From 3a033231a90ce6d076a1b80a0d3657aa0aa76cbb Mon Sep 17 00:00:00 2001 From: ideas4u Date: Fri, 12 Dec 2014 16:21:39 +0800 Subject: [PATCH 01/98] Create 20141211 How to use matplotlib for scientific plotting on Linux --- ...atplotlib for scientific plotting on Linux | 158 ++++++++++++++++++ 1 file changed, 158 insertions(+) create mode 100644 20141211 How to use matplotlib for scientific plotting on Linux diff --git a/20141211 How to use matplotlib for scientific plotting on Linux b/20141211 How to use matplotlib for scientific plotting on Linux new file mode 100644 index 0000000000..29c03c4c91 --- /dev/null +++ b/20141211 How to use matplotlib for scientific plotting on Linux @@ -0,0 +1,158 @@ ++在Linux中使用matplotlib进行科学画图 ++================================================================================ ++ ++如果你想要在Linxu中获得一个高效、自动化、高质量的科学画图的解决方案,那就要考虑一下使用matplotlib库了。Matplotlib是基于python的开源科学测绘包,版权基于python软件基金许可证。大量的文档和例子,整合在Python和Numpy科学计处包中,其自动化性能是少数几个为什么这个包是在Linux环境中进行科学画图的可靠选择。这个教程将提供几个用matplotlib画图的例子。 ++ ++###特性### ++- ++-众多的画图类型,如:bar,box,contour,histogram,scatter,line plots.... ++-基于python的语法 ++-集成Numpy科学计算包 ++-可定制的画图格式(axes scales,tick positions, tick labels...) ++-可定制文本(字体,大小,位置...) ++-TeX 格式化(等式,符号,希腊字体...) ++-与IPython相兼容 ++-自动化 -用Python 的循环迭代生成图片 ++-保存所绘图片格式为图片文件,如:png,pdf,ps,eps,svg等 ++ ++ ++基于Python语法的matplotlib通过许多自身特性和高效工作流基础进行表现。 ++世面上有许多用于绘制高质量图的科学绘图包,但是这些包允许你直接在你的Python代码中去使用吗? ++除那以外,这些包允许你创建可以保存为图片文件的图片吗? ++Matplotlib允许你完成所有的这些任务。 ++你可以期望着节省你的时间,从于使用你能够花更多的时间在如何创建更多的图片。 ++ ++###安装### ++ 安装Python和Numpy包是使用Matplotlib的前提,安装Numpy的指引请见该链接。[here][1]. ++ ++ ++可以通过如下命令在Debian或Ubuntu中安装Matplotlib: ++ ++ $ sudo apt-get install python-matplotlib ++ ++ ++在Fedora或CentOS/RHEL环境则可用如下命令: ++ $ sudo yum install python-matplotlib ++ ++ ++###Matplotlib 例子### ++ ++该教程会提供几个绘图例子演示如何使用matplotlib: ++-离散和线性画图 ++-柱状图画图 ++-饼状图 ++ ++在这些例子中我们将用Python脚本来执行Mapplotlib命令。注意numpy和matplotlib模块需要通过import命令在脚本中进行导入。 ++在命令空间中,np指定为nuupy模块的引用,plt指定为matplotlib.pyplot的引用: ++ import numpy as np ++ import matplotlib.pyplot as plt ++ ++ ++###例1:离散和线性图### ++ ++第一个脚本,script1.py 完成如下任务: ++ ++-创建3个数据集(xData,yData1和yData2) ++-创建一个宽8英寸、高6英寸的图(赋值1) ++-设置图画的标题、x轴标签、y轴标签(字号均为14) ++-绘制第一个数据集:yData1为xData数据集的函数,用圆点标识的离散蓝线,标识为"y1 data" ++-绘制第二个数据集:yData2为xData数据集的函数,采用红实线,标识为"y2 data" ++-把图例放置在图的左上角 ++-保存图片为PNG格式文件 ++ ++script1.py的内容如下: ++ import numpy as np ++ import matplotlib.pyplot as plt ++ ++ xData = np.arange(0, 10, 1) ++ yData1 = xData.__pow__(2.0) ++ yData2 = np.arange(15, 61, 5) ++ plt.figure(num=1, figsize=(8, 6)) ++ plt.title('Plot 1', size=14) ++ plt.xlabel('x-axis', size=14) ++ plt.ylabel('y-axis', size=14) ++ plt.plot(xData, yData1, color='b', linestyle='--', marker='o', label='y1 data') ++ plt.plot(xData, yData2, color='r', linestyle='-', label='y2 data') ++ plt.legend(loc='upper left') ++ plt.savefig('images/plot1.png', format='png') ++ ++ ++所画之图如下: ++![](https://farm8.staticflickr.com/7529/15927002365_f5ae11cf02_z.jpg) ++ ++ ++###例2:柱状图### ++ ++第二个脚本,script2.py 完成如下任务: ++ ++-创建一个包含1000个随机样本的正态分布数据集。 ++-创建一个宽8英寸、高6英寸的图(赋值1) ++-设置图的标题、x轴标签、y轴标签(字号均为14) ++-用samples这个数据集画一个40个柱状,边从-10到10的柱状图 ++-添加文本,用TeX格式显示希腊字母mu和sigma(字号为16) ++-保存图片为PNG格式。 ++ ++script2.py代码如下: ++ import numpy as np ++ import matplotlib.pyplot as plt ++ ++ mu = 0.0 ++ sigma = 2.0 ++ samples = np.random.normal(loc=mu, scale=sigma, size=1000) ++ plt.figure(num=1, figsize=(8, 6)) ++ plt.title('Plot 2', size=14) ++ plt.xlabel('value', size=14) ++ plt.ylabel('counts', size=14) ++ plt.hist(samples, bins=40, range=(-10, 10)) ++ plt.text(-9, 100, r'$\mu$ = 0.0, $\sigma$ = 2.0', size=16) ++ plt.savefig('images/plot2.png', format='png') ++ ++ ++结果见如下链接: ++![](https://farm8.staticflickr.com/7531/15304765024_1cc271b6e0_z.jpg) ++ ++ ++###例3:饼状图### ++ ++第三个脚本,script3.py 完成如下任务: ++ ++-创建一个包含5个整数的列表 ++-创建一个宽6英寸、高6英寸的图(赋值1) ++-添加一个长宽比为1的轴图 ++-设置图的标题(字号为14) ++-用data列表画一个包含标签的饼状图 ++-保存图为PNG格式 ++ ++脚本script3.py的代码如下: ++ import numpy as np ++ import matplotlib.pyplot as plt ++ ++ data = [33, 25, 20, 12, 10] ++ plt.figure(num=1, figsize=(6, 6)) ++ plt.axes(aspect=1) ++ plt.title('Plot 3', size=14) ++ plt.pie(data, labels=('Group 1', 'Group 2', 'Group 3', 'Group 4', 'Group 5')) ++ plt.savefig('images/plot3.png', format='png') ++ ++ ++结果如下链接所示: ++![](https://farm8.staticflickr.com/7504/15926356092_7c3e5217aa_z.jpg) ++ ++ ++###总结### ++ 这个教程提供了几个用matplotlib科学画图包进行画图的例子,Matplotlib是在Linux环境中用于解决科学画图的绝佳方案,表现在其无缝地和Python、Numpy连接,自动化能力,和提供多种自定义的高质量的画图产品。[here][2]. ++ ++matplotlib包的文档和例子详见: ++-------------------------------------------------------------------------------- ++ ++via: http://xmodulo.com/matplotlib-scientific-plotting-linux.html ++ ++作者:[Joshua Reed][a] ++译者:[ideas4u](https://github.com/ideas4u) ++校对:[校对者ID](https://github.com/校对者ID) ++ ++本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 ++ ++[a]:http://xmodulo.com/author/joshua ++[1]:http://xmodulo.com/numpy-scientific-computing-linux.html ++[2]:http://matplotlib.org/ From 5cab52953e40e4dff4763a672888c53beb9d6b97 Mon Sep 17 00:00:00 2001 From: Stevearzh Date: Tue, 30 Dec 2014 14:43:41 +0800 Subject: [PATCH 02/98] Translating by Stevearzh --- ...226 How to Download Music from Grooveshark with a Linux OS.md | 1 + 1 file changed, 1 insertion(+) diff --git a/sources/share/20141226 How to Download Music from Grooveshark with a Linux OS.md b/sources/share/20141226 How to Download Music from Grooveshark with a Linux OS.md index 8b7c5a8e3d..f4a50b24b3 100644 --- a/sources/share/20141226 How to Download Music from Grooveshark with a Linux OS.md +++ b/sources/share/20141226 How to Download Music from Grooveshark with a Linux OS.md @@ -1,3 +1,4 @@ +[Translating by Stevarzh] How to Download Music from Grooveshark with a Linux OS ================================================================================ > The solution is actually much simpler than you think From 06c94466acd9089ff9f641666dbbb695d93900ce Mon Sep 17 00:00:00 2001 From: ZhouJ-sh <32321321@qq.com> Date: Tue, 30 Dec 2014 16:42:44 +0800 Subject: [PATCH 03/98] =?UTF-8?q?20141229=20=E9=80=89=E9=A2=98=202=20Ways?= =?UTF-8?q?=20To=20Fix=20The=20UEFI=20Bootloader=20When=20Dual=20Booting?= =?UTF-8?q?=20Windows=20And=20Ubuntu.md?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ...er When Dual Booting Windows And Ubuntu.md | 104 ++++++++++++++++++ 1 file changed, 104 insertions(+) create mode 100644 sources/share/20141229 2 Ways To Fix The UEFI Bootloader When Dual Booting Windows And Ubuntu.md diff --git a/sources/share/20141229 2 Ways To Fix The UEFI Bootloader When Dual Booting Windows And Ubuntu.md b/sources/share/20141229 2 Ways To Fix The UEFI Bootloader When Dual Booting Windows And Ubuntu.md new file mode 100644 index 0000000000..dc1cab30df --- /dev/null +++ b/sources/share/20141229 2 Ways To Fix The UEFI Bootloader When Dual Booting Windows And Ubuntu.md @@ -0,0 +1,104 @@ +[zhouj-sh translating...] +2 Ways To Fix The UEFI Bootloader When Dual Booting Windows And Ubuntu +================================================================================ +The main problem that users experience after following my [tutorials for dual booting Ubuntu and Windows 8][1] is that their computer continues to boot directly into Windows 8 with no option for running Ubuntu. + +Here are two ways to fix the EFI boot loader to get the Ubuntu portion to boot correctly. + +![Set GRUB2 As The Bootloader.](http://0.tqn.com/y/linux/1/L/E/J/1/grub2.JPG) + +### 1. Make GRUB The Active Bootloader ### + +There are a few things that may have gone wrong during the installation. + +In theory if you have managed to install Ubuntu in the first place then you will have [turned off fast boot][2]. + +Hopefully you [followed this guide to create a bootable UEFI Ubuntu USB drive][3] as this installs the correct UEFI boot loader. + +If you have done both of these things as part of the installation, the bit that may have gone wrong is the part where you set GRUB2 as the boot manager. + +To set GRUB2 as the default bootloader follow these steps: + +1.Login to Windows 8 +2.Go to the desktop +3.Right click on the start button and choose administrator command prompt +4.Type mountvol g: /s (This maps your EFI folder structure to the G drive). +5.Type cd g:\EFI +6.When you do a directory listing you will see a folder for Ubuntu. Type dir. +7.There should be options for grubx64.efi and shimx64.efi +8.Run the following command to set grubx64.efi as the bootloader: + +bcdedit /set {bootmgr} path \EFI\ubuntu\grubx64.efi + +9:Reboot your computer +10:You should now have a GRUB menu appear with options for Ubuntu and Windows. +11:If your computer still boots straight to Windows repeat steps 1 through 7 again but this time type: + +bcdedit /set {bootmgr} path \EFI\ubuntu\shimx64.efi + +12:Reboot your computer + +What you are doing here is logging into the Windows administration command prompt, mapping a drive to the EFI partition so that you can see where the Ubuntu bootloaders are installed and then either choosing grubx64.efi or shimx64.efi as the bootloader. + +So [what is the difference between grubx64.efi and shimx64.efi][4]? You should choose grubx64.efi if secureboot is turned off. If secureboot is turned on you should choose shimx64.efi. + +In my steps above I have suggested trying one and then trying another. The other option is to install one and then turn secure boot on or off within the UEFI firmware for your computer depending on the bootloader you chose. + +### 2. Use rEFInd To Dual Boot Windows 8 And Ubuntu ### +The [rEFInd boot loader][5] works by listing all of your operating systems as icons. You will therefore be able to boot Windows, Ubuntu and operating systems from USB drives simply by clicking the appropriate icon. + +To download rEFInd for Windows 8 [click here][6]. + +After you have downloaded the file extract the zip file. + +Now follow these steps to install rEFInd. + +1.Go to the desktop +2.Right click on the start button and choose administrator command prompt +3.Type mountvol g: /s (This maps your EFI folder structure to the G drive) +4.Navigate to the extracted rEFInd folder. For example: + +cd c:\users\gary\downloads\refind-bin-0.8.4\refind-bin-0.8.4 + +When you type dir you should see a folder for refind +5.Type the following to copy refind to the EFI partition: + +xcopy /E refind g:\EFI\refind\ + +6.Type the following to navigate to the refind folder + +cd g:\EFI\refind + +7.Rename the sample configuration file: + +rename refind.conf-sample refind.conf +8.Run the following command to set rEFInd as the bootloader + +bcdedit /set {bootmgr} path \EFI\refind\refind_x64.efi + +9.Reboot your computer +10.You should now have a menu similar to the image above with options to boot Windows and Ubuntu +​ +This process is fairly similar to choosing the GRUB bootloader. + +Basically it involves downloading rEFInd, extracting the files. copying the files to the EFI partition, renaming the configuration file and then setting rEFInd as the boot loader. + +### Summary ### + +Hopefully this guide has solved the issues that some of you have been having with dual booting Ubuntu and Windows 8.1. If you are still having issues feel free to get back in touch using the email link above. + + +作者:[Gary Newell][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +via:http://linux.about.com/od/LinuxNewbieDesktopGuide/tp/3-Ways-To-Fix-The-UEFI-Bootloader-When-Dual-Booting-Windows-And-Ubuntu.htm +[a]:http://linux.about.com/bio/Gary-Newell-132058.htm +[1]:http://linux.about.com/od/LinuxNewbieDesktopGuide/ss/The-Ultimate-Windows-81-And-Ubuntu- +[2]:http://linux.about.com/od/howtos/ss/How-To-Create-A-UEFI-Bootable-Ubuntu-USB-Drive-Using-Windows_3.htm#step-heading +[3]:http://linux.about.com/od/howtos/ss/How-To-Create-A-UEFI-Bootable-Ubuntu-USB-Drive-Using-Windows.htm +[4]:https://wiki.ubuntu.com/SecurityTeam/SecureBoot +[5]:http://www.rodsbooks.com/refind/installing.html#windows +[6]:http://sourceforge.net/projects/refind/files/0.8.4/refind-bin-0.8.4.zip/download \ No newline at end of file From 2daff130f975f6b6c566e3ca030f3e7e77d1b515 Mon Sep 17 00:00:00 2001 From: ZhouJ-sh <32321321@qq.com> Date: Tue, 30 Dec 2014 18:05:32 +0800 Subject: [PATCH 04/98] translated 20141229 2 Ways To Fix The UEFI Bootloader When Dual Booting Windows And Ubuntu.md --- ...er When Dual Booting Windows And Ubuntu.md | 88 +++++++++++++++++++ 1 file changed, 88 insertions(+) create mode 100644 translated/share/20141229 2 Ways To Fix The UEFI Bootloader When Dual Booting Windows And Ubuntu.md diff --git a/translated/share/20141229 2 Ways To Fix The UEFI Bootloader When Dual Booting Windows And Ubuntu.md b/translated/share/20141229 2 Ways To Fix The UEFI Bootloader When Dual Booting Windows And Ubuntu.md new file mode 100644 index 0000000000..0342aaf726 --- /dev/null +++ b/translated/share/20141229 2 Ways To Fix The UEFI Bootloader When Dual Booting Windows And Ubuntu.md @@ -0,0 +1,88 @@ +Windows和Ubuntu双系统,修复UEFI引导的两种办法 +======================================================================= +读者在读过我的[安装Ubuntu和Windows 8双系统教程][1]以后,碰到的主要的问题是电脑直接启动到Windows 8而没有出现启动Ubuntu的选项。 + +这里有两种修复EFI启动引导的方法,使Ubuntu可以正常启动 + +![](http://0.tqn.com/y/linux/1/L/E/J/1/grub2.JPG) "将GRUB2设置为启动引导" + +### 1. 启用GRUB引导 ### + +在安装时,有些地方可能会出问题。 + +理论上来说,如果你首先安装Ubuntu,那么你需要[关闭快速启动][2]。 + +希望你[按照这个指南创建一个UEFI Ubuntu 启动优盘][3]安装正确的UEFI引导程序。 + +如果你在安装时已经完成了这些事情,那么可能出错的地方就是将GRUB2设置为启动管理器。 + +可以按照以下几个步骤将GRUB2设置为默认的引导程序: + +1.登录Windows 8 +2.转到桌面 +3.右击开始按钮,选择管理员命令行 +4.输入 mountvol g: (将你的EFI目录结构映射到G盘) +5.输入 cd g:\EFI +6.当你输入 dir 列出文件夹内容时,你可以看到一个Ubuntu的文件夹 +7.这里的参数可以是grubx64.efi或者shimx64.efi +8.运行下列命令将grub64.efi设置为启动引导程序: +bcdedit /set {bootmgr} path \EFI\ubuntu\grubx64.efi +9.重启你的电脑 +10.你将会看到一个包含Ubuntu和Windows选项的GRUB菜单 +11.如果你的电脑仍然直接启动到Windows,重复步骤1到7,但是这次输入: +bcdedit /set {bootmgr} path \EFI\ubuntu\shimx64.efi +12.重启你的电脑 + +这里你做的事情是登录Windows管理员命令行,将EFI引导区映射到磁盘上,来查看Ubuntu的引导程序是否安装成功,然后选择grubx64.efi或者shimx64.efi作为引导程序。 + +那么[grubx64.efi和shimx64.efi有什么区别呢][4]?在安全启动(serureboot)关闭的情况下,你可以使用grubx64.efi。如果安全启动打开则需要选择shimx64.efi。 + +在我上面的步骤里面,我建议先试一个,然后再试试另外一个。另外一种方法是选择一个,然后根据你选择的引导程序在BIOS中启用或者禁用安全启动。 + +### 2.使用rEFInd引导Ubuntu和Windows双系统 ### + +[rEFInd引导程序][5]会以图标的方式列出你所有的操作系统。因此,你可以通过点击相应的图标来启动Windows、Ubuntu或者优盘中的操作系统。 + +[点击这里][6]下载rEFInd for Windows 8。 + +下载和解压以后,按照以下的步骤安装rEFInd。 + +1.返回桌面 +2.右击开始按钮,选择管理员命令行 +3.输入 mountvol g: (将你的EFI目录结构映射到G盘) +4.进入解压的rEFInd目录。例如: +cd c:\users\gary\downloads\refind-bin-0.8.4\refind-bin-0.8.4 +当你输入 dir 命令,你可以看到一个refind目录 +5.输入如下命令将refind拷贝到EFI引导区 +xcopy /E refind g:\EFI\refind\ +6.输入如下命令进入refind文件夹 +cd g:\EFI\refind +7.重命名示例配置文件 +rename refind.conf-sample refind.conf +8.运行如下命令将rEFind设置为引导程序 +bcdedit /set {bootmgr} path \EFI\refind\refind_x64.efi +9.重启你的电脑 +10.你将会看到一个包含Ubuntu和Windows的图形菜单 + +这个过程和选择GRUB引导程序十分相似。 + +简单的说,主要是下载rEFind,解压文件。拷贝文件到EFI引导区,重命名配置文件,然后将rEFind设置为引导程序。 + +### 概要 ### + +希望这篇文章可以解决有些人在安装Ubuntu和Windows 8.1双系统时出现的问题。如果你仍然有问题,可以通过上面的电邮和我进行交流。 + +作者:[Gary Newell][a] +译者:[zhouj-sh](https://github.com/zhouj-sh) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +via:http://linux.about.com/od/LinuxNewbieDesktopGuide/tp/3-Ways-To-Fix-The-UEFI-Bootloader-When-Dual-Booting-Windows-And-Ubuntu.htm +[a]:http://linux.about.com/bio/Gary-Newell-132058.htm +[1]:http://linux.about.com/od/LinuxNewbieDesktopGuide/ss/The-Ultimate-Windows-81-And-Ubuntu- +[2]:http://linux.about.com/od/howtos/ss/How-To-Create-A-UEFI-Bootable-Ubuntu-USB-Drive-Using-Windows_3.htm#step-heading +[3]:http://linux.about.com/od/howtos/ss/How-To-Create-A-UEFI-Bootable-Ubuntu-USB-Drive-Using-Windows.htm +[4]:https://wiki.ubuntu.com/SecurityTeam/SecureBoot +[5]:http://www.rodsbooks.com/refind/installing.html#windows +[6]:http://sourceforge.net/projects/refind/files/0.8.4/refind-bin-0.8.4.zip/download \ No newline at end of file From 8bb194413564b652cb212b5143acb8e1f880fd90 Mon Sep 17 00:00:00 2001 From: Vic___ Date: Tue, 30 Dec 2014 22:48:53 +0800 Subject: [PATCH 05/98] Translated --- ...How to install Kingsoft Office on Linux.md | 48 ++++++++++--------- 1 file changed, 25 insertions(+), 23 deletions(-) diff --git a/sources/tech/20141224 Linux FAQs with Answers--How to install Kingsoft Office on Linux.md b/sources/tech/20141224 Linux FAQs with Answers--How to install Kingsoft Office on Linux.md index f878b02a80..0c7a0110b1 100644 --- a/sources/tech/20141224 Linux FAQs with Answers--How to install Kingsoft Office on Linux.md +++ b/sources/tech/20141224 Linux FAQs with Answers--How to install Kingsoft Office on Linux.md @@ -1,22 +1,22 @@ - Vic020 - -Linux FAQs with Answers--How to install Kingsoft Office on Linux +Linux有问必答 - linux如何安装WPS ================================================================================ -> **Question**: I heard good things about Kingsoft Office, so I would like to try it out on my Linux. How can I install Kingsoft Office on [insert your Linux distro]? +> **问题**: 我听说一个好东西Kingsoft Office(译注:就是WPS),所以我想在我的Linux上试试。我怎样才能安装Kingsoft Office呢? -Kingsoft Office is an office suite available for muliple platforms including Windows, Linux, iOS and Android. It comes with three programs: Writer for word processing, Presentation for presentations, and Spreadsheets for spreadsheets. It is freemium model, where the basic version is free to use. Compared to other Linux office suites such as LibreOffice or OpenOffice, the best advantage of Kingsoft Office is its **excellent compatibility with Microsoft Office**. Thus for those of you who need to use an office suite on Linux and Windows platforms interchangeably, Kingsoft Office is a good choice for Linux platform. +Kingsoft Office 一套办公套件,支持多个平台,包括Windows, Linux, iOS 和 Android。它包含三个组件:Writer(WPS文字)用来文字处理,Presentation(WPS演示)支持幻灯片,Spereadsheets(WPS表格)为电子表格。使用免费增值模式,其中基础版本是免费使用。比较其他的linux办公套件,如LibreOffice、 OpenOffice,最大优势在于,Kingsoft Office能最好的兼容微软的Office(译注:版权问题?了解下wps和Office的历史问题,可以得到一些结论)。因此如果你需要在windowns和linux平台间交互,Kingsoft office是一个很好的选择。 -### Install Kingsoft Office on CentOS, Fedora or RHEL ### -Download a RPM file for the [official site][1]. The official RPM package is available as a 32-bit version only, but you can install it on both 32-bit and 64-bit systems. +### CentOS, Fedora 或 RHEL中安装Kingsoft Office ### -Use yum command with "localinstall" option to install the RPM file. + +在[官方页面][1]下载RPM文件.官方RPM包只支持32位版本linux,但是你可以在64位中安装。 + +需要使用yum命令并用"localinstall"选项来本地安装这个RPM包 $ sudo yum localinstall kingsoft-office-9.1.0.4244-0.1.a12p3.i686.rpm -Note that do NOT use rpm command to install it. Otherwise, you will get unmet dependency errors, which are not easy to solve manually: +注意不要使用rpm命令安装。否者,你会得到依赖错误,而且很难解决: - error: Failed dependencies: + 错误: 依赖失败: libICE.so.6 is needed by kingsoft-office-9.1.0.4244-0.1.a12p3.i686 libSM.so.6 is needed by kingsoft-office-9.1.0.4244-0.1.a12p3.i686 libX11.so.6 is needed by kingsoft-office-9.1.0.4244-0.1.a12p3.i686 @@ -24,44 +24,46 @@ Note that do NOT use rpm command to install it. Otherwise, you will get unmet de libXrender.so.1 is needed by kingsoft-office-9.1.0.4244-0.1.a12p3.i686 libc.so.6 is needed by kingsoft-office-9.1.0.4244-0.1.a12p3.i686 -Red Hat based distributions have multilib support. If the RPM package you are trying to install is 32-bit and has 32-bit library dependencies, a better way is to use yum to install it as shown above. As long as the RPM is properily built with all dependency information, yum should be able to install it using yum repositories. +基于Red Hat的发行版有多重库支持。如果你要想安装的RPM包是32位的并有32位库依赖(你的系统是64位的),一个很好的解决方法就是使用yum来安装。只要RPM在构建时候已经添加所有依赖关系,yum就可以自动使用yum库解决依赖关系。 ![](https://farm9.staticflickr.com/8626/16040291445_ca62275064_c.jpg) -### Install Kingsoft Office on Debian, Ubuntu or Linux Mint ### +### Debian, Ubuntu 和 Linux Mint 中安装Kingsoft Office### -Download a DEB package from the [official site][2]. The official DEB package is available as a 32-bit version only, but you can install it on both 32-bit and 64-bit systems. +在[官方页面][1]下载DEB包。官方RPM包同样只支持32位版本linux,但是你可以在64位中安装。 -The DEB package has a set of dependencies to meet. Therefore use [gdebi][3] instead of dpkg command to automatically resolve dependencies. +DEB包同样遇到一堆依赖。因此使用[gdebi][3]命令来代替dpkg来自动解决依赖。 $ sudo apt-get install gdebi-core $ sudo gdebi kingsoft-office_9.1.0.4244~a12p3_i386.deb -### Launch Kingsoft Office ### +### 启动 Kingsoft Office ### -Once Kingsoft Office is installed, you can launch Witer, Presentation, and Spreadsheets from the desktop manager easily. +安装完成后,你就可以在桌面管理器轻松启动Witer(WPS文字), Presentation(WPS演示), and Spreadsheets(WPS表格),如下图 -On Ubuntu Unity: +Ubuntu Unity中: ![](https://farm9.staticflickr.com/8591/16039583702_632a49779f_z.jpg) -On GNOME: +GNOME桌面中: ![](https://farm9.staticflickr.com/8617/16039583622_4e7c1d8545_b.jpg) -Alternatively, you can also launch Kingsoft Office from the command line. +不但如此,你也可以在命令行中启动Kingsoft Office -To launch Kingsoft Writer from the command line, use this command: +启动Wirter(WPS文字),使用这个命令: + + $ wps (译注:原文丢失此命令) ![](https://farm8.staticflickr.com/7525/16039583642_7202457899_c.jpg) -To launch Kingsoft Presentation from the command line, use this command: +启动Presentation(WPS演示),使用这个命令: $ wpp ![](https://farm8.staticflickr.com/7570/15420632223_4243cc99d9_c.jpg) -To launch Kingsoft Spreadsheets from the command line, use this command: +启动Spreadsheets(WPS表格),使用这个命令: $ et @@ -71,7 +73,7 @@ To launch Kingsoft Spreadsheets from the command line, use this command: via: http://ask.xmodulo.com/install-kingsoft-office-linux.html -译者:[译者ID](https://github.com/译者ID) +译者:[Vic020/VicYu](http://www.vicyu.net) 校对:[校对者ID](https://github.com/校对者ID) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 From 55be8f979ef92bcd893995ca0ed746b720c1ff62 Mon Sep 17 00:00:00 2001 From: Vic___ Date: Tue, 30 Dec 2014 22:49:59 +0800 Subject: [PATCH 06/98] Moved --- ... FAQs with Answers--How to install Kingsoft Office on Linux.md | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename {sources => translated}/tech/20141224 Linux FAQs with Answers--How to install Kingsoft Office on Linux.md (100%) diff --git a/sources/tech/20141224 Linux FAQs with Answers--How to install Kingsoft Office on Linux.md b/translated/tech/20141224 Linux FAQs with Answers--How to install Kingsoft Office on Linux.md similarity index 100% rename from sources/tech/20141224 Linux FAQs with Answers--How to install Kingsoft Office on Linux.md rename to translated/tech/20141224 Linux FAQs with Answers--How to install Kingsoft Office on Linux.md From 82ac18e7e6a8f9a3109911533dcd4c3a2edc54dc Mon Sep 17 00:00:00 2001 From: joeren Date: Wed, 31 Dec 2014 07:52:28 +0800 Subject: [PATCH 07/98] Update 20141224 Calife--A lightweight alternative to sudo.md --- .../20141224 Calife--A lightweight alternative to sudo.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/sources/share/20141224 Calife--A lightweight alternative to sudo.md b/sources/share/20141224 Calife--A lightweight alternative to sudo.md index 194ac043cb..71ec22aa91 100644 --- a/sources/share/20141224 Calife--A lightweight alternative to sudo.md +++ b/sources/share/20141224 Calife--A lightweight alternative to sudo.md @@ -1,3 +1,4 @@ +Translating by GOLinux! Calife – A lightweight alternative to sudo ================================================================================ Calife requests user's own password for becoming login (or root, if no login is provided), and switches to that user and group ID after verifying proper rights to do so. A shell is then executed. If calife is executed by root, no password is requested and a shell with the appropriate user ID is executed. @@ -67,4 +68,4 @@ via: http://www.ubuntugeek.com/calife-a-lightweight-alternative-to-sudo.html [17]: [18]: [19]: -[20]: \ No newline at end of file +[20]: From 3b192a8aed6bd8c77da5f692b6d60f68e478eea9 Mon Sep 17 00:00:00 2001 From: GOLinux Date: Wed, 31 Dec 2014 08:27:07 +0800 Subject: [PATCH 08/98] [Translated] 20141224 Calife--A lightweight alternative to sudo.md --- ...life--A lightweight alternative to sudo.md | 71 ------------------ ...life--A lightweight alternative to sudo.md | 75 +++++++++++++++++++ 2 files changed, 75 insertions(+), 71 deletions(-) delete mode 100644 sources/share/20141224 Calife--A lightweight alternative to sudo.md create mode 100644 translated/share/20141224 Calife--A lightweight alternative to sudo.md diff --git a/sources/share/20141224 Calife--A lightweight alternative to sudo.md b/sources/share/20141224 Calife--A lightweight alternative to sudo.md deleted file mode 100644 index 71ec22aa91..0000000000 --- a/sources/share/20141224 Calife--A lightweight alternative to sudo.md +++ /dev/null @@ -1,71 +0,0 @@ -Translating by GOLinux! -Calife – A lightweight alternative to sudo -================================================================================ -Calife requests user's own password for becoming login (or root, if no login is provided), and switches to that user and group ID after verifying proper rights to do so. A shell is then executed. If calife is executed by root, no password is requested and a shell with the appropriate user ID is executed. - -The invoked shell is the user's own except when a shell is specified in the configuration file calife.auth. - -If "-" is specified on the command line, user's profile files are read as if it was a login shell. - -This is not the traditional behavior of su. - -Only users specified in calife.auth can use calife to become another one with this method. - -calife.auth is installed as /etc/calife.auth - -### Calife Features ### - -Here is an extensive list of features: - -you keep your environment variables and shell aliases intact -it has start and end of session logging -you can have a list of all permitted logins for each calife user. That way, you can give a user newsmaster’s rights without giving out the root password -you can specify a group in the configuration file instead of the logins of all administrators: Juste use @staff or %staff and all members of the staff group will have access to calife -calife can also be used to become users even if they have no home directory or even no shell. That’s very practical if you want to become uucp or even bin -you can make calife runs a specific system-wide script at the end of the session (to send a mailabout what was done as root for example) - -### Install calife in ubuntu ### - -Open the terminal and run the following command - - sudo apt-get install calife - -### Using Calife ### - -### Syntax ### - - calife [-] [login] - -Check calife manpage for more details - --------------------------------------------------------------------------------- - -via: http://www.ubuntugeek.com/calife-a-lightweight-alternative-to-sudo.html - -作者:[ruchi][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 - -[a]:http://www.ubuntugeek.com/author/ubuntufix -[1]: -[2]: -[3]: -[4]: -[5]: -[6]: -[7]: -[8]: -[9]: -[10]: -[11]: -[12]: -[13]: -[14]: -[15]: -[16]: -[17]: -[18]: -[19]: -[20]: diff --git a/translated/share/20141224 Calife--A lightweight alternative to sudo.md b/translated/share/20141224 Calife--A lightweight alternative to sudo.md new file mode 100644 index 0000000000..b373116450 --- /dev/null +++ b/translated/share/20141224 Calife--A lightweight alternative to sudo.md @@ -0,0 +1,75 @@ +Calife —— 一个轻量级的sudo替代方案 +================================================================================ +Calife要求用户用户以自己的密码登录(或者root,如果没有提供登录),在验证具有正确的权限后,就会切换到该用户以及组身份,然后就会执行一个shell。如果calife是由root执行的,不需要密码,一个具有恰当用户ID的shell就会被执行。 + +唤醒的shell是用户自身的,除非在calife.auth配置文件中指定了某个shell。 + +如果在命令行指定了“-”选项,就会读取该用户的环境文件,该shell就像是一个登陆shell。 + +这不是su的惯用操作。 + +只有在calife.auth中指定的用户才能使用此方法通过calife成为另外一个用户。 + +calife.auth安装位置处于/etc/calife.auth。 + +### Calife特性 ### + +这里给出了一个关于calife特性的扩展列表: + +你可以完整保留环境变量和shell别名 + +它可以全程记录会话开始到结束 + +你可以为每个calife用户许可的登录制作列表,那样,你就可以用户赋予主管权限而不必提供root密码 + +你可以在配置文件中指定一个组来取代所有管理员登录:只要使用@staff或者%staff,那么所有staff组中的成员都将具有访问calife的权限 + +calife也可以成为那些没有家目录或甚至没有shell的用户。如果你想要成为uucp或者甚至是bin,那会很实用 + +你可以让calife在会话结束时运行一个指定的系统范围的脚本(例如,发送一封邮件告知以root身份做了哪些事) + +### ubuntu中安装calife ### + +打开终端,然后运行以下命令 + + sudo apt-get install calife + +### 使用Calife ### + +### 语法 ### + + calife [-] [login] + +详情请参与calife手册页 + +-------------------------------------------------------------------------------- + +via: http://www.ubuntugeek.com/calife-a-lightweight-alternative-to-sudo.html + +作者:[ruchi][a] +译者:[GOLinux](https://github.com/GOLinux) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:http://www.ubuntugeek.com/author/ubuntufix +[1]: +[2]: +[3]: +[4]: +[5]: +[6]: +[7]: +[8]: +[9]: +[10]: +[11]: +[12]: +[13]: +[14]: +[15]: +[16]: +[17]: +[18]: +[19]: +[20]: From c8c5ad2a21321caa97514360dcad50eb42db48e2 Mon Sep 17 00:00:00 2001 From: H-mudcup Date: Wed, 31 Dec 2014 10:43:45 +0800 Subject: [PATCH 09/98] Update 20141226 The Good The Bad And The Ugly Of Linux In 2014.md Translating by H-mudcup --- .../20141226 The Good The Bad And The Ugly Of Linux In 2014.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/sources/talk/20141226 The Good The Bad And The Ugly Of Linux In 2014.md b/sources/talk/20141226 The Good The Bad And The Ugly Of Linux In 2014.md index 25c0368731..d55b0bc218 100644 --- a/sources/talk/20141226 The Good The Bad And The Ugly Of Linux In 2014.md +++ b/sources/talk/20141226 The Good The Bad And The Ugly Of Linux In 2014.md @@ -1,3 +1,4 @@ +Translating by H-mudcup The Good, The Bad And The Ugly Of Linux In 2014 ================================================================================ ![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2014/12/Buggest_Linux_Stories.jpeg) @@ -97,4 +98,4 @@ via: http://itsfoss.com/biggest-linux-stories-2014/ [16]:http://thenewstack.io/microsoft-professes-love-for-linux-adds-support-for-coreos-cloudera-and-host-of-new-features/ [17]:http://www.theregister.co.uk/2001/06/02/ballmer_linux_is_a_cancer/ [18]:http://azure.microsoft.com/en-us/ -[19]:http://www.zdnet.com/article/top-five-linux-contributor-microsoft/ \ No newline at end of file +[19]:http://www.zdnet.com/article/top-five-linux-contributor-microsoft/ From 8b0e478477e0e4d6a9bef7d7809604868cbbef0b Mon Sep 17 00:00:00 2001 From: mtunique Date: Wed, 31 Dec 2014 11:45:24 +0800 Subject: [PATCH 10/98] delete 20141229 5 User Space Debugging Tools in Linux.md --- ...9 5 User Space Debugging Tools in Linux.md | 265 ------------------ 1 file changed, 265 deletions(-) delete mode 100644 sources/tech/20141229 5 User Space Debugging Tools in Linux.md diff --git a/sources/tech/20141229 5 User Space Debugging Tools in Linux.md b/sources/tech/20141229 5 User Space Debugging Tools in Linux.md deleted file mode 100644 index 88c6d4253f..0000000000 --- a/sources/tech/20141229 5 User Space Debugging Tools in Linux.md +++ /dev/null @@ -1,265 +0,0 @@ -translating by mtunique -5 User Space Debugging Tools in Linux -================================================================================ -By definition, debugging tools are those programs which allow us to monitor ,control and correct errors in other programs while they execute. Why should we use debugging tools? To answer this, there are various situations where we get stuck while running some programs and will have the need to understand what exactly happened. For example, we might be running an application and it produces some error messages. To fix those errors, we should first figure out why and from where did the error messages come from. An application might suddenly hang and we will have to know what other processes were running at that time. We might also have to figure out what was process 'x' doing at the time of hang. In order to dissect such details, we will need the help of debugging tools. There are a few user space debugging tools and techniques in Linux which are quite useful in analysing user space problems. They are: - -- **'print' statements** -- **Querying (/proc, /sys etc)** -- **Tracing (strace/ltrace)** -- **Valgrind (memwatch)** -- **GDB** - -Let's go through each of them one by one. - -### 1.'print' statements ### - -This is a basic or primitive way of debugging a problem. We can insert print statements in the middle of a program to understand the control flow and get the value of key variables. Though it is a simple technique, it has some disadvantages to it. Programs need to be edited to add 'print 'statements which then will have to be recompiled and rerun to get the output. This is a time-consuming method if the program to be debugged is quite big. - -### 2. Querying ### - -In some situations, we might want to figure out in what state a running process is in the kernel or what is the memory map that it is occupying there etc. In order to obtain this type of information, we need not insert any code into the kernel. Instead, one can use the /proc filesystem. - -/proc is a pseudo filesystem that gets populated with runtime system information (cpu information, amount of memory etc) once the system is up and running. - -![output of 'ls /proc'](http://blog.linoxide.com/wp-content/uploads/2014/12/proc-output.png) -output of 'ls /proc' - -As you can see, each process that is running in the system has an entry in the /proc filesystem in the form of its process id . Details about each of these processes can be obtained by looking into the files present in its process id directory - -![output of 'ls /proc/pid'](http://blog.linoxide.com/wp-content/uploads/2014/12/proc-pid.png) -output of 'ls /proc/pid' - -Explaining all the entries inside the /proc filesystem is beyond the scope of this document. Some of the useful ones are listed below: - -- /proc/cmdline -> Kernel command line -- /proc/cpuinfo -> information about the processor's make, model etc -- /proc/filesystems -> filesystem information supported by the kernel -- /proc//cmdline -> command line arguments passed to the current process -- /proc//mem -> memory held by the process -- /proc//status -> status of the process - -### 3. Tracing ### - -strace and ltrace are two of the tracing tools used in Linux to trace program execution details. - -#### strace: #### - -strace intercepts and records system calls within a process and the signals received by it. To the user, it displays the system calls, arguments passed to them and the return values. strace can be attached to a process that is already running or to a new process. It is useful as a diagnostic and debugging tools for developers and system administrators. It can also be used as a tool to understand how system calls work by tracing different programs. Advantage of this tool is that no source code is needed and programs need not be recompiled. - -The basic syntax for using strace is: - -**strace command** - -There are various options that are available to be used with strace command. One can check out the man page for strace tool to get more details. - -The output of strace can be quite lengthy and we may not be interested in going through each and every line that is displayed. We can use the '-e expr' option to filter the unwanted data. - -Use '-p pid' option to attach it to a running process. - -Output of the command can be redirected to a file using the '-o' option - -![output of strace filtering only the open system call](http://blog.linoxide.com/wp-content/uploads/2014/12/strace-output.png) -output of strace filtering only the open system call - -#### ltrace: #### - -ltrace tracks and records the dynamic (runtime) library calls made by a process and the signals received by it. It can also track the system calls made within a process. It's usage is similar to strace - -**ltrace command** - -'-i ' option prints the instruction pointer at the time of library call - -'-S' option is used to display both system calls and library calls - -Refer to the ltrace man page for all the available options. - -![output of ltrace capturing 'strcmp' library call](http://blog.linoxide.com/wp-content/uploads/2014/12/ltrace-output.png) -output of ltrace capturing 'strcmp' library call - -### 4. Valgrind ### - -Valgrind is a suite of debugging and profiling tools. One of the widely used and the default tool is a memory checking tool called 'Memcheck' which intercepts calls made to malloc(), new(), free() and delete(). In other words, it is useful in detecting problems like: - -- memory leaks -- double freeing -- boundary overruns -- using uninitialized memory -- using a memory after it has been freed etc. - -It works directly with the executable files. - -Valgrind comes with a few drawbacks as well. It can slow down your program as it increases the memory footprint. It can sometimes produce false positives and false negatives. It cannot detect out-of-range access to statically allocated arrays - -In order to use it, first download it and install it on your system. ([Valgrind's download page][1]). It can be installed using the package manager for the operating system that one is using. - -Installation using command line involves decompressing and untarring the downloaded file. - - tar -xjvf valgring-x.y.z.tar.bz2 (where x.y.z is the version number you are trying to install) - -Get inside the newly created directory (valgrind-x.y.z)and run the following commands: - - ./configure - make - make install - -Let's understand how valgrind works with a small program(test.c): - - #include - - void f(void) - - { - int x = malloc(10 * sizeof(int)); - - x[10] = 0; - } - - int main() - { - f(); - return 0; - } - -Compile the program: - - gcc -o test -g test.c - -Now we have an executable file called 'test'. We can now use valgrind to check for memory errors: - - valgrind –tool=memcheck –leak-check=yes test - -Here is the valgrind output showing the errors: - -![output of valgrind showing heap block overrun and memory leak](http://blog.linoxide.com/wp-content/uploads/2014/12/Valgrind.png) -output of valgrind showing heap block overrun and memory leak - -As we can see in the above message, we are trying to access the area beyond what is allocated in function f and the allocated memory is not freed. - -### 5. GDB ### - -GDB is a debugger from Free Software Foundation. It is useful in locating and fixing problems in the code. It gives control to the user to perform various actions when the program to be debugged is running, like: - -- starting the program -- stop at specified locations -- stop on specified conditions -- examine required information -- make changes to data in the program etc. - -One can also attach a core dump of a crashed program to GDB and analyse the cause of crash. - -GDB provides a lot of options to debug programs. However, we will cover some important options here so that one can get a feel of how to get started with GDB. - -If you do not already have GDB installed, it can be downloaded from [GDB's official website][2]. - -#### Compiling programs: #### - -In order to debug a program using GDB, it has to be compiled using gcc with the'-g' option. This produces debugging information in the operating system's native format and GDB works with this information. - -Here is a simple program (example1.c)performing divide by zero to show the usage of GDB: - - #include - int divide() - { - int x=5, y=0; - return x / y; - } - - int main() - { - divide(); - } - -![An example showing usage of gdb](http://blog.linoxide.com/wp-content/uploads/2014/12/gdb-example.png) -An example showing usage of gdb - -#### Invoking GDB: #### - -GDB can be started by executing 'gdb' in the command-line: - -![invoking gdb](http://blog.linoxide.com/wp-content/uploads/2014/12/gdb.png) -invoking gdb - -Once invoked, it remains there waiting for commands from the terminal and executing them until exited . - -If a process is already running and you need to attach GDB to it, it can be done by specifying the process id Suppose a program has already crashed and one wants to analyse the cause of the problem, then attaching GDB to the core file helps. - -#### Starting the program: #### - -Once you are inside GDB, use the 'run' command to start the program to be debugged - -#### Passing arguments to the program: #### - -Use the 'set args' command to send the arguments to your program when it runs next time 'show args' will show the arguments passed to the program - -#### Verifying the stack: #### - -Whenever a program stops, first thing anyone wants to understand is why it stopped and how it stopped there. This information is called backtrace. Every function call generated by a program gets stored along with the local variables, arguments passed, call location etc in a block of data inside the stack and is called a frame. Using GDB we can examine all this data. GDB identifies these frames by giving them numbers starting from the innermost frame. - -- **bt**: prints the backtrace of the entire stack -- **bt ** prints the backtrace of n frames -- **frame **: switches to the specified frame and prints that frame -- **up **: move 'n' frames up -- **down **: move 'n' frames down. ( n is 1 by default) - -#### Examining data: #### - -Program's data can be examined inside GDB using the 'print' command. For example, if 'x' is a variable inside the debugging program, 'print x' prints the value of x. - -#### Examining source: #### - -Parts of source file can be printed within GDB. 'list' command by default prints 10 lines of code. - -- **list **: list the source file around 'linenum' -- **list **: list the source from the beginning of 'function' - -- **disas **: displays the machine code for the function - -#### Stopping and resuming the program: #### - -Using GDB, we can set breakpoints, watchpoint etc in order to stop the program wherever required. - -- **break **: Sets up a breakpoint at 'location'. When this is hit while the program is executing, control is given to the user. -- **watch **: GDB stops when the 'expr' is written into by the program and it's value changes -- **catch **: GDB stops when the 'event' occurs. -- **disable **: disable the specified breakpoint -- **enable **: enable the specified breakpoint -- **delete **: delete the breakpoint / watchpoint / catch point passed. If no arguments are passed default action is to work on all the breakpoints - -- **step**: execute the program step by step -- **continue**: continue with program execution until execution is complete - -#### Exiting GDB: #### - -Use the 'quit' command to exit from GDB - -There are many more options that are available with GDB. Use the help option once you are inside GDB for more details. - -![getting help within gdb](http://blog.linoxide.com/wp-content/uploads/2014/12/gdb-help.png) -getting help within gdb - -### Summary ### - -In this article, we have seen different types of user space debug tools available in Linux. To summarise all of them, here is a quick guideline on when to use what: -Basic debugging, getting values of key variables – print statements - -Get information about filesystems supported, available memory, cpus, status of a running program in the kernel etc - querying /proc filesystem - -Initial problem diagnosis, system call or library call related issues , understanding program flow – strace / ltrace - -Application space related memory problems – valgrind - -To examine runtime behaviour of applications, analysing application crashes – gdb. - --------------------------------------------------------------------------------- - -via: http://linoxide.com/linux-how-to/user-space-debugging-tools-linux/ - -作者:[B N Poornima][a] -译者:[mtunique](https://github.com/mtunique) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 - -[a]:http://linoxide.com/author/bnpoornima/ -[1]:http://valgrind.org/downloads.html -[2]:http://www.gnu.org/software/gdb/download/ From e9213927c5e39e29d3cab3032cd7abb3228fd176 Mon Sep 17 00:00:00 2001 From: mtunique Date: Wed, 31 Dec 2014 11:47:24 +0800 Subject: [PATCH 11/98] =?UTF-8?q?=E3=80=90=E7=BF=BB=E8=AF=91=E5=AE=8C?= =?UTF-8?q?=E6=88=90=E3=80=9120141229=205=20User=20Space=20Debugging=20Too?= =?UTF-8?q?ls=20in=20Linux?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ...9 5 User Space Debugging Tools in Linux.md | 263 ++++++++++++++++++ 1 file changed, 263 insertions(+) create mode 100644 translated/tech/20141229 5 User Space Debugging Tools in Linux.md diff --git a/translated/tech/20141229 5 User Space Debugging Tools in Linux.md b/translated/tech/20141229 5 User Space Debugging Tools in Linux.md new file mode 100644 index 0000000000..e3594e9e61 --- /dev/null +++ b/translated/tech/20141229 5 User Space Debugging Tools in Linux.md @@ -0,0 +1,263 @@ +5 Linux下用户空间调试工具 +================================================================================ +根据定义,调试工具是那些那些使我们能够监测、控制和纠正其他程序的程序。我们为什么应该用调试工具呢? 在有些情况下,运行一些程序的时候我们会被卡住,我们需要明白究竟发生了什么。 例如, 我们正在运行应用程序,它禅城了一些错误消息。要修复这些错误,我们应该先找出为什么产生这些错误消息和这些错误消息从哪里产生的。 一个一用程序可能突然挂起,我们必须了解其他什么进程通识在运行。我们可能还必须弄清楚进程'x'挂起的时候在做什么。为了剖析这些细节, 我们需要调试工具的帮助。有几个Linux下的用户空间调试工具和技术,他们用来分析用户空间问题相当有用。他们是: + +- **'print' 语句** +- **查询 (/proc, /sys etc)** +- **跟踪 (strace/ltrace)** +- **Valgrind (memwatch)** +- **GDB** + +让我们一个个地了解。 + +### 1.'print' 语句 ### + +这是一个基本的原始的调试问题的方法。 我们可以在程序中插入print语句来了解控制流和变量值。 虽然这是一个简单的技术, 但它有一些缺点的。 程序需要进行编辑以添加'print'语句,然后不得不重新编译,重新运行来获得输出。 如果要调试的程序相当大,这是一个耗时的方法。 + +### 2. 查询 ### + +在某些情况下,我们需要弄清楚在一个运行在内核中的进程的状态和内存映射。 为了获得这些信息,我们不需要在内核中插入任何代码。 相反,可以用 /proc 文件系统。 + +/proc 是一个伪文件系统,系统一起启动运行就收集着运行时系统的信息 (cpu信息, 内存容量 等)。 + +![output of 'ls /proc'](http://blog.linoxide.com/wp-content/uploads/2014/12/proc-output.png) +'ls /proc'的输出 + +正如你看到的, 系统中运行的每一个进程在/proc文件系统中有一个以进程id命名的项。每个进程的细节信息可以在进程id对应的目录下的文件中获得。 + +![output of 'ls /proc/pid'](http://blog.linoxide.com/wp-content/uploads/2014/12/proc-pid.png) +'ls /proc/pid'的输出 + +解释/proc文件系统内的所有条目超出了本文的范围。一些有用的列举如下: + +- /proc/cmdline -> 内核命令行 +- /proc/cpuinfo -> 关于处理器的品牌,型号信息等 +- /proc/filesystems -> 文件系统的内核支持的信息 +- /proc//cmdline -> 命令行参数传递到当前进程 +- /proc//mem -> 当前进程持有的内存 +- /proc//status -> 当前进程的状态 + +### 3. 跟踪 ### + +strace的和ltrace是两个在Linux中用来追踪程序的执行细节的跟踪工具 + +#### strace: #### + +strace拦截和记录系统调用并且由它来接收的信号。对于用户,它显示了系统调用,传递给它们的参数和返回值。 strace的可以附着到已在运行的进程中,或到一个新的进程。它作为一个针对发者和系统管理员的诊断和调试工具是很有用的。它也可以用来当为一个通过跟踪不同的程序调用来了解系统的工具。这个工具的好处是不需要源代码和程序不需要重新编译。 + +使用strace的基本语法是: + +**strace command** + +strace有各种各样的参数。可以检查看strace的手册页来获得更多的细节。 + +strace的输出非常长,我们通常不会对显示的每一行都感兴趣。我们可以用'-e expr'选项来过滤不想要的数据。 + +用 '-p pid' 选项来绑到运行中的进程. + +用'-o'选项,命令的输出可以被重定向到文件。 + +![output of strace filtering only the open system call](http://blog.linoxide.com/wp-content/uploads/2014/12/strace-output.png) +strace过滤成只有系统调用的输出 + +#### ltrace: #### + +ltrace跟踪和记录一个忠诚的动态(运行时)库的调用和收到的信号。它也可以跟踪一个进程所作的系统调用。它的用法是类似与strace。 + +**ltrace command** + +'-i' 选项在调用库时打印指令指针。 + +'-S' 选项被用来现实系统调用和库调用 is used to display both system calls and library calls + +所有可用的选项请参阅ltrace手册。 + +![output of ltrace capturing 'strcmp' library call](http://blog.linoxide.com/wp-content/uploads/2014/12/ltrace-output.png) +ltrace捕捉“STRCMP”库调用的输出 + +### 4. Valgrind ### + +Valgrind是一套调试和分析工具。一个被广泛使用的工具,默认的工具被称为'Memcheck'的拦截malloc(),new(),free()和delete()调用的内存检测工具。换句话说,它在检测下面这些问题非常有用: + +- 内存泄露 +- 重释放 +- 访问越界 +- 使用未初始化的内存 +- 使用的内存已经被释放 等。 + +它直接通过可执行文件运行。 + +Valgrind带有一些缺点。因为它增加了内存占用,可以减慢你的程序。它有时会造成误报和漏报。它不能检测出静态分配的数组的访问越界问题。 + +为了用他, 首先下载并安装在你的系统上。 ([Valgrind下载页面][1]). 可以使用操作系统上的包管理起来安装。 + +使用命令行安装涉及解压缩,解包下载的文件。 + + tar -xjvf valgring-x.y.z.tar.bz2 (where x.y.z is the version number you are trying to install) + +进入新创建的目录(的valgrind-XYZ)内运行以下命令: + + ./configure + make + make install + +让我们通过一个小程序(test.c)来理解valgrind怎么工作的: + + #include + + void f(void) + + { + int x = malloc(10 * sizeof(int)); + + x[10] = 0; + } + + int main() + { + f(); + return 0; + } + +编译程序: + + gcc -o test -g test.c + +现在我们有一个可执行文件叫做'test'。我们现在可以用valgrind来检测内存错误: + + valgrind –tool=memcheck –leak-check=yes test + +这是valgrind呈现错误的输出: + +![output of valgrind showing heap block overrun and memory leak](http://blog.linoxide.com/wp-content/uploads/2014/12/Valgrind.png) +valgrind显示堆溢出和内存泄漏的输出 + +正如我们在上面看到的消息,我们正在试图访问超出函数f分配的内存和分配的内存没有释放。 + +### 5. GDB ### + +GDB是来自自由软件基金会的调试器。它对定位和修复代码中的问题很有帮助。当被调试的程序运行时,它给用户控制权去执行各种动作, 比如: + +- 启动程序 +- 停在指定位置 +- 停在指定的条件 +- 检查所需信息 +- 改变程序中的数据 等。 + +你也可以附加一个崩溃的程序core dump到GDB并分析故障的原因。 + +GDB提供很多选项来调试程序。 provides a lot of options to debug programs. 然而,我们将介绍一些重要的选择,来感受如何开始使用GDB。 + +如果你还没有安装GDB,可以在这里下载 [GDB官方网站][2]. + +#### 编译程序: #### + +为了用GDB调试程序,必须使用gcc的'-g'选项进行编译。将以操作系统的本地格式产生调试信息,GDB利用这些信息来工作。 + +下面是一个简单的程序(example1.c)执行被零除用来显示GDB的用法: + + #include + int divide() + { + int x=5, y=0; + return x / y; + } + + int main() + { + divide(); + } + +![An example showing usage of gdb](http://blog.linoxide.com/wp-content/uploads/2014/12/gdb-example.png) +展示GDB用法的例子 + +#### 调用 GDB: #### + +通过在命令行中执行'gdb'来启动gdb: + +![invoking gdb](http://blog.linoxide.com/wp-content/uploads/2014/12/gdb.png) +调用 gdb + +一旦调用, 它将等待终端命令并执行,直到退出。 + +如果一个进程已经在运行,你需要将GDB连接到它上面,可以通过指定进程ID来实现。假设程序已经崩溃,要分析问题的原因,然后连接GDB的core文件帮助。 + +#### 启动程序: #### + +一旦你在GDB里面,使用'run'命令来启动程序进行调试。 + +#### 给程序传参数: #### + +使用'set args'给你的程序传参数,当程序下次运行时将获得参数。'show args”将显示传递给程序的参数。 + +#### 检查堆栈: #### + +每当程序停止,任何人想明白的第一件事就是它为什么停止,以及怎么停在那里的。该信息被称为反向跟踪。由程序产生每个函数调用和局部变量,传递的参数,调用位置等信息一起存储在堆栈内的数据块种,被称为一帧。我们可以使用GDB来检查所有这些数据。 GDB从最底层的帧开始给这些帧编号。 + +- **bt**: 打印整个堆栈的回溯 +- **bt ** 打印n个帧的回溯 +- **frame **: 切换到指定的帧,并打印该帧 +- **up **: 上移'n'个帧 +- **down **: 下移'n'个帧 ( n默认是1) + +#### 检查数据: #### + +程序的数据可以在里面GDB使用'print'命令进行检查。例如,如果'X'是调试程序内的变量,'print x'会打印x的值。 + +#### 检查源码: #### + +源码可以在GDB中打印。默认情况下,'list'命令会打印10行代码。 + +- **list **: 列出'linenum'行周外的源码 +- **list **: 从'function'开始列出源码 +- **disas **: 显示该函数机器代码 + +#### 停止和恢复程序: #### + +使用GDB,我们可以在必要的地方设置断点,观察点等来停止程序。 + +- **break **: 在'location'设置一个断点。当在程序执行到这里时断点将被击中,控制权被交给用户。 +- **watch **: 当'expr'被程序写而且它的值发生变化时GDB将停止 +- **catch **: 当'event'发生时GDB停止。 +- **disable **: 禁用指定断点 +- **enable **: 启用指定断点 +- **delete **: 删除 断点/观察点/捕获点。 如果没有传递参数默认操作是在所有的断点。 +- **step**: 一步一步执行程序 +- **continue**: 继续执行程序,直到执行完毕 + +#### 退出 GDB: #### + +用'quit'命令还从GDB中退出。 + +GDB还有更多的可用选项。里面GDB使用help选项了解更多详情。 + +![getting help within gdb](http://blog.linoxide.com/wp-content/uploads/2014/12/gdb-help.png) +在GDB种获得帮助 + +### 总结 ### + +在这篇文章中,我们已经看到不同类型的Linux用户空间的调试工具。总结以上所有内容,这是些什么时候使用该什么的快速指南: + +基本调试,获得关键变量 - print 语句 + +获取有关文件系统支持,可用内存,CPU,运行程序的内核状态等信息 - 查询 /proc 文件系统 + +最初的问题诊断,系统调用或库调用的相关问题,了解程序流程 – strace / ltrace + +应用程序内存空间的问题 – valgrind + +检查应用程序运行时的行为,分析应用程序崩溃 – gdb。 + +-------------------------------------------------------------------------------- + +via: http://linoxide.com/linux-how-to/user-space-debugging-tools-linux/ + +作者:[B N Poornima][a] +译者:[mtunique](https://github.com/mtunique) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:http://linoxide.com/author/bnpoornima/ +[1]:http://valgrind.org/downloads.html +[2]:http://www.gnu.org/software/gdb/download/ From 62ec8144152a046ca473fdd795285fb0d23e376d Mon Sep 17 00:00:00 2001 From: ZhouJ-sh <32321321@qq.com> Date: Wed, 31 Dec 2014 12:03:11 +0800 Subject: [PATCH 12/98] =?UTF-8?q?=E9=80=89=E9=A2=98=2020141230=20Second=20?= =?UTF-8?q?Edition=20of=20Ubuntu=20Manual=2014.04=20LTS=20Is=20Out?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../20141230 Second Edition of Ubuntu Manual 14.04 LTS Is Out.md | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 sources/news/20141230 Second Edition of Ubuntu Manual 14.04 LTS Is Out.md diff --git a/sources/news/20141230 Second Edition of Ubuntu Manual 14.04 LTS Is Out.md b/sources/news/20141230 Second Edition of Ubuntu Manual 14.04 LTS Is Out.md new file mode 100644 index 0000000000..e69de29bb2 From 7c5acd73f20bdea81542bf04c515fd0832fc08c1 Mon Sep 17 00:00:00 2001 From: mtunique Date: Wed, 31 Dec 2014 12:06:31 +0800 Subject: [PATCH 13/98] =?UTF-8?q?=E3=80=90=E7=BF=BB=E8=AF=91=E5=AE=8C?= =?UTF-8?q?=E6=88=90=E3=80=9120141229=205=20User=20Space=20Debugging=20Too?= =?UTF-8?q?ls=20in=20Linux?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ...9 5 User Space Debugging Tools in Linux.md | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/translated/tech/20141229 5 User Space Debugging Tools in Linux.md b/translated/tech/20141229 5 User Space Debugging Tools in Linux.md index e3594e9e61..7989758115 100644 --- a/translated/tech/20141229 5 User Space Debugging Tools in Linux.md +++ b/translated/tech/20141229 5 User Space Debugging Tools in Linux.md @@ -1,6 +1,6 @@ 5 Linux下用户空间调试工具 ================================================================================ -根据定义,调试工具是那些那些使我们能够监测、控制和纠正其他程序的程序。我们为什么应该用调试工具呢? 在有些情况下,运行一些程序的时候我们会被卡住,我们需要明白究竟发生了什么。 例如, 我们正在运行应用程序,它禅城了一些错误消息。要修复这些错误,我们应该先找出为什么产生这些错误消息和这些错误消息从哪里产生的。 一个一用程序可能突然挂起,我们必须了解其他什么进程通识在运行。我们可能还必须弄清楚进程'x'挂起的时候在做什么。为了剖析这些细节, 我们需要调试工具的帮助。有几个Linux下的用户空间调试工具和技术,他们用来分析用户空间问题相当有用。他们是: +根据定义,调试工具是那些那些使我们能够监测、控制和纠正其他程序的程序。我们为什么应该用调试工具呢? 在有些情况下,运行一些程序的时候我们会被卡住,我们需要明白究竟发生了什么。 例如, 我们正在运行应用程序,它产生了一些错误消息。要修复这些错误,我们应该先找出为什么产生这些错误的消息和这些错误消息从哪里产生的。 一个应用程序可能突然挂起,我们必须了解其他什么进程同时在运行。我们可能还必须弄清楚进程'x'挂起的时候在做什么。为了剖析这些细节, 我们需要调试工具的帮助。有几个Linux下的用户空间调试工具和技术,他们用来分析用户空间问题相当有用。他们是: - **'print' 语句** - **查询 (/proc, /sys etc)** @@ -16,7 +16,7 @@ ### 2. 查询 ### -在某些情况下,我们需要弄清楚在一个运行在内核中的进程的状态和内存映射。 为了获得这些信息,我们不需要在内核中插入任何代码。 相反,可以用 /proc 文件系统。 +在某些情况下,我们需要弄清楚在一个运行在内核中的进程的状态和内存映射。为了获得这些信息,我们不需要在内核中插入任何代码。 相反,可以用 /proc 文件系统。 /proc 是一个伪文件系统,系统一起启动运行就收集着运行时系统的信息 (cpu信息, 内存容量 等)。 @@ -43,7 +43,7 @@ strace的和ltrace是两个在Linux中用来追踪程序的执行细节的跟踪 #### strace: #### -strace拦截和记录系统调用并且由它来接收的信号。对于用户,它显示了系统调用,传递给它们的参数和返回值。 strace的可以附着到已在运行的进程中,或到一个新的进程。它作为一个针对发者和系统管理员的诊断和调试工具是很有用的。它也可以用来当为一个通过跟踪不同的程序调用来了解系统的工具。这个工具的好处是不需要源代码和程序不需要重新编译。 +strace拦截和记录系统调用并且由它来接收的信号。对于用户,它显示了系统调用,传递给它们的参数和返回值。 strace的可以附着到已在运行的进程中,或到一个新的进程。它作为一个针对开发者和系统管理员的诊断,调试工具是很有用的。它也可以用来当为一个通过跟踪不同的程序调用来了解系统的工具。这个工具的好处是不需要源代码和程序不需要重新编译。 使用strace的基本语法是: @@ -62,18 +62,18 @@ strace过滤成只有系统调用的输出 #### ltrace: #### -ltrace跟踪和记录一个忠诚的动态(运行时)库的调用和收到的信号。它也可以跟踪一个进程所作的系统调用。它的用法是类似与strace。 +ltrace跟踪和记录一个进程的动态(运行时)库的调用和收到的信号。它也可以跟踪一个进程所作的系统调用。它的用法是类似与strace。 **ltrace command** '-i' 选项在调用库时打印指令指针。 -'-S' 选项被用来现实系统调用和库调用 is used to display both system calls and library calls +'-S' 选项被用来现实系统调用和库调用 所有可用的选项请参阅ltrace手册。 ![output of ltrace capturing 'strcmp' library call](http://blog.linoxide.com/wp-content/uploads/2014/12/ltrace-output.png) -ltrace捕捉“STRCMP”库调用的输出 +ltrace捕捉'STRCMP'库调用的输出 ### 4. Valgrind ### @@ -144,9 +144,9 @@ GDB是来自自由软件基金会的调试器。它对定位和修复代码中 - 检查所需信息 - 改变程序中的数据 等。 -你也可以附加一个崩溃的程序core dump到GDB并分析故障的原因。 +你也可以附加一个崩溃的程序coredump到GDB并分析故障的原因。 -GDB提供很多选项来调试程序。 provides a lot of options to debug programs. 然而,我们将介绍一些重要的选择,来感受如何开始使用GDB。 +GDB提供很多选项来调试程序。 然而,我们将介绍一些重要的选择,来感受如何开始使用GDB。 如果你还没有安装GDB,可以在这里下载 [GDB官方网站][2]. @@ -180,7 +180,7 @@ GDB提供很多选项来调试程序。 provides a lot of options to debug progr 一旦调用, 它将等待终端命令并执行,直到退出。 -如果一个进程已经在运行,你需要将GDB连接到它上面,可以通过指定进程ID来实现。假设程序已经崩溃,要分析问题的原因,然后连接GDB的core文件帮助。 +如果一个进程已经在运行,你需要将GDB连接到它上面,可以通过指定进程ID来实现。假设程序已经崩溃,要分析问题的原因,则连接GDB到core文件。 #### 启动程序: #### @@ -188,7 +188,7 @@ GDB提供很多选项来调试程序。 provides a lot of options to debug progr #### 给程序传参数: #### -使用'set args'给你的程序传参数,当程序下次运行时将获得参数。'show args”将显示传递给程序的参数。 +使用'set args'给你的程序传参数,当程序下次运行时将获得参数。'show args'将显示传递给程序的参数。 #### 检查堆栈: #### From 587f865cb2bd27bdbb4090f6db9fc4f3538b3af2 Mon Sep 17 00:00:00 2001 From: ideas4u Date: Wed, 31 Dec 2014 12:55:26 +0800 Subject: [PATCH 14/98] Delete 20141211 How to use matplotlib for scientific plotting on Linux.md --- ...lotlib for scientific plotting on Linux.md | 153 ------------------ 1 file changed, 153 deletions(-) delete mode 100644 sources/tech/20141211 How to use matplotlib for scientific plotting on Linux.md diff --git a/sources/tech/20141211 How to use matplotlib for scientific plotting on Linux.md b/sources/tech/20141211 How to use matplotlib for scientific plotting on Linux.md deleted file mode 100644 index bf9ac1462c..0000000000 --- a/sources/tech/20141211 How to use matplotlib for scientific plotting on Linux.md +++ /dev/null @@ -1,153 +0,0 @@ -ideas4u Translating.. -How to use matplotlib for scientific plotting on Linux -================================================================================ -If you want an efficient, automatable solution for producing high-quality scientific plots in Linux, then consider using matplotlib. Matplotlib is a Python-based open-source scientific plotting package with a license based on the Python Software Foundation license. The extensive documentation and examples, integration with Python and the NumPy scientific computing package, and automation capability are just a few reasons why this package is a solid choice for scientific plotting in a Linux environment. This tutorial will provide several example plots created with matplotlib. - -### Features ### - -- Numerous plot types (bar, box, contour, histogram, scatter, line plots...) -- Python-based syntax -- Integration with the NumPy scientific computing package -- Source data can be Python lists, Python tuples, or NumPy arrays -- Customizable plot format (axes scales, tick positions, tick labels...) -- Customizable text (font, size, position...) -- TeX formatting (equations, symbols, Greek characters...) -- Compatible with IPython (allows interactive plotting from a Python shell) -- Automation - use Python loops to iteratively create plots -- Save plots to image files (png, pdf, ps, eps, and svg format) - -The Python-based syntax of matplotlib serves as the foundation for many of its features and enables an efficient workflow. There are many scientific plotting packages that can produce quality plots, but do they allow you to do it directly from within your Python code? On top of that, do they allow you to create automated routines for iterative creation of plots that can be saved as image files? Matplotlib allows you to accomplish all of these tasks. You can now look forward to saving time that would have otherwise been spent manually creating multiple plots. - -### Installation ### - -Installation of Python and the NumPy package is a prerequisite for use of matplotlib. Instructions for installing NumPy can be found [here][1]. - -To install matplotlib in Debian or Ubuntu, run the following command: - - $ sudo apt-get install python-matplotlib - -To install matplotlib in Fedora or CentOS/RHEL, run the following command: - - $ sudo yum install python-matplotlib - -### Matplotlib Examples ### - -This tutorial will provide several plotting examples that demonstrate how to use matplotlib: - -- Scatter and line plot -- Histogram plot -- Pie chart - -In these examples we will use Python scripts to execute matplotlib commands. Note that the numpy and matplotlib modules must be imported from within the scripts via the import command. np is specified as a reference to the numpy module and plt is specified as a reference to the matplotlib.pyplot namespace: - - import numpy as np - import matplotlib.pyplot as plt - -### Example 1: Scatter and Line Plot ### - -The first script, script1.py completes the following tasks: - -- Creates three data sets (xData, yData1, and yData2) -- Creates a new figure (assigned number 1) with a width and height of 8 inches and 6 inches, respectively -- Sets the plot title, x-axis label, and y-axis label (all with font size of 14) -- Plots the first data set, yData1, as a function of the xData dataset as a dotted blue line with circular markers and a label of "y1 data" -- Plots the second data set, yData2, as a function of the xData dataset as a solid red line with no markers and a label of "y2 data". -- Positions the legend in the upper left-hand corner of the plot -- Saves the figure as a PNG file - -Contents of script1.py: - - import numpy as np - import matplotlib.pyplot as plt - - xData = np.arange(0, 10, 1) - yData1 = xData.__pow__(2.0) - yData2 = np.arange(15, 61, 5) - plt.figure(num=1, figsize=(8, 6)) - plt.title('Plot 1', size=14) - plt.xlabel('x-axis', size=14) - plt.ylabel('y-axis', size=14) - plt.plot(xData, yData1, color='b', linestyle='--', marker='o', label='y1 data') - plt.plot(xData, yData2, color='r', linestyle='-', label='y2 data') - plt.legend(loc='upper left') - plt.savefig('images/plot1.png', format='png') - -The resulting plot is shown below: - -![](https://farm8.staticflickr.com/7529/15927002365_f5ae11cf02_z.jpg) - -### Example 2: Histogram Plot ### - -The second script, script2.py completes the following tasks: - -- Creates a data set containing 1000 random samples from a Normal distribution -- Creates a new figure (assigned number 1) with a width and height of 8 inches and 6 inches, respectively -- Sets the plot title, x-axis label, and y-axis label (all with font size of 14) -- Plots the data set, samples, as a histogram with 40 bins and an upper and lower bound of -10 and 10, respectively -- Adds text to the plot and uses TeX formatting to display the Greek letters mu and sigma (font size of 16) -- Saves the figure as a PNG file - -Contents of script2.py: - - import numpy as np - import matplotlib.pyplot as plt - - mu = 0.0 - sigma = 2.0 - samples = np.random.normal(loc=mu, scale=sigma, size=1000) - plt.figure(num=1, figsize=(8, 6)) - plt.title('Plot 2', size=14) - plt.xlabel('value', size=14) - plt.ylabel('counts', size=14) - plt.hist(samples, bins=40, range=(-10, 10)) - plt.text(-9, 100, r'$\mu$ = 0.0, $\sigma$ = 2.0', size=16) - plt.savefig('images/plot2.png', format='png') - -The resulting plot is shown below: - -![](https://farm8.staticflickr.com/7531/15304765024_1cc271b6e0_z.jpg) - -### Example 3: Pie Chart ### - -The third script, script3.py completes the following tasks: - -- Creates data set containing five integers -- Creates a new figure (assigned number 1) with a width and height of 6 inches and 6 inches, respectively -- Adds an axes to the figure with an aspect ratio of 1 -- Sets the plot title (font size of 14) -- Plots the data set, data, as a pie chart with labels included -- Saves the figure as a PNG file - -Contents of script3.py: - - import numpy as np - import matplotlib.pyplot as plt - - data = [33, 25, 20, 12, 10] - plt.figure(num=1, figsize=(6, 6)) - plt.axes(aspect=1) - plt.title('Plot 3', size=14) - plt.pie(data, labels=('Group 1', 'Group 2', 'Group 3', 'Group 4', 'Group 5')) - plt.savefig('images/plot3.png', format='png') - -The resulting plot is shown below: - -![](https://farm8.staticflickr.com/7504/15926356092_7c3e5217aa_z.jpg) - -### Summary ### - -This tutorial provides several examples of plots that can be created with the matplotlib scientific plotting package. Matplotlib is a great solution for scientific plotting in a Linux environment given its natural integration with Python and NumPy, its ability to be automated, and its production of a wide variety of customizable high quality plots. Documentation and examples for the matplotlib package can be found [here][2]. - --------------------------------------------------------------------------------- - -via: http://xmodulo.com/matplotlib-scientific-plotting-linux.html - -作者:[Joshua Reed][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 - -[a]:http://xmodulo.com/author/joshua -[1]:http://xmodulo.com/numpy-scientific-computing-linux.html -[2]:http://matplotlib.org/ From 90e3fc481bbc755f49f19bda36183cfe7add044b Mon Sep 17 00:00:00 2001 From: ideas4u Date: Wed, 31 Dec 2014 13:09:48 +0800 Subject: [PATCH 15/98] Update 20141229 4 Steps to Setup Local Repository in Ubuntu using APT-mirror.md translating req --- ...eps to Setup Local Repository in Ubuntu using APT-mirror.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/sources/tech/20141229 4 Steps to Setup Local Repository in Ubuntu using APT-mirror.md b/sources/tech/20141229 4 Steps to Setup Local Repository in Ubuntu using APT-mirror.md index af7d8f8d46..121f496d6a 100644 --- a/sources/tech/20141229 4 Steps to Setup Local Repository in Ubuntu using APT-mirror.md +++ b/sources/tech/20141229 4 Steps to Setup Local Repository in Ubuntu using APT-mirror.md @@ -1,3 +1,4 @@ +ideas4u is translating! 4 Steps to Setup Local Repository in Ubuntu using APT-mirror ================================================================================ Today we will show you how to setup a local repository in your Ubuntu PC or Ubuntu Server straight from the official Ubuntu repository. There are a lot benefit of creating a local repository in your computer if you have a lot of computers to install software, security updates and fixes often in all systems, then having a local Ubuntu repository is an efficient way. Because all required packages are downloaded over the fast LAN connection from your local server, so that it will save your Internet bandwidth and reduces the annual cost of Internet.. @@ -122,4 +123,4 @@ via: http://linoxide.com/ubuntu-how-to/setup-local-repository-ubuntu/ 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 [a]:http://linoxide.com/author/arunp/ -[1]:https://launchpad.net/ubuntu/+archivemirrors \ No newline at end of file +[1]:https://launchpad.net/ubuntu/+archivemirrors From 3a97aad992ee78b3815f59d82890311602ec6d47 Mon Sep 17 00:00:00 2001 From: ZhouJ-sh <32321321@qq.com> Date: Wed, 31 Dec 2014 17:43:19 +0800 Subject: [PATCH 16/98] translat /news/20141230 Second Edition of Ubuntu Manual 14.04 LTS Is Out --- ...dition of Ubuntu Manual 14.04 LTS Is Ou.md | 32 +++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 translated/news/20141230 Second Edition of Ubuntu Manual 14.04 LTS Is Ou.md diff --git a/translated/news/20141230 Second Edition of Ubuntu Manual 14.04 LTS Is Ou.md b/translated/news/20141230 Second Edition of Ubuntu Manual 14.04 LTS Is Ou.md new file mode 100644 index 0000000000..8bd846df2f --- /dev/null +++ b/translated/news/20141230 Second Edition of Ubuntu Manual 14.04 LTS Is Ou.md @@ -0,0 +1,32 @@ +Ubuntu参考手册14.04 LTS第二版正式发布 +============================================== +初学者可以在手册里获得很有用的信息 +---------------------------------------------- +### Ubuntu参考手册团队表示第二版手册现在已经发布并且可以免费下载 ### + +Ubuntu手册按照惯例会对应相应的LTS发行版本,那么唯一合理的解释就是,现在发布的手册对应于6个月前发布的Ubuntu 14.04 LTS(Trusty Tahr)。与其他书籍一样,特别是大型书籍,手册内容总会出现各种错误或者也许已经和现状不匹配。不过不管怎样,电子书的修正和更新总要方便一些。 + +你也许会觉得奇怪,一个方便上手的免费操作系统竟然会有一个参考手册。或许一个社区就已经足够了。但是,总是有一些新用户连基本的操作都不懂,因此,有一本可以指明最基本的东西的手册拿在手里总是一个很好不过的事情。 + +### 这是“Ubuntu 14.04 LTS入门”手册的第二个版本 ### + +使用Ubuntu操作系统的用户会发现,它和之前用过的其他操作系统有很大的差异,例如Windows和Max OS X。这很正常,并且你也不是任何时候都可以在网上找到一个特定的功能或者组件的相关资源和信息。有一个可以说明Ubuntu 14.04 LTS基本特性的手册可以提供一些帮助。 + +“Ubuntu 14.04e入门对于Ubuntu操作系统而言,是一个很全面的初学者指南手册。它采用的是开源许可协议,你可以自由下载、阅读、修改以及共享。这个手册可以帮助你熟悉如何处理日常的工作,例如上网、听音乐或者扫描文档等等。尤其值得一提的是,这个文档浅显易懂,适合各个层次的用户。” + +“这个快速入门手册可以让你很容易的利用你的计算机做一些事情,而不会陷入技术细节当中。在手册的帮助下,新用户可以很快的熟悉Unity桌面,”更多信息参考[官方网站][1]。 + +这是参照手册的第二版,制作手册的团队具有丰富的经验。就算你已经是一个Ubuntu用户,看一看这个手册也没有什么坏处,因为你总能从其中学到一些东西。你可以在Softpedia[下载Ubuntuy参考手册14.04第二版][2]。 + + +via:http://news.softpedia.com/news/Second-Edition-of-Ubuntu-Manual-14-04-LTS-Is-Out-468395.shtml + +作者:[Silviu Stahie][a] +译者:[zhouj-sh](https://github.com/zhouj-sh) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:http://news.softpedia.com/editors/browse/silviu-stahie +[1]:http://ubuntu-manual.org/ +[2]:http://linux.softpedia.com/get/Documentation/Ubuntu-Manual-53530.shtml From ddb74b91fa9bdaef9d22b47243e454c207470562 Mon Sep 17 00:00:00 2001 From: ZhouJ-sh <32321321@qq.com> Date: Wed, 31 Dec 2014 17:45:52 +0800 Subject: [PATCH 17/98] =?UTF-8?q?=E9=80=89=E9=A2=98=20sources/news/2014123?= =?UTF-8?q?0=20Second=20Edition=20of=20Ubuntu=20Manual=2014.04=20LTS=20Is?= =?UTF-8?q?=20Out?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ...ition of Ubuntu Manual 14.04 LTS Is Out.md | 31 +++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/sources/news/20141230 Second Edition of Ubuntu Manual 14.04 LTS Is Out.md b/sources/news/20141230 Second Edition of Ubuntu Manual 14.04 LTS Is Out.md index e69de29bb2..e2e5550e9d 100644 --- a/sources/news/20141230 Second Edition of Ubuntu Manual 14.04 LTS Is Out.md +++ b/sources/news/20141230 Second Edition of Ubuntu Manual 14.04 LTS Is Out.md @@ -0,0 +1,31 @@ +Second Edition of Ubuntu Manual 14.04 LTS Is Out +============================================================ +Beginners will find good info in this manual +------------------------------------------------------------ +### The Ubuntu Manual Team announces that the second edition of the famous manual has been released and is now available for free download. ### + +The Ubuntu Manual usually covers the LTS releases made by Canonical, so it only stands to reason that the current version is now focused on Ubuntu 14.04 LTS (Trusty Tahr) release made six months ago. Like any other book out there, especially in large ones, mistakes occur or maybe it was left out. In any case, this is a digital edition so it's quite easy to fix and improve. + +You might think it's weird to have a manual for an operating system that is free and easy to try by anyone. Sometimes just having a big community is not enough. There are always new users who don't know the basic things about this operating system, so having a manual at hand that can point even to the simplest things is always an advantage. + +### This is the second edition for "Getting Started with Ubuntu 14.04 LTS" manual ### + +Users who just adopted Ubuntu will find that that it's rather different from other platforms they used before, like Windows or Mac OS X. That's perfectly normal and you might not always have the resources or the knowledge to search for a particular feature or functionality online. Having a manual that describes the basics of Ubuntu 14.04 LTS can really make a difference. + +"Getting Started with Ubuntu 14.04e2 is a comprehensive beginners guide for the Ubuntu operating system. It is written under an open source license and is free for you to download, read, modify and share. The manual will help you become familiar with everyday tasks such as surfing the web, listening to music and scanning documents. With an emphasis on easy to follow instructions, it is suitable for all levels of experience." + +"The manual is a quick-start guide that will get you doing the things you need to do with your computer easily, without getting bogged down with technical details. With the help of this guide, it should not take long before new users get used to the Unity desktop environment," reads the official [website][1]. + +This is the second edition of the manual and the team that worked on it has a great deal of experience. Even if you are an Ubuntu user, it doesn't hurt browsing through it because you might get to learn something. You can [download the Ubuntu Manual 14.04 2nd Edition][2] from Softpedia. + +via:http://news.softpedia.com/news/Second-Edition-of-Ubuntu-Manual-14-04-LTS-Is-Out-468395.shtml + +作者:[Silviu Stahie][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:http://news.softpedia.com/editors/browse/silviu-stahie +[1]:http://ubuntu-manual.org/ +[2]:http://linux.softpedia.com/get/Documentation/Ubuntu-Manual-53530.shtml \ No newline at end of file From a96dfa15d6a07733d8d02406578bf4768e454637 Mon Sep 17 00:00:00 2001 From: liaoishere Date: Wed, 31 Dec 2014 17:59:21 +0800 Subject: [PATCH 18/98] liaosihere is translating --- ...20 How to install Xen hypervisor on unused old hardware.