing the free software movement, and anticipates new challenges. Often this leads to new articles—he wrote a 3-part series for Wired earlier this year about free software and free hardware designs—or new ideas communicated to the FSF's staff as the basis for future projects." - -As we delved into the cult of personality, I wanted to tap John's perspectives on how wide the free software movement has grown. - -I remember being at the [Open Source Think Tank][12] (an event that brings together execs from various open source organizations) and there was a case study where attendees were asked to recommend license choice for a particular project. The vast majority of break-out groups recommended the Apache Software License (APL) over the GNU Public License (GPL). - -This stuck in my mind as since then I have noticed that many companies seem to have opted for open licenses other than the GPL. I was curious to see if John had noticed a trend towards the APL as opposed to the GPL. - -"Has there been? I'm not so sure. I gave a presentation at FOSDEM a few years ago called 'Is Copyleft Being Framed?' that showed some of the problems with the supposed data behind claims of shifts in license adoption. I'll be publishing an article soon on this, but here's some of the major problems: - - -- Free software license choices do not exist in a vacuum. The number of people choosing proprietary software licenses also needs to be considered in order to draw the kinds of conclusions that people want to draw. I find it much more likely that lax permissive license choices (such as the Apache License or 3-clause BSD) are trading off with proprietary license choices, rather than with the GPL. -- License counters often, ironically, don't publish the software they use to collect that data as free software. That means we can't inspect their methods or reproduce their results. Some people are now publishing the code they use, but certainly any that don't should be completely disregarded. Science has rules. -- What counts as a thing with a license? Are we really counting an app under the APL that makes funny noises as 1:1 with GNU Emacs under GPLv3? If not, how do we decide which things to treat as equals? Are we only looking at software that actually works? Are we making sure not to double- and triple- count programs that exist on multiple hosting sites, and what about ports for different OSes? - -The question is interesting to ponder, but every conclusion I've seen so far has been extremely premature in light of the actual data. I'd much rather see a survey of developers asking about why they chose particular licenses for their projects than any more of these attempts to programmatically ascertain the license of programs and then ascribe human intentions on to patterns in that data. - -Copyleft is as vital as it ever was. Permissively licensed software is still free software and on-face a good thing, but it is contingent and needs an accompanying strong social commitment to not incorporate it in proprietary software. If free software's major long-term impact is enabling businesses to more efficiently make products that restrict us, then we have achieved nothing for computer user freedom." - -### Rising to new challenges ### - -30 years is an impressive time for any organization to be around, and particularly one with such important goals that span so many different industries, professions, governments, and cultures. - -As I started to wrap up the interview I wanted to get a better sense of what the FSF's primary function is today, 30 years after the mission started. - -"I think the FSF is in a very interesting position of both being a steady rock and actively pushing the envelope." - -"We have core documents like the [Free Software Definition][13], the [GNU General Public License][14], and the [list we maintain of free and nonfree software licenses][15], which have been keystones in the construction of the world of free software we have today. People place a great deal of trust in us to stay true to the principles outlined in those documents, and to apply them correctly and wisely in our assessments of new products or practices in computing. In this role, we hold the ladder for others to climb. As a 501(c)(3) charity held legally accountable to the public interest, and about 85% funded by individuals, we have the right structure for this." - -"But we also push the envelope. We take on challenges that others say are too hard. I guess that means we also build ladders? Or maybe I should stop with the metaphors." - -While John may not be great with metaphors (like I am one to talk), the FSF is great at setting a mission and demonstrating a devout commitment to it. This mission starts with a belief that free software should be everywhere. - -"We are not satisfied with the idea that you can get a laptop that works with free software except for a few components. We're not satisfied that you can have a tablet that runs a lot of free software, and just uses proprietary software to communicate with networks and to accelerate video and to take pictures and to check in on your flight and to call an Über and to.. Well, we are happy about some such developments for sure, but we are also unhappy about the suggestion that we should be fully content with them. Any proprietary software on a system is both an injustice to the user and inherently a threat to users' security. These almost-free things can be stepping stones on the way to a free world, but only if we keep our feet moving." - -In the early years of the FSF, we actually had to get a free operating system written. This has now been done by GNU and Linux and many collaborators, although there is always more software to write and bugs to fix. So while the FSF does still sponsor free software development in specific areas, there are thankfully many other organizations also doing this." - -A key part of the challenge John is referring to is getting the right hardware into the hands of the right people. - -"What we have been focusing on now are the challenges I highlighted in the first question. We are in desperate need of hardware in several different areas that fully supports free software. We have been talking a lot at the FSF about what we can do to address this, and I expect us to be making some significant moves to both increase our support for some of the projects already out there—as we having been doing to some extent through our Respects Your Freedom certification program—and possibly to launch some projects of our own. The same goes for the network service problem. I think we need to tackle them together, because having full control over the mobile components has great potential for changing how we relate to services, and decentralizing more and more services will in turn shape the mobile components." - -I hope folks will support the FSF as we work to grow and tackle these challenges. Hardware is expensive and difficult, as is making usable, decentralized, federated replacements for network services. We're going to need the resources and creativity of a lot of people. But, 30 years ago, a community rallied around RMS and the concept of copyleft to write an entire operating system. I've spent my last 12 years at the FSF because I believe we can rise to the new challenges in the same way." - -### Final thoughts ### - -In reading John's thoughtful responses to my questions, and in knowing various FSF members, the one sense that resonates for me is the sheer level of passion that is alive and kicking in the FSF. This is not an organization that has got bored or disillusioned with its mission. Its passion and commitment is as voracious as it has ever been. - -While I don't always agree with the FSF and I sometimes think its approach is a little one-dimensional at times, I have been and will continue to be a huge fan and supporter of its work. The FSF represent the ethical heartbeat of much of the free software and open source work that happens across the world. It represents a world view that is pretty hard to the left, but I believe its passion and conviction helps to bring people further to the right a little closer to the left too. - -Sure, RMS can be odd, somewhat hardline, and a little sensational, but he is precisely the kind of leader that is valuable in a movement that encapsulates a mixture of technology, ethics, and culture. We need an RMS in much the same way we need a Torvalds, a Shuttleworth, a Whitehurst, and a Zemlin. These different people bring together mixture of perspectives that ultimately maps to technology that can be adaptable to almost any set of use cases, ethics, and ambitions. - -So, in closing, I want to thank the FSF for its tremendous efforts, and I wish the FSF and its fearless leaders, one Richard M. Stallman and one John Sullivan, another 30 years of fighting the good fight. Go get 'em! - -> This article is part of Jono Bacon's Six Degrees column, where he shares his thoughts and perspectives on culture, communities, and trends in open source. - --------------------------------------------------------------------------------- - -via: http://opensource.com/business/15/9/free-software-foundation-30-years - -作者:[Jono Bacon][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:http://opensource.com/users/jonobacon -[1]:Welcome back, folks, to a new Six Degrees column. As usual, please send your thoughts on this piece to the comment box and your suggestions for future columns to my inbox. -[2]:http://www.fsf.org/ -[3]:http://twitter.com/johns_fsf/ -[4]:https://en.wikipedia.org/wiki/Amiga_1000 -[5]:https://en.wikipedia.org/wiki/Adobe_PageMaker -[6]:https://www.youtube.com/watch?v=izGwDsrQ1eQ -[7]:http://fsf.org/ -[8]:http://emailselfdefense.fsf.org/ -[9]:http://fsf.org/ryf -[10]:http://directory.fsf.org/ -[11]:http://www.replicant.us/ -[12]:http://www.osthinktank.com/ -[13]:http://www.fsf.org/about/what-is-free-software -[14]:http://www.gnu.org/licenses/gpl-3.0.en.html -[15]:http://www.gnu.org/licenses/licenses.en.html \ No newline at end of file diff --git a/sources/talk/20150916 Italy's Ministry of Defense to Drop Microsoft Office in Favor of LibreOffice.md b/sources/talk/20150916 Italy's Ministry of Defense to Drop Microsoft Office in Favor of LibreOffice.md deleted file mode 100644 index f47352ed26..0000000000 --- a/sources/talk/20150916 Italy's Ministry of Defense to Drop Microsoft Office in Favor of LibreOffice.md +++ /dev/null @@ -1,30 +0,0 @@ -Italy's Ministry of Defense to Drop Microsoft Office in Favor of LibreOffice -================================================================================ ->**LibreItalia's Italo Vignoli [reports][1] that the Italian Ministry of Defense is about to migrate to the LibreOffice open-source software for productivity and adopt the Open Document Format (ODF), while moving away from proprietary software products.** - -The movement comes in the form of a [collaboration][1] between Italy's Ministry of Defense and the LibreItalia Association. Sonia Montegiove, President of the LibreItalia Association, and Ruggiero Di Biase, Rear Admiral and General Executive Manager of Automated Information Systems of the Ministry of Defense in Italy signed an agreement for a collaboration to adopt the LibreOffice office suite in all of the Ministry's offices. - -While the LibreItalia non-profit organization promises to help the Italian Ministry of Defense with trainers for their offices across the country, the Ministry will start the implementation of the LibreOffice software on October 2015 with online training courses for their staff. The entire transition process is expected to be completed by the end of year 2016\. An Italian law lets officials find open source software alternatives to well-known commercial software. - -"Under the agreement, the Italian Ministry of Defense will develop educational content for a series of online training courses on LibreOffice, which will be released to the community under Creative Commons, while the partners, LibreItalia, will manage voluntarily the communication and training of trainers in the Ministry," says Italo Vignoli, Honorary President of LibreItalia. - -### The Ministry of Defense will adopt the Open Document Format (ODF) - -The initiative will allow the Italian Ministry of Defense to be independent from proprietary software applications, which are aimed at individual productivity, and adopt open source document format standards like Open Document Format (ODF), which is used by default in the LibreOffice office suite. The project follows similar movements already made by governments of other European countries, including United Kingdom, France, Spain, Germany, and Holland. - -It would appear that numerous other public institutions all over Italy are using open source alternatives, including the Italian Region Emilia Romagna, Galliera Hospital in Genoa, Macerata, Cremona, Trento and Bolzano, Perugia, the municipalities of Bologna, ASL 5 of Veneto, Piacenza and Reggio Emilia, and many others. AGID (Agency for Digital Italy) welcomes this project and hopes that other public institutions will do the same. - - --------------------------------------------------------------------------------- - -via: http://news.softpedia.com/news/italy-s-ministry-of-defense-to-drop-microsoft-office-in-favor-of-libreoffice-491850.shtml - -作者:[Marius Nestor][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:http://news.softpedia.com/editors/browse/marius-nestor -[1]:http://www.libreitalia.it/accordo-di-collaborazione-tra-associazione-libreitalia-onlus-e-difesa-per-ladozione-del-prodotto-libreoffice-quale-pacchetto-di-produttivita-open-source-per-loffice-automation/ -[2]:http://www.libreitalia.it/chi-siamo/ diff --git a/sources/talk/20150921 14 tips for teaching open source development.md b/sources/talk/20150921 14 tips for teaching open source development.md index b2812d44c8..a580f3b776 100644 --- a/sources/talk/20150921 14 tips for teaching open source development.md +++ b/sources/talk/20150921 14 tips for teaching open source development.md @@ -69,4 +69,4 @@ via: http://opensource.com/education/15/9/teaching-open-source-development-under [a]:http://opensource.com/users/mariamkiran [1]:https://basecamp.com/ -[2]:https://www.mantisbt.org/ \ No newline at end of file +[2]:https://www.mantisbt.org/ diff --git a/sources/talk/20150921 Red Hat CEO Optimistic on OpenStack Revenue Opportunity.md b/sources/talk/20150921 Red Hat CEO Optimistic on OpenStack Revenue Opportunity.md deleted file mode 100644 index d176ed8d77..0000000000 --- a/sources/talk/20150921 Red Hat CEO Optimistic on OpenStack Revenue Opportunity.md +++ /dev/null @@ -1,37 +0,0 @@ -Red Hat CEO Optimistic on OpenStack Revenue Opportunity -================================================================================ -Red Hat continues to accelerate its growth thanks to an evolving mix of platform and infrastructure technology revolving around Linux and the cloud. Red Hat announced its second quarter fiscal 2016 financial results on September 21, once again exceeding expectations. - -![](http://www.serverwatch.com/imagesvr_ce/1212/icon-redhatcloud-r.jpg) - -For the quarter, Red Hat reported revenue of $504 million for a 13 percent year-over-year gain. Net Income was reported at $51 million, up from $47 Red Hatmillion in the second quarter of fiscal 2015. Looking forward, Red Hat provided some aggressive guidance for the coming quarter and the full year. For the third quarter, Red Hat provided guidance for revenue to be in the range of $519 million to $523 million, which is a 15 percent year-over-year gain. - -On a full year basis, Red Hat's full year guidance is for fiscal 2016 revenue of $2.044 billion, for a 14 percent year-over-year gain. - -Red Hat CFO Frank Calderoni commented during the earnings call that all of Red Hat's top 30 largest deals were approximately $1 million or more. He noted that Red Hat had four deals that were in excess of $5 million and one deal that was well over $10 million. As has been the case in recent years, cross selling across Red Hat products is strong with 65 percent of all deals including one or more components from Red Hat's group of application development and emerging technologies offerings. - -"We expect the growing adoption of these technologies, like Middleware, the RHEL OpenStack platform, OpenShift, cloud management and storage, to continue to drive revenue growth," Calderoni said. - -### OpenStack ### - -During the earnings call, Red Hat CEO Jim Whitehurst was repeatedly asked about the revenue prospects for OpenStack. Whitehurst said that the recently released Red Hat OpenStack Platform 7.0 is a big jump forward thanks to the improved installer. - -"It does a really good job of kind of identifying hardware and lighting it up," Whitehurst said. "Of course, that means there's a lot of work to do around certifying that hardware, making sure it lights up appropriately." - -Whitehurst said that he's starting to see a lot more production application start to move to the OpenStack cloud. He cautioned however that it's still largely the early adopters moving to OpenStack in production and it isn't quite mainstream, yet. - -From a competitive perspective, Whitehurst talked specifically about Microsoft, HP and Mirantis. In Whitehurst's view many organizations will continue to use multiple operating systems and if they choose Microsoft for one part, they are more likely to choose an open-source option,as the alternative option. Whitehurst said he doesn't see a lot of head-to-head competition against HP in cloud, but he does see Mirantis. - -"We've had several wins or people who were moving away from Mirantis to RHEL," Whitehurst said. - --------------------------------------------------------------------------------- - -via: http://www.serverwatch.com/server-news/red-hat-ceo-optimistic-on-openstack-revenue-opportunity.html - -作者:[Sean Michael Kerner][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:http://www.serverwatch.com/author/Sean-Michael-Kerner-101580.htm \ No newline at end of file diff --git a/sources/talk/20150929 A Slick New Set-Up Wizard Is Coming To Ubuntu and Ubuntu Touch.md b/sources/talk/20150929 A Slick New Set-Up Wizard Is Coming To Ubuntu and Ubuntu Touch.md deleted file mode 100644 index 2c147fb3e3..0000000000 --- a/sources/talk/20150929 A Slick New Set-Up Wizard Is Coming To Ubuntu and Ubuntu Touch.md +++ /dev/null @@ -1,49 +0,0 @@ -A Slick New Set-Up Wizard Is Coming To Ubuntu and Ubuntu Touch -================================================================================ -> Canonical aims to 'seduce and reassure' those unfamiliar with the OS by making a good first impression - -**The Ubuntu installer is set to undergo a dramatic makeover.** - -Ubuntu will modernise its out-of-the-box experience (OOBE) to be easier and quicker to complete, look more ‘seductive’ to new users, and better present the Ubuntu brand through its design. - -Ubiquity, the current Ubuntu installer, has largely remained unchanged since its [introduction back in 2010][1]. - -### First Impressions Are Everything ### - -Since the first thing most users see when trying Ubuntu for the first time is an installer (or set-up wizard, depending on device) the design team feel it’s “one of the most important categories of software usability”. - -“It essentially says how easy your software is to use, as well as introducing the user into your brand through visual design and tone of voice, which can convey familiarity and trust within your product.” - -Canonical’s new OOBE designs show a striking departure from the current look of the Ubiquity installer used by the Ubuntu desktop, and presents a refined approach to the way mobile users ‘set up’ a new Ubuntu Phone. - -![Old design (left) and the new proposed design](http://www.omgubuntu.co.uk/wp-content/uploads/2015/09/desktop-2.jpg) - -Old design (left) and the new proposed design - -Detailing the designs in [new blog post][2], the Canonical Design team say the aim of the revamp is to create a consistent out-of-the-box experience across Ubuntu devices. - -To do this it groups together “common first experiences found on the mobile, tablet and desktop” and unifies the steps and screens between each, something they say moves the OS closer to “achieving a seamless convergent platform.” - -![New Ubuntu installer on desktop/tablet (left) and phone](http://www.omgubuntu.co.uk/wp-content/uploads/2015/09/Convergence.jpg) - -New Ubuntu installer on desktop/tablet (left) and phone - -Implementation of the new ‘OOBE’ has already begun’ according to Canonical, though as of writing there’s no firm word on when a revamped installer may land on either desktop or phone images. - -With the march to ‘desktop’ convergence now in full swing, and a(nother) stack of design changes set to hit the mobile build in lieu of the first Ubuntu Phone that ‘transforms’ in to a PC, chances are you won’t have to wait too long to try it out. - -**What do you think of the designs? How would you go about improving the Ubuntu set-up experience? Let us know in the comments below.** - --------------------------------------------------------------------------------- - -via: http://www.omgubuntu.co.uk/2015/09/new-look-ubuntu-installer-coming-soon - -作者:[Joey-Elijah Sneddon][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:https://plus.google.com/117485690627814051450/?rel=author -[1]:http://www.omgubuntu.co.uk/2010/09/ubuntu-10-10s-installer-slideshow-oozes-class -[2]:http://design.canonical.com/wp-content/uploads/Convergence.jpg \ No newline at end of file diff --git a/sources/talk/20151019 Gaming On Linux--All You Need To Know.md b/sources/talk/20151019 Gaming On Linux--All You Need To Know.md new file mode 100644 index 0000000000..525d08838b --- /dev/null +++ b/sources/talk/20151019 Gaming On Linux--All You Need To Know.md @@ -0,0 +1,205 @@ +213edu Translating + +Gaming On Linux: All You Need To Know +================================================================================ +![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/10/Gaming-on-Linux.jpeg) + +**Can I play games on Linux?** + +This is one of the most frequently asked questions by people who are thinking about [switching to Linux][1]. After all, gaming on Linux often termed as a distant possibility. In fact, some people even wonder if they can listen to music or watch movies on Linux. Considering that, question about native Linux games seem genuine. + +In this article, I am going to answer most of the Linux gaming questions a Linux beginner may have. For example, if it is possible to play games on Linux, if yes, what are the Linux games available, where can you **download Linux games** from or how do you get more information of gaming on Linux. + +But before I do that, let me make a confession. I am not a PC gamer or rather I should say, I am not desktop Linux gamer. I prefer to play games on my PS4 and I don’t care about PC games or even mobile games (no candy crush request sent to anyone in my friend list). This is the reason you see only a few articles in [Linux games][2] section of It’s FOSS. + +So why am I covering this topic then? + +Because I have been asked questions about playing games on Linux several times and I wanted to come up with a Linux gaming guide that could answer all those question. And remember, it’s not just gaming on Ubuntu I am talking about here. I am talking about Linux in general. + +### Can you play games on Linux? ### + +Yes and no! + +Yes, you can play games on Linux and no, you cannot play ‘all the games’ in Linux. + +Confused? Don’t be. What I meant here is that you can get plenty of popular games on Linux such as [Counter Strike, Metro Last Night][3] etc. But you might not get all the latest and popular Windows games on Linux, for e.g., [PES 2015][4]. + +The reason, in my opinion, is that Linux has less than 2% of desktop market share and these numbers are demotivating enough for most game developers to avoid working on the Linux version of their games. + +Which means that there is huge possibility that the most talked about games of the year may not be playable in Linux. Don’t despair, there are ‘other means’ to get these games on Linux and we shall see it in coming sections, but before that let’s talk about what kind of games are available for Linux. + +If I have to categorize, I’ll divide them in four categories: + +1. Native Linux Games +1. Windows games in Linux +1. Browser Games +1. Terminal Games + +Let’s start with the most important one, native Linux games, first. + +---------- + +### 1. Where to find native Linux games? ### + +Native Linux games mean those games which are officially supported in Linux. These games have native Linux client and can be installed like most other applications in Linux without requiring any additional effort (we’ll see about these in next section). + +So, as you see, there are games developed for Linux. Next question that arises is where can you find these Linux games and how can you play them. I am going to list some of the resources where you can get Linux games. + +#### Steam #### + +![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/09/Install-Steam-Ubuntu-11.jpeg) + +“[Steam][5] is a digital distribution platform for video games. As Amazon Kindle is digital distribution platform for e-Books, iTunes for music, similarly Steam is for games. It provides you the option to buy and install games, play multiplayer and stay in touch with other games via social networking on its platform. The games are protected with [DRM][6].” + +A couple of years ago, when gaming platform Steam announced support for Linux, it was a big news. It was an indication that gaming on Linux is being taken seriously. Though Steam’s decision was more influenced with its own Linux-based gaming console and a separate [Linux distribution called Steam OS][7], it still was a reassuring move that has brought a number of games on Linux. + +I have written a detailed article about installing and using Steam. If you are getting started with Steam, do read it. + +- [Install and use Steam for gaming on Linux][8] + +#### GOG.com #### + +[GOG.com][9] is another platform similar to Steam. Like Steam, you can browse and find hundreds of native Linux games on GOG.com, purchase the games and install them. If the games support several platforms, you can download and use them across various operating systems. Your purchased games are available for you all the time in your account. You can download them anytime you wish. + +One main difference between the two is that GOG.com offers only DRM free games and movies. Also, GOG.com is entirely web based. So you don’t need to install a client like Steam. You can simply download the games from browser and install them in your system. + +#### Portable Linux Games #### + +[Portable Linux Games][10] is a website that has a collection of a number of Linux games. The unique and best thing about Portable Linux Games is that you can download and store the games for offline installation. + +The downloaded files have all the dependencies (at times Wine and Perl installation) and these are also platform independent. All you need to do is to download the files and double click to install them. Store the downloadable file on external hard disk and use them in future. Highly recommend if you don’t have continuous access to high speed internet. + +#### Game Drift Game Store #### + +[Game Drift][11] is actually a Linux distribution based on Ubuntu with sole focus on gaming. While you might not want to start using this Linux distribution for the sole purpose of gaming, you can always visit its game store online and see what games are available for Linux and install them. + +#### Linux Game Database #### + +As the name suggests, [Linux Game Database][12] is a website with a huge collection of Linux games. You can browse through various category of games and download/install them from the game developer’s website. As a member of Linux Game Database, you can even rate the games. LGDB, kind of, aims to be the IGN or IMDB for Linux games. + +#### Penguspy #### + +Created by a gamer who refused to use Windows for playing games, [Penguspy][13] showcases a collection of some of the best Linux games. You can browse games based on category and if you like the game, you’ll have to go to the respective game developer’s website. + +#### Software Repositories #### + +Look into the software repositories of your own Linux distribution. There always will be some games in it. If you are using Ubuntu, Ubuntu Software Center itself has an entire section for games. Same is true for other Linux distributions such as Linux Mint etc. + +---------- + +### 2. How to play Windows games in Linux? ### + +![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/10/Wine-Linux.png) + +So far we talked about native Linux games. But there are not many Linux games, or to be more precise, most popular Linux games are not available for Linux but they are available for Windows PC. So the questions arises, how to play Windows games in Linux? + +Good thing is that with the help of tools like Wine, PlayOnLinux and CrossOver, you can play a number of popular Windows games in Linux. + +#### Wine #### + +Wine is a compatibility layer which is capable of running Windows applications in systems like Linux, BSD and OS X. With the help of Wine, you can install and use a number of Windows applications in Linux. + +[Installing Wine in Ubuntu][14] or any other Linux is easy as it is available in most Linux distributions’ repository. There is a huge [database of applications and games supported by Wine][15] that you can browse. + +#### CrossOver #### + +[CrossOver][16] is an improved version of Wine that brings professional and technical support to Wine. But unlike Wine, CrossOver is not free. You’ll have to purchase the yearly license for it. Good thing about CrossOver is that every purchase contributes to Wine developers and that in fact boosts the development of Wine to support more Windows games and applications. If you can afford $48 a year, you should buy CrossOver for the support they provide. + +### PlayOnLinux ### + +PlayOnLinux too is based on Wine but implemented differently. It has different interface and slightly easier to use than Wine. Like Wine, PlayOnLinux too is free to use. You can browse the [applications and games supported by PlayOnLinux on its database][17]. + +---------- + +### 3. Browser Games ### + +![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/10/Chrome-Web-Store.jpeg) + +Needless to say that there are tons of browser based games that are available to play in any operating system, be it Windows or Linux or Mac OS X. Most of the addictive mobile games, such as [GoodGame Empire][18], also have their web browser counterparts. + +Apart from that, thanks to [Google Chrome Web Store][19], you can play some more games in Linux. These Chrome games are installed like a standalone app and they can be accessed from the application menu of your Linux OS. Some of these Chrome games are playable offline as well. + +---------- + +### 4. Terminal Games ### + +![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2014/03/nSnake_Linux_terminal_game.jpeg) + +Added advantage of using Linux is that you can use the command line terminal to play games. I know that it’s not the best way to play games but at times, it’s fun to play games like [Snake][20] or [2048][21] in terminal. There is a good collection of Linux terminal games at [this blog][22]. You can browse through it and play the ones you want. + +---------- + +### How to stay updated about Linux games? ### + +When you have learned a lot about what kind of games are available on Linux and how could you use them, next question is how to stay updated about new games on Linux? And for that, I advise you to follow these blogs that provide you with the latest happenings of the Linux gaming world: + +- [Gaming on Linux][23]: I won’t be wrong if I call it the nest Linux gaming news portal. You get all the latest rumblings and news about Linux games. Frequently updated, Gaming on Linux has dedicated fan following which makes it a nice community of Linux game lovers. +- [Free Gamer][24]: A blog focusing on free and open source games. +- [Linux Game News][25]: A Tumbler blog that updates on various Linux games. + +#### What else? #### + +I think that’s pretty much what you need to know to get started with gaming on Linux. If you are still not convinced, I would advise you to [dual boot Linux with Windows][26]. Use Linux as your main desktop and if you want to play games, boot into Windows. This could be a compromised solution. + +I think that’s pretty much what you need to know to get started with gaming on Linux. If you are still not convinced, I would advise you to [dual boot Linux with Windows][27]. Use Linux as your main desktop and if you want to play games, boot into Windows. This could be a compromised solution. + +It’s time for you to add your inputs. Do you play games on your Linux desktop? What are your favorites? What blogs you follow to stay updated on latest Linux games? + + +投票项目: +How do you play games on Linux? + +- I use Wine and PlayOnLinux along with native Linux Games +- I am happy with Browser Games +- I prefer the Terminal Games +- I use native Linux games only +- I play it on Steam +- I dual boot and go in to Windows to play games +- I don't play games at all + +注:投票代码 +
+
+ + + +注,发布时根据情况看怎么处理 + +-------------------------------------------------------------------------------- + +via: http://itsfoss.com/linux-gaming-guide/ + +作者:[Abhishek][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://itsfoss.com/author/abhishek/ +[1]:http://itsfoss.com/reasons-switch-linux-windows-xp/ +[2]:http://itsfoss.com/category/games/ +[3]:http://blog.counter-strike.net/ +[4]:https://pes.konami.com/tag/pes-2015/ +[5]:http://store.steampowered.com/ +[6]:https://en.wikipedia.org/wiki/Digital_rights_management +[7]:http://itsfoss.com/valve-annouces-linux-based-gaming-operating-system-steamos/ +[8]:http://itsfoss.com/install-steam-ubuntu-linux/ +[9]:http://www.gog.com/ +[10]:http://www.portablelinuxgames.org/ +[11]:http://gamedrift.org/GameStore.html +[12]:http://www.lgdb.org/ +[13]:http://www.penguspy.com/ +[14]:http://itsfoss.com/wine-1-5-11-released-ppa-available-to-download/ +[15]:https://appdb.winehq.org/ +[16]:https://www.codeweavers.com/products/ +[17]:https://www.playonlinux.com/en/supported_apps.html +[18]:http://empire.goodgamestudios.com/ +[19]:https://chrome.google.com/webstore/category/apps +[20]:http://itsfoss.com/nsnake-play-classic-snake-game-linux-terminal/ +[21]:http://itsfoss.com/play-2048-linux-terminal/ +[22]:https://ttygames.wordpress.com/ +[23]:https://www.gamingonlinux.com/ +[24]:http://freegamer.blogspot.fr/ +[25]:http://linuxgamenews.com/ +[26]:http://itsfoss.com/install-ubuntu-1404-dual-boot-mode-windows-8-81-uefi/ +[27]:http://itsfoss.com/install-ubuntu-1404-dual-boot-mode-windows-8-81-uefi/ diff --git a/sources/talk/20151020 18 Years of GNOME Design and Software Evolution--Step by Step.md b/sources/talk/20151020 18 Years of GNOME Design and Software Evolution--Step by Step.md new file mode 100644 index 0000000000..174fc55262 --- /dev/null +++ b/sources/talk/20151020 18 Years of GNOME Design and Software Evolution--Step by Step.md @@ -0,0 +1,199 @@ +18 Years of GNOME Design and Software Evolution: Step by Step +================================================================================ +注:youtube 视频 + + +[GNOME][1] (GNU Object Model Environment) was started on August 15th 1997 by two Mexican programmers – Miguel de Icaza and Federico Mena. GNOME – Free Software project to develop a desktop environment and applications by volunteers and paid full-time developers. All of GNOME Desktop Environment is the open source software and support Linux, FreeBSD, OpenBSD and others. + +Now we move to 1997 and see the first version of GNOME: + +### GNOME 1 ### + +![GNOME 1.0 - First major GNOME release](https://github.com/paulcarroty/Articles/raw/master/GNOME_History/1.0/gnome.png) + +**GNOME 1.0** (1997) – First major GNOME release + +![GNOME 1.2 Bongo](https://raw.githubusercontent.com/paulcarroty/Articles/master/GNOME_History/1.2/1361441938.or.86429.png) + +**GNOME 1.2** “Bongo”, 2000 + +![GNOME 1.4 Tranquility](https://github.com/paulcarroty/Articles/raw/master/GNOME_History/1.4/1.png) + +**GNOME 1.4** “Tranquility”, 2001 + +### GNOME 2 ### + +![GNOME 2.0](https://github.com/paulcarroty/Articles/raw/master/GNOME_History/2.0/1.png) + +**GNOME 2.0**, 2002 + +Major upgrade based on GTK+2. Introduction of the Human Interface Guidelines. + +![GNOME 2.2](https://github.com/paulcarroty/Articles/raw/master/GNOME_History/2.2/GNOME_2.2_catala.png) + +**GNOME 2.2**, 2003 + +Multimedia and file manager improvements. + +![GNOME 2.4 Temujin](https://github.com/paulcarroty/Articles/raw/master/GNOME_History/2.4/gnome-desktop.png) + +**GNOME 2.4** “Temujin”, 2003 + +First release of Epiphany Browser, accessibility support. + +![GNOME 2.6](https://github.com/paulcarroty/Articles/raw/master/GNOME_History/2.6/Adam_Hooper.png) + +**GNOME 2.6**, 2004 + +Nautilus changes to a spatial file manager, and a new GTK+ file dialog is introduced. A short-lived fork of GNOME, GoneME, is created as a response to the changes in this version. + +![GNOME 2.8](https://github.com/paulcarroty/Articles/raw/master/GNOME_History/2.8/3.png) + +**GNOME 2.8**, 2004 + +Improved removable device support, adds Evolution + +![GNOME 2.10](https://github.com/paulcarroty/Articles/raw/master/GNOME_History/2.10/GNOME-Screenshot-2.10-FC4.png) + +**GNOME 2.10**, 2005 + +Lower memory requirements and performance improvements. Adds: new panel applets (modem control, drive mounter and trashcan); and the Totem and Sound Juicer applications. + +![GNOME 2.12](https://github.com/paulcarroty/Articles/raw/master/GNOME_History/2.12/gnome-livecd.jpg) + +**GNOME 2.12**, 2005 + +Nautilus improvements; improvements in cut/paste between applications and freedesktop.org integration. Adds: Evince PDF viewer; New default theme: Clearlooks; menu editor; keyring manager and admin tools. Based on GTK+ 2.8 with cairo support + +![GNOME 2.14](https://github.com/paulcarroty/Articles/raw/master/GNOME_History/2.14/debian4-stable.jpg) + +**GNOME 2.14**, 2006 + +Performance improvements (over 100% in some cases); usability improvements in user preferences; GStreamer 0.10 multimedia framework. Adds: Ekiga video conferencing application; Deskbar search tool; Pessulus lockdown editor; Fast user switching; Sabayon system administration tool. + +![GNOME 2.16](https://github.com/paulcarroty/Articles/raw/master/GNOME_History/2.16/Gnome-2.16-screenshot.png) + +**GNOME 2.16**, 2006 + +Performance improvements. Adds: Tomboy notetaking application; Baobab disk usage analyser; Orca screen reader; GNOME Power Manager (improving laptop battery life); improvements to Totem, Nautilus; compositing support for Metacity; new icon theme. Based on GTK+ 2.10 with new print dialog + +![GNOME 2.18](https://github.com/paulcarroty/Articles/raw/master/GNOME_History/2.18/Gnome-2.18.1.png) + +**GNOME 2.18**, 2007 + +Performance improvements. Adds: Seahorse GPG security application, allowing encryption of emails and local files; Baobab disk usage analyser improved to support ring chart view; Orca screen reader; improvements to Evince, Epiphany and GNOME Power Manager, Volume control; two new games, GNOME Sudoku and glChess. MP3 and AAC audio encoding. + +![GNOME 2.20](https://github.com/paulcarroty/Articles/raw/master/GNOME_History/2.20/rnintroduction-screenshot.png) + +**GNOME 2.20**, 2007 + +Tenth anniversary release. Evolution backup functionality; improvements in Epiphany, EOG, GNOME Power Manager; password keyring management in Seahorse. Adds: PDF forms editing in Evince; integrated search in the file manager dialogs; automatic multimedia codec installer. + +![GNOME 2.22, 2008](https://github.com/paulcarroty/Articles/raw/master/GNOME_History/2.22/GNOME-2-22-2-Released-2.png) + +**GNOME 2.22**, 2008 + +Addition of Cheese, a tool for taking photos from webcams and Remote Desktop Viewer; basic window compositing support in Metacity; introduction of GVFS; improved playback support for DVDs and YouTube, MythTV support in Totem; internationalised clock applet; Google Calendar support and message tagging in Evolution; improvements in Evince, Tomboy, Sound Juicer and Calculator. + +![GNOME 2.24](https://github.com/paulcarroty/Articles/raw/master/GNOME_History/2.24/gnome-224.jpg) + +**GNOME 2.24**, 2008 + +Addition of the Empathy instant messenger client, Ekiga 3.0, tabbed browsing in Nautilus, better multiple screens support and improved digital TV support. + +![GNOME 2.26](https://github.com/paulcarroty/Articles/raw/master/GNOME_History/2.26/gnome226-large_001.jpg) + +**GNOME 2.26**, 2009 + +New optical disc recording application Brasero, simpler file sharing, media player improvements, support for multiple monitors and fingerprint reader support. + +![GNOME 2.28](https://github.com/paulcarroty/Articles/raw/master/GNOME_History/2.28/1.png) + +**GNOME 2.28**, 2009 + +Addition of GNOME Bluetooth module. Improvements to Epiphany web browser, Empathy instant messenger client, Time Tracker, and accessibility. Upgrade to GTK+ version 2.18. + +![GNOME 2.30](https://github.com/paulcarroty/Articles/raw/master/GNOME_History/2.30/GNOME2.30.png) + +**GNOME 2.30**, 2010 + +Improvements to Nautilus file manager, Empathy instant messenger client, Tomboy, Evince, Time Tracker, Epiphany, and Vinagre. iPod and iPod Touch devices are now partially supported via GVFS through libimobiledevice. Uses GTK+ 2.20. + +![GNOME 2.32](https://github.com/paulcarroty/Articles/raw/master/GNOME_History/2.32/gnome-2-32.png.en_GB.png) + +**GNOME 2.32**, 2010 + +Addition of Rygel and GNOME Color Manager. Improvements to Empathy instant messenger client, Evince, Nautilus file manager and others. 3.0 was intended to be released in September 2010, so a large part of the development effort since 2.30 went towards 3.0. + +### GNOME 3 ### + +![GNOME 3.0](https://github.com/paulcarroty/Articles/raw/master/GNOME_History/3.0/chat-3-0.png) + +**GNOME 3.0**, 2011 + +Introduction of GNOME Shell. A redesigned settings framework with fewer, more focused options. Topic-oriented help based on the Mallard markup language. Side-by-side window tiling. A new visual theme and default font. Adoption of GTK+ 3.0 with its improved language bindings, themes, touch, and multiplatform support. Removal of long-deprecated development APIs.[73] + +![GNOME 3.2](https://github.com/paulcarroty/Articles/raw/master/GNOME_History/3.2/gdm.png) + +**GNOME 3.2**, 2011 + +Online accounts support; Web applications support; contacts manager; documents and files manager; quick preview of files in the File Manager; greater integration; better documentation; enhanced looks and various performance improvements. + +![GNOME 3.4](https://github.com/paulcarroty/Articles/raw/master/GNOME_History/3.4/application-view.png) + +**GNOME 3.4**, 2012 + +New Look for GNOME 3 Applications: Documents, Epiphany (now called Web), and GNOME Contacts. Search for documents from the Activities overview. Application menus support. Refreshed interface components: New color picker, redesigned scrollbars, easier to use spin buttons, and hideable title bars. Smooth scrolling support. New animated backgrounds. Improved system settings with new Wacom panel. Easier extensions management. Better hardware support. Topic-oriented documentation. Video calling and Live Messenger support in Empathy. Better accessibility: Improved Orca integration, better high contrast mode, and new zoom settings. Plus many other application enhancements and smaller details. + +![GNOME 3.6](https://github.com/paulcarroty/Articles/raw/master/GNOME_History/3.6/gnome-3-6.png) + +**GNOME 3.6**, 2012 + +Refreshed Core components: New applications button and improved layout in the Activities Overview. A new login and lock screen. Redesigned Message Tray. Notifications are now smarter, more noticeable, easier to dismiss. Improved interface and settings for System Settings. The user menu now shows Power Off by default. Integrated Input Methods. Accessibility is always on. New applications: Boxes, that was introduced as a preview version in GNOME 3.4, and Clocks, an application to handle world times. Updated looks for Disk Usage Analyzer, Empathy and Font Viewer. Improved braille support in Orca. In Web, the previously blank start page was replaced by a grid that holds your most visited pages, plus better full screen mode and a beta of WebKit2. Evolution renders email using WebKit. Major improvements to Disks. Revamped Files application (also known as Nautilus), with new features like Recent files and search. + +![GNOME 3.8](https://github.com/paulcarroty/Articles/raw/master/GNOME_History/3.8/applications-view.png) + +**GNOME 3.8**, 2013 + +Refreshed Core components: A new applications view with frequently used and all apps. An overhauled window layout. New input methods OSD switcher. The Notifications & Messaging tray now react to the force with which the pointer is pressed against the screen edge. Added Classic mode for those who prefer a more traditional desktop experience. The GNOME Settings application features an updated toolbar design. New Initial Setup assistant. GNOME Online Accounts integrates with more services. Web has been upgraded to use the WebKit2 engine. Web has a new private browsing mode. Documents has gained a new dual page mode & Google Documents integration. Improved user interface of Contacts. GNOME Files, GNOME Boxes and GNOME Disks have received a number of improvements. Integration of ownCloud. New GNOME Core Applications: GNOME Clocks and GNOME Weather. + +![GNOME 3.10](https://github.com/paulcarroty/Articles/raw/master/GNOME_History/3.10/GNOME-3-10-Release-Schedule-2.png) + +**GNOME 3.10**, 2013 + +A reworked system status area, which gives a more focused overview of the system. A collection of new applications, including GNOME Maps, GNOME Notes, GNOME Music and GNOME Photos. New geolocation features, such as automatic time zones and world clocks. HiDPI support[75] and smart card support. D-Bus activation made possible with GLib 2.38 + +![GNOME 3.12](https://github.com/paulcarroty/Articles/raw/master/GNOME_History/3.12/app-folders.png) + +**GNOME 3.12**, 2014 + +Improved keyboard navigation and window selection in the Overview. Revamped first set-up utility based on usability tests. Wired networking re-added to the system status area. Customizable application folders in the Applications view. Introduction of new GTK+ widgets such as popovers in many applications. New tab style in GTK+. GNOME Videos GNOME Terminal and gedit were given a fresh look, more consistent with the HIG. A search provider for the terminal emulator is included in GNOME Shell. Improvements to GNOME Software and high-density display support. A new sound recorder application. New desktop notifications API. Progress in the Wayland port has reached a usable state that can be optionally previewed. + +![GNOME 3.14](https://github.com/paulcarroty/Articles/raw/master/GNOME_History/3.14/Top-Features-of-GNOME-3-14-Gallery-459893-2.jpg) + +**GNOME 3.14**, 2014 + +Improved desktop environment animations. Improved touchscreen support. GNOME Software supports managing installed add-ons. GNOME Photos adds support for Google. Redesigned UI for Evince, Sudoku, Mines and Weather. Hitori is added as part of GNOME Games. + +![GNOME 3.16](https://github.com/paulcarroty/Articles/raw/master/GNOME_History/3.16/preview-apps.png) + +**GNOME 3.16**, 2015 + +33,000 changes. Major changes include UI color scheme goes from black to charcoal. Overlay scroll bars added. Improvements to notifications including integration with Calendar applet. Tweaks to various apps including Files, Image Viewer, and Maps. Access to Preview Apps. Continued porting from X11 to Wayland. + +Thanks to [Wikipedia][2] for short changelogs review and another big thanks for GNOME Project! Stay tuned! + + +-------------------------------------------------------------------------------- + +via: https://tlhp.cf/18-years-of-gnome-evolution/ + +作者:[Pavlo Rudyi][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://tlhp.cf/author/paul/ +[1]:https://www.gnome.org/ +[2]:https://en.wikipedia.org/wiki/GNOME \ No newline at end of file diff --git a/sources/talk/20151020 30 Years of Free Software Foundation--Best Quotes of Richard Stallman.md b/sources/talk/20151020 30 Years of Free Software Foundation--Best Quotes of Richard Stallman.md new file mode 100644 index 0000000000..af8bb311db --- /dev/null +++ b/sources/talk/20151020 30 Years of Free Software Foundation--Best Quotes of Richard Stallman.md @@ -0,0 +1,170 @@ +30 Years of Free Software Foundation: Best Quotes of Richard Stallman +================================================================================ +注:youtube 视频 + + +**Richard Matthew Stallman** (rms) – one of biggest figure in Information Technology. He is a computer programmer and architect (GNU Compiler Collection (GCC)), GNU Debugger, Emacs), software freedom evangelist, [GNU Project][1] and [FSF][2] founder. + +**GNU** is a recursive acronym “GNU’s Not Unix!”. GNU – collection of free computer software for Unix-based operation system. Can be used with GNU/Hurd and Linux kernels. Announced on September 27, 1983. General components: + +- GNU Compiler Collection (GCC) +- GNU C library (glibc) +- GNU Core Utilities (coreutils) +- GNU Debugger (GDB) +- GNU Binary Utilities (binutils) +- GNU Bash shell +- NOME desktop environment + +注:视频 + + +**Free Software Foundation** (FSF) – non-profit organization for free software and computer user freedom promotion and defend their rights. Read more information here. Founded on 4 October 1985. + +- The freedom to run the program as you wish, for any purpose (freedom 0). +- The freedom to study how the program works, and change it so it does your computing as you wish (freedom 1). Access to the source code is a precondition for this. +- The freedom to redistribute copies so you can help your neighbor (freedom 2). +- The freedom to distribute copies of your modified versions to others (freedom 3). By doing this you can give the whole community a chance to benefit from your changes. Access to the source code is a precondition for this. + +This is the Four Freedoms of free software. + +Here is quotes of Richard Stallman about freedom, software, social, philosophy and others things. + +**About Facebook:** + +> Facebook is not your friend, it is a surveillance engine. + +**About Android:** + +> Android is very different from the GNU/Linux operating system because it contains very little of GNU. Indeed, just about the only component in common between Android and GNU/Linux is Linux, the kernel. + +**About computer industry:** + +> The computer industry is the only industry that is more fashion-driven than women's fashion. + +**About cloud computing:** + +> The interesting thing about cloud computing is that we've redefined cloud computing to include everything that we already do. + +**About ethics:** + +> Whether gods exist or not, there is no way to get absolute certainty about ethics. Without absolute certainty, what do we do? We do the best we can. + +**About freedom:** + +> Free software is software that respects your freedom and the social solidarity of your community. So it's free as in freedom. + +**About goal and idealism:** + +> If you want to accomplish something in the world, idealism is not enough - you need to choose a method that works to achieve the goal. + +**About sharing:** + +> Sharing is good, and with digital technology, sharing is easy. + +**About facebook (extended version):** + +> Facebook mistreats its users. Facebook is not your friend; it is a surveillance engine. For instance, if you browse the Web and you see a 'like' button in some page or some other site that has been displayed from Facebook. Therefore, Facebook knows that your machine visited that page. + +**About web application:** + +> One reason you should not use web applications to do your computing is that you lose control. +> +> If you use a proprietary program or somebody else's web server, you're defenceless. You're putty in the hands of whoever developed that software. + +**About books:** + +> With paper printed books, you have certain freedoms. You can acquire the book anonymously by paying cash, which is the way I always buy books. I never use a credit card. I don't identify to any database when I buy books. Amazon takes away that freedom. + +**About MPAA:** + +> Officially, MPAA stands for Motion Picture Association of America, but I suggest that MPAA stands for Malicious Power Attacking All. + +**About money and career:** + +> I could have made money this way, and perhaps amused myself writing code. But I knew that at the end of my career, I would look back on years of building walls to divide people, and feel I had spent my life making the world a worse place. + +**About proprietary software:** + +> Proprietary software keeps users divided and helpless. Divided because each user is forbidden to redistribute it to others, and helpless because the users can't change it since they don't have the source code. They can't study what it really does. So the proprietary program is a system of unjust power. + +**About smartphone:** + +> A smartphone is a computer - it's not built using a computer - the job it does is the job of being a computer. So, everything we say about computers, that the software you run should be free - you should insist on that - applies to smart phones just the same. And likewise to those tablets. + +**About CD and digital content:** + +> CD stores have the disadvantage of an expensive inventory, but digital bookshops would need no such thing: they could write copies at the time of sale on to memory sticks, and sell you one if you forgot your own. + +**About paradigm of competition:** + +> The paradigm of competition is a race: by rewarding the winner, we encourage everyone to run faster. When capitalism really works this way, it does a good job; but its defenders are wrong in assuming it always works this way. + +**About vi and emacs:** + +> People sometimes ask me if it is a sin in the Church of Emacs to use vi. Using a free version of vi is not a sin; it is a penance. So happy hacking. + +**About freedom and history:** + +> Value your freedom or you will lose it, teaches history. 'Don't bother us with politics', respond those who don't want to learn. + +**About patents:** + +> Fighting patents one by one will never eliminate the danger of software patents, any more than swatting mosquitoes will eliminate malaria. +> +> Software patents are dangerous to software developers because they impose monopolies on software ideas. + +**About copyrights:** + +> In practice, the copyright system does a bad job of supporting authors, aside from the most popular ones. Other authors' principal interest is to be better known, so sharing their work benefits them as well as readers. + +**About pay for work:** + +> There is nothing wrong with wanting pay for work, or seeking to maximize one's income, as long as one does not use means that are destructive. + +**About Chrome OS:** + +> In essence, Chrome OS is the GNU/Linux operating system. However, it is delivered without the usual applications, and rigged up to impede and discourage installing applications. + +**About Linux users:** + +> Many users of the GNU/Linux system will not have heard the ideas of free software. They will not be aware that we have ideas, that a system exists because of ethical ideals, which were omitted from ideas associated with the term 'open source.' + +**About privacy in facebook:** + +> If there is a Like button in a page, Facebook knows who visited that page. And it can get IP address of the computer visiting the page even if the person is not a Facebook user. + +**About programming:** + +> Programming is not a science. Programming is a craft. +> +> My favorite programming languages are Lisp and C. However, since around 1992 I have worked mainly on free software activism, which means I am too busy to do much programming. Around 2008 I stopped doing programming projects. +> +> C++ is a badly designed and ugly language. It would be a shame to use it in Emacs. + +**About hacking and learn programming:** + +> People could no longer learn hacking the way I did, by starting to work on a real operating system, making real improvements. In fact, in the 1980s I often came across newly graduated computer science majors who had never seen a real program in their lives. They had only seen toy exercises, school exercises, because every real program was a trade secret. They never had the experience of writing features for users to really use, and fixing the bugs that real users came across. The things you need to know to do real work. +> +> It is hard to write a simple definition of something as varied as hacking, but I think what these activities have in common is playfulness, cleverness, and exploration. Thus, hacking means exploring the limits of what is possible, in a spirit of playful cleverness. Activities that display playful cleverness have "hack value". + +**About web browsing:** + +> For personal reasons, I do not browse the web from my computer. (I also have no net connection much of the time.) To look at page I send mail to a daemon which runs wget and mails the page back to me. It is very efficient use of my time, but it is slow in real time. + +**About music sharing:** + +> Friends share music with each other, they don't allow themselves to be divided by a system that says that nobody is supposed to have copies. + +-------------------------------------------------------------------------------- + +via: https://tlhp.cf/fsf-richard-stallman/ + +作者:[Pavlo Rudyi][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://tlhp.cf/author/paul/ +[1]:http://www.gnu.org/ +[2]:http://www.fsf.org/ \ No newline at end of file diff --git a/sources/talk/20151023 Mark Shuttleworth--The Man Behind Ubuntu Operating System.md b/sources/talk/20151023 Mark Shuttleworth--The Man Behind Ubuntu Operating System.md new file mode 100644 index 0000000000..3390c232ac --- /dev/null +++ b/sources/talk/20151023 Mark Shuttleworth--The Man Behind Ubuntu Operating System.md @@ -0,0 +1,119 @@ +Mark Shuttleworth – The Man Behind Ubuntu Operating System +================================================================================ +![](http://1426826955.rsc.cdn77.org/wp-content/uploads/2015/10/Mark-Shuttleworth-652x445.jpg) + +**Mark Richard Shuttleworth** is the founder of **Ubuntu** or the man behind the Debian as they call him. He was born in 1973 in Welkom, South Africa. He’s an entrepreneur and also space tourist who became later **1st citizen of independent African country who could travel to the space**. + +Mark also founded **Thawte** in 1996, the Internet commerce security company, while he was studying finance and IT at University of Cape Town. + +In 2000, Mark founded the HBD, as an investment company, and also he created the Shuttleworth Foundation in order to fund the innovative leaders in the society with combination of fellowships and some investments. + +> “The mobile world is crucial to the future of the PC. This month, for example, it became clear that the traditional PC is shrinking in favor of tablets. So if we want to be relevant on the PC, we have to figure out how to be relevant in the mobile world first. Mobile is also interesting because there’s no pirated Windows market. So if you win a device to your OS, it stays on your OS. In the PC world, we are constantly competing with “free Windows”, which presents somewhat unique challenges. So our focus now is to establish a great story around Ubuntu and mobile form factors – the tablet and the phone – on which we can build deeper relationships with everyday consumers.” +> +> — Mark Shuttleworth + +In 2002, he flew to International Space Station as member of their crew of Soyuz mission TM-34, after 1 year of training in the Star City, Russia. And after running campaign to promote the science, code, and mathematics to the aspiring astronauts and the other ambitious types at schools in SA, Mark founded the **Canonical Ltd**. and in 2013, he provided leadership for Ubuntu operating system for software development purposes. + +Today, Shuttleworth holds dual citizenship of United Kingdom and South Africa currently lives on lovely Mallards botanical garden in Isle of Man, with 18 precocious ducks, equally his lovely girlfriend Claire, 2 black bitches and occasional itinerant sheep. + +> “Computer is not a device anymore. It is an extension of your mind and your gateway to other people.” +> +> — Mark Shuttleworth + +### Mark Shuttleworth’s Early life ### + +As we mentioned above, Mark was born in Welkom, South Africa’s Orange Free State as son of surgeon and nursery-school teacher, Mark attended the school at Western Province Preparatory School where he became eventually the Head Boy in 1986, followed by 1 term at Rondebosch Boys’ High School, and later at Bishops/Diocesan College where he was again Head Boy in 1991. + +Mark obtained the Bachelor of Business Science degree in the Finance and Information Systems at University of Cape Town, where he lived there in Smuts Hall. He became, as a student, involved in installations of the 1st residential Internet connections at his university. + +> “There are many examples of companies and countries that have improved their competitiveness and efficiency by adopting open source strategies. The creation of skills through all levels is of fundamental importance to both companies and countries.” +> +> — Mark Shuttleworth + +### Mark Shuttleworth’s Career ### + +Mark founded Thawte in 1995, which was specialized in the digital certificates and Internet security, then he sold it to VeriSign in 1999, earning about $575 million at the time. + +In 2000, Mark formed the HBD Venture Capital (Here be Dragons), the business incubator and venture capital provider. In 2004, he formed the Canonical Ltd., for promotion and commercial support of the free software development projects, especially Ubuntu operating system. In 2009, Mark stepped down as CEO of Canonical, Ltd. + +> “In the early days of the DCC I preferred to let the proponents do their thing and then see how it all worked out in the end. Now we are pretty close to the end.” +> +> — Mark Shuttleworth + +### Linux and FOSS with Mark Shuttleworth ### + +In the late 1990s, Mark participated as one of developers of Debian operating system. + +In 2001, Mark formed the Shuttleworth Foundation, It is non-profit organization dedicated to the social innovation that also funds free, educational, and open source software projects in South Africa, including Freedom Toaster. + +In 2004, Mark returned to free software world by funding software development of Ubuntu, as it was Linux distribution based on Debian, throughout his company Canonical Ltd. + +In 2005, Mark founded Ubuntu Foundation and made initial investment of 10 million dollars. In Ubuntu project, Mark is often referred to with tongue-in-cheek title “**SABDFL (Self-Appointed Benevolent Dictator for Life)**”. To come up with list of names of people in order to hire for the entire project, Mark took about six months of Debian mailing list archives with him during his travelling to Antarctica aboard icebreaker Kapitan Khlebnikov in 2004. In 2005, Mark purchased 65% stake of Impi Linux. + +> “I urge telecommunications regulators to develop a commercial strategy for delivering effective access to the continent.” +> +> — Mark Shuttleworth + +In 2006, it was announced that Shuttleworth became **first patron of KDE**, which was highest level of sponsorship available at the time. This patronship ended in 2012, with financial support together for Kubuntu, which was Ubuntu variant with KDE as a main desktop. + +![](http://1426826955.rsc.cdn77.org/wp-content/uploads/2015/10/shuttleworth-kde.jpg) + +In 2009, Shuttleworth announced that, he would step down as the CEO of Canonical in order to focus more energy on partnership, product design, and the customers. Jane Silber, took on this job as the CEO at Canonical after he was the COO at Canonical since 2004. + +In 2010, Mark received the honorary degree from Open University for that work. + +In 2012, Mark and Kenneth Rogoff took part together in debate opposite Peter Thiel and Garry Kasparov at Oxford Union, this debate was entitled “**The Innovation Enigma**”. + +In 2013, Mark and Ubuntu were awarded **Austrian anti-privacy Big Brother Award** for sending the local Ubuntu Unity Dash searches to the Canonical servers by default. One year earlier in 2012, Mark had defended the anonymization method that was used. + +> “All the major PC companies now ship PC’s with Ubuntu pre-installed. So we have a very solid set of working engagements in the industry. But those PC companies are nervous to promote something new to PC buyers. If we can get PC buyers familiar with Ubuntu as a phone and tablet experience, then they may be more willing buy it on the PC too. Because no OS ever succeeded by emulating another OS. Android is great, but if we want to succeed we need to bring something new and better to market. We are all at risk of stagnating if we don’t pursue the future, vigorously. But if you pursue the future, you have to accept that not everybody will agree with your vision.” +> +> — Mark Shuttleworth + +### Mark Shuttleworth’s Spaceflight ### + +Mark gained worldwide fame in 2002 as a second self-funded space tourist and the first South African who could travel to the space. Flying through Space Adventures, Mark launched aboard Russian Soyuz TM-34 mission as spaceflight participant, and he paid approximately $20 million for that voyage. 2 days later, Soyuz spacecraft arrived at International Space Station, where Mark spent 8 days participating in the experiments related to the AIDS and the GENOME research. Later in 2002, Mark returned to the Earth on the Soyuz TM-33. To participate in that flight, Mark had to undergo 1 year of preparation and training, including 7 months spent in the Star City, Russia. + +![](http://1426826955.rsc.cdn77.org/wp-content/uploads/2015/10/Mark-Shuttleworth1.jpg) + +While in space, Mark had radio conversation with Nelson Mandela and another 14 year old South African girl, called Michelle Foster, who asked Mark to marry her. Of course Mark politely dodged that question, stating that he was much honored to this question before cunningly change the subject. The terminally ill Foster was also provided the opportunity to have conversation with Mark and Nelson Mandela by Reach for Dream foundation. + +Upon returning, Mark traveled widely and also spoke about that spaceflight to schoolchildren around the world. + +> “The raw numbers suggest that Ubuntu continues to grow in terms of actual users. And our partnerships – Dell, HP, Lenovo on the hardware front, and gaming companies like EA, Valve joining up on the software front – make me feel like we continue to lead where it matters.” +> +> — Mark Shuttleworth + +### Mark Shuttleworth’s Transport ### + +Mark has his private jet, Bombardier Global Express that is often referred to as Canonical One but it’s in fact owned through the HBD Venture Capital Company. The dragon depicted on side of the plane is Norman, HBD Venture Capital mascot. + +### The Legal Clash with South African Reserve Bank ### + +Upon the moving R2.5 billion in the capital from South Africa to Isle of Man, South African Reserve Bank imposed R250 million levy to release Mark’s assets. Mark appealed, and then after lengthy legal battle, Reserve Bank was ordered to repay Mark his R250 million, plus the interest. Mark announced that he would be donating that entire amount to trust that will be established in order to help others take cases to Constitutional Court. + +> “The exit charge was not inconsistent with the Constitution. The dominant purpose of the exit charge was not to raise revenue but rather to regulate conduct by discouraging the export of capital to protect the domestic economy.” +> +> — Judge Dikgang Moseneke + +In 2015, Constitutional Court of South Africa reversed and set-aside findings of lower courts, ruling that dominant purpose of the exit charge was in order to regulate conduct rather than for raising the revenue. + +### Mark Shuttleworth’s likes ### + +Cesária Évora, mp3s,Spring, Chelsea, finally seeing something obvious for first time, coming home, Sinatra, daydreaming, sundowners, flirting, d’Urberville, string theory, Linux, particle physics, Python, reincarnation, mig-29s, snow, travel, Mozilla, lime marmalade, body shots, the African bush, leopards, Rajasthan, Russian saunas, snowboarding, weightlessness, Iain m banks, broadband, Alastair Reynolds, fancy dress, skinny-dipping, flashes of insight, post-adrenaline euphoria, the inexplicable, convertibles, Clifton, country roads, international space station, machine learning, artificial intelligence, Wikipedia, Slashdot, kitesurfing, and Manx lanes. + +### Shuttleworth’s dislikes ### + +Admin, salary negotiations, legalese, and public speaking. + +-------------------------------------------------------------------------------- + +via: http://www.unixmen.com/mark-shuttleworth-man-behind-ubuntu-operating-system/ + +作者:[M.el Khamlichi][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.unixmen.com/author/pirat9/ \ No newline at end of file diff --git a/sources/talk/20151105 Linus Torvalds Lambasts Open Source Programmers over Insecure Code.md b/sources/talk/20151105 Linus Torvalds Lambasts Open Source Programmers over Insecure Code.md new file mode 100644 index 0000000000..1e37549646 --- /dev/null +++ b/sources/talk/20151105 Linus Torvalds Lambasts Open Source Programmers over Insecure Code.md @@ -0,0 +1,35 @@ +Linus Torvalds Lambasts Open Source Programmers over Insecure Code +================================================================================ +![](http://thevarguy.com/site-files/thevarguy.com/files/imagecache/medium_img/uploads/2015/11/linus-torvalds.jpg) + +Linus Torvalds's latest rant underscores the high expectations the Linux developer places on open source programmers—as well the importance of security for Linux kernel code. + +Torvalds is the unofficial "benevolent dictator" of the Linux kernel project. That means he gets to decide which code contributions go into the kernel, and which ones land in the reject pile. + +On Oct. 28, open source coders whose work did not meet Torvalds's expectations faced an [angry rant][1]. "Christ people," Torvalds wrote about the code. "This is just sh*t." + +He went on to call the coders "just incompetent and out to lunch." + +What made Torvalds so angry? He believed the code could have been written more efficiently. It could have been easier for other programmers to understand and would run better through a compiler, the program that translates human-readable code into the binaries that computers understand. + +Torvalds posted his own substitution for the code in question and suggested that the programmers should have written it his way. + +Torvalds has a history of lashing out against people with whom he disagrees. It stretches back to 1991, when he famously [flamed Andrew Tanenbaum][2]—whose Minix operating system he later described as a series of "brain-damages." No doubt this latest criticism of fellow open source coders will go down as another example of Torvalds's confrontational personality. + +But Torvalds may also have been acting strategically during this latest rant. "I want to make it clear to *everybody* that code like this is completely unacceptable," he wrote, suggesting that his goal was to send a message to all Linux programmers, not just vent his anger at particular ones. + +Torvalds also used the incident as an opportunity to highlight the security concerns that arise from poorly written code. Those are issues dear to open source programmers' hearts in an age when enterprises are finally taking software security seriously, and demanding top-notch performance from their code in this regard. Lambasting open source programmers who write insecure code thus helps Linux's image. + +-------------------------------------------------------------------------------- + +via: http://thevarguy.com/open-source-application-software-companies/110415/linus-torvalds-lambasts-open-source-programmers-over-inse + +作者:[Christopher Tozzi][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://thevarguy.com/author/christopher-tozzi +[1]:http://lkml.iu.edu/hypermail/linux/kernel/1510.3/02866.html +[2]:https://en.wikipedia.org/wiki/Tanenbaum%E2%80%93Torvalds_debate \ No newline at end of file diff --git a/sources/talk/20151117 How bad a boss is Linus Torvalds.md b/sources/talk/20151117 How bad a boss is Linus Torvalds.md new file mode 100644 index 0000000000..8b10e44584 --- /dev/null +++ b/sources/talk/20151117 How bad a boss is Linus Torvalds.md @@ -0,0 +1,77 @@ +How bad a boss is Linus Torvalds? +================================================================================ +![linus torvalds](http://images.techhive.com/images/article/2015/08/linus_torvalds-100600260-primary.idge.jpg) + +*Linus Torvalds addressed a packed auditorium of Linux enthusiasts during his speech at the LinuxWorld show in San Jose, California, on August 10, 1999. Credit: James Niccolai* + +**It depends on context. In the world of software development, he’s what passes for normal. The question is whether that situation should be allowed to continue.** + +I've known Linus Torvalds, Linux's inventor, for over 20 years. We're not chums, but we like each other. + +Lately, Torvalds has been getting a lot of flack for his management style. Linus doesn't suffer fools gladly. He has one way of judging people in his business of developing the Linux kernel: How good is your code? + +Nothing else matters. As Torvalds said earlier this year at the Linux.conf.au Conference, "I'm not a nice person, and I don't care about you. [I care about the technology and the kernel][1] -- that's what's important to me." + +Now, I can deal with that kind of person. If you can't, you should avoid the Linux kernel community, where you'll find a lot of this kind of meritocratic thinking. Which is not to say that I think everything in Linuxland is hunky-dory and should be impervious to calls for change. A meritocracy I can live with; a bastion of male dominance where women are subjected to scorn and disrespect is a problem. + +That's why I see the recent brouhaha about Torvalds' management style -- or more accurately, his total indifference to the personal side of management -- as nothing more than standard operating procedure in the world of software development. And at the same time, I see another instance that has come to light as evidence of a need for things to really change. + +The first situation arose with the [release of Linux 4.3][2], when Torvalds used the Linux Kernel Mailing List to tear into a developer who had inserted some networking code that Torvalds thought was -- well, let's say "crappy." "[[A]nd it generates [crappy] code.][3] It looks bad, and there's no reason for it." He goes on in this vein for quite a while. Besides the word "crap" and its earthier synonym, he uses the word "idiotic" pretty often. + +Here's the thing, though. He's right. I read the code. It's badly written and it does indeed seem to have been designed to use the new "overflow_usub()" function just for the sake of using it. + +Now, some people see this diatribe as evidence that Torvalds is a bad-tempered bully. I see a perfectionist who, within his field, doesn't put up with crap. + +Many people have told me that this is not how professional programmers should act. People, have you ever worked with top developers? That's exactly how they act, at Apple, Microsoft, Oracle and everywhere else I've known them. + +I've heard Steve Jobs rip a developer to pieces. I've cringed while a senior Oracle developer lead tore into a room of new programmers like a piranha through goldfish. + +In Accidental Empires, his classic book on the rise of PCs, Robert X. Cringely described Microsoft's software management style when Bill Gates was in charge as a system where "Each level, from Gates on down, screams at the next, goading and humiliating them." Ah, yes, that's the Microsoft I knew and hated. + +The difference between the leaders at big proprietary software companies and Torvalds is that he says everything in the open for the whole world to see. The others do it in private conference rooms. I've heard people claim that Torvalds would be fired in their company. Nope. He'd be right where he is now: on top of his programming world. + +Oh, and there's another difference. If you get, say, Larry Ellison mad at you, you can kiss your job goodbye. When you get Torvalds angry at your work, you'll get yelled at in an email. That's it. + +You see, Torvalds isn't anyone's boss. He's the guy in charge of a project with about 10,000 contributors, but he has zero hiring and firing authority. He can hurt your feelings, but that's about it. + +That said, there is a serious problem within both open-source and proprietary software development circles. No matter how good a programmer you are, if you're a woman, the cards are stacked against you. + +No case shows this better than that of Sarah Sharp, an Intel developer and formerly a top Linux programmer. [In a post on her blog in October][4], she explained why she had stopped contributing to the Linux kernel more than a year earlier: "I finally realized that I could no longer contribute to a community where I was technically respected, but I could not ask for personal respect.... I did not want to work professionally with people who were allowed to get away with subtle sexist or homophobic jokes." + +Who can blame her? I can't. Torvalds, like almost every software manager I've ever known, I'm sorry to say, has permitted a hostile work environment. + +He would probably say that it's not his job to ensure that Linux contributors behave with professionalism and mutual respect. He's concerned with the code and nothing but the code. + +As Sharp wrote: + +> I have the utmost respect for the technical efforts of the Linux kernel community. They have scaled and grown a project that is focused on maintaining some of the highest coding standards out there. The focus on technical excellence, in combination with overloaded maintainers, and people with different cultural and social norms, means that Linux kernel maintainers are often blunt, rude, or brutal to get their job done. Top Linux kernel developers often yell at each other in order to correct each other's behavior. +> +> That's not a communication style that works for me. … +> +> Many senior Linux kernel developers stand by the right of maintainers to be technically and personally brutal. Even if they are very nice people in person, they do not want to see the Linux kernel communication style change. + +She's right. + +Where I differ from other observers is that I don't think that this problem is in any way unique to Linux or open-source communities. With five years of work in the technology business and 25 years as a technology journalist, I've seen this kind of immature boy behavior everywhere. + +It's not Torvalds' fault. He's a technical leader with a vision, not a manager. The real problem is that there seems to be no one in the software development universe who can set a supportive tone for teams and communities. + +Looking ahead, I hope that companies and organizations, such as the Linux Foundation, can find a way to empower community managers or other managers to encourage and enforce civil behavior. + +We won't, unfortunately, find that kind of managerial finesse in our pure technical or business leaders. It's not in their DNA. + +-------------------------------------------------------------------------------- + +via: http://www.computerworld.com/article/3004387/it-management/how-bad-a-boss-is-linus-torvalds.html + +作者:[Steven J. Vaughan-Nichols][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.computerworld.com/author/Steven-J.-Vaughan_Nichols/ +[1]:http://www.computerworld.com/article/2874475/linus-torvalds-diversity-gaffe-brings-out-the-best-and-worst-of-the-open-source-world.html +[2]:http://www.zdnet.com/article/linux-4-3-released-after-linus-torvalds-scraps-brain-damage-code/ +[3]:http://lkml.iu.edu/hypermail/linux/kernel/1510.3/02866.html +[4]:http://sarah.thesharps.us/2015/10/05/closing-a-door/ \ No newline at end of file diff --git a/sources/talk/20151124 Review--5 memory debuggers for Linux coding.md b/sources/talk/20151124 Review--5 memory debuggers for Linux coding.md new file mode 100644 index 0000000000..db465e47cd --- /dev/null +++ b/sources/talk/20151124 Review--5 memory debuggers for Linux coding.md @@ -0,0 +1,284 @@ +Review: 5 memory debuggers for Linux coding +================================================================================ +![](http://images.techhive.com/images/article/2015/11/penguinadmin-2400px-100627186-primary.idge.jpg) +Credit: [Moini][1] + +As a programmer, I'm aware that I tend to make mistakes -- and why not? Even programmers are human. Some errors are detected during code compilation, while others get caught during software testing. However, a category of error exists that usually does not get detected at either of these stages and that may cause the software to behave unexpectedly -- or worse, terminate prematurely. + +If you haven't already guessed it, I am talking about memory-related errors. Manually debugging these errors can be not only time-consuming but difficult to find and correct. Also, it's worth mentioning that these errors are surprisingly common, especially in software written in programming languages like C and C++, which were designed for use with [manual memory management][2]. + +Thankfully, several programming tools exist that can help you find memory errors in your software programs. In this roundup, I assess five popular, free and open-source memory debuggers that are available for Linux: Dmalloc, Electric Fence, Memcheck, Memwatch and Mtrace. I've used all five in my day-to-day programming, and so these reviews are based on practical experience. + +eviews are based on practical experience. + +### [Dmalloc][3] ### + +**Developer**: Gray Watson +**Reviewed version**: 5.5.2 +**Linux support**: All flavors +**License**: Creative Commons Attribution-Share Alike 3.0 License + +Dmalloc is a memory-debugging tool developed by Gray Watson. It is implemented as a library that provides wrappers around standard memory management functions like **malloc(), calloc(), free()** and more, enabling programmers to detect problematic code. + +![cw dmalloc output](http://images.techhive.com/images/article/2015/11/cw_dmalloc-output-100627040-large.idge.png) +Dmalloc + +As listed on the tool's Web page, the debugging features it provides includes memory-leak tracking, [double free][4] error tracking and [fence-post write detection][5]. Other features include file/line number reporting, and general logging of statistics. + +#### What's new #### + +Version 5.5.2 is primarily a [bug-fix release][6] containing corrections for a couple of build and install problems. + +#### What's good about it #### + +The best part about Dmalloc is that it's extremely configurable. For example, you can configure it to include support for C++ programs as well as threaded applications. A useful functionality it provides is runtime configurability, which means that you can easily enable/disable the features the tool provides while it is being executed. + +You can also use Dmalloc with the [GNU Project Debugger (GDB)][7] -- just add the contents of the dmalloc.gdb file (located in the contrib subdirectory in Dmalloc's source package) to the .gdbinit file in your home directory. + +Another thing that I really like about Dmalloc is its extensive documentation. Just head to the [documentation section][8] on its official website, and you'll get everything from how to download, install, run and use the library to detailed descriptions of the features it provides and an explanation of the output file it produces. There's also a section containing solutions to some common problems. + +#### Other considerations #### + +Like Mtrace, Dmalloc requires programmers to make changes to their program's source code. In this case you may, at the very least, want to add the **dmalloc.h** header, because it allows the tool to report the file/line numbers of calls that generate problems, something that is very useful as it saves time while debugging. + +In addition, the Dmalloc library, which is produced after the package is compiled, needs to be linked with your program while the program is being compiled. + +However, complicating things somewhat is the fact that you also need to set an environment variable, dubbed **DMALLOC_OPTION**, that the debugging tool uses to configure the memory debugging features -- as well as the location of the output file -- at runtime. While you can manually assign a value to the environment variable, beginners may find that process a bit tough, given that the Dmalloc features you want to enable are listed as part of that value, and are actually represented as a sum of their respective hexadecimal values -- you can read more about it [here][9]. + +An easier way to set the environment variable is to use the [Dmalloc Utility Program][10], which was designed for just that purpose. + +#### Bottom line #### + +Dmalloc's real strength lies in the configurability options it provides. It is also highly portable, having being successfully ported to many OSes, including AIX, BSD/OS, DG/UX, Free/Net/OpenBSD, GNU/Hurd, HPUX, Irix, Linux, MS-DOG, NeXT, OSF, SCO, Solaris, SunOS, Ultrix, Unixware and even Unicos (on a Cray T3E). Although the tool has a bit of a learning curve associated with it, the features it provides are worth it. + +### [Electric Fence][15] ### + +**Developer**: Bruce Perens +**Reviewed version**: 2.2.3 +**Linux support**: All flavors +**License**: GNU GPL (version 2) + +Electric Fence is a memory-debugging tool developed by Bruce Perens. It is implemented in the form of a library that your program needs to link to, and is capable of detecting overruns of memory allocated on a [heap][11] ) as well as memory accesses that have already been released. + +![cw electric fence output](http://images.techhive.com/images/article/2015/11/cw_electric-fence-output-100627041-large.idge.png) +Electric Fence + +As the name suggests, Electric Fence creates a virtual fence around each allocated buffer in a way that any illegal memory access results in a [segmentation fault][12]. The tool supports both C and C++ programs. + +#### What's new #### + +Version 2.2.3 contains a fix for the tool's build system, allowing it to actually pass the -fno-builtin-malloc option to the [GNU Compiler Collection (GCC)][13]. + +#### What's good about it #### + +The first thing that I liked about Electric Fence is that -- unlike Memwatch, Dmalloc and Mtrace -- it doesn't require you to make any changes in the source code of your program. You just need to link your program with the tool's library during compilation. + +Secondly, the way the debugging tool is implemented makes sure that a segmentation fault is generated on the very first instruction that causes a bounds violation, which is always better than having the problem detected at a later stage. + +Electric Fence always produces a copyright message in output irrespective of whether an error was detected or not. This behavior is quite useful, as it also acts as a confirmation that you are actually running an Electric Fence-enabled version of your program. + +#### Other considerations #### + +On the other hand, what I really miss in Electric Fence is the ability to detect memory leaks, as it is one of the most common and potentially serious problems that software written in C/C++ has. In addition, the tool cannot detect overruns of memory allocated on the stack, and is not thread-safe. + +Given that the tool allocates an inaccessible virtual memory page both before and after a user-allocated memory buffer, it ends up consuming a lot of extra memory if your program makes too many dynamic memory allocations. + +Another limitation of the tool is that it cannot explicitly tell exactly where the problem lies in your programs' code -- all it does is produce a segmentation fault whenever it detects a memory-related error. To find out the exact line number, you'll have to debug your Electric Fence-enabled program with a tool like [The Gnu Project Debugger (GDB)][14], which in turn depends on the -g compiler option to produce line numbers in output. + +Finally, although Electric Fence is capable of detecting most buffer overruns, an exception is the scenario where the allocated buffer size is not a multiple of the word size of the system -- in that case, an overrun (even if it's only a few bytes) won't be detected. + +#### Bottom line #### + +Despite all its limitations, where Electric Fence scores is the ease of use -- just link your program with the tool once, and it'll alert you every time it detects a memory issue it's capable of detecting. However, as already mentioned, the tool requires you to use a source-code debugger like GDB. + +### [Memcheck][16] ### + +**Developer**: [Valgrind Developers][17] +**Reviewed version**: 3.10.1 +**Linux support**: All flavors +**License**: GPL + +[Valgrind][18] is a suite that provides several tools for debugging and profiling Linux programs. Although it works with programs written in many different languages -- such as Java, Perl, Python, Assembly code, Fortran, Ada and more -- the tools it provides are largely aimed at programs written in C and C++. + +The most popular Valgrind tool is Memcheck, a memory-error detector that can detect issues such as memory leaks, invalid memory access, uses of undefined values and problems related to allocation and deallocation of heap memory. + +#### What's new #### + +This [release][19] of the suite (3.10.1) is a minor one that primarily contains fixes to bugs reported in version 3.10.0. In addition, it also "backports fixes for all reported missing AArch64 ARMv8 instructions and syscalls from the trunk." + +#### What's good about it #### + +Memcheck, like all other Valgrind tools, is basically a command line utility. It's very easy to use: If you normally run your program on the command line in a form such as prog arg1 arg2, you just need to add a few values, like this: valgrind --leak-check=full prog arg1 arg2. + +![cw memcheck output](http://images.techhive.com/images/article/2015/11/cw_memcheck-output-100627037-large.idge.png) +Memcheck + +(Note: You don't need to mention Memcheck anywhere in the command line because it's the default Valgrind tool. However, you do need to initially compile your program with the -g option -- which adds debugging information -- so that Memcheck's error messages include exact line numbers.) + +What I really like about Memcheck is that it provides a lot of command line options (such as the --leak-check option mentioned above), allowing you to not only control how the tool works but also how it produces the output. + +For example, you can enable the --track-origins option to see information on the sources of uninitialized data in your program. Enabling the --show-mismatched-frees option will let Memcheck match the memory allocation and deallocation techniques. For code written in C language, Memcheck will make sure that only the free() function is used to deallocate memory allocated by malloc(), while for code written in C++, the tool will check whether or not the delete and delete[] operators are used to deallocate memory allocated by new and new[], respectively. If a mismatch is detected, an error is reported. + +But the best part, especially for beginners, is that the tool even produces suggestions about which command line option the user should use to make the output more meaningful. For example, if you do not use the basic --leak-check option, it will produce an output suggesting: "Rerun with --leak-check=full to see details of leaked memory." And if there are uninitialized variables in the program, the tool will generate a message that says, "Use --track-origins=yes to see where uninitialized values come from." + +Another useful feature of Memcheck is that it lets you [create suppression files][20], allowing you to suppress certain errors that you can't fix at the moment -- this way you won't be reminded of them every time the tool is run. It's worth mentioning that there already exists a default suppression file that Memcheck reads to suppress errors in the system libraries, such as the C library, that come pre-installed with your OS. You can either create a new suppression file for your use, or edit the existing one (usually /usr/lib/valgrind/default.supp). + +For those seeking advanced functionality, it's worth knowing that Memcheck can also [detect memory errors][21] in programs that use [custom memory allocators][22]. In addition, it also provides [monitor commands][23] that can be used while working with Valgrind's built-in gdbserver, as well as a [client request mechanism][24] that allows you not only to tell the tool facts about the behavior of your program, but make queries as well. + +#### Other considerations #### + +While there's no denying that Memcheck can save you a lot of debugging time and frustration, the tool uses a lot of memory, and so can make your program execution significantly slower (around 20 to 30 times, [according to the documentation][25]). + +Aside from this, there are some other limitations, too. According to some user comments, Memcheck apparently isn't [thread-safe][26]; it doesn't detect [static buffer overruns][27]). Also, there are some Linux programs, like [GNU Emacs][28], that currently do not work with Memcheck. + +If you're interested in taking a look, an exhaustive list of Valgrind's limitations can be found [here][29]. + +#### Bottom line #### + +Memcheck is a handy memory-debugging tool for both beginners as well as those looking for advanced features. While it's very easy to use if all you need is basic debugging and error checking, there's a bit of learning curve if you want to use features like suppression files or monitor commands. + +Although it has a long list of limitations, Valgrind (and hence Memcheck) claims on its site that it is used by [thousands of programmers][30] across the world -- the team behind the tool says it's received feedback from users in over 30 countries, with some of them working on projects with up to a whopping 25 million lines of code. + +### [Memwatch][31] ### + +**Developer**: Johan Lindh +**Reviewed version**: 2.71 +**Linux support**: All flavors +**License**: GNU GPL + +Memwatch is a memory-debugging tool developed by Johan Lindh. Although it's primarily a memory-leak detector, it is also capable (according to its Web page) of detecting other memory-related issues like [double-free error tracking and erroneous frees][32], buffer overflow and underflow, [wild pointer][33] writes, and more. + +The tool works with programs written in C. Although you can also use it with C++ programs, it's not recommended (according to the Q&A file that comes with the tool's source package). + +#### What's new #### + +This version adds ULONG_LONG_MAX to detect whether a program is 32-bit or 64-bit. + +#### What's good about it #### + +Like Dmalloc, Memwatch comes with good documentation. You can refer to the USING file if you want to learn things like how the tool works; how it performs initialization, cleanup and I/O operations; and more. Then there is a FAQ file that is aimed at helping users in case they face any common error while using Memcheck. Finally, there is a test.c file that contains a working example of the tool for your reference. + +![cw memwatch output](http://images.techhive.com/images/article/2015/11/cw_memwatch_output-100627038-large.idge.png) +Memwatch + +Unlike Mtrace, the log file to which Memwatch writes the output (usually memwatch.log) is in human-readable form. Also, instead of truncating, Memwatch appends the memory-debugging output to the file each time the tool is run, allowing you to easily refer to the previous outputs should the need arise. + +It's also worth mentioning that when you execute your program with Memwatch enabled, the tool produces a one-line output on [stdout][34] informing you that some errors were found -- you can then head to the log file for details. If no such error message is produced, you can rest assured that the log file won't contain any mistakes -- this actually saves time if you're running the tool several times. + +Another thing that I liked about Memwatch is that it also provides a way through which you can capture the tool's output from within the code, and handle it the way you like (refer to the mwSetOutFunc() function in the Memwatch source code for more on this). + +#### Other considerations #### + +Like Mtrace and Dmalloc, Memwatch requires you to add extra code to your source file -- you have to include the memwatch.h header file in your code. Also, while compiling your program, you need to either compile memwatch.c along with your program's source files or include the object module from the compile of the file, as well as define the MEMWATCH and MW_STDIO variables on the command line. Needless to say, the -g compiler option is also required for your program if you want exact line numbers in the output. + +There are some features that it doesn't contain. For example, the tool cannot detect attempts to write to an address that has already been freed or read data from outside the allocated memory. Also, it's not thread-safe. Finally, as I've already pointed out in the beginning, there is no guarantee on how the tool will behave if you use it with programs written in C++. + +#### Bottom line #### + +Memcheck can detect many memory-related problems, making it a handy debugging tool when dealing with projects written in C. Given that it has a very small source code, you can learn how the tool works, debug it if the need arises, and even extend or update its functionality as per your requirements. + +### [Mtrace][35] ### + +**Developers**: Roland McGrath and Ulrich Drepper +**Reviewed version**: 2.21 +**Linux support**: All flavors +**License**: GNU LGPL + +Mtrace is a memory-debugging tool included in [the GNU C library][36]. It works with both C and C++ programs on Linux, and detects memory leaks caused by unbalanced calls to the malloc() and free() functions. + +![cw mtrace output](http://images.techhive.com/images/article/2015/11/cw_mtrace-output-100627039-large.idge.png) +Mtrace + +The tool is implemented in the form of a function called mtrace(), which traces all malloc/free calls made by a program and logs the information in a user-specified file. Because the file contains data in computer-readable format, a Perl script -- also named mtrace -- is used to convert and display it in human-readable form. + +#### What's new #### + +[The Mtrace source][37] and [the Perl file][38] that now come with the GNU C library (version 2.21) add nothing new to the tool aside from an update to the copyright dates. + +#### What's good about it #### + +The best part about Mtrace is that the learning curve for it isn't steep; all you need to understand is how and where to add the mtrace() -- and the corresponding muntrace() -- function in your code, and how to use the Mtrace Perl script. The latter is very straightforward -- all you have to do is run the mtrace() command. (For an example, see the last command in the screenshot above.) + +Another thing that I like about Mtrace is that it's scalable -- which means that you can not only use it to debug a complete program, but can also use it to detect memory leaks in individual modules of the program. Just call the mtrace() and muntrace() functions within each module. + +Finally, since the tool is triggered when the mtrace() function -- which you add in your program's source code -- is executed, you have the flexibility to enable the tool dynamically (during program execution) [using signals][39]. + +#### Other considerations #### + +Because the calls to mtrace() and mauntrace() functions -- which are declared in the mcheck.h file that you need to include in your program's source -- are fundamental to Mtrace's operation (the mauntrace() function is not [always required][40]), the tool requires programmers to make changes in their code at least once. + +Be aware that you need to compile your program with the -g option (provided by both the [GCC][41] and [G++][42] compilers), which enables the debugging tool to display exact line numbers in the output. In addition, some programs (depending on how big their source code is) can take a long time to compile. Finally, compiling with -g increases the size of the executable (because it produces extra information for debugging), so you have to remember that the program needs to be recompiled without -g after the testing has been completed. + +To use Mtrace, you need to have some basic knowledge of environment variables in Linux, given that the path to the user-specified file -- which the mtrace() function uses to log all the information -- has to be set as a value for the MALLOC_TRACE environment variable before the program is executed. + +Feature-wise, Mtrace is limited to detecting memory leaks and attempts to free up memory that was never allocated. It can't detect other memory-related issues such as illegal memory access or use of uninitialized memory. Also, [there have been complaints][43] that it's not [thread-safe][44]. + +### Conclusions ### + +Needless to say, each memory debugger that I've discussed here has its own qualities and limitations. So, which one is best suited for you mostly depends on what features you require, although ease of setup and use might also be a deciding factor in some cases. + +Mtrace is best suited for cases where you just want to catch memory leaks in your software program. It can save you some time, too, since the tool comes pre-installed on your Linux system, something which is also helpful in situations where the development machines aren't connected to the Internet or you aren't allowed to download a third party tool for any kind of debugging. + +Dmalloc, on the other hand, can not only detect more error types compared to Mtrace, but also provides more features, such as runtime configurability and GDB integration. Also, unlike any other tool discussed here, Dmalloc is thread-safe. Not to mention that it comes with detailed documentation, making it ideal for beginners. + +Although Memwatch comes with even more comprehensive documentation than Dmalloc, and can detect even more error types, you can only use it with software written in the C programming language. One of its features that stands out is that it lets you handle its output from within the code of your program, something that is helpful in case you want to customize the format of the output. + +If making changes to your program's source code is not what you want, you can use Electric Fence. However, keep in mind that it can only detect a couple of error types, and that doesn't include memory leaks. Plus, you also need to know GDB basics to make the most out of this memory-debugging tool. + +Memcheck is probably the most comprehensive of them all. It detects more error types and provides more features than any other tool discussed here -- and it doesn't require you to make any changes in your program's source code.But be aware that, while the learning curve is not very high for basic usage, if you want to use its advanced features, a level of expertise is definitely required. + +-------------------------------------------------------------------------------- + +via: http://www.computerworld.com/article/3003957/linux/review-5-memory-debuggers-for-linux-coding.html + +作者:[Himanshu Arora][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.computerworld.com/author/Himanshu-Arora/ +[1]:https://openclipart.org/detail/132427/penguin-admin +[2]:https://en.wikipedia.org/wiki/Manual_memory_management +[3]:http://dmalloc.com/ +[4]:https://www.owasp.org/index.php/Double_Free +[5]:https://stuff.mit.edu/afs/sipb/project/gnucash-test/src/dmalloc-4.8.2/dmalloc.html#Fence-Post%20Overruns +[6]:http://dmalloc.com/releases/notes/dmalloc-5.5.2.html +[7]:http://www.gnu.org/software/gdb/ +[8]:http://dmalloc.com/docs/ +[9]:http://dmalloc.com/docs/latest/online/dmalloc_26.html#SEC32 +[10]:http://dmalloc.com/docs/latest/online/dmalloc_23.html#SEC29 +[11]:https://en.wikipedia.org/wiki/Memory_management#Dynamic_memory_allocation +[12]:https://en.wikipedia.org/wiki/Segmentation_fault +[13]:https://en.wikipedia.org/wiki/GNU_Compiler_Collection +[14]:http://www.gnu.org/software/gdb/ +[15]:https://launchpad.net/ubuntu/+source/electric-fence/2.2.3 +[16]:http://valgrind.org/docs/manual/mc-manual.html +[17]:http://valgrind.org/info/developers.html +[18]:http://valgrind.org/ +[19]:http://valgrind.org/docs/manual/dist.news.html +[20]:http://valgrind.org/docs/manual/mc-manual.html#mc-manual.suppfiles +[21]:http://valgrind.org/docs/manual/mc-manual.html#mc-manual.mempools +[22]:http://stackoverflow.com/questions/4642671/c-memory-allocators +[23]:http://valgrind.org/docs/manual/mc-manual.html#mc-manual.monitor-commands +[24]:http://valgrind.org/docs/manual/mc-manual.html#mc-manual.clientreqs +[25]:http://valgrind.org/docs/manual/valgrind_manual.pdf +[26]:http://sourceforge.net/p/valgrind/mailman/message/30292453/ +[27]:https://msdn.microsoft.com/en-us/library/ee798431%28v=cs.20%29.aspx +[28]:http://www.computerworld.com/article/2484425/linux/5-free-linux-text-editors-for-programming-and-word-processing.html?nsdr=true&page=2 +[29]:http://valgrind.org/docs/manual/manual-core.html#manual-core.limits +[30]:http://valgrind.org/info/ +[31]:http://www.linkdata.se/sourcecode/memwatch/ +[32]:http://www.cecalc.ula.ve/documentacion/tutoriales/WorkshopDebugger/007-2579-007/sgi_html/ch09.html +[33]:http://c2.com/cgi/wiki?WildPointer +[34]:https://en.wikipedia.org/wiki/Standard_streams#Standard_output_.28stdout.29 +[35]:http://www.gnu.org/software/libc/manual/html_node/Tracing-malloc.html +[36]:https://www.gnu.org/software/libc/ +[37]:https://sourceware.org/git/?p=glibc.git;a=history;f=malloc/mtrace.c;h=df10128b872b4adc4086cf74e5d965c1c11d35d2;hb=HEAD +[38]:https://sourceware.org/git/?p=glibc.git;a=history;f=malloc/mtrace.pl;h=0737890510e9837f26ebee2ba36c9058affb0bf1;hb=HEAD +[39]:http://webcache.googleusercontent.com/search?q=cache:s6ywlLtkSqQJ:www.gnu.org/s/libc/manual/html_node/Tips-for-the-Memory-Debugger.html+&cd=1&hl=en&ct=clnk&gl=in&client=Ubuntu +[40]:http://www.gnu.org/software/libc/manual/html_node/Using-the-Memory-Debugger.html#Using-the-Memory-Debugger +[41]:http://linux.die.net/man/1/gcc +[42]:http://linux.die.net/man/1/g++ +[43]:https://sourceware.org/ml/libc-help/2014-05/msg00008.html +[44]:https://en.wikipedia.org/wiki/Thread_safety \ No newline at end of file diff --git a/sources/talk/20151125 20 Years of GIMP Evolution--Step by Step.md b/sources/talk/20151125 20 Years of GIMP Evolution--Step by Step.md new file mode 100644 index 0000000000..edcef22d7f --- /dev/null +++ b/sources/talk/20151125 20 Years of GIMP Evolution--Step by Step.md @@ -0,0 +1,171 @@ +20 Years of GIMP Evolution: Step by Step +================================================================================ +注:youtube 视频 + + +[GIMP][1] (GNU Image Manipulation Program) – superb open source and free graphics editor. Development began in 1995 as students project of the University of California, Berkeley by Peter Mattis and Spencer Kimball. In 1997 the project was renamed in “GIMP” and became an official part of [GNU Project][2]. During these years the GIMP is one of the best graphics editor and platinum holy wars “GIMP vs Photoshop” – one of the most popular. + +The first announce, 21.11.1995: + +> From: Peter Mattis +> +> Subject: ANNOUNCE: The GIMP +> +> Date: 1995-11-21 +> +> Message-ID: <48s543$r7b@agate.berkeley.edu> +> +> Newsgroups: comp.os.linux.development.apps,comp.os.linux.misc,comp.windows.x.apps +> +> The GIMP: the General Image Manipulation Program +> ------------------------------------------------ +> +> The GIMP is designed to provide an intuitive graphical interface to a +> variety of image editing operations. Here is a list of the GIMP's +> major features: +> +> Image viewing +> ------------- +> +> * Supports 8, 15, 16 and 24 bit color. +> * Ordered and Floyd-Steinberg dithering for 8 bit displays. +> * View images as rgb color, grayscale or indexed color. +> * Simultaneously edit multiple images. +> * Zoom and pan in real-time. +> * GIF, JPEG, PNG, TIFF and XPM support. +> +> Image editing +> ------------- +> +> * Selection tools including rectangle, ellipse, free, fuzzy, bezier +> and intelligent. +> * Transformation tools including rotate, scale, shear and flip. +> * Painting tools including bucket, brush, airbrush, clone, convolve, +> blend and text. +> * Effects filters (such as blur, edge detect). +> * Channel & color operations (such as add, composite, decompose). +> * Plug-ins which allow for the easy addition of new file formats and +> new effect filters. +> * Multiple undo/redo. + +GIMP 0.54, 1996 + +![](https://github.com/paulcarroty/Articles/raw/master/GIMP%20History/054.png) + +GIMP 0.54 was required X11 displays, X-server and Motif 1.2 wigdets and supported 8, 15, 16 & 24 color depths with RGB & grayscale colors. Supported images format: GIF, JPEG, PNG, TIFF and XPM. + +Basic functionality: rectangle, ellipse, free, fuzzy, bezier, intelligent selection tools, and rotate, scale, shear, clone, blend and flip images. + +Extended tools: text operations, effects filters, tools for channel and colors manipulation, undo and redo operations. Since the first version GIMP support the plugin system. + +GIMP 0.54 can be ran in Linux, HP-UX, Solaris, SGI IRIX. + +### GIMP 0.60, 1997 ### + +![](https://github.com/paulcarroty/Articles/raw/master/GIMP%20History/060.gif) + +This is development release, not for all users. GIMP has the new toolkits – GDK (GIMP Drawing Kit) and GTK (GIMP Toolkit), Motif support is deprecated. GIMP Toolkit is also begin of the GTK+ cross-platform widget toolkit. New features: + +- basic layers +- sub-pixel sampling +- brush spacing +- improver airbrush +- paint modes + +### GIMP 0.99, 1997 ### + +![](https://github.com/paulcarroty/Articles/raw/master/GIMP%20History/099.png) + +Since 0.99 version GIMP has the scripts add macros (Script-Fus) support. GTK and GDK with some improvements has now the new name – GTK+. Other improvements: + +- support big images (rather than 100 MB) +- new native format – XCF +- new API – write plugins and extensions is easy + +### GIMP 1.0, 1998 ### + +![](https://github.com/paulcarroty/Articles/raw/master/GIMP%20History/100.gif) + +GIMP and GTK+ was splitted into separate projects. The GIMP official website has +reconstructed and contained new tutorials, plugins and documentation. New features: + +- tile-based memory management +- massive changes in plugin API +- XFC format now support layers, guides and selections +- web interface +- online graphics generation + +### GIMP 1.2, 2000 ### + +New features: + +- translation for non-english languages +- fixed many bugs in GTK+ and GIMP +- many new plugins +- image map +- new toolbox: resize, measure, dodge, burn, smugle, samle colorize and curve bend +- image pipes +- images preview before saving +- scaled brush preview +- recursive selection by path +- new navigation window +- drag’n’drop +- watermarks support + +### GIMP 2.0, 2004 ### + +![](https://github.com/paulcarroty/Articles/raw/master/GIMP%20History/200.png) + +The biggest change – new GTK+ 2.x toolkit. + +### GIMP 2.2, 2004 ### + +![](https://github.com/paulcarroty/Articles/raw/master/GIMP%20History/220.png) + +Many bugfixes and drag’n’drop support. + +### GIMP 2.4, 2007 ### + +![](https://github.com/paulcarroty/Articles/raw/master/GIMP%20History/240.png) + +New features: + +- better drag’n’drop support +- Ti-Fu was replaced to Script-Fu – the new script interpreter +- new plugins: photocopy, softglow, neon, cartoon, dog, glob and others + +### GIMP 2.6, 2008 ### + +New features: + +- renew graphics interface +- new select and tool +- GEGL (GEneric Graphics Library) integration +- “The Utility Window Hint” for MDI behavior + +### GIMP 2.8, 2012 ### + +![](https://github.com/paulcarroty/Articles/raw/master/GIMP%20History/280.png) + +New features: + +- GUI has some visual changes +- new save and export menu +- renew text editor +- layers group support +- JPEG2000 and export to PDF support +- webpage screenshot tool + +-------------------------------------------------------------------------------- + +via: https://tlhp.cf/20-years-of-gimp-evolution/ + +作者:[Pavlo Rudyi][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://tlhp.cf/author/paul/ +[1]:https://gimp.org/ +[2]:http://www.gnu.org/ \ No newline at end of file diff --git a/sources/talk/20151126 Linux Foundation Explains a 'World without Linux' and Open Source.md b/sources/talk/20151126 Linux Foundation Explains a 'World without Linux' and Open Source.md new file mode 100644 index 0000000000..90f8b22e32 --- /dev/null +++ b/sources/talk/20151126 Linux Foundation Explains a 'World without Linux' and Open Source.md @@ -0,0 +1,51 @@ +Linux Foundation Explains a "World without Linux" and Open Source +================================================================================ +> The Linux Foundation responds to questions about its "World without Linux" movies, including what the Internet would be like without Linux and other open source software. + +![](http://thevarguy.com/site-files/thevarguy.com/files/imagecache/medium_img/uploads/2015/11/hey_22.png) + +Would the world really be tremendously different if Linux, the open source operating system kernel, did not exist? Would there be no Internet or movies? Those are the questions some viewers of the [Linux Foundation's][1] ongoing "[World without Linux][2]" video series are asking. Here are some answers. + +In case you've missed it, the "World without Linux" series is a collection of quirky short films that depict, well, a world without Linux (and open source software more generally). They have emphasized themes like [Linux's role in movie-making][3] and in [serving the Internet][4]. + +To offer perspective on the series's claims, direction and hidden symbols, Jennifer Cloer, vice president of communications at The Linux Foundation, recently sent The VAR Guy responses to some common queries about the movies. Below are the answers, in her own words. + +### The latest episode takes Sam and Annie to the movies. Would today's graphics really be that much different without Linux? ### + +In episode #4, we do a bit of a parody on "Avatar." Love it or hate it, the graphics in the real "Avatar" are pretty impressive. In a world without Linux, the graphics would be horrible but we wouldn't even know it because we wouldn't know any better. But in fact, "Avatar" was created using Linux. Weta Digital used one of the world's largest Linux clusters to render the film and do 3D modeling. It's also been reported that "Lord of the Rings," "Fantastic Four" and "King Kong," among others, have used Linux. We hope this episode can bring attention to that work, which hasn't been widely reported. + +### Some people criticized the original episode for concluding there would be no Internet without Linux. What's your reaction? ### + +We enjoyed the debate that resulted from the debut episode. With more than 100,000 views to date of that episode alone, it brought awareness to the role that Linux plays in society and to the worldwide community of contributors and supporters. Of course the Internet would exist without Linux but it wouldn't be the Internet we know today and it wouldn't have matured at the pace it has. Each episode makes a bold and fun statement about Linux's role in our every day lives. We hope this can help extend the story of Linux to more people around the world. + +### Why is Sam and Annie's cat named String? ### + +Nothing in the series is a coincidence. Look closely and you'll find all kinds of inside Linux and geek jokes. String is named after String theory and was named by our Linux.com Editor Libby Clark. In physics, string theory is a theoretical framework in which the point-like particles of particle physics are replaced by one-dimensional objects called strings. String theory describes how these strings propagate through space and interact with each other. Kind of like Sam, Annie and String in a World Without Linux. + +### What can we expect from the next two episodes and, in particular, the finale? When will it air? ### + +In episode #5, we'll go to space and experience what a world without Linux would mean to exploration. It's a wild ride. In the finale, we finally get to see Linus in a world without Linux. There have been clues throughout the series as to what this finale will include but I can't give more than that away since there are ongoing contests to find the clues. And I can't give away the air date for the finale! You'll have to follow #WorldWithoutLinux to learn more. + +### Can you give us a hint on the clues in episode #4? ### + +There is another reference to the Free Burger Restaurant in this episode. Linux also actually does appear in this world without Linux but in a very covert way; you could say it's like reading Linux in another language. And, of course, just for fun, String makes another appearance. + +### Is the series achieving what you hoped? ### + +Yes. We're really happy to see people share and engage with these stories. We hope that it's reaching people who might not otherwise know the story of Linux or understand its pervasiveness in the world today. It's really about surfacing this to a broader audience and giving thanks to the worldwide community of developers and companies that support Linux and all the things it makes possible. + +-------------------------------------------------------------------------------- + +via: http://thevarguy.com/open-source-application-software-companies/linux-foundation-explains-world-without-linux-and-open-so + +作者:[Christopher Tozzi][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://thevarguy.com/author/christopher-tozzi +[1]:http://linuxfoundation.org/ +[2]:http://www.linuxfoundation.org/world-without-linux +[3]:http://thevarguy.com/open-source-application-software-companies/new-linux-foundation-video-highlights-role-open-source-3d +[4]:http://thevarguy.com/open-source-application-software-companies/100715/would-internet-exist-without-linux-yes-without-open-sourc \ No newline at end of file diff --git a/sources/talk/20151126 Microsoft and Linux--True Romance or Toxic Love.md b/sources/talk/20151126 Microsoft and Linux--True Romance or Toxic Love.md new file mode 100644 index 0000000000..92705b4b5c --- /dev/null +++ b/sources/talk/20151126 Microsoft and Linux--True Romance or Toxic Love.md @@ -0,0 +1,77 @@ +Microsoft and Linux: True Romance or Toxic Love? +================================================================================ +Every now and then, you come across a news story that makes you choke on your coffee or splutter hot latte all over your monitor. Microsoft's recent proclamations of love for Linux is an outstanding example of such a story. + +Common sense says that Microsoft and the FOSS movement should be perpetual enemies. In the eyes of many, Microsoft embodies most of the greedy excesses that the Free Software movement rejects. In addition, Microsoft previously has labeled Linux as a cancer and the FOSS community as a "pack of thieves". + +We can understand why Microsoft has been afraid of a free operating system. When combined with open-source applications that challenge Microsoft's core line, it threatens Microsoft's grip on the desktop/laptop market. + +In spite of Microsoft's fears over its desktop dominance, the Web server marketplace is one arena where Linux has had the greatest impact. Today, the majority of Web servers are Linux boxes. This includes most of the world's busiest sites. The sight of so much unclaimed licensing revenue must be painful indeed for Microsoft. + +Handheld devices are another realm where Microsoft has lost ground to free software. At one point, its Windows CE and Pocket PC operating systems were at the forefront of mobile computing. Windows-powered PDA devices were the shiniest and flashiest gadgets around. But, that all ended when Apple released its iPhone. Since then, Android has stepped into the limelight, with Windows Mobile largely ignored and forgotten. The Android platform is built on free and open-source components. + +The rapid expansion in Android's market share is due to the open nature of the platform. Unlike with iOS, any phone manufacturer can release an Android handset. And, unlike with Windows Mobile, there are no licensing fees. This has been really good news for consumers. It has led to lots of powerful and cheap handsets appearing from manufacturers all over the world. It's a very definite vindication of the value of FOSS software. + +Losing the battle for the Web and mobile computing is a brutal loss for Microsoft. When you consider the size of those two markets combined, the desktop market seems like a stagnant backwater. Nobody likes to lose, especially when money is on the line. And, Microsoft does have a lot to lose. You would expect Microsoft to be bitter about it. And in the past, it has been. + +Microsoft has fought back against Linux and FOSS using every weapon at its disposal, from propaganda to patent threats, and although these attacks have slowed the adoption of Linux, they haven't stopped it. + +So, you can forgive us for being shocked when Microsoft starts handing out t-shirts and badges that say "Microsoft Loves Linux" at open-source conferences and events. Could it be true? Does Microsoft really love Linux? + +Of course, PR slogans and free t-shirts do not equal truth. Actions speak louder than words. And when you consider Microsoft's actions, Microsoft's stance becomes a little more ambiguous. + +On the one hand, Microsoft is recruiting hundreds of Linux developers and sysadmins. It's releasing its .NET Core framework as an open-source project with cross-platform support (so that .NET apps can run on OS X and Linux). And, it is partnering with Linux companies to bring popular distros to its Azure platform. In fact, Microsoft even has gone so far as to create its own Linux distro for its Azure data center. + +On the other hand, Microsoft continues to launch legal attacks on open-source projects directly and through puppet corporations. It's clear that Microsoft hasn't had some big moral change of heart over proprietary vs. free software, so why the public declarations of adoration? + +To state the obvious, Microsoft is a profit-making entity. It's an investment vehicle for its shareholders and a source of income for its employees. Everything it does has a single ultimate goal: revenue. Microsoft doesn't act out of love or even hate (although that's a common accusation). + +So the question shouldn't be "does Microsoft really love Linux?" Instead, we should ask how Microsoft is going to profit from all this. + +Let's take the open-source release of .NET Core. This move makes it easy to port the .NET runtime to any platform. That extends the reach of Microsoft's .NET framework far beyond the Windows platform. + +Opening .NET Core ultimately will make it possible for .NET developers to produce cross-platform apps for OS X, Linux, iOS and even Android--all from a single codebase. + +From a developer's perspective, this makes the .NET framework much more attractive than before. Being able to reach many platforms from a single codebase dramatically increases the potential target market for any app developed using the .NET framework. + +What's more, a strong Open Source community would provide developers with lots of code to reuse in their own projects. So, the availability of open-source projects would make the .NET framework. + +On the plus side, opening .NET Core reduces fragmentation across different platforms and means a wider choice of apps for consumers. That means more choice, both in terms of open-source software and proprietary apps. + +From Microsoft's point of view, it would gain a huge army of developers. Microsoft profits by selling training, certification, technical support, development tools (including Visual Studio) and proprietary extensions. + +The question we should ask ourselves is does this benefit or hurt the Free Software community? + +Widespread adoption of the .NET framework could mean the eventual death of competing open-source projects, forcing us all to dance to Microsoft's tune. + +Moving beyond .NET, Microsoft is drawing a lot of attention to its Linux support on its Azure cloud computing platform. Remember, Azure originally was Windows Azure. That's because Windows Server was the only supported operating system. Today, Azure offers support for a number of Linux distros too. + +There's one reason for this: paying customers who need and want Linux services. If Microsoft didn't offer Linux virtual machines, those customers would do business with someone else. + +It looks like Microsoft is waking up to the fact that Linux is here to stay. Microsoft cannot feasibly wipe it out, so it has to embrace it. + +This brings us back to the question of why there is so much buzz about Microsoft and Linux. We're all talking about it, because Microsoft wants us to think about it. After all, all these stories trace back to Microsoft, whether it's through press releases, blog posts or public announcements at conferences. The company is working hard to draw attention to its Linux expertise. + +What other possible purpose could be behind Chief Architect Kamala Subramaniam's blog post announcing Azure Cloud Switch? ACS is a custom Linux distro that Microsoft uses to automate the configuration of its switch hardware in the Azure data centers. + +ACS is not publicly available. It's intended for internal use in the Azure data center, and it's unlikely that anyone else would be able to find a use for it. In fact, Subramaniam states the same thing herself in her post. + +So, Microsoft won't be making any money from selling ACS, and it won't attract a user base by giving it away. Instead, Microsoft gets to draw attention to Linux and Azure, strengthening its position as a Linux cloud computing platform. + +Is Microsoft's new-found love for Linux good news for the community? + +We shouldn't be slow to forget Microsoft's mantra of Embrace, Extend and Exterminate. Right now, Microsoft is very much in the early stages of embracing Linux. Will Microsoft seek to splinter the community through custom extensions and proprietary "standards"? + +Let us know what you think in the comments below. + +-------------------------------------------------------------------------------- + +via: http://www.linuxjournal.com/content/microsoft-and-linux-true-romance-or-toxic-love-0 + +作者:[James Darvell][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.linuxjournal.com/users/james-darvell \ No newline at end of file diff --git a/sources/talk/20151201 Cinnamon 2.8 Review.md b/sources/talk/20151201 Cinnamon 2.8 Review.md new file mode 100644 index 0000000000..0c44eba14f --- /dev/null +++ b/sources/talk/20151201 Cinnamon 2.8 Review.md @@ -0,0 +1,87 @@ +Cinnamon 2.8 Review +================================================================================ +![](https://www.maketecheasier.com/assets/uploads/2015/11/cinnamon-2-8-featured.jpg) + +Other than Gnome and KDE, Cinnamon is another desktop environment that is used by many people. It is made by the same team that produces Linux Mint (and ships with Linux Mint) and can also be installed on several other distributions. The latest version of this DE – Cinnamon 2.8 – was released earlier this month, and it brings a host of bug fixes and improvements as well as some new features. + +I’m going to go over the major improvements made in this release as well as how to update to Cinnamon 2.8 or install it for the first time. + +### Improvements to Applets ### + +There are several improvements to already existing applets for the panel. + +#### Sound Applet #### + +![cinnamon-28-sound-applet](https://www.maketecheasier.com/assets/uploads/2015/11/rsz_cinnamon-28-sound-applet.jpg) + +The Sound applet was revamped and now displays track information as well as the media controls on top of the cover art of the audio file. For music players with seeking support (such as Banshee), a progress bar will be displayed in the same region which you can use to change the position of the audio track. Right-clicking on the applet in the panel will display the options to mute input and output devices. + +#### Power Applet #### + +The Power applet now displays the status of each of the connected batteries and devices using the manufacturer’s data instead of generic names. + +#### Window Thumbnails #### + +![cinnamon-2.8-window-thumbnails](https://www.maketecheasier.com/assets/uploads/2015/11/cinnamon-2.8-window-thumbnails.png) + +Cinnamon 2.8 brings the option to show window thumbnails when hovering over the window list in the panel. You can turn it off if you don’t like it, though. + +#### Workspace Switcher Applet #### + +![cinnamon-2.8-workspace-switcher](https://www.maketecheasier.com/assets/uploads/2015/11/cinnamon-2.8-workspace-switcher.png) + +Adding the Workspace switcher applet to your panel will show you a visual representation of your workspaces with little rectangles embedded inside to show the position of your windows. + +#### System Tray #### + +Cinnamon 2.8 brings support for app indicators in the system tray. You can easily disable this in the settings which will force affected apps to fall back to using status icons instead. + +### Visual Improvements ### + +A host of visual improvements were made in Cinnamon 2.8. The classic and preview Alt + Tab switchers were polished with noticeable improvements, while the Alt + F2 dialog received bug fixes and better auto completion for commands. + +Also, the issue with the traditional animation effect for minimizing windows is now sorted and works with multiple panels. + +### Nemo Improvements ### + +![cinnamon-2.8-nemo](https://www.maketecheasier.com/assets/uploads/2015/11/rsz_cinnamon-28-nemo.jpg) + +The default file manager for Cinnamon also received several bug fixes and has a new “Quick-rename” feature for renaming files and directories. This works by clicking the file or directory twice with a short pause in between to rename the files. + +Nemo also detects issues with thumbnails automatically and prompts you to quickly fix them. + +### Other Notable improvements ### + +- Applets now reload themselves automatically once they are updated. +- Support for multiple monitors was improved significantly. +- Dialog windows have been improved and now attach themselves to their parent windows. +- HiDPI dectection has been improved. +- QT5 applications now look more native and use the default GTK theme. +- Window management and rendering performance has been improved. +- There are various bugfixes. + +### How to Get Cinnamon 2.8 ### + +If you’re running Linux Mint you will get Cinnamon 2.8 as part of the upgrade to Linux Mint 17.3 “Rosa” Cinnamon Edition. The BETA release is already out, so you can grab that if you’d like to get your hands on the new software immediately. + +For Arch users, Cinnamon 2.8 is already in the official Arch repositories, so you can just update your packages and do a system-wide upgrade to get the latest version. + +Finally, for Ubuntu users, you can install or upgrade to Cinnamon 2.8 by running in turn the following commands: + + sudo add-apt-repository -y ppa:moorkai/cinnamon + sudo apt-get update + sudo apt-get install cinnamon + +Have you tried Cinnamon 2.8? What do you think of it? + +-------------------------------------------------------------------------------- + +via: https://www.maketecheasier.com/cinnamon-2-8-review/ + +作者:[Ayo Isaiah][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.maketecheasier.com/author/ayoisaiah/ \ No newline at end of file diff --git a/sources/talk/20151202 KDE vs GNOME vs XFCE Desktop.md b/sources/talk/20151202 KDE vs GNOME vs XFCE Desktop.md new file mode 100644 index 0000000000..5cfbc31ace --- /dev/null +++ b/sources/talk/20151202 KDE vs GNOME vs XFCE Desktop.md @@ -0,0 +1,53 @@ +KDE vs GNOME vs XFCE Desktop +================================================================================ +![](http://1426826955.rsc.cdn77.org/wp-content/uploads/2013/07/300px-Xfce_logo.svg_.png) + +Over many years, many people spent a long time with Linux desktop using either KDE or GNOME. These two environments have grown through the previous years and each of these desktops continued to expand their current user-base. For example, sleeper desktop environment has been XFCE as XFCE offers more robustness than LXDE that lacks much of XFCE’s polish in the default configuration. The XFCE provides all benefits which users enjoyed in the GNOME 2, but with some lightweight experiences which made it a hit on the older computers. + +### The Desktop Theming ### + +After the user has fresh installation, the XFCE will be a bit boring, which lacks some certain visual attractiveness to it. So, don’t misunderstand my words here, the XFCE is still having nice looking desktop, but it may be like vanilla in users’ eyes as well as most people who are new to the XFCE desktop environment. The good news here is that while installing new theme to the XFCE, it is a reasonably easy process as you can easily find the right XFCE theme which appeals to you, after that, you can extract that theme to the proper directory. From this point, the XFCE comes with an important tool located under the Appearance for helping the user to select the chosen theme easily throughout the Graphical User Interface (GUID). There’re no other tools that might be required here, and if the user follows the above directions, it will be a bit simple for everyone who is caring to have a try. + +On the GNOME desktop, the user should follow the similar above approach. The main key difference for this point is that users have to download and then install GNOME Tweak Tool before proceeding with anything. It does not have any huge barriers under any means, but it is simple valid oversight when the user consider that the XFCE does not require any tweak tool in order for installing and activating the new desktop themes. By being under the GNOME, and especially after installing that Tweak tool which is mentioned above, you will need to go ahead and also to make sure that you have the extension of User Themes installed. + +The same as with the XFCE, the user will want to search for, and then download the theme which most appeals personally to him. Then, user can revisit to the GNOME Tweak tool, and click on the Appearance option on left side of that Tweak tool. Then, the user can simply look at the bottom of the page and click on file browse button to right of the Shell Theme. User then can browse to the zipped folder, and click open. In case if this process was successfully done, the user will see an alert that tell him that it was installed without any problems. From this point, user can simply use the pull down menu in order for selecting the theme he wants to use. The same as with the XFCE, process of theme activation is very easy, however, a need to download the non-included application for using a new theme will leave much to be desired. + +Finally, there is the process of the KDE desktop theming. The same as with XFCE, there is no need at all to install any extra tools for making it work. This is one area where there is a feeling that the XFCE has to make the KDE the winner. Not only the installing themes in the KDE is accomplished entirely within the Graphical User Interface, but it’s also even possible to click on (Get New Themes) button and user will be able to locate, view, and also install the new themes automatically. + +However, it should be noted that the KDE is a bit more robust desktop environment comparing to the XFCE. Therefore, it is a bit reasonable now to see why such extra functionalities could be missing from the desktops which are mainly designed to be minimalist. So, we all have to give the KDE props for such outstanding functionality. + +### MATE is not Lightweight Desktop ### + +Before continuing with the comparison between the XFCE, the GNOME 3 and the KDE, it should be clear for experts that we can’t touch the MATE desktop as an option in the comparison. MATE can be considered as the GNOME 2 desktop’s next incarnation, but it’s not mainly marketed to be a lightweight or fast desktop. But instead of that, its primary goal is to be more traditional and comfortable desktop environment where the users can feel right at their home to use it. + +On the other hand, the XFCE comes with a completely other goal set. The XFCE offers its users a more lightweight and yet still visually appealing desktop experience. Then, for everyone who points out that MATE is a lightweight desktop too, it isn’t really targeting that lightweight desktop crowd. Both options may be dressed up for looking quite attractive with the proper theme installed. + +### The Navigation of Desktop ### + +The XFCE honestly offers an obvious navigation which is out of the box. Anyone who is used to the traditional Windows or the GNOME 2/MATE desktop experience will be going to have the ability to navigate around the new XFCE installation without any kind of help. Straight away, adding the applets to panel is still very obvious. The same as with locating installed applications, just use the launcher and simply click on any desired application. With an exception of LXDE and MATE, there is no other desktop that can make the navigation that simple. What can be even better is that fact which the control panel is very easy to use, that is a really big benefit to everyone who is new to the desktop environment. If the user prefer older methods to use his desktop, then GNOME is not an option. With the hot corners as well as the no minimize button, plus the other application layout method, it’ll take the most newcomers getting easily used to it. + +If the user is coming from, as an example, Windows environment, then he is going to be put off by the inability to add applets to the top of his workspace simply with just a mere right-click. Just instead of this, it can be handled by using extensions. Installing extensions in the GNOME is granted and is a brain-dead easy, based on the easy to use (on/off) toggle switches located on the extensions page of the GNOME. Users have to know, sadly, to actually visit that page to enjoy this functionality. + +On the other side, the GNOME is sharing its desire for providing a straight forward and an easy to use control panel, which many of you may think that it is not be a big deal, but it is really something that I by myself find commendable and worth to be mentioned. The KDE offers its users a bit more traditional desktop experience, throughout familiar launchers as well as the ability for getting to the software in more familiar way if they are coming from Windows desktop. The process of adding widgets or applets to the KDE desktop is an easy matter of just right-clicking on the bottom of the desktop. Only the problem with the KDE’s approach is to be that, as many things KDE, the feature which users are actually looking for are hidden. The KDE users might berate my opinion for this, but I still stand by my statement. + +In order for adding a Widget, just right-click on “my panel”, just to see the panel options, but not as an immediate method to install Widgets. You will not actually see the Add Widgets until you select the Panel Options, then the Add Widgets. This not a big deal to me, but later for some users, it becomes unnecessary tidbit of confusion. To make things here more convoluted, after the users manage to locate Widgets area they discover later a brand new term called “Activities”. It is in the same area as the Widgets, yet it is somehow in its own area as to what it does. + +Now don’t misunderstand me, the Activities feature in the KDE is totally great and actually valued. But to look at it from the usability standpoint, I think that it would be better suited in another menu option in order to not confuse the newbies. User is welcome to differ, but to test this with newbies for some extended periods of time can prove the correct over and over again. The rant against the Activities placement aside, the KDE approach to add new widgets is really great. The same as with the KDE themes, user can’t browse through and install the Widgets automatically via using the provided Graphical User Interface. It is a bit fantastic of functionality, and also it could be celebrated such way. The control panel of the KDE is not as easy as the user might like it to be, yet it is a bit clear that this’s something that they are still working on. + +### So, the XFCE is the best desktop, right? ### + +I, by myself, actually run GNOME, KDE, and XFCE on my computers in my office and home. I also have some older machines with OpenBox and LXDE too. Each desktop experience can offer something that is a bit useful to me and may help me to use each machine as I see that it is fit. For me, I have a soft spot in my heart for the XFCE as it is one of the desktop environments which I stuck with for years. But in this article, I’m just writing it on my daily use computer which is in fact, GNOME. + +The main idea here is that I still feel that the XFCE provides a bit better user experience for users who are looking for stable, traditional, and easy to understand desktop environment. You are also welcome to share with us your opinion in the comments section. + +-------------------------------------------------------------------------------- + +via: http://www.unixmen.com/kde-vs-gnome-vs-xfce-desktop/ + +作者:[M.el Khamlichi][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.unixmen.com/author/pirat9/ \ No newline at end of file diff --git a/sources/tech/20150410 How to Install and Configure Multihomed ISC DHCP Server on Debian Linux.md b/sources/tech/20150410 How to Install and Configure Multihomed ISC DHCP Server on Debian Linux.md deleted file mode 100644 index 2a8bdb2fbd..0000000000 --- a/sources/tech/20150410 How to Install and Configure Multihomed ISC DHCP Server on Debian Linux.md +++ /dev/null @@ -1,159 +0,0 @@ -How to Install and Configure Multihomed ISC DHCP Server on Debian Linux -================================================================================ -Dynamic Host Control Protocol (DHCP) offers an expedited method for network administrators to provide network layer addressing to hosts on a constantly changing, or dynamic, network. One of the most common server utilities to offer DHCP functionality is ISC DHCP Server. The goal of this service is to provide hosts with the necessary network information to be able to communicate on the networks in which the host is connected. Information that is typically served by this service can include: DNS server information, network address (IP), subnet mask, default gateway information, hostname, and much more. - -This tutorial will cover ISC-DHCP-Server version 4.2.4 on a Debian 7.7 server that will manage multiple virtual local area networks (VLAN) but can very easily be applied to a single network setup as well. - -The test network that this server was setup on has traditionally relied on a Cisco router to manage the DHCP address leases. The network currently has 12 VLANs needing to be managed by one centralized server. By moving this responsibility to a dedicated server, the router can regain resources for more important tasks such as routing, access control lists, traffic inspection, and network address translation. - -The other benefit to moving DHCP to a dedicated server will, in a later guide, involve setting up Dynamic Domain Name Service (DDNS) so that new host’s host-names will be added to the DNS system when the host requests a DHCP address from the server. - -### Step 1: Installing and Configuring ISC DHCP Server ### - -1. To start the process of creating this multi-homed server, the ISC software needs to be installed via the Debian repositories using the ‘apt‘ utility. As with all tutorials, root or sudo access is assumed. Please make the appropriate modifications to the following commands. - - # apt-get install isc-dhcp-server [Installs the ISC DHCP Server software] - # dpkg --get-selections isc-dhcp-server [Confirms successful installation] - # dpkg -s isc-dhcp-server [Alternative confirmation of installation] - -![Install ISC DHCP Server in Debian](http://www.tecmint.com/wp-content/uploads/2015/04/Install-ISC-DHCP-Server.jpg) - -2. Now that the server software is confirmed installed, it is now necessary to configure the server with the network information that it will need to hand out. At the bare minimum, the administrator needs to know the following information for a basic DHCP scope: - -- The network addresses -- The subnet masks -- The range of addresses to be dynamically assigned - -Other useful information to have the server dynamically assign includes: - -- Default gateway -- DNS server IP addresses -- The Domain Name -- Host name -- Network Broadcast addresses - -These are merely a few of the many options that the ISC DHCP server can handle. To get a complete list as well as a description of each option, enter the following command after installing the package: - - # man dhcpd.conf - -3. Once the administrator has concluded all the necessary information for this server to hand out it is time to configure the DHCP server as well as the necessary pools. Before creating any pools or server configurations though, the DHCP service must be configured to listen on one of the server’s interfaces. - -On this particular server, a NIC team has been setup and DHCP will listen on the teamed interfaces which were given the name `'bond0'`. Be sure to make the appropriate changes given the server and environment in which everything is being configured. The defaults in this file are okay for this tutorial. - -![Configure ISC DHCP Network](http://www.tecmint.com/wp-content/uploads/2015/04/Configure-ISC-DHCP-Network.jpg) - -This line will instruct the DHCP service to listen for DHCP traffic on the specified interface(s). At this point, it is time to modify the main configuration file to enable the DHCP pools on the necessary networks. The main configuration file is located at /etc/dhcp/dhcpd.conf. Open the file with a text editor to begin: - - # nano /etc/dhcp/dhcpd.conf - -This file is the configuration for the DHCP server specific options as well as all of the pools/hosts one wishes to configure. The top of the file starts of with a ‘ddns-update-style‘ clause and for this tutorial it will remain set to ‘none‘ however in a future article, Dynamic DNS will be covered and ISC-DHCP-Server will be integrated with BIND9 to enable host name to IP address updates. - -4. The next section is typically the area where and administrator can configure global network settings such as the DNS domain name, default lease time for IP addresses, subnet-masks, and much more. Again to know more about all the options be sure to read the man page for the dhcpd.conf file. - - # man dhcpd.conf - -For this server install, there were a couple of global network options that were configured at the top of the configuration file so that they wouldn’t have to be implemented in every single pool created. - -![Configure ISC DDNS](http://www.tecmint.com/wp-content/uploads/2015/04/Configure-ISC-DDNS.png) - -Lets take a moment to explain some of these options. While they are configured globally in this example, all of them can be configured on a per pool basis as well. - -- option domain-name “comptech.local”; – All hosts that this DHCP server hosts, will be a member of the DNS domain name “comptech.local” -- option domain-name-servers 172.27.10.6; DHCP will hand out DNS server IP of 172.27.10.6 to all of the hosts on all of the networks it is configured to host. -- option subnet-mask 255.255.255.0; – The subnet mask handed out to every network will be a 255.255.255.0 or a /24 -- default-lease-time 3600; – This is the time in seconds that a lease will automatically be valid. The host can re-request the same lease if time runs out or if the host is done with the lease, they can hand the address back early. -- max-lease-time 86400; – This is the maximum amount of time in seconds a lease can be held by a host. -- ping-check true; – This is an extra test to ensure that the address the server wants to assign out isn’t in use by another host on the network already. -- ping-timeout; – This is how long in second the server will wait for a response to a ping before assuming the address isn’t in use. -- ignore client-updates; For now this option is irrelevant since DDNS has been disabled earlier in the configuration file but when DDNS is operating, this option will ignore a hosts to request to update its host-name in DNS. - -5. The next line in this file is the authoritative DHCP server line. This line means that if this server is to be the server that hands out addresses for the networks configured in this file, then uncomment the authoritative stanza. - -This server will be the only authority on all the networks it manages so the global authoritative stanza was un-commented by removing the ‘#’ in front of the keyword authoritative. - -![Enable ISC Authoritative](http://www.tecmint.com/wp-content/uploads/2015/04/ISC-authoritative.png) -Enable ISC Authoritative - -By default the server is assumed to NOT be an authority on the network. The rationale behind this is security. If someone unknowingly configures the DHCP server improperly or on a network they shouldn’t, it could cause serious connectivity issues. This line can also be used on a per network basis. This means that if the server is not the entire network’s DHCP server, the authoritative line can instead be used on a per network basis rather than in the global configuration as seen in the above screen-shot. - -6. The next step is to configure all of the DHCP pools/networks that this server will manage. For brevities sake, this guide will only walk through one of the pools configured. The administrator will need to have gathered all of the necessary network information (ie domain name, network addresses, how many addresses can be handed out, etc). - -For this pool the following information was obtained from the network administrator: network id of 172.27.60.0, subnet mask of 255.255.255.0 or a /24, the default gateway for the subnet is 172.27.60.1, and a broadcast address of 172.27.60.255. -This information is important to building the appropriate network stanza in the dhcpd.conf file. Without further ado, let’s open the configuration file again using a text editor and then add the new network to the server. This must be done with root/sudo! - - # nano /etc/dhcp/dhcpd.conf - -![Configure DHCP Pools and Networks](http://www.tecmint.com/wp-content/uploads/2015/04/ISC-network.png) -Configure DHCP Pools and Networks - -This is the sample created to hand out IP addresses to a network that is used for the creation of VMWare virtual practice servers. The first line indicates the network as well as the subnet mask for that network. Then inside the brackets are all the options that the DHCP server should provide to hosts on this network. - -The first stanza, range 172.27.60.50 172.27.60.254;, is the range of dynamically assignable addresses that the DHCP server can hand out to hosts on this network. Notice that the first 49 addresses aren’t in the pool and can be assigned statically to hosts if needed. - -The second stanza, option routers 172.27.60.1; , hands out the default gateway address for all hosts on this network. - -The last stanza, option broadcast-address 172.27.60.255;, indicates what the network’s broadcast address. This address SHOULD NOT be a part of the range stanza as the broadcast address can’t be assigned to a host. - -Some pointers, be sure to always end the option lines with a semi-colon (;) and always make sure each network created is enclosed in curly braces { }. - -7. If there are more networks to create, continue creating them with their appropriate options and then save the text file. Once all configurations have been completed, the ISC-DHCP-Server process will need to be restarted in order to apply the new changes. This can be accomplished with the following command: - - # service isc-dhcp-server restart - -This will restart the DHCP service and then the administrator can check to see if the server is ready for DHCP requests several different ways. The easiest is to simply see if the server is listening on port 67 via the [lsof command][1]: - - # lsof -i :67 - -![Check DHCP Listening Port](http://www.tecmint.com/wp-content/uploads/2015/04/lsof.png) -Check DHCP Listening Port - -This output indicates that the DHCPD (DHCP Server daemon) is running and listening on port 67. Port 67 in this output was actually converted to ‘bootps‘ due to a port number mapping for port 67 in /etc/services file. - -This is very common on most systems. At this point, the server should be ready for network connectivity and can be confirmed by connecting a machine to the network and having it request a DHCP address from the server. - -### Step 2: Testing Client Connectivity ### - -8. Most systems now-a-days are using Network Manager to maintain network connections and as such the device should be pre-configured to pull DHCP when the interface is active. - -However on machines that aren’t using Network Manager, it may be necessary to manually attempt to pull a DHCP address. The next few steps will show how to do this as well as how to see whether the server is handing out addresses. - -The ‘[ifconfig][2]‘ utility can be used to check an interface’s configuration. The machine used to test the DHCP server only has one network adapter and it is called ‘eth0‘. - - # ifconfig eth0 - -![Check Network Interface IP Address](http://www.tecmint.com/wp-content/uploads/2015/04/No-ip.png) -Check Network Interface IP Address - -From this output, this machine currently doesn’t have an IPv4 address, great! Let’s instruct this machine to reach out to the DHCP server and request an address. This machine has the DHCP client utility known as ‘dhclient‘ installed. The DHCP client utility may very from system to system. - - # dhclient eth0 - -![Request IP Address from DHCP](http://www.tecmint.com/wp-content/uploads/2015/04/IP.png) -Request IP Address from DHCP - -Now the `'inet addr:'` field shows an IPv4 address that falls within the scope of what was configured for the 172.27.60.0 network. Also notice that the proper broadcast address was handed out as well as subnet mask for this network. - -Things are looking promising but let’s check the server to see if it was actually the place where this machine received this new IP address. To accomplish this task, the server’s system log file will be consulted. While the entire log file may contain hundreds of thousands of entries, only a few are necessary for confirming that the server is working properly. Rather than using a full text editor, this time a utility known as ‘tail‘ will be used to only show the last few lines of the log file. - - # tail /var/log/syslog - -![Check DHCP Logs](http://www.tecmint.com/wp-content/uploads/2015/04/DHCP-Log.png) -Check DHCP Logs - -Voila! The server recorded handing out an address to this host (HRTDEBXENSRV). It is a safe assumption at this point that the server is working as intended and handing out the appropriate addresses for the networks that it is an authority. At this point the DHCP server is up and running. Configure the other networks, troubleshoot, and secure as necessary. - -Enjoy the newly functioning ISC-DHCP-Server and tune in later for more Debian tutorials. In the not too distant future there will be an article on Bind9 and DDNS that will tie into this article. - --------------------------------------------------------------------------------- - -via: http://www.tecmint.com/install-and-configure-multihomed-isc-dhcp-server-on-debian-linux/ - -作者:[Rob Turner][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 - -[a]:http://www.tecmint.com/author/robturner/ -[1]:http://www.tecmint.com/10-lsof-command-examples-in-linux/ -[2]:http://www.tecmint.com/ifconfig-command-examples/ \ No newline at end of file diff --git a/sources/tech/20150806 Installation Guide for Puppet on Ubuntu 15.04.md b/sources/tech/20150806 Installation Guide for Puppet on Ubuntu 15.04.md index 501cb4a8dc..59a243f0e5 100644 --- a/sources/tech/20150806 Installation Guide for Puppet on Ubuntu 15.04.md +++ b/sources/tech/20150806 Installation Guide for Puppet on Ubuntu 15.04.md @@ -1,4 +1,4 @@ -Translating by ZTinoZ +Translating by ivowang Installation Guide for Puppet on Ubuntu 15.04 ================================================================================ Hi everyone, today in this article we'll learn how to install puppet to manage your server infrastructure running ubuntu 15.04. Puppet is an open source software configuration management tool which is developed and maintained by Puppet Labs that allows us to automate the provisioning, configuration and management of a server infrastructure. Whether we're managing just a few servers or thousands of physical and virtual machines to orchestration and reporting, puppet automates tasks that system administrators often do manually which frees up time and mental space so sysadmins can work on improving other aspects of your overall setup. It ensures consistency, reliability and stability of the automated jobs processed. It facilitates closer collaboration between sysadmins and developers, enabling more efficient delivery of cleaner, better-designed code. Puppet is available in two solutions configuration management and data center automation. They are **puppet open source and puppet enterprise**. Puppet open source is a flexible, customizable solution available under the Apache 2.0 license, designed to help system administrators automate the many repetitive tasks they regularly perform. Whereas puppet enterprise edition is a proven commercial solution for diverse enterprise IT environments which lets us get all the benefits of open source puppet, plus puppet apps, commercial-only enhancements, supported modules and integrations, and the assurance of a fully supported platform. Puppet uses SSL certificates to authenticate communication between master and agent nodes. diff --git a/sources/tech/20150824 How to Setup Zephyr Test Management Tool on CentOS 7.x.md b/sources/tech/20150824 How to Setup Zephyr Test Management Tool on CentOS 7.x.md deleted file mode 100644 index b4014bb009..0000000000 --- a/sources/tech/20150824 How to Setup Zephyr Test Management Tool on CentOS 7.x.md +++ /dev/null @@ -1,233 +0,0 @@ -How to Setup Zephyr Test Management Tool on CentOS 7.x -================================================================================ -Test Management encompasses anything and everything that you need to do as testers. Test management tools are used to store information on how testing is to be done, plan testing activities and report the status of quality assurance activities. So in this article we will illustrate you about the setup of Zephyr test management tool that includes everything needed to manage the test process can save testers hassle of installing separate applications that are necessary for the testing process. Once you have done with its setup you will be able to track bugs, defects and allows the project tasks for collaboration with your team as you can easily share and access the data across multiple project teams for communication and collaboration throughout the testing process. - -### Requirements for Zephyr ### - -We are going to install and run Zephyr under the following set of its minimum resources. Resources can be enhanced as per your infrastructure requirements. We will be installing Zephyr on the CentOS-7 64-bit while its binary distributions are available for almost all Linux operating systems. - -注:表格 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Zephyr test management tool
Linux OSCentOS Linux 7 (Core), 64-bit
PackagesJDK 7 or above ,  Oracle JDK 6 updateNo Prior Tomcat, MySQL installed
RAM4 GBPreferred 8 GB
CPU2.0 GHZ or Higher
Hard Disk30 GB , Atleast 5GB must be free