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/sources/tech/20141120 How to install Xen hypervisor on unused old hardware.md b/sources/tech/20141120 How to install Xen hypervisor on unused old hardware.md index 4e8677f480..427d658323 100644 --- a/sources/tech/20141120 How to install Xen hypervisor on unused old hardware.md +++ b/sources/tech/20141120 How to install Xen hypervisor on unused old hardware.md @@ -1,3 +1,5 @@ +liaoishere is translating!! + How to install Xen hypervisor on unused old hardware ================================================================================ Xen is a bare metal hypervisor, meaning that you must prepare a bare machine to install and run Xen. KVM is a little different - you can add it to any machine already running Linux. This tutorial describes how to install and configure Xen hypervisor on unused hardware. @@ -225,4 +227,4 @@ via: http://xmodulo.com/install-xen-hypervisor.html [3]:https://www.debian.org/devel/debian-installer/ [4]:http://ask.xmodulo.com/detect-dvd-writer-device-name-writing-speed-command-line-linux.html [5]:http://ask.xmodulo.com/find-device-name-usb-drive-linux.html -[6]:https://wiki.debian.org/DesktopEnvironment \ No newline at end of file +[6]:https://wiki.debian.org/DesktopEnvironment From 59e014701d68362b7c6f0bb1053a7256ddee93c9 Mon Sep 17 00:00:00 2001 From: H-mudcup Date: Wed, 31 Dec 2014 18:29:16 +0800 Subject: [PATCH 19/98] Delete 20141226 The Good The Bad And The Ugly Of Linux In 2014.md --- ...d The Bad And The Ugly Of Linux In 2014.md | 101 ------------------ 1 file changed, 101 deletions(-) delete mode 100644 sources/talk/20141226 The Good The Bad And The Ugly Of Linux In 2014.md diff --git a/sources/talk/20141226 The Good The Bad And The Ugly Of Linux In 2014.md b/sources/talk/20141226 The Good The Bad And The Ugly Of Linux In 2014.md deleted file mode 100644 index d55b0bc218..0000000000 --- a/sources/talk/20141226 The Good The Bad And The Ugly Of Linux In 2014.md +++ /dev/null @@ -1,101 +0,0 @@ -Translating by H-mudcup -The Good, The Bad And The Ugly Of Linux In 2014 -================================================================================ -![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2014/12/Buggest_Linux_Stories.jpeg) - -Year 2014 is coming to an end and this is the time to summarize some of the **biggest Linux stories in year 2014**. All year round we have followed some good, some bad and some ugly stories related to Linux and Open Source. Let’ have a quick recap on how was the year 2014 for Linux. - -### The Good ### - -First and foremost, let’s see what were the positive stories for Linux lovers in 2014. - -#### Netflix on Linux #### - -![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2014/12/netflix-linux.jpg) - -Linux users have been trying several workaround to make Netflix work on Linux from using Wine to [using beta features in Chrome][1]. Good thing is that Netflix finally brought native support on Linux in year 2014 bringing smiles on the faces of Linux users where Netflix is available. People would still have to rely on workaround to [use Netflix outside US][2] (and other countries where Netflix is available officially). - -#### Open Source/Linux adoption in European countries #### - -![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2014/12/OpenSource_World.jpg) - -Give the credit to economic meltdown, if you want, but Linux and Open Source adoption has been gripping European cities. I am not talking about Linux adoption by individuals but by government and authorities. All year round we heard stories of how [French][3] and [Italian cities saved millions of Euro by switching to Linux][4] and Open Office. And the trend was not limited just to Italy and France, the same could be seen in Spain, [Switzerland][5] and [Germany][6]. - -#### Windows 10 takes inspiration from Linux #### - -![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2014/10/Windows10_Linux.jpg) - -The upcoming release of Microsoft’s flagship operating system, Windows will be called Windows 10 (no Windows 9). And Windows 10 boasts of a number of new features. But these ‘new features’ are new to Microsoft world only and most of those have been existing in Linux world for years. Have a look at such [Windows 10 features copied from Linux][7]. - -### The Bad ### - -Everything was not rosy for Linux in year 2014. Some events happened that dented the image of Linux/Open Source. - -#### Heartbleed #### - -![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2014/12/heartbleed-bug.jpg) - -In April this year, a vulnerability was detected in [OpenSSL][8]. This bug, named [Heartbleed][9], impacted over half a million ‘secured’ websites including Facebook and Google. The bug actually allowed anyone to read memory of the system and hence giving the access to the key that is used to encrypt the traffic. A [comic at xkcd explains the Heartbleed][10] in easier way. Needless to say that this vulnerability was fixed in an update to OpenSSL. - -#### Shellshock #### - -![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2014/09/shellshock_Linux_check.jpeg) - -As if Heartbleed was not enough, Linux world was further rocked in September with a vulnerability in Bash. The bug, named [Shellshock][11], further put Linux system at risk of remote attacks. The vulnerability was exploited by hackers to launch DDoS attacks. An update to Bash version supposedly fixed the issue. - -#### Ubuntu Phone and Steam Console #### - -![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2014/12/Ubuntu_phone.png) - -Promises after promises, hopes after hopes. But even in year 2014 no one saw Ubuntu Phone or Steam gaming consoles. Lots of talks were around Ubuntu Phone tough. From February 2014 release to September to December, finally it is (hopefully slotted) for February 2015 release. No information on Steam consoles though. Read more for [Ubuntu Phone specification, price and release date][12]. - -### The Ugly ### - -Things turned ugly with war over systemd adoption. - -### systemd controversy ### - -![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2014/12/Systemd_everywhere.jpg) - -[init vs systemd][13] dispute is going on for some time. But it turned ugly in 2014 as systemd poised to replace init on several major Linux distribution including Debian, Ubuntu, OpenSUSE, Arch Linux and Fedora. It turned so ugly that it was not just limited to boycottsystemd.org like websites. Lennart Poettering (lead developer and author of systemd) claimed in a [Google Plus post][14] that anti systemd people were “collecting bitcoins to hire a hitman to kill him”. Lennart went on calling Open Source community “a sick place to be in”. People have taken this battle as far as forking Debian to a new OS named [Devuan][15]. - -### And the weird ### - -Along with the good, the bad and the ugly comes the weird and that weird is none other than Microsoft. - -#### Microsoft loves Linux #### - -![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2014/12/Microsoft_Loves_Linux.png) - -Yes! You read it right. [Microsoft loves Linux][16]. The same Microsoft whose CEO Steve Ballmer had once said that [Linux is cancer][17]. Change in Microsoft leadership saw some changes in its approach towards Linux and Open Source when the new CEO Satya Nadella announced that Microsoft loves Linux. This new found love for Linux is actually Microsoft’s attempt to make [Azure][18] as a better cloud platform. For this purpose it needs Hyper-V (core of Azure) virtualization to work with Linux. This desperation has made [Microsoft, fifth biggest contributor to Linux kernel][19]. - --------------------------------------------------------------------------------- - -via: http://itsfoss.com/biggest-linux-stories-2014/ - -作者:[Abhishek][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 - -[a]:http://itsfoss.com/author/Abhishek/ -[1]:http://itsfoss.com/watch-netflix-in-ubuntu-14-04/ -[2]:http://itsfoss.com/easiest-watch-netflix-hulu-usa/ -[3]:http://itsfoss.com/french-city-toulouse-saved-1-million-euro-libreoffice/ -[4]:http://itsfoss.com/italian-city-turin-open-source/ -[5]:http://itsfoss.com/170-primary-public-schools-geneva-switch-ubuntu/ -[6]:http://itsfoss.com/german-town-gummersbach-completes-switch-open-source/ -[7]:http://itsfoss.com/windows-10-inspired-linux/ -[8]:http://en.wikipedia.org/wiki/OpenSSL -[9]:http://heartbleed.com/ -[10]:http://xkcd.com/1354/ -[11]:http://itsfoss.com/linux-shellshock-check-fix/ -[12]:http://itsfoss.com/ubuntu-phone-specification-release-date-pricing/ -[13]:http://www.tecmint.com/systemd-replaces-init-in-linux/ -[14]:https://plus.google.com/+LennartPoetteringTheOneAndOnly/posts/J2TZrTvu7vd -[15]:http://debianfork.org/ -[16]:http://thenewstack.io/microsoft-professes-love-for-linux-adds-support-for-coreos-cloudera-and-host-of-new-features/ -[17]:http://www.theregister.co.uk/2001/06/02/ballmer_linux_is_a_cancer/ -[18]:http://azure.microsoft.com/en-us/ -[19]:http://www.zdnet.com/article/top-five-linux-contributor-microsoft/ From ed7e2448b27175274ae3de46f11413dd519083d6 Mon Sep 17 00:00:00 2001 From: H-mudcup Date: Wed, 31 Dec 2014 18:30:32 +0800 Subject: [PATCH 20/98] Create 20141226 The Good The Bad And The Ugly Of Linux In 2014.md --- ...d The Bad And The Ugly Of Linux In 2014.md | 102 ++++++++++++++++++ 1 file changed, 102 insertions(+) create mode 100644 translated/talk/20141226 The Good The Bad And The Ugly Of Linux In 2014.md diff --git a/translated/talk/20141226 The Good The Bad And The Ugly Of Linux In 2014.md b/translated/talk/20141226 The Good The Bad And The Ugly Of Linux In 2014.md new file mode 100644 index 0000000000..747a670b8b --- /dev/null +++ b/translated/talk/20141226 The Good The Bad And The Ugly Of Linux In 2014.md @@ -0,0 +1,102 @@ +Translated by H-mudcup + +2014年Linux界发生的好事,坏事和丑事 +================================================================================ +![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2014/12/Buggest_Linux_Stories.jpeg) + +2014年已经接近尾声,现在正是盘点**2014年Linux大事件**的时候。整整一年,我们关注了有关Linux和开源的一些好事,坏事和丑事。让我们来快速回顾一下2014对于Linux是怎样的一年。 + +### 好事 ### + +首先,让我们来看看在2014年对于Linux爱好者发生了什么有积极意义的事。 + +#### Linux上的Netflix #### + +![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2014/12/netflix-linux.jpg) + +从使用Wine到[使用Chrome的测试功能][1],为了能让Netflix能在Linux上工作,Linux用户曾尝试了各种方法。好消息是Netflix终于在2014年带来了Linux的本地支持。这让所有能使用Netflix的地区的Linux用户的脸上浮现出了微笑。想在[美国以外的地区使用Netflix][2](或其他官方授权使用Netflix的国家之外)的人还是得靠其他的方法。 + +#### 欧洲国家采用开源/Linux #### + +![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2014/12/OpenSource_World.jpg) + +如果你愿意的话,你可以归功于经济滑坡,但是Linux和开源的采用已经俘虏了欧洲各大城市。我说的可不是个人用户,而是政府和各个官方机构。一整年我们都在听到这样的消息:[法国][3]和[意大利各大城市如何通过改用Linux和开源办公软件节省了数百万欧元][4]。而且这个趋势并没有仅限于意大利和法国,在西班牙、[瑞士][5]和[德国][6]也能见到。 + +#### Windows 10从Linux获得灵感 #### + +![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2014/10/Windows10_Linux.jpg) + +即将发行的微软的旗舰操作系统Windows,将被称为Windows 10(没有Windows 9)。并且Windows 10将拥有一大堆的新特性。但是这些“新特性”只在微软的世界里是新的,而且大多是这些新特性已经在Linux的世界里存在了数年。看看这些[Windows 10从Linux复制的特性][7]。 + +### 坏事 ### + +Linux在2014年并不是一帆风顺。某些事件的发生损坏了Linux/开源的形象。 + +#### Heartbleed心血 #### + +![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2014/12/heartbleed-bug.jpg) + +在今年的四月份,检测到[OpenSSL][8]有一个缺陷。这个漏洞被命名为[Heartbleed心血][9]。他影响了包括Facebook和Google在内的50多万个“安全”网站。这项漏洞可以真正的允许任何人读取系统的内存,并能因此给予用于加密数据流的密匙的访问权限。[xkcd上的漫画以更简单的方式解释了心血][10]。不必说,这个漏洞在OpenSSL的更新中被修复了。 + +#### Shellshock #### + +![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2014/09/shellshock_Linux_check.jpeg) + +好像有个心血还不够似的,在Bash里的一个缺陷更严重的震撼了Linux世界。这个漏洞被命名为[Shellshock][11]。这个漏洞把Linux往远程攻击的危险深渊又推了一把。这项漏洞是通过黑客的DDoS攻击暴露出来的。升级一下Bash版本应该能修复这个问题。 + +#### Ubuntu Phone和Steam控制台 #### + +![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2014/12/Ubuntu_phone.png) + +一个又一个的承诺,一次又一次的期望。但是即使在2014年也没人看见Ubuntu Phone或是Steam游戏控制台。围绕Ubuntu Phone产生了很多激烈的讨论。从2014年二月发行推到九月又推到十二月,(谢天谢地)终于有可能在2015年二月发行。但是Steam控制台还是没有消息。想了解更多请读[Ubuntu Phone说明书,价格和发行日期][12]。 + +### 丑事 ### + +systemd的归属战变得不知廉耻。 + +### systemd大论战 ### + +![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2014/12/Systemd_everywhere.jpg) + +用init还是systemd的争吵已经进行了一段时间了。但是在2014年当systemd准备在包括Debian, Ubuntu, OpenSUSE, Arch Linux and Fedora几个主流Linux分布中替代init时,事情变得不知廉耻了起来。它是如此的一发不可收拾,以至于它已经不限于boycottsystemd.org这类网站了。Lennart Poettering(systemd的首席开发人员及作者)在一条Google Plus状态上声明,说那些反对systemd的人在“收集比特币来雇杀手杀他”。Lennart还声称开源社区“是个恶心得不能待的地方”。人们吵得越来越离谱以至于把Debian分裂成了一个新的操作系统,称为[Devuan][15]。 + +### 还有诡异的事 ### + +伴随着好事、坏事和丑事而来得是诡异的事,而且没谁能比微软更诡异。 + +#### 微软爱Linux #### + +![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2014/12/Microsoft_Loves_Linux.png) + +是的,你没看错。[微软爱Linux][16]。同为微软CEO,Steve Ballmer曾说[Linux是毒瘤][17]。当新CEO,Satya Nadella宣称微软爱Linux时,我们透过微软向Linux和开源的靠近,看到了领导层的改变。这份对Linux的爱实际上是微软试图让[Azure][18]成为更好的云平台。为了达成这项目标,需要虚拟化Hyper-V(Azure核心),以便同Linux一起运行。这个绝境让[微软成为Linux内核的第五大贡献者][19]。 + +-------------------------------------------------------------------------------- + +via: http://itsfoss.com/biggest-linux-stories-2014/ + +作者:[Abhishek][a] +译者:[H-mudcup](https://github.com/H-mudcup) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:http://itsfoss.com/author/Abhishek/ +[1]:http://itsfoss.com/watch-netflix-in-ubuntu-14-04/ +[2]:http://itsfoss.com/easiest-watch-netflix-hulu-usa/ +[3]:http://itsfoss.com/french-city-toulouse-saved-1-million-euro-libreoffice/ +[4]:http://itsfoss.com/italian-city-turin-open-source/ +[5]:http://itsfoss.com/170-primary-public-schools-geneva-switch-ubuntu/ +[6]:http://itsfoss.com/german-town-gummersbach-completes-switch-open-source/ +[7]:http://itsfoss.com/windows-10-inspired-linux/ +[8]:http://en.wikipedia.org/wiki/OpenSSL +[9]:http://heartbleed.com/ +[10]:http://xkcd.com/1354/ +[11]:http://itsfoss.com/linux-shellshock-check-fix/ +[12]:http://itsfoss.com/ubuntu-phone-specification-release-date-pricing/ +[13]:http://www.tecmint.com/systemd-replaces-init-in-linux/ +[14]:https://plus.google.com/+LennartPoetteringTheOneAndOnly/posts/J2TZrTvu7vd +[15]:http://debianfork.org/ +[16]:http://thenewstack.io/microsoft-professes-love-for-linux-adds-support-for-coreos-cloudera-and-host-of-new-features/ +[17]:http://www.theregister.co.uk/2001/06/02/ballmer_linux_is_a_cancer/ +[18]:http://azure.microsoft.com/en-us/ +[19]:http://www.zdnet.com/article/top-five-linux-contributor-microsoft/ From 7633fec9a5470014aca38f8d8065f7e72dfa6eb8 Mon Sep 17 00:00:00 2001 From: "Zhili.Yang" Date: Wed, 31 Dec 2014 22:13:02 +0800 Subject: [PATCH 21/98] [translated]20141106 5 Awesome Open Source Backup Software For Linux and Unix-like Systems --- ...p Software For Linux and Unix-like Systems | 174 ++++++++++++++++++ 1 file changed, 174 insertions(+) create mode 100644 translated/share/20141106 5 Awesome Open Source Backup Software For Linux and Unix-like Systems diff --git a/translated/share/20141106 5 Awesome Open Source Backup Software For Linux and Unix-like Systems b/translated/share/20141106 5 Awesome Open Source Backup Software For Linux and Unix-like Systems new file mode 100644 index 0000000000..d3f12cb979 --- /dev/null +++ b/translated/share/20141106 5 Awesome Open Source Backup Software For Linux and Unix-like Systems @@ -0,0 +1,174 @@ +Linux 和类Unix 系统上5个极品的开源软件备份工具 +================================================================================ +一个好的备份最基本的就是为了能够从一些错误中恢复 + +- 人为的失误 +- 磁盘阵列或是硬盘故障 +- 文件系统崩溃 +- 数据中心被破坏等等。 + +所以,我为大家罗列了一些开源的软件备份工具。 + +### 当为一个企业选择备份工具的时候,你都考虑什么呢? ### + +确定你正在部署的软件具有下面的特性 + +1. **开源软件** - 你务必要选择那些源码可以免费获得,并且可以修改的软件。确信可以恢复你的数据,即使是软件的供应商或者/或是项目停止继续维护这个软件或者是拒绝继续为这个软件提供补丁。 + +2. **跨平台支持** - 确定备份软件可以很好的运行各种需要部署的桌面操作系统和服务器系统。 + +3. **数据格式** - 一种开放的数据格式可以让你能够恢复数据,即使是供应商或是项目停止对软件的支持。 + +4. **自动转换** - 自动转换本来是没什么,除了对于各种备份设备,包括图书馆,近线存储和自动加载,自动转换可以自动完成一些任务,包括加载,挂载和标签备份像磁带这些媒体设备。 + +5. **备份介质** - 确定你可以备份到磁带,硬盘,DVD 和云存储像AWS。 + +6. **加密数据流** - 确定所有客户端到服务器的传输都被加密,保证在LAN/WAN/Internet 中传输的安全性。 + +7. **数据库支持** - 确定备份软件可以备份到数据库,像MySQL 或是 Oracle。 + +8. **备份可以跨越多个卷** - 备份软件(转存文件)可以把每个备份文件分成几个部分,允许将每个部分存在于不同的卷。这样可以保证一些数据量很大的备份(像100TB的文件)可以被存储在一些比单个部分大的设备中,比如说像硬盘和磁盘卷。 + +9. **VSS (卷影复制)** - 这是[微软的卷影复制服务(VSS)][1],通过创建数据的快照来备份。确定备份软件支持VSS的MS-Windows 客户端/服务器。 + +10. **重复数据删除** - 这是一种数据压缩技术,用来消除重复数据的副本(比如,图片)。 + +11. **许可证和成本** - 确定你[理解和使用的开源许可证][3]下的软件源码你可以得到。 + +12. **商业支持** - 开源软件可以提供社区支持(像邮件列表和论坛)和专业的支持(像发行版提供额外的付费支持)。你可以使用付费的专业支持以培训和咨询为目的。 + +13. **报告和警告** - 最后,你必须能够看到备份的报告,当前的工作状态,也能够在备份出错的时候提供警告。 + +### Bacula - 一个应用于多元化异构网络的客户端服务器备份工具 ### + +我个人应用这个软件来管理备份和通过网络来恢复系统,包括Linux, OSX, 和Windows。你可以通过CLI, GUI, 或者Web界面来配置Bacula。 + +![](http://s0.cyberciti.org/uploads/cms/2014/11/bacula-network-backup.jpg) + +- 操作系统:支持跨平台运行。 +- 备份级别:完全,差异,增量,合并。 +- 数据格式:支持自定义且完全开放。 +- 自动转换:支持。 +- 备份介质:支持磁带,磁盘和DVD。 +- 加密数据流:支持。 +- 数据库:支持MSSQL、PostgreSQL、Oracle 。 +- 跨卷备份:支持 +- VSS(卷影复制):支持。 +- 许可:Affero General Public License v3.0。 +- 下载链接:[bacula.org][4] + +### Amanda - 又一个客户端服务器备份工具 ### + +AMANDA 是 Advanced Maryland Automatic Network Disk Archiver 的缩写。它允许系统管理员创建一个单独的服务器来备份网络上的其他主机到磁带驱动器或硬盘或者是自动转换器。 + +- 操作系统:支持跨平台运行。 +- 备份级别:完全,差异,增量,合并。 +- 数据格式:开放(可以通过tar等工具恢复)。 +- 自动转换:支持。 +- 备份介质:支持磁带,磁盘和DVD。 +- 加密数据流:支持。 +- 数据库:支持MSSQL, Oracle。 +- 跨卷备份:支持。 +- VSS(卷影复制):支持。 +- 许可:GPL, LGPL, Apache, Amanda License。 +- 下载链接:[amanda.org][5] + +### Backupninja - 轻量级备份系统 ### + +Backupninja 是一个简单易用的备份系统。你可以简单的拖放配置文件到 /etc/backup.d/ 目录来备份多个主机。 + +![](http://s0.cyberciti.org/uploads/cms/2014/11/ninjabackup-helper-script.jpg) + +- 操作系统:支持Linux,Unix。 +- 备份级别:支持完全,差异备份(rsync + hard 链接) +- 数据格式:开放 +- 自动转换:N/A。(注:N/A = Not Applicable)。 +- 备份介质:磁盘,DVD,CD,ISO 镜像。 +- 加密数据流:支持(ssh)和[通过duplicity远程加密备份][6]。 +- 数据库:支持MySQL,PostgreSQL,OpenLDAP 和subversion 或trac。 +- 跨卷备份:?? +- VSS(卷影复制):?? +- 许可:GPL +- 下载链接:[riseup.net][7] + +### Backuppc - 高效的客户端服务器备份工具### + +Backuppc 可以用来备份基于LInux 和Windows 系统的主服务器硬盘。它配备了一个巧妙的池计划来最大限度的减少磁盘储存,磁盘I/O 和网络I/O。 + +![](http://s0.cyberciti.org/uploads/cms/2014/11/BackupPCServerStatus.jpg) + +- 操作系统:支持Linux,Unix 和Windows。 +- 备份级别:支持完全和增量备份(rsync +hard 链接和pooling 计划) +- 数据格式:开放。 +- 自动转换:N/A。 +- 备份介质:磁盘和磁盘阵列。 +- 加密数据流:支持。 +- 数据库:支持(通过Shell 脚本) +- 跨卷备份:?? +- VSS(卷影复制):?? +- 许可:GPL。 +- 下载链接:[backuppc.sourceforge.net][8] + +### UrBackup - 最容易配置的客户端服务器系统 ### + +UrBackup 是一个非常容易配置的开源客户端服务器备份系统,通过图像和文件备份的组合完成了数据安全性和快速的恢复。你的文件可以通过Web界面或者是在Windows资源管理器中恢复,而驱动卷的备份用引导CD或者是USB 棒来恢复(逻辑恢复)。一个Web 界面使得配置你自己的备份服务变得非常简单。 + +![](http://s0.cyberciti.org/uploads/cms/2014/11/urbackup.jpg) + +- 操作系统:支持Linux,FreeBSD,Unix,Windows 和少数基于NAS 的Linux操作系统,客户端只支持Linux 和Windows 操作系统。 +- 备份级别:支持完全和增量备份。 +- 数据格式:开放。 +- 自动转换:N/A。 +- 备份介质:磁盘,磁盘阵列和DVD。 +- 加密数据流:支持。 +- 数据库:?? +- 跨卷备份:?? +- VSS(卷影复制):?? +- 许可:GPL v3+ +- 下载链接:[urbackup.org][9] + +### 其他供你考虑的一些极好用的开源备份软件 ### + +Amanda,Bacula 和上面所提到的软件都是功能丰富,但是配置比较复杂对于一些小的网络或者是单独的服务器。我建议你学习和使用一下的备份软件: + +1. [Rsnapshot][10] - 我建议用这个作为对本地和远程的文件系统快照工具。查看[怎么设置和使用这个工具在Debian 和Ubuntu linux][11]和[基于CentOS,RHEL 的操作系统][12]。 +2. [rdiff-backup][13] - 另一个好用的类Unix 远程增量备份工具。 +3. [Burp][14] - Burp 是一个网络备份和恢复程序。它使用了librsync来节省网络流量和节省每个备份占用的空间。它也使用了VSS(卷影复制服务),在备份Windows计算机时进行快照。 +4. [Duplicity][15] - 伟大的加密和高效的备份类Unix操作系统。查看如何[安装Duplicity来加密云备份][16]来获取更多的信息。 +5. [SafeKeep][17] - SafeKeep是一个集中和易于使用的备份应用程序,结合了镜像和增量备份最佳功能的备份应用程序。 +6. [DREBS][18] - DREBS 是EBS定期快照的工具。它被设计成在EBS快照所连接的EC2主机上运行。 +7. 古老的unix 程序,像rsync, tar, cpio, mt 和dump。 + +###结论### + +我希望你会发现这篇有用的文章来备份你的数据。不要忘了验证你的备份和创建多个数据备份。然而,对于磁盘阵列并不是一个备份解决方案。使用任何一个上面提到的程序来备份你的服务器,桌面和笔记本电脑和私人的移动设备。如果你知道其他任何开源的备份软件我没有提到的,请分享在评论里。 + +-------------------------------------------------------------------------------- + +via: http://www.cyberciti.biz/open-source/awesome-backup-software-for-linux-unix-osx-windows-systems/ + +作者:[nixCraft][a] +译者:[barney-ro](https://github.com/barney-ro) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:http://www.cyberciti.biz/tips/about-us +[1]:http://technet.microsoft.com/en-us/library/cc785914(v=ws.10).aspx +[2]:http://en.wikipedia.org/wiki/Data_deduplication +[3]:http://opensource.org/licenses +[4]:http://www.bacula.org/ +[5]:http://www.amanda.org/ +[6]:http://www.cyberciti.biz/faq/duplicity-installation-configuration-on-debian-ubuntu-linux/ +[7]:https://labs.riseup.net/code/projects/backupninja +[8]:http://backuppc.sourceforge.net/ +[9]:http://www.urbackup.org/ +[10]:http://www.rsnapshot.org/ +[11]:http://www.cyberciti.biz/faq/linux-rsnapshot-backup-howto/ +[12]:http://www.cyberciti.biz/faq/redhat-cetos-linux-remote-backup-snapshot-server/ +[13]:http://www.nongnu.org/rdiff-backup/ +[14]:http://burp.grke.org/ +[15]:http://www.cyberciti.biz/open-source/awesome-backup-software-for-linux-unix-osx-windows-systems/ +[16]:http://www.cyberciti.biz/faq/duplicity-installation-configuration-on-debian-ubuntu-linux/ +[17]:http://safekeep.sourceforge.net/ +[18]:https://github.com/dojo4/drebs From ef8c7bfa6c9c2899d26a12dd1a6df7007bf5ef05 Mon Sep 17 00:00:00 2001 From: "Zhili.Yang" Date: Wed, 31 Dec 2014 22:14:44 +0800 Subject: [PATCH 22/98] Delete 20141106 5 Awesome Open Source Backup Software For Linux and Unix-like Systems.md --- ...oftware For Linux and Unix-like Systems.md | 162 ------------------ 1 file changed, 162 deletions(-) delete mode 100644 sources/share/20141106 5 Awesome Open Source Backup Software For Linux and Unix-like Systems.md diff --git a/sources/share/20141106 5 Awesome Open Source Backup Software For Linux and Unix-like Systems.md b/sources/share/20141106 5 Awesome Open Source Backup Software For Linux and Unix-like Systems.md deleted file mode 100644 index 0164004209..0000000000 --- a/sources/share/20141106 5 Awesome Open Source Backup Software For Linux and Unix-like Systems.md +++ /dev/null @@ -1,162 +0,0 @@ -5 Awesome Open Source Backup Software For Linux and Unix-like Systems -================================================================================ -A good backup plan is essential in order to have the ability to recover from - -- Human errors -- RAID or disk failure -- File system corruption -- Data center destruction and more. - -In this post I'm going to list amazingly awesome open source Backup software for you. - -### What to look for when choosing backup software for an enterprise? ### - -Make sure the following features are supported backup software you deploy: - -1. **Open source software** - You must use software for which the original source code is made freely available and may be and modified. This ensures that you can recover your data in case vendor/project stopped working on software or refused to provide patches. -1. **Cross-platform support** - Make sure backup software works well on the OS deployed on all desktop and server operating systems. -1. **Data format** - Open data format ensures that you can recover data in case vendor or project stopped working on software. -1. **Autochangers** - Autochangers are nothing but a variety of backup devices, including library, near-line storage, and autoloader. Autochangers allows you to automate the task of loading, mounting, and labeling backup media such as tape. -1. **Backup media** - Make sure you can backup data on tape, disk, DVD and in cloud storage such as AWS. -1. **Encryption datastream** - Make sure all client-to-server traffic will be encrypted to ensure transmission integrity over the LAN/WAN/Internet. -1. **Database support** - Make sure backup software can backup database server such as MySQL or Oracle. -1. **Backup span multiple volumes** - Backup software can split each backup (dumpfile) into a series of parts, allowing for different parts to existing on different volumes. This ensures that large backups (such as 100TB file) can be stored on larger than a single backup device such as disk or tape volume. -1. **VSS (Volume Shadow Copy)** - It is [Microsoft's Volume Shadow Copy Service (VSS)][1] and it is used to create snapshots of data that is to be backed up. Make sure backup software support VSS for MS-Windows client/server. -1. **[Deduplication][2]** - It is a data compression technique for eliminating duplicate copies of repeating data (for example, images). -1. **License and cost** - Make sure you [understand and use of open source license][3] under which the original backup software is made available to you. -1. **Commercial support** - Open source software can provide community based (such as email list or fourm) or professional (such as subscriptions provided at additional cost) based support. You can use paid professional support for training and consulting purpose. -1. **Reports and alerts** - Finally, you must able to see backup reports, current job status, and get alert when something goes wrong while making backups. - -### Bacula - Client/server backup tool for heterogeneous networks ### - -I personally use this software to manage backup and recovery across a network of computers including Linux, OSX and Windows. You can configure it via a CLI, GUI or web interface. - -![](http://s0.cyberciti.org/uploads/cms/2014/11/bacula-network-backup.jpg) - -- Operating system : Cross-platform -- Backup Levels : Full, differential, incremental, and consolidation. -- Data format: Custom but fully open. -- Autochangers: Yes -- Backup media: Tape/Disk/DVD -- Encryption datastream: Yes -- Database support: MSSQL/PostgreSQL/Oracle/ -- Backup span multiple volumes: Yes -- VSS: Yes -- License : Affero General Public License v3.0 -- Download url : [bacula.org][4] - -### Amanda - Another good client/server backup tool ### - -AMANDA is an acronym for Advanced Maryland Automatic Network Disk Archiver. It allows the sysadmin to set up a single backup server to back up other hosts over network to tape drives or disk or authchangers. - -- Operating system : Cross-platform -- Backup Levels : Full, differential, incremental, and consolidation. -- Data format: Open (can be recovered using tool such as tar). -- Autochangers: Yes -- Backup media: Tape/Disk/DVD -- Encryption datastream: Yes -- Database support: MSSQL/Oracle -- Backup span multiple volumes: Yes -- VSS: Yes -- License : GPL, LGPL, Apache, Amanda License -- Download url : [amanda.org][5] - -### Backupninja - Lightweight backup system ### - -Backupninja is a simple and easy to use backup system. You can simply drop a config files into /etc/backup.d/ to backup multiple hosts. - -![](http://s0.cyberciti.org/uploads/cms/2014/11/ninjabackup-helper-script.jpg) - -- Operating system : Linux/Unix -- Backup Levels : Full and incremental (rsync+hard links) -- Data format: Open -- Autochangers: N/A -- Backup media: Disk/DVD/CD/ISO images -- Encryption datastream: Yes (ssh) and [encrypted remote backups via duplicity][6] -- Database support: MySQL/PostgreSQL/OpenLDAP and subversion or trac repositories. -- Backup span multiple volumes: ?? -- VSS: ?? -- License : GPL -- Download url : [riseup.net][7] - -### Backuppc - High-performance client/server tool ### - -Backuppc is can be used to backup Linux and Windows based systems to a master server's disk. It comes with a clever pooling scheme minimizes disk storage, disk I/O and network I/O. - -![](http://s0.cyberciti.org/uploads/cms/2014/11/BackupPCServerStatus.jpg) - -- Operating system : Linux/Unix and Windows -- Backup Levels : Full and incremental (rsync+hard links and pooling scheme) -- Data format: Open -- Autochangers: N/A -- Backup media: Disk/RAID storage -- Encryption datastream: Yes -- Database support: Yes (via custom shell scripts) -- Backup span multiple volumes: ?? -- VSS: ?? -- License : GPL -- Download url : [backuppc.sourceforge.net][8] - -### UrBackup - Easy to setup client/server system ### - -It is an easy to setup open source client/server backup system, that through a combination of image and file backups accomplishes both data safety and a fast restoration time. Your files can be restored through the web interface or the Windows Explorer while the backups of drive volumes can be restored with a bootable CD or USB-Stick (bare metal restore). A web interface makes setting up your own backup server really easy. - -![](http://s0.cyberciti.org/uploads/cms/2014/11/urbackup.jpg) - -- Operating system : Linux/FreeBSD/Unix/Windows/several Linux based NAS operating systems. Client only runs on Linux and Windows. -- Backup Levels : Full and incremental -- Data format: Open -- Autochangers: N/A -- Backup media: Disk/Raid storage/DVD -- Encryption datastream: Yes -- Database support: ?? -- Backup span multiple volumes: ?? -- VSS: ?? -- License : GPL v3+ -- Download url : [urbackup.org][9] - -### Other awesome open source backup software for your consideration ### - -The Amanda, Bacula and above-mentioned software are feature rich but can be complicated to set for small network or a single server. I recommend that you study and use the following backup software: - -1. [Rsnapshot][10] - I recommend this tool for local and remote filesystem snapshot utility. See how to set and use [this tool on Debian/Ubuntu Linux][11] and [CentOS/RHEL based systems][12]. -1. [rdiff-backup][13] - Another great remote incremental backup tool for Unix-like systems. -1. [Burp][14] - Burp is a network backup and restore program. It uses librsync in order to save network traffic and to save on the amount of space that is used by each backup. It also uses VSS (Volume Shadow Copy Service) to make snapshots when backing up Windows computers. -1. [Duplicity][15] - Great encrypted bandwidth-efficient backup for Unix-like system. See how to [Install Duplicity for encrypted backup in cloud][16] for more infomation. -1. [SafeKeep][17] - SafeKeep is a centralized and easy to use backup application that combines the best features of a mirror and an incremental backup. -1. [DREBS][18] - DREBS is a tool for taking periodic snapshots of EBS volumes. It is designed to be run on the EC2 host which the EBS volumes to be snapshoted are attached. -1. Old good unix programs like rsync, tar, cpio, mt and dump. - -### Conclusion ### - -I hope you will find this post useful to backup your important data. Do not forgot to verify your backups and make multiple backup copies of your data. Also, RAID is not a backup solution. Use any one of the above-mentioned programs to backup your servers, desktop/laptop and personal mobile devices. If you know of any other open source backup software I didn't mention, share them in the comments below. - --------------------------------------------------------------------------------- - -via: http://www.cyberciti.biz/open-source/awesome-backup-software-for-linux-unix-osx-windows-systems/ - -作者:[nixCraft][a] -译者:[barney-ro](https://github.com/barney-ro) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 - -[a]:http://www.cyberciti.biz/tips/about-us -[1]:http://technet.microsoft.com/en-us/library/cc785914(v=ws.10).aspx -[2]:http://en.wikipedia.org/wiki/Data_deduplication -[3]:http://opensource.org/licenses -[4]:http://www.bacula.org/ -[5]:http://www.amanda.org/ -[6]:http://www.cyberciti.biz/faq/duplicity-installation-configuration-on-debian-ubuntu-linux/ -[7]:https://labs.riseup.net/code/projects/backupninja -[8]:http://backuppc.sourceforge.net/ -[9]:http://www.urbackup.org/ -[10]:http://www.rsnapshot.org/ -[11]:http://www.cyberciti.biz/faq/linux-rsnapshot-backup-howto/ -[12]:http://www.cyberciti.biz/faq/redhat-cetos-linux-remote-backup-snapshot-server/ -[13]:http://www.nongnu.org/rdiff-backup/ -[14]:http://burp.grke.org/ -[15]:http://www.cyberciti.biz/open-source/awesome-backup-software-for-linux-unix-osx-windows-systems/ -[16]:http://www.cyberciti.biz/faq/duplicity-installation-configuration-on-debian-ubuntu-linux/ -[17]:http://safekeep.sourceforge.net/ -[18]:https://github.com/dojo4/drebs \ No newline at end of file From 4b20fc8ccbfffe9f9b4567ea098bb72d1550c3cc Mon Sep 17 00:00:00 2001 From: wxy Date: Wed, 31 Dec 2014 22:31:39 +0800 Subject: [PATCH 23/98] =?UTF-8?q?=E5=A4=84=E7=90=86=E4=B8=8D=E5=AE=8C?= =?UTF-8?q?=E7=BE=8E=E7=9A=84=20PR?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ...ition of Ubuntu Manual 14.04 LTS Is Out.md | 31 ------------------- ...ftware For Linux and Unix-like Systems.md} | 0 2 files changed, 31 deletions(-) delete mode 100644 sources/news/20141230 Second Edition of Ubuntu Manual 14.04 LTS Is Out.md rename translated/share/{20141106 5 Awesome Open Source Backup Software For Linux and Unix-like Systems => 20141106 5 Awesome Open Source Backup Software For Linux and Unix-like Systems.md} (100%) diff --git a/sources/news/20141230 Second Edition of Ubuntu Manual 14.04 LTS Is Out.md b/sources/news/20141230 Second Edition of Ubuntu Manual 14.04 LTS Is Out.md deleted file mode 100644 index e2e5550e9d..0000000000 --- a/sources/news/20141230 Second Edition of Ubuntu Manual 14.04 LTS Is Out.md +++ /dev/null @@ -1,31 +0,0 @@ -Second Edition of Ubuntu Manual 14.04 LTS Is Out -============================================================ -Beginners will find good info in this manual ------------------------------------------------------------- -### The Ubuntu Manual Team announces that the second edition of the famous manual has been released and is now available for free download. ### - -The Ubuntu Manual usually covers the LTS releases made by Canonical, so it only stands to reason that the current version is now focused on Ubuntu 14.04 LTS (Trusty Tahr) release made six months ago. Like any other book out there, especially in large ones, mistakes occur or maybe it was left out. In any case, this is a digital edition so it's quite easy to fix and improve. - -You might think it's weird to have a manual for an operating system that is free and easy to try by anyone. Sometimes just having a big community is not enough. There are always new users who don't know the basic things about this operating system, so having a manual at hand that can point even to the simplest things is always an advantage. - -### This is the second edition for "Getting Started with Ubuntu 14.04 LTS" manual ### - -Users who just adopted Ubuntu will find that that it's rather different from other platforms they used before, like Windows or Mac OS X. That's perfectly normal and you might not always have the resources or the knowledge to search for a particular feature or functionality online. Having a manual that describes the basics of Ubuntu 14.04 LTS can really make a difference. - -"Getting Started with Ubuntu 14.04e2 is a comprehensive beginners guide for the Ubuntu operating system. It is written under an open source license and is free for you to download, read, modify and share. The manual will help you become familiar with everyday tasks such as surfing the web, listening to music and scanning documents. With an emphasis on easy to follow instructions, it is suitable for all levels of experience." - -"The manual is a quick-start guide that will get you doing the things you need to do with your computer easily, without getting bogged down with technical details. With the help of this guide, it should not take long before new users get used to the Unity desktop environment," reads the official [website][1]. - -This is the second edition of the manual and the team that worked on it has a great deal of experience. Even if you are an Ubuntu user, it doesn't hurt browsing through it because you might get to learn something. You can [download the Ubuntu Manual 14.04 2nd Edition][2] from Softpedia. - -via:http://news.softpedia.com/news/Second-Edition-of-Ubuntu-Manual-14-04-LTS-Is-Out-468395.shtml - -作者:[Silviu Stahie][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 - -[a]:http://news.softpedia.com/editors/browse/silviu-stahie -[1]:http://ubuntu-manual.org/ -[2]:http://linux.softpedia.com/get/Documentation/Ubuntu-Manual-53530.shtml \ No newline at end of file diff --git a/translated/share/20141106 5 Awesome Open Source Backup Software For Linux and Unix-like Systems b/translated/share/20141106 5 Awesome Open Source Backup Software For Linux and Unix-like Systems.md similarity index 100% rename from translated/share/20141106 5 Awesome Open Source Backup Software For Linux and Unix-like Systems rename to translated/share/20141106 5 Awesome Open Source Backup Software For Linux and Unix-like Systems.md From 9f2e09ea39a5c6d1481f9570ed6c487d872a31da Mon Sep 17 00:00:00 2001 From: alim0x Date: Wed, 31 Dec 2014 22:41:43 +0800 Subject: [PATCH 24/98] [translated]11 - The history of Android.md --- .../11 - The history of Android.md | 85 ------------------- .../11 - The history of Android.md | 85 +++++++++++++++++++ 2 files changed, 85 insertions(+), 85 deletions(-) delete mode 100644 sources/talk/The history of Android/11 - The history of Android.md create mode 100644 translated/talk/The history of Android/11 - The history of Android.md diff --git a/sources/talk/The history of Android/11 - The history of Android.md b/sources/talk/The history of Android/11 - The history of Android.md deleted file mode 100644 index 94a9e762e8..0000000000 --- a/sources/talk/The history of Android/11 - The history of Android.md +++ /dev/null @@ -1,85 +0,0 @@ -The history of Android -================================================================================ -![The redesigned Dialer and Contacts pages.](http://cdn.arstechnica.net/wp-content/uploads/2014/01/dialercontacts.png) -The redesigned Dialer and Contacts pages. -Photo by Ron Amadeo - -The rounded tabs in the contacts/dialer app were changed to a sharper, more mature-looking design. The dialer changed its name to "Phone" and the dial pad buttons changed from circles to rounded rectangles. Buttons for voicemail, call, and delete were placed at the bottom. This screen is a great example of Android’s lack of design consistency in the pre-3.0 days. Just on this screen, the tabs used sharp-cornered rectangles, the dial pad used rounded rectangles, and the sides of the bottom buttons were complete circles. It was a grab bag of UI widgets where no one ever tried to make anything match anything else. - -One of the new features in Android 2.0 was "Quick Contacts," which took the form of contact thumbnails that were added all over the OS. Tapping on them would bring up a list of shortcuts to contact that person through other apps. This didn't make as much sense in the contacts app, but in something like Google Talk, being able to tap on the contact thumbnail and call the person was very handy. - -![](http://cdn.arstechnica.net/wp-content/uploads/2014/01/calls.png) -Photo by Ron Amadeo - -Android 2.0 was finally equipped with all the on-screen buttons needed to answer and hang up a call without needing a hardware button, and the Droid took advantage of this and removed the now-redundant buttons from its design. Android’s solution to accept or reject calls was these left and right pull tabs. They work a lot like slide-to-unlock (and would later be used for slide-to-unlock)—a slide from the green button to the right would answer, and a slide from the red button to the left would reject the call. Once inside a call, it looked a lot like Android 1.6. All the options were still hidden behind the menu button. - -Someone completely phoned-in the art for the dialpad drawer. Instead of redrawing the number "5" button from Android 1.6, they just dropped in bold text that said "Dialpad" and called it a day. - -![The Calculator and Browser.](http://cdn.arstechnica.net/wp-content/uploads/2014/01/calcubrowser.png) -The Calculator and Browser. -Photo by Ron Amadeo - -The calculator was revamped for the first time since its introduction in Android 0.9. The black glass balls were replaced with gradiented blue and black buttons. The crazy red on-press highlight of the old calculator was replaced with a more normal looking white outline. - -The browser's tiny website name bar grew into a full, functional address bar, along with a button for bookmarks. To save on screen real estate, the address bar was attached to the page, so the bar scrolled up with the rest of the page and left you with a full screen for reading. Android 1.6's unique magnifying rectangle zoom control and its associated buttons were tossed in favor of a much simpler double-tab-to-zoom gesture, and the browser could once again render arstechnica.com without crashing. There still wasn't pinch zoom. - -![The camera with the settings drawer open, the flash settings, and the menu over top of the photo review screen.](http://cdn.arstechnica.net/wp-content/uploads/2014/03/cam2-these-are-settigns.jpg) -The camera with the settings drawer open, the flash settings, and the menu over top of the photo review screen. -Photo by Ron Amadeo - -The camera app gained an entire drawer on the left side, which opened to reveal a ton of settings. The Motorola Droid was one of the first Android phones with an LED flash, so there was a setting for flash control, along with settings like scene mode, white balance, effects, picture size, and storage location (SD or Internal). - -On the photo review screen, Google pared down the menu button options. They were no longer redundant when compared to the on-screen options. With the extra room in the menu, all the options fit in the menu bar without needing a "more" button. - -![The “accounts" page of the e-mail app, the new combined inbox, the account & sync page from the system settings, and the auto brightness setting. ](http://cdn.arstechnica.net/wp-content/uploads/2014/02/emailacc2ountsetc.png) -The “accounts" page of the e-mail app, the new combined inbox, the account & sync page from the system settings, and the auto brightness setting. -Photo by Ron Amadeo - -The e-mail app got a big functionality boost. The most important of which is that it finally supported Microsoft Exchange. The Android 2.0 version of Email finally separated the inbox and folder views instead of using the messy mashed-together view introduced in Android 1.0. Email even had a unified inbox that would weave all your messages together from different accounts. - -The inbox view put the generic Email app on even ground with the Gmail app. Combined inbox even trumped Gmail's functionality, which was an extremely rare occurrence. Email still felt like the unwanted stepchild to Gmail, though. It used the Gmail interface to view messages, which meant the inbox and folders used a black theme, and the message view oddly used a light theme. - -The bundled Facebook app had an awesome account sync feature, which would download contact pictures and information from the social network and seamlessly integrate it into the contacts app. Later down the road when Facebook and Google stopped being friends, [Google removed this feature][1]. The company said it didn't like the idea of sharing information with Facebook when Facebook wouldn't share information back, thus a better user experience lost out to company politics. - -(Sadly, we couldn't show off the Facebook app because it is yet another client that died at the hands of OAuth updates. It's no longer possible to sign in from a client this old.) - -The last picture shows the auto brightness control, which Android 2.0 was the first version to support. The Droid was equipped with an ambient light sensor, and tapping on the checkbox would make the brightness slider disappear and allow the device to automatically control the screen brightness. - -As the name would imply, Android 2.0 was Google's biggest update to date. Motorola and Verizon brought Android a slick-looking device with tons of ad dollars behind it, and for a time, “Droid" became a household name. - -### The Nexus One—enter the Google Phone ### - -![](http://cdn.arstechnica.net/wp-content/uploads/2014/03/nexus_4_lineup.jpg) - -In January 2010, the first Nexus device launched, appropriately called the "[Nexus One][2]". The device was a huge milestone for Google. It was the first phone designed and branded by the company, and Google planned to sell the device directly to consumers. The HTC-manufactured Nexus One had a 1GHz, single-core Qualcomm Snapdragon S1 SoC, 512MB of RAM, 512MB of storage, and a 3.7-inch AMOLED display. - -The Nexus One was meant to be a pure Android experience free of carrier meddling and crapware. Google directly controlled the updates. It was able to push software out to users as soon as it was done, rather than having to be approved by carriers, who slowed the process down and were not always eager to improve a phone customers already paid for. - -Google sold the Nexus One [directly over the Web][3], unlocked, contract-free, and at the full retail price of $529.99. While the Nexus One was also sold at T-Mobile stores on-contract for $179.99, Google wanted to change the way the cell phone industry worked in America with its online store. The idea was to pick the phone first and the carrier second, breaking the control the wireless oligarchy had over hardware in the United States. - -Google's retail revolution didn't work out though, and six months after the opening on the online phone store, Google shut the service down. Google cited the primary problem as low sales. In 2010, Internet shopping wasn't the commonplace thing it is today, and consumers weren't ready to spend $530 on a device they couldn’t first hold in their hands. The high price was also a limiting factor; smartphone shoppers were more used to paying $200 up front for devices and agreeing to a two-year contract. There was also the issue of the Motorola Droid, which came out only three months earlier and was not significantly slower. With the Droid’s huge marketing campaign and "iPhone Killer" hype, it already captured much of the same Android enthusiast market that the Nexus One was gunning for. - -While the Nexus One online sales experiment could be considered a failure, Google learned a lot. In 2012, it [relaunched its online store][4] as the "Devices" section on Google Play. - ----------- - -![Ron Amadeo](http://cdn.arstechnica.net/wp-content//uploads/authors/ron-amadeo-sq.jpg) - -[Ron Amadeo][a] / Ron is the Reviews Editor at Ars Technica, where he specializes in Android OS and Google products. He is always on the hunt for a new gadget and loves to rip things apart to see how they work. - -[@RonAmadeo][t] - --------------------------------------------------------------------------------- - -via: http://arstechnica.com/gadgets/2014/06/building-android-a-40000-word-history-of-googles-mobile-os/11/ - -译者:[译者ID](https://github.com/译者ID) 校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 - -[1]:http://techcrunch.com/2011/02/22/google-android-facebook-contacts/ -[2]:http://arstechnica.com/gadgets/2010/01/nexus-one-review/ -[3]:http://arstechnica.com/gadgets/2010/01/googles-big-news-today-was-not-a-phone-but-a-url/ -[4]:http://arstechnica.com/gadgets/2012/04/unlocked-samsung-galaxy-nexus-can-now-be-purchased-from-google/ -[a]:http://arstechnica.com/author/ronamadeo -[t]:https://twitter.com/RonAmadeo \ No newline at end of file diff --git a/translated/talk/The history of Android/11 - The history of Android.md b/translated/talk/The history of Android/11 - The history of Android.md new file mode 100644 index 0000000000..6f91fa189e --- /dev/null +++ b/translated/talk/The history of Android/11 - The history of Android.md @@ -0,0 +1,85 @@ +安卓编年史 +================================================================================ +![重新设计的拨号和联系人页面。](http://cdn.arstechnica.net/wp-content/uploads/2014/01/dialercontacts.png) +重新设计的拨号和联系人页面。 +Ron Amadeo供图 + +联系人/拨号应用程序的圆角标签拥有了更清晰,更成熟的外观设计。拨号器更名为“电话”,并且拨号按键从圆形改为了圆角矩形。语音邮件,拨号,以及删除的按键被放置在底部。这个界面是安卓在3.0之前缺乏设计一致性的一个很好的例子。仅仅在这个界面上,标签用的是直角矩形,拨号按键使用圆角矩形,底部按键两侧合起来是个完整的圆。这里就像是个UI控件的摸奖袋,没有人尝试过让它们之间相互搭配。 + +安卓2.0的一个新特性是“快速拨号”,它将联系人以略缩图的形式添加到整个系统。从其它应用中点击它们可以打开一个联系这个人的快捷方式列表。这在联系人里并没有多大意义,但像在Google Talk中,能够通过点击某人的略缩图来给他拨号是十分方便的。 + +![](http://cdn.arstechnica.net/wp-content/uploads/2014/01/calls.png) +Ron Amadeo供图 + +安卓2.0终于配备了接通和拒绝来电所需要的所有屏幕按键,而不再需要实体按钮,Droid从中获益,从它的设计中除去了在现在看来是多余的按钮。安卓对于接通和拒绝来电的解决方案是这些左滑和右滑的标签。他们的工作方式就像是滑动解锁(后来被用到了滑动解锁中)——向右滑动绿色按钮接通来电,向左滑动红色按钮则是拒绝。一旦进入通话中,它看起来就很像安卓1.6了。所有选项还是隐藏在菜单按钮之中。 + +某人在设计拨号界面的时候一定在煲电话粥。他们只是去掉了“拨号盘”上字母的粗体,而不是从安卓1.6中重新绘制数字“5”的按键,然后就这么收工了。 + +![计算器和浏览器。](http://cdn.arstechnica.net/wp-content/uploads/2014/01/calcubrowser.png) +计算器和浏览器。 +Ron Amadeo供图 + +计算器从在安卓0.9中被引入以来第一次得到改进。黑色玻璃球按钮换成了渐变色的蓝色和黑色的按钮。旧版计算器点击状态疯狂的红色高亮被改为了一个比较正常的白色轮廓。 + +浏览器的微型网站名称栏改进为一个完整的,功能更完善的地址栏,并且带有书签按钮。为了节省屏幕空间,地址栏被附加到网页上,所以地址栏会随着页面向上滚动,给你留下更多的网页阅读空间。安卓1.6独特的缩放控制和附加按钮被去除,被替换为一个更简单的双击缩放手势,并且浏览器可以再次打开arstechnica.com而不崩溃。这里还是没有双指捏合缩放。 + +![打开设置的相机,闪光灯设置,以及查看照片界面的菜单。](http://cdn.arstechnica.net/wp-content/uploads/2014/03/cam2-these-are-settigns.jpg) +打开设置的相机,闪光灯设置,以及查看照片界面的菜单。 +Ron Amadeo供图 + +相机应用获得整个左侧的抽屉式菜单,打开它有许多设置。摩托罗拉Droid是第一款带有LED闪光灯的安卓手机之一,所以设置里有个闪光灯控制,以及还有像场景模式,白平衡,效果,图片尺寸和存储位置(SD卡或内置存储)的设置。 + +在照片查看界面,谷歌精简了菜单按钮。和屏幕上的选项相比,它们之间不再有重复的选项。这样精简后省下的空间,使得所有的选项能够在菜单里放得下了,而不再需要一个“更多”按钮。 + +![电子邮件应用的“帐户”页面,新的组合收件箱,系统设置的帐户与同步页面,自动亮度设置。 ](http://cdn.arstechnica.net/wp-content/uploads/2014/02/emailacc2ountsetc.png) +电子邮件应用的“帐户”页面,新的联合收件箱,系统设置的帐户与同步页面,自动亮度设置。 +Ron Amadeo供图 + +电子邮件应用程序有个大的功能提升。最重要的是它终于支持了Microsoft Exchange。安卓2.0版本的电子邮件中收件箱和文件夹视图终于分开了,而不是使用安卓1.0引入的凌乱的混合视图。电子邮件甚至有了一个统一的收件箱,可以将你不同账户的所有邮件显示到一起。 + +这个收件箱视图和Gmail一起,把普通的电子邮件应用打趴下了。联合收件箱甚至胜过了Gmail的功能,这是极其罕见的。尽管如此,相对于Gmail来说,电子邮件仍然感觉像个多余的继女。它使用了Gmail界面来查看邮件,这意味着收件箱和文件夹使用了黑色主题,查看邮件却奇怪地选择了亮色主题。 + +捆绑的Facebook应用程序有一个很棒的账户同步功能,它可以从社交网络上下载联系人的照片和信息,并无缝集成到联系人应用里。后来Facebook和谷歌分道扬镳,[谷歌取消了这一功能][1]。谷歌表示,在Facebook不向其共享信息的情况下,与Facebook分享信息并不是什么好想法,因此更好的用户体验败给了公司间的政治斗争。 + +(不幸的是,我们无法展示Facebook应用,因为它也是死在OAuth更新手中的客户端之一。现在不可能从像这么老旧的应用上登录了。) + +最后一张图片显示了自动亮度控制,安卓2.0是第一个支持这一功能的版本。Droid配备了光线传感器,点击该复选框,会使亮度滑块消失,并且允许设备自动控制屏幕亮度。 + +正如它的名字所暗示的那样,安卓2.0是谷歌有史以来最大的更新。摩托罗拉和威瑞森给安卓带来了一个外形酷炫的设备,并在广告上投入了数不清的资金。之后的一段时间里,“Droid”成为了一个家喻户晓的名字。 + +### The Nexus One——迎来Google Phone ### + +![](http://cdn.arstechnica.net/wp-content/uploads/2014/03/nexus_4_lineup.jpg) + +2010年1月,第一款Nexus设备发布,称为“[Nexus One][2]”。对谷歌来说,这部设备是个巨大的里程碑。这是第一部由谷歌设计并冠名的设备,而且谷歌计划直接向消费者出售设备。宏达电代工的Nexus One拥有1GHz的单核高通骁龙S1处理器,512MB的内存,512MB存储空间,以及一块3.7英寸的AMOLED显示屏。 + +Nexus One注定拥有纯净的安卓体验,没有运营商的定制和应用植入。谷歌直接控制安卓的更新。这使得谷歌能够在软件完成时直接向用户进行推送, 而不是再经过运营商的许可。运营商总是拖慢这一过程,因为他们对用户已经付过钱手机并不总是那么热切地想要改善它们。 + +谷歌[直接在网上][3]销售Nexus One,无锁,无合约,完整零售价529.99美元。尽管同样的Nexus One在T-Mobile商店的合约价仅为179.99美元,谷歌想通过它的在线商店改变美国手机行业的运作方式。谷歌当时的想法是先挑选手机,再选择运营商,以此打破美国无线寡头对硬件的控制。 + +但谷歌的零售革命并没有奏效,在在线手机商店开通半年后,谷歌关闭了该服务。谷歌指出首要问题是销量低。在2010年,网上购物并不像今天这样司空见惯,消费者也还没有准备好在他们不能先握在自己手中试用的设备上花费530美元。高昂的价格也是一个制约因素;智能手机消费者更习惯于为眼前的设备花费200美元,并签署一项为期两年的合同。还有摩托罗拉Droid的因素,相比之下这部三个月前发布的设备并没有显著的不足。还由于Droid的庞大的营销活动和“iPhone杀手”的炒作,它已经夺取了大多数Nexus One面向的安卓发烧友市场。 + +尽管Nexus One的网上销售尝试可以被认为是失败的,谷歌还是从中学到了很多。2012年,谷歌以Google Play的“设备”板块[重新推出其网上商店][4]。 + +---------- + +![Ron Amadeo](http://cdn.arstechnica.net/wp-content//uploads/authors/ron-amadeo-sq.jpg) + +[Ron Amadeo][a] / Ron是Ars Technica的评论编缉,专注于安卓系统和谷歌产品。他总是在追寻新鲜事物,还喜欢拆解事物看看它们到底是怎么运作的。 + +[@RonAmadeo][t] + +-------------------------------------------------------------------------------- + +via: http://arstechnica.com/gadgets/2014/06/building-android-a-40000-word-history-of-googles-mobile-os/11/ + +译者:[alim0x](https://github.com/alim0x) 校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[1]:http://techcrunch.com/2011/02/22/google-android-facebook-contacts/ +[2]:http://arstechnica.com/gadgets/2010/01/nexus-one-review/ +[3]:http://arstechnica.com/gadgets/2010/01/googles-big-news-today-was-not-a-phone-but-a-url/ +[4]:http://arstechnica.com/gadgets/2012/04/unlocked-samsung-galaxy-nexus-can-now-be-purchased-from-google/ +[a]:http://arstechnica.com/author/ronamadeo +[t]:https://twitter.com/RonAmadeo From a4b2d54341072ddf12590e2beeb30ce6f2c47b8f Mon Sep 17 00:00:00 2001 From: wxy Date: Wed, 31 Dec 2014 22:51:03 +0800 Subject: [PATCH 25/98] =?UTF-8?q?=E6=94=BE=E9=94=99=E4=BD=8D=E7=BD=AE?= =?UTF-8?q?=E3=80=82=E3=80=82?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ...4 How To Upgrade Ubuntu 14.04 Trusty To Ubuntu 14.10 Utopic.md | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename published/{The history of Android => 201411}/20141024 How To Upgrade Ubuntu 14.04 Trusty To Ubuntu 14.10 Utopic.md (100%) diff --git a/published/The history of Android/20141024 How To Upgrade Ubuntu 14.04 Trusty To Ubuntu 14.10 Utopic.md b/published/201411/20141024 How To Upgrade Ubuntu 14.04 Trusty To Ubuntu 14.10 Utopic.md similarity index 100% rename from published/The history of Android/20141024 How To Upgrade Ubuntu 14.04 Trusty To Ubuntu 14.10 Utopic.md rename to published/201411/20141024 How To Upgrade Ubuntu 14.04 Trusty To Ubuntu 14.10 Utopic.md From e138c32c0d0c6275b1e2db0e9d541f12f8f9bb5b Mon Sep 17 00:00:00 2001 From: wxy Date: Wed, 31 Dec 2014 22:54:06 +0800 Subject: [PATCH 26/98] PUB:20141230 Second Edition of Ubuntu Manual 14.04 LTS Is Ou MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit @zhouj-sh 明天就能见到了: http://linux.cn/article-4570-1.html --- ...Edition of Ubuntu Manual 14.04 LTS Is Ou.md | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) rename {translated/news => published}/20141230 Second Edition of Ubuntu Manual 14.04 LTS Is Ou.md (64%) diff --git a/translated/news/20141230 Second Edition of Ubuntu Manual 14.04 LTS Is Ou.md b/published/20141230 Second Edition of Ubuntu Manual 14.04 LTS Is Ou.md similarity index 64% rename from translated/news/20141230 Second Edition of Ubuntu Manual 14.04 LTS Is Ou.md rename to published/20141230 Second Edition of Ubuntu Manual 14.04 LTS Is Ou.md index 8bd846df2f..0b9122ce52 100644 --- a/translated/news/20141230 Second Edition of Ubuntu Manual 14.04 LTS Is Ou.md +++ b/published/20141230 Second Edition of Ubuntu Manual 14.04 LTS Is Ou.md @@ -1,29 +1,33 @@ Ubuntu参考手册14.04 LTS第二版正式发布 ============================================== -初学者可以在手册里获得很有用的信息 ----------------------------------------------- + +> 初学者可以在手册里获得很有用的信息 + ### Ubuntu参考手册团队表示第二版手册现在已经发布并且可以免费下载 ### +![](http://i1-linux.softpedia-static.com/screenshots/Ubuntu-Manual_1.jpg) + Ubuntu手册按照惯例会对应相应的LTS发行版本,那么唯一合理的解释就是,现在发布的手册对应于6个月前发布的Ubuntu 14.04 LTS(Trusty Tahr)。与其他书籍一样,特别是大型书籍,手册内容总会出现各种错误或者也许已经和现状不匹配。不过不管怎样,电子书的修正和更新总要方便一些。 -你也许会觉得奇怪,一个方便上手的免费操作系统竟然会有一个参考手册。或许一个社区就已经足够了。但是,总是有一些新用户连基本的操作都不懂,因此,有一本可以指明最基本的东西的手册拿在手里总是一个很好不过的事情。 +你也许会觉得奇怪,一个方便上手的免费操作系统竟然会有一个参考手册,或许一个社区就已经足够了。但是,总是有一些新用户连基本的操作都不懂,因此,有一本可以指明最基本的东西的手册拿在手里总是一个很好不过的事情。 ### 这是“Ubuntu 14.04 LTS入门”手册的第二个版本 ### 使用Ubuntu操作系统的用户会发现,它和之前用过的其他操作系统有很大的差异,例如Windows和Max OS X。这很正常,并且你也不是任何时候都可以在网上找到一个特定的功能或者组件的相关资源和信息。有一个可以说明Ubuntu 14.04 LTS基本特性的手册可以提供一些帮助。 -“Ubuntu 14.04e入门对于Ubuntu操作系统而言,是一个很全面的初学者指南手册。它采用的是开源许可协议,你可以自由下载、阅读、修改以及共享。这个手册可以帮助你熟悉如何处理日常的工作,例如上网、听音乐或者扫描文档等等。尤其值得一提的是,这个文档浅显易懂,适合各个层次的用户。” +“《Ubuntu 14.04 入门 E2》对于Ubuntu操作系统而言,是一个很全面的初学者指南手册。它采用的是开源许可协议,你可以自由下载、阅读、修改以及共享。这个手册可以帮助你熟悉如何处理日常的工作,例如上网、听音乐或者扫描文档等等。尤其值得一提的是,这个文档浅显易懂,适合各个层次的用户。” “这个快速入门手册可以让你很容易的利用你的计算机做一些事情,而不会陷入技术细节当中。在手册的帮助下,新用户可以很快的熟悉Unity桌面,”更多信息参考[官方网站][1]。 -这是参照手册的第二版,制作手册的团队具有丰富的经验。就算你已经是一个Ubuntu用户,看一看这个手册也没有什么坏处,因为你总能从其中学到一些东西。你可以在Softpedia[下载Ubuntuy参考手册14.04第二版][2]。 +这是该参考手册的第二版,制作手册的团队具有丰富的经验。就算你已经是一个Ubuntu用户,看一看这个手册也没有什么坏处,因为你总能从其中学到一些东西。你可以在Softpedia[下载Ubuntuy参考手册14.04第二版][2]。 +---- -via:http://news.softpedia.com/news/Second-Edition-of-Ubuntu-Manual-14-04-LTS-Is-Out-468395.shtml +via: http://news.softpedia.com/news/Second-Edition-of-Ubuntu-Manual-14-04-LTS-Is-Out-468395.shtml 作者:[Silviu Stahie][a] 译者:[zhouj-sh](https://github.com/zhouj-sh) -校对:[校对者ID](https://github.com/校对者ID) +校对:[wxy](https://github.com/wxy) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 From 6f071e9b3cb98c55ca9e5e80ccd62739c799e186 Mon Sep 17 00:00:00 2001 From: wxy Date: Wed, 31 Dec 2014 23:08:50 +0800 Subject: [PATCH 27/98] PUB:20141222 Linus Torvalds Launches Linux Kernel 3.19 RC1, One of the Biggest So Far @geekpi --- ... Kernel 3.19 RC1, One of the Biggest So Far.md | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) rename {translated/news => published}/20141222 Linus Torvalds Launches Linux Kernel 3.19 RC1, One of the Biggest So Far.md (67%) diff --git a/translated/news/20141222 Linus Torvalds Launches Linux Kernel 3.19 RC1, One of the Biggest So Far.md b/published/20141222 Linus Torvalds Launches Linux Kernel 3.19 RC1, One of the Biggest So Far.md similarity index 67% rename from translated/news/20141222 Linus Torvalds Launches Linux Kernel 3.19 RC1, One of the Biggest So Far.md rename to published/20141222 Linus Torvalds Launches Linux Kernel 3.19 RC1, One of the Biggest So Far.md index 224ab7141c..9167e3ceb6 100644 --- a/translated/news/20141222 Linus Torvalds Launches Linux Kernel 3.19 RC1, One of the Biggest So Far.md +++ b/published/20141222 Linus Torvalds Launches Linux Kernel 3.19 RC1, One of the Biggest So Far.md @@ -1,12 +1,12 @@ -Linus Torvalds发布了Linux 3.19 RC1,目前为止最大的更新 +Linus Torvalds发布了Linux 3.19 RC1,这是目前为止最大的RC1 ================================================================================ > 新的内核开发周期开始了 ![](http://i1-news.softpedia-static.com/images/news2/Linus-Torvalds-Launches-Linux-kernel-3-19-RC1-One-of-the-Biggest-So-Far-468043-2.jpg) -**首个内核候选版本在3.19分支上发布了,它看上去像目前最大的更新。这个早先发布让众人惊喜,但是很容易理解为什么。** +**首个内核候选版本在3.19分支上发布了,它看上去像目前最大的一个 RC1。Linus Torvalds很惊奇这么多人提交了,其实不过也很好理解。** -内核开发周期被新的3.19的发布而刷新了。事实是3.18分支才几周前才发布,今天的发布并不是完全在预期中。假期要来了,很多开发者和维护任何可能会休息。一般来说RC版本每周发布一次,但是用户可能会看到轻微的延误。 +内核开发周期因新的3.19的发布而刷新了。事实是3.18分支才几周前才发布,今天的发布并不是完全在预期中。假期要来了,很多开发者和维护人员可能会休息。一般来说RC版本每周发布一次,但是用户可能会看到一点的延误。 这个版本没有提到在Linux 3.18中确认的回归问题,但是可以确定的是,开发人员仍在努力修复中。另一方面,Linus说这是一个很大的更新,事实上这是目前为止最大的更新。很有可能是许多开发者想要在节日之前推送他们的补丁,因此,下一个RC版本会小一些。 @@ -14,10 +14,9 @@ Linus Torvalds发布了Linux 3.19 RC1,目前为止最大的更新 发布版本的大小随着更新的频率正在增加。内核的开发周期通常大约8到10周,并且很少多于这个,这给项目一个很好的预测。 -[阅读][1] Linus Torvalds的发布声明中说:“也就是说,也许没有真正的落后者,并且从rc1的大小来看,真的已经不多了。我不仅觉得下一个版本有更多的提交,并且比历史上的rc1更多(知道在提交数量上)。我们已经有比较大的版本(3.10和3.15的都有很大的很并窗口导致的),但是这明显不是一个小的合并窗口。” - -“在这个在蓝图下,这看上去只是一个常规发布。大约三分之二的驱动更新,这剩下的一半是架构的更新(新的nios2补丁还没有优势,它只有ARM一半的性能,新的niso2支持小于整体架构更新的10%)。” +[阅读][1] Linus Torvalds的发布声明中说:“也就是说,也许没有谁在拖后腿,并且从rc1的大小来看,真的也不能再多了。我不仅觉得下一个版本会有更多的提交,并且这是历史上最大的一个rc1(在提交数量上)。我们有比它大的版本(3.10和3.15的都是由很大的合并窗口产生的),但是这明显这个合并窗口也不小。” +“按照蓝图,这看上去只是一个常规发布。大约三分之二的驱动更新,这剩下的一半是架构的更新(新的nios2补丁还没有优势,它只有ARM一半的性能,新的niso2支持小于整体架构更新的10%)。” 具体关于这个RC的细节可以在官方邮件列表中找到。 @@ -32,9 +31,9 @@ Linus Torvalds发布了Linux 3.19 RC1,目前为止最大的更新 via: http://news.softpedia.com/news/Linus-Torvalds-Launches-Linux-kernel-3-19-RC1-One-of-the-Biggest-So-Far-468043.shtml -作者:[Silviu Stahie ][a] +作者:[Silviu Stahie][a] 译者:[geekpi](https://github.com/geekpi) -校对:[校对者ID](https://github.com/校对者ID) +校对:[wxy](https://github.com/wxy) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 From 7d05480104815f4abf0578fe37686ebc18d4065e Mon Sep 17 00:00:00 2001 From: wxy Date: Thu, 1 Jan 2015 00:17:50 +0800 Subject: [PATCH 28/98] =?UTF-8?q?=E5=BD=92=E6=A1=A3201412=EF=BC=8C?= =?UTF-8?q?=E5=91=8A=E5=88=AB2014=EF=BC=8C=E8=B0=A2=E8=B0=A2=E5=90=84?= =?UTF-8?q?=E4=BD=8D=20LCTTer=EF=BC=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../20140818 What are useful CLI tools for Linux system admins.md | 0 ...8 Why Your Company Needs To Write More Open Source Software.md | 0 ...18 Will Linux ever be able to give consumers what they want.md | 0 .../20140826 20 Postfix Interview Questions and Answers.md | 0 .../20140901 How to use on-screen virtual keyboard on Linux.md | 0 ... How to create a cloud-based encrypted file system on Linux.md | 0 .../20140910 Why Do Some Old Programming Languages Never Die.md | 0 .../{ => 201412}/20140915 Make Downloading Files Effortless.md | 0 .../20141004 Practical Lessons in Peer Code Review.md | 0 .../20141008 How To Use Steam Music Player on Ubuntu Desktop.md | 0 ...or high performance and fault tolerant disk I or O on Linux.md | 0 ... Logical Volume Management Disks using Striping I O--Part V.md | 0 ...ating LVM Partitions to New Logical Volume (Drive)--Part VI.md | 0 ... How to check hard disk health on Linux using smartmontools.md | 0 ...he authenticity and integrity of a downloaded file on Linux.md | 0 ...ol to Identify Sockets or Network Connections with Examples.md | 0 ...latest versions of several games and applications in Ubuntu.md | 0 .../20141021 Configuring layer-two peer-to-peer VPN using n2n.md | 0 .../20141021 How to create and use Python CGI scripts.md | 0 .../20141021 How to monitor a log file on Linux with logwatch.md | 0 ...ith Answers--How to fix sshd error--could not load host key.md | 0 .../20141023 What is a good command-line calculator on Linux.md | 0 .../20141024 Amazing 25 Linux Performance Monitoring Tools.md | 0 ...How to encrypt files and directories with eCryptFS on Linux.md | 0 .../20141029 Shell Scripting--Checking Conditions with if.md | 0 ...ard Disk Problmes Like Disk Full Or Can't Write to the Disk.md | 0 ...30 How to run SQL queries against Apache log files on Linux.md | 0 ...Command to Exclude a List of Files and Directories in Linux.md | 0 ...41104 Pitivi 0.94 Uses GTK HeaderBar, Squashes Umpteen Bugs.md | 0 ...20141112 How to Remove Music Players from Ubuntu Sound Menu.md | 0 ... Intro to Systemd Runlevels and Service Management Commands.md | 0 ... Answers--How to convert a text file to PDF format on Linux.md | 0 ...inux FAQs with Answers--How to install phpMyAdmin on CentOS.md | 0 ...41119 10 SCP Commands to Transfer Files or Folders in Linux.md | 0 ...20141119 How To Make Raspberry Pi Boot In To GUI By Default.md | 0 .../{ => 201412}/20141119 Qshutdown--An avanced shutdown tool.md | 0 published/{ => 201412}/20141119 When Microsoft Went A-Courting.md | 0 .../20141120 5 Best Open Source Web Browser Security Apps.md | 0 .../20141120 How to visualize memory usage on Linux.md | 0 .../20141120 Postfix tips and Troubleshooting Commands.md | 0 ... 15 pwd (Print Working Directory) Command Examples in Linux.md | 0 ...nswers--How to access a NAT guest from host with VirtualBox.md | 0 ... Answers--How to fix ImportError--No module named scapy.all.md | 0 published/{ => 201412}/20141127 Some Sentences about Java.md | 0 published/{ => 201412}/20141127 What Makes a Good Programmer.md | 0 ...141204 How To Drop Database In Oracle 11 Without Using DBCA.md | 0 ...l Ubuntu 14.10 Utopic Unicorn T-Shirts Now Available to Buy.md | 0 .../20141204 Readers' Choice Awards 2014--Linux Journal.md | 0 ...nswers--How to crop an image from the command line on Linux.md | 0 .../20141208 Nathive--A libre software image editor.md | 0 .../20141211 Linux Kernel 3.18 Released, This Is What' s New.md | 0 .../{ => 201412}/20141211 Was 2014 The Year of Linux Desktop.md | 0 .../{ => 201412}/20141219 Attic--Deduplicating backup program.md | 0 ...1219 The 'grinch' isn't a Linux vulnerability, Red Hat says.md | 0 .../20141222 How to use Rsync Command In Linux With Examples.md | 0 ...s Launches Linux Kernel 3.19 RC1, One of the Biggest So Far.md | 0 ...Qs with Answers--How to install non-free packages on Debian.md | 0 .../20141230 Second Edition of Ubuntu Manual 14.04 LTS Is Ou.md | 0 58 files changed, 0 insertions(+), 0 deletions(-) rename published/{ => 201412}/20140818 What are useful CLI tools for Linux system admins.md (100%) rename published/{ => 201412}/20140818 Why Your Company Needs To Write More Open Source Software.md (100%) rename published/{ => 201412}/20140818 Will Linux ever be able to give consumers what they want.md (100%) rename published/{ => 201412}/20140826 20 Postfix Interview Questions and Answers.md (100%) rename published/{ => 201412}/20140901 How to use on-screen virtual keyboard on Linux.md (100%) rename published/{ => 201412}/20140910 How to create a cloud-based encrypted file system on Linux.md (100%) rename published/{ => 201412}/20140910 Why Do Some Old Programming Languages Never Die.md (100%) rename published/{ => 201412}/20140915 Make Downloading Files Effortless.md (100%) rename published/{ => 201412}/20141004 Practical Lessons in Peer Code Review.md (100%) rename published/{ => 201412}/20141008 How To Use Steam Music Player on Ubuntu Desktop.md (100%) rename published/{ => 201412}/20141009 How to set up RAID 10 for high performance and fault tolerant disk I or O on Linux.md (100%) rename published/{ => 201412}/20141013 Manage Multiple Logical Volume Management Disks using Striping I O--Part V.md (100%) rename published/{ => 201412}/20141013 Migrating LVM Partitions to New Logical Volume (Drive)--Part VI.md (100%) rename published/{ => 201412}/20141017 How to check hard disk health on Linux using smartmontools.md (100%) rename published/{ => 201412}/20141017 How to verify the authenticity and integrity of a downloaded file on Linux.md (100%) rename published/{ => 201412}/20141017 Linux ss Tool to Identify Sockets or Network Connections with Examples.md (100%) rename published/{ => 201412}/20141017 UbuTricks--Script to install the latest versions of several games and applications in Ubuntu.md (100%) rename published/{ => 201412}/20141021 Configuring layer-two peer-to-peer VPN using n2n.md (100%) rename published/{ => 201412}/20141021 How to create and use Python CGI scripts.md (100%) rename published/{ => 201412}/20141021 How to monitor a log file on Linux with logwatch.md (100%) rename published/{ => 201412}/20141022 Linux FAQs with Answers--How to fix sshd error--could not load host key.md (100%) rename published/{ => 201412}/20141023 What is a good command-line calculator on Linux.md (100%) rename published/{ => 201412}/20141024 Amazing 25 Linux Performance Monitoring Tools.md (100%) rename published/{ => 201412}/20141027 How to encrypt files and directories with eCryptFS on Linux.md (100%) rename published/{ => 201412}/20141029 Shell Scripting--Checking Conditions with if.md (100%) rename published/{ => 201412}/20141030 8 Tips to Solve Linux and Unix Systems Hard Disk Problmes Like Disk Full Or Can't Write to the Disk.md (100%) rename published/{ => 201412}/20141030 How to run SQL queries against Apache log files on Linux.md (100%) rename published/{ => 201412}/20141030 rsync Command to Exclude a List of Files and Directories in Linux.md (100%) rename published/{ => 201412}/20141104 Pitivi 0.94 Uses GTK HeaderBar, Squashes Umpteen Bugs.md (100%) rename published/{ => 201412}/20141112 How to Remove Music Players from Ubuntu Sound Menu.md (100%) rename published/{ => 201412}/20141112 Intro to Systemd Runlevels and Service Management Commands.md (100%) rename published/{ => 201412}/20141118 Linux FAQs with Answers--How to convert a text file to PDF format on Linux.md (100%) rename published/{ => 201412}/20141118 Linux FAQs with Answers--How to install phpMyAdmin on CentOS.md (100%) rename published/{ => 201412}/20141119 10 SCP Commands to Transfer Files or Folders in Linux.md (100%) rename published/{ => 201412}/20141119 How To Make Raspberry Pi Boot In To GUI By Default.md (100%) rename published/{ => 201412}/20141119 Qshutdown--An avanced shutdown tool.md (100%) rename published/{ => 201412}/20141119 When Microsoft Went A-Courting.md (100%) rename published/{ => 201412}/20141120 5 Best Open Source Web Browser Security Apps.md (100%) rename published/{ => 201412}/20141120 How to visualize memory usage on Linux.md (100%) rename published/{ => 201412}/20141120 Postfix tips and Troubleshooting Commands.md (100%) rename published/{ => 201412}/20141124 15 pwd (Print Working Directory) Command Examples in Linux.md (100%) rename published/{ => 201412}/20141125 Linux FAQs with Answers--How to access a NAT guest from host with VirtualBox.md (100%) rename published/{ => 201412}/20141125 Linux FAQs with Answers--How to fix ImportError--No module named scapy.all.md (100%) rename published/{ => 201412}/20141127 Some Sentences about Java.md (100%) rename published/{ => 201412}/20141127 What Makes a Good Programmer.md (100%) rename published/{ => 201412}/20141204 How To Drop Database In Oracle 11 Without Using DBCA.md (100%) rename published/{ => 201412}/20141204 Official Ubuntu 14.10 Utopic Unicorn T-Shirts Now Available to Buy.md (100%) rename published/{ => 201412}/20141204 Readers' Choice Awards 2014--Linux Journal.md (100%) rename published/{ => 201412}/20141208 Linux FAQs with Answers--How to crop an image from the command line on Linux.md (100%) rename published/{ => 201412}/20141208 Nathive--A libre software image editor.md (100%) rename published/{ => 201412}/20141211 Linux Kernel 3.18 Released, This Is What' s New.md (100%) rename published/{ => 201412}/20141211 Was 2014 The Year of Linux Desktop.md (100%) rename published/{ => 201412}/20141219 Attic--Deduplicating backup program.md (100%) rename published/{ => 201412}/20141219 The 'grinch' isn't a Linux vulnerability, Red Hat says.md (100%) rename published/{ => 201412}/20141222 How to use Rsync Command In Linux With Examples.md (100%) rename published/{ => 201412}/20141222 Linus Torvalds Launches Linux Kernel 3.19 RC1, One of the Biggest So Far.md (100%) rename published/{ => 201412}/20141224 Linux FAQs with Answers--How to install non-free packages on Debian.md (100%) rename published/{ => 201412}/20141230 Second Edition of Ubuntu Manual 14.04 LTS Is Ou.md (100%) diff --git a/published/20140818 What are useful CLI tools for Linux system admins.md b/published/201412/20140818 What are useful CLI tools for Linux system admins.md similarity index 100% rename from published/20140818 What are useful CLI tools for Linux system admins.md rename to published/201412/20140818 What are useful CLI tools for Linux system admins.md diff --git a/published/20140818 Why Your Company Needs To Write More Open Source Software.md b/published/201412/20140818 Why Your Company Needs To Write More Open Source Software.md similarity index 100% rename from published/20140818 Why Your Company Needs To Write More Open Source Software.md rename to published/201412/20140818 Why Your Company Needs To Write More Open Source Software.md diff --git a/published/20140818 Will Linux ever be able to give consumers what they want.md b/published/201412/20140818 Will Linux ever be able to give consumers what they want.md similarity index 100% rename from published/20140818 Will Linux ever be able to give consumers what they want.md rename to published/201412/20140818 Will Linux ever be able to give consumers what they want.md diff --git a/published/20140826 20 Postfix Interview Questions and Answers.md b/published/201412/20140826 20 Postfix Interview Questions and Answers.md similarity index 100% rename from published/20140826 20 Postfix Interview Questions and Answers.md rename to published/201412/20140826 20 Postfix Interview Questions and Answers.md diff --git a/published/20140901 How to use on-screen virtual keyboard on Linux.md b/published/201412/20140901 How to use on-screen virtual keyboard on Linux.md similarity index 100% rename from published/20140901 How to use on-screen virtual keyboard on Linux.md rename to published/201412/20140901 How to use on-screen virtual keyboard on Linux.md diff --git a/published/20140910 How to create a cloud-based encrypted file system on Linux.md b/published/201412/20140910 How to create a cloud-based encrypted file system on Linux.md similarity index 100% rename from published/20140910 How to create a cloud-based encrypted file system on Linux.md rename to published/201412/20140910 How to create a cloud-based encrypted file system on Linux.md diff --git a/published/20140910 Why Do Some Old Programming Languages Never Die.md b/published/201412/20140910 Why Do Some Old Programming Languages Never Die.md similarity index 100% rename from published/20140910 Why Do Some Old Programming Languages Never Die.md rename to published/201412/20140910 Why Do Some Old Programming Languages Never Die.md diff --git a/published/20140915 Make Downloading Files Effortless.md b/published/201412/20140915 Make Downloading Files Effortless.md similarity index 100% rename from published/20140915 Make Downloading Files Effortless.md rename to published/201412/20140915 Make Downloading Files Effortless.md diff --git a/published/20141004 Practical Lessons in Peer Code Review.md b/published/201412/20141004 Practical Lessons in Peer Code Review.md similarity index 100% rename from published/20141004 Practical Lessons in Peer Code Review.md rename to published/201412/20141004 Practical Lessons in Peer Code Review.md diff --git a/published/20141008 How To Use Steam Music Player on Ubuntu Desktop.md b/published/201412/20141008 How To Use Steam Music Player on Ubuntu Desktop.md similarity index 100% rename from published/20141008 How To Use Steam Music Player on Ubuntu Desktop.md rename to published/201412/20141008 How To Use Steam Music Player on Ubuntu Desktop.md diff --git a/published/20141009 How to set up RAID 10 for high performance and fault tolerant disk I or O on Linux.md b/published/201412/20141009 How to set up RAID 10 for high performance and fault tolerant disk I or O on Linux.md similarity index 100% rename from published/20141009 How to set up RAID 10 for high performance and fault tolerant disk I or O on Linux.md rename to published/201412/20141009 How to set up RAID 10 for high performance and fault tolerant disk I or O on Linux.md diff --git a/published/20141013 Manage Multiple Logical Volume Management Disks using Striping I O--Part V.md b/published/201412/20141013 Manage Multiple Logical Volume Management Disks using Striping I O--Part V.md similarity index 100% rename from published/20141013 Manage Multiple Logical Volume Management Disks using Striping I O--Part V.md rename to published/201412/20141013 Manage Multiple Logical Volume Management Disks using Striping I O--Part V.md diff --git a/published/20141013 Migrating LVM Partitions to New Logical Volume (Drive)--Part VI.md b/published/201412/20141013 Migrating LVM Partitions to New Logical Volume (Drive)--Part VI.md similarity index 100% rename from published/20141013 Migrating LVM Partitions to New Logical Volume (Drive)--Part VI.md rename to published/201412/20141013 Migrating LVM Partitions to New Logical Volume (Drive)--Part VI.md diff --git a/published/20141017 How to check hard disk health on Linux using smartmontools.md