- -You must have super user (root) access to perform the installation process for Zephyr and make sure that you have properly configured yout network with static IP address and its default set of ports must be available and allowed in the firewall where as the Port 80/443, 8005, 8009, 8010 will used by tomcat and Port 443 or 2099 will used within Zephyr by flex for the RTMP protocol. - -### Install Java JDK 7 ### - -Java JDK 7 is the basic requirement for the installation of Zephyr, if its not already installed in your operating system then do the following to install Java and setup its JAVA_HOME environment variables to be properly configured. - -Let’s issue the below commands to install Java JDK 7. - - [root@centos-007 ~]# yum install java-1.7.0-openjdk-1.7.0.79-2.5.5.2.el7_1 - ----------- - - [root@centos-007 ~]# yum install java-1.7.0-openjdk-devel-1.7.0.85-2.6.1.2.el7_1.x86_64 - -Once your java is installed including its required dependencies, run the following commands to set its JAVA_HOME environment variables. - - [root@centos-007 ~]# export JAVA_HOME=/usr/java/default - [root@centos-007 ~]# export PATH=/usr/java/default/bin:$PATH - -Now check the version of java to verify its installation with following command. - - [root@centos-007 ~]# java –version - ----------- - - java version "1.7.0_79" - OpenJDK Runtime Environment (rhel-2.5.5.2.el7_1-x86_64 u79-b14) - OpenJDK 64-Bit Server VM (build 24.79-b02, mixed mode) - -The output shows that we we have successfully installed OpenJDK Java verion 1.7.0_79. - -### Install MySQL 5.6.X ### - -If you have other MySQLs on the machine then it is recommended to remove them and -install this version on top of them or upgrade their schemas to what is specified. As this specific major/minor (5.6.X) version of MySQL is required with the root username as a prerequisite of Zephyr. - -To install MySQL 5.6 on CentOS-7.1 lets do the following steps: - -Download the rpm package, which will create a yum repo file for MySQL Server installation. - - [root@centos-007 ~]# yum install wget - [root@centos-007 ~]# wget http://repo.mysql.com/mysql-community-release-el7-5.noarch.rpm - -Now Install this downloaded rpm package by using rpm command. - - [root@centos-007 ~]# rpm -ivh mysql-community-release-el7-5.noarch.rpm - -After the installation of this package you will get two new yum repo related to MySQL. Then by using yum command, now we will install MySQL Server 5.6 and all dependencies will be installed itself. - - [root@centos-007 ~]# yum install mysql-server - -Once the installation process completes, run the following commands to start mysqld services and check its status whether its active or not. - - [root@centos-007 ~]# service mysqld start - [root@centos-007 ~]# service mysqld status - -On fresh installation of MySQL Server. The MySQL root user password is blank. -For good security practice, we should reset the password MySQL root user. - -Connect to MySQL using the auto-generated empty password and change the -root password. - - [root@centos-007 ~]# mysql - mysql> SET PASSWORD FOR 'root'@'localhost' = PASSWORD('your_password'); - mysql> flush privileges; - mysql> quit; - -Now we need to configure the required database parameters in the default configuration file of MySQL. Let's open its file located in "/etc/" folder and update it as follow. - - [root@centos-007 ~]# vi /etc/my.cnf - ----------- - - [mysqld] - datadir=/var/lib/mysql - socket=/var/lib/mysql/mysql.sock - symbolic-links=0 - - sql_mode=NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES - max_allowed_packet=150M - max_connections=600 - default-storage-engine=INNODB - character-set-server=utf8 - collation-server=utf8_unicode_ci - - [mysqld_safe] - log-error=/var/log/mysqld.log - pid-file=/var/run/mysqld/mysqld.pid - default-storage-engine=INNODB - character-set-server=utf8 - collation-server=utf8_unicode_ci - - [mysql] - max_allowed_packet = 150M - [mysqldump] - quick - -Save the changes made in the configuration file and restart mysql services. - - [root@centos-007 ~]# service mysqld restart - -### Download Zephyr Installation Package ### - -We done with installation of required packages necessary to install Zephyr. Now we need to get the binary distributed package of Zephyr and its license key. Go to official download link of Zephyr that is http://download.yourzephyr.com/linux/download.php give your email ID and click to download. - -![Zephyr Download](http://blog.linoxide.com/wp-content/uploads/2015/08/13.png) - -Then and confirm your mentioned Email Address and you will get the Zephyr Download link and its License Key link. So click on the provided links and choose the appropriate version of your Operating system to download the binary installation package and its license file to the server. - -We have placed it in the home directory and modify its permissions to make it executable. - -![Zephyr Binary](http://blog.linoxide.com/wp-content/uploads/2015/08/22.png) - -### Start Zephyr Installation and Configuration ### - -Now we are ready to start the installation of Zephyr by executing its binary installation script as below. - - [root@centos-007 ~]# ./zephyr_4_7_9213_linux_setup.sh –c - -Once you run the above command, it will check for the Java environment variables to be properly setup and configured. If there's some mis-configuration you might the error like. - - testing JVM in /usr ... - Starting Installer ... - Error : Either JDK is not found at expected locations or JDK version is mismatched. - Zephyr requires Oracle Java Development Kit (JDK) version 1.7 or higher. - -Once you have properly configured your Java, then it will start installation of Zephyr and asks to press "o" to proceed and "c" to cancel the setup. Let's type "o" and press "Enter" key to start installation. - -![install zephyr](http://blog.linoxide.com/wp-content/uploads/2015/08/32.png) - -The next option is to review all the requirements for the Zephyr setup and Press "Enter" to move forward to next option. - -![zephyr requirements](http://blog.linoxide.com/wp-content/uploads/2015/08/42.png) - -To accept the license agreement type "1" and Press Enter. - - I accept the terms of this license agreement [1], I do not accept the terms of this license agreement [2, Enter] - -Here we need to choose the appropriate destination location where we want to install the zephyr and choose the default ports, if you want to choose other than default ports, you are free to mention here. - -![installation folder](http://blog.linoxide.com/wp-content/uploads/2015/08/52.png) - -Then customize the mysql database parameters and give the right paths to the configurations file. You might the an error at this point as shown below. - - Please update MySQL configuration. Configuration parameter max_connection should be at least 500 (max_connection = 500) and max_allowed_packet should be at least 50MB (max_allowed_packet = 50M). - -To overcome this error make sure that you have configure the "max_connection" and "max_allowed_packet" limits properly in the mysql configuration file. So confirm these settings, connect to mysql server and run the commands as shown. - -![mysql connections](http://blog.linoxide.com/wp-content/uploads/2015/08/62.png) - -Once you have configured your mysql database properly, it will extract the configuration files to complete the setup. - -![mysql customization](http://blog.linoxide.com/wp-content/uploads/2015/08/72.png) - -The installation process completes with successful installation of Zephyr 4.7 on your computer. To Launch Zephyr Desktop type "y" to finish Zephyr installation. - -![launch zephyr](http://blog.linoxide.com/wp-content/uploads/2015/08/82.png) - -### Launch Zephyr Desktop ### - -Open your web browser to launch Zephyr Desktop with your localhost IP adress and you will be direted to the Zephyr Desktop. - - http://your_server_IP/zephyr/desktop/ - -![Zephyr Desktop](http://blog.linoxide.com/wp-content/uploads/2015/08/91.png) - -From your Zephyr Dashboard click on the "Test Manager" and login with the dault user name and password that is "test.manager". - -![Test Manage Login](http://blog.linoxide.com/wp-content/uploads/2015/08/test_manager_login.png) - -Once you are loged in you will be able to configure your administrative settings as shown. So choose the settings you wish to put according to your environment. - -![Test Manage Administration](http://blog.linoxide.com/wp-content/uploads/2015/08/test_manage_admin.png) - -Save the settings after you have done with your administrative settings, similarly do the settings of resources management and project setup and start using Zephyr as a complete set of your testing management tool. You check and edit the status of your administrative settings from the Department Dashboard Management as shown. - -![zephyr dashboard](http://blog.linoxide.com/wp-content/uploads/2015/08/dashboard.png) - -### Conclusion ### - -Cheers! we have done with the complete setup of Zephyr installation setup on Centos 7.1. We hope you are now much aware of Zephyr Test management tool which offer the prospect of streamlining the testing process and allow quick access to data analysis, collaborative tools and easy communication across multiple project teams. Feel free to comment us if you find any difficulty while you are doing it in your environment. - --------------------------------------------------------------------------------- - -via: http://linoxide.com/linux-how-to/setup-zephyr-tool-centos-7-x/ - -作者:[Kashif Siddique][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:http://linoxide.com/author/kashifs/ \ No newline at end of file diff --git a/sources/tech/20150831 How to switch from NetworkManager to systemd-networkd on Linux.md b/sources/tech/20150831 How to switch from NetworkManager to systemd-networkd on Linux.md deleted file mode 100644 index bc7ebee015..0000000000 --- a/sources/tech/20150831 How to switch from NetworkManager to systemd-networkd on Linux.md +++ /dev/null @@ -1,167 +0,0 @@ -Translating by Ping - -How to switch from NetworkManager to systemd-networkd on Linux -================================================================================ -In the world of Linux, adoption of [systemd][1] has been a subject of heated controversy, and the debate between its proponents and critics is still going on. As of today, most major Linux distributions have adopted systemd as a default init system. - -Billed as a "never finished, never complete, but tracking progress of technology" by its author, systemd is not just the init daemon, but is designed as a more broad system and service management platform which encompasses the growing ecosystem of core system daemons, libraries and utilities. - -One of many additions to **systemd** is **systemd-networkd**, which is responsible for network configuration within the systemd ecosystem. Using systemd-networkd, you can configure basic DHCP/static IP networking for network devices. It can also configure virtual networking features such as bridges, tunnels or VLANs. Wireless networking is not directly handled by systemd-networkd, but you can use wpa_supplicant service to configure wireless adapters, and then hook it up with **systemd-networkd**. - -On many Linux distributions, NetworkManager has been and is still used as a default network configuration manager. Compared to NetworkManager, **systemd-networkd** is still under active development, and missing features. For example, it does not have NetworkManager's intelligence to keep your computer connected across various interfaces at all times. It does not provide ifup/ifdown hooks for advanced scripting. Yet, systemd-networkd is integrated well with the rest of systemd components (e.g., **resolved** for DNS, **timesyncd** for NTP, udevd for naming), and the role of **systemd-networkd** may only grow over time in the systemd environment. - -If you are happy with the way **systemd** is evolving, one thing you can consider is to switch from NetworkManager to systemd-networkd. If you are feverishly against systemd, and perfectly happy with NetworkManager or [basic network service][2], that is totally cool. - -But for those of you who want to try out systemd-networkd, you can read on, and find out in this tutorial how to switch from NetworkManager to systemd-networkd on Linux. - -### Requirement ### - -systemd-networkd is available in systemd version 210 and higher. Thus distributions like Debian 8 "Jessie" (systemd 215), Fedora 21 (systemd 217), Ubuntu 15.04 (systemd 219) or later are compatible with systemd-networkd. - -For other distributions, check the version of your systemd before proceeding. - - $ systemctl --version - -### Switch from Network Manager to Systemd-Networkd ### - -It is relatively straightforward to switch from Network Manager to systemd-networkd (and vice versa). - -First, disable Network Manager service, and enable systemd-networkd as follows. - - $ sudo systemctl disable NetworkManager - $ sudo systemctl enable systemd-networkd - -You also need to enable **systemd-resolved** service, which is used by systemd-networkd for network name resolution. This service implements a caching DNS server. - - $ sudo systemctl enable systemd-resolved - $ sudo systemctl start systemd-resolved - -Once started, **systemd-resolved** will create its own resolv.conf somewhere under /run/systemd directory. However, it is a common practise to store DNS resolver information in /etc/resolv.conf, and many applications still rely on /etc/resolv.conf. Thus for compatibility reason, create a symlink to /etc/resolv.conf as follows. - - $ sudo rm /etc/resolv.conf - $ sudo ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf - -### Configure Network Connections with Systemd-networkd ### - -To configure network devices with systemd-networkd, you must specify configuration information in text files with .network extension. These network configuration files are then stored and loaded from /etc/systemd/network. When there are multiple files, systemd-networkd loads and processes them one by one in lexical order. - -Let's start by creating a folder /etc/systemd/network. - - $ sudo mkdir /etc/systemd/network - -#### DHCP Networking #### - -Let's configure DHCP networking first. For this, create the following configuration file. The name of a file can be arbitrary, but remember that files are processed in lexical order. - - $ sudo vi /etc/systemd/network/20-dhcp.network - ----------- - - [Match] - Name=enp3* - - [Network] - DHCP=yes - -As you can see above, each network configuration file contains one or more "sections" with each section preceded by [XXX] heading. Each section contains one or more key/value pairs. The [Match] section determine which network device(s) are configured by this configuration file. For example, this file matches any network interface whose name starts with ens3 (e.g., enp3s0, enp3s1, enp3s2, etc). For matched interface(s), it then applies DHCP network configuration specified under [Network] section. - -### Static IP Networking ### - -If you want to assign a static IP address to a network interface, create the following configuration file. - - $ sudo vi /etc/systemd/network/10-static-enp3s0.network - ----------- - - [Match] - Name=enp3s0 - - [Network] - Address=192.168.10.50/24 - Gateway=192.168.10.1 - DNS=8.8.8.8 - -As you can guess, the interface enp3s0 will be assigned an address 192.168.10.50/24, a default gateway 192.168.10.1, and a DNS server 8.8.8.8. One subtlety here is that the name of an interface enp3s0, in facts, matches the pattern rule defined in the earlier DHCP configuration as well. However, since the file "10-static-enp3s0.network" is processed before "20-dhcp.network" according to lexical order, the static configuration takes priority over DHCP configuration in case of enp3s0 interface. - -Once you are done with creating configuration files, restart systemd-networkd service or reboot. - - $ sudo systemctl restart systemd-networkd - -Check the status of the service by running: - - $ systemctl status systemd-networkd - $ systemctl status systemd-resolved - -![](https://farm1.staticflickr.com/719/21010813392_76abe123ed_c.jpg) - -### Configure Virtual Network Devices with Systemd-networkd ### - -**systemd-networkd** also allows you to configure virtual network devices such as bridges, VLANs, tunnel, VXLAN, bonding, etc. You must configure these virtual devices in files with .netdev extension. - -Here I'll show how to configure a bridge interface. - -#### Linux Bridge #### - -If you want to create a Linux bridge (br0) and add a physical interface (eth1) to the bridge, create the following configuration. - - $ sudo vi /etc/systemd/network/bridge-br0.netdev - ----------- - - [NetDev] - Name=br0 - Kind=bridge - -Then configure the bridge interface br0 and the slave interface eth1 using .network files as follows. - - $ sudo vi /etc/systemd/network/bridge-br0-slave.network - ----------- - - [Match] - Name=eth1 - - [Network] - Bridge=br0 - ----------- - - $ sudo vi /etc/systemd/network/bridge-br0.network - ----------- - - [Match] - Name=br0 - - [Network] - Address=192.168.10.100/24 - Gateway=192.168.10.1 - DNS=8.8.8.8 - -Finally, restart systemd-networkd: - - $ sudo systemctl restart systemd-networkd - -You can use [brctl tool][3] to verify that a bridge br0 has been created. - -### Summary ### - -When systemd promises to be a system manager for Linux, it is no wonder something like systemd-networkd came into being to manage network configurations. At this stage, however, systemd-networkd seems more suitable for a server environment where network configurations are relatively stable. For desktop/laptop environments which involve various transient wired/wireless interfaces, NetworkManager may still be a preferred choice. - -For those who want to check out more on systemd-networkd, refer to the official [man page][4] for a complete list of supported sections and keys. - --------------------------------------------------------------------------------- - -via: http://xmodulo.com/switch-from-networkmanager-to-systemd-networkd.html - -作者:[Dan Nanni][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:http://xmodulo.com/author/nanni -[1]:http://xmodulo.com/use-systemd-system-administration-debian.html -[2]:http://xmodulo.com/disable-network-manager-linux.html -[3]:http://xmodulo.com/how-to-configure-linux-bridge-interface.html -[4]:http://www.freedesktop.org/software/systemd/man/systemd.network.html diff --git a/sources/tech/20150831 Linux workstation security checklist.md b/sources/tech/20150831 Linux workstation security checklist.md deleted file mode 100644 index 9ef46339d0..0000000000 --- a/sources/tech/20150831 Linux workstation security checklist.md +++ /dev/null @@ -1,801 +0,0 @@ -wyangsun translating -Linux workstation security checklist -================================================================================ -This is a set of recommendations used by the Linux Foundation for their systems -administrators. All of LF employees are remote workers and we use this set of -guidelines to ensure that a sysadmin's system passes core security requirements -in order to reduce the risk of it becoming an attack vector against the rest -of our infrastructure. - -Even if your systems administrators are not remote workers, chances are that -they perform a lot of their work either from a portable laptop in a work -environment, or set up their home systems to access the work infrastructure -for after-hours/emergency support. In either case, you can adapt this set of -recommendations to suit your environment. - -This, by no means, is an exhaustive "workstation hardening" document, but -rather an attempt at a set of baseline recommendations to avoid most glaring -security errors without introducing too much inconvenience. You may read this -document and think it is way too paranoid, while someone else may think this -barely scratches the surface. Security is just like driving on the highway -- -anyone going slower than you is an idiot, while anyone driving faster than you -is a crazy person. These guidelines are merely a basic set of core safety -rules that is neither exhaustive, nor a replacement for experience, vigilance, -and common sense. - -Each section is split into two areas: - -- The checklist that can be adapted to your project's needs -- Free-form list of considerations that explain what dictated these decisions - -## Severity levels - -The items in each checklist include the severity level, which we hope will help -guide your decision: - -- _(CRITICAL)_ items should definitely be high on the consideration list. - If not implemented, they will introduce high risks to your workstation - security. -- _(MODERATE)_ items will improve your security posture, but are less - important, especially if they interfere too much with your workflow. -- _(LOW)_ items may improve the overall security, but may not be worth the - convenience trade-offs. -- _(PARANOID)_ is reserved for items we feel will dramatically improve your - workstation security, but will probably require a lot of adjustment to the - way you interact with your operating system. - -Remember, these are only guidelines. If you feel these severity levels do not -reflect your project's commitment to security, you should adjust them as you -see fit. - -## Choosing the right hardware - -We do not mandate that our admins use a specific vendor or a specific model, so -this section addresses core considerations when choosing a work system. - -### Checklist - -- [ ] System supports SecureBoot _(CRITICAL)_ -- [ ] System has no firewire, thunderbolt or ExpressCard ports _(MODERATE)_ -- [ ] System has a TPM chip _(LOW)_ - -### Considerations - -#### SecureBoot - -Despite its controversial nature, SecureBoot offers prevention against many -attacks targeting workstations (Rootkits, "Evil Maid," etc), without -introducing too much extra hassle. It will not stop a truly dedicated attacker, -plus there is a pretty high degree of certainty that state security agencies -have ways to defeat it (probably by design), but having SecureBoot is better -than having nothing at all. - -Alternatively, you may set up [Anti Evil Maid][1] which offers a more -wholesome protection against the type of attacks that SecureBoot is supposed -to prevent, but it will require more effort to set up and maintain. - -#### Firewire, thunderbolt, and ExpressCard ports - -Firewire is a standard that, by design, allows any connecting device full -direct memory access to your system ([see Wikipedia][2]). Thunderbolt and -ExpressCard are guilty of the same, though some later implementations of -Thunderbolt attempt to limit the scope of memory access. It is best if the -system you are getting has none of these ports, but it is not critical, as -they usually can be turned off via UEFI or disabled in the kernel itself. - -#### TPM Chip - -Trusted Platform Module (TPM) is a crypto chip bundled with the motherboard -separately from the core processor, which can be used for additional platform -security (such as to store full-disk encryption keys), but is not normally used -for day-to-day workstation operation. At best, this is a nice-to-have, unless -you have a specific need to use TPM for your workstation security. - -## Pre-boot environment - -This is a set of recommendations for your workstation before you even start -with OS installation. - -### Checklist - -- [ ] UEFI boot mode is used (not legacy BIOS) _(CRITICAL)_ -- [ ] Password is required to enter UEFI configuration _(CRITICAL)_ -- [ ] SecureBoot is enabled _(CRITICAL)_ -- [ ] UEFI-level password is required to boot the system _(LOW)_ - -### Considerations - -#### UEFI and SecureBoot - -UEFI, with all its warts, offers a lot of goodies that legacy BIOS doesn't, -such as SecureBoot. Most modern systems come with UEFI mode on by default. - -Make sure a strong password is required to enter UEFI configuration mode. Pay -attention, as many manufacturers quietly limit the length of the password you -are allowed to use, so you may need to choose high-entropy short passwords vs. -long passphrases (see below for more on passphrases). - -Depending on the Linux distribution you decide to use, you may or may not have -to jump through additional hoops in order to import your distribution's -SecureBoot key that would allow you to boot the distro. Many distributions have -partnered with Microsoft to sign their released kernels with a key that is -already recognized by most system manufacturers, therefore saving you the -trouble of having to deal with key importing. - -As an extra measure, before someone is allowed to even get to the boot -partition and try some badness there, let's make them enter a password. This -password should be different from your UEFI management password, in order to -prevent shoulder-surfing. If you shut down and start a lot, you may choose to -not bother with this, as you will already have to enter a LUKS passphrase and -this will save you a few extra keystrokes. - -## Distro choice considerations - -Chances are you'll stick with a fairly widely-used distribution such as Fedora, -Ubuntu, Arch, Debian, or one of their close spin-offs. In any case, this is -what you should consider when picking a distribution to use. - -### Checklist - -- [ ] Has a robust MAC/RBAC implementation (SELinux/AppArmor/Grsecurity) _(CRITICAL)_ -- [ ] Publishes security bulletins _(CRITICAL)_ -- [ ] Provides timely security patches _(CRITICAL)_ -- [ ] Provides cryptographic verification of packages _(CRITICAL)_ -- [ ] Fully supports UEFI and SecureBoot _(CRITICAL)_ -- [ ] Has robust native full disk encryption support _(CRITICAL)_ - -### Considerations - -#### SELinux, AppArmor, and GrSecurity/PaX - -Mandatory Access Controls (MAC) or Role-Based Access Controls (RBAC) are an -extension of the basic user/group security mechanism used in legacy POSIX -systems. Most distributions these days either already come bundled with a -MAC/RBAC implementation (Fedora, Ubuntu), or provide a mechanism to add it via -an optional post-installation step (Gentoo, Arch, Debian). Obviously, it is -highly advised that you pick a distribution that comes pre-configured with a -MAC/RBAC system, but if you have strong feelings about a distribution that -doesn't have one enabled by default, do plan to configure it -post-installation. - -Distributions that do not provide any MAC/RBAC mechanisms should be strongly -avoided, as traditional POSIX user- and group-based security should be -considered insufficient in this day and age. If you would like to start out -with a MAC/RBAC workstation, AppArmor and PaX are generally considered easier -to learn than SELinux. Furthermore, on a workstation, where there are few or -no externally listening daemons, and where user-run applications pose the -highest risk, GrSecurity/PaX will _probably_ offer more security benefits than -SELinux. - -#### Distro security bulletins - -Most of the widely used distributions have a mechanism to deliver security -bulletins to their users, but if you are fond of something esoteric, check -whether the developers have a documented mechanism of alerting the users about -security vulnerabilities and patches. Absence of such mechanism is a major -warning sign that the distribution is not mature enough to be considered for a -primary admin workstation. - -#### Timely and trusted security updates - -Most of the widely used distributions deliver regular security updates, but is -worth checking to ensure that critical package updates are provided in a -timely fashion. Avoid using spin-offs and "community rebuilds" for this -reason, as they routinely delay security updates due to having to wait for the -upstream distribution to release it first. - -You'll be hard-pressed to find a distribution that does not use cryptographic -signatures on packages, updates metadata, or both. That being said, fairly -widely used distributions have been known to go for years before introducing -this basic security measure (Arch, I'm looking at you), so this is a thing -worth checking. - -#### Distros supporting UEFI and SecureBoot - -Check that the distribution supports UEFI and SecureBoot. Find out whether it -requires importing an extra key or whether it signs its boot kernels with a key -already trusted by systems manufacturers (e.g. via an agreement with -Microsoft). Some distributions do not support UEFI/SecureBoot but offer -alternatives to ensure tamper-proof or tamper-evident boot environments -([Qubes-OS][3] uses Anti Evil Maid, mentioned earlier). If a distribution -doesn't support SecureBoot and has no mechanisms to prevent boot-level attacks, -look elsewhere. - -#### Full disk encryption - -Full disk encryption is a requirement for securing data at rest, and is -supported by most distributions. As an alternative, systems with -self-encrypting hard drives may be used (normally implemented via the on-board -TPM chip) and offer comparable levels of security plus faster operation, but at -a considerably higher cost. - -## Distro installation guidelines - -All distributions are different, but here are general guidelines: - -### Checklist - -- [ ] Use full disk encryption (LUKS) with a robust passphrase _(CRITICAL)_ -- [ ] Make sure swap is also encrypted _(CRITICAL)_ -- [ ] Require a password to edit bootloader (can be same as LUKS) _(CRITICAL)_ -- [ ] Set up a robust root password (can be same as LUKS) _(CRITICAL)_ -- [ ] Use an unprivileged account, part of administrators group _(CRITICAL)_ -- [ ] Set up a robust user-account password, different from root _(CRITICAL)_ - -### Considerations - -#### Full disk encryption - -Unless you are using self-encrypting hard drives, it is important to configure -your installer to fully encrypt all the disks that will be used for storing -your data and your system files. It is not sufficient to simply encrypt the -user directory via auto-mounting cryptfs loop files (I'm looking at you, older -versions of Ubuntu), as this offers no protection for system binaries or swap, -which is likely to contain a slew of sensitive data. The recommended -encryption strategy is to encrypt the LVM device, so only one passphrase is -required during the boot process. - -The `/boot` partition will always remain unencrypted, as the bootloader needs -to be able to actually boot the kernel before invoking LUKS/dm-crypt. The -kernel image itself should be protected against tampering with a cryptographic -signature checked by SecureBoot. - -In other words, `/boot` should always be the only unencrypted partition on your -system. - -#### Choosing good passphrases - -Modern Linux systems have no limitation of password/passphrase length, so the -only real limitation is your level of paranoia and your stubbornness. If you -boot your system a lot, you will probably have to type at least two different -passwords: one to unlock LUKS, and another one to log in, so having long -passphrases will probably get old really fast. Pick passphrases that are 2-3 -words long, easy to type, and preferably from rich/mixed vocabularies. - -Examples of good passphrases (yes, you can use spaces): -- nature abhors roombas -- 12 in-flight Jebediahs -- perdon, tengo flatulence - -You can also stick with non-vocabulary passwords that are at least 10-12 -characters long, if you prefer that to typing passphrases. - -Unless you have concerns about physical security, it is fine to write down your -passphrases and keep them in a safe place away from your work desk. - -#### Root, user passwords and the admin group - -We recommend that you use the same passphrase for your root password as you -use for your LUKS encryption (unless you share your laptop with other trusted -people who should be able to unlock the drives, but shouldn't be able to -become root). If you are the sole user of the laptop, then having your root -password be different from your LUKS password has no meaningful security -advantages. Generally, you can use the same passphrase for your UEFI -administration, disk encryption, and root account -- knowing any of these will -give an attacker full control of your system anyway, so there is little -security benefit to have them be different on a single-user workstation. - -You should have a different, but equally strong password for your regular user -account that you will be using for day-to-day tasks. This user should be member -of the admin group (e.g. `wheel` or similar, depending on the distribution), -allowing you to perform `sudo` to elevate privileges. - -In other words, if you are the sole user on your workstation, you should have 2 -distinct, robust, equally strong passphrases you will need to remember: - -**Admin-level**, used in the following locations: - -- UEFI administration -- Bootloader (GRUB) -- Disk encryption (LUKS) -- Workstation admin (root user) - -**User-level**, used for the following: - -- User account and sudo -- Master password for the password manager - -All of them, obviously, can be different if there is a compelling reason. - -## Post-installation hardening - -Post-installation security hardening will depend greatly on your distribution -of choice, so it is futile to provide detailed instructions in a general -document such as this one. However, here are some steps you should take: - -### Checklist - -- [ ] Globally disable firewire and thunderbolt modules _(CRITICAL)_ -- [ ] Check your firewalls to ensure all incoming ports are filtered _(CRITICAL)_ -- [ ] Make sure root mail is forwarded to an account you check _(CRITICAL)_ -- [ ] Check to ensure sshd service is disabled by default _(MODERATE)_ -- [ ] Set up an automatic OS update schedule, or update reminders _(MODERATE)_ -- [ ] Configure the screensaver to auto-lock after a period of inactivity _(MODERATE)_ -- [ ] Set up logwatch _(MODERATE)_ -- [ ] Install and use rkhunter _(LOW)_ -- [ ] Install an Intrusion Detection System _(PARANOID)_ - -### Considerations - -#### Blacklisting modules - -To blacklist a firewire and thunderbolt modules, add the following lines to a -file in `/etc/modprobe.d/blacklist-dma.conf`: - - blacklist firewire-core - blacklist thunderbolt - -The modules will be blacklisted upon reboot. It doesn't hurt doing this even if -you don't have these ports (but it doesn't do anything either). - -#### Root mail - -By default, root mail is just saved on the system and tends to never be read. -Make sure you set your `/etc/aliases` to forward root mail to a mailbox that -you actually read, otherwise you may miss important system notifications and -reports: - - # Person who should get root's mail - root: bob@example.com - -Run `newaliases` after this edit and test it out to make sure that it actually -gets delivered, as some email providers will reject email coming in from -nonexistent or non-routable domain names. If that is the case, you will need to -play with your mail forwarding configuration until this actually works. - -#### Firewalls, sshd, and listening daemons - -The default firewall settings will depend on your distribution, but many of -them will allow incoming `sshd` ports. Unless you have a compelling legitimate -reason to allow incoming ssh, you should filter that out and disable the `sshd` -daemon. - - systemctl disable sshd.service - systemctl stop sshd.service - -You can always start it temporarily if you need to use it. - -In general, your system shouldn't have any listening ports apart from -responding to ping. This will help safeguard you against network-level 0-day -exploits. - -#### Automatic updates or notifications - -It is recommended to turn on automatic updates, unless you have a very good -reason not to do so, such as fear that an automatic update would render your -system unusable (it's happened in the past, so this fear is not unfounded). At -the very least, you should enable automatic notifications of available updates. -Most distributions already have this service automatically running for you, so -chances are you don't have to do anything. Consult your distribution -documentation to find out more. - -You should apply all outstanding errata as soon as possible, even if something -isn't specifically labeled as "security update" or has an associated CVE code. -All bugs have the potential of being security bugs and erring on the side of -newer, unknown bugs is _generally_ a safer strategy than sticking with old, -known ones. - -#### Watching logs - -You should have a keen interest in what happens on your system. For this -reason, you should install `logwatch` and configure it to send nightly activity -reports of everything that happens on your system. This won't prevent a -dedicated attacker, but is a good safety-net feature to have in place. - -Note, that many systemd distros will no longer automatically install a syslog -server that `logwatch` needs (due to systemd relying on its own journal), so -you will need to install and enable `rsyslog` to make sure your `/var/log` is -not empty before logwatch will be of any use. - -#### Rkhunter and IDS - -Installing `rkhunter` and an intrusion detection system (IDS) like `aide` or -`tripwire` will not be that useful unless you actually understand how they work -and take the necessary steps to set them up properly (such as, keeping the -databases on external media, running checks from a trusted environment, -remembering to refresh the hash databases after performing system updates and -configuration changes, etc). If you are not willing to take these steps and -adjust how you do things on your own workstation, these tools will introduce -hassle without any tangible security benefit. - -We do recommend that you install `rkhunter` and run it nightly. It's fairly -easy to learn and use, and though it will not deter a sophisticated attacker, -it may help you catch your own mistakes. - -## Personal workstation backups - -Workstation backups tend to be overlooked or done in a haphazard, often unsafe -manner. - -### Checklist - -- [ ] Set up encrypted workstation backups to external storage _(CRITICAL)_ -- [ ] Use zero-knowledge backup tools for cloud backups _(MODERATE)_ - -### Considerations - -#### Full encrypted backups to external storage - -It is handy to have an external hard drive where one can dump full backups -without having to worry about such things like bandwidth and upstream speeds -(in this day and age most providers still offer dramatically asymmetric -upload/download speeds). Needless to say, this hard drive needs to be in itself -encrypted (again, via LUKS), or you should use a backup tool that creates -encrypted backups, such as `duplicity` or its GUI companion, `deja-dup`. I -recommend using the latter with a good randomly generated passphrase, stored in -your password manager. If you travel with your laptop, leave this drive at home -to have something to come back to in case your laptop is lost or stolen. - -In addition to your home directory, you should also back up `/etc` and -`/var/log` for various forensic purposes. - -Above all, avoid copying your home directory onto any unencrypted storage, even -as a quick way to move your files around between systems, as you will most -certainly forget to erase it once you're done, exposing potentially private or -otherwise security sensitive data to snooping hands -- especially if you keep -that storage media in the same bag with your laptop. - -#### Selective zero-knowledge backups off-site - -Off-site backups are also extremely important and can be done either to your -employer, if they offer space for it, or to a cloud provider. You can set up a -separate duplicity/deja-dup profile to only include most important files in -order to avoid transferring huge amounts of data that you don't really care to -back up off-site (internet cache, music, downloads, etc). - -Alternatively, you can use a zero-knowledge backup tool, such as -[SpiderOak][5], which offers an excellent Linux GUI tool and has additional -useful features such as synchronizing content between multiple systems and -platforms. - -## Best practices - -What follows is a curated list of best practices that we think you should -adopt. It is most certainly non-exhaustive, but rather attempts to offer -practical advice that strikes a workable balance between security and overall -usability. - -### Browsing - -There is no question that the web browser will be the piece of software with -the largest and the most exposed attack surface on your system. It is a tool -written specifically to download and execute untrusted, frequently hostile -code. It attempts to shield you from this danger by employing multiple -mechanisms such as sandboxes and code sanitization, but they have all been -previously defeated on multiple occasions. You should learn to approach -browsing websites as the most insecure activity you'll engage in on any given -day. - -There are several ways you can reduce the impact of a compromised browser, but -the truly effective ways will require significant changes in the way you -operate your workstation. - -#### 1: Use two different browsers - -This is the easiest to do, but only offers minor security benefits. Not all -browser compromises give an attacker full unfettered access to your system -- -sometimes they are limited to allowing one to read local browser storage, -steal active sessions from other tabs, capture input entered into the browser, -etc. Using two different browsers, one for work/high security sites, and -another for everything else will help prevent minor compromises from giving -attackers access to the whole cookie jar. The main inconvenience will be the -amount of memory consumed by two different browser processes. - -Here's what we recommend: - -##### Firefox for work and high security sites - -Use Firefox to access work-related sites, where extra care should be taken to -ensure that data like cookies, sessions, login information, keystrokes, etc, -should most definitely not fall into attackers' hands. You should NOT use -this browser for accessing any other sites except select few. - -You should install the following Firefox add-ons: - -- [ ] NoScript _(CRITICAL)_ - - NoScript prevents active content from loading, except from user - whitelisted domains. It is a great hassle to use with your default browser - (though offers really good security benefits), so we recommend only - enabling it on the browser you use to access work-related sites. - -- [ ] Privacy Badger _(CRITICAL)_ - - EFF's Privacy Badger will prevent most external trackers and ad platforms - from being loaded, which will help avoid compromises on these tracking - sites from affecting your browser (trackers and ad sites are very commonly - targeted by attackers, as they allow rapid infection of thousands of - systems worldwide). - -- [ ] HTTPS Everywhere _(CRITICAL)_ - - This EFF-developed Add-on will ensure that most of your sites are accessed - over a secure connection, even if a link you click is using http:// (great - to avoid a number of attacks, such as [SSL-strip][7]). - -- [ ] Certificate Patrol _(MODERATE)_ - - This tool will alert you if the site you're accessing has recently changed - their TLS certificates -- especially if it wasn't nearing expiration dates - or if it is now using a different certification authority. It helps - alert you if someone is trying to man-in-the-middle your connection, - but generates a lot of benign false-positives. - -You should leave Firefox as your default browser for opening links, as -NoScript will prevent most active content from loading or executing. - -##### Chrome/Chromium for everything else - -Chromium developers are ahead of Firefox in adding a lot of nice security -features (at least [on Linux][6]), such as seccomp sandboxes, kernel user -namespaces, etc, which act as an added layer of isolation between the sites -you visit and the rest of your system. Chromium is the upstream open-source -project, and Chrome is Google's proprietary binary build based on it (insert -the usual paranoid caution about not using it for anything you don't want -Google to know about). - -It is recommended that you install **Privacy Badger** and **HTTPS Everywhere** -extensions in Chrome as well and give it a distinct theme from Firefox to -indicate that this is your "untrusted sites" browser. - -#### 2: Use two different browsers, one inside a dedicated VM - -This is a similar recommendation to the above, except you will add an extra -step of running Chrome inside a dedicated VM that you access via a fast -protocol, allowing you to share clipboards and forward sound events (e.g. -Spice or RDP). This will add an excellent layer of isolation between the -untrusted browser and the rest of your work environment, ensuring that -attackers who manage to fully compromise your browser will then have to -additionally break out of the VM isolation layer in order to get to the rest -of your system. - -This is a surprisingly workable configuration, but requires a lot of RAM and -fast processors that can handle the increased load. It will also require an -important amount of dedication on the part of the admin who will need to -adjust their work practices accordingly. - -#### 3: Fully separate your work and play environments via virtualization - -See [Qubes-OS project][3], which strives to provide a high-security -workstation environment via compartmentalizing your applications into separate -fully isolated VMs. - -### Password managers - -#### Checklist - -- [ ] Use a password manager _(CRITICAL_) -- [ ] Use unique passwords on unrelated sites _(CRITICAL)_ -- [ ] Use a password manager that supports team sharing _(MODERATE)_ -- [ ] Use a separate password manager for non-website accounts _(PARANOID)_ - -#### Considerations - -Using good, unique passwords should be a critical requirement for every member -of your team. Credential theft is happening all the time -- either via -compromised computers, stolen database dumps, remote site exploits, or any -number of other means. No credentials should ever be reused across sites, -especially for critical applications. - -##### In-browser password manager - -Every browser has a mechanism for saving passwords that is fairly secure and -can sync with vendor-maintained cloud storage while keeping the data encrypted -with a user-provided passphrase. However, this mechanism has important -disadvantages: - -1. It does not work across browsers -2. It does not offer any way of sharing credentials with team members - -There are several well-supported, free-or-cheap password managers that are -well-integrated into multiple browsers, work across platforms, and offer -group sharing (usually as a paid service). Solutions can be easily found via -search engines. - -##### Standalone password manager - -One of the major drawbacks of any password manager that comes integrated with -the browser is the fact that it's part of the application that is most likely -to be attacked by intruders. If this makes you uncomfortable (and it should), -you may choose to have two different password managers -- one for websites -that is integrated into your browser, and one that runs as a standalone -application. The latter can be used to store high-risk credentials such as -root passwords, database passwords, other shell account credentials, etc. - -It may be particularly useful to have such tool for sharing superuser account -credentials with other members of your team (server root passwords, ILO -passwords, database admin passwords, bootloader passwords, etc). - -A few tools can help you: - -- [KeePassX][8], which improves team sharing in version 2 -- [Pass][9], which uses text files and PGP and integrates with git -- [Django-Pstore][10], which uses GPG to share credentials between admins -- [Hiera-Eyaml][11], which, if you are already using Puppet for your - infrastructure, may be a handy way to track your server/service credentials - as part of your encrypted Hiera data store - -### Securing SSH and PGP private keys - -Personal encryption keys, including SSH and PGP private keys, are going to be -the most prized items on your workstation -- something the attackers will be -most interested in obtaining, as that would allow them to further attack your -infrastructure or impersonate you to other admins. You should take extra steps -to ensure that your private keys are well protected against theft. - -#### Checklist - -- [ ] Strong passphrases are used to protect private keys _(CRITICAL)_ -- [ ] PGP Master key is stored on removable storage _(MODERATE)_ -- [ ] Auth, Sign and Encrypt Subkeys are stored on a smartcard device _(MODERATE)_ -- [ ] SSH is configured to use PGP Auth key as ssh private key _(MODERATE)_ - -#### Considerations - -The best way to prevent private key theft is to use a smartcard to store your -encryption private keys and never copy them onto the workstation. There are -several manufacturers that offer OpenPGP capable devices: - -- [Kernel Concepts][12], where you can purchase both the OpenPGP compatible - smartcards and the USB readers, should you need one. -- [Yubikey NEO][13], which offers OpenPGP smartcard functionality in addition - to many other cool features (U2F, PIV, HOTP, etc). - -It is also important to make sure that the master PGP key is not stored on the -main workstation, and only subkeys are used. The master key will only be -needed when signing someone else's keys or creating new subkeys -- operations -which do not happen very frequently. You may follow [the Debian's subkeys][14] -guide to learn how to move your master key to removable storage and how to -create subkeys. - -You should then configure your gnupg agent to act as ssh agent and use the -smartcard-based PGP Auth key to act as your ssh private key. We publish a -[detailed guide][15] on how to do that using either a smartcard reader or a -Yubikey NEO. - -If you are not willing to go that far, at least make sure you have a strong -passphrase on both your PGP private key and your SSH private key, which will -make it harder for attackers to steal and use them. - -### SELinux on the workstation - -If you are using a distribution that comes bundled with SELinux (such as -Fedora), here are some recommendation of how to make the best use of it to -maximize your workstation security. - -#### Checklist - -- [ ] Make sure SELinux is enforcing on your workstation _(CRITICAL)_ -- [ ] Never blindly run `audit2allow -M`, always check _(CRITICAL)_ -- [ ] Never `setenforce 0` _(MODERATE)_ -- [ ] Switch your account to SELinux user `staff_u` _(MODERATE)_ - -#### Considerations - -SELinux is a Mandatory Access Controls (MAC) extension to core POSIX -permissions functionality. It is mature, robust, and has come a long way since -its initial roll-out. Regardless, many sysadmins to this day repeat the -outdated mantra of "just turn it off." - -That being said, SELinux will have limited security benefits on the -workstation, as most applications you will be running as a user are going to -be running unconfined. It does provide enough net benefit to warrant leaving -it on, as it will likely help prevent an attacker from escalating privileges -to gain root-level access via a vulnerable daemon service. - -Our recommendation is to leave it on and enforcing. - -##### Never `setenforce 0` - -It's tempting to use `setenforce 0` to flip SELinux into permissive mode -on a temporary basis, but you should avoid doing that. This essentially turns -off SELinux for the entire system, while what you really want is to -troubleshoot a particular application or daemon. - -Instead of `setenforce 0` you should be using `semanage permissive -a -[somedomain_t]` to put only that domain into permissive mode. First, find out -which domain is causing troubles by running `ausearch`: - - ausearch -ts recent -m avc - -and then look for `scontext=` (source SELinux context) line, like so: - - scontext=staff_u:staff_r:gpg_pinentry_t:s0-s0:c0.c1023 - ^^^^^^^^^^^^^^ - -This tells you that the domain being denied is `gpg_pinentry_t`, so if you -want to troubleshoot the application, you should add it to permissive domains: - - semange permissive -a gpg_pinentry_t - -This will allow you to use the application and collect the rest of the AVCs, -which you can then use in conjunction with `audit2allow` to write a local -policy. Once that is done and you see no new AVC denials, you can remove that -domain from permissive by running: - - semanage permissive -d gpg_pinentry_t - -##### Use your workstation as SELinux role staff_r - -SELinux comes with a native implementation of roles that prohibit or grant -certain privileges based on the role associated with the user account. As an -administrator, you should be using the `staff_r` role, which will restrict -access to many configuration and other security-sensitive files, unless you -first perform `sudo`. - -By default, accounts are created as `unconfined_r` and most applications you -execute will run unconfined, without any (or with only very few) SELinux -constraints. To switch your account to the `staff_r` role, run the following -command: - - usermod -Z staff_u [username] - -You should log out and log back in to enable the new role, at which point if -you run `id -Z`, you'll see: - - staff_u:staff_r:staff_t:s0-s0:c0.c1023 - -When performing `sudo`, you should remember to add an extra flag to tell -SELinux to transition to the "sysadmin" role. The command you want is: - - sudo -i -r sysadm_r - -At which point `id -Z` will show: - - staff_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 - -**WARNING**: you should be comfortable using `ausearch` and `audit2allow` -before you make this switch, as it's possible some of your applications will -no longer work when you're running as role `staff_r`. At the time of writing, -the following popular applications are known to not work under `staff_r` -without policy tweaks: - -- Chrome/Chromium -- Skype -- VirtualBox - -To switch back to `unconfined_r`, run the following command: - - usermod -Z unconfined_u [username] - -and then log out and back in to get back into the comfort zone. - -## Further reading - -The world of IT security is a rabbit hole with no bottom. If you would like to -go deeper, or find out more about security features on your particular -distribution, please check out the following links: - -- [Fedora Security Guide](https://docs.fedoraproject.org/en-US/Fedora/19/html/Security_Guide/index.html) -- [CESG Ubuntu Security Guide](https://www.gov.uk/government/publications/end-user-devices-security-guidance-ubuntu-1404-lts) -- [Debian Security Manual](https://www.debian.org/doc/manuals/securing-debian-howto/index.en.html) -- [Arch Linux Security Wiki](https://wiki.archlinux.org/index.php/Security) -- [Mac OSX Security](https://www.apple.com/support/security/guides/) - -## License -This work is licensed under a -[Creative Commons Attribution-ShareAlike 4.0 International License][0]. - --------------------------------------------------------------------------------- - -via: https://github.com/lfit/itpol/blob/master/linux-workstation-security.md#linux-workstation-security-checklist - -作者:[mricon][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:https://github.com/mricon -[0]: http://creativecommons.org/licenses/by-sa/4.0/ -[1]: https://github.com/QubesOS/qubes-antievilmaid -[2]: https://en.wikipedia.org/wiki/IEEE_1394#Security_issues -[3]: https://qubes-os.org/ -[4]: https://xkcd.com/936/ -[5]: https://spideroak.com/ -[6]: https://code.google.com/p/chromium/wiki/LinuxSandboxing -[7]: http://www.thoughtcrime.org/software/sslstrip/ -[8]: https://keepassx.org/ -[9]: http://www.passwordstore.org/ -[10]: https://pypi.python.org/pypi/django-pstore -[11]: https://github.com/TomPoulton/hiera-eyaml -[12]: http://shop.kernelconcepts.de/ -[13]: https://www.yubico.com/products/yubikey-hardware/yubikey-neo/ -[14]: https://wiki.debian.org/Subkeys -[15]: https://github.com/lfit/ssh-gpg-smartcard-config diff --git a/sources/tech/20150908 How to Run ISO Files Directly From the HDD with GRUB2.md b/sources/tech/20150908 How to Run ISO Files Directly From the HDD with GRUB2.md deleted file mode 100644 index 7de3640532..0000000000 --- a/sources/tech/20150908 How to Run ISO Files Directly From the HDD with GRUB2.md +++ /dev/null @@ -1,96 +0,0 @@ -How to Run ISO Files Directly From the HDD with GRUB2 -================================================================================ -![](https://www.maketecheasier.com/assets/uploads/2015/07/rundirectiso-featured.png) - -Most Linux distros offer a live environment, which you can boot up from a USB drive, for you to test the system without installing. You can either use it to evaluate the distro or as a disposable OS. While it is easy to copy these onto a USB disk, in certain cases one might want to run the same ISO image often or run different ones regularly. GRUB 2 can be configured so that you do not need to burn the ISOs to disk or use a USB drive, but need to run a live environment directly form the boot menu. - -### Obtaining and checking bootable ISO images ### - -To obtain an ISO image, you should usually visit the website of the desired distribution and download any image that is compatible with your setup. If the image can be started from a USB, it should be able to start from the GRUB menu as well. - -Once the image has finished downloading, you should check its integrity by running a simple md5 check on it. This will output a long combination of numbers and alphanumeric characters - -![](https://www.maketecheasier.com/assets/uploads/2015/07/rundirectiso-md5.png) - -which you can compare against the MD5 checksum provided on the download page. The two should be identical. - -### Setting up GRUB 2 ### - -ISO images contain full systems. All you need to do is direct GRUB2 to the appropriate file, and tell it where it can find the kernel and the initramdisk or initram filesystem (depending on which one your distribution uses). - -In this example, a Kubuntu 15.04 live environment will be set up to run on an Ubuntu 14.04 box as a Grub menu item. It should work for most newer Ubuntu-based systems and derivatives. If you have a different system or want to achieve something else, you can get some ideas on how to do this from one of [these files][1], although it will require a little experience with GRUB. - -In this example the file `kubuntu-15.04-desktop-amd64.iso` - -lives in `/home/maketecheasier/TempISOs/` on `/dev/sda1`. - -To make GRUB2 look for it in the right place, you need to edit the - - /etc/grub.d40-custom - -![](https://www.maketecheasier.com/assets/uploads/2015/07/rundirectiso-40-custom-empty.png) - -To start Kubuntu from the above location, add the following code (after adjusting it to your needs) below the commented section, without modifying the original content. - - menuentry "Kubuntu 15.04 ISO" { - set isofile="/home/maketecheasier/TempISOs/kubuntu-15.04-desktop-amd64.iso" - loopback loop (hd0,1)$isofile - echo "Starting $isofile..." - linux (loop)/casper/vmlinuz.efi boot=casper iso-scan/filename=${isofile} quiet splash - initrd (loop)/casper/initrd.lz - } - -![](https://www.maketecheasier.com/assets/uploads/2015/07/rundirectiso-40-custom-new.png) - -### Breaking down the above code ### - -First set up a variable named `$menuentry`. This is where the ISO file is located. If you want to change to a different ISO, you need to change the bit where it says set `isofile="/path/to/file/name-of-iso-file-.iso"`. - -The next line is where you specify the loopback device; you also need to give it the right partition number. This is the bit where it says - - loopback loop (hd0,1)$isofile - -Note the hd0,1 bit; it is important. This means first HDD, first partition (`/dev/sda1`). - -GRUB’s naming here is slightly confusing. For HDDs, it starts counting from “0”, making the first HDD #0, the second one #1, the third one #2, etc. However, for partitions, it will start counting from 1. First partition is #1, second is #2, etc. There might be a good reason for this but not necessarily a sane one (UX-wise it is a disaster, to be sure).. - -This makes fist disk, first partition, which in Linux would usually look something like `/dev/sda1` become `hd0,1` in GRUB2. The second disk, third partition would be `hd1,3`, and so on. - -The next important line is - - linux (loop)/casper/vmlinuz.efi boot=casper iso-scan/filename=${isofile} quiet splash - -It will load the kernel image. On newer Ubuntu Live CDs, this would be in the `/casper` directory and called `vmlinuz.efi`. If you use a different system, your kernel might be missing the `.efi` extension or be located somewhere else entirely (You can easily check this by opening the ISO file with an archive manager and looking inside `/casper.`). The last options, `quiet splash`, would be your regular GRUB options, if you care to change them. - -Finally - - initrd (loop)/casper/initrd.lz - -will load `initrd`, which is responsible to load a RAMDisk into memory for bootup. - -### Booting into your live system ### - -To make it all work, you will only need to update GRUB2 - - sudo update-grub - -![](https://www.maketecheasier.com/assets/uploads/2015/07/rundirectiso-updare-grub.png) - -When you reboot your system, you should be presented with a new GRUB entry which will allow you to load into the ISO image you’ve just set up. - -![](https://www.maketecheasier.com/assets/uploads/2015/07/rundirectiso-grub-menu.png) - -Selecting the new entry should boot you into the live environment, just like booting from a DVD or USB would. - --------------------------------------------------------------------------------- - -via: https://www.maketecheasier.com/run-iso-files-hdd-grub2/ - -作者:[Attila Orosz][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:https://www.maketecheasier.com/author/attilaorosz/ -[1]:http://git.marmotte.net/git/glim/tree/grub2 \ No newline at end of file diff --git a/sources/tech/20151005 pyinfo() A good looking phpinfo-like python script.md b/sources/tech/20151005 pyinfo() A good looking phpinfo-like python script.md deleted file mode 100644 index f096bc5fc6..0000000000 --- a/sources/tech/20151005 pyinfo() A good looking phpinfo-like python script.md +++ /dev/null @@ -1,40 +0,0 @@ -translation by strugglingyouth -pyinfo() A good looking phpinfo-like python script -================================================================================ -Being a native php guy, I'm used to having phpinfo(), giving me easy access to php.ini settings and loaded modules etc. So ofcourse I wanted to call the not existing pyinfo() function, to no avail. My fingers quickly pressed CTRL-E to google for a implementation of it, someone must've ported it already? - -Yes, someone did. But oh my was it ugly. Preposterous! Since I cannot stand ugly layouts *cough*, I just had to build my own. So I used the code I found and cleaned up the layout to make it better. The official python website isnt that bad layout-wise, so why not steal their colors and background images? Yes that sounds like a plan to me. - -[Gits Here][1] | [Download here][2] | [Example here][3] - -Mind you, I only ran it on a python 2.6.4 server, so anything else is at your own risk (but it should be no problem to port it to any other version). To get it working, just import the file and call pyinfo() while catching the function's return value. Print that on the screen. Huzzah! - -For those who did not get that and are using [mod_wsgi][4], run it using something like this (replace that path ofcourse): -``` -def application(environ, start_response): - import sys - path = 'YOUR_WWW_ROOT_DIRECTORY' - if path not in sys.path: - sys.path.append(path) - from pyinfo import pyinfo - output = pyinfo() - start_response('200 OK', [('Content-type', 'text/html')]) - return [output] -``` ---- - -via:http://bran.name/articles/pyinfo-a-good-looking-phpinfo-like-python-script/ - -作者:[Bran van der Meer][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译, -[Linux中国](https://linux.cn/) 荣誉推出 - - -[a]:http://bran.name/resume/ -[1]:https://gist.github.com/951825#file_pyinfo.py -[2]:http://bran.name/dump/pyinfo.zip -[3]:http://bran.name/dump/pyinfo/index.py -[4]:http://code.google.com/p/modwsgi/ diff --git a/sources/tech/20151007 Fix Shell Script Opens In Text Editor In Ubuntu.md b/sources/tech/20151007 Fix Shell Script Opens In Text Editor In Ubuntu.md deleted file mode 100644 index 95f7bb4ee5..0000000000 --- a/sources/tech/20151007 Fix Shell Script Opens In Text Editor In Ubuntu.md +++ /dev/null @@ -1,39 +0,0 @@ -Fix Shell Script Opens In Text Editor In Ubuntu -================================================================================ -![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/10/Run-Shell-Script-on-Double-Click.jpg) - -When you double click on a shell script (.sh file) what do you expect? The normal expectation would be that it is executed. But this might not be the case in Ubuntu, or I should better say in case of Files (Nautilus). You may go crazy yelling “Run, File, Run”, but the file won’t run and instead it gets opened in Gedit. - -I know that you would say, does the file has execute permission? And I say, yes. The shell script has execute permission but still if I double click on it, it is opened in a text editor. I don’t want it and if you are facing the same issue, I assume that even you don’t want it. - -I know that you would have been advised to run it in the terminal and I know that it would work but that’s not an excuse for the GUI way to not work. Is it? - -In this quick tutorial, we shall see **how to make shell script run by double clicking on it**. - -#### Fix Shell script opens in text editor in Ubuntu #### - -The reason why shell scripts are opening in text editor is the default behavior set in Files (file manager in Ubuntu). In earlier versions, it would ask you if you want to run the file or open for editing. The default behavior has been changed in later versions. - -To fix it, go in file manager and from the top menu and click on **Preference**: - -![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/10/execute-shell-program-ubuntu-1.png) - -Next in **Files preferences**, go to **Behavior** tab and you’ll see the option of “**Executables Text Files**“. - -By default, it would have been set to “View executable text files when they are opened”. I would advise you to change it to “Ask each time” so that you’ll have the choice whether to execute it or edit but of course you can set it by default for execution. Your choice here really. - -![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/10/execute-shell-program-ubuntu-2.png) - -I hope this quick tip helped you to fix this little ‘issue’. Questions and suggestions are always welcomed. - --------------------------------------------------------------------------------- - -via: http://itsfoss.com/shell-script-opens-text-editor/ - -作者:[Abhishek][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 - -[a]:http://itsfoss.com/author/abhishek/ \ No newline at end of file diff --git a/sources/tech/20151007 How To Download Videos Using youtube-dl In Linux.md b/sources/tech/20151007 How To Download Videos Using youtube-dl In Linux.md deleted file mode 100644 index fa7dcbed6c..0000000000 --- a/sources/tech/20151007 How To Download Videos Using youtube-dl In Linux.md +++ /dev/null @@ -1,93 +0,0 @@ -How To Download Videos Using youtube-dl In Linux -================================================================================ -![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/10/Download-YouTube-Videos.jpeg) - -I know you have already seen [how to download YouTube videos][1]. But those tools were mostly GUI ways. I am going to show you how to download YouTube videos via terminal using youtube-dl. - -### [youtube-dl][2] ### - -youtube-dl is a Python based small command-line tool that allows to download videos from YouTube.com, Dailymotion, Google Video, Photobucket, Facebook, Yahoo, Metacafe, Depositfiles and few more similar sites. It written in pygtk and requires Python interpreter to run this program, it’s not platform restricted. It should run on any Unix, Windows or in Mac OS X based systems. - -The youtube-dl tool supports resuming interrupted downloads. If youtube-dl is killed (for example by Ctrl-C or due to loss of Internet connectivity) in the middle of download, you can simply re-run it with the same YouTube video url. It will automatically resume the unfinished download, as long as a partial download is present in the current directory. Which means, you don’t need a [download][3] manager for resuming downloads. - -#### Installing youtube-dl #### - -If you are running Ubuntu based Linux distribution, you can install it using this command: - - sudo apt-get install youtube-dl - -For any Linux distribution, you can quickly install youtube-dl on your system through the command line interface with: - - sudo wget https://yt-dl.org/downloads/latest/youtube-dl -O/usr/local/bin/youtube-dl - -After fetching the file, you need to set a executable permission on the script to execute properly. - - sudo chmod a+rx /usr/local/bin/youtube-dl - -#### Use YouTube-DL to Download Videos: #### - -To download a video file, simply run the following command. Where “VIDEO_URL” is the url of the video that you want to download. - - youtube-dl VIDEO_URL - -#### Download YouTube Videos in Multiple Formats: #### - -These days YouTube videos have different resolutions, you first need to check available video formats of a given YouTube video. For that run youtube-dl with “-F” option. It will show you a list of available formats. - - youtube-dl -F http://www.youtube.com/watch?v=BlXaGWbFVKY - -It’s output will be like: - - Setting language - BlXaGWbFVKY: Downloading video webpage - BlXaGWbFVKY: Downloading video info webpage - BlXaGWbFVKY: Extracting video information - Available formats: - 37 : mp4 [1080×1920] - 46 : webm [1080×1920] - 22 : mp4 [720×1280] - 45 : webm [720×1280] - 35 : flv [480×854] - 44 : webm [480×854] - 34 : flv [360×640] - 18 : mp4 [360×640] - 43 : webm [360×640] - 5 : flv [240×400] - 17 : mp4 [144×176] - -Now among the available video formats, choose one that you like. For example, if you want to download it in MP4 version, you should use: - - youtube-dl -f 17 http://www.youtube.com/watch?v=BlXaGWbFVKY - -#### Download subtitles of videos using youtube-dl #### - -First check if there are subtitles available for the video. To list all subs for a video, use the command beelow: - - youtube-dl --list-subs https://www.youtube.com/watch?v=Ye8mB6VsUHw - -To download all subs, but not the video: - - youtube-dl --all-subs --skip-download https://www.youtube.com/watch?v=Ye8mB6VsUHw - -#### Download entire playlist #### - -To download a playlist, simply run the following command. Where “playlist_url” is the url of the playlist that ou want to download. - - youtube-dl -cit playlist_url - -youtube-dl is a versatile command line tool and provides a number of functionalities. No wonder it is such a popular command line tool. - --------------------------------------------------------------------------------- - -via: http://itsfoss.com/download-youtube-linux/ - -作者:[alimiracle][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 - -[a]:http://itsfoss.com/author/ali/ -[1]:http://itsfoss.com/download-youtube-videos-ubuntu/ -[2]:https://rg3.github.io/youtube-dl/ -[3]:http://itsfoss.com/xtreme-download-manager-install/ \ No newline at end of file diff --git a/sources/tech/20151012 Getting Started to Calico Virtual Private Networking on Docker.md b/sources/tech/20151012 Getting Started to Calico Virtual Private Networking on Docker.md new file mode 100644 index 0000000000..27d60729e9 --- /dev/null +++ b/sources/tech/20151012 Getting Started to Calico Virtual Private Networking on Docker.md @@ -0,0 +1,322 @@ +Getting Started to Calico Virtual Private Networking on Docker +================================================================================ +Calico is a free and open source software for virtual networking in data centers. It is a pure Layer 3 approach to highly scalable datacenter for cloud virtual networking. It seamlessly integrates with cloud orchestration system such as openstack, docker clusters in order to enable secure IP communication between virtual machines and containers. It implements a highly productive vRouter in each node that takes advantage of the existing Linux kernel forwarding engine. Calico works in such an awesome technology that it has the ability to peer directly with the data center’s physical fabric whether L2 or L3, without the NAT, tunnels on/off ramps, or overlays. Calico makes full utilization of docker to run its containers in the nodes which makes it multi-platform and very easy to ship, pack and deploy. Calico has the following salient features out of the box. + +- It can scale tens of thousands of servers and millions of workloads. +- Calico is easy to deploy, operate and diagnose. +- It is open source software licensed under Apache License version 2 and uses open standards. +- It supports container, virtual machines and bare metal workloads. +- It supports both IPv4 and IPv6 internet protocols. +- It is designed internally to support rich, flexible and secure network policy. + +In this tutorial, we'll perform a virtual private networking between two nodes running Calico in them with Docker Technology. Here are some easy steps on how we can do that. + +### 1. Installing etcd ### + +To get started with the calico virtual private networking, we'll need to have a linux machine running etcd. As CoreOS comes preinstalled and preconfigured with etcd, we can use CoreOS but if we want to configure Calico in other linux distributions, then we'll need to setup it in our machine. As we are running Ubuntu 14.04 LTS, we'll need to first install and configure etcd in our machine. To install etcd in our Ubuntu box, we'll need to add the official ppa repository of Calico by running the following command in the machine which we want to run etcd server. Here, we'll be installing etcd in our 1st node. + + # apt-add-repository ppa:project-calico/icehouse + + The primary source of Ubuntu packages for Project Calico based on OpenStack Icehouse, an open source solution for virtual networking in cloud data centers. Find out more at http://www.projectcalico.org/ + More info: https://launchpad.net/~project-calico/+archive/ubuntu/icehouse + Press [ENTER] to continue or ctrl-c to cancel adding it + gpg: keyring `/tmp/tmpi9zcmls1/secring.gpg' created + gpg: keyring `/tmp/tmpi9zcmls1/pubring.gpg' created + gpg: requesting key 3D40A6A7 from hkp server keyserver.ubuntu.com + gpg: /tmp/tmpi9zcmls1/trustdb.gpg: trustdb created + gpg: key 3D40A6A7: public key "Launchpad PPA for Project Calico" imported + gpg: Total number processed: 1 + gpg: imported: 1 (RSA: 1) + OK + +Then, we'll need to edit /etc/apt/preferences and make changes to prefer Calico-provided packages for Nova and Neutron. + + # nano /etc/apt/preferences + +We'll need to add the following lines into it. + + Package: * + Pin: release o=LP-PPA-project-calico-* + Pin-Priority: 100 + +![Calico PPA Config](http://blog.linoxide.com/wp-content/uploads/2015/10/calico-ppa-config.png) + +Next, we'll also need to add the official BIRD PPA for Ubuntu 14.04 LTS so that bugs fixes are installed before its available on the Ubuntu repo. + + # add-apt-repository ppa:cz.nic-labs/bird + + The BIRD Internet Routing Daemon PPA (by upstream & .deb maintainer) + More info: https://launchpad.net/~cz.nic-labs/+archive/ubuntu/bird + Press [ENTER] to continue or ctrl-c to cancel adding it + gpg: keyring `/tmp/tmphxqr5hjf/secring.gpg' created + gpg: keyring `/tmp/tmphxqr5hjf/pubring.gpg' created + gpg: requesting key F9C59A45 from hkp server keyserver.ubuntu.com + apt-ggpg: /tmp/tmphxqr5hjf/trustdb.gpg: trustdb created + gpg: key F9C59A45: public key "Launchpad Datov� schr�nky" imported + gpg: Total number processed: 1 + gpg: imported: 1 (RSA: 1) + OK + +Now, after the PPA jobs are done, we'll now gonna update the local repository index and then install etcd in our machine. + + # apt-get update + +To install etcd in our ubuntu machine, we'll gonna run the following apt command. + + # apt-get install etcd python-etcd + +### 2. Starting Etcd ### + +After the installation is complete, we'll now configure the etcd configuration file. Here, we'll edit **/etc/init/etcd.conf** using a text editor and append the line exec **/usr/bin/etcd** and make it look like below configuration. + + # nano /etc/init/etcd.conf + exec /usr/bin/etcd --name="node1" \ + --advertise-client-urls="http://10.130.65.71:2379,http://10.130.65.71:4001" \ + --listen-client-urls="http://0.0.0.0:2379,http://0.0.0.0:4001" \ + --listen-peer-urls "http://0.0.0.0:2380" \ + --initial-advertise-peer-urls "http://10.130.65.71:2380" \ + --initial-cluster-token $(uuidgen) \ + --initial-cluster "node1=http://10.130.65.71:2380" \ + --initial-cluster-state "new" + +![Configuring ETCD](http://blog.linoxide.com/wp-content/uploads/2015/10/configuring-etcd.png) + +**Note**: In the above configuration, we'll need to replace 10.130.65.71 and node-1 with the private ip address and hostname of your etcd server box. After done with editing, we'll need to save and exit the file. + +We can get the private ip address of our etcd server by running the following command. + + # ifconfig + +![ifconfig](http://blog.linoxide.com/wp-content/uploads/2015/10/ifconfig1.png) + +As our etcd configuration is done, we'll now gonna start our etcd service in our Ubuntu node. To start etcd daemon, we'll gonna run the following command. + + # service etcd start + +After done, we'll have a check if etcd is really running or not. To ensure that, we'll need to run the following command. + + # service etcd status + +### 3. Installing Docker ### + +Next, we'll gonna install Docker in both of our nodes running Ubuntu. To install the latest release of docker, we'll simply need to run the following command. + + # curl -sSL https://get.docker.com/ | sh + +![Docker Engine Installation](http://blog.linoxide.com/wp-content/uploads/2015/10/docker-engine-installation.png) + +After the installation is completed, we'll gonna start the docker daemon in-order to make sure that its running before we move towards Calico. + + # service docker restart + + docker stop/waiting + docker start/running, process 3056 + +### 3. Installing Calico ### + +We'll now install calico in our linux machine in-order to run the calico containers. We'll need to install Calico in every node which we're wanting to connect into the Calico network. To install Calico, we'll need to run the following command under root or sudo permission. + +#### On 1st Node #### + + # wget https://github.com/projectcalico/calico-docker/releases/download/v0.6.0/calicoctl + + --2015-09-28 12:08:59-- https://github.com/projectcalico/calico-docker/releases/download/v0.6.0/calicoctl + Resolving github.com (github.com)... 192.30.252.129 + Connecting to github.com (github.com)|192.30.252.129|:443... connected. + ... + Resolving github-cloud.s3.amazonaws.com (github-cloud.s3.amazonaws.com)... 54.231.9.9 + Connecting to github-cloud.s3.amazonaws.com (github-cloud.s3.amazonaws.com)|54.231.9.9|:443... connected. + HTTP request sent, awaiting response... 200 OK + Length: 6166661 (5.9M) [application/octet-stream] + Saving to: 'calicoctl' + 100%[=========================================>] 6,166,661 1.47MB/s in 6.7s + 2015-09-28 12:09:08 (898 KB/s) - 'calicoctl' saved [6166661/6166661] + + # chmod +x calicoctl + +After done with making it executable, we'll gonna make the binary calicoctl available as the command in any directory. To do so, we'll need to run the following command. + + # mv calicoctl /usr/bin/ + +#### On 2nd Node #### + + # wget https://github.com/projectcalico/calico-docker/releases/download/v0.6.0/calicoctl + + --2015-09-28 12:09:03-- https://github.com/projectcalico/calico-docker/releases/download/v0.6.0/calicoctl + Resolving github.com (github.com)... 192.30.252.131 + Connecting to github.com (github.com)|192.30.252.131|:443... connected. + ... + Resolving github-cloud.s3.amazonaws.com (github-cloud.s3.amazonaws.com)... 54.231.8.113 + Connecting to github-cloud.s3.amazonaws.com (github-cloud.s3.amazonaws.com)|54.231.8.113|:443... connected. + HTTP request sent, awaiting response... 200 OK + Length: 6166661 (5.9M) [application/octet-stream] + Saving to: 'calicoctl' + 100%[=========================================>] 6,166,661 1.47MB/s in 5.9s + 2015-09-28 12:09:11 (1022 KB/s) - 'calicoctl' saved [6166661/6166661] + + # chmod +x calicoctl + +After done with making it executable, we'll gonna make the binary calicoctl available as the command in any directory. To do so, we'll need to run the following command. + + # mv calicoctl /usr/bin/ + +Likewise, we'll need to execute the above commands to install in every other nodes. + +### 4. Starting Calico services ### + +After we have installed calico on each of our nodes, we'll gonna start our Calico services. To start the calico services, we'll need to run the following commands. + +#### On 1st Node #### + + # calicoctl node + + WARNING: Unable to detect the xt_set module. Load with `modprobe xt_set` + WARNING: Unable to detect the ipip module. Load with `modprobe ipip` + No IP provided. Using detected IP: 10.130.61.244 + Pulling Docker image calico/node:v0.6.0 + Calico node is running with id: fa0ca1f26683563fa71d2ccc81d62706e02fac4bbb08f562d45009c720c24a43 + +#### On 2nd Node #### + +Next, we'll gonna export a global variable in order to connect our calico nodes to the same etcd server which is hosted in node1 in our case. To do so, we'll need to run the following command in each of our nodes. + + # export ETCD_AUTHORITY=10.130.61.244:2379 + +Then, we'll gonna run calicoctl container in our every our second node. + + # calicoctl node + + WARNING: Unable to detect the xt_set module. Load with `modprobe xt_set` + WARNING: Unable to detect the ipip module. Load with `modprobe ipip` + No IP provided. Using detected IP: 10.130.61.245 + Pulling Docker image calico/node:v0.6.0 + Calico node is running with id: 70f79c746b28491277e28a8d002db4ab49f76a3e7d42e0aca8287a7178668de4 + +This command should be executed in every nodes in which we want to start our Calico services. The above command start a container in the respective node. To check if the container is running or not, we'll gonna run the following docker command. + + # docker ps + +![Docker Running Containers](http://blog.linoxide.com/wp-content/uploads/2015/10/docker-running-containers.png) + +If we see the output something similar to the output shown below then we can confirm that Calico containers are up and running. + +### 5. Starting Containers ### + +Next, we'll need to start few containers in each of our nodes running Calico services. We'll assign a different name to each of the containers running ubuntu. Here, workload-A, workload-B, etc has been assigned as the unique name for each of the containers. To do so, we'll need to run the following command. + +#### On 1st Node #### + + # docker run --net=none --name workload-A -tid ubuntu + + Unable to find image 'ubuntu:latest' locally + latest: Pulling from library/ubuntu + ... + 91e54dfb1179: Already exists + library/ubuntu:latest: The image you are pulling has been verified. Important: image verification is a tech preview feature and should not be relied on to provide security. + Digest: sha256:73fbe2308f5f5cb6e343425831b8ab44f10bbd77070ecdfbe4081daa4dbe3ed1 + Status: Downloaded newer image for ubuntu:latest + a1ba9105955e9f5b32cbdad531cf6ecd9cab0647d5d3d8b33eca0093605b7a18 + + # docker run --net=none --name workload-B -tid ubuntu + + 89dd3d00f72ac681bddee4b31835c395f14eeb1467300f2b1b9fd3e704c28b7d + +#### On 2nd Node #### + + # docker run --net=none --name workload-C -tid ubuntu + + Unable to find image 'ubuntu:latest' locally + latest: Pulling from library/ubuntu + ... + 91e54dfb1179: Already exists + library/ubuntu:latest: The image you are pulling has been verified. Important: image verification is a tech preview feature and should not be relied on to provide security. + Digest: sha256:73fbe2308f5f5cb6e343425831b8ab44f10bbd77070ecdfbe4081daa4dbe3ed1 + Status: Downloaded newer image for ubuntu:latest + 24e2d5d7d6f3990b534b5643c0e483da5b4620a1ac2a5b921b2ba08ebf754746 + + # docker run --net=none --name workload-D -tid ubuntu + + c6f28d1ab8f7ac1d9ccc48e6e4234972ed790205c9ca4538b506bec4dc533555 + +Similarly, if we have more nodes, we can run ubuntu docker container into it by running the above command with assigning a different container name. + +### 6. Assigning IP addresses ### + +After we have got our docker containers running in each of our hosts, we'll go for adding a networking support to the containers. Now, we'll gonna assign a new ip address to each of the containers using calicoctl. This will add a new network interface to the containers with the assigned ip addresses. To do so, we'll need to run the following commands in the hosts running the containers. + +#### On 1st Node #### + + # calicoctl container add workload-A 192.168.0.1 + # calicoctl container add workload-B 192.168.0.2 + +#### On 2nd Node #### + + # calicoctl container add workload-C 192.168.0.3 + # calicoctl container add workload-D 192.168.0.4 + +### 7. Adding Policy Profiles ### + +After our containers have got networking interfaces and ip address assigned, we'll now need to add policy profiles to enable networking between the containers each other. After adding the profiles, the containers will be able to communicate to each other only if they have the common profiles assigned. That means, if they have different profiles assigned, they won't be able to communicate to eachother. So, before being able to assign. we'll need to first create some new profiles. That can be done in either of the hosts. Here, we'll run the following command in 1st Node. + + # calicoctl profile add A_C + + Created profile A_C + + # calicoctl profile add B_D + + Created profile B_D + +After the profile has been created, we'll simply add our workload to the required profile. Here, in this tutorial, we'll place workload A and workload C in a common profile A_C and workload B and D in a common profile B_D. To do so, we'll run the following command in our hosts. + +#### On 1st Node #### + + # calicoctl container workload-A profile append A_C + # calicoctl container workload-B profile append B_D + +#### On 2nd Node #### + + # calicoctl container workload-C profile append A_C + # calicoctl container workload-D profile append B_D + +### 8. Testing the Network ### + +After we've added a policy profile to each of our containers using Calicoctl, we'll now test whether our networking is working as expected or not. We'll take a node and a workload and try to communicate with the other containers running in same or different nodes. And due to the profile, we should be able to communicate only with the containers having a common profile. So, in this case, workload A should be able to communicate with only C and vice versa whereas workload A shouldn't be able to communicate with B or D. To test the network, we'll gonna ping the containers having common profiles from the 1st host running workload A and B. + +We'll first ping workload-C having ip 192.168.0.3 using workload-A as shown below. + + # docker exec workload-A ping -c 4 192.168.0.3 + +Then, we'll ping workload-D having ip 192.168.0.4 using workload-B as shown below. + + # docker exec workload-B ping -c 4 192.168.0.4 + +![Ping Test Success](http://blog.linoxide.com/wp-content/uploads/2015/10/ping-test-success.png) + +Now, we'll check if we're able to ping the containers having different profiles. We'll now ping workload-D having ip address 192.168.0.4 using workload-A. + + # docker exec workload-A ping -c 4 192.168.0.4 + +After done, we'll try to ping workload-C having ip address 192.168.0.3 using workload-B. + + # docker exec workload-B ping -c 4 192.168.0.3 + +![Ping Test Failed](http://blog.linoxide.com/wp-content/uploads/2015/10/ping-test-failed.png) + +Hence, the workloads having same profiles could ping each other whereas having different profiles couldn't ping to each other. + +### Conclusion ### + +Calico is an awesome project providing an easy way to configure a virtual network using the latest docker technology. It is considered as a great open source solution for virtual networking in cloud data centers. Calico is being experimented by people in different cloud platforms like AWS, DigitalOcean, GCE and more these days. As Calico is currently under experiment, its stable version hasn't been released yet and is still in pre-release. The project consists a well documented documentations, tutorials and manuals in their [official documentation site][2]. + +-------------------------------------------------------------------------------- + +via: http://linoxide.com/linux-how-to/calico-virtual-private-networking-docker/ + +作者:[Arun Pyasi][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://linoxide.com/author/arunp/ +[1]:http://docs.projectcalico.org/ \ No newline at end of file diff --git a/sources/tech/20151012 Remember sed and awk All Linux admins should.md b/sources/tech/20151012 Remember sed and awk All Linux admins should.md new file mode 100644 index 0000000000..67a6641393 --- /dev/null +++ b/sources/tech/20151012 Remember sed and awk All Linux admins should.md @@ -0,0 +1,60 @@ +Remember sed and awk? All Linux admins should +================================================================================ +![](http://images.techhive.com/images/article/2015/03/linux-100573790-primary.idge.jpg) + +Credit: Shutterstock + +**We aren’t doing the next generation of Linux and Unix admins any favors by forgetting init scripts and fundamental tools** + +I happened across a post on Reddit by chance, [asking about textfile manipulation][1]. It was a fairly simple request, similar to those that folks in Unix see nearly every day. In this case, it was how to remove all duplicate lines in a file, keeping one instance of each. This sounds relatively easy, but can get a bit complicated if the source file is sufficiently large and random. + +There are countless answers to this problem. You could write a script in nearly any language to do this, with varying levels of complexity and time investment, which I suspect is what most would do. It might take 20 or 60 minutes depending on skill level, but armed with Perl, Python, or Ruby, you could make quick work of it. + +Or you could use the answer stated in that thread, which warmed my heart: Just use awk. + +That answer is the most concise and simplest solution to the problem by far. It’s one line: + + awk '!seen[$0]++' . + +Let’s take a look at this. + +In this command, there’s a lot of hidden code. Awk is a text processing language, and as such it makes a lot of assumptions. For starters, what you see here is actually the meat of a for loop. Awk assumes you want to loop through every line of the input file, so you don’t need to explicitly state it. Awk also assumes you want to print the postprocessed output, so you don’t need to state that either. Finally, Awk then assumes the loop ends when the last statement finishes, so no need to state it. + +The string seen in this example is the name given to an associative array. $0 is a variable that represents the entirety of the current line of the file. Thus, this command translates to “Evaluate every line in this file, and if you haven’t seen this line before, print it.” Awk does this by adding $0 to the seen array if it doesn’t already exist and incrementing the value so that it will not match the pattern the next time around and, thus, not print. + +Some will see this as elegant, while others may see this as obfuscation. Anyone who uses awk on a daily basis will be in the first group. Awk is designed to do this. You can write multiline programs in awk. You can even write [disturbingly complex functions in awk][2]. But at the end of the day, awk is designed to do text processing, generally within a pipe. Eliminating the extraneous cruft of loop definition is simply a shortcut for a very common use case. If you like, you could write the same thing as the following: + + awk '{ if (!seen[$0]) print $0; seen[$0]++ }’ + +It would lead to the same result. + +Awk is the perfect tool for this job. Nevertheless, I believe many admins -- especially newer admins -- would jump into [Bash][3] or Python to try to accomplish this task, because knowledge of awk and what it can do seems to be fading as time goes on. I think it may be an indicator of things to come, where problems that have been solved for decades suddenly emerge again, based on lack of exposure to the previous solutions. + +The shell, grep, sed, and awk are fundaments of Unix computing. If you’re not completely comfortable with their use, you’re artificially hamstrung because they form the basis of interaction with Unix systems via the CLI and shell scripting. One of the best ways to learn how these tools work is by observing and working with live examples, which every Unix flavor has in spades with their init systems -- or had, in the case of Linux distros that have adopted [systemd][4]. + +Millions of Unix admins learned how shell scripting and Unix tools worked by reading, writing, modifying, and working with init scripts. Init scripts differ greatly from OS to OS, even from distribution to distribution in the case of Linux, but they are all rooted in sh, and they all use core CLI tools like sed, awk, and grep. + +I’ve heard many complaints that init scripts are “ancient” and “difficult,” but in fact, init scripts use the same tools that Unix admins work with every day, and thus provide an excellent way to become more familiar and comfortable with those tools. Saying that init scripts are hard to read or difficult to work with is to admit that you lack fundamental familiarity with the Unix toolset. + +Speaking of things found on Reddit, I also came across this question from a budding Linux sys admin, [asking whether he should bother to learn sysvinit][5]. Most of the answers in the thread are good -- yes, definitely learn sysvinit and systemd. One commenter even notes that init scripts are a great way to learn Bash, and another states that the Fortune 50 company he works for has no plans to move to a systemd-based release. + +But it concerns me that this is a question at all. If we continue down the path of eliminating scripts and roping off core system elements within our operating systems, we will inadvertently make it harder for new admins to learn the fundamental Unix toolset due to the lack of exposure. + +I’m not sure why some want to cover up Unix internals with abstraction after abstraction, but such a path may reduce a generation of Unix admins to hapless button pushers dependent on support contracts. I’m pretty sure that would not be a good development. + +-------------------------------------------------------------------------------- + +via: http://www.infoworld.com/article/2985804/linux/remember-sed-awk-linux-admins-should.html + +作者:[Paul Venezia][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.infoworld.com/author/Paul-Venezia/ +[1]:https://www.reddit.com/r/linuxadmin/comments/3lwyko/how_do_i_remove_every_occurence_of_duplicate_line/ +[2]:http://intro-to-awk.blogspot.com/2008/08/awk-more-complex-examples.html +[3]:http://www.infoworld.com/article/2613338/linux/linux-how-to-script-a-bash-crash-course.html +[4]:http://www.infoworld.com/article/2608798/data-center/systemd--harbinger-of-the-linux-apocalypse.html +[5]:https://www.reddit.com/r/linuxadmin/comments/3ltq2y/when_i_start_learning_about_linux_administration/ diff --git a/sources/tech/20151013 DFileManager--Cover Flow File Manager.md b/sources/tech/20151013 DFileManager--Cover Flow File Manager.md new file mode 100644 index 0000000000..9c96fe9553 --- /dev/null +++ b/sources/tech/20151013 DFileManager--Cover Flow File Manager.md @@ -0,0 +1,63 @@ +DFileManager: Cover Flow File Manager +================================================================================ +A real gem of a file manager absent from the standard Ubuntu repositories but sporting a unique feature. That’s DFileManager in a twitterish statement. + +A tricky question to answer is just how many open source Linux applications are available. Just out of curiosity, you can type at the shell: + + ~$ for f in /var/lib/apt/lists/*Packages; do printf ’%5d %s\n’ $(grep ’^Package: ’ “$f” | wc -l) ${f##*/} done | sort -rn + +On my Ubuntu 15.04 system, it produces the following results: + +![Ubuntu 15.04 Packages](http://www.linuxlinks.com/portal/content/reviews/FileManagers/UbuntuPackages.png) + +As the screenshot above illustrates, there are approximately 39,000 packages in the Universe repository, and around 8,500 packages in the main repository. These numbers sound a lot. But there is a smorgasbord of open source applications, utilities, and libraries that don’t have an Ubuntu team generating a package. And more importantly, there are some real treasures missing from the repositories which can only be discovered by compiling source code. DFileManager is one such utility. It is a Qt based cross-platform file manager which is in an early stage of development. Qt provides single-source portability across all major desktop operating systems. + +In the absence of a binary package, the user needs to compile the code. For some tools, this can be problematic, particularly if the application depends on any obscure libraries, or specific versions which may be incompatible with other software installed on a system. + +### Installation ### + +Fortunately, DFileManager is simple to compile. The installation instructions on the developer’s website provide most of the steps necessary for my creaking Ubuntu box, but a few essential packages were missing (why is it always that way however many libraries clutter up your filesystem?) To prepare my system, download the source code from GitHub and then compile the software, I entered the following commands at the shell: + + ~$ sudo apt-get install qt5-default qt5-qmake libqt5x11extras5-dev + ~$ git clone git://git.code.sf.net/p/dfilemanager/code dfilemanager-code + ~$ cd dfilemananger-code + ~$ mkdir build + ~$ cd build + ~$ cmake ../ -DCMAKE_INSTALL_PREFIX=/usr + ~$ make + ~$ sudo make install + +You can then start the application by typing at the shell: + + ~$ dfm + +Here is a screenshot of DFileManager in action, with the main attraction in full view; the Cover Flow view. This offers the ability to slide through items in the current folder with an attractive feel. It’s ideal for viewing photos. The file manager bears a resemblance to Finder (the default file manager and graphical user interface shell used on all Macintosh operating systems), which may appeal to you. + +![DFileManager in action](http://www.linuxlinks.com/portal/content/reviews/FileManagers/Screenshot-dfm.png) + +### Features: ### + +- 4 views: Icons, Details, Columns, and Cover Flow +- Categorised bookmarks with Places and Devices +- Tabs +- Simple searching and filtering +- Customizable thumbnails for filetypes including multimedia files +- Information bar which can be undocked +- Open folders and files with one click +- Option to queue IO operations +- Remembers some view properties for each folder +- Show hidden files + +DFileManager is not a replacement for KDE’s Dolphin, but do give it a go. It’s a file manager that really helps the user browse files. And don’t forget to give feedback to the developer; that’s a contribution anyone can offer. + +-------------------------------------------------------------------------------- + +via: http://gofk.tumblr.com/post/131014089537/dfilemanager-cover-flow-file-manager-a-real-gem + +作者:[gofk][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://gofk.tumblr.com/ \ No newline at end of file diff --git a/sources/tech/20151104 How to Install Pure-FTPd with TLS on FreeBSD 10.2.md b/sources/tech/20151104 How to Install Pure-FTPd with TLS on FreeBSD 10.2.md new file mode 100644 index 0000000000..3d898340d8 --- /dev/null +++ b/sources/tech/20151104 How to Install Pure-FTPd with TLS on FreeBSD 10.2.md @@ -0,0 +1,154 @@ +How to Install Pure-FTPd with TLS on FreeBSD 10.2 +================================================================================ +FTP or File Transfer Protocol is application layer standard network protocol used to transfer file from the client to the server, after user logged in to the FTP server over the TCP-Network, such as internet. FTP has been round long time ago, much longer then P2P Program, or World Wide Web, and until this day it was a primary method for sharing file with other over the internet and it it remain very popular even today. FTP provide an secure transmission, that protect username, password and encrypt the content with SSL/TLS. + +Pure-FTPd is free FTP Server with strong and focus on the software security. It was great choice for you if you want to provide a fast, secure, lightweight with feature rich FTP Services. Pure-FTPd can be install on variety of Unix-like operating system, include Linux and FreeBSD. Pure-FTPd is created by Frank Dennis in 2001, based on Troll-FTPd, and until now is actively developed by a team led by Dennis. + +In this tutorial we will provide about installation and configuration of "**Pure-FTPd**" with Unix-like operating system FreeBSD 10.2. + +### Step 1 - Update system ### + +The first thing you must do is to install and update the freebsd repository, please connect to your server with SSH and then type command below as sudo/root : + + freebsd-update fetch + freebsd-update install + +### Step 2 - Install Pure-FTPd ### + +You can install Pure-FTPd from the ports method, but in this tutorial we will install from the freebsd repository with "**pkg**" command. So, now let's install : + + pkg install pure-ftpd + +Once installation is finished, please add pure-ftpd to the start at the boot time with sysrc command below : + + sysrc pureftpd_enable=yes + +### Step 3 - Configure Pure-FTPd ### + +Configuration file for Pure-FTPd is located at directory "/usr/local/etc/", please go to the directory and copy the sample configuration for pure-ftpd to "**pure-ftpd.conf**". + + cd /usr/local/etc/ + cp pure-ftpd.conf.sample pure-ftpd.conf + +Now edit the file configuration with nano editor : + + nano -c pure-ftpd.conf + +Note : -c option to show line number on nano. + +Go to line 59 and change the value of "VerboseLog" to "**yes**". This option is allow you as administrator to see the log all command used by the users. + + VerboseLog yes + +And now look at line 126 "PureDB" for virtual-users configuration. Virtual users is a simple mechanism to store a list of users, with their password, name, uid, directory, etc. It's just like /etc/passwd. But it's not /etc/passwd. It's a different file and only for FTP. In this tutorial we will store the list of user to the file "**/usr/local/etc/pureftpd.passwd**" and "**/usr/local/etc/pureftpd.pdb**". Please uncomment that line and change the path for the file to "/usr/local/etc/pureftpd.pdb". + + PureDB /usr/local/etc/pureftpd.pdb + +Next, uncomment on the line 336 "**CreateHomeDir**", this option make you easy to add the virtual users, allow automatically create home directories if they are missing. + + CreateHomeDir yes + +Save and exit. + +Next, start pure-ftpd with service command : + + service pure-ftpd start + +### Step 4 - Adding New Users ### + +At this step FTP server is started without error, but you can not log in to the FTP Server, because the default configuration of pure-ftpd is disabled for anonymous users. We need to create new users with home directory, and then give it the password for login. + +On thing you must do befere you add new user to pure-ftpd virtual-user is to create a system user for this, lets create new system user "**vftp**" and the default group is same as username, with home directory "**/home/vftp/**". + + pw useradd vftp -s /sbin/nologin -w no -d /home/vftp \ + -c "Virtual User Pure-FTPd" -m + +Now you can add the new user for the FTP Server with "**pure-pw**" command. For an example here, we will create new user named "**akari**", so please see command below : + + pure-pw useradd akari -u vftp -g vftp -d /home/vftp/akari + Password: TYPE YOUR PASSWORD + +that command will create user "**akari**" and the data stored at the file "**/usr/local/etc/pureftpd.passwd**", not at /etc/passwd file, so this means is that you can easily create FTP-only accounts without messing up your system accounts. + +Next, you must generate the PureDB user database with this command : + + pure-pw mkdb + +Now restart the pure-ftpd services and try connect with user "akari" : + + service pure-ftpd restart + +Trying to connect with user akari : + + ftp SERVERIP + +![FTP Connect user akari](http://blog.linoxide.com/wp-content/uploads/2015/10/FTP-Connect-user-akari.png) + +**NOTE :** + +If you want to add new user again, you can use "**pure-pw**" command. And if you want to delete the current user, you can use this : + + pure-pw userdel useryouwanttodelete + pure-pw mkdb + +### Step 5 - Add SSL/TLS to Pure-FTPd ### + +Pure-FTPd supports encryption using TLS security mechanisms. To support for TLS/SSL, make sure the OpenSSL library is already installed on your freebsd system. + +Now you must generate new "**self-signed certificate**" on the directory "**/etc/ssl/private**". Before you generate the certificate, please create new directory there called "private". + + cd /etc/ssl/ + mkdir private + cd private/ + +Now generate "self-signed certificate" with openssl command below : + + openssl req -x509 -nodes -newkey rsa:2048 -sha256 -keyout \ + /etc/ssl/private/pure-ftpd.pem \ + -out /etc/ssl/private/pure-ftpd.pem + +FILL ALL WITH YOUR PERSONAL INFO. + +![Generate Certificate pem](http://blog.linoxide.com/wp-content/uploads/2015/10/Generate-Certificate-pem.png) + +Next, change the certificate permission : + + chmod 600 /etc/ssl/private/*.pem + +Once the certifcate is generated, Edit the pure-ftpd configuration file : + + nano -c /usr/local/etc/pure-ftpd.conf + +Uncomment on line **423** to enable the TLS : + + TLS 1 + +And line **439** for the certificate file path : + + CertFile /etc/ssl/private/pure-ftpd.pem + +Save and exit, then restart the pure-ftpd services : + + service pure-ftpd restart + +Now let's test the Pure-FTPd that work with TLS/SSL. I'm here use "**FileZilla**" to connect to the FTP Server, and use user "**akari**" that have been created. + +![Pure-FTPd with TLS SUpport](http://blog.linoxide.com/wp-content/uploads/2015/10/Pure-FTPd-with-TLS-SUpport.png) + +Pure-FTPd with TLS on FreeBSD 10.2 successfully. + +### Conclusion ### + +FTP or File Transfer Protocol is standart protocol used to transfer file between users and the server. One of the best, lightweight and secure FTP Server Software is Pure-FTPd. It is secure and support for TLS/SSL encryption mechanism. Pure-FTPd is easy to to install and configure, you can manage the user with virtual user support, and it is make you as sysadmin is easy to manage the user if you have a much user ftp server. + +-------------------------------------------------------------------------------- + +via: http://linoxide.com/linux-how-to/install-pure-ftpd-tls-freebsd-10-2/ + +作者:[Arul][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://linoxide.com/author/arulm/ \ No newline at end of file diff --git a/sources/tech/20151104 How to Setup Pfsense Firewall and Basic Configuration.md b/sources/tech/20151104 How to Setup Pfsense Firewall and Basic Configuration.md new file mode 100644 index 0000000000..821937390a --- /dev/null +++ b/sources/tech/20151104 How to Setup Pfsense Firewall and Basic Configuration.md @@ -0,0 +1,266 @@ +How to Setup Pfsense Firewall and Basic Configuration +================================================================================ +In this article our focus is Pfsense setup, basic configuration and overview of features available in the security distribution of FreeBSD. In this tutorial we will run network wizard for basic setting of firewall and detailed overview of services. After the [installation process][1] following snapshot shows the IP addresses of WAN/LAN and different options for the management of Pfsense firewall. + +![options](http://blog.linoxide.com/wp-content/uploads/2015/08/options.png) + +After setup , following window appear which shows the url for configuration of Pfsense. + +![URL for gui](http://blog.linoxide.com/wp-content/uploads/2015/08/login_pfsense.png) + +Open above given URL in the browser and login with username **admin** and password **pfsense** + +![login_username_password](http://blog.linoxide.com/wp-content/uploads/2015/08/login_username_password.png) + +After successful login, following wizard appears for the basic setting of Pfsense firewall. However setup wizard option can be bypassed and user can run it from the **System** menu from the web interface. + +Click on the **Next** button to start basic configuration process on Pfsense firewall. + +![wizard_start](http://blog.linoxide.com/wp-content/uploads/2015/08/wizard_start.png) + +Setting hostname, domain and DNS addresses is shown in the following figure. + +![basic_setting_wizard](http://blog.linoxide.com/wp-content/uploads/2015/08/basic_setting_wizard.png) + +Setting time zone is shown in the below given snapshot. + +![time_setting](http://blog.linoxide.com/wp-content/uploads/2015/08/time_setting.png) + +Next window shows setting for the WAN interface. By defaults Pfsense firewall block bogus and private networks. + +![wan setting](http://blog.linoxide.com/wp-content/uploads/2015/08/wan-setting.png) + +Setting LAN IP address which is used to access the Pfsense web interface for further configuration. + +![lan setting](http://blog.linoxide.com/wp-content/uploads/2015/08/lan-setting.png) + +By default password for web interface is "pfsense". Enter new password for admin user on the following window to access the web interface for further configuration. + +![password](http://blog.linoxide.com/wp-content/uploads/2015/08/password.png) + +Click on the "reload" button which is shown below. It applies the setting and redirect firewall user to main dashboard of Pfsense. + +![)reload](http://blog.linoxide.com/wp-content/uploads/2015/08/reload.png + +As shown in the following snapshot, Pfsense dashboard shows system information (such as cpu details, os version, dns detail, memory consumption) and status of ethernet/wireless interfaces etc. + +![dashboard](http://blog.linoxide.com/wp-content/uploads/2015/08/dashboard1.png) + +### Menu detail ### + +PFsense consist of System, interfaces, firewall,services,vpn,status,diagnostics and help menus. + +![all menu](http://blog.linoxide.com/wp-content/uploads/2015/10/all-menu.png) + +### System Menu ### + +Sub menus of **System** is given below. + +![system menu](http://blog.linoxide.com/wp-content/uploads/2015/08/system-menu.png) + +In the **Advanced** sub menu user can perform following operations. + +1. Configuration of web interface +1. Firewall/Nat setting +1. Networking setting +1. System tuneables setting +1. Notification setting + +![advanced-systemmenu](http://blog.linoxide.com/wp-content/uploads/2015/10/advanced-systemmenu.png) + +In the **Cert manager** sub menu, firewall administrator generates certificates for CA and users. + +![cert-manager-systemmenu](http://blog.linoxide.com/wp-content/uploads/2015/10/cert-manager-systemmenu.png) + +In the **Firmware** sub menu, user can update Pfsense firmware manually/automatically. User can take full backup of Pfsense configurations. + +![firmware-systemmenu](http://blog.linoxide.com/wp-content/uploads/2015/10/firmware-systemmenu.png) + +In the **General Setup** sub menu, user can change basic setting such as hostname and domain etc. + +![general setup-systemmenu](http://blog.linoxide.com/wp-content/uploads/2015/10/general-setup-systemmenu.png) + +As menu title indicates, user can enable/disable high availability feature from this sub menu. + +![highavail-systemmenu](http://blog.linoxide.com/wp-content/uploads/2015/10/highavail-systemmenu.png) + +Packages sub menu provides package manager facility in the web interface for Pfsense . + +![packages-system menu](http://blog.linoxide.com/wp-content/uploads/2015/10/packages-systemmenu.png) + +User can perform gateway and route management using **Routing** sub menu. + +![routing-system menu](http://blog.linoxide.com/wp-content/uploads/2015/10/routing-systemmenu.png) + +**Setup Wizard** sub menu opens following window which start basic configuration of Pfsense. + +![wizard_start](http://blog.linoxide.com/wp-content/uploads/2015/10/wizard_start.png) + +Management of user can be done from the **User manager** sub menu. + +![usermanager-system](http://blog.linoxide.com/wp-content/uploads/2015/10/usermanager-system.png) + +### Interfaces Menu ### + +This menu is used for the assignment of interfaces (LAN/WAN), VLAN setting,wireless and GRE configuration etc. + +![Interfaces setting](http://blog.linoxide.com/wp-content/uploads/2015/10/interfaces-setting.png) + +### Firewall Menu ### + +Firewall is the main and core part of Pfsense distribution and it provides following features. + +![firewall-menu](http://blog.linoxide.com/wp-content/uploads/2015/10/firewall-systemmenu.png) + +**Aliases** + +Aliases are defined for real hosts, networks or ports and they can be used to minimize the number of changes. + +![firewall-aliases](http://blog.linoxide.com/wp-content/uploads/2015/10/firewall-aliases.png) + +**NAT (Network Address Translation)** + +NAT binds a specific internal address to a specific external address. Incoming traffic from the Internet to the specified IP will be directed toward the associated internal IP. + +![firewall-nat](http://blog.linoxide.com/wp-content/uploads/2015/10/firewall-nat.png) + +**Firewall Rules** + +Firewall rules control what traffic is allowed to enter an interface on the firewall. After traffic is passed on the interface, it enters an entry in the state table is created. + +![firewall-rules](http://blog.linoxide.com/wp-content/uploads/2015/10/firewall-rules.png) + +**Schedules** + +Firewall rules can be scheduled so that they are only active at certain times of day or on certain specific days or days of the week. + +![firewall-schedules](http://blog.linoxide.com/wp-content/uploads/2015/10/firewall-schedules.png) + +**Traffic Shaper** + +Traffic shaping is the control of computer network traffic in order to optimize performance and lower latency. + +![firewall-traffic shapper](http://blog.linoxide.com/wp-content/uploads/2015/10/firewall-traffic-shapper.png) + +**Virtual IPs** + +Virtual IPs add knowledge of additional IP addresses to the firewall that are different from the firewall's real interface addresses. + +![firewall-virtualipaddresses](http://blog.linoxide.com/wp-content/uploads/2015/10/services-menu.png) + +### Services Menu ### + +Services menu shows services which are provided by the Pfsense distribution along firewall. + +![services-menu](http://blog.linoxide.com/wp-content/uploads/2015/10/services-menu.png) + +New program/software installed for some specific service is also shown in this menu such as snort. By default following services are listed in services menu. + +**Captive portal** + +The captive portal functionality in Pfsense allows securing a network by requiring a username and password entered on a portal page. + +![services-captive portal](http://blog.linoxide.com/wp-content/uploads/2015/10/services-captive-portal.png) + +**DHCP Relay** + +The DHCP Relay daemon will relay DHCP requests between broadcast domains for IPv4 DHCP. + +![services-dhcp relay](http://blog.linoxide.com/wp-content/uploads/2015/10/services-dhcp-relay.png) + +**DHCP Server** + +User can run DHCP service on the firewall for the network devices. + +![services-dhcp server](http://blog.linoxide.com/wp-content/uploads/2015/10/services-dhcp-server.png) + +**DNS Forwarder/Resolver/Dynamic DNS** + +DNS different services can be configured on the Pfsense firewall. + +![services-dynamic dns client](http://blog.linoxide.com/wp-content/uploads/2015/10/services-dynamic-dns-client.png) + +![services-dns resolver](http://blog.linoxide.com/wp-content/uploads/2015/10/services-dns-resolver.png) + +![services-dns forwarder](http://blog.linoxide.com/wp-content/uploads/2015/10/services-dns-forwarder.png) + +**IGMP Proxy** + +User can configure IGMP on the Pfsense firewall from services menu. + +![services igmp](http://blog.linoxide.com/wp-content/uploads/2015/10/services-igmp.png) + +**Load Balancer** + +Load Balancing is one of the important feature which is also supported by the Pfsense firewall. + +![services load balancer](http://blog.linoxide.com/wp-content/uploads/2015/10/services-load-balancer.png) + +**SNMP (Simple Network Management Protocol)** + +Pfsense supports all versions of snmp for remote management of firewall. + +![services snmp](http://blog.linoxide.com/wp-content/uploads/2015/10/services-snmp.png) + +**Wake on Lan** + +Using this feature packet sent to a workstation on a locally connected network which will power on a workstation. + +![services-wake on lan](http://blog.linoxide.com/wp-content/uploads/2015/10/services-wake-on-lan.png) + +### VPN Menu ### + +It is one of the most important feature of Pfsense. Its supports following types of vpn configuration. + +**VPN IPsec** + +IPsec is a standard for providing security to IP protocols via encryption and/or authentication. + +![vpn-ipsec](http://blog.linoxide.com/wp-content/uploads/2015/10/vpn-ipsec.png) + +**L2TP IPsec** + +L2TP/IPsec is a common VPN type that wraps L2TP, an insecure tunneling protocol, inside a secure channel built using transport mode IPsec. + +![vpn- l2tp](http://blog.linoxide.com/wp-content/uploads/2015/10/vpn-l2tp.png) + +**OpenVPN** + +OpenVPN is an Open Source VPN server and client that is supported on pfSense. + +![vpn openvpn](http://blog.linoxide.com/wp-content/uploads/2015/10/vpn-openvpn.png) + +**Status Menu** + +It shows the status of services provided by Pfsense such as dhcp server, ipsec and load balancer etc. + +![status-menu](http://blog.linoxide.com/wp-content/uploads/2015/10/status-menu.png) + +**Diagnostic Menu** + +This menu helps administrator/user for the rectification of Pfsense issues or problems. + +![diagnosics menu](http://blog.linoxide.com/wp-content/uploads/2015/10/diagnosics-menu.png) + +**Help Menu** + +This menu provides links for different useful resources such as FreeBSD handbook,developer wiki, paid support and pfsense book. + +![help menu](http://blog.linoxide.com/wp-content/uploads/2015/10/help-menu.png) + +### Conclusion ### + +In this article our focus was on the basic configuration and features set of Pfsense distribution. It is based on FreeBSD distribution and widely used due to security and stability features. In our future articles on Pfsense, our focus will be on the basic firewall rules setting, snort (IDS/IPS) and IPSEC VPN configuration. + +-------------------------------------------------------------------------------- + +via: http://linoxide.com/firewall/pfsense-setup-basic-configuration/ + +作者:[nido][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://linoxide.com/author/naveeda/ +[1]:http://linoxide.com/firewall/install-pfsense-firewall/ \ No newline at end of file diff --git a/sources/tech/20151105 Linux FAQs with Answers--How to install Ubuntu desktop behind a proxy.md b/sources/tech/20151105 Linux FAQs with Answers--How to install Ubuntu desktop behind a proxy.md new file mode 100644 index 0000000000..7ceced012d --- /dev/null +++ b/sources/tech/20151105 Linux FAQs with Answers--How to install Ubuntu desktop behind a proxy.md @@ -0,0 +1,62 @@ +translation by strugglingyouth +Linux FAQs with Answers--How to install Ubuntu desktop behind a proxy +================================================================================ +> **Question**: My computer is connected to a corporate network sitting behind an HTTP proxy. When I try to install Ubuntu desktop on the computer from a CD-ROM drive, the installation hangs and never finishes while trying to retrieve files, which is presumably due to the proxy. However, the problem is that Ubuntu installer never asks me to configure proxy during installation procedure. Then how can I install Ubuntu desktop behind a proxy? + +Unlike Ubuntu server, installation of Ubuntu desktop is pretty much auto-pilot, not leaving much room for customization, such as custom disk partitioning, manual network settings, package selection, etc. While such simple, one-shot installation is considered user-friendly, it leaves much to be desired for those users looking for "advanced installation mode" to customize their Ubuntu desktop installation. + +In addition, one big problem of the default Ubuntu desktop installer is the absense of proxy settings. If your computer is connected behind a proxy, you will notice that Ubuntu installation gets stuck while preparing to download files. + +![](https://c2.staticflickr.com/6/5683/22195372232_cea81a5e45_c.jpg) + +This post describes how to get around the limitation of Ubuntu **installer and install Ubuntu desktop when you are behind a proxy**. + +The basic idea is as follows. Instead of starting with Ubuntu installer directly, boot into live Ubuntu desktop first, configure proxy settings, and finally launch Ubuntu installer manually from live desktop. The following is the step by step procedure. + +After booting from Ubuntu desktop CD/DVD or USB, click on "Try Ubuntu" on the first welcome screen. + +![](https://c1.staticflickr.com/1/586/22195371892_3816ba09c3_c.jpg) + +Once you boot into live Ubuntu desktop, click on Settings icon in the left. + +![](https://c1.staticflickr.com/1/723/22020327738_058610c19d_c.jpg) + +Go to Network menu. + +![](https://c2.staticflickr.com/6/5675/22021212239_ba3901c8bf_c.jpg) + +Configure proxy settings manually. + +![](https://c1.staticflickr.com/1/735/22020025040_59415e0b9a_c.jpg) + +Next, open a terminal. + +![](https://c2.staticflickr.com/6/5642/21587084823_357b5c48cb_c.jpg) + +Enter a root session by typing the following: + + $ sudo su + +Finally, type the following command as the root. + + # ubiquity gtk_ui + +This will launch GUI-based Ubuntu installer as follows. + +![](https://c1.staticflickr.com/1/723/22020025090_cc64848b6c_c.jpg) + +Proceed with the rest of installation. + +![](https://c1.staticflickr.com/1/628/21585344214_447020e9d6_c.jpg) + +-------------------------------------------------------------------------------- + +via: http://ask.xmodulo.com/install-ubuntu-desktop-behind-proxy.html + +作者:[Dan Nanni][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://ask.xmodulo.com/author/nanni diff --git a/sources/tech/20151109 How to Configure Tripwire IDS on Debian.md b/sources/tech/20151109 How to Configure Tripwire IDS on Debian.md new file mode 100644 index 0000000000..11e7dbad60 --- /dev/null +++ b/sources/tech/20151109 How to Configure Tripwire IDS on Debian.md @@ -0,0 +1,380 @@ +正在翻译:zky001 +How to Configure Tripwire IDS on Debian +================================================================================ +This article is about Tripwire installation and configuration on Debian OS. It is a host based Intrusion detection system (IDS) for Linux environment. Prime function of tripwire IDS is to detect and report any unauthorized change (files and directories ) on linux system. After tripwire installation, baseline database created first, tripwire monitors and detects changes such as new file addition/creation, file modification and user who changed it etc. If the changes are legitimate, you can accept the changes to update tripwire database. + +### Installation and Configuration ### + +Tripwire installation on Debian VM is shown below. + + # apt-get install tripwire + +![installation](http://blog.linoxide.com/wp-content/uploads/2015/11/installation.png) + +During installation, tripwire prompt for following configuration. + +#### Site key Creation #### + +Tripwire required a site passphrase to secure the tw.cfg tripwire configuration file and tw.pol tripwire policy file. Tripewire encrypte both files using given passphrase. Site passphrase is must even for a single instance tripwire. + +![site key1](http://blog.linoxide.com/wp-content/uploads/2015/11/site-key1.png) + +#### Local Key passphrase #### + +Local passphrase is needed for the protection of tripwire database and report files . Local key used by the tripwire to avoid unauthorized modification of tripwire baseline database. + +![local key1](http://blog.linoxide.com/wp-content/uploads/2015/11/local-key1.png) + +#### Tripwire configuration path #### + +Tripwire configuration saved in the /etc/tripwire/twcfg.txt file. It is used to generate encrypted configuration file tw.cfg. + +![configuration file](http://blog.linoxide.com/wp-content/uploads/2015/11/configuration-file.png) + +**Tripwire Policy path** + +Tripwire saves policies in /etc/tripwire/twpol.txt file . It is used for the generation of encrypted policy file tw.pol used by the tripwire. + +![tripwire policy](http://blog.linoxide.com/wp-content/uploads/2015/11/tripwire-policy.png) + +Final installation of tripwire is shown in the following snapshot. + +![installed tripewire1](http://blog.linoxide.com/wp-content/uploads/2015/11/installed-tripewire1.png) + +#### Tripwire Configuration file (twcfg.txt) #### + +Tripwire configuration file (twcfg.txt) details is given below. Paths of encrypted policy file (tw.pol), site key (site.key) and local key (hostname-local.key) etc are given below. + + ROOT =/usr/sbin + + POLFILE =/etc/tripwire/tw.pol + + DBFILE =/var/lib/tripwire/$(HOSTNAME).twd + + REPORTFILE =/var/lib/tripwire/report/$(HOSTNAME)-$(DATE).twr + + SITEKEYFILE =/etc/tripwire/site.key + + LOCALKEYFILE =/etc/tripwire/$(HOSTNAME)-local.key + + EDITOR =/usr/bin/editor + + LATEPROMPTING =false + + LOOSEDIRECTORYCHECKING =false + + MAILNOVIOLATIONS =true + + EMAILREPORTLEVEL =3 + + REPORTLEVEL =3 + + SYSLOGREPORTING =true + + MAILMETHOD =SMTP + + SMTPHOST =localhost + + SMTPPORT =25 + + TEMPDIRECTORY =/tmp + +#### Tripwire Policy Configuration #### + +Configure tripwire configuration before generation of baseline database. It is necessary to disable few policies such as /dev , /proc ,/root/mail etc. Detailed policy file twpol.txt is given below. + + @@section GLOBAL + TWBIN = /usr/sbin; + TWETC = /etc/tripwire; + TWVAR = /var/lib/tripwire; + + # + # File System Definitions + # + @@section FS + + # + # First, some variables to make configuration easier + # + SEC_CRIT = $(IgnoreNone)-SHa ; # Critical files that cannot change + + SEC_BIN = $(ReadOnly) ; # Binaries that should not change + + SEC_CONFIG = $(Dynamic) ; # Config files that are changed + # infrequently but accessed + # often + + SEC_LOG = $(Growing) ; # Files that grow, but that + # should never change ownership + + SEC_INVARIANT = +tpug ; # Directories that should never + # change permission or ownership + + SIG_LOW = 33 ; # Non-critical files that are of + # minimal security impact + + SIG_MED = 66 ; # Non-critical files that are of + # significant security impact + + SIG_HI = 100 ; # Critical files that are + # significant points of + # vulnerability + + # + # Tripwire Binaries + # + ( + rulename = "Tripwire Binaries", + severity = $(SIG_HI) + ) + { + $(TWBIN)/siggen -> $(SEC_BIN) ; + $(TWBIN)/tripwire -> $(SEC_BIN) ; + $(TWBIN)/twadmin -> $(SEC_BIN) ; + $(TWBIN)/twprint -> $(SEC_BIN) ; + } + { + /boot -> $(SEC_CRIT) ; + /lib/modules -> $(SEC_CRIT) ; + } + + ( + rulename = "Boot Scripts", + severity = $(SIG_HI) + ) + { + /etc/init.d -> $(SEC_BIN) ; + #/etc/rc.boot -> $(SEC_BIN) ; + /etc/rcS.d -> $(SEC_BIN) ; + /etc/rc0.d -> $(SEC_BIN) ; + /etc/rc1.d -> $(SEC_BIN) ; + /etc/rc2.d -> $(SEC_BIN) ; + /etc/rc3.d -> $(SEC_BIN) ; + /etc/rc4.d -> $(SEC_BIN) ; + /etc/rc5.d -> $(SEC_BIN) ; + /etc/rc6.d -> $(SEC_BIN) ; + } + + ( + rulename = "Root file-system executables", + severity = $(SIG_HI) + ) + { + /bin -> $(SEC_BIN) ; + /sbin -> $(SEC_BIN) ; + } + + # + # Critical Libraries + # + ( + rulename = "Root file-system libraries", + severity = $(SIG_HI) + ) + { + /lib -> $(SEC_BIN) ; + } + + # + # Login and Privilege Raising Programs + # + ( + rulename = "Security Control", + severity = $(SIG_MED) + ) + { + /etc/passwd -> $(SEC_CONFIG) ; + /etc/shadow -> $(SEC_CONFIG) ; + } + { + #/var/lock -> $(SEC_CONFIG) ; + #/var/run -> $(SEC_CONFIG) ; # daemon PIDs + /var/log -> $(SEC_CONFIG) ; + } + + # These files change the behavior of the root account + ( + rulename = "Root config files", + severity = 100 + ) + { + /root -> $(SEC_CRIT) ; # Catch all additions to /root + #/root/mail -> $(SEC_CONFIG) ; + #/root/Mail -> $(SEC_CONFIG) ; + /root/.xsession-errors -> $(SEC_CONFIG) ; + #/root/.xauth -> $(SEC_CONFIG) ; + #/root/.tcshrc -> $(SEC_CONFIG) ; + #/root/.sawfish -> $(SEC_CONFIG) ; + #/root/.pinerc -> $(SEC_CONFIG) ; + #/root/.mc -> $(SEC_CONFIG) ; + #/root/.gnome_private -> $(SEC_CONFIG) ; + #/root/.gnome-desktop -> $(SEC_CONFIG) ; + #/root/.gnome -> $(SEC_CONFIG) ; + #/root/.esd_auth -> $(SEC_CONFIG) ; + # /root/.elm -> $(SEC_CONFIG) ; + #/root/.cshrc -> $(SEC_CONFIG) ; + #/root/.bashrc -> $(SEC_CONFIG) ; + #/root/.bash_profile -> $(SEC_CONFIG) ; + # /root/.bash_logout -> $(SEC_CONFIG) ; + #/root/.bash_history -> $(SEC_CONFIG) ; + #/root/.amandahosts -> $(SEC_CONFIG) ; + #/root/.addressbook.lu -> $(SEC_CONFIG) ; + #/root/.addressbook -> $(SEC_CONFIG) ; + #/root/.Xresources -> $(SEC_CONFIG) ; + #/root/.Xauthority -> $(SEC_CONFIG) -i ; # Changes Inode number on login + /root/.ICEauthority -> $(SEC_CONFIG) ; + } + + # + # Critical devices + # + ( + rulename = "Devices & Kernel information", + severity = $(SIG_HI), + ) + { + #/dev -> $(Device) ; + #/proc -> $(Device) ; + } + +#### Tripwire Report #### + +**tripwire –check** command checks the twpol.txt file and based on this file generates tripwire report which is shown below. If this is any error in the twpol.txt file, tripwire does not generate report. + +![tripwire report](http://blog.linoxide.com/wp-content/uploads/2015/11/tripwire-report.png) + +**Report in text form** + + root@VMdebian:/home/labadmin# tripwire --check + + Parsing policy file: /etc/tripwire/tw.pol + + *** Processing Unix File System *** + + Performing integrity check... + + Wrote report file: /var/lib/tripwire/report/VMdebian-20151024-122322.twr + + Open Source Tripwire(R) 2.4.2.2 Integrity Check Report + + Report generated by: root + + Report created on: Sat Oct 24 12:23:22 2015 + + Database last updated on: Never + + Report Summary: + + ========================================================= + + Host name: VMdebian + + Host IP address: 127.0.1.1 + + Host ID: None + + Policy file used: /etc/tripwire/tw.pol + + Configuration file used: /etc/tripwire/tw.cfg + + Database file used: /var/lib/tripwire/VMdebian.twd + + Command line used: tripwire --check + + ========================================================= + + Rule Summary: + + ========================================================= + + ------------------------------------------------------------------------------- + + Section: Unix File System + + ------------------------------------------------------------------------------- + + Rule Name Severity Level Added Removed Modified + + --------- -------------- ----- ------- -------- + + Other binaries 66 0 0 0 + + Tripwire Binaries 100 0 0 0 + + Other libraries 66 0 0 0 + + Root file-system executables 100 0 0 0 + + Tripwire Data Files 100 0 0 0 + + System boot changes 100 0 0 0 + + (/var/log) + + Root file-system libraries 100 0 0 0 + + (/lib) + + Critical system boot files 100 0 0 0 + + Other configuration files 66 0 0 0 + + (/etc) + + Boot Scripts 100 0 0 0 + + Security Control 66 0 0 0 + + Root config files 100 0 0 0 + + Invariant Directories 66 0 0 0 + + Total objects scanned: 25943 + + Total violations found: 0 + + =========================Object Summary:================================ + + ------------------------------------------------------------------------------- + + # Section: Unix File System + + ------------------------------------------------------------------------------- + + No violations. + + ===========================Error Report:===================================== + + No Errors + + ------------------------------------------------------------------------------- + + *** End of report *** + + Open Source Tripwire 2.4 Portions copyright 2000 Tripwire, Inc. Tripwire is a registered + + trademark of Tripwire, Inc. This software comes with ABSOLUTELY NO WARRANTY; + + for details use --version. This is free software which may be redistributed + + or modified only under certain conditions; see COPYING for details. + + All rights reserved. + + Integrity check complete. + +### Conclusion ### + +In this article, we learned installation and basic configuration of open source IDS tool Tripwire. First it generates baseline database and detects any change (file/folder) by comparing it with already generated baseline. However, tripwire is not live monitoring IDS. + +-------------------------------------------------------------------------------- + +via: http://linoxide.com/security/configure-tripwire-ids-debian/ + +作者:[nido][a] +译者:[译者zky001](https://github.com/zky001) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://linoxide.com/author/naveeda/ diff --git a/sources/tech/20151109 How to send email notifications using Gmail SMTP server on Linux.md b/sources/tech/20151109 How to send email notifications using Gmail SMTP server on Linux.md new file mode 100644 index 0000000000..5ffcb5aea8 --- /dev/null +++ b/sources/tech/20151109 How to send email notifications using Gmail SMTP server on Linux.md @@ -0,0 +1,156 @@ +How to send email notifications using Gmail SMTP server on Linux +================================================================================ +Suppose you want to configure a Linux app to send out email messages from your server or desktop. The email messages can be part of email newsletters, status updates (e.g., [Cachet][1]), monitoring alerts (e.g., [Monit][2]), disk events (e.g., [RAID mdadm][3]), and so on. While you can set up your [own outgoing mail server][4] to deliver messages, you can alternatively rely on a freely available public SMTP server as a maintenance-free option. + +One of the most reliable **free SMTP servers** is from Google's Gmail service. All you have to do to send email notifications within your app is to add Gmail's SMTP server address and your credentials to the app, and you are good to go. + +One catch with using Gmail's SMTP server is that there are various restrictions in place, mainly to combat spammers and email marketers who often abuse the server. For example, you can send messages to no more than 100 addresses at once, and no more than 500 recipients per day. Also, if you don't want to be flagged as a spammer, you cannot send a large number of undeliverable messages. When any of these limitations is reached, your Gmail account will temporarily be locked out for a day. In short, Gmail's SMTP server is perfectly fine for your personal use, but not meant for commercial bulk emails. + +With that being said, let me demonstrate **how to use Gmail's SMTP server in Linux environment**. + +### Google Gmail SMTP Server Setting ### + +If you want to send emails from your app using Gmail's SMTP server, remember the following details. + +- **Outgoing mail server (SMTP server)**: smtp.gmail.com +- **Use authentication**: yes +- **Use secure connection**: yes +- **Username**: your Gmail account ID (e.g., "alice" if your email is alice@gmail.com) +- **Password**: your Gmail password +- **Port**: 587 + +Exact configuration syntax may vary depending on apps. In the rest of this tutorial, I will show you several useful examples of using Gmail SMTP server in Linux. + +### Send Emails from the Command Line ### + +As the first example, let's try the most basic email functionality: send an email from the command line using Gmail SMTP server. For this, I am going to use a command-line email client called mutt. + +First, install mutt: + +For Debian-based system: + + $ sudo apt-get install mutt + +For Red Hat based system: + + $ sudo yum install mutt + +Create a mutt configuration file (~/.muttrc) and specify in the file Gmail SMTP server information as follows. Replace with your own Gmail ID. Note that this configuration is for sending emails only (not receiving emails). + + $ vi ~/.muttrc + +---------- + + set from = "@gmail.com" + set realname = "Dan Nanni" + set smtp_url = "smtp://@smtp.gmail.com:587/" + set smtp_pass = "" + +Now you are ready to send out an email using mutt: + + $ echo "This is an email body." | mutt -s "This is an email subject" alice@yahoo.com + +To attach a file in an email, use "-a" option: + + $ echo "This is an email body." | mutt -s "This is an email subject" alice@yahoo.com -a ~/test_attachment.jpg + +![](https://c1.staticflickr.com/1/770/22239850784_5fb0988075_c.jpg) + +Using Gmail SMTP server means that the emails appear as sent from your Gmail account. In other words, a recepient will see your Gmail address as the sender's address. If you want to use your domain as the email sender, you need to use Gmail SMTP relay service instead. + +### Send Email Notification When a Server is Rebooted ### + +If you are running a [virtual private server (VPS)][5] for some critical website, one recommendation is to monitor VPS reboot activities. As a more practical example, let's consider how to set up email notifications for every reboot event on your VPS. Here I assume you are using systemd on your VPS, and show you how to create a custom systemd boot-time service for automatic email notifications. + +First create the following script reboot_notify.sh which takes care of email notifications. + + $ sudo vi /usr/local/bin/reboot_notify.sh + +---------- + + #!/bin/sh + + echo "`hostname` was rebooted on `date`" | mutt -F /etc/muttrc -s "Notification on `hostname`" alice@yahoo.com + +---------- + + $ sudo chmod +x /usr/local/bin/reboot_notify.sh + +In the script, I use "-F" option to specify the location of system-wide mutt configuration file. So don't forget to create /etc/muttrc file and populate Gmail SMTP information as described earlier. + +Now let's create a custom systemd service as follows. + + $ sudo mkdir -p /usr/local/lib/systemd/system + $ sudo vi /usr/local/lib/systemd/system/reboot-task.service + +---------- + + [Unit] + Description=Send a notification email when the server gets rebooted + DefaultDependencies=no + Before=reboot.target + + [Service] + Type=oneshot + ExecStart=/usr/local/bin/reboot_notify.sh + + [Install] + WantedBy=reboot.target + +Once the service file is created, enable and start the service. + + $ sudo systemctl enable reboot-task + $ sudo systemctl start reboot-task + +From now on, you will be receiving a notification email every time the VPS gets rebooted. + +![](https://c1.staticflickr.com/1/608/22241452923_2ace9cde2e_c.jpg) + +### Send Email Notification from Server Usage Monitoring ### + +As a final example, let me present a real-world application called [Monit][6], which is a pretty useful server monitoring application. It comes with comprehensive [VPS][7] monitoring capabilities (e.g., CPU, memory, processes, file system), as well as email notification functions. + +If you want to receive email notifications for any event on your VPS (e.g., server overload) generated by Monit, you can add the following SMTP information to Monit configuration file. + + set mailserver smtp.gmail.com port 587 + username "" password "" + using tlsv12 + + set mail-format { + from: @gmail.com + subject: $SERVICE $EVENT at $DATE on $HOST + message: Monit $ACTION $SERVICE $EVENT at $DATE on $HOST : $DESCRIPTION. + + Yours sincerely, + Monit + } + + # the person who will receive notification emails + set alert alice@yahoo.com + +Here is the example email notification sent by Monit for excessive CPU load. + +![](https://c1.staticflickr.com/1/566/22873764251_8fe66bfd16_c.jpg) + +### Conclusion ### + +As you can imagine, there will be so many different ways to take advantage of free SMTP servers like Gmail. But once again, remember that the free SMTP server is not meant for commercial usage, but only for your own personal project. If you are using Gmail SMTP server inside any app, feel free to share your use case. + +-------------------------------------------------------------------------------- + +via: http://xmodulo.com/send-email-notifications-gmail-smtp-server-linux.html + +作者:[Dan Nanni][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://xmodulo.com/author/nanni +[1]:http://xmodulo.com/setup-system-status-page.html +[2]:http://xmodulo.com/server-monitoring-system-monit.html +[3]:http://xmodulo.com/create-software-raid1-array-mdadm-linux.html +[4]:http://xmodulo.com/mail-server-ubuntu-debian.html +[5]:http://xmodulo.com/go/digitalocean +[6]:http://xmodulo.com/server-monitoring-system-monit.html +[7]:http://xmodulo.com/go/digitalocean \ No newline at end of file diff --git a/sources/tech/20151109 Install Android On BQ Aquaris Ubuntu Phone In Linux.md b/sources/tech/20151109 Install Android On BQ Aquaris Ubuntu Phone In Linux.md new file mode 100644 index 0000000000..864068eb91 --- /dev/null +++ b/sources/tech/20151109 Install Android On BQ Aquaris Ubuntu Phone In Linux.md @@ -0,0 +1,126 @@ +zpl1025 +Install Android On BQ Aquaris Ubuntu Phone In Linux +================================================================================ +![How to install Android on Ubuntu Phone](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/11/Install-Android-on-Ubuntu-Phone.jpg) + +If you happen to own the first Ubuntu phone and want to **replace Ubuntu with Android on the bq Aquaris e4.5**, this post is going to help you. + +There can be plenty of reasons why you might want to remove Ubuntu and use the mainstream Android OS. One of the foremost reason is that the OS itself is at an early stage and intend to target developers and enthusiasts. Whatever may be your reason, installing Android on bq Aquaris is a piece of cake, thanks to the tools provided by bq. + +Let’s see what to do we need to install Android on bq Aquaris. + +### Prerequisite ### + +- Working Internet connection to download Android factory image and install tools for flashing Android +- USB data cable +- A system running Linux + +This tutorial is performed using Ubuntu 15.10. But the steps should be applicable to most other Linux distributions. + +### Replace Ubuntu with Android in bq Aquaris e4.5 ### + +#### Step 1: Download Android firmware #### + +First step is to download the Android image for bq Aquaris e4.5. Good thing is that it is available from the bq’s support website. You can download the firmware, around 650 MB in size, from the link below: + +- [Download Android for bq Aquaris e4.5][1] + +Yes, you would get OTA updates with it. At present the firmware version is 2.0.1 which is based on Android Lolipop. Over time, there could be a new firmware based on Marshmallow and then the above link could be outdated. + +I suggest to check the [bq support page and download][2] the latest firmware from there. + +Once downloaded, extract it. In the extracted directory, look for **MT6582_Android_scatter.txt** file. We shall be using it later. + +#### Step 2: Download flash tool #### + +bq has provided its own flash tool, Herramienta MTK Flash Tool, for easier installation of Android or Ubuntu on the device. You can download the tool from the link below: + +- [Download MTK Flash Tool][3] + +Since the flash tool might be upgraded in future, you can always get the latest version of flash tool from the [bq support page][4]. + +Once downloaded extract the downloaded file. You should see an executable file named **flash_tool** in it. We shall be using it later. + +#### Step 3: Remove conflicting packages (optional) #### + +If you are using recent version of Ubuntu or Ubuntu based Linux distributions, you may encounter “BROM ERROR : S_UNDEFINED_ERROR (1001)” later in this tutorial. + +To avoid this error, you’ll have to uninstall conflicting package. Use the commands below: + + sudo apt-get remove modemmanager + +Restart udev service with the command below: + + sudo service udev restart + +Just to check for any possible side effects on kernel module cdc_acm, run the command below: + + lsmod | grep cdc_acm + +If the output of the above command is an empty list, you’ll have to reinstall this kernel module: + + sudo modprobe cdc_acm + +#### Step 4: Prepare to flash Android #### + +Go to the downloaded and extracted flash tool directory (in step 2). Use command line for this purpose because you’ll have to use the root privileges here. + +Presuming that you saved it in the Downloads directory, use the command below to go to this directory (in case you do not know how to navigate between directories in command line). + + cd ~/Downloads/SP_Flash* + +After that use the command below to run the flash tool as root: + + sudo ./flash_tool + +You’ll see a window popped as the one below. Don’t bother about Download Agent field, it will be automatically filled. Just focus on Scatter-loading field. + +![Replace Ubuntu with Android](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/11/Install-Android-bq-aquaris-Ubuntu-1.jpeg) + +Remember we talked about **MT6582_Android_scatter.txt** in step 1? This text file is in the extracted directory of the Andriod firmware you downloaded in step 1. Click on Scatter-loading (in the above picture) and point to MT6582_Android_scatter.txt file. + +When you do that, you’ll see several green lines like the one below: + +![Install-Android-bq-aquaris-Ubuntu-2](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/11/Install-Android-bq-aquaris-Ubuntu-2.jpeg) + +#### Step 5: Flashing Android #### + +We are almost ready. Switch off your phone and connect it to your computer via a USB cable. + +Select Firmware Upgrade from the dropdown and after that click on the big download button. + +![flash Android with Ubuntu](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/11/Install-Android-bq-aquaris-Ubuntu.jpeg) + +If everything is correct, you should see a flash status in the bottom of the tool: + +![Replace Ubuntu with Android](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/11/Install-Android-bq-aquaris-Ubuntu-3.jpeg) + +When the procedure is successfully completed, you’ll see a notification like this: + +![Successfully flashed Android on bq qauaris Ubuntu Phone](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/11/Install-Android-bq-aquaris-Ubuntu-4.jpeg) + +Unplug your phone and power it on. You should see a white screen with AQUARIS written in the middle and at bottom, “powered by Android” would be displayed. It might take upto 10 minutes before you could configure and start using Android. + +Note: If something goes wrong in the process, Press power, volume up, volume down button together and boot in to fast boot mode. Turn off again and connect the cable again. Repeat the process of firmware upgrade. It should work. + +### Conclusion ### + +Thanks to the tools provided, it becomes easier to **flash Android on bq Ubuntu Phone**. Of course, you can use the same steps to replace Android with Ubuntu. All you need is to download Ubuntu firmware instead of Android. + +I hope this tutorial helped you to replace Ubuntu with Android on your bq phone. If you have questions or suggestions, feel free to ask in the comment section below. + +-------------------------------------------------------------------------------- + +via: http://itsfoss.com/install-android-ubuntu-phone/ + +作者:[Abhishek][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://itsfoss.com/author/abhishek/ +[1]:https://storage.googleapis.com/otas/2014/Smartphones/Aquaris_E4.5_L/2.0.1_20150623-1900_bq-FW.zip +[2]:http://www.bq.com/gb/support/aquaris-e4-5 +[3]:https://storage.googleapis.com/otas/2014/Smartphones/Aquaris_E4.5/Ubuntu/Web%20version/Web%20version/SP_Flash_Tool_exe_linux_v5.1424.00.zip +[4]:http://www.bq.com/gb/support/aquaris-e4-5-ubuntu-edition diff --git a/sources/tech/20151114 How to Setup Drone - a Continuous Integration Service in Linux.md b/sources/tech/20151114 How to Setup Drone - a Continuous Integration Service in Linux.md new file mode 100644 index 0000000000..bfcf1e3ae3 --- /dev/null +++ b/sources/tech/20151114 How to Setup Drone - a Continuous Integration Service in Linux.md @@ -0,0 +1,317 @@ +How to Setup Drone - a Continuous Integration Service in Linux +============================================================== + +Are you tired of cloning, building, testing, and deploying codes time and again? If yes, switch to continuous integration. Continuous Integration aka CI is practice in software engineering of making frequent commits to the code base, building, testing and deploying as we go. CI helps to quickly integrate new codes into the existing code base. If this process is made automated, then this will speed up the development process as it reduces the time taken for the developer to build and test things manually. [Drone][1] is a free and open source project which provides an awesome environment of continuous integration service and is released under Apache License Version 2.0. It integrates with many repository providers like Github, Bitbucket and Google Code and has the ability to pull codes from the repositories enabling us to build the source code written in number of languages including PHP, Node, Ruby, Go, Dart, Python, C/C++, JAVA and more. It is made such a powerful platform cause it uses containers and docker technology for every build making users a complete control over their build environment with guaranteed isolation. + +### 1. Installing Docker ### + +First of all, we'll gonna install Docker as its the most vital element for the complete workflow of Drone. Drone does a proper utilization of docker for the purpose of building and testing application. This container technology speeds up the development of the applications. To install docker, we'll need to run the following commands with respective the distribution of linux. In this tutorial, we'll cover the steps with Ubuntu 14.04 and CentOS 7 linux distributions. + +#### On Ubuntu #### + +To install Docker in Ubuntu, we can simply run the following commands in a terminal or console. + + # apt-get update + # apt-get install docker.io + +After the installation is done, we'll restart our docker engine using service command. + + # service docker restart + +Then, we'll make docker start automatically in every system boot. + + # update-rc.d docker defaults + + Adding system startup for /etc/init.d/docker ... + /etc/rc0.d/K20docker -> ../init.d/docker + /etc/rc1.d/K20docker -> ../init.d/docker + /etc/rc6.d/K20docker -> ../init.d/docker + /etc/rc2.d/S20docker -> ../init.d/docker + /etc/rc3.d/S20docker -> ../init.d/docker + /etc/rc4.d/S20docker -> ../init.d/docker + /etc/rc5.d/S20docker -> ../init.d/docker + +#### On CentOS #### + +First, we'll gonna update every packages installed in our centos machine. We can do that by running the following command. + + # sudo yum update + +To install docker in centos, we can simply run the following commands. + + # curl -sSL https://get.docker.com/ | sh + +After our docker engine is installed in our centos machine, we'll simply start it by running the following systemd command as systemd is the default init system in centos 7. + + # systemctl start docker + +Then, we'll enable docker to start automatically in every system startup. + + # systemctl enable docker + + ln -s '/usr/lib/systemd/system/docker.service' '/etc/systemd/system/multi-user.target.wants/docker.service' + +### 2. Installing SQlite Driver ### + +It uses SQlite3 database server for storing its data and information by default. It will automatically create a database file named drone.sqlite under /var/lib/drone/ which will handle database schema setup and migration. To setup SQlite3 drivers, we'll need to follow the below steps. + +#### On Ubuntu 14.04 #### + +As SQlite3 is available on the default respository of Ubuntu 14.04, we'll simply install it by running the following apt command. + + # apt-get install libsqlite3-dev + +#### On CentOS 7 #### + +To install it on CentOS 7 machine, we'll need to run the following yum command. + + # yum install sqlite-devel + +### 3. Installing Drone ### + +Finally, after we have installed those dependencies successfully, we'll now go further towards the installation of drone in our machine. In this step, we'll simply download the binary package of it from the official download link of the respective binary formats and then install them using the default package manager. + +#### On Ubuntu #### + +We'll use wget to download the debian package of drone for ubuntu from the [official Debian file download link][2]. Here is the command to download the required debian package of drone. + + # wget downloads.drone.io/master/drone.deb + + Resolving downloads.drone.io (downloads.drone.io)... 54.231.48.98 + Connecting to downloads.drone.io (downloads.drone.io)|54.231.48.98|:80... connected. + HTTP request sent, awaiting response... 200 OK + Length: 7722384 (7.4M) [application/x-debian-package] + Saving to: 'drone.deb' + 100%[======================================>] 7,722,384 1.38MB/s in 17s + 2015-11-06 14:09:28 (456 KB/s) - 'drone.deb' saved [7722384/7722384] + +After its downloaded, we'll gonna install it with dpkg package manager. + + # dpkg -i drone.deb + + Selecting previously unselected package drone. + (Reading database ... 28077 files and directories currently installed.) + Preparing to unpack drone.deb ... + Unpacking drone (0.3.0-alpha-1442513246) ... + Setting up drone (0.3.0-alpha-1442513246) ... + Your system ubuntu 14: using upstart to control Drone + drone start/running, process 9512 + +#### On CentOS #### + +In the machine running CentOS, we'll download the RPM package from the [official download link for RPM][3] using wget command as shown below. + + # wget downloads.drone.io/master/drone.rpm + + --2015-11-06 11:06:45-- http://downloads.drone.io/master/drone.rpm + Resolving downloads.drone.io (downloads.drone.io)... 54.231.114.18 + Connecting to downloads.drone.io (downloads.drone.io)|54.231.114.18|:80... connected. + HTTP request sent, awaiting response... 200 OK + Length: 7763311 (7.4M) [application/x-redhat-package-manager] + Saving to: ‘drone.rpm’ + 100%[======================================>] 7,763,311 1.18MB/s in 20s + 2015-11-06 11:07:06 (374 KB/s) - ‘drone.rpm’ saved [7763311/7763311] + +Then, we'll install the download rpm package using yum package manager. + + # yum localinstall drone.rpm + +### 4. Configuring Port ### + +After the installation is completed, we'll gonna configure drone to make it workable. The configuration of drone is inside **/etc/drone/drone.toml** file. By default, drone web interface is exposed under port 80 which is the default port of http, if we wanna change it, we can change it by replacing the value under server block as shown below. + + [server] + port=":80" + +### 5. Integrating Github ### + +In order to run Drone we must setup at least one integration points between GitHub, GitHub Enterprise, Gitlab, Gogs, Bitbucket. In this tutorial, we'll only integrate github but if we wanna integrate other we can do that from the configuration file. In order to integrate github, we'll need to create a new application in our [github settings][4]. + +![Registering App Github](http://blog.linoxide.com/wp-content/uploads/2015/11/registering-app-github.png) + +To create, we'll need to click on Register a New Application then fill out the form as shown in the following image. + +![Registering OAuth app github](http://blog.linoxide.com/wp-content/uploads/2015/11/registering-OAuth-app-github.png) + +We should make sure that **Authorization callback URL** looks like http://drone.linoxide.com/api/auth/github.com under the configuration of the application. Then, we'll click on Register application. After done, we'll note the Client ID and Client Secret key as we'll need to configure it in our drone configuration. + +![Client ID and Secret Token](http://blog.linoxide.com/wp-content/uploads/2015/11/client-id-secret-token.png) + +After thats done, we'll need to edit our drone configuration using a text editor by running the following command. + + # nano /etc/drone/drone.toml + +Then, we'll find the [github] section and append the section with the above noted configuration as shown below. + + [github] + client="3dd44b969709c518603c" + secret="4ee261abdb431bdc5e96b19cc3c498403853632a" + # orgs=[] + # open=false + +![Configuring Github Drone](http://blog.linoxide.com/wp-content/uploads/2015/11/configuring-github-drone-e1446835124465.png) + +### 6. Configuring SMTP server ### + +If we wanna enable drone to send notifications via emails, then we'll need to specify the SMTP configuration of our SMTP server. If we already have an SMTP server, we can use its configuration but as we don't have an SMTP server, we'll need to install an MTA ie Postfix and then specify the SMTP configuration in the drone configuration. + +#### On Ubuntu #### + +We can install postfix in ubuntu by running the following apt command. + + # apt-get install postfix + +#### On CentOS #### + +We can install postfix in CentOS by running the following yum command. + + # yum install postfix + +After installing, we'll need to edit the configuration of our postfix configuration using a text editor. + + # nano /etc/postfix/main.cf + +Then, we'll need to replace the value of myhostname parameter to our FQDN ie drone.linoxide.com . + + myhostname = drone.linoxide.com + +Now, we'll gonna finally configure the SMTP section of our drone configuration file. + + # nano /etc/drone/drone.toml + +Then, we'll find the [stmp] section and then we'll need to append the setting as follows. + + [smtp] + host = "drone.linoxide.com" + port = "587" + from = "root@drone.linoxide.com" + user = "root" + pass = "password" + +![Configuring SMTP Drone](http://blog.linoxide.com/wp-content/uploads/2015/11/configuring-smtp-drone.png) + +Note: Here, **user** and **pass** parameters are strongly recommended to be changed according to one's user configuration. + +### 7. Configuring Worker ### + +As we know that drone utilizes docker for its building and testing task, we'll need to configure docker as the worker for our drone. To do so, we'll need to edit the [worker] section in the drone configuration file. + + # nano /etc/drone/drone.toml + +Then, we'll uncomment the following lines and append as shown below. + + [worker] + nodes=[ + "unix:///var/run/docker.sock", + "unix:///var/run/docker.sock" + ] + +Here, we have set only 2 node which means the above configuration is capable of executing only 2 build at a time. In order to increase concurrency, we can increase the number of nodes. + + [worker] + nodes=[ + "unix:///var/run/docker.sock", + "unix:///var/run/docker.sock", + "unix:///var/run/docker.sock", + "unix:///var/run/docker.sock" + ] + +Here, in the above configuration, drone is configured to process four builds at a time, using the local docker daemon. + +### 8. Restarting Drone ### + +Finally, after everything is done regarding the installation and configuration, we'll now start our drone server in our linux machine. + +#### On Ubuntu #### + +To start drone in our Ubuntu 14.04 machine, we'll simply run service command as the default init system of Ubuntu 14.04 is SysVinit. + + # service drone restart + +To make drone start automatically in every boot of the system, we'll run the following command. + + # update-rc.d drone defaults + +#### On CentOS #### + +To start drone in CentOS machine, we'll simply run systemd command as CentOS 7 is shipped with systemd as init system. + + # systemctl restart drone + +Then, we'll enable drone to start automatically in every system boot. + + # systemctl enable drone + +### 9. Allowing Firewalls ### + +As we know drone utilizes port 80 by default and we haven't changed the port, we'll gonna configure our firewall programs to allow port 80 (http) and be accessible from other machines in the network. + +#### On Ubuntu 14.04 #### + +Iptables is a popular firewall program which is installed in the ubuntu distributions by default. We'll make iptables to expose port 80 so that we can make our Drone web interface accessible in the network. + + # iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT + # /etc/init.d/iptables save + +#### On CentOS 7 #### + +As CentOS 7 has systemd installed by default, it contains firewalld running as firewall problem. In order to open the port 80 (http service) on firewalld, we'll need to execute the following commands. + + # firewall-cmd --permanent --add-service=http + + success + + # firewall-cmd --reload + + success + +### 10. Accessing Web Interface ### + +Now, we'll gonna open the web interface of drone using our favourite web browser. To do so, we'll need to point our web browser to our machine running drone in it. As the default port of drone is 80 and we have also set 80 in this tutorial, we'll simply point our browser to http://ip-address/ or http://drone.linoxide.com according to our configuration. After we have done that correctly, we'll see the first page of it having options to login into our dashboard. + +![Login Github Drone](http://blog.linoxide.com/wp-content/uploads/2015/11/login-github-drone-e1446834688394.png) + +As we have configured Github in the above step, we'll simply select github and we'll go through the app authentication process and after its done, we'll be forwarded to our Dashboard. + +![Drone Dashboard](http://blog.linoxide.com/wp-content/uploads/2015/11/drone-dashboard.png) + +Here, it will synchronize all our github repository and will ask us to activate the repo which we want to build with drone. + +![Activate Repository](http://blog.linoxide.com/wp-content/uploads/2015/11/activate-repository-e1446835574595.png) + +After its activated, it will ask us to add a new file named .drone.yml in our repository and define the build process and configuration in that file like which image to fetch and which command/script to run while compiling, etc. + +We'll need to configure our .drone.yml as shown below. + + image: python + script: + - python helloworld.py + - echo "Build has been completed." + +After its done, we'll be able to build our application using the configuration YAML file .drone.yml in our drone appliation. All the commits made into the repository is synced in realtime. It automatically syncs the commit and changes made to the repository. Once the commit is made in the repository, build is automatically started in our drone application. + +![Building Application Drone](http://blog.linoxide.com/wp-content/uploads/2015/11/building-application-drone.png) + +After the build is completed, we'll be able to see the output of the build with the output console. + +![Build Success Drone](http://blog.linoxide.com/wp-content/uploads/2015/11/build-success-drone.png) + +### Conclusion ### + +In this article, we learned to completely setup a workable Continuous Intergration platform with Drone. If we want, we can even get started with the services provided by the official Drone.io project. We can start with free service or paid service according to our requirements. It has changed the world of Continuous integration with its beautiful web interface and powerful bunches of features. It has the ability to integrate with many third party applications and deployment platforms. If you have any questions, suggestions, feedback please write them in the comment box below so that we can improve or update our contents. Thank you ! + +-------------------------------------------------------------------------------- + +via: http://linoxide.com/linux-how-to/setup-drone-continuous-integration-linux/ + +作者:[Arun Pyasi][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://linoxide.com/author/arunp/ +[1]:https://drone.io/ +[2]:http://downloads.drone.io/master/drone.deb +[3]:http://downloads.drone.io/master/drone.rpm +[4]:https://github.com/settings/developers diff --git a/sources/tech/20151117 Install Android On BQ Aquaris Ubuntu Phone In Linux.md b/sources/tech/20151117 Install Android On BQ Aquaris Ubuntu Phone In Linux.md new file mode 100644 index 0000000000..94e7ef69ce --- /dev/null +++ b/sources/tech/20151117 Install Android On BQ Aquaris Ubuntu Phone In Linux.md @@ -0,0 +1,125 @@ +Install Android On BQ Aquaris Ubuntu Phone In Linux +================================================================================ +![How to install Android on Ubuntu Phone](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/11/Install-Android-on-Ubuntu-Phone.jpg) + +If you happen to own the first Ubuntu phone and want to **replace Ubuntu with Android on the bq Aquaris e4.5**, this post is going to help you. + +There can be plenty of reasons why you might want to remove Ubuntu and use the mainstream Android OS. One of the foremost reason is that the OS itself is at an early stage and intend to target developers and enthusiasts. Whatever may be your reason, installing Android on bq Aquaris is a piece of cake, thanks to the tools provided by bq. + +Let’s see what to do we need to install Android on bq Aquaris. + +### Prerequisite ### + +- Working Internet connection to download Android factory image and install tools for flashing Android +- USB data cable +- A system running Linux + +This tutorial is performed using Ubuntu 15.10. But the steps should be applicable to most other Linux distributions. + +### Replace Ubuntu with Android in bq Aquaris e4.5 ### + +#### Step 1: Download Android firmware #### + +First step is to download the Android image for bq Aquaris e4.5. Good thing is that it is available from the bq’s support website. You can download the firmware, around 650 MB in size, from the link below: + +- [Download Android for bq Aquaris e4.5][1] + +Yes, you would get OTA updates with it. At present the firmware version is 2.0.1 which is based on Android Lolipop. Over time, there could be a new firmware based on Marshmallow and then the above link could be outdated. + +I suggest to check the [bq support page][2] and download the latest firmware from there. + +Once downloaded, extract it. In the extracted directory, look for **MT6582_Android_scatter.txt** file. We shall be using it later. + +#### Step 2: Download flash tool #### + +bq has provided its own flash tool, Herramienta MTK Flash Tool, for easier installation of Android or Ubuntu on the device. You can download the tool from the link below: + +- [Download MTK Flash Tool][3] + +Since the flash tool might be upgraded in future, you can always get the latest version of flash tool from the [bq support page][4]. + +Once downloaded extract the downloaded file. You should see an executable file named **flash_tool** in it. We shall be using it later. + +#### Step 3: Remove conflicting packages (optional) #### + +If you are using recent version of Ubuntu or Ubuntu based Linux distributions, you may encounter “BROM ERROR : S_UNDEFINED_ERROR (1001)” later in this tutorial. + +To avoid this error, you’ll have to uninstall conflicting package. Use the commands below: + + sudo apt-get remove modemmanager + +Restart udev service with the command below: + + sudo service udev restart + +Just to check for any possible side effects on kernel module cdc_acm, run the command below: + + lsmod | grep cdc_acm + +If the output of the above command is an empty list, you’ll have to reinstall this kernel module: + + sudo modprobe cdc_acm + +#### Step 4: Prepare to flash Android #### + +Go to the downloaded and extracted flash tool directory (in step 2). Use command line for this purpose because you’ll have to use the root privileges here. + +Presuming that you saved it in the Downloads directory, use the command below to go to this directory (in case you do not know how to navigate between directories in command line). + + cd ~/Downloads/SP_Flash* + +After that use the command below to run the flash tool as root: + + sudo ./flash_tool + +You’ll see a window popped as the one below. Don’t bother about Download Agent field, it will be automatically filled. Just focus on Scatter-loading field. + +![Replace Ubuntu with Android](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/11/Install-Android-bq-aquaris-Ubuntu-1.jpeg) + +Remember we talked about **MT6582_Android_scatter.txt** in step 1? This text file is in the extracted directory of the Andriod firmware you downloaded in step 1. Click on Scatter-loading (in the above picture) and point to MT6582_Android_scatter.txt file. + +When you do that, you’ll see several green lines like the one below: + +![Install-Android-bq-aquaris-Ubuntu-2](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/11/Install-Android-bq-aquaris-Ubuntu-2.jpeg) + +#### Step 5: Flashing Android #### + +We are almost ready. Switch off your phone and connect it to your computer via a USB cable. + +Select Firmware Upgrade from the dropdown and after that click on the big download button. + +![flash Android with Ubuntu](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/11/Install-Android-bq-aquaris-Ubuntu.jpeg) + +If everything is correct, you should see a flash status in the bottom of the tool: + +![Replace Ubuntu with Android](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/11/Install-Android-bq-aquaris-Ubuntu-3.jpeg) + +When the procedure is successfully completed, you’ll see a notification like this: + +![Successfully flashed Android on bq qauaris Ubuntu Phone](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/11/Install-Android-bq-aquaris-Ubuntu-4.jpeg) + +Unplug your phone and power it on. You should see a white screen with AQUARIS written in the middle and at bottom, “powered by Android” would be displayed. It might take upto 10 minutes before you could configure and start using Android. + +Note: If something goes wrong in the process, Press power, volume up, volume down button together and boot in to fast boot mode. Turn off again and connect the cable again. Repeat the process of firmware upgrade. It should work. + +### Conclusion ### + +Thanks to the tools provided, it becomes easier to **flash Android on bq Ubuntu Phone**. Of course, you can use the same steps to replace Android with Ubuntu. All you need is to download Ubuntu firmware instead of Android. + +I hope this tutorial helped you to replace Ubuntu with Android on your bq phone. If you have questions or suggestions, feel free to ask in the comment section below. + +-------------------------------------------------------------------------------- + +via: http://itsfoss.com/install-android-ubuntu-phone/ + +作者:[Abhishek][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://itsfoss.com/author/abhishek/ +[1]:https://storage.googleapis.com/otas/2014/Smartphones/Aquaris_E4.5_L/2.0.1_20150623-1900_bq-FW.zip +[2]:http://www.bq.com/gb/support/aquaris-e4-5 +[3]:https://storage.googleapis.com/otas/2014/Smartphones/Aquaris_E4.5/Ubuntu/Web%20version/Web%20version/SP_Flash_Tool_exe_linux_v5.1424.00.zip +[4]:http://www.bq.com/gb/support/aquaris-e4-5-ubuntu-edition \ No newline at end of file diff --git a/sources/tech/20151119 Going Beyond Hello World Containers is Hard Stuff.md b/sources/tech/20151119 Going Beyond Hello World Containers is Hard Stuff.md new file mode 100644 index 0000000000..3a2fd08d6f --- /dev/null +++ b/sources/tech/20151119 Going Beyond Hello World Containers is Hard Stuff.md @@ -0,0 +1,330 @@ +translating by ezio + +Going Beyond Hello World Containers is Hard Stuff +================================================================================ +In [my previous post][1], I provided the basic concepts behind Linux container technology. I wrote as much for you as I did for me. Containers are new to me. And I figured having the opportunity to blog about the subject would provide the motivation to really learn the stuff. + +I intend to learn by doing. First get the concepts down, then get hands-on and write about it as I go. I assumed there must be a lot of Hello World type stuff out there to give me up to speed with the basics. Then, I could take things a bit further and build a microservice container or something. + +I mean, it can’t be that hard, right? + +Wrong. + +Maybe it’s easy for someone who spends significant amount of their life immersed in operations work. But for me, getting started with this stuff turned out to be hard to the point of posting my frustrations to Facebook... + +But, there is good news: I got it to work! And it’s always nice being able to make lemonade from lemons. So I am going to share the story of how I made my first microservice container with you. Maybe my pain will save you some time. + +If you've ever found yourself in a situation like this, fear not: folks like me are here to deal with the problems so you don't have to! + +Let’s begin. + +### A Thumbnail Micro Service ### + +The microservice I designed was simple in concept. Post a digital image in JPG or PNG format to an HTTP endpoint and get back a a 100px wide thumbnail. + +Here’s what that looks like: + +![container-diagram-0](https://deis.com/images/blog-images/containers-hard-0.png) + +I decide to use a NodeJS for my code and version of [ImageMagick][2] to do the thumbnail transformation. + +I did my first version of the service, using the logic shown here: + +![container-diagram-1](https://deis.com/images/blog-images/containers-hard-1.png) + +I download the [Docker Toolbox][3] which installs an the Docker Quickstart Terminal. Docker Quickstart Terminal makes creating containers easier. The terminal fires up a Linux virtual machine that has Docker installed, allowing you to run Docker commands from within a terminal. + +In my case, I am running on OS X. But there’s a Windows version too. + +I am going to use Docker Quickstart Terminal to build a container image for my microservice and run a container from that image. + +The Docker Quickstart Terminal runs in your regular terminal, like so: + +![container-diagram-2](https://deis.com/images/blog-images/containers-hard-2.png) + +### The First Little Problem and the First Big Problem ### + +So I fiddled around with NodeJS and ImageMagick and I got the service to work on my local machine. + +Then, I created the Dockerfile, which is the configuration script Docker uses to build your container. (I’ll go more into builds and Dockerfile more later on.) + +Here’s the build command I ran on the Docker Quickstart Terminal: + + $ docker build -t thumbnailer:0.1 + +I got this response: + + docker: "build" requires 1 argument. + +Huh. + +After 15 minutes I realized: I forgot to put a period . as the last argument! + +It needs to be: + + $ docker build -t thumbnailer:0.1 . + +But this wasn’t the end of my problems. + +I got the image to build and then I typed [the the `run` command][4] on the Docker Quickstart Terminal to fire up a container based on the image, called `thumbnailer:0.1`: + + $ docker run -d -p 3001:3000 thumbnailer:0.1 + +The `-p 3001:3000` argument makes it so the NodeJS microservice running on port 3000 within the container binds to port 3001 on the host virtual machine. + +Looks so good so far, right? + +Wrong. Things are about to get pretty bad. + +I determined the IP address of the virtual machine created by Docker Quickstart Terminal by running the `docker-machine` command: + + $ docker-machine ip default + +This returns the IP address of the default virtual machine, the one that is run under the Docker Quickstart Terminal. For me, this IP address was 192.168.99.100. + +I browsed to http://192.168.99.100:3001/ and got the file upload page I built: + +![container-diagram-3](https://deis.com/images/blog-images/containers-hard-3.png) + +I selected a file and clicked the Upload Image button. + +But it didn’t work. + +The terminal is telling me it can’t find the `/upload` directory my microservice requires. + +Now, keep in mind, I had been at this for about a day—between the fiddling and research. I’m feeling a little frustrated by this point. + +Then, a brain spark flew. Somewhere along the line remembered reading a microservice should not do any data persistence on its own! Saving data should be the job of another service. + +So what if the container can’t find the `/upload` directory? The real issue is: my microservice has a fundamentally flawed design. + +Let’s take another look: + +![container-diagram-4](https://deis.com/images/blog-images/containers-hard-4.png) + +Why am I saving a file to disk? Microservices are supposed to be fast. Why not do all my work in memory? Using memory buffers will make the "I can’t find no stickin’ directory" error go away and will increase the performance of my app dramatically. + +So that’s what I did. And here’s what the plan was: + +![container-diagram-5](https://deis.com/images/blog-images/containers-hard-5.png) + +Here’s the NodeJS I wrote to do all the in-memory work for creating a thumbnail: + + // Bind to the packages + var express = require('express'); + var router = express.Router(); + var path = require('path'); // used for file path + var im = require("imagemagick"); + + // Simple get that allows you test that you can access the thumbnail process + router.get('/', function (req, res, next) { + res.status(200).send('Thumbnailer processor is up and running'); + }); + + // This is the POST handler. It will take the uploaded file and make a thumbnail from the + // submitted byte array. I know, it's not rocket science, but it serves a purpose + router.post('/', function (req, res, next) { + req.pipe(req.busboy); + req.busboy.on('file', function (fieldname, file, filename) { + var ext = path.extname(filename) + + // Make sure that only png and jpg is allowed + if(ext.toLowerCase() != '.jpg' && ext.toLowerCase() != '.png'){ + res.status(406).send("Service accepts only jpg or png files"); + } + + var bytes = []; + + // put the bytes from the request into a byte array + file.on('data', function(data) { + for (var i = 0; i < data.length; ++i) { + bytes.push(data[i]); + } + console.log('File [' + fieldname + '] got bytes ' + bytes.length + ' bytes'); + }); + + // Once the request is finished pushing the file bytes into the array, put the bytes in + // a buffer and process that buffer with the imagemagick resize function + file.on('end', function() { + var buffer = new Buffer(bytes,'binary'); + console.log('Bytes got ' + bytes.length + ' bytes'); + + //resize + im.resize({ + srcData: buffer, + height: 100 + }, function(err, stdout, stderr){ + if (err){ + throw err; + } + // get the extension without the period + var typ = path.extname(filename).replace('.',''); + res.setHeader("content-type", "image/" + typ); + res.status(200); + // send the image back as a response + res.send(new Buffer(stdout,'binary')); + }); + }); + }); + }); + + module.exports = router; + +Okay, so we’re back on track and everything is hunky dory on my local machine. I go to sleep. + +But, before I do I test the microservice code running as standard Node app on localhost... + +![Containers Hard](https://deis.com/images/blog-images/containers-hard-6.png) + +It works fine. Now all I needed to do was get it working in a container. + +The next day I woke up, grabbed some coffee, and built an image—not forgetting to put in the period! + + $ docker build -t thumbnailer:01 . + +I am building from the root directory of my thumbnailer project. The build command uses the Dockerfile that is in the root directory. That’s how it goes: put the Dockerfile in the same place you want to run build and the Dockerfile will be used by default. + +Here is the text of the Dockerfile I was using: + + FROM ubuntu:latest + MAINTAINER bob@CogArtTech.com + + RUN apt-get update + RUN apt-get install -y nodejs nodejs-legacy npm + RUN apt-get install imagemagick libmagickcore-dev libmagickwand-dev + RUN apt-get clean + + COPY ./package.json src/ + + RUN cd src && npm install + + COPY . /src + + WORKDIR src/ + + CMD npm start + +What could go wrong? + +### The Second Big Problem ### + +I ran the `build` command and I got this error: + + Do you want to continue? [Y/n] Abort. + + The command '/bin/sh -c apt-get install imagemagick libmagickcore-dev libmagickwand-dev' returned a non-zero code: 1 + +I figured something was wrong with the microservice. I went back to my machine, fired up the service on localhost, and uploaded a file. + +Then I got this error from NodeJS: + + Error: spawn convert ENOENT + +What’s going on? This worked the other night! + +I searched and searched, for every permutation of the error I could think of. After about four hours of replacing different node modules here and there, I figured: why not restart the machine? + +I did. And guess what? The error went away! + +Go figure. + +### Putting the Genie Back in the Bottle ### + +So, back to the original quest: I needed to get this build working. + +I removed all of the containers running on the VM, using [the `rm` command][5]: + + $ docker rm -f $(docker ps -a -q) + +The `-f` flag here force removes running images. + +Then I removed all of my Docker images, using [the `rmi` command][6]: + + $ docker rmi if $(docker images | tail -n +2 | awk '{print $3}') + +I go through the whole process of rebuilding the image, installing the container and try to get the microservice running. Then after about an hour of self-doubt and accompanying frustration, I thought to myself: maybe this isn’t a problem with the microservice. + +So, I looked that the the error again: + + Do you want to continue? [Y/n] Abort. + + The command '/bin/sh -c apt-get install imagemagick libmagickcore-dev libmagickwand-dev' returned a non-zero code: 1 + +Then it hit me: the build is looking for a Y input from the keyboard! But, this is a non-interactive Dockerfile script. There is no keyboard. + +I went back to the Dockerfile, and there it was: + + RUN apt-get update + RUN apt-get install -y nodejs nodejs-legacy npm + RUN apt-get install imagemagick libmagickcore-dev libmagickwand-dev + RUN apt-get clean + +The second `apt-get` command is missing the `-y` flag which causes "yes" to be given automatically where usually it would be prompted for. + +I added the missing `-y` to the command: + + RUN apt-get update + RUN apt-get install -y nodejs nodejs-legacy npm + RUN apt-get install -y imagemagick libmagickcore-dev libmagickwand-dev + RUN apt-get clean + +And guess what: after two days of trial and tribulation, it worked! Two whole days! + +So, I did my build: + + $ docker build -t thumbnailer:0.1 . + +I fired up the container: + + $ docker run -d -p 3001:3000 thumbnailer:0.1 + +Got the IP address of the Virtual Machine: + + $ docker-machine ip default + +Went to my browser and entered http://192.168.99.100:3001/ into the address bar. + +The upload page loaded. + +I selected an image, and this is what I got: + +![container-diagram-7](https://deis.com/images/blog-images/containers-hard-7.png) + +It worked! + +Inside a container, for the first time! + +### So What Does It All Mean? ### + +A long time ago, I accepted the fact when it comes to tech, sometimes even the easy stuff is hard. Along with that, I abandoned the desire to be the smartest guy in the room. Still, the last few days trying get basic competency with containers has been, at times, a journey of self doubt. + +But, you wanna know something? It’s 2 AM on an early morning as I write this, and every nerve wracking hour has been worth it. Why? Because you gotta put in the time. This stuff is hard and it does not come easy for anyone. And don’t forget: you’re learning tech and tech runs the world! + +P.S. Check out this two part video of Hello World containers, check out [Raziel Tabib’s][7] excellent work in this video... + +注:youtube视频 + + +And don't miss part two... + +注:youtube视频 + + +-------------------------------------------------------------------------------- + +via: https://deis.com/blog/2015/beyond-hello-world-containers-hard-stuff + +作者:[Bob Reselman][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://deis.com/blog +[1]:http://deis.com/blog/2015/developer-journey-linux-containers +[2]:https://github.com/rsms/node-imagemagick +[3]:https://www.docker.com/toolbox +[4]:https://docs.docker.com/reference/commandline/run/ +[5]:https://docs.docker.com/reference/commandline/rm/ +[6]:https://docs.docker.com/reference/commandline/rmi/ +[7]:http://twitter.com/RazielTabib diff --git a/sources/tech/20151119 How to Install Revive Adserver on Ubuntu 15.04 or CentOS 7.md b/sources/tech/20151119 How to Install Revive Adserver on Ubuntu 15.04 or CentOS 7.md new file mode 100644 index 0000000000..3b6277da80 --- /dev/null +++ b/sources/tech/20151119 How to Install Revive Adserver on Ubuntu 15.04 or CentOS 7.md @@ -0,0 +1,242 @@ +How to Install Revive Adserver on Ubuntu 15.04 / CentOS 7 +================================================================================ +Revive AdserverHow to Install Revive Adserver on Ubuntu 15.04 / CentOS 7 is a free and open source advertisement management system that enables publishers, ad networks and advertisers to serve ads on websites, apps, videos and manage campaigns for multiple advertiser with many features. Revive Adserver is licensed under GNU Public License which is also known as OpenX Source. It features an integrated banner management interface, URL targeting, geo-targeting and tracking system for gathering statistics. This application enables website owners to manage banners from both in-house advertisement campaigns as well as from paid or third-party sources, such as Google's AdSense. Here, in this tutorial, we'll gonna install Revive Adserver in our machine running Ubuntu 15.04 or CentOS 7. + +### 1. Installing LAMP Stack ### + +First of all, as Revive Adserver requires a complete LAMP Stack to work, we'll gonna install it. LAMP Stack is the combination of Apache Web Server, MySQL/MariaDB Database Server and PHP modules. To run Revive properly, we'll need to install some PHP modules like apc, zlib, xml, pcre, mysql and mbstring. To setup LAMP Stack, we'll need to run the following command with respect to the distribution of linux we are currently running. + +#### On Ubuntu 15.04 #### + + # apt-get install apache2 mariadb-server php5 php5-gd php5-mysql php5-curl php-apc zlibc zlib1g zlib1g-dev libpcre3 libpcre3-dev libapache2-mod-php5 zip + +#### On CentOS 7 #### + + # yum install httpd mariadb php php-gd php-mysql php-curl php-mbstring php-xml php-apc zlibc zlib1g zlib1g-dev libpcre3 libpcre3-dev zip + +### 2. Starting Apache and MariaDB server ### + +We’ll now start our newly installed Apache web server and MariaDB database server in our linux machine. To do so, we'll need to execute the following commands. + +#### On Ubuntu 15.04 #### + +Ubuntu 15.04 is shipped with Systemd as its default init system, so we'll need to execute the following commands to start apache and mariadb daemons. + + # systemctl start apache2 mysql + +After its started, we'll now make it able to start automatically in every system boot by running the following command. + + # systemctl enable apache2 mysql + + Synchronizing state for apache2.service with sysvinit using update-rc.d... + Executing /usr/sbin/update-rc.d apache2 defaults + Executing /usr/sbin/update-rc.d apache2 enable + Synchronizing state for mysql.service with sysvinit using update-rc.d... + Executing /usr/sbin/update-rc.d mysql defaults + Executing /usr/sbin/update-rc.d mysql enable + +#### On CentOS 7 #### + +Also in CentOS 7, systemd is the default init system so, we'll run the following command to start them. + + # systemctl start httpd mariadb + +Next, we'll enable them to start automatically in every startup of init system using the following command. + + # systemctl enable httpd mariadb + + ln -s '/usr/lib/systemd/system/httpd.service' '/etc/systemd/system/multi-user.target.wants/httpd.service' + ln -s '/usr/lib/systemd/system/mariadb.service' '/etc/systemd/system/multi-user.target.wants/mariadb.service' + +### 3. Configuring MariaDB ### + +#### On CentOS 7/Ubuntu 15.04 #### + +Now, as we are starting MariaDB for the first time and no password has been assigned for MariaDB so, we’ll first need to configure a root password for it. Then, we’ll gonna create a new database so that it can store data for our Revive Adserver installation. + +To configure MariaDB and assign a root password, we’ll need to run the following command. + + # mysql_secure_installation + +This will ask us to enter the password for root but as we haven’t set any password before and its our first time we’ve installed mariadb, we’ll simply press enter and go further. Then, we’ll be asked to set root password, here we’ll hit Y and enter our password for root of MariaDB. Then, we’ll simply hit enter to set the default values for the further configurations. + + …. + so you should just press enter here. + + Enter current password for root (enter for none): + OK, successfully used password, moving on… + + Setting the root password ensures that nobody can log into the MariaDB + root user without the proper authorisation. + + Set root password? [Y/n] y + New password: + Re-enter new password: + Password updated successfully! + Reloading privilege tables.. + … Success! + … + installation should now be secure. + Thanks for using MariaDB! + +![Configuring MariaDB](http://blog.linoxide.com/wp-content/uploads/2015/11/configuring-mariadb.png) + +### 4. Creating new Database ### + +After we have assigned the password to our root user of mariadb server, we'll now create a new database for Revive Adserver application so that it can store its data into the database server. To do so, first we'll need to login to our MariaDB console by running the following command. + + # mysql -u root -p + +Then, it will ask us to enter the password of root user which we had just set in the above step. Then, we'll be welcomed into the MariaDB console in which we'll create our new database, database user and assign its password and grant all privileges to create, remove and edit the tables and data stored in it. + + > CREATE DATABASE revivedb; + > CREATE USER 'reviveuser'@'localhost' IDENTIFIED BY 'Pa$$worD123'; + > GRANT ALL PRIVILEGES ON revivedb.