b/published/201412/20141017 How to check hard disk health on Linux using smartmontools.md similarity index 100% rename from published/20141017 How to check hard disk health on Linux using smartmontools.md rename to published/201412/20141017 How to check hard disk health on Linux using smartmontools.md diff --git a/published/20141017 How to verify the authenticity and integrity of a downloaded file on Linux.md b/published/201412/20141017 How to verify the authenticity and integrity of a downloaded file on Linux.md similarity index 100% rename from published/20141017 How to verify the authenticity and integrity of a downloaded file on Linux.md rename to published/201412/20141017 How to verify the authenticity and integrity of a downloaded file on Linux.md diff --git a/published/20141017 Linux ss Tool to Identify Sockets or Network Connections with Examples.md b/published/201412/20141017 Linux ss Tool to Identify Sockets or Network Connections with Examples.md similarity index 100% rename from published/20141017 Linux ss Tool to Identify Sockets or Network Connections with Examples.md rename to published/201412/20141017 Linux ss Tool to Identify Sockets or Network Connections with Examples.md diff --git a/published/20141017 UbuTricks--Script to install the latest versions of several games and applications in Ubuntu.md b/published/201412/20141017 UbuTricks--Script to install the latest versions of several games and applications in Ubuntu.md similarity index 100% rename from published/20141017 UbuTricks--Script to install the latest versions of several games and applications in Ubuntu.md rename to published/201412/20141017 UbuTricks--Script to install the latest versions of several games and applications in Ubuntu.md diff --git a/published/20141021 Configuring layer-two peer-to-peer VPN using n2n.md b/published/201412/20141021 Configuring layer-two peer-to-peer VPN using n2n.md similarity index 100% rename from published/20141021 Configuring layer-two peer-to-peer VPN using n2n.md rename to published/201412/20141021 Configuring layer-two peer-to-peer VPN using n2n.md diff --git a/published/20141021 How to create and use Python CGI scripts.md b/published/201412/20141021 How to create and use Python CGI scripts.md similarity index 100% rename from published/20141021 How to create and use Python CGI scripts.md rename to published/201412/20141021 How to create and use Python CGI scripts.md diff --git a/published/20141021 How to monitor a log file on Linux with logwatch.md b/published/201412/20141021 How to monitor a log file on Linux with logwatch.md similarity index 100% rename from published/20141021 How to monitor a log file on Linux with logwatch.md rename to published/201412/20141021 How to monitor a log file on Linux with logwatch.md diff --git a/published/20141022 Linux FAQs with Answers--How to fix sshd error--could not load host key.md b/published/201412/20141022 Linux FAQs with Answers--How to fix sshd error--could not load host key.md similarity index 100% rename from published/20141022 Linux FAQs with Answers--How to fix sshd error--could not load host key.md rename to published/201412/20141022 Linux FAQs with Answers--How to fix sshd error--could not load host key.md diff --git a/published/20141023 What is a good command-line calculator on Linux.md b/published/201412/20141023 What is a good command-line calculator on Linux.md similarity index 100% rename from published/20141023 What is a good command-line calculator on Linux.md rename to published/201412/20141023 What is a good command-line calculator on Linux.md diff --git a/published/20141024 Amazing 25 Linux Performance Monitoring Tools.md b/published/201412/20141024 Amazing 25 Linux Performance Monitoring Tools.md similarity index 100% rename from published/20141024 Amazing 25 Linux Performance Monitoring Tools.md rename to published/201412/20141024 Amazing 25 Linux Performance Monitoring Tools.md diff --git a/published/20141027 How to encrypt files and directories with eCryptFS on Linux.md b/published/201412/20141027 How to encrypt files and directories with eCryptFS on Linux.md similarity index 100% rename from published/20141027 How to encrypt files and directories with eCryptFS on Linux.md rename to published/201412/20141027 How to encrypt files and directories with eCryptFS on Linux.md diff --git a/published/20141029 Shell Scripting--Checking Conditions with if.md b/published/201412/20141029 Shell Scripting--Checking Conditions with if.md similarity index 100% rename from published/20141029 Shell Scripting--Checking Conditions with if.md rename to published/201412/20141029 Shell Scripting--Checking Conditions with if.md diff --git a/published/20141030 8 Tips to Solve Linux and Unix Systems Hard Disk Problmes Like Disk Full Or Can't Write to the Disk.md b/published/201412/20141030 8 Tips to Solve Linux and Unix Systems Hard Disk Problmes Like Disk Full Or Can't Write to the Disk.md similarity index 100% rename from published/20141030 8 Tips to Solve Linux and Unix Systems Hard Disk Problmes Like Disk Full Or Can't Write to the Disk.md rename to published/201412/20141030 8 Tips to Solve Linux and Unix Systems Hard Disk Problmes Like Disk Full Or Can't Write to the Disk.md diff --git a/published/20141030 How to run SQL queries against Apache log files on Linux.md b/published/201412/20141030 How to run SQL queries against Apache log files on Linux.md similarity index 100% rename from published/20141030 How to run SQL queries against Apache log files on Linux.md rename to published/201412/20141030 How to run SQL queries against Apache log files on Linux.md diff --git a/published/20141030 rsync Command to Exclude a List of Files and Directories in Linux.md b/published/201412/20141030 rsync Command to Exclude a List of Files and Directories in Linux.md similarity index 100% rename from published/20141030 rsync Command to Exclude a List of Files and Directories in Linux.md rename to published/201412/20141030 rsync Command to Exclude a List of Files and Directories in Linux.md diff --git a/published/20141104 Pitivi 0.94 Uses GTK HeaderBar, Squashes Umpteen Bugs.md b/published/201412/20141104 Pitivi 0.94 Uses GTK HeaderBar, Squashes Umpteen Bugs.md similarity index 100% rename from published/20141104 Pitivi 0.94 Uses GTK HeaderBar, Squashes Umpteen Bugs.md rename to published/201412/20141104 Pitivi 0.94 Uses GTK HeaderBar, Squashes Umpteen Bugs.md diff --git a/published/20141112 How to Remove Music Players from Ubuntu Sound Menu.md b/published/201412/20141112 How to Remove Music Players from Ubuntu Sound Menu.md similarity index 100% rename from published/20141112 How to Remove Music Players from Ubuntu Sound Menu.md rename to published/201412/20141112 How to Remove Music Players from Ubuntu Sound Menu.md diff --git a/published/20141112 Intro to Systemd Runlevels and Service Management Commands.md b/published/201412/20141112 Intro to Systemd Runlevels and Service Management Commands.md similarity index 100% rename from published/20141112 Intro to Systemd Runlevels and Service Management Commands.md rename to published/201412/20141112 Intro to Systemd Runlevels and Service Management Commands.md diff --git a/published/20141118 Linux FAQs with Answers--How to convert a text file to PDF format on Linux.md b/published/201412/20141118 Linux FAQs with Answers--How to convert a text file to PDF format on Linux.md similarity index 100% rename from published/20141118 Linux FAQs with Answers--How to convert a text file to PDF format on Linux.md rename to published/201412/20141118 Linux FAQs with Answers--How to convert a text file to PDF format on Linux.md diff --git a/published/20141118 Linux FAQs with Answers--How to install phpMyAdmin on CentOS.md b/published/201412/20141118 Linux FAQs with Answers--How to install phpMyAdmin on CentOS.md similarity index 100% rename from published/20141118 Linux FAQs with Answers--How to install phpMyAdmin on CentOS.md rename to published/201412/20141118 Linux FAQs with Answers--How to install phpMyAdmin on CentOS.md diff --git a/published/20141119 10 SCP Commands to Transfer Files or Folders in Linux.md b/published/201412/20141119 10 SCP Commands to Transfer Files or Folders in Linux.md similarity index 100% rename from published/20141119 10 SCP Commands to Transfer Files or Folders in Linux.md rename to published/201412/20141119 10 SCP Commands to Transfer Files or Folders in Linux.md diff --git a/published/20141119 How To Make Raspberry Pi Boot In To GUI By Default.md b/published/201412/20141119 How To Make Raspberry Pi Boot In To GUI By Default.md similarity index 100% rename from published/20141119 How To Make Raspberry Pi Boot In To GUI By Default.md rename to published/201412/20141119 How To Make Raspberry Pi Boot In To GUI By Default.md diff --git a/published/20141119 Qshutdown--An avanced shutdown tool.md b/published/201412/20141119 Qshutdown--An avanced shutdown tool.md similarity index 100% rename from published/20141119 Qshutdown--An avanced shutdown tool.md rename to published/201412/20141119 Qshutdown--An avanced shutdown tool.md diff --git a/published/20141119 When Microsoft Went A-Courting.md b/published/201412/20141119 When Microsoft Went A-Courting.md similarity index 100% rename from published/20141119 When Microsoft Went A-Courting.md rename to published/201412/20141119 When Microsoft Went A-Courting.md diff --git a/published/20141120 5 Best Open Source Web Browser Security Apps.md b/published/201412/20141120 5 Best Open Source Web Browser Security Apps.md similarity index 100% rename from published/20141120 5 Best Open Source Web Browser Security Apps.md rename to published/201412/20141120 5 Best Open Source Web Browser Security Apps.md diff --git a/published/20141120 How to visualize memory usage on Linux.md b/published/201412/20141120 How to visualize memory usage on Linux.md similarity index 100% rename from published/20141120 How to visualize memory usage on Linux.md rename to published/201412/20141120 How to visualize memory usage on Linux.md diff --git a/published/20141120 Postfix tips and Troubleshooting Commands.md b/published/201412/20141120 Postfix tips and Troubleshooting Commands.md similarity index 100% rename from published/20141120 Postfix tips and Troubleshooting Commands.md rename to published/201412/20141120 Postfix tips and Troubleshooting Commands.md diff --git a/published/20141124 15 pwd (Print Working Directory) Command Examples in Linux.md b/published/201412/20141124 15 pwd (Print Working Directory) Command Examples in Linux.md similarity index 100% rename from published/20141124 15 pwd (Print Working Directory) Command Examples in Linux.md rename to published/201412/20141124 15 pwd (Print Working Directory) Command Examples in Linux.md diff --git a/published/20141125 Linux FAQs with Answers--How to access a NAT guest from host with VirtualBox.md b/published/201412/20141125 Linux FAQs with Answers--How to access a NAT guest from host with VirtualBox.md similarity index 100% rename from published/20141125 Linux FAQs with Answers--How to access a NAT guest from host with VirtualBox.md rename to published/201412/20141125 Linux FAQs with Answers--How to access a NAT guest from host with VirtualBox.md diff --git a/published/20141125 Linux FAQs with Answers--How to fix ImportError--No module named scapy.all.md b/published/201412/20141125 Linux FAQs with Answers--How to fix ImportError--No module named scapy.all.md similarity index 100% rename from published/20141125 Linux FAQs with Answers--How to fix ImportError--No module named scapy.all.md rename to published/201412/20141125 Linux FAQs with Answers--How to fix ImportError--No module named scapy.all.md diff --git a/published/20141127 Some Sentences about Java.md b/published/201412/20141127 Some Sentences about Java.md similarity index 100% rename from published/20141127 Some Sentences about Java.md rename to published/201412/20141127 Some Sentences about Java.md diff --git a/published/20141127 What Makes a Good Programmer.md b/published/201412/20141127 What Makes a Good Programmer.md similarity index 100% rename from published/20141127 What Makes a Good Programmer.md rename to published/201412/20141127 What Makes a Good Programmer.md diff --git a/published/20141204 How To Drop Database In Oracle 11 Without Using DBCA.md b/published/201412/20141204 How To Drop Database In Oracle 11 Without Using DBCA.md similarity index 100% rename from published/20141204 How To Drop Database In Oracle 11 Without Using DBCA.md rename to published/201412/20141204 How To Drop Database In Oracle 11 Without Using DBCA.md diff --git a/published/20141204 Official Ubuntu 14.10 Utopic Unicorn T-Shirts Now Available to Buy.md b/published/201412/20141204 Official Ubuntu 14.10 Utopic Unicorn T-Shirts Now Available to Buy.md similarity index 100% rename from published/20141204 Official Ubuntu 14.10 Utopic Unicorn T-Shirts Now Available to Buy.md rename to published/201412/20141204 Official Ubuntu 14.10 Utopic Unicorn T-Shirts Now Available to Buy.md diff --git a/published/20141204 Readers' Choice Awards 2014--Linux Journal.md b/published/201412/20141204 Readers' Choice Awards 2014--Linux Journal.md similarity index 100% rename from published/20141204 Readers' Choice Awards 2014--Linux Journal.md rename to published/201412/20141204 Readers' Choice Awards 2014--Linux Journal.md diff --git a/published/20141208 Linux FAQs with Answers--How to crop an image from the command line on Linux.md b/published/201412/20141208 Linux FAQs with Answers--How to crop an image from the command line on Linux.md similarity index 100% rename from published/20141208 Linux FAQs with Answers--How to crop an image from the command line on Linux.md rename to published/201412/20141208 Linux FAQs with Answers--How to crop an image from the command line on Linux.md diff --git a/published/20141208 Nathive--A libre software image editor.md b/published/201412/20141208 Nathive--A libre software image editor.md similarity index 100% rename from published/20141208 Nathive--A libre software image editor.md rename to published/201412/20141208 Nathive--A libre software image editor.md diff --git a/published/20141211 Linux Kernel 3.18 Released, This Is What' s New.md b/published/201412/20141211 Linux Kernel 3.18 Released, This Is What' s New.md similarity index 100% rename from published/20141211 Linux Kernel 3.18 Released, This Is What' s New.md rename to published/201412/20141211 Linux Kernel 3.18 Released, This Is What' s New.md diff --git a/published/20141211 Was 2014 The Year of Linux Desktop.md b/published/201412/20141211 Was 2014 The Year of Linux Desktop.md similarity index 100% rename from published/20141211 Was 2014 The Year of Linux Desktop.md rename to published/201412/20141211 Was 2014 The Year of Linux Desktop.md diff --git a/published/20141219 Attic--Deduplicating backup program.md b/published/201412/20141219 Attic--Deduplicating backup program.md similarity index 100% rename from published/20141219 Attic--Deduplicating backup program.md rename to published/201412/20141219 Attic--Deduplicating backup program.md diff --git a/published/20141219 The 'grinch' isn't a Linux vulnerability, Red Hat says.md b/published/201412/20141219 The 'grinch' isn't a Linux vulnerability, Red Hat says.md similarity index 100% rename from published/20141219 The 'grinch' isn't a Linux vulnerability, Red Hat says.md rename to published/201412/20141219 The 'grinch' isn't a Linux vulnerability, Red Hat says.md diff --git a/published/20141222 How to use Rsync Command In Linux With Examples.md b/published/201412/20141222 How to use Rsync Command In Linux With Examples.md similarity index 100% rename from published/20141222 How to use Rsync Command In Linux With Examples.md rename to published/201412/20141222 How to use Rsync Command In Linux With Examples.md diff --git a/published/20141222 Linus Torvalds Launches Linux Kernel 3.19 RC1, One of the Biggest So Far.md b/published/201412/20141222 Linus Torvalds Launches Linux Kernel 3.19 RC1, One of the Biggest So Far.md similarity index 100% rename from published/20141222 Linus Torvalds Launches Linux Kernel 3.19 RC1, One of the Biggest So Far.md rename to published/201412/20141222 Linus Torvalds Launches Linux Kernel 3.19 RC1, One of the Biggest So Far.md diff --git a/published/20141224 Linux FAQs with Answers--How to install non-free packages on Debian.md b/published/201412/20141224 Linux FAQs with Answers--How to install non-free packages on Debian.md similarity index 100% rename from published/20141224 Linux FAQs with Answers--How to install non-free packages on Debian.md rename to published/201412/20141224 Linux FAQs with Answers--How to install non-free packages on Debian.md diff --git a/published/20141230 Second Edition of Ubuntu Manual 14.04 LTS Is Ou.md b/published/201412/20141230 Second Edition of Ubuntu Manual 14.04 LTS Is Ou.md similarity index 100% rename from published/20141230 Second Edition of Ubuntu Manual 14.04 LTS Is Ou.md rename to published/201412/20141230 Second Edition of Ubuntu Manual 14.04 LTS Is Ou.md From 2fa94b20bf7e9ada3a9ddbbfba5b9298cf79dab9 Mon Sep 17 00:00:00 2001 From: liaoishere Date: Thu, 1 Jan 2015 00:41:31 +0800 Subject: [PATCH 29/98] [translated] 20141120 How to install Xen hypervisor on unused old hardware --- ...l Xen hypervisor on unused old hardware.md | 230 ------------------ ...l Xen hypervisor on unused old hardware.md | 229 +++++++++++++++++ 2 files changed, 229 insertions(+), 230 deletions(-) delete mode 100644 sources/tech/20141120 How to install Xen hypervisor on unused old hardware.md create mode 100644 translated/tech/20141120 How to install Xen hypervisor on unused old hardware.md diff --git a/sources/tech/20141120 How to install Xen hypervisor on unused old hardware.md b/sources/tech/20141120 How to install Xen hypervisor on unused old hardware.md deleted file mode 100644 index 427d658323..0000000000 --- a/sources/tech/20141120 How to install Xen hypervisor on unused old hardware.md +++ /dev/null @@ -1,230 +0,0 @@ -liaoishere is translating!! - -How to install Xen hypervisor on unused old hardware -================================================================================ -Xen is a bare metal hypervisor, meaning that you must prepare a bare machine to install and run Xen. KVM is a little different - you can add it to any machine already running Linux. This tutorial describes how to install and configure Xen hypervisor on unused hardware. - -This procedure uses Debian Jessie (their testing distribution) as the host OS (also known as [Dom0][1]). Jessie is not the only choice - Xen support is built into the Linux kernel, and [plenty of Linux distributions][2] include one of these Xen-enabled kernels. - -### Find unused hardware ### - -As a start, find a suitable workstation which can be wiped out, such as an old laptop or desktop. Older hardware may not be good for gaming, but it is good enough for a host OS and a couple of guests. A PC with these specifications works fine. - -- 1 CPU with 2 cores (64-bit) -- 4GB memory -- 80GB hard disk -- ability to boot from CD, DVD or USB -- a network interface - -Note that the CPU must be a 64-bit processor since Debian dropped support for 32-bit Xen packages. If you don't have spare hardware, you could invest in an old machine. 2010's $1000 flagship laptop is today's $100 bargain. A second-hand laptop from eBay and a memory upgrade will do fine. - -### Burn a bootable CD/USB ### - -Download the ISO image for Debian Jessie. The small netinst image available from the [official Debian website][3] works fine. - - $ wget http://cdimage.debian.org/cdimage/jessie_di_beta_2/amd64/iso-cd/debian-jessie-DI-b2-amd64-netinst.iso - -Next, identify the device name assigned to your [CD/DVD][4] or [USB drive][5] (e.g., /dev/sdc). - -Burn the downloaded ISO image into a bootable CD or a USB using dd command. Replace /dev/sdc with the device name you identified above. - - $ sudo dd if=debian-jessie-DI-b2-amd64-netinst.iso of=/dev/sdc - -### Start the installation ### - -To start the installation, boot with the Debian installer CD/USB. - -It's a good idea to use a wired connection, not WiFi. If the WiFi won't connect because firmware or driver software is missing, you won't get very far. - -![](https://farm8.staticflickr.com/7516/15772286696_c31e4c7754_z.jpg) - -### Partition the disk ### - -This setup uses four primary disk partitions. Automatic OS installers usually set up an extended partition that contains logical partitions. Set up the four partitions like this. - -- sda1 mount on /boot, 200MB -- sda2 /, 20GB, Ubuntu uses 4GB -- sda3 swap, 6GB (4GB of memory x 1.5 = 6) -- sda4 reserved for LVM, not mounted, all the rest of the disk space - -### Install the base system ### - -It's a good idea to make the install as simple and short as possible. A basic working system can always be added to later. Debian's APT (Advanced Package Tool) makes adding software easy. Installing Debian on a workstation can cause pretty obscure time-wasting issues. Perhaps a graphics driver does not agree with the kernel or maybe the old CD-ROM drive only works intermittently. - -When it comes to choosing what to install, do install an SSH server and don't install a desktop like Gnome. - -![](https://farm9.staticflickr.com/8541/15176520633_5d31beda9c_z.jpg) - -A graphical desktop requires hundreds of package installs - it's a lot of extra work that can be done later. If you run into problems, waiting for that desktop install is a waste of time. Also, without desktop component, the system boot will be much quicker - seconds rather than minutes. This procedure requires a few reboots, so that's a handy time-saver. - -An SSH server lets you configure the workstation from another computer. This allows you to avoid some of the problems with old hardware - perhaps the old machine's keyboard is missing keys, the LCD screen has dead pixels or the trackpad is unresponsive etc. - -### Add LVM (Logical Volume Manager) ### - -Install the LVM tools as the root. - - # apt-get update - # apt-get install lvm2 - -Pick a physical volume to work with. - - # pvcreate /dev/sda4 - -Create a volume group. - - # vgcreate vg0 /dev/sda4 - -You don't need to create a logical volume. If you want to test LVM works, create a volume then delete it. - - # lvcreate -nmytempvol -L10G vg0 - # lvremove /dev/vg0/mytempvol - -Check LVM status. - - # pvs (to view information about physical volumes) - # vgs (to view information about volume groups) - # lvs (to view information about logical volumes) - -### Add a Linux Ethernet bridge ### - -We are going to set up a Linux bridge so that all Xen's guest domains can be connected to, and communicate through the bridge. - -Install the bridge tools. - - # apt-get install bridge-utils - -See what interfaces are configured. - - # ip addr - -![](https://farm8.staticflickr.com/7512/15610553338_2f9cf1d3a2_z.jpg) - -In this example, we have one primary interface assigned eth0. We are going to add eth0 to the Linux bridge by editing the network configuration file (/etc/network/interfaces). - -Before making any change, back up the network configuration file to keep the original working configuration safe. - - # cd /etc/network/ - # cp interfaces interfaces.backup - # vi /etc/network/interfaces - -The file contents look something like this. - - auto lo - iface lo inet loopback - - allow-hotplug eth0 - iface eth0 inet dhcp - -Change the file to this. - - auto lo - iface lo inet loopback - - auto eth0 - iface eth0 inet manual - - auto xenbr0 - iface xenbr0 inet dhcp - bridge_ports eth0 - -Activate the network configuration change: - - # systemctl restart networking - -### Verify networking settings ### - -Verify that a Linux bridge xenbr0 is created successfully. - - # ip addr show xenbr0 - -Also check that the primary interface eth0 is successfully added to the bridge. - - # brctl show - -![](https://farm6.staticflickr.com/5609/15795960355_673c71ab5c_z.jpg) - -You now have a working machine with Jessie installed. Xen is not yet installed at this point. Let's proceed to install Xen next. - -### Install the Xen hypervisor ### - -Install Xen and QEMU packages, and update the GRUB bootloader. - - # apt-get install xen-linux-system - -Reboot. - -When the GRUB screen appears, you can see extra booting options listed. - -![](https://farm8.staticflickr.com/7535/15794086091_bf1bce6b4b_z.jpg) - -The first option will boot automatically in five seconds (see the GRUB_TIMEOUT line in /etc/default/grub), so this is not the time to get a coffee. - -Press the down arrow to highlight the option "Debian GNU/Linux, with Xen hypervisor", and press RETURN. Many lines of information appear, followed by the usual login screen. - -### Check Xen works ### - -Xen hypervisor comes with Xen management command-line tool called xl, which can be used to create and manage Xen guest domains. Let's use xl command to check if Xen is successfully installed. - -Log in as root, and run: - - # xl info - -which will display various information about Xen host. - -![](https://farm9.staticflickr.com/8404/15610553388_db3b134a9d_z.jpg) - -To see a list of existing Xen domains: - - # xl list - -![](https://farm9.staticflickr.com/8393/15610135189_ffd8bd24e8_z.jpg) - -A little table of domains appears. Without any Xen guest domain created, the only entry should be Domain-0, your Debian installation. - -### Change the boot order ### - -When you reach this point, the Xen install is complete. There is one more thing to fix - the default boot will not load Xen. GRUB chooses the first item in the boot menu (Debian GNU/Linux), not the third (Debian GNU/Linux, with Xen hypervisor). - -The default option in the boot menu is defined in the grub configuration file /boot/grub/grub.cfg. To change the default option, don't edit that file, but edit /etc/default/grub instead. A little helper program called grub-mkconfig reads in this default configuration file and all the templates in /etc/grub.d/, then writes the grub.cfg file. - -Edit Debian's configuration file for grub-mkconfig. - - # vi /etc/default/grub - -Change the line: - - GRUB_DEFAULT=0 - -to - - GRUB_DEFAULT='Debian GNU/Linux, with Xen hypervisor' - -Then update the grub configuration file. - - # grub-mkconfig -o /boot/grub/grub.cfg - -Finally reboot. After a few seconds, the grub boot menu appears. Check that the third option "Debian GNU/Linux, with Xen hypervisor" is highlighted automatically. - -### Final note ### - -If you use this machine as your hands-on workstation, install a graphical desktop. The Debian library includes a few [desktop environments][6]. If you want a graphical desktop that includes everything and the kitchen sink, go for Gnome. If graphics just get in your way, try Awesome. - -Note that the Debian Jessie default environment Gnome comes with a huge amount of extra applications including the productivity suite LibreOffice, the Iceweasel web browser and the Rhythmbox music player. The install command "apt-get install gnome" adds 1,000 packages and takes up nearly 2GB of disk space. Running this heavyweight desktop takes up 1GB of memory. - --------------------------------------------------------------------------------- - -via: http://xmodulo.com/install-xen-hypervisor.html - -作者:[Nick Hardiman][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 - -[a]:http://xmodulo.com/author/nick -[1]:http://wiki.xen.org/wiki/Dom0 -[2]:http://wiki.xen.org/wiki/Dom0_Kernels_for_Xen -[3]:https://www.debian.org/devel/debian-installer/ -[4]:http://ask.xmodulo.com/detect-dvd-writer-device-name-writing-speed-command-line-linux.html -[5]:http://ask.xmodulo.com/find-device-name-usb-drive-linux.html -[6]:https://wiki.debian.org/DesktopEnvironment diff --git a/translated/tech/20141120 How to install Xen hypervisor on unused old hardware.md b/translated/tech/20141120 How to install Xen hypervisor on unused old hardware.md new file mode 100644 index 0000000000..87a28c57fc --- /dev/null +++ b/translated/tech/20141120 How to install Xen hypervisor on unused old hardware.md @@ -0,0 +1,229 @@ + +怎样在废旧的硬件上安装 Xen 虚拟机监视器 +================================================================================ +Xen 是一个直接运行在硬件上的虚拟机监视器,这意味着你必须准备一个裸机来安装和运行 Xen。KVM 和 Xen 有一些不同 —— 你可以把它安装在任何已经正在运行 Linux 的机器上。本教程描述了如何在废旧的硬件上安装和配置 Xen 虚拟机监视器。 + +整个安装过程使用 Debian Jessie(Debian 的测试发行版)作为宿主机操作系统(也称作 [Dom0][1])。Jessie 并不是唯一的选择 —— Xen 的支持是内建在 Linux 内核中的,[许多 Linux 发行版][2] 都包含支持 Xen 的内核。 + +### 找点废旧的硬件 ### +首先,找一个可以格式化的合适的工作站,比如一台旧的笔记本或者台式机。旧的硬件可能不适合玩游戏,但是足够安装一个宿主机和一些客户机了。一个满足下面这些要求的 PC 机就可以了。 + +- 一个双核 CPU(64 位) +- 4GB 内存 +- 80GB 硬盘 +- 能够从 CD,DVD 或者 USB 引导启动 +- 一块网卡 + +注意 CPU 必须是 64 位的,因为 Debian 已经不再支持 32 位的 Xen 安装包。如果你没有空余的硬件,你可以花点钱投资一台旧机器。2010 年值 $1000 的旗舰级笔记本现在只需要 $100。从 eBay 买台二手笔记本并升级下内存也可以满足需求。 + +### 刻录一个引导 CD/USB ### + +下载 Debian Jessie 的 ISO 镜像。从 [Debian 官网][3] 下载网络安装镜像就可以了。 + + $ wget http://cdimage.debian.org/cdimage/jessie_di_beta_2/amd64/iso-cd/debian-jessie-DI-b2-amd64-netinst.iso + +接下来,记下你的 [CD/DVD][4] 或者 [USB设备][5] 所识别的设备名 (例如 /dev/sdc)。 + +使用 dd 命令将 ISO 镜像刻录至 CD 或者 USB 中。将下面的 /dev/sdc 替换为你上面识别出的设备名。 + + $ sudo dd if=debian-jessie-DI-b2-amd64-netinst.iso of=/dev/sdc + +### 开始安装 ### + +安装前,使用刻录的 CD/USB 启动 Debian 的安装界面。 + +最好是使用有线网络,而不是 WIFI。如果因为固件或者驱动的原因导致 WIFI 不能连接,你将无法完成下面的步骤。 + +![](https://farm8.staticflickr.com/7516/15772286696_c31e4c7754_z.jpg) + +### 硬盘分区 ### + +这里的设置使用了四个分区。自动安装时通常会创建一个包含逻辑分区的扩展分区。像下面这样给硬盘分四个区。 + +- sda1 挂载至 /boot,200MB +- sda2 /, 20GB, Ubuntu 占用 4GB +- sda3 swap, 6GB (4GB x 1.5 = 6) +- sda4 保留用作 LVM, 不挂载,大小为剩余的硬盘大小 + +### 安装基本的系统 ### + +这里尽可能的让系统的安装更简单快速一些。一个基本的工作用系统可以稍后再添加。Debian 的 APT(Advanced Package Tool)使得添加软件非常的简单。在一个工作站上安装 Deibian 可能会有一些很浪费时间的问题。可能显卡驱动与内核不监控或者可能老旧的 CD-ROM 驱动器只能间歇性的工作。 + +当选择安装软件时,选择安装一个 SSH 服务器,不要安装桌面环境如 Gnome。 + +![](https://farm9.staticflickr.com/8541/15176520633_5d31beda9c_z.jpg) + +安装一个图形桌面需要安装成百上千的包 —— 这些额外的工作可以稍后再进行。如果你遇到问题了,等到图形桌面的安装会浪费很多事件。同时,没有桌面组件,系统的启动可以更快一些 —— 只需要几十秒而不是几分钟。整个安装过程会需要重启几次,因此这样做可以节省不少时间。 + +一个 SSH 服务器可以让你从另一台电脑来配置这台工作站。这可以避免一些旧硬件的问题 —— 可能旧机器的键盘少了几个键,LCD 屏幕有坏点或者触摸板没有反应等等。 + +### 添加 LVM (Logical Volume Manager) ### + +以 root 身份安装 LVM 工具。 + + # apt-get update + # apt-get install lvm2 + +选择一个分区创建物理卷。 + + # pvcreate /dev/sda4 + +创建卷组。 + + # vgcreate vg0 /dev/sda4 + +你并不需要创建逻辑卷。如果你想测试 LVM 是否正常,可以创建一个逻辑卷然后删掉它。 + + # lvcreate -nmytempvol -L10G vg0 + # lvremove /dev/vg0/mytempvol + +检查 LVM 状态。 + + # pvs (to view information about physical volumes) + # vgs (to view information about volume groups) + # lvs (to view information about logical volumes) + +### 添加一个 Linux 网桥 ### + +这里我们要添加一个桥接网卡,这样 Xen 客户机就可以通过网桥连接网络。 + +安装桥接的工具。 + + # apt-get install bridge-utils + +查看在哪块网卡配置桥接。 +See what interfaces are configured. + + # ip addr + +![](https://farm8.staticflickr.com/7512/15610553338_2f9cf1d3a2_z.jpg) + +在这个例子中,我们有一块网卡名称为 eth0。我们准备修改配置文件(/etc/network/interfaces)将 eth0 作为桥接设备。 + +在进行更改之前,备份网络配置文件以保证原来的工作配置是安全的。 + + # cd /etc/network/ + # cp interfaces interfaces.backup + # vi /etc/network/interfaces + +文件的内容类似下面这样。 + + auto lo + iface lo inet loopback + + allow-hotplug eth0 + iface eth0 inet dhcp + +修改成这样。 + + auto lo + iface lo inet loopback + + auto eth0 + iface eth0 inet manual + + auto xenbr0 + iface xenbr0 inet dhcp + bridge_ports eth0 + +激活网卡配置的修改: + + # systemctl restart networking + +### 验证网络设置 ### + +验证桥接设备 xenbr0 创建成功。 + + # ip addr show xenbr0 + +同时检查 eth0 被成功加入网桥。 + + # brctl show + +![](https://farm6.staticflickr.com/5609/15795960355_673c71ab5c_z.jpg) + +你现在安装好了 Jessie 系统。不过此时 Xen 还没有安装。下面我们开始安装 Xen。 + +### 安装 Xen 虚拟机监视器 ### + +安装 Xen 和 QEMU 包,并升级 GRUB 引导程序。 + + # apt-get install xen-linux-system + +重启。 + +当 GRUB 界面出现时,你可以看到列出的额外的启动选项。 + +![](https://farm8.staticflickr.com/7535/15794086091_bf1bce6b4b_z.jpg) + +第一个选项会在 5 秒钟内自动启动(在 /etc/default/grub 的 GRUB_TIMEOUT 这行设置),因此这点时间还来不及喝咖啡的。 + +按下方向键选择 "Debian GNU/Linux, with Xen hypervisor" 这个选项,然后按回车。这时屏幕会出现很多行信息,接着是正常的登录界面。 + +### 检查 Xen 工作是否正常 ### + +Xen 虚拟机监视器嗲有一个管理 Xen 的命令行工序叫做 xl,可以用来创建和管理 Xen 虚拟机。使用 xl 命令来检查 Xen 是否成功安装了。 + +以 root 用户登录,执行: + + # xl info + +将会显示很多关于 Xen 主机的信息。 + +![](https://farm9.staticflickr.com/8404/15610553388_db3b134a9d_z.jpg) + +查看已有 Xen 虚拟机的列表: + + # xl list + +![](https://farm9.staticflickr.com/8393/15610135189_ffd8bd24e8_z.jpg) + +这里显示了一个主机的列表。因为没有创建任何的 Xen 客户机,唯一的条目是 Domain-0,即你安装的 Debian 系统。 + +### 修改启动顺序 ### + +当你到这一步之后,Xen 的安装已经完成了。这里还有一件事需要修改 —— 默认的启动选项不会加载 Xen。GRUB 选择启动菜单的第一个选项 (Debian GNU/Linux),而不是第三个(Debian GNU/Linux, with Xen hypervisor)。 + +启动菜单的默认选项是在 grub 配置文件 /boot/grub/grub.cfg 中定义的。修改选项时,不要直接修改这个文件,而是编辑 /etc/default/grub 这个文件。有一个叫做 grub-mkconfig 的工具可以读取这个配置文件和 /etc/grub.d/ 中的所有莫爸妈,并写入到 grub.cfg 文件中。 + +编辑 Debian 的 grub-mkconfig 的配置文件 + + # vi /etc/default/grub + +修改这一行: + + GRUB_DEFAULT=0 + +改为 + + GRUB_DEFAULT='Debian GNU/Linux, with Xen hypervisor' + +然后更新 grub 的配置文件。 + + # grub-mkconfig -o /boot/grub/grub.cfg + +最后重启。几秒钟后,grub 启动菜单出现了。检查看第三个选项 "Debian GNU/Linux, with Xen hypervisor" 是否是自动选中的选项。 + +### 最后 ### + +如果你使用这台主机作为你的工作站,可以安装一个图形桌面。Debian 包好几种[桌面环境][6]。如果你想要一个包含所有东西的图形桌面,那么安装 Gnome 吧。如果图形效果并不是你的菜,试试 Awesome 吧。 + +注意 Debian 的默认 Gnome 环境有大量的额外应用程序包括办公套件 LibreOffice,Iceweasel 浏览器和 Rhythmbox 音乐播放器。安装命令 "apt-get install gnome" 会安装 1,000 多个包并需要将近 2GB 的硬盘空间。运行这个重量级的桌面环境需要占用 1GB 的内存。 + +-------------------------------------------------------------------------------- + +via: http://xmodulo.com/install-xen-hypervisor.html + +作者:[Nick Hardiman][a] +译者:[Liao](https://github.com/liaoishere) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:http://xmodulo.com/author/nick +[1]:http://wiki.xen.org/wiki/Dom0 +[2]:http://wiki.xen.org/wiki/Dom0_Kernels_for_Xen +[3]:https://www.debian.org/devel/debian-installer/ +[4]:http://ask.xmodulo.com/detect-dvd-writer-device-name-writing-speed-command-line-linux.html +[5]:http://ask.xmodulo.com/find-device-name-usb-drive-linux.html +[6]:https://wiki.debian.org/DesktopEnvironment From 682f441674eee44bd8bad38533e3ae18b79535de Mon Sep 17 00:00:00 2001 From: zhengsihua Date: Thu, 1 Jan 2015 10:06:48 +0800 Subject: [PATCH 30/98] translating --- ...iSCSI Target Server' on RHEL or CentOS or Fedora -Part II.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/sources/tech/20141217 How to Create and Setup LUNs using LVM in 'iSCSI Target Server' on RHEL or CentOS or Fedora -Part II.md b/sources/tech/20141217 How to Create and Setup LUNs using LVM in 'iSCSI Target Server' on RHEL or CentOS or Fedora -Part II.md index 4a8e42b772..447e55daca 100644 --- a/sources/tech/20141217 How to Create and Setup LUNs using LVM in 'iSCSI Target Server' on RHEL or CentOS or Fedora -Part II.md +++ b/sources/tech/20141217 How to Create and Setup LUNs using LVM in 'iSCSI Target Server' on RHEL or CentOS or Fedora -Part II.md @@ -1,3 +1,5 @@ +Translating----geekpi + How to Create and Setup LUNs using LVM in “iSCSI Target Server” on RHEL/CentOS/Fedora – Part II ================================================================================ LUN is a Logical Unit Number, which shared from the iSCSI Storage Server. The Physical drive of iSCSI target server shares its drive to initiator over TCP/IP network. A Collection of drives called LUNs to form a large storage as SAN (Storage Area Network). In real environment LUNs are defined in LVM, if so it can be expandable as per space requirements. From 189d460a74588d3408caa9ad354414391028636f Mon Sep 17 00:00:00 2001 From: zhengsihua Date: Thu, 1 Jan 2015 11:45:53 +0800 Subject: [PATCH 31/98] translated --- ...r' on RHEL or CentOS or Fedora -Part II.md | 232 ------------------ ...r' on RHEL or CentOS or Fedora -Part II.md | 232 ++++++++++++++++++ 2 files changed, 232 insertions(+), 232 deletions(-) delete mode 100644 sources/tech/20141217 How to Create and Setup LUNs using LVM in 'iSCSI Target Server' on RHEL or CentOS or Fedora -Part II.md create mode 100644 translated/tech/20141217 How to Create and Setup LUNs using LVM in 'iSCSI Target Server' on RHEL or CentOS or Fedora -Part II.md diff --git a/sources/tech/20141217 How to Create and Setup LUNs using LVM in 'iSCSI Target Server' on RHEL or CentOS or Fedora -Part II.md b/sources/tech/20141217 How to Create and Setup LUNs using LVM in 'iSCSI Target Server' on RHEL or CentOS or Fedora -Part II.md deleted file mode 100644 index 447e55daca..0000000000 --- a/sources/tech/20141217 How to Create and Setup LUNs using LVM in 'iSCSI Target Server' on RHEL or CentOS or Fedora -Part II.md +++ /dev/null @@ -1,232 +0,0 @@ -Translating----geekpi - -How to Create and Setup LUNs using LVM in “iSCSI Target Server” on RHEL/CentOS/Fedora – Part II -================================================================================ -LUN is a Logical Unit Number, which shared from the iSCSI Storage Server. The Physical drive of iSCSI target server shares its drive to initiator over TCP/IP network. A Collection of drives called LUNs to form a large storage as SAN (Storage Area Network). In real environment LUNs are defined in LVM, if so it can be expandable as per space requirements. - -![Create LUNS using LVM in Target Server](http://www.tecmint.com/wp-content/uploads/2014/07/Create-LUNS-inLVM.png) -Create LUNS using LVM in Target Server - -### Why LUNS are Used? ### - -LUNS used for storage purpose, SAN Storage’s are build with mostly Groups of LUNS to become a pool, LUNs are Chunks of a Physical disk from target server. We can use LUNS as our systems Physical Disk to install Operating systems, LUNS are used in Clusters, Virtual servers, SAN etc. The main purpose of Using LUNS in Virtual servers for OS storage purpose. LUNS performance and reliability will be according to which kind of disk we using while creating a Target storage server. - -### Requirements ### - -To know about creating a ISCSI Target Server follow the below link. - -- [Create Centralized Secure Storage using iSCSI Target – Part I][1] - -#### Master Server Setup #### - -System information’s and Network setup are same as iSCSI Target Server as shown in Part – I, As we are defining LUNs in same server. - -- Operating System – CentOS release 6.5 (Final) -- iSCSI Target IP – 192.168.0.200 -- Ports Used : TCP 860, 3260 -- Configuration file : /etc/tgt/targets.conf - -## Creating LUNs using LVM in iSCSI Target Server ## - -First, find out the list of drives using **fdisk -l** command, this will manipulate a long list of information of every partitions on the system. - - # fdisk -l - -The above command only gives the drive information’s of base system. To get the storage device information, use the below command to get the list of storage devices. - - # fdisk -l /dev/vda && fdisk -l /dev/sda - -![List Storage Drives](http://www.tecmint.com/wp-content/uploads/2014/07/1.jpg) - -List Storage Drives - -**NOTE**: Here **vda** is virtual machines hard drive as I’m using virtual machine for demonstration, **/dev/sda** is added additionally for storage. - -### Step 1: Creating LVM Drive for LUNs ### - -We going to use **/dev/sda** drive for creating a LVM. - - # fdisk -l /dev/sda - -![List LVM Drive](http://www.tecmint.com/wp-content/uploads/2014/07/2.jpg) - -List LVM Drive - -Now let’s Partition the drive using fdisk command as shown below. - - # fdisk -cu /dev/sda - -- The option ‘**-c**‘ switch off the DOS compatible mode. -- The option ‘**-u**‘ is used to listing partition tables, give sizes in sectors instead of cylinders. - -Choose **n** to create a New Partition. - - Command (m for help): n - -Choose **p** to create a Primary partition. - - Command action - e extended - p primary partition (1-4) - -Give a Partition number which we need to create. - - Partition number (1-4): 1 - -As here, we are going to setup a LVM drive. So, we need to use the default settings to use full size of Drive. - - First sector (2048-37748735, default 2048): - Using default value 2048 - Last sector, +sectors or +size{K,M,G} (2048-37748735, default 37748735): - Using default value 37748735 - -Choose the type of partition, Here we need to setup a LVM so use **8e**. Use **l** option to see the list of type. - - Command (m for help): t - -Choose which partition want to change the type. - - Selected partition 1 - Hex code (type L to list codes): 8e - Changed system type of partition 1 to 8e (Linux LVM) - -After changing the type, check the changes by print (**p**) option to list the partition table. - - Command (m for help): p - - Disk /dev/sda: 19.3 GB, 19327352832 bytes - 255 heads, 63 sectors/track, 2349 cylinders, total 37748736 sectors - Units = sectors of 1 * 512 = 512 bytes - Sector size (logical/physical): 512 bytes / 512 bytes - I/O size (minimum/optimal): 512 bytes / 512 bytes - Disk identifier: 0x9fae99c8 - - Device Boot Start End Blocks Id System - /dev/sda1 2048 37748735 18873344 8e Linux LVM - -Write the changes using **w** to exit from fdisk utility, Restart the system to make changes. - -For your reference, I’ve attached screen shot below that will give you a clear idea about creating LVM drive. - -![Create LVM Partition](http://www.tecmint.com/wp-content/uploads/2014/07/3.jpg) - -Create LVM Partition - -After system reboot, list the Partition table using the following fdisk command. - - # fdisk -l /dev/sda - -![Verify LVM Partition](http://www.tecmint.com/wp-content/uploads/2014/07/4.jpg) - -Verify LVM Partition - -### Step 2: Creating Logical Volumes for LUNs ### - -Now here, we going to create Physical volume using using ‘pvcreate’ command. - - # pvcreate /dev/sda1 - -Create a Volume group with name of iSCSI to identify the group. - - # vgcreate vg_iscsi /dev/sda1 - -Here I’m defining 4 Logical Volumes, if so there will be 4 LUNs in our iSCSI Target server. - - # lvcreate -L 4G -n lv_iscsi vg_iscsi - - # lvcreate -L 4G -n lv_iscsi-1 vg_iscsi - - # lvcreate -L 4G -n lv_iscsi-2 vg_iscsi - - # lvcreate -L 4G -n lv_iscsi-3 vg_iscsi - -List the Physical volume, Volume group, logical volumes to confirm. - - # pvs && vgs && lvs - # lvs - -For better understanding of the above command, for your reference I’ve included a screen grab below. - -![Creating LVM Logical Volumes](http://www.tecmint.com/wp-content/uploads/2014/07/5.jpg) - -Creating LVM Logical Volumes - -![Verify LVM Logical Volumes](http://www.tecmint.com/wp-content/uploads/2014/07/6.jpg) - -Verify LVM Logical Volumes - -### Step 3: Define LUNs in Target Server ### - -We have created Logical Volumes and ready to use with LUN, here we to define the LUNs in target configuration, if so only it will be available for client machines (Initiators). - -Open and edit Targer configuration file located at ‘/etc/tgt/targets.conf’ with your choice of editor. - - # vim /etc/tgt/targets.conf - -Append the following volume definition in target conf file. Save and close the file. - - - backing-store /dev/vg_iscsi/lv_iscsi - - - backing-store /dev/vg_iscsi/lv_iscsi-1 - - - backing-store /dev/vg_iscsi/lv_iscsi-2 - - - backing-store /dev/vg_iscsi/lv_iscsi-3 - + backing-store /dev/vg_iscsi/lv_iscsi + + + backing-store /dev/vg_iscsi/lv_iscsi-1 + + + backing-store /dev/vg_iscsi/lv_iscsi-2 + + + backing-store /dev/vg_iscsi/lv_iscsi-3 + Date: Thu, 1 Jan 2015 18:02:45 +0800 Subject: [PATCH 32/98] SPccman MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit 申领 --- sources/tech/20141127 Quick systemd-nspawn guide.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/sources/tech/20141127 Quick systemd-nspawn guide.md b/sources/tech/20141127 Quick systemd-nspawn guide.md index 6ba0f8586f..824808618e 100644 --- a/sources/tech/20141127 Quick systemd-nspawn guide.md +++ b/sources/tech/20141127 Quick systemd-nspawn guide.md @@ -1,3 +1,4 @@ +SPccman................... Quick systemd-nspawn guide ================================================================================ I switched to using systemd-nspawn in place of chroot and wanted to give a quick guide to using it. The short version is that I’d strongly recommend that anybody running systemd that uses chroot switch over - there really are no downsides as long as your kernel is properly configured. @@ -73,4 +74,4 @@ via: http://rich0gentoo.wordpress.com/2014/07/14/quick-systemd-nspawn-guide/ 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 -[a]:http://rich0gentoo.wordpress.com/ \ No newline at end of file +[a]:http://rich0gentoo.wordpress.com/ From 1609916663ad1fe0b4cc59715900d727141a43eb Mon Sep 17 00:00:00 2001 From: H-mudcup Date: Fri, 2 Jan 2015 12:41:58 +0800 Subject: [PATCH 33/98] Translating by H-mudcup U.S. Marine Corps Wants to Change OS for Radar System from Windows XP to Linux --- ... to Change OS for Radar System from Windows XP to Linux.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/sources/news/20141208 U.S. Marine Corps Wants to Change OS for Radar System from Windows XP to Linux.md b/sources/news/20141208 U.S. Marine Corps Wants to Change OS for Radar System from Windows XP to Linux.md index 020e821df9..2be8c37e18 100644 --- a/sources/news/20141208 U.S. Marine Corps Wants to Change OS for Radar System from Windows XP to Linux.md +++ b/sources/news/20141208 U.S. Marine Corps Wants to Change OS for Radar System from Windows XP to Linux.md @@ -1,3 +1,5 @@ +Traslating by H-mudcup + U.S. Marine Corps Wants to Change OS for Radar System from Windows XP to Linux ================================================================================ **A new radar system has been sent back for upgrade** @@ -44,4 +46,4 @@ via: http://news.softpedia.com/news/U-S-Marine-Corps-Want-to-Change-OS-for-Radar [a]:http://news.softpedia.com/editors/browse/silviu-stahie [1]:http://www.militaryaerospace.com/articles/2014/12/gator-linux-software.html -[2]:http://youtu.be/H2ppl4x-eu8 \ No newline at end of file +[2]:http://youtu.be/H2ppl4x-eu8 From 16de73e52f860bd33e6017ab2ca1d5dc3bb1f988 Mon Sep 17 00:00:00 2001 From: wxy Date: Fri, 2 Jan 2015 13:04:15 +0800 Subject: [PATCH 34/98] =?UTF-8?q?=E9=94=99=E8=AF=AF=E7=9A=84=E6=94=BE?= =?UTF-8?q?=E5=9C=A8=E4=BA=86=E6=A0=B9=E4=B8=8B?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ...1211 How to use matplotlib for scientific plotting on Linux.md | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename 20141211 How to use matplotlib for scientific plotting on Linux => translated/tech/20141211 How to use matplotlib for scientific plotting on Linux.md (100%) diff --git a/20141211 How to use matplotlib for scientific plotting on Linux b/translated/tech/20141211 How to use matplotlib for scientific plotting on Linux.md similarity index 100% rename from 20141211 How to use matplotlib for scientific plotting on Linux rename to translated/tech/20141211 How to use matplotlib for scientific plotting on Linux.md From f925f5db94bf83ba8a1b3958a8de354bf1136639 Mon Sep 17 00:00:00 2001 From: wxy Date: Fri, 2 Jan 2015 13:15:09 +0800 Subject: [PATCH 35/98] PUB:20141224 Linux FAQs with Answers--How to check SSH protocol version on Linux @geekpi --- ...Answers--How to check SSH protocol version on Linux.md | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) rename {translated/tech => published}/20141224 Linux FAQs with Answers--How to check SSH protocol version on Linux.md (78%) diff --git a/translated/tech/20141224 Linux FAQs with Answers--How to check SSH protocol version on Linux.md b/published/20141224 Linux FAQs with Answers--How to check SSH protocol version on Linux.md similarity index 78% rename from translated/tech/20141224 Linux FAQs with Answers--How to check SSH protocol version on Linux.md rename to published/20141224 Linux FAQs with Answers--How to check SSH protocol version on Linux.md index 7bd8b8a752..1aac7682f3 100644 --- a/translated/tech/20141224 Linux FAQs with Answers--How to check SSH protocol version on Linux.md +++ b/published/20141224 Linux FAQs with Answers--How to check SSH protocol version on Linux.md @@ -1,8 +1,7 @@ -Linux有问必答-- 如何在Linux上检查SSH的版本 +Linux有问必答:如何在Linux上检查SSH的版本 ================================================================================ > **Question**:我想到SSH存在1和2两个版本(SSH1和SSH2)。这两者之间有什么不同?还有我该怎么在Linux上检查SSH协议的版本? -Secure Shell (SSH) is a network protocol that enables remote login or remote command execution between two hosts over a cryptographically secure communication channel. SSH was designed to replace insecure clear-text protocols such as telnet, rsh or rlogin. SSH provides a number of desirable features such as authentication, encryption, data integrity, authorization, and forwarding/tunneling. 安全Shell(SSH)通过加密的安全通信通道来远程登录或者远程执行命令。SSH被设计来替代不安全的明文协议,如telnet、rsh和rlogin。SSH提供了大量需要的特性,如认证、加密、数据完整性、授权和转发/通道。 ### SSH1 vs. SSH2 ### @@ -11,8 +10,7 @@ SSH协议规范存在一些小版本的差异,但是有两个主要的大版 事实上,SSH1和SSH2是两个完全不同互不兼容的协议。SSH2明显地提升了SSH1中的很多方面。首先,SSH是宏设计,几个不同的功能(如:认证、传输、连接)被打包进一个单一的协议,SSH2带来了比SSH1更强大的安全特性,如基于MAC的完整性检查,灵活的会话密钥更新、充分协商的加密算法、公钥证书等等。 -SSH2 is standardized by IETF, and as such its implementation is widely deployed and accepted in the industry. Due to SSH2's popularity and cryptographic superiority over SSH1, many products are dropping support for SSH1. As of this writing, OpenSSH still [supports][1] both SSH1 and SSH2, while on all modern Linux distributions, OpenSSH server comes with SSH1 disabled by default. -SSH2由IETF标准化,且它的实现在业界被广泛部署和接受。由于SSH2对于SSH1的流行和加密优势,许多产品对SSH1放弃了支持。在写这篇文章的时候,OpenSSH仍旧[支持][1]SSH1和SSH2,然而在所有的现代Linux发行版中,OpenSSH服务器默认禁用了SSH1。 +SSH2由IETF标准化,且它的实现在业界被广泛部署和接受。由于SSH2对于SSH1的流行和加密优势,许多产品对SSH1放弃了支持。在写这篇文章的时候,OpenSSH仍旧[支持][1]SSH1和SSH2,然而在所有的现代Linux发行版中,OpenSSH服务器默认禁用了SSH1。 ### 检查支持的SSH协议版本 ### @@ -69,7 +67,7 @@ SSH2由IETF标准化,且它的实现在业界被广泛部署和接受。由于 via: http://ask.xmodulo.com/check-ssh-protocol-version-linux.html 译者:[geekpi](https://github.com/geekpi) -校对:[校对者ID](https://github.com/校对者ID) +校对:[wxy](https://github.com/wxy) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 From becb5c029511647667aeede5566836e4362ad190 Mon Sep 17 00:00:00 2001 From: wxy Date: Fri, 2 Jan 2015 13:33:16 +0800 Subject: [PATCH 36/98] PUB:20140915 10 Open Source Cloning Software For Linux Users @felixonmars --- ...pen Source Cloning Software For Linux Users.md | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) rename {translated/talk => published}/20140915 10 Open Source Cloning Software For Linux Users.md (77%) diff --git a/translated/talk/20140915 10 Open Source Cloning Software For Linux Users.md b/published/20140915 10 Open Source Cloning Software For Linux Users.md similarity index 77% rename from translated/talk/20140915 10 Open Source Cloning Software For Linux Users.md rename to published/20140915 10 Open Source Cloning Software For Linux Users.md index 1fef50289f..9eabdb35f6 100644 --- a/translated/talk/20140915 10 Open Source Cloning Software For Linux Users.md +++ b/published/20140915 10 Open Source Cloning Software For Linux Users.md @@ -1,20 +1,19 @@ -为 Linux 用户准备的 10 个开源克隆软件 +给 Linux 用户的 10 个开源克隆软件 ================================================================================ > 这些克隆软件会读取整个磁盘的数据,将它们转换成一个 .img 文件,之后你可以将它复制到其他硬盘上。 -![](http://1-ps.googleusercontent.com/h/www.efytimes.com/admin/useradmin/photo/150x150x1Qn740810PM9112014.jpg.pagespeed.ic.Ch7q5vT9Yg.jpg) -磁盘克隆意味着从一个硬盘复制数据到另一个硬盘上,而且你可以通过简单的复制粘贴来做到。但是你却不能复制隐藏文件和文件夹,以及正在使用中的文件。这便是一个克隆软件可以通过保存一份文件和文件夹的镜像来帮助你的地方。克隆软件会读取整个磁盘的数据,将它们转换成一个 .img 文件,之后你可以将它复制到其他硬盘上。现在我们将要向你介绍最优秀的 10 个开源的克隆软件: +磁盘克隆的意思是说从一个硬盘复制数据到另一个硬盘上。虽然你可以通过简单的复制粘贴来做到这一点,但是你却不能复制隐藏文件和文件夹,以及正在使用中的文件。这便是一个克隆软件可以通过保存一份文件和文件夹的镜像来做到的。克隆软件会读取整个磁盘的数据,将它们转换成一个 .img 文件,之后你可以将它复制到其他硬盘上。现在我们将要向你介绍最优秀的 10 个开源的克隆软件: ### 1. [Clonezilla][1]:### -Clonezilla 是一个基于 Ubuntu 和 Debian 的 Live CD。它可以像 Windows 里的诺顿 Ghost 一样克隆你的磁盘数据和做备份,不过它更有效率。Clonezilla 支持包括 ext2、ext3、ext4、btrfs 和 xfs 在内的很多文件系统。它还支持 BIOS、UEFI、MBR 和 GPT 分区。 +Clonezilla 是一个基于 Ubuntu 和 Debian 的 Live CD。它可以像 Windows 里的 Ghost 一样克隆你的磁盘数据和做备份,不过它更有效率。Clonezilla 支持包括 ext2、ext3、ext4、btrfs 和 xfs 在内的很多文件系统。它还支持 BIOS、UEFI、MBR 和 GPT 分区。 ![](http://1-ps.googleusercontent.com/h/www.efytimes.com/admin/useradmin/rte/my_documents/my_pictures/600x450xZ34_clonezilla-600x450.png.pagespeed.ic.8Jq7pL2dwo.png) -### 2. [Redo Backup][2]:### +### 2. [Redo Backup][2]:### -Redo Backup 是另一个用来方便地克隆磁盘的 Live CD。它是自由和开源的软件,使用 GPL 3 许可协议授权。它的主要功能和特点包括从 CD 引导的简单易用的 GUI、无需安装,可以恢复 Linux 和 Windows 等系统、无需登陆访问文件,以及已删除的文件等。 +Redo Backup 是另一个用来方便地克隆磁盘的 Live CD。它是自由和开源的软件,使用 GPL 3 许可协议授权。它的主要功能和特点包括从 CD 引导的简单易用的 GUI、无需安装,可以恢复 Linux 和 Windows 等系统,无需登陆访问文件,以及已删除的文件等。 ![](http://1-ps.googleusercontent.com/h/www.efytimes.com/admin/useradmin/rte/my_documents/my_pictures/600x450x7D5_Redo-Backup-600x450.jpeg.pagespeed.ic.3QMikN07F5.jpg) @@ -26,7 +25,7 @@ Mondo 和其他的软件不大一样,它并不将你的磁盘数据转换为 ### 4. [Partimage][4]:### -这是一个开源的备份软件,默认情况下在 Linux 系统里工作。在大多数发行版中,你都可以从发行版自带的软件包管理工具中安装。如果你没有 Linux 系统,你也可以使用“SystemRescueCd”。它是一个默认包括 Partimage 的 Live CD,可以为你完成备份工作。Partimage 在克隆硬盘方面的性能非常出色。 +这是一个开源的备份软件,默认工作在 Linux 系统下。在大多数发行版中,你都可以从发行版自带的软件包管理工具中安装。如果你没有 Linux 系统,你也可以使用“SystemRescueCd”。它是一个默认包含了 Partimage 的 Live CD,可以为你完成备份工作。Partimage 在克隆硬盘方面的性能非常出色。 ![](http://1-ps.googleusercontent.com/h/www.efytimes.com/admin/useradmin/rte/my_documents/my_pictures/620x424xBZF_partimage-620x424.png.pagespeed.ic.ygzrogRJgE.png) @@ -71,7 +70,7 @@ via: http://www.efytimes.com/e1/fullnews.asp?edid=148039 作者:Sanchari Banerjee 译者:[felixonmars](https://github.com/felixonmars) -校对:[校对者ID](https://github.com/校对者ID) +校对:[wxy](https://github.com/wxy) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 From aea12ba42b531f214ec02e3294ee91649add0ba1 Mon Sep 17 00:00:00 2001 From: zhengsihua Date: Fri, 2 Jan 2015 17:01:28 +0800 Subject: [PATCH 37/98] translating --- ...ge using iSCSI Target on RHEL or CentOS or Fedora Part -I.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/sources/tech/20141217 Create Centralized Secure Storage using iSCSI Target on RHEL or CentOS or Fedora Part -I.md b/sources/tech/20141217 Create Centralized Secure Storage using iSCSI Target on RHEL or CentOS or Fedora Part -I.md index ce32d0dc5b..57144a71a4 100644 --- a/sources/tech/20141217 Create Centralized Secure Storage using iSCSI Target on RHEL or CentOS or Fedora Part -I.md +++ b/sources/tech/20141217 Create Centralized Secure Storage using iSCSI Target on RHEL or CentOS or Fedora Part -I.md @@ -1,3 +1,5 @@ +Translating----geekpi + Create Centralized Secure Storage using iSCSI Target on RHEL/CentOS/Fedora Part -I ================================================================================ **iSCSI** is a block level Protocol for sharing **RAW Storage Devices** over TCP/IP Networks, Sharing and accessing Storage over iSCSI, can be used with existing IP and Ethernet networks such as NICs, Switched, Routers etc. iSCSI target is a remote hard disk presented from an remote iSCSI server (or) target. From fa96853c90cdcf4404a1ba9bdd91e6494e6829f8 Mon Sep 17 00:00:00 2001 From: zhengsihua Date: Fri, 2 Jan 2015 18:15:46 +0800 Subject: [PATCH 38/98] translated --- ...get on RHEL or CentOS or Fedora Part -I.md | 150 ------------------ ...get on RHEL or CentOS or Fedora Part -I.md | 149 +++++++++++++++++ 2 files changed, 149 insertions(+), 150 deletions(-) delete mode 100644 sources/tech/20141217 Create Centralized Secure Storage using iSCSI Target on RHEL or CentOS or Fedora Part -I.md create mode 100644 translated/tech/20141217 Create Centralized Secure Storage using iSCSI Target on RHEL or CentOS or Fedora Part -I.md diff --git a/sources/tech/20141217 Create Centralized Secure Storage using iSCSI Target on RHEL or CentOS or Fedora Part -I.md b/sources/tech/20141217 Create Centralized Secure Storage using iSCSI Target on RHEL or CentOS or Fedora Part -I.md deleted file mode 100644 index 57144a71a4..0000000000 --- a/sources/tech/20141217 Create Centralized Secure Storage using iSCSI Target on RHEL or CentOS or Fedora Part -I.md +++ /dev/null @@ -1,150 +0,0 @@ -Translating----geekpi - -Create Centralized Secure Storage using iSCSI Target on RHEL/CentOS/Fedora Part -I -================================================================================ -**iSCSI** is a block level Protocol for sharing **RAW Storage Devices** over TCP/IP Networks, Sharing and accessing Storage over iSCSI, can be used with existing IP and Ethernet networks such as NICs, Switched, Routers etc. iSCSI target is a remote hard disk presented from an remote iSCSI server (or) target. - -![Install iSCSI Target in Linux](http://www.tecmint.com/wp-content/uploads/2014/07/Install-iSCSI-Target-in-Linux.jpg) -Install iSCSI Target in Linux - -We don’t need a high resource for stable connectivity and performance in Client side’s. iSCSI Server called as Target, this share’s the storage from server. iSCSI Client’s called as Initiator, this will access the storage which shared from Target Server. There are iSCSI adapter’s available in market for Large Storage services such as SAN Storage’s. - -**Why we need a iSCSI adapter for Large storage Area?** - -Ethernet adapters (NIC) are designed to transfer packetized file level data among systems, servers and storage devices like NAS storage’s, they are not capable for transferring block level data over Internet. - -### Features of iSCSI Target ### - -- Possible to run several iSCSI targets on a single machine. -- A single machine making multiple iscsi target available on the iSCSI SAN -- The target is the Storage and makes it available for initiator (Client) over the network -- These Storage’s are Pooled together to make available to the network is iSCSI LUNs (Logical Unit Number). -- iSCSI supports multiple connections within the same session -- iSCSI initiator discover the targets in network then authenticating and login with LUNs, to get the remote storage locally. -- We can Install any Operating systems in those locally mounted LUNs as what we used to install in our Base systems. - -### Why the need of iSCSI? ### - -In Virtualization we need storage with high redundancy, stability, iSCSI provides those all in low cost. Creating a SAN Storage in low price while comparing to Fiber Channel SANs, We can use the standard equipment’s for building a SAN using existing hardware such as NIC, Ethernet Switched etc.. - -Let start to get install and configure the centralized Secure Storage using iSCSI Target. For this guide, I’ve used following setups. - -- We need separate 1 systems to Setup the iSCSI Target Server and Initiator (Client). -- Multiple numbers of Hard disk can be added in large storage environment, But we here using only 1 additional drive except Base installation disk. -- Here we using only 2 drives, One for Base server installation, Other one for Storage (LUNs) which we going to create in PART-II of this series. - -#### Master Server Setup #### - -- Operating System – CentOS release 6.5 (Final) -- iSCSI Target IP – 192.168.0.200 -- Ports Used : TCP 860, 3260 -- Configuration file : /etc/tgt/targets.conf - -## Installing iSCSI Target ## - -Open terminal and use yum command to search for the package name which need to get install for iscsi target. - - # yum search iscsi - -#### Sample Output #### - - ========================== N/S matched: iscsi ======================= - iscsi-initiator-utils.x86_64 : iSCSI daemon and utility programs - iscsi-initiator-utils-devel.x86_64 : Development files for iscsi-initiator-utils - lsscsi.x86_64 : List SCSI devices (or hosts) and associated information - scsi-target-utils.x86_64 : The SCSI target daemon and utility programs - -We got the search result as above, choose the **Target** package and install to play around. - - # yum install scsi-target-utils -y - -![Install iSCSI Utils](http://www.tecmint.com/wp-content/uploads/2014/07/Install-iSCSI-in-Linux.jpg) -Install iSCSI Utils - -List the installed package to know the default config, service, and man page location. - - # rpm -ql scsi-target-utils.x86_64 - -![List All iSCSI Files](http://www.tecmint.com/wp-content/uploads/2014/07/List-All-ISCSI-Files.jpg) - -List All iSCSI Files - -Let’s start the iSCSI Service, and check the status of Service up and running, iSCSI service named as **tgtd**. - - # /etc/init.d/tgtd start - # /etc/init.d/tgtd status - -![Start iSCSI Service](http://www.tecmint.com/wp-content/uploads/2014/07/Start-iSCSI-Service.jpg) - -Start iSCSI Service - -Now we need to configure it to start Automatically while system start-up. - - # chkconfig tgtd on - -Next, verify that the run level configured correctly for the tgtd service. - - # chkconfig --list tgtd - -![Enable iSCSI on Startup](http://www.tecmint.com/wp-content/uploads/2014/07/Enable-iSCSI-on-Startup.jpg) - -Enable iSCSI on Startup - -Let’s use **tgtadm** to list what targets and LUNS we currently got configured in our Server. - - # tgtadm --mode target --op show - -The **tgtd** installed up and running, but there is no **Output** from the above command because we have not yet defined the LUNs in Target Server. For manual page, Run ‘**man**‘ command. - - # man tgtadm - -![iSCSI Man Pages](http://www.tecmint.com/wp-content/uploads/2014/07/iSCSI-Man-Pages.jpg) - -iSCSI Man Pages - -Finally we need to add iptables rules for iSCSI if there is iptables deployed in your target Server. First, find the Port number of iscsi target using following netstat command, The target always listens on TCP port 3260. - - # netstat -tulnp | grep tgtd - -![Find iSCSI Port](http://www.tecmint.com/wp-content/uploads/2014/07/Find-iSCSI-Port.jpg) - -Find iSCSI Port - -Next add the following rules to allow iptables to Broadcast the iSCSI target discovery. - - # iptables -A INPUT -i eth0 -p tcp --dport 860 -m state --state NEW,ESTABLISHED -j ACCEPT - # iptables -A INPUT -i eth0 -p tcp --dport 3260 -m state --state NEW,ESTABLISHED -j ACCEPT - -![Open iSCSI Ports](http://www.tecmint.com/wp-content/uploads/2014/07/Open-iSCSI-Ports.jpg) - -Open iSCSI Ports - -![Add iSCSI Ports to Iptables](http://www.tecmint.com/wp-content/uploads/2014/07/Add-iSCSI-Ports-to-Iptables.jpg) - -Add iSCSI Ports to Iptables - -**Note**: Rule may vary according to your **Default CHAIN Policy**. Then save the Iptables and restart the iptables. - - # iptables-save - # /etc/init.d/iptables restart - -![Restart iptables](http://www.tecmint.com/wp-content/uploads/2014/07/Restart-iptables.jpg) - -Restart iptables - -Here we have deployed a target server to share LUNs to any initiator which authenticating with target over TCP/IP, This suitable for small to large scale production environments too. - -In my next upcoming articles, I will show you how to [Create LUN’s using LVM in Target Server][1] and how to share LUN’s on Client machines, till then stay tuned to TecMint for more such updates and don’t forget to give valuable comments. - --------------------------------------------------------------------------------- - -via: http://www.tecmint.com/create-centralized-secure-storage-using-iscsi-targetin-linux/ - -作者:[Babin Lonston][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 - -[a]:http://www.tecmint.com/author/babinlonston/ -[1]:http://www.tecmint.com/create-luns-using-lvm-in-iscsi-target/ \ No newline at end of file diff --git a/translated/tech/20141217 Create Centralized Secure Storage using iSCSI Target on RHEL or CentOS or Fedora Part -I.md b/translated/tech/20141217 Create Centralized Secure Storage using iSCSI Target on RHEL or CentOS or Fedora Part -I.md new file mode 100644 index 0000000000..8455aeb5cb --- /dev/null +++ b/translated/tech/20141217 Create Centralized Secure Storage using iSCSI Target on RHEL or CentOS or Fedora Part -I.md @@ -0,0 +1,149 @@ +在RHEL/CentOS/Fedora上使用iSCSI Target创建集中式安全存储 - 第一部分 +================================================================================ +**iSCSI** 是一种就块级别协议,用于通过TCP/IP网络共享**原始存储设备**,可以用已经存在的IP和以太网如网卡、交换机、路由器等通过iSCSI协议共享和访问存储。iSCSI target是一种远程iSCSI服务器或者taget上的远程硬盘。 + +![Install iSCSI Target in Linux](http://www.tecmint.com/wp-content/uploads/2014/07/Install-iSCSI-Target-in-Linux.jpg) +在Linux中安装iSCSI Target + +我们不需要在客户端为了稳定的连接和性能而占用很大的资源。iSCSI服务器称为Target,它共享存储。iSCSI客户端称为Initiator,它访问Target服务器行的存储。市场中有用于大型存储服务如SAN的iSCSI适配器。 + +**我们为什么要在大型存储领域中使用iSCSI适配器** + +以太网适配器(NIC)被设计用于在系统、服务器和存储设备如NAS间传输分组数据,它不适合在Internet中传输块级别数据。 + +### iSCSI Target的功能 ### + +- 可以在一台机器上运行几个iSCSI target +- 一台机器的多个iSCSI target可以在iSCSI中访问 +- 一个target就是一块存储,并且可以通过网络被初始化器(客户端)访问 +- 把这些存储汇聚在一起让它们在网络中可以访问的是iSCSI LUN(逻辑单元号) +- iSCSI支持在同一个会话中含有多个连接 +- iSCSI初始化器在网络中发现目标接着用LUN验证并登录,这样就可以本地访问远程存储。 +- 我们了一在本地挂载的LUN上安装任何操作系统,就像我们安装我们本地的操作系统一样。 + +### 为什么需要iSCSI? ### + +在虚拟化中,我们需要存储拥有高度的冗余性、稳定性,iSCSI以低成本的方式提供了这些特性。与使用光纤通道的SAN比起来,我们可以使用已经存在的设备比如NIC、以太网交换机等建造一个低成本的SAN。 + +现在我开始使用iSCSI Target安装并配置安全存储。本篇中,我们遵循下面的步骤 + +- 我们需要隔离一个系统来设置iSCSI Target服务器和初始化器(客户端)。 +- 可以在大型存储环境中添加多个硬盘,但是我们除了基本的安装盘之外只使用一个额外的驱动器。 +- 现在我们只使用2块硬盘,一个用于基本的服务器安装,另外一个用于存储(LUN),这个我们会在这个系列的第二篇描述。 + +#### 主服务器设置 #### + +- 操作系统 – CentOS release 6.5 (最终版) +- iSCSI Target IP – 192.168.0.200 +- 使用的端口 : TCP 860, 3260 +- 配置文件 : /etc/tgt/targets.conf + +## 安装 iSCSI Target ## + +打开终端并使用yum命令来搜索我们需要在iscsi target上安装的包名。 + + # yum search iscsi + +#### 输出示例 #### + + ========================== N/S matched: iscsi ======================= + iscsi-initiator-utils.x86_64 : iSCSI daemon and utility programs + iscsi-initiator-utils-devel.x86_64 : Development files for iscsi-initiator-utils + lsscsi.x86_64 : List SCSI devices (or hosts) and associated information + scsi-target-utils.x86_64 : The SCSI target daemon and utility programs + +We got the search result as above, choose the **Target** package and install to play around. +你会的到上面的那些结果,选择**Target**包来安装 + + # yum install scsi-target-utils -y + +![Install iSCSI Utils](http://www.tecmint.com/wp-content/uploads/2014/07/Install-iSCSI-in-Linux.jpg) +安装iSCSI工具 + +列出安装的包来了解默认的配置、服务和man页面的位置 + + # rpm -ql scsi-target-utils.x86_64 + +![List All iSCSI Files](http://www.tecmint.com/wp-content/uploads/2014/07/List-All-ISCSI-Files.jpg) + +列出所有的iSCSI文件 + +让我们启动iSCSI服务,并检查服务运行的状态,iSCSI的服务名是**tgtd**。 + + # /etc/init.d/tgtd start + # /etc/init.d/tgtd status + +![Start iSCSI Service](http://www.tecmint.com/wp-content/uploads/2014/07/Start-iSCSI-Service.jpg) + +启动iSCSI服务 + +现在我们需要配置开机自动启动。 + + # chkconfig tgtd on + +现在验证tgtd服务的运行级别是否配置正确。 + + # chkconfig --list tgtd + +![Enable iSCSI on Startup](http://www.tecmint.com/wp-content/uploads/2014/07/Enable-iSCSI-on-Startup.jpg) + +开机启动iSCSI + +现在使用**tgtadm**来列出在我们的服务器上已经配置了哪些target和LUN。 + + # tgtadm --mode target --op show + +**tgtd**已经安装并在运行了,但是上面的命令没有**输出**因为我们还没有在Target服务器上定义LUN。要查看手册,运行‘**man**‘命令。 + + # man tgtadm + +![iSCSI Man Pages](http://www.tecmint.com/wp-content/uploads/2014/07/iSCSI-Man-Pages.jpg) + +iSCSI Man 页面 + +最终我们需要为iSCSI添加iptable规则,如果你的target服务器上存在iptable的话。首先使用netstat命令找出iscsi target的端口号,target总是监听TCP端口3260。 + + # netstat -tulnp | grep tgtd + +![Find iSCSI Port](http://www.tecmint.com/wp-content/uploads/2014/07/Find-iSCSI-Port.jpg) + +找出iSCSI端口 + +下面加入如下规则让iptable允许广播iSCSI target发现包。 + + # iptables -A INPUT -i eth0 -p tcp --dport 860 -m state --state NEW,ESTABLISHED -j ACCEPT + # iptables -A INPUT -i eth0 -p tcp --dport 3260 -m state --state NEW,ESTABLISHED -j ACCEPT + +![Open iSCSI Ports](http://www.tecmint.com/wp-content/uploads/2014/07/Open-iSCSI-Ports.jpg) + +打开iSCSI端口 + +![Add iSCSI Ports to Iptables](http://www.tecmint.com/wp-content/uploads/2014/07/Add-iSCSI-Ports-to-Iptables.jpg) + +添加iSCSI端口到iptable中 + +**注意**: 规则可能根据你的 **默认链策略**而不同。接着保存iptable并重启。 + + # iptables-save + # /etc/init.d/iptables restart + +![Restart iptables](http://www.tecmint.com/wp-content/uploads/2014/07/Restart-iptables.jpg) + +重启iptable + +现在我们已经部署了一个target服务器来共享LUN给通过TCP/IP认证的初始化器。这也适用于从小到大规模的生产环境。 + +在我的下篇文章中,我会展示如何[在Target服务器中使用LVM创建LUN][1],并且如何在客户端中共享LUN,在此之前请继续关注TecMint获取更多的更新,并且不要忘记留下有价值的评论。 + +-------------------------------------------------------------------------------- + +via: http://www.tecmint.com/create-centralized-secure-storage-using-iscsi-targetin-linux/ + +作者:[Babin Lonston][a] +译者:[geekpi](https://github.com/geekpi) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:http://www.tecmint.com/author/babinlonston/ +[1]:http://www.tecmint.com/create-luns-using-lvm-in-iscsi-target/ \ No newline at end of file From e69e4f48de6fce460adb003ab4920a4e5e1ca117 Mon Sep 17 00:00:00 2001 From: wxy Date: Fri, 2 Jan 2015 22:41:11 +0800 Subject: [PATCH 39/98] PUB:20141023 What are useful Bash aliases and functions @luoyutiantang --- ...t are useful Bash aliases and functions.md | 106 +++++++++--------- 1 file changed, 54 insertions(+), 52 deletions(-) rename {translated/tech => published}/20141023 What are useful Bash aliases and functions.md (59%) diff --git a/translated/tech/20141023 What are useful Bash aliases and functions.md b/published/20141023 What are useful Bash aliases and functions.md similarity index 59% rename from translated/tech/20141023 What are useful Bash aliases and functions.md rename to published/20141023 What are useful Bash aliases and functions.md index 28e4df89bc..758dea2d7f 100644 --- a/translated/tech/20141023 What are useful Bash aliases and functions.md +++ b/published/20141023 What are useful Bash aliases and functions.md @@ -1,72 +1,79 @@ - 什么是有用的bash别名和函数 +一大波有用的 bash 别名和函数 ================================================================================ -作为一个命令行探索者,你或许发现你自己一遍又一遍. 如果你总是用ssh进入到同一台电脑, 同时你总是管道关联相同的命令,或者如果你时常用一些参数运行一个程序,你应该想要拯救你人生中的这个珍贵的助手。你一遍又一遍花费着重复相同的动作. -解决方案是使用一个别名.正如你可能知道的,别名用一种方式告诉你的shell记住详细的命令并且给它一个新的名字:别名,的方式。不管怎么样,别名是即时有效的,同样地它只是shell命令的快捷方式,没有能力传递或者控制参数.所以补充时,bash也允许你创建你自己的函数,那样可能更漫长和复杂,并且也允许任意数量的参数. -当然,当你有一个好的食谱-像汤,你要分享它.因此这里有一个列表,用一些最有用bash别名和函数的.注意"最有用的"是随意的定义,当然别名的有益依赖在于你每天shell的使用性 -在你用别名开始试验之前, 这里有一个便于使用的小技巧:如果你给予别名相同的名字作为常规命令,你可以选择开始原始的命令并且用技巧忽略别名 + +作为一个命令行探索者,你或许发现你自己一遍又一遍重复同样的命令。如果你总是用ssh进入到同一台电脑,如果你总是将一连串命令连接起来,如果你总是用同样的参数运行一个程序,你也许希望在这种不断的重复中为你的生命节约下几秒钟。 + +解决方案是使用一个别名(alias)。正如你可能知道的,别名用一种让你的shell记住一个特定的命令并且给它一个新的名字的方式。不管怎么样,别名有一些限制,它只是shell命令的快捷方式,不能传递或者控制其中的参数。所以作为补充,bash 也允许你创建你自己的函数,这可能更长一些和复杂一点,它允许任意数量的参数。 + +当然,当你有美食时,比如某种汤,你要分享它给大家。我这里有一个列表,列出了一些最有用bash别名和函数的。注意“最有用的”只是个说法,别名的是否有用要看你是否每天都需要在 shell 里面用它。 + +在你开始你的别名体验之旅前,这里有一个便于使用的小技巧:如果你的别名和原本的命令名字相同,你可以用如下技巧来访问原本的命令(LCTT 译注:你也可以直接原本命令的完整路径来访问它。) + \command -例如,第一个别名在下面替换ls命令。如果你想使用常规的ls命令而不是别名,通过调用它: + +例如,如果有一个替换了ls命令的别名 ls。如果你想使用原本的ls命令而不是别名,通过调用它: + \ls -### Productivity ### +### 提升生产力 ### -这些别名真的很简单并且真的很短,但他们大多数主要是以主题为依据,那样无论何时倘若你第二次保存一小部分,它允许在多年以后再结束.也许不会. +这些别名真的很简单并且真的很短,但他们大多数是为了给你的生命节省几秒钟,最终也许为你这一辈子节省出来几年,也许呢。 alias ls="ls --color=auto" -简单但非常重要.使ls命令带着彩色输出 +简单但非常重要。使ls命令带着彩色输出。 - alias ll = "ls --color -al" + alias ll="ls --color -al" -从一个目录采用列表格式快速显示全部文件. +以彩色的列表方式列出目录里面的全部文件。 alias grep='grep --color=auto' -相同地,把一些颜色在grep里输出 +类似,只是在grep里输出带上颜色。 mcd() { mkdir -p "$1"; cd "$1";} -我的最爱之一. 制造一个目录采用一个命令mcd[名字]和cd命令进入到目录里面 +我的最爱之一。创建一个目录并进入该目录里: mcd [目录名]。 cls() { cd "$1"; ls;} -类似于前面的功能,cd命令进入一个目录别且列出它的的内容:cls[名字] +类似上一个函数,进入一个目录并列出它的的内容:cls[目录名]。 backup() { cp "$1"{,.bak};} -简单的方法,使文件有一个备份: backup [文件]将会在相同的目录创建[文件].bak. +简单的给文件创建一个备份: backup [文件] 将会在同一个目录下创建 [文件].bak。 md5check() { md5sum "$1" | grep "$2";} -因为我讨厌通过手工比较文件的md5算法,这个函数计算它并且计算它使用grep:md5check[文件][钥匙] +因为我讨厌通过手工比较文件的md5校验值,这个函数会计算它并进行比较:md5check[文件][校验值]。 ![](https://farm6.staticflickr.com/5616/15412389280_8be57841ae_o.jpg) alias makescript="fc -rnl | head -1 >" -很容易地制造上个命令的脚本输出,你运行makescript[脚本名字.sh] +很容易用你上一个运行的命令创建一个脚本:makescript [脚本名字.sh] alias genpasswd="strings /dev/urandom | grep -o '[[:alnum:]]' | head -n 30 | tr -d '\n'; echo" -只是瞬间产生一个强壮的密码 +只是瞬间产生一个强壮的密码。 ![](https://farm4.staticflickr.com/3955/15574321206_dd365f0f0e.jpg) alias c="clear" -不能较为简单的清除你终端的屏幕 +清除你终端屏幕不能更简单了吧? alias histg="history | grep" -通过你的命令历史:histg[关键字]快速地搜索 +快速搜索你的命令输入历史:histg [关键字] alias ..='cd ..' -不需要写cd命令到上层目录 +回到上层目录还需要输入 cd 吗? alias ...='cd ../..' -类似地,去到上两个目录 +自然,去到上两层目录。 extract() { if [ -f $1 ] ; then @@ -89,98 +96,93 @@ fi } -很长,但是也是最有用的。解压任何的文档类型:extract:[文档文件] - +很长,但是也是最有用的。解压任何的文档类型:extract: [压缩文件] ### 系统信息 ### -想尽快地知道一切关于你的系统? +想尽快地知道关于你的系统一切信息? alias cmount="mount | column -t" -mount到列队中的格式输出 +按列格式化输出mount信息。 ![](https://farm6.staticflickr.com/5603/15598830622_587b77a363_z.jpg) alias tree="ls -R | grep ":$" | sed -e 's/:$//' -e 's/[^-][^\/]*\//--/g' -e 's/^/ /' -e 's/-/|/'" -递归树格式显示目录结构. +以树形结构递归地显示目录结构。 sbs() { du -b --max-depth 1 | sort -nr | perl -pe 's{([0-9]+)}{sprintf "%.1f%s", $1>=2**30? ($1/2**30, "G"): $1>=2**20? ($1/2**20, "M"): $1>=2**10? ($1/2**10, "K"): ($1, "")}e';} -在当前目录里“按大小排序”显示列表的文件,排序按它们在磁盘上的大小 +安装文件在磁盘存储的大小排序,显示当前目录的文件列表。 