* TO 'reviveuser'@'localhost'; + > FLUSH PRIVILEGES; + > EXIT; + +![Creating Mariadb Revive Database](http://blog.linoxide.com/wp-content/uploads/2015/11/creating-mariadb-revive-database.png) + +### 5. Downloading Revive Adserver Package ### + +Next, we'll download the latest release of Revive Adserver ie version 3.2.2 in the time of writing this article. So, we'll first get the download link from the official Download Page of Revive Adserver ie [http://www.revive-adserver.com/download/][1] then we'll download the compressed zip file using wget command under /tmp/ directory as shown bellow. + + # cd /tmp/ + # wget http://download.revive-adserver.com/revive-adserver-3.2.2.zip + + --2015-11-09 17:03:48-- http://download.revive-adserver.com/revive-adserver-3.2.2.zip + Resolving download.revive-adserver.com (download.revive-adserver.com)... 54.230.119.219, 54.239.132.177, 54.230.116.214, ... + Connecting to download.revive-adserver.com (download.revive-adserver.com)|54.230.119.219|:80... connected. + HTTP request sent, awaiting response... 200 OK + Length: 11663620 (11M) [application/zip] + Saving to: 'revive-adserver-3.2.2.zip' + revive-adserver-3.2 100%[=====================>] 11.12M 1.80MB/s in 13s + 2015-11-09 17:04:02 (906 KB/s) - 'revive-adserver-3.2.2.zip' saved [11663620/11663620] + +After the file is downloaded, we'll simply extract its files and directories using unzip command. + + # unzip revive-adserver-3.2.2.zip + +Then, we'll gonna move the entire Revive directories including every files from /tmp to the default webroot of Apache Web Server ie /var/www/html/ directory. + + # mv revive-adserver-3.2.2 /var/www/html/reviveads + +### 6. Configuring Apache Web Server ### + +We'll now configure our Apache Server so that revive will run with proper configuration. To do so, we'll create a new virtualhost by creating a new configuration file named reviveads.conf . The directory here may differ from one distribution to another, here is how we create in the following distributions of linux. + +#### On Ubuntu 15.04 #### + + # touch /etc/apache2/sites-available/reviveads.conf + # ln -s /etc/apache2/sites-available/reviveads.conf /etc/apache2/sites-enabled/reviveads.conf + # nano /etc/apache2/sites-available/reviveads.conf + +Now, we'll gonna add the following lines of configuration into this file using our favorite text editor. + + + ServerAdmin info@reviveads.linoxide.com + DocumentRoot /var/www/html/reviveads/ + ServerName reviveads.linoxide.com + ServerAlias www.reviveads.linoxide.com + + Options FollowSymLinks + AllowOverride All + + ErrorLog /var/log/apache2/reviveads.linoxide.com-error_log + CustomLog /var/log/apache2/reviveads.linoxide.com-access_log common + + +![Configuring Apache2 Ubuntu](http://blog.linoxide.com/wp-content/uploads/2015/11/configuring-apache2-ubuntu.png) + +After done, we'll gonna save the file and exit our text editor. Then, we'll restart our Apache Web server. + + # systemctl restart apache2 + +#### On CentOS 7 #### + +In CentOS, we'll directly create the file reviveads.conf under /etc/httpd/conf.d/ directory using our favorite text editor. + + # nano /etc/httpd/conf.d/reviveads.conf + +Then, we'll gonna add the following lines of configuration into the file. + + + ServerAdmin info@reviveads.linoxide.com + DocumentRoot /var/www/html/reviveads/ + ServerName reviveads.linoxide.com + ServerAlias www.reviveads.linoxide.com + + Options FollowSymLinks + AllowOverride All + + ErrorLog /var/log/httpd/reviveads.linoxide.com-error_log + CustomLog /var/log/httpd/reviveads.linoxide.com-access_log common + + +![Configuring httpd Centos](http://blog.linoxide.com/wp-content/uploads/2015/11/configuring-httpd-centos.png) + +Once done, we'll simply save the file and exit the editor. And then, we'll gonna restart our apache web server. + + # systemctl restart httpd + +### 7. Fixing Permissions and Ownership ### + +Now, we'll gonna fix some file permissions and ownership of the installation path. First, we'll gonna set the ownership of the installation directory to Apache process owner so that apache web server will have full access of the files and directories to edit, create and delete. + +#### On Ubuntu 15.04 #### + + # chown www-data: -R /var/www/html/reviveads + +#### On CentOS 7 #### + + # chown apache: -R /var/www/html/reviveads + +### 8. Allowing Firewall ### + +Now, we'll gonna configure our firewall programs to allow port 80 (http) so that our apache web server running Revive Adserver will be accessible from other machines in the network across the default http port ie 80. + +#### On Ubuntu 15.04/CentOS 7 #### + +As CentOS 7 and Ubuntu 15.04 both has systemd installed by default, it contains firewalld running as firewall program. In order to open the port 80 (http service) on firewalld, we'll need to execute the following commands. + + # firewall-cmd --permanent --add-service=http + + success + + # firewall-cmd --reload + + success + +### 9. Web Installation ### + +Finally, after everything is done as expected, we'll now be able to access the web interface of the application using a web browser. We can go further towards the web installation, by pointing the web browser to the web server we are running in our linux machine. To do so, we'll need to point our web browser to http://ip-address/ or http://domain.com assigned to our linux machine. Here, in this tutorial, we'll point our browser to http://reviveads.linoxide.com/ . + +Here, we'll see the Welcome page of the installation of Revive Adserver with the GNU General Public License V2 as Revive Adserver is released under this license. Then, we'll simply click on I agree button in order to continue the installation. + +In the next page, we'll need to enter the required database information in order to connect Revive Adserver with the MariaDB database server. Here, we'll need to enter the database name, user and password that we had set in the above step. In this tutorial, we entered database name, user and password as revivedb, reviveuser and Pa$$worD123 respectively then, we set the hostname as localhost and continue further. + +![Configuring Revive Adserver](http://blog.linoxide.com/wp-content/uploads/2015/11/configuring-revive-adserver.png) + +We'll now enter the required information like administration username, password and email address so that we can use these information to login to the dashboard of our Adserver. After done, we'll head towards the Finish page in which we'll see that we have successfully installed Revive Adserver in our server. + +Next, we'll be redirected to the Adverstiser page where we'll add new Advertisers and manage them. Then, we'll be able to navigate to our Dashboard, add new users to the adserver, add new campaign for our advertisers, banners, websites, video ads and everything that its built with. + +For enabling more configurations and access towards the administrative settings, we can switch our Dashboard user to the Administrator account. This will add new administrative menus in the dashboard like Plugins, Configuration through which we can add and manage plugins and configure many features and elements of Revive Adserver. + +### Conclusion ### + +In this article, we learned some information on what is Revive Adserver and how we can setup on linux machine running Ubuntu 15.04 and CentOS 7 distributions. Though Revive Adserver's initial source code was bought from OpenX, currently the code base for OpenX Enterprise and Revive Adserver are completely separate. To extend more features, we can install more plugins which we can also find from [http://www.adserverplugins.com/][2] . Really, this piece of software has changed the way of managing the ads for websites, apps, videos and made it very easy and efficient. If you have any questions, suggestions, feedback please write them in the comment box below so that we can improve or update our contents. Thank you ! + +-------------------------------------------------------------------------------- + +via: http://linoxide.com/linux-how-to/install-revive-adserver-ubuntu-15-04-centos-7/ + +作者:[Arun Pyasi][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://linoxide.com/author/arunp/ +[1]:http://www.revive-adserver.com/download/ +[2]:http://www.adserverplugins.com/ \ No newline at end of file diff --git a/sources/tech/20151122 Doubly linked list in the Linux Kernel.md b/sources/tech/20151122 Doubly linked list in the Linux Kernel.md new file mode 100644 index 0000000000..e6b5c97a77 --- /dev/null +++ b/sources/tech/20151122 Doubly linked list in the Linux Kernel.md @@ -0,0 +1,257 @@ +Data Structures in the Linux Kernel +================================================================================ + +Doubly linked list +-------------------------------------------------------------------------------- + +Linux kernel provides its own implementation of doubly linked list, which you can find in the [include/linux/list.h](https://github.com/torvalds/linux/blob/master/include/linux/list.h). We will start `Data Structures in the Linux kernel` from the doubly linked list data structure. Why? Because it is very popular in the kernel, just try to [search](http://lxr.free-electrons.com/ident?i=list_head) + +First of all, let's look on the main structure in the [include/linux/types.h](https://github.com/torvalds/linux/blob/master/include/linux/types.h): + +```C +struct list_head { + struct list_head *next, *prev; +}; +``` + +You can note that it is different from many implementations of doubly linked list which you have seen. For example, this doubly linked list structure from the [glib](http://www.gnu.org/software/libc/) library looks like : + +```C +struct GList { + gpointer data; + GList *next; + GList *prev; +}; +``` + +Usually a linked list structure contains a pointer to the item. The implementation of linked list in Linux kernel does not. So the main question is - `where does the list store the data?`. The actual implementation of linked list in the kernel is - `Intrusive list`. An intrusive linked list does not contain data in its nodes - A node just contains pointers to the next and previous node and list nodes part of the data that are added to the list. This makes the data structure generic, so it does not care about entry data type anymore. + +For example: + +```C +struct nmi_desc { + spinlock_t lock; + struct list_head head; +}; +``` + +Let's look at some examples to understand how `list_head` is used in the kernel. As I already wrote about, there are many, really many different places where lists are used in the kernel. Let's look for an example in miscellaneous character drivers. Misc character drivers API from the [drivers/char/misc.c](https://github.com/torvalds/linux/blob/master/drivers/char/misc.c) is used for writing small drivers for handling simple hardware or virtual devices. Those drivers share same major number: + +```C +#define MISC_MAJOR 10 +``` + +but have their own minor number. For example you can see it with: + +``` +ls -l /dev | grep 10 +crw------- 1 root root 10, 235 Mar 21 12:01 autofs +drwxr-xr-x 10 root root 200 Mar 21 12:01 cpu +crw------- 1 root root 10, 62 Mar 21 12:01 cpu_dma_latency +crw------- 1 root root 10, 203 Mar 21 12:01 cuse +drwxr-xr-x 2 root root 100 Mar 21 12:01 dri +crw-rw-rw- 1 root root 10, 229 Mar 21 12:01 fuse +crw------- 1 root root 10, 228 Mar 21 12:01 hpet +crw------- 1 root root 10, 183 Mar 21 12:01 hwrng +crw-rw----+ 1 root kvm 10, 232 Mar 21 12:01 kvm +crw-rw---- 1 root disk 10, 237 Mar 21 12:01 loop-control +crw------- 1 root root 10, 227 Mar 21 12:01 mcelog +crw------- 1 root root 10, 59 Mar 21 12:01 memory_bandwidth +crw------- 1 root root 10, 61 Mar 21 12:01 network_latency +crw------- 1 root root 10, 60 Mar 21 12:01 network_throughput +crw-r----- 1 root kmem 10, 144 Mar 21 12:01 nvram +brw-rw---- 1 root disk 1, 10 Mar 21 12:01 ram10 +crw--w---- 1 root tty 4, 10 Mar 21 12:01 tty10 +crw-rw---- 1 root dialout 4, 74 Mar 21 12:01 ttyS10 +crw------- 1 root root 10, 63 Mar 21 12:01 vga_arbiter +crw------- 1 root root 10, 137 Mar 21 12:01 vhci +``` + +Now let's have a close look at how lists are used in the misc device drivers. First of all, let's look on `miscdevice` structure: + +```C +struct miscdevice +{ + int minor; + const char *name; + const struct file_operations *fops; + struct list_head list; + struct device *parent; + struct device *this_device; + const char *nodename; + mode_t mode; +}; +``` + +We can see the fourth field in the `miscdevice` structure - `list` which is a list of registered devices. In the beginning of the source code file we can see the definition of misc_list: + +```C +static LIST_HEAD(misc_list); +``` + +which expands to the definition of variables with `list_head` type: + +```C +#define LIST_HEAD(name) \ + struct list_head name = LIST_HEAD_INIT(name) +``` + +and initializes it with the `LIST_HEAD_INIT` macro, which sets previous and next entries with the address of variable - name: + +```C +#define LIST_HEAD_INIT(name) { &(name), &(name) } +``` + +Now let's look on the `misc_register` function which registers a miscellaneous device. At the start it initializes `miscdevice->list` with the `INIT_LIST_HEAD` function: + +```C +INIT_LIST_HEAD(&misc->list); +``` + +which does the same as the `LIST_HEAD_INIT` macro: + +```C +static inline void INIT_LIST_HEAD(struct list_head *list) +{ + list->next = list; + list->prev = list; +} +``` + +In the next step after a device is created by the `device_create` function, we add it to the miscellaneous devices list with: + +``` +list_add(&misc->list, &misc_list); +``` + +Kernel `list.h` provides this API for the addition of a new entry to the list. Let's look at its implementation: + +```C +static inline void list_add(struct list_head *new, struct list_head *head) +{ + __list_add(new, head, head->next); +} +``` + +It just calls internal function `__list_add` with the 3 given parameters: + +* new - new entry. +* head - list head after which the new item will be inserted. +* head->next - next item after list head. + +Implementation of the `__list_add` is pretty simple: + +```C +static inline void __list_add(struct list_head *new, + struct list_head *prev, + struct list_head *next) +{ + next->prev = new; + new->next = next; + new->prev = prev; + prev->next = new; +} +``` + +Here we add a new item between `prev` and `next`. So `misc` list which we defined at the start with the `LIST_HEAD_INIT` macro will contain previous and next pointers to the `miscdevice->list`. + +There is still one question: how to get list's entry. There is a special macro: + +```C +#define list_entry(ptr, type, member) \ + container_of(ptr, type, member) +``` + +which gets three parameters: + +* ptr - the structure list_head pointer; +* type - structure type; +* member - the name of the list_head within the structure; + +For example: + +```C +const struct miscdevice *p = list_entry(v, struct miscdevice, list) +``` + +After this we can access to any `miscdevice` field with `p->minor` or `p->name` and etc... Let's look on the `list_entry` implementation: + +```C +#define list_entry(ptr, type, member) \ + container_of(ptr, type, member) +``` + +As we can see it just calls `container_of` macro with the same arguments. At first sight, the `container_of` looks strange: + +```C +#define container_of(ptr, type, member) ({ \ + const typeof( ((type *)0)->member ) *__mptr = (ptr); \ + (type *)( (char *)__mptr - offsetof(type,member) );}) +``` + +First of all you can note that it consists of two expressions in curly brackets. The compiler will evaluate the whole block in the curly braces and use the value of the last expression. + +For example: + +``` +#include + +int main() { + int i = 0; + printf("i = %d\n", ({++i; ++i;})); + return 0; +} +``` + +will print `2`. + +The next point is `typeof`, it's simple. As you can understand from its name, it just returns the type of the given variable. When I first saw the implementation of the `container_of` macro, the strangest thing I found was the zero in the `((type *)0)` expression. Actually this pointer magic calculates the offset of the given field from the address of the structure, but as we have `0` here, it will be just a zero offset along with the field width. Let's look at a simple example: + +```C +#include + +struct s { + int field1; + char field2; + char field3; +}; + +int main() { + printf("%p\n", &((struct s*)0)->field3); + return 0; +} +``` + +will print `0x5`. + +The next `offsetof` macro calculates offset from the beginning of the structure to the given structure's field. Its implementation is very similar to the previous code: + +```C +#define offsetof(TYPE, MEMBER) ((size_t) &((TYPE *)0)->MEMBER) +``` + +Let's summarize all about `container_of` macro. The `container_of` macro returns the address of the structure by the given address of the structure's field with `list_head` type, the name of the structure field with `list_head` type and type of the container structure. At the first line this macro declares the `__mptr` pointer which points to the field of the structure that `ptr` points to and assigns `ptr` to it. Now `ptr` and `__mptr` point to the same address. Technically we don't need this line but it's useful for type checking. The first line ensures that the given structure (`type` parameter) has a member called `member`. In the second line it calculates offset of the field from the structure with the `offsetof` macro and subtracts it from the structure address. That's all. + +Of course `list_add` and `list_entry` is not the only functions which `` provides. Implementation of the doubly linked list provides the following API: + +* list_add +* list_add_tail +* list_del +* list_replace +* list_move +* list_is_last +* list_empty +* list_cut_position +* list_splice +* list_for_each +* list_for_each_entry + +and many more. + + +via: https://github.com/0xAX/linux-insides/edit/master/DataStructures/dlist.md + +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 diff --git a/sources/tech/20151123 Assign Multiple IP Addresses To One Interface On Ubuntu 15.10.md b/sources/tech/20151123 Assign Multiple IP Addresses To One Interface On Ubuntu 15.10.md new file mode 100644 index 0000000000..a045ab953f --- /dev/null +++ b/sources/tech/20151123 Assign Multiple IP Addresses To One Interface On Ubuntu 15.10.md @@ -0,0 +1,236 @@ +Assign Multiple IP Addresses To One Interface On Ubuntu 15.10 +================================================================================ +Some times you might want to use more than one IP address for your network interface card. What will you do in such cases? Buy an extra network card and assign new IP? No, It’s not necessary(at least in the small networks). We can now assign multiple IP addresses to one interface on Ubuntu systems. Curious to know how? Well, Follow me, It is not that difficult. + +This method will work on Debian and it’s derivatives too. + +### Add additional IP addresses temporarily ### + +First, let us find the IP address of the network card. In my Ubuntu 15.10 server, I use only one network card. + +Run the following command to find out the IP address: + + sudo ip addr + +**Sample output:** + + 1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default + link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 + inet 127.0.0.1/8 scope host lo + valid_lft forever preferred_lft forever + inet6 ::1/128 scope host + valid_lft forever preferred_lft forever + 2: enp0s3: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 + link/ether 08:00:27:2a:03:4b brd ff:ff:ff:ff:ff:ff + inet 192.168.1.103/24 brd 192.168.1.255 scope global enp0s3 + valid_lft forever preferred_lft forever + inet6 fe80::a00:27ff:fe2a:34e/64 scope link + valid_lft forever preferred_lft forever + +Or + + sudo ifconfig + +**Sample output:** + + enp0s3 Link encap:Ethernet HWaddr 08:00:27:2a:03:4b + inet addr:192.168.1.103 Bcast:192.168.1.255 Mask:255.255.255.0 + inet6 addr: fe80::a00:27ff:fe2a:34e/64 Scope:Link + UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 + RX packets:186 errors:0 dropped:0 overruns:0 frame:0 + TX packets:70 errors:0 dropped:0 overruns:0 carrier:0 + collisions:0 txqueuelen:1000 + RX bytes:21872 (21.8 KB) TX bytes:9666 (9.6 KB) + lo Link encap:Local Loopback + inet addr:127.0.0.1 Mask:255.0.0.0 + inet6 addr: ::1/128 Scope:Host + UP LOOPBACK RUNNING MTU:65536 Metric:1 + RX packets:217 errors:0 dropped:0 overruns:0 frame:0 + TX packets:217 errors:0 dropped:0 overruns:0 carrier:0 + collisions:0 txqueuelen:0 + RX bytes:38793 (38.7 KB) TX bytes:38793 (38.7 KB) + +As you see in the above output, my network card name is **enp0s3**, and its IP address is **192.168.1.103**. + +Now let us add an additional IP address, for example **192.168.1.104**, to the Interface card. + +Open your Terminal and run the following command to add additional IP. + + sudo ip addr add 192.168.1.104/24 dev enp0s3 + +Now, let us check if the IP is added using command: + + sudo ip address show enp0s3 + +**Sample output:** + + 2: enp0s3: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 + link/ether 08:00:27:2a:03:4e brd ff:ff:ff:ff:ff:ff + inet 192.168.1.103/24 brd 192.168.1.255 scope global enp0s3 + valid_lft forever preferred_lft forever + inet 192.168.1.104/24 scope global secondary enp0s3 + valid_lft forever preferred_lft forever + inet6 fe80::a00:27ff:fe2a:34e/64 scope link + valid_lft forever preferred_lft forever + +Similarly, you can add as many IP addresses as you want. + +Let us ping the IP address to verify it. + + sudo ping 192.168.1.104 + +**Sample output:** + + PING 192.168.1.104 (192.168.1.104) 56(84) bytes of data. + 64 bytes from 192.168.1.104: icmp_seq=1 ttl=64 time=0.901 ms + 64 bytes from 192.168.1.104: icmp_seq=2 ttl=64 time=0.571 ms + 64 bytes from 192.168.1.104: icmp_seq=3 ttl=64 time=0.521 ms + 64 bytes from 192.168.1.104: icmp_seq=4 ttl=64 time=0.524 ms + +Yeah, It’s working!! + +To remove the IP, just run: + + sudo ip addr del 192.168.1.104/24 dev enp0s3 + +Let us check if it is removed. + + sudo ip address show enp0s3 + +**Sample output:** + + 2: enp0s3: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 + link/ether 08:00:27:2a:03:4e brd ff:ff:ff:ff:ff:ff + inet 192.168.1.103/24 brd 192.168.1.255 scope global enp0s3 + valid_lft forever preferred_lft forever + inet6 fe80::a00:27ff:fe2a:34e/64 scope link + valid_lft forever preferred_lft forever + +See, It’s gone!! + +Well, as you may know, the changes will lost after you reboot your system. How do I make it permanent? That’s easy too. + +### Add additional IP addresses permanently ### + +The network card configuration file of your Ubuntu system is **/etc/network/interfaces**. + +Let us check the details of the above file. + + sudo cat /etc/network/interfaces + +**Sample output:** + + # This file describes the network interfaces available on your system + # and how to activate them. For more information, see interfaces(5). + source /etc/network/interfaces.d/* + # The loopback network interface + auto lo + iface lo inet loopback + # The primary network interface + auto enp0s3 + iface enp0s3 inet dhcp + +As you see in the above output, the Interface is DHCP enabled. + +Okay, now we will assign an additional address, for example **192.168.1.104/24**. + +Edit file **/etc/network/interfaces**: + + sudo nano /etc/network/interfaces + +Add additional IP address as shown in the black letters. + + # This file describes the network interfaces available on your system + # and how to activate them. For more information, see interfaces(5). + source /etc/network/interfaces.d/* + # The loopback network interface + auto lo + iface lo inet loopback + # The primary network interface + auto enp0s3 + iface enp0s3 inet dhcp + iface enp0s3 inet static + address 192.168.1.104/24 + +Save and close the file. + +Run the following file to take effect the changes without rebooting. + + sudo ifdown enp0s3 && sudo ifup enp0s3 + +**Sample output:** + + Killed old client process + Internet Systems Consortium DHCP Client 4.3.1 + Copyright 2004-2014 Internet Systems Consortium. + All rights reserved. + For info, please visit https://www.isc.org/software/dhcp/ + Listening on LPF/enp0s3/08:00:27:2a:03:4e + Sending on LPF/enp0s3/08:00:27:2a:03:4e + Sending on Socket/fallback + DHCPRELEASE on enp0s3 to 192.168.1.1 port 67 (xid=0x225f35) + Internet Systems Consortium DHCP Client 4.3.1 + Copyright 2004-2014 Internet Systems Consortium. + All rights reserved. + For info, please visit https://www.isc.org/software/dhcp/ + Listening on LPF/enp0s3/08:00:27:2a:03:4e + Sending on LPF/enp0s3/08:00:27:2a:03:4e + Sending on Socket/fallback + DHCPDISCOVER on enp0s3 to 255.255.255.255 port 67 interval 3 (xid=0xdfb94764) + DHCPREQUEST of 192.168.1.103 on enp0s3 to 255.255.255.255 port 67 (xid=0x6447b9df) + DHCPOFFER of 192.168.1.103 from 192.168.1.1 + DHCPACK of 192.168.1.103 from 192.168.1.1 + bound to 192.168.1.103 -- renewal in 35146 seconds. + +**Note**: It is **very important** to run the above two commands into **one** line if you are remoting into the server because the first one will drop your connection. Given in this way the ssh-session will survive. + +Now, let us check if IP is added using command: + + sudo ip address show enp0s3 + +**Sample output:** + + 2: enp0s3: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 + link/ether 08:00:27:2a:03:4e brd ff:ff:ff:ff:ff:ff + inet 192.168.1.103/24 brd 192.168.1.255 scope global enp0s3 + valid_lft forever preferred_lft forever + inet 192.168.1.104/24 brd 192.168.1.255 scope global secondary enp0s3 + valid_lft forever preferred_lft forever + inet6 fe80::a00:27ff:fe2a:34e/64 scope link + valid_lft forever preferred_lft forever + +Cool! Additional IP has been added. + +Well then let us ping the IP address to verify. + + sudo ping 192.168.1.104 + +**Sample output:** + + PING 192.168.1.104 (192.168.1.104) 56(84) bytes of data. + 64 bytes from 192.168.1.104: icmp_seq=1 ttl=64 time=0.137 ms + 64 bytes from 192.168.1.104: icmp_seq=2 ttl=64 time=0.050 ms + 64 bytes from 192.168.1.104: icmp_seq=3 ttl=64 time=0.054 ms + 64 bytes from 192.168.1.104: icmp_seq=4 ttl=64 time=0.067 ms + +Voila! It’s working. That’s it. + +Want to know how to add additional IP addresses on CentOS/RHEL/Scientific Linux/Fedora systems, check the following link. + +注:此篇文章以前做过选题:20150205 Linux Basics--Assign Multiple IP Addresses To Single Network Interface Card On CentOS 7.md +- [Assign Multiple IP Addresses To Single Network Interface Card On CentOS 7][1] + +Happy weekend! + +-------------------------------------------------------------------------------- + +via: http://www.unixmen.com/assign-multiple-ip-addresses-to-one-interface-on-ubuntu-15-10/ + +作者:[SK][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.unixmen.com/author/sk/ +[1]:http://www.unixmen.com/linux-basics-assign-multiple-ip-addresses-single-network-interface-card-centos-7/ \ No newline at end of file diff --git a/sources/tech/20151123 Data Structures in the Linux Kernel.md b/sources/tech/20151123 Data Structures in the Linux Kernel.md new file mode 100644 index 0000000000..187b3ce9cd --- /dev/null +++ b/sources/tech/20151123 Data Structures in the Linux Kernel.md @@ -0,0 +1,201 @@ +Data Structures in the Linux Kernel +================================================================================ + +Radix tree +-------------------------------------------------------------------------------- + +As you already know linux kernel provides many different libraries and functions which implement different data structures and algorithms. In this part we will consider one of these data structures - [Radix tree](http://en.wikipedia.org/wiki/Radix_tree). There are two files which are related to `radix tree` implementation and API in the linux kernel: + +* [include/linux/radix-tree.h](https://github.com/torvalds/linux/blob/master/include/linux/radix-tree.h) +* [lib/radix-tree.c](https://github.com/torvalds/linux/blob/master/lib/radix-tree.c) + +Lets talk about what a `radix tree` is. Radix tree is a `compressed trie` where a [trie](http://en.wikipedia.org/wiki/Trie) is a data structure which implements an interface of an associative array and allows to store values as `key-value`. The keys are usually strings, but any data type can be used. A trie is different from an `n-tree` because of its nodes. Nodes of a trie do not store keys; instead, a node of a trie stores single character labels. The key which is related to a given node is derived by traversing from the root of the tree to this node. For example: + + +``` +               +-----------+ +               |           | +               |    " "    | + | | +        +------+-----------+------+ +        |                         | +        |                         | +   +----v------+            +-----v-----+ +   |           |            |           | +   |    g      |            |     c     | + | | | | +   +-----------+            +-----------+ +        |                         | +        |                         | +   +----v------+            +-----v-----+ +   |           |            |           | +   |    o      |            |     a     | + | | | | +   +-----------+            +-----------+ +                                  | +                                  | +                            +-----v-----+ +                            |           | +                            |     t     | + | | +                            +-----------+ +``` + +So in this example, we can see the `trie` with keys, `go` and `cat`. The compressed trie or `radix tree` differs from `trie` in that all intermediates nodes which have only one child are removed. + +Radix tree in linux kernel is the datastructure which maps values to integer keys. It is represented by the following structures from the file [include/linux/radix-tree.h](https://github.com/torvalds/linux/blob/master/include/linux/radix-tree.h): + +```C +struct radix_tree_root { + unsigned int height; + gfp_t gfp_mask; + struct radix_tree_node __rcu *rnode; +}; +``` + +This structure presents the root of a radix tree and contains three fields: + +* `height` - height of the tree; +* `gfp_mask` - tells how memory allocations will be performed; +* `rnode` - pointer to the child node. + +The first field we will discuss is `gfp_mask`: + +Low-level kernel memory allocation functions take a set of flags as - `gfp_mask`, which describes how that allocation is to be performed. These `GFP_` flags which control the allocation process can have following values: (`GF_NOIO` flag) means sleep and wait for memory, (`__GFP_HIGHMEM` flag) means high memory can be used, (`GFP_ATOMIC` flag) means the allocation process has high-priority and can't sleep etc. + +* `GFP_NOIO` - can sleep and wait for memory; +* `__GFP_HIGHMEM` - high memory can be used; +* `GFP_ATOMIC` - allocation process is high-priority and can't sleep; + +etc. + +The next field is `rnode`: + +```C +struct radix_tree_node { + unsigned int path; + unsigned int count; + union { + struct { + struct radix_tree_node *parent; + void *private_data; + }; + struct rcu_head rcu_head; + }; + /* For tree user */ + struct list_head private_list; + void __rcu *slots[RADIX_TREE_MAP_SIZE]; + unsigned long tags[RADIX_TREE_MAX_TAGS][RADIX_TREE_TAG_LONGS]; +}; +``` + +This structure contains information about the offset in a parent and height from the bottom, count of the child nodes and fields for accessing and freeing a node. This fields are described below: + +* `path` - offset in parent & height from the bottom; +* `count` - count of the child nodes; +* `parent` - pointer to the parent node; +* `private_data` - used by the user of a tree; +* `rcu_head` - used for freeing a node; +* `private_list` - used by the user of a tree; + +The two last fields of the `radix_tree_node` - `tags` and `slots` are important and interesting. Every node can contains a set of slots which are store pointers to the data. Empty slots in the linux kernel radix tree implementation store `NULL`. Radix trees in the linux kernel also supports tags which are associated with the `tags` fields in the `radix_tree_node` structure. Tags allow individual bits to be set on records which are stored in the radix tree. + +Now that we know about radix tree structure, it is time to look on its API. + +Linux kernel radix tree API +--------------------------------------------------------------------------------- + +We start from the datastructure initialization. There are two ways to initialize a new radix tree. The first is to use `RADIX_TREE` macro: + +```C +RADIX_TREE(name, gfp_mask); +```` + +As you can see we pass the `name` parameter, so with the `RADIX_TREE` macro we can define and initialize radix tree with the given name. Implementation of the `RADIX_TREE` is easy: + +```C +#define RADIX_TREE(name, mask) \ + struct radix_tree_root name = RADIX_TREE_INIT(mask) + +#define RADIX_TREE_INIT(mask) { \ + .height = 0, \ + .gfp_mask = (mask), \ + .rnode = NULL, \ +} +``` + +At the beginning of the `RADIX_TREE` macro we define instance of the `radix_tree_root` structure with the given name and call `RADIX_TREE_INIT` macro with the given mask. The `RADIX_TREE_INIT` macro just initializes `radix_tree_root` structure with the default values and the given mask. + +The second way is to define `radix_tree_root` structure by hand and pass it with mask to the `INIT_RADIX_TREE` macro: + +```C +struct radix_tree_root my_radix_tree; +INIT_RADIX_TREE(my_tree, gfp_mask_for_my_radix_tree); +``` + +where: + +```C +#define INIT_RADIX_TREE(root, mask) \ +do { \ + (root)->height = 0; \ + (root)->gfp_mask = (mask); \ + (root)->rnode = NULL; \ +} while (0) +``` + +makes the same initialziation with default values as it does `RADIX_TREE_INIT` macro. + +The next are two functions for inserting and deleting records to/from a radix tree: + +* `radix_tree_insert`; +* `radix_tree_delete`; + +The first `radix_tree_insert` function takes three parameters: + +* root of a radix tree; +* index key; +* data to insert; + +The `radix_tree_delete` function takes the same set of parameters as the `radix_tree_insert`, but without data. + +The search in a radix tree implemented in two ways: + +* `radix_tree_lookup`; +* `radix_tree_gang_lookup`; +* `radix_tree_lookup_slot`. + +The first `radix_tree_lookup` function takes two parameters: + +* root of a radix tree; +* index key; + +This function tries to find the given key in the tree and return the record associated with this key. The second `radix_tree_gang_lookup` function have the following signature + +```C +unsigned int radix_tree_gang_lookup(struct radix_tree_root *root, + void **results, + unsigned long first_index, + unsigned int max_items); +``` + +and returns number of records, sorted by the keys, starting from the first index. Number of the returned records will not be greater than `max_items` value. + +And the last `radix_tree_lookup_slot` function will return the slot which will contain the data. + +Links +--------------------------------------------------------------------------------- + +* [Radix tree](http://en.wikipedia.org/wiki/Radix_tree) +* [Trie](http://en.wikipedia.org/wiki/Trie) + +-------------------------------------------------------------------------------- + +via: https://github.com/0xAX/linux-insides/edit/master/DataStructures/radix-tree.md + +作者:[0xAX] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + diff --git a/sources/tech/20151123 How to Configure Apache Solr on Ubuntu 14 or 15.md b/sources/tech/20151123 How to Configure Apache Solr on Ubuntu 14 or 15.md new file mode 100644 index 0000000000..e73bdbeb0a --- /dev/null +++ b/sources/tech/20151123 How to Configure Apache Solr on Ubuntu 14 or 15.md @@ -0,0 +1,133 @@ +How to Configure Apache Solr on Ubuntu 14 / 15 +================================================================================ +Hello and welcome to our today's article on Apache Solr. The brief description about Apache Solr is that it is an Open Source most famous search platform with Apache Lucene at the back end for Web sites that enables you to easily create search engines which searches websites, databases and files. It can index and search multiple sites and return recommendations for related contents based on the searched text. + +Solr works with HTTP Extensible Markup Language (XML) that offers application program interfaces (APIs) for Javascript Object Notation, Python, and Ruby. According to the Apache Lucene Project, Solr offers capabilities that have made it popular with administrators including it many featuring like: + +- Full Text Search +- Faceted Navigation +- Snippet generation/highting +- Spell Suggestion/Auto complete +- Custom document ranking/ordering + +#### Prerequisites: #### + +On a fresh Linux Ubuntu 14/15 with minimal packages installed, you only have to take care of few prerequisites in order to install Apache Solr. + +### 1)System Update ### + +Login to your Ubuntu server with a non-root sudo user that will be used to perform all the steps to install and use Solr. + +After successful login, issue the following command to update your system with latest updates and patches. + + $ sudo apt-get update + +### 2) JRE Setup ### + +The Solr setup needs Java Runtime Environment to be installed on the system as its basic requirement because solr and tomcat both are the Java based applications. So, we need to install and configure its home environment with latest Java. + +To install the latest version on Oracle Java 8, we need to install Python Software Properties using the below command. + + $ sudo apt-get install python-software-properties + +Upon completion, run the setup its the repository for the latest version of Java 8. + + $ sudo add-apt-repository ppa:webupd8team/java + +Now you are able to install the latest version of Oracle Java 8 with 'wget' by issuing the below commands to update the packages source list and then to install Java. + + $ sudo apt-get update + +---------- + + $ sudo apt-get install oracle-java8-installer + +Accept the Oracle Binary Code License Agreement for the Java SE Platform Products and JavaFX as you will be asked during the Java installation and configuration process by a click on the 'OK' button. + +When the installation process complete, run the below command to test the successful installation of Java and check its version. + + kash@solr:~$ java -version + java version "1.8.0_66" + Java(TM) SE Runtime Environment (build 1.8.0_66-b17) + Java HotSpot(TM) 64-Bit Server VM (build 25.66-b17, mixed mode) + +The output indicates that we have successfully fulfilled the basic requirement of Solr by installing the Java. Now move to the next step to install Solr. + +### Installing Solr ### + +Installing Solr on Ubuntu can be done by using two different ways but in this article we prefer to install its latest package from the source. + +To install Solr from its source, download its available package with latest version from there Official [Web Page][1], copy the link address and get it using 'wget' command. + + $ wget http://www.us.apache.org/dist/lucene/solr/5.3.1/solr-5.3.1.tgz + +Run the command below to extract the archived service into '/bin' folder. + + $ tar -xzf solr-5.3.1.tgz solr-5.3.1/bin/install_solr_service.sh --strip-components=2 + +Then run the script to start Solr service that will creates a new 'solr' user and then installs solr as a service. + + $ sudo bash ./install_solr_service.sh solr-5.3.1.tgz + +![Solr Installation](http://blog.linoxide.com/wp-content/uploads/2015/11/12.png) + +To check the status of Solr service, you use the below command. + + $ service solr status + +![Solr Status](http://blog.linoxide.com/wp-content/uploads/2015/11/22.png) + +### Creating Solr Collection: ### + +Now we can create multiple collections using Solr user. To do so just run the below command by mentioning the name of the collection you want to create and by specifying its configuration set as shown. + + $ sudo su - solr -c "/opt/solr/bin/solr create -c myfirstcollection -n data_driven_schema_configs" + +![creating collection](http://blog.linoxide.com/wp-content/uploads/2015/11/32.png) + +We have successfully created the new core instance directory for our our first collection where we can add new data in it. To view its default schema file in directory '/opt/solr/server/solr/configsets/data_driven_schema_configs/conf' . + +### Using Solr Web ### + +Apache Solr can be accessible on the default port of Solr that 8983. Open your favorite browser and navigate to http://your_server_ip:8983/solr or http://your-domain.com:8983/solr. Make sure that the port is allowed in your firewall. + + http://172.25.10.171:8983/solr/ + +![Solr Web Access](http://blog.linoxide.com/wp-content/uploads/2015/11/42.png) + +From the Solr Web Console click on the 'Core Admin' button from the left bar, then you will see your first collection that we created earlier using CLI. While you can also create new cores by pointing on the 'Add Core' button. + +![Adding Core](http://blog.linoxide.com/wp-content/uploads/2015/11/52.png) + +You can also add the document and query from the document as shown in below image by selecting your particular collection and pointing the document. Add the data in the specified format as shown in the box. + + { + "number": 1, + "Name": "George Washington", + "birth_year": 1989, + "Starting_Job": 2002, + "End_Job": "2009-04-30", + "Qualification": "Graduation", + "skills": "Linux and Virtualization" + } + +After adding the document click on the 'Submit Document' button. + +![adding Document](http://blog.linoxide.com/wp-content/uploads/2015/11/62.png) + +### Conclusion ### + +You are now able to insert and query data using the Solr web interface after its successful installation on Ubuntu. Now add more collections and insert you own data and documents that you wish to put and manage through Solr. We hope you have got this article much helpful and enjoyed reading this. + +-------------------------------------------------------------------------------- + +via: http://linoxide.com/ubuntu-how-to/configure-apache-solr-ubuntu-14-15/ + +作者:[Kashif][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://linoxide.com/author/kashifs/ +[1]:http://lucene.apache.org/solr/ \ No newline at end of file diff --git a/sources/tech/20151123 How to Install Cockpit in Fedora or CentOS or RHEL or Arch Linux.md b/sources/tech/20151123 How to Install Cockpit in Fedora or CentOS or RHEL or Arch Linux.md new file mode 100644 index 0000000000..3f2f392efb --- /dev/null +++ b/sources/tech/20151123 How to Install Cockpit in Fedora or CentOS or RHEL or Arch Linux.md @@ -0,0 +1,148 @@ +How to Install Cockpit in Fedora / CentOS / RHEL/ Arch Linux +================================================================================ +Cockpit is a free and open source server management software that makes us easy to administer our GNU/Linux servers via its beautiful web interface frontend. Cockpit helps make linux system administrator, system maintainers and DevOps easy to manage their server and to perform simple tasks, such as administering storage, inspecting journals, starting and stopping services and more. Its journal interface adds aroma in flower making people easy to switch between the terminal and web interface. And moreover, it makes easy to manage not only one server but several multiple networked servers from a single place at the same time with just a single click. It is very light weight and has easy to use web based interface. In this tutorial, we'll learn how we can setup Cockpit and use it to manage our server running Fedora, CentOS, Arch Linux and RHEL distributions as their operating system software. Some of the awesome benefits of Cockpit in our GNU/Linux servers are as follows: + +1. It consist of systemd service manager for ease. +1. It has a Journal log viewer to perform troubleshoots and log analysis. +1. Storage setup including LVM was never easier before. +1. Basic Network configuration can be applied with Cockpit +1. We can easily add and remove local users and manage multiple servers. + +### 1. Installing Cockpit ### + +First of all, we'll need to setup Cockpit in our linux based server. In most of the distributions, the cockpit package is already available in their official repositories. Here, in this tutorial, we'll setup Cockpit in Fedora 22, CentOS 7, Arch Linux and RHEL 7 from their official repositories. + +#### On CentOS / RHEL #### + +Cockpit is available in the official repository of CenOS and RHEL. So, we'll simply install it using yum manager. To do so, we'll simply run the following command under sudo/root access. + + # yum install cockpit + +![Install Cockpit Centos](http://blog.linoxide.com/wp-content/uploads/2015/10/install-cockpit-centos.png) + +#### On Fedora 22/21 #### + +Alike, CentOS, it is also available by default in Fedora's official repository, we'll simply install cockpit using dnf package manager. + + # dnf install cockpit + +![Install Cockpit Fedora](http://blog.linoxide.com/wp-content/uploads/2015/10/install-cockpit-fedora.png) + +#### On Arch Linux #### + +Cockpit is currently not available in the official repository of Arch Linux but it is available in the Arch User Repository also know as AUR. So, we'll simply run the following yaourt command to install it. + + # yaourt cockpit + +![Install Cockpit Archlinux](http://blog.linoxide.com/wp-content/uploads/2015/10/install-cockpit-archlinux.png) + +### 2. Starting and Enabling Cockpit ### + +After we have successfully installed it, we'll gonna start the cockpit server with our service/daemon manager. As of 2015, most of the linux distributions have adopted Systemd whereas some of the linux distributions still run SysVinit to manage daemon, but Cockpit uses systemd for almost everything from running daemons to services. So, we can only setup Cockpit in the latest releases of linux distributions running Systemd. In order to start Cockpit and make it start in every boot of the system, we'll need to run the following command in a terminal or a console. + + # systemctl start cockpit + + # systemctl enable cockpit.socket + + Created symlink from /etc/systemd/system/sockets.target.wants/cockpit.socket to /usr/lib/systemd/system/cockpit.socket. + +### 3. Allowing Firewall ### + +After we have started our cockpit server and enable it to start in every boot, we'll now go for configuring firewall. As we have firewall programs running in our server, we'll need to allow ports in order to make cockpit accessible outside of the server. + +#### On Firewalld #### + + # firewall-cmd --add-service=cockpit --permanent + + success + + # firewall-cmd --reload + + success + +![Cockpit Allowing Firewalld](http://blog.linoxide.com/wp-content/uploads/2015/10/cockpit-allowing-firewalld.png) + +#### On Iptables #### + + # iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT + + # service iptables save + +### 4. Accessing Cockpit Web Interface ### + +Next, we'll gonna finally access the Cockpit web interface using a web browser. We'll simply need to point our web browser to https://ip-address:9090 or https://server.domain.com:9090 according to the configuration. Here, in our tutorial, we'll gonna point our browser to https://128.199.114.17:9090 as shown in the image below. + +![Cockpit Webserver SSL Proceed](http://blog.linoxide.com/wp-content/uploads/2015/10/cockpit-webserver-ssl-proceed.png) + +We'll be displayed an SSL certification warning as we are using a self-signed SSL certificate. So, we'll simply ignore it and go forward towards the login page, in chrome/chromium, we'll need to click on Show Advanced and then we'll need to click on **Proceed to 128.199.114.17 (unsafe)** . + +![Cockpit Login Screen](http://blog.linoxide.com/wp-content/uploads/2015/10/cockpit-login-screen.png) + +Now, we'll be asked to enter the login details in order to enter into the dashboard. Here, the username and password is the same as that of the login details we use to login to our linux server. After we enter the login details and click on Log In button, we will be welcomed into the Cockpit Dashboard. + +![Cockpit Dashboard](http://blog.linoxide.com/wp-content/uploads/2015/10/cockpit-dashboard.png) + +Here, we'll see all the menu and visualization of CPU, Disk, Network, Storage usages of the server. We'll see the dashboard as shown above. + +#### Services #### + +To manage services, we'll need to click on Services button on the menu situated in the right side of the web page. Then, we'll see the services under 5 categories, Targets, System Services, Sockets, Timers and Paths. + +![Cockpit Services](http://blog.linoxide.com/wp-content/uploads/2015/10/cockpit-services.png) + +#### Docker Containers #### + +We can even manage docker containers with Cockpit. It is pretty easy to monitor and administer Docker containers with Cockpit. As docker isn't installed and running in our server, we'll need to click on Start Docker. + +![Cockpit Container](http://blog.linoxide.com/wp-content/uploads/2015/10/cockpit-container.png) + +Cockpit will automatically install and run docker in our server. After its running, we see the following screen. Then, we can manage the docker images, containers as per our requirement. + +![Cockpit Containers Mangement](http://blog.linoxide.com/wp-content/uploads/2015/10/cockpit-containers-mangement.png) + +#### Journal Log Viewer #### + +Cockpit has a managed log viewer which separates the Errors, Warnings, Notices into different tabs. And we also have a tab All where we can see them all in a single place. + +![Cockpit Journal Logs](http://blog.linoxide.com/wp-content/uploads/2015/10/cockpit-journal-logs.png) + +#### Networking #### + +Under the networking section, we see two graphs in which there is the visualization of Sending and Receiving speed. And we can see there the list of available interfaces with option to Add Bond, Bridge, VLAN. If we need to configure an interface, we can do so by simply clicking on the interface name. Below everything, we can see the Journal Log Viewer for Networking. + +![Cockpit Network](http://blog.linoxide.com/wp-content/uploads/2015/10/cockpit-network.png) + +#### Storage #### + +Now, its easy with Cockpit to see the R/W speed of our hard disk. We can see the Journal log of the Storage in order to perform troubleshoot and fixes. A clear visualization bar of how much space is occupied is shown in the page. We can even Unmount, Format, Delete a partition of a Hard Disk and more. Features like creating RAID Device, Volume Group is also available in it. + +![Cockpit Storage](http://blog.linoxide.com/wp-content/uploads/2015/10/cockpit-storage.png) + +#### Account Management #### + +We can easily create new accounts with Cockpit Web Interface. The accounts created in it is applied to the system's user account. We can change password, specify roles, delete, rename user accounts with it. + +![Cockpit Accounts](http://blog.linoxide.com/wp-content/uploads/2015/10/cockpit-accounts.png) + +#### Live Terminal #### + +This is an awesome feature built-in with Cockpit. Yes, we can execute commands, do stuffs with the live terminal provided by Cockpit interface. This makes us really easy to switch between the web interface and terminal according to our need. + +![Cockpit Terminal](http://blog.linoxide.com/wp-content/uploads/2015/10/cockpit-terminal.png) + +### Conclusion ### + +Cockpit is a good free and open source software developed by [Red Hat][1] for making the server management easy and simple. It is best for performing simple system administration tasks and is good for the new system administrators. It is still under pre-release as its stable release hasn't been released yet. So, it is not suitable for production. It is currently developed on the latest release of Fedora, CentOS, Arch Linux, RHEL where systemd is installed by default. If you are willing to install Cockpit in Ubuntu, you can get the PPA access but is currently outdated. If you have any questions, suggestions, feedback please write them in the comment box below so that we can improve or update our contents. Thank You ! + +-------------------------------------------------------------------------------- + +via: http://linoxide.com/linux-how-to/install-cockpit-fedora-centos-rhel-arch-linux/ + +作者:[Arun Pyasi][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://linoxide.com/author/arunp/ +[1]:http://www.redhat.com/ \ No newline at end of file diff --git a/sources/tech/20151123 How to install Android Studio on Ubuntu 15.04 or CentOS 7.md b/sources/tech/20151123 How to install Android Studio on Ubuntu 15.04 or CentOS 7.md new file mode 100644 index 0000000000..29569329c9 --- /dev/null +++ b/sources/tech/20151123 How to install Android Studio on Ubuntu 15.04 or CentOS 7.md @@ -0,0 +1,139 @@ +How to install Android Studio on Ubuntu 15.04 / CentOS 7 +================================================================================ +With the advancement of smart phones in the recent years, Android has become one of the biggest phone platforms and all the tools required to build Android applications are also freely available. Android Studio is an Integrated Development Environment (IDE) for developing Android applications based on [IntelliJ IDEA][1]. It is a free and open source software by Google released in 2014 and succeeds Eclipse as the main IDE. + +In this article, we will learn how to install Android Studio on Ubuntu 15.04 and CentOS 7. + +### Installation on Ubuntu 15.04 ### + +We can install Android Studio in two ways. One is to set up the required repository and install it; other is to download it from the official Android site and install it locally. In the following example, we will be setting up the repo using command line and install it. Before proceeding, we need to make sure that we have JDK version1.6 or greater installed. + +Here, I'm installing JDK 1.8. + + $ sudo add-apt-repository ppa:webupd8team/java + + $ sudo apt-get update + + $ sudo apt-get install oracle-java8-installer oracle-java8-set-default + +Verify if java installation was successful: + + poornima@poornima-Lenovo:~$ java -version + +Now, setup the repo for installing Android Studio + + $ sudo apt-add-repository ppa:paolorotolo/android-studio + +![Android-Studio-repo](http://blog.linoxide.com/wp-content/uploads/2015/11/Android-studio-repo.png) + + $ sudo apt-get update + + $ sudo apt-get install android-studio + +Above install command will install android-studio in the directory /opt. + +Now, run the following command to start the setup wizard: + + $ /opt/android-studio/bin/studio.sh + +This will invoke the setup screen. Following are the screen shots that follow to set up Android studio: + +![Android Studio setup](http://blog.linoxide.com/wp-content/uploads/2015/11/Studio-setup.png) + +![Install-type](Android Studio setup) + +![Emulator Settings](http://blog.linoxide.com/wp-content/uploads/2015/11/Emulator-settings.png) + +Once you press the Finish button, Licence agreement will be displayed. After you accept the licence, it starts downloading the required components. + +![Download components](http://blog.linoxide.com/wp-content/uploads/2015/11/Download.png) + +Android studio installation will be complete after this step. When you relaunch Android studio, you will be shown the following welcome screen from where you will be able to start working with your Android Studio. + +![Welcome screen](http://blog.linoxide.com/wp-content/uploads/2015/11/Welcome-screen.png) + +### Installation on CentOS 7 ### + +Let us now learn how to install Android Studio on CentOS 7. Here also, you need to install JDK 1.6 or later. Remember to use 'sudo' before the commands if you are not a root user. You can download the [latest version][2] of JDK. In case you already have an older version installed, remove the same before installing the new one. In the below example, I will be installing JDK version 1.8.0_65 by downloading the required rpm. + + [root@li1260-39 ~]# rpm -ivh jdk-8u65-linux-x64.rpm + Preparing... ################################# [100%] + Updating / installing... + 1:jdk1.8.0_65-2000:1.8.0_65-fcs ################################# [100%] + Unpacking JAR files... + tools.jar... + plugin.jar... + javaws.jar... + deploy.jar... + rt.jar... + jsse.jar... + charsets.jar... + localedata.jar... + jfxrt.jar... + +If Java path is not set properly, you will get error messages. Hence, set the correct path: + + export JAVA_HOME=/usr/java/jdk1.8.0_25/ + export PATH=$PATH:$JAVA_HOME + +Check if the correct version has been installed: + + [root@li1260-39 ~]# java -version + java version "1.8.0_65" + Java(TM) SE Runtime Environment (build 1.8.0_65-b17) + Java HotSpot(TM) 64-Bit Server VM (build 25.65-b01, mixed mode) + +If you notice any error message of the sort "unable-to-run-mksdcard-sdk-tool:" while trying to install Android Studio, you might also have to install the following packages on CentOS 7 64-bit: + + glibc.i686 + + glibc-devel.i686 + + libstdc++.i686 + + zlib-devel.i686 + + ncurses-devel.i686 + + libX11-devel.i686 + + libXrender.i686 + + libXrandr.i686 + +Let us know install studio by downloading the ide file from [Android site][3] and unzipping the same. + + [root@li1260-39 tmp]# unzip android-studio-ide-141.2343393-linux.zip + +Move android-studio directory to /opt directory + + [root@li1260-39 tmp]# mv /tmp/android-studio/ /opt/ + +You can create a simlink to the studio executable to quickly start it whenever you need it. + + [root@li1260-39 tmp]# ln -s /opt/android-studio/bin/studio.sh /usr/local/bin/android-studio + +Now launch the studio from a terminal: + + [root@localhost ~]#studio + +The screens that follow for completing the installation are same as the ones shown above for Ubuntu. When the installation completes, you can start creating your own Android applications. + +### Conclusion ### + +Within a year of its release, Android Studio has taken over as the primary IDE for Android development by eclipsing Eclipse. It is the only official IDE tool that will support future Android SDKs and other Android features that will be provided by Google. So, what are you waiting for? Go install Android Studio and have fun developing Android apps. + +-------------------------------------------------------------------------------- + +via: http://linoxide.com/tools/install-android-studio-ubuntu-15-04-centos-7/ + +作者:[B N Poornima][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://linoxide.com/author/bnpoornima/ +[1]:https://www.jetbrains.com/idea/ +[2]:http://www.oracle.com/technetwork/java/javase/downloads/jdk8-downloads-2133151.html +[3]:http://developer.android.com/sdk/index.html \ No newline at end of file diff --git a/sources/tech/20151125 Running a mainline kernel on a cellphone.md b/sources/tech/20151125 Running a mainline kernel on a cellphone.md new file mode 100644 index 0000000000..c247051def --- /dev/null +++ b/sources/tech/20151125 Running a mainline kernel on a cellphone.md @@ -0,0 +1,40 @@ +Running a mainline kernel on a cellphone +================================================================================ + +One of the biggest freedoms associated with free software is the ability to replace a program with an updated or modified version. Even so, of the many millions of people using Linux-powered phones, few are able to run a mainline kernel on those phones, even if they have the technical skills to do the replacement. The sad fact is that no mainstream phone available runs mainline kernels. A session at the 2015 Kernel Summit, led by Rob Herring, explored this problem and what might be done to address it. + +When asked, most of the developers in the room indicated that they would prefer to be able to run mainline kernels on their phones — though a handful did say that they would rather not do so. Rob has been working on this problem for the last year and a half in support of Project Ara (mentioned in this article). But the news is not good. + +There is, he said, too much out-of-tree code running on a typical handset; mainline kernels simply lack the drivers needed to make that handset work. A typical phone is running 1-3 million lines of out-of-tree code. Almost all of those phones are stuck on the 3.10 kernel — or something even older. There are all kinds of reasons for this, but the simple fact is that things seem to move too quickly in the handset world for the kernel community to keep up. Is that, he asked, something that we care about? + +Tim Bird noted that the Nexus 1, one of the original Android phones, never ran a mainline kernel and never will. It broke the promise of open source, making it impossible for users to put a new kernel onto their devices. At this point, no phone supports that ability. Peter Zijlstra wondered about how much of that out-of-tree code was duplicated functionality from one handset to the next; Rob noted that he has run into three independently developed hotplug governors so far. + +Dirk Hohndel suggested that few people care. Of the billion phones out there, he said, approximately 27 of them have owners who care about running mainline kernels. The rest just want to get the phone to work. Perhaps developers who are concerned about running mainline kernels are trying to solve the wrong problem. + +Chris Mason said that handset vendors are currently facing the same sorts of problems that distributors dealt with many years ago. They are coping with a lot of inefficient, repeated, duplicated work. Once the distributors [Rob Herring] decided to put their work into the mainline instead of carrying it themselves, things got a lot better. The key is to help the phone manufacturers to realize that they can benefit in the same way; that, rather than pressure from users, is how the problem will be solved. + +Grant Likely raised concerns about security in a world where phones cannot be upgraded. What we need is a real distribution market for phones. But, as long as the vendors are in charge of the operating software, phones will not be upgradeable. We have a big security mess coming, he said. Peter added that, with Stagefright, that mess is already upon us. + +Ted Ts'o said that running mainline kernels is not his biggest concern. He would be happy if the phones on sale this holiday season would be running a 3.18 or 4.1 kernel, rather than being stuck on 3.10. That, he suggested, is a more solvable problem. Steve Rostedt said that would not solve the security problem, but Ted remarked that a newer kernel would at least make it easier to backport fixes. Grant replied that, one year from now, it would all just happen again; shipping newer kernels is just an incremental fix. Kees Cook added that there is not much to be gained from backporting fixes; the real problem is that there are no defenses from bugs (he would expand on this theme in a separate session later in the day). + +Rob said that any kind of solution would require getting the vendors on board. That, though, will likely run into trouble with the sort of lockdown that vendors like to apply to their devices. Paolo Bonzini asked whether it would be possible to sue vendors over unfixed security vulnerabilities, especially when the devices are still under warranty. Grant said that upgradeability had to become a market requirement or it simply wasn't going to happen. It might be a nasty security issue that causes this to happen, or carriers might start requiring it. Meanwhile, kernel developers need to keep pushing in that direction. Rob noted that, beyond the advantages noted thus far, the ability to run mainline kernels would help developers to test and validate new features on Android devices. + +Josh Triplett asked whether the community would be prepared to do what it would take if the industry were to come around to the idea of mainline kernel support. There would be lots of testing and validation of kernels on handsets required; Android Compatibility Test Suite failures would have to be treated as regressions. Rob suggested that this could be discussed next year, after the basic functionality is in place, but Josh insisted that, if the demand were to show up, we would have to be able to give a good answer. + +Tim said that there is currently a big disconnect with the vendor world; vendors are not reporting or contributing anything back to the community at all. They are completely disconnected, so there is no forward progress ever. Josh noted that when vendors do report bugs with the old kernels they are using, the reception tends to be less than friendly. Arnd Bergmann said that what was needed was to get one of the big silicon vendors to commit to the idea and get its hardware to a point where running mainline kernels was possible; that would put pressure on the others. But, he added, that would require the existence of one free GPU driver that got shipped with the hardware — something that does not exist currently. + +Rob put up a list of problem areas, but there was not much time for discussion of the particulars. WiFi drivers continue to be an issue, especially with the new features being added in the Android world. Johannes Berg agreed that the new features are an issue; the Android developers do not even talk about them until they ship with the hardware. Support for most of those features does eventually land in the mainline kernel, though. + +As things wound down, Ben Herrenschmidt reiterated that the key was to get vendors to realize that working with the mainline kernel is in their own best interest; it saves work in the long run. Mark Brown said that, in past years when the kernel version shipped with Android moved forward more reliably, the benefits of working upstream were more apparent to vendors. Now that things seem to be stuck on 3.10, that pressure is not there in the same way. The session ended with developers determined to improve the situation, but without any clear plan for getting there. + +-------------------------------------------------------------------------------- + +via: https://lwn.net/Articles/662147/ + +作者:[Jonathan Corbet][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:https://lwn.net/Articles/KernelSummit2015/ diff --git a/sources/tech/20151126 How to Install Nginx as Reverse Proxy for Apache on FreeBSD 10.2.md b/sources/tech/20151126 How to Install Nginx as Reverse Proxy for Apache on FreeBSD 10.2.md new file mode 100644 index 0000000000..b3638a61ea --- /dev/null +++ b/sources/tech/20151126 How to Install Nginx as Reverse Proxy for Apache on FreeBSD 10.2.md @@ -0,0 +1,327 @@ +Translating by KnightJoker +How to Install Nginx as Reverse Proxy for Apache on FreeBSD 10.2 +================================================================================ +Nginx is free and open source HTTP server and reverse proxy, as well as an mail proxy server for IMAP/POP3. Nginx is high performance web server with rich of features, simple configuration and low memory usage. Originally written by Igor Sysoev on 2002, and until now has been used by a big technology company including Netflix, Github, Cloudflare, WordPress.com etc. + +In this tutorial we will "**install and configure nginx web server as reverse proxy for apache on freebsd 10.2**". Apache will run with php on port 8080, and then we need to configure nginx run on port 80 to receive a request from user/visitor. If user request for web page from the browser on port 80, then nginx will pass the request to apache webserver and PHP that running on port 8080. + +#### Prerequisite #### + +- FreeBSD 10.2. +- Root privileges. + +### Step 1 - Update the System ### + +Log in to your freebsd server with ssh credential and update system with command below : + + freebsd-update fetch + freebsd-update install + +### Step 2 - Install Apache ### + +pache is open source HTTP server and the most widely used web server. Apache is not installed by default on freebsd, but we can install it from the ports or package on "/usr/ports/www/apache24" or install it from freebsd repository with pkg command. In this tutorial we will use pkg command to install from the freebsd repository : + + pkg install apache24 + +### Step 3 - Install PHP ### + +Once apache is installed, followed with installing php for handling a PHP file request by a user. We will install php with pkg command as below : + + pkg install php56 mod_php56 php56-mysql php56-mysqli + +### Step 4 - Configure Apache and PHP ### + +Once all is installed, we will configure apache to run on port 8080, and php working with apache. To configure apache, we can edit the configuration file "httpd.conf", and for PHP we just need to copy the php configuration file php.ini on "/usr/local/etc/" directory. + +Go to "/usr/local/etc/" directory and copy php.ini-production file to php.ini : + + cd /usr/local/etc/ + cp php.ini-production php.ini + +Next, configure apache by editing file "httpd.conf" on apache directory : + + cd /usr/local/etc/apache24 + nano -c httpd.conf + +Port configuration on line **52** : + + Listen 8080 + +ServerName configuration on line **219** : + + ServerName 127.0.0.1:8080 + +Add DirectoryIndex file that apache will serve it if a directory requested on line **277** : + + DirectoryIndex index.php index.html + +Configure apache to work with php by adding script below under line **287** : + + + SetHandler application/x-httpd-php + + + SetHandler application/x-httpd-php-source + + +Save and exit. + +Now add apache to start at boot time with sysrc command : + + sysrc apache24_enable=yes + +And test apache configuration with command below : + + apachectl configtest + +If there is no error, start apache : + + service apache24 start + +If all is done, verify that php is running well with apache by creating phpinfo file on "/usr/local/www/apache24/data" directory : + + cd /usr/local/www/apache24/data + echo "" > info.php + +Now visit the freebsd server IP : 192.168.1.123:8080/info.php. + +![Apache and PHP on Port 8080](http://blog.linoxide.com/wp-content/uploads/2015/11/Apache-and-PHP-on-Port-8080.png) + +Apache is working with php on port 8080. + +### Step 5 - Install Nginx ### + +Nginx high performance web server and reverse proxy with low memory consumption. In this step we will use nginx as reverse proxy for apache, so let's install it with pkg command : + + pkg install nginx + +### Step 6 - Configure Nginx ### + +Once nginx is installed, we must configure it by replacing nginx file "**nginx.conf**" with new configuration below. Change the directory to "/usr/local/etc/nginx/" and backup default nginx.conf : + + cd /usr/local/etc/nginx/ + mv nginx.conf nginx.conf.oroginal + +Now create new nginx configuration file : + + nano -c nginx.conf + +and paste configuration below : + + user www; + worker_processes 1; + error_log /var/log/nginx/error.log; + + events { + worker_connections 1024; + } + + http { + include mime.types; + default_type application/octet-stream; + + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + access_log /var/log/nginx/access.log; + + sendfile on; + keepalive_timeout 65; + + # Nginx cache configuration + proxy_cache_path /var/nginx/cache levels=1:2 keys_zone=my-cache:8m max_size=1000m inactive=600m; + proxy_temp_path /var/nginx/cache/tmp; + proxy_cache_key "$scheme$host$request_uri"; + + gzip on; + + server { + #listen 80; + server_name _; + + location /nginx_status { + + stub_status on; + access_log off; + } + + # redirect server error pages to the static page /50x.html + # + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root /usr/local/www/nginx-dist; + } + + # proxy the PHP scripts to Apache listening on 127.0.0.1:8080 + # + location ~ \.php$ { + proxy_pass http://127.0.0.1:8080; + include /usr/local/etc/nginx/proxy.conf; + } + } + + include /usr/local/etc/nginx/vhost/*; + + } + +Save and exit. + +Next, create new file called **proxy.conf** for reverse proxy configuration on nginx directory : + + cd /usr/local/etc/nginx/ + nano -c proxy.conf + +Paste configuration below : + + proxy_buffering on; + proxy_redirect off; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + client_max_body_size 10m; + client_body_buffer_size 128k; + proxy_connect_timeout 90; + proxy_send_timeout 90; + proxy_read_timeout 90; + proxy_buffers 100 8k; + add_header X-Cache $upstream_cache_status; + +Save and exit. + +And the last, create new directory for nginx cache on "/var/nginx/cache" : + + mkdir -p /var/nginx/cache + +### Step 7 - Configure Nginx VirtualHost ### + +In this step we will create new virtualhost for domain "saitama.me", with document root on "/usr/local/www/saitama.me" and the log file on "/var/log/nginx" directory. + +First thing we must do is creating new directory to store the virtualhost file, we here use new directory called "**vhost**". Let's create it : + + cd /usr/local/etc/nginx/ + mkdir vhost + +vhost directory has been created, now go to the directory and create new file virtualhost. I'me here will create new file "**saitama.conf**" : + + cd vhost/ + nano -c saitama.conf + +Paste virtualhost configuration below : + + server { + # Replace with your freebsd IP + listen 192.168.1.123:80; + + # Document Root + root /usr/local/www/saitama.me; + index index.php index.html index.htm; + + # Domain + server_name www.saitama.me saitama.me; + + # Error and Access log file + error_log /var/log/nginx/saitama-error.log; + access_log /var/log/nginx/saitama-access.log main; + + # Reverse Proxy Configuration + location ~ \.php$ { + proxy_pass http://127.0.0.1:8080; + include /usr/local/etc/nginx/proxy.conf; + + # Cache configuration + proxy_cache my-cache; + proxy_cache_valid 10s; + proxy_no_cache $cookie_PHPSESSID; + proxy_cache_bypass $cookie_PHPSESSID; + proxy_cache_key "$scheme$host$request_uri"; + + } + + # Disable Cache for the file type html, json + location ~* .(?:manifest|appcache|html?|xml|json)$ { + expires -1; + } + + # Enable Cache the file 30 days + location ~* .