alias intercept="sudo strace -ff -e trace=write -e write=1,2 -p" -intercept[一些PID]阻止进程的标准输入输出文件和标准错误文件。注意你需要看着安装完成 +接管某个进程的标准输出和标准错误。注意你需要安装了 strace。 alias meminfo='free -m -l -t' -查看你还有剩下多少内存 +查看你还有剩下多少内存。 ![](https://farm4.staticflickr.com/3955/15411891448_0b9d6450bd_z.jpg) alias ps? = "ps aux | grep" -ps?[名字]很容易地发现,这个任何进程的 +可以很容易地找到某个进程的PID:ps? [名字]。 alias volume="amixer get Master | sed '1,4 d' | cut -d [ -f 2 | cut -d ] -f 1" -显示现在声音的音量. +显示当前音量设置。 ![](https://farm4.staticflickr.com/3939/15597995445_99ea7ffcd5_o.jpg) ### 网络 ### -对于所有涉及互联网和你本地网络的命令,也有奇特的别名给它们 - +对于所有用在互联网和本地网络的命令,也有一些神奇的别名给它们。 alias websiteget="wget --random-wait -r -p -e robots=off -U mozilla" -websiteget[指定的位置]下载完整的网站地址 +下载整个网站:websiteget [URL]。 alias listen="lsof -P -i -n" -显示出哪个应用程序连接到网络 +显示出哪个应用程序连接到网络。 ![](https://farm4.staticflickr.com/3943/15598830552_c7e5eaaa0d_z.jpg) alias port='netstat -tulanp' -显示出活动的端口 +显示出活动的端口。 gmail() { curl -u "$1" --silent "https://mail.google.com/mail/feed/atom" | sed -e 's/<\/fullcount.*/\n/' | sed -e 's/.*fullcount>//'} -gmail:[用户名]大概的显示你的谷歌邮件里未读邮件的数量 - +大概的显示你的谷歌邮件里未读邮件的数量:gmail [用户名] alias ipinfo="curl ifconfig.me && curl ifconfig.me/host" -获得你的公共IP地址和主机 +获得你的公网IP地址和主机名。 getlocation() { lynx -dump http://www.ip-adress.com/ip_tracer/?QRY=$1|grep address|egrep 'city|state|country'|awk '{print $3,$4,$5,$6,$7,$8}'|sed 's\ip address flag \\'|sed 's\My\\';} -以你的IP地址为基础返回你现在的位置 +返回你的当前IP地址的地理位置。 -### 没用的 ### - -所以呢,如果一些别名是不是全部具有使用价值?它们可能仍然有趣 +### 也许无用 ### +所以呢,如果一些别名并不是全都具有使用价值?它们可能仍然有趣。 kernelgraph() { lsmod | perl -e 'print "digraph \"lsmod\" {";<>;while(<>){@_=split/\s+/; print "\"$_[0]\" -> \"$_\"\n" for split/,/,$_[3]}print "}"' | dot -Tpng | display -;} -要绘制内核模块依赖曲线图。需要镜像阅读器 +绘制内核模块依赖曲线图。需要可以查看图片。 - alias busy="cat /dev/urandom | hexdump -C | grep "ca fe"" + alias busy="cat /dev/urandom | hexdump -C | grep 'ca fe'" -在非技术人员的眼里你看起来都在忙和构思 +在那些非技术人员的眼里你看起来是总是那么忙和神秘。 ![](https://farm6.staticflickr.com/5599/15574321326_ab3fbc1ef9_z.jpg) -最后,这些别名和函数的很大一部分来自于我个人的.bashrc.这些令人敬畏的网站 [alias.sh][1]和[commandlinefu.com][2]我早已经展示在我的[best online tools for Linux][3].当然去检测它们的输出,让你拥有特有的秘诀。如果你真的同意,在注释里分享你的智慧, +最后,这些别名和函数的很大一部分来自于我个人的.bashrc。而那些令人点赞的网站 [alias.sh][1]和[commandlinefu.com][2]我早已在我的帖子[best online tools for Linux][3] 里面介绍过。你可以去看看,如果你愿意,也可以分享下你的。也欢迎你在这里评论,分享一下你的智慧。 - -做为奖励,这里有我提到的全部别名和函数的纯文本版本,随时可以复制粘贴到你的.bashrc. +做为奖励,这里有我提到的全部别名和函数的纯文本版本,随时可以复制粘贴到你的.bashrc。(如果你已经一行一行的复制到这里了,哈哈,你发现你又浪费了生命的几秒钟~) #Productivity alias ls="ls --color=auto" @@ -243,8 +245,8 @@ gmail:[用户名]大概的显示你的谷歌邮件里未读邮件的数量 via: http://xmodulo.com/useful-bash-aliases-functions.html 作者:[Adrien Brochard][a] -译者:[译者luoyutiantang](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) +译者:[luoyutiantang](https://github.com/luoyutiantang) +校对:[wxy](https://github.com/wxy) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 From 656458d0777f210f84f978eda233a5b14e284f2f Mon Sep 17 00:00:00 2001 From: wxy Date: Fri, 2 Jan 2015 22:53:45 +0800 Subject: [PATCH 40/98] =?UTF-8?q?=E8=A1=A5=E5=85=85=E5=88=A0=E9=99=A4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ...t are useful Bash aliases and functions.md | 254 ------------------ 1 file changed, 254 deletions(-) delete mode 100644 translated/tech/[Translated]20141023 What are useful Bash aliases and functions.md diff --git a/translated/tech/[Translated]20141023 What are useful Bash aliases and functions.md b/translated/tech/[Translated]20141023 What are useful Bash aliases and functions.md deleted file mode 100644 index 019db92296..0000000000 --- a/translated/tech/[Translated]20141023 What are useful Bash aliases and functions.md +++ /dev/null @@ -1,254 +0,0 @@ - 什么是有用的bash别名和函数 -================================================================================ -作为一个命令行探索者,你或许发现你自己一遍又一遍. 如果你总是用ssh进入到同一台电脑, 同时你总是管道关联相同的命令,或者如果你时常用一些参数运行一个程序,你应该想要拯救你人生中的这个珍贵的助手。你一遍又一遍花费着重复相同的动作. -解决方案是使用一个别名.正如你可能知道的,别名用一种方式告诉你的shell记住详细的命令并且给它一个新的名字:别名,的方式。不管怎么样,别名是即时有效的,同样地它只是shell命令的快捷方式,没有能力传递或者控制参数.所以补充时,bash也允许你创建你自己的函数,那样可能更漫长和复杂,并且也允许任意数量的参数. -当然,当你有一个好的食谱-像汤,你要分享它.因此这里有一个列表,用一些最有用bash别名和函数的.注意"最有用的"是随意的定义,当然别名的有益依赖在于你每天shell的使用性 -在你用别名开始试验之前, 这里有一个便于使用的小技巧:如果你给予别名相同的名字作为常规命令,你可以选择开始原始的命令并且用技巧忽略别名 - \command -例如,第一个别名在下面替换ls命令。如果你想使用常规的ls命令而不是别名,通过调用它: - \ls - -### Productivity ### - -这些别名真的很简单并且真的很短,但他们大多数主要是以主题为依据,那样无论何时倘若你第二次保存一小部分,它允许在多年以后再结束.也许不会. - - alias ls="ls --color=auto" - -简单但非常重要.使ls命令带着彩色输出 - - alias ll = "ls --color -al" - -从一个目录采用列表格式快速显示全部文件. - - alias grep='grep --color=auto' - -相同地,把一些颜色在grep里输出 - - mcd() { mkdir -p "$1"; cd "$1";} - -我的最爱之一. 制造一个目录采用一个命令mcd[名字]和cd命令进入到目录里面 - - cls() { cd "$1"; ls;} - -类似于前面的功能,cd命令进入一个目录别且列出它的的内容:cls[名字] - - backup() { cp "$1"{,.bak};} - -简单的方法,使文件有一个备份: backup [文件]将会在相同的目录创建[文件].bak. - - md5check() { md5sum "$1" | grep "$2";} - -因为我讨厌通过手工比较文件的md5算法,这个函数计算它并且计算它使用grep:md5check[文件][钥匙] - -![](https://farm6.staticflickr.com/5616/15412389280_8be57841ae_o.jpg) - - alias makescript="fc -rnl | head -1 >" - -很容易地制造上个命令的脚本输出,你运行makescript[脚本名字.sh] - - alias genpasswd="strings /dev/urandom | grep -o '[[:alnum:]]' | head -n 30 | tr -d '\n'; echo" - -只是瞬间产生一个强壮的密码 - -![](https://farm4.staticflickr.com/3955/15574321206_dd365f0f0e.jpg) - - alias c="clear" - -不能较为简单的清除你终端的屏幕 - - alias histg="history | grep" - -通过你的命令历史:histg[关键字]快速地搜索 - - alias ..='cd ..' - -不需要写cd命令到上层目录 - - alias ...='cd ../..' - -类似地,去到上两个目录 - - extract() { - if [ -f $1 ] ; then - case $1 in - *.tar.bz2) tar xjf $1 ;; - *.tar.gz) tar xzf $1 ;; - *.bz2) bunzip2 $1 ;; - *.rar) unrar e $1 ;; - *.gz) gunzip $1 ;; - *.tar) tar xf $1 ;; - *.tbz2) tar xjf $1 ;; - *.tgz) tar xzf $1 ;; - *.zip) unzip $1 ;; - *.Z) uncompress $1 ;; - *.7z) 7z x $1 ;; - *) echo "'$1' cannot be extracted via extract()" ;; - esac - else - echo "'$1' is not a valid file" - fi - } - -很长,但是也是最有用的。解压任何的文档类型:extract:[文档文件] - - -### 系统信息 ### - -想尽快地知道一切关于你的系统? - - alias cmount="mount | column -t" - -mount到列队中的格式输出 - -![](https://farm6.staticflickr.com/5603/15598830622_587b77a363_z.jpg) - - alias tree="ls -R | grep ":$" | sed -e 's/:$//' -e 's/[^-][^\/]*\//--/g' -e 's/^/ /' -e 's/-/|/'" - -递归树格式显示目录结构. - - sbs() { du -b --max-depth 1 | sort -nr | perl -pe 's{([0-9]+)}{sprintf "%.1f%s", $1>=2**30? ($1/2**30, "G"): $1>=2**20? ($1/2**20, "M"): $1>=2**10? ($1/2**10, "K"): ($1, "")}e';} - -在当前目录里“按大小排序”显示列表的文件,排序按它们在磁盘上的大小 - - alias intercept="sudo strace -ff -e trace=write -e write=1,2 -p" - -intercept[一些PID]阻止进程的标准输入输出文件和标准错误文件。注意你需要看着安装完成 - - alias meminfo='free -m -l -t' - -查看你还有剩下多少内存 - -![](https://farm4.staticflickr.com/3955/15411891448_0b9d6450bd_z.jpg) - - alias ps? = "ps aux | grep" - -ps?[名字]很容易地发现,这个任何进程的 - - alias volume="amixer get Master | sed '1,4 d' | cut -d [ -f 2 | cut -d ] -f 1" - -显示现在声音的音量. - -![](https://farm4.staticflickr.com/3939/15597995445_99ea7ffcd5_o.jpg) - -### 网络 ### - -对于所有涉及互联网和你本地网络的命令,也有奇特的别名给它们 - - - alias websiteget="wget --random-wait -r -p -e robots=off -U mozilla" - -websiteget[指定的位置]下载完整的网站地址 - - alias listen="lsof -P -i -n" - -显示出哪个应用程序连接到网络 - -![](https://farm4.staticflickr.com/3943/15598830552_c7e5eaaa0d_z.jpg) - - alias port='netstat -tulanp' - -显示出活动的端口 - - gmail() { curl -u "$1" --silent "https://mail.google.com/mail/feed/atom" | sed -e 's/<\/fullcount.*/\n/' | sed -e 's/.*fullcount>//'} - -gmail:[用户名]大概的显示你的谷歌邮件里未读邮件的数量 - - - alias ipinfo="curl ifconfig.me && curl ifconfig.me/host" - -获得你的公共IP地址和主机 - - getlocation() { lynx -dump http://www.ip-adress.com/ip_tracer/?QRY=$1|grep address|egrep 'city|state|country'|awk '{print $3,$4,$5,$6,$7,$8}'|sed 's\ip address flag \\'|sed 's\My\\';} - -以你的IP地址为基础返回你现在的位置 - -### 没用的 ### - -所以呢,如果一些别名是不是全部具有使用价值?它们可能仍然有趣 - - - kernelgraph() { lsmod | perl -e 'print "digraph \"lsmod\" {";<>;while(<>){@_=split/\s+/; print "\"$_[0]\" -> \"$_\"\n" for split/,/,$_[3]}print "}"' | dot -Tpng | display -;} - -要绘制内核模块依赖曲线图。需要镜像阅读器 - - alias busy="cat /dev/urandom | hexdump -C | grep "ca fe"" - -在非技术人员的眼里你看起来都在忙和构思 - -![](https://farm6.staticflickr.com/5599/15574321326_ab3fbc1ef9_z.jpg) - -最后,这些别名和函数的很大一部分来自于我个人的.bashrc.这些令人敬畏的网站 [alias.sh][1]和[commandlinefu.com][2]我早已经展示在我的[best online tools for Linux][3].当然去检测它们的输出,让你拥有特有的秘诀。如果你真的同意,在注释里分享你的智慧, - - -做为奖励,这里有我提到的全部别名和函数的纯文本版本,随时可以复制粘贴到你的.bashrc. - - #Productivity - alias ls="ls --color=auto" - alias ll="ls --color -al" - alias grep='grep --color=auto' - mcd() { mkdir -p "$1"; cd "$1";} - cls() { cd "$1"; ls;} - backup() { cp "$1"{,.bak};} - md5check() { md5sum "$1" | grep "$2";} - alias makescript="fc -rnl | head -1 >" - alias genpasswd="strings /dev/urandom | grep -o '[[:alnum:]]' | head -n 30 | tr -d '\n'; echo" - alias c="clear" - alias histg="history | grep" - alias ..='cd ..' - alias ...='cd ../..' - extract() { - if [ -f $1 ] ; then - case $1 in - *.tar.bz2) tar xjf $1 ;; - *.tar.gz) tar xzf $1 ;; - *.bz2) bunzip2 $1 ;; - *.rar) unrar e $1 ;; - *.gz) gunzip $1 ;; - *.tar) tar xf $1 ;; - *.tbz2) tar xjf $1 ;; - *.tgz) tar xzf $1 ;; - *.zip) unzip $1 ;; - *.Z) uncompress $1 ;; - *.7z) 7z x $1 ;; - *) echo "'$1' cannot be extracted via extract()" ;; - esac - else - echo "'$1' is not a valid file" - fi - } - - #System info - alias cmount="mount | column -t" - alias tree="ls -R | grep ":$" | sed -e 's/:$//' -e 's/[^-][^\/]*\//--/g' -e 's/^/ /' -e 's/-/|/'" - sbs(){ du -b --max-depth 1 | sort -nr | perl -pe 's{([0-9]+)}{sprintf "%.1f%s", $1>=2**30? ($1/2**30, "G"): $1>=2**20? ($1/2**20, "M"): $1>=2**10? ($1/2**10, "K"): ($1, "")}e';} - alias intercept="sudo strace -ff -e trace=write -e write=1,2 -p" - alias meminfo='free -m -l -t' - alias ps?="ps aux | grep" - alias volume="amixer get Master | sed '1,4 d' | cut -d [ -f 2 | cut -d ] -f 1" - - #Network - alias websiteget="wget --random-wait -r -p -e robots=off -U mozilla" - alias listen="lsof -P -i -n" - alias port='netstat -tulanp' - gmail() { curl -u "$1" --silent "https://mail.google.com/mail/feed/atom" | sed -e 's/<\/fullcount.*/\n/' | sed -e 's/.*fullcount>//'} - alias ipinfo="curl ifconfig.me && curl ifconfig.me/host" - getlocation() { lynx -dump http://www.ip-adress.com/ip_tracer/?QRY=$1|grep address|egrep 'city|state|country'|awk '{print $3,$4,$5,$6,$7,$8}'|sed 's\ip address flag \\'|sed 's\My\\';} - - #Funny - kernelgraph() { lsmod | perl -e 'print "digraph \"lsmod\" {";<>;while(<>){@_=split/\s+/; print "\"$_[0]\" -> \"$_\"\n" for split/,/,$_[3]}print "}"' | dot -Tpng | display -;} - alias busy="cat /dev/urandom | hexdump -C | grep \"ca fe\"" - --------------------------------------------------------------------------------- - -via: http://xmodulo.com/useful-bash-aliases-functions.html - -作者:[Adrien Brochard][a] -译者:[译者luoyutiantang](https://github.com/译者luoyutiantang) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 - -[a]:http://xmodulo.com/author/adrien -[1]:http://alias.sh/ -[2]:http://www.commandlinefu.com/commands/browse -[3]:http://xmodulo.com/useful-online-tools-linux.html From 2195e0e84e2bb2a43da1a146ee6d990ff609a7f0 Mon Sep 17 00:00:00 2001 From: wxy Date: Fri, 2 Jan 2015 23:02:10 +0800 Subject: [PATCH 41/98] PUB:20141115 How to perform system backup with backup-manager on Linux @GOLinux --- ...orm system backup with backup-manager on Linux.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) rename {translated/tech => published}/20141115 How to perform system backup with backup-manager on Linux.md (88%) diff --git a/translated/tech/20141115 How to perform system backup with backup-manager on Linux.md b/published/20141115 How to perform system backup with backup-manager on Linux.md similarity index 88% rename from translated/tech/20141115 How to perform system backup with backup-manager on Linux.md rename to published/20141115 How to perform system backup with backup-manager on Linux.md index d3ba18be5e..edb3c9d3a6 100644 --- a/translated/tech/20141115 How to perform system backup with backup-manager on Linux.md +++ b/published/20141115 How to perform system backup with backup-manager on Linux.md @@ -1,8 +1,8 @@ -Linux上使用备份管理器进行系统备份 +Linux 上使用 backup-manager 进行系统备份 ================================================================================ 无论简单与否,我们都有机会去了解这么一件事,那就是备份的重要性从来都不可以被低估。考虑到备份的方法真的多如牛毛,你可能想要知道怎样来有效地为你的系统选择正确的工具和和合适的策略。 -在本文中,我将为你介绍[备份管理器][1],一个简单易用的命令行备份工具,在大多数的Linux发行版的标准软件库中都能见到它的身影。 +在本文中,我将为你介绍[backup-manager][1],一个简单易用的命令行备份工具,在大多数的Linux发行版的标准软件库中都能见到它的身影。 是什么让备份管理器在众多的备份工具或备份策略中脱颖而出呢?让我来简单介绍一些它的与众不同的特性吧: @@ -28,7 +28,7 @@ Linux上使用备份管理器进行系统备份 在下一步中,会询问你要备份的所有目录(用空格分隔)。建议,但不是严格要求,列出同一父目录中的几个子目录,而不要仅仅输入父目录。 -你可以跳过该步骤并在以后对配置文件中BM_TARBALL_DIRECTORIESb变量进行设置。否则的话,就请尽可能多地添加你想要的目录,然后选择OK: +你可以跳过该步骤并在以后对配置文件中BM\_TARBALL\_DIRECTORIESb变量进行设置。否则的话,就请尽可能多地添加你想要的目录,然后选择OK: ![](https://farm6.staticflickr.com/5610/15761238616_c9651fea1c_z.jpg) @@ -115,11 +115,11 @@ Linux上使用备份管理器进行系统备份 # backup-manager -BM_TARBALL_DIRECTORIES列出的目录将作为tarball备份到BM_REPOSITORY_ROOT目录,然后通过SSH传输到BM_UPLOAD_SSH_DESTINATION指定的主机dev1和dev3。 +BM\_TARBALL\_DIRECTORIES列出的目录将作为tarball备份到BM\_REPOSITORY\_ROOT目录,然后通过SSH传输到BM\_UPLOAD\_SSH_DESTINATION指定的主机dev1和dev3。 ![](https://farm8.staticflickr.com/7497/15761238646_945620d8b7_z.jpg) -正如你在上面图片中看到的那样,备份管理器在运行的时候创建了一个名为/root/.back-manager_my.cnf的文件,MySQL密码通过BM_MYSQL_ ADMINPASS指定。那样,mysqldump可以验证到MySQL服务器,而不必在命令行以明文格式接受密码,那样会有安全风险。 +正如你在上面图片中看到的那样,备份管理器在运行的时候创建了一个名为/root/.back-manager\_my.cnf的文件,MySQL密码通过BM\_MYSQL\_ADMINPASS指定。那样,mysqldump可以验证到MySQL服务器,而不必在命令行以明文格式接受密码,那样会有安全风险。 ### 通过cron运行备份管理器 ### @@ -145,7 +145,7 @@ via: http://xmodulo.com/linux-backup-manager.html 作者:[Gabriel Cánepa][a] 译者:[GOLinux](https://github.com/GOLinux) -校对:[校对者ID](https://github.com/校对者ID) +校对:[wxy](https://github.com/wxy) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 From daf91ce773096eb7b2b5a324dfa4ca49b95fc75a Mon Sep 17 00:00:00 2001 From: liaoishere Date: Fri, 2 Jan 2015 23:13:56 +0800 Subject: [PATCH 42/98] liaoishere is translating 20141125 How to install Cacti (Monitoring tool) on ubuntu 14.10 server --- ... install Cacti (Monitoring tool) on ubuntu 14.10 server.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/sources/tech/20141125 How to install Cacti (Monitoring tool) on ubuntu 14.10 server.md b/sources/tech/20141125 How to install Cacti (Monitoring tool) on ubuntu 14.10 server.md index 9422f7e79e..5bef93b1c1 100644 --- a/sources/tech/20141125 How to install Cacti (Monitoring tool) on ubuntu 14.10 server.md +++ b/sources/tech/20141125 How to install Cacti (Monitoring tool) on ubuntu 14.10 server.md @@ -1,3 +1,5 @@ +liaoishere is translating. + How to install Cacti (Monitoring tool) on ubuntu 14.10 server ================================================================================ Cacti is a complete network graphing solution designed to harness the power of RRDTool's data storage and graphing functionality. Cacti provides a fast poller, advanced graph templating, multiple data acquisition methods, and user management features out of the box. All of this is wrapped in an intuitive, easy to use interface that makes sense for LAN-sized installations up to complex networks with hundreds of devices. @@ -126,4 +128,4 @@ via: http://www.ubuntugeek.com/how-to-install-cacti-monitoring-tool-on-ubuntu-14 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 [a]:http://www.ubuntugeek.com/author/ubuntufix -[1]:http://www.ubuntugeek.com/www.ubuntugeek.com/step-by-step-ubuntu-14-10-utopic-unicorn-lamp-server-setup.html \ No newline at end of file +[1]:http://www.ubuntugeek.com/www.ubuntugeek.com/step-by-step-ubuntu-14-10-utopic-unicorn-lamp-server-setup.html From f98c9a1c08b0e04949badb72387522ab24be4e75 Mon Sep 17 00:00:00 2001 From: liaoishere Date: Sat, 3 Jan 2015 00:19:03 +0800 Subject: [PATCH 43/98] [translated] 20141125 How to install Cacti (Monitoring tool) on ubuntu 14.10 server --- ...Monitoring tool) on ubuntu 14.10 server.md | 131 ------------------ ...Monitoring tool) on ubuntu 14.10 server.md | 131 ++++++++++++++++++ 2 files changed, 131 insertions(+), 131 deletions(-) delete mode 100644 sources/tech/20141125 How to install Cacti (Monitoring tool) on ubuntu 14.10 server.md create mode 100644 translated/tech/20141125 How to install Cacti (Monitoring tool) on ubuntu 14.10 server.md diff --git a/sources/tech/20141125 How to install Cacti (Monitoring tool) on ubuntu 14.10 server.md b/sources/tech/20141125 How to install Cacti (Monitoring tool) on ubuntu 14.10 server.md deleted file mode 100644 index 5bef93b1c1..0000000000 --- a/sources/tech/20141125 How to install Cacti (Monitoring tool) on ubuntu 14.10 server.md +++ /dev/null @@ -1,131 +0,0 @@ -liaoishere is translating. - -How to install Cacti (Monitoring tool) on ubuntu 14.10 server -================================================================================ -Cacti is a complete network graphing solution designed to harness the power of RRDTool's data storage and graphing functionality. Cacti provides a fast poller, advanced graph templating, multiple data acquisition methods, and user management features out of the box. All of this is wrapped in an intuitive, easy to use interface that makes sense for LAN-sized installations up to complex networks with hundreds of devices. - -### Features ### - -#### Graphs #### - -Unlimited number of graph items can be defined for each graph optionally utilizing CDEFs or data sources from within cacti. - -Automatic grouping of GPRINT graph items to AREA, STACK, and LINE[1-3] to allow for quick re-sequencing of graph items. - -Auto-Padding support to make sure graph legend text lines up. - -Graph data can be manipulated using the CDEF math functions built into RRDTool. These CDEF functions can be defined in cacti and can be used globally on each graph. - -Support for all of RRDTool's graph item types including AREA, STACK, LINE[1-3], GPRINT, COMMENT, VRULE, and HRULE. - -#### Data Sources #### - -Data sources can be created that utilize RRDTool's "create" and "update" functions. Each data source can be used to gather local or remote data and placed on a graph. - -Supports RRD files with more than one data source and can use an RRD file stored anywhere on the local file system. -Round robin archive (RRA) settings can be customized giving the user the ability to gather data on non-standard timespans while store varying amounts of data. - -#### Data Gathering #### - -Contains a "data input" mechanism which allows users to define custom scripts that can be used to gather data. Each script can contain arguments that must be entered for each data source created using the script (such as an IP address). - -Built in SNMP support that can use php-snmp, ucd-snmp, or net-snmp. - -Ability to retrieve data using SNMP or a script with an index. An example of this would be populating a list with IP interfaces or mounted partitions on a server. Integration with graph templates can be defined to enable one click graph creation for hosts. - -A PHP-based poller is provided to execute scripts, retrieve SNMP data, and update your RRD files. - -#### Templates #### - -Graph templates enable common graphs to be grouped together by templating. Every field for a normal graph can be templated or specified on a per-graph basis. - -Data source templates enable common data source types to be grouped together by templating. Every field for a normal data source can be templated or specified on a per-data source basis. - -Host templates are a group of graph and data source templates that allow you to define common host types. Upon the creation of a host, it will automatically take on the properties of its template. - -#### Graph Display #### - -The tree view allows users to create "graph hierarchies" and place graphs on the tree. This is an easy way to manage/organize a large number of graphs. - -The list view lists the title of each graph in one large list which links the user to the actual graph. -The preview view displays all of the graphs in one large list format. This is similar to the default view for the 14all cgi script for RRDTool/MRTG. - -#### User Management #### - -User based management allows administrators to create users and assign different levels of permissions to the cacti interface. - -Permissions can be specified per-graph for each user, making cacti suitable for co location situations. -Each user can keep their own graph settings for varying viewing preferences. - -#### Preparing your system #### - -Before installing cacti you need to make sure you have installed [Ubuntu 14.10 LAMP server][1]. - -#### Install Cacti on ubuntu 14.10 server #### - -Open the terminal and run the following command - - sudo apt-get install cacti-spine - -The above command starts the cacti installation and you should see the first as php path change select ok and press enter - -![](http://www.ubuntugeek.com/wp-content/uploads/2014/01/18.png) - -Now select the webserver you want to use (in my case it is apache2) - -![](http://www.ubuntugeek.com/wp-content/uploads/2014/01/27.png) - -Cacti database configurations select yes - -![](http://www.ubuntugeek.com/wp-content/uploads/2014/01/35.png) - -Enter database admin user password - -![](http://www.ubuntugeek.com/wp-content/uploads/2014/01/42.png) - -Mysql application password for cacti - -![](http://www.ubuntugeek.com/wp-content/uploads/2014/01/5.png) - -confirm the password - -![](http://www.ubuntugeek.com/wp-content/uploads/2014/01/6.png) - -Now that Cacti is installed, we can start the configuration process on it. - -#### Configuring cacti #### - -Point your web browser towards http://YOURSERVERIP/cacti/install/ to start the initial setup and click next - -![](http://www.ubuntugeek.com/wp-content/uploads/2014/01/7.png) - -Select new install option and click next - -![](http://www.ubuntugeek.com/wp-content/uploads/2014/01/8.png) - -In the following screen you need to make sure you have all the required paths are correct and click on finish - -![](http://www.ubuntugeek.com/wp-content/uploads/2014/01/9.png) - -Now login to Cacti with the default admin/admin, and change the password to something more sensible - -![](http://www.ubuntugeek.com/wp-content/uploads/2014/01/10.png) - -![](http://www.ubuntugeek.com/wp-content/uploads/2014/01/111.png) - -After login in to Cacti you should see similar to the following screen - -![](http://www.ubuntugeek.com/wp-content/uploads/2014/11/14.png) - --------------------------------------------------------------------------------- - -via: http://www.ubuntugeek.com/how-to-install-cacti-monitoring-tool-on-ubuntu-14-10-server.html - -作者:[ruchi][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 - -[a]:http://www.ubuntugeek.com/author/ubuntufix -[1]:http://www.ubuntugeek.com/www.ubuntugeek.com/step-by-step-ubuntu-14-10-utopic-unicorn-lamp-server-setup.html diff --git a/translated/tech/20141125 How to install Cacti (Monitoring tool) on ubuntu 14.10 server.md b/translated/tech/20141125 How to install Cacti (Monitoring tool) on ubuntu 14.10 server.md new file mode 100644 index 0000000000..d307a63779 --- /dev/null +++ b/translated/tech/20141125 How to install Cacti (Monitoring tool) on ubuntu 14.10 server.md @@ -0,0 +1,131 @@ +How to install Cacti (Monitoring tool) on ubuntu 14.10 server +怎样在 Ubuntu 14.10 Server 上安装 Cacti(监控工具) +================================================================================ +Cacti 是一个网络绘图解决方案,它被设计用来管理 RRDTool (一个 Linux 数据存储和绘图工具)的数据存储和绘图的强大功能。Cacti 提供一个快速的轮询器,高级的绘图模版,多种数据获取方法和用户管理功能,并且可以开箱即用。所有的这些都被打包进一个直观,易用的界面,可用于监控简单的 LAN 网络,乃至包含成百上千设备的复杂网络。 + +### 功能 ### + +#### 绘图 #### + +无上限的监控图条目(graph item),每个图形可以视情况使用 Cacti 中的 CDEFs (Calculation Define,可以对图形输出结果进行计算)或者数据源。 + +自动将 GPRINT 条目分组至 AREA,STACK 和 LINE[1-3] 中,可以对图形进行快速重排序。 + +自动填充功能使得图形的说明整齐排列。 + +可以使用 RRDTool 中内置的 CDEF 数学函数对图形数据进行处理。这些 CDEF 函数可以定义在 Cacti 中,并且每一个图形都可以使用它们。 + +支持所有的 RRDTool 图形类型包括 AREA,STACK,LINE[1-3],GPRINT,COMMENT,VRULE 和 HRULE。 + +#### 数据源 #### + +数据源可以使用 RRDTool 的 "create" 和 "update" 功能创建。每一个数据源可以用来收集本地或者远程的数据,并将数据输出给图形。 + +支持包含多个数据源的 RRD 文件,并可以使用存储在本地文件系统中任何位置的 RRD 文件。 +可以自定义轮询归档(RRA)设置,用户可以在存储数据时使用非标准的时间间隔(标准时间间隔是5分钟,30分钟,2小时 和 1天)。 + +#### 数据收集 #### + +Cacti 包含一个 "data input" 机制,可以让用户定义自定义的脚本用来收集数据。每个脚本可以包含调用参数,每次创建调用此脚本的数据源时输入相应的调用参数(如 IP 地址)。 + +支持 SNMP 功能,可以使用 php-snmp,ucd-snmp 或者 net-snmp。 + +可以基于索引来使用 SNMP 或者脚本收集数据。例如,可以列出一个服务器上所有网卡接口或者已挂载分区的索引列表。集成的绘图模版可以用来一键为主机创建图形。 + +提供一个基于 PHP 的轮询器用于执行脚本,收集 SNMP数据并更新数据至 RRD 文件中。 + +#### 模版 #### + +绘图模版可以将相同图形分组到为一类。图形中的每一个条目都可以使用模版的默认值或者自定义。 + +数据源模版可以通过将相同数据源类型分组为一类。数据源中每一个条目都可以使用模版的默认值或者自定义。 + +主机模版是一组图形和数据源模版,可以用来定义某一类型的主机。创建主机时,它会自动使用相应模版的属性。 + +#### 图形展示 #### + +图形树允许用户创建「图形层次结构」并将图形放至树中。这种方法可以方便的管理大量图形。 + +列表模式将所有图形的链接在一个大列表中展示出来,链接指向用户创建的图形。 + +预览模式将所有图形在一个大列表中展示出来。这有点类似于 RRDTool/MRTG 的默认视图。 + +#### 用户管理 #### + +用户管理功能允许管理员创建用户并分配给用户访问 Cacti 接口的不同级别的权限。 + +权限可以为每个用户指定其对每个图形的权限,这适用于主机租用的场景。 +每个用户可以保存他自己的图形显示模式。 + +#### 系统准备 #### + +在安装 cacti 之前,确保你已经安装了 [Ubuntu 14.10 LAMP server][1]。 + +#### 在 Ubuntu 14.10 Server 上安装 Cacti #### + +打开终端,运行下面的命令 + + sudo apt-get install cacti-spine + +上面的命令开始 Cacti 的安装,你会看到下图中 PHP 路径的更改,选择 ok 按回车 + +![](http://www.ubuntugeek.com/wp-content/uploads/2014/01/18.png) + +选择你想使用的 Web 服务器 (我使用的是 apache2) + +![](http://www.ubuntugeek.com/wp-content/uploads/2014/01/27.png) + +Cacti 数据库配置,选 yes + +![](http://www.ubuntugeek.com/wp-content/uploads/2014/01/35.png) + +输入数据库管理员账户密码 + +![](http://www.ubuntugeek.com/wp-content/uploads/2014/01/42.png) + +输入 Cacti 访问数据库的密码 + +![](http://www.ubuntugeek.com/wp-content/uploads/2014/01/5.png) + +确认密码 + +![](http://www.ubuntugeek.com/wp-content/uploads/2014/01/6.png) + +现在 Cacti 已经安装了,我们可以开始配置它了。 + +#### Cacti 配置 #### + +在浏览器中访问 http://你的服务器IP/cacti/install/ 来进行初始化设置,点击 next 下一步 + +![](http://www.ubuntugeek.com/wp-content/uploads/2014/01/7.png) + +选择 New install,点击 next 下一步 + +![](http://www.ubuntugeek.com/wp-content/uploads/2014/01/8.png) + +下一个界面中,你需要确保所有的路径都是正确的,点击 finish 完成 + +![](http://www.ubuntugeek.com/wp-content/uploads/2014/01/9.png) + +现在以 admin/admin 登录 Cacti,修改管理员的默认密码 + +![](http://www.ubuntugeek.com/wp-content/uploads/2014/01/10.png) + +![](http://www.ubuntugeek.com/wp-content/uploads/2014/01/111.png) + +登录 Cacti 之后你会看到类似于下面这样的界面 + +![](http://www.ubuntugeek.com/wp-content/uploads/2014/11/14.png) + +-------------------------------------------------------------------------------- + +via: http://www.ubuntugeek.com/how-to-install-cacti-monitoring-tool-on-ubuntu-14-10-server.html + +作者:[ruchi][a] +译者:[Liao](https://github.com/liaoishere) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:http://www.ubuntugeek.com/author/ubuntufix +[1]:http://www.ubuntugeek.com/www.ubuntugeek.com/step-by-step-ubuntu-14-10-utopic-unicorn-lamp-server-setup.html From d4431f3774ea0b5b7f6bf733b78af7290574041c Mon Sep 17 00:00:00 2001 From: geekpi Date: Sat, 3 Jan 2015 00:04:12 -0500 Subject: [PATCH 44/98] translating --- ...tor Client' Setup on RHEL or CentOS or Fedora -Part III.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/sources/tech/20141217 Centralized Secure Storage (iSCSI)-- 'Initiator Client' Setup on RHEL or CentOS or Fedora -Part III.md b/sources/tech/20141217 Centralized Secure Storage (iSCSI)-- 'Initiator Client' Setup on RHEL or CentOS or Fedora -Part III.md index accd6907f9..847b47c24a 100644 --- a/sources/tech/20141217 Centralized Secure Storage (iSCSI)-- 'Initiator Client' Setup on RHEL or CentOS or Fedora -Part III.md +++ b/sources/tech/20141217 Centralized Secure Storage (iSCSI)-- 'Initiator Client' Setup on RHEL or CentOS or Fedora -Part III.md @@ -1,3 +1,5 @@ +Translating------geekpi + Centralized Secure Storage (iSCSI) – “Initiator Client” Setup on RHEL/CentOS/Fedora – Part III ================================================================================ **iSCSI** Initiator are the clients which use to authenticated with iSCSI target servers to access the LUNs shared from target server. We can deploy any kind of Operating systems in those locally mounted Disks, just a single package need to be install to get authenticate with target server. @@ -194,4 +196,4 @@ via: http://www.tecmint.com/iscsi-initiator-client-setup/ [a]:http://www.tecmint.com/author/babinlonston/ [1]:http://www.tecmint.com/create-centralized-secure-storage-using-iscsi-targetin-linux/ -[2]:http://www.tecmint.com/create-luns-using-lvm-in-iscsi-target/ \ No newline at end of file +[2]:http://www.tecmint.com/create-luns-using-lvm-in-iscsi-target/ From 381326294179b5860f84233cf8043f6143dac628 Mon Sep 17 00:00:00 2001 From: zhengsihua Date: Sat, 3 Jan 2015 13:55:32 +0800 Subject: [PATCH 45/98] translated --- ...p on RHEL or CentOS or Fedora -Part III.md | 198 ++++++++++++++++++ 1 file changed, 198 insertions(+) create mode 100644 translated/tech/20141217 Centralized Secure Storage (iSCSI)-- 'Initiator Client' Setup on RHEL or CentOS or Fedora -Part III.md diff --git a/translated/tech/20141217 Centralized Secure Storage (iSCSI)-- 'Initiator Client' Setup on RHEL or CentOS or Fedora -Part III.md b/translated/tech/20141217 Centralized Secure Storage (iSCSI)-- 'Initiator Client' Setup on RHEL or CentOS or Fedora -Part III.md new file mode 100644 index 0000000000..f4754a6bb8 --- /dev/null +++ b/translated/tech/20141217 Centralized Secure Storage (iSCSI)-- 'Initiator Client' Setup on RHEL or CentOS or Fedora -Part III.md @@ -0,0 +1,198 @@ +中心化存储(iSCSI)- “初始器客户端” 在RHEL/CentOS/Fedora上的设置 - 第三部分 +================================================================================ +**iSCSI** 初始化器是一种用于与iSCSI target服务器认证并访问服务器上共享的的LUN的客户端。我们可以在本地挂载的硬盘上部署任何操作系统,只需要安装一个包来与target服务器验证。 + +![Client Initiator Setup](http://www.tecmint.com/wp-content/uploads/2014/07/Client-Initiator-Setup.jpg) + +初始器客户端设置 + +#### 功能 #### + +- 可以处理本地挂载磁盘上的任意文件系统 +- 在使用fdisk命令后不需要重启系统 + +#### 要求 #### + +- [使用iSCSI Target创建集中化安全存储- 第一部分][1] +- [在Target服务器中使用LVM创建LUN - 第二部分][2] + +#### 我的客户端设置 #### + +- 操作系统 – CentOS release 6.5 (最终版) +- iSCSI Target IP – 192.168.0.50 +- 使用的端口 : TCP 3260 + +**Warning**: Never stop the service while LUNs Mounted in Client machines (Initiator). +**Warning**:永远不要在使用LUN的时候在客户端中(初始化器)停止服务。 + +### 客户端设置 ### + +**1.** 在客户端,我们需要安装包‘**iSCSI-initiator-utils**‘,用下面的命令搜索包。 + + # yum search iscsi + +**示例输出** + + ============================= N/S Matched: iscsi ================================ + iscsi-initiator-utils.x86_64 : iSCSI daemon and utility programs + iscsi-initiator-utils-devel.x86_64 : Development files for iscsi-initiator-utils + +**2.** 一旦定位了包,就用下面的yum命令安装初始化包。 + + # yum install iscsi-initiator-utils.x86_64 + +**3.** 安装完毕后,我们需要发现**Target 服务器**上的共享。客户端的命令有点难记,因此我们使用man来的到需要运行的命令列表 + + # man iscsiadm + +![man iscsiadm](http://www.tecmint.com/wp-content/uploads/2014/07/man-iscsiadm.jpg) + +man iscsiadm + +**4.** 按下**SHIFT+G** 进入man页的底部并且稍微向上滚动来的到登录的示例命令。下面的发现命令中,需要用我们的**服务器IP地址**来替换。 + + # iscsiadm --mode discoverydb --type sendtargets --portal 192.168.0.200 --discover + +**5.** 这里我们从下面的命令中得到了iSCSIi限定名(iqn)。 + + 192.168.0.200:3260,1 iqn.2014-07.com.tecmint:tgt1 + +![Discover Target](http://www.tecmint.com/wp-content/uploads/2014/07/Discover-Target.jpg) + +发现服务器 + +**6.** 要登录就用下面的命令来连接一台LUN到我们本地系统中,这会与服务器验证并允许我们登录LUN。 + + # iscsiadm --mode node --targetname iqn.2014-07.com.tecmint:tgt1 --portal 192.168.0.200:3260 --login + +![Login To Target Server](http://www.tecmint.com/wp-content/uploads/2014/07/Login-To-Target-Server.jpg) + +登录到服务器 + +**注意**:登出使用登录命令并在命令的最后使用logout来替换。 + + # iscsiadm --mode node --targetname iqn.2014-07.com.tecmint:tgt1 --portal 192.168.0.200:3260 --logout + +![Logout from Target Server](http://www.tecmint.com/wp-content/uploads/2014/07/Logout-from-Target-Server.jpg) + +等出服务器 + +**7.** 登录服务器后,使用下面的命令列出节点的记录。 + + # iscsiadm --mode node + +![List Node](http://www.tecmint.com/wp-content/uploads/2014/07/List-Node.jpg) + +列出节点 + +**8.** 显示特定节点的所有数据 + + # iscsiadm --mode node --targetname iqn.2014-07.com.tecmint:tgt1 --portal 192.168.0.200:3260 + +**示例输出** + + # BEGIN RECORD 6.2.0-873.10.el6 + node.name = iqn.2014-07.com.tecmint:tgt1 + node.tpgt = 1 + node.startup = automatic + node.leading_login = No + iface.hwaddress = + iface.ipaddress = + iface.iscsi_ifacename = default + iface.net_ifacename = + iface.transport_name = tcp + iface.initiatorname = + iface.bootproto = + iface.subnet_mask = + iface.gateway = + iface.ipv6_autocfg = + iface.linklocal_autocfg = + .... + +**9.** 接着列出使用的磁盘,fdisk会列出所有的认证过的磁盘。 + + # fdisk -l /dev/sda + +![List Disks](http://www.tecmint.com/wp-content/uploads/2014/07/List-Disks.jpg) + +列出磁盘 + +**10.** 运行fdisk命令来创建一个新的分区 + + # fdisk -cu /dev/sda + +![Create New Partition](http://www.tecmint.com/wp-content/uploads/2014/07/Create-New-Partition.jpg) + +创建新分区 + +**注意**:在使用fdisk创建新分区之后,我们无需重启,就像使用我们本地的文件系统一样就行。因为这个将远程共享存储挂载到本地了。 + +**11.** 格式化新创建的分区 + + # mkfs.ext4 /dev/sda1 + +![Format New Partition](http://www.tecmint.com/wp-content/uploads/2014/07/Format-New-Partition.jpg) + +格式化新分区 + +**12.** 创建一个目录来挂载新创建的分区 + + # mkdir /mnt/iscsi_share + # mount /dev/sda1 /mnt/iscsi_share/ + # ls -l /mnt/iscsi_share/ + +![Mount New Partition](http://www.tecmint.com/wp-content/uploads/2014/07/Mount-New-Partition.jpg) + +挂载新分区 + +**13.** 列出挂载点 + + # df -Th + +- **-T** – Prints files system types. +- **-h** – Prints in human readable format eg : Megabyte or Gigabyte. + +![List New Partition](http://www.tecmint.com/wp-content/uploads/2014/07/List-New-Partition.jpg) + +列出新分区 + +**14.** 如果需要永久挂在使用fdtab文件 + + # vim /etc/fstab + +**15.**在fstab后追加下面行 + + /dev/sda1 /mnt/iscsi_share/ ext4 defaults,_netdev 0 0 + +**注意:** 在fdtab中使用_netdev,说明这是一个网络设备。 + +![Auto Mount Partition](http://www.tecmint.com/wp-content/uploads/2014/07/Auto-Mount-Partition.jpg) + +自动挂载分区 + +**16.** 最后检查我们fstab文件是否有错误。 + + # mount -av + +- **-a** – 所有挂载点 +- **-v** – 繁琐模式 + +![Verify fstab Entries](http://www.tecmint.com/wp-content/uploads/2014/07/Verify-fstab-Entries.jpg) + +验证fstab文件 + +我们已经成功完成了我们的客户端配置。现在让我们像本地磁盘一样使用它吧。 + +-------------------------------------------------------------------------------- + +via: http://www.tecmint.com/iscsi-initiator-client-setup/ + +作者:[Babin Lonston][a] +译者:[geekpi](https://github.com/geekpi) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:http://www.tecmint.com/author/babinlonston/ +[1]:http://www.tecmint.com/create-centralized-secure-storage-using-iscsi-targetin-linux/ +[2]:http://www.tecmint.com/create-luns-using-lvm-in-iscsi-target/ From 8081292d0890dfccaf8869c648584cb81fa6f512 Mon Sep 17 00:00:00 2001 From: zhengsihua Date: Sat, 3 Jan 2015 14:02:14 +0800 Subject: [PATCH 46/98] delete source file --- ...p on RHEL or CentOS or Fedora -Part III.md | 199 ------------------ 1 file changed, 199 deletions(-) delete mode 100644 sources/tech/20141217 Centralized Secure Storage (iSCSI)-- 'Initiator Client' Setup on RHEL or CentOS or Fedora -Part III.md diff --git a/sources/tech/20141217 Centralized Secure Storage (iSCSI)-- 'Initiator Client' Setup on RHEL or CentOS or Fedora -Part III.md b/sources/tech/20141217 Centralized Secure Storage (iSCSI)-- 'Initiator Client' Setup on RHEL or CentOS or Fedora -Part III.md deleted file mode 100644 index 847b47c24a..0000000000 --- a/sources/tech/20141217 Centralized Secure Storage (iSCSI)-- 'Initiator Client' Setup on RHEL or CentOS or Fedora -Part III.md +++ /dev/null @@ -1,199 +0,0 @@ -Translating------geekpi - -Centralized Secure Storage (iSCSI) – “Initiator Client” Setup on RHEL/CentOS/Fedora – Part III -================================================================================ -**iSCSI** Initiator are the clients which use to authenticated with iSCSI target servers to access the LUNs shared from target server. We can deploy any kind of Operating systems in those locally mounted Disks, just a single package need to be install to get authenticate with target server. - -![Client Initiator Setup](http://www.tecmint.com/wp-content/uploads/2014/07/Client-Initiator-Setup.jpg) - -Client Initiator Setup - -#### Features #### - -- Can handle any kind of file systems in locally mounted Disk. -- No need of restating the system after partition using fdisk. - -#### Requirements #### - -- [Create Centralized Secure Storage using iSCSI Target – Part 1][1] -- [Create LUN’s using LVM in Target Server – Part 2][2] - -#### My Client Setup for Initiator #### - -- Operating System – CentOS release 6.5 (Final) -- iSCSI Target IP – 192.168.0.50 -- Ports Used : TCP 3260 - -**Warning**: Never stop the service while LUNs Mounted in Client machines (Initiator). - -### Initiator Client Setup ### - -**1.** In Client side, we need to install the package ‘**iSCSI-initiator-utils**‘, search for the package using following command. - - # yum search iscsi - -**Sample Output** - - ============================= N/S Matched: iscsi ================================ - iscsi-initiator-utils.x86_64 : iSCSI daemon and utility programs - iscsi-initiator-utils-devel.x86_64 : Development files for iscsi-initiator-utils - -**2.** Once you locate the package, just install the initiator package using yum command as shown. - - # yum install iscsi-initiator-utils.x86_64 - -**3.** After installing the package, we need to discover the share from **Target server**. The client side commands little hard to remember, so we can use man page to get the list of commands which required to run. - - # man iscsiadm - -![man iscsiadm](http://www.tecmint.com/wp-content/uploads/2014/07/man-iscsiadm.jpg) - -man iscsiadm - -**4.** Press **SHIFT+G** to Navigate to the Bottom of the man page and scroll little up to get the login example commands. We need to replace our **Target servers IP** address in below command Discover the Target. - - # iscsiadm --mode discoverydb --type sendtargets --portal 192.168.0.200 --discover - -**5.** Here we got the iSCSI (iqn) qualified name from above command execution. - - 192.168.0.200:3260,1 iqn.2014-07.com.tecmint:tgt1 - -![Discover Target](http://www.tecmint.com/wp-content/uploads/2014/07/Discover-Target.jpg) - -Discover Target - -**6.** To log-in use the below command to attach the LUN to our local System, this will authenticate with target server and allow us to log-in into LUN. - - # iscsiadm --mode node --targetname iqn.2014-07.com.tecmint:tgt1 --portal 192.168.0.200:3260 --login - -![Login To Target Server](http://www.tecmint.com/wp-content/uploads/2014/07/Login-To-Target-Server.jpg) - -Login To Target Server - -**Note**: Use the login command and replace login with logout at end of command. - - # iscsiadm --mode node --targetname iqn.2014-07.com.tecmint:tgt1 --portal 192.168.0.200:3260 --logout - -![Logout from Target Server](http://www.tecmint.com/wp-content/uploads/2014/07/Logout-from-Target-Server.jpg) - -Logout from Target Server - -**7.** After login to the LUN, list the records of Node using. - - # iscsiadm --mode node - -![List Node](http://www.tecmint.com/wp-content/uploads/2014/07/List-Node.jpg) - -List Node - -**8.** Display all data of a particular node. - - # iscsiadm --mode node --targetname iqn.2014-07.com.tecmint:tgt1 --portal 192.168.0.200:3260 - -**Sample Output** - - # BEGIN RECORD 6.2.0-873.10.el6 - node.name = iqn.2014-07.com.tecmint:tgt1 - node.tpgt = 1 - node.startup = automatic - node.leading_login = No - iface.hwaddress = - iface.ipaddress = - iface.iscsi_ifacename = default - iface.net_ifacename = - iface.transport_name = tcp - iface.initiatorname = - iface.bootproto = - iface.subnet_mask = - iface.gateway = - iface.ipv6_autocfg = - iface.linklocal_autocfg = - .... - -**9.** Then list the drive using, fdisk will list every authenticated disks. - - # fdisk -l /dev/sda - -![List Disks](http://www.tecmint.com/wp-content/uploads/2014/07/List-Disks.jpg) - -List Disks - -**10.** Run fdisk to create a new partition. - - # fdisk -cu /dev/sda - -![Create New Partition](http://www.tecmint.com/wp-content/uploads/2014/07/Create-New-Partition.jpg) - -Create New Partition - -**Note**: After Creating a Partition using fdisk, we don’t need to reboot, as we used to do in our local systems, Because this is a remote shared storage mounted locally. - -**11.** Format the newly created partition. - - # mkfs.ext4 /dev/sda1 - -![Format New Partition](http://www.tecmint.com/wp-content/uploads/2014/07/Format-New-Partition.jpg) - -Format New Partition - -**12.** Create a Directory and mount the formatted partition. - - # mkdir /mnt/iscsi_share - # mount /dev/sda1 /mnt/iscsi_share/ - # ls -l /mnt/iscsi_share/ - -![Mount New Partition](http://www.tecmint.com/wp-content/uploads/2014/07/Mount-New-Partition.jpg) - -Mount New Partition - -**13.** List the Mount Points. - - # df -Th - -- **-T** – Prints files system types. -- **-h** – Prints in human readable format eg : Megabyte or Gigabyte. - -![List New Partition](http://www.tecmint.com/wp-content/uploads/2014/07/List-New-Partition.jpg) - -List New Partition - -**14.** If we need to permanently mount the Drive use fstab entry. - - # vim /etc/fstab - -**15.**Append the following Entry in fstab. - - /dev/sda1 /mnt/iscsi_share/ ext4 defaults,_netdev 0 0 - -**Note:** Use _netdev in fstab, as this is a network device. - -![Auto Mount Partition](http://www.tecmint.com/wp-content/uploads/2014/07/Auto-Mount-Partition.jpg) - -Auto Mount Partition - -**16.** Finally check whether our fstab entry have any error. - - # mount -av - -- **-a** – all mount point -- **-v** – Verbose - -![Verify fstab Entries](http://www.tecmint.com/wp-content/uploads/2014/07/Verify-fstab-Entries.jpg) - -Verify fstab Entries - -We have Completed Our client side configuration Successfully. Start to use the drive as we use our local system disk. - --------------------------------------------------------------------------------- - -via: http://www.tecmint.com/iscsi-initiator-client-setup/ - -作者:[Babin Lonston][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 - -[a]:http://www.tecmint.com/author/babinlonston/ -[1]:http://www.tecmint.com/create-centralized-secure-storage-using-iscsi-targetin-linux/ -[2]:http://www.tecmint.com/create-luns-using-lvm-in-iscsi-target/ From 70796857b7093a2b655a98f99c80e577de50edcf Mon Sep 17 00:00:00 2001 From: H-mudcup Date: Sun, 4 Jan 2015 10:12:49 +0800 Subject: [PATCH 47/98] Create 20141208 U.S. Marine Corps Wants to Change OS for Radar System from Windows XP to Linux.md --- ...r Radar System from Windows XP to Linux.md | 49 +++++++++++++++++++ 1 file changed, 49 insertions(+) create mode 100644 translated/news/20141208 U.S. Marine Corps Wants to Change OS for Radar System from Windows XP to Linux.md diff --git a/translated/news/20141208 U.S. Marine Corps Wants to Change OS for Radar System from Windows XP to Linux.md b/translated/news/20141208 U.S. Marine Corps Wants to Change OS for Radar System from Windows XP to Linux.md new file mode 100644 index 0000000000..01c8d0d4f4 --- /dev/null +++ b/translated/news/20141208 U.S. Marine Corps Wants to Change OS for Radar System from Windows XP to Linux.md @@ -0,0 +1,49 @@ +Traslated by H-mudcup + +美国海军陆战队想把雷达操作系统从Windows XP换成Linux +================================================================================ +**一个新的雷达系统已经被送回去升级了** + +![](http://i1-news.softpedia-static.com/images/news2/U-S-Marine-Corps-Want-to-Change-OS-for-Radar-System-from-Windows-XP-to-Linux-466756-2.jpg) + +![](http://i1-news.softpedia-static.com/images/news2/U-S-Marine-Corps-Want-to-Change-OS-for-Radar-System-from-Windows-XP-to-Linux-466756-3.jpg) + +![](http://i1-news.softpedia-static.com/images/news2/U-S-Marine-Corps-Want-to-Change-OS-for-Radar-System-from-Windows-XP-to-Linux-466756-4.jpg) + +![](http://i1-news.softpedia-static.com/images/news2/U-S-Marine-Corps-Want-to-Change-OS-for-Radar-System-from-Windows-XP-to-Linux-466756-5.jpg) + +![](http://i1-news.softpedia-static.com/images/news2/U-S-Marine-Corps-Want-to-Change-OS-for-Radar-System-from-Windows-XP-to-Linux-466756-6.jpg) + +![](http://i1-news.softpedia-static.com/images/news2/U-S-Marine-Corps-Want-to-Change-OS-for-Radar-System-from-Windows-XP-to-Linux-466756-7.jpg) + +>一谈到稳定性和性能,没什么能真的比得过Linux。这就是为什么美国海军陆战队的领导们已经决定让Northrop Grumman Corp. Electronic Systems把新送到的地面/空中任务导向雷达(G/ATOR)的操作系统从Windows XP换成Linux。 + +地面/空中任务导向雷达(G/ATOR)系统已经研制了很多年。很可能在这项工程启动的时候Windows XP被认为是合理的选择。在研制的这段时间,事情发生了变化。微软已经撤销了对Windows XP的支持而且只有极少的几个组织会使用它。操作系统要么升级要么被换掉。在这种情况下,Linux成了合理的选择。特别是当替换的费用很可能远远少于更新的费用。 + +有个很有趣的地方值得注意一下。地面/空中任务导向雷达(G/ATOR)才刚刚送到美国海军陆战队,但是制造它的公司却还是选择了保留这个过时的操作系统。一定有人注意到的这样一个事实。这是一个糟糕的决定,并且指挥系统已经被告知了可能出现的问题了。 + +### G/ATOR雷达的软件将是基于Linux的 ### + +Unix类系统,比如基于BSD或者基于Linux的操作系统,通常会出现在条件苛刻的领域,或者任何情况下都不能失败的的技术中。例如,这就是为什么大多数的服务器都运行着Linux。一个雷达系统配上一个几乎不可能崩溃的操作系统看起来非常相配。 + +“弗吉尼亚州Quantico海军基地海军陆战队系统司令部的官员,在周三宣布了一项与Northrop Grumman Corp. Electronic Systems在林西科姆高地的部分的总经理签订的价值1020万美元的修正合同。这个合同的修改将包括这样一项,把G/ATOR的控制电脑从微软的Windows XP操作系统换成与国防信息局(DISA)兼容的Linux操作系统。” + +‘G/ATOR是一个远征三维中短距离多用途雷达系统。这个系统被设计成能够探测拥有低雷达截面的低可观测目标,比如火箭弹,火炮,迫击炮,巡航导弹以及无人机。”这些内容可以在[militaryaerospace.com][1]看到。 + +这项军用科技,即地面/空中任务导向雷达(G/ATOR),早在2005年就与Northrop Grumman签订了第一次合同。所以不难理解为什么美国海军可能想把这件事快点弄完。这次更换的时间限制还没有被提议。 + +视频链接:[http://youtu.be/H2ppl4x-eu8][2] + +-------------------------------------------------------------------------------- + +via: http://news.softpedia.com/news/U-S-Marine-Corps-Want-to-Change-OS-for-Radar-System-from-Windows-XP-to-Linux-466756.shtml + +作者:[Silviu Stahie][a] +译者:[H-mudcup](https://github.com/H-mudcup) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:http://news.softpedia.com/editors/browse/silviu-stahie +[1]:http://www.militaryaerospace.com/articles/2014/12/gator-linux-software.html +[2]:http://youtu.be/H2ppl4x-eu8 From d495db54a008d9b31019090081508c07ab49c03c Mon Sep 17 00:00:00 2001 From: H-mudcup Date: Sun, 4 Jan 2015 10:19:40 +0800 Subject: [PATCH 48/98] Delete 20141208 U.S. Marine Corps Wants to Change OS for Radar System from Windows XP to Linux.md --- ...r Radar System from Windows XP to Linux.md | 49 ------------------- 1 file changed, 49 deletions(-) delete mode 100644 sources/news/20141208 U.S. Marine Corps Wants to Change OS for Radar System from Windows XP to Linux.md diff --git a/sources/news/20141208 U.S. Marine Corps Wants to Change OS for Radar System from Windows XP to Linux.md b/sources/news/20141208 U.S. Marine Corps Wants to Change OS for Radar System from Windows XP to Linux.md deleted file mode 100644 index 2be8c37e18..0000000000 --- a/sources/news/20141208 U.S. Marine Corps Wants to Change OS for Radar System from Windows XP to Linux.md +++ /dev/null @@ -1,49 +0,0 @@ -Traslating by H-mudcup - -U.S. Marine Corps Wants to Change OS for Radar System from Windows XP to Linux -================================================================================ -**A new radar system has been sent back for upgrade** - -![](http://i1-news.softpedia-static.com/images/news2/U-S-Marine-Corps-Want-to-Change-OS-for-Radar-System-from-Windows-XP-to-Linux-466756-2.jpg) - -![](http://i1-news.softpedia-static.com/images/news2/U-S-Marine-Corps-Want-to-Change-OS-for-Radar-System-from-Windows-XP-to-Linux-466756-3.jpg) - -![](http://i1-news.softpedia-static.com/images/news2/U-S-Marine-Corps-Want-to-Change-OS-for-Radar-System-from-Windows-XP-to-Linux-466756-4.jpg) - -![](http://i1-news.softpedia-static.com/images/news2/U-S-Marine-Corps-Want-to-Change-OS-for-Radar-System-from-Windows-XP-to-Linux-466756-5.jpg) - -![](http://i1-news.softpedia-static.com/images/news2/U-S-Marine-Corps-Want-to-Change-OS-for-Radar-System-from-Windows-XP-to-Linux-466756-6.jpg) - -![](http://i1-news.softpedia-static.com/images/news2/U-S-Marine-Corps-Want-to-Change-OS-for-Radar-System-from-Windows-XP-to-Linux-466756-7.jpg) - -> When it comes to stability and performance, nothing can really beat Linux. This is why the U.S. Marine Corps leaders have decided to ask Northrop Grumman Corp. Electronic Systems to change the operating system of the newly delivered Ground/Air Task-Oriented Radar (G/ATOR) from Windows XP to Linux. - -The Ground/Air Task-Oriented Radar (G/ATOR) system has been in the works for many years and it's very likely that when the project was started, Windows XP could have been considered the logical choice. In the mean time, things changed. Microsoft has pulled the support for Windows XP and very few entities still use it. The operating system is either upgraded or replaced. In this case, Linux is the logical choice, especially since the replacement cost are probably much smaller than an eventual upgrade. - -It's interesting to note that the Ground/Air Task-Oriented Radar (G/ATOR) was just delivered to the U.S. Marine Corps, but the company that built it chose to keep that aging operating system. Someone must have noticed the fact that it was a poor decision and the chain of command was informed of the problems that might have appeared. - -### G/ATOR radar software will be Linux-based ### - -Unix systems, like BSD-based or Linux-based OSes, are usually found in critical areas and technologies that can't fail, under any circumstances. That's why most of the servers out there are running Linux servers, for example. Having a radar system with an operating systems that is very unlikely to crash seems to fit the bill perfectly. - -"Officials of the Marine Corps Systems Command at Quantico Marine Base, Va., announced a $10.2 million contract modification Wednesday to the Northrop Grumman Corp. Electronic Systems segment in Linthicum Heights, Md., to convert the Ground/Air Task-Oriented Radar (G/ATOR) operator command and control computer from Windows XP to Linux. The contract modification will incorporate a change order to switch the G/ATOR control computer from the Microsoft Windows XP operating system to a Defense Information Systems Agency (DISA)-compliant Linux operating system." - -'G/ATOR is an expeditionary, three-dimensional, short-to-medium-range multi-role radar system designed to detect low-observable targets with low radar cross sections such as rockets, artillery, mortars, cruise missiles, and UAVs," reads the entry on [militaryaerospace.com][1]. - -This piece of military technology, the Ground/Air Task-Oriented Radar (G/ATOR) was first contracted from the Northrop Grumman Corp. back in 2005, so it's easy to understand why the US Marines might want to hurry this up. No time frame has been proposed for the switch. - -视频链接:[http://youtu.be/H2ppl4x-eu8][2] - --------------------------------------------------------------------------------- - -via: http://news.softpedia.com/news/U-S-Marine-Corps-Want-to-Change-OS-for-Radar-System-from-Windows-XP-to-Linux-466756.shtml - -作者:[Silviu Stahie][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 - -[a]:http://news.softpedia.com/editors/browse/silviu-stahie -[1]:http://www.militaryaerospace.com/articles/2014/12/gator-linux-software.html -[2]:http://youtu.be/H2ppl4x-eu8 From 0425cc77cdd817b37854fd933e5f86969b733be8 Mon Sep 17 00:00:00 2001 From: DeadFire Date: Sun, 4 Jan 2015 10:36:31 +0800 Subject: [PATCH 49/98] =?UTF-8?q?20150104-1=20=E9=80=89=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../tech/20150104 Docker Image Insecurity.md | 132 ++++++++++++++++++ 1 file changed, 132 insertions(+) create mode 100644 sources/tech/20150104 Docker Image Insecurity.md diff --git a/sources/tech/20150104 Docker Image Insecurity.md b/sources/tech/20150104 Docker Image Insecurity.md new file mode 100644 index 0000000000..261718f9c8 --- /dev/null +++ b/sources/tech/20150104 Docker Image Insecurity.md @@ -0,0 +1,132 @@ +Docker Image Insecurity +================================================================================ +Recently while downloading an “official” container image with Docker I saw this line: + + ubuntu:14.04: The image you are pulling has been verified + +I assumed this referenced Docker’s [heavily promoted][1] image signing system and didn’t investigate further at the time. Later, while researching the cryptographic digest system that Docker tries to secure images with, I had the opportunity to explore further. What I found was a total systemic failure of all logic related to image security. + +Docker’s report that a downloaded image is “verified” is based solely on the presence of a signed manifest, and Docker never verifies the image checksum from the manifest. An attacker could provide any image alongside a signed manifest. This opens the door to a number of serious vulnerabilities. + +Images are downloaded from an HTTPS server and go through an insecure streaming processing pipeline in the Docker daemon: + + [decompress] -> [tarsum] -> [unpack] + +This pipeline is performant but completely insecure. Untrusted input should not be processed before verifying its signature. Unfortunately Docker processes images three times before checksum verification is supposed to occur. + +However, despite [Docker’s claims][2], image checksums are never actually checked. This is the only section[0][3] of Docker’s code related to verifying image checksums, and I was unable to trigger the warning even when presenting images with mismatched checksums. + + if img.Checksum != "" && img.Checksum != checksum { + log.Warnf("image layer checksum mismatch: computed %q, + expected %q", checksum, img.Checksum) + } + +### Insecure processing pipeline ### + +**Decompress** + +Docker supports three compression algorithms: gzip, bzip2, and xz. The first two use the Go standard library implementations, which are [memory-safe][4], so the exploit types I’d expect to see here are denial of service attacks like crashes and excessive CPU and memory usage. + +The third compression algorithm, xz, is more interesting. Since there is no native Go implementation, Docker [execs][5] the `xz` binary to do the decompression. + +The xz binary comes from the [XZ Utils][6] project, and is built from approximately[1][7] twenty thousand lines of C code. C is not a memory-safe language. This means malicious input to a C program, in this case the Docker image XZ Utils is unpacking, could potentially execute arbitrary code. + +Docker exacerbates this situation by *running* `xz` as root. This means that if there is a single vulnerability in `xz`, a call to `docker pull` could result in the complete compromise of your entire system. + +**Tarsum** + +The use of tarsum is well-meaning but completely flawed. In order to get a deterministic checksum of the contents of an arbitrarily encoded tar file, Docker decodes the tar and then hashes specific portions, while excluding others, in a [deterministic order][8]. + +Since this processing is done in order to generate the checksum, it is decoding untrusted data which could be designed to exploit the tarsum code[2][9]. Potential exploits here are denial of service as well as logic flaws that could cause files to be injected, skipped, processed differently, modified, appended to, etc. without the checksum changing. + +**Unpacking** + +Unpacking consists of decoding the tar and placing files on the disk. This is extraordinarily dangerous as there have been three other vulnerabilities reported[3][10] in the unpack stage at the time of writing. + +There is no situation where data that has not been verified should be unpacked onto disk. + +### libtrust ### + +[libtrust][11] is a Docker package that claims to provide “authorization and access control through a distributed trust graph.” Unfortunately no specification appears to exist, however it looks like it implements some parts of the [Javascript Object Signing and Encryption][12] specifications along with other unspecified algorithms. + +Downloading an image with a manifest signed and verified using libtrust is what triggers this inaccurate message (only the manifest is checked, not the actual image contents): + + ubuntu:14.04: The image you are pulling has been verified + +Currently only “official” image manifests published by Docker, Inc are signed using this system, but from discussions I participated in at the last Docker Governance Advisory Board meeting[4][13], my understanding is that Docker, Inc is planning on deploying this more widely in the future. The intended goal is centralization with Docker, Inc controlling a Certificate Authority that then signs images and/or client certificates. + +I looked for the signing key in Docker’s code but was unable to find it. As it turns out the key is not embedded in the binary as one would expect. Instead the Docker daemon fetches it [over HTTPS from a CDN][14] before each image download. This is a terrible approach as a variety of attacks could lead to trusted keys being replaced with malicious ones. These attacks include but are not limited to: compromise of the CDN vendor, compromise of the CDN origin serving the key, and man in the middle attacks on clients downloading the keys. + +### Remediation ### + +I [reported][15] some of the issues I found with the tarsum system before I finished this research, but so far nothing I have reported has been fixed. + +Some steps I believe should be taken to improve the security of the Docker image download system: +Drop tarsum and actually verify image digests + +Tarsum should not be used for security. Instead, images must be fully downloaded and their cryptographic signatures verified before any processing takes place. + +**Add privilege isolation** + +Image processing steps that involve decompression or unpacking should be run in isolated processes (containers?) that have only the bare minimum required privileges to operate. There is no scenario where a decompression tool like `xz` should be run as root. + +**Replace libtrust** + +Libtrust should be replaced with [The Update Framework][16] which is explicitly designed to solve the real problems around signing software binaries. The threat model is very comprehensive and addresses many things that have not been considered in libtrust. There is a complete specification as well as a reference implementation written in Python, and I have begun work on a [Go implementation][17] and welcome contributions. + +As part of adding TUF to Docker, a local keystore should be added that maps root keys to registry URLs so that users can have their own signing keys that are not managed by Docker, Inc. + +I would like to note that using non-Docker, Inc hosted registries is a very poor user experience in general. Docker, Inc seems content with relegating third party registries to second class status when there is no technical reason to do so. This is a problem both for the ecosystem in general and the security of end users. A comprehensive, decentralized security model for third party registries is both necessary and desirable. I encourage Docker, Inc to take this into consideration when redesigning their security model and image verification system. + +### Conclusion ### + +Docker users should be aware that the code responsible for downloading images is shockingly insecure. Users should only download images whose provenance is without question. At present, this does *not* include “trusted” images hosted by Docker, Inc including the official Ubuntu and other base images. + +The best option is to block `index.docker.io` locally, and download and verify images manually before importing them into Docker using `docker load`. Red Hat’s security blog has [a good post about this][18]. + +Thanks to Lewis Marshall for pointing out the tarsums are never verified. + +- [Checksum code context][19]. +- [cloc][20] says 18,141 non-blank, non-comment lines of C and 5,900 lines of headers in v5.2.0. +- Very similar bugs been [found in Android][21], which allowed arbitrary files to be injected into signed packages, and [the Windows Authenticode][22] signature system, which allowed binary modification. +- Specifically: [CVE-2014-6407][23], [CVE-2014-9356][24], and [CVE-2014-9357][25]. There were two Docker [security releases][26] in response. +- See page 8 of the [notes from the 2014-10-28 DGAB meeting][27]. + +-------------------------------------------------------------------------------- + +via: https://titanous.com/posts/docker-insecurity + +作者:[titanous][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:https://twitter.com/titanous +[1]:https://blog.docker.com/2014/10/docker-1-3-signed-images-process-injection-security-options-mac-shared-directories/ +[2]:https://blog.docker.com/2014/10/docker-1-3-signed-images-process-injection-security-options-mac-shared-directories/ +[3]:https://titanous.com/posts/docker-insecurity#fn:0 +[4]:https://en.wikipedia.org/wiki/Memory_safety +[5]:https://github.com/docker/docker/blob/0874f9ab77a7957633cd835241a76ee4406196d8/pkg/archive/archive.go#L91-L95 +[6]:http://tukaani.org/xz/ +[7]:https://titanous.com/posts/docker-insecurity#fn:1 +[8]:https://github.com/docker/docker/blob/0874f9ab77a7957633cd835241a76ee4406196d8/pkg/tarsum/tarsum_spec.md +[9]:https://titanous.com/posts/docker-insecurity#fn:2 +[10]:https://titanous.com/posts/docker-insecurity#fn:3 +[11]:https://github.com/docker/libtrust +[12]:https://tools.ietf.org/html/draft-ietf-jose-json-web-signature-11 +[13]:https://titanous.com/posts/docker-insecurity#fn:4 +[14]:https://github.com/docker/docker/blob/0874f9ab77a7957633cd835241a76ee4406196d8/trust/trusts.go#L38 +[15]:https://github.com/docker/docker/issues/9719 +[16]:http://theupdateframework.com/ +[17]:https://github.com/flynn/go-tuf +[18]:https://securityblog.redhat.com/2014/12/18/before-you-initiate-a-docker-pull/ +[19]:https://github.com/docker/docker/blob/0874f9ab77a7957633cd835241a76ee4406196d8/image/image.go#L114-L116 +[20]:http://cloc.sourceforge.net/ +[21]:http://www.saurik.com/id/17 +[22]:http://blogs.technet.com/b/srd/archive/2013/12/10/ms13-098-update-to-enhance-the-security-of-authenticode.aspx +[23]:https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6407 +[24]:https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9356 +[25]:https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9357 +[26]:https://groups.google.com/d/topic/docker-user/nFAz-B-n4Bw/discussion +[27]:https://docs.google.com/document/d/1JfWNzfwptsMgSx82QyWH_Aj0DRKyZKxYQ1aursxNorg/edit?pli=1 \ No newline at end of file From 5ea7de03ae065dcf3f1583d3af4a76737b15d8c3 Mon Sep 17 00:00:00 2001 From: H-mudcup Date: Sun, 4 Jan 2015 11:15:17 +0800 Subject: [PATCH 50/98] Update 20141106 Flow' N Play Movie Player Has a Stylish Interface Ubuntu Installation.md --- ...ovie Player Has a Stylish Interface Ubuntu Installation.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/sources/share/20141106 Flow' N Play Movie Player Has a Stylish Interface Ubuntu Installation.md b/sources/share/20141106 Flow' N Play Movie Player Has a Stylish Interface Ubuntu Installation.md index 357a3b6e6c..28609377b0 100644 --- a/sources/share/20141106 Flow' N Play Movie Player Has a Stylish Interface Ubuntu Installation.md +++ b/sources/share/20141106 Flow' N Play Movie Player Has a Stylish Interface Ubuntu Installation.md @@ -1,3 +1,5 @@ +Translating by H-mudcup + Flow ‘N Play Movie Player Has a Stylish Interface [Ubuntu Installation] ================================================================================ **Flow ‘N Play** is a new video player written in Qt which features a pretty slick and simple interface which provides only the basic features for playing movies. @@ -52,4 +54,4 @@ via: http://www.tuxarena.com/2014/11/flow-n-play-movie-player-has-a-stylish-inte 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 [1]:http://www.prest1ge-c0ding.24.eu/programme-php/app-flow_n_play.php?lang=en -[2]:http://qt-apps.org/content/show.php/Flow+%27N+Play?content=167736 \ No newline at end of file +[2]:http://qt-apps.org/content/show.php/Flow+%27N+Play?content=167736 From fc1ec72d1e923ff3a1517fcf458cd79fd0521fef Mon Sep 17 00:00:00 2001 From: liaoishere Date: Sun, 4 Jan 2015 14:34:07 +0800 Subject: [PATCH 51/98] liaoishere is translating 20141027 ntpq -p output --- sources/tech/20141027 ntpq -p output.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/sources/tech/20141027 ntpq -p output.md b/sources/tech/20141027 ntpq -p output.md index 6b70e90235..8a391bcb99 100644 --- a/sources/tech/20141027 ntpq -p output.md +++ b/sources/tech/20141027 ntpq -p output.md @@ -1,3 +1,4 @@ +liaosishere translating .. “ntpq -p” output ================================================================================ The [Gentoo][1] (and others?) [incomplete man pages for “ntpq -p”][2] merely give the description: “*Print a list of the peers known to the server as well as a summary of their state.*” @@ -131,7 +132,7 @@ Note that for UTC, a [leap second][62] can be inserted into the reported time up So… What actually is the value for the step threshold: 125ms or 128ms? And what are the PLL/FLL tc units (log2 s? ms?)? And what accuracy can be expected between peers on an uncongested Gigabit LAN? - + Thanks for comments from Camilo M and Chris B. Corrections and further details welcomed. From 7c761d02f8c2caad2f9decb5ae794caa22bdcdab Mon Sep 17 00:00:00 2001 From: KayGuoWhu Date: Sun, 4 Jan 2015 14:40:38 +0800 Subject: [PATCH 52/98] the first translating of 2015 --- sources/talk/20141222 A brief history of Linux malware.md | 1 + 1 file changed, 1 insertion(+) diff --git a/sources/talk/20141222 A brief history of Linux malware.md b/sources/talk/20141222 A brief history of Linux malware.md index f9898b3734..07c8d82907 100644 --- a/sources/talk/20141222 A brief history of Linux malware.md +++ b/sources/talk/20141222 A brief history of Linux malware.md @@ -1,3 +1,4 @@ +[translating by KayGuoWhu] A brief history of Linux malware ================================================================================ A look at some of the worms and viruses and Trojans that have plagued Linux throughout the years. From 68819fccd8af60ca60c8077252ed7e1938df8ecd Mon Sep 17 00:00:00 2001 From: DeadFire Date: Sun, 4 Jan 2015 14:54:47 +0800 Subject: [PATCH 53/98] =?UTF-8?q?20150104-2=20=E9=80=89=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ...50104 How To Install Websvn In CentOS 7.md | 123 ++++++++++++++++++ 1 file changed, 123 insertions(+) create mode 100644 sources/tech/20150104 How To Install Websvn In CentOS 7.md diff --git a/sources/tech/20150104 How To Install Websvn In CentOS 7.md b/sources/tech/20150104 How To Install Websvn In CentOS 7.md new file mode 100644 index 0000000000..8b77577dd6 --- /dev/null +++ b/sources/tech/20150104 How To Install Websvn In CentOS 7.md @@ -0,0 +1,123 @@ +How To Install Websvn In CentOS 7 +================================================================================ +**WebSVN** offers a view onto your subversion repositories that’s been designed to reflect the Subversion methodology. You can view the log of any file or directory and see a list of all the files changed, added or deleted in any given revision. You can also view the differences between two versions of a file so as to see exactly what was changed in a particular revision. + +### Features ### + +WebSVN offers the following features: + +- Easy to use interface; +- Customisable templating system; +- Colourisation of file listings; +- Blame view; +- Log message searching; +- RSS feed support. + +### Installation ### + +I use the following link to install Subversion on CentOS 7. + +- [How To install Subversion On CentOS 7][1] + +**1 – Download the websvn to /var/www/html.** + + cd /var/www/html + +---------- + + wget http://websvn.tigris.org/files/documents/1380/49057/websvn-2.3.3.zip + +**2 – Extract the zip package.** + + unzip websvn-2.3.3.zip + +---------- + + mv websvn-2.3.3 websvn + +**3 – Installl php to your system.** + + yum install php + +**4 – Edit web svn config.** + + cd /var/www/html/websvn/include + +---------- + + cp distconfig.php config.php + +---------- + + vi config.php + +---------- + + // Configure these lines if your commands aren't on your path. + // + $config->setSVNCommandPath('/usr/bin'); // e.g. c:\\program files\\subversion\\bin + $config->setDiffPath('/usr/bin'); +---------- + // For syntax colouring, if option enabled... + $config->setEnscriptPath('/usr/bin'); + $config->setSedPath('/bin'); +---------- + // For delivered tarballs, if option enabled... + $config->setTarPath('/bin'); +---------- + // For delivered GZIP'd files and tarballs, if option enabled... + $config->setGZipPath('/bin'); +---------- + // + $config->parentPath('/svn/'); +---------- + $extEnscript[".pl"] = "perl"; + $extEnscript[".py"] = "python"; + $extEnscript[".sql"] = "sql"; + $extEnscript[".java"] = "java"; + $extEnscript[".html"] = "html"; + $extEnscript[".xml"] = "html"; + $extEnscript[".thtml"] = "html"; + $extEnscript[".tpl"] = "html"; + $extEnscript[".sh"] = "bash"; + ~ + +save and exit. + +**6 – Reload apache and start websvn link http://ip/websvn.** + +![websvn](http://180016988.r.cdn77.net/wp-content/uploads/2015/01/websvn.png) + +That’s it. + +-------------------------------------------------------------------------------- + +via: http://www.unixmen.com/install-websvn-centos-7/ + +作者:[M.el Khamlichi][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:http://www.unixmen.com/author/pirat9/ +[1]:http://www.unixmen.com/install-subversion-centos-7/ +[2]: +[3]: +[4]: +[5]: +[6]: +[7]: +[8]: +[9]: +[10]: +[11]: +[12]: +[13]: +[14]: +[15]: +[16]: +[17]: +[18]: +[19]: +[20]: \ No newline at end of file From d3b13366378e8e27bcb2a6c253144a4d9d62546a Mon Sep 17 00:00:00 2001 From: DeadFire Date: Sun, 4 Jan 2015 14:55:03 +0800 Subject: [PATCH 54/98] =?UTF-8?q?20150104-3=20=E9=80=89=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ...l for Security Auditing on Linux Server.md | 203 ++++++++++++++++++ ...gure Chroot Environment in Ubuntu 14.04.md | 146 +++++++++++++ 2 files changed, 349 insertions(+) create mode 100644 sources/tech/20150104 Auditd--Tool for Security Auditing on Linux Server.md create mode 100644 sources/tech/20150114 How to Configure Chroot Environment in Ubuntu 14.04.md diff --git a/sources/tech/20150104 Auditd--Tool for Security Auditing on Linux Server.md b/sources/tech/20150104 Auditd--Tool for Security Auditing on Linux Server.md new file mode 100644 index 0000000000..9375385927 --- /dev/null +++ b/sources/tech/20150104 Auditd--Tool for Security Auditing on Linux Server.md @@ -0,0 +1,203 @@ +Auditd - Tool for Security Auditing on Linux Server +================================================================================ +First of all , we wish all our readers **Happy & Prosperous New YEAR 2015** from our Linoxide team. So lets start this new year explaining about Auditd tool. + +Security is one of the main factor that we need to consider. We must maintain it because we don't want someone steal our data. Security includes many things. Audit, is one of it. + +On Linux system, we know that we have a tool named **auditd**. This tool is by default exist in most of Linux operating system. What is auditd tool and how to use it? We will cover it below. + +### What is auditd? ### + +Auditd or audit daemon, is a userspace component to the Linux Auditing System. It’s responsible for writing audit records to the disk. + +![](http://blog.linoxide.com/wp-content/uploads/2014/12/what_is_auditd.png) + +### Installing auditd ### + +On Ubuntu based system , we can use [wajig][1] tool or **apt-get tool** to install auditd. + +![](http://blog.linoxide.com/wp-content/uploads/2014/12/install_auditd.png) + +Just follow the instruction to get it done. Once it finish it will install some tools related to auditd tool. Here are the tools : + +- **auditctl ;** is a tool to control the behaviour of the daemon on the fly, adding rules, etc +- **/etc/audit/audit.rules ;** is the file that contains audit rules +- **aureport ;** is tool to generate and view the audit report +- **ausearch ;** is a tool to search various events +- **auditspd ;** is a tool which can be used to relay event notifications to other applications instead of writing them to disk in the audit log +- **autrace ;** is a command that can be used to trace a process +- **/etc/audit/auditd.conf ;** is the configuration file of auditd tool +- When the first time we install **auditd**, there will be no rules available yet. + +We can check it using this command : + + $ sudo auditctl -l + +![](http://blog.linoxide.com/wp-content/uploads/2014/12/auditctl_no_rules.png) + +To add rules on auditd, let’s continue to the section below. + +### How to use it ### + +#### Audit files and directories access #### + +One of the basic need for us to use an audit tool are, how can we know if someone change a file(s) or directories? Using auditd tool, we can do with those commands (please remember, we will need root privileges to configure auditd tool): + +**Audit files** + + $ sudo auditctl -w /etc/passwd -p rwxa + +![](http://blog.linoxide.com/wp-content/uploads/2014/12/auditctl_w_etc_passwd.png) + +**With :** + +- **-w path ;** this parameter will insert a watch for the file system object at path. On the example above, auditd will wacth /etc/passwd file +- **-p ; **this parameter describes the permission access type that a file system watch will trigger on +- **rwxa ;** are the attributes which bind to -p parameter above. r is read, w is write, x is execute and a is attribute + +#### Audit directories #### + +To audit directories, we will use a similar command. Let’s take a look at the command below : + + $ sudo auditctl -w /production/ + +![](http://blog.linoxide.com/wp-content/uploads/2014/12/auditctl_w_production.png) + +The above command will watch any access to the **/production folder**. + +Now, if we run **auditctl -l** command again, we will see that new rules are added. + +![](http://blog.linoxide.com/wp-content/uploads/2014/12/auditctl_rules.png) + +Now let’s see the audit log says. + +### Viewing the audit log ### + +After rules are added, now we can see how auditd in action. To view audit log, we can use **ausearch** tool. + +We already add rule to watch /etc/passwd file. Now we will try to use **ausearch** tool to view the audit log. + + $ sudo ausearch -f /etc/passwd + +- **-f** parameter told ausearch to investigate /etc/passwd file +- The result is shown below : +> **time**->Mon Dec 22 09:39:16 2014 +> type=PATH msg=audit(1419215956.471:194): item=0 **name="/etc/passwd"** inode=142512 dev=08:01 mode=0100644 ouid=0 ogid=0 rdev=00:00 nametype=NORMAL +> type=CWD msg=audit(1419215956.471:194): **cwd="/home/pungki"** +> type=SYSCALL msg=audit(1419215956.471:194): arch=40000003 **syscall=5** success=yes exit=3 a0=b779694b a1=80000 a2=1b6 a3=b8776aa8 items=1 ppid=2090 pid=2231 **auid=4294967295 uid=1000 gid=1000** euid=0 suid=0 fsuid=0 egid=1000 sgid=1000 fsgid=1000 tty=pts0 ses=4294967295 **comm="sudo" exe="/usr/bin/sudo"** key=(null) + + Now let’s we understand the result. + +- **time ;** is when the audit is done +- **name ;** is the object name to be audited +- **cwd ;** is the current directory +- **syscall ;** is related syscall +- **auid ;** is the audit user ID +- **uid and gid ;** are User ID and Group ID of the user who access the file +- **comm ;** is the command that the user is used to access the file +- **exe ;** is the location of the command of comm parameter above +- The above audit log is the original file. + + Next, we are going to add a new user, to see how the auditd record the activity to /etc/passwd file. + +> **time->**Mon Dec 22 11:25:23 2014 +> type=PATH msg=audit(1419222323.628:510): item=1 **name="/etc/passwd.lock"** inode=143992 dev=08:01 mode=0100600 ouid=0 ogid=0 rdev=00:00 nametype=DELETE +> type=PATH msg=audit(1419222323.628:510): item=0 **name="/etc/"** inode=131073 dev=08:01 mode=040755 ouid=0 ogid=0 rdev=00:00 nametype=PARENT +> type=CWD msg=audit(1419222323.628:510): **cwd="/root"** +> type=SYSCALL msg=audit(1419222323.628:510): arch=40000003 **syscall=10** success=yes exit=0 a0=bfc0ceec a1=0 a2=bfc0ceec a3=897764c items=2 ppid=2978 pid=2994 **auid=4294967295 uid=0 gid=0** euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=4294967295 **comm="chfn" exe="/usr/bin/chfn"** key=(null) + +As we can see above, that on that particular time, **/etc/passwd was accessed** by user root (uid = 0 and gid = 0) **from** directory /root (cwd = /root). The /etc/passwd file was accessed using **chfn** command which located in **/usr/bin/chfn** + +If we type **man chfn** on the console, we will see more detail about what is chfn. + +![](http://blog.linoxide.com/wp-content/uploads/2014/12/chfn.png) + +Now we take a look at another example. + +We already told auditd to watch directory /production/ . That is a new directory. So when we try to use ausearch tool at the first time, it found nothing. + +![](http://blog.linoxide.com/wp-content/uploads/2014/12/ausearch_production_empty.png) + +Next, root account try to list the /production directory using ls command. The second time we use ausearch tool, it will show us some information. + +![](http://blog.linoxide.com/wp-content/uploads/2014/12/ausearch_production_ls.png) + +> **time->**Mon Dec 22 14:18:28 2014 +> type=PATH msg=audit(1419232708.344:527): item=0 **name="/production/"** inode=797104 dev=08:01 mode=040755 ouid=0 ogid=0 rdev=00:00 nametype=NORMAL +> type=CWD msg=audit(1419232708.344:527): cwd="/root" +> type=SYSCALL msg=audit(1419232708.344:527): arch=40000003 syscall=295 success=yes exit=3 a0=ffffff9c a1=95761e8 a2=98800 a3=0 items=1 ppid=3033 pid=3444 **auid=4294967295 uid=0 gid=0** euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts0 ses=4294967295 **comm="ls" exe="/bin/ls"** key=(null) + +Similar with the previous one, we can determine that **/production folder was looked** by root account (uid=0 gid=0) **using ls command** (comm = ls) and the ls command is **located in /bin/ls folder**. + +### Viewing the audit reports ### + +Once we put the audit rules, it will run automatically. And after a period of time, we want to see how auditd can help us to track them. + +Auditd comes with another tool called **aureport**. As we can guess from its name, **aureport** is a tool that produces summary reports of the audit system log. + +We already told auditd to track /etc/passwd before. And a moment after the auditd parameter is developed, the audit.log file is created. + +To generate the report of audit, we can use aureport tool. Without any parameters, aureport will generate a summary report of audit activity. + + $ sudo aureport + +![](http://blog.linoxide.com/wp-content/uploads/2014/12/aureport_2.png) + +As we can see, there are some information available which cover most important area. + +On the picture above we see there are **3 times failed authentication**. Using aureport, we can drill down to that information. + +We can use this command to look deeper on failed authentication : + + $ sudo aureport -au + +![](http://blog.linoxide.com/wp-content/uploads/2014/12/aureport_authentication.png) + +As we can see on the picture above, there are two users which at the particular time are failed to authenticated + +If we want to see all events related to account modification, we can use -m parameter. + + $ sudo aureport -m + +![](http://blog.linoxide.com/wp-content/uploads/2014/12/aureport_m.png) + +### Auditd configuration file ### + +Previously we already added : + +- $ sudo auditctl -w /etc/passwd -p rwxa +- $ sudo auditctl -w /production/ +- Now, if we sure the rules are OK, we can add it into + +**/etc/audit/audit.rules** to make them permanently.Here’s how to put them into the /etc/audit/audit.rules fileSample of audit rule file + +![](http://blog.linoxide.com/wp-content/uploads/2014/12/audit_rules_file.png) + +**Then don’t forget to restart auditd daemon.** + + # /etc/init.d/auditd restart + +OR + + # service auditd restart + +![](http://blog.linoxide.com/wp-content/uploads/2014/12/audit_restart.png) + +### Conclusion ### + +Auditd is one of the audit tool that available on Linux system. You can explore more detail about auditd and its related tools by reading its manual page. For example, just type **man auditd** to see more detail about auditd. Or type **man ausearch** to see more detail about ausearch tool. + +**Please be careful before creating rules**. It will increase your log file size significantly if too much information to record. + +-------------------------------------------------------------------------------- + +via: http://linoxide.com/how-tos/auditd-tool-security-auditing/ + +作者:[Pungki Arianto][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:http://linoxide.com/author/pungki/ +[1]:http://linoxide.com/tools/wajig-package-management-debian/ \ No newline at end of file diff --git a/sources/tech/20150114 How to Configure Chroot Environment in Ubuntu 14.04.md b/sources/tech/20150114 How to Configure Chroot Environment in Ubuntu 14.04.md new file mode 100644 index 0000000000..63acd23a67 --- /dev/null +++ b/sources/tech/20150114 How to Configure Chroot Environment in Ubuntu 14.04.md @@ -0,0 +1,146 @@ +How to Configure Chroot Environment in Ubuntu 14.04 +================================================================================ +There are many instances when you may wish to isolate certain applications, user, or environments within a Linux system. Different operating systems have different methods of achieving isolation, and in Linux, a classic way is through a `chroot` environment. + +In this guide, we'll show you step wise on how to setup an isolated environment using chroot in order to create a barrier between your regular operating system and a contained environment. This is mainly useful for testing purposes. We will teach you the steps on an **Ubuntu 14.04** VPS instance. + +Most system administrators will benefit from knowing how to accomplish a quick and easy chroot environment and it is a valuable skill to have. + +### The chroot environment ### + +A chroot environment is an operating system call that will change the root location temporarily to a new folder. Typically, the operating system's conception of the root directory is the actual root located at "/". However, with `chroot`, you can specify another directory to serve as the top-level directory for the duration of a chroot. + +Any applications that are run from within the `chroot` will be unable to see the rest of the operating system in principle. + +#### Advantages of Chroot Environment #### + +> - Test applications without the risk of compromising the entire host system. +> +> - From the security point of view, whatever happens in the chroot environment won't affect the host system (not even under root user). +> +> - A different operating system running in the same hardware. + +For instance, it allows you to build, install, and test software in an environment that is separated from your normal operating system. It could also be used as a method of **running 32-bit applications in a 64-bit environment**. + +But while chroot environments will certainly make additional work for an unprivileged user, they should be considered a hardening feature instead of a security feature, meaning that they attempt to reduce the number of attack vectors instead of creating a full solution. If you need full isolation, consider a more complete solution, such as Linux containers, Docker, vservers, etc. + +### Debootstrap and Schroot ### + +The necessary packages to setup the chroot environment are **debootstrap** and **schroot**, which are available in the ubuntu repository. The schroot command is used to setup the chroot environment. + +**Debootstrap** allows you to install a new fresh copy of any Debian (or debian-based) system from a repository in a directory with all the basic commands and binaries needed to run a basic instance of the operating system. + +The **schroot** allows access to chroots for normal users using the same mechanism, but with permissions checking and allowing additional automated setup of the chroot environment, such as mounting additional filesystems and other configuration tasks. + +These are the steps to implement this functionality in Ubuntu 14.04 LTS: + +### 1. Installing the Packages ### + +Firstly, We're gonna install debootstrap and schroot in our host Ubuntu 14.04 LTS. + + $ sudo apt-get install debootstrap + $ sudo apt-get install schroot + +### 2. Configuring Schroot ### + +Now that we have the appropriate tools, we just need to specify a directory that we want to use as our chroot environment. We will create a directory called linoxide in our root directory to setup chroot there: + + sudo mkdir /linoxide + +We have to configure schroot to suit our needs in the configuration file .we will modify the schroot configuration file with the information we require to get configured. + + sudo nano /etc/schroot/schroot.conf + +We are on an Ubuntu 14.04 LTS (Trusty Tahr) system currently, but let's say that we want to test out some packages available on Ubuntu 13.10, code named "Saucy Salamander". We can do that by creating an entry that looks like this: + + [saucy] + description=Ubuntu Saucy + location=/linoxide + priority=3 + users=arun + root-groups=root + +![](http://blog.linoxide.com/wp-content/uploads/2014/12/schroot-config.png) + +Modify the values of the configuration parameters in the above example to fit your system: + +### 3. Installing 32 bit Ubuntu with debootstrap ### + +Debootstrap downloads and installs a minimal operating system inside your **chroot environment**. You can install any debian-based distro of your choice, as long as you have a repository available. + +Above, we placed the chroot environment under the directory **/linoxide** and this is the root directory of the chroot environment. So we'll need to run debootstrap inside that directory which we have already created: + + cd /linoxide + sudo debootstrap --variant=buildd --arch amd64 saucy /linoxide/ http://archive.ubuntu.com/ubuntu/ + sudo chroot /linoxide /debootstrap/debootstrap --second-stage + +You can replace amd64 in --arch as i386 or other bit OS you wanna setup available in the repository. You can replace the mirror http://archive.ubuntu.com/ubuntu/ above as the one closest, you can get the closest one from the official [Ubuntu Mirror Page][1]. + +**Note: You will need to add --foreign above 3rd line command if you choose to setup i386 bit OS choot in your 64 bit Host Ubuntu as:** + + sudo debootstrap --variant=buildd --foreign --arch i386 saucy /linoxide/ http://archive.ubuntu.com/ubuntu/ + +It takes some time (depending on your bandwidth) to download, install and configure the complete system. It takes about 500 MBs for a minimal installation. + +### 4. Finallizing the chroot environment ### + +After the system is installed, we'll need to do some final configurations to make sure the system functions correctly. First, we'll want to make sure our host `fstab` is aware of some pseudo-systems in our guest. + + sudo nano /etc/fstab + +Add the below lines like these to the bottom of your fstab: + + proc /linoxide/proc proc defaults 0 0 + sysfs /linoxide/sys sysfs defaults 0 0 + +Save and close the file. + +Now, we're going to need to mount these filesystems within our guest: + + $ sudo mount proc /linoxide/proc -t proc + $sudo mount sysfs /linoxide/sys -t sysfs + +We'll also want to copy our /etc/hosts file so that we will have access to the correct network information: + + $ sudo cp /etc/hosts /linoxide/etc/hosts + +Finally, You can list the available chroot environments using the schroot command. + + $ schroot -l + +We can enter the chroot environment through a command like this: + + $ sudo chroot /linoxide/ /bin/bash + +You can test the chroot environment by checking the version of distributions installed. + + # lsb_release -a + # uname -a + +To finish this tutorial, in order to run a graphic application from the chroot, you have to export the DISPLAY environment variable. + + $ DISPLAY=:0.0 ./apps + +Here, we have successfully installed Chrooted Ubuntu 13.10(Saucy Salamander) in your host Ubuntu 14.04 LTS (Trusty Tahr). + +You can exit chroot environment successfully by running the commands below: + + # exit + +Afterwards, we need to unmount our proc and sys filesystems: + + $ sudo umount /test/proc + $ sudo umount /test/sys + +-------------------------------------------------------------------------------- + +via: http://linoxide.com/ubuntu-how-to/configure-chroot-environment-ubuntu-14-04/ + +作者:[Arun Pyasi][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:http://linoxide.com/author/arunp/ +[1]:https://launchpad.net/ubuntu/+archivemirrors \ No newline at end of file From 1da8f3500df779e2a01189bc9c43bb15c9d1b191 Mon Sep 17 00:00:00 2001 From: DeadFire Date: Sun, 4 Jan 2015 16:17:47 +0800 Subject: [PATCH 55/98] =?UTF-8?q?20150104-4=20=E9=80=89=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ... fail2ban to protect Apache HTTP server.md | 207 ++++++++++++++++++ ... C or C++ program with Nemiver debugger.md | 109 +++++++++ ...rm backup server on Linux with BackupPC.md | 134 ++++++++++++ 3 files changed, 450 insertions(+) create mode 100644 sources/tech/20150104 How to configure fail2ban to protect Apache HTTP server.md create mode 100644 sources/tech/20150104 How to debug a C or C++ program with Nemiver debugger.md create mode 100644 sources/tech/20150104 How to set up a cross-platform backup server on Linux with BackupPC.md diff --git a/sources/tech/20150104 How to configure fail2ban to protect Apache HTTP server.md b/sources/tech/20150104 How to configure fail2ban to protect Apache HTTP server.md new file mode 100644 index 0000000000..9bbf00198b --- /dev/null +++ b/sources/tech/20150104 How to configure fail2ban to protect Apache HTTP server.md @@ -0,0 +1,207 @@ +How to configure fail2ban to protect Apache HTTP server +================================================================================ +An Apache HTTP server in production environments can be under attack in various different ways. Attackers may attempt to gain access to unauthorized or forbidden directories by using brute-force attacks or executing evil scripts. Some malicious bots may scan your websites for any security vulnerability, or collect email addresses or web forms to send spams to. + +Apache HTTP server comes with comprehensive logging capabilities capturing various abnormal events indicative of such attacks. However, it is still non-trivial to systematically parse detailed Apache logs and react to potential attacks quickly (e.g., ban/unban offending IP addresses) as they are perpetrated in the wild. That is when `fail2ban` comes to the rescue, making a sysadmin's life easier. + +`fail2ban` is an open-source intrusion prevention tool which detects various attacks based on system logs and automatically initiates prevention actions e.g., banning IP addresses with `iptables`, blocking connections via /etc/hosts.deny, or notifying the events via emails. fail2ban comes with a set of predefined "jails" which use application-specific log filters to detect common attacks. You can also write custom jails to deter any specific attack on an arbitrary application. + +In this tutorial, I am going to demonstrate how you can configure fail2ban to protect your Apache HTTP server. I assume that you have Apache HTTP server and fail2ban already installed. Refer to [another tutorial][1] for fail2ban installation. + +### What is a Fail2ban Jail ### + +Let me go over more detail on fail2ban jails. A jail defines an application-specific policy under which fail2ban triggers an action to protect a given application. fail2ban comes with several jails pre-defined in /etc/fail2ban/jail.conf, for popular applications such as Apache, Dovecot, Lighttpd, MySQL, Postfix, [SSH][2], etc. Each jail relies on application-specific log filters (found in /etc/fail2ban/fileter.d) to detect common attacks. Let's check out one example jail: SSH jail. + + [ssh] + enabled = true + port = ssh + filter = sshd + logpath = /var/log/auth.log + maxretry = 6 + banaction = iptables-multiport + +This SSH jail configuration is defined with several parameters: + +- **[ssh]**: the name of a jail with square brackets. +- **enabled**: whether the jail is activated or not. +- **port**: a port number to protect (either numeric number of well-known name). +- **filter**: a log parsing rule to detect attacks with. +- **logpath**: a log file to examine. +- **maxretry**: maximum number of failures before banning. +- **banaction**: a banning action. + +Any parameter defined in a jail configuration will override a corresponding `fail2ban-wide` default parameter. Conversely, any parameter missing will be assgined a default value defined in [DEFAULT] section. + +Predefined log filters are found in /etc/fail2ban/filter.d, and available actions are in /etc/fail2ban/action.d. + +![](https://farm8.staticflickr.com/7538/16076581722_cbca3c1307_b.jpg) + +If you want to overwrite `fail2ban` defaults or define any custom jail, you can do so by creating **/etc/fail2ban/jail.local** file. In this tutorial, I am going to use /etc/fail2ban/jail.local. + +### Enable Predefined Apache Jails ### + +Default installation of `fail2ban` offers several predefined jails and filters for Apache HTTP server. I am going to enable those built-in Apache jails. Due to slight differences between Debian and Red Hat configurations, let me provide fail2ban jail configurations for them separately. + +#### Enable Apache Jails on Debian or Ubuntu #### + +To enable predefined Apache jails on a Debian-based system, create /etc/fail2ban/jail.local as follows. + + $ sudo vi /etc/fail2ban/jail.local + +---------- + + # detect password authentication failures + [apache] + enabled = true + port = http,https + filter = apache-auth + logpath = /var/log/apache*/*error.log + maxretry = 6 + + # detect potential search for exploits and php vulnerabilities + [apache-noscript] + enabled = true + port = http,https + filter = apache-noscript + logpath = /var/log/apache*/*error.log + maxretry = 6 + + # detect Apache overflow attempts + [apache-overflows] + enabled = true + port = http,https + filter = apache-overflows + logpath = /var/log/apache*/*error.log + maxretry = 2 + + # detect failures to find a home directory on a server + [apache-nohome] + enabled = true + port = http,https + filter = apache-nohome + logpath = /var/log/apache*/*error.log + maxretry = 2 + +Since none of the jails above specifies an action, all of these jails will perform a default action when triggered. To find out the default action, look for "banaction" under [DEFAULT] section in /etc/fail2ban/jail.conf. + + banaction = iptables-multiport + +In this case, the default action is iptables-multiport (defined in /etc/fail2ban/action.d/iptables-multiport.conf). This action bans an IP address using iptables with multiport module. + +After enabling jails, you must restart fail2ban to load the jails. + + $ sudo service fail2ban restart + +#### Enable Apache Jails on CentOS/RHEL or Fedora #### + +To enable predefined Apache jails on a Red Hat based system, create /etc/fail2ban/jail.local as follows. + + $ sudo vi /etc/fail2ban/jail.local + +---------- + + # detect password authentication failures + [apache] + enabled = true + port = http,https + filter = apache-auth + logpath = /var/log/httpd/*error_log + maxretry = 6 + + # detect spammer robots crawling email addresses + [apache-badbots] + enabled = true + port = http,https + filter = apache-badbots + logpath = /var/log/httpd/*access_log + bantime = 172800 + maxretry = 1 + + # detect potential search for exploits and php vulnerabilities + [apache-noscript] + enabled = true + port = http,https + filter = apache-noscript + logpath = /var/log/httpd/*error_log + maxretry = 6 + + # detect Apache overflow attempts + [apache-overflows] + enabled = true + port = http,https + filter = apache-overflows + logpath = /var/log/httpd/*error_log + maxretry = 2 + + # detect failures to find a home directory on a server + [apache-nohome] + enabled = true + port = http,https + filter = apache-nohome + logpath = /var/log/httpd/*error_log + maxretry = 2 + + # detect failures to execute non-existing scripts that + # are associated with several popular web services + # e.g. webmail, phpMyAdmin, WordPress + port = http,https + filter = apache-botsearch + logpath = /var/log/httpd/*error_log + maxretry = 2 + +Note that the default action for all these jails is iptables-multiport (defined as "banaction" under [DEFAULT] in /etc/fail2ban/jail.conf). This action bans an IP address using iptables with multiport module. + +After enabling jails, you must restart fail2ban to load the jails in fail2ban. + +On Fedora or CentOS/RHEL 7: + + $ sudo systemctl restart fail2ban + +On CentOS/RHEL 6: + + $ sudo service fail2ban restart + +### Check and Manage Fail2ban Banning Status ### + +Once jails are activated, you can monitor current banning status with fail2ban-client command-line tool. + +To see a list of active jails: + + $ sudo fail2ban-client status + +To see the status of a particular jail (including banned IP list): + + $ sudo fail2ban-client status [name-of-jail] + +![](https://farm8.staticflickr.com/7572/15891521967_5c6cbc5f8f_c.jpg) + +You can also manually ban or unban IP addresses. + +To ban an IP address with a particular jail: + + $ sudo fail2ban-client set [name-of-jail] banip [ip-address] + +To unban an IP address blocked by a particular jail: + + $ sudo fail2ban-client set [name-of-jail] unbanip [ip-address] + +### Summary ### + +This tutorial explains how a fail2ban jail works and how to protect an Apache HTTP server using built-in Apache jails. Depending on your environments and types of web services you need to protect, you may need to adapt existing jails, or write custom jails and log filters. Check outfail2ban's [official Github page][3] for more up-to-date examples of jails and filters. + +Are you using fail2ban in any production environment? Share your experience. + +-------------------------------------------------------------------------------- + +via: http://xmodulo.com/configure-fail2ban-apache-http-server.html + +作者:[Dan Nanni][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:http://xmodulo.com/author/nanni +[1]:http://xmodulo.com/how-to-protect-ssh-server-from-brute-force-attacks-using-fail2ban.html +[2]:http://xmodulo.com/how-to-protect-ssh-server-from-brute-force-attacks-using-fail2ban.html +[3]:https://github.com/fail2ban/fail2ban \ No newline at end of file diff --git a/sources/tech/20150104 How to debug a C or C++ program with Nemiver debugger.md b/sources/tech/20150104 How to debug a C or C++ program with Nemiver debugger.md new file mode 100644 index 0000000000..cf232b5b7c --- /dev/null +++ b/sources/tech/20150104 How to debug a C or C++ program with Nemiver debugger.md @@ -0,0 +1,109 @@ +How to debug a C/C++ program with Nemiver debugger +================================================================================ +If you read [my post on GDB][1], you know how important and useful a debugger I think can be for a C/C++ program. However, if a command line debugger like GDB sounds more like a problem than a solution to you, you might be more interested in Nemiver. [Nemiver][2] is a GTK+-based standalone graphical debugger for C/C++ programs, using GDB as its back-end. Admirable for its speed and stability, Nemiver is a very reliable debugger filled with goodies. + +### Installation of Nemiver ### + +For Debian based distributions, it should be pretty straightforward: + + $ sudo apt-get install nemiver + +For Arch Linux: + + $ sudo pacman -S nemiver + +For Fedora: + + $ sudo yum install nemiver + +If you prefer compiling yourself, the latest sources are available from [GNOME website][3]. + +As a bonus, it integrates very well with the GNOME environment. + +### Basic Usage of Nemiver ### + +Start Nemiver with the command: + + $ nemiver + +You can also summon it with an executable with: + + $ nemiver [path to executable to debug] + +Note that Nemiver will be much more helpful if the executable is compiled in debug mode (the -g flag with GCC). + +A good thing is that Nemiver is really fast to load, so you should instantly see the main screen in the default layout. + +![](https://farm9.staticflickr.com/8679/15535277554_d320f6692c_c.jpg) + +By default, a breakpoint has been placed in the first line of the main function. This gives you the time to recognize the basic debugger functions: + +![](https://farm9.staticflickr.com/8669/16131832596_bc68ae18a8_o.jpg) + +- Next line (mapped to F6) +- Step inside a function (F7) +- Step out of a function (Shift+F7) + +But maybe my personal favorite is the option "Run to cursor" which makes the program run until a precise line under your cursor, and is by default mapped to F11. + +Next, the breakpoints are also easy to use. The quick way to lay a breakpoint at a line is using F8. But Nemiver also has a more complex menu under "Debug" which allows you to set up a breakpoint at a particular function, line number, location of binary file, or even at an event like an exception, a fork, or an exec. + +![](https://farm8.staticflickr.com/7579/16157622315_d680a63896_z.jpg) + +You can also watch a variable by tracking it. In "Debug" you can inspect an expression by giving its name and examining it. It is then possible to add it to the list of controlled variable for easy access. This is probably one of the most useful aspects as I have never been a huge fan of hovering over a variable to get its value. Note that hovering does work though. And to make it even better, Nemiver is capable of watching a struct, and giving you the values of all the member variables. + +![](https://farm8.staticflickr.com/7465/15970310470_7ed020c613.jpg) + +Talking about easy access to information, I also really appreciate the layout of the program. By default, the code is in the upper half and the tabs in the lower part. This grants you access to a terminal for output, a context tracker, a breakpoints list, register addresses, memory map, and variable control. But note that under "Edit" "Preferences" "Layout" you can select different layouts, including a dynamic one for you to modify. + +![](https://farm9.staticflickr.com/8606/15971551549_00e4cdd32e_c.jpg) + +![](https://farm8.staticflickr.com/7525/15535277594_026fef17c1_z.jpg) + +And naturally, once you set up all your breakpoints, watch-points, and layout, you can save your session under “File” for easy retrieval in case you close Nemiver. + +### Advanced Usage of Nemiver ### + +So far, we talked about the basic features of Nemiver, i.e., what you need to get started and debug simple programs immediately. If you have more advanced needs, and especially more complex programs, you might be more interested in some of these features mentioned here. + +#### Debugging a running process #### + +Nemiver allows you to attach to a running process for debugging. Under the "File" menu, you can filter the list of running processes, and connect to a process. + +![](https://farm9.staticflickr.com/8593/16155720571_00e4cdd32e_z.jpg) + +#### Debugging a program remotely over a TCP connection #### + +Nemiver supports remote-debugging, where you set up a lightweight debug server on a remote machine, and launch Nemiver from another machine to debug a remote target hosted by the debug server. Remote debugging can be useful if you cannot run full-fledged Nemiver or GDB on the remote machine for some reason. Under the "File" menu, specify the binary, shared library location, and the address and port. + +![](https://farm8.staticflickr.com/7469/16131832746_c47dee4ef1.jpg) + +#### Using your own GDB binary to debug #### + +In case you compiled Nemiver yourself, you can specify a new location for GDB under "Edit" "Preferences" "Debug". This option can be useful if you want to use a custom version of GDB in Nemiver for some reason. + +#### Follow a child or parent process #### + +Nemiver is capable of following a child or parent process in case your program forks. To enable this feature, go to "Preferences" under "Debugger" tab. + +![](https://farm8.staticflickr.com/7512/16131832716_5724ff434c_z.jpg) + +To conclude, Nemiver is probably my favorite program for debugging without an IDE. It even beats GDB in my opinion, and [command line][4] programs generally have a good grip on me. So if you have never used it, I really recommend it. I can only congratulate the team behind it for giving us such a reliable and stable program. + +What do you think of Nemiver? Would you consider it for standalone debugging? Or do you still stick to an IDE? Let us know in the comments. + +-------------------------------------------------------------------------------- + +via: http://xmodulo.com/debug-program-nemiver-debugger.html + +作者:[Adrien Brochard][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:http://xmodulo.com/author/adrien +[1]:http://xmodulo.com/gdb-command-line-debugger.html +[2]:https://wiki.gnome.org/Apps/Nemiver +[3]:https://download.gnome.org/sources/nemiver/0.9/ +[4]:http://xmodulo.com/recommend/linuxclibook \ No newline at end of file diff --git a/sources/tech/20150104 How to set up a cross-platform backup server on Linux with BackupPC.md b/sources/tech/20150104 How to set up a cross-platform backup server on Linux with BackupPC.md new file mode 100644 index 0000000000..48df08fa3b --- /dev/null +++ b/sources/tech/20150104 How to set up a cross-platform backup server on Linux with BackupPC.md @@ -0,0 +1,134 @@ +How to set up a cross-platform backup server on Linux with BackupPC +================================================================================ +Just in case you haven't been able to tell from my earlier posts on [backupninja][1] and [backup-manager][2], I am a big backup fan. When it comes to backup, I'd rather have too much than not enough, because if the need arises, you will be grateful that you took the time and effort to generate extra copies of your important data. + +In this post, I will introduce you to [BackupPC][3], a cross-platform backup server software which can perform pull backup of Linux, Windows and MacOS client hosts over network. BackupPC adds a number of features that make managing backups an almost fun thing to do. + +### Features of BackupPC ### + +BackupPC comes with a robust web interface that allows you to collect and manage backups of other remote client hosts in a centralized fashion. Using the web interface, you can examine logs and configuration files, start/cancel/schedule backups of other remote hosts, and visualize current status of backup tasks. You can also browse through archived files and restore individual files or entire jobs from backup archives very easily. To restore individual single files, you can download them from any previous backup directly from the web interface. As if this weren't enough, no special client-side software is needed for client hosts. On Windows clients, the native SMB protocol is used, whereas on *nix clients, you will use `rsync` or tar over SSH, RSH or NFS. + +### Installing BackupPC ### + +On Debian, Ubuntu and their derivatives, run the following command. + + # aptitude install backuppc + +On Fedora, use `yum` command. Note the case sensitive package name. + +On CentOS/RHEL 6, first enable [EPEL repository][4]. On CentOS/RHEL 7, enable [Nux Dextop][5] repository instead. Then go ahead with `yum` command: + + # yum install BackupPC + +As usual, both package management systems will take care of dependency resolution automatically. In addition, as part of the installation process, you may be asked to configure, or reconfigure the web server that will be used for the graphical user interface. The following screenshot is from a Debian system: + +![](https://farm8.staticflickr.com/7573/16163781711_6218b620ef_c.jpg) + +Select your choice by pressing the space bar, and then move to Ok with the tab key and hit ENTER. + +You will then be presented with the following screen informing you that an administrative user account 'backuppc', along with its corresponding password (which can be changed later if desired), has been created to manage BackupPC. Note that both a HTTP user account and a regular Linux account of the same name 'backuppc' will be created with an identical password. The former is needed to access BackupPC's protected web interface, while the latter is needed to perform backup using rsync over SSH. + +![](https://farm8.staticflickr.com/7579/15979622809_25e734658d_c.jpg) + +You can change the default password for the HTTP user 'backuppc' with the following command: + + # htpasswd /path/to/hash/file backuppc + +As for a regular 'backuppc' [Linux][6] user account, use passwd command to change its default password. + + # passwd backuppc + +Note that the installation process creates the web and the program's configuration files automatically. + +### Launching BackupPC and Configuring Backups ### + +To start, open a browser window and point to http:///backuppc/. When prompted, enter the default HTTP user credentials that were supplied to you earlier. If the authentication succeeds, you will be taken to the main page of the web interface. + +![](https://farm9.staticflickr.com/8601/15543330314_f6fdaa235e_z.jpg) + +Most likely the first thing that you will want to do is add a new client host to back up. Go to "Edit Hosts" in the Task pane. We will add two client hosts: + +- Host #1: CentOS 7 [IP 192.168.0.17] +- Host #2: Windows 7 [IP 192.168.0.103] + +We will back up the CentOS host using rsync over SSH and the Windows host using SMB. Prior to performing the backup, we need to set up [key-based authentication][7] to our CentOS host and a shared folder in our Windows machine. + +Here are the instructions for setting up key-based authentication for a remote CentOS host. We create the 'backuppc' user's RSA key pair, and transfer its public key to the root account of the CentOS host. + + # usermod -s /bin/bash backuppc + # su - backuppc + # ssh-keygen -t rsa + # ssh-copy-id root@192.168.0.17 + +When prompted, type yes and enter root's password for 192.168.0.17. + +![](https://farm8.staticflickr.com/7496/16164929932_8fc817125d_b.jpg) + +You will need root access for a remote CentOS host to grant write access to all its file system in case of restoring a backup of files or directories owned by root. + +Once the CentOS and Windows hosts are ready, add them to BackupPC using the web interface: + +![](https://farm9.staticflickr.com/8586/15979622709_76c2dcf68c_z.jpg) + +The next step consists of modifying each host's backup settings: + +![](https://farm8.staticflickr.com/7461/16163781611_765c147f9f_z.jpg) + +The following image shows the configuration for the backup of the Windows machine: + +![](https://farm8.staticflickr.com/7480/16139884676_bddfafed75_z.jpg) + +And the following screenshot shows the settings for the backup of the CentOS box: + +![](https://farm8.staticflickr.com/7557/16139884666_34ff8fd858_z.jpg) + +### Starting a Backup ### + +To start each backup, go to each host's settings, and then click "Start Full Backup": + +![](https://farm8.staticflickr.com/7536/15978247428_458c023f4c.jpg) + +At any time, you can view the status of the process by clicking on the host's home as shown in the image above. If it fails for some reason, a link to a page with the error message(s) will appear in the host menu as well. When a backup completes successfully, a directory with the host's name or IP address is created under /var/lib/backuppc/pc in the server: + +![](https://farm8.staticflickr.com/7549/16165680115_196ee42a49_z.jpg) + +Feel free to browse those directories for the files from the command line, but there is an easier way to look for those files and restore them. + +### Restoring Backup ### + +To view the files that have been saved, go to "Browse backups" under each host's main menu. You can visualize the directories and files at a glance, and select those that you want to restore. Alternatively, you can click on files to open them with the default program, or right click and choose Save link as to download it to the machine where you're working at the time: + +![](https://farm8.staticflickr.com/7506/16165680105_bd5883e0da_c.jpg) + +If you want, you can download a zip or tar file containing the backup's contents: + +![](https://farm8.staticflickr.com/7507/15978247398_18e81667cd_z.jpg) + +or just restore the file(s): + +![](https://farm8.staticflickr.com/7545/15545911003_2aca8a36fc_z.jpg) + +### Conclusion ### + +There is a saying that goes, "the simpler, the better", and that is just what BackupPC has to offer. In BackupPC, you will not only find a backup tool but also a very versatile interface to manage your backups of several operating systems without needing any client-side application. I believe that's more than reason enough for you to give it at least a try. + +Feel free to leave your comments and questions, if you have any, using the form below. I am always happy to hear what readers have to say! + +-------------------------------------------------------------------------------- + +via: http://xmodulo.com/backuppc-cross-platform-backup-server-linux.html + +作者:[Gabriel Cánepa][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:http://xmodulo.com/author/gabriel +[1]:http://xmodulo.com/backup-debian-system-backupninja.html +[2]:http://xmodulo.com/linux-backup-manager.html +[3]:http://backuppc.sourceforge.net/ +[4]:http://xmodulo.com/how-to-set-up-epel-repository-on-centos.html +[5]:http://ask.xmodulo.com/enable-nux-dextop-repository-centos-rhel.html +[6]:http://xmodulo.com/recommend/linuxguide +[7]:http://xmodulo.com/how-to-enable-ssh-login-without.html \ No newline at end of file From acf066d9638e6dc9d31eb3fdb30a713ce1d3aa0b Mon Sep 17 00:00:00 2001 From: liaoishere Date: Sun, 4 Jan 2015 17:36:56 +0800 Subject: [PATCH 56/98] [translated] 20141027 ntpq -p output --- sources/tech/20141027 ntpq -p output.md | 302 --------------------- translated/tech/20141027 ntpq -p output.md | 298 ++++++++++++++++++++ 2 files changed, 298 insertions(+), 302 deletions(-) delete mode 100644 sources/tech/20141027 ntpq -p output.md create mode 100644 translated/tech/20141027 ntpq -p output.md diff --git a/sources/tech/20141027 ntpq -p output.md b/sources/tech/20141027 ntpq -p output.md deleted file mode 100644 index 8a391bcb99..0000000000 --- a/sources/tech/20141027 ntpq -p output.md +++ /dev/null @@ -1,302 +0,0 @@ -liaosishere translating .. -“ntpq -p” output -================================================================================ -The [Gentoo][1] (and others?) [incomplete man pages for “ntpq -p”][2] merely give the description: “*Print a list of the peers known to the server as well as a summary of their state.*” - -I had not seen this documented, hence here is a summary that can be used in addition to the brief version of the man page “[man ntpq][3]“. More complete details are given on: “[ntpq – standard NTP query program][4]” (source author), and [other examples of the man ntpq pages][5]. - -[NTP][6] is a protocol designed to synchronize the clocks of computers over a ([WAN][7] or [LAN][8]) [udp][9] network. From [Wikipedia – NTP][10]: - -> The Network Time Protocol (NTP) is a protocol and software implementation for synchronizing the clocks of computer systems over packet-switched, variable-latency data networks. Originally designed by David L. Mills of the University of Delaware and still maintained by him and a team of volunteers, it was first used before 1985 and is one of the oldest Internet protocols. - -For an awful lot more than you might ever want to know about time and NTP, see “[The NTP FAQ, Time, what Time?][11]” and the current [RFCs for NTP][12]. The earlier “Network Time Protocol (Version 3) RFC” ([txt][13], or [pdf][14], Appendix E, The NTP Timescale and its Chronometry, p70) includes an interesting explanation of the changes in, and relations between, our timekeeping systems over the past 5000 years or so. Wikipedia gives a broader view in the articles [Time][15] and [Calendar][16]. - -The command “ntpq -p” outputs a table such as for example: - - remote refid st t when poll reach delay offset jitter - ============================================================================== - LOCAL(0) .LOCL. 10 l 96h 64 0 0.000 0.000 0.000 - *ns2.example.com 10.193.2.20 2 u 936 1024 377 31.234 3.353 3.096 - -### Further detail: ### - -#### Table headings: #### - - -- **remote** – The remote peer or server being synced to. “LOCAL” is this local host (included in case there are no remote peers or servers available); -- **refid** – Where or what the remote peer or server is itself synchronised to; -- **st** – The remote peer or server [Stratum][17] -- **t** – Type (u: [unicast][18] or [manycast][19] client, b: [broadcast][20] or [multicast][21] client, l: local reference clock, s: symmetric peer, A: manycast server, B: broadcast server, M: multicast server, see “[Automatic Server Discovery][22]“); -- **when** – When last polled (seconds ago, “h” hours ago, or “d” days ago); -- **poll** – Polling frequency: [rfc5905][23] suggests this ranges in NTPv4 from 4 (16s) to 17 (36h) (log2 seconds), however observation suggests the actual displayed value is seconds for a much smaller range of 64 (26) to 1024 (210) seconds; -- **reach** – An 8-bit left-shift shift register value recording polls (bit set = successful, bit reset = fail) displayed in [octal][24]; -- **delay** – Round trip communication delay to the remote peer or server (milliseconds); -- **offset** – Mean offset (phase) in the times reported between this local host and the remote peer or server ([RMS][25], milliseconds); -- **jitter** – Mean deviation (jitter) in the time reported for that remote peer or server (RMS of difference of multiple time samples, milliseconds); - -#### Select Field tally code: #### - -The first character displayed in the table (Select Field tally code) is a state flag (see [Peer Status Word][26]) that follows the sequence ” “, “x”, “-“, “#”, “+”, “*”, “o”: - - -- ”** **” – No state indicated for: - - non-communicating remote machines, - - “LOCAL” for this local host, - - (unutilised) high stratum servers, - - remote machines that are themselves using this host as their synchronisation reference; -- “**x**” – Out of tolerance, do not use (discarded by intersection algorithm); -- “**-**” – Out of tolerance, do not use (discarded by the cluster algorithm); -- “**#**” – Good remote peer or server but not utilised (not among the first six peers sorted by synchronization distance, ready as a backup source); -- “**+**” – Good and a preferred remote peer or server (included by the combine algorithm); -- “*****” – The remote peer or server presently used as the primary reference; -- “**o**” – PPS peer (when the prefer peer is valid). The actual system synchronization is derived from a pulse-per-second (PPS) signal, either indirectly via the PPS reference clock driver or directly via kernel interface. - -See the [Clock Select Algorithm][27]. - -#### “refid”: #### - -The **refid** can have the status values: - - -- An IP address – The [IP address][28] of a remote peer or server; -- **.LOCL.** – This local host (a place marker at the lowest stratum included in case there are no remote peers or servers available); -- **.PPS.** – “[Pulse Per Second][29]” from a time standard; -- **.IRIG.** – [Inter-Range Instrumentation Group][30] time code; -- **.ACTS.** – American [NIST time standard][31] telephone modem; -- **.NIST.** – American NIST time standard telephone modem; -- **.PTB.** – German [PTB][32] time standard telephone modem; -- **.USNO.** – American [USNO time standard][33] telephone modem; -- **.CHU.** – [CHU][34] ([HF][35], Ottawa, ON, Canada) time standard radio receiver; -- **.DCFa.** – [DCF77][36] ([LF][37], Mainflingen, Germany) time standard radio receiver; -- **.HBG.** – [HBG][38] (LF Prangins, Switzerland) time standard radio receiver; -- **.JJY.** – [JJY][39] (LF Fukushima, Japan) time standard radio receiver; -- **.LORC.** – [LORAN][40]-C station ([MF][41]) time standard radio receiver. Note, [no longer operational][42] (superseded by [eLORAN][43]); -- **.MSF.** – [MSF][44] (LF, Anthorn, Great Britain) time standard radio receiver; -- **.TDF.** – [TDF][45] (MF, Allouis, France) time standard radio receiver; -- **.WWV.** – [WWV][46] (HF, Ft. Collins, CO, America) time standard radio receiver; -- **.WWVB.** – [WWVB][47] (LF, Ft. Collins, CO, America) time standard radio receiver; -- **.WWVH.** – [WWVH][48] (HF, Kauai, HI, America) time standard radio receiver; -- **.GOES.** – American [Geosynchronous Orbit Environment Satellite][49]; -- **.GPS.** – American [GPS][50]; -- **.GAL.** – [Galileo][51] European [GNSS][52]; -- **.ACST.** – manycast server; -- **.AUTH.** – authentication error; -- **.AUTO.** – Autokey sequence error; -- **.BCST.** – broadcast server; -- **.CRYPT.** – Autokey protocol error; -- **.DENY.** – access denied by server; -- **.INIT.** – association initialized; -- **.MCST.** – multicast server; -- **.RATE.** – (polling) rate exceeded; -- **.TIME.** – association timeout; -- **.STEP.** – step time change, the offset is less than the panic threshold (1000ms) but greater than the step threshold (125ms). - -#### Operation notes #### - -A time server will report time information with no time updates from clients (unidirectional updates), whereas a peer can update fellow participating peers to converge upon a mutually agreed time (bidirectional updates). - -During [initial startup][53]: - -> Unless using the iburst option, the client normally takes a few minutes to synchronize to a server. If the client time at startup happens to be more than 1000s distant from NTP time, the daemon exits with a message to the system log directing the operator to manually set the time within 1000s and restart. If the time is less than 1000s but more than 128s distant, a step correction occurs and the daemon restarts automatically. - -> When started for the first time and a frequency file is not present, the daemon enters a special mode in order to calibrate the frequency. This takes 900s during which the time is not [disciplined][54]. When calibration is complete, the daemon creates the frequency file and enters normal mode to amortize whatever residual offset remains. - -Stratum 0 devices are such as atomic (caesium, rubidium) clocks, GPS clocks, or other time standard radio clocks providing a time signal to the Stratum 1 time servers. NTP reports [UTC][55] (Coordinated Universal Time) only. Client programs/utilities then use [time zone][56] data to report local time from the synchronised UTC. - -The protocol is highly accurate, using a resolution of less than a nanosecond (about 2-32 seconds). The time resolution achieved and other parameters for a host (host hardware and operating system limited) is reported by the command “ntpq -c rl” (see [rfc1305][57] Common Variables and [rfc5905][58]). - -#### “ntpq -c rl” output parameters: #### - -- **precision** is rounded to give the next larger integer power of two. The achieved resolution is thus 2precision (seconds) -- **rootdelay** – total roundtrip delay to the primary reference source at the root of the synchronization subnet. Note that this variable can take on both positive and negative values, depending on clock precision and skew (seconds) -- **rootdisp** – maximum error relative to the primary reference source at the root of the synchronization subnet (seconds) -- **tc** – NTP algorithm [PLL][59] (phase locked loop) or [FLL][60] (frequency locked loop) time constant (log2) -- **mintc** – NTP algorithm PLL/FLL minimum time constant or ‘fastest response’ (log2) -- **offset** – best and final offset determined by the combine algorithm used to discipline the system clock (ms) -- **frequency** – system clock period (log2 seconds) -- **sys_jitter** – best and final jitter determined by the combine algorithm used to discipline the system clock (ms) -- **clk_jitter** – host hardware(?) system clock jitter (ms) -- **clk_wander** – host hardware(?) system clock wander ([PPM][61] – parts per million) - -Jitter (also called timing jitter) refers to short-term variations in frequency with components greater than 10Hz, while wander refers to long-term variations in frequency with components less than 10Hz. (Stability refers to the systematic variation of frequency with time and is synonymous with aging, drift, trends, etc.) - -#### Operation notes (continued) #### - -The NTP software maintains a continuously updated drift correction. For a correctly configured and stable system, a reasonable expectation for modern hardware synchronising over an uncongested internet connection is for network client devices to be synchronised to within a few milliseconds of UTC at the time of synchronising to the NTP service. (What accuracy can be expected between peers on an uncongested Gigabit LAN?) - -Note that for UTC, a [leap second][62] can be inserted into the reported time up to twice a year to allow for variations in the Earth’s rotation. Also beware of the one hour time shifts for when local times are reported for “[daylight savings][63]” times. Also, the clock for a client device will run independently of UTC until resynchronised oncemore, unless that device is calibrated or a drift correction is applied. - -#### [What happens during a Leap Second?][64] #### - -> During a leap second, either one second is removed from the current day, or a second is added. In both cases this happens at the end of the UTC day. If a leap second is inserted, the time in UTC is specified as 23:59:60. In other words, it takes two seconds from 23:59:59 to 0:00:00 instead of one. If a leap second is deleted, time will jump from 23:59:58 to 0:00:00 in one second instead of two. See also [The Kernel Discipline][65]. - -So… What actually is the value for the step threshold: 125ms or 128ms? And what are the PLL/FLL tc units (log2 s? ms?)? And what accuracy can be expected between peers on an uncongested Gigabit LAN? - - - -Thanks for comments from Camilo M and Chris B. Corrections and further details welcomed. - -Cheers, -Martin - -### Apocrypha: ### - -- The [epoch for NTP][66] starts in year 1900 while the epoch in UNIX starts in 1970. -- [Time corrections][67] are applied gradually, so it may take up to three hours until the frequency error is compensated. -- [Peerstats and loopstats][68] can be logged to [summarise/plot time offsets and errors][69] -- [RMS][70] – Root Mean Square -- [PLL][71] – Phase locked loop -- [FLL][72] – Frequency locked loop -- [PPM][73] – Parts per million, used here to describe rate of time drift -- [man ntpq (Gentoo brief version)][74] -- [man ntpq (long version)][75] -- [man ntpq (Gentoo long version)][76] - -### See: ### - -- [ntpq – standard NTP query program][77] -- [The Network Time Protocol (NTP) Distribution][78] -- A very brief [history][79] of NTP -- A more detailed brief history: “Mills, D.L., A brief history of NTP time: confessions of an Internet timekeeper. Submitted for publication; please do not cite or redistribute” ([pdf][80]) -- [NTP RFC][81] standards documents -- Network Time Protocol (Version 3) RFC – [txt][82], or [pdf][83]. Appendix E, The NTP Timescale and its Chronometry, p70, includes an interesting explanation of the changes in, and relations between, our timekeeping systems over the past 5000 years or so -- Wikipedia: [Time][84] and [Calendar][85] -- [John Harrison and the Longitude problem][86] -- [Clock of the Long Now][87] – The 10,000 Year Clock -- John C Taylor – [Chronophage][88] -- [Orders of magnitude of time][89] -- The [Greenwich Time Signal][90] - -### Others: ### - -SNTP (Simple Network Time Protocol, [RFC 4330][91]) is basically also NTP, but lacks some internal algorithms for servers where the ultimate performance of a full NTP implementation based on [RFC 1305][92] is neither needed nor justified. - -The W32Time [Windows Time Service][93] is a non-standard implementation of SNTP, with no accuracy guarantees, and an assumed accuracy of no better than about a 1 to 2 second range. (Is that due to there being no system clock drift correction and a time update applied only once every 24 hours assumed for a [PC][94] with typical clock drift?) - -There is also the [PTP (IEEE 1588)][95] Precision Time Protocol. See Wikipedia: [Precision Time Protocol][96]. A software demon is [PTPd][97]. The significant features are that it is intended as a [LAN][98] high precision master-slave synchronisation system synchronising at the microsecond scale to a master clock for [International Atomic Time][99] (TAI, [monotonic][100], no leap seconds). Data packet timestamping can be appended by hardware at the physical layer by a network interface card or switch for example. Network kit supporting PTP can timestamp data packets in and out in a way that removes the delay effect of processing within the switch/router. You can run PTP without hardware timestamping but it might not synchronise if the time errors introduced are too great. Also it will struggle to work through a router (large delays) for the same reason. - -### Older time synchronization protocols: ### - -- DTSS – Digital Time Synchronisation Service by Digital Equipment Corporation, superseded by NTP. See an example of [DTSS VMS C code c2000][101]. (Any DTSS articles/documentation anywhere?) -- [DAYTIME protocol][102], synchronization protocol using [TCP][103] or [UDP][104] port 13 -- [ICMP Timestamp][105] and [ICMP Timestamp Reply][106], synchronization protocol using [ICMP][107] -- [Time Protocol][108], synchronization protocol using TCP or UDP port 37 - --------------------------------------------------------------------------------- - -via: http://nlug.ml1.co.uk/2012/01/ntpq-p-output/831 - -作者:Martin L -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 - -[1]:http://www.gentoo.org/ -[2]:http://nlug.ml1.co.uk/2012/01/man-ntpq-gentoo-brief-version/853 -[3]:http://www.thelinuxblog.com/linux-man-pages/1/ntpq -[4]:http://www.eecis.udel.edu/~mills/ntp/html/ntpq.html -[5]:http://linux.die.net/man/8/ntpq -[6]:http://www.ntp.org/ -[7]:http://en.wikipedia.org/wiki/Wide_area_network -[8]:http://en.wikipedia.org/wiki/Local_area_network -[9]:http://en.wikipedia.org/wiki/User_Datagram_Protocol -[10]:http://en.wikipedia.org/wiki/Network_Time_Protocol -[11]:http://www.ntp.org/ntpfaq/NTP-s-time.htm -[12]:http://www.ntp.org/rfc.html -[13]:http://www.ietf.org/rfc/rfc1305.txt -[14]:http://www.rfc-editor.org/rfc/rfc1305.pdf -[15]:http://en.wikipedia.org/wiki/Time -[16]:http://en.wikipedia.org/wiki/Calendar -[17]:http://en.wikipedia.org/wiki/Network_Time_Protocol#Clock_strata -[18]:http://en.wikipedia.org/wiki/Unicast -[19]:http://www.eecis.udel.edu/~mills/ntp/html/manyopt.html#mcst -[20]:http://en.wikipedia.org/wiki/Broadcasting_%28computing%29 -[21]:http://en.wikipedia.org/wiki/Multicast -[22]:http://www.eecis.udel.edu/~mills/ntp/html/manyopt.html -[23]:http://www.ietf.org/rfc/rfc5905.txt -[24]:http://en.wikipedia.org/wiki/Octal#In_computers -[25]:http://en.wikipedia.org/wiki/Root_mean_square -[26]:http://www.eecis.udel.edu/~mills/ntp/html/decode.html#peer -[27]:http://www.eecis.udel.edu/~mills/ntp/html/select.html -[28]:http://en.wikipedia.org/wiki/Ip_address -[29]:http://en.wikipedia.org/wiki/Pulse_per_second -[30]:http://en.wikipedia.org/wiki/Inter-Range_Instrumentation_Group -[31]:http://en.wikipedia.org/wiki/Standard_time_and_frequency_signal_service -[32]:http://www.ptb.de/index_en.html -[33]:http://en.wikipedia.org/wiki/United_States_Naval_Observatory#Time_service -[34]:http://en.wikipedia.org/wiki/CHU_%28radio_station%29 -[35]:http://en.wikipedia.org/wiki/High_frequency -[36]:http://en.wikipedia.org/wiki/DCF77 -[37]:http://en.wikipedia.org/wiki/Low_frequency -[38]:http://en.wikipedia.org/wiki/HBG_%28time_signal%29 -[39]:http://en.wikipedia.org/wiki/JJY#Time_standards -[40]:http://en.wikipedia.org/wiki/LORAN#Timing_and_synchronization -[41]:http://en.wikipedia.org/wiki/Medium_frequency -[42]:http://en.wikipedia.org/wiki/LORAN#The_future_of_LORAN -[43]:http://en.wikipedia.org/wiki/LORAN#eLORAN -[44]:http://en.wikipedia.org/wiki/Time_from_NPL#The_.27MSF_signal.27_and_the_.27Rugby_clock.27 -[45]:http://en.wikipedia.org/wiki/T%C3%A9l%C3%A9_Distribution_Fran%C3%A7aise -[46]:http://en.wikipedia.org/wiki/WWV_%28radio_station%29#Time_signals -[47]:http://en.wikipedia.org/wiki/WWVB -[48]:http://en.wikipedia.org/wiki/WWVH -[49]:http://en.wikipedia.org/wiki/GOES#Further_reading -[50]:http://en.wikipedia.org/wiki/Gps#Timekeeping -[51]:http://en.wikipedia.org/wiki/Galileo_%28satellite_navigation%29#The_concept -[52]:http://en.wikipedia.org/wiki/Gnss -[53]:http://www.eecis.udel.edu/~mills/ntp/html/debug.html -[54]:http://www.ntp.org/ntpfaq/NTP-s-algo-kernel.htm -[55]:http://en.wikipedia.org/wiki/Coordinated_Universal_Time -[56]:http://en.wikipedia.org/wiki/Time_zone -[57]:http://www.ietf.org/rfc/rfc1305.txt -[58]:http://www.ietf.org/rfc/rfc5905.txt -[59]:http://en.wikipedia.org/wiki/PLL -[60]:http://en.wikipedia.org/wiki/Frequency-locked_loop -[61]:http://en.wikipedia.org/wiki/Parts_per_million -[62]:http://en.wikipedia.org/wiki/Leap_second -[63]:http://en.wikipedia.org/wiki/Daylight_saving_time -[64]:http://www.ntp.org/ntpfaq/NTP-s-time.htm#Q-TIME-LEAP-SECOND -[65]:http://www.ntp.org/ntpfaq/NTP-s-algo-kernel.htm -[66]:http://www.ntp.org/ntpfaq/NTP-s-algo.htm#AEN1895 -[67]:http://www.ntp.org/ntpfaq/NTP-s-algo.htm#Q-ACCURATE-CLOCK -[68]:http://www.ntp.org/ntpfaq/NTP-s-trouble.htm#Q-TRB-MON-STATFIL -[69]:http://www.ntp.org/ntpfaq/NTP-s-trouble.htm#AEN5086 -[70]:http://en.wikipedia.org/wiki/Root_mean_square -[71]:http://en.wikipedia.org/wiki/PLL -[72]:http://en.wikipedia.org/wiki/Frequency-locked_loop -[73]:http://en.wikipedia.org/wiki/Parts_per_million -[74]:http://nlug.ml1.co.uk/2012/01/man-ntpq-gentoo-brief-version/853 -[75]:http://nlug.ml1.co.uk/2012/01/man-ntpq-long-version/855 -[76]:http://nlug.ml1.co.uk/2012/01/man-ntpq-gentoo-long-version/856 -[77]:http://www.eecis.udel.edu/~mills/ntp/html/ntpq.html -[78]:http://www.eecis.udel.edu/~mills/ntp/html/index.html -[79]:http://www.ntp.org/ntpfaq/NTP-s-def-hist.htm -[80]:http://www.eecis.udel.edu/~mills/database/papers/history.pdf -[81]:http://www.ntp.org/rfc.html -[82]:http://www.ietf.org/rfc/rfc1305.txt -[83]:http://www.rfc-editor.org/rfc/rfc1305.pdf -[84]:http://en.wikipedia.org/wiki/Time -[85]:http://en.wikipedia.org/wiki/Calendar -[86]:http://www.rmg.co.uk/harrison -[87]:http://longnow.org/clock/ -[88]:http://johnctaylor.com/ -[89]:http://en.wikipedia.org/wiki/Orders_of_magnitude_%28time%29 -[90]:http://en.wikipedia.org/wiki/Greenwich_Time_Signal -[91]:http://tools.ietf.org/html/rfc4330 -[92]:http://tools.ietf.org/html/rfc1305 -[93]:http://en.wikipedia.org/wiki/Network_Time_Protocol#Microsoft_Windows -[94]:http://en.wikipedia.org/wiki/Personal_computer -[95]:http://www.nist.gov/el/isd/ieee/ieee1588.cfm -[96]:http://en.wikipedia.org/wiki/IEEE_1588 -[97]:http://ptpd.sourceforge.net/ -[98]:http://en.wikipedia.org/wiki/Local_area_network -[99]:http://en.wikipedia.org/wiki/International_Atomic_Time -[100]:http://en.wikipedia.org/wiki/Monotonic_function -[101]:http://antinode.info/ftp/dtss_ntp/ -[102]:http://en.wikipedia.org/wiki/DAYTIME -[103]:http://en.wikipedia.org/wiki/Transmission_Control_Protocol -[104]:http://en.wikipedia.org/wiki/User_Datagram_Protocol -[105]:http://en.wikipedia.org/wiki/ICMP_Timestamp -[106]:http://en.wikipedia.org/wiki/ICMP_Timestamp_Reply -[107]:http://en.wikipedia.org/wiki/Internet_Control_Message_Protocol -[108]:http://en.wikipedia.org/wiki/Time_Protocol diff --git a/translated/tech/20141027 ntpq -p output.md b/translated/tech/20141027 ntpq -p output.md new file mode 100644 index 0000000000..955b010cdc --- /dev/null +++ b/translated/tech/20141027 ntpq -p output.md @@ -0,0 +1,298 @@ +“ntpq -p”命令输出详解 +================================================================================ +[Gentoo][1](也许其他发行版也是?)中 ["ntp -q" 的 man page][2] 只有简短的描述:“*打印出服务器已知的节点列表和它们的状态概要信息。*” + +我还没见到关于这个命令的说明文档,因此这里对此作一个总结,可以补充进 "[man ntpq][3]" man page 中。更多的细节见这里 “[ntpq – standard NTP query program][4]”(原作者),和 [其他关于 man ntpq 的例子][5]. + +[NTP][6] 是一个设计用于通过 [udp][9] 网络 ([WAN][7] 或者 [LAN][8]) 来同步计算机时钟的协议。引用 [Wikipedia – NTP][10]: +[NTP][6] is a protocol designed to synchronize the clocks of computers over a ([WAN][7] or [LAN][8]) [udp][9] network. From [Wikipedia – NTP][10]: + +> 网络时间协议(英语:Network Time Protocol,NTP)一种协议和软件实现,用于通过使用有网络延迟的报文交换网络同步计算机系统间的时钟。最初由美国特拉华大学的 David L. Mills 设计,现在仍然由他和志愿者小组维护,它于 1985 年之前开始使用,是因特网中最老的协议之一。 + +想了解更多有关时间和 NTP 协议的知识,可以参考 “[The NTP FAQ, Time, what Time?][11]”和 [RFCs for NTP][12]。早期的“Network Time Protocol (Version 3) RFC” ([txt][13], or [pdf][14], Appendix E, The NTP Timescale and its Chronometry, p70) 包含了对过去 5000 年我们的计时系统的变化和关系的有趣解释。维基百科的文章 [Time][15] 和 [Calendar][16] 提供了更宏观的视角。 + +命令 "ntpq -q" 输出下面这样的一个表: + + remote refid st t when poll reach delay offset jitter + ============================================================================== + LOCAL(0) .LOCL. 10 l 96h 64 0 0.000 0.000 0.000 + *ns2.example.com 10.193.2.20 2 u 936 1024 377 31.234 3.353 3.096 + +### 更多细节 ### + +#### 表头 #### + + +- **remote** – 用于同步的远程节点或服务器。“LOCAL”表示本机 (当没有远程服务器可用时会出现) +- **refid** – 远程的服务器进行同步的更高一级服务器 +- **st** – 远程节点或服务器的 [Stratum][17](级别,NTP 时间同步是分层的) +- **t** – 类型 (u: [unicast(单播)][18] 或 [manycast(选播)][19] 客户端, b: [broadcast(广播)][20] 或 [multicast(多播)][21] 客户端, l: 本地时钟, s: 对称节点(用于备份), A: 选播服务器, B: 广播服务器, M: 多播服务器, 参见“[Automatic Server Discovery][22]“) +- **when** – 最后一次同步到现在的时间 (默认单位为秒, “h”表示小时,“d”表示天) +- **poll** – 同步的频率:[rfc5905][23]建议在 NTPv4 中这个值的范围在 4 (16s) 至 17 (36h) 之间(2的指数次秒),然而观察发现这个值的实际大小在一个小的多的范围内 :64 (2的6次方)秒 至 1024 (2的10次方)秒 +- **reach** – 一个8位的左移移位寄存器值,用来测试能否和服务器连接,每成功连接一次它的值就会增加,以 [8 进制][24]显示 +- **delay** – 从本地到远程节点或服务器通信的往返时间(毫秒) +- **offset** – 主机与远程节点或服务器时间源的时间偏移量,offset 越接近于0,主机和 NTP 服务器的时间越接近([方均根][25]表示,单位为毫秒) +- **jitter** – 与远程节点同步的时间源的平均偏差(多个时间样本中的 offset 的偏差,单位是毫秒),这个数值的绝对值越小,主机的时间就越精确 + +#### 字段的统计代码 #### + +表中第一个字符(统计代码)是状态标识(参见 [Peer Status Word][26]),包含 " ","x","-","#","+","*","o": + +- " " – 无状态,表示: + - 没有远程通信的主机 + - "LOCAL" 即本机 + - (未被使用的)高层级服务器 + - 远程主机使用的这台机器作为同步服务器 +- “**x**” – 已不再使用 +- “**-**” – 已不再使用 +- “**#**” – 良好的远程节点或服务器但是未被使用 (不在按同步距离排序的前六个节点中,作为备用节点使用) +- “**+**” – 良好的且优先使用的远程节点或服务器(包含在组合算法中) +- “*****” – 当前作为优先主同步对象的远程节点或服务器 +- “**o**” – PPS 节点 (当优先节点是有效时)。实际的系统同步是源于秒脉冲信号(pulse-per-second,PPS),可能通过PPS 时钟驱动或者通过内核接口。 + +参考 [Clock Select Algorithm][27]. + +#### refid #### + +**refid** 有下面这些状态值 + +- 一个IP地址 – 远程节点或服务器的 [IP 地址][28] +- **.LOCL.** – 本机 (当没有远程节点或服务器可用时) +- **.PPS.** – 时间标准中的“[Pulse Per Second][29]”(秒脉冲) +- **.IRIG.** – [Inter-Range Instrumentation Group][30] 时间码 +- **.ACTS.** – 美国 [NIST 标准时间][31] 电话调制器 +- **.NIST.** –美国 NIST 标准时间电话调制器 +- **.PTB.** – 德国 [PTB][32] 时间标准电话调制器 +- **.USNO.** – 美国 [USNO 标准时间][33] 电话调制器 +- **.CHU.** – [CHU][34] ([HF][35], Ottawa, ON, Canada) 标准时间无线电接收器 +- **.DCFa.** – [DCF77][36] ([LF][37], Mainflingen, Germany) 标准时间无线电接收器 +- **.HBG.** – [HBG][38] (LF Prangins, Switzerland) 标准时间无线电接收器 +- **.JJY.** – [JJY][39] (LF Fukushima, Japan) 标准时间无线电接收器 +- **.LORC.** – [LORAN][40]-C station ([MF][41]) 标准时间无线电接收器,注: [不再可用][42] (被 [eLORAN][43] 废弃) +- **.MSF.** – [MSF][44] (LF, Anthorn, Great Britain) 标准时间无线电接收器 +- **.TDF.** – [TDF][45] (MF, Allouis, France)标准时间无线电接收器 +- **.WWV.** – [WWV][46] (HF, Ft. Collins, CO, America) 标准时间无线电接收器 +- **.WWVB.** – [WWVB][47] (LF, Ft. Collins, CO, America) 标准时间无线电接收器 +- **.WWVH.** – [WWVH][48] (HF, Kauai, HI, America) 标准时间无线电接收器 +- **.GOES.** – 美国 [静止环境观测卫星][49]; +- **.GPS.** – 美国 [GPS][50]; +- **.GAL.** – [伽利略定位系统][51] 欧洲 [GNSS][52]; +- **.ACST.** – 选播服务器 +- **.AUTH.** – 认证错误 +- **.AUTO.** – Autokey (NTP 的一种认证机制)顺序错误 +- **.BCST.** – 广播服务器 +- **.CRYPT.** – Autokey 协议错误 +- **.DENY.** – 服务器拒绝访问; +- **.INIT.** – 关联初始化 +- **.MCST.** – 多播服务器 +- **.RATE.** – (轮询) 速率超出限定 +- **.TIME.** – 关联超时 +- **.STEP.** – 间隔时长改变,偏移量比危险阈值小(1000ms) 比间隔时间 (125ms)大 + +#### 操作要点 #### + +一个时间服务器只会报告时间信息而不会从客户端更新时间(单向更新),而一个节点可以更新其他同级节点的时间,结合出一个彼此同意的时间(双向更新)。 + +[初次启动][53]时: + +> 除非使用 iburst 选项,客户端通常需要花几分钟来和服务器同步。如果客户端在启动时时间与 NTP 服务器的时间差大于 1000 秒,守护进程会退出并在系统日志中记录,让操作者手动设置时间差小于 1000 秒后再重新启动。如果时间差小于 1000 秒,但是大于 128 秒,会自动矫正间隔,并自动重启守护进程。 + +> 当第一次启动时,时间频率文件(通常是 ntp.drift 文件,记录时间偏移)不存在,守护进程进入一个特殊模式来矫正频率。当时钟不符合[规范][54]时这会需要 900 秒。当校正完成后,守护进程创建时间频率文件进入普通模式,并分步校正剩余的偏差。 + +NTP 0 层(Stratum 0 )的设备如原子钟(铯,铷),GPS 时钟或者其他标准时间的无线电时钟为 1 层(Stratum 1)的时间服务器提供时间信号。NTP 只报告[UTC][55] 时间(统一协调时,Coordinated Universal Time)。客户端程序使用[时区][56]从 UTC 导出本地时间。 + +NTP 协议是高精度的,使用的精度小于纳秒(2的 -32 次方)。主机的时间精度和其他参数(受硬件和操作系统限制)使用命令 “ntpq -c rl” 查看(参见 [rfc1305][57] 通用变量和 [rfc5905][58])。 + +#### “ntpq -c rl”输出参数 #### + +- **precision** 为四舍五入值,且为 2 的幂数。因此精度为 2 的 *precision* 此幂(秒) +- **rootdelay** – 与同步网络中主同步服务器的总往返延时。注意这个值可以是正数或者负数,取决于时钟的精度。 +- **rootdisp** – 相对于同步网络中主同步服务器的偏差(秒) +- **tc** – NTP 算法 [PLL][59] (phase locked loop,锁相环路) 或 [FLL][60] (frequency locked loop,锁频回路) 时间常量 +- **mintc** – NTP 算法 PLL/FLL 最小时间常亮或“最快响应 +- **offset** – 由结合算法得出的系统时钟偏移量(毫秒) +- **frequency** – 系统时钟频率 +- **sys_jitter** – 由结合算法得出的系统时钟平均偏差(毫秒) +- **clk_jitter** – 硬件时钟平均偏差(毫秒) +- **clk_wander** – 硬件时钟偏移([PPM][61] – 百分之一) + +Jitter (也叫 timing jitter) 表示短期变化大于10HZ 的频率, wander 表示长期变化大于10HZ 的频率 (Stability 表示系统的频率随时间的变化,和 aging, drift, trends 等是同义词) + +#### 操作要点(续) #### + +NTP 软件维护一系列连续更新的频率变化的校正值。对于设置正确的稳定系统,在非拥塞的网络中,现代硬件的 NTP 时钟同步通常与 UTC 标准时间相差在毫秒内。(在千兆 LAN 网络中可以达到何种精度?) + +对于 UTC 时间,[闰秒][62] 可以每两年插入一次用于同步地球自传的变化。注意本地时间为[夏令时][63]时时间会有一小时的变化。在重同步之前客户端设备会使用独立的 UTC 时间,除非客户端使用了偏移校准。 + +#### [闰秒发生时会怎样][64] #### + +> 闰秒发生时,会对当天时间增加或减少一秒。闰秒的调整在 UTC 时间当天的最后一秒。如果增加一秒,UTC 时间会出现 23:59:60。即 23:59:59 到 0:00:00 之间实际上需要 2 秒钟。如果减少一秒,时间会从 23:59:58 跳至 0:00:00 。另见 [The Kernel Discipline][65]. + +好了… 间隔阈值(step threshold)的真实值是多少: 125ms 还是 128ms? PLL/FLL tc 的单位是什么 (log2 s? ms?)?在非拥塞的千兆 LAN 中时间节点间的精度能达到多少? + +感谢 Camilo M 和 Chris B的评论。 欢迎校正错误和更多细节的探讨。 + +谢谢 +Martin + +### 外传 ### + +- [NTP 的纪元][66] 从 1900 开始而 UNIX 的从 1970开始. +- [时间校正][67] 是逐渐进行的,因此时间的完全同步可能会画上几个小时。 +- [节点状态][68] 可以被记录到 [summarise/plot time offsets and errors][69] +- [RMS][70] – 均方根 +- [PLL][71] – 锁相环路 +- [FLL][72] – 锁频回路 +- [PPM][73] – 百万分之一,用于描述频率的变化 +- [man ntpq (Gentoo 简明版本)][74] +- [man ntpq (长期维护版本)][75] +- [man ntpq (Gentoo 长期维护版本)][76] + +### 另见 ### + +- [ntpq – 标准 NTP 查询程序][77] +- [The Network Time Protocol (NTP) 分布][78] +- NTP 的简明 [历史][79] +- 一个更多细节的简明历史 “Mills, D.L., A brief history of NTP time: confessions of an Internet timekeeper. Submitted for publication; please do not cite or redistribute” ([pdf][80]) +- [NTP RFC][81] 标准文档 +- Network Time Protocol (Version 3) RFC – [txt][82], or [pdf][83]. Appendix E, The NTP Timescale and its Chronometry, p70, 包含了对过去 5000 年我们的计时系统的变化和关系的有趣解释。 +- 维基百科: [Time][84] 和 [Calendar][85] +- [John Harrison and the Longitude problem][86] +- [Clock of the Long Now][87] – The 10,000 Year Clock +- John C Taylor – [Chronophage][88] +- [Orders of magnitude of time][89] +- [Greenwich Time Signal][90] + +### 其他 ### + +SNTP (Simple Network Time Protocol, [RFC 4330][91],简单未落协议)基本上也是NTP,但是缺少一些基于 [RFC 1305][92] 实现的 NTP 的一些不再需要的内部算法。 + +Win32 时间 [Windows Time Service][93] 是 SNTP 的非标准实现,没有精度的保证,并假设精度几乎有 1-2 秒的范围。(因为没有系统时间变化校正) + +还有一个[PTP (IEEE 1588)][95] Precision Time Protocol(精准时间协议)。见维基百科:[Precision Time Protocol][96]。软件程序为 [PTPd][97]。虫咬的功能是这是一个 [LAN][98] 高精度主从同步系统,精度在毫秒级,使用 [International Atomic Time][99] (TAI, [monotonic][100],无闰秒)。数据报时间戳需要在网卡中启用。支持 PTP 的网络会对数据报记录时间戳以减少交换机路由器的影响。也可以在不记录时间戳的网络中使用 PTP 但可能应为时间偏差太大而无法同步。因此使用这个需要对网络进行设置。 + +### 更老的时间同步协议 ### + +- DTSS – DEC公司的数字时间同步服务, 被 NTP 所取代。例子: [DTSS VMS C code c2000][101]。 (哪里有关于 DTSS 的文章或文档吗?) +- [DAYTIME protocol][102],使用 [TCP][103] 或 [UDP][104] 13 端口同步 +- [ICMP Timestamp][105] 和 [ICMP Timestamp Reply][106],使用 [ICMP][107] 协议同步 +- [Time Protocol][108],使用 TCP 或 UDP 37 号端口同步 + +-------------------------------------------------------------------------------- + +via: http://nlug.ml1.co.uk/2012/01/ntpq-p-output/831 + +作者:Martin L +译者:[Liao](https://github.com/liaosishere) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[1]:http://www.gentoo.org/ +[2]:http://nlug.ml1.co.uk/2012/01/man-ntpq-gentoo-brief-version/853 +[3]:http://www.thelinuxblog.com/linux-man-pages/1/ntpq +[4]:http://www.eecis.udel.edu/~mills/ntp/html/ntpq.html +[5]:http://linux.die.net/man/8/ntpq +[6]:http://www.ntp.org/ +[7]:http://en.wikipedia.org/wiki/Wide_area_network +[8]:http://en.wikipedia.org/wiki/Local_area_network +[9]:http://en.wikipedia.org/wiki/User_Datagram_Protocol +[10]:http://en.wikipedia.org/wiki/Network_Time_Protocol +[11]:http://www.ntp.org/ntpfaq/NTP-s-time.htm +[12]:http://www.ntp.org/rfc.html +[13]:http://www.ietf.org/rfc/rfc1305.txt +[14]:http://www.rfc-editor.org/rfc/rfc1305.pdf +[15]:http://en.wikipedia.org/wiki/Time +[16]:http://en.wikipedia.org/wiki/Calendar +[17]:http://en.wikipedia.org/wiki/Network_Time_Protocol#Clock_strata +[18]:http://en.wikipedia.org/wiki/Unicast +[19]:http://www.eecis.udel.edu/~mills/ntp/html/manyopt.html#mcst +[20]:http://en.wikipedia.org/wiki/Broadcasting_%28computing%29 +[21]:http://en.wikipedia.org/wiki/Multicast +[22]:http://www.eecis.udel.edu/~mills/ntp/html/manyopt.html +[23]:http://www.ietf.org/rfc/rfc5905.txt +[24]:http://en.wikipedia.org/wiki/Octal#In_computers +[25]:http://en.wikipedia.org/wiki/Root_mean_square +[26]:http://www.eecis.udel.edu/~mills/ntp/html/decode.html#peer +[27]:http://www.eecis.udel.edu/~mills/ntp/html/select.html +[28]:http://en.wikipedia.org/wiki/Ip_address +[29]:http://en.wikipedia.org/wiki/Pulse_per_second +[30]:http://en.wikipedia.org/wiki/Inter-Range_Instrumentation_Group +[31]:http://en.wikipedia.org/wiki/Standard_time_and_frequency_signal_service +[32]:http://www.ptb.de/index_en.html +[33]:http://en.wikipedia.org/wiki/United_States_Naval_Observatory#Time_service +[34]:http://en.wikipedia.org/wiki/CHU_%28radio_station%29 +[35]:http://en.wikipedia.org/wiki/High_frequency +[36]:http://en.wikipedia.org/wiki/DCF77 +[37]:http://en.wikipedia.org/wiki/Low_frequency +[38]:http://en.wikipedia.org/wiki/HBG_%28time_signal%29 +[39]:http://en.wikipedia.org/wiki/JJY#Time_standards +[40]:http://en.wikipedia.org/wiki/LORAN#Timing_and_synchronization +[41]:http://en.wikipedia.org/wiki/Medium_frequency +[42]:http://en.wikipedia.org/wiki/LORAN#The_future_of_LORAN +[43]:http://en.wikipedia.org/wiki/LORAN#eLORAN +[44]:http://en.wikipedia.org/wiki/Time_from_NPL#The_.27MSF_signal.27_and_the_.27Rugby_clock.27 +[45]:http://en.wikipedia.org/wiki/T%C3%A9l%C3%A9_Distribution_Fran%C3%A7aise +[46]:http://en.wikipedia.org/wiki/WWV_%28radio_station%29#Time_signals +[47]:http://en.wikipedia.org/wiki/WWVB +[48]:http://en.wikipedia.org/wiki/WWVH +[49]:http://en.wikipedia.org/wiki/GOES#Further_reading +[50]:http://en.wikipedia.org/wiki/Gps#Timekeeping +[51]:http://en.wikipedia.org/wiki/Galileo_%28satellite_navigation%29#The_concept +[52]:http://en.wikipedia.org/wiki/Gnss +[53]:http://www.eecis.udel.edu/~mills/ntp/html/debug.html +[54]:http://www.ntp.org/ntpfaq/NTP-s-algo-kernel.htm +[55]:http://en.wikipedia.org/wiki/Coordinated_Universal_Time +[56]:http://en.wikipedia.org/wiki/Time_zone +[57]:http://www.ietf.org/rfc/rfc1305.txt +[58]:http://www.ietf.org/rfc/rfc5905.txt +[59]:http://en.wikipedia.org/wiki/PLL +[60]:http://en.wikipedia.org/wiki/Frequency-locked_loop +[61]:http://en.wikipedia.org/wiki/Parts_per_million +[62]:http://en.wikipedia.org/wiki/Leap_second +[63]:http://en.wikipedia.org/wiki/Daylight_saving_time +[64]:http://www.ntp.org/ntpfaq/NTP-s-time.htm#Q-TIME-LEAP-SECOND +[65]:http://www.ntp.org/ntpfaq/NTP-s-algo-kernel.htm +[66]:http://www.ntp.org/ntpfaq/NTP-s-algo.htm#AEN1895 +[67]:http://www.ntp.org/ntpfaq/NTP-s-algo.htm#Q-ACCURATE-CLOCK +[68]:http://www.ntp.org/ntpfaq/NTP-s-trouble.htm#Q-TRB-MON-STATFIL +[69]:http://www.ntp.org/ntpfaq/NTP-s-trouble.htm#AEN5086 +[70]:http://en.wikipedia.org/wiki/Root_mean_square +[71]:http://en.wikipedia.org/wiki/PLL +[72]:http://en.wikipedia.org/wiki/Frequency-locked_loop +[73]:http://en.wikipedia.org/wiki/Parts_per_million +[74]:http://nlug.ml1.co.uk/2012/01/man-ntpq-gentoo-brief-version/853 +[75]:http://nlug.ml1.co.uk/2012/01/man-ntpq-long-version/855 +[76]:http://nlug.ml1.co.uk/2012/01/man-ntpq-gentoo-long-version/856 +[77]:http://www.eecis.udel.edu/~mills/ntp/html/ntpq.html +[78]:http://www.eecis.udel.edu/~mills/ntp/html/index.html +[79]:http://www.ntp.org/ntpfaq/NTP-s-def-hist.htm +[80]:http://www.eecis.udel.edu/~mills/database/papers/history.pdf +[81]:http://www.ntp.org/rfc.html +[82]:http://www.ietf.org/rfc/rfc1305.txt +[83]:http://www.rfc-editor.org/rfc/rfc1305.pdf +[84]:http://en.wikipedia.org/wiki/Time +[85]:http://en.wikipedia.org/wiki/Calendar +[86]:http://www.rmg.co.uk/harrison +[87]:http://longnow.org/clock/ +[88]:http://johnctaylor.com/ +[89]:http://en.wikipedia.org/wiki/Orders_of_magnitude_%28time%29 +[90]:http://en.wikipedia.org/wiki/Greenwich_Time_Signal +[91]:http://tools.ietf.org/html/rfc4330 +[92]:http://tools.ietf.org/html/rfc1305 +[93]:http://en.wikipedia.org/wiki/Network_Time_Protocol#Microsoft_Windows +[94]:http://en.wikipedia.org/wiki/Personal_computer +[95]:http://www.nist.gov/el/isd/ieee/ieee1588.cfm +[96]:http://en.wikipedia.org/wiki/IEEE_1588 +[97]:http://ptpd.sourceforge.net/ +[98]:http://en.wikipedia.org/wiki/Local_area_network +[99]:http://en.wikipedia.org/wiki/International_Atomic_Time +[100]:http://en.wikipedia.org/wiki/Monotonic_function +[101]:http://antinode.info/ftp/dtss_ntp/ +[102]:http://en.wikipedia.org/wiki/DAYTIME +[103]:http://en.wikipedia.org/wiki/Transmission_Control_Protocol +[104]:http://en.wikipedia.org/wiki/User_Datagram_Protocol +[105]:http://en.wikipedia.org/wiki/ICMP_Timestamp +[106]:http://en.wikipedia.org/wiki/ICMP_Timestamp_Reply +[107]:http://en.wikipedia.org/wiki/Internet_Control_Message_Protocol +[108]:http://en.wikipedia.org/wiki/Time_Protocol From c2be7bf490f560ec3f67626a892be1a22a7425ae Mon Sep 17 00:00:00 2001 From: H-mudcup Date: Sun, 4 Jan 2015 18:47:24 +0800 Subject: [PATCH 57/98] Delete 20141106 Flow' N Play Movie Player Has a Stylish Interface Ubuntu Installation.md --- ...a Stylish Interface Ubuntu Installation.md | 57 ------------------- 1 file changed, 57 deletions(-) delete mode 100644 sources/share/20141106 Flow' N Play Movie Player Has a Stylish Interface Ubuntu Installation.md diff --git a/sources/share/20141106 Flow' N Play Movie Player Has a Stylish Interface Ubuntu Installation.md b/sources/share/20141106 Flow' N Play Movie Player Has a Stylish Interface Ubuntu Installation.md deleted file mode 100644 index 28609377b0..0000000000 --- a/sources/share/20141106 Flow' N Play Movie Player Has a Stylish Interface Ubuntu Installation.md +++ /dev/null @@ -1,57 +0,0 @@ -Translating by H-mudcup - -Flow ‘N Play Movie Player Has a Stylish Interface [Ubuntu Installation] -================================================================================ -**Flow ‘N Play** is a new video player written in Qt which features a pretty slick and simple interface which provides only the basic features for playing movies. - -![](http://www.tuxarena.com/wp-content/uploads/2014/11/flow_n_play.jpg) - -[Flow ‘N Play][1] is relatively new video player (the first release was made earlier this year in March) with a beautiful interface and a pretty simple approach, with one of the features being the possibility to slide over the list of movies by dragging the mouse. The player comes with basic functionality, a search function, support for colored themes. - -Opening a new video – you can also choose a custom cover in the same dialog: - -![](http://www.tuxarena.com/wp-content/uploads/2014/11/flow_n_play_open.jpg) - -The Settings dialog – customize some basic options here: - -![](http://www.tuxarena.com/wp-content/uploads/2014/11/flow_n_play_settings.jpg) - -Flow ‘N Play is still in early development though, and as such it has a few downsides over more advanced players. There are few options to customize it, no support for subtitles or video and audio filters. Currently there seems to be either a bug or strange behavior upon opening a new movie, which doesn’t always start automatically. - -I believe a few more features could be added before it gets to being usable as a decent alternative to other players, but given the time, Flow ‘N Play looks really promising. - -### Install Flow ‘N Play 0.922 in Ubuntu 14.04 ### - -There are several different ways to install Flow N’ Play in Ubuntu. There are DEB packages, RUN Bash installers, and standalone binaries available on the [Qt-Apps page][2]. - -To install Flow ‘N Play first get the dependencies: - - sudo apt-get install libqt5multimediaquick-p5 qtdeclarative5-controls-plugin qtdeclarative5 qtmultimedia-plugin qtdeclarative5-qtquick2-plugin qtdeclarative5-quicklayouts-plugin - -Then download the DEB package and either double click it or change the working directory to the one where you saved it and type the following in a terminal (for 64-bit, replace the DEB file for 32-bit): - - sudo dpkg -i flow-n-play_v0.926_qt-5.3.2_x64.deb - -Then type **flow-n-play** in a terminal to run it. Notice that in case you get dependency errors when trying to install the DEB file, you can run **sudo apt-get -f install**, which will fetch the missing dependencies automatically and will install Flow ‘N Play as well. - -To install Flow ‘N Play using the RUN script, install the dependencies mentioned above and then run the script: - - wget -O http://www.prest1ge-c0ding.24.eu/programs/Flow-N-Play/v0.926/bin/flow-n-play_v0.926_qt-5.3.2_x64.run - sudo ./flow-n-play_v0.926_qt-5.3.2_x64.run - -The third method is to install it manually to a location of your choice (just download the binary provided after installing the dependencies) e.g. for 32-bit: - - wget -O http://www.prest1ge-c0ding.24.eu/programs/Flow-N-Play/v0.926/bin/Flow-N-Play_v0.926_Qt-5.3.2_x86 - --------------------------------------------------------------------------------- - -via: http://www.tuxarena.com/2014/11/flow-n-play-movie-player-has-a-stylish-interface-ubuntu-installation/ - -作者:Craciun Dan -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 - -[1]:http://www.prest1ge-c0ding.24.eu/programme-php/app-flow_n_play.php?lang=en -[2]:http://qt-apps.org/content/show.php/Flow+%27N+Play?content=167736 From 3ff479dae6f3a2a3c7f5edf6a084ef39492b26f1 Mon Sep 17 00:00:00 2001 From: H-mudcup Date: Sun, 4 Jan 2015 19:37:56 +0800 Subject: [PATCH 58/98] Create 20141106 Flow' N Play Movie Player Has a Stylish Interface Ubuntu Installation.md Translated by H-mudcup --- ...a Stylish Interface Ubuntu Installation.md | 57 +++++++++++++++++++ 1 file changed, 57 insertions(+) create mode 100644 translated/share/20141106 Flow' N Play Movie Player Has a Stylish Interface Ubuntu Installation.md diff --git a/translated/share/20141106 Flow' N Play Movie Player Has a Stylish Interface Ubuntu Installation.md b/translated/share/20141106 Flow' N Play Movie Player Has a Stylish Interface Ubuntu Installation.md new file mode 100644 index 0000000000..ccd9a474d5 --- /dev/null +++ b/translated/share/20141106 Flow' N Play Movie Player Has a Stylish Interface Ubuntu Installation.md @@ -0,0 +1,57 @@ +Translated by H-mudcup + +Flow 'N Play视频播放器有着独具风格的界面【Ubuntu上的安装】 +================================================================================ +**Flow ‘N Play**是个用Qt编写的新视频播放器。它有着漂亮又简洁的只提供基本播放功能的界面。 + +![](http://www.tuxarena.com/wp-content/uploads/2014/11/flow_n_play.jpg) + +[Flow ‘N Play][1]是个比较新的有着漂亮的界面和简单操作的视频播放器(今年三月份第一次发行)。其中一个功能就是能通过拖动鼠标滑动视频列表。播放器带有基本功能,一个搜索功能,支持彩色主题。 + +打开一个新的视频——你还可以在同一个对话框下自定义一个封面: + +![](http://www.tuxarena.com/wp-content/uploads/2014/11/flow_n_play_open.jpg) + +设置对话框——在这里设置基本的选项: + +![](http://www.tuxarena.com/wp-content/uploads/2014/11/flow_n_play_settings.jpg) + +Flow ‘N Play仍然处在早起开发中,因此相对于更高级的播放器它有一些瑕疵。可以设置的选项少,不支持加载字幕或视频和声音的过滤器。目前,在打开一个新的视频时偶尔会出错或是表现异常。 + +我相信在它变得能替代其他播放器之前,会先添加几个功能。但从长远来看,Flow ‘N Play很有前途。 + +### 在Ubuntu 14.04上安装Flow ‘N Play 0.922 ### + +在Ubuntu上有几种不同的方法安装Flow ‘N Play,可以用DEB包,或用Bash命令编写的RUN安装文件,或在[Qt-Apps页面][2]上获得单独的二进制安装文件。 + +要安装Flow ‘N Play得先获取依赖项: + + sudo apt-get install libqt5multimediaquick-p5 qtdeclarative5-controls-plugin qtdeclarative5 qtmultimedia-plugin qtdeclarative5-qtquick2-plugin qtdeclarative5-quicklayouts-plugin + +Then download the DEB package and either double click it or change the working directory to the one where you saved it and type the following in a terminal (for 64-bit, replace the DEB file for 32-bit)然后下载DEB安装包,可以双击或在终端里把正操作的目录换到你保存安装包的目录下并输入以下命令(这个是64位的命令,对于32位的系统请将DEB文件换成32位的): + + sudo dpkg -i flow-n-play_v0.926_qt-5.3.2_x64.deb + +然后在终端里输入**flow-n-play**来运行它。注意:为防止产生依赖项错误,当你试图安装DEB问件事你可以运行**sudo apt-get -f install**,这样可以自动获取丢失的依赖项并安装Flow ‘N Play。 + +若用RUN脚本安装,先安装上边提到的依赖项,然后运行这个脚本: + + wget -O http://www.prest1ge-c0ding.24.eu/programs/Flow-N-Play/v0.926/bin/flow-n-play_v0.926_qt-5.3.2_x64.run + sudo ./flow-n-play_v0.926_qt-5.3.2_x64.run + +第三种方法是手动安装到你选择的地方(在安装完依赖项后下载提供的二进制文件)以32位版本为例: + + wget -O http://www.prest1ge-c0ding.24.eu/programs/Flow-N-Play/v0.926/bin/Flow-N-Play_v0.926_Qt-5.3.2_x86 + +-------------------------------------------------------------------------------- + +via: http://www.tuxarena.com/2014/11/flow-n-play-movie-player-has-a-stylish-interface-ubuntu-installation/ + +作者:Craciun Dan +译者:[H-mudcup](https://github.com/H-mudcup) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[1]:http://www.prest1ge-c0ding.24.eu/programme-php/app-flow_n_play.php?lang=en +[2]:http://qt-apps.org/content/show.php/Flow+%27N+Play?content=167736 From b47178940451cbb41697405138a2be9e9fe1e1e0 Mon Sep 17 00:00:00 2001 From: joeren Date: Mon, 5 Jan 2015 09:50:40 +0800 Subject: [PATCH 59/98] Update 20150104 How To Install Websvn In CentOS 7.md --- sources/tech/20150104 How To Install Websvn In CentOS 7.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/sources/tech/20150104 How To Install Websvn In CentOS 7.md b/sources/tech/20150104 How To Install Websvn In CentOS 7.md index 8b77577dd6..9ac5e2dcde 100644 --- a/sources/tech/20150104 How To Install Websvn In CentOS 7.md +++ b/sources/tech/20150104 How To Install Websvn In CentOS 7.md @@ -1,3 +1,4 @@ +Translating by GOLinux! How To Install Websvn In CentOS 7 ================================================================================ **WebSVN** offers a view onto your subversion repositories that’s been designed to reflect the Subversion methodology. You can view the log of any file or directory and see a list of all the files changed, added or deleted in any given revision. You can also view the differences between two versions of a file so as to see exactly what was changed in a particular revision. @@ -120,4 +121,4 @@ via: http://www.unixmen.com/install-websvn-centos-7/ [17]: [18]: [19]: -[20]: \ No newline at end of file +[20]: From c5c22882993fc28a1b56309342905fd82e9ba326 Mon Sep 17 00:00:00 2001 From: GOLinux Date: Mon, 5 Jan 2015 10:12:16 +0800 Subject: [PATCH 60/98] [Translated]20150104 How To Install Websvn In CentOS 7.md --- ...50104 How To Install Websvn In CentOS 7.md | 43 +++++++++---------- 1 file changed, 21 insertions(+), 22 deletions(-) rename {sources => translated}/tech/20150104 How To Install Websvn In CentOS 7.md (65%) diff --git a/sources/tech/20150104 How To Install Websvn In CentOS 7.md b/translated/tech/20150104 How To Install Websvn In CentOS 7.md similarity index 65% rename from sources/tech/20150104 How To Install Websvn In CentOS 7.md rename to translated/tech/20150104 How To Install Websvn In CentOS 7.md index 9ac5e2dcde..c636f06da0 100644 --- a/sources/tech/20150104 How To Install Websvn In CentOS 7.md +++ b/translated/tech/20150104 How To Install Websvn In CentOS 7.md @@ -1,26 +1,25 @@ -Translating by GOLinux! -How To Install Websvn In CentOS 7 +CentOS 7中安装Websvn ================================================================================ -**WebSVN** offers a view onto your subversion repositories that’s been designed to reflect the Subversion methodology. You can view the log of any file or directory and see a list of all the files changed, added or deleted in any given revision. You can also view the differences between two versions of a file so as to see exactly what was changed in a particular revision. +**WebSVN**为你的Subversion提供了一个试图,它设计用来反映Subversion的一整套方法。你可以检查任何文件或目录的日志,以及查看任何指定修改库中修改、添加或删除过的文件列表。你也可以检查同一文件两个版本的不同之处,以便确切地查看某个特性修订版中的修改。 -### Features ### +### 特性 ### -WebSVN offers the following features: +WebSVN提供了以下这些特性: -- Easy to use interface; -- Customisable templating system; -- Colourisation of file listings; -- Blame view; -- Log message searching; -- RSS feed support. +- 易于使用的界面; +- 可自定义的模板系统; +- 文件列表的着色; +- 过错视图; +- 日志信息搜索; +- 支持RSS订阅; -### Installation ### +### 安装 ### -I use the following link to install Subversion on CentOS 7. +我使用以下链接来将Subversion安装到CentOS 7。 -- [How To install Subversion On CentOS 7][1] +- [CentOS 7上如何安装Subversion][1] -**1 – Download the websvn to /var/www/html.** +**1 – 下载websvn到/var/www/html。** cd /var/www/html @@ -28,7 +27,7 @@ I use the following link to install Subversion on CentOS 7. wget http://websvn.tigris.org/files/documents/1380/49057/websvn-2.3.3.zip -**2 – Extract the zip package.** +**2 – 解压zip包。** unzip websvn-2.3.3.zip @@ -36,11 +35,11 @@ I use the following link to install Subversion on CentOS 7. mv websvn-2.3.3 websvn -**3 – Installl php to your system.** +**3 – 安装php到你的系统。** yum install php -**4 – Edit web svn config.** +**4 – 编辑web svn配置。** cd /var/www/html/websvn/include @@ -83,20 +82,20 @@ I use the following link to install Subversion on CentOS 7. $extEnscript[".sh"] = "bash"; ~ -save and exit. +保存并退出。 -**6 – Reload apache and start websvn link http://ip/websvn.** +**6 – 重新加载apache并启动websvn链接http://ip/websvn。** ![websvn](http://180016988.r.cdn77.net/wp-content/uploads/2015/01/websvn.png) -That’s it. +一切搞定。 -------------------------------------------------------------------------------- via: http://www.unixmen.com/install-websvn-centos-7/ 作者:[M.el Khamlichi][a] -译者:[译者ID](https://github.com/译者ID) +译者:[GOLinux](https://github.com/GOLinux) 校对:[校对者ID](https://github.com/校对者ID) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 From 8f3fb80c7f5fad2e8a047aa4ff28cf8b515ba6cd Mon Sep 17 00:00:00 2001 From: liaoishere Date: Mon, 5 Jan 2015 11:19:19 +0800 Subject: [PATCH 61/98] liaoishere is translating translating 20141008 How to configure HTTP load balancer with HAProxy on Linux.md --- ...How to configure HTTP load balancer with HAProxy on Linux.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/sources/tech/20141008 How to configure HTTP load balancer with HAProxy on Linux.md b/sources/tech/20141008 How to configure HTTP load balancer with HAProxy on Linux.md index 7bd0703b3e..12e8bd05ac 100644 --- a/sources/tech/20141008 How to configure HTTP load balancer with HAProxy on Linux.md +++ b/sources/tech/20141008 How to configure HTTP load balancer with HAProxy on Linux.md @@ -1,3 +1,5 @@ +liaoishere is translating. + How to configure HTTP load balancer with HAProxy on Linux ================================================================================ Increased demand on web based applications and services are putting more and more weight on the shoulders of IT administrators. When faced with unexpected traffic spikes, organic traffic growth, or internal challenges such as hardware failures and urgent maintenance, your web application must remain available, no matter what. Even modern devops and continuous delivery practices can threaten the reliability and consistent performance of your web service. From e8b1750f68ab640023024fab3b9ffbe888e2d359 Mon Sep 17 00:00:00 2001 From: barney-ro Date: Mon, 5 Jan 2015 13:11:49 +0800 Subject: [PATCH 62/98] [translating]20141219 2015 will be the year Linux takes over the enterprise and other predictions --- ...r Linux takes over the enterprise and other predictions.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/sources/talk/20141219 2015 will be the year Linux takes over the enterprise and other predictions.md b/sources/talk/20141219 2015 will be the year Linux takes over the enterprise and other predictions.md index 9fd42b001d..4718480b82 100644 --- a/sources/talk/20141219 2015 will be the year Linux takes over the enterprise and other predictions.md +++ b/sources/talk/20141219 2015 will be the year Linux takes over the enterprise and other predictions.md @@ -1,3 +1,5 @@ +translating by barney-ro + 2015 will be the year Linux takes over the enterprise (and other predictions) ================================================================================ > Jack Wallen removes his rose-colored glasses and peers into the crystal ball to predict what 2015 has in store for Linux. @@ -62,7 +64,7 @@ What are your predictions for Linux and open source in 2015? Share your thoughts via: http://www.techrepublic.com/article/2015-will-be-the-year-linux-takes-over-the-enterprise-and-other-predictions/ 作者:[Jack Wallen][a] -译者:[译者ID](https://github.com/译者ID) +译者:[barney-ro](https://github.com/barney-ro) 校对:[校对者ID](https://github.com/校对者ID) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 From 04de393fe77aa70f894a58b887e893d968948a51 Mon Sep 17 00:00:00 2001 From: liaoishere Date: Mon, 5 Jan 2015 13:48:11 +0800 Subject: [PATCH 63/98] [translated] 20141008 How to configure HTTP load balancer with HAProxy on Linux --- ...TTP load balancer with HAProxy on Linux.md | 275 ------------------ ...TTP load balancer with HAProxy on Linux.md | 275 ++++++++++++++++++ 2 files changed, 275 insertions(+), 275 deletions(-) delete mode 100644 sources/tech/20141008 How to configure HTTP load balancer with HAProxy on Linux.md create mode 100644 translated/tech/20141008 How to configure HTTP load balancer with HAProxy on Linux.md diff --git a/sources/tech/20141008 How to configure HTTP load balancer with HAProxy on Linux.md b/sources/tech/20141008 How to configure HTTP load balancer with HAProxy on Linux.md deleted file mode 100644 index 12e8bd05ac..0000000000 --- a/sources/tech/20141008 How to configure HTTP load balancer with HAProxy on Linux.md +++ /dev/null @@ -1,275 +0,0 @@ -liaoishere is translating. - -How to configure HTTP load balancer with HAProxy on Linux -================================================================================ -Increased demand on web based applications and services are putting more and more weight on the shoulders of IT administrators. When faced with unexpected traffic spikes, organic traffic growth, or internal challenges such as hardware failures and urgent maintenance, your web application must remain available, no matter what. Even modern devops and continuous delivery practices can threaten the reliability and consistent performance of your web service. - -Unpredictability or inconsistent performance is not something you can afford. But how can we eliminate these downsides? In most cases a proper load balancing solution will do the job. And today I will show you how to set up HTTP load balancer using [HAProxy][1]. - -### What is HTTP load balancing? ### - -HTTP load balancing is a networking solution responsible for distributing incoming HTTP or HTTPS traffic among servers hosting the same application content. By balancing application requests across multiple available servers, a load balancer prevents any application server from becoming a single point of failure, thus improving overall application availability and responsiveness. It also allows you to easily scale in/out an application deployment by adding or removing extra application servers with changing workloads. - -### Where and when to use load balancing? ### - -As load balancers improve server utilization and maximize availability, you should use it whenever your servers start to be under high loads. Or if you are just planning your architecture for a bigger project, it's a good habit to plan usage of load balancer upfront. It will prove itself useful in the future when you need to scale your environment. - -### What is HAProxy? ### - -HAProxy is a popular open-source load balancer and proxy for TCP/HTTP servers on GNU/Linux platforms. Designed in a single-threaded event-driven architecture, HAproxy is capable of handling [10G NIC line rate][2] easily, and is being extensively used in many production environments. Its features include automatic health checks, customizable load balancing algorithms, HTTPS/SSL support, session rate limiting, etc. - -### What are we going to achieve in this tutorial? ### - -In this tutorial, we will go through the process of configuring a HAProxy-based load balancer for HTTP web servers. - -### Prerequisites ### - -You will need at least one, or preferably two web servers to verify functionality of your load balancer. We assume that backend HTTP web servers are already [up and running][3]. - -### Install HAProxy on Linux ### - -For most distributions, we can install HAProxy using your distribution's package manager. - -#### Install HAProxy on Debian #### - -In Debian we need to add backports for Wheezy. To do that, please create a new file called "backports.list" in /etc/apt/sources.list.d, with the following content: - - deb http://cdn.debian.net/debian wheezy­backports main - -Refresh your repository data and install HAProxy. - - # apt­ get update - # apt ­get install haproxy - -#### Install HAProxy on Ubuntu #### - - # apt ­get install haproxy - -#### Install HAProxy on CentOS and RHEL #### - - # yum install haproxy - -### Configure HAProxy ### - -In this tutorial, we assume that there are two HTTP web servers up and running with IP addresses 192.168.100.2 and 192.168.100.3. We also assume that the load balancer will be configured at a server with IP address 192.168.100.4. - -To make HAProxy functional, you need to change a number of items in /etc/haproxy/haproxy.cfg. These changes are described in this section. In case some configuration differs for different GNU/Linux distributions, it will be noted in the paragraph. - -#### 1. Configure Logging #### - -One of the first things you should do is to set up proper logging for your HAProxy, which will be useful for future debugging. Log configuration can be found in the global section of /etc/haproxy/haproxy.cfg. The following are distro-specific instructions for configuring logging for HAProxy. - -**CentOS or RHEL:** - -To enable logging on CentOS/RHEL, replace: - - log 127.0.0.1 local2 - -with: - - log 127.0.0.1 local0 - -The next step is to set up separate log files for HAProxy in /var/log. For that, we need to modify our current rsyslog configuration. To make the configuration simple and clear, we will create a new file called haproxy.conf in /etc/rsyslog.d/ with the following content. - - $ModLoad imudp - $UDPServerRun 514 - $template Haproxy,"%msg%\n" - local0.=info ­/var/log/haproxy.log;Haproxy - local0.notice ­/var/log/haproxy­status.log;Haproxy - local0.* ~ - -This configuration will separate all HAProxy messages based on the $template to log files in /var/log. Now restart rsyslog to apply the changes. - - # service rsyslog restart - -**Debian or Ubuntu:** - -To enable logging for HAProxy on Debian or Ubuntu, replace: - - log /dev/log local0 - log /dev/log local1 notice - -with: - - log 127.0.0.1 local0 - -Next, to configure separate log files for HAProxy, edit a file called haproxy.conf (or 49-haproxy.conf in Debian) in /etc/rsyslog.d/ with the following content. - - $ModLoad imudp - $UDPServerRun 514 - $template Haproxy,"%msg%\n" - local0.=info ­/var/log/haproxy.log;Haproxy - local0.notice ­/var/log/haproxy­status.log;Haproxy - local0.* ~ - -This configuration will separate all HAProxy messages based on the $template to log files in /var/log. Now restart rsyslog to apply the changes. - - # service rsyslog restart - -#### 2. Setting Defaults #### - -The next step is to set default variables for HAProxy. Find the defaults section in /etc/haproxy/haproxy.cfg, and replace it with the following configuration. - - defaults - log global - mode http - option httplog - option dontlognull - retries 3 - option redispatch - maxconn 20000 - contimeout 5000 - clitimeout 50000 - srvtimeout 50000 - -The configuration stated above is recommended for HTTP load balancer use, but it may not be the optimal solution for your environment. In that case, feel free to explore HAProxy man pages to tweak it. - -#### 3. Webfarm Configuration #### - -Webfarm configuration defines the pool of available HTTP servers. Most of the settings for our load balancer will be placed here. Now we will create some basic configuration, where our nodes will be defined. Replace all of the configuration from frontend section until the end of file with the following code: - - listen webfarm *:80 - mode http - stats enable - stats uri /haproxy?stats - stats realm Haproxy\ Statistics - stats auth haproxy:stats - balance roundrobin - cookie LBN insert indirect nocache - option httpclose - option forwardfor - server web01 192.168.100.2:80 cookie node1 check - server web02 192.168.100.3:80 cookie node2 check - -The line "listen webfarm *:80" defines on which interfaces our load balancer will listen. For the sake of the tutorial, I've set that to "*" which makes the load balancer listen on all our interfaces. In a real world scenario, this might be undesirable and should be replaced with an interface that is accessible from the internet. - - stats enable - stats uri /haproxy?stats - stats realm Haproxy\ Statistics - stats auth haproxy:stats - -The above settings declare that our load balancer statistics can be accessed on http:///haproxy?stats. The access is secured with a simple HTTP authentication with login name "haproxy" and password "stats". These settings should be replaced with your own credentials. If you don't need to have these statistics available, then completely disable them. - -Here is an example of HAProxy statistics. - -![](https://farm4.staticflickr.com/3928/15416835905_a678c8f286_c.jpg) - -The line "balance roundrobin" defines the type of load balancing we will use. In this tutorial we will use simple round robin algorithm, which is fully sufficient for HTTP load balancing. HAProxy also offers other types of load balancing: - -- **leastconn**:­ gives connections to the server with the lowest number of connections. -- **source**: hashes the source IP address, and divides it by the total weight of the running servers to decide which server will receive the request. -- **uri**: the left part of the URI (before the question mark) is hashed and divided by the total weight of the running servers. The result determines which server will receive the request. -- **url_param**: the URL parameter specified in the argument will be looked up in the query string of each HTTP GET request. You can basically lock the request using crafted URL to specific load balancer node. -- **hdr(name**): the HTTP header will be looked up in each HTTP request and directed to specific node. - -The line "cookie LBN insert indirect nocache" makes our load balancer store persistent cookies, which allows us to pinpoint which node from the pool is used for a particular session. These node cookies will be stored with a defined name. In our case, I used "LBN", but you can specify any name you like. The node will store its string as a value for this cookie. - - server web01 192.168.100.2:80 cookie node1 check - server web02 192.168.100.3:80 cookie node2 check - -The above part is the definition of our pool of web server nodes. Each server is represented with its internal name (e.g., web01, web02). IP address, and unique cookie string. The cookie string can be defined as anything you want. I am using simple node1, node2 ... node(n). - -### Start HAProxy ### - -When you are done with the configuration, it's time to start HAProxy and verify that everything is working as intended. - -#### Start HAProxy on Centos/RHEL #### - -Enable HAProxy to be started after boot and turn it on using: - - # chkconfig haproxy on - # service haproxy start - -And of course don't forget to enable port 80 in the firewall as follows. - -**Firewall on CentOS/RHEL 7:** - - # firewall­cmd ­­permanent ­­zone=public ­­add­port=80/tcp - # firewall­cmd ­­reload - -**Firewall on CentOS/RHEL 6:** - -Add following line into section ":OUTPUT ACCEPT" of /etc/sysconfig/iptables: - - ­A INPUT ­m state ­­state NEW ­m tcp ­p tcp ­­dport 80 ­j ACCEPT - -and restart **iptables**: - - # service iptables restart - -#### Start HAProxy on Debian #### - -#### Start HAProxy with: #### - - # service haproxy start - -Don't forget to enable port 80 in the firewall by adding the following line into /etc/iptables.up.rules: - - ­A INPUT ­p tcp ­­dport 80 ­j ACCEPT - -#### Start HAProxy on Ubuntu #### - -Enable HAProxy to be started after boot by setting "ENABLED" option to "1" in /etc/default/haproxy: - - ENABLED=1 - -Start HAProxy: - - # service haproxy start - -and enable port 80 in the firewall: - - # ufw allow 80 - -### Test HAProxy ### - -To check whether HAproxy is working properly, we can do the following. - -First, prepare test.php file with the following content: - - - -This PHP file will tell us which server (i.e., load balancer) forwarded the request, and what backend web server actually handled the request. - -Place this PHP file in the root directory of both backend web servers. Now use curl command to fetch this PHP file from the load balancer (192.168.100.4). - - $ curl http://192.168.100.4/test.php - -When we run this command multiple times, we should see the following two outputs alternate (due to the round robin algorithm). - - Server IP: 192.168.100.2 - X-Forwarded-for: 192.168.100.4 - ----------- - - Server IP: 192.168.100.3 - X-Forwarded-for: 192.168.100.4 - -If we stop one of the two backend web servers, the curl command should still work, directing requests to the other available web server. - -### Summary ### - -By now you should have a fully operational load balancer that supplies your web nodes with requests in round robin mode. As always, feel free to experiment with the configuration to make it more suitable for your infrastructure. I hope this tutorial helped you to make your web projects more resistant and available. - -As most of you already noticed, this tutorial contains settings for only one load balancer. Which means that we have just replaced one single point of failure with another. In real life scenarios you should deploy at least two or three load balancers to cover for any failures that might happen, but that is out of the scope of this tutorial right now. - -If you have any questions or suggestions feel free to post them in the comments and I will do my best to answer or advice. - --------------------------------------------------------------------------------- - -via: http://xmodulo.com/haproxy-http-load-balancer-linux.html - -作者:[Jaroslav Štěpánek][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 - -[a]:http://xmodulo.com/author/jaroslav -[1]:http://www.haproxy.org/ -[2]:http://www.haproxy.org/10g.html -[3]:http://xmodulo.com/how-to-install-lamp-server-on-ubuntu.html diff --git a/translated/tech/20141008 How to configure HTTP load balancer with HAProxy on Linux.md b/translated/tech/20141008 How to configure HTTP load balancer with HAProxy on Linux.md new file mode 100644 index 0000000000..216483ab3c --- /dev/null +++ b/translated/tech/20141008 How to configure HTTP load balancer with HAProxy on Linux.md @@ -0,0 +1,275 @@ +如何在 Linux 上使用 HAProxy 配置 HTTP 负载均衡器 +================================================================================ +随着基于 Web 的应用和服务的增多,IT 系统管理员肩上的责任也越来越重。当遇到不可预期的事件如流量达到高峰,流量增大或者内部的挑战比如硬件的损坏或紧急维修,无论如何,你的 Web 应用都必须要保持可用性。甚至现在流行的 devops 和持续交付也可能威胁到你的 Web 服务的可靠性和性能的一致性。 + +不可预测,不一直的性能表现是你无法接受的。但是我们怎样消除这些缺点呢?大多数情况下一个合适的负载均衡解决方案可以解决这个问题。今天我会给你们介绍如何使用 [HAProxy][1] 配置 HTTP 负载均衡器。 + +###什么是 HTTP 负载均衡? ### + +HTTP 负载均衡是一个网络解决方案,它将发入的 HTTP 或 HTTPs 请求分配至一组提供相同的 Web 应用内容的服务器用于响应。通过将请求在这样的多个服务器间进行均衡,负载均衡器可以防止服务器出现单点故障,可以提升整体的可用性和响应速度。它还可以让你能够简单的通过添加或者移除服务器来进行横向扩展或收缩,对工作负载进行调整。 + +### 什么时候,什么情况下需要使用负载均衡? ### + +负载均衡可以提升服务器的使用性能和最大可用性,当你的服务器开始出现高负载时就可以使用负载均衡。或者你在为一个大型项目设计架构时,在前端使用负载均衡是一个很好的习惯。当你的环境需要扩展的时候它会很有用。 + + +### 什么是 HAProxy? ### + +HAProxy 是一个流行的开源的 GNU/Linux 平台下的 TCP/HTTP 服务器的负载均衡和代理软件。HAProxy 是单线程,事件驱动架构,可以轻松的处理 [10 Gbps 速率][2] 的流量,在生产环境中被广泛的使用。它的功能包括自动健康状态检查,自定义负载均衡算法,HTTPS/SSL 支持,会话速率限制等等。 + +### 这个教程要实现怎样的负载均衡 ### + +在这个教程中,我们会为 HTTP Web 服务器配置一个基于 HAProxy 的负载均衡。 + +### 准备条件 ### + +你至少要有一台,或者最好是两台 Web 服务器来验证你的负载均衡的功能。我们假设后端的 HTTP Web 服务器已经配置好并[可以运行][3]。 +You will need at least one, or preferably two web servers to verify functionality of your load balancer. We assume that backend HTTP web servers are already [up and running][3]. + +### 在 Linux 中安装 HAProxy ### + +对于大多数的发行版,我们可以使用发行版的包管理器来安装 HAProxy。 + +#### 在 Debian 中安装 HAProxy #### + +在 Debian Wheezy 中我们需要添加源,在 /etc/apt/sources.list.d 下创建一个文件 "backports.list" ,写入下面的内容 + + deb http://cdn.debian.net/debian wheezy­backports main + +刷新仓库的数据,并安装 HAProxy + + # apt­ get update + # apt ­get install haproxy + +#### 在 Ubuntu 中安装 HAProxy #### + + # apt ­get install haproxy + +#### 在 CentOS 和 RHEL 中安装 HAProxy #### + + # yum install haproxy + +### 配置 HAProxy ### + +本教程假设有两台运行的 HTTP Web 服务器,它们的 IP 地址是 192.168.100.2 和 192.168.100.3。我们将负载均衡配置在 192.168.100.4 的这台服务器上。 + +为了让 HAProxy 工作正常,你需要修改 /etc/haproxy/haproxy.cfg 中的一些选项。我们会在这一节中解释这些修改。一些配置可能因 GNU/Linux 发行版的不同而变化,这些会被标注出来。 + +#### 1. 配置日志功能 #### + +你要做的第一件事是为 HAProxy 配置日志功能,在排错时日志将很有用。日志配置可以在 /etc/haproxy/haproxy.cfg 的 global 段中找到他们。下面是针对不同的 Linux 发型版的 HAProxy 日志配置。 + +**CentOS 或 RHEL:** + +在 CentOS/RHEL中启用日志,将下面的: + + log 127.0.0.1 local2 + +替换为: + + log 127.0.0.1 local0 + +然后配置 HAProxy 在 /var/log 中的日志分割,我们需要修改当前的 rsyslog 配置。为了简洁和明了,我们在 /etc/rsyslog.d 下创建一个叫 haproxy.conf 的文件,添加下面的内容: + + $ModLoad imudp + $UDPServerRun 514 + $template Haproxy,"%msg%\n" + local0.=info ­/var/log/haproxy.log;Haproxy + local0.notice ­/var/log/haproxy­status.log;Haproxy + local0.* ~ + +这个配置会基于 $template 在 /var/log 中分割 HAProxy 日志。现在重启 rsyslog 应用这些更改。 + + # service rsyslog restart + +**Debian 或 Ubuntu:** + +在 Debian 或 Ubuntu 中启用日志,将下面的内容 + + log /dev/log local0 + log /dev/log local1 notice + +替换为: + + log 127.0.0.1 local0 + +然后为 HAProxy 配置日志分割,编辑 /etc/rsyslog.d/ 下的 haproxy.conf (在 Debian 中可能叫 49-haproxy.conf),写入下面你的内容 + + $ModLoad imudp + $UDPServerRun 514 + $template Haproxy,"%msg%\n" + local0.=info ­/var/log/haproxy.log;Haproxy + local0.notice ­/var/log/haproxy­status.log;Haproxy + local0.* ~ + +这个配置会基于 $template 在 /var/log 中分割 HAProxy 日志。现在重启 rsyslog 应用这些更改。 + + # service rsyslog restart + +#### 2. 设置默认选项 #### + +下一步是设置 HAProxy 的默认选项。在 /etc/haproxy/haproxy.cfg 的 default 段中,替换为下面的配置: + + defaults + log global + mode http + option httplog + option dontlognull + retries 3 + option redispatch + maxconn 20000 + contimeout 5000 + clitimeout 50000 + srvtimeout 50000 + +上面的配置是当 HAProxy 为 HTTP 负载均衡时建议使用的,但是并不一定是你的环境的最优方案。你可以自己研究 HAProxy 的手册并配置它。 + +#### 3. Web 集群配置 #### + +Web 集群配置定义了一组可用的 HTTP 服务器。我们的负载均衡中的大多数设置都在这里。现在我们会创建一些基本配置,定义我们的节点。将配置文件中从 frontend 段开始的内容全部替换为下面的: + + listen webfarm *:80 + mode http + stats enable + stats uri /haproxy?stats + stats realm Haproxy\ Statistics + stats auth haproxy:stats + balance roundrobin + cookie LBN insert indirect nocache + option httpclose + option forwardfor + server web01 192.168.100.2:80 cookie node1 check + server web02 192.168.100.3:80 cookie node2 check + +"listen webfarm *:80" 定义了负载均衡器监听的地址和端口。为了教程的需要,我设置为 "\*" 表示监听在所有接口上。在真实的场景汇总,这样设置可能不太合适,应该替换为可以从 internet 访问的那个网卡接口。 + + stats enable + stats uri /haproxy?stats + stats realm Haproxy\ Statistics + stats auth haproxy:stats + +上面的设置定义了,负载均衡器的状态统计信息可以通过 http:///haproxy?stats 访问。访问需要简单的 HTTP 认证,用户名为 "haproxy" 密码为 "stats"。这些设置可以替换为你自己的认证方式。如果你不需要状态统计信息,可以完全禁用掉。 + +下面是一个 HAProxy 统计信息的例子 + +![](https://farm4.staticflickr.com/3928/15416835905_a678c8f286_c.jpg) + +"balance roundrobin" 这一行表明我们使用的负载均衡类型。这个教程中,我们使用简单的轮询算法,可以完全满足 HTTP 负载均衡的需要。HAProxy 还提供其他的负载均衡类型: + +- **leastconn**:将请求调度至连接数最少的服务器­ +- **source**:对请求的客户端 IP 地址进行哈希计算,根据哈希值和服务器的权重将请求调度至后端服务器。 +- **uri**:对 URI 的左半部分(问号之前的部分)进行哈希,根据哈希结果和服务器的权重对请求进行调度 +- **url_param**:根据每个 HTTP GET 请求的 URL 查询参数进行调度,使用固定的请求参数将会被调度至指定的服务器上 +- **hdr(name**):根据 HTTP 首部中的 字段来进行调度 + +"cookie LBN insert indirect nocache" 这一行表示我们的负载均衡器会存储 cookie 信息,可以将后端服务器池中的节点与某个特定会话绑定。节点的 cookie 存储为一个自定义的名字。这里,我们使用的是 "LBN",你可以指定其他的名称。后端节点会保存这个 cookie 的会话。 + + server web01 192.168.100.2:80 cookie node1 check + server web02 192.168.100.3:80 cookie node2 check + +上面是我们的 Web 服务器节点的定义。服务器有由内部名称(如web01,web02),IP 地址和唯一的 cookie 字符串表示。cookie 字符串可以自定义,我这里使用的是简单的 node1,node2 ... node(n) + +### 启动 HAProxy ### + +如果你完成了配置,现在启动 HAProxy 并验证是否运行正常。 + +#### 在 Centos/RHEL 中启动 HAProxy #### + +让 HAProxy 开机自启,使用下面的命令 + + # chkconfig haproxy on + # service haproxy start + +当然,防火墙需要开放 80 端口,想下面这样 + +**CentOS/RHEL 7 的防火墙** + + # firewall­cmd ­­permanent ­­zone=public ­­add­port=80/tcp + # firewall­cmd ­­reload + +**CentOS/RHEL 6 的防火墙** + +把下面内容加至 /etc/sysconfig/iptables 中的 ":OUTPUT ACCEPT" 段中 + + ­A INPUT ­m state ­­state NEW ­m tcp ­p tcp ­­dport 80 ­j ACCEPT + +重启**iptables**: + + # service iptables restart + +#### 在 Debian 中启动 HAProxy #### + +#### 启动 HAProxy #### + + # service haproxy start + +不要忘了防火墙开放 80 端口,在 /etc/iptables.up.rules 中加入: + + ­A INPUT ­p tcp ­­dport 80 ­j ACCEPT + +#### 在 Ubuntu 中启动HAProxy #### + +让 HAProxy 开机自动启动在 /etc/default/haproxy 中配置 + + ENABLED=1 + +启动 HAProxy: + + # service haproxy start + +防火墙开放 80 端口: + + # ufw allow 80 + +### 测试 HAProxy ### + +检查 HAProxy 是否工作正常,我们可以这样做 + +首先准备一个 test.php 文件,文件内容如下 + + + +这个 PHP 文件会告诉我们哪台服务器(如负载均衡)转发了请求,哪台后端 Web 服务器实际处理了请求。 + +将这个 PHP 文件放到两个后端 Web 服务器的 Web 根目录中。然后用 curl 命令通过负载均衡器(192.168.100.4)访问这个文件 + + $ curl http://192.168.100.4/test.php + +我们多次使用这个命令此时,会发现交替的输出下面的内容(因为使用了轮询算法): + + Server IP: 192.168.100.2 + X-Forwarded-for: 192.168.100.4 + +---------- + + Server IP: 192.168.100.3 + X-Forwarded-for: 192.168.100.4 + +如果我们停掉一台后端 Web 服务,curl 命令仍然正常工作,请求被分发至另一台可用的 Web 服务器。 + +### 总结 ### + +现在你有了一个完全可用的负载均衡器,以轮询的模式对你的 Web 节点进行负载均衡。还可以去实验其他的配置选项以适应你的环境。希望这个教程可以帮会组你们的 Web 项目有更好的可用性。 + +你可能已经发现了,这个教程只包含单台负载均衡的设置。这意味着我们仍然有单点故障的问题。在真实场景中,你应该至少部署 2 台或者 3 台负载均衡以防止意外发生,但这不是本教程的范围。 + +如果 你有任何问题或建议,请在评论中提出,我会尽我的努力回答。 + +-------------------------------------------------------------------------------- + +via: http://xmodulo.com/haproxy-http-load-balancer-linux.html + +作者:[Jaroslav Štěpánek][a] +译者:[Liao](https://github.com/liaoishere) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:http://xmodulo.com/author/jaroslav +[1]:http://www.haproxy.org/ +[2]:http://www.haproxy.org/10g.html +[3]:http://xmodulo.com/how-to-install-lamp-server-on-ubuntu.html From 35b3139674e7705cd6b42c405807a3cd50d10621 Mon Sep 17 00:00:00 2001 From: tinyeyeser Date: Mon, 5 Jan 2015 16:13:28 +0800 Subject: [PATCH 64/98] =?UTF-8?q?=E7=BF=BB=E8=AF=91=E4=B8=AD=20by=E5=B0=8F?= =?UTF-8?q?=E7=9C=BC=E5=84=BF?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ...is Trojan Infects Linux. No, It' s Not The Tuxpocalypse.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/sources/news/20141211 Yes, This Trojan Infects Linux. No, It' s Not The Tuxpocalypse.md b/sources/news/20141211 Yes, This Trojan Infects Linux. No, It' s Not The Tuxpocalypse.md index 179335d027..9a41681b7d 100644 --- a/sources/news/20141211 Yes, This Trojan Infects Linux. No, It' s Not The Tuxpocalypse.md +++ b/sources/news/20141211 Yes, This Trojan Infects Linux. No, It' s Not The Tuxpocalypse.md @@ -1,3 +1,5 @@ +翻译中 by小眼儿 + Yes, This Trojan Infects Linux. No, It’s Not The Tuxpocalypse ================================================================================ ![Is something watching you?](http://www.omgubuntu.co.uk/wp-content/uploads/2014/12/spyware.jpg) @@ -71,4 +73,4 @@ via: http://www.omgubuntu.co.uk/2014/12/government-spying-turla-linux-trojan-fou [a]:https://plus.google.com/117485690627814051450/?rel=author [1]:https://securelist.com/blog/research/67962/the-penquin-turla-2/ [2]:https://twitter.com/joernchen/status/542060412188262400 -[3]:https://securelist.com/blog/research/67962/the-penquin-turla-2/ \ No newline at end of file +[3]:https://securelist.com/blog/research/67962/the-penquin-turla-2/ From 17bccaf9afd68897a1199dac07fec68db36b3d13 Mon Sep 17 00:00:00 2001 From: DeadFire Date: Mon, 5 Jan 2015 16:19:42 +0800 Subject: [PATCH 65/98] =?UTF-8?q?20150105-1=20=E9=80=89=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ...our Apps and PPAs in Ubuntu Using Aptik.md | 155 ++++++++++++++ ...XBMC) In Ubuntu 14.04 and Linux Mint 17.md | 46 +++++ ...5 How To Install Winusb In Ubuntu 14.04.md | 47 +++++ ...-cache commands with practical examples.md | 189 ++++++++++++++++++ 4 files changed, 437 insertions(+) create mode 100644 sources/tech/20100105 How to Backup and Restore Your Apps and PPAs in Ubuntu Using Aptik.md create mode 100644 sources/tech/20150105 How To Install Kodi 14 (XBMC) In Ubuntu 14.04 and Linux Mint 17.md create mode 100644 sources/tech/20150105 How To Install Winusb In Ubuntu 14.04.md create mode 100644 sources/tech/20150105 Ubuntu apt-get and apt-cache commands with practical examples.md diff --git a/sources/tech/20100105 How to Backup and Restore Your Apps and PPAs in Ubuntu Using Aptik.md b/sources/tech/20100105 How to Backup and Restore Your Apps and PPAs in Ubuntu Using Aptik.md new file mode 100644 index 0000000000..6d4d4b1aa3 --- /dev/null +++ b/sources/tech/20100105 How to Backup and Restore Your Apps and PPAs in Ubuntu Using Aptik.md @@ -0,0 +1,155 @@ +How to Backup and Restore Your Apps and PPAs in Ubuntu Using Aptik +================================================================================ +![00_lead_image_aptik](http://cdn5.howtogeek.com/wp-content/uploads/2014/12/650x300x00_lead_image_aptik.png.pagespeed.ic.n3TJwp8YK_.png) + +If you need to reinstall Ubuntu or if you just want to install a new version from scratch, wouldn’t it be useful to have an easy way to reinstall all your apps and settings? You can easily accomplish this using a free tool called Aptik. + +Aptik (Automated Package Backup and Restore), an application available in Ubuntu, Linux Mint, and other Debian- and Ubuntu-based Linux distributions, allows you to backup a list of installed PPAs (Personal Package Archives), which are software repositories, downloaded packages, installed applications and themes, and application settings to an external USB drive, network drive, or a cloud service like Dropbox. + +NOTE: When we say to type something in this article and there are quotes around the text, DO NOT type the quotes, unless we specify otherwise. + +To install Aptik, you must add the PPA. To do so, press Ctrl + Alt + T to open a Terminal window. Type the following text at the prompt and press Enter. + + sudo apt-add-repository –y ppa:teejee2008/ppa + +Type your password when prompted and press Enter. + +![01_command_to_add_repository](http://cdn5.howtogeek.com/wp-content/uploads/2014/12/650x99x01_command_to_add_repository.png.pagespeed.ic.UfVC9QLj54.png) + +Type the following text at the prompt to make sure the repository is up-to-date. + + sudo apt-get update + +![02_update_command](http://cdn5.howtogeek.com/wp-content/uploads/2014/12/650x252x02_update_command.png.pagespeed.ic.m9pvd88WNx.png) + +When the update is finished, you are ready to install Aptik. Type the following text at the prompt and press Enter. + + sudo apt-get install aptik + +NOTE: You may see some errors about packages that the update failed to fetch. If they are similar to the ones listed on the following image, you should have no problem installing Aptik. + +![03_command_to_install_aptik](http://cdn5.howtogeek.com/wp-content/uploads/2014/12/650x416x03_command_to_install_aptik.png.pagespeed.ic.1jtHysRO9h.png) + +The progress of the installation displays and then a message displays saying how much disk space will be used. When asked if you want to continue, type a “y” and press Enter. + +![04_do_you_want_to_continue](http://cdn5.howtogeek.com/wp-content/uploads/2014/12/650x416x04_do_you_want_to_continue.png.pagespeed.ic.WQ15_UxK5Z.png) + +When the installation if finished, close the Terminal window by typing “Exit” and pressing Enter, or by clicking the “X” button in the upper-left corner of the window. + +![05_closing_terminal_window](http://cdn5.howtogeek.com/wp-content/uploads/2014/12/650x416x05_closing_terminal_window.png.pagespeed.ic.9QoqwM7Mfr.png) + +Before running Aptik, you should set up a backup directory on a USB flash drive, a network drive, or on a cloud account, such as Dropbox or Google Drive. For this example, will will use Dropbox. + +![06_creating_backup_folder](http://cdn5.howtogeek.com/wp-content/uploads/2014/12/650x243x06_creating_backup_folder.png.pagespeed.ic.7HzR9KwAfQ.png) + +Once your backup directory is set up, click the “Search” button at the top of the Unity Launcher bar. + +![07_opening_search](http://cdn5.howtogeek.com/wp-content/uploads/2014/12/650x177x07_opening_search.png.pagespeed.ic.qvFiw6_sXa.png) + +Type “aptik” in the search box. Results of the search display as you type. When the icon for Aptik displays, click on it to open the application. + +![08_starting_aptik](http://cdn5.howtogeek.com/wp-content/uploads/2014/12/650x338x08_starting_aptik.png.pagespeed.ic.8fSl4tYR0n.png) + +A dialog box displays asking for your password. Enter your password in the edit box and click “OK.” + +![09_entering_password](http://cdn5.howtogeek.com/wp-content/uploads/2014/12/650x337x09_entering_password.png.pagespeed.ic.yanJYFyP1i.png) + +The main Aptik window displays. Select “Other…” from the “Backup Directory” drop-down list. This allows you to select the backup directory you created. + +NOTE: The “Open” button to the right of the drop-down list opens the selected directory in a Files Manager window. + +![10_selecting_other_for_directory](http://cdn5.howtogeek.com/wp-content/uploads/2014/12/650x533x10_selecting_other_for_directory.png.pagespeed.ic.dHbmYdAHYx.png) + +On the “Backup Directory” dialog box, navigate to your backup directory and then click “Open.” + +NOTE: If you haven’t created a backup directory yet, or you want to add a subdirectory in the selected directory, use the “Create Folder” button to create a new directory. + +![11_choosing_directory](http://cdn5.howtogeek.com/wp-content/uploads/2014/12/650x470x11_choosing_directory.png.pagespeed.ic.E-56x54cy9.png) + +To backup the list of installed PPAs, click “Backup” to the right of “Software Sources (PPAs).” + +![12_clicking_backup_software_sources](http://cdn5.howtogeek.com/wp-content/uploads/2014/12/650x530x13_selecting_all_software_sources.png.pagespeed.ic.zDFiDGfnks.png) + +The “Backup Software Sources” dialog box displays. The list of installed packages and the associated PPA for each displays. Select the PPAs you want to backup, or use the “Select All” button to select all the PPAs in the list. + +![13_selecting_all_software_sources](http://cdn5.howtogeek.com/wp-content/uploads/2014/12/650x530x13_selecting_all_software_sources.png.pagespeed.ic.zDFiDGfnks.png) + +Click “Backup” to begin the backup process. + +![14_clicking_backup_for_all_software_sources](http://cdn5.howtogeek.com/wp-content/uploads/2014/12/650x530x14_clicking_backup_for_all_software_sources.png.pagespeed.ic.n5h_KnQVZa.png) + +A dialog box displays when the backup is finished telling you the backup was created successfully. Click “OK” to close the dialog box. + +A file named “ppa.list” will be created in the backup directory. + +![15_closing_finished_dialog_software_sources](http://cdn5.howtogeek.com/wp-content/uploads/2014/12/650x530x15_closing_finished_dialog_software_sources.png.pagespeed.ic.V25-KgSXdY.png) + +The next item, “Downloaded Packages (APT Cache)”, is only useful if you are re-installing the same version of Ubuntu. It backs up the packages in your system cache (/var/cache/apt/archives). If you are upgrading your system, you can skip this step because the packages for the new version of the system will be newer than the packages in the system cache. + +Backing up downloaded packages and then restoring them on the re-installed Ubuntu system will save time and Internet bandwidth when the packages are reinstalled. Because the packages will be available in the system cache once you restore them, the download will be skipped and the installation of the packages will complete more quickly. + +If you are reinstalling the same version of your Ubuntu system, click the “Backup” button to the right of “Downloaded Packages (APT Cache)” to backup the packages in the system cache. + +NOTE: When you backup the downloaded packages, there is no secondary dialog box. The packages in your system cache (/var/cache/apt/archives) are copied to an “archives” directory in the backup directory and a dialog box displays when the backup is finished, indicating that the packages were copied successfully. + +![16_downloaded_packages_backed_up](http://cdn5.howtogeek.com/wp-content/uploads/2014/12/650x544x16_downloaded_packages_backed_up.png.pagespeed.ic.z8ysuwzQAK.png) + +There are some packages that are part of your Ubuntu distribution. These are not checked, since they are automatically installed when you install the Ubuntu system. For example, Firefox is a package that is installed by default in Ubuntu and other similar Linux distributions. Therefore, it will not be selected by default. + +Packages that you installed after installing the system, such as the [package for the Chrome web browser][1] or the package containing Aptik (yes, Aptik is automatically selected to back up), are selected by default. This allows you to easily back up the packages that are not included in the system when installed. + +Select the packages you want to back up and de-select the packages you don’t want to backup. Click “Backup” to the right of “Software Selections” to back up the selected top-level packages. + +NOTE: Dependency packages are not included in this backup. + +![18_clicking_backup_for_software_selections](http://cdn5.howtogeek.com/wp-content/uploads/2014/12/650x530x18_clicking_backup_for_software_selections.png.pagespeed.ic.QI5D-IgnP_.png) + +Two files, named “packages.list” and “packages-installed.list”, are created in the backup directory and a dialog box displays indicating that the backup was created successfully. Click “OK” to close the dialog box. + +NOTE: The “packages-installed.list” file lists all the packages. The “packages.list” file also lists all the packages, but indicates which ones were selected. + +![19_software_selections_backed_up](http://cdn5.howtogeek.com/wp-content/uploads/2014/12/650x530x19_software_selections_backed_up.png.pagespeed.ic.LVmgs6MKPL.png) + +To backup settings for installed applications, click the “Backup” button to the right of “Application Settings” on the main Aptik window. Select the settings you want to back up and click “Backup”. + +NOTE: Click the “Select All” button if you want to back up all application settings. + +![20_backing_up_app_settings](http://cdn5.howtogeek.com/wp-content/uploads/2014/12/650x530x20_backing_up_app_settings.png.pagespeed.ic.7_kgU3Dj_m.png) + +The selected settings files are zipped into a file called “app-settings.tar.gz”. + +![21_zipping_settings_files](http://cdn5.howtogeek.com/wp-content/uploads/2014/12/650x530x21_zipping_settings_files.png.pagespeed.ic.dgoBj7egqv.png) + +When the zipping is complete, the zipped file is copied to the backup directory and a dialog box displays telling you that the backups were created successfully. Click “OK” to close the dialog box. + +![22_app_settings_backed_up](http://cdn5.howtogeek.com/wp-content/uploads/2014/12/650x530x22_app_settings_backed_up.png.pagespeed.ic.Mb6utyLJ3W.png) + +Themes from the “/usr/share/themes” directory and icons from the “/usr/share/icons” directory can also be backed up. To do so, click the “Backup” button to the right of “Themes and Icons”. The “Backup Themes” dialog box displays with all the themes and icons selected by default. De-select any themes or icons you don’t want to back up and click “Backup.” + +![22a_backing_up_themes_and_icons](http://cdn5.howtogeek.com/wp-content/uploads/2014/12/650x530x22a_backing_up_themes_and_icons.png.pagespeed.ic.KXa8W3YhyF.png) + +The themes are zipped and copied to a “themes” directory in the backup directory and the icons are zipped and copied to an “icons” directory in the backup directory. A dialog box displays telling you that the backups were created successfully. Click “OK” to close the dialog box. + +![22b_themes_and_icons_backed_up](http://cdn5.howtogeek.com/wp-content/uploads/2014/12/650x530x22b_themes_and_icons_backed_up.png.pagespeed.ic.ejjRaymD39.png) + +Once you’ve completed the desired backups, close Aptik by clicking the “X” button in the upper-left corner of the main window. + +![23_closing_aptik](http://cdn5.howtogeek.com/wp-content/uploads/2014/12/650x542x23_closing_aptik.png.pagespeed.ic.pNk9Vt3--l.png) + +Your backup files are available in the backup directory you chose. + +![24_backup_files_in_directory](http://cdn5.howtogeek.com/wp-content/uploads/2014/12/650x374x24_backup_files_in_directory.png.pagespeed.ic.vwblOfN915.png) + +When you re-install your Ubuntu system or install a new version of Ubuntu, install Aptik on the newly installed system and make the backup files you generated available to the system. Run Aptik and use the “Restore” button for each item to restore your PPAs, applications, packages, settings, themes, and icons. + +-------------------------------------------------------------------------------- + +via: http://www.howtogeek.com/206454/how-to-backup-and-restore-your-apps-and-ppas-in-ubuntu-using-aptik/ + +作者:Lori Kaufman +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[1]:http://www.howtogeek.com/203768 \ No newline at end of file diff --git a/sources/tech/20150105 How To Install Kodi 14 (XBMC) In Ubuntu 14.04 and Linux Mint 17.md b/sources/tech/20150105 How To Install Kodi 14 (XBMC) In Ubuntu 14.04 and Linux Mint 17.md new file mode 100644 index 0000000000..21167c00b7 --- /dev/null +++ b/sources/tech/20150105 How To Install Kodi 14 (XBMC) In Ubuntu 14.04 and Linux Mint 17.md @@ -0,0 +1,46 @@ +How To Install Kodi 14 (XBMC) In Ubuntu 14.04 & Linux Mint 17 +================================================================================ +![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/01/Kodi_Xmas.jpg) + +[Kodi][1], formerly and popularly known as XBMC, has [released its latest version 14][2] which is code named Helix. It is fairly easy to **install Kodi 14 in Ubuntu 14.04** thanks to the official PPA provided by XBMC. + +For those who do not know already, Kodi is a media center application available for all major platforms like Windows, Linux, Mac, Android etc. It turns your device in to a full screen media center where you can manage all your music and videos, either on local or on network drive, watch You Tube, [Netflix][3], Hulu, Amazon Prime and other streaming services. + +### Install XBMC 14 Kodi Helix in Ubuntu 14.04, 14.10 and Linux Mint 17 ### + +Thanks to the official PPA, you can easily install Kodi 14 in Ubuntu 14.04, Ubuntu 12.04, Linux Mint 17, Pinguy OS 14.04, Deepin 2014, LXLE 14.04, Linux Lite 2.0, Elementary OS and other Ubuntu based Linux distributions. Open a terminal (Ctrl+Alt+T) and use the following commands: + + sudo add-apt-repository ppa:team-xbmc/ppa + sudo apt-get update + sudo apt-get install kodi + +The download size would be around 100 MB, which is not huge in my opinion. To install some encode addons, use the command below: + + sudo apt-get install kodi-audioencoder-* kodi-pvr-* + +#### Remove Kodi 14 from Ubuntu #### + +To uninstall Kodi 14 from your system, use the command below: + + sudo apt-get remove kodi + +You should also remove the PPA from the software sources: + + sudo add-apt-repository --remove ppa:team-xbmc/ppa + +I hope this quick post helped you to install Kodi 14 in Ubuntu, Linux Mint and other Linux. How do you find Kodi 14 Helix? Do you use some other media center as an alternative to XBMC? Do share your views in the comment section. + +-------------------------------------------------------------------------------- + +via: http://itsfoss.com/install-kodi-14-xbmc-in-ubuntu-14-04-linux-mint-17/ + +作者:[Abhishek][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:http://itsfoss.com/author/Abhishek/ +[1]:http://kodi.tv/ +[2]:http://kodi.tv/kodi-14-0-helix-unwinds/ +[3]:http://itsfoss.com/watch-netflix-in-ubuntu-14-04/ \ No newline at end of file diff --git a/sources/tech/20150105 How To Install Winusb In Ubuntu 14.04.md b/sources/tech/20150105 How To Install Winusb In Ubuntu 14.04.md new file mode 100644 index 0000000000..723edd621f --- /dev/null +++ b/sources/tech/20150105 How To Install Winusb In Ubuntu 14.04.md @@ -0,0 +1,47 @@ +How To Install Winusb In Ubuntu 14.04 +================================================================================ +![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/01/WinUSB_Ubuntu_1404.jpeg) + +[WinUSB][1] is a simple and useful tool that lets you create USB stick Windows installer from the Windows ISO image or DVD. It comprises of both GUI and command line tool and you can decide to choose which to use based on your preference. + +In this quick post we shall see **how to install WinUSB in Ubuntu 14.04, 14.10 and Linux Mint 17**. + +### Install WinUSB in Ubuntu 14.04 and Ubuntu 14.10 ### + +Until Ubuntu 13.10, WinUSB was developed actively and it was available for installation via its official PPA. This PPA has not been updated for Ubuntu 14.04 Trusty Tahr and 14.10 but the binaries are still there and works fine in newer version of Ubuntu and Linux Mint. Based on [whether your Ubuntu system is 32 bit or 64 bit][2], use the command below to download the binaries: + +Open a terminal and use the following command for 32 bit system: + + wget https://launchpad.net/~colingille/+archive/freshlight/+files/winusb_1.0.11+saucy1_i386.deb + +For 64 bit systems, use the command below: + + wget https://launchpad.net/~colingille/+archive/freshlight/+files/winusb_1.0.11+saucy1_amd64.deb + +Once you have downloaded the correct binaries, you can install WinUSB using the command below: + + sudo dpkg -i winusb* + +Don’t worry if you see error when you try to install WinUSB. Fix the dependency errors with this command: + + sudo apt-get -f install + +Afterwards, you can search for WinUSB in Unity Dash and use it to create a live USB of Windows in Ubuntu 14.04. + +![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/01/WinUSB_Ubuntu.png) + +I hope this quick post helped you to **install WinUSB in Ubuntu 14.04, 14.10 and Linux Mint 17**. + +-------------------------------------------------------------------------------- + +via: http://itsfoss.com/install-winusb-in-ubuntu-14-04/ + +作者:[Abhishek][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:http://itsfoss.com/author/Abhishek/ +[1]:http://en.congelli.eu/prog_info_winusb.html +[2]:http://itsfoss.com/how-to-know-ubuntu-unity-version/ \ No newline at end of file diff --git a/sources/tech/20150105 Ubuntu apt-get and apt-cache commands with practical examples.md b/sources/tech/20150105 Ubuntu apt-get and apt-cache commands with practical examples.md new file mode 100644 index 0000000000..66125a7553 --- /dev/null +++ b/sources/tech/20150105 Ubuntu apt-get and apt-cache commands with practical examples.md @@ -0,0 +1,189 @@ +Ubuntu apt-get & apt-cache commands with practical examples +================================================================================ +Apt-get & apt-cache are the command line **package management** utility in **Ubuntu Linux**. GUI version of apt-get command is the Synaptic Package Manager, in this post we are going to discuss 15 different examples of apt-get & apt-cache commands. + +### Example:1 List of all the available packages ### + + linuxtechi@localhost:~$ apt-cache pkgnames + account-plugin-yahoojp + ceph-fuse + dvd+rw-tools + e3 + gnome-commander-data + grub-gfxpayload-lists + gweled + ....................................... + +### Example:2 Search Packages using keywords ### + +This command is very helpful when you are not sure about package name , just enter the keyword and apt-get command will list packages related to the keyword. + + linuxtechi@localhost:~$ apt-cache search "web server" + apache2 - Apache HTTP Server + apache2-bin - Apache HTTP Server (binary files and modules) + apache2-data - Apache HTTP Server (common files) + apache2-dbg - Apache debugging symbols + apache2-dev - Apache HTTP Server (development headers) + apache2-doc - Apache HTTP Server (on-site documentation) + apache2-utils - Apache HTTP Server (utility programs for web servers) + ...................................................................... + +**Note**: If you have installed “**apt-file**” package then we can also search the package using config files as shown below : + + linuxtechi@localhost:~$ apt-file search nagios.cfg + ganglia-nagios-bridge: /usr/share/doc/ganglia-nagios-bridge/nagios.cfg + nagios3-common: /etc/nagios3/nagios.cfg + nagios3-common: /usr/share/doc/nagios3-common/examples/nagios.cfg.gz + pnp4nagios-bin: /etc/pnp4nagios/nagios.cfg + pnp4nagios-bin: /usr/share/doc/pnp4nagios/examples/nagios.cfg + +### Example:3 Display the basic information of Specific package. ### + + linuxtechi@localhost:~$ apt-cache show postfix + Package: postfix + Priority: optional + Section: mail + Installed-Size: 3524 + Maintainer: LaMont Jones + Architecture: amd64 + Version: 2.11.1-1 + Replaces: mail-transport-agent + Provides: default-mta, mail-transport-agent + ..................................................... + +### Example:4 List the dependency of Package. ### + + linuxtechi@localhost:~$ apt-cache depends postfix + postfix + Depends: libc6 + Depends: libdb5.3 + Depends: libsasl2-2 + Depends: libsqlite3-0 + Depends: libssl1.0.0 + |Depends: debconf + Depends: + cdebconf + debconf + Depends: netbase + Depends: adduser + Depends: dpkg + ............................................ + +### Example:5 Display the Cache Statistics using apt-cache. ### + + linuxtechi@localhost:~$ apt-cache stats + Total package names: 60877 (1,218 k) + Total package structures: 102824 (5,758 k) + Normal packages: 71285 + Pure virtual packages: 1102 + Single virtual packages: 9151 + Mixed virtual packages: 1827 + Missing: 19459 + Total distinct versions: 74913 (5,394 k) + Total distinct descriptions: 93792 (2,251 k) + Total dependencies: 573443 (16.1 M) + Total ver/file relations: 78007 (1,872 k) + Total Desc/File relations: 93792 (2,251 k) + Total Provides mappings: 16583 (332 k) + Total globbed strings: 171 (2,263 ) + Total dependency version space: 2,665 k + Total slack space: 37.3 k + Total space accounted for: 29.5 M + +### Example:6 Update the package repository using “apt-get update” ### + +Using the command “apt-get update” , we can resynchronize the package index files from their sources repository. Package index are retrieved from the file located at “/etc/apt/sources.list” + + linuxtechi@localhost:~$ sudo apt-get update + Ign http://extras.ubuntu.com utopic InRelease + Hit http://extras.ubuntu.com utopic Release.gpg + Hit http://extras.ubuntu.com utopic Release + Hit http://extras.ubuntu.com utopic/main Sources + Hit http://extras.ubuntu.com utopic/main amd64 Packages + Hit http://extras.ubuntu.com utopic/main i386 Packages + Ign http://in.archive.ubuntu.com utopic InRelease + Ign http://in.archive.ubuntu.com utopic-updates InRelease + Ign http://in.archive.ubuntu.com utopic-backports InRelease + ................................................................ + +### Example:7 Install a package using apt-get command. ### + + linuxtechi@localhost:~$ sudo apt-get install icinga + +In the above example we are installing a package named “icinga” + +### Example:8 Upgrade all the Installed Packages ### + + linuxtechi@localhost:~$ sudo apt-get upgrade + +### Example:9 Upgrade a Particular Package. ### + +“install” option along with “–only-upgrade” in apt-get command is used to upgrade a particular package , example is shown below : + + linuxtechi@localhost:~$ sudo apt-get install filezilla --only-upgrade + +### Example:10 Removing a package using apt-get command. ### + + linuxtechi@localhost:~$ sudo apt-get remove skype + +Above command will remove or delete the skype package only , if you want to delete its config files then use the “purge” option in the apt-get command. Example is shown below : + + linuxtechi@localhost:~$ sudo apt-get purge skype + +We can also use the combination of above commands : + + linuxtechi@localhost:~$ sudo apt-get remove --purge skype + +### Example:11 Download the package in the Current Working Directory ### + + linuxtechi@localhost:~$ sudo apt-get download icinga + Get:1 http://in.archive.ubuntu.com/ubuntu/ utopic/universe icinga amd64 1.11.6-1build1 [1,474 B] + Fetched 1,474 B in 1s (1,363 B/s) + +Above command will download icinga package in your current working directory. + +### Example:12 Clear disk Space used by retrieved package files. ### + + linuxtechi@localhost:~$ sudo apt-get clean + +Above Command will clear the disk space used by apt-get command while retrieving(download) packages. + +We can also use “**autoclean**” option in place of “**clean**“, the main difference between them is that autoclean removes package files that can no longer be downloaded, and are largely useless. + + linuxtechi@localhost:~$ sudo apt-get autoclean + Reading package lists... Done + Building dependency tree + Reading state information... Done + +### Example:13 Remove Packages using “autoremove” option. ### + +When we use “autoremove” option with apt-get command , then it will remove the packages that were installed to satisfy the dependency of other packages and are now no longer needed or used. + + linuxtechi@localhost:~$ sudo apt-get autoremove icinga + +### Example:14 Display Changelog of a Package. ### + + linuxtechi@localhost:~$ sudo apt-get changelog apache2 + Get:1 Changelog for apache2 (http://changelogs.ubuntu.com/changelogs/pool/main/a/apache2/apache2_2.4.10-1ubuntu1/changelog) [195 kB] + Fetched 195 kB in 3s (60.9 kB/s) + +Above Command will download the changelog of apache2 package and will display through sensible-pager on your screen. + +### Example:15 List broken dependencies using “check” option ### + + linuxtechi@localhost:~$ sudo apt-get check + Reading package lists... Done + Building dependency tree + Reading state information... Done + +-------------------------------------------------------------------------------- + +via: http://www.linuxtechi.com/ubuntu-apt-get-apt-cache-commands-examples/ + +作者:[Pradeep Kumar][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:http://www.linuxtechi.com/author/pradeep/ \ No newline at end of file From 06eb045b2855d3e2a722853b5b48b80e9b7d9fd7 Mon Sep 17 00:00:00 2001 From: DoubleC <450760206@qq.com> Date: Mon, 5 Jan 2015 20:13:07 +0800 Subject: [PATCH 66/98] delete source file delete source file --- .../20141127 Quick systemd-nspawn guide.md | 77 ------------------- 1 file changed, 77 deletions(-) delete mode 100644 sources/tech/20141127 Quick systemd-nspawn guide.md diff --git a/sources/tech/20141127 Quick systemd-nspawn guide.md b/sources/tech/20141127 Quick systemd-nspawn guide.md deleted file mode 100644 index 824808618e..0000000000 --- a/sources/tech/20141127 Quick systemd-nspawn guide.md +++ /dev/null @@ -1,77 +0,0 @@ -SPccman................... -Quick systemd-nspawn guide -================================================================================ -I switched to using systemd-nspawn in place of chroot and wanted to give a quick guide to using it. The short version is that I’d strongly recommend that anybody running systemd that uses chroot switch over - there really are no downsides as long as your kernel is properly configured. - -Chroot should be no stranger to anybody who works on distros, and I suspect that the majority of Gentoo users have need for it from time to time. - -### The Challenges of chroot ### - -For most interactive uses it isn’t sufficient to just run chroot. Usually you need to mount /proc, /sys, and bind mount /dev so that you don’t have issues like missing ptys, etc. If you use tmpfs you might also want to mount the new tmp, var/tmp as tmpfs. Then you might want to make other bind mounts into the chroot. None of this is particularly difficult, but you usually end up writing a small script to manage it. - -Now, I routinely do full backups, and usually that involves excluding stuff like tmp dirs, and anything resembling a bind mount. When I set up a new chroot that means updating my backup config, which I usually forget to do since most of the time the chroot mounts aren’t running anyway. Then when I do leave it mounted overnight I end up with backups consuming lots of extra space (bind mounts of large trees). - -Finally, systemd now by default handles bind mounts a little differently when they contain other mount points (such as when using -rbind). Apparently unmounting something in the bind mount will cause systemd to unmount the corresponding directory on the other side of the bind. Imagine my surprise when I unmounted my chroot bind to /dev and discovered /dev/pts and /dev/shm no longer mounted on the host. It looks like there are ways to change that, but this isn’t the point of my post (it just spurred me to find another way). - -### Systemd-nspawn’s Advantages ### - -Systemd-nspawn is a tool that launches a container, and it can operate just like chroot in its simplest form. By default it automatically sets up most of the overhead like /dev, /tmp, etc. With a few options it can also set up other bind mounts as well. When the container exits all the mounts are cleaned up. - -From the outside of the container nothing appears different when the container is running. In fact, you could spawn 5 different systemd-nspawn container instances from the same chroot and they wouldn’t have any interaction except via the filesystem (and that excludes /dev, /tmp, and so on - only changes in /usr, /etc will propagate across). Your backup won’t see the bind mounts, or tmpfs, or anything else mounted within the container. - -The container also has all those other nifty container benefits like containment - a killall inside the container won’t touch anything outside, and so on. The security isn’t airtight - the intent is to prevent accidental mistakes. - -Then, if you use a compatible sysvinit (which includes systemd, and I think recent versions of openrc), you can actually boot the container, which drops you to a getty inside. That means you can use fstab to do additional mounts inside the container, run daemons, and so on. You get almost all the benefits of virtualization for the cost of a chroot (no need to build a kernel, and so on). It is a bit odd to be running systemctl poweroff inside what looks just like a chroot, but it works. - -Note that unless you do a bit more setup you will share the same network interface with the host, so no running sshd on the container if you have it on the host, etc. I won’t get into this but it shouldn’t be hard to run a separate network namespace and bind the interfaces so that the new instance can run dhcp. - -### How to do it ### - -So, getting it actually working will likely be the shortest bit in this post. - -You need support for namespaces and multiple devpts instances in your kernel: - - CONFIG_UTS_NS=y - CONFIG_IPC_NS=y - CONFIG_USER_NS=y - CONFIG_PID_NS=y - CONFIG_NET_NS=y - CONFIG_DEVPTS_MULTIPLE_INSTANCES=y - -From there launching a namespace just like a chroot is really simple: - - systemd-nspawn -D . - -That’s it - you can exit from it just like a chroot. From inside you can run mount and see that it has taken care of /dev and /tmp for you. The “.” is the path to the chroot, which I assume is the current directory. With nothing further it runs bash inside. - -If you want to add some bind mounts it is easy: - - systemd-nspawn -D . --bind /usr/portage - -Now your /usr/portage is bound to your host, so no need to sync/etc. If you want to bind to a different destination add a “:dest” after the source, relative to the root of the chroot (so --bind foo is the same as --bind foo:foo). - -If the container has a functional init that can handle being run inside, you can add a -b to boot it: - - systemd-nspawn -D . --bind /usr/portage -b - -Watch the init do its job. Shut down the container to exit. - -Now, if that container is running systemd you can direct its journal to the host journal with -h: - - systemd-nspawn -D . --bind /usr/portage -j -b - -Now, nspawn registers the container so that it shows up in machinectl. That makes it easy to launch a new getty on it, or ssh to it (if it is running ssh - see my note above about network namespaces), or power it off from the host. - -That’s it. If you’re running systemd I’d suggest ditching chroot almost entirely in favor of nspawn. - --------------------------------------------------------------------------------- - -via: http://rich0gentoo.wordpress.com/2014/07/14/quick-systemd-nspawn-guide/ - -作者:[rich0][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 - -[a]:http://rich0gentoo.wordpress.com/ From 6e31b7ec439db2e50c644f59db754c04ad0b2c03 Mon Sep 17 00:00:00 2001 From: DoubleC <450760206@qq.com> Date: Mon, 5 Jan 2015 20:16:30 +0800 Subject: [PATCH 67/98] Create Quick systemd-nspawn guide.md complete --- translated/tech/Quick systemd-nspawn guide.md | 77 +++++++++++++++++++ 1 file changed, 77 insertions(+) create mode 100644 translated/tech/Quick systemd-nspawn guide.md diff --git a/translated/tech/Quick systemd-nspawn guide.md b/translated/tech/Quick systemd-nspawn guide.md new file mode 100644 index 0000000000..82d8dc4b3c --- /dev/null +++ b/translated/tech/Quick systemd-nspawn guide.md @@ -0,0 +1,77 @@ +systemd-nspawn 指南 +=========================== +我目前已从 chroot(译者注:chroot可以构建类似沙盒的环境,建议各位同学先了解chroot) 迁移到 systemd-nspawn,同时我写了一篇快速指南。