(jpg|png|gif|jpeg|css|mp3|wav|swf|mov|doc|pdf|xls|ppt|docx|pptx|xlsx)$ { + proxy_cache_valid 200 120m; + expires 30d; + proxy_cache my-cache; + access_log off; + } + + } + +Save and exit. + +Next, create new log directory for nginx and virtualhost on "/var/log/" : + + mkdir -p /var/log/nginx/ + +If all is done, let's create a directory for document root for saitama.me : + + cd /usr/local/www/ + mkdir saitama.me + +### Step 8 - Testing ### + +This step is just test our nginx configuration and test the nginx virtualhost. + +Test nginx configuration with command below : + + nginx -t + +If there is no problem, add nginx to boot time with sysrc command, and then start it and restart apache: + + sysrc nginx_enable=yes + service nginx start + service apache24 restart + +All is done, now verify the the php is working by adding new file phpinfo on saitama.me directory : + + cd /usr/local/www/saitama.me + echo "" > info.php + +Visit the domain : **www.saitama.me/info.php**. + +![Virtualhost Configured saitamame](http://blog.linoxide.com/wp-content/uploads/2015/11/Virtualhost-Configured-saitamame.png) + +Nginx as reverse proxy for apache is working, and php is working too. + +And this is another results : + +Test .html file with no-cache. + + curl -I www.saitama.me + +![html with no-cache](http://blog.linoxide.com/wp-content/uploads/2015/11/html-with-no-cache.png) + +Test .css file with 30day cache. + + curl -I www.saitama.me/test.css + +![css file 30day cache](http://blog.linoxide.com/wp-content/uploads/2015/11/css-file-30day-cache.png) + +Test .php file with cache : + + curl -I www.saitama.me/info.php + +![PHP file cached](http://blog.linoxide.com/wp-content/uploads/2015/11/PHP-file-cached.png) + +All is done. + +### Conclusion ### + +Nginx is most popular HTTP server and reverse proxy. Has a rich of features with high performance and low memory/RAM usage. Nginx use too for caching, we can cache a static file on the web to make the web fast load, and cache for php file if a user request for it. Nginx is easy to configure and use, use for HTTP server or act as reverse proxy for apache. + +-------------------------------------------------------------------------------- + +via: http://linoxide.com/linux-how-to/install-nginx-reverse-proxy-apache-freebsd-10-2/ + +作者:[Arul][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://linoxide.com/author/arulm/ \ No newline at end of file diff --git a/sources/tech/20151130 Useful Linux and Unix Tape Managements Commands For Sysadmins.md b/sources/tech/20151130 Useful Linux and Unix Tape Managements Commands For Sysadmins.md new file mode 100644 index 0000000000..ff0e0219fb --- /dev/null +++ b/sources/tech/20151130 Useful Linux and Unix Tape Managements Commands For Sysadmins.md @@ -0,0 +1,425 @@ +15 Useful Linux and Unix Tape Managements Commands For Sysadmins +================================================================================ +Tape devices should be used on a regular basis only for archiving files or for transferring data from one server to another. Usually, tape devices are all hooked up to Unix boxes, and controlled with mt or mtx. You must backup all data to both disks (may be in cloud) and tape device. In this tutorial you will learn about: + +- Tape device names +- Basic commands to manage tape drive +- Basic backup and restore commands + +### Why backup? ### + +A backup plant is important: + +- Ability to recover from disk failure +- Accidental file deletion +- File or file system corruption +- Complete server destruction, including destruction of on-site backups due to fire or other problems. + +You can use tape based archives to backup the whole server and move tapes off-site. + +### Understanding tape file marks and block size ### + +![Fig.01: Tape file marks](http://s0.cyberciti.org/uploads/cms/2015/10/tape-format.jpg) + +Fig.01: Tape file marks + +Each tape device can store multiple tape backup files. Tape backup files are created using cpio, tar, dd, and so on. However, tape device can be opened, written data to, and closed by various program. You can store several backups (tapes) on physical tape. Between each tape file is a "tape file mark". This is used to indicate where one tape file ends and another begins on physical tape. You need to use mt command to positions the tape (winds forward and rewinds and marks). + +#### How data is stored on a tape #### + +![Fig.02: How data is stored on a tape](http://s0.cyberciti.org/uploads/cms/2015/10/how-data-is-stored-on-a-tape.jpg) + +Fig.02: How data is stored on a tape + +All data is stored subsequently in sequential tape archive format using tar. The first tape archive will start on the physical beginning of the tape (tar #0). The next will be tar #1 and so on. + +### Tape device names on Unix ### + +1. /dev/rmt/0 or /dev/rmt/1 or /dev/rmt/[0-127] : Regular tape device name on Unix. The tape is rewound. +1. /dev/rmt/0n : This is know as no rewind i.e. after using tape, leaves the tape in current status for next command. +1. /dev/rmt/0b : Use magtape interface i.e. BSD behavior. More-readable by a variety of OS's such as AIX, Windows, Linux, FreeBSD, and more. +1. /dev/rmt/0l : Set density to low. +1. /dev/rmt/0m : Set density to medium. +1. /dev/rmt/0u : Set density to high. +1. /dev/rmt/0c : Set density to compressed. +1. /dev/st[0-9] : Linux specific SCSI tape device name. +1. /dev/sa[0-9] : FreeBSD specific SCSI tape device name. +1. /dev/esa0 : FreeBSD specific SCSI tape device name that eject on close (if capable). + +#### Tape device name examples #### + +- The /dev/rmt/1cn indicate that I'm using unity 1, compressed density and no rewind. +- The /dev/rmt/0hb indicate that I'm using unity 0, high density and BSD behavior. +- The auto rewind SCSI tape device name on Linux : /dev/st0 +- The non-rewind SCSI tape device name on Linux : /dev/nst0 +- The auto rewind SCSI tape device name on FreeBSD: /dev/sa0 +- The non-rewind SCSI tape device name on FreeBSD: /dev/nsa0 + +#### How do I list installed scsi tape devices? #### + +Type the following commands: + + ## Linux (read man pages for more info) ## + lsscsi + lsscsi -g + + ## IBM AIX ## + lsdev -Cc tape + lsdev -Cc adsm + lscfg -vl rmt* + + ## Solaris Unix ## + cfgadm –a + cfgadm -al + luxadm probe + iostat -En + + ## HP-UX Unix ## + ioscan Cf + ioscan -funC tape + ioscan -fnC tape + ioscan -kfC tape + + +Sample outputs from my Linux server: + +![Fig.03: Installed tape devices on Linux server](http://s0.cyberciti.org/uploads/cms/2015/10/linux-find-tape-devices-command.jpg) + +Fig.03: Installed tape devices on Linux server + +### mt command examples ### + +In Linux and Unix-like system, mt command is used to control operations of the tape drive, such as finding status or seeking through files on a tape or writing tape control marks to the tape. You must most of the following command as root user. The syntax is: + + mt -f /tape/device/name operation + +#### Setting up environment #### + +You can set TAPE shell variable. This is the pathname of the tape drive. The default (if the variable is unset, but not if it is null) is /dev/nsa0 on FreeBSD. It may be overridden with the -f option passed to the mt command as explained below. + + ## Add to your shell startup file ## + TAPE=/dev/st1 #Linux + TAPE=/dev/rmt/2 #Unix + TAPE=/dev/nsa3 #FreeBSD + export TAPE + +### 1: Display status of the tape/drive ### + + mt status #Use default + mt -f /dev/rmt/0 status #Unix + mt -f /dev/st0 status #Linux + mt -f /dev/nsa0 status #FreeBSD + mt -f /dev/rmt/1 status #Unix unity 1 i.e. tape device no. 1 + +You can use shell loop as follows to poll a system and locate all of its tape drives: + + for d in 0 1 2 3 4 5 + do + mt -f "/dev/rmt/${d}" status + done + +### 2: Rewinds the tape ### + + mt rew + mt rewind + mt -f /dev/mt/0 rewind + mt -f /dev/st0 rewind + +### 3: Eject the tape ### + + mt off + mt offline + mt eject + mt -f /dev/mt/0 off + mt -f /dev/st0 eject + +### 4: Erase the tape (rewind the tape and, if applicable, unload the tape) ### + + mt erase + mt -f /dev/st0 erase #Linux + mt -f /dev/rmt/0 erase #Unix + +### 5: Retensioning a magnetic tape cartridge ### + +If errors occur when a tape is being read, you can retension the tape, clean the tape drive, and then try again as follows: + + mt retension + mt -f /dev/rmt/1 retension #Unix + mt -f /dev/st0 retension #Linux + +### 6: Writes n EOF marks in the current position of tape ### + + mt eof + mt weof + mt -f /dev/st0 eof + +### 7: Forward space count files i.e. jumps n EOF marks ### + +The tape is positioned on the first block of the next file i.e. tape will position on first block of the field (see fig.01): + + mt fsf + mt -f /dev/rmt/0 fsf + mt -f /dev/rmt/1 fsf 1 #go 1 forward file/tape (see fig.01) + +### 8: Backward space count files i.e. rewinds n EOF marks ### + +The tape is positioned on the first block of the next file i.e. tape positions after EOF mark (see fig.01): + + mt bsf + mt -f /dev/rmt/1 bsf + mt -f /dev/rmt/1 bsf 1 #go 1 backward file/tape (see fig.01) + +Here is a list of the tape position commands: + + fsf Forward space count files. The tape is positioned on the first block of the next file. + + fsfm Forward space count files. The tape is positioned on the last block of the previous file. + + bsf Backward space count files. The tape is positioned on the last block of the previous file. + + bsfm Backward space count files. The tape is positioned on the first block of the next file. + + asf The tape is positioned at the beginning of the count file. Positioning is done by first rewinding the tape and then spacing forward over count filemarks. + + fsr Forward space count records. + + bsr Backward space count records. + + fss (SCSI tapes) Forward space count setmarks. + + bss (SCSI tapes) Backward space count setmarks. + +### Basic backup commands ### + +Let us see commands to backup and restore files + +### 9: To backup directory (tar format) ### + + tar cvf /dev/rmt/0n /etc + tar cvf /dev/st0 /etc + +### 10: To restore directory (tar format) ### + + tar xvf /dev/rmt/0n -C /path/to/restore + tar xvf /dev/st0 -C /tmp + +### 11: List or check tape contents (tar format) ### + + mt -f /dev/st0 rewind; dd if=/dev/st0 of=- + + ## tar format ## + tar tvf {DEVICE} {Directory-FileName} + tar tvf /dev/st0 + tar tvf /dev/st0 desktop + tar tvf /dev/rmt/0 foo > list.txt + +### 12: Backup partition with dump or ufsdump ### + + ## Unix backup c0t0d0s2 partition ## + ufsdump 0uf /dev/rmt/0 /dev/rdsk/c0t0d0s2 + + ## Linux backup /home partition ## + dump 0uf /dev/nst0 /dev/sda5 + dump 0uf /dev/nst0 /home + + ## FreeBSD backup /usr partition ## + dump -0aL -b64 -f /dev/nsa0 /usr + +### 12: Restore partition with ufsrestore or restore ### + + ## Unix ## + ufsrestore xf /dev/rmt/0 + ## Unix interactive restore ## + ufsrestore if /dev/rmt/0 + + ## Linux ## + restore rf /dev/nst0 + ## Restore interactive from the 6th backup on the tape media ## + restore isf 6 /dev/nst0 + + ## FreeBSD restore ufsdump format ## + restore -i -f /dev/nsa0 + +### 13: Start writing at the beginning of the tape (see fig.02) ### + + ## This will overwrite all data on tape ## + mt -f /dev/st1 rewind + + ### Backup home ## + tar cvf /dev/st1 /home + + ## Offline and unload tape ## + mt -f /dev/st0 offline + +To restore from the beginning of the tape: + + mt -f /dev/st0 rewind + tar xvf /dev/st0 + mt -f /dev/st0 offline + +### 14: Start writing after the last tar (see fig.02) ### + + ## This will kee all data written so far ## + mt -f /dev/st1 eom + + ### Backup home ## + tar cvf /dev/st1 /home + + ## Unload ## + mt -f /dev/st0 offline + +### 15: Start writing after tar number 2 (see fig.02) ### + + ## To wrtite after tar number 2 (should be 2+1) + mt -f /dev/st0 asf 3 + tar cvf /dev/st0 /usr + + ## asf equivalent command done using fsf ## + mt -f /dev/sf0 rewind + mt -f /dev/st0 fsf 2 + +To restore tar from tar number 2: + + mt -f /dev/st0 asf 3 + tar xvf /dev/st0 + mt -f /dev/st0 offline + +### How do I verify backup tapes created using tar? ### + +It is important that you do regular full system restorations and service testing, it's the only way to know for sure that the entire system is working correctly. See our [tutorial on verifying tar command tape backups][1] for more information. + +### Sample shell script ### + + #!/bin/bash + # A UNIX / Linux shell script to backup dirs to tape device like /dev/st0 (linux) + # This script make both full and incremental backups. + # You need at two sets of five tapes. Label each tape as Mon, Tue, Wed, Thu and Fri. + # You can run script at midnight or early morning each day using cronjons. + # The operator or sys admin can replace the tape every day after the script has done. + # Script must run as root or configure permission via sudo. + # ------------------------------------------------------------------------- + # Copyright (c) 1999 Vivek Gite + # This script is licensed under GNU GPL version 2.0 or above + # ------------------------------------------------------------------------- + # This script is part of nixCraft shell script collection (NSSC) + # Visit http://bash.cyberciti.biz/ for more information. + # ------------------------------------------------------------------------- + # Last updated on : March-2003 - Added log file support. + # Last updated on : Feb-2007 - Added support for excluding files / dirs. + # ------------------------------------------------------------------------- + LOGBASE=/root/backup/log + + # Backup dirs; do not prefix / + BACKUP_ROOT_DIR="home sales" + + # Get todays day like Mon, Tue and so on + NOW=$(date +"%a") + + # Tape devie name + TAPE="/dev/st0" + + # Exclude file + TAR_ARGS="" + EXCLUDE_CONF=/root/.backup.exclude.conf + + # Backup Log file + LOGFIILE=$LOGBASE/$NOW.backup.log + + # Path to binaries + TAR=/bin/tar + MT=/bin/mt + MKDIR=/bin/mkdir + + # ------------------------------------------------------------------------ + # Excluding files when using tar + # Create a file called $EXCLUDE_CONF using a text editor + # Add files matching patterns such as follows (regex allowed): + # home/vivek/iso + # home/vivek/*.cpp~ + # ------------------------------------------------------------------------ + [ -f $EXCLUDE_CONF ] && TAR_ARGS="-X $EXCLUDE_CONF" + + #### Custom functions ##### + # Make a full backup + full_backup(){ + local old=$(pwd) + cd / + $TAR $TAR_ARGS -cvpf $TAPE $BACKUP_ROOT_DIR + $MT -f $TAPE rewind + $MT -f $TAPE offline + cd $old + } + + # Make a partial backup + partial_backup(){ + local old=$(pwd) + cd / + $TAR $TAR_ARGS -cvpf $TAPE -N "$(date -d '1 day ago')" $BACKUP_ROOT_DIR + $MT -f $TAPE rewind + $MT -f $TAPE offline + cd $old + } + + # Make sure all dirs exits + verify_backup_dirs(){ + local s=0 + for d in $BACKUP_ROOT_DIR + do + if [ ! -d /$d ]; + then + echo "Error : /$d directory does not exits!" + s=1 + fi + done + # if not; just die + [ $s -eq 1 ] && exit 1 + } + + #### Main logic #### + + # Make sure log dir exits + [ ! -d $LOGBASE ] && $MKDIR -p $LOGBASE + + # Verify dirs + verify_backup_dirs + + # Okay let us start backup procedure + # If it is Monday make a full backup; + # For Tue to Fri make a partial backup + # Weekend no backups + case $NOW in + Mon) full_backup;; + Tue|Wed|Thu|Fri) partial_backup;; + *) ;; + esac > $LOGFIILE 2>&1 + +### A note about third party backup utilities ### + +Both Linux and Unix-like system provides many third-party utilities which you can use to schedule the creation of backups including tape backups such as: + +- Amanda +- Bacula +- rsync +- duplicity +- rsnapshot + +See also + +- Man pages - [mt(1)][2], [mtx(1)][3], [tar(1)][4], [dump(8)][5], [restore(8)][6] + +-------------------------------------------------------------------------------- + +via: http://www.cyberciti.biz/hardware/unix-linux-basic-tape-management-commands/ + +作者:Vivek Gite +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[1]:http://www.cyberciti.biz/faq/unix-verify-tape-backup/ +[2]:http://www.manpager.com/linux/man1/mt.1.html +[3]:http://www.manpager.com/linux/man1/mtx.1.html +[4]:http://www.manpager.com/linux/man1/tar.1.html +[5]:http://www.manpager.com/linux/man8/dump.8.html +[6]:http://www.manpager.com/linux/man8/restore.8.html \ No newline at end of file diff --git a/sources/tech/20151201 Backup (System Restore Point) your Ubuntu or Linux Mint with SystemBack.md b/sources/tech/20151201 Backup (System Restore Point) your Ubuntu or Linux Mint with SystemBack.md new file mode 100644 index 0000000000..98193a8f72 --- /dev/null +++ b/sources/tech/20151201 Backup (System Restore Point) your Ubuntu or Linux Mint with SystemBack.md @@ -0,0 +1,40 @@ +Backup (System Restore Point) your Ubuntu/Linux Mint with SystemBack +================================================================================ +System Restore is must have feature for any OS that allows the user to revert their computer's state (including system files, installed applications, and system settings) to that of a previous point in time, which can be used to recover from system malfunctions or other problems. +Sometimes installing a program or driver can make your OS go to blank screen. System Restore can return your PC's system files and programs to a time when everything was working fine, potentially preventing hours of troubleshooting headaches. It won't affect your documents, pictures, or other data. +Simple system backup and restore application with extra features. [Systemback][1] makes it easy to create backups of system and users configuration files. In case of problems you can easily restore the previous state of the system. There are extra features like system copying, system installation and Live system creation. + +Screenshots + +![systemback](http://2.bp.blogspot.com/-2UPS3yl3LHw/VlilgtGAlvI/AAAAAAAAGts/ueRaAghXNvc/s1600/systemback-1.jpg) + +![systemback](http://2.bp.blogspot.com/-7djBLbGenxE/Vlilgk-FZHI/AAAAAAAAGtk/2PVNKlaPO-c/s1600/systemback-2.jpg) + +![](http://3.bp.blogspot.com/-beZYwKrsT4o/VlilgpThziI/AAAAAAAAGto/cwsghXFNGRA/s1600/systemback-3.jpg) + +![](http://1.bp.blogspot.com/-t_gmcoQZrvM/VlilhLP--TI/AAAAAAAAGt0/GWBg6bGeeaI/s1600/systemback-5.jpg) + +**Note**: Using System Restore will not restore documents, music, emails, or personal files of any kind. Depending on your perspective, this is both a positive and negative feature. The bad news is that it won't restore that accidentally deleted file you wish you could get back, though a file recovery program might solve that problem. +If no restore point exists on your computer, System Restore has nothing to revert to so the tool won't work for you. If you're trying to recover from a major problem, you'll need to move on to another troubleshooting step. + +>>> Available for Ubuntu 15.10 Wily/16.04/15.04 Vivid/14.04 Trusty/Linux Mint 17.x/other Ubuntu derivatives +To install SystemBack Application in Ubuntu/Linux Mint open Terminal (Press Ctrl+Alt+T) and copy the following commands in the Terminal: + +Terminal Commands: + + sudo add-apt-repository ppa:nemh/systemback + sudo apt-get update + sudo apt-get install systemback + +That's it + +-------------------------------------------------------------------------------- + +via: http://www.noobslab.com/2015/11/backup-system-restore-point-your.html + +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[1]:https://launchpad.net/systemback \ No newline at end of file diff --git a/sources/tech/20151201 Linux and Unix Port Scanning With netcat [nc] Command.md b/sources/tech/20151201 Linux and Unix Port Scanning With netcat [nc] Command.md new file mode 100644 index 0000000000..f4019db6eb --- /dev/null +++ b/sources/tech/20151201 Linux and Unix Port Scanning With netcat [nc] Command.md @@ -0,0 +1,97 @@ +translation by strugglingyouth +Linux and Unix Port Scanning With netcat [nc] Command +================================================================================ +How do I find out which ports are opened on my own server? How do I run port scanning using the nc command instead of [the nmap command on a Linux or Unix-like][1] systems? + +The nmap (“Network Mapper”) is an open source tool for network exploration and security auditing. If nmap is not installed and you do not wish to use all of nmap options you can use netcat/nc command for scanning ports. This may useful to know which ports are open and running services on a target machine. You can use [nmap command for port scanning][2] too. + +### How do I use nc to scan Linux, UNIX and Windows server port scanning? ### + +If nmap is not installed try nc / netcat command as follow. The -z flag can be used to tell nc to report open ports, rather than initiate a connection. Run nc command with -z flag. You need to specify host name / ip along with the port range to limit and speedup operation: + + ## syntax ## + nc -z -v {host-name-here} {port-range-here} + nc -z -v host-name-here ssh + nc -z -v host-name-here 22 + nc -w 1 -z -v server-name-here port-Number-her + + ## scan 1 to 1023 ports ## + nc -zv vip-1.vsnl.nixcraft.in 1-1023 + +Sample outputs: + + Connection to localhost 25 port [tcp/smtp] succeeded! + Connection to vip-1.vsnl.nixcraft.in 25 port [tcp/smtp] succeeded! + Connection to vip-1.vsnl.nixcraft.in 80 port [tcp/http] succeeded! + Connection to vip-1.vsnl.nixcraft.in 143 port [tcp/imap] succeeded! + Connection to vip-1.vsnl.nixcraft.in 199 port [tcp/smux] succeeded! + Connection to vip-1.vsnl.nixcraft.in 783 port [tcp/*] succeeded! + Connection to vip-1.vsnl.nixcraft.in 904 port [tcp/vmware-authd] succeeded! + Connection to vip-1.vsnl.nixcraft.in 993 port [tcp/imaps] succeeded! + +You can scan individual port too: + + nc -zv v.txvip1 443 + nc -zv v.txvip1 80 + nc -zv v.txvip1 22 + nc -zv v.txvip1 21 + nc -zv v.txvip1 smtp + nc -zvn v.txvip1 ftp + + ## really fast scanner with 1 timeout value ## + netcat -v -z -n -w 1 v.txvip1 1-1023 + +Sample outputs: + +![Fig.01: Linux/Unix: Use Netcat to Establish and Test TCP and UDP Connections on a Server](http://s0.cyberciti.org/uploads/faq/2007/07/scan-with-nc.jpg) + +Fig.01: Linux/Unix: Use Netcat to Establish and Test TCP and UDP Connections on a Server + +Where, + +1. -z : Port scanning mode i.e. zero I/O mode. +1. -v : Be verbose [use twice -vv to be more verbose]. +1. -n : Use numeric-only IP addresses i.e. do not use DNS to resolve ip addresses. +1. -w 1 : Set time out value to 1. + +More examples: + + $ netcat -z -vv www.cyberciti.biz http + www.cyberciti.biz [75.126.153.206] 80 (http) open + sent 0, rcvd 0 + $ netcat -z -vv google.com https + DNS fwd/rev mismatch: google.com != maa03s16-in-f2.1e100.net + DNS fwd/rev mismatch: google.com != maa03s16-in-f6.1e100.net + DNS fwd/rev mismatch: google.com != maa03s16-in-f5.1e100.net + DNS fwd/rev mismatch: google.com != maa03s16-in-f3.1e100.net + DNS fwd/rev mismatch: google.com != maa03s16-in-f8.1e100.net + DNS fwd/rev mismatch: google.com != maa03s16-in-f0.1e100.net + DNS fwd/rev mismatch: google.com != maa03s16-in-f7.1e100.net + DNS fwd/rev mismatch: google.com != maa03s16-in-f4.1e100.net + google.com [74.125.236.162] 443 (https) open + sent 0, rcvd 0 + $ netcat -v -z -n -w 1 192.168.1.254 1-1023 + (UNKNOWN) [192.168.1.254] 989 (ftps-data) open + (UNKNOWN) [192.168.1.254] 443 (https) open + (UNKNOWN) [192.168.1.254] 53 (domain) open + +See also + +- [Scanning network for open ports with the nmap command][3] for more info. +- Man pages - [nc(1)][4], [nmap(1)][5] + +-------------------------------------------------------------------------------- + +via: http://www.cyberciti.biz/faq/linux-port-scanning/ + +作者:Vivek Gite +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[1]:http://www.cyberciti.biz/networking/nmap-command-examples-tutorials/ +[2]:http://www.cyberciti.biz/tips/linux-scanning-network-for-open-ports.html +[3]:http://www.cyberciti.biz/networking/nmap-command-examples-tutorials/ +[4]:http://www.manpager.com/linux/man1/nc.1.html +[5]:http://www.manpager.com/linux/man1/nmap.1.html diff --git a/sources/tech/20151202 8 things to do after installing openSUSE Leap 42.1.md b/sources/tech/20151202 8 things to do after installing openSUSE Leap 42.1.md new file mode 100644 index 0000000000..bbd79c19a3 --- /dev/null +++ b/sources/tech/20151202 8 things to do after installing openSUSE Leap 42.1.md @@ -0,0 +1,108 @@ +8 things to do after installing openSUSE Leap 42.1 +================================================================================ +![Credit: Metropolitan Transportation/Flicrk](http://images.techhive.com/images/article/2015/11/things-to-do-100626947-primary.idge.jpg) +Credit: [Metropolitan Transportation/Flicrk][1] + +> You've installed openSUSE on your PC. Here's what to do next. + +[openSUSE Leap is indeed a huge leap][2], allowing users to run a distro that has the same DNA of SUSE Linux Enterprise. Like any other operating system, some work is needed to get it set up for optimal use. + +Following are some of the things that I did after installing openSUSE Leap on my PC (these are not applicable for server installations). None of them are mandatory, and you may be fine with the basic install. But if you need more out of your openSUSE Leap, follow me. + +### 1. Adding Packman repository ### + +Due to software patents and licences, openSUSE, like many Linux distributions, doesn't offer many applications, codecs, and drivers through official repositories (repos). Instead, these are made available through 3rd party or community repos. The first and most important repository is 'Packman'. Since these repos are not enabled by default, we have to add them. You can do so either using YaST (one of the gems of openSUSE) or by command line (instructions below). + +![o42 yast repo](http://images.techhive.com/images/article/2015/11/o42-yast-repo-100626952-large970.idge.png) +Adding Packman repositories. + +Using YaST, go to the Software Repositories section. Click on the 'Add’ button and select 'Community Repositories.' Click 'next.' And once the repos are loaded, select the Packman Repository. Click 'OK,' then import the trusted GnuPG key by clicking on the 'Trust' button. + +Or, using the terminal you can add and enable the Packman repo using the following command: + + zypper ar -f -n packmanhttp://ftp.gwdg.de/pub/linux/misc/packman/suse/openSUSE_Leap_42.1/ packman + +Once the repo is added, you have access to many more packages. To install any application or package, open YaST Software Manager, search for the package and install it. + +### 2. Install VLC ### + +VLC is the Swiss Army knife of media players and can play virtually any media file. You can install VLC from YaST Software Manager or from software.opensuse.org. You will need to install two packages: vlc and vlc-codecs. + +If using terminal, run the following command: + + sudo zypper install vlc vlc-codecs + +### 3. Install Handbrake ### + +If you need to transcode or convert your video files from one format to another, [Handbrake is the tools for you][3]. Handbrake is available through repositories we enabled, so just search for it in YaST and install. + +If you are using the terminal, run the following command: + + sudo zypper install handbrake-cli handbrake-gtk + +(Pro tip: VLC can also transcode audio and video files.) + +### 4. Install Chrome ### + +OpenSUSE comes with Firefox as the default browser. But since Firefox isn't capable of playing restricted media such as Netflix, I recommend installing Chrome. This takes some extra work. First you need to import the trusted key from Google. Open the terminal app and run the 'wget' command to download the key: + + wget https://dl.google.com/linux/linux_signing_key.pub + +Then import the key: + + sudo rpm --import linux_signing_key.pub + +Now head over to the [Google Chrome website][4] and download the 64 bit .rpm file. Once downloaded run the following command to install the browser: + + sudo zypper install /PATH_OF_GOOGLE_CHROME.rpm + +### 5. Install Nvidia drivers ### + +OpenSUSE Leap will work out of the box even if you have Nvidia or ATI graphics cards. However, if you do need the proprietary drivers for gaming or any other purpose, you can install such drivers, but some extra work is needed. + +First you need to add the Nvidia repositories; it's the same procedure we used to add Packman repositories using YaST. The only difference is that you will choose Nvidia from the Community Repositories section. Once it's added, go to **Software Management > Extras** and select 'Extras/Install All Matching Recommended Packages'. + +![o42 nvidia](http://images.techhive.com/images/article/2015/11/o42-nvidia-100626950-large.idge.png) + +It will open a dialogue box showing all the packages it's going to install, click OK and follow the instructions. You can also run the following command after adding the Nvidia repository to install the needed Nvidia drivers: + + sudo zypper inr + +(Note: I have never used AMD/ATI cards so I have no experience with them.) + +### 6. Install media codecs ### + +Once you have VLC installed you won't need to install media codecs, but if you are using other apps for media playback you will need to install such codecs. Some developers have written scripts/tools which makes it a much easier process. Just go to [this page][5] and install the entire pack by clicking on the appropriate button. It will open YaST and install the packages automatically (of source you will have to give the root password and trust the GnuPG key, as usual). + +### 7. Install your preferred email client ### + +OpenSUSE comes with Kmail or Evolution, depending on the Desktop Environment you installed on the system. I run Plasma, which comes with Kmail, and this email client leaves a lot to be desired. I suggest trying Thunderbird or Evolution mail. All major email clients are available through official repositories. You can also check my [handpicked list of the best email clients for Linux][7]. + +### 8. Enable Samba services from Firewall ### + +OpenSUSE offers a much more secure system out of the box, compared to other distributions. But it also requires a little bit more work for a new user. If you are using Samba protocol to share files within your local network then you will have to allow that service from the Firewall. + +![o42 firewall](http://images.techhive.com/images/article/2015/11/o42-firewall-100626948-large970.idge.png) +Allow Samba Client and Server from Firewall settings. + +Open YaST and search for Firewall. Once in Firewall settings, go to 'Allowed Services' where you will see a drop down list under 'Service to allow.' Select 'Samba Client,' then click 'Add.' Do the same with the 'Samba Server' option. Once both are added, click 'Next,' then click 'Finish,' and now you will be able to share folders from your openSUSE system and also access other machines over the local network. + +That's pretty much all that I did on my new openSUSE system to set it up just the way I like it. If you have any questions, please feel free to ask in the comments below. + +-------------------------------------------------------------------------------- + +via: http://www.itworld.com/article/3003865/open-source-tools/8-things-to-do-after-installing-opensuse-leap-421.html + +作者:[Swapnil Bhartiya][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.itworld.com/author/Swapnil-Bhartiya/ +[1]:https://www.flickr.com/photos/mtaphotos/11200079265/ +[2]:https://www.linux.com/news/software/applications/865760-opensuse-leap-421-review-the-most-mature-linux-distribution +[3]:https://www.linux.com/learn/tutorials/857788-how-to-convert-videos-in-linux-using-the-command-line +[4]:https://www.google.com/intl/en/chrome/browser/desktop/index.html#brand=CHMB&utm_campaign=en&utm_source=en-ha-na-us-sk&utm_medium=ha +[5]:http://opensuse-community.org/ +[6]:http://www.itworld.com/article/2875981/the-5-best-open-source-email-clients-for-linux.html \ No newline at end of file diff --git a/sources/tech/20151202 A new Mindcraft moment.md b/sources/tech/20151202 A new Mindcraft moment.md new file mode 100644 index 0000000000..79930e8202 --- /dev/null +++ b/sources/tech/20151202 A new Mindcraft moment.md @@ -0,0 +1,43 @@ +A new Mindcraft moment? +======================= + +Credit:Jonathan Corbet + +It is not often that Linux kernel development attracts the attention of a mainstream newspaper like The Washington Post; lengthy features on the kernel community's approach to security are even more uncommon. So when just such a feature hit the net, it attracted a lot of attention. This article has gotten mixed reactions, with many seeing it as a direct attack on Linux. The motivations behind the article are hard to know, but history suggests that we may look back on it as having given us a much-needed push in a direction we should have been going for some time. + +Think back, a moment, to the dim and distant past — April 1999, to be specific. An analyst company named Mindcraft issued a report showing that Windows NT greatly outperformed Red Hat Linux 5.2 and Apache for web-server workloads. The outcry from the Linux community, including from a very young LWN, was swift and strong. The report was a piece of Microsoft-funded FUD trying to cut off an emerging threat to its world-domination plans. The Linux system had been deliberately configured for poor performance. The hardware chosen was not well supported by Linux at the time. And so on. + +Once people calmed down a bit, though, one other fact came clear: the Mindcraft folks, whatever their motivations, had a point. Linux did, indeed, have performance problems that were reasonably well understood even at the time. The community then did what it does best: we sat down and fixed the problems. The scheduler got exclusive wakeups, for example, to put an end to thethundering-herd problem in the acceptance of connection requests. Numerous other little problems were fixed. Within a year or so, the kernel's performance on this kind of workload had improved considerably. + +The Mindcraft report, in other words, was a much-needed kick in the rear that got the community to deal with issues that had been neglected until then. + +The Washington Post article seems clearly slanted toward a negative view of the Linux kernel and its contributors. It freely mixes kernel problems with other issues (the AshleyMadison.com breakin, for example) that were not kernel vulnerabilities at all. The fact that vendors seem to have little interest in getting security fixes to their customers is danced around like a huge elephant in the room. There are rumors of dark forces that drove the article in the hopes of taking Linux down a notch. All of this could well be true, but it should not be allowed to overshadow the simple fact that the article has a valid point. + +We do a reasonable job of finding and fixing bugs. Problems, whether they are security-related or not, are patched quickly, and the stable-update mechanism makes those patches available to kernel users. Compared to a lot of programs out there (free and proprietary alike), the kernel is quite well supported. But pointing at our ability to fix bugs is missing a crucial point: fixing security bugs is, in the end, a game of whack-a-mole. There will always be more moles, some of which we will not know about (and will thus be unable to whack) for a long time after they are discovered and exploited by attackers. These bugs leave our users vulnerable, even if the commercial side of Linux did a perfect job of getting fixes to users — which it decidedly does not. + +The point that developers concerned about security have been trying to make for a while is that fixing bugs is not enough. We must instead realize that we will never fix them all and focus on making bugs harder to exploit. That means restricting access to information about the kernel, making it impossible for the kernel to execute code in user-space memory, instrumenting the kernel to detect integer overflows, and all the other things laid out in Kees Cook's Kernel Summit talk at the end of October. Many of these techniques are well understood and have been adopted by other operating systems; others will require innovation on our part. But, if we want to adequately defend our users from attackers, these changes need to be made. + +Why hasn't the kernel adopted these technologies already? The Washington Post article puts the blame firmly on the development community, and on Linus Torvalds in particular. The culture of the kernel community prioritizes performance and functionality over security and is unwilling to make compromises if they are needed to improve the security of the kernel. There is some truth to this claim; the good news is that attitudes appear to be shifting as the scope of the problem becomes clear. Kees's talk was well received, and it clearly got developers thinking and talking about the issues. + +The point that has been missed is that we do not just have a case of Linus fending off useful security patches. There simply are not many such patches circulating in the kernel community. In particular, the few developers who are working in this area have never made a serious attempt to get that work integrated upstream. Getting any large, intrusive patch set merged requires working with the kernel community, making the case for the changes, splitting the changes into reviewable pieces, dealing with review comments, and so on. It can be tiresome and frustrating, but it's how the kernel works, and it clearly results in a more generally useful, more maintainable kernel in the long run. + +Almost nobody is doing that work to get new security technologies into the kernel. One might cite a "chilling effect" from the hostile reaction such patches can receive, but that is an inadequate answer: developers have managed to merge many changes over the years despite a difficult initial reaction. Few security developers are even trying. + +Why aren't they trying? One fairly obvious answer is that almost nobody is being paid to try. Almost all of the work going into the kernel is done by paid developers and has been for many years. The areas that companies see fit to support get a lot of work and are well advanced in the kernel. The areas that companies think are not their problem are rather less so. The difficulties in getting support for realtime development are a clear case in point. Other areas, such as documentation, tend to languish as well. Security is clearly one of those areas. There are a lot of reasons why Linux lags behind in defensive security technologies, but one of the key ones is that the companies making money on Linux have not prioritized the development and integration of those technologies. + +There are signs that things might be changing a bit. More developers are showing interest in security-related issues, though commercial support for their work is still less than it should be. The reaction against security-related changes might be less knee-jerk negative than it used to be. Efforts like the Kernel Self Protection Project are starting to work on integrating existing security technologies into the kernel. + +We have a long way to go, but, with some support and the right mindset, a lot of progress can be made in a short time. The kernel community can do amazing things when it sets its mind to it. With luck, the Washington Post article will help to provide the needed impetus for that sort of setting of mind. History suggests that we will eventually see this moment as a turning point, when we were finally embarrassed into doing work that has clearly needed doing for a while. Linux should not have a substandard security story for much longer. + +--------------------------- + +via: https://lwn.net/Articles/663474/ + +作者:Jonathan Corbet + +译者:[译者ID](https://github.com/译者ID) + +校对:[校对者ID](https://github.com/校对者ID) + + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 diff --git a/sources/tech/20151202 How to use the Linux ftp command to up- and download files on the shell.md b/sources/tech/20151202 How to use the Linux ftp command to up- and download files on the shell.md new file mode 100644 index 0000000000..54b69555c4 --- /dev/null +++ b/sources/tech/20151202 How to use the Linux ftp command to up- and download files on the shell.md @@ -0,0 +1,146 @@ +How to use the Linux ftp command to up- and download files on the shell +================================================================================ +In this tutorial, I will explain how to use the Linux ftp command on the shell. I will show you how to connect to an FTP server, up- and download files and create directories. While there are many nice desktops FTP clients available, the FTP command is still useful when you work remotely on a server over an SSH session and e.g. want to fetch a backup file from your FTP storage. + +### Step 1: Establishing an FTP connection ### + +To connect to the FTP server, we have to type in the terminal window '**ftp**' and then the domain name 'domain.com' or IP address of the FTP server. + +#### Examples: #### + + ftp domain.com + + ftp 192.168.0.1 + + ftp user@ftpdomain.com + +**Note: for this example we used an anonymous server.** + +Replace the IP and domain in the above examples with the IP address or domain of your FTP server. + +![The FTP login.](https://www.howtoforge.com/images/how-to-use-ftp-in-the-linux-shell/big/ftpanonymous.png) + +### Step 2: Login with User and Password ### + +Most FTP servers logins are password protected, so the server will ask us for a '**username**' and a '**password**'. + +If you connect to a so-called anonymous FTP server, then try to use "anonymous" as user name and a nempty password: + + Name: anonymous + + Password: + +The terminal will return a message like this: + + 230 Login successful. + Remote system type is UNIX. + Using binary mode to transfer files. + ftp> + +When you are logged in successfully. + +![Successful FTP login.](https://www.howtoforge.com/images/how-to-use-ftp-in-the-linux-shell/big/login.png) + +### Step 3: Working with Directories ### + +The commands to list, move and create folders on an FTP server are almost the same as we would use locally on our computer, ls for list, cd to change directories, mkdir to create directories... + +#### Listing directories with security settings: #### + + ftp> ls + +The server will return: + + 200 PORT command successful. Consider using PASV. + 150 Here comes the directory listing. + directory list + .... + .... + 226 Directory send OK. + +![List directories](https://www.howtoforge.com/images/how-to-use-ftp-in-the-linux-shell/big/listing.png) + +#### Changing Directories: #### + +To change the directory we can type: + + ftp> cd directory + +The server will return: + + 250 Directory succesfully changed. + +![Change a directory in FTP.](https://www.howtoforge.com/images/how-to-use-ftp-in-the-linux-shell/big/directory.png) + +### Step 4: Downloading files with FTP ### + +Before downloading a file, we should set the local ftp file download directory by using 'lcd' command: + + lcd /home/user/yourdirectoryname + +If you dont specify the download directory, the file will be downloaded to the current directory where you were at the time you started the FTP session. + +Now, we can use the command 'get' command to download a file, the usage is: + + get file + +The file will be downloaded to the directory previously set with the 'lcd' command. + +The server will return the next message: + + local: file remote: file + 200 PORT command successful. Consider using PASV. + 150 Opening BINARY mode data connection for file (xxx bytes). + 226 File send OK. + XXX bytes received in x.xx secs (x.xxx MB/s). + +![Download a file with FTP.](https://www.howtoforge.com/images/how-to-use-ftp-in-the-linux-shell/big/gettingfile.png) + +To download several files we can use wildcards. In this example I will download all files with the .xls file extension. + + mget *.xls + +### Step 5: Uploading Files with FTP ### + +We can upload files that are in the local directory where we made the FTP connection. + +To upload a file, we can use 'put' command. + + put file + +When the file that you want to upload is not in the local directory, you can use the absolute path starting with "/" as well: + + put /path/file + +To upload several files we can use the mput command similar to the mget example from above: + + mput *.xls + +### Step 6: Closing the FTP connection ### + +Once we have done the FTP work, we should close the connection for security reasons. There are three commands that we can use to close the connection: + + bye + + exit + + quit + +Any of them will disconnect our PC from the FTP server and will return: + + 221 Goodbye + +![](https://www.howtoforge.com/images/how-to-use-ftp-in-the-linux-shell/big/goodbye.png) + +If you need some additional help, once you are connected to the FTP server, type 'help' and this will show you all the available FTP commands. + +![](https://www.howtoforge.com/images/how-to-use-ftp-in-the-linux-shell/big/helpwindow.png) + +-------------------------------------------------------------------------------- + +via: https://www.howtoforge.com/tutorial/how-to-use-ftp-on-the-linux-shell/ + +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 \ No newline at end of file diff --git a/sources/tech/LFCS/Part 10 - LFCS--Understanding and Learning Basic Shell Scripting and Linux Filesystem Troubleshooting.md b/sources/tech/LFCS/Part 10 - LFCS--Understanding and Learning Basic Shell Scripting and Linux Filesystem Troubleshooting.md index 5dd1782a98..3ffb1dc54f 100644 --- a/sources/tech/LFCS/Part 10 - LFCS--Understanding and Learning Basic Shell Scripting and Linux Filesystem Troubleshooting.md +++ b/sources/tech/LFCS/Part 10 - LFCS--Understanding and Learning Basic Shell Scripting and Linux Filesystem Troubleshooting.md @@ -1,5 +1,3 @@ -Translating by Xuanwo - Part 10 - LFCS: Understanding & Learning Basic Shell Scripting and Linux Filesystem Troubleshooting ================================================================================ The Linux Foundation launched the LFCS certification (Linux Foundation Certified Sysadmin), a brand new initiative whose purpose is to allow individuals everywhere (and anywhere) to get certified in basic to intermediate operational support for Linux systems, which includes supporting running systems and services, along with overall monitoring and analysis, plus smart decision-making when it comes to raising issues to upper support teams. diff --git a/sources/tech/LFCS/Part 2 - LFCS--How to Install and Use vi or vim as a Full Text Editor.md b/sources/tech/LFCS/Part 2 - LFCS--How to Install and Use vi or vim as a Full Text Editor.md index 1d069e08ea..7fe8073a77 100644 --- a/sources/tech/LFCS/Part 2 - LFCS--How to Install and Use vi or vim as a Full Text Editor.md +++ b/sources/tech/LFCS/Part 2 - LFCS--How to Install and Use vi or vim as a Full Text Editor.md @@ -1,5 +1,3 @@ -Translating by Xuanwo - Part 2 - LFCS: How to Install and Use vi/vim as a Full Text Editor ================================================================================ A couple of months ago, the Linux Foundation launched the LFCS (Linux Foundation Certified Sysadmin) certification in order to help individuals from all over the world to verify they are capable of doing basic to intermediate system administration tasks on Linux systems: system support, first-hand troubleshooting and maintenance, plus intelligent decision-making to know when it’s time to raise issues to upper support teams. diff --git a/sources/tech/LFCS/Part 3 - LFCS--How to Archive or Compress Files and Directories Setting File Attributes and Finding Files in Linux.md b/sources/tech/LFCS/Part 3 - LFCS--How to Archive or Compress Files and Directories Setting File Attributes and Finding Files in Linux.md index 77fe5cf040..82cc54a5a6 100644 --- a/sources/tech/LFCS/Part 3 - LFCS--How to Archive or Compress Files and Directories Setting File Attributes and Finding Files in Linux.md +++ b/sources/tech/LFCS/Part 3 - LFCS--How to Archive or Compress Files and Directories Setting File Attributes and Finding Files in Linux.md @@ -1,5 +1,3 @@ -Translating by Xuanwo - Part 3 - LFCS: How to Archive/Compress Files & Directories, Setting File Attributes and Finding Files in Linux ================================================================================ Recently, the Linux Foundation started the LFCS (Linux Foundation Certified Sysadmin) certification, a brand new program whose purpose is allowing individuals from all corners of the globe to have access to an exam, which if approved, certifies that the person is knowledgeable in performing basic to intermediate system administration tasks on Linux systems. This includes supporting already running systems and services, along with first-level troubleshooting and analysis, plus the ability to decide when to escalate issues to engineering teams. diff --git a/sources/tech/LFCS/Part 4 - LFCS--Partitioning Storage Devices Formatting Filesystems and Configuring Swap Partition.md b/sources/tech/LFCS/Part 4 - LFCS--Partitioning Storage Devices Formatting Filesystems and Configuring Swap Partition.md index 93e4b2966b..ada637fabb 100644 --- a/sources/tech/LFCS/Part 4 - LFCS--Partitioning Storage Devices Formatting Filesystems and Configuring Swap Partition.md +++ b/sources/tech/LFCS/Part 4 - LFCS--Partitioning Storage Devices Formatting Filesystems and Configuring Swap Partition.md @@ -1,5 +1,3 @@ -Translating by Xuanwo - Part 4 - LFCS: Partitioning Storage Devices, Formatting Filesystems and Configuring Swap Partition ================================================================================ Last August, the Linux Foundation launched the LFCS certification (Linux Foundation Certified Sysadmin), a shiny chance for system administrators to show, through a performance-based exam, that they can perform overall operational support of Linux systems: system support, first-level diagnosing and monitoring, plus issue escalation – if needed – to other support teams. diff --git a/sources/tech/LFCS/Part 5 - LFCS--How to Mount or Unmount Local and Network Samba and NFS Filesystems in Linux.md b/sources/tech/LFCS/Part 5 - LFCS--How to Mount or Unmount Local and Network Samba and NFS Filesystems in Linux.md index 4316e32c16..1544a378bc 100644 --- a/sources/tech/LFCS/Part 5 - LFCS--How to Mount or Unmount Local and Network Samba and NFS Filesystems in Linux.md +++ b/sources/tech/LFCS/Part 5 - LFCS--How to Mount or Unmount Local and Network Samba and NFS Filesystems in Linux.md @@ -1,5 +1,3 @@ -Translating by Xuanwo - Part 5 - LFCS: How to Mount/Unmount Local and Network (Samba & NFS) Filesystems in Linux ================================================================================ The Linux Foundation launched the LFCS certification (Linux Foundation Certified Sysadmin), a brand new program whose purpose is allowing individuals from all corners of the globe to get certified in basic to intermediate system administration tasks for Linux systems, which includes supporting running systems and services, along with overall monitoring and analysis, plus smart decision-making when it comes to raising issues to upper support teams. diff --git a/sources/tech/LFCS/Part 6 - LFCS--Assembling Partitions as RAID Devices – Creating & Managing System Backups.md b/sources/tech/LFCS/Part 6 - LFCS--Assembling Partitions as RAID Devices – Creating & Managing System Backups.md index 901fb7b4f1..fd23db110f 100644 --- a/sources/tech/LFCS/Part 6 - LFCS--Assembling Partitions as RAID Devices – Creating & Managing System Backups.md +++ b/sources/tech/LFCS/Part 6 - LFCS--Assembling Partitions as RAID Devices – Creating & Managing System Backups.md @@ -1,5 +1,3 @@ -Translating by Xuanwo - Part 6 - LFCS: Assembling Partitions as RAID Devices – Creating & Managing System Backups ================================================================================ Recently, the Linux Foundation launched the LFCS (Linux Foundation Certified Sysadmin) certification, a shiny chance for system administrators everywhere to demonstrate, through a performance-based exam, that they are capable of performing overall operational support on Linux systems: system support, first-level diagnosing and monitoring, plus issue escalation, when required, to other support teams. diff --git a/sources/tech/LFCS/Part 7 - LFCS--Managing System Startup Process and Services SysVinit Systemd and Upstart.md b/sources/tech/LFCS/Part 7 - LFCS--Managing System Startup Process and Services SysVinit Systemd and Upstart.md index 4b7cdf9fe2..abf09ee523 100644 --- a/sources/tech/LFCS/Part 7 - LFCS--Managing System Startup Process and Services SysVinit Systemd and Upstart.md +++ b/sources/tech/LFCS/Part 7 - LFCS--Managing System Startup Process and Services SysVinit Systemd and Upstart.md @@ -1,5 +1,3 @@ -Translating by Xuanwo - Part 7 - LFCS: Managing System Startup Process and Services (SysVinit, Systemd and Upstart) ================================================================================ A couple of months ago, the Linux Foundation announced the LFCS (Linux Foundation Certified Sysadmin) certification, an exciting new program whose aim is allowing individuals from all ends of the world to get certified in performing basic to intermediate system administration tasks on Linux systems. This includes supporting already running systems and services, along with first-hand problem-finding and analysis, plus the ability to decide when to raise issues to engineering teams. diff --git a/sources/tech/LFCS/Part 8 - LFCS--Managing Users and Groups File Permissions and Attributes and Enabling sudo Access on Accounts.md b/sources/tech/LFCS/Part 8 - LFCS--Managing Users and Groups File Permissions and Attributes and Enabling sudo Access on Accounts.md index 50f39ee2d9..2cec4de4ae 100644 --- a/sources/tech/LFCS/Part 8 - LFCS--Managing Users and Groups File Permissions and Attributes and Enabling sudo Access on Accounts.md +++ b/sources/tech/LFCS/Part 8 - LFCS--Managing Users and Groups File Permissions and Attributes and Enabling sudo Access on Accounts.md @@ -1,5 +1,3 @@ -Translating by Xuanwo - Part 8 - LFCS: Managing Users & Groups, File Permissions & Attributes and Enabling sudo Access on Accounts ================================================================================ Last August, the Linux Foundation started the LFCS certification (Linux Foundation Certified Sysadmin), a brand new program whose purpose is to allow individuals everywhere and anywhere take an exam in order to get certified in basic to intermediate operational support for Linux systems, which includes supporting running systems and services, along with overall monitoring and analysis, plus intelligent decision-making to be able to decide when it’s necessary to escalate issues to higher level support teams. diff --git a/sources/tech/LFCS/Part 9 - LFCS--Linux Package Management with Yum RPM Apt Dpkg Aptitude and Zypper.md b/sources/tech/LFCS/Part 9 - LFCS--Linux Package Management with Yum RPM Apt Dpkg Aptitude and Zypper.md index a363a50c09..af967e18d4 100644 --- a/sources/tech/LFCS/Part 9 - LFCS--Linux Package Management with Yum RPM Apt Dpkg Aptitude and Zypper.md +++ b/sources/tech/LFCS/Part 9 - LFCS--Linux Package Management with Yum RPM Apt Dpkg Aptitude and Zypper.md @@ -1,5 +1,4 @@ -Translating by Xuanwo - +Flowsnow translating... Part 9 - LFCS: Linux Package Management with Yum, RPM, Apt, Dpkg, Aptitude and Zypper ================================================================================ Last August, the Linux Foundation announced the LFCS certification (Linux Foundation Certified Sysadmin), a shiny chance for system administrators everywhere to demonstrate, through a performance-based exam, that they are capable of succeeding at overall operational support for Linux systems. A Linux Foundation Certified Sysadmin has the expertise to ensure effective system support, first-level troubleshooting and monitoring, including finally issue escalation, when needed, to engineering support teams. @@ -228,4 +227,4 @@ via: http://www.tecmint.com/linux-package-management/ [2]:http://www.tecmint.com/useful-basic-commands-of-apt-get-and-apt-cache-for-package-management/ [3]:http://www.tecmint.com/20-practical-examples-of-rpm-commands-in-linux/ [4]:http://www.tecmint.com/20-linux-yum-yellowdog-updater-modified-commands-for-package-mangement/ -[5]:http://www.tecmint.com/sed-command-to-create-edit-and-manipulate-files-in-linux/ \ No newline at end of file +[5]:http://www.tecmint.com/sed-command-to-create-edit-and-manipulate-files-in-linux/ diff --git a/sources/tech/Learn with Linux/Learn with Linux--Master Your Math with These Linux Apps.md b/sources/tech/Learn with Linux/Learn with Linux--Master Your Math with These Linux Apps.md deleted file mode 100644 index f4625c6c13..0000000000 --- a/sources/tech/Learn with Linux/Learn with Linux--Master Your Math with These Linux Apps.md +++ /dev/null @@ -1,126 +0,0 @@ -Translated by KnightJoker - -用Linux学习:使用这些Linux应用来征服你的数学 -================================================================================ -![](https://www.maketecheasier.com/assets/uploads/2015/07/learnmath-featured.png) - -这篇文章是[用Linux学习][1]系列的一部分: - -- [用Linux学习: 学习类型][2] -- [用Linux学习: 物理模拟][3] -- [用Linux学习: 学习音乐][4] -- [用Linux学习: 两个地理应用程序][5] -- [用Linux学习: 用这些Linux应用来征服你的数学][6] - - -Linux提供了大量的教育软件和许多优秀的工具来帮助所有年龄段的学生学习和练习各种各样的话题,常常以交互的方式。与Linux一起学习这一系列的文章则为这些各种各样的教育软件和应用提供了一个介绍。 - -数学是计算机的核心。如果有人用精益求精和纪律来预期一个伟大的操作系统,比如GNU/ Linux,那么这将是数学。如果你在寻求一些数学应用程序,那么你将不会感到失望。Linux提供了很多优秀的工具使得数学看起来和你曾经做过的一样令人畏惧,但实际上他们会简化你使用它的方式。 -### Gnuplot ### - -Gnuplot 是一个适用于不同平台的命令行脚本化和多功能的图形工具。尽管它的名字,并不是GNU操作系统的一部分。也没有免费授权,但它是免费软件(这意味着它受版权保护,但免费使用)。 - -要在Ubuntu系统(或者衍生系统)上安装 `gnuplot`,输入: - sudo apt-get install gnuplot gnuplot-x11 - -进入一个终端窗口。启动该程序,输入: - - gnuplot - -你会看到一个简单的命令行界面: - -![learnmath-gnuplot](https://www.maketecheasier.com/assets/uploads/2015/07/learnmath-gnuplot.png) - -在其中您可以直接开始输入函数。绘图命令将绘制一个曲线图。 - -输入内容,例如, - - plot sin(x)/x - -随着`gnuplot的`提示,将会打开一个新的窗口,图像便会在里面呈现。 - -![learnmath-gnuplot-plot1](https://www.maketecheasier.com/assets/uploads/2015/07/learnmath-gnuplot-plot1.png) - -你也可以在线这个图设置不同的属性,比如像这样指定“title” - - plot sin(x) title 'Sine Function', tan(x) title 'Tangent' - -![learnmath-gnuplot-plot2](https://www.maketecheasier.com/assets/uploads/2015/07/learnmath-gnuplot-plot2.png) - -使用`splot`命令,你可以给的东西更深入一点并且绘制3D图形 - - splot sin(x*y/20) - -![learnmath-gnuplot-plot3](https://www.maketecheasier.com/assets/uploads/2015/07/learnmath-gnuplot-plot3.png) - -这个窗口有几个基本的配置选项, - -![learnmath-gnuplot-options](https://www.maketecheasier.com/assets/uploads/2015/07/learnmath-gnuplot-options.png) - -但是`gnuplot`的真正力量在于在它的命令行和脚本功能,`gnuplot`广泛完整的文档可在这里找到,并在[Duke大学网站][8]上面看见这个了不起的教程[7]的原始版本。 - -### Maxima ### - -[Maxima][9]是从Macsyma原始资料开发的一个计算机代数系统,根据它的 SourceForge 页面, - -> “Maxima是符号和数值的表达,包括微分,积分,泰勒级数,拉普拉斯变换,常微分方程,线性方程组,多项式,集合,列表,向量,矩阵和张量系统的操纵系统。Maxima通过精确的分数,任意精度的整数和可变精度浮点数产生高精度的计算结果。Maxima可以二维和三维中绘制函数和数据。“ - -你将会获得二进制包用于大多数Ubuntu衍生系统的Maxima以及它的图形界面中,插入所有包,输入: - - sudo apt-get install maxima xmaxima wxmaxima - -在终端窗口中,Maxima是一个没有太多UI的命令行工具,但如果你开始wxmaxima,你会进入一个简单但功能强大的图形用户界面。 - -![learnmath-maxima](https://www.maketecheasier.com/assets/uploads/2015/07/learnmath-maxima.png) - -你可以开始输入这个来简单的一个开始。(提示:如果你想计算一个表达式,使用“Shift + Enter”回车后会增加更多的方法) - -Maxima可以用于一些简单的问题,因此也可以作为一个计算器, - -![learnmath-maxima-1and1](https://www.maketecheasier.com/assets/uploads/2015/07/learnmath-maxima-1and1.png) - -以及一些更复杂的问题, - -![learnmath-maxima-functions](https://www.maketecheasier.com/assets/uploads/2015/07/learnmath-maxima-functions.png) - -它使用`gnuplot`使得绘制简单, - -![learnmath-maxima-plot](https://www.maketecheasier.com/assets/uploads/2015/07/learnmath-maxima-plot.png) - -或者绘制一些复杂的图形. - -![learnmath-maxima-plot2](https://www.maketecheasier.com/assets/uploads/2015/07/learnmath-maxima-plot2.png) - -(它需要gnuplot-X11的包,来显示它们。) - -除了美化一些图形,Maxima也尽可能用latex格式导出它们,或者通过右键是捷菜单进行一些突出的操作. - -![learnmath-maxima-menu](https://www.maketecheasier.com/assets/uploads/2015/07/learnmath-maxima-menu.png) - -然而其主菜单还是提供了大量压倒性的功能,当然Maxima的功能远不止如此,这里也有一个广泛使用的在线文档。 - -### 总结 ### - -数学不是一个简单的学科,这些在Linux上的优秀软件也没有使得数学更加简单,但是这些应用使得使用数学变得更加的简单和工程化。以上两种应用都只是介绍一下Linux的所提供的。如果你是认真从事数学和需要更多的功能与丰富的文档,那你更应该看看这些Mathbuntu项目。 --------------------------------------------------------------------------------- - -via: https://www.maketecheasier.com/learn-linux-maths/ - -作者:[Attila Orosz][a] -译者:[KnightJoker](https://github.com/KnightJoker/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:https://www.maketecheasier.com/author/attilaorosz/ -[1]:https://www.maketecheasier.com/series/learn-with-linux/ -[2]:https://www.maketecheasier.com/learn-to-type-in-linux/ -[3]:https://www.maketecheasier.com/linux-physics-simulation/ -[4]:https://www.maketecheasier.com/linux-learning-music/ -[5]:https://www.maketecheasier.com/linux-geography-apps/ -[6]:https://www.maketecheasier.com/learn-linux-maths/ -[7]:http://www.gnuplot.info/documentation.html -[8]:http://people.duke.edu/~hpgavin/gnuplot.html -[9]:http://maxima.sourceforge.net/ -[10]:http://maxima.sourceforge.net/documentation.html -[11]:http://www.mathbuntu.org/ \ No newline at end of file diff --git a/sources/tech/Linux or UNIX grep Command Tutorial series/20151127 Linux or UNIX grep Command Tutorial series 2--Regular Expressions In grep.md b/sources/tech/Linux or UNIX grep Command Tutorial series/20151127 Linux or UNIX grep Command Tutorial series 2--Regular Expressions In grep.md new file mode 100644 index 0000000000..8bac50fe25 --- /dev/null +++ b/sources/tech/Linux or UNIX grep Command Tutorial series/20151127 Linux or UNIX grep Command Tutorial series 2--Regular Expressions In grep.md @@ -0,0 +1,290 @@ +(translating by runningwater) +Regular Expressions In grep +================================================================================ +How do I use the Grep command with regular expressions on a Linux and Unix-like operating systems? + +Linux comes with GNU grep, which supports extended regular expressions. GNU grep is the default on all Linux systems. The grep command is used to locate information stored anywhere on your server or workstation. + +### Regular Expressions ### + +Regular Expressions is nothing but a pattern to match for each input line. A pattern is a sequence of characters. Following all are examples of pattern: + + ^w1 + w1|w2 + [^ ] + +#### grep Regular Expressions Examples #### + +Search for 'vivek' in /etc/passswd + + grep vivek /etc/passwd + +Sample outputs: + + vivek:x:1000:1000:Vivek Gite,,,:/home/vivek:/bin/bash + vivekgite:x:1001:1001::/home/vivekgite:/bin/sh + gitevivek:x:1002:1002::/home/gitevivek:/bin/sh + +Search vivek in any case (i.e. case insensitive search) + + grep -i -w vivek /etc/passwd + +Search vivek or raj in any case + + grep -E -i -w 'vivek|raj' /etc/passwd + +The PATTERN in last example, used as an extended regular expression. + +### Anchors ### + +You can use ^ and $ to force a regex to match only at the start or end of a line, respectively. The following example displays lines starting with the vivek only: + + grep ^vivek /etc/passwd + +Sample outputs: + + vivek:x:1000:1000:Vivek Gite,,,:/home/vivek:/bin/bash + vivekgite:x:1001:1001::/home/vivekgite:/bin/sh + +You can display only lines starting with the word vivek only i.e. do not display vivekgite, vivekg etc: + + grep -w ^vivek /etc/passwd + +Find lines ending with word foo: +grep 'foo$' filename + +Match line only containing foo: + + grep '^foo$' filename + +You can search for blank lines with the following examples: + + grep '^$' filename + +### Character Class ### + +Match Vivek or vivek: + + grep '[vV]ivek' filename + +OR + + grep '[vV][iI][Vv][Ee][kK]' filename + +You can also match digits (i.e match vivek1 or Vivek2 etc): + + grep -w '[vV]ivek[0-9]' filename + +You can match two numeric digits (i.e. match foo11, foo12 etc): + + grep 'foo[0-9][0-9]' filename + +You are not limited to digits, you can match at least one letter: + + grep '[A-Za-z]' filename + +Display all the lines containing either a "w" or "n" character: + + grep [wn] filename + +Within a bracket expression, the name of a character class enclosed in "[:" and ":]" stands for the list of all characters belonging to that class. Standard character class names are: + +- [:alnum:] - Alphanumeric characters. +- [:alpha:] - Alphabetic characters +- [:blank:] - Blank characters: space and tab. +- [:digit:] - Digits: '0 1 2 3 4 5 6 7 8 9'. +- [:lower:] - Lower-case letters: 'a b c d e f g h i j k l m n o p q r s t u v w x y z'. +- [:space:] - Space characters: tab, newline, vertical tab, form feed, carriage return, and space. +- [:upper:] - Upper-case letters: 'A B C D E F G H I J K L M N O P Q R S T U V W X Y Z'. + +In this example match all upper case letters: + + grep '[:upper:]' filename + +### Wildcards ### + +You can use the "." for a single character match. In this example match all 3 character word starting with "b" and ending in "t": + + grep '\' filename + +Where, + +- \< Match the empty string at the beginning of word +- \> Match the empty string at the end of word. + +Print all lines with exactly two characters: + + grep '^..$' filename + +Display any lines starting with a dot and digit: + + grep '^\.[0-9]' filename + +#### Escaping the dot #### + +The following regex to find an IP address 192.168.1.254 will not work: + + grep '192.168.1.254' /etc/hosts + +All three dots need to be escaped: + + grep '192\.168\.1\.254' /etc/hosts + +The following example will only match an IP address: + + egrep '[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}\.[[:digit:]]{1,3}' filename + +The following will match word Linux or UNIX in any case: + + egrep -i '^(linux|unix)' filename + +### How Do I Search a Pattern Which Has a Leading - Symbol? ### + +Searches for all lines matching '--test--' using -e option Without -e, grep would attempt to parse '--test--' as a list of options: + + grep -e '--test--' filename + +### How Do I do OR with grep? ### + +Use the following syntax: + + grep 'word1|word2' filename + +OR + + grep 'word1\|word2' filename + +### How Do I do AND with grep? ### + +Use the following syntax to display all lines that contain both 'word1' and 'word2' + + grep 'word1' filename | grep 'word2' + +### How Do I Test Sequence? ### + +You can test how often a character must be repeated in sequence using the following syntax: + + {N} + {N,} + {min,max} + +Match a character "v" two times: + + egrep "v{2}" filename + +The following will match both "col" and "cool": + + egrep 'co{1,2}l' filename + +The following will match any row of at least three letters 'c'. + + egrep 'c{3,}' filename + +The following example will match mobile number which is in the following format 91-1234567890 (i.e twodigit-tendigit) + + grep "[[:digit:]]\{2\}[ -]\?[[:digit:]]\{10\}" filename + +### How Do I Hightlight with grep? ### + +Use the following syntax: + + grep --color regex filename + +How Do I Show Only The Matches, Not The Lines? + +Use the following syntax: + + grep -o regex filename + +### Regular Expression Operator ### + +注:表格 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Regex operatorMeaning
.Matches any single character.
?The preceding item is optional and will be matched, at most, once.
*The preceding item will be matched zero or more times.
+The preceding item will be matched one or more times.
{N}The preceding item is matched exactly N times.
{N,}The preceding item is matched N or more times.
{N,M}The preceding item is matched at least N times, but not more than M times.
-Represents the range if it's not first or last in a list or the ending point of a range in a list.
^Matches the empty string at the beginning of a line; also represents the characters not in the range of a list.
$Matches the empty string at the end of a line.
\bMatches the empty string at the edge of a word.
\BMatches the empty string provided it's not at the edge of a word.
\<Match the empty string at the beginning of word.
\> Match the empty string at the end of word.
+ +#### grep vs egrep #### + +egrep is the same as **grep -E**. It interpret PATTERN as an extended regular expression. From the grep man page: + + In basic regular expressions the meta-characters ?, +, {, |, (, and ) lose their special meaning; instead use the backslashed versions \?, \+, \{, + \|, \(, and \). + Traditional egrep did not support the { meta-character, and some egrep implementations support \{ instead, so portable scripts should avoid { in + grep -E patterns and should use [{] to match a literal {. + GNU grep -E attempts to support traditional usage by assuming that { is not special if it would be the start of an invalid interval specification. + For example, the command grep -E '{1' searches for the two-character string {1 instead of reporting a syntax error in the regular expression. + POSIX.2 allows this behavior as an extension, but portable scripts should avoid it. + +References: + +- man page grep and regex(7) +- info page grep` + +-------------------------------------------------------------------------------- + +via: http://www.cyberciti.biz/faq/grep-regular-expressions/ + +作者:Vivek Gite +译者:[runningwater](https://github.com/runningwater) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 \ No newline at end of file diff --git a/sources/tech/Linux or UNIX grep Command Tutorial series/20151127 Linux or UNIX grep Command Tutorial series 3--Search Multiple Words or String Pattern Using grep Command.md b/sources/tech/Linux or UNIX grep Command Tutorial series/20151127 Linux or UNIX grep Command Tutorial series 3--Search Multiple Words or String Pattern Using grep Command.md new file mode 100644 index 0000000000..bb12d2e1b3 --- /dev/null +++ b/sources/tech/Linux or UNIX grep Command Tutorial series/20151127 Linux or UNIX grep Command Tutorial series 3--Search Multiple Words or String Pattern Using grep Command.md @@ -0,0 +1,41 @@ +Search Multiple Words / String Pattern Using grep Command +================================================================================ +How do I search multiple strings or words using the grep command? For example I'd like to search word1, word2, word3 and so on within /path/to/file. How do I force grep to search multiple words? + +The [grep command supports regular expression][1] pattern. To search multiple words, use following syntax: + + grep 'word1\|word2\|word3' /path/to/file + +In this example, search warning, error, and critical words in a text log file called /var/log/messages, enter: + + $ grep 'warning\|error\|critical' /var/log/messages + +To just match words, add -w swith: + + $ grep -w 'warning\|error\|critical' /var/log/messages + +egrep command can skip the above syntax and use the following syntax: + + $ egrep -w 'warning|error|critical' /var/log/messages + +I recommend that you pass the -i (ignore case) and --color option as follows: + + $ egrep -wi --color 'warning|error|critical' /var/log/messages + +Sample outputs: + +![Fig.01: Linux / Unix egrep Command Search Multiple Words Demo Output](http://s0.cyberciti.org/uploads/faq/2008/04/egrep-words-output.png) + +Fig.01: Linux / Unix egrep Command Search Multiple Words Demo Output + +-------------------------------------------------------------------------------- + +via: http://www.cyberciti.biz/faq/searching-multiple-words-string-using-grep/ + +作者:Vivek Gite +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[1]:http://www.cyberciti.biz/faq/grep-regular-expressions/ \ No newline at end of file diff --git a/sources/tech/Linux or UNIX grep Command Tutorial series/20151127 Linux or UNIX grep Command Tutorial series 4--Grep Count Lines If a String or Word Matches.md b/sources/tech/Linux or UNIX grep Command Tutorial series/20151127 Linux or UNIX grep Command Tutorial series 4--Grep Count Lines If a String or Word Matches.md new file mode 100644 index 0000000000..cc11cf85c2 --- /dev/null +++ b/sources/tech/Linux or UNIX grep Command Tutorial series/20151127 Linux or UNIX grep Command Tutorial series 4--Grep Count Lines If a String or Word Matches.md @@ -0,0 +1,33 @@ +Grep Count Lines If a String / Word Matches +================================================================================ +How do I count lines if given word or string matches for each input file under Linux or UNIX operating systems? + +You need to pass the -c or --count option to suppress normal output. It will display a count of matching lines for each input file: + + $ grep -c vivek /etc/passwd + +OR + + $ grep -w -c vivek /etc/passwd + +Sample outputs: + + 1 + +However, with the -v or --invert-match option it will count non-matching lines, enter: + + $ grep -c vivek /etc/passwd + +Sample outputs: + + 45 + +-------------------------------------------------------------------------------- + +via: http://www.cyberciti.biz/faq/grep-count-lines-if-a-string-word-matches/ + +作者:Vivek Gite +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 \ No newline at end of file diff --git a/sources/tech/Linux or UNIX grep Command Tutorial series/20151127 Linux or UNIX grep Command Tutorial series 5--Grep From Files and Display the File Name.md b/sources/tech/Linux or UNIX grep Command Tutorial series/20151127 Linux or UNIX grep Command Tutorial series 5--Grep From Files and Display the File Name.md new file mode 100644 index 0000000000..6fa9dc7a27 --- /dev/null +++ b/sources/tech/Linux or UNIX grep Command Tutorial series/20151127 Linux or UNIX grep Command Tutorial series 5--Grep From Files and Display the File Name.md @@ -0,0 +1,67 @@ +Grep From Files and Display the File Name +================================================================================ +How do I grep from a number of files and display the file name only? + +When there is more than one file to search it will display file name by default: + + grep "word" filename + grep root /etc/* + +Sample outputs: + + /etc/bash.bashrc: See "man sudo_root" for details. + /etc/crontab:17 * * * * root cd / && run-parts --report /etc/cron.hourly + /etc/crontab:25 6 * * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.daily ) + /etc/crontab:47 6 * * 7 root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly ) + /etc/crontab:52 6 1 * * root test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.monthly ) + /etc/group:root:x:0: + grep: /etc/gshadow: Permission denied + /etc/logrotate.conf: create 0664 root utmp + /etc/logrotate.conf: create 0660 root utmp + +The first name is file name (e.g., /etc/crontab, /etc/group). The -l option will only print filename if th + + grep -l "string" filename + grep -l root /etc/* + +Sample outputs: + + /etc/aliases + /etc/arpwatch.conf + grep: /etc/at.deny: Permission denied + /etc/bash.bashrc + /etc/bash_completion + /etc/ca-certificates.conf + /etc/crontab + /etc/group + +You can suppress normal output; instead print the name of each input file from **which no output would normally have been** printed: + + grep -L "word" filename + grep -L root /etc/* + +Sample outputs: + + /etc/apm + /etc/apparmor + /etc/apparmor.d + /etc/apport + /etc/apt + /etc/avahi + /etc/bash_completion.d + /etc/bindresvport.blacklist + /etc/blkid.conf + /etc/bluetooth + /etc/bogofilter.cf + /etc/bonobo-activation + /etc/brlapi.key + +-------------------------------------------------------------------------------- + +via: http://www.cyberciti.biz/faq/grep-from-files-and-display-the-file-name/ + +作者:Vivek Gite +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 \ No newline at end of file diff --git a/sources/tech/Linux or UNIX grep Command Tutorial series/20151127 Linux or UNIX grep Command Tutorial series 6--How To Find Files by Content Under UNIX.md b/sources/tech/Linux or UNIX grep Command Tutorial series/20151127 Linux or UNIX grep Command Tutorial series 6--How To Find Files by Content Under UNIX.md new file mode 100644 index 0000000000..3d5943fc07 --- /dev/null +++ b/sources/tech/Linux or UNIX grep Command Tutorial series/20151127 Linux or UNIX grep Command Tutorial series 6--How To Find Files by Content Under UNIX.md @@ -0,0 +1,66 @@ +How To Find Files by Content Under UNIX +================================================================================ +I had written lots of code in C for my school work and saved it as source code under /home/user/c/*.c and *.h. How do I find files by content such as string or words (function name such as main() under UNIX shell prompt? + +You need to use the following tools: + +[a] **grep command** : print lines matching a pattern. + +[b] **find command**: search for files in a directory hierarchy. + +### [grep Command To Find Files By][1] Content ### + +Type the command as follows: + + grep 'string' *.txt + grep 'main(' *.c + grep '#include' *.c + grep 'getChar*' *.c + grep -i 'ultra' *.conf + grep -iR 'ultra' *.conf + +Where + +- **-i** : Ignore case distinctions in both the PATTERN (match valid, VALID, ValID string) and the input files (math file.c FILE.c FILE.C filename). +- **-R** : Read all files under each directory, recursively + +### Highlighting searched patterns ### + +You can highlight patterns easily while searching large number of files: + + $ grep --color=auto -iR 'getChar();' *.c + +### Displaying file names and line number for searched patterns ### + +You may also need to display filenames and numbers: + + $ grep --color=auto -iRnH 'getChar();' *.c + +Where, + +- **-n** : Prefix each line of output with the 1-based line number within its input file. +- **-H** Print the file name for each match. This is the default when there is more than one file to search. + + $grep --color=auto -nH 'DIR' * + +Sample output: + +![Fig.01: grep command displaying searched pattern](http://www.cyberciti.biz/faq/wp-content/uploads/2008/09/grep-command.png) + +Fig.01: grep command displaying searched pattern + +You can also use find command: + + $ find . -name "*.c" -print | xargs grep "main(" + +-------------------------------------------------------------------------------- + +via: http://www.cyberciti.biz/faq/unix-linux-finding-files-by-content/ + +作者:Vivek Gite +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[1]:http://www.cyberciti.biz/faq/howto-search-find-file-for-text-string/ \ No newline at end of file diff --git a/sources/tech/Linux or UNIX grep Command Tutorial series/20151127 Linux or UNIX grep Command Tutorial series 7--Linux or UNIX View Only Configuration File Directives Uncommented Lines of a Config File.md b/sources/tech/Linux or UNIX grep Command Tutorial series/20151127 Linux or UNIX grep Command Tutorial series 7--Linux or UNIX View Only Configuration File Directives Uncommented Lines of a Config File.md new file mode 100644 index 0000000000..d7d520326e --- /dev/null +++ b/sources/tech/Linux or UNIX grep Command Tutorial series/20151127 Linux or UNIX grep Command Tutorial series 7--Linux or UNIX View Only Configuration File Directives Uncommented Lines of a Config File.md @@ -0,0 +1,151 @@ +Linux / UNIX View Only Configuration File Directives ( Uncommented Lines of a Config File ) +================================================================================ +Most Linux and UNIX-like system configuration files are documented using comments, but some time I just need to see line of configuration text in a config file. How can I view just the uncommented configuration file directives from squid.conf or httpd.conf file? How can I strip out comments and blank lines on a Linux or Unix-like systems? + +To view just the uncommented lines of text in a config file use the grep, sed, awk, perl or any other text processing utility provided by UNIX / BSD / OS X / Linux operating systems. + +### grep command example to strip out command ### + +You can use the gerp command as follows: + + $ grep -v "^#" /path/to/config/file + $ grep -v "^#" /etc/apache2/apache2.conf + +Sample outputs: + + ServerRoot "/etc/apache2" + + LockFile /var/lock/apache2/accept.lock + + PidFile ${APACHE_PID_FILE} + + Timeout 300 + + KeepAlive On + + MaxKeepAliveRequests 100 + + KeepAliveTimeout 15 + + + + StartServers 5 + MinSpareServers 5 + MaxSpareServers 10 + MaxClients 150 + MaxRequestsPerChild 0 + + + + StartServers 2 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxClients 150 + MaxRequestsPerChild 0 + + + + StartServers 2 + MaxClients 150 + MinSpareThreads 25 + MaxSpareThreads 75 + ThreadLimit 64 + ThreadsPerChild 25 + MaxRequestsPerChild 0 + + + User ${APACHE_RUN_USER} + Group ${APACHE_RUN_GROUP} + + + AccessFileName .htaccess + + + Order allow,deny + Deny from all + Satisfy all + + + DefaultType text/plain + + + HostnameLookups Off + + ErrorLog /var/log/apache2/error.log + + LogLevel warn + + Include /etc/apache2/mods-enabled/*.load + Include /etc/apache2/mods-enabled/*.conf + + Include /etc/apache2/httpd.conf + + Include /etc/apache2/ports.conf + + LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined + LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined + LogFormat "%h %l %u %t \"%r\" %>s %O" common + LogFormat "%{Referer}i -> %U" referer + LogFormat "%{User-agent}i" agent + + CustomLog /var/log/apache2/other_vhosts_access.log vhost_combined + + + + Include /etc/apache2/conf.d/ + + Include /etc/apache2/sites-enabled/ + +To suppress blank lines use [egrep command][1], run: + + egrep -v "^#|^$" /etc/apache2/apache2.conf + ## or pass it to the page such as more or less ## + egrep -v "^#|^$" /etc/apache2/apache2.conf | less + + ## Bash function ###################################### + ## or create function or alias and use it as follows ## + ## viewconfig /etc/squid/squid.conf ## + ####################################################### + viewconfig(){ + local f="$1" + [ -f "$1" ] && command egrep -v "^#|^$" "$f" || echo "Error $1 file not found." + } + +Sample output: + +![Fig.01: Unix/Linux Egrep Strip Out Comments Blank Lines](http://s0.cyberciti.org/uploads/faq/2008/05/grep-strip-out-comments-blank-lines.jpg) + +Fig.01: Unix/Linux Egrep Strip Out Comments Blank Lines + +### Understanding grep/egrep command line options ### + +The -v option invert the sense of matching, to select non-matching lines. This option should work under all posix based systems. The regex ^$ matches and removes all blank lines and ^# matches and removes all comments that starts with a "#". + +### sed Command example ### + +GNU / sed command can be used as follows: + + $ sed '/ *#/d; /^ *$/d' /path/to/file + $ sed '/ *#/d; /^ *$/d' /etc/apache2/apache2.conf + +GNU or BSD sed can update your config file too. The syntax is as follows to edit files in-place, saving backups with the specified extension such as .bak: + + sed -i'.bak.2015.12.27' '/ *#/d; /^ *$/d' /etc/apache2/apache2.conf + +For more info see man pages - [grep(1)][2], [sed(1)][3] + +-------------------------------------------------------------------------------- + +via: http://www.cyberciti.biz/faq/shell-display-uncommented-lines-only/ + +作者:Vivek Gite +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[1]:http://www.cyberciti.biz/faq/grep-regular-expressions/ +[2]:http://www.manpager.com/linux/man1/grep.1.html +[3]:http://www.manpager.com/linux/man1/sed.1.html \ No newline at end of file diff --git a/sources/tech/RAID/Part 8 - How to Recover Data and Rebuild Failed Software RAID's.md b/sources/tech/RAID/Part 8 - How to Recover Data and Rebuild Failed Software RAID's.md deleted file mode 100644 index 2acf1dfd86..0000000000 --- a/sources/tech/RAID/Part 8 - How to Recover Data and Rebuild Failed Software RAID's.md +++ /dev/null @@ -1,167 +0,0 @@ -How to Recover Data and Rebuild Failed Software RAID’s – Part 8 -================================================================================ -In the previous articles of this [RAID series][1] you went from zero to RAID hero. We reviewed several software RAID configurations and explained the essentials of each one, along with the reasons why you would lean towards one or the other depending on your specific scenario. - -![Recover Rebuild Failed Software RAID's](http://www.tecmint.com/wp-content/uploads/2015/10/Recover-Rebuild-Failed-Software-RAID.png) - -Recover Rebuild Failed Software RAID’s – Part 8 - -In this guide we will discuss how to rebuild a software RAID array without data loss when in the event of a disk failure. For brevity, we will only consider a RAID 1 setup – but the concepts and commands apply to all cases alike. - -#### RAID Testing Scenario #### - -Before proceeding further, please make sure you have set up a RAID 1 array following the instructions provided in Part 3 of this series: [How to set up RAID 1 (Mirror) in Linux][2]. - -The only variations in our present case will be: - -1) a different version of CentOS (v7) than the one used in that article (v6.5), and - -2) different disk sizes for /dev/sdb and /dev/sdc (8 GB each). - -In addition, if SELinux is enabled in enforcing mode, you will need to add the corresponding labels to the directory where you’ll mount the RAID device. Otherwise, you’ll run into this warning message while attempting to mount it: - -![SELinux RAID Mount Error](http://www.tecmint.com/wp-content/uploads/2015/10/SELinux-RAID-Mount-Error.png) - -SELinux RAID Mount Error - -You can fix this by running: - - # restorecon -R /mnt/raid1 - -### Setting up RAID Monitoring ### - -There is a variety of reasons why a storage device can fail (SSDs have greatly reduced the chances of this happening, though), but regardless of the cause you can be sure that issues can occur anytime and you need to be prepared to replace the failed part and to ensure the availability and integrity of your data. - -A word of advice first. Even when you can inspect /proc/mdstat in order to check the status of your RAIDs, there’s a better and time-saving method that consists of running mdadm in monitor + scan mode, which will send alerts via email to a predefined recipient. - -To set this up, add the following line in /etc/mdadm.conf: - - MAILADDR user@ - -In my case: - - MAILADDR gacanepa@localhost - -![RAID Monitoring Email Alerts](http://www.tecmint.com/wp-content/uploads/2015/10/RAID-Monitoring-Email-Alerts.png) - -RAID Monitoring Email Alerts - -To run mdadm in monitor + scan mode, add the following crontab entry as root: - - @reboot /sbin/mdadm --monitor --scan --oneshot - -By default, mdadm will check the RAID arrays every 60 seconds and send an alert if it finds an issue. You can modify this behavior by adding the `--delay` option to the crontab entry above along with the amount of seconds (for example, `--delay` 1800 means 30 minutes). - -Finally, make sure you have a Mail User Agent (MUA) installed, such as [mutt or mailx][3]. Otherwise, you will not receive any alerts. - -In a minute we will see what an alert sent by mdadm looks like. - -### Simulating and Replacing a failed RAID Storage Device ### - -To simulate an issue with one of the storage devices in the RAID array, we will use the `--manage` and `--set-faulty` options as follows: - - # mdadm --manage --set-faulty /dev/md0 /dev/sdc1 - -This will result in /dev/sdc1 being marked as faulty, as we can see in /proc/mdstat: - -![Stimulate Issue with RAID Storage](http://www.tecmint.com/wp-content/uploads/2015/10/Stimulate-Issue-with-RAID-Storage.png) - -Stimulate Issue with RAID Storage - -More importantly, let’s see if we received an email alert with the same warning: - -![Email Alert on Failed RAID Device](http://www.tecmint.com/wp-content/uploads/2015/10/Email-Alert-on-Failed-RAID-Device.png) - -Email Alert on Failed RAID Device - -In this case, you will need to remove the device from the software RAID array: - - # mdadm /dev/md0 --remove /dev/sdc1 - -Then you can physically remove it from the machine and replace it with a spare part (/dev/sdd, where a partition of type fd has been previously created): - - # mdadm --manage /dev/md0 --add /dev/sdd1 - -Luckily for us, the system will automatically start rebuilding the array with the part that we just added. We can test this by marking /dev/sdb1 as faulty, removing it from the array, and making sure that the file tecmint.txt is still accessible at /mnt/raid1: - - # mdadm --detail /dev/md0 - # mount | grep raid1 - # ls -l /mnt/raid1 | grep tecmint - # cat /mnt/raid1/tecmint.txt - -![Confirm Rebuilding RAID Array](http://www.tecmint.com/wp-content/uploads/2015/10/Rebuilding-RAID-Array.png) - -Confirm Rebuilding RAID Array - -The image above clearly shows that after adding /dev/sdd1 to the array as a replacement for /dev/sdc1, the rebuilding of data was automatically performed by the system without intervention on our part. - -Though not strictly required, it’s a great idea to have a spare device in handy so that the process of replacing the faulty device with a good drive can be done in a snap. To do that, let’s re-add /dev/sdb1 and /dev/sdc1: - - # mdadm --manage /dev/md0 --add /dev/sdb1 - # mdadm --manage /dev/md0 --add /dev/sdc1 - -![Replace Failed Raid Device](http://www.tecmint.com/wp-content/uploads/2015/10/Replace-Failed-Raid-Device.png) - -Replace Failed Raid Device - -### Recovering from a Redundancy Loss ### - -As explained earlier, mdadm will automatically rebuild the data when one disk fails. But what happens if 2 disks in the array fail? Let’s simulate such scenario by marking /dev/sdb1 and /dev/sdd1 as faulty: - - # umount /mnt/raid1 - # mdadm --manage --set-faulty /dev/md0 /dev/sdb1 - # mdadm --stop /dev/md0 - # mdadm --manage --set-faulty /dev/md0 /dev/sdd1 - -Attempts to re-create the array the same way it was created at this time (or using the `--assume-clean` option) may result in data loss, so it should be left as a last resort. - -Let’s try to recover the data from /dev/sdb1, for example, into a similar disk partition (/dev/sde1 – note that this requires that you create a partition of type fd in /dev/sde before proceeding) using ddrescue: - - # ddrescue -r 2 /dev/sdb1 /dev/sde1 - -![Recovering Raid Array](http://www.tecmint.com/wp-content/uploads/2015/10/Recovering-Raid-Array.png) - -Recovering Raid Array - -Please note that up to this point, we haven’t touched /dev/sdb or /dev/sdd, the partitions that were part of the RAID array. - -Now let’s rebuild the array using /dev/sde1 and /dev/sdf1: - - # mdadm --create /dev/md0 --level=mirror --raid-devices=2 /dev/sd[e-f]1 - -Please note that in a real situation, you will typically use the same device names as with the original array, that is, /dev/sdb1 and /dev/sdc1 after the failed disks have been replaced with new ones. - -In this article I have chosen to use extra devices to re-create the array with brand new disks and to avoid confusion with the original failed drives. - -When asked whether to continue writing array, type Y and press Enter. The array should be started and you should be able to watch its progress with: - - # watch -n 1 cat /proc/mdstat - -When the process completes, you should be able to access the content of your RAID: - -![Confirm Raid Content](http://www.tecmint.com/wp-content/uploads/2015/10/Raid-Content.png) - -Confirm Raid Content - -### Summary ### - -In this article we have reviewed how to recover from RAID failures and redundancy losses. However, you need to remember that this technology is a storage solution and DOES NOT replace backups. - -The principles explained in this guide apply to all RAID setups alike, as well as the concepts that we will cover in the next and final guide of this series (RAID management). - -If you have any questions about this article, feel free to drop us a note using the comment form below. We look forward to hearing from you! - --------------------------------------------------------------------------------- - -via: http://www.tecmint.com/recover-data-and-rebuild-failed-software-raid/ - -作者:[Gabriel Cánepa][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:http://www.tecmint.com/author/gacanepa/ -[1]:http://www.tecmint.com/understanding-raid-setup-in-linux/ -[2]:http://www.tecmint.com/create-raid1-in-linux/ -[3]:http://www.tecmint.com/send-mail-from-command-line-using-mutt-command/ \ No newline at end of file diff --git a/translated/share/20151030 80 Linux Monitoring Tools for SysAdmins.md b/translated/share/20151030 80 Linux Monitoring Tools for SysAdmins.md new file mode 100644 index 0000000000..7c16ca9fc8 --- /dev/null +++ b/translated/share/20151030 80 Linux Monitoring Tools for SysAdmins.md @@ -0,0 +1,604 @@ + +为 Linux 系统管理员准备的80个监控工具 +================================================================================ +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/linux-monitoring.jpg) + +随着行业的不断发展,有许多比你想象中更棒的工具。