简单的说,我强烈建议正在使用 systemd 的用户从 chroot 转为 systemd-nspawn,因为只要你的内核配置正确的话,它几乎没有什么缺点。 + +想必在各大发行版中的用户对 chroot 都不陌生,而且我猜想 Gentoo 用户要时不时的使用它。 + +###chroot 面临的挑战 + +大多数交互环境下,仅运行chroot还不够。通常还要挂载 /proc, /sys,另外为了确保不会出现类似“丢失 ptys”之类的错误,我们还得 bind(译者注:bind 是 mount 的一个选项) 挂载 /dev。如果你使用 tmpfs,你可能想要以 tmpfs 类型挂载新的 tmp, var/tmp。接下来你可能还想将其他的挂载点 bind 到 chroot 中。这些都不是特别难,但是一般情况下要写一个脚本来管理它。 + +现在我按照日常计划执行备份操作,当然有一些不必备份的数据如 tmp 目录,或任何 bind 挂载的内容。当我配置了一个新的 chroot 意味着我要更新我的备份配置了,但我经常忘记这点,因为大多数时间里 chroot 挂载点并没有运行。当这些挂载点任然存在的情况下执行备份的话,那么备份中会多出很多不需要的内容。 + +当 bind 挂载点包含其他挂载点时(比如挂载时使用 -rbind 选项),这种情况下 systemd 的默认处理方式略有不同。在 bind 挂载中卸载一些东西时,systemd 会将处于 bind 另一边的目录也卸载掉。想像一下,如果我卸载了 chroot 中以bind 挂载 /dev 的某个目录后发现主机上的 /dev/pts 与 /dev/shm 也不见了,我肯定会很吃惊。不过好像有其他方法可以避免,但是这不是我们此次讨论的重点。 + +### Systemd-nspawn 优点 + +Systemd-nspawn 用于启动一个容器,并且它的最简模式就可以像 chroot 那样运行。默认情况下,它自动配置容器所需的开销如 /dev, /tmp 等等。通过配合一些选项它也可配置其他的 bind 挂载点。当容器退出后,所有的挂载点都会被清除。 + +容器运行时,从外部看上去没什么变化。事实上,可以从同一个 chroot 产生5个不同的 systemd-nspawn 容器实例,并且除了文件系统(不包括 /dev, /tmp等,只有 /usr,/etc 的改变会传递)外它们之间没有任何联系。你的备份将会忽略 bind 挂载点、tmpfs 及任何挂载在容器中的内容。 + +它同时具有其它优秀容器的优点,比如 containment - 可以杀死容器内的所有活动但不影响外部,等等。它的安全性并不是无懈可击的-它的作用仅仅是防止意外的错误。 + +如果你使用的是兼容的 sysvinit(它包含了 systemd,openrc),你可以启动容器。这意味着,你可以在容器中使用 fstab 添加挂载点,运行守护进程等。只需要一个 chroot 的开销,几乎就可以获得虚拟化的所有好处(不需要构建内核等)。在一个看起来像 chroot 的容器中运行systemctl poweroff 看起来很奇怪,但这条命令能够起作用。 + +注意,如果不做额外配置的话那么容器就会共享主机的网络,所以主机上的容器不要运行 sshd。运行一个分离的网络 namespace 不是太难,为了新的实例可以使用DHCP,分离之后记得绑定接口。 + +###操作步骤 + +让它工作起来是此次讨论中最简短的部分了。 + +首先系统内核要支持 namespaces 与 devpts: + + CONFIG_UTS_NS=y + CONFIG_IPC_NS=y + CONFIG_USER_NS=y + CONFIG_PID_NS=y + CONFIG_NET_NS=y + CONFIG_DEVPTS_MULTIPLE_INSTANCES=y + +像 chroot 那样启动 namespace 是非常简单的: + + systemd-nspawn -D . + +也可以像 chroot 那样退出。在内部可以运行 mount 并且可以看到默认它已将 /dev 与 /tmp 准备好了。 ”.“就是 chroot 的路径,也就是当前路径。在它内部运行的是 bash。 + +如果要添加一些 bind 挂载点也非常简便: + + systemd-nspawn -D . --bind /usr/portage + +现在,容器中的 /usr/portage 就与主机的对应目录绑定起来了,我们无需 sync /etc。如果想要绑定到指定的路径,只要在原路径后添加 ”:dest“,相当于 chroot 的 root(--bind foo 与 --bind foo:foo是一样的)。 + +如果容器具有 init 功能并且可以在内部运行,可以通过添加 -b 选项启动它: + + systemd-nspawn -D . --bind /usr/portage -b + +可以观察到 init 的运作。关闭容器会自动退出。 + +如果容器内运行了 systemd ,你可以使用 -h 选项将它的日志重定向到主机的systemd日志: + + systemd-nspawn -D . --bind /usr/portage -j -b + +使用 nspawn 注册容器以便它能够在 machinectl 中显示。如此可以方便的在主机上对它进行操作,如启动新的 getty, ssh 连接,关机等。 + +如果你正在使用 systemd 那么甩开 chroot 拥抱 nspawn 吧。 + +--------------------- + +via: http://rich0gentoo.wordpress.com/2014/07/14/quick-systemd-nspawn-guide/ + +作者:[rich0][a] +译者:[SPccman](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:http://rich0gentoo.wordpress.com/ + From cd31073929e78be980c951231883606c0f8d82b0 Mon Sep 17 00:00:00 2001 From: Vic___ Date: Mon, 5 Jan 2015 20:17:49 +0800 Subject: [PATCH 68/98] Update 20150105 How To Install Kodi 14 (XBMC) In Ubuntu 14.04 and Linux Mint 17.md --- ...nstall Kodi 14 (XBMC) In Ubuntu 14.04 and Linux Mint 17.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/sources/tech/20150105 How To Install Kodi 14 (XBMC) In Ubuntu 14.04 and Linux Mint 17.md b/sources/tech/20150105 How To Install Kodi 14 (XBMC) In Ubuntu 14.04 and Linux Mint 17.md index 21167c00b7..f34efd43cd 100644 --- a/sources/tech/20150105 How To Install Kodi 14 (XBMC) In Ubuntu 14.04 and Linux Mint 17.md +++ b/sources/tech/20150105 How To Install Kodi 14 (XBMC) In Ubuntu 14.04 and Linux Mint 17.md @@ -1,3 +1,5 @@ +Vic020 + How To Install Kodi 14 (XBMC) In Ubuntu 14.04 & Linux Mint 17 ================================================================================ ![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/01/Kodi_Xmas.jpg) @@ -43,4 +45,4 @@ via: http://itsfoss.com/install-kodi-14-xbmc-in-ubuntu-14-04-linux-mint-17/ [a]:http://itsfoss.com/author/Abhishek/ [1]:http://kodi.tv/ [2]:http://kodi.tv/kodi-14-0-helix-unwinds/ -[3]:http://itsfoss.com/watch-netflix-in-ubuntu-14-04/ \ No newline at end of file +[3]:http://itsfoss.com/watch-netflix-in-ubuntu-14-04/ From 16e313d6a5a09b8879fc75a185d9d30b207f3b62 Mon Sep 17 00:00:00 2001 From: H-mudcup Date: Tue, 6 Jan 2015 12:37:04 +0800 Subject: [PATCH 69/98] Update 20141106 Tomahawk Music Player Returns With New Look, Features.md --- ...6 Tomahawk Music Player Returns With New Look, Features.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/sources/share/20141106 Tomahawk Music Player Returns With New Look, Features.md b/sources/share/20141106 Tomahawk Music Player Returns With New Look, Features.md index 187800d772..d355f04418 100644 --- a/sources/share/20141106 Tomahawk Music Player Returns With New Look, Features.md +++ b/sources/share/20141106 Tomahawk Music Player Returns With New Look, Features.md @@ -1,3 +1,5 @@ +Translating by H-mudcup + Tomahawk Music Player Returns With New Look, Features ================================================================================ **After a quiet year Tomahawk, the Swiss Army knife of music players, is back with a brand new release to sing about. ** @@ -59,4 +61,4 @@ via: http://www.omgubuntu.co.uk/2014/11/tomahawk-media-player-returns-new-look-f 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 [a]:https://plus.google.com/117485690627814051450/?rel=author -[1]:http://gettomahawk.com/ \ No newline at end of file +[1]:http://gettomahawk.com/ From ee0e9502558cd774095f3b467bf9af40621a1c60 Mon Sep 17 00:00:00 2001 From: DeadFire Date: Tue, 6 Jan 2015 16:37:55 +0800 Subject: [PATCH 70/98] =?UTF-8?q?20150106-1=20=E9=80=89=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ...gle ISO to 20 USB Drives Simultaneously.md | 59 +++ ...n Source Has Won, But It Isn't Finished.md | 47 +++ ...all New Fonts In Ubuntu 14.04 and 14.10.md | 62 ++++ ...eduplicate files on Linux with dupeGuru.md | 76 ++++ ...Linux server configs with the SaltStack.md | 339 ++++++++++++++++++ 5 files changed, 583 insertions(+) create mode 100644 sources/share/20150106 This App Can Write a Single ISO to 20 USB Drives Simultaneously.md create mode 100644 sources/talk/20150106 2015--Open Source Has Won, But It Isn't Finished.md create mode 100644 sources/tech/20150106 How To Install New Fonts In Ubuntu 14.04 and 14.10.md create mode 100644 sources/tech/20150106 How to deduplicate files on Linux with dupeGuru.md create mode 100644 sources/tech/20150106 Managing Linux server configs with the SaltStack.md diff --git a/sources/share/20150106 This App Can Write a Single ISO to 20 USB Drives Simultaneously.md b/sources/share/20150106 This App Can Write a Single ISO to 20 USB Drives Simultaneously.md new file mode 100644 index 0000000000..c1d1106e03 --- /dev/null +++ b/sources/share/20150106 This App Can Write a Single ISO to 20 USB Drives Simultaneously.md @@ -0,0 +1,59 @@ +This App Can Write a Single ISO to 20 USB Drives Simultaneously +================================================================================ +**If I were to ask you to burn a single Linux ISO to 17 USB thumb drives how would you go about doing it?** + +Code savvy folks would write a little bash script to automate the process, and a large number would use a GUI tool like the USB Startup Disk Creator to burn the ISO to each drive in turn, one by one. But the rest of us would fast conclude that neither method is ideal. + +### Problem > Solution ### + +![GNOME MultiWriter in action](http://www.omgubuntu.co.uk/wp-content/uploads/2015/01/gnome-multi-writer.jpg) + +GNOME MultiWriter in action + +Richard Hughes, a GNOME developer, faced a similar dilemma. He wanted to create a number of USB drives pre-loaded with an OS, but wanted a tool simple enough for someone like his dad to use. + +His response was to create a **brand new app** that combines both approaches into one easy to use tool. + +It’s called “[GNOME MultiWriter][1]” and lets you write a single ISO or IMG to multiple USB drives at the same time. + +It nixes the need to customize or create a command line script and relinquishes the need to waste an afternoon performing an identical set of actions on repeat. + +All you need is this app, an ISO, some thumb-drives and lots of empty USB ports. + +### Use Cases and Installing ### + +![The app can be installed on Ubuntu](http://www.omgubuntu.co.uk/wp-content/uploads/2015/01/mutli-writer-on-ubuntu.jpg) + +The app can be installed on Ubuntu + +The app has a pretty defined usage scenario, that being situations where USB sticks pre-loaded with an OS or live image are being distributed. + +That being said, it should work just as well for anyone wanting to create a solitary bootable USB stick, too — and since I’ve never once successfully created a bootable image from Ubuntu’s built-in disk creator utility, working alternatives are welcome news to me! + +Hughes, the developer, says it **supports up to 20 USB drives**, each being between 1GB and 32GB in size. + +The drawback (for now) is that GNOME MultiWriter is not a finished, stable product. It works, but at this early blush there are no pre-built binaries to install or a PPA to add to your overstocked software sources. + +If you know your way around the usual configure/make process you can get it up and running in no time. On Ubuntu 14.10 you may also need to install the following packages first: + + sudo apt-get install gnome-common yelp-tools libcanberra-gtk3-dev libudisks2-dev gobject-introspection + +If you get it up and running, give it a whirl and let us know what you think! + +Bugs and pull requests can be longed on the GitHub page for the project, which is where you’ll also found tarball downloads for manual installation. + +- [GNOME MultiWriter on Github][2] + +-------------------------------------------------------------------------------- + +via: http://www.omgubuntu.co.uk/2015/01/gnome-multiwriter-iso-usb-utility + +作者:[Joey-Elijah Sneddon][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:https://plus.google.com/117485690627814051450/?rel=author +[1]:https://github.com/hughsie/gnome-multi-writer/ +[2]:https://github.com/hughsie/gnome-multi-writer/ \ No newline at end of file diff --git a/sources/talk/20150106 2015--Open Source Has Won, But It Isn't Finished.md b/sources/talk/20150106 2015--Open Source Has Won, But It Isn't Finished.md new file mode 100644 index 0000000000..e802409fb7 --- /dev/null +++ b/sources/talk/20150106 2015--Open Source Has Won, But It Isn't Finished.md @@ -0,0 +1,47 @@ +2015: Open Source Has Won, But It Isn't Finished +================================================================================ +> After the wins of 2014, what's next? + +At the beginning of a new year, it's traditional to look back over the last 12 months. But as far as this column is concerned, it's easy to summarise what happened then: open source has won. Let's take it from the top: + +**Supercomputers**. Linux is so dominant on the Top 500 Supercomputers lists it is almost embarrassing. The [November 2014 figures][1] show that 485 of the top 500 systems were running some form of Linux; Windows runs on just one. Things are even more impressive if you look at the numbers of cores involved. Here, Linux is to be found on 22,851,693 of them, while Windows is on just 30,720; what that means is that not only does Linux dominate, it is particularly strong on the bigger systems. + +**Cloud computing**. The Linux Foundation produced an interesting [report][2] last year, which looked at the use of Linux in the cloud by large companies. It found that 75% of them use Linux as their primary platform there, against just 23% that use Windows. It's hard to translate that into market share, since the mix between cloud and non-cloud needs to be factored in; however, given the current popularity of cloud computing, it's safe to say that the use of Linux is high and increasing. Indeed, the same survey found Linux deployments in the cloud have increased from 65% to 79%, while those for Windows have fallen from 45% to 36%. Of course, some may not regard the Linux Foundation as totaly disinterested here, but even allowing for that, and for statistical uncertainties, it's pretty clear which direction things are moving in. + +**Web servers**. Open source has dominated this sector for nearly 20 years - an astonishing record. However, more recently there's been some interesting movement in market share: at one point, Microsoft's IIS managed to overtake Apache in terms of the total number of Web servers. But as Netcraft explains in its most recent [analysis][3], there's more than meets the eye here: + +> This is the second month in a row where there has been a large drop in the total number of websites, giving this month the lowest count since January. As was the case in November, the loss has been concentrated at just a small number of hosting companies, with the ten largest drops accounting for over 52 million hostnames. The active sites and web facing computers metrics were not affected by the loss, with the sites involved being mostly advertising linkfarms, having very little unique content. The majority of these sites were running on Microsoft IIS, causing it to overtake Apache in the July 2014 survey. However the recent losses have resulted in its market share dropping to 29.8%, leaving it now over 10 percentage points behind Apache. + +As that indicates, Microsoft's "surge" was more apparent than real, and largely based on linkfarms with little useful content. Indeed, Netcraft's figures for active sites paints a very different picture: Apache has 50.57% market share, with nginx second on 14.73%; Microsoft IIS limps in with a rather feeble 11.72%. This means that open source has around 65% of the active Web server market - not quite at the supercomputer level, but pretty good. + +**Mobile systems**. Here, the march of open source as the foundation of Android continues. Latest figures show that Android accounted for [83.6%][4] of smartphone shipments in the third quarter of 2014, up from 81.4% in the same quarter the previous year. Apple achieved 12.3%, down from 13.4%. As far as tablets are concerned, Android is following a similar trajectory: for the second quarter of 2014, Android notched up around [75% of global tablet sales][5], while Apple was on 25%. + +**Embedded systems**. Although it's much harder to quantify the market share of Linux in the important embedded system market, but figures from one 2013 study indicated that around [half of planned embedded systems][6] would use it. + +**Internet of Things**. In many ways this is simply another incarnation of embedded systems, with the difference that they are designed to be online, all the time. It's too early to talk of market share, but as I've [discussed][7] recently, AllSeen's open source framework is coming on apace. What's striking by their absence are any credible closed-source rivals; it therefore seems highly likely that the Internet of Things will see supercomputer-like levels of open source adoption. + +Of course, this level of success always begs the question: where do we go from here? Given that open source is approaching saturation levels of success in many sectors, surely the only way is down? In answer to that question, I recommend a thought-provoking essay from 2013 written by Christopher Kelty for the Journal of Peer Production, with the intriguing title of "[There is no free software.][8]" Here's how it begins: + +> Free software does not exist. This is sad for me, since I wrote a whole book about it. But it was also a point I tried to make in my book. Free software—and its doppelganger open source—is constantly becoming. Its existence is not one of stability, permanence, or persistence through time, and this is part of its power. + +In other words, whatever amazing free software 2014 has already brought us, we can be sure that 2015 will be full of yet more of it, as it continues its never-ending evolution. + +-------------------------------------------------------------------------------- + +via: http://www.computerworlduk.com/blogs/open-enterprise/open-source-has-won-3592314/ + +作者:[lyn Moody][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:http://www.computerworlduk.com/author/glyn-moody/ +[1]:http://www.top500.org/statistics/list/ +[2]:http://www.linuxfoundation.org/publications/linux-foundation/linux-end-user-trends-report-2014 +[3]:http://news.netcraft.com/archives/2014/12/18/december-2014-web-server-survey.html +[4]:http://www.cnet.com/news/android-stays-unbeatable-in-smartphone-market-for-now/ +[5]:http://timesofindia.indiatimes.com/tech/tech-news/Android-tablet-market-share-hits-70-in-Q2-iPads-slip-to-25-Survey/articleshow/38966512.cms +[6]:http://linuxgizmos.com/embedded-developers-prefer-linux-love-android/ +[7]:http://www.computerworlduk.com/blogs/open-enterprise/allseen-3591023/ +[8]:http://peerproduction.net/issues/issue-3-free-software-epistemics/debate/there-is-no-free-software/ \ No newline at end of file diff --git a/sources/tech/20150106 How To Install New Fonts In Ubuntu 14.04 and 14.10.md b/sources/tech/20150106 How To Install New Fonts In Ubuntu 14.04 and 14.10.md new file mode 100644 index 0000000000..d8b5102066 --- /dev/null +++ b/sources/tech/20150106 How To Install New Fonts In Ubuntu 14.04 and 14.10.md @@ -0,0 +1,62 @@ +How To Install New Fonts In Ubuntu 14.04 and 14.10 +================================================================================ +![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/01/fonts.jpg) + +Ubuntu does come with a bunch of fonts installed by default in it. But at times you might not be satisfied with the available lots of fonts. So, what you can do is to **install additional fonts in Ubuntu 14.04**, 14.10 or any other Linux system such as Linux Mint. + +### Step 1: Get fonts ### + +First and foremost, download your choice of fonts. Now you might be thinking from where can you get new fonts. Don’t worry, a simple Google search will provide you with several websites that have new fonts available for free. You can start with [fonts at Lost Type][1]. [Fonts Squirrel][2] is also a good place to download fonts. + +### Step 2: Install new fonts in Ubuntu ### + +The downloaded fonts might be in a zipped file. Extract it. Most of the fonts are either in [TTF][3] (TrueType Fonts) or in [OTF][4] (OpenType Fonts) format. Whichever it may be, just double click on the font file. It will open it in Font Viewer. In here, you can see the option to install the font in top right corner: + +![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/01/Install_New_Fonts_Ubuntu.png) + +You won’t really see anything being installed as you see when installing a software. Couple of seconds later, you’ll see the status has been changed to Installed. No prizes for guessing that the font has been now installed. + +![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/01/Install_New_Fonts_Ubuntu_1.png) + +Once installed, you can see the newly installed fonts in any application that uses fonts such as GIMP, Pinta etc. + +### Step 2: Install several fonts at once in Linux ### + +No, it is not typo. This is still step 2 but just an alternative. The method we saw above to install fonts in Ubuntu is just fine. But there is a little issue with it. What happens when you have like 20 new fonts to install. Installing all these fonts, one by one, by double clicking on them is cumbersome and inconvenient. Don’t you think the same? + +To install several fonts at once in Ubuntu, all you need to do is to create .fonts directory, if it doesn’t exist already, in your Home directory. And extract or copy paste all those TTF or OTF files in this directory. + +Go to your Home directory in File manager. Press Ctrl+H to [show hidden files in Ubuntu][5]. Right click to make a new folder and name it .fonts. That dot at the beginning is important. In Linux, if you put dot ahead of the file name, it hides the file from normal view. + +#### Alternative: #### + +Alternatively, you can install Font Manager application and manage fonts in GUI. To install Font Manager in Ubuntu, open a terminal and use the command below: + + sudo apt-get install font-manager + +Open the Font Manager from Unity Dash. You can see installed fonts and option to install new fonts, remove existing fonts etc here. + +![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/01/Font_Manager_Ubuntu.jpeg) + +To remove Font Manager, use the command below: + + sudo apt-get remove font-manager + +I hope this quick helped you to install fonts in Ubuntu and other Linux systems. Do let me know if you have questions or suggestions. + +-------------------------------------------------------------------------------- + +via: http://itsfoss.com/install-fonts-ubuntu-1404-1410/ + +作者:[Abhishek][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:http://itsfoss.com/author/Abhishek/ +[1]:http://www.losttype.com/browse/ +[2]:http://www.fontsquirrel.com/ +[3]:http://en.wikipedia.org/wiki/TrueType +[4]:http://en.wikipedia.org/wiki/OpenType +[5]:http://itsfoss.com/hide-folders-and-show-hidden-files-in-ubuntu-beginner-trick/ \ No newline at end of file diff --git a/sources/tech/20150106 How to deduplicate files on Linux with dupeGuru.md b/sources/tech/20150106 How to deduplicate files on Linux with dupeGuru.md new file mode 100644 index 0000000000..28b968f498 --- /dev/null +++ b/sources/tech/20150106 How to deduplicate files on Linux with dupeGuru.md @@ -0,0 +1,76 @@ +How to deduplicate files on Linux with dupeGuru +================================================================================ +Recently, I was given the task to clean up my father's files and folders. What made it difficult was the abnormal amount of duplicate files with incorrect names. By keeping a backup on an external drive, simultaneously editing multiple versions of the same file, or even changing the directory structure, the same file can get copied many times, change names, change locations, and just clog disk space. Hunting down every single one of them can become a problem of gigantic proportions. Hopefully, there exists nice little software that can save your precious hours by finding and removing duplicate files on your system: [dupeGuru][1]. Written in Python, this file deduplication software switched to a GPLv3 license a few hours ago. So time to apply your new year's resolutions and clean up your stuff! + +### Installation of dupeGuru ### + +On Ubuntu, you can add the Hardcoded Software PPA: + + $ sudo apt-add-repository ppa:hsoft/ppa + $ sudo apt-get update + +And then install with: + + $ sudo apt-get install dupeguru-se + +On Arch Linux, the package is present in the [AUR][2]. + +If you prefer compiling it yourself, the sources are on [GitHub][3]. + +### Basic Usage of dupeGuru ### + +DupeGuru is conceived to be fast and safe. Which means that the program is not going to run berserk on your system. It has a very low risk of deleting stuff that you did not intend to delete. However, as we are still talking about file deletion, it is always a good idea to stay vigilant and cautious: a good backup is always necessary. + +Once you took your precautions, you can launch dupeGuru via the command: + + $ dupeguru_se + +You should be greeted by the folder selection screen, where you can add folders to scan for deduplication. + +![](https://farm9.staticflickr.com/8596/16199976251_f78b042fba.jpg) + +Once you selected your directories and launched the scan, dupeGuru will show its results by grouping duplicate files together in a list. + +![](https://farm9.staticflickr.com/8600/16016041367_5ab2834efb_z.jpg) + +Note that by default dupeGuru matches files based on their content, and not their name. To be sure that you do not accidentally delete something important, the match column shows you the accuracy of the matching algorithm. From there, you can select the duplicate files that you want to take action on, and click on "Actions" button to see available actions. + +![](https://farm8.staticflickr.com/7516/16199976361_c8f919b06e_b.jpg) + +The choice of actions is quite extensive. In short, you can delete the duplicates, move them to another location, ignore them, open them, rename them, or even invoke a custom command on them. If you choose to delete a duplicate, you might get as pleasantly surprised as I was by available deletion options. + +![](https://farm8.staticflickr.com/7503/16014366568_54f70e3140.jpg) + +You can not only send the duplicate files to the trash or delete them permanently, but you can also choose to leave a link to the original file (either using a symlink or a hardlink). In oher words, the duplicates will be erased, and a link to the original will be left instead, saving a lot of disk space. This can be particularly useful if you imported those files into a workspace, or have dependencies based on them. + +Another fancy option: you can export the results to a HTML or CSV file. Not really sure why you would do that, but I suppose that it can be useful if you prefer keeping track of duplicates rather than use any of dupeGuru's actions on them. + +Finally, last but not least, the preferences menu will make all your dream about duplicate busting come true. + +![](https://farm8.staticflickr.com/7493/16015755749_a9f343b943_z.jpg) + +There you can select the criterion for the scan, either content based or name based, and a threshold for duplicates to control the number of results. It is also possible to define the custom command that you can select in the actions. Among the myriad of other little options, it is good to notice that by default, dupeGuru ignores files less than 10KB. + +For more information, I suggest that you go check out the [official website][4], which is filled with documention, support forums, and other goodies. + +To conclude, dupeGuru is my go-to software whenever I have to prepare a backup or to free some space. I find it powerful enough for advanced users, and yet intuitive to use for newcomers. Cherry on the cake: dupeGuru is cross platform, which means that you can also use it for your Mac or Windows PC. If you have specific needs, and want to clean up music or image files, there exists two variations: [dupeguru-me][5] and [dupeguru-pe][6], which respectively find duplicate audio tracks and pictures. The main difference from the regular version is that it compares beyond file formats and takes into account specific media meta-data like quality and bit-rate. + +What do you think of dupeGuru? Would you consider using it? Or do you have any alternative deduplication software to suggest? Let us know in the comments. + +-------------------------------------------------------------------------------- + +via: http://xmodulo.com/dupeguru-deduplicate-files-linux.html + +作者:[Adrien Brochard][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:http://xmodulo.com/author/adrien +[1]:http://www.hardcoded.net/dupeguru/ +[2]:https://aur.archlinux.org/packages/dupeguru-se/ +[3]:https://github.com/hsoft/dupeguru +[4]:http://www.hardcoded.net/dupeguru/ +[5]:http://www.hardcoded.net/dupeguru_me/ +[6]:http://www.hardcoded.net/dupeguru_pe/ \ No newline at end of file diff --git a/sources/tech/20150106 Managing Linux server configs with the SaltStack.md b/sources/tech/20150106 Managing Linux server configs with the SaltStack.md new file mode 100644 index 0000000000..c98c487eb2 --- /dev/null +++ b/sources/tech/20150106 Managing Linux server configs with the SaltStack.md @@ -0,0 +1,339 @@ +Managing Linux server configs with the SaltStack +================================================================================ +![](http://techarena51.com/wp-content/uploads/2015/01/SaltStack+logo+-+black+on+white.png) + +I came across Salt while searching for an alternative to [Puppet][1]. I like puppet, but I am falling in love with Salt :). This maybe a personal opinion but I found Salt easier to configure and get started with as compared to Puppet. Another reason I like Salt is that it let’s you manage your server configurations from the command line, for example: + +To update all your servers with Salt, just run + + salt ‘*’ pkg.upgrade + +**Installing the SaltStack on Linux.** + +Salt is available in the EPEL repo if you are installing it on CentOS 6/7, Pi and Ubuntu linux users can add the Salt Repository from [here][2]. Since Salt is python based you can also use ‘pip’ to install it but you have take care of dependencies like yum-utils and other packages yourself. + +Salt follows the Server-Client model, The Server is known as the master whereas clients are called minions. + +**Installation and Configuration of a Salt Master** + + [root@salt-master~]# yum install salt-master + +Salt configurations files are stored in /etc/salt and /srv/salt. Salt is good to go out of the box, but I would recommend you configure a bit more verbose logging to help your troubleshoot. + + [root@salt-master ~]# vim /etc/salt/master + #Default is warning change to the following + log_level: debug + log_level_logfile: debug + + [root@salt-master ~]# systemctl start salt-master + +**Installation and Configuration of a Salt minion** + + [root@salt-minion~]#yum install salt-minion + + #Add the hostname of your Salt Master + [root@salt-minion~]#vim /etc/salt/minion + master: salt-master.com + #start the minion + [root@salt-minion~] systemctl start salt-minion + +On Startup, a minion will generate a cryptographic key and an id. It will then connect to the Salt Master and identify itself. The Salt Master must accept the minion’s key before allowing the minion to download a configuration. + +**Listing and Accepting keys on the Salt Master** + + #List all keys + [root@salt-master~] salt-key -L + Accepted Keys: + Unaccepted Keys: + minion.com + Rejected Keys: + + #Accept key with id ‘minion.com’ + [root@salt-master~]salt-key -a minion.com + + [root@salt-master~] salt-key -L + Accepted Keys: + minion.com + Unaccepted Keys: + Rejected Keys: + +Once you have accepted a minions keys, you can get information on it immediately using the ‘salt’ command. + +**Salt command line examples** + + #Check if a minion is up and running + [root@salt-master~] salt 'minion.com' test.ping + minion.com: + True + # run shell commands on the minion + [root@salt-master~]# salt 'minion.com' cmd.run 'ls -l' + minion.com: + total 2988 + -rw-r--r--. 1 root root 1024 Jul 31 08:24 1g.img + -rw-------. 1 root root 940 Jul 14 15:04 anaconda-ks.cfg + -rw-r--r--. 1 root root 1024 Aug 14 17:21 test + #install/update a software on all your servers + [root@salt-master ~]# salt '*' pkg.install git + +The salt command needs a few components to send information. One of these components is the minion id and another is the function to be called on the minion. +In the first example I used the ‘ping’ function of the ‘test’ module to check if the system is up. This function does not perform an actual ping, it just return’s ‘true’ if the minion responds. +‘cmd.run’ is used to execute remote commands and ‘pkg’ module contains functions for package management. The full list of builin modules is at the end of this post. + +**Grains example** + +Salt uses an interface called **Grains** to get system information. You can use grains to run commands on systems with particular properties. + + [root@vps4544 ~]# salt -G 'os:Centos' test.ping + minion: + True + +More grain examples are available at http://docs.saltstack.com/en/latest/topics/targeting/grains.html + +**Package Management via the State File System.** + +In order to automate software configurations you will need to use the state system and create a state file. These files use the YAML format and python dictionaries, lists, strings and numbers for data structure. Reading up on them will help you understand the configurations better. + +**VIM state file example** + + [root@salt-master~]# vim /srv/salt/vim.sls + vim-enhanced: + pkg.installed + /etc/vimrc: + file.managed: + - source: salt://vimrc + - user: root + - group: root + - mode: 644 + + +The first and third line in this file are called state id. They must contain the exact name or path of the package or file to be managed. After the state ids are state and function declaration. ‘pkg’ and file are state declarations whereas ‘installed’ and ‘managed’ are function declarations. Functions accept arguments, user,group,mode and source are all arguments to the function ‘managed’. + +To apply this configuration to a minion move your ‘vimrc’ file to ‘/srv/salt’ and run. + + [root@salt-master~]# salt 'minion.com' state.sls vim + minion.com: + ---------- + ID: vim-enhanced + Function: pkg.installed + Result: True + Comment: The following packages were installed/updated: vim-enhanced. + Started: 09:36:23.438571 + Duration: 94045.954 ms + Changes: + ---------- + vim-enhanced: + ---------- + new: + 7.4.160-1.el7 + old: + + + Summary + ------------ + Succeeded: 1 (changed=1) + Failed: 0 + ------------ + Total states run: 1 + +You can also add dependencies to your configurations. + + [root@salt-master~]# vim /srv/salt/ssh.sls + openssh-server: + pkg.installed + + + /etc/ssh/sshd_config: + file.managed: + - user: root + - group: root + - mode: 600 + - source: salt://ssh/sshd_config + + sshd: + service.running: + - require: + - pkg: openssh-server + +The ‘require’ statement here is a requisite declaration, it creates a dependency between the ‘service’ and ‘pkg’ states. This declaration will first check if the package is installed and then run the service. + +However, I prefer using the ‘watch’ statement as it also checks for file modifications and restarts the service. + + [root@salt-master~]# vim /srv/salt/ssh.sls + openssh-server: + pkg.installed + + + /etc/ssh/sshd_config: + file.managed: + - user: root + - group: root + - mode: 600 + - source: salt://sshd_config + + sshd: + service.running: + - watch: + - pkg: openssh-server + - file: /etc/ssh/sshd_config + + [root@vps4544 ssh]# salt 'minion.com' state.sls ssh + seven.leog.in: + Changes: + ---------- + ID: openssh-server + Function: pkg.installed + Result: True + Comment: Package openssh-server is already installed. + Started: 13:01:55.824367 + Duration: 1.156 ms + Changes: + ---------- + ID: /etc/ssh/sshd_config + Function: file.managed + Result: True + Comment: File /etc/ssh/sshd_config updated + Started: 13:01:55.825731 + Duration: 334.539 ms + Changes: + ---------- + diff: + --- + +++ + @@ -14,7 +14,7 @@ + # SELinux about this change. + # semanage port -a -t ssh_port_t -p tcp #PORTNUMBER + # + -Port 22 + +Port 422 + #AddressFamily any + #ListenAddress 0.0.0.0 + #ListenAddress :: + + ---------- + ID: sshd + Function: service.running + Result: True + Comment: Service restarted + Started: 13:01:56.473121 + Duration: 407.214 ms + Changes: + ---------- + sshd: + True + + Summary + ------------ + Succeeded: 4 (changed=2) + Failed: 0 + ------------ + Total states run: 4 + +Maintaining all config files in single directory can make scaling a complex task, hence you can create sub-directories and add your configuration in them with a init.sls file + + [root@salt-master~]# mkdir /srv/salt/ssh + [root@salt-master~]# vim /srv/salt/ssh/init.sls + openssh-server: + pkg.installed + + + /etc/ssh/sshd_config: + file.managed: + - user: root + - group: root + - mode: 600 + - source: salt://ssh/sshd_config + + sshd: + service.running: + - watch: + - pkg: openssh-server + - file: /etc/ssh/sshd_config + + [root@vps4544 ssh]# cp /etc/ssh/sshd_config /srv/salt/ssh/ + [root@vps4544 ssh]# salt 'minion.com' state.sls ssh + +**Top File and Environments.** + +A Top file (top.sls) is where you define your environments. A top file allows you to map minions to packages. The default environment is ‘base’. You need to define which packages will be installed on which server under the base environment. + +If there are multiple environments and more than one definitions for a particular minion is used then by default the base environment will supersede the others. + +To define an environment you need to add it to the ‘file_roots’ directive in the master configuration file. + + [root@salt-master ~]# vim /etc/salt/master + file_roots: + base: + - /srv/salt + dev: + - /srv/salt/dev + +Now add a top.sls file in /srv/salt + + [root@salt-master ~]# vim /srv/salt/top.sls + base: + '*': + - vim + 'minion.com': + - ssh + +Apply the top file configuration with + + [root@salt-master~]# salt '*' state.highstate + minion.com: + ---------- + ID: vim-enhanced + Function: pkg.installed + Result: True + Comment: Package vim-enhanced is already installed. + Started: 13:10:55 + Duration: 1678.779 ms + Changes: + ---------- + ID: openssh-server + Function: pkg.installed + Result: True + Comment: Package openssh-server is already installed. + Started: 13:10:55. + Duration: 2.156 ms + +The minion will download the top file and search for it’s configuration. It will also apply the configuration for all minions. + +This is just a brief introduction to Salt, for in depth understanding you can go through the links below and if you are already using Salt and have any recommendations do let me know. + +Update: [Foreman][3] has support for salt via [plugins][4]. + +Read + +- http://docs.saltstack.com/en/latest/ref/states/top.html#how-top-files-are-compiled +- http://docs.saltstack.com/en/latest/topics/tutorials/states_pt1.html +- http://docs.saltstack.com/en/latest/ref/states/highstate.html#state-declaration + +Grains + +- http://docs.saltstack.com/en/latest/topics/targeting/grains.html + +List of Salt Modules + +Good comparison of Salt and puppet + +- https://mywushublog.com/2013/03/configuration-management-with-salt-stack/ + +Full list of builtin execution modules + +- http://docs.saltstack.com/en/latest/ref/modules/all/ + +-------------------------------------------------------------------------------- + +via: http://techarena51.com/index.php/getting-started-with-saltstack/ + +作者:[Leo G][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:http://techarena51.com/ +[1]:http://techarena51.com/index.php/a-simple-way-to-install-and-configure-a-puppet-server-on-linux/ +[2]:http://docs.saltstack.com/en/latest/topics/installation/index.html +[3]:http://techarena51.com/index.php/using-foreman-opensource-frontend-puppet/ +[4]:https://github.com/theforeman/foreman_salt/wiki \ No newline at end of file From f604661fa17704504c240b043f7d960daf7f46e0 Mon Sep 17 00:00:00 2001 From: tinyeyeser Date: Tue, 6 Jan 2015 17:11:37 +0800 Subject: [PATCH 71/98] =?UTF-8?q?=E5=B7=B2=E7=BF=BB=E8=AF=91=20by=E5=B0=8F?= =?UTF-8?q?=E7=9C=BC=E5=84=BF?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: tinyeyeser --- ...s Linux. No, It' s Not The Tuxpocalypse.md | 76 ------------------- ...s Linux. No, It' s Not The Tuxpocalypse.md | 76 +++++++++++++++++++ 2 files changed, 76 insertions(+), 76 deletions(-) delete mode 100644 sources/news/20141211 Yes, This Trojan Infects Linux. No, It' s Not The Tuxpocalypse.md create mode 100644 translated/news/20141211 Yes, This Trojan Infects Linux. No, It' s Not The Tuxpocalypse.md diff --git a/sources/news/20141211 Yes, This Trojan Infects Linux. No, It' s Not The Tuxpocalypse.md b/sources/news/20141211 Yes, This Trojan Infects Linux. No, It' s Not The Tuxpocalypse.md deleted file mode 100644 index 9a41681b7d..0000000000 --- a/sources/news/20141211 Yes, This Trojan Infects Linux. No, It' s Not The Tuxpocalypse.md +++ /dev/null @@ -1,76 +0,0 @@ -翻译中 by小眼儿 - -Yes, This Trojan Infects Linux. No, It’s Not The Tuxpocalypse -================================================================================ -![Is something watching you?](http://www.omgubuntu.co.uk/wp-content/uploads/2014/12/spyware.jpg) - -Is something watching you? - -Grab a crate of canned food, start digging a deep underground bunker and prepare to settle into a world that will never be the same again: [a powerful trojan has been uncovered on Linux][1]. - -Yes, the hitherto impregnable fortress of computing nirvana has been compromised in a way that has left security experts a touch perturbed. - -Unplug your PC, disinfect your keyboard and buy a cat (no more YouTube ). The Tuxpocalypse is upon us. We’ve reached the end of days. - -Right? RIGHT? Nah, not quite. - -### A Terrifying Anomalous Thing! ### - -Let me set off by saying that **I am not underplaying the severity of this threat (known by the nickname ‘Turla’)** nor, for the avoidance of doubt, am I suggesting that we as Linux users shouldn’t be concerned by the implications. - -The discovery of a silent trojan infecting Linux systems is terrifying. The fact it was tasked with sucking up and sending off all sorts of sensitive information is horrific. And to learn it’s been doing this for at least four years and doesn’t require root privileges? My seat is wet. I’m sorry. - -But — and along with hyphens and typos, there’s always a ‘but’ on this site — the panic currently sweeping desktop Linux fans, Mexican wave style, is a little out of context. - -Vulnerability may be a new feeling for some of us, yet let’s keep it in check: Linux remains an inherently secure operating system for desktop users. One clever workaround does not negate that and shouldn’t send you scurrying offline. - -### State Sponsored, Targeting Governments ### - -![Is a penguin snake a ‘Penguake’ or a ‘Snaguin’?](http://www.omgubuntu.co.uk/wp-content/uploads/2014/12/penguin-snakle-by-icao-292x300.jpg) - -Is a penguin snake a ‘Penguake’ or a ‘Snaguin’? - -‘Turla’ is a complex APT (Advanced Persistent Threat) that has (thus far) targeted government, embassy and pharmaceutical companies’ systems for around four years using a method based on [14 year old code, no less][2]. - -On Windows, where the superhero security researchers at Symantec and Kaspersky Lab first sighted the slimy snake, Turla and components of it were found to have **infected hundreds (100s) of PCs across 45 countries**, many through unpatched zero-day exploits. - -*Nice one Microsoft.* - -Further diligence by Kaspersky Lab has now uncovered that parts of the same trojan have also been active on Linux for some time. - -The Trojan doesn’t require elevated privileges and can “intercept incoming packets and run incoming commands on the system”, but it’s not yet clear how deep its tentacles reach or how many Linux systems are infected, nor is the full extent of its capabilities known. - -“Turla” (and its children) are presumed to be nation-state sponsored due to its choice of targets. US and UK readers shouldn’t assume it’s “*them*“, either. Our own governments are just as happy to play in the mud, too. - -#### Perspective and Responsibility #### - -As terrible a breach as this discovery is emotionally, technically and ethically it remains far, far, far away from being an indication that we’re entering a new “free for all” era of viruses and malware aimed at the desktop. - -**Turla is not a user-focused “i wantZ ur CredIt carD” virus** bundled inside a faux software download. It’s a complex, finessed and adaptable threat with specific targets in mind (ergo grander ambitions than collecting a bunch of fruity tube dot com passwords, sorry ego!). - -Kaspersky Lab explains: - -> “The Linux Turla module is a C/C++ executable statically linked against multiple libraries, greatly increasing its file size. It was stripped of symbol information, more likely intended to increase analysis effort than to decrease file size. Its functionality includes hidden network communications, arbitrary remote command execution, and remote management. Much of its code is based on public sources.” - -Regardless of impact or infection rate its precedes will still raise big, big questions that clever, clever people will now spend time addressing, analysing and (importantly) solving. - -IANACSE (I am not a computer security expert) but IAFOA (I am a fan of acronyms), and AFAICT (as far as I can tell) this news should be viewed as as a cautionary PSA or FYI than the kind of OMGGTFO that some sites are painting it as. - -Until more details are known none of us should panic. Let’s continue to practice safe computing. Avoid downloading/running scripts, apps, or binaries from untrusted sites or PPAs, and don’t venture into dodgy dark parts of the web. - -If you remain super concerned you can check out the [Kaspersky blog][1] for details on how to check that you’re not infected. - --------------------------------------------------------------------------------- - -via: http://www.omgubuntu.co.uk/2014/12/government-spying-turla-linux-trojan-found - -作者:[Joey-Elijah Sneddon][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 - -[a]:https://plus.google.com/117485690627814051450/?rel=author -[1]:https://securelist.com/blog/research/67962/the-penquin-turla-2/ -[2]:https://twitter.com/joernchen/status/542060412188262400 -[3]:https://securelist.com/blog/research/67962/the-penquin-turla-2/ diff --git a/translated/news/20141211 Yes, This Trojan Infects Linux. No, It' s Not The Tuxpocalypse.md b/translated/news/20141211 Yes, This Trojan Infects Linux. No, It' s Not The Tuxpocalypse.md new file mode 100644 index 0000000000..dd4ab73b88 --- /dev/null +++ b/translated/news/20141211 Yes, This Trojan Infects Linux. No, It' s Not The Tuxpocalypse.md @@ -0,0 +1,76 @@ +没错,Linux是感染了木马!但,这并非企鹅的末日。 +================================================================================ +![Is something watching you?](http://www.omgubuntu.co.uk/wp-content/uploads/2014/12/spyware.jpg) + +译注:原文标题中Tuxpocalypse是作者造的词,由Tux和apocalypse组合而来。Tux是Linux的LOGO中那只企鹅的名字,apocalypse意为末世、大灾变,这里翻译成企鹅的末日。 + +你被监视了吗? + +带上一箱罐头,挖一个深坑碉堡,准备进入一个完全不同的新世界吧:[一个强大的木马已经在Linux中被发现][1]。 + +没错,迄今为止最牢不可破的计算机世外桃源已经被攻破了,安全专家们都已成惊弓之鸟。 + +关掉电脑,拔掉键盘,然后再买只猫(忘掉YouTube吧)。企鹅末日已经降临,我们的日子不多了。 + +我去?这是真的吗?依我看,不一定吧~ + +### 一次可怕的异常事件! ### + +先声明,**我并没有刻意轻视此次威胁(人们给这个木马起名为‘Turla’)的严重性**,为了避免质疑,我要强调的是,作为Linux用户,我们不应该为此次事件过分担心。 + +此次发现的木马能够在人们毫无察觉的情况下感染Linux系统,这是非常可怕的。事实上,它的主要工作是搜寻并向外发送各种类型的敏感信息,这一点同样令人感到恐惧。据了解,它已经存在至少4年时间,而且无需root权限就能完成这些工作。呃,这是要把人吓尿的节奏吗? + +But - 但是 - 新闻稿里常常这个时候该出现‘but’了 - 要说恐慌正在横扫桌面Linux的粉丝,那就有点断章取义、甚至不着边际了。 + +对我们中的有些人来说,计算机安全隐患的确是一种新鲜事物,然而我们应该对其审慎对待:对桌面用户来说,Linux仍然是一个天生安全的操作系统。一次瑕疵不应该否定它的一切,我们没有必要慌忙地割断网线。 + +### 国家资助,目标政府 ### + +![Is a penguin snake a ‘Penguake’ or a ‘Snaguin’?](http://www.omgubuntu.co.uk/wp-content/uploads/2014/12/penguin-snakle-by-icao-292x300.jpg) + +企鹅和蛇的组合该叫‘企蛇’还是‘蛇鹅’? + +‘Turla’木马是一个复杂、高级的持续威胁,四年多来,它以政府、大使馆以及制药公司的系统为目标,其使用的攻击方式所基于的代码[至少在14年前][2]就已存在了。 + +在Windows系统中,安全研究领域来自赛门铁克和卡巴斯基实验室的超级英雄们首先发现了这条黏黏的蛇,他们发现Turla及其组件已经**感染了45个国家的数百台个人电脑**,其中许多都是通过未打补丁的0day漏洞感染的。 + +*微软,干得漂亮。* + +经过卡巴斯基实验室的进一步努力,他们发现,同样的木马出现在了Linux上。 + +这款木马无需高权限就可以“拦截传入的数据包,在系统中执行传入的命令”,但是它的触角到底有多深,有多少Linux系统被感染,它的完整功能都有哪些,这些目前都暂时还不明朗。 + +根据它选定的目标,我们推断“Turla”(及其变种)是由某些民族的国家资助的。美国和英国的读者不要想当然以为这些国家就是“伊斯兰国家”。不要忘了我们自己的政府也很乐于趟这摊浑水。 + +#### 观点 与 责任 #### + +这次的发现从情感上、技术上、伦理上,都是一次严重的失利,但它远没有达到说我们已经进入一个病毒和恶意软件针对桌面自由肆虐的时代。 + +**Turla 并不是那种用户关注的“我想要你的信用卡”病毒**,那些病毒往往绑定在一个伪造的软件下载链接中。Turla是一种复杂的、经过巧妙处理的、具有高度适应性的威胁,它时刻都具有着特定的目标(因此它绝不仅仅满足于搜集一些卖萌少女的网站账户密码,sorry 绿茶婊们!)。 + +卡巴斯基实验室是这样介绍的: + +> “Linux上的Turla模块是一个链接多个静态库的C/C++可执行文件,这大大增加了它的文件体积。但它并没有着重减小自身的文件体积,而是剥离了自身的符号信息,这样就增加了对它逆向分析的难度。它的功能主要包括隐藏网络通信、远程执行任意命令以及远程管理等等。它的大部分代码都基于公开源码。” + +不管它的影响和感染率如何,它的技术优势都将不断给那些号称聪明的专家们留下一个又一个问题,就让他们花费大把时间去追踪、分析、解决这些问题吧。 + +我不是一个计算机安全专家,但我是一个理智的网络脑残粉,要我说,这次事件应该被看做是一个通(jing)报(gao),而并非有些网站所标榜的洪(shi)水(jie)猛(mo)兽(ri)。 + +在更多细节披露之前,我们都不必恐慌。只需继续计算机领域的安全实践,避免从不信任的网站或PPA源下载运行脚本、app或二进制文件,更不要冒险进入web网络的黑暗领域。 + +如果你仍然十分担心,你可以前往[卡巴斯基的博客][1]查看更多细节,以确定自己是否感染。 + +-------------------------------------------------------------------------------- + +via: http://www.omgubuntu.co.uk/2014/12/government-spying-turla-linux-trojan-found + +作者:[Joey-Elijah Sneddon][a] +译者:[Mr小眼儿](http://blog.csdn.net/tinyeyeser) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:https://plus.google.com/117485690627814051450/?rel=author +[1]:https://securelist.com/blog/research/67962/the-penquin-turla-2/ +[2]:https://twitter.com/joernchen/status/542060412188262400 +[3]:https://securelist.com/blog/research/67962/the-penquin-turla-2/ \ No newline at end of file From a950929cddcbcd85e51b6dc0af62387c3f041d43 Mon Sep 17 00:00:00 2001 From: tinyeyeser Date: Tue, 6 Jan 2015 17:22:28 +0800 Subject: [PATCH 72/98] =?UTF-8?q?=E5=B7=B2=E7=BF=BB=E8=AF=91=20by=E5=B0=8F?= =?UTF-8?q?=E7=9C=BC=E5=84=BF?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ...is Trojan Infects Linux. No, It' s Not The Tuxpocalypse.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/translated/news/20141211 Yes, This Trojan Infects Linux. No, It' s Not The Tuxpocalypse.md b/translated/news/20141211 Yes, This Trojan Infects Linux. No, It' s Not The Tuxpocalypse.md index dd4ab73b88..a1ccaafd1b 100644 --- a/translated/news/20141211 Yes, This Trojan Infects Linux. No, It' s Not The Tuxpocalypse.md +++ b/translated/news/20141211 Yes, This Trojan Infects Linux. No, It' s Not The Tuxpocalypse.md @@ -40,7 +40,7 @@ But - 但是 - 新闻稿里常常这个时候该出现‘but’了 - 要说恐 这款木马无需高权限就可以“拦截传入的数据包,在系统中执行传入的命令”,但是它的触角到底有多深,有多少Linux系统被感染,它的完整功能都有哪些,这些目前都暂时还不明朗。 -根据它选定的目标,我们推断“Turla”(及其变种)是由某些民族的国家资助的。美国和英国的读者不要想当然以为这些国家就是“伊斯兰国家”。不要忘了我们自己的政府也很乐于趟这摊浑水。 +根据它选定的目标,我们推断“Turla”(及其变种)是由某些民族的国家资助的。美国和英国的读者不要想当然以为这些国家就是“那些国家”。不要忘了我们自己的政府也很乐于趟这摊浑水。 #### 观点 与 责任 #### @@ -73,4 +73,4 @@ via: http://www.omgubuntu.co.uk/2014/12/government-spying-turla-linux-trojan-fou [a]:https://plus.google.com/117485690627814051450/?rel=author [1]:https://securelist.com/blog/research/67962/the-penquin-turla-2/ [2]:https://twitter.com/joernchen/status/542060412188262400 -[3]:https://securelist.com/blog/research/67962/the-penquin-turla-2/ \ No newline at end of file +[3]:https://securelist.com/blog/research/67962/the-penquin-turla-2/ From 78aab177aca431de3aea0c53d1113a50c30889d7 Mon Sep 17 00:00:00 2001 From: geekpi Date: Tue, 6 Jan 2015 17:54:21 +0800 Subject: [PATCH 73/98] Update 20150105 Ubuntu apt-get and apt-cache commands with practical examples.md --- ... apt-get and apt-cache commands with practical examples.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/sources/tech/20150105 Ubuntu apt-get and apt-cache commands with practical examples.md b/sources/tech/20150105 Ubuntu apt-get and apt-cache commands with practical examples.md index 66125a7553..90c0724d76 100644 --- a/sources/tech/20150105 Ubuntu apt-get and apt-cache commands with practical examples.md +++ b/sources/tech/20150105 Ubuntu apt-get and apt-cache commands with practical examples.md @@ -1,3 +1,5 @@ +Translating------geekpi + Ubuntu apt-get & apt-cache commands with practical examples ================================================================================ Apt-get & apt-cache are the command line **package management** utility in **Ubuntu Linux**. GUI version of apt-get command is the Synaptic Package Manager, in this post we are going to discuss 15 different examples of apt-get & apt-cache commands. @@ -186,4 +188,4 @@ via: http://www.linuxtechi.com/ubuntu-apt-get-apt-cache-commands-examples/ 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 -[a]:http://www.linuxtechi.com/author/pradeep/ \ No newline at end of file +[a]:http://www.linuxtechi.com/author/pradeep/ From 068036a530a4aab7233c4ee5e7a27fbfab0bde66 Mon Sep 17 00:00:00 2001 From: zhengsihua Date: Tue, 6 Jan 2015 18:48:32 +0800 Subject: [PATCH 74/98] deleted --- ...-cache commands with practical examples.md | 191 ------------------ 1 file changed, 191 deletions(-) delete mode 100644 sources/tech/20150105 Ubuntu apt-get and apt-cache commands with practical examples.md diff --git a/sources/tech/20150105 Ubuntu apt-get and apt-cache commands with practical examples.md b/sources/tech/20150105 Ubuntu apt-get and apt-cache commands with practical examples.md deleted file mode 100644 index 90c0724d76..0000000000 --- a/sources/tech/20150105 Ubuntu apt-get and apt-cache commands with practical examples.md +++ /dev/null @@ -1,191 +0,0 @@ -Translating------geekpi - -Ubuntu apt-get & apt-cache commands with practical examples -================================================================================ -Apt-get & apt-cache are the command line **package management** utility in **Ubuntu Linux**. GUI version of apt-get command is the Synaptic Package Manager, in this post we are going to discuss 15 different examples of apt-get & apt-cache commands. - -### Example:1 List of all the available packages ### - - linuxtechi@localhost:~$ apt-cache pkgnames - account-plugin-yahoojp - ceph-fuse - dvd+rw-tools - e3 - gnome-commander-data - grub-gfxpayload-lists - gweled - ....................................... - -### Example:2 Search Packages using keywords ### - -This command is very helpful when you are not sure about package name , just enter the keyword and apt-get command will list packages related to the keyword. - - linuxtechi@localhost:~$ apt-cache search "web server" - apache2 - Apache HTTP Server - apache2-bin - Apache HTTP Server (binary files and modules) - apache2-data - Apache HTTP Server (common files) - apache2-dbg - Apache debugging symbols - apache2-dev - Apache HTTP Server (development headers) - apache2-doc - Apache HTTP Server (on-site documentation) - apache2-utils - Apache HTTP Server (utility programs for web servers) - ...................................................................... - -**Note**: If you have installed “**apt-file**” package then we can also search the package using config files as shown below : - - linuxtechi@localhost:~$ apt-file search nagios.cfg - ganglia-nagios-bridge: /usr/share/doc/ganglia-nagios-bridge/nagios.cfg - nagios3-common: /etc/nagios3/nagios.cfg - nagios3-common: /usr/share/doc/nagios3-common/examples/nagios.cfg.gz - pnp4nagios-bin: /etc/pnp4nagios/nagios.cfg - pnp4nagios-bin: /usr/share/doc/pnp4nagios/examples/nagios.cfg - -### Example:3 Display the basic information of Specific package. ### - - linuxtechi@localhost:~$ apt-cache show postfix - Package: postfix - Priority: optional - Section: mail - Installed-Size: 3524 - Maintainer: LaMont Jones - Architecture: amd64 - Version: 2.11.1-1 - Replaces: mail-transport-agent - Provides: default-mta, mail-transport-agent - ..................................................... - -### Example:4 List the dependency of Package. ### - - linuxtechi@localhost:~$ apt-cache depends postfix - postfix - Depends: libc6 - Depends: libdb5.3 - Depends: libsasl2-2 - Depends: libsqlite3-0 - Depends: libssl1.0.0 - |Depends: debconf - Depends: - cdebconf - debconf - Depends: netbase - Depends: adduser - Depends: dpkg - ............................................ - -### Example:5 Display the Cache Statistics using apt-cache. ### - - linuxtechi@localhost:~$ apt-cache stats - Total package names: 60877 (1,218 k) - Total package structures: 102824 (5,758 k) - Normal packages: 71285 - Pure virtual packages: 1102 - Single virtual packages: 9151 - Mixed virtual packages: 1827 - Missing: 19459 - Total distinct versions: 74913 (5,394 k) - Total distinct descriptions: 93792 (2,251 k) - Total dependencies: 573443 (16.1 M) - Total ver/file relations: 78007 (1,872 k) - Total Desc/File relations: 93792 (2,251 k) - Total Provides mappings: 16583 (332 k) - Total globbed strings: 171 (2,263 ) - Total dependency version space: 2,665 k - Total slack space: 37.3 k - Total space accounted for: 29.5 M - -### Example:6 Update the package repository using “apt-get update” ### - -Using the command “apt-get update” , we can resynchronize the package index files from their sources repository. Package index are retrieved from the file located at “/etc/apt/sources.list” - - linuxtechi@localhost:~$ sudo apt-get update - Ign http://extras.ubuntu.com utopic InRelease - Hit http://extras.ubuntu.com utopic Release.gpg - Hit http://extras.ubuntu.com utopic Release - Hit http://extras.ubuntu.com utopic/main Sources - Hit http://extras.ubuntu.com utopic/main amd64 Packages - Hit http://extras.ubuntu.com utopic/main i386 Packages - Ign http://in.archive.ubuntu.com utopic InRelease - Ign http://in.archive.ubuntu.com utopic-updates InRelease - Ign http://in.archive.ubuntu.com utopic-backports InRelease - ................................................................ - -### Example:7 Install a package using apt-get command. ### - - linuxtechi@localhost:~$ sudo apt-get install icinga - -In the above example we are installing a package named “icinga” - -### Example:8 Upgrade all the Installed Packages ### - - linuxtechi@localhost:~$ sudo apt-get upgrade - -### Example:9 Upgrade a Particular Package. ### - -“install” option along with “–only-upgrade” in apt-get command is used to upgrade a particular package , example is shown below : - - linuxtechi@localhost:~$ sudo apt-get install filezilla --only-upgrade - -### Example:10 Removing a package using apt-get command. ### - - linuxtechi@localhost:~$ sudo apt-get remove skype - -Above command will remove or delete the skype package only , if you want to delete its config files then use the “purge” option in the apt-get command. Example is shown below : - - linuxtechi@localhost:~$ sudo apt-get purge skype - -We can also use the combination of above commands : - - linuxtechi@localhost:~$ sudo apt-get remove --purge skype - -### Example:11 Download the package in the Current Working Directory ### - - linuxtechi@localhost:~$ sudo apt-get download icinga - Get:1 http://in.archive.ubuntu.com/ubuntu/ utopic/universe icinga amd64 1.11.6-1build1 [1,474 B] - Fetched 1,474 B in 1s (1,363 B/s) - -Above command will download icinga package in your current working directory. - -### Example:12 Clear disk Space used by retrieved package files. ### - - linuxtechi@localhost:~$ sudo apt-get clean - -Above Command will clear the disk space used by apt-get command while retrieving(download) packages. - -We can also use “**autoclean**” option in place of “**clean**“, the main difference between them is that autoclean removes package files that can no longer be downloaded, and are largely useless. - - linuxtechi@localhost:~$ sudo apt-get autoclean - Reading package lists... Done - Building dependency tree - Reading state information... Done - -### Example:13 Remove Packages using “autoremove” option. ### - -When we use “autoremove” option with apt-get command , then it will remove the packages that were installed to satisfy the dependency of other packages and are now no longer needed or used. - - linuxtechi@localhost:~$ sudo apt-get autoremove icinga - -### Example:14 Display Changelog of a Package. ### - - linuxtechi@localhost:~$ sudo apt-get changelog apache2 - Get:1 Changelog for apache2 (http://changelogs.ubuntu.com/changelogs/pool/main/a/apache2/apache2_2.4.10-1ubuntu1/changelog) [195 kB] - Fetched 195 kB in 3s (60.9 kB/s) - -Above Command will download the changelog of apache2 package and will display through sensible-pager on your screen. - -### Example:15 List broken dependencies using “check” option ### - - linuxtechi@localhost:~$ sudo apt-get check - Reading package lists... Done - Building dependency tree - Reading state information... Done - --------------------------------------------------------------------------------- - -via: http://www.linuxtechi.com/ubuntu-apt-get-apt-cache-commands-examples/ - -作者:[Pradeep Kumar][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 - -[a]:http://www.linuxtechi.com/author/pradeep/ From 21b9f1dbc216fc0cc667b0ac7e4cb2cf789e2c92 Mon Sep 17 00:00:00 2001 From: zhengsihua Date: Tue, 6 Jan 2015 18:56:05 +0800 Subject: [PATCH 75/98] translated --- ...-cache commands with practical examples.md | 189 ++++++++++++++++++ 1 file changed, 189 insertions(+) create mode 100644 translated/tech/20150105 Ubuntu apt-get and apt-cache commands with practical examples.md diff --git a/translated/tech/20150105 Ubuntu apt-get and apt-cache commands with practical examples.md b/translated/tech/20150105 Ubuntu apt-get and apt-cache commands with practical examples.md new file mode 100644 index 0000000000..7574a065f8 --- /dev/null +++ b/translated/tech/20150105 Ubuntu apt-get and apt-cache commands with practical examples.md @@ -0,0 +1,189 @@ +实例展示Ubuntu中apt-get和apt-cache命令的使用 +================================================================================ +apt-get和apt-cache是**Ubuntu Linux**中的命令行下的**包管理**工具。 apt-get的GUI版本是Synaptic包管理器,本篇中我们会讨论apt-get和apt-cache命令的不同。 + +### 示例:1 列出所有可用包 ### + + linuxtechi@localhost:~$ apt-cache pkgnames + account-plugin-yahoojp + ceph-fuse + dvd+rw-tools + e3 + gnome-commander-data + grub-gfxpayload-lists + gweled + ....................................... + +### 示例:2 用关键字搜索包 ### + +这个命令在你不确定包名时很有用,只要在apt-cache(这里原文是apt-get,应为笔误)后面输入与包相关的关键字即可/ + + linuxtechi@localhost:~$ apt-cache search "web server" + apache2 - Apache HTTP Server + apache2-bin - Apache HTTP Server (binary files and modules) + apache2-data - Apache HTTP Server (common files) + apache2-dbg - Apache debugging symbols + apache2-dev - Apache HTTP Server (development headers) + apache2-doc - Apache HTTP Server (on-site documentation) + apache2-utils - Apache HTTP Server (utility programs for web servers) + ...................................................................... + +**注意**: 如果你安装了“**apt-file**”包,我们就可以像下面那样用配置文件搜索包。 + + linuxtechi@localhost:~$ apt-file search nagios.cfg + ganglia-nagios-bridge: /usr/share/doc/ganglia-nagios-bridge/nagios.cfg + nagios3-common: /etc/nagios3/nagios.cfg + nagios3-common: /usr/share/doc/nagios3-common/examples/nagios.cfg.gz + pnp4nagios-bin: /etc/pnp4nagios/nagios.cfg + pnp4nagios-bin: /usr/share/doc/pnp4nagios/examples/nagios.cfg + +### 示例:3 显示特定包的基本信息 ### + + linuxtechi@localhost:~$ apt-cache show postfix + Package: postfix + Priority: optional + Section: mail + Installed-Size: 3524 + Maintainer: LaMont Jones + Architecture: amd64 + Version: 2.11.1-1 + Replaces: mail-transport-agent + Provides: default-mta, mail-transport-agent + ..................................................... + +### 示例:4 列出包的依赖 ### + + linuxtechi@localhost:~$ apt-cache depends postfix + postfix + Depends: libc6 + Depends: libdb5.3 + Depends: libsasl2-2 + Depends: libsqlite3-0 + Depends: libssl1.0.0 + |Depends: debconf + Depends: + cdebconf + debconf + Depends: netbase + Depends: adduser + Depends: dpkg + ............................................ + +### 示例:5 使用apt-cache显示缓存统计 ### + + linuxtechi@localhost:~$ apt-cache stats + Total package names: 60877 (1,218 k) + Total package structures: 102824 (5,758 k) + Normal packages: 71285 + Pure virtual packages: 1102 + Single virtual packages: 9151 + Mixed virtual packages: 1827 + Missing: 19459 + Total distinct versions: 74913 (5,394 k) + Total distinct descriptions: 93792 (2,251 k) + Total dependencies: 573443 (16.1 M) + Total ver/file relations: 78007 (1,872 k) + Total Desc/File relations: 93792 (2,251 k) + Total Provides mappings: 16583 (332 k) + Total globbed strings: 171 (2,263 ) + Total dependency version space: 2,665 k + Total slack space: 37.3 k + Total space accounted for: 29.5 M + +### 示例:6 使用 “apt-get update” 更新仓库 ### + +使用命令“apt-get update”, 我们可以重新从源仓库中同步文件索引。包的索引从“/etc/apt/sources.list”中检索 + + linuxtechi@localhost:~$ sudo apt-get update + Ign http://extras.ubuntu.com utopic InRelease + Hit http://extras.ubuntu.com utopic Release.gpg + Hit http://extras.ubuntu.com utopic Release + Hit http://extras.ubuntu.com utopic/main Sources + Hit http://extras.ubuntu.com utopic/main amd64 Packages + Hit http://extras.ubuntu.com utopic/main i386 Packages + Ign http://in.archive.ubuntu.com utopic InRelease + Ign http://in.archive.ubuntu.com utopic-updates InRelease + Ign http://in.archive.ubuntu.com utopic-backports InRelease + ................................................................ + +### 示例:7 使用apt-get安装包 ### + + linuxtechi@localhost:~$ sudo apt-get install icinga + +上面的命令会安装叫“icinga”的包。 + +### 示例:8 升级所有已安装的包 ### + + linuxtechi@localhost:~$ sudo apt-get upgrade + +### 示例:9 更新特定的包 ### + +在apt-get命令中的“install”选项后面接上“-only-upgrade”用来更新一个特定的包,如下所示: + + linuxtechi@localhost:~$ sudo apt-get install filezilla --only-upgrade + +### 示例:10 使用apt-get卸载包 ### + + linuxtechi@localhost:~$ sudo apt-get remove skype + +上面的命令只会删除skype包,如果你想要删除它的配置文件,在apt-get命令中使用“purge”选项。如下所示: + + linuxtechi@localhost:~$ sudo apt-get purge skype + +我们可以结合使用上面的两个命令: + + linuxtechi@localhost:~$ sudo apt-get remove --purge skype + +### 示例:11 在当前的目录中下载包 ### + + linuxtechi@localhost:~$ sudo apt-get download icinga + Get:1 http://in.archive.ubuntu.com/ubuntu/ utopic/universe icinga amd64 1.11.6-1build1 [1,474 B] + Fetched 1,474 B in 1s (1,363 B/s) + +上面的目录会从你当前的目录下载icinga包。 + +### 示例:12 清理本地包占用的磁盘空间 ### + + linuxtechi@localhost:~$ sudo apt-get clean + +上面的命令会清零apt-get在下载包时占用的磁盘空间。 + +我们也可以使用“**autoclean**”选项来代替“**clean**“,两者之间主要的区别是autoclean清理不再使用且没用的下载。 + + linuxtechi@localhost:~$ sudo apt-get autoclean + Reading package lists... Done + Building dependency tree + Reading state information... Done + +### 示例:13 使用“autoremove”删除包 ### + +当在apt-get命令中使用“autoremove”时,它会删除为了满足依赖而安装且现在没用的包。 + + linuxtechi@localhost:~$ sudo apt-get autoremove icinga + +### 示例:14 显示包的更新日志 ### + + linuxtechi@localhost:~$ sudo apt-get changelog apache2 + Get:1 Changelog for apache2 (http://changelogs.ubuntu.com/changelogs/pool/main/a/apache2/apache2_2.4.10-1ubuntu1/changelog) [195 kB] + Fetched 195 kB in 3s (60.9 kB/s) + +上面的命令会下载apache2的更新日志,并在你屏幕上显示。 + +### 示例15 使用 “check” 选项显示损坏的依赖 ### + + linuxtechi@localhost:~$ sudo apt-get check + Reading package lists... Done + Building dependency tree + Reading state information... Done + +-------------------------------------------------------------------------------- + +via: http://www.linuxtechi.com/ubuntu-apt-get-apt-cache-commands-examples/ + +作者:[Pradeep Kumar][a] +译者:[geekpi](https://github.com/geekpi) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:http://www.linuxtechi.com/author/pradeep/ From 8037854bae15996a4d79fa11cb6f346d36a93fd2 Mon Sep 17 00:00:00 2001 From: tinyeyeser Date: Wed, 7 Jan 2015 09:37:18 +0800 Subject: [PATCH 76/98] =?UTF-8?q?=E7=BF=BB=E8=AF=91=E4=B8=AD=20by=E5=B0=8F?= =?UTF-8?q?=E7=9C=BC=E5=84=BF?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- sources/tech/20150104 Docker Image Insecurity.