这里列着网上最全的(工具)。拥有超过80种方式来管理你的机器。在本文中,我们主要讲述以下方面: + +- 命令行工具 +- 与网络相关的 +- 系统相关的监控工具 +- 日志监控工具 +- 基础设施监控工具 + +监控和调试性能问题非常困难,但用对了正确的工具有时也是很容易的。下面是一些你可能听说过的工具,当你使用它们时可能存在一些问题: + +### 十大系统监控工具 ### + +#### 1. Top #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/top.jpg) + +这是一个被预安装在许多 UNIX 系统中的小工具。当你想要查看在系统中运行的进程或线程时:top 是一个很好的工具。你可以对这些进程以不同的标准进行排序,默认是以 CPU 进行排序的。 + +#### 2. [htop][1] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/htop.jpg) + +HTOP 实质上是 top 的增强版本。它更容易对进程排序。它在视觉上更容易理解并且已经内建了许多通用的命令。它也是完全交互的。 + +#### 3. [atop][2] #### + +Atop 和 top,htop 非常相似,它也能监控所有进程,但不同于 top 和 htop 的是,它会记录进程的日志供以后分析。它也能显示所有进程的资源消耗。它还会高亮显示已经达到临界负载的资源。 + +#### 4. [apachetop][3] #### + +Apachetop 会监视 apache 网络服务器的整体性能。它主要是基于 mytop。它会显示当前 reads, writes 的数量以及 requests 进程的总数。 + +#### 5. [ftptop][4] #### + +ftptop 给你提供了当前所有连接到 ftp 服务器的基本信息,如会话总数,正在上传和下载的客户端数量以及客户端信息。 + +#### 6. [mytop][5] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/mytop.jpg) + +mytop 是一个很方便的工具,用于监控线程和 mysql 的性能。它给了你一个实时的数据库查询处理结果。 + +#### 7. [powertop][6] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/powertop.jpg) + +powertop 可以帮助你诊断与电量消耗和电源管理相关的问题。它也可以帮你进行电源管理设置,以实现对你服务器最有效的配置。你可以使用 tab 键进行选项切换。 + +#### 8. [iotop][7] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/iotop.jpg) + +iotop 用于检查 I/O 的使用情况,并为你提供了一个类似 top 的界面来显示。它每列显示读和写的速率,每行代表一个进程。当出现等待 I/O 交换时,它也显示进程消耗时间的百分比。 + +### 与网络相关的监控 ### + +#### 9. [ntopng][8] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/ntopng.jpg) + +ntopng 是 ntop 的升级版,它提供了一个能使用浏览器进行网络监控的图形用户界面。它还有其他用途,如:定位主机,显示网络流量和 ip 流量分布并能进行分析。 + +#### 10. [iftop][9] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/iftop.jpg) + +iftop 类似于 top,但它主要不是检查 cpu 的使用率而是监听网卡的流量,并以表格的形式显示当前的使用量。像“为什么我的网速这么慢呢?!”这样的问题它可以直接回答。 + +#### 11. [jnettop][10] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/jnettop.jpg) + +jnettop 以相同的方式来监测网络流量但比 iftop 更形象。它还支持自定义的文本输出并能以友好的交互方式来快速分析日志。 + +#### 12. [bandwidthd][11] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/bandwidthd.jpg) + +bandwidthd 可以跟踪 TCP/IP 网络子网的使用情况并能在浏览器中通过 png 图片形象化的构建一个 HTML 页面。它有一个数据库驱动系统,支持搜索,过滤,多传感器和自定义报表。 + +#### 13. [EtherApe][12] #### + +EtherApe 以图形化显示网络流量,可以支持更多的节点。它可以捕获实时流量信息,也可以从 tcpdump 进行读取。也可以使用具有 pcap 语法的网络过滤显示特定信息。 + +#### 14. [ethtool][13] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/ethtool.jpg) + +ethtool 用于显示和修改网络接口控制器的一些参数。它也可以用来诊断以太网设备,并获得更多的统计数据。 + +#### 15. [NetHogs][14] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/nethogs.jpg) + +NetHogs 打破了网络流量按协议或子网进行统计的原理。它以进程组来计算。所以,当网络流量猛增时,你可以使用 NetHogs 查看是由哪个进程造成的。 + +#### 16. [iptraf][15] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/iptraf.jpg) + +iptraf 收集的各种指标,如 TCP 连接数据包和字节数,接口界面和活动指标,TCP/UDP 通信故障,站内数据包和字节数。 + +#### 17. [ngrep][16] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/ngrep.jpg) + +ngrep 就是 grep 但是相对于网络层的。pcap 意识到后允许其指定扩展规则或十六进制表达式来匹配数据包。 + +#### 18. [MRTG][17] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/mrtg.jpg) + +MRTG 最初被开发来监控路由器的流量,但现在它也能够监控网络相关的东西。它每五分钟收集一次,然后产生一个 HTML 页面。它还具有发送邮件报警的能力。 + +#### 19. [bmon][18] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/bmon.jpg) + +Bmon 能监控并帮助你调试网络。它能捕获网络相关的统计数据,并以友好的方式进行展示。你还可以与 bmon 通过脚本进行交互。 + +#### 20. traceroute #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/traceroute.jpg) + +Traceroute 一个内置工具,能测试路由和数据包在网络中的延迟。 + +#### 21. [IPTState][19] #### + +IPTState 可以让你跨越 iptables 来监控流量,并通过你指定的条件来进行排序。该工具还允许你从表中删除状态信息。 + +#### 22. [darkstat][20] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/darkstat.jpg) + +Darkstat 能捕获网络流量并计算统计的数据。该报告需要在浏览器中进行查看,它为你提供了一个非常棒的图形用户界面。 + +#### 23. [vnStat][21] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/vnstat.jpg) + +vnStat 是一个网络流量监控工具,它的数据统计是由内核进行提供的,其消耗的系统资源非常少。系统重新启动后,它收集的数据仍然存在。它具有颜色选项供系统管理员使用。 + +#### 24. netstat #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/netstat.jpg) + +netstat 是一个内置的工具,它能显示 TCP 网络连接,路由表和网络接口数量,被用来在网络中查找问题。 + +#### 25. ss #### + +并非 netstat,最好使用 ss。ss 命令能够显示的信息比 netstat 更多,也更快。如果你想查看统计结果的总信息,你可以使用命令 `ss -s`。 + +#### 26. [nmap][22] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/nmap.jpg) + +Nmap 可以扫描你服务器开放的端口并且可以检测正在使用哪个操作系统。但你也可以使用 SQL 注入漏洞,网络发现和渗透测试相关的其他手段。 + +#### 27. [MTR][23] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/mtr.jpg) + +MTR 结合了 traceroute 和 ping 的功能到一个网络诊断工具上。当使用该工具时,它会限制单个数据包的跳数,同时也监视它们的到期时间。然后每秒进行重复。 + +#### 28. [Tcpdump][24] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/tcpdump.jpg) + +Tcpdump 将输出一个你在命令中匹配并捕获到的数据包的信息。你还可以将此数据保存并进一步分析。 + +#### 29. [Justniffer][25] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/justniffer.jpg) + +Justniffer 是 tcp 数据包嗅探器。使用此嗅探器你可以选择收集低级别的数据还是高级别的数据。它也可以让你以自定义方式生成日志。比如模仿 Apache 的访问日志。 + +### 与系统有关的监控 ### + +#### 30. [nmon][26] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/nmon.jpg) + +nmon 将数据输出到屏幕上的,或将其保存在一个以逗号分隔的文件中。你可以查看 CPU,内存,网络,文件系统,top 进程。数据也可以被添加到 RRD 数据库中用于进一步分析。 + +#### 31. [conky][27] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/cpulimit.jpg) + +Conky 能监视不同操作系统并统计数据。它支持 IMAP 和 POP3, 甚至许多流行的音乐播放器!出于方便不同的人,你可以使用自己的 Lua 脚本或程序来进行扩展。 + +#### 32. [Glances][28] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/glances.jpg) + +使用 Glances 监控你的系统,其旨在使用最小的空间为你呈现最多的信息。它可以在客户端/服务器端模式下运行,也有远程监控的能力。它也有一个 Web 界面。 + +#### 33. [saidar][29] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/saidar.jpg) + +Saidar 是一个非常小的工具,为你提供有关系统资源的基础信息。它将系统资源在全屏进行显示。重点是 saidar 会尽可能的简化。 + +#### 34. [RRDtool][30] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/rrdtool.jpg) + +RRDtool 是用来处理 RRD 数据库的工具。RRDtool 旨在处理时间序列数据,如 CPU 负载,温度等。该工具提供了一种方法来提取 RRD 数据并以图形界面显示。 + +#### 35. [monit][31] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/monit.jpg) + +如果出现故障时,monit 有发送警报以及重新启动服务的功能。它可以对任何类型进行检查,你可以为 monit 写一个脚本,它有一个 Web 用户界面来分担你眼睛的压力。 + +#### 36. [Linux process explorer][32] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/linux-process-monitor.jpg) + +Linux process explorer 是类似 OSX 或 Windows 的在线监视器。它比 top 或 ps 的使用范围更广。你可以查看每个进程的内存消耗以及 CPU 的使用情况。 + +#### 37. df #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/df.jpg) + +df 是 disk free 的缩写,它是所有 UNIX 系统预装的程序,用来显示用户有访问权限的文件系统的可用磁盘空间。 + +#### 38. [discus][33] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/discus.jpg) + +Discus 类似于 df,它的目的是通过使用更吸引人的特性,如颜色,图形和数字来对 df 进行改进。 + +#### 39. [xosview][34] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/xosview.jpg) + +xosview 是一款经典的系统监控工具,它给你提供包括 IRQ 的各个不同部分的总览。 + +#### 40. [Dstat][35] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/dstat.jpg) + +Dstat 旨在替代 vmstat,iostat,netstat 和 ifstat。它可以让你查实时查看所有的系统资源。这些数据可以导出为 CSV。最重要的是 dstat 允许使用插件,因此其可以扩展到更多领域。 + +#### 41. [Net-SNMP][36] #### + +SNMP 是“简单网络管理协议”,Net-SNMP 工具套件使用该协议可帮助你收集服务器的准确信息。 + +#### 42. [incron][37] #### + +Incron 允许你监控一个目录树,然后对这些变化采取措施。如果你想将目录‘a’中的新文件复制到目录‘b’,这正是 incron 能做的。 + +#### 43. [monitorix][38] #### + +Monitorix 是轻量级的系统监控工具。它可以帮助你监控一台机器,并为你提供丰富的指标。它也有一个内置的 HTTP 服务器,来查看图表和所有指标的报告。 + +#### 44. vmstat #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/vmstat.jpg) + +vmstat(virtual memory statistics)是一个小的内置工具,能监控和显示机器的内存。 + +#### 45. uptime #### + +这个小程序能快速显示你机器运行了多久,目前有多少用户登录和系统过去1分钟,5分钟和15分钟的平均负载。 + +#### 46. mpstat #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/mpstat.jpg) + +mpstat 是一个内置的工具,能监视 cpu 的使用情况。最常见的使用方法是 `mpstat -P ALL`,它给你提供 cpu 的使用情况。你也可以间隔更新 cpu 的使用情况。 + +#### 47. pmap #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/pmap.jpg) + +pmap 是一个内置的工具,报告一个进程的内存映射。你可以使用这个命令来找出内存瓶颈的原因。 + +#### 48. ps #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/ps.jpg) + +该命令将给你当前所有进程的概述。你可以使用 `ps -A` 命令查看所有进程。 + +#### 49. [sar][39] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/sar.jpg) + +sar 是 sysstat 包的一部分,可以帮助你收集,报告和保存不同系统的指标。使用不同的参数,它会给你提供 CPU, 内存 和 I/O 使用情况及其他东西。 + +#### 50. [collectl][40] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/collectl.jpg) + +类似于 sar,collectl 收集你机器的性能指标。默认情况下,显示 cpu,网络和磁盘统计数据,但它实际收集了很多信息。与 sar 不同的是,collectl 能够处理比秒更小的单位,它可以被直接送入绘图工具并且 collectl 的监控过程更广泛。 + +#### 51. [iostat][41] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/iostat.jpg) + +iostat 也是 sysstat 包的一部分。此命令用于监控系统的输入/输出。其报告可以用来进行系统调优,以更好地调节你机器上硬盘的输入/输出负载。 + +#### 52. free #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/free.jpg) + +这是一个内置的命令用于显示你机器上可用的内存大小以及已使用的内存大小。它还可以显示某时刻内核所使用的缓冲区大小。 + +#### 53. /Proc 文件系统 #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/procfile.jpg) + +proc 文件系统可以让你查看内核的统计信息。从这些统计数据可以得到你机器上不同硬件设备的详细信息。看看这个 [ proc文件统计的完整列表 ][42]。 + +#### 54. [GKrellM][43] #### + +GKrellm 是一个图形应用程序来监控你硬件的状态信息,像CPU,内存,硬盘,网络接口以及其他的。它也可以监视并启动你所选择的邮件阅读器。 + +#### 55. [Gnome 系统监控器][44] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/gnome-system-monitor.jpg) + +Gnome 系统监控器是一个基本的系统监控工具,其能通过一个树状结构来查看进程的依赖关系,能杀死及调整进程优先级,还能以图表形式显示所有服务器的指标。 + +### 日志监控工具 ### + +#### 56. [GoAccess][45] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/goaccess.jpg) + +GoAccess 是一个实时的网络日志分析器,它能分析 apache, nginx 和 amazon cloudfront 的访问日志。它也可以将数据输出成 HTML,JSON 或 CSV 格式。它会给你一个基本的统计信息,访问量,404页面,访客位置和其他东西。 + +#### 57. [Logwatch][46] #### + +Logwatch 是一个日志分析系统。它通过分析系统的日志,并为你所指定的区域创建一个分析报告。它每天给你一个报告可以让你花费更少的时间来分析日志。 + +#### 58. [Swatch][47] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/swatch.jpg) + +像 Logwatch 一样,Swatch 也监控你的日志,但不是给你一个报告,它会匹配你定义的正则表达式,当匹配到后会通过邮件或控制台通知你。它可用于检测入侵者。 + +#### 59. [MultiTail][48] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/multitail.jpg) + +MultiTail 可帮助你在多窗口下监控日志文件。你可以将这些日志文件合并成一个。它也像正则表达式一样使用不同的颜色来显示日志文件以方便你阅读。 + +#### 系统工具 #### + +#### 60. [acct or psacct][49] #### + +acct 也称 psacct(取决于如果你使用 apt-get 还是 yum)可以监控所有用户执行的命令,包括 CPU 和内存在系统内所使用的时间。一旦安装完成后你可以使用命令 ‘sa’ 来查看。 + +#### 61. [whowatch][50] #### + +类似 acct,这个工具监控系统上所有的用户,并允许你实时查看他们正在执行的命令及运行的进程。它将所有进程以树状结构输出,这样你就可以清楚地看到到底发生了什么。 + +#### 62. [strace][51] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/strace.jpg) + +strace 被用于诊断,调试和监控程序之间的相互调用过程。最常见的做法是用 strace 打印系统调用的程序列表,其可以看出程序是否像预期那样被执行了。 + +#### 63. [DTrace][52] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/dtrace.jpg) + +DTrace 可以说是 strace 的大哥。它动态地跟踪与检测代码实时运行的指令。它允许你深入分析其性能和诊断故障。但是,它并不简单,大约有1200本书中提到过它。 + +#### 64. [webmin][53] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/webmin.jpg) + +Webmin 是一个基于 Web 的系统管理工具。它不需要手动编辑 UNIX 配置文件,并允许你远程管理系统。它有一对监控模块用于连接它。 + +#### 65. stat #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/stat.jpg) + +Stat 是一个内置的工具,用于显示文件和文件系统的状态信息。它会显示文件被修改,访问或更改的信息。 + +#### 66. ifconfig #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/ifconfig.jpg) + +ifconfig 是一个内置的工具用于配置网络接口。大多数网络监控工具背后都使用 ifconfig 将其设置成混乱模式来捕获所有的数据包。你可以手动执行 `ifconfig eth0 promisc` 并使用 `ifconfig eth0 -promisc` 返回正常模式。 + +#### 67. [ulimit][54] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/unlimit.jpg) + +ulimit 是一个内置的工具,可监控系统资源,并可以限制任何监控资源不得超标。比如做一个 fork 炸弹,如果使用 ulimit 正确配置了将完全不受影响。 + +#### 68. [cpulimit][55] #### + +CPULimit 是一个小工具用于监控并限制进程对 CPU 的使用率。其特别有用,能限制批处理作业对 CPU 的使用率保持在一定范围。 + +#### 69. lshw #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/lshw.jpg) + +lshw 是一个小的内置工具能提取关于本机硬件配置的详细信息。它可以输出 CPU 版本和主板配置。 + +#### 70. w #### + +w 是一个内置命令用于显示当前登录用户的信息及他们所运行的进程。 + +#### 71. lsof #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/lsof.jpg) + +lsof 是一个内置的工具可让你列出所有打开的文件和网络连接。从那里你可以看到文件是由哪个进程打开的,基于进程名,可通过一个特定的用户来杀死属于某个用户的所有进程。 + +### 基础架构监控工具 ### + +#### 72. Server Density #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/server-density-monitoring.png) + +我们的 [服务器监控工具][56]!它有一个 web 界面,使你可以进行报警设置并可以通过图表来查看所有系统的网络指标。你还可以设置监控的网站,无论是否在线。Server Density 允许你设置用户的权限,你可以根据我们的插件或 api 来扩展你的监控。该服务已经支持 Nagios 的插件了。 + +#### 73. [OpenNMS][57] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/opennms.jpg) + +OpenNMS 主要有四个功能区:事件管理和通知;发现和配置;服务监控和数据收集。其设计可被在多种网络环境中定制。 + +#### 74. [SysUsage][58] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/sysusage.jpg) + +SysUsage 通过 Sar 和其他系统命令持续监控你的系统。一旦达到阈值它也可以进行报警通知。SysUsage 本身也可以收集所有的统计信息并存储在一个地方。它有一个 Web 界面可以让你查看所有的统计数据。 + +#### 75. [brainypdm][59] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/brainypdm.jpg) + +brainypdm 是一个数据管理和监控工具,它能收集来自 nagios 或其它公共资源的数据并以图表显示。它是跨平台的,其基于 Web 并可自定义图形。 + +#### 76. [PCP][60] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/pcp.jpg) + +PCP 可以收集来自多个主机的指标,并且效率很高。它也有一个插件框架,所以你可以把它收集的对你很重要的指标使用插件来管理。你可以通过任何一个 Web 界面或 GUI 访问图形数据。它比较适合大型监控系统。 + +#### 77. [KDE 系统保护][61] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/kdesystemguard.jpg) + +这个工具既是一个系统监控器也是一个任务管理器。你可以通过工作表来查看多台机器的服务指标,如果一个进程需要被杀死或者你需要启动一个进程,它可以在 KDE 系统保护中来完成。 + +#### 78. [Munin][62] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/munin.jpg) + +Munin 既是一个网络也是系统监控工具,当一个指标超出给定的阈值时它会提供报警机制。它运用 RRDtool 创建图表,并且它也有 Web 界面来显示这些图表。它更强调的是即插即用的功能并且有许多可用的插件。 + +#### 79. [Nagios][63] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/nagios.jpg) + +Nagios 是系统和网络监控工具,可帮助你监控多台服务器。当发生错误时它也有报警功能。它的平台也有很多的插件。 + +#### 80. [Zenoss][64] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/zenoss.jpg) + +Zenoss 提供了一个 Web 界面,使你可以监控所有的系统和网络指标。此外,它能自动发现网络资源和修改网络配置。并且会提醒你采取行动,它也支持 Nagios 的插件。 + +#### 81. [Cacti][65] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/cacti.jpg) + +(和上一个一样!) Cacti 是一个网络图形解决方案,其使用 RRDtool 进行数据存储。它允许用户在预定的时间间隔进行投票服务并将结果以图形显示。Cacti 可以通过 shell 脚本扩展来监控你所选择的来源。 + +#### 82. [Zabbix][66] #### + +![](https://serverdensity-wpengine.netdna-ssl.com/wp-content/uploads/2015/02/zabbix-monitoring.png) + +Zabbix 是一个开源的基础设施监控解决方案。它使用了许多数据库来存放监控统计信息。其核心是用 C 语言编写,并在前端中使用 PHP。如果你不喜欢安装代理,Zabbix 可能是一个最好选择。 + +### 附加部分: ### + +感谢您的建议。这是我们的一个附加部分,由于我们需要重新编排所有的标题,鉴于此,这是在最后的一个简短部分,根据您的建议添加的一些 Linux 监控工具: + +#### 83. [collectd][67] #### + +Collectd 是一个 Unix 守护进程来收集所有的监控数据。它采用了模块化设计并使用插件来填补一些缺陷。这样能使 collectd 保持轻量级并可进行定制。 + +#### 84. [Observium][68] #### + +Observium 是一个自动发现网络的监控平台,支持普通的硬件平台和操作系统。Observium 专注于提供一个优美,功能强大,简单直观的界面来显示网络的健康和状态。 + +#### 85. Nload #### + +这是一个命令行工具来监控网络的吞吐量。它很整洁,因为它使用两个图表和其他一些有用的数据类似传输的数据总量来对进出站流量进行可视化。你可以使用如下方法安装它: + + yum install nload + +或者 + + sudo apt-get install nload + +#### 86. [SmokePing][69] #### + +SmokePing 可以跟踪你网络延迟,并对他们进行可视化。SmokePing 有一个流行的延迟测量插件。如果图形用户界面对你来说非常重要,现在有一个正在开发中的插件来实现此功能。 + +#### 87. [MobaXterm][70] #### + +如果你整天在 windows 环境下工作。你可能会觉得 Windows 下受终端窗口的限制。MobaXterm 正是由此而来的,它允许你使用多个在 Linux 中相似的终端。这将会极大地帮助你在监控方面的需求! + +#### 88. [Shinken monitoring][71] #### + +Shinken 是一个监控框架,其是由 python 对 Nagios 进行完全重写的。它的目的是增强灵活性和管理更大环境。但仍保持所有的 nagios 配置和插件。 + +-------------------------------------------------------------------------------- + +via: https://blog.serverdensity.com/80-linux-monitoring-tools-know/ + +作者:[Jonathan Sundqvist][a] +译者:[strugglingyouth](https://github.com/strugglingyouth) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + + +[a]:https://www.serverdensity.com/ +[1]:http://hisham.hm/htop/ +[2]:http://www.atoptool.nl/ +[3]:https://github.com/JeremyJones/Apachetop +[4]:http://www.proftpd.org/docs/howto/Scoreboard.html +[5]:http://jeremy.zawodny.com/mysql/mytop/ +[6]:https://01.org/powertop +[7]:http://guichaz.free.fr/iotop/ +[8]:http://www.ntop.org/products/ntop/ +[9]:http://www.ex-parrot.com/pdw/iftop/ +[10]:http://jnettop.kubs.info/wiki/ +[11]:http://bandwidthd.sourceforge.net/ +[12]:http://etherape.sourceforge.net/ +[13]:https://www.kernel.org/pub/software/network/ethtool/ +[14]:http://nethogs.sourceforge.net/ +[15]:http://iptraf.seul.org/ +[16]:http://ngrep.sourceforge.net/ +[17]:http://oss.oetiker.ch/mrtg/ +[18]:https://github.com/tgraf/bmon/ +[19]:http://www.phildev.net/iptstate/index.shtml +[20]:https://unix4lyfe.org/darkstat/ +[21]:http://humdi.net/vnstat/ +[22]:http://nmap.org/ +[23]:http://www.bitwizard.nl/mtr/ +[24]:http://www.tcpdump.org/ +[25]:http://justniffer.sourceforge.net/ +[26]:http://nmon.sourceforge.net/pmwiki.php +[27]:http://conky.sourceforge.net/ +[28]:https://github.com/nicolargo/glances +[29]:https://packages.debian.org/sid/utils/saidar +[30]:http://oss.oetiker.ch/rrdtool/ +[31]:http://mmonit.com/monit +[32]:http://sourceforge.net/projects/procexp/ +[33]:http://packages.ubuntu.com/lucid/utils/discus +[34]:http://www.pogo.org.uk/~mark/xosview/ +[35]:http://dag.wiee.rs/home-made/dstat/ +[36]:http://www.net-snmp.org/ +[37]:http://inotify.aiken.cz/?section=incron&page=about&lang=en +[38]:http://www.monitorix.org/ +[39]:http://sebastien.godard.pagesperso-orange.fr/ +[40]:http://collectl.sourceforge.net/ +[41]:http://sebastien.godard.pagesperso-orange.fr/ +[42]:http://tldp.org/LDP/Linux-Filesystem-Hierarchy/html/proc.html +[43]:http://members.dslextreme.com/users/billw/gkrellm/gkrellm.html +[44]:http://freecode.com/projects/gnome-system-monitor +[45]:http://goaccess.io/ +[46]:http://sourceforge.net/projects/logwatch/ +[47]:http://sourceforge.net/projects/swatch/ +[48]:http://www.vanheusden.com/multitail/ +[49]:http://www.gnu.org/software/acct/ +[50]:http://whowatch.sourceforge.net/ +[51]:http://sourceforge.net/projects/strace/ +[52]:http://dtrace.org/blogs/about/ +[53]:http://www.webmin.com/ +[54]:http://ss64.com/bash/ulimit.html +[55]:https://github.com/opsengine/cpulimit +[56]:https://www.serverdensity.com/server-monitoring/ +[57]:http://www.opennms.org/ +[58]:http://sysusage.darold.net/ +[59]:http://sourceforge.net/projects/brainypdm/ +[60]:http://www.pcp.io/ +[61]:https://userbase.kde.org/KSysGuard +[62]:http://munin-monitoring.org/ +[63]:http://www.nagios.org/ +[64]:http://www.zenoss.com/ +[65]:http://www.cacti.net/ +[66]:http://www.zabbix.com/ +[67]:https://collectd.org/ +[68]:http://www.observium.org/ +[69]:http://oss.oetiker.ch/smokeping/ +[70]:http://mobaxterm.mobatek.net/ +[71]:http://www.shinken-monitoring.org/ diff --git a/translated/tech/20150410 How to Install and Configure Multihomed ISC DHCP Server on Debian Linux.md b/translated/tech/20150410 How to Install and Configure Multihomed ISC DHCP Server on Debian Linux.md new file mode 100644 index 0000000000..5dcea06611 --- /dev/null +++ b/translated/tech/20150410 How to Install and Configure Multihomed ISC DHCP Server on Debian Linux.md @@ -0,0 +1,164 @@ +debian linux上安装配置 ISC DHCP Server +================================================================================ +动态主机控制协议(DHCP)给网络管理员提供一种便捷的方式,为不断变化的网络主机或是动态网络提供网络层地址。其中最常用的DHCP服务工具是 ISC DHCP Server。DHCP服务的目的是给主机提供必要的网络信息以便能够和其他连接在网络中的主机互相通信。DHCP服务一般包括以下信息:DNS服务器信息,网络地址(IP),子网掩码,默认网关信息,主机名等等。 + +本教程介绍4.2.4版的ISC-DHCP-Server如何在Debian7.7上管理多个虚拟局域网(VLAN),它也可以非常容易的配置的用于单一网络。 + +测试用的网络是通过思科路由器使用传统的方式来管理DHCP租约地址的,目前有12个VLANs需要通过路由器的集中式服务器来管理。把DHCP的任务转移到一个专用的服务器上面,路由器可以收回相应的资源,把资源用到更重要的任务上,比如路由寻址,访问控制列表,流量监测以及网络地址转换等。 + +另一个将DHCP服务转移到专用服务器的好处,以后会讲到,它可以建立动态域名服务器(DDNS)这样当主机从服务器请求DHCP地址的时候,新主机的主机名将被添加到DNS系统里面。 + +### 安装和配置ISC DHCP Server### + +1. 使用apt工具用来安装Debian软件仓库中的ISC软件,来创建这个多宿主服务器。与其他教程一样需要使用root或者sudo访问权限。请适当的修改,以便使用下面的命令。(译者注:下面中括号里面是注释,使用的时候请删除,#表示使用的root权限) + + + # apt-get install isc-dhcp-server [安装 the ISC DHCP Server 软件] + # dpkg --get-selections isc-dhcp-server [确认软件已经成功安装] + # dpkg -s isc-dhcp-server [用另一种方式确认成功安装] + +![Install ISC DHCP Server in Debian](http://www.tecmint.com/wp-content/uploads/2015/04/Install-ISC-DHCP-Server.jpg) + +2. 确认服务软件已经安装完成,现在需要一些网络的需求来配置服务器,这样服务器才能够根据我们的需要来分发网络信息。作为管理员最起码需要了解的DHCP信息如下: +- 网络地址 +- 子网掩码 +- 动态分配的地址范围 + +其他一些服务器动态分配的有用信息包括: +- 默认网关 +- DNS服务器IP地址 +- 域名 +- 主机名 +- 网络广播地址 + + +这只是能让ISC DHCP server处理的选项中非常少的一部分。如果你想查看所有选项及其描述需要在安装好软件后输入以下命令: + # man dhcpd.conf + +3. 一旦管理员已经确定了这台服务器需要分发的需求信息,那么是时候配置服务器并且分配必要的地址池了。在配置任何地址池或服务器配置之前,DHCP服务必须配置好,来侦听这台服务器上面的一个接口。 + +在这台特定的服务器上,设置好网卡后,DHCP会侦听名称名为`'bond0'`的接口。请适根据你的实际情况来更改服务器以及网络环境。下面的配置都是针对本教程的。 + +![Configure ISC DHCP Network](http://www.tecmint.com/wp-content/uploads/2015/04/Configure-ISC-DHCP-Network.jpg) + +这行指定的是DHCP服务侦听接口(一个或多个)上的DHCP流量。修改主要的配置文件分配适合的DHCP地址池到所需要的网络上。配置文件所在置/etc/dhcp/dhcpd.conf。用文本编辑器打开这个文件 + # nano /etc/dhcp/dhcpd.conf + +这个配置文件可以配置我们所需要的地址池/主机。文件顶部有‘ddns-update-style‘这样一句,在本教程中它设置为‘none‘。在以后的教程中动态DNS,ISC-DHCP-Server 将被整合到 BIND9,它能够使主机名更新到IP地址。 + +4. 接下来的部分是管理员配置全局网络设置,如DNS域名,默认的租约时间,IP地址,子网的掩码,以及更多的区域。如果你想了解所有的选项,请阅读man手册中的dhcpd.conf文件,命令如下: + + # man dhcpd.conf + + +对于这台服务器,我们需要在顶部配置一些全局网络设置,这样就不用到每个地址池中去单独设置了。 + +![Configure ISC DDNS](http://www.tecmint.com/wp-content/uploads/2015/04/Configure-ISC-DDNS.png) + + +我们花一点时间来解释一下这些选项,在本教程中虽然它们是一些全局设置,但是也可以为单独的为某一个地址池进行配置。 + +- option domain-name “comptech.local”; – 所有使用这台DHCP服务器的主机,都将成为DNS域名为“comptech.local”的一员 + +- option domain-name-servers 172.27.10.6; DHCP向所有配置这台DHCP服务器的的网络主机分发DNS服务器地址为172.27.10.6 + +- option subnet-mask 255.255.255.0; – 分派子网掩码到每一个网络设备 255.255.255.0 或a /24 + +- default-lease-time 3600; – 默认有效的地址租约时间(单位是秒)。如果租约时间耗尽,那么主机可以重新申请租约。如果租约完成,那么相应的地址也将被尽快回收。 + +- max-lease-time 86400; – 这是一台主机最大的租约时间(单位为秒)。 + +- ping-check true; – 这是一个额外的测试,以确保服务器分发出的网络地址不是当前网络中另一台主机已使用的网络地址。 + +- ping-timeout; – 如果地址以前没有使用过,可以用这个选项来检测2个ping返回值之间的时间长度。 + +- ignore client-updates; 现在这个选项是可以忽略的,因为DDNS在前面已在配置文件中已经被禁用,但是当DDNS运行时,这个选项会忽略更新其DNS主机名的请求。 + +5. 文件中下面一行是权威DHCP所在行。这行的意义是如果服务器是为文件中所配置的网络分发地址的服务器,那么取消注释权威字节(authoritative stanza)来实现。 + +通过去掉关键字authoritative 前面的‘#’,取消注释全局权威字节。这台服务器将是它所管理网络里面的唯一权威。 + +![Enable ISC Authoritative](http://www.tecmint.com/wp-content/uploads/2015/04/ISC-authoritative.png) +开启 ISC Authoritative + +默认情况下服务器被假定为不是网络上的权威。之所以这样做是出于安全考虑。如果有人因为不了解DHCP服务的配置,导致配置不当或配置到一个不该出现的网络里面,这都将带来非常严重的重连接问题。这行还可用在每个网络中单独配置使用。也就是说如果这台服务器不是整个网络的DHCP服务器,authoritative行可以用在每个单独的网络中,而不是像上面截图中那样的全局配置。 + +6. 这一步是配置服务器将要管理的所有DHCP地址池/网络。简短起见,本教程只配置了地址池。作为管理员需要收集一些必要的网络信息(比如域名,网络地址,有多少地址能够被分发等等) + +以下这个地址池所用到的信息都是管理员收集整理的:网络id 172.27.60.0, 子网掩码 255.255.255.0 or a /24, 默认子网网关172.27.60.1,广播地址 172.27.60.255.0 + +以上这些信息用于构建hcpd.conf文件中新的网络非常重要。使用文本编辑器修改配置文件添加新的网络进去,这里我们需要使用root或sudo访问权限。网络非常重要。使用文本编辑器修改配置文件添加新的网络进去,这里我们需要使用root或sudo访问权限。 + + # nano /etc/dhcp/dhcpd.conf + +![Configure DHCP Pools and Networks](http://www.tecmint.com/wp-content/uploads/2015/04/ISC-network.png) +配置DHCP的地址池和网络 + +当前这个例子是给用VMWare创建的虚拟服务器分配IP地址。第一行显示是该网络的子网掩码。括号里面的内容是DHCP服务器应该提供给网络上面主机的所有选项。 + +第一节, range 172.27.60.50 172.27.60.254;这一行显示的是,DHCP服务在这个网络上能够给主机动态分发的地址范围。 + +第二节,option routers 172.27.60.1;这里显示的是网络里面所有的主机分发默认网关地址。 + +最后一节, option broadcast-address 172.27.60.255;,显示当前网络的广播地址。这个地址不能被包含在要分发放的地址范围内,因为广播地址不能分配到一个主机上面。 + +必须要强调的是每行的结尾必须要用(;)来结束,所有创建的网络必须要在{}里面。 + +7. 如果是创建多个网络,连续的创建完它们的相应选项后保存文本文件即可。配置完成以后如果有更改,ISC-DHCP-Server进程需要重启来使新的更改生效。重启进程可以通过下面的命令来完成: + # service isc-dhcp-server restart + +这条命令将重启DHCP服务,管理员能够使用几种不同的方式来检查服务器是否已经可以处理dhcp请求。最简单的方法是通过lsof命令[1]来查看服务器是否在侦听67端口,命令如下: + + # lsof -i :67 + +![Check DHCP Listening Port](http://www.tecmint.com/wp-content/uploads/2015/04/lsof.png) +检查DHCP侦听端口 + +这里输出的结果表明DHCPD(DHCP服务守护进程)正在运行并且侦听67端口。由于/etc/services文件中67端口是端口映射,所以输出中的67端口实际上被转换成了“bootps”。 + +在大多数的系统中这是非常常见的,现在服务器应该已经为网络连接做好准备,我们可以将一台主机接入网络请求DHCP地址来验证服务是否正常。 + +### 测试客户端连接 ### + +8. 现在许多系统使用网络管理器来维护网络连接状态,因此这个设备应该预先配置好的,只要对应的接口处于活跃状态就能够获取DHCP。 + +然而当一台设备无法使用网络管理器时,它可能需要手动获取DHCP地址。下面的几步将演示怎样手动获取以及如何查看服务器是否已经按需要分发地址。 + + ‘[ifconfig][2]‘工具能够用来检查接口的配置。这台被用来测试的DHCP服务器的设备,它只有一个网络适配器(网卡),这块网卡被命名为‘eth0‘。 + + # ifconfig eth0 + +![Check Network Interface IP Address](http://www.tecmint.com/wp-content/uploads/2015/04/No-ip.png) +检查网络接口IP地址 + +从输出结果上看,这台设备目前没IPv4地址,这样很好便于测试。我们把这台设备连接到DHCP服务器并发出一个请求。这台设备上已经安装了一个名为‘dhclient‘ 的DHCP客户端工具。因为操作系统各不相同,所以这个客户端软件也是互不一样的。 + # dhclient eth0 + +![Request IP Address from DHCP](http://www.tecmint.com/wp-content/uploads/2015/04/IP.png) +从DHCP请求IP地址 + +当前 `'inet addr:'` 字段中显示了属于172.27.60.0网络地址范围内的IPv4地址。值得欣慰的是当前网络还配置了正确的子网掩码并且分发了广播地址。 + +到这里看起来还都不错,让我们来测试一下,看看这台设备收到新IP地址是不是由服务器发出的。这里我们参照服务器的日志文件来完成这个任务。虽然这个日志的内容有几十万条,但是里面只有几条是用来确定服务器是否正常工作的。这里我们使用一个工具‘tail’,它只显示日志文件的最后几行,这样我们就可以不用拿一个文本编辑器去查看所有的日志文件了。命令如下: + + # tail /var/log/syslog + +![Check DHCP Logs](http://www.tecmint.com/wp-content/uploads/2015/04/DHCP-Log.png) +检查DHCP日志文件 + +OK!服务器记录表明它分发了一个地址给这台主机(HRTDEBXENSRV)。服务器按预期运行,给它充当权威的网络分发适合的网络地址。至此DHCP服务器搭建成功并且运行。如果有需要你可以继续配置其他的网络,排查故障,确保安全。 + +在以后的Debian教程中我会讲一些新的 ISC-DHCP-Server 功能。有时间的话我将写一篇关于Bind9和DDNS的教程,融入到这篇文章里面。 +-------------------------------------------------------------------------------- + +via: http://www.tecmint.com/install-and-configure-multihomed-isc-dhcp-server-on-debian-linux/ + +作者:[Rob Turner][a] +译者:[ivo-wang](https://github.com/ivo-wang) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:http://www.tecmint.com/author/robturner/ +[1]:http://www.tecmint.com/10-lsof-command-examples-in-linux/ +[2]:http://www.tecmint.com/ifconfig-command-examples/ diff --git a/translated/tech/20150824 How to Setup Zephyr Test Management Tool on CentOS 7.x.md b/translated/tech/20150824 How to Setup Zephyr Test Management Tool on CentOS 7.x.md new file mode 100644 index 0000000000..7de8349b9c --- /dev/null +++ b/translated/tech/20150824 How to Setup Zephyr Test Management Tool on CentOS 7.x.md @@ -0,0 +1,231 @@ +如何在 CentOS 7.x 上安装 Zephyr 测试管理工具 +================================================================================ +测试管理工具包括作为测试人员需要的任何东西。测试管理工具用来记录测试执行的结果、计划测试活动以及报告质量保证活动的情况。在这篇文章中我们会向你介绍如何配置 Zephyr 测试管理工具,它包括了管理测试活动需要的所有东西,不需要单独安装测试活动所需要的应用程序从而降低测试人员不必要的麻烦。一旦你安装完它,你就看可以用它跟踪 bug、缺陷,和你的团队成员协作项目任务,因为你可以轻松地共享和访问测试过程中多个项目团队的数据。 + +### Zephyr 要求 ### + +安装和运行 Zephyr 要求满足以下最低条件。可以根据你的基础设施提高资源。我们会在 64 位 CentOS-7 系统上安装 Zephyr,几乎在所有的 Linux 操作系统中都有可用的 Zephyr 二进制发行版。 + +注:表格 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Zephyr test management tool
Linux OSCentOS Linux 7 (Core), 64-bit
PackagesJDK 7 or above ,  Oracle JDK 6 updateNo Prior Tomcat, MySQL installed
RAM4 GBPreferred 8 GB
CPU2.0 GHZ or Higher
Hard Disk30 GB , Atleast 5GB must be free
+ +安装 Zephyr 要求你有超级用户(root)权限,并确保你已经正确配置了网络的静态 IP ,默认端口必须可用并允许通过防火墙。其中 tomcat 会使用 80/443、 8005、 8009、 8010 端口, Zephyr 内部使用 RTMP 协议的 flex 会使用 443 和 2099 号端口。 + +### 安装 Java JDK 7 ### + +安装 Zephyr 首先需要安装 Java JDK 7,如果你的系统上还没有安装,可以按照下面的方法安装 Java 并设置 JAVA_HOME 环境变量。 + +输入以下的命令安装 Java JDK 7。 + + [root@centos-007 ~]# yum install java-1.7.0-openjdk-1.7.0.79-2.5.5.2.el7_1 + +---------- + + [root@centos-007 ~]# yum install java-1.7.0-openjdk-devel-1.7.0.85-2.6.1.2.el7_1.x86_64 + +安装完 java 和它的所有依赖后,运行下面的命令设置 JAVA_HOME 环境变量。 + + [root@centos-007 ~]# export JAVA_HOME=/usr/java/default + [root@centos-007 ~]# export PATH=/usr/java/default/bin:$PATH + +用下面的命令检查 java 版本以验证安装。 + + [root@centos-007 ~]# java –version + +---------- + + java version "1.7.0_79" + OpenJDK Runtime Environment (rhel-2.5.5.2.el7_1-x86_64 u79-b14) + OpenJDK 64-Bit Server VM (build 24.79-b02, mixed mode) + +输出显示我们已经正确安装了 1.7.0_79 版本的 OpenJDK Java。 + +### 安装 MySQL 5.6.x ### + +如果的机器上有其它的 MySQL,建议你先卸载它们并安装这个版本,或者升级它们的模式到指定的版本。因为 Zephyr 前提要求这个指定的主要/最小 MySQL (5.6.x)版本要有 root 用户名。 + +可以按照下面的步骤在 CentOS-7.1 上安装 MySQL 5.6 : + +下载 rpm 软件包,它会为安装 MySQL 服务器创建一个 yum 库文件。 + + [root@centos-007 ~]# yum install wget + [root@centos-007 ~]# wget http://repo.mysql.com/mysql-community-release-el7-5.noarch.rpm + +然后用 rpm 命令安装下载下来的 rpm 软件包。 + + [root@centos-007 ~]# rpm -ivh mysql-community-release-el7-5.noarch.rpm + +安装完这个软件包后你会有两个和 MySQL 相关的新的 yum 库。然后使用 yum 命令安装 MySQL Server 5.6,它会自动安装所有需要的依赖。 + + [root@centos-007 ~]# yum install mysql-server + +安装过程完成之后,运行下面的命令启动 mysqld 服务并检查它的状态是否激活。 + + [root@centos-007 ~]# service mysqld start + [root@centos-007 ~]# service mysqld status + +对于全新安装的 MySQL 服务器,MySQL root 用户的密码为空。 +为了安全起见,我们应该重置 MySQL root 用户的密码。 + +用自动生成的空密码连接到 MySQL 并更改 root 用户密码。 + + [root@centos-007 ~]# mysql + mysql> SET PASSWORD FOR 'root'@'localhost' = PASSWORD('your_password'); + mysql> flush privileges; + mysql> quit; + +现在我们需要在 MySQL 默认的配置文件中配置所需的数据库参数。打开 "/etc/" 目录中的文件并按照下面那样更新。 + + [root@centos-007 ~]# vi /etc/my.cnf + +---------- + + [mysqld] + datadir=/var/lib/mysql + socket=/var/lib/mysql/mysql.sock + symbolic-links=0 + + sql_mode=NO_ENGINE_SUBSTITUTION,STRICT_TRANS_TABLES + max_allowed_packet=150M + max_connections=600 + default-storage-engine=INNODB + character-set-server=utf8 + collation-server=utf8_unicode_ci + + [mysqld_safe] + log-error=/var/log/mysqld.log + pid-file=/var/run/mysqld/mysqld.pid + default-storage-engine=INNODB + character-set-server=utf8 + collation-server=utf8_unicode_ci + + [mysql] + max_allowed_packet = 150M + [mysqldump] + quick + +保存配置文件中的更新并重启 mysql 服务。 + + [root@centos-007 ~]# service mysqld restart + +### 下载 Zephyr 安装包 ### + +我们已经安装完了安装 Zephyr 所需要的软件包。现在我们需要获取 Zephyr 二进制发布包和它的许可证密钥。到 Zephyr 官方下载链接 [http://download.yourzephyr.com/linux/download.php](http://download.yourzephyr.com/linux/download.php) 输入你的电子邮件 ID 并点击下载。 + +![下载 Zephyr](http://blog.linoxide.com/wp-content/uploads/2015/08/13.png) + +然后确认你的电子邮件地址,你会获得 Zephyr 下载链接和它的许可证密钥链接。点击提供的链接从服务器中选择和你操作系统合适的版本下载二进制安装包以及许可证文件。 + +我们把它下载到 home 目录并更改它的权限为可执行。 + +![Zephyr 二进制包](http://blog.linoxide.com/wp-content/uploads/2015/08/22.png) + +### 开始安装和配置 Zephyr ### + +现在我们通过执行它的二进制安装脚本开始安装 Zephyr。 + + [root@centos-007 ~]# ./zephyr_4_7_9213_linux_setup.sh –c + +一旦你运行了上面的命令,它会检查是否正确配置了 Java 环境变量。如果配置不正确,你可能会看到类似下面的错误。 + + testing JVM in /usr ... + Starting Installer ... + Error : Either JDK is not found at expected locations or JDK version is mismatched. + Zephyr requires Oracle Java Development Kit (JDK) version 1.7 or higher. + +如果你正确配置了 Java,它会开始安装 Zephyr 并要求你输入 “o” 继续或者输入 “c” 取消安装。让我们敲击 “o” 并输入回车键开始安装。 + +![安装 zephyr](http://blog.linoxide.com/wp-content/uploads/2015/08/32.png) + +下一个选项是检查安装 Zephyr 所有的要求,输入回车进入下一个选项。 + +![zephyr 要求](http://blog.linoxide.com/wp-content/uploads/2015/08/42.png) + +输入 “1” 并回车同意许可证协议。 + + I accept the terms of this license agreement [1], I do not accept the terms of this license agreement [2, Enter] + +我们需要选择安装 Zephyr 合适的目标位置以及默认端口,如果你想用默认端口之外的其它端口,也可以在这里配置。 + +![installation folder](http://blog.linoxide.com/wp-content/uploads/2015/08/52.png) + +然后自定义 mysql 数据库参数并给出配置文件的正确路径。在这一步你可能看到类似下面的错误。 + + Please update MySQL configuration. Configuration parameter max_connection should be at least 500 (max_connection = 500) and max_allowed_packet should be at least 50MB (max_allowed_packet = 50M). + +要消除这个错误,你要确保在 mysql 配置文件中正确配置了 "max\_connection" 和 "max\_allowed\_packet" 参数。运行所示的命令连接到数据库确认这些设置。 + +![连接 mysql](http://blog.linoxide.com/wp-content/uploads/2015/08/62.png) + +当你正确配置了 mysql 数据库,它会提取配置文件并完成安装。 + +![配置 mysql](http://blog.linoxide.com/wp-content/uploads/2015/08/72.png) + +安装过程在你的计算机上成功的安装了 Zephyr 4.7。要启动 Zephyr 桌面,输入 “y” 完成 Zephyr 安装。 + +![启动 zephyr](http://blog.linoxide.com/wp-content/uploads/2015/08/82.png) + +### 启动 Zephyr 桌面 ### + +打开你的 web 浏览器并用你的本机 IP 地址启动 Zephyr 桌面,你会被导向 Zephyr 桌面。 + + http://your_server_IP/zephyr/desktop/ + +![Zephyr 桌面](http://blog.linoxide.com/wp-content/uploads/2015/08/91.png) + +从 Zephyr 仪表盘点击 "Test Manager" 并用默认的用户名和密码 "test.manager" 登录。 + +![Test Manage 登录](http://blog.linoxide.com/wp-content/uploads/2015/08/test_manager_login.png) + +你登录进去后你就可以配置你的管理设置了。根据你的环境选择你想要的设置。 + +![Test Manage 管理](http://blog.linoxide.com/wp-content/uploads/2015/08/test_manage_admin.png) + +完成管理设置后保存设置,资源管理和项目配置也类似,然后开始使用 Zephyr 作为你的测试管理工具吧。如图所示在 Department Dashboard Management 中检查和编辑管理设置状态。 + +![zephyr 仪表盘](http://blog.linoxide.com/wp-content/uploads/2015/08/dashboard.png) + +### 总结 ### + +好了! 我们已经在 CentOS 7.1 上安装完了 Zephyr。我们希望你能更加深入了解 Zephyr 测试管理工具,它提供简化测试流程、允许快速访问数据分析、协作工具以及多个项目成员之间交流。如果在你的环境中遇到任何问题,欢迎和我们联系。 + +-------------------------------------------------------------------------------- + +via: http://linoxide.com/linux-how-to/setup-zephyr-tool-centos-7-x/ + +作者:[Kashif Siddique][a] +译者:[ictlyh](http://mutouxiaogui.cn/blog/) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://linoxide.com/author/kashifs/ \ No newline at end of file diff --git a/translated/tech/20150831 Linux workstation security checklist.md b/translated/tech/20150831 Linux workstation security checklist.md new file mode 100644 index 0000000000..11155a48e0 --- /dev/null +++ b/translated/tech/20150831 Linux workstation security checklist.md @@ -0,0 +1,487 @@ +Linux平台安全备忘录 +================================================================================ +这是一组Linux基金会自己系统管理员的推荐规范。所有Linux基金会的雇员都是远程工作,我们使用这套指导方针确保系统管理员的系统通过核心安全需求,降低我们平台成为攻击目标的风险。 + +即使你的系统管理员不用远程工作,很有可能的是,很多人的工作是在一个便携的笔记本上完成的,或者在业余时间或紧急时刻他们在工作平台中部署自己的家用系统。不论发生何种情况,你都能对应这个规范匹配到你的环境中。 + +这绝不是一个详细的“工作站加固”文档,可以说这是一个努力避免大多数明显安全错误导致太多不便的一组规范的底线。你可能阅读这个文档会认为它的方法太偏执,同时另一些人也许会认为这仅仅是一些肤浅的研究。安全就像在高速公路上开车 -- 任何比你开的慢的都是一个傻瓜,然而任何比你开的快的人都是疯子。这个指南仅仅是一些列核心安全规则,既不详细又不是替代经验,警惕,和常识。 + +每一节都分为两个部分: + +- 核对适合你项目的需求 +- 随意列出关心的项目,解释为什么这么决定 + +## 严重级别 + +在清单的每一个项目都包括严重级别,这些是我们希望能帮助指导你的决定: + +- _(关键)_ 项目应该在考虑列表上被明确的重视。如果不采取措施,将会导致你的平台安全出现高风险。 +- _(中等)_ 项目将改善你的安全形态,但不是很重要,尤其是如果他们太多的干涉你的工作流程。 +- _(低等)_ 项目也许会改善整体安全性,但是在便利权衡下也许并不值得。 +- _(可疑)_ 留作感觉会明显完善我们平台安全的项目,但是可能会需要大量的调整与操作系统交互的方式。 + +记住,这些只是参考。如果你觉得这些严重级别不能表达你的工程对安全承诺,正如你所见你应该调整他们为你合适的。 + +## 选择正确的硬件 + +我们禁止管理员使用一个特殊供应商或者一个特殊的型号,所以在选择工作系统时这部分是核心注意事项。 + +### 清单 + +- [ ] 系统支持安全启动 _(关键)_ +- [ ] 系统没有火线,雷电或者扩展卡接口 _(中等)_ +- [ ] 系统有TPM芯片 _(低)_ + +### 注意事项 + +#### 安全引导 + +尽管它是有争议的性质,安全引导提供了对抗很多针对平台的攻击(Rootkits, "Evil Maid,"等等),没有介绍太多额外的麻烦。它将不会停止真正专用的攻击者,加上有很大程度上,站点安全机构有办法应对它(可能通过设计),但是拥有安全引导总比什么都没有强。 + +作为选择,你也许部署了[Anti Evil Maid][1]提供更多健全的保护,对抗安全引导支持的攻击类型,但是它需要更多部署和维护的工作。 + +#### 系统没有火线,雷电或者扩展卡接口 + +火线是一个标准,故意的,允许任何连接设备完全直接内存访问你的系统([查看维基百科][2])。雷电接口和扩展卡同样有问题,虽然一些后来部署的雷电接口试图限制内存访问的范围。如果你没有这些系统端口,那是最好的,但是它并不严重,他们通常可以通过UEFI或内核本身禁用。 + +#### TPM芯片 + +可信平台模块(TPM)是主板上的一个与核心处理器单独分开的加密芯片,他可以用来增加平台的安全性(比如存储完整磁盘加密密钥),不过通常不用在日常平台操作。最多,这是个很好的存在,除非你有特殊需要使用TPM增加你平台安全性。 + +## 预引导环境 + +这是你开始安装系统前的一系列推荐规范。 + +### 清单 + +- [ ] 使用UEFI引导模式(不是传统BIOS)_(关键)_ +- [ ] 进入UEFI配置需要使用密码 _(关键)_ +- [ ] 使用安全引导 _(关键)_ +- [ ] 启动系统需要UEFI级别密码 _(低)_ + +### 注意事项 + +#### UEFI和安全引导 + +UEFI尽管有缺点,还是提供很多传统BIOS没有的好功能,比如安全引导。大多数现代的系统都默认使用UEFI模式。 + +UEFI配置模式密码要确保密码强度。注意,很多厂商默默地限制了你使用密码长度,所以对比长口令你也许应该选择高熵短密码(更多地密码短语看下面)。 + +基于你选择的Linux分支,你也许会也许不会跳过额外的圈子,以导入你的发行版的安全引导键,才允许你启动发行版。很多分支已经与微软合作大多数厂商给他们已发布的内核签订密钥,这已经是大多数厂商公认的了,因此为了避免问题你必须处理密钥导入。 + +作为一个额外的措施,在允许某人得到引导分区然后尝试做一些不好的事之前,让他们输入密码。为了防止肩窥,这个密码应该跟你的UEFI管理密码不同。如果你关闭启动太多,你也许该选择别把心思费在这上面,当你已经进入LUKS密码,这将为您节省一些额外的按键。 + +## 发行版选择注意事项 + +很有可能你会坚持一个广泛使用的发行版如Fedora,Ubuntu,Arch,Debian,或他们的一个类似分支。无论如何,这是你选择使用发行版应该考虑的。 + +### 清单 + +- [ ] 拥有一个强健的MAC/RBAC系统(SELinux/AppArmor/Grsecurity) _(关键)_ +- [ ] 公开的安全公告 _(关键)_ +- [ ] 提供及时的安全补丁 _(关键)_ +- [ ] 提供密码验证的包 _(关键)_ +- [ ] 完全支持UEFI和安全引导 _(关键)_ +- [ ] 拥有健壮的原生全磁盘加密支持 _(关键)_ + +### 注意事项 + +#### SELinux,AppArmor,和GrSecurity/PaX + +强制访问控制(MAC)或者基于角色的访问控制(RBAC)是一个POSIX系统遗留的基于用户或组的安全机制延伸。这些天大多数发行版已经绑定MAC/RBAC系统(Fedora,Ubuntu),或通过提供一种机制一个可选的安装后的步骤来添加它(Gentoo,Arch,Debian)。很明显,强烈建议您选择一个预装MAC/RBAC系统的分支,但是如果你对一个分支情有独钟,没有默认启用它,装完系统后应计划配置安装它。 + +应该坚决避免使用不带任何MAC/RBAC机制的分支,像传统的POSIX基于用户和组的安全在当今时代应该算是考虑不足。如果你想建立一个MAC/RBAC工作站,通常会考虑AppArmor和PaX,他们比SELinux更容易学习。此外,在一个工作站上,有很少或者没有额外的监听用户运行的应用造成的最高风险,GrSecurity/PaX_可能_会比SELinux提供更多的安全效益。 + +#### 发行版安全公告 + +大多数广泛使用的分支都有一个机制发送安全公告到他们的用户,但是如果你对一些机密感兴趣,查看开发人员是否有记录机制提醒用户安全漏洞和补丁。缺乏这样的机制是一个重要的警告信号,这个分支不够成熟,不能被视为主要管理工作站。 + +#### 及时和可靠的安全更新 + +多数常用的发行版提供的定期安全更新,但为确保关键包更新及时提供是值得检查的。避免使用分支和"社区重建"的原因是,由于不得不等待上游分支先发布它,他们经常延迟安全更新。 + +你如果找到一个在安装包,更新元数据,或两者上不使用加密签名的发行版,将会处于困境。这么说,常用的发行版多年前就已经知道这个基本安全的意义(Arch,我正在看你),所以这也是值得检查的。 + +#### 发行版支持UEFI和安全引导 + +检查发行版支持UEFI和安全引导。查明它是否需要导入额外的密钥或是否要求启动内核有一个已经被系统厂商信任的密钥签名(例如跟微软达成合作)。一些发行版不支持UEFI或安全启动,但是提供了替代品来确保防篡改或防破坏引导环境([Qubes-OS][3]使用Anti Evil Maid,前面提到的)。如果一个发行版不支持安全引导和没有机制防止引导级别攻击,还是看看别的吧。 + +#### 全磁盘加密 + +全磁盘加密是保护静止数据要求,大多数发行版都支持。作为一个选择方案,系统自加密硬件驱动也许用来(通常通过主板TPM芯片实现)和提供类似安全级别加更快的选项,但是花费也更高。 + +## 发行版安装指南 + +所有发行版都是不同的,但是也有一些一般原则: + +### 清单 + +- [ ] 使用健壮的密码全磁盘加密(LUKS) _(关键)_ +- [ ] 确保交换分区也加密了 _(关键)_ +- [ ] 确保引导程序设置了密码(可以和LUKS一样) _(关键)_ +- [ ] 设置健壮的root密码(可以和LUKS一样) _(关键)_ +- [ ] 使用无特权账户登录,管理员组的一部分 _(关键)_ +- [ ] 设置强壮的用户登录密码,不同于root密码 _(关键)_ + +### 注意事项 + +#### 全磁盘加密 + +除非你正在使用自加密硬件设备,配置你的安装程序给磁盘完整加密用来存储你的数据与你的系统文件很重要。通过自动安装的cryptfs循环文件加密用户目录还不够简单(我正在看你,老版Ubuntu),这并没有给系统二进制文件或交换分区提供保护,它可能包含大量的敏感数据。推荐的加密策略是加密LVM设备,所以在启动过程中只需要一个密码。 + +`/boot`分区将一直保持非加密,当引导程序需要引导内核前,调用LUKS/dm-crypt。内核映像本身应该用安全引导加密签名检查防止被篡改。 + +换句话说,`/boot`应该是你系统上唯一没有加密的分区。 + +#### 选择好密码 + +现代的Linux系统没有限制密码口令长度,所以唯一的限制是你的偏执和倔强。如果你要启动你的系统,你将大概至少要输入两个不同的密码:一个解锁LUKS,另一个登陆,所以长密码将会使你老的很快。最好从丰富或混合的词汇中选择2-3个单词长度,容易输入的密码。 + +优秀密码例子(是的,你可以使用空格): +- nature abhors roombas +- 12 in-flight Jebediahs +- perdon, tengo flatulence + +如果你更喜欢输入口令句,你也可以坚持使用无词汇密码但最少要10-12个字符长度。 + +除非你有人身安全的担忧,写下你的密码,并保存在一个远离你办公桌的安全的地方才合适。 + +#### Root,用户密码和管理组 + +我们建议,你的root密码和你的LUKS加密使用同样的密码(除非你共享你的笔记本给可信的人,他应该能解锁设备,但是不应该能成为root用户)。如果你是笔记本电脑的唯一用户,那么你的root密码与你的LUKS密码不同是没有意义的安全优势。通常,你可以使用同样的密码在你的UEFI管理,磁盘加密,和root登陆 -- 知道这些任意一个都会让攻击者完全控制您的系统,在单用户工作站上使这些密码不同,没有任何安全益处。 + +你应该有一个不同的,但同样强健的常规用户帐户密码用来每天工作。这个用户应该是管理组用户(例如`wheel`或者类似,根据分支),允许你执行`sudo`来提升权限。 + +换句话说,如果在你的工作站只有你一个用户,你应该有两个独特的,强健的,同样的强壮的密码需要记住: + +**管理级别**,用在以下区域: + +- UEFI管理 +- 引导程序(GRUB) +- 磁盘加密(LUKS) +- 工作站管理(root用户) + +**User-level**, used for the following: +**用户级别**,用在以下: + +- 用户登陆和sudo +- 密码管理器的主密码 + +很明显,如果有一个令人信服的理由他们所有可以不同。 + +## 安装后的加强 + +安装后的安全性加强在很大程度上取决于你选择的分支,所以在一个通用的文档中提供详细说明是徒劳的,例如这一个。然而,这里有一些你应该采取的步骤: + +### 清单 + +- [ ] 在全体范围内禁用火线和雷电模块 _(关键)_ +- [ ] 检查你的防火墙,确保过滤所有传入端口 _(关键)_ +- [ ] 确保root邮件转发到一个你可以查看到的账户 _(关键)_ +- [ ] 检查以确保sshd服务默认情况下是禁用的 _(中等)_ +- [ ] 建立一个系统自动更新任务,或更新提醒 _(中等)_ +- [ ] 配置屏幕保护程序在一段时间的不活动后自动锁定 _(中等)_ +- [ ] 建立日志监控 _(中等)_ +- [ ] 安装使用rkhunter _(低等)_ +- [ ] 安装一个入侵检测系统 _(偏执)_ + +### 注意事项 + +#### 黑名单模块 + +将火线和雷电模块列入黑名单,增加一行到`/etc/modprobe.d/blacklist-dma.conf`文件: + + blacklist firewire-core + blacklist thunderbolt + +重启后的模块将被列入黑名单。这样做是无害的,即使你没有这些端口(但也不做任何事)。 + +#### Root邮件 + +默认的root邮件只是存储在系统基本上没人读过。确保你设置了你的`/etc/aliases`来转发root邮件到你确实能读取的邮箱,否则你也许错过了重要的系统通知和报告: + + # Person who should get root's mail + root: bob@example.com + +编辑后这些后运行`newaliases`,然后测试它确保已投递,像一些邮件供应商将拒绝从没有或者不可达的域名的邮件。如果是这个原因,你需要配置邮件转发直到确实可用。 + +#### 防火墙,sshd,和监听进程 + +默认的防火墙设置将取决于您的发行版,但是大多数都允许`sshd`端口连入。除非你有一个令人信服的合理理由允许连入ssh,你应该过滤出来,禁用sshd守护进程。 + + systemctl disable sshd.service + systemctl stop sshd.service + +如果你需要使用它,你也可以临时启动它。 + +通常,你的系统不应该有任何侦听端口除了响应ping。这将有助于你对抗网络级别的零日漏洞利用。 + +#### 自动更新或通知 + +建议打开自动更新,除非你有一个非常好的理由不这么做,如担心自动更新将使您的系统无法使用(这是发生在过去,所以这种恐惧并非杞人忧天)。至少,你应该启用自动通知可用的更新。大多数发行版已经有这个服务自动运行,所以你不需要做任何事。查阅你的发行版文档查看更多。 + +你应该尽快应用所有明显的勘误,即使这些不是特别贴上“安全更新”或有关联的CVE代码。所有错误都潜在的安全漏洞和新的错误,比起坚持旧的,已知的错误,未知错误通常是更安全的策略。 + +#### 监控日志 + +你应该对你的系统上发生了什么很感兴趣。出于这个原因,你应该安装`logwatch`然后配置它每夜发送在你的系统上发生的任何事情的活动报告。这不会预防一个专业的攻击者,但是一个好安全网功能。 + +注意,许多systemd发行版将不再自动安装一个“logwatch”需要的syslog服务(由于systemd依靠自己的分类),所以你需要安装和启用“rsyslog”来确保使用logwatch之前你的/var/log不是空。 + +#### Rkhunter和IDS + +安装`rkhunter`和一个入侵检测系统(IDS)像`aide`或者`tripwire`将不会有用,除非你确实理解他们如何工作采取必要的步骤来设置正确(例如,保证数据库在额外的媒介,从可信的环境运行检测,记住执行系统更新和配置更改后要刷新数据库散列,等等)。如果你不愿在你的工作站执行这些步骤调整你如何工作,这些工具将带来麻烦没有任何实在的安全益处。 + +我们强烈建议你安装`rkhunter`并每晚运行它。它相当易于学习和使用,虽然它不会阻止一个复杂的攻击者,它也能帮助你捕获你自己的错误。 + +## 个人工作站备份 + +工作站备份往往被忽视,或无计划的做,常常是不安全的方式。 + +### 清单 + +- [ ] 设置加密备份工作站到外部存储 _(关键)_ +- [ ] 使用零认知云备份的备份工具 _(中等)_ + +### 注意事项 + +#### 全加密备份存到外部存储 + +把全部备份放到一个移动磁盘中比较方便,不用担心带宽和流速(在这个时代,大多数供应商仍然提供显著的不对称的上传/下载速度)。不用说,这个移动硬盘本身需要加密(又一次,通过LIKS),或者你应该使用一个备份工具建立加密备份,例如`duplicity`或者它的GUI版本,`deja-dup`。我建议使用后者并使用随机生成的密码,保存到你的密码管理器中。如果你带上笔记本去旅行,把这个磁盘留在家,以防你的笔记本丢失或被窃时可以找回备份。 + +除了你的家目录外,你还应该备份`/etc`目录和处于鉴定目的的`/var/log`目录。 + +首先是,避免拷贝你的家目录到任何非加密存储上,甚至是快速的在两个系统上移动文件,一旦完成你肯定会忘了清除它,暴露个人隐私或者安全信息到监听者手中 -- 尤其是把这个存储跟你的笔记本防盗同一个包里。 + +#### 零认知站外备份选择性 + +站外备份也是相当重要的,是否可以做到要么需要你的老板提供空间,要么找一家云服务商。你可以建一个单独的duplicity/deja-dup配置,只包括重要的文件,以免传输大量你不想备份的数据(网络缓存,音乐,下载等等)。 + +作为选择,你可以使用零认知备份工具,例如[SpiderOak][5],它提供一个卓越的Linux GUI工具还有实用的特性,例如在多个系统或平台间同步内容。 + +## 最佳实践 + +下面是我们认为你应该采用的最佳实践列表。它当然不是非常详细的,而是试图提供实用的建议,一个可行的整体安全性和可用性之间的平衡 + +### 浏览 + +毫无疑问,在你的系统上web浏览器将是最大、最容易暴露的攻击层面的软件。它是专门下载和执行不可信,恶意代码的一个工具。它试图采用沙箱和代码卫生处理等多种机制保护你免受这种危险,但是在之前多个场合他们都被击败了。你应该学到浏览网站是最不安全的活动在你参与的任何一天。 + +有几种方法可以减少浏览器的影响,但真正有效的方法需要你操作您的工作站将发生显著的变化。 + +#### 1: 实用两个不同的浏览器 + +这很容易做到,但是只有很少的安全效益。并不是所有浏览器都妥协给攻击者完全自由访问您的系统 -- 有时他们只能允许一个读取本地浏览器存储,窃取其他标签的活动会话,捕获输入浏览器,例如,实用两个不同的浏览器,一个用在工作/高安全站点,另一个用在其他,有助于防止攻击者请求整个饼干罐的小妥协。主要的不便是两个不同的浏览器消耗内存大量。 + +我们建议: + +##### 火狐用来工作和高安全站点 + +使用火狐登陆工作有关的站点,应该额外关心的是确保数据如cookies,会话,登陆信息,打键次数等等,明显不应该落入攻击者手中。除了少数的几个网站,你不应该用这个浏览器访问其他网站。 + +你应该安装下面的火狐扩展: + +- [ ] NoScript _(关键)_ + - NoScript阻止活动内容加载,除非在用户白名单里的域名。跟你默认浏览器比它使用起来很麻烦(可是提供了真正好的安全效益),所以我们建议只在开启了它的浏览器上访问与工作相关的网站。 + +- [ ] Privacy Badger _(关键)_ + - EFF的Privacy Badger将在加载时预防大多数外部追踪器和广告平台,在这些追踪站点影响你的浏览器时将有助于避免妥协(追踪着和广告站点通常会成为攻击者的目标,因为他们会迅速影响世界各地成千上万的系统)。 + +- [ ] HTTPS Everywhere _(关键)_ + - 这个EFF开发的扩展将确保你访问的大多数站点都在安全连接上,甚至你点击的连接使用的是http://(有效的避免大多数的攻击,例如[SSL-strip][7])。 + +- [ ] Certificate Patrol _(中等)_ + - 如果你正在访问的站点最近改变了他们的TLS证书 -- 特别是如果不是接近失效期或者现在使用不同的证书颁发机构,这个工具将会警告你。它有助于警告你是否有人正尝试中间人攻击你的连接,但是产生很多无害的假的类似情况。 + +你应该让火狐成为你的默认打开连接的浏览器,因为NoScript将在加载或者执行时阻止大多数活动内容。 + +##### 其他一切都用Chrome/Chromium + +Chromium开发者在增加很多很好的安全特性方面比火狐强(至少[在Linux上][6])),例如seccomp沙箱,内核用户名空间等等,这担当一个你访问网站和你其他系统间额外的隔离层。Chromium是流开源项目,Chrome是Google所有的基于它构建的包(使用它输入时要非常谨慎任,何你不想让谷歌知道的事情都不要使用它)。 + +有人推荐你在Chrome上也安装**Privacy Badger**和**HTTPS Everywhere**扩展,然后给他一个不同的主题,从火狐指出这是你浏览器“不信任的站点”。 + +#### 2: 使用两个不同浏览器,一个在专用的虚拟机里 + +这有点像上面建议的做法,除了您将添加一个额外的步骤,通过快速访问协议运行专用虚拟机内部Chrome,允许你共享剪贴板和转发声音事件(如,Spice或RDP)。这将在不可信的浏览器和你其他的工作环境之间添加一个优秀的隔离层,确保攻击者完全危害你的浏览器将不得不另外打破VM隔离层,以达到系统的其余部分。 + +这是一个出奇可行的结构,但是需要大量的RAM和高速处理器可以处理增加的负载。这还需要一个重要的奉献的管理员需要相应地调整自己的工作实践。 + +#### 3: 通过虚拟化完全隔离你的工作和娱乐环境 + +看[Qubes-OS项目][3],它致力于通过划分你的应用到完全独立分开的VM中,提供高安全工作环境。 + +### 密码管理器 + +#### 清单 + +- [ ] 使用密码管理器 _(关键)_ +- [ ] 不相关的站点使用不同的密码 _(关键)_ +- [ ] 使用支持团队共享的密码管理器 _(中等)_ +- [ ] 给非网站用户使用一个单独的密码管理器 _(偏执)_ + +#### 注意事项 + +使用好的,唯一的密码对你的团队成员来说应该是非常关键的需求。证书盗取一直在发生 — 要么通过中间计算机,盗取数据库备份,远程站点利用,要么任何其他的打算。证书从不应该通过站点被重用,尤其是关键的应用。 + + +##### 浏览器中的密码管理器 + +每个浏览器有一个比较安全的保存密码机制,通过供应商的机制可以同步到云存储同事用户提供密码保证数据加密。无论如何,这个机制有严重的劣势: + + +1. 不能跨浏览器工作 +2. 不提供任何与团队成员共享凭证的方法 + +也有一些良好的支持,免费或便宜的密码管理器,很好的融合到多个浏览器,跨平台工作,提供小组共享(通常是支付服务)。可以很容易地通过搜索引擎找到解决方案。 + +##### 独立的密码管理器 + +任何密码管理器都有一个主要的缺点,与浏览器结合,事实上是应用的一部分,这样最有可能被入侵者攻击。如果这让你不舒服(应该这样),你应该选择两个不同的密码管理器 -- 一个集成在浏览器中用来保存网站密码,一个作为独立运行的应用。后者可用于存储高风险凭证如root密码,数据库密码,其他shell账户凭证等。 + +有这样的工具可以特别有效的在团腿成员间共享超级用户的凭据(服务器根密码,ILO密码,数据库管理密码,引导装载程序密码等等)。 + +这几个工具可以帮助你: + +- [KeePassX][8],2版中改善了团队共享 +- [Pass][9],它使用了文本文件和PGP并与git结合 +- [Django-Pstore][10],他是用GPG在管理员之间共享凭据 +- [Hiera-Eyaml][11],如果你已经在你的平台中使用了Puppet,可以便捷的追踪你的服务器/服务凭证,像你的Hiera加密数据的一部分。 + +### 加固SSH和PGP私钥 + +个人加密密钥,包括SSH和PGP私钥,都是你工作站中最重要的物品 -- 攻击将在获取到感兴趣的东西,这将允许他们进一步攻击你的平台或冒充你为其他管理员。你应该采取额外的步骤,确保你的私钥免遭盗窃。 + +#### 清单 + +- [ ] 强壮的密码用来保护私钥 _(关键)_ +- [ ] PGP的主密码保存在移动存储中 _(中等)_ +- [ ] 身份验证、签名和加密注册表子项存储在智能卡设备 _(中等)_ +- [ ] SSH配置为使用PGP认证密钥作为ssh私钥 _(中等)_ + +#### 注意事项 + +防止私钥被偷的最好方式是使用一个智能卡存储你的加密私钥,不要拷贝到工作平台上。有几个厂商提供支持OpenPGP的设备: + +- [Kernel Concepts][12],在这里可以采购支持OpenPGP的智能卡和USB读取器,你应该需要一个。 +- [Yubikey NEO][13],这里提供OpenPGP功能的智能卡还提供很多很酷的特性(U2F, PIV, HOTP等等)。 + +确保PGP主密码没有存储在工作平台也很重要,只有子密码在使用。主密钥只有在登陆其他的密钥和创建子密钥时使用 — 不经常发生这种操作。你可以照着[Debian的子密钥][14]向导来学习如何移动你的主密钥到移动存储和创建子密钥。 + +你应该配置你的gnupg代理作为ssh代理然后使用基于智能卡PGP认证密钥作为你的ssh私钥。我们公布了一个细节向导如何使用智能卡读取器或Yubikey NEO。 + +如果你不想那么麻烦,最少要确保你的PGP私钥和你的SSH私钥有个强健的密码,这将让攻击者很难盗取使用它们。 + +### 工作站上的SELinux + +如果你使用的发行版绑定了SELinux(如Fedora),这有些如何使用它的建议,让你的工作站达到最大限度的安全。 + +#### 清单 + +- [ ] 确保你的工作站强制使用SELinux _(关键)_ +- [ ] 不要盲目的执行`audit2allow -M`,经常检查 _(关键)_ +- [ ] 从不 `setenforce 0` _(中等)_ +- [ ] 切换你的用户到SELinux用户`staff_u` _(中等)_ + +#### 注意事项 + +SELinux是一个强制访问控制(MAC)为POSIX许可核心功能扩展。它是成熟,强健,自从它推出以来已经有很长的路了。不管怎样,许多系统管理员现在重复过时的口头禅“关掉它就行。” + +话虽如此,在工作站上SELinux还是限制了安全效益,像很多应用都要作为一个用户自由的运行。开启它有益于给网络提供足够的保护,有可能有助于防止攻击者通过脆弱的后台服务提升到root级别的权限用户。 + +我们的建议是开启它并强制使用。 + +##### 从不`setenforce 0` + +使用`setenforce 0`短时间内把SELinux设置为许可模式,但是你应该避免这样做。其实你是想查找一个特定应用或者程序的问题,实际上这样是把全部系统的SELinux关闭了。 + +你应该使用`semanage permissive -a [somedomain_t]`替换`setenforce 0`,只把这个程序放入许可模式。首先运行`ausearch`查看那个程序发生问题: + + ausearch -ts recent -m avc + +然后看下`scontext=`(SELinux的上下文)行,像这样: + + scontext=staff_u:staff_r:gpg_pinentry_t:s0-s0:c0.c1023 + ^^^^^^^^^^^^^^ + +这告诉你程序`gpg_pinentry_t`被拒绝了,所以你想查看应用的故障,应该增加它到许可模式: + + semange permissive -a gpg_pinentry_t + +这将允许你使用应用然后收集AVC的其他部分,你可以连同`audit2allow`写一个本地策略。一旦完成你就不会看到新的AVC的拒绝,你可以从许可中删除程序,运行: + + semanage permissive -d gpg_pinentry_t + +##### 用SELinux的用户staff_r,使用你的工作站 + +SELinux附带的本地角色实现基于角色的用户帐户禁止或授予某些特权。作为一个管理员,你应该使用`staff_r`角色,这可以限制访问很多配置和其他安全敏感文件,除非你先执行`sudo`。 + +默认,用户作为`unconfined_r`被创建,你可以运行大多数应用,没有任何(或只有一点)SELinux约束。转换你的用户到`staff_r`角色,运行下面的命令: + + usermod -Z staff_u [username] + +你应该退出然后登陆激活新角色,届时如果你运行`id -Z`,你将会看到: + + staff_u:staff_r:staff_t:s0-s0:c0.c1023 + +在执行`sudo`时,你应该记住增加一个额外的标准告诉SELinux转换到"sysadmin"角色。你想要的命令是: + + sudo -i -r sysadm_r + +届时`id -Z`将会显示: + + staff_u:sysadm_r:sysadm_t:s0-s0:c0.c1023 + +**警告**:在进行这个切换前你应该舒服的使用`ausearch`和`audit2allow`,当你作为`staff_r`角色运行时你的应用有可能不再工作了。写到这里时,以下流行的应用已知在`staff_r`下没有做策略调整就不会工作: + +- Chrome/Chromium +- Skype +- VirtualBox + +切换回`unconfined_r`,运行下面的命令: + + usermod -Z unconfined_u [username] + +然后注销再重新回到舒服的区域。 + +## 延伸阅读 + +IT安全的世界是一个没有底的兔子洞。如果你想深入,或者找到你的具体发行版更多的安全特性,请查看下面这些链接: + +- [Fedora Security Guide](https://docs.fedoraproject.org/en-US/Fedora/19/html/Security_Guide/index.html) +- [CESG Ubuntu Security Guide](https://www.gov.uk/government/publications/end-user-devices-security-guidance-ubuntu-1404-lts) +- [Debian Security Manual](https://www.debian.org/doc/manuals/securing-debian-howto/index.en.html) +- [Arch Linux Security Wiki](https://wiki.archlinux.org/index.php/Security) +- [Mac OSX Security](https://www.apple.com/support/security/guides/) + +## 许可 + +这项工作在[创作共用授权4.0国际许可证][0]许可下。 + +-------------------------------------------------------------------------------- + +via: https://github.com/lfit/itpol/blob/master/linux-workstation-security.md#linux-workstation-security-list + +作者:[mricon][a] +译者:[wyangsun](https://github.com/wyangsun) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://github.com/mricon +[0]: http://creativecommons.org/licenses/by-sa/4.0/ +[1]: https://github.com/QubesOS/qubes-antievilmaid +[2]: https://en.wikipedia.org/wiki/IEEE_1394#Security_issues +[3]: https://qubes-os.org/ +[4]: https://xkcd.com/936/ +[5]: https://spideroak.com/ +[6]: https://code.google.com/p/chromium/wiki/LinuxSandboxing +[7]: http://www.thoughtcrime.org/software/sslstrip/ +[8]: https://keepassx.org/ +[9]: http://www.passwordstore.org/ +[10]: https://pypi.python.org/pypi/django-pstore +[11]: https://github.com/TomPoulton/hiera-eyaml +[12]: http://shop.kernelconcepts.de/ +[13]: https://www.yubico.com/products/yubikey-hardware/yubikey-neo/ +[14]: https://wiki.debian.org/Subkeys +[15]: https://github.com/lfit/ssh-gpg-smartcard-config diff --git a/translated/tech/20150914 Linux FAQs with Answers--How to check weather forecasts from the command line on Linux.md b/translated/tech/20150914 Linux FAQs with Answers--How to check weather forecasts from the command line on Linux.md deleted file mode 100644 index b7751e118a..0000000000 --- a/translated/tech/20150914 Linux FAQs with Answers--How to check weather forecasts from the command line on Linux.md +++ /dev/null @@ -1,70 +0,0 @@ -Linux 问与答:如何在Linux 命令行下浏览天气预报 -================================================================================ -> **Q**: 我经常在Linux 桌面查看天气预报。然而,是否有一种在终端环境下,不通过桌面小插件或者网络查询天气预报的方法? - -对于Linux 桌面用户来说,有很多办法获取天气预报,比如使用专门的天气应用,桌面小插件,或者面板小程序。但是如果你的工作环境实际与终端的,这里也有一些在命令行下获取天气的手段。 - -其中有一个就是 [wego][1],**一个终端下的小巧程序**。使用基于ncurses 的接口,这个命令行程序允许你查看当前的天气情况和之后的预报。它也会通过一个天气预报的API 收集接下来5 天的天气预报。 - -### 在Linux 下安装Wego ### -安装wego 相当简单。wego 是用Go 编写的,引起第一个步骤就是安装[Go 语言][2]。然后再安装wego。 - - $ go get github.com/schachmat/wego - -wego 会被安装到$GOPATH/bin,所以要将$GOPATH/bin 添加到$PATH 环境变量。 - - $ echo 'export PATH="$PATH:$GOPATH/bin"' >> ~/.bashrc - $ source ~/.bashrc - -现在就可与直接从命令行启动wego 了。 - - $ wego - -第一次运行weg 会生成一个配置文件(~/.wegorc),你需要指定一个天气API key。 -你可以从[worldweatheronline.com][3] 获取一个免费的API key。免费注册和使用。你只需要提供一个有效的邮箱地址。 - -![](https://farm6.staticflickr.com/5781/21317466341_5a368b0d26_c.jpg) - -你的 .wegorc 配置文件看起来会这样: - -![](https://farm6.staticflickr.com/5620/21121418558_df0d27cd0a_b.jpg) - -除了API key,你还可以把你想要查询天气的地方、使用的城市/国家名称、语言配置在~/.wegorc 中。 -注意,这个天气API 的使用有限制:每秒最多5 次查询,每天最多250 次查询。 -当你重新执行wego 命令,你将会看到最新的天气预报(当然是你的指定地方),如下显示。 - -![](https://farm6.staticflickr.com/5776/21121218110_dd51e03ff4_c.jpg) - -显示出来的天气信息包括:(1)温度,(2)风速和风向,(3)可视距离,(4)降水量和降水概率 -默认情况下会显示3 天的天气预报。如果要进行修改,可以通过参数改变天气范围(最多5天),比如要查看5 天的天气预报: - - $ wego 5 - -如果你想检查另一个地方的天气,只需要提供城市名即可: - - $ wego Seattle - -### 问题解决 ### -1. 可能会遇到下面的错误: - - user: Current not implemented on linux/amd64 - - 当你在一个不支持原生Go 编译器的环境下运行wego 时就会出现这个错误。在这种情况下你只需要使用gccgo ——一个Go 的编译器前端来编译程序即可。这一步可以通过下面的命令完成。 - - $ sudo yum install gcc-go - $ go get -compiler=gccgo github.com/schachmat/wego - --------------------------------------------------------------------------------- - -via: http://ask.xmodulo.com/weather-forecasts-command-line-linux.html - -作者:[Dan Nanni][a] -译者:[译者ID](https://github.com/oska874) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:http://ask.xmodulo.com/author/nanni -[1]:https://github.com/schachmat/wego -[2]:http://ask.xmodulo.com/install-go-language-linux.html -[3]:https://developer.worldweatheronline.com/auth/register diff --git a/translated/tech/20150929 A Developer's Journey into Linux Containers.md b/translated/tech/20150929 A Developer's Journey into Linux Containers.md deleted file mode 100644 index a71b5e8fb3..0000000000 --- a/translated/tech/20150929 A Developer's Journey into Linux Containers.md +++ /dev/null @@ -1,128 +0,0 @@ -开发者的 Linux 容器之旅 -================================================================================ -![](https://deis.com/images/blog-images/dev_journey_0.jpg) - -我告诉你一个秘密:使得我的应用程序进入到全世界的所有云计算的东西,对我来说仍然有一点神秘。但随着时间流逝,我意识到理解大规模机器配置和应用程序部署的来龙去脉对一个开发者来说是非常重要的知识。这类似于成为一个专业的音乐家。你当然需要知道如何使用你的乐器。但是,如果你不知道一个录音室是如何工作的,或者你如何适应一个交响乐团,你在这样的环境中工作会变得非常困难。 - -在软件开发的世界里,使你的代码进入我们更大的世界正如写出它来一样重要。开发重要,而且是很重要。 - -因此,为了弥合开发和部署之间的间隔,我会从头开始介绍容器技术。为什么是容器?因为有强有力的证据表明,容器是机器抽象的下一步:使计算机成为场所而不再是一个东西。理解容器是我们共同的旅程。 - -在这篇文章中,我会介绍容器化背后的概念。容器和虚拟机的区别。以及容器构建背后的逻辑以及它是如何适应应用程序架构的。我会探讨轻量级的 Linux 操作系统是如何适应容器生态系统。我还会讨论使用镜像创建可重用的容器。最后我会介绍容器集群如何使你的应用程序可以快速扩展。 - -在后面的文章中,我会一步一步向你介绍容器化一个事例应用程序的过程,以及如何为你的应用程序容器创建一个托管集群。同时,我会向你展示如何使用 Deis 将你的事例应用程序部署到你本地系统以及多种云供应商的虚拟机上。 - -让我们开始吧。 - -### 虚拟机的好处 ### - -为了理解容器如何适应事物发展,你首先要了解容器的前者:虚拟机 - -[虚拟机][1] 是运行在物理宿主机上的软件抽象。配置一个虚拟机就像是购买一台计算机:你需要定义你想要的 CPU 数目,RAM 和磁盘存储容量。配置好了机器后,你把它加载到操作系统,然后是你想让虚拟机支持的任何服务器或者应用程序。 - -虚拟机允许你在一台硬件主机上运行多个模拟计算机。这是一个简单的示意图: - -![](https://deis.com/images/blog-images/dev_journey_1.png) - -虚拟机使得能充分利用你的硬件资源。你可以购买一台大型机然后在上面运行多个虚拟机。你可以有一个数据库虚拟机以及很多运行相同版本定制应用程序的虚拟机构成的集群。你可以在有限的硬件资源获得很多的扩展能力。如果你觉得你需要更多的虚拟机而且你的宿主硬件还有容量,你可以添加任何你想要的。或者,如果你不再需要一个虚拟机,你可以关闭该虚拟机并删除虚拟机镜像。 - -### 虚拟机的局限 ### - -但是,虚拟机确实有局限。 - -如上面所示,假如你在一个主机上创建了三个虚拟机。主机有 12 个 CPU,48 GB 内存和 3TB 的存储空间。每个虚拟机配置为有 4 个 CPU,16 GB 内存和 1TB 存储空间。到现在为止,一切都还好。主机有这个容量。 - -但这里有个缺陷。所有分配给一个虚拟机的资源,无论是什么,都是专有的。每台机器都分配了 16 GB 的内存。但是,如果第一个虚拟机永不会使用超过 1GB 分配的内存,剩余的 15 GB 就会被浪费在那里。如果第三天虚拟机只使用分配的 1TB 存储空间中的 100GB,其余的 900GB 就成为浪费空间。 - -这里没有资源的流动。每台虚拟机拥有分配给它的所有资源。因此,在某种方式上我们又回到了虚拟机之前,把大部分金钱花费在未使用的资源上。 - -虚拟机还有*另一个*缺陷。扩展他们需要很长时间。如果你处于基础设施需要快速增长的情形,即使虚拟机配置是自动的,你仍然会发现你的很多时间都浪费在等待机器上线。 - -### 来到:容器 ### - -概念上来说,容器是 Linux 中认为只有它自己的一个进程。该进程只知道告诉它的东西。另外,在容器化方面,该容器进程也分配了它自己的 IP 地址。这点很重要,我会再次重复。**在容器化方面,容器进程有它自己的 IP 地址**。一旦给予了一个 IP 地址,该进程就是宿主网络中可识别的资源。然后,你可以在容器管理器上运行命令,使容器 IP 映射到主机中能访问公网的 IP 地址。该映射发生时,对于任何意图和目的,一个容器就是网络上一个可访问的独立机器,概念上类似于虚拟机。 - -再次说明,容器是拥有不同 IP 地址从而使其成为网络上可识别的独立 Linux 进程。下面是一个示意图: - -![](https://deis.com/images/blog-images/dev_journey_2.png) - -容器/进程以动态合作的方式共享主机上的资源。如果容器只需要 1GB 内存,它就只会使用 1GB。如果它需要 4GB,就会使用 4GB。CPU 和存储空间利用也是如此。CPU,内存和存储空间的分配是动态的,和典型虚拟机的静态方式不同。所有这些资源的共享都由容器管理器管理。 - -最后,容器能快速启动。 - -因此,容器的好处是:**你获得了虚拟机独立和封装的好处而抛弃了专有静态资源的缺陷**。另外,由于容器能快速加载到内存,在扩展到多个容器时你能获得更好的性能。 - -### 容器托管、配置和管理 ### - -托管容器的计算机运行着被剥离的只剩下主要部分的 Linux 版本。现在,宿主计算机流行的底层操作系统是上面提到的 [CoreOS][2]。当然还有其它,例如 [Red Hat Atomic Host][3] 和 [Ubuntu Snappy][4]。 - -所有容器之间共享Linux 操作系统,减少了容器足迹的重复和冗余。每个容器只包括该容器唯一的部分。下面是一个示意图: - -![](https://deis.com/images/blog-images/dev_journey_3.png) - -你用它所需的组件配置容器。一个容器组件被称为**层**。一层是一个容器镜像,(你会在后面的部分看到更多关于容器镜像的介绍)。你从一个基本层开始,这通常是你想在容器中使用的操作系统。(容器管理器只提供你想要的操作系统在宿主操作系统中不存在的部分。)当你构建配置你的容器时,你会添加层,例如你想要添加网络服务器 Apache,如果容器要运行脚本,则需要添加 PHP 或 Python 运行时。 - -分层非常灵活。如果应用程序或者服务容器需要 PHP 5.2 版本,你相应地配置该容器即可。如果你有另一个应用程序或者服务需要 PHP 5.6 版本,没问题,你可以使用 PHP 5.6 配置该容器。不像虚拟机,更改一个版本的运行时依赖时你需要经过大量的配置和安装过程;对于容器你只需要在容器配置文件中重新定义层。 - -所有上面描述的容器多功能性都由一个称为容器管理器的软件控制。现在,最流行的容器管理器是 [Docker][5] 和 [Rocket][6]。上面的示意图展示了容器管理器是 Docker,宿主操作系统是 CentOS 的主机情景。 - -### 容器由镜像构成 ### - -当你需要将我们的应用程序构建到容器时,你就会编译镜像。镜像代表了需要完成容器工作的容器模板。(容器里的容器)。镜像被保存在网络上的注册表里。 - -从概念上讲,注册表类似于一个使用 Java 的人眼中的 [Maven][7] 仓库,使用 .NET 的人眼中的 [NuGet][8] 服务器。你会创建一个列出了你应用程序所需镜像的容器配置文件。然后你使用容器管理器创建一个包括了你应用程序代码以及从注册表中下载的构成资源的容器。例如,如果你的应用程序包括了一些 PHP 文件,你的容器配置文件会声明你会从注册表中获取 PHP 运行时。另外,你还要使用容器配置文件声明需要复制到容器文件系统中的 .php 文件。容器管理器会封装你应用程序的所有东西为一个独立容器。该容器将会在容器管理器的管理下运行在宿主计算机上。 - -这是一个容器创建背后概念的示意图: - -![](https://deis.com/images/blog-images/dev_journey_4.png) - -让我们仔细看看这个示意图。 - -(1)表示一个定义了你容器所需东西以及你容器如何构建的容器配置文件。当你在主机上运行容器时,容器管理器会读取配置文件从云上的注册表中获取你需要的容器镜像,(2)作为层将镜像添加到你的容器。 - -另外,如果组成镜像需要其它镜像,容器管理器也会获取这些镜像并把它们作为层添加进来。(3)容器管理器会将需要的文件复制到容器中。 - -如果你使用了配置服务,例如 [Deis][9],你刚刚创建的应用程序容器作为镜像存在(4)配置服务会将它部署到你选择的云供应商上。类似 AWS 和 Rackspace 云供应商。 - -### 集群中的容器 ### - -好了。这里有一个很好的例子说明了容器比虚拟机提供了更好的配置灵活性和资源利用率。但是,这并不是全部。 - -容器真正灵活是在集群中。记住,每个容器有一个独立的 IP 地址。因此,能把它放到负载均衡器后面。将容器放到负载均衡器后面,就上升了一个层次。 - -你可以在一个负载均衡容器后运行容器集群以获得更高的性能和高可用计算。这是一个例子: - -![](https://deis.com/images/blog-images/dev_journey_5.png) - -假如你开发了一个进行资源密集型工作的应用程序。例如图片处理。使用类似 [Deis][9] 的容器配置技术,你可以创建一个包括了你图片处理程序以及你图片处理程序需要的所有资源的容器镜像。然后,你可以部署一个或多个容器镜像到主机上的负载均衡器。一旦创建了容器镜像,你可以在系统快要刷爆时把它放到一边,为了满足手中的工作时添加更多的容器实例。 - -这里还有更多好消息。你不需要每次添加实例到环境中时手动配置负载均衡器以便接受你的容器镜像。你可以使用服务发现技术告知均衡器你容器的可用性。然后,一旦获知,均衡器就会将流量分发到新的结点。 - -### 全部放在一起 ### - -容器技术完善了虚拟机不包括的部分。类似 CoreOS、RHEL Atomic、和 Ubuntu 的 Snappy 宿主操作系统,和类似 Docker 和 Rocket 的容器管理技术结合起来,使得容器变得日益流行。 - -尽管容器变得更加越来越普遍,掌握它们还是需要一段时间。但是,一旦你懂得了它们的窍门,你可以使用类似 [Deis][9] 的配置技术使容器创建和部署变得更加简单。 - -概念上理解容器和进一步实际使用它们完成工作一样重要。但我认为不实际动手把想法付诸实践,概念也难以理解。因此,我们该系列的下一阶段就是:创建一些容器。 - --------------------------------------------------------------------------------- - -via: https://deis.com/blog/2015/developer-journey-linux-containers - -作者:[Bob Reselman][a] -译者:[ictlyh](http://www.mutouxiaogui.cn/blog/) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:https://deis.com/blog -[1]:https://en.wikipedia.org/wiki/Virtual_machine -[2]:https://coreos.com/using-coreos/ -[3]:http://www.projectatomic.io/ -[4]:https://developer.ubuntu.com/en/snappy/ -[5]:https://www.docker.com/ -[6]:https://coreos.com/blog/rocket/ -[7]:https://en.wikipedia.org/wiki/Apache_Maven -[8]:https://www.nuget.org/ -[9]:http://deis.com/learn \ No newline at end of file diff --git a/translated/tech/20151020 how to h2 in apache.md b/translated/tech/20151020 how to h2 in apache.md new file mode 100644 index 0000000000..32420d5bf4 --- /dev/null +++ b/translated/tech/20151020 how to h2 in apache.md @@ -0,0 +1,375 @@ +如何在 Apache 中启用 HTTP/2 +================================================================================ +Copyright (C) 2015 greenbytes GmbH + +刚发布的 Apache httpd 2.4.17 终于支持 HTTP/2 了。这个页面给出了一些如何构建/部署/配置的建议。目的是为了大家发现 bugs 时能升级它,或者给一些能更好工作的建议。 + +最后,这会归并回到官方 Apache 文档,这里只会留下一个到那里的链接。暂时我们还没做到。 + +### 源码 ### + +你可以从[这里][1]得到 Apache 发行版。Apache 2.4.17 及其更高版本都支持 HTTP/2。我不会再重复介绍如何构建服务器的指令。在很多地方有很好的指南,例如[这里][2]。 + +(有任何试验的链接?在 Twitter 上告诉我吧 @icing) + +#### 编译支持 HTTP/2 #### + +在你编译发行版之前,你要进行一些**配置**。这里有成千上万的选项。和 HTTP/2 相关的是: + +- **--enable-http2** + + 启用在 Apache 服务器内部实现协议的 ‘http2’ 模块。 + +- **--with-nghttp2=** + + 指定 http2 模块需要的 libnghttp2 模块的非默认位置。如果 nghttp2 是在默认的位置,配置过程会自动采用。 + +- **--enable-nghttp2-staticlib-deps** + + 很少用到的选项,你可能用来静态链接 nghttp2 库到服务器。在大部分平台上,只有在找不到共享 nghttp2 库时才有效。 + +如果你想自己编译 nghttp2,你可以到 [nghttp2.org][3] 查看文档。最新的 Fedora 以及其它发行版已经附带了这个库。 + +#### TLS 支持 #### + +大部分人想在浏览器上使用 HTTP/2, 而浏览器只在 TLS 连接(**https:// 开头的 url)时支持它。你需要一些我下面介绍的配置。但首先你需要的是支持 ALPN 扩展的 TLS 库。 + + +ALPN 用来屏蔽服务器和客户端之间的协议。如果你服务器上 TLS 库还没有实现 ALPN,客户端只能通过 HTTP/1.1 通信。那么,和 Apache 连接的到底是什么?又是什么支持它呢? + +- **OpenSSL 1.0.2** 即将到来。 +- ??? + +如果你的 OpenSSL 库是 Linux 发行版自带的,这里使用的版本号可能和官方 OpenSSL 发行版的不同。如果不确定的话检查一下你的 Linux 发行版吧。 + +### 配置 ### + +另一个给服务器的好建议是为 http2 模块设置合适的日志等级。添加下面的配置: + + # 某个地方有这样一行 + LoadModule http2_module modules/mod_http2.so + + + LogLevel http2:info + + +当你启动服务器的时候,你可以在错误日志中看来类似的一行: + + [timestamp] [http2:info] [pid XXXXX:tid numbers] + mod_http2 (v1.0.0, nghttp2 1.3.4), initializing... + +#### 协议 #### + +那么,假设你已经编译部署好了服务器, TLS 库也是最新的,你启动了你的服务器,打开了浏览器。。。你怎么知道它在工作呢? + +如果除此之外你没有添加其它到服务器配置,很可能它没有工作。 + +你需要告诉服务器在哪里使用协议。默认情况下,你的服务器并没有启动 HTTP/2 协议。因为这是安全路由,你可能要有一套部署了才能继续。 + +你用 **Protocols** 命令启用 HTTP/2 协议: + + # for a https server + Protocols h2 http/1.1 + ... + + # for a http server + Protocols h2c http/1.1 + +你可以给一般服务器或者指定的 **vhosts** 添加这个配置。 + +#### SSL 参数 #### + +对于 TLS (SSL),HTTP/2 有一些特殊的要求。阅读 [https:// 连接][4]了解更详细的信息。 + +### http:// 连接 (h2c) ### + +尽管现在还没有浏览器支持 HTTP/2 协议, http:// 这样的 url 也能正常工作, 因为有 mod_h[ttp]2 的支持。启用它你只需要做的一件事是在 **httpd.conf** 配置 Protocols : + + # for a http server + Protocols h2c http/1.1 + + +这里有一些支持 **h2c** 的客户端(和客户端库)。我会在下面介绍: + +#### curl #### + +Daniel Stenberg 维护的网络资源命令行客户端 curl 当然支持。如果你的系统上有 curl,有一个简单的方法检查它是否支持 http/2: + + sh> curl -V + curl 7.43.0 (x86_64-apple-darwin15.0) libcurl/7.43.0 SecureTransport zlib/1.2.5 + Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp smb smbs smtp smtps telnet tftp + Features: AsynchDNS IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL libz UnixSockets + +不好了。这些功能中没有 'HTTP2'。你想要的是下面这样: + + sh> curl -V + url 7.45.0 (x86_64-apple-darwin15.0.0) libcurl/7.45.0 OpenSSL/1.0.2d zlib/1.2.8 nghttp2/1.3.4 + Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp smb smbs smtp smtps telnet tftp + Features: IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP HTTP2 UnixSockets + +如果你的 curl 支持 HTTP2 功能,你可以用一些简单的命令检查你的服务器: + + sh> curl -v --http2 http:/// + ... + > Connection: Upgrade, HTTP2-Settings + > Upgrade: h2c + > HTTP2-Settings: AAMAAABkAAQAAP__ + > + < HTTP/1.1 101 Switching Protocols + < Upgrade: h2c + < Connection: Upgrade + * Received 101 + * Using HTTP2, server supports multi-use + * Connection state changed (HTTP/2 confirmed) + ... + + +恭喜,如果看到了有 **...101 Switching...** 的行就表示它正在工作! + +有一些情况不会发生到 HTTP/2 的 Upgrade 。如果你的第一个请求没有内容,例如你上传一个文件,就不会触发 Upgrade。[h2c 限制][5]部分有详细的解释。 + +#### nghttp #### + +nghttp2 有能一起编译的客户端和服务器。如果你的系统中有客户端,你可以简单地通过获取资源验证你的安装: + + sh> nghttp -uv http:/// + [ 0.001] Connected + [ 0.001] HTTP Upgrade request + ... + Connection: Upgrade, HTTP2-Settings + Upgrade: h2c + HTTP2-Settings: AAMAAABkAAQAAP__ + ... + [ 0.005] HTTP Upgrade response + HTTP/1.1 101 Switching Protocols + Upgrade: h2c + Connection: Upgrade + + [ 0.006] HTTP Upgrade success + ... + + +这和我们上面 **curl** 例子中看到的 Upgrade 输出很相似。 + +在命令行参数中隐藏着一种可以使用 **h2c**:的参数:**-u**。这会指示 **nghttp** 进行 HTTP/1 Upgrade 过程。但如果我们不使用呢? + + sh> nghttp -v http:/// + [ 0.002] Connected + [ 0.002] send SETTINGS frame + ... + [ 0.002] send HEADERS frame + ; END_STREAM | END_HEADERS | PRIORITY + (padlen=0, dep_stream_id=11, weight=16, exclusive=0) + ; Open new stream + :method: GET + :path: / + :scheme: http + ... + +连接马上显示出了 HTTP/2!这就是协议中所谓的直接模式,当客户端发送一些特殊的 24 字节到服务器时就会发生: + + 0x505249202a20485454502f322e300d0a0d0a534d0d0a0d0a + or in ASCII: PRI * HTTP/2.0\r\n\r\nSM\r\n\r\n + +支持 **h2c** 的服务器在一个新的连接中看到这些信息就会马上切换到 HTTP/2。HTTP/1.1 服务器则认为是一个可笑的请求,响应并关闭连接。 + +因此 **直接** 模式只适合于那些确定服务器支持 HTTP/2 的客户端。例如,前一个 Upgrade 过程是成功的。 + +**直接** 模式的魅力是零开销,它支持所有请求,即使没有 body 部分(查看[h2c 限制][6])。任何支持 h2c 协议的服务器默认启用了直接模式。如果你想停用它,可以添加下面的配置指令到你的服务器: + +注:下面这行打删除线 + + H2Direct off + +注:下面这行打删除线 + +对于 2.4.17 发行版,默认明文连接时启用 **H2Direct** 。但是有一些模块和这不兼容。因此,在下一发行版中,默认会设置为**off**,如果你希望你的服务器支持它,你需要设置它为: + + H2Direct on + +### https:// 连接 (h2) ### + +一旦你的 mod_h[ttp]2 支持 h2c 连接,就是时候一同启用 **h2**,因为现在的浏览器支持它和 **https:** 一同使用。 + +HTTP/2 标准对 https:(TLS)连接增加了一些额外的要求。上面已经提到了 ALNP 扩展。另外的一个要求是不会使用特定[黑名单][7]中的密码。 + +尽管现在版本的 **mod_h[ttp]2** 不增强这些密码(以后可能会),大部分客户端会这么做。如果你用不切当的密码在浏览器中打开 **h2** 服务器,你会看到模糊警告**INADEQUATE_SECURITY**,浏览器会拒接连接。 + +一个可接受的 Apache SSL 配置类似: + + SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK + SSLProtocol All -SSLv2 -SSLv3 + ... + +(是的,这确实很长。) + +这里还有一些应该调整的 SSL 配置参数,但不是必须:**SSLSessionCache**, **SSLUseStapling** 等,其它地方也有介绍这些。例如 Ilya Grigorik 写的一篇博客 [高性能浏览器网络][8]。 + +#### curl #### + +再次回到 shell 并使用 curl(查看 [curl h2c 章节][9] 了解要求)你也可以通过 curl 用简单的命令检测你的服务器: + + sh> curl -v --http2 https:/// + ... + * ALPN, offering h2 + * ALPN, offering http/1.1 + ... + * ALPN, server accepted to use h2 + ... + + +恭喜你,能正常工作啦!如果还不能,可能原因是: + +- 你的 curl 不支持 HTTP/2。查看[检测][10]。 +- 你的 openssl 版本太低不支持 ALPN。 +- 不能验证你的证书,或者不接受你的密码配置。尝试添加命令行选项 -k 停用 curl 中的检查。如果那能工作,还要重新配置你的 SSL 和证书。 + +#### nghttp #### + +我们已经在 **h2c** 讨论过 **nghttp**。如果你用它来进行 **https:** 连接,你会看到类似下面的信息: + + sh> nghttp https:/// + [ERROR] HTTP/2 protocol was not selected. (nghttp2 expects h2) + +这有两种可能,你可以通过添加 -v 来检查。如果是: + + sh> nghttp -v https:/// + [ 0.034] Connected + [ERROR] HTTP/2 protocol was not selected. (nghttp2 expects h2) + +这意味着你服务器使用的 TLS 库没有实现 ALPN。有时候正确安装有点困难。多看看 Stackoverflow 吧。 + +你看到的也可能是: + + sh> nghttp -v https:/// + [ 0.034] Connected + The negotiated protocol: http/1.1 + [ERROR] HTTP/2 protocol was not selected. (nghttp2 expects h2) + +这表示 ALPN 能正常工作,但并没有用 h2 协议。你需要像上面介绍的那样在服务器上选中那个协议。如果一开始在 vhost 部分选中不能正常工作,试着在通用部分选中它。 + +#### Firefox #### + +Update: [Apache Lounge][11] 的 Steffen Land 告诉我 [Firefox HTTP/2 指示插件][12]。你可以看到有多少地方用到了 h2(提示:Apache Lounge 用 h2 已经有一段时间了。。。) + +你可以在 Firefox 浏览器中打开开发者工具,在那里的网络标签页查看 HTTP/2 连接。当你打开了 HTTP/2 并重新刷新 html 页面时,你会看到类似下面的东西: + +![](https://icing.github.io/mod_h2/images/firefox-h2.png) + +在响应头中,你可以看到奇怪的 **X-Firefox-Spdy** 条目中列出了 “h2”。这表示在这个 **https:** 连接中使用了 HTTP/2。 + +#### Google Chrome #### + +在 Google Chrome 中,你在开发者工具中看不到 HTTP/2 指示器。相反,Chrome 用特殊的地址 **chrome://net-internals/#http2** 给出了相关信息。 + +如果你在服务器中打开了一个页面并在 Chrome 那个页面查看,你可以看到类似下面这样: + +![](https://icing.github.io/mod_h2/images/chrome-h2.png) + +如果你的服务器在上面的列表中,就表示它正在工作。 + +#### Microsoft Edge #### + +Windows 10 中 Internet Explorer 的继任者 Edge 也支持 HTTP/2。你也可以在开发者工具的网络标签页看到 HTTP/2 协议。 + +![](https://icing.github.io/mod_h2/images/ie-h2.png) + +#### Safari #### + +在 Apple 的 Safari 中,打开开发者工具,那里有个网络标签页。重新加载你的服务器页面并在开发者工具中选择显示了加载的行。如果你启用了在右边显示详细试图,看 **状态** 部分。那里显示了 **HTTP/2.0 200**,类似: + +![](https://icing.github.io/mod_h2/images/safari-h2.png) + +#### 重新协商 #### + +https: 连接重新协商是指正在运行的连接中特定的 TLS 参数会发生变化。在 Apache httpd 中,你可以通过目录中的配置文件修改 TLS 参数。如果一个要获取特定位置资源的请求到来,配置的 TLS 参数会和当前的 TLS 参数进行对比。如果它们不相同,就会触发重新协商。 + +这种最常见的情形是密码变化和客户端验证。你可以要求客户访问特定位置时需要通过验证,或者对于特定资源,你可以使用更安全的, CPU 敏感的密码。 + +不管你的想法有多么好,HTTP/2 中都**不可以**发生重新协商。如果有 100 多个请求到同一个地方,什么时候哪个会发生重新协商呢? + +对于这种配置,现有的 **mod_h[ttp]2** 还不能保证你的安全。如果你有一个站点使用了 TLS 重新协商,别在上面启用 h2! + +当然,我们会在后面的发行版中解决这个问题然后你就可以安全地启用了。 + +### 限制 ### + +#### 非 HTTP 协议 ### + +实现除 HTTP 之外协议的模块可能和 **mod_http2** 不兼容。这在其它协议要求服务器首先发送数据时无疑会发生。 + +**NNTP** 就是这种协议的一个例子。如果你在服务器中配置了 **mod_nntp_like_ssl**,甚至都不要加载 mod_http2。等待下一个发行版。 + +#### h2c 限制 #### + +**h2c** 的实现还有一些限制,你应该注意: + +#### 在虚拟主机中拒绝 h2c #### + +你不能对指定的虚拟主机拒绝 **h2c 直连**。连接建立而没有看到请求时会触发**直连**,这使得不可能预先知道 Apache 需要查找哪个虚拟主机。 + +#### 升级请求体 #### + +对于有 body 部分的请求,**h2c** 升级不能正常工作。那些是 PUT 和 POST 请求(用于提交和上传)。如果你写了一个客户端,你可能会用一个简单的 GET 去处理请求或者用选项 * 去触发升级。 + +原因从技术层面来看显而易见,但如果你想知道:升级过程中,连接处于半疯状态。请求按照 HTTP/1.1 的格式,而响应使用 HTTP/2。如果请求有一个 body 部分,服务器在发送响应之前需要读取整个 body。因为响应可能需要从客户端处得到应答用于流控制。但如果仍在发送 HTTP/1.1 请求,客户端就还不能处理 HTTP/2 连接。 + +为了使行为可预测,几个服务器实现商决定不要在任何请求体中进行升级,即使 body 很小。 + +#### 升级 302s #### + +有重定向发生时当前 h2c 升级也不能工作。看起来 mod_http2 之前的重写有可能发生。这当然不会导致断路,但你测试这样的站点也许会让你迷惑。 + +#### h2 限制 #### + +这里有一些你应该意识到的 h2 实现限制: + +#### 连接重用 #### + +HTTP/2 协议允许在特定条件下重用 TLS 连接:如果你有带通配符的证书或者多个 AltSubject 名称,浏览器可能会重用现有的连接。例如: + +你有一个 **a.example.org** 的证书,它还有另外一个名称 **b.example.org**。你在浏览器中打开 url **https://a.example.org/**,用另一个标签页加载 **https://b.example.org/**。 + +在重新打开一个新的连接之前,浏览器看到它有一个到 **a.example.org** 的连接并且证书对于 **b.example.org** 也可用。因此,它在第一个连接上面向第二个标签页发送请求。 + +这种连接重用是刻意设计的,它使得致力于 HTTP/1 切分效率的站点能够不需要太多变化就能利用 HTTP/2。 + +Apache **mod_h[ttp]2** 还没有完全实现这点。如果 **a.example.org** 和 **b.example.org** 是不同的虚拟主机, Apache 不会允许这样的连接重用,并会告知浏览器状态码**421 错误请求**。浏览器会意识到它需要重新打开一个到 **b.example.org** 的连接。这仍然能工作,只是会降低一些效率。 + +我们期望下一次的发布中能有切当的检查。 + +Münster, 12.10.2015, + +Stefan Eissing, greenbytes GmbH + +Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved. This file is offered as-is, without warranty of any kind. See LICENSE for details. + + +---------- + +该项目由 [icing][13] 维护。 + +-------------------------------------------------------------------------------- + +via: https://icing.github.io/mod_h2/howto.html + +作者:[icing][a] +译者:[ictlyh](http://mutouxiaogui.cn/blog/) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://github.com/icing +[1]:https://httpd.apache.org/download.cgi +[2]:https://httpd.apache.org/docs/2.4/install.html +[3]:https://nghttp2.org/ +[4]:https://icing.github.io/mod_h2/howto.html#https +[5]:https://icing.github.io/mod_h2/howto.html#h2c-restrictions +[6]:https://icing.github.io/mod_h2/howto.html#h2c-restrictions +[7]:https://httpwg.github.io/specs/rfc7540.html#BadCipherSuites +[8]:http://chimera.labs.oreilly.com/books/1230000000545 +[9]:https://icing.github.io/mod_h2/howto.html#curl +[10]:https://icing.github.io/mod_h2/howto.html#curl +[11]:https://www.apachelounge.com/ +[12]:https://addons.mozilla.org/en-US/firefox/addon/spdy-indicator/ +[13]:https://github.com/icing \ No newline at end of file diff --git a/translated/tech/20151022 9 Tips for Improving WordPress Performance.md b/translated/tech/20151022 9 Tips for Improving WordPress Performance.md new file mode 100644 index 0000000000..9c105df42a --- /dev/null +++ b/translated/tech/20151022 9 Tips for Improving WordPress Performance.md @@ -0,0 +1,520 @@ + +提高 WordPress 性能的9个技巧 +================================================================================ + +关于建站和 web 应用程序交付,WordPress 是全球最大的一个平台。全球大约 [四分之一][1] 的站点现在正在使用开源 WordPress 软件,包括 eBay, Mozilla, RackSpace, TechCrunch, CNN, MTV,纽约时报,华尔街日报。 + +WordPress.com,对于用户创建博客平台是最流行的,其也运行在WordPress 开源软件上。[NGINX powers WordPress.com][2]。许多 WordPress 用户刚开始在 WordPress.com 上建站,然后移动到搭载着 WordPress 开源软件的托管主机上;其中大多数站点都使用 NGINX 软件。 + +WordPress 的吸引力是它的简单性,无论是安装启动或者对于终端用户的使用。然而,当使用量不断增长时,WordPress 站点的体系结构也存在一定的问题 - 这里几个方法,包括使用缓存以及组合 WordPress 和 NGINX,可以解决这些问题。 + +在这篇博客中,我们提供了9个技巧来进行优化,以帮助你解决 WordPress 中一些常见的性能问题: + +- [缓存静态资源][3] +- [缓存动态文件][4] +- [使用 NGINX][5] +- [添加支持 NGINX 的链接][6] +- [为 NGINX 配置 FastCGI][7] +- [为 NGINX 配置 W3_Total_Cache][8] +- [为 NGINX 配置 WP-Super-Cache][9] +- [为 NGINX 配置安全防范措施][10] +- [配置 NGINX 支持 WordPress 多站点][11] + +### 在 LAMP 架构下 WordPress 的性能 ### + +大多数 WordPress 站点都运行在传统的 LAMP 架构下:Linux 操作系统,Apache Web 服务器软件,MySQL 数据库软件 - 通常是一个单独的数据库服务器 - 和 PHP 编程语言。这些都是非常著名的,广泛应用的开源工具。大多数人都将 WordPress “称为” LAMP,并且很容易寻求帮助和支持。 + +当用户访问 WordPress 站点时,浏览器为每个用户创建六到八个连接来运行 Linux/Apache 的组合。当用户请求连接时,每个页面的 PHP 文件开始飞速的从 MySQL 数据库争夺资源来响应请求。 + +LAMP 对于数百个并发用户依然能照常工作。然而,流量突然增加是常见的并且 - 通常是 - 一件好事。 + +但是,当 LAMP 站点变得繁忙时,当同时在线的用户达到数千个时,它的瓶颈就会被暴露出来。瓶颈存在主要是两个原因: + +1. Apache Web 服务器 - Apache 为每一个连接需要消耗大量资源。如果 Apache 接受了太多的并发连接,内存可能会耗尽,性能急剧降低,因为数据必须使用磁盘进行交换。如果以限制连接数来提高响应时间,新的连接必须等待,这也导致了用户体验变得很差。 + +1. PHP/MySQL 的交互 - 总之,一个运行 PHP 和 MySQL 数据库服务器的应用服务器上每秒的请求量不能超过最大限制。当请求的数量超过最大连接数时,用户必须等待。超过最大连接数时也会增加所有用户的响应时间。超过其两倍以上时会出现明显的性能问题。 + + LAMP 架构的网站一般都会出现性能瓶颈,这时就需要升级硬件了 - 加 CPU,扩大磁盘空间等等。当 Apache 和 PHP/MySQL 的架构负载运行后,在硬件上不断的提升无法保证对系统资源指数增长的需求。 + +最先取代 LAMP 架构的是 LEMP 架构 – Linux, NGINX, MySQL, 和 PHP。 (这是 LEMP 的缩写,E 代表着 “engine-x.” 的发音。) 我们在 [技巧 3][12] 中会描述 LEMP 架构。 + +### 技巧 1. 缓存静态资源 ### + +静态资源是指不变的文件,像 CSS,JavaScript 和图片。这些文件往往在网页的数据中占半数以上。页面的其余部分是动态生成的,像在论坛中评论,仪表盘的性能,或个性化的内容(可以看看Amazon.com 产品)。 + +缓存静态资源有两大好处: + +- 更快的交付给用户 - 用户从他们浏览器的缓存或者从互联网上离他们最近的缓存服务器获取静态文件。有时候文件较大,因此减少等待时间对他们来说帮助很大。 + +- 减少应用服务器的负载 - 从缓存中检索到的每个文件会让 web 服务器少处理一个请求。你的缓存越多,用户等待的时间越短。 + +要让浏览器缓存文件,需要早在静态文件中设置正确的 HTTP 首部。当看到 HTTP Cache-Control 首部时,特别设置了 max-age,Expires 首部,以及 Entity 标记。[这里][13] 有详细的介绍。 + +当启用本地缓存然后用户请求以前访问过的文件时,浏览器首先检查该文件是否在缓存中。如果在,它会询问 Web 服务器该文件是否改变过。如果该文件没有改变,Web 服务器将立即响应一个304状态码(未改变),这意味着该文件没有改变,而不是返回状态码200 OK,然后继续检索并发送已改变的文件。 + +为了支持浏览器以外的缓存,可以考虑下面的方法,内容分发网络(CDN)。CDN 是一​​种流行且​​强大的缓存工具,但我们在这里不详细描述它。可以想一下 CDN 背后的支撑技术的实现。此外,当你的站点从 HTTP/1.x 过渡到 HTTP/2 协议时,CDN 的用处可能不太大;根据需要调查和测试,找到你网站需要的正确方法。 + +如果你转向 NGINX Plus 或开源的 NGINX 软件作为架构的一部分,建议你考虑 [技巧 3][14],然后配置 NGINX 缓存静态资源。使用下面的配置,用你 Web 服务器的 URL 替换 www.example.com。 + + server { + # substitute your web server's URL for www.example.com + server_name www.example.com; + root /var/www/example.com/htdocs; + index index.php; + + access_log /var/log/nginx/example.com.access.log; + error_log /var/log/nginx/example.com.error.log; + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location ~ \.php$ { + try_files $uri =404; + include fastcgi_params; + # 使用你 WordPress 服务器的套接字,地址和端口来替换 + fastcgi_pass unix:/var/run/php5-fpm.sock; + #fastcgi_pass 127.0.0.1:9000; + } + + location ~* .(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ { + expires max; + log_not_found off; + access_log off; + } + } + +### 技巧 2. 缓存动态文件 ### + +WordPress 是动态生成的网页,这意味着每次请求时它都要生成一个给定的网页(即使和前一次的结果相同)。这意味着用户随时获得的是最新内容。 + +想一下,当用户访问一个帖子时,并在文章底部有用户的评论时。你希望用户能够看到所有的评论 - 即使评论刚刚发布。动态内容就是处理这种情况的。 + +但现在,当帖子每秒出现十几二十几个请求时。应用服务器可能每秒需要频繁生成页面导致其压力过大,造成延误。为了给用户提供最新的内容,每个访问理论上都是新的请求,因此他们也不得不在首页等待。 + +为了防止页面由于负载过大变得缓慢,需要缓存动态文件。这需要减少文件的动态内容来提高整个系统的响应速度。 + +要在 WordPress 中启用缓存中,需要使用一些流行的插件 - 如下所述。WordPress 的缓存插件需要刷新页面,然后将其缓存短暂时间 - 也许只有几秒钟。因此,如果该网站每秒中只有几个请求,那大多数用户获得的页面都是缓存的副本。这也有助于提高所有用户的检索时间: + +- 大多数用户获得页面的缓存副本。应用服务器没有做任何工作。 +- 用户很快会得到一个新的副本。应用服务器只需每隔一段时间刷新页面。当服务器产生一个新的页面(对于第一个用户访问后,缓存页过期),它这样做要快得多,因为它的请求不会超载。 + +你可以缓存运行在 LAMP 架构或者 [LEMP 架构][15] 上 WordPress 的动态文件(在 [技巧 3][16] 中说明了)。有几个缓存插件,你可以在 WordPress 中使用。这里有最流行的缓存插件和缓存技术,从最简单到最强大的: + +- [Hyper-Cache][17] 和 [Quick-Cache][18] – 这两个插件为每个 WordPress 页面创建单个 PHP 文件。它支持的一些动态函数会绕过多个 WordPress 与数据库的连接核心处理,创建一个更快的用户体验。他们不会绕过所有的 PHP 处理,所以使用以下选项他们不能给出相同的性能提升。他们也不需要修改 NGINX 的配置。 + +- [WP Super Cache][19] – 最流行的 WordPress 缓存插件。它有许多功能,它的界面非常简洁,如下图所示。我们展示了 NGINX 一个简单的配置实例在 [技巧 7][20] 中。 + +- [W3 Total Cache][21] – 这是第二大最受欢迎的 WordPress 缓存插件。它比 WP Super Cache 的功能更强大,但它有些配置选项比较复杂。一个 NGINX 的简单配置,请看 [技巧 6][22]。 + +- [FastCGI][23] – CGI 代表通用网关接口,在因特网上发送请求和接收文件。它不是一个插件只是一种能直接使用缓存的方法。FastCGI 可以被用在 Apache 和 Nginx 上,它也是最流行的动态缓存方法;我们在 [技巧 5][24] 中描述了如何配置 NGINX 来使用它。 + +这些插件的技术文档解释了如何在 LAMP 架构中配置它们。配置选项包括数据库和对象缓存;也包括使用 HTML,CSS 和 JavaScript 来构建 CDN 集成环境。对于 NGINX 的配置,请看列表中的提示技巧。 + +**注意**:WordPress 不能缓存用户的登录信息,因为它们的 WordPress 页面都是不同的。(对于大多数网站来说,只有一小部分用户可能会登录),大多数缓存不会对刚刚评论过的用户显示缓存页面,只有当用户刷新页面时才会看到他们的评论。若要缓存页面的非个性化内容,如果它对整体性能来说很重要,可以使用一种称为 [fragment caching][25] 的技术。 + +### 技巧 3. 使用 NGINX ### + +如上所述,当并发用户数超过某一值时 Apache 会导致性能问题 – 可能数百个用户同时使用。Apache 对于每一个连接会消耗大量的资源,因而容易耗尽内存。Apache 可以配置连接数的值来避免耗尽内存,但是这意味着,超过限制时,新的连接请求必须等待。 + +此外,Apache 使用 mod_php 模块将每一个连接加载到内存中,即使只有静态文件(图片,CSS,JavaScript 等)。这使得每个连接消耗更多的资源,从而限制了服务器的性能。 + +开始解决这些问题吧,从 LAMP 架构迁到 LEMP 架构 – 使用 NGINX 取代 Apache 。NGINX 仅消耗很少量的内存就能处理成千上万的并发连接数,所以你不必经历颠簸,也不必限制并发连接数。 + +NGINX 处理静态文件的性能也较好,它有内置的,简单的 [缓存][26] 控制策略。减少应用服务器的负载,你的网站的访问速度会更快,用户体验更好。 + +你可以在部署的所有 Web 服务器上使用 NGINX,或者你可以把一个 NGINX 服务器作为 Apache 的“前端”来进行反向代理 - NGINX 服务器接收客户端请求,将请求的静态文件直接返回,将 PHP 请求转发到 Apache 上进行处理。 + +对于动态页面的生成 - WordPress 核心体验 - 选择一个缓存工具,如 [技巧 2][27] 中描述的。在下面的技巧中,你可以看到 FastCGI,W3_Total_Cache 和 WP-Super-Cache 在 NGINX 上的配置示例。 (Hyper-Cache 和 Quick-Cache 不需要改变 NGINX 的配置。) + +**技巧** 缓存通常会被保存到磁盘上,但你可以用 [tmpfs][28] 将缓存放在内存中来提高性能。 + +为 WordPress 配置 NGINX 很容易。按照这四个步骤,其详细的描述在指定的技巧中: + +1.添加永久的支持 - 添加对 NGINX 的永久支持。此步消除了对 **.htaccess** 配置文件的依赖,这是 Apache 特有的。参见 [技巧 4][29] +2.配置缓存 - 选择一个缓存工具并安装好它。可选择的有 FastCGI cache,W3 Total Cache, WP Super Cache, Hyper Cache, 和 Quick Cache。请看技巧 [5][30], [6][31], 和 [7][32]. +3.落实安全防范措施 - 在 NGINX 上采用对 WordPress 最佳安全的做法。参见 [技巧 8][33]。 +4.配置 WordPress 多站点 - 如果你使用 WordPress 多站点,在 NGINX 下配置子目录,子域,或多个域的结构。见 [技巧9][34]。 + +### 技巧 4. 添加支持 NGINX 的链接 ### + +许多 WordPress 网站依靠 **.htaccess** 文件,此文件依赖 WordPress 的多个功能,包括永久支持,插件和文件缓存。NGINX 不支持 **.htaccess** 文件。幸运的是,你可以使用 NGINX 的简单而全面的配置文件来实现大部分相同的功能。 + +你可以在使用 NGINX 的 WordPress 中通过在主 [server][36] 块下添加下面的 location 块中启用 [永久链接][35]。(此 location 块在其他代码示例中也会被包括)。 + +**try_files** 指令告诉 NGINX 检查请求的 URL 在根目录下是作为文件(**$uri**)还是目录(**$uri/**),**/var/www/example.com/htdocs**。如果都不是,NGINX 将重定向到 **/index.php**,通过查询字符串参数判断是否作为参数。 + + server { + server_name example.com www.example.com; + root /var/www/example.com/htdocs; + index index.php; + + access_log /var/log/nginx/example.com.access.log; + error_log /var/log/nginx/example.com.error.log; + + location / { + try_files $uri $uri/ /index.php?$args; + } + } + +### 技巧 5. 在 NGINX 中配置 FastCGI ### + +NGINX 可以从 FastCGI 应用程序中缓存响应,如 PHP 响应。此方法可提供最佳的性能。 + +对于开源的 NGINX,第三方模块 [ngx_cache_purge][37] 提供了缓存清除能力,需要手动编译,配置代码如下所示。NGINX Plus 已经包含了此代码的实现。 + +当使用 FastCGI 时,我们建议你安装 [NGINX 辅助插件][38] 并使用下面的配置文件,尤其是要使用 **fastcgi_cache_key** 并且 location 块下要包括 **fastcgi_cache_purge**。当页面被发布或有改变时,甚至有新评论被发布时,该插件会自动清除你的缓存,你也可以从 WordPress 管理控制台手动清除。 + +NGINX 的辅助插件还可以添加一个简短的 HTML 代码到你网页的底部,确认缓存是否正常并显示一些统计工作。(你也可以使用 [$upstream_cache_status][39] 确认缓存功能是否正常。) + +fastcgi_cache_path /var/run/nginx-cache levels=1:2 + keys_zone=WORDPRESS:100m inactive=60m; +fastcgi_cache_key "$scheme$request_method$host$request_uri"; + + server { + server_name example.com www.example.com; + root /var/www/example.com/htdocs; + index index.php; + + access_log /var/log/nginx/example.com.access.log; + error_log /var/log/nginx/example.com.error.log; + + set $skip_cache 0; + + # POST 请求和查询网址的字符串应该交给 PHP + if ($request_method = POST) { + set $skip_cache 1; + } + + if ($query_string != "") { + set $skip_cache 1; + } + + #以下 uris 中包含的部分不缓存 + if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|/feed/|index.php + |sitemap(_index)?.xml") { + set $skip_cache 1; + } + + #用户不能使用缓存登录或缓存最近的评论 + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass + |wordpress_no_cache|wordpress_logged_in") { + set $skip_cache 1; + } + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location ~ \.php$ { + try_files $uri /index.php; + include fastcgi_params; + fastcgi_pass unix:/var/run/php5-fpm.sock; + fastcgi_cache_bypass $skip_cache; + fastcgi_no_cache $skip_cache; + fastcgi_cache WORDPRESS; + fastcgi_cache_valid 60m; + } + + location ~ /purge(/.*) { + fastcgi_cache_purge WORDPRESS "$scheme$request_method$host$1"; + } + + location ~* ^.+\.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png + |ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ { + + access_log off; + log_not_found off; + expires max; + } + + location = /robots.txt { + access_log off; + log_not_found off; + } + + location ~ /\. { + deny all; + access_log off; + log_not_found off; + } + } + +### 技巧 6. 为 NGINX 配置 W3_Total_Cache ### + +[W3 Total Cache][40], 是 Frederick Townes 的 [W3-Edge][41] 下的, 是一个支持 NGINX 的 WordPress 缓存框架。其有众多选项配置,可以替代 FastCGI 缓存。 + +缓存插件提供了各种缓存配置,还包括数据库和对象的缓存,对 HTML,CSS 和 JavaScript,可选择性的与流行的 CDN 整合。 + +使用插件时,需要将其配置信息写入位于你的域的根目录的 NGINX 配置文件中。 + + server { + server_name example.com www.example.com; + + root /var/www/example.com/htdocs; + index index.php; + access_log /var/log/nginx/example.com.access.log; + error_log /var/log/nginx/example.com.error.log; + + include /path/to/wordpress/installation/nginx.conf; + + location / { + try_files $uri $uri/ /index.php?$args; + } + + location ~ \.php$ { + try_files $uri =404; + include fastcgi_params; + fastcgi_pass unix:/var/run/php5-fpm.sock; + } + } + +### 技巧 7. 为 NGINX 配置 WP Super Cache ### + +[WP Super Cache][42] 是由 Donncha O Caoimh 完成的, [Automattic][43] 上的一个 WordPress 开发者, 这是一个 WordPress 缓存引擎,它可以将 WordPress 的动态页面转变成静态 HTML 文件,以使 NGINX 可以很快的提供服务。它是第一个 WordPress 缓存插件,和其他的相比,它更专注于某一特定的领域。 + +配置 NGINX 使用 WP Super Cache 可以根据你的喜好而进行不同的配置。以下是一个示例配置。 + +在下面的配置中,location 块中使用了名为 WP Super Cache 的超级缓存中部分配置来工作。代码的其余部分是根据 WordPress 的规则不缓存用户登录信息,不缓存 POST 请求,并对静态资源设置过期首部,再加上标准的 PHP 实现;这部分可以进行定制,来满足你的需求。 + + + server { + server_name example.com www.example.com; + root /var/www/example.com/htdocs; + index index.php; + + access_log /var/log/nginx/example.com.access.log; + error_log /var/log/nginx/example.com.error.log debug; + + set $cache_uri $request_uri; + + # POST 请求和查询网址的字符串应该交给 PHP + if ($request_method = POST) { + set $cache_uri 'null cache'; + } + if ($query_string != "") { + set $cache_uri 'null cache'; + } + + #以下 uris 中包含的部分不缓存 + if ($request_uri ~* "(/wp-admin/|/xmlrpc.php|/wp-(app|cron|login|register|mail).php + |wp-.*.php|/feed/|index.php|wp-comments-popup.php + |wp-links-opml.php|wp-locations.php |sitemap(_index)?.xml + |[a-z0-9_-]+-sitemap([0-9]+)?.xml)") { + + set $cache_uri 'null cache'; + } + + #用户不能使用缓存登录或缓存最近的评论 + if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+ + |wp-postpass|wordpress_logged_in") { + set $cache_uri 'null cache'; + } + + #当请求的文件存在时使用缓存,否则将请求转发给WordPress + location / { + try_files /wp-content/cache/supercache/$http_host/$cache_uri/index.html + $uri $uri/ /index.php; + } + + location = /favicon.ico { + log_not_found off; + access_log off; + } + + location = /robots.txt { + log_not_found off + access_log off; + } + + location ~ .php$ { + try_files $uri /index.php; + include fastcgi_params; + fastcgi_pass unix:/var/run/php5-fpm.sock; + #fastcgi_pass 127.0.0.1:9000; + } + + # 尽可能的缓存静态文件 + location ~*.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css + |rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2 + |doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ { + expires max; + log_not_found off; + access_log off; + } + } + +### 技巧 8. 为 NGINX 配置安全防范措施 ### + +为了防止攻击,可以控制对关键资源的访问以及当机器超载时进行登录限制。 + +只允许特定的 IP 地址访问 WordPress 的仪表盘。 + + #对访问 WordPress 的仪表盘进行限制 + location /wp-admin { + deny 192.192.9.9; + allow 192.192.1.0/24; + allow 10.1.1.0/16; + deny all; + } + +只允许上传特定类型的文件,以防止恶意代码被上传和运行。 + + #当上传的不是图像,视频,音乐等时,拒绝访问。 + location ~* ^/wp-content/uploads/.*.(html|htm|shtml|php|js|swf)$ { + deny all; + } + +拒绝其他人访问 WordPress 的配置文件 **wp-config.php**。拒绝其他人访问的另一种方法是将该文件的一个目录移到域的根目录下。 + + # 拒绝其他人访问 wp-config.php + location ~* wp-config.php { + deny all; + } + +对 **wp-login.php** 进行限速来防止暴力攻击。 + + # 拒绝访问 wp-login.php + location = /wp-login.php { + limit_req zone=one burst=1 nodelay; + fastcgi_pass unix:/var/run/php5-fpm.sock; + #fastcgi_pass 127.0.0.1:9000; + } + +### 技巧 9. 配置 NGINX 支持 WordPress 多站点 ### + +WordPress 多站点,顾名思义,使用同一个版本的 WordPress 从单个实例中允许你管理两个或多个网站。[WordPress.com][44] 运行的就是 WordPress 多站点,其主机为成千上万的用户提供博客服务。 + +你可以从单个域的任何子目录或从不同的子域来运行独立的网站。 + +使用此代码块添加对子目录的支持。 + + # 在 WordPress 中添加支持子目录结构的多站点 + if (!-e $request_filename) { + rewrite /wp-admin$ $scheme://$host$uri/ permanent; + rewrite ^(/[^/]+)?(/wp-.*) $2 last; + rewrite ^(/[^/]+)?(/.*\.php) $2 last; + } + +使用此代码块来替换上面的代码块以添加对子目录结构的支持,子目录名自定义。 + + # 添加支持子域名 + server_name example.com *.example.com; + +旧版本(3.4以前)的 WordPress 多站点使用 readfile() 来提供静态内容。然而,readfile() 是 PHP 代码,它会导致在执行时性能会显著降低。我们可以用 NGINX 来绕过这个非必要的 PHP 处理。该代码片段在下面被(==============)线分割出来了。 + + # 避免 PHP readfile() 在 /blogs.dir/structure 子目录中 + location ^~ /blogs.dir { + internal; + alias /var/www/example.com/htdocs/wp-content/blogs.dir; + access_log off; + log_not_found off; + expires max; + } + + ============================================================ + + # 避免 PHP readfile() 在 /files/structure 子目录中 + location ~ ^(/[^/]+/)?files/(?.+) { + try_files /wp-content/blogs.dir/$blogid/files/$rt_file /wp-includes/ms-files.php?file=$rt_file; + access_log off; + log_not_found off; + expires max; + } + + ============================================================ + + # WPMU 文件结构的子域路径 + location ~ ^/files/(.*)$ { + try_files /wp-includes/ms-files.php?file=$1 =404; + access_log off; + log_not_found off; + expires max; + } + + ============================================================ + + # 地图博客 ID 在特定的目录下 + map $http_host $blogid { + default 0; + example.com 1; + site1.example.com 2; + site1.com 2; + } + +### 结论 ### + +可扩展性对许多站点的开发者来说是一项挑战,因为这会让他们在 WordPress 站点中取得成功。(对于那些想要跨越 WordPress 性能问题的新站点。)为 WordPress 添加缓存,并将 WordPress 和 NGINX 结合,是不错的答案。 + +NGINX 不仅对 WordPress 网站是有用的。世界上排名前 1000,10,000和100,000网站中 NGINX 也是作为 [领先的 web 服务器][45] 被使用。 + +欲了解更多有关 NGINX 的性能,请看我们最近的博客,[关于 10x 应用程序的 10 个技巧][46]。 + +NGINX 软件有两个版本: + +- NGINX 开源的软件 - 像 WordPress 一样,此软件你可以自行下载,配置和编译。 +- NGINX Plus - NGINX Plus 包括一个预构建的参考版本的软件,以及服务和技术支持。 + +想要开始,先到 [nginx.org][47] 下载开源软件并了解下 [NGINX Plus][48]。 + +-------------------------------------------------------------------------------- + +via: https://www.nginx.com/blog/9-tips-for-improving-wordpress-performance-with-nginx/ + +作者:[Floyd Smith][a] +译者:[strugglingyouth](https://github.com/strugglingyouth) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.nginx.com/blog/author/floyd/ +[1]:http://w3techs.com/technologies/overview/content_management/all +[2]:https://www.nginx.com/press/choosing-nginx-growth-wordpresscom/ +[3]:https://www.nginx.com/blog/9-tips-for-improving-wordpress-performance-with-nginx/#cache-static +[4]:https://www.nginx.com/blog/9-tips-for-improving-wordpress-performance-with-nginx/#cache-dynamic +[5]:https://www.nginx.com/blog/9-tips-for-improving-wordpress-performance-with-nginx/#adopt-nginx +[6]:https://www.nginx.com/blog/9-tips-for-improving-wordpress-performance-with-nginx/#permalink +[7]:https://www.nginx.com/blog/9-tips-for-improving-wordpress-performance-with-nginx/#fastcgi +[8]:https://www.nginx.com/blog/9-tips-for-improving-wordpress-performance-with-nginx/#w3-total-cache +[9]:https://www.nginx.com/blog/9-tips-for-improving-wordpress-performance-with-nginx/#wp-super-cache +[10]:https://www.nginx.com/blog/9-tips-for-improving-wordpress-performance-with-nginx/#security +[11]:https://www.nginx.com/blog/9-tips-for-improving-wordpress-performance-with-nginx/#multisite +[12]:https://www.nginx.com/blog/9-tips-for-improving-wordpress-performance-with-nginx/#adopt-nginx +[13]:http://www.mobify.com/blog/beginners-guide-to-http-cache-headers/ +[14]:https://www.nginx.com/blog/9-tips-for-improving-wordpress-performance-with-nginx/#adopt-nginx +[15]:https://www.nginx.com/blog/9-tips-for-improving-wordpress-performance-with-nginx/#lamp +[16]:https://www.nginx.com/blog/9-tips-for-improving-wordpress-performance-with-nginx/#adopt-nginx +[17]:https://wordpress.org/plugins/hyper-cache/ +[18]:https://wordpress.org/plugins/quick-cache/ +[19]:https://wordpress.org/plugins/wp-super-cache/ +[20]:https://www.nginx.com/blog/9-tips-for-improving-wordpress-performance-with-nginx/#wp-super-cache +[21]:https://wordpress.org/plugins/w3-total-cache/ +[22]:https://www.nginx.com/blog/9-tips-for-improving-wordpress-performance-with-nginx/#w3-total-cache +[23]:http://www.fastcgi.com/ +[24]:https://www.nginx.com/blog/9-tips-for-improving-wordpress-performance-with-nginx/#fastcgi +[25]:https://css-tricks.com/wordpress-fragment-caching-revisited/ +[26]:https://www.nginx.com/resources/admin-guide/content-caching/ +[27]:https://www.nginx.com/blog/9-tips-for-improving-wordpress-performance-with-nginx/#cache-dynamic +[28]:https://www.kernel.org/doc/Documentation/filesystems/tmpfs.txt +[29]:https://www.nginx.com/blog/9-tips-for-improving-wordpress-performance-with-nginx/#permalink +[30]:https://www.nginx.com/blog/9-tips-for-improving-wordpress-performance-with-nginx/#fastcgi +[31]:https://www.nginx.com/blog/9-tips-for-improving-wordpress-performance-with-nginx/#w3-total-cache +[32]:https://www.nginx.com/blog/9-tips-for-improving-wordpress-performance-with-nginx/#wp-super-cache +[33]:https://www.nginx.com/blog/9-tips-for-improving-wordpress-performance-with-nginx/#security +[34]:https://www.nginx.com/blog/9-tips-for-improving-wordpress-performance-with-nginx/#multisite +[35]:http://codex.wordpress.org/Using_Permalinks +[36]:http://nginx.org/en/docs/http/ngx_http_core_module.html#server +[37]:https://github.com/FRiCKLE/ngx_cache_purge +[38]:https://wordpress.org/plugins/nginx-helper/ +[39]:http://nginx.org/en/docs/http/ngx_http_upstream_module.html#variables +[40]:https://wordpress.org/plugins/w3-total-cache/ +[41]:http://www.w3-edge.com/ +[42]:https://wordpress.org/plugins/wp-super-cache/ +[43]:http://automattic.com/ +[44]:https://wordpress.com/ +[45]:http://w3techs.com/technologies/cross/web_server/ranking +[46]:https://www.nginx.com/blog/10-tips-for-10x-application-performance/ +[47]:http://www.nginx.org/en +[48]:https://www.nginx.com/products/ +[49]: +[50]: diff --git a/translated/tech/20151027 How to Install Ghost with Nginx on FreeBSD 10.2.md b/translated/tech/20151027 How to Install Ghost with Nginx on FreeBSD 10.2.md new file mode 100644 index 0000000000..f8d78c88f9 --- /dev/null +++ b/translated/tech/20151027 How to Install Ghost with Nginx on FreeBSD 10.2.md @@ -0,0 +1,296 @@ +如何在 FreeBSD 10.2 上安装使用 Nginx 的 Ghost +================================================================================ +Node.js 是用于开发服务器端应用程序的开源运行时环境。Node.js 应用使用 JavaScript 编写,能在任何有 Node.js 运行时的服务器上运行。它跨平台支持 Linux、Windows、OSX、IBM AIX,也包括 FreeBSD。Node.js 是 Ryan Dahl 以及在 Joyent 工作的其他开发者于 2009 年创建的。它的设计目标就是构建可扩展的网络应用程序。 + +Ghost 是使用 Node.js 编写的博客平台。它不仅开源,而且有很漂亮的界面设计、对用户友好并且免费。它允许你快速地在网络上发布内容,或者创建你的混合网站。 + +在这篇指南中我们会在 FreeBSD 上安装使用 Nginx 作为 web 服务器的 Ghost。我们会在 FreeBSD 10.2 上安装 Node.js、Npm、nginx 和 sqlite3。 + +### 第一步 - 安装 Node.js npm 和 Sqlite3 ### + +如果你想在你的服务器上运行 ghost,你必须安装 node.js。在这一部分,我们会从 freebsd 移植软件库中安装 node.js,请进入库目录 "/usr/ports/www/node" 并通过运行命令 "**make**" 安装。 + + cd /usr/ports/www/node + make install clean + +如果你已经安装了 node.js,那就进入到 npm 目录并安装它。**npm** 是用于安装、发布和管理 node 程序的软件包管理器。 + + cd /usr/ports/www/npm/ + make install clean + +下一步,安装 sqlite3。默认情况下 ghost 使用 sqlite3 作为数据库系统,但它也支持 mysql/mariadb 和 postgresql。我们会使用 sqlite3 作为默认数据库。 + + cd /usr/ports/databases/sqlite3/ + make install clean + +如果安装完了所有软件,还有检查 node.js 和 npm 的版本: + + node --version + v0.12.6 + + npm --version + 2.11.3 + + sqlite3 --version + 3.8.10.2 + +![node 和 npm 版本](http://blog.linoxide.com/wp-content/uploads/2015/10/node-and-npm-version.png) + +### 第二步 - 添加 Ghost 用户 ### + +我们会以普通用户 "**ghost**" 身份安装和运行 ghost。用 "adduser" 命令添加新用户: + + adduser ghost + FILL With Your INFO + +![添加用户 Ghost](http://blog.linoxide.com/wp-content/uploads/2015/10/Add-user-Ghost.png) + +### 第三步 - 安装 Ghost ### + +我们会把 ghost 安装到 "**/var/www/**" 目录,首先新建目录然后进入到安装目录: + + mkdir -p /var/www/ + cd /var/www/ + +用 wget 命令下载最新版本的 ghost: + + wget --no-check-certificate https://ghost.org/zip/ghost-latest.zip + +把它解压到 "**ghost**" 目录: + + unzip -d ghost ghost-latest.zip + +下一步,更改属主为 "**ghost**",我们会以这个用户安装和运行它。 + + chown -R ghost:ghost ghost/ + +都做完了的话,通过输入以下命令切换到 "**ghost**" 用户: + + su - ghost + +然后进入到安装目录"/var/www/ghost/": + + cd /var/www/ghost/ + +在安装 ghost 之前,我们需要为 node.js 安装 sqlite3 模块,用 npm 命令安装: + + setenv CXX c++ ; npm install sqlite3 --sqlite=/usr/local + +**注意: 以 “ghost” 用户运行,而不是 root 用户。** + +现在,我们准备好安装 ghost 了,用 npm 命令安装: + + npm install --production + +下一步,复制配置文件 "config.example.js" 为 "**config.js**",用 nano 编辑器编辑: + + cp config.example.js config.js + nano -c config.js + +更改 server 模块的第 25 行: + + host: '0.0.0.0', + +保存并退出。 + +现在用下面的命令运行 ghost: + + npm start --production + +通过访问服务器 ip 和 2368 号端口验证。 + +![Ghost 安装完成](http://blog.linoxide.com/wp-content/uploads/2015/10/Ghost-Installed.png) + +以 “ghost” 用户在 "/var/www/ghost" 目录安装了 ghost。 + +### 第四步 - 作为 FreeBSD 服务运行 Ghost ### + +要在 freebsd 上以服务形式运行应用,你需要在 rc.d 目录添加脚本。我们会在 "**/usr/local/etc/rc.d/**" 目录为 ghost 创建新的服务脚本。 + +在创建服务脚本之前,为了以服务形式运行 ghost,我们需要安装一个 node.js 模块,用 npm 命令以 **sudo/root** 权限安装 forever 模块: + + npm install forever -g + +现在进入到 rc.d 目录并创建名为 ghost 的新文件: + + cd /usr/local/etc/rc.d/ + nano -c ghost + +粘贴下面的服务脚本: + + #!/bin/sh + + # PROVIDE: ghost + # KEYWORD: shutdown + PATH="/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin" + + . /etc/rc.subr + + name="ghost" + rcvar="ghost_enable" + extra_commands="status" + + load_rc_config ghost + : ${ghost_enable:="NO"} + + status_cmd="ghost_status" + start_cmd="ghost_start" + stop_cmd="ghost_stop" + restart_cmd="ghost_restart" + + ghost="/var/www/ghost" + log="/var/log/ghost/ghost.log" + ghost_start() { + sudo -u ghost sh -c "cd $ghost && NODE_ENV=production forever start -al $log index.js" + } + + ghost_stop() { + sudo -u ghost sh -c "cd $ghost && NODE_ENV=production forever stop index.js" + } + + ghost_status() { + sudo -u ghost sh -c "NODE_ENV=production forever list" + } + + ghost_restart() { + ghost_stop; + ghost_start; + } + + run_rc_command "$1" + +保存并退出。 + +下一步,给 ghost 服务脚本添加可执行权限: + + chmod +x ghost + +为 ghost 日志创建新的目录和文件,并把属主修改为 ghost 用户: + + mkdir -p /var/www/ghost/ + touch /var/www/ghost/ghost.log + chown -R /var/www/ghost/ + +最后,如果你想运行 ghost 服务,你需要用 sysrc 命令添加 ghost 服务到开机启动应用程序: + + sysrc ghost_enable=yes + +用以下命令启动 ghost: + + service ghost start + +其它命令: + + service ghost stop + service ghost status + service ghost restart + +![Ghost 服务命令](http://blog.linoxide.com/wp-content/uploads/2015/10/Ghost-service-command.png) + +### 第五步 - 为 Ghost 安装和配置 Nginx ### + +默认情况下,ghost 会以单机模式运行,你可以不用 Nginx、apache 或 IIS web 服务器直接运行它。但在这篇指南中我们会安装和配置 nginx 和 ghost 一起使用。 + +用 pkg 命令从 freebsd 库中安装 nginx: + + pkg install nginx + +下一步,进入 nginx 配置目录并为 virtualhost 配置创建新的目录。 + + cd /usr/local/etc/nginx/ + mkdir virtualhost/ + +进入 virtualhost 目录,用 nano 编辑器创建名为 ghost.conf 的新文件: + + cd virtualhost/ + nano -c ghost.conf + +粘贴下面的 virtualhost 配置: + + server { + listen 80; + + #Your Domain + server_name ghost.me; + + location ~* \.(?:ico|css|js|gif|jpe?g|png|ttf|woff)$ { + access_log off; + expires 30d; + add_header Pragma public; + add_header Cache-Control "public, mustrevalidate, proxy-revalidate"; + proxy_pass http://127.0.0.1:2368; + } + + location / { + add_header X-XSS-Protection "1; mode=block"; + add_header Cache-Control "public, max-age=0"; + add_header Content-Security-Policy "script-src 'self' ; font-src 'self' ; connect-src 'self' ; block-all-mixed-content; reflected-xss block; referrer no-referrer"; + add_header X-Content-Type-Options nosniff; + add_header X-Frame-Options DENY; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header Host $http_host; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_pass http://127.0.0.1:2368; + } + + location = /robots.txt { access_log off; log_not_found off; } + location = /favicon.ico { access_log off; log_not_found off; } + + location ~ /\.ht { + deny all; + } + + } + +保存并退出。 + +要启用 virtualhost 配置,你需要把那个文件添加到 **nginx.conf**。进入 nginx 配置目录并编辑 nginx.conf 文件: + + cd /usr/local/etc/nginx/ + nano -c nginx.conf + +在最后一行的前面,包含 virtualhost 配置目录: + + [......] + + include virtualhost/*.conf; + + } + +保存并退出。 + +用命令 "**nginx -t**" 测试 nginx 配置,如果没有错误,用 sysrc 添加 nginx 到开机启动: + + sysrc nginx_enable=yes + +并启动 nginx: + + service nginx start + +现在测试所有 nginx 和 virtualhost 配置。请打开你的浏览器并输入: ghost.me + +![ghost.me 成功运行](http://blog.linoxide.com/wp-content/uploads/2015/10/ghost.me-successfully.png) + +Ghost.me 正在成功运行。 + +如果你想要检查 nginx 服务器,可以使用 "**curl**" 命令。 + +![测试 ghost 和 nginx](http://blog.linoxide.com/wp-content/uploads/2015/10/ghost-and-nginx-test.png) + +Ghost 正在 nginx 上运行。 + +### 总结 ### + +Node.js 是 Ryan Dahl 为创建和开发可扩展服务器端应用程序创建的运行时环境。Ghost 是使用 node.js 编写的开源博客平台,它有漂亮的外观设计并且易于使用。默认情况下,ghost 是可以单独运行的 web 应用程序,并不需要类似 apache、nginx 或 IIS 之类的 web 服务器,但我们也可以和 web 服务器集成(在这篇指南中使用 Nginx)。Sqlite 是 ghost 默认使用的数据库,它还支持 msql/mariadb 和 postgresql。Ghost 能快速部署并且易于使用和配置。 + +-------------------------------------------------------------------------------- + +via: http://linoxide.com/linux-how-to/install-ghost-nginx-freebsd-10-2/ + +作者:[Arul][a] +译者:[ictlyh](http://mutouxiaogui.cn/blog/) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://linoxide.com/author/arulm/ \ No newline at end of file diff --git a/translated/tech/20151028 10 Tips for 10x Application Performance.md b/translated/tech/20151028 10 Tips for 10x Application Performance.md new file mode 100644 index 0000000000..55cd24bd9a --- /dev/null +++ b/translated/tech/20151028 10 Tips for 10x Application Performance.md @@ -0,0 +1,279 @@ +10 Tips for 10x Application Performance + +将程序性能提高十倍的10条建议 +================================================================================ + +提高web 应用的性能从来没有比现在更关键过。网络经济的比重一直在增长;全球经济超过5% 的价值是在因特网上产生的(数据参见下面的资料)。我们的永远在线、超级连接的世界意味着用户的期望值也处于历史上的最高点。如果你的网站不能及时的响应,或者你的app 不能无延时的工作,用户会很快的投奔到你的竞争对手那里。 + +举一个例子,一份亚马逊十年前做过的研究可以证明,甚至在那个时候,网页加载时间每减少100毫秒,收入就会增加1%。另一个最近的研究特别强调一个事实,即超过一半的网站拥有着在调查中说他们会因为应用程序性能的问题流失用户。 + +网站到底需要多块呢?对于页面加载,每增加1秒钟就有4%的用户放弃使用。顶级的电子商务站点的页面在第一次交互时可以做到1秒到3秒加载时间,而这是提供最高舒适度的速度。很明显这种利害关系对于web 应用来说很高,而且在不断的增加。 + +想要提高效率很简单,但是看到实际结果很难。要在旅途上帮助你,这篇blog 会给你提供10条最高可以10倍的提升网站性能的建议。这是系列介绍提高应用程序性能的第一篇文章,包括测试充分的优化技术和一点NGIX 的帮助。这个系列给出了潜在的提高安全性的帮助。 + +### Tip #1: 通过反向代理来提高性能和增加安全性 ### + +如果你的web 应用运行在单个机器上,那么这个办法会明显的提升性能:只需要添加一个更快的机器,更好的处理器,更多的内存,更快的磁盘阵列,等等。然后新机器就可以更快的运行你的WordPress 服务器, Node.js 程序, Java 程序,以及其它程序。(如果你的程序要访问数据库服务器,那么这个办法还是很简单:添加两个更快的机器,以及在两台电脑之间使用一个更快的链路。) + +问题是,机器速度可能并不是问题。web 程序运行慢经常是因为计算机一直在不同的任务之间切换:和用户的成千上万的连接,从磁盘访问文件,运行代码,等等。应用服务器可能会抖动-内存不足,将内存数据写会磁盘,以及多个请求等待一个任务完成,如磁盘I/O。 + +你可以采取一个完全不同的方案来替代升级硬件:添加一个反向代理服务器来分担部分任务。[反向代理服务器][1] 位于运行应用的机器的前端,是用来处理网络流量的。只有反向代理服务器是直接连接到互联网的;和程序的通讯都是通过一个快速的内部网络完成的。 + +使用反向代理服务器可以将应用服务器从等待用户与web 程序交互解放出来,这样应用服务器就可以专注于为反向代理服务器构建网页,让其能够传输到互联网上。而应用服务器就不需要在能带客户端的响应,可以运行与接近优化过的性能水平。 + +添加方向代理服务器还可以给你的web 服务器安装带来灵活性。比如,一个已知类型的服务器已经超载了,那么就可以轻松的添加另一个相同的服务器;如果某个机器宕机了,也可以很容易的被替代。 + +因为反向代理带来的灵活性,所以方向代理也是一些性能加速功能的必要前提,比如: + +- **负载均衡** (参见 [Tip #2][2]) – 负载均衡运行在方向代理服务器上,用来将流量均衡分配给一批应用。有了合适的负载均衡,你就可以在不改变程序的前提下添加应用服务器。 +- **缓存静态文件** (参见 [Tip #3][3]) – 直接读取的文件,比如图像或者代码,可以保存在方向代理服务器,然后直接发给客户端,这样就可以提高速度、分担应用服务器的负载,可以让应用运行的更快 +- **网站安全** – 反响代理服务器可以提高网站安全性,以及快速的发现和响应攻击,保证应用服务器处于被保护状态。 + +NGINX 软件是一个专门设计的反响代理服务器,也包含了上述的多种功能。NGINX 使用事件驱动的方式处理问题,着回避传统的服务器更加有效率。NGINX plus 天价了更多高级的反向代理特性,比如程序[健康度检查][4],专门用来处理request 路由,高级缓冲和相关支持。 + +![NGINX Worker Process helps increase application performance](https://www.nginx.com/wp-content/uploads/2015/10/Graph-11.png) + +### Tip #2: 添加负载平衡 ### + +添加一个[负载均衡服务器][5] 是一个相当简单的用来提高性能和网站安全性的的方法。使用负载均衡讲流量分配到多个服务器,是用来替代只使用一个巨大且高性能web 服务器的方案。即使程序写的不好,或者在扩容方面有困难,只使用负载均衡服务器就可以很好的提高用户体验。 + +负载均衡服务器首先是一个反响代理服务器(参见[Tip #1][6])——它接收来自互联网的流量,然后转发请求给另一个服务器。小戏法是负载均衡服务器支持两个或多个应用服务器,使用[分配算法][7]将请求转发给不同服务器。最简单的负载均衡方法是轮转法,只需要将新的请求发给列表里的下一个服务器。其它的方法包括将请求发给负载最小的活动连接。NGINX plus 拥有将特定用户的会话分配给同一个服务器的[能力][8]. + +负载均衡可以很好的提高性能是因为它可以避免某个服务器过载而另一些服务器却没有流量来处理。它也可以简单的扩展服务器规模,因为你可以添加多个价格相对便宜的服务器并且保证它们被充分利用了。 + +可以进行负载均衡的协议包括HTTP, HTTPS, SPDY, HTTP/2, WebSocket,[FastCGI][9],SCGI,uwsgi, memcached,以及集中其它的应用类型,包括采用TCP 第4层协议的程序。分析你的web 应用来决定那些你要使用以及那些地方的性能不足。 + +相同的服务器或服务器群可以被用来进行负载均衡,也可以用来处理其它的任务,如SSL 终止,提供对客户端使用的HTTP/1/x 和 HTTP/2 ,以及缓存静态文件。 + +NGINX 经常被用来进行负载均衡;要想了解更多的情况可以访问我们的[overview blog post][10], [configuration blog post][11], [ebook][12] 以及相关网站 [webinar][13], 和 [documentation][14]。我们的商业版本 [NGINX Plus][15] 支持更多优化了的负载均衡特性,如基于服务器响应时间的加载路由和Microsoft’s NTLM 协议上的负载均衡。 + +### Tip #3: 缓存静态和动态的内容 ### + +缓存通过加速内容的传输速度来提高web 应用的性能。它可以采用一下集中策略:当需要的时候预处理要传输的内容,保存数据到速度更快的设备,把数据存储在距离客户端更近的位置,或者结合起来使用。 + +下面要考虑两种不同类型数据的缓冲: + +- **静态内容缓存**。不经常变化的文件,比如图像(JPEG,PNG) 和代码(CSS,JavaScript),可以保存在边缘服务器,这样就可以快速的从内存和磁盘上提取。 +- **动态内容缓存**。很多web 应用回针对每个网页请求生成不同的HTML 页面。在短时间内简单的缓存每个生成HTML 内容,就可以很好的减少要生成的内容的数量,这完全可以达到你的要求。 + +举个例子,如果一个页面每秒会被浏览10次,你将它缓存1 秒,99%请求的页面都会直接从缓存提取。如果你将将数据分成静态内容,甚至新生成的页面可能都是由这些缓存构成的。 + +下面由是web 应用发明的三种主要的缓存技术: + +- **缩短数据与用户的距离**。把一份内容的拷贝放的离用户更近点来减少传输时间。 +- **提高内容服务器的速度**。内容可以保存在一个更快的服务器上来减少提取文件的时间。 +- **从过载服务器拿走数据**。机器经常因为要完成某些其它的任务而造成某个任务的执行速度比测试结果要差。将数据缓存在不同的机器上可以提高缓存资源和非缓存资源的效率,而这知识因为主机没有被过度使用。 + +对web 应用的缓存机制可以web 应用服务器内部实现。第一,缓存动态内容是用来减少应用服务器加载动态内容的时间。然后,缓存静态内容(包括动态内容的临时拷贝)是为了更进一步的分担应用服务器的负载。而且缓存之后会从应用服务器转移到对用户而言更快、更近的机器,从而减少应用服务器的压力,减少提取数据和传输数据的时间。 + +改进过的缓存方案可以极大的提高应用的速度。对于大多数网页来说,静态数据,比如大图像文件,构成了超过一半的内容。如果没有缓存,那么这可能会花费几秒的时间来提取和传输这类数据,但是采用了缓存之后不到1秒就可以完成。 + +举一个在实际中缓存是如何使用的例子, NGINX 和NGINX Plus使用了两条指令来[设置缓存机制][16]:proxy_cache_path 和 proxy_cache。你可以指定缓存的位置和大小,文件在缓存中保存的最长时间和其他一些参数。使用第三条(而且是相当受欢迎的一条)指令,proxy_cache_use_stale,如果服务器提供新鲜内容是忙或者挂掉之类的信息,你甚至可以让缓存提供旧的内容,这样客户端就不会一无所得。从用户的角度来看这可以很好的提高你的网站或者应用的上线时间。 + +NGINX plus 拥有[高级缓存特性][17],包括对[缓存清除][18]的支持和在[仪表盘][19]上显示缓存状态信息。 + +要想获得更多关于NGINX 的缓存机制的信息可以浏览NGINX Plus 管理员指南中的 [reference documentation][20] 和 [NGINX Content Caching][21] 。 + +**注意**:缓存机制分布于应用开发者、投资决策者以及实际的系统运维人员之间。本文提到的一些复杂的缓存机制从[DevOps 的角度][23]来看很具有价值,即对集应用开发者、架构师以及运维操作人员的功能为一体的工程师来说可以满足他们对站点功能性、响应时间、安全性和商业结果,如完成的交易数。 + +### Tip #4: 压缩数据 ### + +压缩是一个具有很大潜力的提高性能的加速方法。现在已经有一些针对照片(JPEG 和PNG)、视频(MPEG-4)和音乐(MP3)等各类文件精心设计和高压缩率的标准。每一个标准都或多或少的减少了文件的大小。 + +文本数据 —— 包括HTML(包含了纯文本和HTL 标签),CSS和代码,比如Javascript —— 经常是未经压缩就传输的。压缩这类数据会在对应用程序性能的感觉上,特别是处于慢速或受限的移动网络的客户端,产生不成比例的影响。 + +这是因为文本数据经常是用户与网页交互的有效数据,而多媒体数据可能更多的是起提供支持或者装饰的作用。聪明的内容压缩可以减少HTML,Javascript,CSS和其他文本内容对贷款的要求,通常可以减少30% 甚至更多的带宽和相应的页面加载时间。 + +如果你是用SSL,压缩可以减少需要进行SSL 编码的的数据量,而这些编码操作会占用一些CPU时间而抵消了压缩数据减少的时间。 + +压缩文本数据的方法很多,举个例子,在定义小说文本压缩模式的[HTTP/2 部分]就专门为适应头数据。另一个例子是可以在NGINX 里打开使用GZIP 压缩文本。你在你的服务里[预压缩文本数据][25]之后,你就可以直接使用gzip_static 指令来处理压缩过的.gz 版本。 + +### Tip #5: 优化 SSL/TLS ### + +安全套接字([SSL][26]) 协议和它的继承者,传输层安全(TLS)协议正在被越来越多的网站采用。SSL/TLS 对从原始服务器发往用户的数据进行加密提高了网站的安全性。影响这个趋势的部分原因是Google 正在使用SSL/TLS,这在搜索引擎排名上是一个正面的影响因素。 + +尽管SSL/TLS 越来越流行,但是使用加密对速度的影响也让很多网站望而却步。SSL/TLS 之所以让网站变的更慢,原因有二: + +1. 任何一个连接第一次连接时的握手过程都需要传递密钥。而采用HTTP/1.x 协议的浏览器在建立多个连接时会对每个连接重复上述操作。 +2. 数据在传输过程中需要不断的在服务器加密、在客户端解密。 + +要鼓励使用SSL/TLS,HTTP/2 和SPDY(在[下一章][27]会描述)的作者设计新的协议来让浏览器只需要对一个浏览器会话使用一个连接。这会大大的减少上述两个原因中的一个浪费的时间。然而现在可以用来提高应用程序使用SSL/TLS 传输数据的性能的方法不止这些。 + +web 服务器有对应的机制优化SSL/TLS 传输。举个例子,NGINX 使用[OpenSSL][28]运行在普通的硬件上提供接近专用硬件的传输性能。NGINX [SSL 性能][29] 有详细的文档,而且把对SSL/TLS 数据进行加解密的时间和CPU 占用率降低了很多。 + +更进一步,在这篇[blog][30]有详细的说明如何提高SSL/TLS 性能,可以总结为一下几点: + +- **会话缓冲**。使用指令[ssl_session_cache][31]可以缓存每个新的SSL/TLS 连接使用的参数。 +- **会话票据或者ID**。把SSL/TLS 的信息保存在一个票据或者ID 里可以流畅的复用而不需要重新握手。 +- **OCSP 分割**。通过缓存SSL/TLS 证书信息来减少握手时间。 + +NGINX 和NGINX Plus 可以被用作SSL/TLS 终结——处理客户端流量的加密和解密,而同时和其他服务器进行明文通信。使用[这几步][32] 来设置NGINX 和NGINX Plus 处理SSL/TLS 终止。同时,这里还有一些NGINX Plus 和接收TCP 连接的服务器一起使用时的[特有的步骤][33] + +### Tip #6: 使用 HTTP/2 或 SPDY ### + +对于已经使用了SSL/TLS 的站点,HTTP/2 和SPDY 可以很好的提高性能,因为每个连接只需要一次握手。而对于没有使用SSL/TLS 的站点来说,HTTP/2 和SPDY会在响应速度上有些影响(通常会将度效率)。 + +Google 在2012年开始把SPDY 作为一个比HTTP/1.x 更快速的协议来推荐。HTTP/2 是目前IETF 标准,他也基于SPDY。SPDY 已经被广泛的支持了,但是很快就会被HTTP/2 替代。 + +SPDY 和HTTP/2 的关键是用单连接来替代多路连接。单个连接是被复用的,所以它可以同时携带多个请求和响应的分片。 + +通过使用一个连接这些协议可以避免过多的设置和管理多个连接,就像浏览器实现了HTTP/1.x 一样。单连接在对SSL 特别有效,这是因为它可以最小化SSL/TLS 建立安全链接时的握手时间。 + +SPDY 协议需要使用SSL/TLS, 而HTTP/2 官方并不需要,但是目前所有支持HTTP/2的浏览器只有在使能了SSL/TLS 的情况下才会使用它。这就意味着支持HTTP/2 的浏览器只有在网站使用了SSL 并且服务器接收HTTP/2 流量的情况下才会启用HTTP/2。否则的话浏览器就会使用HTTP/1.x 协议。 + +当你实现SPDY 或者HTTP/2时,你不再需要通常的HTTP 性能优化方案,比如域分隔资源聚合,以及图像登记。这些改变可以让你的代码和部署变得更简单和更易于管理。要了解HTTP/2 带来的这些变化可以浏览我们的[白皮书][34]。 + +![NGINX Supports SPDY and HTTP/2 for increased web application performance](https://www.nginx.com/wp-content/uploads/2015/10/http2-27.png) + +作为支持这些协议的一个样例,NGINX 已经从一开始就支持了SPDY,而且[大部分使用SPDY 协议的网站][35]都运行的是NGINX。NGINX 同时也[很早][36]对HTTP/2 的提供了支持,从2015 年9月开始开源NGINX 和NGINX Plus 就[支持][37]它了。 + +经过一段时间,我们NGINX 希望更多的站点完全是能SSL 并且向HTTP/2 迁移。这将会提高安全性,同时新的优化手段也会被发现和实现,更简单的代码表现的更加优异。 + +### Tip #7: 升级软件版本 ### + +一个提高应用性能的简单办法是根据软件的稳定性和性能的评价来选在你的软件栈。进一步说,因为高性能组件的开发者更愿意追求更高的性能和解决bug ,所以值得使用最新版本的软件。新版本往往更受开发者和用户社区的关注。更新的版本往往会利用到新的编译器优化,包括对新硬件的调优。 + +稳定的新版本通常比旧版本具有更好的兼容性和更高的性能。一直进行软件更新,可以非常简单的保持软件保持最佳的优化,解决掉bug,以及安全性的提高。 + +一直使用旧版软件也会组织你利用新的特性。比如上面说到的HTTP/2,目前要求OpenSSL 1.0.1.在2016 年中期开始将会要求1.0.2 ,而这是在2015年1月才发布的。 + +NGINX 用户可以开始迁移到[NGINX 最新的开源软件][38] 或者[NGINX Plus][39];他们都包含了罪行的能力,如socket分区和线程池(见下文),这些都已经为性能优化过了。然后好好看看的你软件栈,把他们升级到你能能升级道德最新版本吧。 + +### Tip #8: linux 系统性能调优 ### + +linux 是大多数web 服务器使用操作系统,而且作为你的架构的基础,Linux 表现出明显可以提高性能的机会。默认情况下,很多linux 系统都被设置为使用很少的资源,匹配典型的桌面应用负载。这就意味着web 应用需要最少一些等级的调优才能达到最大效能。 + +Linux 优化是转变们针对web 服务器方面的。以NGINX 为例,这里有一些在加速linux 时需要强调的变化: + +- **缓冲队列**。如果你有挂起的连接,那么你应该考虑增加net.core.somaxconn 的值,它代表了可以缓存的连接的最大数量。如果连接线直太小,那么你将会看到错误信息,而你可以逐渐的增加这个参数知道错误信息停止出现。 +- **文件描述符**。NGINX 对一个连接使用最多2个文件描述符。如果你的系统有很多连接,你可能就需要提高sys.fs.file_max ,增加系统对文件描述符数量整体的限制,这样子才能支持不断增加的负载需求。 +- **临时端口**。当使用代理时,NGINX 会为每个上游服务器创建临时端口。你可以设置net.ipv4.ip_local_port_range 来提高这些端口的范围,增加可用的端口。你也可以减少非活动的端口的超时判断来重复使用端口,这可以通过net.ipv4.tcp_fin_timeout 来设置,这可以快速的提高流量。 + +对于NGINX 来说,可以查阅[NGINX 性能调优指南][40]来学习如果优化你的Linux 系统,这样子它就可以很好的适应大规模网络流量而不会超过工作极限。 + +### Tip #9: web 服务器性能调优 ### + +无论你是用哪种web 服务器,你都需要对它进行优化来提高性能。下面的推荐手段可以用于任何web 服务器,但是一些设置是针对NGINX的。关键的优化手段包括: + +- **f访问日志**。不要把每个请求的日志都直接写回磁盘,你可以在内存将日志缓存起来然后一批写回磁盘。对于NGINX 来说添加给指令*access_log* 添加参数 *buffer=size* 可以让系统在缓存满了的情况下才把日志写到此哦按。如果你添加了参数**flush=time** ,那么缓存内容会每隔一段时间再写回磁盘。 +- **缓存**。缓存掌握了内存中的部分资源知道满了位置,这可以让与客户端的通信更加高效。与内存中缓存不匹配的响应会写回磁盘,而这就会降低效能。当NGINX [启用][42]了缓存机制后,你可以使用指令*proxy_buffer_size* 和 *proxy_buffers* 来管理缓存。 +- **客户端保活**。保活连接可以减少开销,特别是使用SSL/TLS时。对于NGINX 来说,你可以增加*keepalive_requests* 的值,从默认值100 开始修改,这样一个客户端就可以转交一个指定的连接,而且你也可以通过增加*keepalive_timeout* 的值来允许保活连接存活更长时间,结果就是让后来的请求处理的更快速。 +- **上游保活**。上游的连接——即连接到应用服务器、数据库服务器等机器的连接——同样也会收益于连接保活。对于上游连接老说,你可以增加*保活时间*,即每个工人进程的空闲保活连接个数。这就可以提高连接的复用次数,减少需要重新打开全新的连接次数。更多关于保活连接的信息可以参见[blog][41]. +- **限制**。限制客户端使用的资源可以提高性能和安全性。对于NGINX 来说指令*limit_conn* 和 *limit_conn_zone* 限制了每个源的连接数量,而*limit_rate* 限制了带宽。这些限制都可以阻止合法用户*攫取* 资源,同时夜避免了攻击。指令*limit_req* 和 *limit_req_zone* 限制了客户端请求。对于上游服务器来说,可以在上游服务器的配置块里使用max_conns 可以限制连接到上游服务器的连接。 这样可以避免服务器过载。关联的队列指令会创建一个队列来在连接数抵达*max_conn* 限制时在指定的长度的时间内保存特定数量的请求。 +- **工人进程**。工人进程负责处理请求。NGINX 采用事件驱动模型和依赖操作系统的机制来有效的讲请求分发给不同的工人进程。这条建议推荐设置每个CPU 的参数*worker_processes* 。如果需要的话,工人连接的最大数(默认512)可以安全在大部分系统增加,是指找到最适合你的系统的值。 +- **套接字分割**。通常一个套接字监听器会把新连接分配给所有工人进程。套接字分割会未每个工人进程创建一个套接字监听器,这样一来以内核分配连接给套接字就成为可能了。折可以减少锁竞争,并且提高多核系统的性能,要使能[套接字分隔][43]需要在监听指令里面加上复用端口参数。 +- **线程池**。一个计算机进程可以处理一个缓慢的操作。对于web 服务器软件来说磁盘访问会影响很多更快的操作,比如计算或者在内存中拷贝。使用了线程池之后慢操作可以分配到不同的任务集,而主进程可以一直运行快速操作。当磁盘操作完成后结果会返回给主进程的循环。在NGINX理有两个操作——read()系统调用和sendfile() ——被分配到了[线程池][44] + +![Thread pools help increase application performance by assigning a slow operation to a separate set of tasks](https://www.nginx.com/wp-content/uploads/2015/10/Graph-17.png) + +**技巧**。当改变任务操作系统或支持服务的设置时,一次只改变一个参数然后测试性能。如果修改引起问题了,或者不能让你的系统更快那么就改回去。 + +在[blog][45]可以看到更详细的NGINX 调优方法。 + +### Tip #10: 监视系统活动来解决问题和瓶颈 ### + +在应用开发中要使得系统变得非常高效的关键是监视你的系统在现实世界运行的性能。你必须能通过特定的设备和你的web 基础设施上监控程序活动。 + +监视活动是最积极的——他会告诉你发生了什么,把问题留给你发现和最终解决掉。 + +监视可以发现集中不同的问题。它们包括: + +- 服务器宕机。 +- 服务器出问题一直在丢失连接。 +- 服务器出现大量的缓存未命中。 +- 服务器没有发送正确的内容。 + +应用的总体性能监控工具,比如New Relic 和Dynatrace,可以帮助你监控到从远处加载网页的时间,二NGINX 可以帮助你监控到应用发送的时 间。当你需要考虑为基础设施添加容量以满足流量需求时,应用性能数据可以告诉你你的优化措施的确起作用了。 + +为了帮助开发者快速的发现、解决问题,NGINX Plus 增加了[应用感知健康度检查][46] ——对重复出现的常规事件进行综合分析并在问题出现时向你发出警告。NGINX Plus 同时提供[会话过滤][47] 功能,折可以组织当前任务未完成之前不接受新的连接,另一个功能是慢启动,允许一个从错误恢复过来的服务器追赶上负载均衡服务器群的速度。当有使用得当时,健康度检查可以让你在问题变得严重到影响用户体验前就发现它,而会话过滤和慢启动可以让你替换服务器,并且这个过程不会对性能和正常运行时间产生负面影响。这个表格就展示了NGINX Plus 内建模块在web 基础设施[监视活活动][48]的仪表盘,包括了服务器群,TCP 连接和缓存等信息。 + +![Use real-time application performance monitoring tools to identify and resolve issues quickly](https://www.nginx.com/wp-content/uploads/2015/10/Screen-Shot-2015-10-05-at-4.16.32-PM.png) + +### 总结: 看看10倍性能提升的效果 ### + +这些性能提升方案对任何一个web 应用都可用并且效果都很好,而实际效果取决于你的预算,如你能花费的时间,目前实现方案的差距。所以你该如何对你自己的应用实现10倍性能提升? + +为了指导你了解每种优化手段的潜在影响,这里是是上面详述的每个优化方法的关键点,虽然你的里程肯定大不相同: + +- **反向代理服务器和负载均衡**。没有负载均衡或者负载均衡很差都会造成间断的极低性能。增加一个反向代理,比如NGINX可以避免web应用程序在内存和磁盘之间抖动。负载均衡可以将过载服务器的任务转移到空闲的服务器,还可以轻松的进行扩容。这些改变都可以产生巨大的性能提升,很容易就可以比你现在的实现方案的最差性能提高10倍,对于总体性能来说可能提高的不多,但是也是有实质性的提升。 +- **缓存动态和静态数据**。如果你又一个web 服务器负担过重,那么毫无疑问肯定是你的应用服务器,只通过缓存动态数据就可以在峰值时间提高10倍的性能。缓存静态文件可以提高个位数倍的性能。 +- **压缩数据**。使用媒体文件压缩格式,比如图像格式JPEG,图形格式PNG,视频格式MPEG-4,音乐文件格式MP3可以极大的提高性能。一旦这些都用上了,然后压缩文件数据可以提高初始页面加载速度提高两倍。 +- **优化SSL/TLS**。安全握手会对性能产生巨大的影响,对他们的优化可能会对初始响应特别是重文本站点产生2倍的提升。优化SSL/TLS 下媒体文件只会产生很小的性能提升。 +- **使用HTTP/2 和SPDY*。当你使用了SSL/TLS,这些协议就可以提高整个站点的性能。 +- **对linux 和web 服务器软件进行调优**。比如优化缓存机制,使用保活连接,分配时间敏感型任务到不同的线程池可以明显的提高性能;举个例子,线程池可以加速对磁盘敏感的任务[近一个数量级][49]. + +我们希望你亲自尝试这些技术。我们希望这些提高应用性能的手段可以被你实现。请在下面评论栏分享你的结果 或者在标签#NGINX 和#webperf 下tweet 你的故事。 +### 网上资源 ### + +[Statista.com – Share of the internet economy in the gross domestic product in G-20 countries in 2016][50] + +[Load Impact – How Bad Performance Impacts Ecommerce Sales][51] + +[Kissmetrics – How Loading Time Affects Your Bottom Line (infographic)][52] + +[Econsultancy – Site speed: case studies, tips and tools for improving your conversion rate][53] + +-------------------------------------------------------------------------------- + +via: https://www.nginx.com/blog/10-tips-for-10x-application-performance/?hmsr=toutiao.io&utm_medium=toutiao.io&utm_source=toutiao.io + +作者:[Floyd Smith][a] +译者:[Ezio]](https://github.com/oska874) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.nginx.com/blog/author/floyd/ +[1]:https://www.nginx.com/resources/glossary/reverse-proxy-server +[2]:https://www.nginx.com/blog/10-tips-for-10x-application-performance/?hmsr=toutiao.io&utm_medium=toutiao.io&utm_source=toutiao.io#tip2 +[3]:https://www.nginx.com/blog/10-tips-for-10x-application-performance/?hmsr=toutiao.io&utm_medium=toutiao.io&utm_source=toutiao.io#tip3 +[4]:https://www.nginx.com/products/application-health-checks/ +[5]:https://www.nginx.com/solutions/load-balancing/ +[6]:https://www.nginx.com/blog/10-tips-for-10x-application-performance/?hmsr=toutiao.io&utm_medium=toutiao.io&utm_source=toutiao.io#tip1 +[7]:https://www.nginx.com/resources/admin-guide/load-balancer/ +[8]:https://www.nginx.com/blog/load-balancing-with-nginx-plus/ +[9]:https://www.digitalocean.com/community/tutorials/understanding-and-implementing-fastcgi-proxying-in-nginx +[10]:https://www.nginx.com/blog/five-reasons-use-software-load-balancer/ +[11]:https://www.nginx.com/blog/load-balancing-with-nginx-plus/ +[12]:https://www.nginx.com/resources/ebook/five-reasons-choose-software-load-balancer/ +[13]:https://www.nginx.com/resources/webinars/choose-software-based-load-balancer-45-min/ +[14]:https://www.nginx.com/resources/admin-guide/load-balancer/ +[15]:https://www.nginx.com/products/ +[16]:https://www.nginx.com/blog/nginx-caching-guide/ +[17]:https://www.nginx.com/products/content-caching-nginx-plus/ +[18]:http://nginx.org/en/docs/http/ngx_http_proxy_module.html?&_ga=1.95342300.1348073562.1438712874#proxy_cache_purge +[19]:https://www.nginx.com/products/live-activity-monitoring/ +[20]:http://nginx.org/en/docs/http/ngx_http_proxy_module.html?&&&_ga=1.61156076.1348073562.1438712874#proxy_cache +[21]:https://www.nginx.com/resources/admin-guide/content-caching +[22]:https://www.nginx.com/blog/network-vs-devops-how-to-manage-your-control-issues/ +[23]:https://www.nginx.com/blog/10-tips-for-10x-application-performance/?hmsr=toutiao.io&utm_medium=toutiao.io&utm_source=toutiao.io#tip6 +[24]:https://www.nginx.com/resources/admin-guide/compression-and-decompression/ +[25]:http://nginx.org/en/docs/http/ngx_http_gzip_static_module.html +[26]:https://www.digicert.com/ssl.htm +[27]:https://www.nginx.com/blog/10-tips-for-10x-application-performance/?hmsr=toutiao.io&utm_medium=toutiao.io&utm_source=toutiao.io#tip6 +[28]:http://openssl.org/ +[29]:https://www.nginx.com/blog/nginx-ssl-performance/ +[30]:https://www.nginx.com/blog/improve-seo-https-nginx/ +[31]:http://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_session_cache +[32]:https://www.nginx.com/resources/admin-guide/nginx-ssl-termination/ +[33]:https://www.nginx.com/resources/admin-guide/nginx-tcp-ssl-termination/ +[34]:https://www.nginx.com/resources/datasheet/datasheet-nginx-http2-whitepaper/ +[35]:http://w3techs.com/blog/entry/25_percent_of_the_web_runs_nginx_including_46_6_percent_of_the_top_10000_sites +[36]:https://www.nginx.com/blog/how-nginx-plans-to-support-http2/ +[37]:https://www.nginx.com/blog/nginx-plus-r7-released/ +[38]:http://nginx.org/en/download.html +[39]:https://www.nginx.com/products/ +[40]:https://www.nginx.com/blog/tuning-nginx/ +[41]:https://www.nginx.com/blog/http-keepalives-and-web-performance/ +[42]:http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_buffering +[43]:https://www.nginx.com/blog/socket-sharding-nginx-release-1-9-1/ +[44]:https://www.nginx.com/blog/thread-pools-boost-performance-9x/ +[45]:https://www.nginx.com/blog/tuning-nginx/ +[46]:https://www.nginx.com/products/application-health-checks/ +[47]:https://www.nginx.com/products/session-persistence/#session-draining +[48]:https://www.nginx.com/products/live-activity-monitoring/ +[49]:https://www.nginx.com/blog/thread-pools-boost-performance-9x/ +[50]:http://www.statista.com/statistics/250703/forecast-of-internet-economy-as-percentage-of-gdp-in-g-20-countries/ +[51]:http://blog.loadimpact.com/blog/how-bad-performance-impacts-ecommerce-sales-part-i/ +[52]:https://blog.kissmetrics.com/loading-time/?wide=1 +[53]:https://econsultancy.com/blog/10936-site-speed-case-studies-tips-and-tools-for-improving-your-conversion-rate/ diff --git a/translated/tech/20151030 How To Install FreeBSD on Raspberry Pi 2 Model B.md b/translated/tech/20151030 How To Install FreeBSD on Raspberry Pi 2 Model B.md new file mode 100644 index 0000000000..941d3a2b72 --- /dev/null +++ b/translated/tech/20151030 How To Install FreeBSD on Raspberry Pi 2 Model B.md @@ -0,0 +1,98 @@ + +如何在树莓派2 B型上安装 FreeBSD +================================================================================ + +在树莓派2 B型上如何安装 FreeBSD 10 或 FreeBSD 11(current)?怎么在 Linux,OS X,FreeBSD 或类 Unix 操作系统上烧录 SD 卡? + +在树莓派2 B型上安装 FreeBSD 10或 FreeBSD 11(current)很容易。使用 FreeBSD 操作系统可以打造一个非常易用的 Unix 服务器。FreeBSD-CURRENT 自2012年十一月以来一直支持树莓派,2015年三月份后也开始支持树莓派2了。在这个快速教程中我将介绍如何在 RPI2 上安装 FreeBSD 11 current arm 版。 + +### 1. 下载 FreeBSD-current 的 arm 镜像 ### + +你可以 [访问这个页面来下载][1] 树莓派2的镜像。使用 wget 或 curl 命令来下载镜像: + + + $ wget ftp://ftp.freebsd.org/pub/FreeBSD/snapshots/arm/armv6/ISO-IMAGES/11.0/FreeBSD-11.0-CURRENT-arm-armv6-RPI2-20151016-r289420.img.xz + +或 + + $ curl -O ftp://ftp.freebsd.org/pub/FreeBSD/snapshots/arm/armv6/ISO-IMAGES/11.0/FreeBSD-11.0-CURRENT-arm-armv6-RPI2-20151016-r289420.img.xz + +### 2. 解压 FreeBSD-current 镜像 ### + +执行以下命令中的任何一个: + + $ unxz FreeBSD-11.0-CURRENT-arm-armv6-RPI2-20151016-r289420.img.xz + +或 + + $ xz --decompress FreeBSD-11.0-CURRENT-arm-armv6-RPI2-20151016-r289420.img.xz + +### 3. 设置 SD ### + +你可以在 OS X,Linux,FreeBSD,MS-Windows 和类 Unix 系统来烧录 SD 卡。 + +### 在 Mac OS X 下烧录 FreeBSD-current ### + +使用下面的 dd 命令: + + $ diskutil list + $ diskutil unmountDisk /dev/diskN + $ sudo dd if=FreeBSD-11.0-CURRENT-arm-armv6-RPI2-20151016-r289420.img of=/dev/disk2 bs=64k + +示例输出: + + 1024+0 records in + 1024+0 records out + 1073741824 bytes transferred in 661.669584 secs (1622776 bytes/sec) + +#### 使用 Linux/FreeBSD 或者 类 Unix 系统来烧录 FreeBSD-current #### + +语法是这样: + + $ dd if=FreeBSD-11.0-CURRENT-arm-armv6-RPI2-20151016-r289420.img of=/dev/sdb bs=1M + +确保使用实际 SD 卡的设备名称来替换 /dev/sdb 。 + +### 4. 引导 FreeBSD ### + +在树莓派2 B型上插入 SD 卡。你需要连接键盘,鼠标和显示器。我使用的是 USB 转串口线来连接显示器的: + +![Fig.01 RPi USB based serial connection](http://s0.cyberciti.org/uploads/faq/2015/10/Raspberry-Pi-2-Model-B.pin-out.jpg) + + +图01 RPI 基于 USB 的串行连接 + +在下面的例子中,我使用 screen 命令来连接我的 RPI: + + ## Linux version ## + screen /dev/tty.USB0 115200 + + ## OS X version ## + screen /dev/cu.usbserial 115200 + + ## Windows user use Putty.exe ## + +FreeBSD RPI 启动输出样例: + +![Gif 01: Booting FreeBSD-current on RPi 2](http://s0.cyberciti.org/uploads/faq/2015/10/freebsd-current-rpi.gif) + +图01: 在 RPi 2上引导 FreeBSD-current + +### 5. FreeBSD 在 RPi 2上的用户名和密码 ### + +默认的密码是 freebsd/freebsd 和 root/root。 + +到此为止, FreeBSD-current 已经安装并运行在 RPi 2上。 + +-------------------------------------------------------------------------------- + +via: http://www.cyberciti.biz/faq/how-to-install-freebsd-on-raspberry-pi-2-model-b/ + +作者:[Vivek Gite][a] +译者:[译者ID](https://github.com/译者ID) +校对:[strugglingyouth](https://github.com/strugglingyouth) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.cyberciti.biz/tips/about-us +[1]:ftp://ftp.freebsd.org/pub/FreeBSD/snapshots/arm/armv6/ISO-IMAGES/11.0 diff --git a/translated/tech/20151104 How to Install Redis Server on CentOS 7.md b/translated/tech/20151104 How to Install Redis Server on CentOS 7.md new file mode 100644 index 0000000000..eb872a2719 --- /dev/null +++ b/translated/tech/20151104 How to Install Redis Server on CentOS 7.md @@ -0,0 +1,236 @@ +How to Install Redis Server on CentOS 7.md + +如何在CentOS 7上安装Redis 服务 +================================================================================ + +大家好, 本文的主题是Redis,我们将要在CentOS 7 上安装它。编译源代码,安装二进制文件,创建、安装文件。然后安装组建,我们还会配置redis ,就像配置操作系统参数一样,目标就是让redis 运行的更加可靠和快速。 + +![Runnins Redis](http://blog.linoxide.com/wp-content/uploads/2015/10/run-redis-standalone.jpg) + +Redis 服务器 + +Redis 是一个开源的多平台数据存储软件,使用ANSI C 编写,直接在内存使用数据集,这使得它得以实现非常高的效率。Redis 支持多种编程语言,包括Lua, C, Java, Python, Perl, PHP 和其他很多语言。redis 的代码量很小,只有约3万行,它只做很少的事,但是做的很好。尽管你在内存里工作,但是对数据持久化的需求还是存在的,而redis 的可靠性就很高,同时也支持集群,这儿些可以很好的保证你的数据安全。 + +### 构建 Redis ### + +redis 目前没有官方RPM 安装包,我们需要从牙UN代码编译,而为了要编译就需要安装Make 和GCC。 + +如果没有安装过GCC 和Make,那么就使用yum 安装。 + + yum install gcc make + +从[官网][1]下载tar 压缩包。 + + curl http://download.redis.io/releases/redis-3.0.4.tar.gz -o redis-3.0.4.tar.gz + +解压缩。 + + tar zxvf redis-3.0.4.tar.gz + +进入解压后的目录。 + + cd redis-3.0.4 + +使用Make 编译源文件。 + + make + +### 安装 ### + +进入源文件的目录。 + + cd src + +复制 Redis server 和 client 到 /usr/local/bin + + cp redis-server redis-cli /usr/local/bin + +最好也把sentinel,benchmark 和check 复制过去。 + + cp redis-sentinel redis-benchmark redis-check-aof redis-check-dump /usr/local/bin + +创建redis 配置文件夹。 + + mkdir /etc/redis + +在`/var/lib/redis` 下创建有效的保存数据的目录 + + mkdir -p /var/lib/redis/6379 + +#### 系统参数 #### + +为了让redis 正常工作需要配置一些内核参数。 + +配置vm.overcommit_memory 为1,它的意思是一直避免数据被截断,详情[见此][2]. + + sysctl -w vm.overcommit_memory=1 + +修改backlog 连接数的最大值超过redis.conf 中的tcp-backlog 值,即默认值511。你可以在[kernel.org][3] 找到更多有关基于sysctl 的ip 网络隧道的信息。 + + sysctl -w net.core.somaxconn=512. + +禁止支持透明大页,,因为这会造成redis 使用过程产生延时和内存访问问题。 + + echo never > /sys/kernel/mm/transparent_hugepage/enabled + +### redis.conf ### +Redis.conf 是redis 的配置文件,然而你会看到这个文件的名字是6379.conf ,而这个数字就是redis 监听的网络端口。这个名字是告诉你可以运行超过一个redis 实例。 + +复制redis.conf 的示例到 **/etc/redis/6379.conf**. + + cp redis.conf /etc/redis/6379.conf + +现在编辑这个文件并且配置参数。 + + vi /etc/redis/6379.conf + +#### 守护程序 #### + +设置daemonize 为no,systemd 需要它运行在前台,否则redis 会突然挂掉。 + + daemonize no + +#### pidfile #### + +设置pidfile 为/var/run/redis_6379.pid。 + + pidfile /var/run/redis_6379.pid + +#### port #### + +如果不准备用默认端口,可以修改。 + + port 6379 + +#### loglevel #### + +设置日志级别。 + + loglevel notice + +#### logfile #### + +修改日志文件路径。 + + logfile /var/log/redis_6379.log + +#### dir #### + +设置目录为 /var/lib/redis/6379 + + dir /var/lib/redis/6379 + +### 安全 ### + +下面有几个操作可以提高安全性。 + +#### Unix sockets #### + +在很多情况下,客户端程序和服务器端程序运行在同一个机器上,所以不需要监听网络上的socket。如果这和你的使用情况类似,你就可以使用unix socket 替代网络socket ,为此你需要配置**port** 为0,然后配置下面的选项来使能unix socket。 + +设置unix socket 的套接字文件。 + + unixsocket /tmp/redis.sock + +限制socket 文件的权限。 + + unixsocketperm 700 + +现在为了获取redis-cli 的访问权限,应该使用-s 参数指向socket 文件。 + + redis-cli -s /tmp/redis.sock + +#### 密码 #### + +你可能需要远程访问,如果是,那么你应该设置密码,这样子每次操作之前要求输入密码。 + + requirepass "bTFBx1NYYWRMTUEyNHhsCg" + +#### 重命名命令 #### + +想象一下下面一条条指令的输出。使得,这回输出服务器的配置,所以你应该在任何可能的情况下拒绝这种信息。 + + CONFIG GET * + +为了限制甚至禁止这条或者其他指令可以使用**rename-command** 命令。你必须提供一个命令名和替代的名字。要禁止的话需要设置replacement 为空字符串,这样子禁止任何人猜测命令的名字会比较安全。 + + rename-command FLUSHDB "FLUSHDB_MY_SALT_G0ES_HERE09u09u" + rename-command FLUSHALL "" + rename-command CONFIG "CONFIG_MY_S4LT_GO3S_HERE09u09u" + +![Access Redis through unix with password and command changes](http://blog.linoxide.com/wp-content/uploads/2015/10/redis-security-test.jpg) + +通过密码和修改命令来访问unix socket。 + +#### 快照 #### + +默认情况下,redis 会周期性的将数据集转储到我们设置的目录下的文件**dump.rdb**。你可以使用save 命令配置转储的频率,他的第一个参数是以秒为单位的时间帧(译注:按照下文的意思单位应该是分钟),第二个参数是在数据文件上进行修改的数量。 + +每隔15小时并且最少修改过一次键。 + save 900 1 + +每隔5小时并且最少修改过10次键。 + + save 300 10 + +每隔1小时并且最少修改过10000次键。 + + save 60 10000 + +文件**/var/lib/redis/6379/dump.rdb** 包含了内存里经过上次保存命令的转储数据。因为他创建了临时文件并且替换了源文件,这里没有被破坏的问题,而且你不用担心直接复制这个文件。 + +### 开机时启动 ### + +You may use systemd to add Redis to the system startup +你可以使用systemd 将redis 添加到系统开机启动列表。 + +复制init_script 示例文件到/etc/init.d,注意脚本名所代表的端口号。 + + cp utils/redis_init_script /etc/init.d/redis_6379 + +现在我们来使用systemd,所以在**/etc/systems/system** 下创建一个单位文件名字为redis_6379.service。 + + vi /etc/systemd/system/redis_6379.service + +填写下面的内容,详情可见systemd.service。 + + [Unit] + Description=Redis on port 6379 + + [Service] + Type=forking + ExecStart=/etc/init.d/redis_6379 start + ExecStop=/etc/init.d/redis_6379 stop + + [Install] + WantedBy=multi-user.target + +现在添加我之前在**/etc/sysctl.conf** 里面修改多的内存过分提交和backlog 最大值的选项。 + + vm.overcommit_memory = 1 + + net.core.somaxconn=512 + +对于透明大页支持,并没有直接sysctl 命令可以控制,所以需要将下面的命令放到/etc/rc.local 的结尾。 + echo never > /sys/kernel/mm/transparent_hugepage/enabled + +### 总结 ### + +这些足够启动了,通过设置这些选项你将足够部署redis 服务到很多简单的场景,然而在redis.conf 还有很多为复杂环境准备的redis 的选项。在一些情况下,你可以使用[replication][4] 和 [Sentinel][5] 来提高可用性,或者[将数据分散][6]在多个服务器上,创建服务器集群 。谢谢阅读。 +-------------------------------------------------------------------------------- + +via: http://linoxide.com/storage/install-redis-server-centos-7/ + +作者:[Carlos Alberto][a] +译者:[ezio](https://github.com/oska874) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://linoxide.com/author/carlosal/ +[1]:http://redis.io/download +[2]:https://www.kernel.org/doc/Documentation/vm/overcommit-accounting +[3]:https://www.kernel.org/doc/Documentation/networking/ip-sysctl.txt +[4]:http://redis.io/topics/replication +[5]:http://redis.io/topics/sentinel +[6]:http://redis.io/topics/partitioning diff --git a/translated/tech/20151104 How to Install SQLite 3.9.1 with JSON Support on Ubuntu 15.04.md b/translated/tech/20151104 How to Install SQLite 3.9.1 with JSON Support on Ubuntu 15.04.md new file mode 100644 index 0000000000..b79dc3657e --- /dev/null +++ b/translated/tech/20151104 How to Install SQLite 3.9.1 with JSON Support on Ubuntu 15.04.md @@ -0,0 +1,121 @@ +如何在Ubuntu 15.04 上安装带JSON 支持的SQLite 3.9.1 +================================================================================ +欢迎阅读我们关于SQLite 的文章,SQLite 是当今时间上使用最广泛的SQL 数据库引擎,它他基本不需要配置,不需要安装或者管理就可以运行。SQLite 是一个是开放领域的软件,是关系数据库的管理系统,或者说RDBMS,用来在大表存储用户定义的记录。对于数据存储和管理来说,数据库引擎要处理复杂的查询命令,这些命令可能会从多个表获取数据然后生成报告的数据总结。 + +SQLite 是一个非常小、轻量级,不需要分离的服务进程或系统。他可以运行在UNIX,Linux,Mac OS-X,Android,iOS 和Windows 上,已经被大量的软件程序使用,如Opera, Ruby On Rails, Adobe System, Mozilla Firefox, Google Chrome 和 Skype。 + +### 1) 基本需求: ### + +在几乎全部支持SQLite 的平台上安装SQLite 基本上没有复杂的要求。 + +所以让我们在CLI 或者Secure Shell 上使用sudo 或者root 权限登录Ubuntu 服务器。然后更新系统,这样子就可以让操作系统的软件更新到新版本。 + +在Ubuntu 上,下面的命令是用来更新系统的软件源的。 + + # apt-get update + +如果你要在新安装的Ubuntu 上部署SQLite,那么你需要安装一些基础的系统管理工具,如wget, make, unzip, gcc。 + +要安装wget,可以使用下面的命令,然后输入Y 如果系统提示的话: + + # apt-get install wget make gcc + +### 2) 下载 SQLite ### + +要下载SQLite 最好是在[SQLite 官网][1]下载,如下所示 + +![SQLite download](http://blog.linoxide.com/wp-content/uploads/2015/10/Selection_014.png) + +你也可以直接复制资源的连接然后再命令行使用wget 下载,如下所示: + + # wget https://www.sqlite.org/2015/sqlite-autoconf-3090100.tar.gz + +![wget SQLite](http://blog.linoxide.com/wp-content/uploads/2015/10/23.png) + +下载完成之后,解压缩安装包,切换工作目录到解压缩后的SQLite 目录,使用下面的命令。 + + # tar -zxvf sqlite-autoconf-3090100.tar.gz + +### 3) 安装 SQLite ### + +现在我们要开始安装、配置刚才下载的SQLite。所以在Ubuntu 上编译、安装SQLite,运行配置脚本。 + + root@ubuntu-15:~/sqlite-autoconf-3090100# ./configure –prefix=/usr/local + +![SQLite Installation](http://blog.linoxide.com/wp-content/uploads/2015/10/35.png) + +配置要上面的prefix 之后,运行下面的命令编译安装包。 + + root@ubuntu-15:~/sqlite-autoconf-3090100# make +source='sqlite3.c' object='sqlite3.lo' libtool=yes \ +DEPDIR=.deps depmode=none /bin/bash ./depcomp \ +/bin/bash ./libtool --tag=CC --mode=compile gcc -DPACKAGE_NAME=\"sqlite\" -DPACKAGE_TARNAME=\"sqlite\" -DPACKAGE_VERSION=\"3.9.1\" -DPACKAGE_STRING=\"sqlite\ 3.9.1\" -DPACKAGE_BUGREPORT=\"http://www.sqlite.org\" -DPACKAGE_URL=\"\" -DPACKAGE=\"sqlite\" -DVERSION=\"3.9.1\" -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -DHAVE_DLFCN_H=1 -DLT_OBJDIR=\".libs/\" -DHAVE_FDATASYNC=1 -DHAVE_USLEEP=1 -DHAVE_LOCALTIME_R=1 -DHAVE_GMTIME_R=1 -DHAVE_DECL_STRERROR_R=1 -DHAVE_STRERROR_R=1 -DHAVE_POSIX_FALLOCATE=1 -I. -D_REENTRANT=1 -DSQLITE_THREADSAFE=1 -DSQLITE_ENABLE_FTS3 -DSQLITE_ENABLE_RTREE -g -O2 -c -o sqlite3.lo sqlite3.c + +运行完上面的命令之后,要在Ubuntu 上完成SQLite 的安装得运行下面的命令。 + + # make install + +![SQLite Make Install](http://blog.linoxide.com/wp-content/uploads/2015/10/44.png) + +### 4) 测试 SQLite 安装 ### + +要保证SQLite 3.9 安装成功了,运行下面的命令。 + + # sqlite3 + +SQLite 的版本会显示在命令行。 + +![Testing SQLite Installation](http://blog.linoxide.com/wp-content/uploads/2015/10/53.png) + +### 5) 使用 SQLite ### + +SQLite 很容易上手。要获得详细的使用方法,在SQLite 控制台里输入下面的命令。 + + sqlite> .help + +这里会显示全部可用的命令和详细说明。 + +![SQLite Help](http://blog.linoxide.com/wp-content/uploads/2015/10/62.png) + +现在开始最后一部分,使用一点SQLite 命令创建数据库。 + +要创建一个新的数据库需要运行下面的命令。 + + # sqlite3 test.db + +然后创建一张新表。 + + sqlite> create table memos(text, priority INTEGER); + +接着使用下面的命令插入数据。 + + sqlite> insert into memos values('deliver project description', 15); + sqlite> insert into memos values('writing new artilces', 100); + +要查看插入的数据可以运行下面的命令。 + + sqlite> select * from memos; + deliver project description|15 + writing new artilces|100 + +或者使用下面的命令离开。 + + sqlite> .exit + +![Using SQLite3](http://blog.linoxide.com/wp-content/uploads/2015/10/73.png) +### 结论 ### + +通过本文你可以了解如果安装支持JSON1 的最新版的SQLite,SQLite 从3.9.0 开始支持JSON1。这是一个非常棒的库,可以用来获取内嵌到应用程序,利用它可以很有效而且很轻量的管理资源。我们希望你能觉得本文有所帮助,请自由的像我们反馈你遇到的问题和困难。 + +-------------------------------------------------------------------------------- + +via: http://linoxide.com/ubuntu-how-to/install-sqlite-json-ubuntu-15-04/ + +作者:[Kashif Siddique][a] +译者:[译者ID](https://github.com/oska874) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://linoxide.com/author/kashifs/ +[1]:https://www.sqlite.org/download.html diff --git a/translated/tech/20151109 How to Install GitLab on Ubuntu or Fedora or Debian.md b/translated/tech/20151109 How to Install GitLab on Ubuntu or Fedora or Debian.md new file mode 100644 index 0000000000..524fc1e2c1 --- /dev/null +++ b/translated/tech/20151109 How to Install GitLab on Ubuntu or Fedora or Debian.md @@ -0,0 +1,178 @@ +如何在 Ubuntu / Fedora / Debian 中安装 GitLab +================================================================================ +在 Git 问世之前,分布式版本控制从来都不是一件简单的事。Git 是一个免费、开源的软件,旨在轻松且快速地对从小规模到非常巨大的项目进行管理。Git 最开始由 Linus Torvalds 开发,他同时也是著名的 Linux 内核的创建者。在 git 和分布式版本控制系统领域中,[GitLab][1] 是一个极棒的新产品。它是一个基于 web 的 Git 仓库管理应用,包含代码审查、wiki、问题跟踪等诸多功能。使用 GitLab 可以很方便、快速地创建、审查、部署及托管代码。与 Github 类似,尽管它也提供在其官方的服务器托管免费的代码仓库,但它也可以运行在我们自己的服务器上。GitLab 有两个不同的版本:社区版(Community Edition)和企业版(Enterprise Edition)。社区本完全免费且开源,遵循 MIT 协议;而企业版则遵循一个专有的协议,包含一些社区版中没有的功能。下面介绍的是有关如何在我们自己的运行着 Ubuntu、Fedora 或 Debian 操作系统的机子上安装 GitLab 社区版的简单步骤。 + +### 1. 安装先决条件 ### + +首先,我们需要安装 GitLab 所依赖的软件包。我们将安装 `curl`,用以下载我们所需的文件;安装`openssh-server` ,以此来通过 ssh 协议登陆到我们的机子上;安装`ca-certificates`,用它来添加 CA 认证;以及 `postfix`,把它作为一个 MTA(Mail Transfer Agent,邮件传输代理)。 + +注: 若要安装 GitLab 社区版,我们需要一个至少包含 2 GB 内存和 2 核 CPU 的 linux 机子。 + +#### 在 Ubuntu 14 .04/Debian 8.x 中 #### + +鉴于这些依赖包都可以在 Ubuntu 14.04 和 Debian 8.x 的官方软件仓库中获取到,我们只需通过使用 `apt-get` 包管理器来安装它们。为此,我们需要在一个终端或控制台中执行下面的命令: + + # apt-get install curl openssh-server ca-certificates postfix + +![install dependencies gitlab ubuntu debian](http://blog.linoxide.com/wp-content/uploads/2015/10/install-dependencies-gitlab-ubuntu-debian.png) + +#### 在 Fedora 22 中 #### + +在 Fedora 22 中,由于 `yum` 已经被弃用了,所以默认的包管理器是 `dnf`。为了安装上面那些需要的软件包,我们只需运行下面的 dnf 命令: + + # dnf install curl openssh-server postfix + +![install dependencies gitlab fedora](http://blog.linoxide.com/wp-content/uploads/2015/10/install-dependencies-gitlab-fedora.png) + +### 2. 打开并开启服务 ### + +现在,我们将使用我们默认的 init 系统来打开 sshd 和 postfix 服务。并且我们将使得它们在每次系统启动时被自动开启。 + +#### 在 Ubuntu 14.04 中 #### + +由于 SysVinit 在 Ubuntu 14.04 中作为 init 系统被安装,我们将使用 service 命令来开启 sshd 和 postfix 守护进程: + + # service sshd start + # service postfix start + +现在,为了使得它们在每次开机启动时被自动开启,我们需要运行下面的 update-rc.d 命令: + + # update-rc.d sshd enable + # update-rc.d postfix enable + +#### 在 Fedora 22/Debian 8.x 中 #### + +鉴于 Fedora 22 和 Debi 8.x 已经用 Systemd 代替了 SysVinit 来作为默认的 init 系统,我们只需运行下面的命令来开启 sshd 和 postfix 服务: + + # systemctl start sshd postfix + +现在,为了使得它们在每次开机启动时被自动地开启,我们需要运行下面的 systemctl 命令: + + # systemctl enable sshd postfix + + 从 /etc/systemd/system/multi-user.target.wants/sshd.service 建立软链接到 /usr/lib/systemd/system/sshd.service. + 从 /etc/systemd/system/multi-user.target.wants/postfix.service 建立软链接到 /usr/lib/systemd/system/postfix.service. + +### 3. 下载 GitLab ### + +现在,我们将使用 curl 从官方的 GitLab 社区版仓库下载二进制安装文件。首先,为了得到所需文件的下载链接,我们需要浏览到该软件仓库的页面。为此,我们需要在运行着相应操作系统的 linux 机子上运行下面的命令。 + +#### 在 Ubuntu 14.04 中 #### + +由于 Ubuntu 和 Debian 使用相同格式的 debian 文件,我们需要在 [https://packages.gitlab.com/gitlab/gitlab-ce?filter=debs][2] 下搜索所需版本的 GitLab,然后点击有着 ubuntu/trusty 标签的链接,这是因为我们运作着 Ubuntu 14.04。接着一个新的页面将会出现,我们将看到一个下载按钮,然后我们在它的上面右击,得到文件的链接,然后像下面这样使用 curl 来下载它。 + + # curl https://packages.gitlab.com/gitlab/gitlab-ce/packages/ubuntu/trusty/gitlab-ce_8.1.2-ce.0_amd64.deb + +![Downloading Gitlab Ubuntu](http://blog.linoxide.com/wp-content/uploads/2015/10/downloading-gitlab-ubuntu.png) + +#### 在 Debian 8.x 中 #### + +与 Ubuntu 类似,我们需要在 [https://packages.gitlab.com/gitlab/gitlab-ce?filter=debs][3] 页面中搜索所需版本的 GitLab,然后点击带有 debian/jessie 标签的链接,这是因为我们运行的是 Debian 8.x。接着,一个新的页面将会出现,然后我们在下载按钮上右击,得到文件的下载链接。最后我们像下面这样使用 curl 来下载该文件。 + + # curl https://packages.gitlab.com/gitlab/gitlab-ce/packages/debian/jessie/gitlab-ce_8.1.2-ce.0_amd64.deb/download + +![Downloading Gitlab Debian](http://blog.linoxide.com/wp-content/uploads/2015/10/downloading-gitlab-debian.png) + +#### 在 Fedora 22 中#### + +由于 Fedora 使用 rpm 文件来作为软件包,我们将在 [https://packages.gitlab.com/gitlab/gitlab-ce?filter=rpms][4] 页面下搜索所需版本的 GitLab,然后点击所需发行包的链接,这里由于我们运行的是 Fedora 22,所以我们将选择带有 el/7 标签的发行包。一个新的页面将会出现,在其中我们可以看到一个下载按钮,我们将右击它,得到所需文件的链接,然后像下面这样使用 curl 来下载它。 + + # curl https://packages.gitlab.com/gitlab/gitlab-ce/packages/el/7/gitlab-ce-8.1.2-ce.0.el7.x86_64.rpm/download + +![Downloading Gitlab Fedora](http://blog.linoxide.com/wp-content/uploads/2015/10/downloading-gitlab-fedora.png) + +### 4. 安装 GitLab ### + +在相应的软件源被添加到我们的 linux 机子上之后,现在我们将使用相应 linux 发行版本中的默认包管理器来安装 GitLab 社区版。 + +#### 在 Ubuntu 14.04/Debian 8.x 中 #### + +要在运行着 Ubuntu 14.04 或 Debian 8.x linux 发行版本的机子上安装 GitLab 社区版,我们只需运行如下的命令: + + # dpkg -i gitlab-ce_8.1.2-ce.0_amd64.deb + +![Installing Gitlab Ubuntu Debian](http://blog.linoxide.com/wp-content/uploads/2015/10/installing-gitlab-ubuntu-debian.png) + +#### 在 Fedora 22 中 #### + +我们只需执行下面的 dnf 命令来在我们的 Fedora 22 机子上安装 GitLab。 + + # dnf install gitlab-ce-8.1.2-ce.0.el7.x86_64.rpm + +![Installing Gitlab Fedora](http://blog.linoxide.com/wp-content/uploads/2015/10/installing-gitlab-fedora.png) + +### 5. 配置和开启 GitLab ### + +由于 GitLab 社区版已经成功地安装在我们的 linux 系统中了,接下来我们将要配置和开启它了。为此,我们需要运行下面的命令,这在 Ubuntu、Debian 和 Fedora 发行版本上都一样: + + # gitlab-ctl reconfigure + +![Reconfiguring Gitlab](http://blog.linoxide.com/wp-content/uploads/2015/10/reconfiguring-gitlab.png) + +### 6. 允许通过防火墙 ### + +假如在我们的 linux 机子中已经启用了防火墙程序,为了使得 GitLab 社区版的 web 界面可以通过网络进行访问,我们需要允许 80 端口通过防火墙,这个端口是 GitLab 社区版的默认端口。为此,我们需要运行下面的命令。 + +#### 在 Iptables 中 #### + +Ubuntu 14.04 默认安装和使用 Iptables。所以,我们将运行下面的 iptables 命令来打开 80 端口: + + # iptables -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT + + # /etc/init.d/iptables save + +#### 在 Firewalld 中 #### + +由于 Fedora 22 和 Debian 8.x 默认安装了 systemd,它包含了作为防火墙程序的 firewalld。为了使得 80 端口(http 服务) 能够通过 firewalld,我们需要执行下面的命令。 + + # firewall-cmd --permanent --add-service=http + + success + + # firewall-cmd --reload + + success + +### 7. 访问 GitLab Web 界面 ### + +最后,我们将访问 GitLab 社区版的 web 界面。为此,我们需要将我们的 web 浏览器指向 GitLab 服务器的网址,根据我们的配置,可能是 http://ip-address/ 或 http://domain.com/ 的格式。在我们成功指向该网址后,我们将会看到下面的页面。 + +![Gitlab Login Screen](http://blog.linoxide.com/wp-content/uploads/2015/10/gitlab-login-screen.png) + +现在,为了登陆进面板,我们需要点击登陆按钮,它将询问我们的用户名和密码。然后我们将输入默认的用户名和密码,即 **root** 和 **5iveL!fe** 。在登陆进控制面板后,我们将被强制要求为我们的 GitLab root 用户输入新的密码。 + +![Setting New Password Gitlab](http://blog.linoxide.com/wp-content/uploads/2015/10/setting-new-password-gitlab.png) + +### 8. 创建仓库 ### + +在我们成功地更改密码并登陆到我们的控制面板之后,现在,我们将为我们的新项目创建一个新的仓库。为此,我们需要来到项目栏,然后点击 **新项目** 绿色按钮。 + +![Creating New Projects](http://blog.linoxide.com/wp-content/uploads/2015/10/creating-new-projects.png) + +接着,我们将被询问给我们的项目输入所需的信息和设定,正如下面展示的那样。我们甚至可以从其他的 git 仓库提供商和仓库中导入我们的项目。 + +![Creating New Project](http://blog.linoxide.com/wp-content/uploads/2015/10/configuring-git-project.png) + +做完这些后,我们将能够使用任何包含基本 git 命令行的 Git 客户端来访问我们的 Git 仓库。我们可以看到在仓库中进行的任何活动,例如创建一个里程碑,管理 issue,合并请求,管理成员,便签,Wiki 等。 + +![Gitlab Menu](http://blog.linoxide.com/wp-content/uploads/2015/10/gitlab-menu.png) + +### 总结 ### + +GitLab 是一个用来管理 git 仓库的很棒的开源 web 应用。它有着漂亮,响应式的带有诸多酷炫功能的界面。它还打包有许多酷炫功能,例如管理群组,分发密钥,连续集成,查看日志,广播消息,钩子,系统 OAuth 应用,模板等。(注:OAuth 是一个开放标准,允许用户让第三方应用访问该用户在某一网站上存储的私密的资源(如照片,视频,联系人列表),而无需将用户名和密码提供给第三方应用。--- 摘取自 [维基百科上的 OAuth 词条](https://zh.wikipedia.org/wiki/OAuth)) 它还可以和大量的工具进行交互如 Slack,Hipchat,LDAP,JIRA,Jenkins,很多类型的钩子和一个完整的 API。它至少需要 2 GB 的内存和 2 核 CPU 来流畅运行,支持多达 500 个用户,但它也可以被扩展到多个活动的服务器上。假如你有任何的问题,建议,回馈,请将它们写在下面的评论框中,以便我们可以提升或更新我们的内容。谢谢! + +-------------------------------------------------------------------------------- + +via: http://linoxide.com/linux-how-to/install-gitlab-on-ubuntu-fedora-debian/ + +作者:[Arun Pyasi][a] +译者:[FSSlc](https://github.com/FSSlc) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://linoxide.com/author/arunp/ +[1]:https://about.gitlab.com/ +[2]:https://packages.gitlab.com/gitlab/gitlab-ce?filter=debs +[3]:https://packages.gitlab.com/gitlab/gitlab-ce?filter=debs +[4]:https://packages.gitlab.com/gitlab/gitlab-ce?filter=rpms \ No newline at end of file diff --git a/translated/tech/20151109 How to Monitor the Progress of a Linux Command Line Operation Using PV Command.md b/translated/tech/20151109 How to Monitor the Progress of a Linux Command Line Operation Using PV Command.md new file mode 100644 index 0000000000..2003bcff47 --- /dev/null +++ b/translated/tech/20151109 How to Monitor the Progress of a Linux Command Line Operation Using PV Command.md @@ -0,0 +1,80 @@ +如何监控linux 命令行的命令执行进度 +================================================================================ + +![](https://www.maketecheasier.com/assets/uploads/2015/11/pv-featured-1.jpg) + +如果你是一个linux 系统管理员,那么毫无疑问你必须花费大量的工作时间在命令行上:安装和卸载软件,监视系统状态,复制、移动、删除文件,查错,等等。很多时候都是你输入一个命令,然后等待很长时间直到执行完成。也有的时候你执行的命令挂起了,而你只能猜测命令执行的实际情况。 + +通常linux命令不提供和进度相关的信息,而这些信息特别重要,尤其当你只有有限的时间时。然而这并不意味着你是无助的-现在有一个命令,pv,他会显示当前在命令行执行的命令的进度信息。在本文我们会讨论它并用几个简单的例子说明种特性。 + +### PV 命令 ### + +[PV][1] 由Andrew Wood 开发,是Pipe Viewer 的简称,意思是通过管道显示数据处理进度的信息。这些信息包括已经耗费的时间,完成的百分比(通过进度条显示),当前的速度,要传输的全部数据,以及估计剩余的时间。 + +>"要使用PV,需要配合合适的选项,把它放置在两个进程之间的管道。命令的标准输入将会通过标准输出传进来的,而进度会被输出到标准错误输出。” + +上面解释了命令的主页(?) + +### 下载和安装 ### + +Debian 系的操作系统,如Ubuntu,可以简单的使用下面的命令安装PV: + + sudo apt-get install pv + +如果你使用了其他发行版本,你可以使用各自的包管理软件在你的系统上安装PV。一旦PV 安装好了你就可以在各种场合使用它(详见下文)。需要注意的是下面所有例子都可以正常的鱼pv 1.2.0 工作。 + +### 特性和用法 ### + +我们(在linux 上使用命令行的用户)的大多数使用场景都会用到的命令是从一个USB 驱动器拷贝电影文件到你的电脑。如果你使用cp 来完成上面的任务,你会什么情况都不清楚知道整个复制过程结束或者出错。 + +然而pv 命令在这种情景下很有帮助。比如: + + pv /media/himanshu/1AC2-A8E3/fNf.mkv > ./Desktop/fnf.mkv + +输出如下: + +![pv-copy](https://www.maketecheasier.com/assets/uploads/2015/10/pv-copy.png) + +所以,如你所见,这个命令显示了很多和操作有关的有用信息,包括已经传输了的数据量,花费的时间,传输速率,进度条,进度的百分比,已经剩余的时间。 + +`pv` 命令提供了多种显示选项开关。比如,你可以使用`-p` 来显示百分比,`-t` 来显示时间,`-r` 表示传输速率,`-e` 代表eta(译注:估计剩余的时间)。好事是你不必记住某一个选项,因为默认这几个选项都是使能的。但是,如果你只要其中某一个信息,那么可以通过控制这几个选项来完成任务。 + +整理还有一个`-n` 选项来允许pv 命令显示整数百分比,在标准错误输出上每行显示一个数字,用来替代通常的视觉进度条。下面是一个例子: + + pv -n /media/himanshu/1AC2-A8E3/fNf.mkv > ./Desktop/fnf.mkv + +![pv-numeric](https://www.maketecheasier.com/assets/uploads/2015/10/pv-numeric.png) + +这个特殊的选项非常合适某些情境下的需求,如你想把用管道把输出传给[dialog][2] 命令。 + +接下来还有一个命令行选项,`-L` 可以让你修改pv 命令的传输速率。举个例子,使用-L 选项来限制传输速率为2MB/s。 + + pv -L 2m /media/himanshu/1AC2-A8E3/fNf.mkv > ./Desktop/fnf.mkv + +![pv-ratelimit](https://www.maketecheasier.com/assets/uploads/2015/10/pv-ratelimit.png) + +如上图所见,数据传输速度按照我们的要求被限制了。 + +另一个pv 可以帮上忙的情景是压缩文件。这里有一个例子可以向你解释如何与压缩软件Gzip 一起工作。 + + pv /media/himanshu/1AC2-A8E3/fnf.mkv | gzip > ./Desktop/fnf.log.gz + +![pv-gzip](https://www.maketecheasier.com/assets/uploads/2015/10/pv-gzip.png) + +### 结论 ### + +如上所述,pv 是一个非常有用的小工具,它可以在命令没有按照预期执行的情况下帮你节省你宝贵的时间。而且这些现实的信息还可以用在shell 脚本里。我强烈的推荐你使用这个命令,他值得你一试。 + +-------------------------------------------------------------------------------- + +via: https://www.maketecheasier.com/monitor-progress-linux-command-line-operation/ + +作者:[Himanshu Arora][a] +译者:[ezio](https://github.com/oska874) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:https://www.maketecheasier.com/author/himanshu/ +[1]:http://linux.die.net/man/1/pv +[2]:http://linux.die.net/man/1/dialog diff --git a/translated/tech/20151116 Linux FAQs with Answers--How to install Node.js on Linux.md b/translated/tech/20151116 Linux FAQs with Answers--How to install Node.js on Linux.md new file mode 100644 index 0000000000..8ccca22632 --- /dev/null +++ b/translated/tech/20151116 Linux FAQs with Answers--How to install Node.js on Linux.md @@ -0,0 +1,92 @@ +Linux 有问必答 - 如何在 Linux 上安装 Node.js +================================================================================ +> **问题**: 如何在你的 Linux 发行版上安装 Node.js? + +[Node.js][1] 是建立在谷歌的 V8 JavaScript 引擎服务器端的软件平台上。在构建高性能的服务器端应用程序上,Node.js 在 JavaScript 中已是首选方案。是什么让使用 Node.js 库和应用程序的 [庞大生态系统][2] 来开发服务器后台变得如此流行。Node.js 自带一个被称为 npm 的命令行工具可以让你轻松地安装它,进行版本控制并使用 npm 的在线仓库来管理 Node.js 库和应用程序的依赖关系。 + +在本教程中,我将介绍 **如何在主流 Linux 发行版上安装 Node.js,包括Debian,Ubuntu,Fedora 和 CentOS** 。 + +Node.js 在一些发行版上作为预构建的程序包(如,Fedora 或 Ubuntu),而在其他发行版上你需要源码安装。由于 Node.js 发展比较快,建议从源码安装最新版而不是安装一个过时的预构建的程序包。最新的 Node.js 自带 npm(Node.js 的包管理器),让你可以轻松的安装 Node.js 的外部模块。 + +### 在 Debian 上安装 Node.js on ### + +从 Debian 8 (Jessie)开始,Node.js 已被纳入官方软​​件仓库。因此,你可以使用如下方式安装它: + + $ sudo apt-get install npm + +在 Debian 7 (Wheezy) 以前的版本中,你需要使用下面的方式来源码安装: + + $ sudo apt-get install python g++ make + $ wget http://nodejs.org/dist/node-latest.tar.gz + $ tar xvfvz node-latest.tar.gz + $ cd node-v0.10.21 (replace a version with your own) + $ ./configure + $ make + $ sudo make install + +### 在 Ubuntu 或 Linux Mint 中安装 Node.js ### + +Node.js 被包含在 Ubuntu(13.04 及更高版本)。因此,安装非常简单。以下方式将安装 Node.js 和 npm。 + + $ sudo apt-get install npm + $ sudo ln -s /usr/bin/nodejs /usr/bin/node + +而 Ubuntu 中的 Node.js 可能版本比较老,你可以从 [其 PPA][3] 中安装最新的版本。 + + $ sudo apt-get install python-software-properties python g++ make + $ sudo add-apt-repository -y ppa:chris-lea/node.js + $ sudo apt-get update + $ sudo apt-get install npm + +### 在 Fedora 中安装 Node.js ### + +Node.js 被包含在 Fedora 的 base 仓库中。因此,你可以在 Fedora 中用 yum 安装 Node.js。 + + $ sudo yum install npm + +如果你想安装 Node.js 的最新版本,可以按照以下步骤使用源码来安装。 + + $ sudo yum groupinstall 'Development Tools' + $ wget http://nodejs.org/dist/node-latest.tar.gz + $ tar xvfvz node-latest.tar.gz + $ cd node-v0.10.21 (replace a version with your own) + $ ./configure + $ make + $ sudo make install + +### 在 CentOS 或 RHEL 中安装 Node.js ### + +在 CentOS 使用 yum 包管理器来安装 Node.js,首先启用 EPEL 软件库,然后运行: + + $ sudo yum install npm + +如果你想在 CentOS 中安装最新版的 Node.js,其安装步骤和在 Fedora 中的相同。 + +### 在 Arch Linux 上安装 Node.js ### + +Node.js is available in the Arch Linux community repository. Thus installation is as simple as running: + +Node.js 在 Arch Linux 的社区库中可以找到。所以安装很简单,只要运行: + + $ sudo pacman -S nodejs npm + +### 检查 Node.js 的版本 ### + +一旦你已经安装了 Node.js,你可以使用如下所示的方法检查 Node.js 的版本。 + + $ node --version + +-------------------------------------------------------------------------------- + +via: http://ask.xmodulo.com/install-node-js-linux.html + +作者:[Dan Nanni][a] +译者:[strugglingyou](https://github.com/strugglingyou) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://ask.xmodulo.com/author/nanni +[1]:http://nodejs.org/ +[2]:https://www.npmjs.com/ +[3]:https://launchpad.net/~chris-lea/+archive/node.js diff --git a/translated/tech/20151117 Install PostgreSQL 9.4 And phpPgAdmin On Ubuntu 15.10.md b/translated/tech/20151117 Install PostgreSQL 9.4 And phpPgAdmin On Ubuntu 15.10.md new file mode 100644 index 0000000000..7fd4414127 --- /dev/null +++ b/translated/tech/20151117 Install PostgreSQL 9.4 And phpPgAdmin On Ubuntu 15.10.md @@ -0,0 +1,317 @@ +在 Ubuntu 15.10 上安装 PostgreSQL 9.4 和 phpPgAdmin +================================================================================ +![](http://1426826955.rsc.cdn77.org/wp-content/uploads/2014/05/postgresql.png) + +### 简介 ### + +[PostgreSQL][1] 是一款强大的,开源对象关系型数据库系统。它支持所有的主流操作系统,包括 Linux、Unix(AIX、BSD、HP-UX,SGI IRIX、Mac OS、Solaris、Tru64) 以及 Windows 操作系统。 + +下面是 **Ubuntu** 发起者 **Mark Shuttleworth** 对 PostgreSQL 的一段评价。 + +> PostgreSQL 真的是一款很好的数据库系统。刚开始我们使用它的时候,并不确定它能否胜任工作。但我错的太离谱了。它很强壮、快速,在各个方面都很专业。 +> +> — Mark Shuttleworth. + +在这篇简短的指南中,让我们来看看如何在 Ubuntu 15.10 服务器中安装 PostgreSQL 9.4。 + +### 安装 PostgreSQL ### + +默认仓库中就有可用的 PostgreSQL。在终端中输入下面的命令安装它。 + + sudo apt-get install postgresql postgresql-contrib + +如果你需要其它的版本,按照下面那样先添加 PostgreSQL 仓库然后再安装。 + +**PostgreSQL apt 仓库** 支持 amd64 和 i386 架构的 Ubuntu 长期支持版(10.04、12.04 和 14.04),以及非长期支持版(14.04)。对于其它非长期支持版,该软件包虽然不能完全支持,但使用和 LTS 版本近似的也能正常工作。 + +#### Ubuntu 14.10 系统: #### + +新建文件**/etc/apt/sources.list.d/pgdg.list**; + + sudo vi /etc/apt/sources.list.d/pgdg.list + +用下面一行添加仓库: + + deb http://apt.postgresql.org/pub/repos/apt/ utopic-pgdg main + +**注意**: 上面的库只能用于 Ubuntu 14.10。还没有升级到 Ubuntu 15.04 和 15.10。 + +**Ubuntu 14.04**,添加下面一行: + + deb http://apt.postgresql.org/pub/repos/apt/ trusty-pgdg main + +**Ubuntu 12.04**,添加下面一行: + + deb http://apt.postgresql.org/pub/repos/apt/ precise-pgdg main + +导入库签名密钥: + + wget --quiet -O - https://www.postgresql.org/media/keys/ACCC4CF8.asc + +---------- + + sudo apt-key add - + +更新软件包列表: + + sudo apt-get update + +然后安装需要的版本。 + + sudo apt-get install postgresql-9.4 + +### 访问 PostgreSQL 命令窗口 ### + +默认的数据库名称和数据库用户名称都是 “**postgres**”。切换到 postgres 用户进行 postgresql 相关的操作: + + sudo -u postgres psql postgres + +#### 事例输出: #### + + psql (9.4.5) + Type "help" for help. + postgres=# + +要退出 postgresql 窗口,在 **psql** 窗口输入 **\q** 退出到终端。 + +### 设置 “postgres” 用户密码 ### + +登录到 postgresql 窗口, + + sudo -u postgres psql postgres + +用下面的命令为用户 postgres 设置密码: + + postgres=# \password postgres + Enter new password: + Enter it again: + postgres=# \q + +要安装 PostgreSQL Adminpack,在 postgresql 窗口输入下面的命令: + + sudo -u postgres psql postgres + +---------- + + postgres=# CREATE EXTENSION adminpack; + CREATE EXTENSION + +在 **psql** 窗口输入 **\q** 从 postgresql 窗口退回到终端。 + +### 创建新用户和数据库 ### + +例如,让我们创建一个新的用户,名为 “**senthil**”,密码是 “**ubuntu**”,以及名为 “**mydb**” 的数据库。 + + sudo -u postgres createuser -D -A -P senthil + +---------- + + sudo -u postgres createdb -O senthil mydb + +### 删除用户和数据库 ### + +要删除数据库,首先切换到 postgres 用户: + + sudo -u postgres psql postgres + +输入命令: + + $ drop database + +要删除一个用户,输入下面的命令: + + $ drop user + +### 配置 PostgreSQL-MD5 验证 ### + +**MD5 验证** 要求用户提供一个 MD5 加密的密码用于认证。首先编辑 **/etc/postgresql/9.4/main/pg_hba.conf** 文件: + + sudo vi /etc/postgresql/9.4/main/pg_hba.conf + +按照下面所示添加或修改行 + + [...] + # TYPE DATABASE USER ADDRESS METHOD + # "local" is for Unix domain socket connections only + local all all md5 + # IPv4 local connections: + host all all 127.0.0.1/32 md5 + host all all 192.168.1.0/24 md5 + # IPv6 local connections: + host all all ::1/128 md5 + [...] + +其中, 192.168.1.0/24 是我的本地网络 IP 地址。用你自己的地址替换。 + +重启 postgresql 服务以使更改生效: + + sudo systemctl restart postgresql + +或者, + + sudo service postgresql restart + +### 配置 PostgreSQL TCP/IP 配置 ### + +默认情况下,没有启用 TCP/IP 连接,因此其它计算机的用户不能访问 postgresql。为了允许其它计算机的用户访问,编辑文件 **/etc/postgresql/9.4/main/postgresql.conf:** + + sudo vi /etc/postgresql/9.4/main/postgresql.conf + +找到下面一行: + + [...] + #listen_addresses = 'localhost' + [...] + #port = 5432 + [...] + +取消改行的注释,然后设置你 postgresql 服务器的 IP 地址,或者设置为 ‘*’ 监听所有用户。你应该谨慎设置所有远程用户都可以访问 PostgreSQL。 + + [...] + listen_addresses = '*' + [...] + port = 5432 + [...] + +重启 postgresql 服务保存更改: + + sudo systemctl restart postgresql + +或者, + + sudo service postgresql restart + +### 用 phpPgAdmin 管理 PostgreSQL ### + +[**phpPgAdmin**][2] 是基于 web 用 PHP 写的 PostgreSQL 管理工具。 + +默认仓库中有可用的 phpPgAdmin。用下面的命令安装 phpPgAdmin: + + sudo apt-get install phppgadmin + +默认情况下,你可以在本地系统的 web 浏览器用 **http://localhost/phppgadmin** 访问 phppgadmin。 + +要访问远程系统,在 Ubuntu 15.10 上做如下操作: + +编辑文件 **/etc/apache2/conf-available/phppgadmin.conf**, + + sudo vi /etc/apache2/conf-available/phppgadmin.conf + +找到 **Require local** 的一行在这行前面添加 **#** 注释掉它。 + + #Require local + +添加下面的一行: + + allow from all + +保存并退出文件。 + +然后重启 apache 服务。 + + sudo systemctl restart apache2 + +对于 Ubuntu 14.10 及之前版本: + +编辑 **/etc/apache2/conf.d/phppgadmin**: + + sudo nano /etc/apache2/conf.d/phppgadmin + +注释掉下面一行: + + [...] + #allow from 127.0.0.0/255.0.0.0 ::1/128 + +取消下面一行的注释使所有系统都可以访问 phppgadmin。 + + allow from all + +编辑 **/etc/apache2/apache2.conf**: + + sudo vi /etc/apache2/apache2.conf + +添加下面一行: + + Include /etc/apache2/conf.d/phppgadmin + +然后重启 apache 服务。 + + sudo service apache2 restart + +### 配置 phpPgAdmin ### + +编辑文件 **/etc/phppgadmin/config.inc.php**, 做以下更改。下面大部分选项都带有解释。认真阅读以便了解为什么要更改这些值。 + + sudo nano /etc/phppgadmin/config.inc.php + +找到下面一行: + + $conf['servers'][0]['host'] = ''; + +按照下面这样更改: + + $conf['servers'][0]['host'] = 'localhost'; + +找到这一行: + + $conf['extra_login_security'] = true; + +更改值为 **false**。 + + $conf['extra_login_security'] = false; + +找到这一行: + + $conf['owned_only'] = false; + +更改值为 **true**。 + + $conf['owned_only'] = true; + +保存并关闭文件。重启 postgresql 服务和 Apache 服务。 + + sudo systemctl restart postgresql + +---------- + + sudo systemctl restart apache2 + +或者, + + sudo service postgresql restart + + sudo service apache2 restart + +现在打开你的浏览器并导航到 **http://ip-address/phppgadmin**。你会看到以下截图。 + +![phpPgAdmin – Google Chrome_001](http://1426826955.rsc.cdn77.org/wp-content/uploads/2015/11/phpPgAdmin-Google-Chrome_001.jpg) + +用你之前创建的用户登录。我之前已经创建了一个名为 “**senthil**” 的用户,密码是 “**ubuntu**”,因此我以 “senthil” 用户登录。 + +![phpPgAdmin – Google Chrome_002](http://1426826955.rsc.cdn77.org/wp-content/uploads/2015/11/phpPgAdmin-Google-Chrome_002.jpg) + +然后你就可以访问 phppgadmin 面板了。 + +![phpPgAdmin – Google Chrome_003](http://1426826955.rsc.cdn77.org/wp-content/uploads/2015/11/phpPgAdmin-Google-Chrome_003.jpg) + +用 postgres 用户登录: + +![phpPgAdmin – Google Chrome_004](http://1426826955.rsc.cdn77.org/wp-content/uploads/2015/11/phpPgAdmin-Google-Chrome_004.jpg) + +就是这样。现在你可以用 phppgadmin 可视化创建、删除或者更改数据库了。 + +加油! + +-------------------------------------------------------------------------------- + +via: http://www.unixmen.com/install-postgresql-9-4-and-phppgadmin-on-ubuntu-15-10/ + +作者:[SK][a] +译者:[ictlyh](http://mutouxiaogui.cn/blog/) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.twitter.com/ostechnix +[1]:http://www.postgresql.org/ +[2]:http://phppgadmin.sourceforge.net/doku.php \ No newline at end of file diff --git a/translated/tech/20151117 Linux 101--Get the most out of Systemd.md b/translated/tech/20151117 Linux 101--Get the most out of Systemd.md new file mode 100644 index 0000000000..1a382479ec --- /dev/null +++ b/translated/tech/20151117 Linux 101--Get the most out of Systemd.md @@ -0,0 +1,171 @@ +Linux 101:最有效地使用 Systemd +================================================================================ +干嘛要这么做? + +- 理解现代 Linux 发行版中的显著变化; +- 看看 Systemd 是如何取代 SysVinit 的; +- 处理好*单元* (unit)和新的 journal 日志。 + +吐槽邮件,人身攻击,死亡威胁——Lennart Poettering,Systemd 的作者,对收到这些东西早就习以为常了。这位 Red Hat 公司的员工最近在 Google+ 上怒斥 FOSS 社区([http://tinyurl.com/poorlennart][1])的本质,悲痛且失望地表示:“那真是个令人恶心的地方”。他着重指出 Linus Torvalds 在邮件列表上言辞刻薄的帖子,并谴责这位内核的领导者为在线讨论定下基调,并使得人身攻击及贬抑之辞成为常态。 + +但为何 Poettering 会遭受如此多的憎恨?为何就这么个搞搞开源软件的人要忍受这等愤怒?答案就在于他的软件的重要性。如今大多数发行版中,Systemd 是 Linux 内核发起的第一个程序,并且它还扮演多种角色。它会启动系统服务,处理用户登陆,每隔特定的时间执行一些任务,还有很多很多。它在不断地成长,并逐渐成为 Linux 的某种“基础系统”——提供系统启动和发行版维护所需的所有工具。 + +如今,在以下几点上 Systemd 颇具争议:它逃避了一些确立好的 Unix 传统,例如纯文本的日志文件;它被看成是个“大一统”的项目,试图接管一切;它还是我们这个操作系统的支柱的重要革新。然而大多数主流发行版已经接受了(或即将接受)它,因此它就保留了下来。而且它确实是有好处的:更快地启动,更简单地管理那些有依赖的服务程序,提供强大且安全的日志系统等。 + +因此在这篇教程中,我们将探索 Systemd 的特性,并向您展示如何最有效地利用这些特性。即便您此刻并不是这款软件的粉丝,读完本文后您至少可以更加了解和适应它。 + +![Image](http://www.linuxvoice.com/wp-content/uploads/2015/10/eating-large.jpg) + +**这部没正经的动画片来自[http://tinyurl.com/m2e7mv8][2],它把 Systemd 塑造成一只狂暴的动物,吞噬它路过的一切。大多数批评者的言辞可不像这只公仔一样柔软。** + +### 启动及服务 ### + +大多数主流发行版要么已经采用 Systemd,要么即将在下个发布中采用(如 Debian 和 Ubuntu)。在本教程中,我们使用 Fedora 21——该发行版已经是 Systemd 的优秀实验场地——的一个预览版进行演示,但不论您用哪个发行版,要用到的命令和注意事项都应该是一样的。这是 Systemd 的一个加分点:它消除了不同发行版之间许多细微且琐碎的区别。 + +在终端中输入 **ps ax | grep systemd**,看到第一行,其中的数字 **1** 表示它的进程号是1,也就是说它是 Linux 内核发起的第一个程序。因此,内核一旦检测完硬件并组织好了内存,就会运行 **/usr/lib/systemd/systemd** 可执行程序,这个程序会按顺序依次发起其他程序。(在还没有 Systemd 的日子里,内核会去运行 **/sbin/init**,随后这个程序会在名为 SysVinit 的系统中运行其余的各种启动脚本。) + +Systemd 的核心是一个叫*单元* (unit)的概念,它是一些存有关于服务(在运行在后台的程序),设备,挂载点,和操作系统其他方面信息的配置文件。Systemd 的其中一个目标就是简化这些事物之间的相互作用,因此如果你有程序需要在某个挂载点被创建或某个设备被接入后开始运行,Systemd 可以让这一切正常运作起来变得相当容易。(在没有 Systemd 的日子里,要使用脚本来把这些事情调配好,那可是相当丑陋的。)要列出您 Linux 系统上的所有单元,输入以下命令: + + systemctl list-unit-files + +现在,**systemctl** 是与 Systemd 交互的主要工具,它有不少选项。在单元列表中,您会注意到这儿有一些格式:被使能的单元显示为绿色,被禁用的显示为红色。标记为“static”的单元不能直接启用,它们是其他单元所依赖的对象。若要限制输出列表只包含服务,使用以下命令: + + systemctl list-unit-files --type=service + +注意,一个单元显示为“enabled”,并不等于对应的服务正在运行,而只能说明它可以被开启。要获得某个特定服务的信息,以 GDM (the Gnome Display Manager) 为例,输入以下命令: + + systemctl status gdm.service + +这条命令提供了许多有用的信息:一段人类可读的服务描述,单元配置文件的位置,启动的时间,进程号,以及它所从属的 CGroups (用以限制各组进程的资源开销)。 + +如果您去查看位于 **/usr/lib/systemd/system/gdm.service** 的单元配置文件,您可以看到多种选项,包括要被运行的二进制文件(“ExecStart”那一行),相冲突的其他单元(即不能同时进入运行的单元),以及需要在本单元执行前进入运行的单元(“After”那一行)。一些单元有附加的依赖选项,例如“Requires”(必要的依赖)和“Wants”(可选的依赖)。 + +此处另一个有趣的选项是: + + Alias=display-manager.service + +当您启动 **gdm.service** 后,您将可以通过 **systemctl status display-manager.service** 来查看它的状态。当您知道有*显示管理程序* (display manager)在运行并想对它做点什么,但您不关心那究竟是 GDM,KDM,XDM 还是什么别的显示管理程序时,这个选项会非常有用。 + +![Image](http://www.linuxvoice.com/wp-content/uploads/2015/10/status-large.jpg) + +**使用 systemctl status 命令后面跟一个单元名,来查看对应的服务有什么情况。** + +### “目标”锁定 ### + +如果您在 **/usr/lib/systemd/system** 目录中输入 **ls** 命令,您将看到各种以 **.target** 结尾的文件。一个*启动目标* (target)是一种将多个单元聚合在一起以致于将它们同时启动的方式。例如,对大多数类 Unix 操作系统而言有一种“多用户”状态,意思是系统已被成功启动,后台服务正在运行,并且已准备好让一个或多个用户登陆并工作——至少在文本模式下。(其他状态包括用于进行管理工作的单用户状态,以及用于机器关机的重启状态。) + +如果您打开 **multi-user.target** 文件一探究竟,您可能期待看到的是一个要被启动的单元列表。但您会发现这个文件内部几乎空空如也——其实,一个服务会通过 **WantedBy** 选项让自己成为启动目标的依赖。因此如果您去打开 **avahi-daemon.service**, **NetworkManager.service** 及其他 **.service** 文件看看,您将在 Install 段看到这一行: + + WantedBy=multi-user.target + +因此,切换到多用户启动目标会使能那些包含上述语句的单元。还有其他一些启动目标可用(例如 **emergency.target** 用于一个紧急情况使用的 shell,以及 **halt.target** 用于机器关机),您可以用以下方式轻松地在它们之间切换: + + systemctl isolate emergency.target + +在许多方面,这些都很像 SysVinit 中的*运行级* (runlevel),如文本模式的 **multi-user.target** 类似于第3运行级,**graphical.target** 类似于第5运行级,**reboot.target** 类似于第6运行级,诸如此类。 + +![Image](http://www.linuxvoice.com/wp-content/uploads/2015/10/unit-large.jpg) + +**与传统的脚本相比,单元配置文件也许看起来很陌生,但并不难以理解。** + +### 开启与停止 ### + +现在您也许陷入了沉思:我们已经看了这么多,但仍没看到如何停止和开启服务!这其实是有原因的。从外部看,Systemd 也许很复杂,像野兽一般难以驾驭。因此在您开始摆弄它之间,有必要从宏观的角度看看它是如何工作的。实际用来管理服务的命令非常简单: + + systemctl stop cups.service + systemctl start cups.service + +(若某个单元被禁用了,您可以先通过 **systemctl enable** 加该单元名的方式将其使能。这种做法会为该单元创建一个符号链接,并将其放置在当前启动目标的 .wants 目录下,这些 .wants 目录在**/etc/systemd/system** 文件夹中。) + +还有两个有用的命令是 **systemctl restart** 和 **systemctl reload**,后面接单元名。后者要求单元重新加载它的配置文件。Systemd 的绝大部分都有良好的文档,因此您可以查看手册 (**man systemctl**) 了解每条命令的细节。 + +> ### 定时器单元:取代 Cron ### +> +> 除了系统初始化和服务管理,Systemd 还染指其他方面。在很大程度上,它能够完成 **cron** 的工作,而且可以说是以更灵活的方式(并带有更易读的语法)。**cron** 是一个以规定时间间隔执行任务的程序——例如清楚临时文件,刷新缓存等。 +> +> 如果您再次进入 **/usr/lib/systemd/system** 目录,您会看到那儿有多个 **.timer** 文件。用 **less** 来查看这些文件,您会发现它们与 **.service** 和 **.target** 文件有着相似的结构,而区别在于 **[Timer]** 段。举个例子: +> +> [Timer] +> OnBootSec=1h +> OnUnitActiveSec=1w +> +> **OnBootSec** 选项告诉 Systemd 在系统启动一小时后启动这个单元。第二个选项的意思是:自那以后每周启动这个单元一次。关于定时器有大量选项您可以设置——输入 **man systemd.time** 查看完整列表。 +> +> Systemd 的时间精度默认为一分钟。也就是说,它会在设定时刻的一分钟内运行单元,但不一定精确到那一秒。这么做是基于电源管理方面的原因,但如果您需要一个没有任何延时且精确到毫秒的定时器,您可以添加以下一行: +> +> AccuracySec=1us +> +> 另外, **WakeSystem** 选项(可以被设置为 true 或 false)决定了定时器是否可以唤醒处于休眠状态的机器。 + +![Image](http://www.linuxvoice.com/wp-content/uploads/2015/10/systemd_gui-large.jpg) + +**存在一个 Systemd 的图形界面程序,即便它已有多年未被积极维护。** + +### 日志文件:向 journald 问声好 ### + +Systemd 的第二个主要部分是 journal 。这是个日志系统,类似于 syslog 但也有些显著区别。如果您是个 Unix 日志管理模式的 粉丝,准备好热血沸腾吧:这是个二进制日志,因此您不能使用常规的命令行文本处理工具来解析它。这个设计决定不出意料地在网上引起了激烈的争论,但它的确有些优点。例如,日志可以被更系统地组织,带有更多元数据,因此可以更容易地根据可执行文件名和进程号等过滤出信息。 + +要查看整个 journal,输入以下命令: + + journalctl + +像许多其他的 Systemd 命令一样,该命令将输出通过管道的方式引向 **less** 程序,因此您可以使用空格键向下滚动,“/”(斜杠)键查找,以及其他熟悉的快捷键。您也能在此看到少许颜色,像红色的警告及错误信息。 + +以上命令会输出很多信息。为了限制其只输出当前启动的消息,使用如下命令: + + journalctl -b + +这就是 Systemd 大放异彩的地方!您想查看自上次启动以来的全部消息吗?试试 **journalctl -b -1** 吧。再上一次的?用 **-2** 替换 **-1** 吧。那自某个具体时间,例如2014年10月24日16:38以来的呢? + + journalctl -b --since=”2014-10-24 16:38” + +即便您对二进制日志感到遗憾,那依然是个有用的特性,并且对许多系统管理员来说,构建类似的过滤器比起写正则表达式而言容易多了。 + +我们已经可以根据特定的时间来准确查找日志了,那可以根据特定程序吗?对单元而言,试试这个: + + journalctl -u gdm.service + +(注意:这是个查看 X server 产生的日志的好办法。)那根据特定的进程号? + + journalctl _PID=890 + +您甚至可以请求只看某个可执行文件产生的消息: + + journalctl /usr/bin/pulseaudio + +若您想将输出的消息限制在某个优先级,可以使用 **-p** 选项。该选项参数为 0 的话只会显示紧急消息(也就是说,是时候向 **\$DEITY** 祈求保佑了),为 7 的话会显示所有消息,包括调试消息。请查看手册 (**man journalctl**) 获取更多关于优先级的信息。 + +值得指出的是,您也可以将多个选项结合在一起,若想查看在当前启动中由 GDM 服务输出的优先级数小于等于 3 的消息,请使用下述命令: + + journalctl -u gdm.service -p 3 -b + +最后,如果您仅仅想打开一个随 journal 持续更新的终端窗口,就像在没有 Systemd 时使用 tail 命令实现的那样,输入 **journalctl -f** 就好了。 + +![Image](http://www.linuxvoice.com/wp-content/uploads/2015/10/journal-large.jpg) + +**二进制日志并不流行,但 journal 的确有它的优点,如非常方便的信息查找及过滤。** + +> ### 没有 Systemd 的生活?### +> +> 如果您就是完全不能接收 Systemd,您仍然有一些主流发现版中的选择。尤其是 Slackware,作为历史最为悠久的发行版,目前还没有做出改变,但它的主要开发者并没有将其从未来规划中移除。一些不出名的发行版也在坚持使用 SysVinit 。 +> +> 但这又将持续多久呢?Gnome 正越来越依赖于 Systemd,其他的主流桌面环境也会步其后尘。这也是引起 BSD 社区一阵恐慌的原因:Systemd 与 Linux 内核紧密相连,导致在某种程度上,桌面环境正变得越来越不可移植。一种折中的解决方案也许会以 Uselessd ([http://uselessd.darknedgy.net][3]) 的形式到来:一种裁剪版的 Systemd,纯粹专注于启动和监控进程,而不消耗整个基础系统。 +> +> ![Image](http://www.linuxvoice.com/wp-content/uploads/2015/10/gentoo-large.jpg) +> +> 若您不喜欢 Systemd,可以尝试一下 Gentoo 发行版,它将 Systemd 作为初始化工具的一种选择,但并不强制用户使用 Systemd。 + +-------------------------------------------------------------------------------- + +via: http://www.linuxvoice.com/linux-101-get-the-most-out-of-systemd/ + +作者:[Mike Saunders][a] +译者:[Ricky-Gong](https://github.com/Ricky-Gong) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.linuxvoice.com/author/mike/ +[1]:http://tinyurl.com/poorlennart +[2]:http://tinyurl.com/m2e7mv8 +[3]:http://uselessd.darknedgy.net/ diff --git a/translated/tech/20151123 How to access Dropbox from the command line in Linux.md b/translated/tech/20151123 How to access Dropbox from the command line in Linux.md new file mode 100644 index 0000000000..6c5f73e596 --- /dev/null +++ b/translated/tech/20151123 How to access Dropbox from the command line in Linux.md @@ -0,0 +1,97 @@ +Linux 中如何从命令行访问 Dropbox +================================================================================ +在当今这个多设备的环境下,云存储无处不在。无论身处何方,人们都想通过多种设备来从云存储中获取所需的内容。由于优雅的 UI 和完美的跨平台兼容性,Dropbox 已成为最为广泛使用的云存储服务。 Dropbox 的流行已引发了一系列官方或非官方 Dropbox 客户端的出现,它们支持不同的操作系统平台。 + +当然 Linux 平台下也有着自己的 Dropbox 客户端: 既有命令行的,也有图形界面。[Dropbox Uploader][1] 是一个简单易用的 Dropbox 命令行客户端,它是用 BASH 脚本语言所编写的。在这篇教程中,我将描述 **在 Linux 中如何使用 Dropbox Uploader 通过命令行来访问 Dropbox**。 + +### Linux 中安装和配置 Dropbox Uploader ### + +要使用 Dropbox Uploader,你需要下载该脚本并使其可被执行。 + + $ wget https://raw.github.com/andreafabrizi/Dropbox-Uploader/master/dropbox_uploader.sh + $ chmod +x dropbox_uploader.sh + +请确保你已经在系统中安装了 `curl`,因为 Dropbox Uploader 通过 curl 来运行 Dropbox 的 API。 + +要配置 Dropbox Uploader,只需运行 dropbox_uploader.sh 即可。当你第一次运行这个脚本时,它将询问你,以使得它可以访问你的 Dropbox 账户。 + + $ ./dropbox_uploader.sh + +![](https://c2.staticflickr.com/6/5739/22860931599_10c08ff15f_c.jpg) + +如上图所指示的那样,你需要通过浏览器访问 [https://www.dropbox.com/developers/apps][2] 页面,并创建一个新的 Dropbox app。接着像下图那样填入新 app 的相关信息,并输入 app 的名称,它与 Dropbox Uploader 所生成的 app 名称类似。 + +![](https://c2.staticflickr.com/6/5745/22932921350_4123d2dbee_c.jpg) + +在你创建好一个新的 app 之后,你将在下一个页面看到 app key 和 app secret。请记住它们。 + +![](https://c1.staticflickr.com/1/736/22932962610_7db51aa718_c.jpg) + +然后在正运行着 dropbox_uploader.sh 的终端窗口中输入 app key 和 app secret。然后 dropbox_uploader.sh 将产生一个 oAUTH 网址(例如,https://www.dropbox.com/1/oauth/authorize?oauth_token=XXXXXXXXXXXX)。 + +![](https://c1.staticflickr.com/1/563/22601635533_423738baed_c.jpg) + +接着通过浏览器访问那个 oAUTH 网址,并同意访问你的 Dropbox 账户。 + +![](https://c1.staticflickr.com/1/675/23202598606_6110c1a31b_c.jpg) + +这便完成了 Dropbox Uploader 的配置。若要确认 Dropbox Uploader 是否真的被成功地认证了,可以运行下面的命令。 + + $ ./dropbox_uploader.sh info + +---------- + + Dropbox Uploader v0.12 + + > Getting info... + + Name: Dan Nanni + UID: XXXXXXXXXX + Email: my@email_address + Quota: 2048 Mb + Used: 13 Mb + Free: 2034 Mb + +### Dropbox Uploader 示例 ### + +要显示根目录中的所有内容,运行: + + $ ./dropbox_uploader.sh list + +要列出某个特定文件夹中的所有内容,运行: + + $ ./dropbox_uploader.sh list Documents/manuals + +要上传一个本地文件到一个远程的 Dropbox 文件夹,使用: + + $ ./dropbox_uploader.sh upload snort.pdf Documents/manuals + +要从 Dropbox 下载一个远程的文件到本地,使用: + + $ ./dropbox_uploader.sh download Documents/manuals/mysql.pdf ./mysql.pdf + +要从 Dropbox 下载一个完整的远程文件夹到一个本地的文件夹,运行: + + $ ./dropbox_uploader.sh download Documents/manuals ./manuals + +要在 Dropbox 上创建一个新的远程文件夹,使用: + + $ ./dropbox_uploader.sh mkdir Documents/whitepapers + +要完全删除 Dropbox 中某个远程的文件夹(包括它所含的所有内容),运行: + + $ ./dropbox_uploader.sh delete Documents/manuals + +-------------------------------------------------------------------------------- + +via: http://xmodulo.com/access-dropbox-command-line-linux.html + +作者:[Dan Nanni][a] +译者:[FSSlc](https://github.com/FSSlc) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://xmodulo.com/author/nanni +[1]:http://www.andreafabrizi.it/?dropbox_uploader +[2]:https://www.dropbox.com/developers/apps diff --git a/translated/tech/20151201 How to Install The Latest Arduino IDE 1.6.6 in Ubuntu.md b/translated/tech/20151201 How to Install The Latest Arduino IDE 1.6.6 in Ubuntu.md new file mode 100644 index 0000000000..668b9c3a80 --- /dev/null +++ b/translated/tech/20151201 How to Install The Latest Arduino IDE 1.6.6 in Ubuntu.md @@ -0,0 +1,78 @@ +如何再Ubuntu中安装最新的Arduino IDE 1.6.6 +================================================================================ +![Install latest Arduino in Ubuntu](http://ubuntuhandbook.org/wp-content/uploads/2015/11/arduino-icon.png) + +> 本篇教程会教你如何在现在的Ubuntu发布版中安装最新的 Arduino IDE,目前的版本为1.6.6。 + +开源的Arduino IDE发布了1.6.6,并带来了很多的改变。新的发布已经切换到Java 8,它与IDE绑定并且再编译时需要它。具体见[RELEASE NOTE][1]。 + +![Arduino 1.6.6 in Ubuntu 15.10](http://ubuntuhandbook.org/wp-content/uploads/2015/11/arduino-ubuntu.jpg) + +对于那些不想使用软件中心的1.0.5旧版本的人而言,你可以使用下面的步骤再所有的Ubuntu发行版中安装Ardunino。 + +注:下面这个说明下面的代码颜色,这个发布的时候要对照一下原文,写点说明,因为颜色在md里标识不出来 +> **用红字替换将来的版本** + +**1.** Download the latest packages, **Linux 32-bit or Linux 64-bit**, from the official link below: +**1.** 从下面的官方链接下载最新的包 **Linux 32-bit 或者 Linux 64-bit**。 + +- [www.arduino.cc/en/Main/Software][2] + +不知道你系统的类型?进入系统设置->详细->概览。 + +**2.** 从Unity Dash、App Launcher或者Ctrl+Alt+T打开终端。打开后,一个个运行下面的命令: + +进入下载文件夹: + + cd ~/Downloads + +![navigate-downloads](http://ubuntuhandbook.org/wp-content/uploads/2015/11/navigate-downloads.jpg) + +使用tar命令解压 + +注:arduino-1.6.6-*.tar.xz 为红色部分 + tar -xvf arduino-1.6.6-*.tar.xz + +![extract-archive](http://ubuntuhandbook.org/wp-content/uploads/2015/11/extract-archive.jpg) + +将解压后的文件移动到**/opt/**下: + +注:arduino-1.6.6 为红色部分 + sudo mv arduino-1.6.6 /opt + +![move-opt](http://ubuntuhandbook.org/wp-content/uploads/2015/11/move-opt.jpg) + +**3.** 现在IDE已经与最新的Java绑定使用了。但是最好位程序设置一个桌面图标/启动方式: + +进入安装目录 + +注:arduino-1.6.6 为红色部分 + cd /opt/arduino-1.6.6/ + +在这个目录给install.sh可执行权限 + + chmod +x install.sh + +最后运行脚本同事安装桌面快捷方式和启动图标: + + ./install.sh + +下图中我用“&&”同事运行这三个命令: + +![install-desktop-icon](http://ubuntuhandbook.org/wp-content/uploads/2015/11/install-desktop-icon.jpg) + +最后从Unity Dash、程序启动器或者桌面快捷方式运行Arduino IDE。 + +-------------------------------------------------------------------------------- + +via: http://ubuntuhandbook.org/index.php/2015/11/install-arduino-ide-1-6-6-ubuntu/ + +作者:[Ji m][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://ubuntuhandbook.org/index.php/about/ +[1]:https://www.arduino.cc/en/Main/ReleaseNotes +[2]:https://www.arduino.cc/en/Main/Software diff --git a/translated/tech/20151201 How to use Mutt email client with encrypted passwords.md b/translated/tech/20151201 How to use Mutt email client with encrypted passwords.md new file mode 100644 index 0000000000..1e8a032a04 --- /dev/null +++ b/translated/tech/20151201 How to use Mutt email client with encrypted passwords.md @@ -0,0 +1,138 @@ +如何使用加密过密码的Mutt邮件客户端 +================================================================================ +Mutt是一个开源的Linux/UNIX终端环境下的邮件客户端。连同[Alpine][1],Mutt有充分的理由在Linux命令行热衷者中有最忠诚的追随者。想一下你对邮件客户端的期待的事情,Mutt拥有:多协议支持(e.g., POP3, IMAP and SMTP),S/MIME和PGP/GPG集成,线程会话,颜色编码,可定制宏/快捷键,等等。另外,基于命令行的Mutt相比笨重的web浏览器(如:Gmail,Ymail)或可视化邮件客户端(如:Thunderbird,MS Outlook)是一个轻量访问电子邮件的选择。 + +当你想使用Mutt通过公司的SMTP/IMAP服务器访问或发送邮件,或取代网页邮件服务,可能所关心的一个问题是如何保护您的邮件凭据(如:SMTP/IMAP密码)存储在一个纯文本Mutt配置文件(~/.muttrc)。 + +对于一些人安全的担忧,确实有一个容易的方法来**加密Mutt配置文件***,防止这种风险。在这个教程中,我描述了如何加密Mutt敏感配置,比如SMTP/IMAP密码使用GnuPG(GPG),一个开源的OpenPGP实现。 + +### 第一步 (可选):创建GPG密钥 ### + +因为我们将要使用GPG加密Mutt配置文件,如果你没有,第一步就是创建一个GPG密钥(公有/私有 密钥对)。如果有,忽略这步。 + +创建一个新GPG密钥,输入下面的。 + + $ gpg --gen-key + +选择密钥类型(RSA),密钥长度(2048 bits),和过期时间(0,不过期)。当出现用户ID提示时,输入你的名字(Dan Nanni) 和邮箱地址(myemail@email.com)关联到私有/公有密钥对。最后,输入一个密码来保护你的私钥。 + +![](https://c2.staticflickr.com/6/5726/22808727824_7735f11157_c.jpg) + +生成一个GPG密钥需要大量的随机字节熵,所以在生成密钥期间确保在你的系统上执行一些随机行为(如:打键盘,移动鼠标或者读写磁盘)。根据密钥长度决定生成GPG密钥要花几分钟或更多时间。 + +![](https://c1.staticflickr.com/1/644/23328597612_6ac5a29944_c.jpg) + +### 第二部:加密Mutt敏感配置 ### + +下一步,在~/.mutt目录创建一个新的文本文件,然后把一些你想隐藏的Mutt敏感配置放进去。这个例子里,我指定了SMTP/IMAP密码。 + + $ mkdir ~/.mutt + $ vi ~/.mutt/password + +---------- + + set smtp_pass="XXXXXXX" + set imap_pass="XXXXXXX" + +现在gpg用你的公钥加密这个文件如下。 + + $ gpg -r myemail@email.com -e ~/.mutt/password + +这将创建~/.mutt/password.gpg,这个是一个GPG加密原始版本文件。 + +继续删除~/.mutt/password,只保留GPG加密版本。 + +### 第三部:创建完整Mutt配置文件 ### + +由于你已经在一个单独的文件加密了Mutt敏感配置,你可以在~/.muttrc指定其余的Mutt配置。然后增加下面这行在~/.muttrc末尾。 + + source "gpg -d ~/.mutt/password.gpg |" + +当你使用Mutt,这行将解密~/.mutt/password.gpg,然后将解密内容应用到你的Mutt配置。 + +下面展示一个完整Mutt配置例子,这允许你用Mutt访问Gmail,没有暴露你的SMTP/IMAP密码。取代你用Gmail ID登陆你的账户。 + + set from = "yourgmailaccount@gmail.com" + set realname = "Your Name" + set smtp_url = "smtp://yourgmailaccount@smtp.gmail.com:587/" + set imap_user = "yourgmailaccount@gmail.com" + set folder = "imaps://imap.gmail.com:993" + set spoolfile = "+INBOX" + set postponed = "+[Google Mail]/Drafts" + set trash = "+[Google Mail]/Trash" + set header_cache =~/.mutt/cache/headers + set message_cachedir =~/.mutt/cache/bodies + set certificate_file =~/.mutt/certificates + set move = no + set imap_keepalive = 900 + + # encrypted IMAP/SMTP passwords + source "gpg -d ~/.mutt/password.gpg |" + +### 第四部(可选):配置GPG代理 ### + +这时候,你将可以使用加密了IMAP/SMTP密码的Mutt。无论如何,每次你运行Mutt,你都要先被提示输入一个GPG密码来使用你的私钥解密IMAP/SMTP密码。 + +![](https://c2.staticflickr.com/6/5667/23437064775_20c874940f_c.jpg) + +如果你想避免这样的GPG密码提示,你可以部署gpg代理。运行一个后台程序,gpg代理安全的缓存你的GPG密码,无需手工干预gpg自动从gpg代理获得你的GPG密码。如果你正在使用Linux桌面,你可以使用桌面特定方式来配置一些东西等价于gpg代理,例如,GNOME桌面的gnome-keyring-daemon。 + +你可以在基于Debian系统安装gpg代理: + +$ sudo apt-get install gpg-agent + +gpg代理是基于Red Hat系统预装的。 + +现在增加下面这些道你的.bashrc文件。 + + envfile="$HOME/.gnupg/gpg-agent.env" + if [[ -e "$envfile" ]] && kill -0 $(grep GPG_AGENT_INFO "$envfile" | cut -d: -f 2) 2>/dev/null; then + eval "$(cat "$envfile")" + else + eval "$(gpg-agent --daemon --allow-preset-passphrase --write-env-file "$envfile")" + fi + export GPG_AGENT_INFO + +重载.bashrc,或单纯的登出然后登陆回来。 + + $ source ~/.bashrc + +现在确认GPG_AGENT_INFO环境变量已经设置妥当。 + + $ echo $GPG_AGENT_INFO + +---------- + + /tmp/gpg-0SKJw8/S.gpg-agent:942:1 + +并且,当你输入gpg-agent命令时,你应该看到下面的信息。 + + $ gpg-agent + +---------- + + gpg-agent: gpg-agent running and available + +一旦gpg-agent启动运行,它将会在第一次提示你输入密码时缓存你的GPG密码。随后你运行Mutt多次,你将不会被提示要GPG密码(gpg-agent一直开着,缓存就不会过期)。 + +![](https://c1.staticflickr.com/1/664/22809928093_3be57698ce_c.jpg) + +### 结论 ### + +在这个指导里,我提出一个方法加密Mutt敏感配置如SMTP/IMAP密码使用GnuPG。注意,如果你想在Mutt上使用GnuPG或者登陆你的邮件信息,你可以参考[官方指南][2]在使用GPG与Mutt结合。 + +如果你知道任何使用Mutt的安全技巧,随时分享他。 + +-------------------------------------------------------------------------------- + +via: http://xmodulo.com/mutt-email-client-encrypted-passwords.html + +作者:[Dan Nanni][a] +译者:[wyangsun](https://github.com/wyangsun) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://xmodulo.com/author/nanni +[1]:http://xmodulo.com/gmail-command-line-linux-alpine.html +[2]:http://dev.mutt.org/trac/wiki/MuttGuide/UseGPG diff --git a/translated/tech/Learn with Linux--Master Your Math with These Linux Apps.md b/translated/tech/Learn with Linux--Master Your Math with These Linux Apps.md deleted file mode 100644 index f4625c6c13..0000000000 --- a/translated/tech/Learn with Linux--Master Your Math with These Linux Apps.md +++ /dev/null @@ -1,126 +0,0 @@ -Translated by KnightJoker - -用Linux学习:使用这些Linux应用来征服你的数学 -================================================================================ -![](https://www.maketecheasier.com/assets/uploads/2015/07/learnmath-featured.png) - -这篇文章是[用Linux学习][1]系列的一部分: - -- [用Linux学习: 学习类型][2] -- [用Linux学习: 物理模拟][3] -- [用Linux学习: 学习音乐][4] -- [用Linux学习: 两个地理应用程序][5] -- [用Linux学习: 用这些Linux应用来征服你的数学][6] - - -Linux提供了大量的教育软件和许多优秀的工具来帮助所有年龄段的学生学习和练习各种各样的话题,常常以交互的方式。与Linux一起学习这一系列的文章则为这些各种各样的教育软件和应用提供了一个介绍。 - -数学是计算机的核心。如果有人用精益求精和纪律来预期一个伟大的操作系统,比如GNU/ Linux,那么这将是数学。如果你在寻求一些数学应用程序,那么你将不会感到失望。Linux提供了很多优秀的工具使得数学看起来和你曾经做过的一样令人畏惧,但实际上他们会简化你使用它的方式。 -### Gnuplot ### - -Gnuplot 是一个适用于不同平台的命令行脚本化和多功能的图形工具。尽管它的名字,并不是GNU操作系统的一部分。也没有免费授权,但它是免费软件(这意味着它受版权保护,但免费使用)。 - -要在Ubuntu系统(或者衍生系统)上安装 `gnuplot`,输入: - sudo apt-get install gnuplot gnuplot-x11 - -进入一个终端窗口。启动该程序,输入: - - gnuplot - -你会看到一个简单的命令行界面: - -![learnmath-gnuplot](https://www.maketecheasier.com/assets/uploads/2015/07/learnmath-gnuplot.png) - -在其中您可以直接开始输入函数。绘图命令将绘制一个曲线图。 - -输入内容,例如, - - plot sin(x)/x - -随着`gnuplot的`提示,将会打开一个新的窗口,图像便会在里面呈现。 - -![learnmath-gnuplot-plot1](https://www.maketecheasier.com/assets/uploads/2015/07/learnmath-gnuplot-plot1.png) - -你也可以在线这个图设置不同的属性,比如像这样指定“title” - - plot sin(x) title 'Sine Function', tan(x) title 'Tangent' - -![learnmath-gnuplot-plot2](https://www.maketecheasier.com/assets/uploads/2015/07/learnmath-gnuplot-plot2.png) - -使用`splot`命令,你可以给的东西更深入一点并且绘制3D图形 - - splot sin(x*y/20) - -![learnmath-gnuplot-plot3](https://www.maketecheasier.com/assets/uploads/2015/07/learnmath-gnuplot-plot3.png) - -这个窗口有几个基本的配置选项, - -![learnmath-gnuplot-options](https://www.maketecheasier.com/assets/uploads/2015/07/learnmath-gnuplot-options.png) - -但是`gnuplot`的真正力量在于在它的命令行和脚本功能,`gnuplot`广泛完整的文档可在这里找到,并在[Duke大学网站][8]上面看见这个了不起的教程[7]的原始版本。 - -### Maxima ### - -[Maxima][9]是从Macsyma原始资料开发的一个计算机代数系统,根据它的 SourceForge 页面, - -> “Maxima是符号和数值的表达,包括微分,积分,泰勒级数,拉普拉斯变换,常微分方程,线性方程组,多项式,集合,列表,向量,矩阵和张量系统的操纵系统。Maxima通过精确的分数,任意精度的整数和可变精度浮点数产生高精度的计算结果。Maxima可以二维和三维中绘制函数和数据。“ - -你将会获得二进制包用于大多数Ubuntu衍生系统的Maxima以及它的图形界面中,插入所有包,输入: - - sudo apt-get install maxima xmaxima wxmaxima - -在终端窗口中,Maxima是一个没有太多UI的命令行工具,但如果你开始wxmaxima,你会进入一个简单但功能强大的图形用户界面。 - -![learnmath-maxima](https://www.maketecheasier.com/assets/uploads/2015/07/learnmath-maxima.png) - -你可以开始输入这个来简单的一个开始。(提示:如果你想计算一个表达式,使用“Shift + Enter”回车后会增加更多的方法) - -Maxima可以用于一些简单的问题,因此也可以作为一个计算器, - -![learnmath-maxima-1and1](https://www.maketecheasier.com/assets/uploads/2015/07/learnmath-maxima-1and1.png) - -以及一些更复杂的问题, - -![learnmath-maxima-functions](https://www.maketecheasier.com/assets/uploads/2015/07/learnmath-maxima-functions.png) - -它使用`gnuplot`使得绘制简单, - -![learnmath-maxima-plot](https://www.maketecheasier.com/assets/uploads/2015/07/learnmath-maxima-plot.png) - -或者绘制一些复杂的图形. - -![learnmath-maxima-plot2](https://www.maketecheasier.com/assets/uploads/2015/07/learnmath-maxima-plot2.png) - -(它需要gnuplot-X11的包,来显示它们。) - -除了美化一些图形,Maxima也尽可能用latex格式导出它们,或者通过右键是捷菜单进行一些突出的操作. - -![learnmath-maxima-menu](https://www.maketecheasier.com/assets/uploads/2015/07/learnmath-maxima-menu.png) - -然而其主菜单还是提供了大量压倒性的功能,当然Maxima的功能远不止如此,这里也有一个广泛使用的在线文档。 - -### 总结 ### - -数学不是一个简单的学科,这些在Linux上的优秀软件也没有使得数学更加简单,但是这些应用使得使用数学变得更加的简单和工程化。以上两种应用都只是介绍一下Linux的所提供的。如果你是认真从事数学和需要更多的功能与丰富的文档,那你更应该看看这些Mathbuntu项目。 --------------------------------------------------------------------------------- - -via: https://www.maketecheasier.com/learn-linux-maths/ - -作者:[Attila Orosz][a] -译者:[KnightJoker](https://github.com/KnightJoker/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 - -[a]:https://www.maketecheasier.com/author/attilaorosz/ -[1]:https://www.maketecheasier.com/series/learn-with-linux/ -[2]:https://www.maketecheasier.com/learn-to-type-in-linux/ -[3]:https://www.maketecheasier.com/linux-physics-simulation/ -[4]:https://www.maketecheasier.com/linux-learning-music/ -[5]:https://www.maketecheasier.com/linux-geography-apps/ -[6]:https://www.maketecheasier.com/learn-linux-maths/ -[7]:http://www.gnuplot.info/documentation.html -[8]:http://people.duke.edu/~hpgavin/gnuplot.html -[9]:http://maxima.sourceforge.net/ -[10]:http://maxima.sourceforge.net/documentation.html -[11]:http://www.mathbuntu.org/ \ No newline at end of file diff --git a/translated/tech/Linux or UNIX grep Command Tutorial series/20151127 Linux or UNIX grep Command Tutorial series 1--HowTo--Use grep Command In Linux or UNIX--Examples.md b/translated/tech/Linux or UNIX grep Command Tutorial series/20151127 Linux or UNIX grep Command Tutorial series 1--HowTo--Use grep Command In Linux or UNIX--Examples.md new file mode 100644 index 0000000000..b539b9a4a8 --- /dev/null +++ b/translated/tech/Linux or UNIX grep Command Tutorial series/20151127 Linux or UNIX grep Command Tutorial series 1--HowTo--Use grep Command In Linux or UNIX--Examples.md @@ -0,0 +1,143 @@ +grepƥַ򵥴ʸʽļļͨ˵grep ʾƥ䵽Уʹgrepһʽƥ䵽УֻʾʵУgrepΪLinuxUnixϵͳõ +### ֪ ### +grep֣ԴڱʾһƵΪgrepUnixLinuxı༭ǣ + + g/re/p + +### grep﷨ ### + +﷨ʾ: + + grep 'word' filename + grep 'word' file1 file2 file3 + grep 'string1 string2' filename + cat otherfile | grep 'something' + command | grep 'something' + command option1 | grep 'data' + grep --color 'data' fileName + +###ôʹgrepһļ### + + /etc/passwd ļµbooû,: + + $ grep boo /etc/passwd + +: + + foo:x:1000:1000:foo,,,:/home/foo:/bin/ksh + +ʹgrepȥǿƺԴСд i.e ʹ-iƥ boo, Boo, BOO ѡ: + + $ grep -i "boo" /etc/passwd + +### ݹʹgrep ### + +ʹgrepݹ i.e. ļĿ¼аַ192.168.1.5ļ + + $ grep -r "192.168.1.5" /etc/ + +ǣ + + $ grep -R "192.168.1.5" /etc/ + +ʾ: + + /etc/ppp/options:# ms-wins 192.168.1.50 + /etc/ppp/options:# ms-wins 192.168.1.51 + /etc/NetworkManager/system-connections/Wired connection 1:addresses1=192.168.1.5;24;192.168.1.2; + +ῴҵ 192.168.1.5 ĽļΪʾڵ棬֮аļԼ-hѡֹ + $ grep -h -R "192.168.1.5" /etc/ + + + + $ grep -hR "192.168.1.5" /etc/ + +ʾ: + + # ms-wins 192.168.1.50 + # ms-wins 192.168.1.51 + addresses1=192.168.1.5;24;192.168.1.2; + +### ʹgrepȥı ### + +boogrepƥfoobooboo123, barfoo35 booַʹ-wѡȥǿѡЩǸʵС + + $ grep -w "boo" file + +### ʹegrepȥȽϲͬ ### + +ʹegrep: + + $ egrep -w 'word1|word2' /path/to/file + +### ıƥʱͳ ### + +grepͨ-cʾÿļƥ䵽Ĵ + + $ grep -c 'word' /path/to/file + +-nѡȥʾǰƥ䵽ļ + + $ grep -n 'root' /etc/passwd + +ʾ: + + 1:root:x:0:0:root:/root:/bin/bash + 1042:rootdoor:x:0:0:rootdoor:/home/rootdoor:/bin/csh + 3319:initrootapp:x:0:0:initrootapp:/home/initroot:/bin/ksh + +### תƥ ### + +ʹ-vѡȥӡƥݣݽЩʵУɾbarʵУ + + $ grep -v bar /path/to/file + +### UNIX / Linux ܵ grep ### + +grep ܵһʹãУʾӲ֣ + + # dmesg | egrep '(s|h)d[a-z]' + +ʾCPUģ + + # cat /proc/cpuinfo | grep -i 'Model' + +Ȼ԰·ʹõͬʱʹùܵ: + + # grep -i 'Model' /proc/cpuinfo + +ʾ: + + model : 30 + model name : Intel(R) Core(TM) i7 CPU Q 820 @ 1.73GHz + model : 30 + model name : Intel(R) Core(TM) i7 CPU Q 820 @ 1.73GHz + +### νʾƥ䵽ݵļ? ### + +ʹ-lѡȥʾЩļаmainļ: + + $ grep -l 'main' *.c + +ʹgrepɫʵʾ: + + $ grep --color vivek /etc/passwd + +ʾ: + +![Grep command in action](http://files.cyberciti.biz/uploads/faq/2007/08/grep_command_examples.png) + + +-------------------------------------------------------------------------------- + +via: http://www.cyberciti.biz/faq/howto-use-grep-command-in-linux-unix/ + +ߣVivek Gite +ߣ[zky001](https://github.com/zky001) +Уԣ[УID](https://github.com/УID) + + [LCTT](https://github.com/LCTT/TranslateProject) ԭ룬[Linuxй](https://linux.cn/) Ƴ + +УID +[1]:http://bash.cyberciti.biz/guide/Pipes \ No newline at end of file diff --git a/translated/tech/RHCE/Part 10 - Setting Up 'NTP (Network Time Protocol) Server' in RHEL or CentOS 7.md b/translated/tech/RHCE/Part 10 - Setting Up 'NTP (Network Time Protocol) Server' in RHEL or CentOS 7.md new file mode 100644 index 0000000000..54c4330ae2 --- /dev/null +++ b/translated/tech/RHCE/Part 10 - Setting Up 'NTP (Network Time Protocol) Server' in RHEL or CentOS 7.md @@ -0,0 +1,130 @@ +第 10 部分:在 RHEL/CentOS 7 中设置 “NTP(网络时间协议) 服务器” +================================================================================ +网络时间协议 - NTP - 是运行在传输层 123 号端口允许计算机通过网络同步准确时间的协议。随着时间的流逝,计算机内部时间会出现漂移,这会导致时间不一致问题,尤其是对于服务器和客户端日志文件,或者你想要备份服务器资源或数据库。 + +![在 CentOS 上安装 NTP 服务器](http://www.tecmint.com/wp-content/uploads/2014/09/NTP-Server-Install-in-CentOS.png) + +在 CentOS 和 RHEL 7 上安装 NTP 服务器 + +#### 要求: #### + +- [CentOS 7 安装过程][1] +- [RHEL 安装过程][2] + +#### 额外要求: #### + +- [注册并启用 RHEL 7 更新订阅][3] +- [在 CentOS/RHCE 7 上配置静态 IP][4] +- [在 CentOS/RHEL 7 上停用并移除不需要的服务][5] + +这篇指南会告诉你如何在 CentOS/RHCE 7 上安装和配置 NTP 服务器,并使用 NTP 公共时间服务器池列表中和你服务器地理位置最近的可用节点中同步时间。 + +#### 步骤一:安装和配置 NTP 守护进程 #### + +1. 官方 CentOS /RHEL 7 库默认提供 NTP 服务器安装包,可以通过使用下面的命令安装。 + + # yum install ntp + +![在 CentOS 上安装 NTP 服务器](http://www.tecmint.com/wp-content/uploads/2014/09/Install-NTP-in-CentOS.png) + +安装 NTP 服务器 + +2. 安装完服务器之后,首先到官方 [NTP 公共时间服务器池][6],选择你服务器物理位置所在的洲,然后搜索你的国家位置,然后会出现 NTP 服务器列表。 + +![NTP 服务器池](http://www.tecmint.com/wp-content/uploads/2014/09/NTP-Pool-Server.png) + +NTP 服务器池 + +3. 然后打开编辑 NTP 守护进程主要配置文件,从 pool.ntp.org 中注释掉默认的公共服务器列表并用类似下面截图提供给你国家的列表替换。 + +![在 CentOS 中配置 NTP 服务器](http://www.tecmint.com/wp-content/uploads/2014/09/Configure-NTP-Server.png) + +配置 NTP 服务器 + +4. 下一步,你需要允许客户端从你的网络中和这台服务器同步时间。为了做到这点,添加下面一行到 NTP 配置文件,其中限制语句控制允许哪些网络查询和同步时间 - 根据需要替换网络 IP。 + + restrict 192.168.1.0 netmask 255.255.255.0 nomodify notrap + +nomodify notrap 语句意味着不允许你的客户端配置服务器或者作为同步时间的节点。 + +5. 如果你需要额外的信息用于错误处理,以防你的 NTP 守护进程出现问题,添加一个 logfile 语句,用于记录所有 NTP 服务器问题到一个指定的日志文件。 + + logfile /var/log/ntp.log + +![在 CentOS 中启用 NTP 日志](http://www.tecmint.com/wp-content/uploads/2014/09/Enable-NTP-Log.png) + +启用 NTP 日志 + +6. 你编辑完所有上面解释的配置并保存关闭 ntp.conf 文件后,你最终的配置看起来像下面的截图。 + +![CentOS 中 NTP 服务器的配置](http://www.tecmint.com/wp-content/uploads/2014/09/NTP-Server-Configuration.png) + +NTP 服务器配置 + +### 步骤二:添加防火墙规则并启动 NTP 守护进程 ### + +7. NTP 服务在传输层(第四层)使用 123 号 UDP 端口。它是针对限制可变延迟的影响特别设计的。要在 RHEL/CentOS 7 中开放这个端口,可以对 Firewalld 服务使用下面的命令。 + + # firewall-cmd --add-service=ntp --permanent + # firewall-cmd --reload + +![在 Firewall 中开放 NTP 端口](http://www.tecmint.com/wp-content/uploads/2014/09/Open-NTP-Port.png) + +在 Firewall 中开放 NTP 端口 + +8. 你在防火墙中开放了 123 号端口之后,启动 NTP 服务器并确保系统范围内可用。用下面的命令管理服务。 + + # systemctl start ntpd + # systemctl enable ntpd + # systemctl status ntpd + +![启动 NTP 服务](http://www.tecmint.com/wp-content/uploads/2014/09/Start-NTP-Service.png) + +启动 NTP 服务 + +### 步骤三:验证服务器时间同步 ### + +9. 启动了 NTP 守护进程后,用几分钟等服务器和它的服务器池列表同步时间,然后运行下面的命令验证 NTP 节点同步状态和你的系统时间。 + + # ntpq -p + # date -R + +![验证 NTP 服务器时间](http://www.tecmint.com/wp-content/uploads/2014/09/Verify-NTP-Time-Sync.png) + +验证 NTP 时间同步 + +10. 如果你想查询或者和你选择的服务器池同步,你可以使用 ntpdate 命令,后面跟服务器名或服务器地址,类似下面建议的命令行事例。 + + # ntpdate -q 0.ro.pool.ntp.org 1.ro.pool.ntp.org + +![同步 NTP 同步](http://www.tecmint.com/wp-content/uploads/2014/09/Synchronize-NTP-Time.png) + +同步 NTP 时间 + +### 步骤四:设置 Windows NTP 客户端 ### + +11. 如果你的 windows 机器不是域名控制器的一部分,你可以配置 Windows 和你的 NTP服务器同步时间。在任务栏右边 -> 时间 -> 更改日期和时间设置 -> 网络时间标签 -> 更改设置 -> 和一个网络时间服务器检查同步 -> 在 Server 空格输入服务器 IP 或 FQDN -> 马上更新 -> OK。 + +![和 NTP 同步 Windows 时间](http://www.tecmint.com/wp-content/uploads/2014/09/Synchronize-Windows-Time-with-NTP.png) + +和 NTP 同步 Windows 时间 + +就是这些。在你的网络中配置一个本地 NTP 服务器能确保你所有的服务器和客户端有相同的时间设置,以防出现网络连接失败,并且它们彼此都相互同步。 + +-------------------------------------------------------------------------------- + +via: http://www.tecmint.com/install-ntp-server-in-centos/ + +作者:[Matei Cezar][a] +译者:[ictlyh](http://motouxiaogui.cn/blog) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出 + +[a]:http://www.tecmint.com/author/cezarmatei/ +[1]:http://www.tecmint.com/centos-7-installation/ +[2]:http://www.tecmint.com/redhat-enterprise-linux-7-installation/ +[3]:http://www.tecmint.com/enable-redhat-subscription-reposiories-and-updates-for-rhel-7/ +[4]:http://www.tecmint.com/configure-network-interface-in-rhel-centos-7-0/ +[5]:http://www.tecmint.com/remove-unwanted-services-in-centos-7/ +[6]:http://www.pool.ntp.org/en/ \ No newline at end of file