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/sources/tech/20150104 Docker Image Insecurity.md b/sources/tech/20150104 Docker Image Insecurity.md index 261718f9c8..6e68dca0c4 100644 --- a/sources/tech/20150104 Docker Image Insecurity.md +++ b/sources/tech/20150104 Docker Image Insecurity.md @@ -1,3 +1,5 @@ +翻译中 by小眼儿 + Docker Image Insecurity ================================================================================ Recently while downloading an “official” container image with Docker I saw this line: @@ -129,4 +131,4 @@ via: https://titanous.com/posts/docker-insecurity [24]:https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9356 [25]:https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9357 [26]:https://groups.google.com/d/topic/docker-user/nFAz-B-n4Bw/discussion -[27]:https://docs.google.com/document/d/1JfWNzfwptsMgSx82QyWH_Aj0DRKyZKxYQ1aursxNorg/edit?pli=1 \ No newline at end of file +[27]:https://docs.google.com/document/d/1JfWNzfwptsMgSx82QyWH_Aj0DRKyZKxYQ1aursxNorg/edit?pli=1 From d6a5e14d67ff33806c3b10edef5a6af6d710f996 Mon Sep 17 00:00:00 2001 From: H-mudcup Date: Wed, 7 Jan 2015 10:16:16 +0800 Subject: [PATCH 77/98] Delete 20141106 Tomahawk Music Player Returns With New Look, Features.md --- ... Player Returns With New Look, Features.md | 64 ------------------- 1 file changed, 64 deletions(-) delete mode 100644 sources/share/20141106 Tomahawk Music Player Returns With New Look, Features.md diff --git a/sources/share/20141106 Tomahawk Music Player Returns With New Look, Features.md b/sources/share/20141106 Tomahawk Music Player Returns With New Look, Features.md deleted file mode 100644 index d355f04418..0000000000 --- a/sources/share/20141106 Tomahawk Music Player Returns With New Look, Features.md +++ /dev/null @@ -1,64 +0,0 @@ -Translating by H-mudcup - -Tomahawk Music Player Returns With New Look, Features -================================================================================ -**After a quiet year Tomahawk, the Swiss Army knife of music players, is back with a brand new release to sing about. ** - -![](http://www.omgubuntu.co.uk/wp-content/uploads/2014/11/tomahawk-tile-1.jpg) - -Version 0.8 of the open-source and cross-platform app adds **support for more online services**, refreshes its appearance, and doubles down on making sure its innovative social features work flawlessly. - -### Tomahawk — The Best of Both Worlds ### - -Tomahawk marries a traditional app structure with the modernity of our “on demand” culture. It can browse and play music from local libraries as well as online services like Spotify, Grooveshark, and SoundCloud. In its latest release it adds Google Play Music and Beats Music to its roster. - -That may sound cumbersome or confusing on paper but in practice it all works fantastically. - -When you want to play a song, and don’t care where it’s played back from, you just tell Tomahawk the track title and artist and it automatically finds a high-quality version from enabled sources — you don’t need to do anything. - -![](http://i.imgur.com/nk5oixy.jpg) - -The app also sports some additional features, like EchoNest profiling, Last.fm suggestions, and Jabber support so you can ‘play’ friends’ music. There’s also a built-in messaging service so you can quickly share playlists and tracks with others. - -> “This fundamentally different approach to music enables a range of new music consumption and sharing experiences previously not possible,” the project says on its website. And with little else like it, it’s not wrong. - -![Tomahawk supports the Sound Menu](http://www.omgubuntu.co.uk/wp-content/uploads/2014/11/tomahawk-controllers.jpg) - -Tomahawk supports the Sound Menu - -### Tomahawk 0.8 Release Highlights ### - -- New UI -- Support for Beats Music support -- Support for Google Play Music (stored and Play All Access) -- Support for drag and drop iTunes, Spotify, etc. web links -- Now Playing notifications -- Android app (beta) -- Inbox improvements - -### Install Tomahawk 0.8 in Ubuntu ### - -As a big music streaming user I’ll be using the app over the next few days to get a fuller appreciation of the changes on offer. In the mean time, to go hands on for yourself, you can. - -Tomahawk 0.8 is available for Ubuntu 14.04 LTS and Ubuntu 14.10 via an official PPA. - - sudo add-apt-repository ppa:tomahawk/ppa - - sudo apt-get update && sudo apt-get install tomahawk - -Standalone installers, and more information, can be found on the official project website. - -- [Visit the Official Tomahawk Website][1] - --------------------------------------------------------------------------------- - -via: http://www.omgubuntu.co.uk/2014/11/tomahawk-media-player-returns-new-look-features - -作者:[Joey-Elijah Sneddon][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 - -[a]:https://plus.google.com/117485690627814051450/?rel=author -[1]:http://gettomahawk.com/ From 12f4d5b9990adc190dcc68bfd6cff4a5b544ed86 Mon Sep 17 00:00:00 2001 From: H-mudcup Date: Wed, 7 Jan 2015 10:17:51 +0800 Subject: [PATCH 78/98] Create 20141106 Tomahawk Music Player Returns With New Look, Features.md --- ... Player Returns With New Look, Features.md | 63 +++++++++++++++++++ 1 file changed, 63 insertions(+) create mode 100644 translated/share/20141106 Tomahawk Music Player Returns With New Look, Features.md diff --git a/translated/share/20141106 Tomahawk Music Player Returns With New Look, Features.md b/translated/share/20141106 Tomahawk Music Player Returns With New Look, Features.md new file mode 100644 index 0000000000..0194b88257 --- /dev/null +++ b/translated/share/20141106 Tomahawk Music Player Returns With New Look, Features.md @@ -0,0 +1,63 @@ + +Tomahawk音乐播放器带着新形象、新功能回来了 +================================================================================ +**在悄无声息得过了一年之后,Tomahawk——音乐播放器中的瑞士军刀——带着值得歌颂的全新发行版回归了。 ** + +![](http://www.omgubuntu.co.uk/wp-content/uploads/2014/11/tomahawk-tile-1.jpg) + +这个0.8版的开源跨平台应用增添了**更多在线服务的支持**,更新了它的外观,又一次确保了它创新的社交功能完美运行。 + +### Tomahawk——两个世界的极品 ### + +Tomahawk嫁给了一个带有我们的“即时”现代文化的传统应用结构。它可以浏览和播放本地的音乐和Spotify、Grooveshark以及SoundCloud这类的线上音乐。在最新的发行版中,它把Google Play Music和Beats Music列入了它的名册。 + +这可能听着很繁复或令人困惑,但实际上它表现得出奇的好。 + +若你想要播放一首歌,而且不介意它是从哪里来的,你只需告诉Tomahawk音乐的标题和作者,它就会自动从可获取的源里找出高品质版本的音乐——你不需要做任何事。 + +![](http://i.imgur.com/nk5oixy.jpg) + +这个应用还弄了一些附加的功能,比如EchoNest剖析,Last.fm建议,还有对Jabber的支持,这样你就能‘播放’朋友的音乐。它还有一个内置的信息服务,以便于你能和其他人快速的分享播放列表和音乐。 + +>“这种从根本上就与众不同的听音乐的方式,开启了前所未有的音乐的消费和分享体验”,项目的网站上这样写道。而且即便它如此独特,这也没有错。 + +![Tomahawk supports the Sound Menu](http://www.omgubuntu.co.uk/wp-content/uploads/2014/11/tomahawk-controllers.jpg) + +支持声音菜单 + +### Tomahawk0.8发行版的亮点 ### + +- 新的交互界面 +- 对Beats Music的支持 +- 对Google Play Music的支持(保存的和播放全部链接) +- 对拖拽iTunes,Spotify这类网站的链接的支持 +- 正在播放的提示 +- Android应用(测试版) +- 收件箱的改进 + +### 在Ubuntu上安装Tomahawk0.8 ### + +作为一个流媒体音乐的大用户,我会在接下来的几天里体验一下这个应用软件,然后提供一个关于他的改变的更全面的赏析。与此同时,你也可以尝尝鲜。 + +在Ubuntu 14.04 LTS和Ubuntu 14.10上可以通过官方PPA获得Tomahawk。 + + sudo add-apt-repository ppa:tomahawk/ppa + + sudo apt-get update && sudo apt-get install tomahawk + +在官方项目网站上可以找的独立安装程序和更详细的信息。 + +- [Visit the Official Tomahawk Website][1] + +-------------------------------------------------------------------------------- + +via: http://www.omgubuntu.co.uk/2014/11/tomahawk-media-player-returns-new-look-features + +作者:[Joey-Elijah Sneddon][a] +译者:[H-mudcup](https://github.com/H-mudcup) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:https://plus.google.com/117485690627814051450/?rel=author +[1]:http://gettomahawk.com/ From 75e55d791c62439fc0b5fdc3d723a8b086830059 Mon Sep 17 00:00:00 2001 From: tinyeyeser Date: Wed, 7 Jan 2015 10:23:43 +0800 Subject: [PATCH 79/98] =?UTF-8?q?=E5=B7=B2=E6=A0=A1=E5=AF=B9=20by=E5=B0=8F?= =?UTF-8?q?=E7=9C=BC=E5=84=BF?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ...with IPv4 and Why we are moving to IPv6.md | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/translated/talk/20140912 What' s wrong with IPv4 and Why we are moving to IPv6.md b/translated/talk/20140912 What' s wrong with IPv4 and Why we are moving to IPv6.md index 902765e77a..b5c420b21a 100644 --- a/translated/talk/20140912 What' s wrong with IPv4 and Why we are moving to IPv6.md +++ b/translated/talk/20140912 What' s wrong with IPv4 and Why we are moving to IPv6.md @@ -2,7 +2,7 @@ IPv6:IPv4犯的罪,为什么要我来弥补 ================================================================================ (LCTT:标题党了一把,哈哈哈好过瘾,求不拍砖) -在过去的十年间,IPv6 本来应该得到很大的发展,但事实上这种好事并没有降临。由此导致了一个结果,那就是大部分人都不了解 IPv6 的一些知识:它是什么,怎么使用,以及,为什么它会存在?(LCTT:这是要回答蒙田的“我是谁”哲学思考题吗?) +在过去的十年间,IPv6 本来应该得到很大的发展,但事实上这种好事并没有降临。由此导致了一个结果,那就是大部分人都不了解 IPv6 的一些知识:它是什么,怎么使用,以及,为什么它会存在? ![IPv4 and IPv6 Comparison](http://www.tecmint.com/wp-content/uploads/2014/09/ipv4-ipv6.gif) @@ -12,15 +12,15 @@ IPv4 和 IPv6 的区别 自从1981年发布了 RFC 791 标准以来我们就一直在使用 **IPv4**。在那个时候,电脑又大又贵还不多见,而 IPv4 号称能提供**40亿条 IP 地址**,在当时看来,这个数字好大好大。不幸的是,这么多的 IP 地址并没有被充分利用起来,地址与地址之间存在间隙。举个例子,一家公司可能有**254(2^8-2)**条地址,但只使用其中的25条,剩下的229条被空占着,以备将来之需。于是这些空闲着的地址不能服务于真正需要它们的用户,原因就是网络路由规则的限制。最终的结果是在1981年看起来那个好大好大的数字,在2014年看起来变得好小好小。 -互联网工程任务组(**IETF**)在90年代指出了这个问题,并提供了两套解决方案:无类型域间选路(**CIDR**)以及私有地址。在 CIDR 出现之前,你只能选择三种网络地址长度:**24 位** (共可用16,777,214个地址), **20位** (共可用1,048,574个地址)以及**16位** (共可用65,534个地址)。CIDR 出现之后,你可以将一个网络再划分成多个子网。 +互联网工程任务组(**IETF**)在90年代初指出了这个问题,并提供了两套解决方案:无类型域间选路(**CIDR**)以及私有IP地址。在 CIDR 出现之前,你只能选择三种网络地址长度:**24 位** (共16,777,214个可用地址), **20位** (共1,048,574个可用地址)以及**16位** (共65,534个可用地址)。CIDR 出现之后,你可以将一个网络再划分成多个子网。 举个例子,如果你需要**5个 IP 地址**,你的 ISP 会为你提供一个子网,里面的主机地址长度为3位,也就是说你最多能得到**6个地址**(LCTT:抛开子网的网络号,3位主机地址长度可以表示0~7共8个地址,但第0个和第7个有特殊用途,不能被用户使用,所以你最多能得到6个地址)。这种方法让 ISP 能尽最大效率分配 IP 地址。“私有地址”这套解决方案的效果是,你可以自己创建一个网络,里面的主机可以访问外网的主机,但外网的主机很难访问到你创建的那个网络上的主机,因为你的网络是私有的、别人不可见的。你可以创建一个非常大的网络,因为你可以使用16,777,214个主机地址,并且你可以将这个网络分割成更小的子网,方便自己管理。 也许你现在正在使用私有地址。看看你自己的 IP 地址,如果这个地址在这些范围内:**10.0.0.0 – 10.255.255.255**、**172.16.0.0 – 172.31.255.255**或**192.168.0.0 – 192.168.255.255**,就说明你在使用私有地址。这两套方案有效地将“IP 地址用尽”这个灾难延迟了好长时间,但这毕竟只是权宜之计,现在我们正面临最终的审判。 -**IPv4** 还有另外一个问题,那就是这个协议的消息头长度可变。如果数据通过软件来路由,这个问题还好说。但现在路由器功能都是由硬件提供的,处理变长消息头对硬件来说是一件困难的事情。一个大的路由器需要处理来自世界各地的大量数据包,这个时候路由器的负载是非常大的。所以很明显,我们需要固定消息头的长度。 +**IPv4** 还有另外一个问题,那就是这个协议的消息头长度可变。如果数据的路由通过软件来实现,这个问题还好说。但现在路由器功能都是由硬件提供的,处理变长消息头对硬件来说是一件困难的事情。一个大的路由器需要处理来自世界各地的大量数据包,这个时候路由器的负载是非常大的。所以很明显,我们需要固定消息头的长度。 -还有一个问题,在分配 IP 地址的时候,美国人发了因特网(LCTT:这个万恶的资本主义国家占用了大量 IP 地址)。其他国家只得到了 IP 地址的碎片。我们需要重新定制一个架构,让连续的 IP 地址能在地理位置上集中分布,这样一来路由表可以做的更小(LCTT:想想吧,网速肯定更快)。 +在分配 IP 地址的同时,还有一个问题,因特网是美国人发明的(LCTT:这个万恶的资本主义国家占用了大量 IP 地址)。其他国家只得到了 IP 地址的碎片。我们需要重新定制一个架构,让连续的 IP 地址能在地理位置上集中分布,这样一来路由表可以做的更小(LCTT:想想吧,网速肯定更快)。 还有一个问题,这个问题你听起来可能还不大相信,就是 IPv4 配置起来比较困难,而且还不好改变。你可能不会碰到这个问题,因为你的路由器为你做了这些事情,不用你去操心。但是你的 ISP 对此一直是很头疼的。 @@ -31,7 +31,7 @@ IPv4 和 IPv6 的区别 **IETF** 在1995年12月公布了下一代 IP 地址标准,名字叫 IPv6,为什么不是 IPv5?因为某个错误原因,“版本5”这个编号被其他项目用去了。IPv6 的优点如下: - 128位地址长度(共有3.402823669×10³⁸个地址) -- 这个架构下的地址在逻辑上聚合 +- 其架构下的地址在逻辑上聚合 - 消息头长度固定 - 支持自动配置和修改你的网络。 @@ -43,7 +43,7 @@ IPv4 和 IPv6 的区别 #### 聚合 #### -有这么多的地址,这个地址可以被稀稀拉拉地分配给主机,从而更高效地路由数据包。算一笔帐啊,你的 ISP 拿到一个**80位**地址长度的网络空间,其中16位是 ISP 的子网地址,剩下64位分给你作为主机地址。这样一来,你的 ISP 可以分配65,534个子网。 +有这么多的地址,这些地址可以被稀稀拉拉地分配给主机,从而更高效地路由数据包。算一笔帐啊,你的 ISP 拿到一个**80位**地址长度的网络空间,其中16位是 ISP 的子网地址,剩下64位分给你作为主机地址。这样一来,你的 ISP 可以分配65,534个子网。 然而,这些地址分配不是一成不变地,如果 ISP 想拥有更多的小子网,完全可以做到(当然,土豪 ISP 可能会要求再来一个80位网络空间)。最高的48位地址是相互独立地,也就是说 ISP 与 ISP 之间虽然可能分到相同地80位网络空间,但是这两个空间是相互隔离的,好处就是一个网络空间里面的地址会聚合在一起。 @@ -51,7 +51,7 @@ IPv4 和 IPv6 的区别 **IPv4** 消息头长度可变,但 **IPv6** 消息头长度被固定为40字节。IPv4 会由于额外的参数导致消息头变长,IPv6 中,如果有额外参数,这些信息会被放到一个紧挨着消息头的地方,不会被路由器处理,当消息到达目的地时,这些额外参数会被软件提取出来。 -IPv6 消息头有一个部分叫“flow”,是一个20位伪随机数,用于简化路由器对数据包地路由过程。如果一个数据包存在“flow”,路由器就可以根据这个值作为索引查找路由表,不必慢吞吞地遍历整张路由表来查询路由路径。这个优点使 **IPv6** 更容易被路由。 +IPv6 消息头有一个部分叫“flow”,是一个20位伪随机数,用于简化路由器对数据包的路由过程。如果一个数据包存在“flow”,路由器就可以根据这个值作为索引查找路由表,不必慢吞吞地遍历整张路由表来查询路由路径。这个优点使 **IPv6** 更容易被路由。 #### 自动配置 #### @@ -63,11 +63,11 @@ IPv6 自动配置还不是一个完整地解决方案。想要有效地使用互 #### 唯一的大问题 #### -如果 IPv6 真的比 IPv4 好那么多,为什么它还没有被广泛使用起来(Google 在**2014年5月份**估计 IPv6 的市场占有率为**4%**)?一个最基本的原因是“先有鸡还是先有蛋”问题,用户需要让自己的服务器能为尽可能多的客户提供服务,这就意味着他们必须部署一个 **IPv4** 地址。 +如果 IPv6 真的比 IPv4 好那么多,为什么它还没有被广泛使用起来(Google 在**2014年5月份**估计 IPv6 的市场占有率为**4%**)?一个最基本的原因是“先有鸡还是先有蛋”。服务商想让自己的服务器为尽可能多的客户提供服务,这就意味着他们必须部署一个 **IPv4** 地址。 当然,他们可以同时使用 IPv4 和 IPv6 两套地址,但很少有客户会用到 IPv6,并且你还需要对你的软件做一些小修改来适应 IPv6。另外比较头疼的一点是,很多家庭的路由器压根不支持 IPv6。还有就是 ISP 也不愿意支持 IPv6,我问过我的 ISP 这个问题,得到的回答是:只有客户明确指出要部署这个时,他们才会用 IPv6。然后我问了现在有多少人有这个需求,答案是:包括我在内,共有1个。 -与这种现实状况呈明显对比的是,所有主流操作系统:Windows、OS X、Linux 都默认支持 IPv6 好多年了。这些操作系统甚至提供软件让 IPv6 的数据包披上 IPv4 的皮来骗过那些会丢弃 IPv6 数据包的主机,从而达到传输数据的目的(LCTT:呃,这是高科技偷渡?)。 +与这种现实状况呈明显对比的是,所有主流操作系统:Windows、OS X、Linux 都默认支持 IPv6 好多年了。这些操作系统甚至提供软件让 IPv6 的数据包披上 IPv4 的皮来骗过那些会丢弃 IPv6 数据包的主机,从而达到传输数据的目的。 #### 总结 #### @@ -81,7 +81,7 @@ via: http://www.tecmint.com/ipv4-and-ipv6-comparison/ 作者:[Jeff Silverman][a] 译者:[bazz2](https://github.com/bazz2) -校对:[校对者ID](https://github.com/校对者ID) +校对:[Mr小眼儿](https://github.com/tinyeyeser) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 From 145b91641fd1acb24b73905d4ae6e3202c359209 Mon Sep 17 00:00:00 2001 From: wxy Date: Wed, 7 Jan 2015 13:45:45 +0800 Subject: [PATCH 80/98] PUB:20140912 What' s wrong with IPv4 and Why we are moving to IPv6 @bazz2 --- ...t' s wrong with IPv4 and Why we are moving to IPv6.md | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) rename {translated/talk => published}/20140912 What' s wrong with IPv4 and Why we are moving to IPv6.md (96%) diff --git a/translated/talk/20140912 What' s wrong with IPv4 and Why we are moving to IPv6.md b/published/20140912 What' s wrong with IPv4 and Why we are moving to IPv6.md similarity index 96% rename from translated/talk/20140912 What' s wrong with IPv4 and Why we are moving to IPv6.md rename to published/20140912 What' s wrong with IPv4 and Why we are moving to IPv6.md index b5c420b21a..da89601580 100644 --- a/translated/talk/20140912 What' s wrong with IPv4 and Why we are moving to IPv6.md +++ b/published/20140912 What' s wrong with IPv4 and Why we are moving to IPv6.md @@ -1,6 +1,5 @@ -IPv6:IPv4犯的罪,为什么要我来弥补 +IPv6:IPv4犯的错,为什么要我来弥补 ================================================================================ -(LCTT:标题党了一把,哈哈哈好过瘾,求不拍砖) 在过去的十年间,IPv6 本来应该得到很大的发展,但事实上这种好事并没有降临。由此导致了一个结果,那就是大部分人都不了解 IPv6 的一些知识:它是什么,怎么使用,以及,为什么它会存在? @@ -28,7 +27,7 @@ IPv4 和 IPv6 的区别 ### IPv6 和它的优点 ### -**IETF** 在1995年12月公布了下一代 IP 地址标准,名字叫 IPv6,为什么不是 IPv5?因为某个错误原因,“版本5”这个编号被其他项目用去了。IPv6 的优点如下: +**IETF** 在1995年12月公布了下一代 IP 地址标准,名字叫 IPv6,为什么不是 IPv5?→_→ 因为某个错误原因,“版本5”这个编号被其他项目用去了。IPv6 的优点如下: - 128位地址长度(共有3.402823669×10³⁸个地址) - 其架构下的地址在逻辑上聚合 @@ -57,7 +56,7 @@ IPv6 消息头有一个部分叫“flow”,是一个20位伪随机数,用于 **IPv6** 中,当主机开机时,会检查本地网络,看看有没有其他主机使用了自己的 IP 地址。如果地址没有被使用,就接着查询本地的 IPv6 路由器,找到后就向它请求一个 IPv6 地址。然后这台主机就可以连上互联网了 —— 它有自己的 IP 地址,和自己的默认路由器。 -如果这台默认路由器当机,主机就会接着找其他路由器,作为备用路由器。这个功能在 IPv4 协议里实现起来非常困难。同样地,假如路由器想改变自己的地址,自己改掉就好了。主机会自动搜索路由器,并自动更新路由器地址。路由器会同时保存新老地址,直到所有主机都把自己地路由器地址更新成新地址。 +如果这台默认路由器宕机,主机就会接着找其他路由器,作为备用路由器。这个功能在 IPv4 协议里实现起来非常困难。同样地,假如路由器想改变自己的地址,自己改掉就好了。主机会自动搜索路由器,并自动更新路由器地址。路由器会同时保存新老地址,直到所有主机都把自己地路由器地址更新成新地址。 IPv6 自动配置还不是一个完整地解决方案。想要有效地使用互联网,一台主机还需要另外的东西:域名服务器、时间同步服务器、或者还需要一台文件服务器。于是 **dhcp6** 出现了,提供与 dhcp 一样的服务,唯一的区别是 dhcp6 的机器可以在可路由的状态下启动,一个 dhcp 进程可以为大量网络提供服务。 @@ -69,7 +68,7 @@ IPv6 自动配置还不是一个完整地解决方案。想要有效地使用互 与这种现实状况呈明显对比的是,所有主流操作系统:Windows、OS X、Linux 都默认支持 IPv6 好多年了。这些操作系统甚至提供软件让 IPv6 的数据包披上 IPv4 的皮来骗过那些会丢弃 IPv6 数据包的主机,从而达到传输数据的目的。 -#### 总结 #### +### 总结 ### IPv4 已经为我们服务了好长时间。但是它的缺陷会在不远的将来遭遇不可克服的困难。IPv6 通过改变地址分配规则、简化数据包路由过程、简化首次加入网络时的配置过程等策略,可以完美解决这个问题。 From 13ad0b8f4402599a2b3dce71913a7be17d0d071e Mon Sep 17 00:00:00 2001 From: wxy Date: Wed, 7 Jan 2015 14:01:23 +0800 Subject: [PATCH 81/98] PUB:20141013 How to configure peer-to-peer VPN on Linux @felixonmars --- .../20141013 How to configure peer-to-peer VPN on Linux.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename {translated/tech => published}/20141013 How to configure peer-to-peer VPN on Linux.md (99%) diff --git a/translated/tech/20141013 How to configure peer-to-peer VPN on Linux.md b/published/20141013 How to configure peer-to-peer VPN on Linux.md similarity index 99% rename from translated/tech/20141013 How to configure peer-to-peer VPN on Linux.md rename to published/20141013 How to configure peer-to-peer VPN on Linux.md index 5dfda8f688..4728bff895 100644 --- a/translated/tech/20141013 How to configure peer-to-peer VPN on Linux.md +++ b/published/20141013 How to configure peer-to-peer VPN on Linux.md @@ -95,7 +95,7 @@ via: http://xmodulo.com/configure-peer-to-peer-vpn-linux.html 作者:[Dan Nanni][a] 译者:[felixonmars](https://github.com/felixonmars) -校对:[校对者ID](https://github.com/校对者ID) +校对:[wxy](https://github.com/wxy) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 From 51c42753fcaabce184d2e242bdae05b4ec1f46ce Mon Sep 17 00:00:00 2001 From: wxy Date: Wed, 7 Jan 2015 15:50:03 +0800 Subject: [PATCH 82/98] PUB:20141023 How to turn your CentOS box into a BGP router using Quagga @disylee --- ...ntOS box into a BGP router using Quagga.md | 324 ++++++++++++++++ ...ntOS box into a BGP router using Quagga.md | 365 ------------------ 2 files changed, 324 insertions(+), 365 deletions(-) create mode 100644 published/20141023 How to turn your CentOS box into a BGP router using Quagga.md delete mode 100644 translated/tech/20141023 How to turn your CentOS box into a BGP router using Quagga.md diff --git a/published/20141023 How to turn your CentOS box into a BGP router using Quagga.md b/published/20141023 How to turn your CentOS box into a BGP router using Quagga.md new file mode 100644 index 0000000000..7aa80fa3a3 --- /dev/null +++ b/published/20141023 How to turn your CentOS box into a BGP router using Quagga.md @@ -0,0 +1,324 @@ +使用 Quagga 将你的 CentOS 系统变成一个 BGP 路由器 +================================================================================ + +在[之前的教程中][1],我对如何简单地使用Quagga把CentOS系统变成一个不折不扣地OSPF路由器做了一些介绍。Quagga是一个开源路由软件套件。在这个教程中,我将会重点讲讲**如何把一个Linux系统变成一个BGP路由器,还是使用Quagga**,演示如何建立BGP与其它BGP路由器对等。 + +在我们进入细节之前,一些BGP的背景知识还是必要的。边界网关协议(即BGP)是互联网的域间路由协议的实际标准。在BGP术语中,全球互联网是由成千上万相关联的自治系统(AS)组成,其中每一个AS代表每一个特定运营商提供的一个网络管理域([据说][2],美国前总统乔治.布什都有自己的 AS 编号)。 + +为了使其网络在全球范围内路由可达,每一个AS需要知道如何在英特网中到达其它的AS。这时候就需要BGP出来扮演这个角色了。BGP是一个AS去与相邻的AS交换路由信息的语言。这些路由信息通常被称为BGP线路或者BGP前缀。包括AS号(ASN;全球唯一号码)以及相关的IP地址块。一旦所有的BGP线路被当地的BGP路由表学习和记录,每一个AS将会知道如何到达互联网的任何公网IP。 + +在不同域(AS)之间路由的能力是BGP被称为外部网关协议(EGP)或者域间协议的主要原因。就如一些路由协议,例如OSPF、IS-IS、RIP和EIGRP都是内部网关协议(IGPs)或者域内路由协议,用于处理一个域内的路由. + +### 测试方案 ### + +在这个教程中,让我们来使用以下拓扑。 + +![](https://farm6.staticflickr.com/5598/15603223841_4c76343313_z.jpg) + +我们假设运营商A想要建立一个BGP来与运营商B对等交换路由。它们的AS号和IP地址空间的细节如下所示: + +- **运营商 A**: ASN (100), IP地址空间 (100.100.0.0/22), 分配给BGP路由器eth1网卡的IP地址(100.100.1.1) + +- **运营商 B**: ASN (200), IP地址空间 (200.200.0.0/22), 分配给BGP路由器eth1网卡的IP地址(200.200.1.1) + +路由器A和路由器B使用100.100.0.0/30子网来连接到对方。从理论上来说,任何子网从运营商那里都是可达的、可互连的。在真实场景中,建议使用掩码为30位的公网IP地址空间来实现运营商A和运营商B之间的连通。 + +### 在 CentOS中安装Quagga ### + +如果Quagga还没安装好,我们可以使用yum来安装Quagga。 + + # yum install quagga + +如果你正在使用的是CentOS7系统,你需要应用一下策略来设置SELinux。否则,SElinux将会阻止Zebra守护进程写入它的配置目录。如果你正在使用的是CentOS6,你可以跳过这一步。 + + # setsebool -P zebra_write_config 1 + +Quagga软件套件包含几个守护进程,这些进程可以协同工作。关于BGP路由,我们将把重点放在建立以下2个守护进程。 + +- **Zebra**:一个核心守护进程用于内核接口和静态路由. +- **BGPd**:一个BGP守护进程. + +### 配置日志记录 ### + +在Quagga被安装后,下一步就是配置Zebra来管理BGP路由器的网络接口。我们通过创建一个Zebra配置文件和启用日志记录来开始第一步。 + + # cp /usr/share/doc/quagga-XXXXX/zebra.conf.sample /etc/quagga/zebra.conf + +在CentOS6系统中: + + # service zebra start + # chkconfig zebra on + +在CentOS7系统中: + + # systemctl start zebra + # systemctl enable zebra + +Quagga提供了一个叫做vtysh特有的命令行工具,你可以输入与路由器厂商(例如Cisco和Juniper)兼容和支持的命令。我们将使用vtysh shell来配置BGP路由在教程的其余部分。 + +启动vtysh shell 命令,输入: + + # vtysh + +提示将被改成该主机名,这表明你是在vtysh shell中。 + + Router-A# + +现在我们将使用以下命令来为Zebra配置日志文件: + + Router-A# configure terminal + Router-A(config)# log file /var/log/quagga/quagga.log + Router-A(config)# exit + +永久保存Zebra配置: + + Router-A# write + +在路由器B操作同样的步骤。 + +### 配置对等的IP地址 ### + +下一步,我们将在可用的接口上配置对等的IP地址。 + + Router-A# show interface #显示接口信息 + +---------- + + Interface eth0 is up, line protocol detection is disabled + . . . . . + Interface eth1 is up, line protocol detection is disabled + . . . . . + +配置eth0接口的参数: + + site-A-RTR# configure terminal + site-A-RTR(config)# interface eth0 + site-A-RTR(config-if)# ip address 100.100.0.1/30 + site-A-RTR(config-if)# description "to Router-B" + site-A-RTR(config-if)# no shutdown + site-A-RTR(config-if)# exit + + +继续配置eth1接口的参数: + + site-A-RTR(config)# interface eth1 + site-A-RTR(config-if)# ip address 100.100.1.1/24 + site-A-RTR(config-if)# description "test ip from provider A network" + site-A-RTR(config-if)# no shutdown + site-A-RTR(config-if)# exit + +现在确认配置: + + Router-A# show interface + +---------- + + Interface eth0 is up, line protocol detection is disabled + Description: "to Router-B" + inet 100.100.0.1/30 broadcast 100.100.0.3 + Interface eth1 is up, line protocol detection is disabled + Description: "test ip from provider A network" + inet 100.100.1.1/24 broadcast 100.100.1.255 + +---------- + + Router-A# show interface description #显示接口描述 + +---------- + + Interface Status Protocol Description + eth0 up unknown "to Router-B" + eth1 up unknown "test ip from provider A network" + + +如果一切看起来正常,别忘记保存配置。 + + Router-A# write + +同样地,在路由器B重复一次配置。 + +在我们继续下一步之前,确认下彼此的IP是可以ping通的。 + + Router-A# ping 100.100.0.2 + +---------- + + PING 100.100.0.2 (100.100.0.2) 56(84) bytes of data. + 64 bytes from 100.100.0.2: icmp_seq=1 ttl=64 time=0.616 ms + +下一步,我们将继续配置BGP对等和前缀设置。 + +### 配置BGP对等 ### + +Quagga守护进程负责BGP的服务叫bgpd。首先我们来准备它的配置文件。 + + # cp /usr/share/doc/quagga-XXXXXXX/bgpd.conf.sample /etc/quagga/bgpd.conf + +在CentOS6系统中: + + # service bgpd start + # chkconfig bgpd on + +在CentOS7中: + + # systemctl start bgpd + # systemctl enable bgpd + +现在,让我们来进入Quagga 的shell。 + + # vtysh + +第一步,我们要确认当前没有已经配置的BGP会话。在一些版本,我们可能会发现一个AS号为7675的BGP会话。由于我们不需要这个会话,所以把它移除。 + + Router-A# show running-config + +---------- + + ... ... ... + router bgp 7675 + bgp router-id 200.200.1.1 + ... ... ... + +我们将移除一些预先配置好的BGP会话,并建立我们所需的会话取而代之。 + + Router-A# configure terminal + Router-A(config)# no router bgp 7675 + Router-A(config)# router bgp 100 + Router-A(config)# no auto-summary + Router-A(config)# no synchronizaiton + Router-A(config-router)# neighbor 100.100.0.2 remote-as 200 + Router-A(config-router)# neighbor 100.100.0.2 description "provider B" + Router-A(config-router)# exit + Router-A(config)# exit + Router-A# write + +路由器B将用同样的方式来进行配置,以下配置提供作为参考。 + + Router-B# configure terminal + Router-B(config)# no router bgp 7675 + Router-B(config)# router bgp 200 + Router-B(config)# no auto-summary + Router-B(config)# no synchronizaiton + Router-B(config-router)# neighbor 100.100.0.1 remote-as 100 + Router-B(config-router)# neighbor 100.100.0.1 description "provider A" + Router-B(config-router)# exit + Router-B(config)# exit + Router-B# write + + +当相关的路由器都被配置好,两台路由器之间的对等将被建立。现在让我们通过运行下面的命令来确认: + + Router-A# show ip bgp summary + +![](https://farm6.staticflickr.com/5614/15420135700_e3568d2e5f_z.jpg) + + +从输出中,我们可以看到"State/PfxRcd"部分。如果对等关闭,输出将会显示"Idle"或者"Active'。请记住,单词'Active'这个词在路由器中总是不好的意思。它意味着路由器正在积极地寻找邻居、前缀或者路由。当对等是up状态,"State/PfxRcd"下的输出状态将会从特殊邻居接收到前缀号。 + +在这个例子的输出中,BGP对等只是在AS100和AS200之间呈up状态。因此没有前缀被更改,所以最右边列的数值是0。 + +### 配置前缀通告 ### + +正如一开始提到,AS 100将以100.100.0.0/22作为通告,在我们的例子中AS 200将同样以200.200.0.0/22作为通告。这些前缀需要被添加到BGP配置如下。 + +在路由器-A中: + + Router-A# configure terminal + Router-A(config)# router bgp 100 + Router-A(config)# network 100.100.0.0/22 + Router-A(config)# exit + Router-A# write + +在路由器-B中: + + Router-B# configure terminal + Router-B(config)# router bgp 200 + Router-B(config)# network 200.200.0.0/22 + Router-B(config)# exit + Router-B# write + +在这一点上,两个路由器会根据需要开始通告前缀。 + +### 测试前缀通告 ### + +首先,让我们来确认前缀的数量是否被改变了。 + + Router-A# show ip bgp summary + +![](https://farm6.staticflickr.com/5608/15419095659_0ebb384eee_z.jpg) + +为了查看所接收的更多前缀细节,我们可以使用以下命令,这个命令用于显示邻居100.100.0.2所接收到的前缀总数。 + + Router-A# show ip bgp neighbors 100.100.0.2 advertised-routes + +![](https://farm6.staticflickr.com/5597/15419618208_4604e5639a_z.jpg) + +查看哪一个前缀是我们从邻居接收到的: + + Router-A# show ip bgp neighbors 100.100.0.2 routes + +![](https://farm4.staticflickr.com/3935/15606556462_e17eae7f49_z.jpg) + +我们也可以查看所有的BGP路由器: + + Router-A# show ip bgp + +![](https://farm6.staticflickr.com/5609/15419618228_5c776423a5_z.jpg) + + +以上的命令都可以被用于检查哪个路由器通过BGP在路由器表中被学习到。 + + Router-A# show ip route + +---------- + + 代码: K - 内核路由, C - 已链接 , S - 静态 , R - 路由信息协议 , O - 开放式最短路径优先协议, + + I - 中间系统到中间系统的路由选择协议, B - 边界网关协议, > - 选择路由, * - FIB 路由 + + C>* 100.100.0.0/30 is directly connected, eth0 + C>* 100.100.1.0/24 is directly connected, eth1 + B>* 200.200.0.0/22 [20/0] via 100.100.0.2, eth0, 00:06:45 + +---------- + + Router-A# show ip route bgp + +---------- + + B>* 200.200.0.0/22 [20/0] via 100.100.0.2, eth0, 00:08:13 + + +BGP学习到的路由也将会在Linux路由表中出现。 + + [root@Router-A~]# ip route + +---------- + + 100.100.0.0/30 dev eth0 proto kernel scope link src 100.100.0.1 + 100.100.1.0/24 dev eth1 proto kernel scope link src 100.100.1.1 + 200.200.0.0/22 via 100.100.0.2 dev eth0 proto zebra + + +最后,我们将使用ping命令来测试连通。结果将成功ping通。 + + [root@Router-A~]# ping 200.200.1.1 -c 2 + + +总而言之,本教程将重点放在如何在CentOS系统中运行一个基本的BGP路由器。这个教程让你开始学习BGP的配置,一些更高级的设置例如设置过滤器、BGP属性调整、本地优先级和预先路径准备等,我将会在后续的教程中覆盖这些主题。 + +希望这篇教程能给大家一些帮助。 + +-------------------------------------------------------------------------------- + +via: http://xmodulo.com/centos-bgp-router-quagga.html + +作者:[Sarmed Rahman][a] +译者:[disylee](https://github.com/disylee) +校对:[wxy](https://github.com/wxy) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:http://xmodulo.com/author/sarmed +[1]:http://linux.cn/article-4232-1.html +[2]:http://weibo.com/3181671860/BngyXxEUF diff --git a/translated/tech/20141023 How to turn your CentOS box into a BGP router using Quagga.md b/translated/tech/20141023 How to turn your CentOS box into a BGP router using Quagga.md deleted file mode 100644 index fbf2665d44..0000000000 --- a/translated/tech/20141023 How to turn your CentOS box into a BGP router using Quagga.md +++ /dev/null @@ -1,365 +0,0 @@ -How to turn your CentOS box into a BGP router using Quagga -如何使用Quagga把你的CentOS系统变成一个BGP路由器? -================================================================================ - - -在[之前的教程中][1](注:此文原文做过,文件名:“20140928 How to turn your CentOS box into an OSPF router using Quagga.md”,如果前面翻译发布了,可以修改此链接),我对如何简单地使用Quagga把CentOS系统变成一个不折不扣地OSPF路由器做了一些描述,Quagga是一个开源路由软件套件.在这个教程中,我将会着重**把一个Linux系统变成一个BGP路由器,又是使用Quagga**,演示如何建立BGP与其它BGP路由器对等. - - -在我们进入细节之前,一些BGP的背景知识还是必要的.边界网关协议(或者BGP)是互联网的域间路由协议的实际标准。在BGP术语中,全球互联网是由成千上万相关联的自治系统(ASE)组成,其中每一个AS代表每一个特定运营商提供的一个网络管理域. - - - -为了使其网络在全球范围内路由可达,每一个AS需要知道如何在英特网中到达其它的AS.这时候BGP出来取代这个角色了.BGP作为一种语言用于一个AS去与相邻的AS交换路由信息的一种工具.这些路由信息通常被称为BGP线路或者BGP前缀,包括AS号(ASN;全球唯一号码)以及相关的IP地址块.一旦所有的BGP线路被当地的BGP路由表学习和填充,每一个AS将会知道如何到达互联网的任何公网IP. - - -路由在不同域(ASes)的能力是BGP被称为外部网关协议(EGP)或者域间协议的主要原因.就如一些路由协议例如OSPF,IS-IS,RIP和EIGRP都是内部网关协议(IGPs)或者域内路由协议. - - -### 测试方案 ### - - -在这个教程中,让我们来关注以下拓扑. - -![](https://farm6.staticflickr.com/5598/15603223841_4c76343313_z.jpg) - - -我们假设运营商A想要建立一个BGP来与运营商B对等交换路由.它们的AS号和IP地址空间登细节如下所示. - -- **运营商 A**: ASN (100), IP地址空间 (100.100.0.0/22), 分配给BGP路由器eth1网卡的IP地址(100.100.1.1) - - -- **运营商 B**: ASN (200), IP地址空间 (200.200.0.0/22), 分配给BGP路由器eth1网卡的IP地址(200.200.1.1) - - -路由器A和路由器B使用100.100.0.0/30子网来连接到对方.从理论上来说,任何子网从运营商那里都是可达的,可互连的.在真实场景中,建议使用掩码为30位的公网IP地址空间来实现运营商A和运营商B之间的连通. - - -### 在 CentOS中安装Quagga ### - -如果Quagga还没被安装,我们可以使用yum来安装Quagga. - - # yum install quagga - - -如果你正在使用的是CentOS7系统,你需要应用一下策略来设置SELinux.否则,SElinux将会阻止Zebra守护进程写入它的配置目录.如果你正在使用的是CentOS6,你可以跳过这一步. - - # setsebool -P zebra_write_config 1 - - - -Quagga软件套件包含几个守护进程,这些进程可以一起工作.关于BGP路由,我们将把重点放在建立一下2个守护进程. - - -- **Zebra**:一个核心守护进程用于内核接口和静态路由. -- **BGPd**:一个BGP守护进程. - - -### 配置日志记录 ### - -在Quagga被安装后,下一步就是配置Zebra来管理BGP路由器的网络接口.我们通过创建一个Zebra配置文件和启用日志记录来开始第一步. - - # cp /usr/share/doc/quagga-XXXXX/zebra.conf.sample /etc/quagga/zebra.conf - - -在CentOS6系统中: - - # service zebra start - # chkconfig zebra on - - -在CentOS7系统中: - # systemctl start zebra - # systemctl enable zebra - - -Quagga提供了一个叫做vtysh特有的命令行工具,你可以输入路由器厂商(例如Cisco和Juniper)兼容和支持的命令.我们将使用vtysh shell来配置BGP路由在教程的其余部分. - -启动vtysh shell 命令,输入: - - # vtysh - - -提示将被改成主机名,这表明你是在vtysh shell中. - - - Router-A# - -现在我们将使用以下命令来为Zebra配置日志文件: - - Router-A# configure terminal - Router-A(config)# log file /var/log/quagga/quagga.log - Router-A(config)# exit - -永久保存Zebra配置: - - Router-A# write - -在路由器B操作同样的步骤. - - -### 配置对等的IP地址 ### - - -下一步,我们将在可用的接口上配置对等的IP地址. - - Router-A# show interface #显示接口信息 - ----------- - - Interface eth0 is up, line protocol detection is disabled - . . . . . - Interface eth1 is up, line protocol detection is disabled - . . . . . - -配置eth0接口的参数: - - site-A-RTR# configure terminal - site-A-RTR(config)# interface eth0 - site-A-RTR(config-if)# ip address 100.100.0.1/30 - site-A-RTR(config-if)# description "to Router-B" - site-A-RTR(config-if)# no shutdown - site-A-RTR(config-if)# exit - - -继续配置eth1接口的参数: - - site-A-RTR(config)# interface eth1 - site-A-RTR(config-if)# ip address 100.100.1.1/24 - site-A-RTR(config-if)# description "test ip from provider A network" - site-A-RTR(config-if)# no shutdown - site-A-RTR(config-if)# exit - -现在确认配置: - - Router-A# show interface - ----------- - - Interface eth0 is up, line protocol detection is disabled - Description: "to Router-B" - inet 100.100.0.1/30 broadcast 100.100.0.3 - Interface eth1 is up, line protocol detection is disabled - Description: "test ip from provider A network" - inet 100.100.1.1/24 broadcast 100.100.1.255 - ----------- - - Router-A# show interface description #现实接口描述 - ----------- - - Interface Status Protocol Description - eth0 up unknown "to Router-B" - eth1 up unknown "test ip from provider A network" - - -如果一切看起来正常,别忘记保存配置. - - Router-A# write - -同样地,在路由器B重复一次配置. - - -在我们继续下一步之前,确认下彼此的IP是可以ping通的. - - Router-A# ping 100.100.0.2 - ----------- - - PING 100.100.0.2 (100.100.0.2) 56(84) bytes of data. - 64 bytes from 100.100.0.2: icmp_seq=1 ttl=64 time=0.616 ms - -下一步,我们将继续配置BGP对等和前缀设置. - - -### 配置BGP对等 ### - - - -Quagga守护进程负责BGP的服务叫bgpd.首先我们来准备它的配置文件. - - # cp /usr/share/doc/quagga-XXXXXXX/bgpd.conf.sample /etc/quagga/bgpd.conf - - -在CentOS6系统中: - - # service bgpd start - # chkconfig bgpd on - - -在CentOS7中 - - # systemctl start bgpd - # systemctl enable bgpd - -现在,让我们来进入Quagga 的shell. - - # vtysh - - -第一步,我们要确认当前没有已经配置的BGP会话.在一些版本,我们可能会发现一个AS号为7675的BGP会话.由于我们不需要这个会话,所以把它移除. - - Router-A# show running-config - ----------- - - ... ... ... - router bgp 7675 - bgp router-id 200.200.1.1 - ... ... ... - - -我们将移除一些预先配置好的BGP会话,并建立我们所需的会话取而代之. - - Router-A# configure terminal - Router-A(config)# no router bgp 7675 - Router-A(config)# router bgp 100 - Router-A(config)# no auto-summary - Router-A(config)# no synchronizaiton - Router-A(config-router)# neighbor 100.100.0.2 remote-as 200 - Router-A(config-router)# neighbor 100.100.0.2 description "provider B" - Router-A(config-router)# exit - Router-A(config)# exit - Router-A# write - - - -路由器B将用同样的方式来进行配置,以下配置提供作为参考. - - Router-B# configure terminal - Router-B(config)# no router bgp 7675 - Router-B(config)# router bgp 200 - Router-B(config)# no auto-summary - Router-B(config)# no synchronizaiton - Router-B(config-router)# neighbor 100.100.0.1 remote-as 100 - Router-B(config-router)# neighbor 100.100.0.1 description "provider A" - Router-B(config-router)# exit - Router-B(config)# exit - Router-B# write - - -当相关的路由器都被配置好,两台路由器之间的对等将被建立.现在让我们通过运行下面的命令来确认: - - Router-A# show ip bgp summary - -![](https://farm6.staticflickr.com/5614/15420135700_e3568d2e5f_z.jpg) - - -从输出中,我们可以看到"State/PfxRcd"部分.如果对等关闭,输出将会现实"空闲"或者"活动'.请记住,单词'Active'这个词在路由器中总是不好的意思.它意味着路由器正在积极地寻找邻居,前缀或者路由.当对等是up状态,"State/PfxRcd"下的输出状态将会从特殊邻居接收到前缀号. - -在这个例子的输出中,BGP对等知识在AS100和AS200之间呈up状态.因此,没有前缀被更改,所以最右边列的数值是0. - - -### 配置前缀通告 ### - -正如一开始提到,AS 100将以100.100.0.0/22作为通告,在我们的例子中AS 200将同样以200.200.0.0/22作为通告.这些前缀需要被添加到BGP配置如下. - -在路由器-A中: - - Router-A# configure terminal - Router-A(config)# router bgp 100 - Router-A(config)# network 100.100.0.0/22 - Router-A(config)# exit - Router-A# write - - -在路由器-B中: - Router-B# configure terminal - Router-B(config)# router bgp 200 - Router-B(config)# network 200.200.0.0/22 - Router-B(config)# exit - Router-B# write - - -在这一点上,两个路由器会根据需要开始通告前缀. - - -### 测试前缀通告 ### - -首先,让我们来确认前缀的数量是否被改变了. - - Router-A# show ip bgp summary - -![](https://farm6.staticflickr.com/5608/15419095659_0ebb384eee_z.jpg) - - - -为了查看所接收的更多前缀细节,我们可以使用一下命令,这个命令用于显示邻居100.100.0.2所接收到的前缀总数. - - Router-A# show ip bgp neighbors 100.100.0.2 advertised-routes - -![](https://farm6.staticflickr.com/5597/15419618208_4604e5639a_z.jpg) - - -查看哪一个前缀是我们从邻居接收到的: - - Router-A# show ip bgp neighbors 100.100.0.2 routes - -![](https://farm4.staticflickr.com/3935/15606556462_e17eae7f49_z.jpg) - - -我们也可以查看所有的BGP路由器: - - Router-A# show ip bgp - -![](https://farm6.staticflickr.com/5609/15419618228_5c776423a5_z.jpg) - - -以上的命令都可以被用于检查哪个路由器通过BGP在路由器表中被学习到. - - Router-A# show ip route - ----------- - - - 代码: K - 内核路由, C - 已链接 , S - 静态 , R - 路由信息协议 , O - 开放式最短路径优先协议, - - - I - 中间系统到中间系统的路由选择协议, B - 边界网关协议, > - 选择路由, * - FIB 路由 - - C>* 100.100.0.0/30 is directly connected, eth0 - C>* 100.100.1.0/24 is directly connected, eth1 - B>* 200.200.0.0/22 [20/0] via 100.100.0.2, eth0, 00:06:45 - ----------- - - Router-A# show ip route bgp - ----------- - - B>* 200.200.0.0/22 [20/0] via 100.100.0.2, eth0, 00:08:13 - - -BGP学习到的路由也将会在Linux路由表中出现. - - [root@Router-A~]# ip route - ----------- - - 100.100.0.0/30 dev eth0 proto kernel scope link src 100.100.0.1 - 100.100.1.0/24 dev eth1 proto kernel scope link src 100.100.1.1 - 200.200.0.0/22 via 100.100.0.2 dev eth0 proto zebra - - -最后,我们将使用ping命令来测试连通.结果将成功ping通. - - [root@Router-A~]# ping 200.200.1.1 -c 2 - - -总而言之,该教程将重点放在如何运行一个基本的BGP在CentOS系统中.当这个教程让你开始BGP的配置,那么一些更高级的设置例如设置过滤器,BGP属性调整,本地优先级和预先路径准备等.我将会在后续的教程中覆盖这些主题. - -希望这篇教程能给大家一些帮助. - --------------------------------------------------------------------------------- - -via: http://xmodulo.com/centos-bgp-router-quagga.html - -作者:[Sarmed Rahman][a] -译者:[disylee](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 - -[a]:http://xmodulo.com/author/sarmed -[1]:http://xmodulo.com/turn-centos-box-into-ospf-router-quagga.html From 0bc39b1f100b4d93f35c6d796a9f1ab3b2388946 Mon Sep 17 00:00:00 2001 From: tinyeyeser Date: Wed, 7 Jan 2015 16:00:11 +0800 Subject: [PATCH 83/98] =?UTF-8?q?=E5=B7=B2=E6=A0=A1=E5=AF=B9=20by=E5=B0=8F?= =?UTF-8?q?=E7=9C=BC=E5=84=BF?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ...led, Could an Ubuntu Smartwatch Be Next.md | 52 +++++++++---------- 1 file changed, 26 insertions(+), 26 deletions(-) diff --git a/translated/talk/20140910 With Apple Watch Unveiled, Could an Ubuntu Smartwatch Be Next.md b/translated/talk/20140910 With Apple Watch Unveiled, Could an Ubuntu Smartwatch Be Next.md index c33120677c..a949c46d6b 100644 --- a/translated/talk/20140910 With Apple Watch Unveiled, Could an Ubuntu Smartwatch Be Next.md +++ b/translated/talk/20140910 With Apple Watch Unveiled, Could an Ubuntu Smartwatch Be Next.md @@ -1,61 +1,61 @@ -伴随苹果手表的揭幕,Ubuntu智能手表会成为下一个吗? +伴随Apple Watch的揭幕,下一个智能手表会是Ubuntu吗? === -**今天,苹果借助‘苹果手表’的发布,证实了其进军穿戴式计算设备市场的长期传言** +**苹果借助‘Apple Watch’的发布,证实了其进军穿戴式电子设备市场的长期传言** ![Ubuntu Smartwatch – good idea?](http://www.omgubuntu.co.uk/wp-content/uploads/2014/09/ubuntu-galaxy-gear-smartwatch.png) -Ubuntu智能手表 - 好的主意? +Ubuntu智能手表 - 好主意? -拥有一系列稳定功能,硬件解决方案和应用合作伙伴关系的支持,手腕穿戴设备被许多公司预示为“人与技术关系的新篇章”。 +拥有一系列稳定功能、硬件解决方案和应用合作伙伴关系的支持,手腕穿戴设备被许多公司预示为“人与技术关系的新篇章”。 -它的到来,以及用户兴趣的提升,有可能意味着Ubuntu需要遵循一个为智能手表定制的Ubuntu版本。 +它的到来,以及用户兴趣的提升,有可能意味着Ubuntu需要跟进一个为智能手表定制的Ubuntu版本。 ### 大的方面还是成功的 ### -苹果在正确时间加入了快速发展的智能手表部门。约束手腕穿戴电脑功能的界限并不是一成不变。失败的设计,不良的用户界面以及主流用户使用穿戴技术功能的弱参数化,这些都见证了硬件种类保持着高效的影响力 - 一个准许Cupertino把时间花费在苹果手表上的因素。 +苹果在正确的时间加入了快速发展的智能手表行列。手腕穿戴设备功能的界限并不是一成不变。失败的设计、简陋的用户界面以及主流用户使用穿戴技术功能的弱定制化,这些都见证了硬件类产品仍然很脆弱 - 这一因素使得Cupertino把时间花费在Apple Watch上。 > ‘分析师说:超过2200万的智能手表将在今年销售’ -去年全球范围内可穿戴设备的销售数量(包括健身追踪器)仅仅1000万。今年,分析师希望设备数量的改变可以超过2200万 - 不包括苹果手表,因为其直到2015年初才开始零售。 +去年全球范围内可穿戴设备的销售数量(包括健身追踪器)仅仅1000万。今年,分析师希望设备的销量可以超过2200万 - 不包括苹果手表,因为其直到2015年初才开始零售。 -很容易就可以看出增长的来源。今年九月初柏林举办的IFA 2014展览会,展示了一系列来自主要制造商们的可穿戴设备,包括索尼和华硕。大多数搭载着Google最新发布的安卓穿戴系统。 +其实,我们很容易就可以看出增长的来源。今年九月初柏林举办的IFA 2014展览会,展示了一系列来自主要制造商们的可穿戴设备,包括索尼和华硕。大多数搭载着Google最新发布的安卓穿戴平台。 -一个更加成熟的表现:安卓穿戴设备打破了与形式因素保持一致的新奇争论,进而呈现出一致并令人折服的用户方案。和新的苹果手表一样,它紧密地连接在一个现存的智能手机生态系统上。 +更成熟的一个表现是:安卓穿戴设备打破了与形式因素保持一致的新奇争论,进而呈现出一致且令人信服的用户方案。和新的苹果手表一样,它紧密地连接在一个现存的智能手机生态系统上。 -可能它只是一个使用案例,Ubuntu手腕穿戴系统是否能匹配它还不清楚。 +但Ubuntu手腕穿戴系统是否能与之匹配,成为一个实用案例,目前还不清楚。 #### 目前还没有Ubuntu智能手表的计划 #### -Ubuntu操作系统的通用性,结合以为多装置设备和趋势性未来定制的严格版本,已经产生了典型目标智能电视,平板电脑和智能手机。Mir,公司的本土显示服务器,被用来运转所有尺寸屏幕上的接口(虽然不是公认1.5"的) +Ubuntu操作系统的通用性将多种设备的严格标准与统一的未来目标联合在一起,Canonical已经将目标指向了智能电视,平板电脑和智能手机。公司自家的显示服务Mir,甚至被用来为所有尺寸的屏幕提供驱动接口(虽然不是公认1.5"的)。 -今年年初,Canonical社区负责人Jono Bacon被询问是否有制作Ubuntu智能手表的打算。Bacon提供了他对这个问题的看法:“增加另一个形式因素到[Ubuntu触摸设备]路线只会减缓其余的东西”。 +今年年初,Canonical社区负责人Jono Bacon被问到是否有制作Ubuntu智能手表的打算。Bacon提供了他对这个问题的看法:“为[Ubuntu触摸设备]路线增加额外的形式因素只会减缓现有的进度”。 -在Ubuntu电话发布两周年之际,我们还是挺赞同他的想法的。 +在Ubuntu手机发布两周年之际,我们还是挺赞同他的想法的。 -滴答,滴答,对冲你的赌注点(实在不懂什么意思...) +###除了A面还有B面!### -但是并不是没有希望的。在一个[几个月之后的电话采访][1]中,Ubuntu创始人Mark Shuttleworth提及到可穿戴技术和智能电视,平板电脑,智能手机一样,都在公司计划当中。 +但是并不是没有希望的。在[几个月之后的一次电话采访][1]中,Ubuntu创始人Mark Shuttleworth提到,可穿戴技术和智能电视、平板电脑、智能手机一样,都在公司计划当中。 -> “Ubuntu因其在电话中的完美设计变得独一无二,但是它同时也被设计成满足其余生态系统的样子,比如从穿戴设备到PC机。” +> “Ubuntu因其在电话中的完美设计变得独一无二,但同时它的设计也能够满足其他生态系统,从穿戴设备到PC机。” -然而这还没得到具体的证实,它更像一个指针,在这个方向是给我们提供一个乐观的指引。 +然而这还没得到具体的证实,它更像一个指针,在某个方向给我们提供一个乐观的指引。 -### 不可能 — 这就是原因所在 ### +#### 不大可能 — 但这就是原因所在 #### -Canonical并不反对利用牢固的专利进军市场。事实上,它的重要性犹如公司的DHA — 犹如服务器上的RHEL,桌面上的Windows,智能手机上的安卓... +Canonical并不反对利用牢固的专利进军市场。事实上,它恰恰是公司DNA基因的一部分 — 犹如服务器端的RHEL,桌面端的Windows,智能手机上的安卓... -设备上的Ubuntu系统被制作成可以在更小的屏幕上扩展和适应性运行。甚至很有可能在和手表一样小的屏幕上运行。当普通的代码基础已经在手机,平板电脑,桌面和TV上准备就绪,我想如果我们没有看到来自社区这一方向上的努力,我会感到奇怪。 +设备上的Ubuntu系统被制作成可以在更小的屏幕上扩展和适配运行,甚至在小如手表一样的屏幕上。当普通的代码基础已经在手机、平板电脑、桌面和TV上准备就绪,在同样的方向上,如果看不到社区的努力是十分令人吃惊的。 -但是我之所以不认为它会从规范社区发生,至少目前还没有,是今年早些时候Jono Bacon个人思想的共鸣:时间和努力。 +但是我之所以不认为它会从Canonical发生,至少目前还没有,是基于今年早些时候Jono Bacon的个人思想得出的结论:时间和努力。 -Tim Cook在他的主题演讲中说道:“*我们并没有追随iPhone,也没有缩水用户界面,将其强硬捆绑在你的手腕上。*”这是一个很明显的陈述。为如此小的屏幕设计UI和UX模型;通过交互原则工作;对硬件和输入模式的恭维,都不是一件容易的事。 +Tim Cook在他的主题演讲中说道:“*我们并没有追随iPhone,也没有缩水用户界面,将其强硬捆绑在你的手腕上。*”这是一个很明显的陈述。为如此小的屏幕设计UI和UX模型、通过交互原则工作、对硬件和输入模式的推崇,这些都不是容易的事。 -可穿戴技术仍然是一个新兴的市场。在这个阶段,Canonical将会浪费发展,设计以及进行中的业务。在一些更为紧迫的地区,任何利益的重要性将要超过损失。 +可穿戴技术仍然是一个新兴的市场。在这个阶段,Canonical可能会在探寻的过程中浪费一些发展、设计和商业上的机会。如果在一些更为紧迫的领域落后了,造成的后果远比眼前利益的损失更严重。 -玩一局更久的游戏,等待直到看出那些努力在何地成功和失败,这是一条更难的路线。但是更适合Ubuntu的就是今天。在新产品出现之前,让Canonical把力量用在现存的产品上是更好的选择(这是一些已经来迟的理论) +打一场持久战,耐心等待,看哪些努力成功哪些会失败,这是一条更难的路线,但是却更适合Ubuntu,就如同今天它做的一样。在新产品出现之前,Canonical把力量用在现存的产品上是更好的选择(这是一些已经来迟的理论) -想更进一步了解什么是Ubuntu智能手表,点击下面的[视频][2]。它展示了一个互动的主体性皮肤Tizen(它已经支持Samsung Galaxy Gear智能手表)。 +想更进一步了解什么是Ubuntu智能手表,点击下面的[视频][2],里面展示了一个交互的Unity主题皮肤Tizen(它已经支持Samsung Galaxy Gear智能手表)。 --- @@ -63,7 +63,7 @@ via: http://www.omgubuntu.co.uk/2014/09/ubuntu-smartwatch-apple-iwatch 作者:[Joey-Elijah Sneddon][a] 译者:[su-kaiyao](https://github.com/su-kaiyao) -校对:[校对者ID](https://github.com/校对者ID) +校对:[Mr小眼儿](https://github.com/tinyeyeser) 本文由[LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 From 38338a75969021460b8edfb8d6bed9a108137279 Mon Sep 17 00:00:00 2001 From: Stevearzh Date: Wed, 7 Jan 2015 16:31:08 +0800 Subject: [PATCH 84/98] Translated by Stevearzh --- ... Music from Grooveshark with a Linux OS.md | 48 ------------------- ... Music from Grooveshark with a Linux OS.md | 47 ++++++++++++++++++ 2 files changed, 47 insertions(+), 48 deletions(-) delete mode 100644 sources/share/20141226 How to Download Music from Grooveshark with a Linux OS.md create mode 100644 translated/share/20141226 How to Download Music from Grooveshark with a Linux OS.md diff --git a/sources/share/20141226 How to Download Music from Grooveshark with a Linux OS.md b/sources/share/20141226 How to Download Music from Grooveshark with a Linux OS.md deleted file mode 100644 index f4a50b24b3..0000000000 --- a/sources/share/20141226 How to Download Music from Grooveshark with a Linux OS.md +++ /dev/null @@ -1,48 +0,0 @@ -[Translating by Stevarzh] -How to Download Music from Grooveshark with a Linux OS -================================================================================ -> The solution is actually much simpler than you think - -![](http://i1-news.softpedia-static.com/images/news2/How-to-Download-Music-from-Grooveshark-with-a-Linux-OS-468268-2.jpg) - -**Grooveshark is a great online platform for people who want to listen to music, and there are a number of ways to download music from there. Groovesquid is just one of the applications that let users get music from Grooveshark, and it's multiplatform.** - -If there is a service that streams something online, then there is a way to download the stuff that you are just watching or listening. As it turns out, it's not that difficult and there are a ton of solutions, no matter the platform. For example, there are dozens of YouTube downloaders and it stands to reason that it's not all that difficult to get stuff from Grooveshark either. - -Now, there is the problem of legality. Like many other applications out there, Groovesquid is not actually illegal. It's the user's fault if they do something illegal with an application. The same reasoning can be applied to apps like utorrent or Bittorrent. As long as you don't touch copyrighted material, there are no problems in using Groovesquid. - -### Groovesquid is fast and efficient ### - -The only problem that you could find with Groovesquid is the fact that it's based on Java and that's never a good sign. This is a good way to ensure that an application runs on all the platforms, but it's an issue when it comes to the interface. It's not great, but it doesn't really matter all that much for users, especially since the app is doing a great job. - -There is one caveat though. Groovesquid is a free application, but in order to remain free, it has to display an ad on the right side of the menu. This shouldn't be a problem for most people, but it's a good idea to mention that right from the start. - -From a usability point of view, the application is pretty straightforward. Users can download a single song by entering the link in the top field, but the purpose of that field can be changed by accessing the small drop-down menu to its left. From there, it's possible to change to Song, Popular, Albums, Playlist, and Artist. Some of the options provide access to things like the most popular song on Grooveshark and other options allow you to download an entire playlist, for example. - -You can download Groovesquid 0.7.0 - -- [jar][1] File size: 3.8 MB -- [tar.gz][2] File size: 549 KB - -You will get a Jar file and all you have to do is to make it executable and let Java do the rest. - -![](http://i1-news.softpedia-static.com/images/news2/How-to-Download-Music-from-Grooveshark-with-a-Linux-OS-468268-3.jpg) - -![](http://i1-news.softpedia-static.com/images/news2/How-to-Download-Music-from-Grooveshark-with-a-Linux-OS-468268-4.jpg) - -![](http://i1-news.softpedia-static.com/images/news2/How-to-Download-Music-from-Grooveshark-with-a-Linux-OS-468268-5.jpg) - -![](http://i1-news.softpedia-static.com/images/news2/How-to-Download-Music-from-Grooveshark-with-a-Linux-OS-468268-6.jpg) --------------------------------------------------------------------------------- - -via: http://news.softpedia.com/news/How-to-Download-Music-from-Grooveshark-with-a-Linux-OS-468268.shtml - -作者:[Silviu Stahie][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 - -[a]:http://news.softpedia.com/editors/browse/silviu-stahie -[1]:https://github.com/groovesquid/groovesquid/releases/download/v0.7.0/Groovesquid.jar -[2]:https://github.com/groovesquid/groovesquid/archive/v0.7.0.tar.gz \ No newline at end of file diff --git a/translated/share/20141226 How to Download Music from Grooveshark with a Linux OS.md b/translated/share/20141226 How to Download Music from Grooveshark with a Linux OS.md new file mode 100644 index 0000000000..0af3e996d3 --- /dev/null +++ b/translated/share/20141226 How to Download Music from Grooveshark with a Linux OS.md @@ -0,0 +1,47 @@ +如何使用 Linux 从 Grooveshark 下载音乐 +================================================================================ +> 解决办法通常没有那么难 + +![](http://i1-news.softpedia-static.com/images/news2/How-to-Download-Music-from-Grooveshark-with-a-Linux-OS-468268-2.jpg) + +**Grooveshark 对于喜欢音乐的人来说是一个不错的在线平台,同时有多种从上面下载音乐的方法。Groovesquid 是众多允许用户从 Grooveshark 上下载音乐的应用之一,并且是支持多平台的。** + +只要有在线流媒体服务,就一定有方法从获取你之前看过或听过的视频及音乐。即使下载接口关闭了,也不是什么大不了的事,因为还有很多种解决方法,无论你用的什么操作系统。比如,网络上就有许多种 YouTube 下载器,同样的道理,从 Grooveshark 上下载音乐也并非难事。 + +现在,得考虑合法性的问题。与许多其他应用一样,Groovesquid 并非是完全不合法的。如果有用户使用应用去做一些非法的事情,那责任应归咎于用户。同样的道理也适用于 utorrent 或者 Bittorrent。只要你不触及版权问题,那你就可以无所顾忌的使用 Groovesquid 了。 + +### 快捷高效的 Groovesquid ### + +你能够找到的 Groovesquid 的唯一缺点是,它是基于 Java 而编写的,这从来都不是一个好的兆头。虽然为了确保应用的可移植性这样做确实是一个好方法,但这样做的结果导致了其糟糕的界面。确实是非常糟糕的的界面,不过这一点并不会影响到用户的使用体验,特别是这款应用所完成的工作时如此的有用。 + +有一点需要注意的地方。Groovesquid 是一款免费的应用,但为了将免费保持下去,它会在菜单栏的右侧显示一则广告。这对大多数人来说都应该不是问题,不过最好在打开应用后注意下菜单栏右侧。 + +从易用性的角度来看,这款应用非常简洁。用户可以通过在顶部地址栏里输入链接直接下载单曲,地址栏的位置可以通过其左侧的下拉菜单进行修改。在下拉菜单中,也可以修改为歌曲名称、流行度、专辑名称、播放列表以及艺术家。有些选项向你提供了诸如查看 Grooveshark 上最流行的音乐,或者下载整个播放列表等。 + +你可以下载 Groovesquid 0.7.0 + +- [jar][1] 文件大小:3.8 MB +- [tar.gz][2] 文件大小:549 KB + +下载完 Jar 文件后,你所需要做的是将其权限修改为可执行,然后让 Java 来完成剩下的工作。 + +![](http://i1-news.softpedia-static.com/images/news2/How-to-Download-Music-from-Grooveshark-with-a-Linux-OS-468268-3.jpg) + +![](http://i1-news.softpedia-static.com/images/news2/How-to-Download-Music-from-Grooveshark-with-a-Linux-OS-468268-4.jpg) + +![](http://i1-news.softpedia-static.com/images/news2/How-to-Download-Music-from-Grooveshark-with-a-Linux-OS-468268-5.jpg) + +![](http://i1-news.softpedia-static.com/images/news2/How-to-Download-Music-from-Grooveshark-with-a-Linux-OS-468268-6.jpg) +-------------------------------------------------------------------------------- + +via: http://news.softpedia.com/news/How-to-Download-Music-from-Grooveshark-with-a-Linux-OS-468268.shtml + +作者:[Silviu Stahie][a] +译者:[Stevearzh](https://github.com/Stevearzh) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:http://news.softpedia.com/editors/browse/silviu-stahie +[1]:https://github.com/groovesquid/groovesquid/releases/download/v0.7.0/Groovesquid.jar +[2]:https://github.com/groovesquid/groovesquid/archive/v0.7.0.tar.gz From 03a283aaff319da1b5522347b1ab20e30db78798 Mon Sep 17 00:00:00 2001 From: zhengsihua Date: Wed, 7 Jan 2015 20:47:32 +0800 Subject: [PATCH 85/98] translating --- sources/tech/20150105 How To Install Winusb In Ubuntu 14.04.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/sources/tech/20150105 How To Install Winusb In Ubuntu 14.04.md b/sources/tech/20150105 How To Install Winusb In Ubuntu 14.04.md index 723edd621f..c55b011304 100644 --- a/sources/tech/20150105 How To Install Winusb In Ubuntu 14.04.md +++ b/sources/tech/20150105 How To Install Winusb In Ubuntu 14.04.md @@ -1,3 +1,5 @@ +Translating-----geekpi + How To Install Winusb In Ubuntu 14.04 ================================================================================ ![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/01/WinUSB_Ubuntu_1404.jpeg) From 6e3f25fa050fbaa807452518f28be29e949ea62f Mon Sep 17 00:00:00 2001 From: zhengsihua Date: Wed, 7 Jan 2015 21:06:47 +0800 Subject: [PATCH 86/98] translated --- ...5 How To Install Winusb In Ubuntu 14.04.md | 49 ------------------- ...5 How To Install Winusb In Ubuntu 14.04.md | 47 ++++++++++++++++++ 2 files changed, 47 insertions(+), 49 deletions(-) delete mode 100644 sources/tech/20150105 How To Install Winusb In Ubuntu 14.04.md create mode 100644 translated/tech/20150105 How To Install Winusb In Ubuntu 14.04.md diff --git a/sources/tech/20150105 How To Install Winusb In Ubuntu 14.04.md b/sources/tech/20150105 How To Install Winusb In Ubuntu 14.04.md deleted file mode 100644 index c55b011304..0000000000 --- a/sources/tech/20150105 How To Install Winusb In Ubuntu 14.04.md +++ /dev/null @@ -1,49 +0,0 @@ -Translating-----geekpi - -How To Install Winusb In Ubuntu 14.04 -================================================================================ -![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/01/WinUSB_Ubuntu_1404.jpeg) - -[WinUSB][1] is a simple and useful tool that lets you create USB stick Windows installer from the Windows ISO image or DVD. It comprises of both GUI and command line tool and you can decide to choose which to use based on your preference. - -In this quick post we shall see **how to install WinUSB in Ubuntu 14.04, 14.10 and Linux Mint 17**. - -### Install WinUSB in Ubuntu 14.04 and Ubuntu 14.10 ### - -Until Ubuntu 13.10, WinUSB was developed actively and it was available for installation via its official PPA. This PPA has not been updated for Ubuntu 14.04 Trusty Tahr and 14.10 but the binaries are still there and works fine in newer version of Ubuntu and Linux Mint. Based on [whether your Ubuntu system is 32 bit or 64 bit][2], use the command below to download the binaries: - -Open a terminal and use the following command for 32 bit system: - - wget https://launchpad.net/~colingille/+archive/freshlight/+files/winusb_1.0.11+saucy1_i386.deb - -For 64 bit systems, use the command below: - - wget https://launchpad.net/~colingille/+archive/freshlight/+files/winusb_1.0.11+saucy1_amd64.deb - -Once you have downloaded the correct binaries, you can install WinUSB using the command below: - - sudo dpkg -i winusb* - -Don’t worry if you see error when you try to install WinUSB. Fix the dependency errors with this command: - - sudo apt-get -f install - -Afterwards, you can search for WinUSB in Unity Dash and use it to create a live USB of Windows in Ubuntu 14.04. - -![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/01/WinUSB_Ubuntu.png) - -I hope this quick post helped you to **install WinUSB in Ubuntu 14.04, 14.10 and Linux Mint 17**. - --------------------------------------------------------------------------------- - -via: http://itsfoss.com/install-winusb-in-ubuntu-14-04/ - -作者:[Abhishek][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 - -[a]:http://itsfoss.com/author/Abhishek/ -[1]:http://en.congelli.eu/prog_info_winusb.html -[2]:http://itsfoss.com/how-to-know-ubuntu-unity-version/ \ No newline at end of file diff --git a/translated/tech/20150105 How To Install Winusb In Ubuntu 14.04.md b/translated/tech/20150105 How To Install Winusb In Ubuntu 14.04.md new file mode 100644 index 0000000000..b9fe775752 --- /dev/null +++ b/translated/tech/20150105 How To Install Winusb In Ubuntu 14.04.md @@ -0,0 +1,47 @@ +如何在Ubuntu 14.04 中安装Winusb +================================================================================ +![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/01/WinUSB_Ubuntu_1404.jpeg) + +[WinUSB][1]是一款简单的且有用的工具,可以让你从Windows ISO镜像或者DVD中创建USB安装盘。它结合了GUI和命令行,你可以根据你的喜好决定使用哪种。 + +在本篇中我们会展示**如何在Ubuntu 14.04、14.10 和 Linux Mint 17 中安装WinUSB**。 + +### 在Ubuntu 14.04、14.10 和 Linux Mint 17 中安装WinUSB ### + +直到Ubuntu 13.10, WinUSBu一直都在积极开发,且在官方PPA中可以找到。这个PPA还没有为Ubuntu 14.04 和14.10更新,但是二进制文件仍旧可在更新版本的Ubuntu和Linux Mint中运行。基于[基于你使用的系统是32位还是64位的][2],使用下面的命令来下载二进制文件: + +打开终端,并在32位的系统下使用下面的命令: + + wget https://launchpad.net/~colingille/+archive/freshlight/+files/winusb_1.0.11+saucy1_i386.deb + +对于64位的系统,使用下面的命令: + + wget https://launchpad.net/~colingille/+archive/freshlight/+files/winusb_1.0.11+saucy1_amd64.deb + +一旦你下载了正确的二进制包,你可以用下面的命令安装WinUSB: + + sudo dpkg -i winusb* + +不要担心在你安装WinUSB时看见错误。使用这条命令修复依赖: + + sudo apt-get -f install + +之后,你就可以在Unity Dash中查找WinUSB并且用它在Ubuntu 14.04 中创建Windows的live USB了。 + +![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/01/WinUSB_Ubuntu.png) + +我希望这篇文章能够帮到你**在Ubuntu 14.04、14.10 和 Linux Mint 17 中安装WinUSB**。 + +-------------------------------------------------------------------------------- + +via: http://itsfoss.com/install-winusb-in-ubuntu-14-04/ + +作者:[Abhishek][a] +译者:[geekpi](https://github.com/geekpi) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:http://itsfoss.com/author/Abhishek/ +[1]:http://en.congelli.eu/prog_info_winusb.html +[2]:http://itsfoss.com/how-to-know-ubuntu-unity-version/ \ No newline at end of file From d30d88da63f0824cfd15a1d034b504ec63a1951c Mon Sep 17 00:00:00 2001 From: Vic___ Date: Thu, 8 Jan 2015 12:48:01 +0800 Subject: [PATCH 87/98] Translated --- ...XBMC) In Ubuntu 14.04 and Linux Mint 17.md | 29 ++++++++++--------- 1 file changed, 16 insertions(+), 13 deletions(-) diff --git a/sources/tech/20150105 How To Install Kodi 14 (XBMC) In Ubuntu 14.04 and Linux Mint 17.md b/sources/tech/20150105 How To Install Kodi 14 (XBMC) In Ubuntu 14.04 and Linux Mint 17.md index f34efd43cd..20b6715d38 100644 --- a/sources/tech/20150105 How To Install Kodi 14 (XBMC) In Ubuntu 14.04 and Linux Mint 17.md +++ b/sources/tech/20150105 How To Install Kodi 14 (XBMC) In Ubuntu 14.04 and Linux Mint 17.md @@ -1,43 +1,46 @@ -Vic020 - -How To Install Kodi 14 (XBMC) In Ubuntu 14.04 & Linux Mint 17 +Ubuntu14.04或Mint17如何安装Kodi14(XBMC) ================================================================================ ![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/01/Kodi_Xmas.jpg) -[Kodi][1], formerly and popularly known as XBMC, has [released its latest version 14][2] which is code named Helix. It is fairly easy to **install Kodi 14 in Ubuntu 14.04** thanks to the official PPA provided by XBMC. +[Kodi][1],原名就是大名鼎鼎的XBMC,发布[最新版本14][2],命名为Helix。感谢官方XMBC提供的PPA,现在可以很简单地在Ubuntu14.04中安装了。 -For those who do not know already, Kodi is a media center application available for all major platforms like Windows, Linux, Mac, Android etc. It turns your device in to a full screen media center where you can manage all your music and videos, either on local or on network drive, watch You Tube, [Netflix][3], Hulu, Amazon Prime and other streaming services. +Kodi是一个优秀的自由和开源的(GPL)媒体中心软件,支持所有平台,如Windows, Linux, Mac, Android等。此软件拥有全屏幕的媒体中心,可以管理所有音乐和视频,不单支持本地文件还支持网络播放,如Tube,[Netflix][3], Hulu, Amazon Prime和其他串流服务商。 -### Install XBMC 14 Kodi Helix in Ubuntu 14.04, 14.10 and Linux Mint 17 ### +### Ubuntu 14.04, 14.10 和 Linux Mint 17 中安装XBMC 14 Kodi Helix ### -Thanks to the official PPA, you can easily install Kodi 14 in Ubuntu 14.04, Ubuntu 12.04, Linux Mint 17, Pinguy OS 14.04, Deepin 2014, LXLE 14.04, Linux Lite 2.0, Elementary OS and other Ubuntu based Linux distributions. Open a terminal (Ctrl+Alt+T) and use the following commands: +再次感谢官方的PPA,让我们可以轻松安装Kodi 14。 +支持Ubuntu 14.04, Ubuntu 12.04, Linux Mint 17, Pinguy OS 14.04, Deepin 2014, LXLE 14.04, Linux Lite 2.0, Elementary OS and 其他基于Ubuntu的Linux 发行版。 +打开终端(Ctrl+Alt+T)然后使用下列命令。 sudo add-apt-repository ppa:team-xbmc/ppa sudo apt-get update sudo apt-get install kodi -The download size would be around 100 MB, which is not huge in my opinion. To install some encode addons, use the command below: +需要下载大约100MB,在我的观点这不是很大。若需安装解码插件,使用下列命令: sudo apt-get install kodi-audioencoder-* kodi-pvr-* -#### Remove Kodi 14 from Ubuntu #### +#### 从Ubuntu中移除Kodi 14 #### -To uninstall Kodi 14 from your system, use the command below: +从系统中移除Kodi 14 ,使用下列命令: sudo apt-get remove kodi -You should also remove the PPA from the software sources: +同样也应该移除PPA软件源: sudo add-apt-repository --remove ppa:team-xbmc/ppa -I hope this quick post helped you to install Kodi 14 in Ubuntu, Linux Mint and other Linux. How do you find Kodi 14 Helix? Do you use some other media center as an alternative to XBMC? Do share your views in the comment section. +我希望这个简单的文章可以帮助到你,在Ubuntu, Linux Mint 和其他 Linux版本中轻松安装Kodi 14。 +你怎么发现Kodi 14 Helix? +你有没有使用其他的什么媒体中心? +可以在下面的评论区分享你的观点。 -------------------------------------------------------------------------------- via: http://itsfoss.com/install-kodi-14-xbmc-in-ubuntu-14-04-linux-mint-17/ 作者:[Abhishek][a] -译者:[译者ID](https://github.com/译者ID) +译者:[Vic020/VicYu](http://www.vicyu.net) 校对:[校对者ID](https://github.com/校对者ID) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 From 17e3b272063e391216076ea44feb24aea202d860 Mon Sep 17 00:00:00 2001 From: Vic___ Date: Thu, 8 Jan 2015 12:48:30 +0800 Subject: [PATCH 88/98] Moved --- ...To Install Kodi 14 (XBMC) In Ubuntu 14.04 and Linux Mint 17.md | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename {sources => translated}/tech/20150105 How To Install Kodi 14 (XBMC) In Ubuntu 14.04 and Linux Mint 17.md (100%) diff --git a/sources/tech/20150105 How To Install Kodi 14 (XBMC) In Ubuntu 14.04 and Linux Mint 17.md b/translated/tech/20150105 How To Install Kodi 14 (XBMC) In Ubuntu 14.04 and Linux Mint 17.md similarity index 100% rename from sources/tech/20150105 How To Install Kodi 14 (XBMC) In Ubuntu 14.04 and Linux Mint 17.md rename to translated/tech/20150105 How To Install Kodi 14 (XBMC) In Ubuntu 14.04 and Linux Mint 17.md From 10ef4a215aaf2ead4a30fe0c229c505a2aa8cd16 Mon Sep 17 00:00:00 2001 From: DeadFire Date: Thu, 8 Jan 2015 15:51:34 +0800 Subject: [PATCH 89/98] =?UTF-8?q?20150108-1=20=E9=80=89=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ...tall SSL on Apache 2.4 in Ubuntu 14.0.4.md | 71 +++++++++ ...a Web Crawling Tool in Ubuntu 14.04 LTS.md | 129 +++++++++++++++++ ...ace (NICs) Bonding in Linux using nmcli.md | 136 ++++++++++++++++++ 3 files changed, 336 insertions(+) create mode 100644 sources/tech/20150108 How to Install SSL on Apache 2.4 in Ubuntu 14.0.4.md create mode 100644 sources/tech/20150108 How to Install Scrapy a Web Crawling Tool in Ubuntu 14.04 LTS.md create mode 100644 sources/tech/20150108 Interface (NICs) Bonding in Linux using nmcli.md diff --git a/sources/tech/20150108 How to Install SSL on Apache 2.4 in Ubuntu 14.0.4.md b/sources/tech/20150108 How to Install SSL on Apache 2.4 in Ubuntu 14.0.4.md new file mode 100644 index 0000000000..3cac73fc2e --- /dev/null +++ b/sources/tech/20150108 How to Install SSL on Apache 2.4 in Ubuntu 14.0.4.md @@ -0,0 +1,71 @@ +How to Install SSL on Apache 2.4 in Ubuntu 14.0.4 +================================================================================ +Today I will show you how to install a **SSL certificate** on your personal website or blog, to help secure the communications between your visitors and your website. + +Secure Sockets Layer or SSL, is the standard security technology for creating an encrypted connection between a web server and a web browser. This ensures that all data passed between the web server and the web browser remain private and secure. It is used by millions of websites in the protection of their online communications with their customers. In order to be able to generate an SSL link, a web server requires a SSL Certificate. + +You can create your own SSL Certificate, but it will not be trusted by default in web browsers, to fix this you will have to buy a digital certificate from a trusted Certification Authority (CA), we will show you below how to get the certificate and install it in apache. + +### Generating a Certificate Signing Request ### + +The Certification Authority (CA) will ask you for a Certificate Signing Request (CSR) generated on your web server. This is a simple step and only takes a minute, you will have to run the following command and input the requested information: + + # openssl req -new -newkey rsa:2048 -nodes -keyout yourdomainname.key -out yourdomainname.csr + +The output should look something like this: + +![generate csr](http://blog.linoxide.com/wp-content/uploads/2015/01/generate-csr.jpg) + +This begins the process of generating two files: the Private-Key file for the decryption of your SSL Certificate, and a certificate signing request (CSR) file (used to apply for your SSL Certificate) with apache openssl. + +Depending on the authority you apply to, you will either have to upload your csr file or paste it's content in a web form. + +### Installing the actual certificate in Apache ### + +After the generation process is finished you will receive your new digital certificate, for this article we have used [Comodo SSL][1] and received the certificate in a zip file. To use it in apache you will first have to create a bundle of the certificates you received in the zip file with the following command: + + # cat COMODORSADomainValidationSecureServerCA.crt COMODORSAAddTrustCA.crt AddTrustExternalCARoot.crt > bundle.crt + +![bundle](http://blog.linoxide.com/wp-content/uploads/2015/01/bundle.jpg) + +Now make sure that the ssl module is loaded in apache by running the following command: + + # a2enmod ssl + +If you get the message "Module ssl already enabled" you are ok, if you get the message "Enabling module ssl." you will also have to run the following command to restart apache: + + # service apache2 restart + +Finally modify your virtual host file (generally found in /etc/apache2/sites-enabled) to look something like this: + + DocumentRoot /var/www/html/ + ServerName linoxide.com + SSLEngine on + SSLCertificateFile /usr/local/ssl/crt/yourdomainname.crt + SSLCertificateKeyFile /usr/local/ssl/yourdomainname.key + SSLCACertificateFile /usr/local/ssl/bundle.crt + +You should now access your website using https://YOURDOMAIN/ (be careful to use 'https' not http) and see the SSL in progress (generally indicated by a lock in your web browser). + +**NOTE:** All the links must now point to https, if some of the content on the website (like images or css files) still point to http links you will get a warning in the browser, to fix this you have to make sure that every link points to https. + +### Redirect HTTP requests to HTTPS version of your website ### + +If you wish to redirect the normal HTTP requests to HTTPS version of your website, add the following text to either the virtual host you wish to apply it to or to the apache.conf if you wish to apply it for all websites hosted on the server: + + RewriteEngine On + RewriteCond %{HTTPS} off + RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} + +-------------------------------------------------------------------------------- + +via: http://linoxide.com/ubuntu-how-to/install-ssl-apache-2-4-in-ubuntu/ + +作者:[Adrian Dinu][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:http://linoxide.com/author/adriand/ +[1]:https://ssl.comodo.com/ \ No newline at end of file diff --git a/sources/tech/20150108 How to Install Scrapy a Web Crawling Tool in Ubuntu 14.04 LTS.md b/sources/tech/20150108 How to Install Scrapy a Web Crawling Tool in Ubuntu 14.04 LTS.md new file mode 100644 index 0000000000..1f8d44f838 --- /dev/null +++ b/sources/tech/20150108 How to Install Scrapy a Web Crawling Tool in Ubuntu 14.04 LTS.md @@ -0,0 +1,129 @@ +How to Install Scrapy a Web Crawling Tool in Ubuntu 14.04 LTS +================================================================================ +It is an open source software which is used for extracting the data from websites. Scrapy framework is developed in Python and it perform the crawling job in fast, simple and extensible way. We have created a Virtual Machine (VM) in virtual box and Ubuntu 14.04 LTS is installed on it. + +### Install Scrapy ### + +Scrapy is dependent on Python, development libraries and pip software. Python latest version is pre-installed on Ubuntu. So we have to install pip and python developer libraries before installation of Scrapy. + +Pip is the replacement for easy_install for python package indexer. It is used for installation and management of Python packages. Installation of pip package is shown in Figure 1. + + sudo apt-get install python-pip + +![Fig:1 Pip installation](http://blog.linoxide.com/wp-content/uploads/2014/11/f1.png) + +Fig:1 Pip installation + +We have to install python development libraries by using following command. If this package is not installed then installation of scrapy framework generates error about python.h header file. + + sudo apt-get install python-dev + +![Fig:2 Python Developer Libraries](http://blog.linoxide.com/wp-content/uploads/2014/11/f2.png) + +Fig:2 Python Developer Libraries + +Scrapy framework can be installed either from deb package or source code. However we have installed deb package using pip (Python package manager) which is shown in Figure 3. + + sudo pip install scrapy + +![Fig:3 Scrapy Installation](http://blog.linoxide.com/wp-content/uploads/2014/11/f3.png) + +Fig:3 Scrapy Installation + +Scrapy successful installation takes some time which is shown in Figure 4. + +![Fig:4 Successful installation of Scrapy Framework](http://blog.linoxide.com/wp-content/uploads/2014/11/f4.png) + +Fig:4 Successful installation of Scrapy Framework + +### Data extraction using Scrapy framework ### + +**(Basic Tutorial)** + +We will use Scrapy for the extraction of store names (which are providing Cards) item from fatwallet.com web site. First of all, we created new scrapy project “store_name” using below given command and shown in Figure 5. + + $sudo scrapy startproject store_name + +![Fig:5 Creation of new project in Scrapy Framework](http://blog.linoxide.com/wp-content/uploads/2014/11/f5.png) + +Fig:5 Creation of new project in Scrapy Framework + +Above command creates a directory with title “store_name” at current path. This main directory of the project contains files/folders which are shown in the following Figure 6. + + $sudo ls –lR store_name + +![Fig:6 Contents of store_name project.](http://blog.linoxide.com/wp-content/uploads/2014/11/f6.png) + +Fig:6 Contents of store_name project. + +A brief description of each file/folder is given below; + +- scrapy.cfg is the project configuration file +- store_name/ is another directory inside the main directory. This directory contains python code of the project. +- store_name/items.py contains those items which will be extracted by the spider. +- store_name/pipelines.py is the pipelines file. +- Setting of store_name project is in store_name/settings.py file. +- and the store_name/spiders/ directory, contains spider for the crawling + +As we are interested to extract the store names of the Cards from fatwallet.com site, so we updated the contents of the file as shown below. + + import scrapy + + class StoreNameItem(scrapy.Item): + + name = scrapy.Field() # extract the names of Cards store + +After this, we have to write new spider under store_name/spiders/ directory of the project. Spider is python class which consist of following mandatory attributes : + +1. Name of the spider (name ) +1. Starting url of spider for crawling (start_urls) +1. And parse method which consist of regex for the extraction of desired items from the page response. Parse method is the important part of spider. + +We created spider “store_name.py” under store_name/spiders/ directory and added following python code for the extraction of store name from fatwallet.com site. The output of the spider is written in the file (**StoreName.txt**) which is shown in Figure 7. + + from scrapy.selector import Selector + from scrapy.spider import BaseSpider + from scrapy.http import Request + from scrapy.http import FormRequest + import re + class StoreNameItem(BaseSpider): + name = "storename" + allowed_domains = ["fatwallet.com"] + start_urls = ["http://fatwallet.com/cash-back-shopping/"] + + def parse(self,response): + output = open('StoreName.txt','w') + resp = Selector(response) + + tags = resp.xpath('//tr[@class="storeListRow"]|\ + //tr[@class="storeListRow even"]|\ + //tr[@class="storeListRow even last"]|\ + //tr[@class="storeListRow last"]').extract() + for i in tags: + i = i.encode('utf-8', 'ignore').strip() + store_name = '' + if re.search(r"class=\"storeListStoreName\">.*?<",i,re.I|re.S): + store_name = re.search(r"class=\"storeListStoreName\">.*?<",i,re.I|re.S).group() + store_name = re.search(r">.*?<",store_name,re.I|re.S).group() + store_name = re.sub(r'>',"",re.sub(r'<',"",store_name,re.I)) + store_name = re.sub(r'&',"&",re.sub(r'&',"&",store_name,re.I)) + #print store_name + output.write(store_name+""+"\n") + +![Fig:7 Output of the Spider code .](http://blog.linoxide.com/wp-content/uploads/2014/11/f7.png) + +Fig:7 Output of the Spider code . + +*NOTE: The purpose of this tutorial is only the understanding of Scrapy Framework* + +-------------------------------------------------------------------------------- + +via: http://linoxide.com/ubuntu-how-to/scrapy-install-ubuntu/ + +作者:[nido][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:http://linoxide.com/author/naveeda/ \ No newline at end of file diff --git a/sources/tech/20150108 Interface (NICs) Bonding in Linux using nmcli.md b/sources/tech/20150108 Interface (NICs) Bonding in Linux using nmcli.md new file mode 100644 index 0000000000..fa02f19ce6 --- /dev/null +++ b/sources/tech/20150108 Interface (NICs) Bonding in Linux using nmcli.md @@ -0,0 +1,136 @@ +Interface (NICs) Bonding in Linux using nmcli +================================================================================ +Today, we'll learn how to perform Interface (NICs) bonding in our CentOS 7.x using nmcli (Network Manager Command Line Interface). + +NICs (Interfaces) bonding is a method for linking **NICs** together logically to allow fail-over or higher throughput. One of the ways to increase the network availability of a server is by using multiple network interfaces. The Linux bonding driver provides a method for aggregating multiple network interfaces into a single logical bonded interface. It is a new implementation that does not affect the older bonding driver in linux kernel; it offers an alternate implementation. + +**NIC bonding is done to provide two main benefits for us:** + +1. **High bandwidth** +1. **Redundancy/resilience** + +Now lets configure NICs bonding in CentOS 7. We'll need to decide which interfaces that we would like to configure a Team interface. + +run **ip link** command to check the available interface in the system. + + $ ip link + +![ip link](http://blog.linoxide.com/wp-content/uploads/2015/01/ip-link.png) + +Here we are using **eno16777736** and **eno33554960** NICs to create a team interface in **activebackup** mode. + +Use **nmcli** command to create a connection for the network team interface,with the following syntax. + + # nmcli con add type team con-name CNAME ifname INAME [config JSON] + +Where **CNAME** will be the name used to refer the connection ,**INAME** will be the interface name and **JSON** (JavaScript Object Notation) specifies the runner to be used.**JSON** has the following syntax: + + '{"runner":{"name":"METHOD"}}' + +where **METHOD** is one of the following: **broadcast, activebackup, roundrobin, loadbalance** or **lacp**. + +### 1. Creating Team Interface ### + +Now let us create the team interface. here is the command we used to create the team interface. + + # nmcli con add type team con-name team0 ifname team0 config '{"runner":{"name":"activebackup"}}' + +![nmcli con create](http://blog.linoxide.com/wp-content/uploads/2015/01/nmcli-con-create.png) + +run **# nmcli con show** command to verify the team configuration. + + # nmcli con show + +![Show Teamed Interace](http://blog.linoxide.com/wp-content/uploads/2015/01/show-team-interface.png) + +### 2. Adding Slave Devices ### + +Now lets add the slave devices to the master team0. here is the syntax for adding the slave devices. + + # nmcli con add type team-slave con-name CNAME ifname INAME master TEAM + +Here we are adding **eno16777736** and **eno33554960** as slave devices for **team0** interface. + + # nmcli con add type team-slave con-name team0-port1 ifname eno16777736 master team0 + + # nmcli con add type team-slave con-name team0-port2 ifname eno33554960 master team0 + +![adding slave devices to team](http://blog.linoxide.com/wp-content/uploads/2015/01/adding-to-team.png) + +Verify the connection configuration using **#nmcli con show** again. now we could see the slave configuration. + + #nmcli con show + +![show slave config](http://blog.linoxide.com/wp-content/uploads/2015/01/show-slave-config.png) + +### 3. Assigning IP Address ### + +All the above command will create the required configuration files under **/etc/sysconfig/network-scripts/**. + +Lets assign an IP address to this team0 interface and enable the connection now. Here is the command to perform the IP assignment. + + # nmcli con mod team0 ipv4.addresses "192.168.1.24/24 192.168.1.1" + # nmcli con mod team0 ipv4.method manual + # nmcli con up team0 + +![ip assignment](http://blog.linoxide.com/wp-content/uploads/2015/01/ip-assignment.png) + +### 4. Verifying the Bonding ### + +Verify the IP address information in **#ip add show team0** command. + + #ip add show team0 + +![verfiy ip address](http://blog.linoxide.com/wp-content/uploads/2015/01/verfiy-ip-adress.png) + +Now lets check the **activebackup** configuration functionality using the **teamdctl** command. + + # teamdctl team0 state + +![teamdctl active backup check](http://blog.linoxide.com/wp-content/uploads/2015/01/teamdctl-activebackup-check.png) + +Now lets disconnect the active port and check the state again. to confirm whether the active backup configuration is working as expected. + + # nmcli dev dis eno33554960 + +![disconnect activeport](http://blog.linoxide.com/wp-content/uploads/2015/01/disconnect-activeport.png) + +disconnected the active port and now check the state again using **#teamdctl team0 state**. + + # teamdctl team0 state + +![teamdctl check activeport disconnect](http://blog.linoxide.com/wp-content/uploads/2015/01/teamdctl-check-activeport-disconnect.png) + +Yes its working cool !! we will connect the disconnected connection back to team0 using the following command. + + #nmcli dev con eno33554960 + +![nmcli dev connect disconected](http://blog.linoxide.com/wp-content/uploads/2015/01/nmcli-dev-connect-disconected.png) + +We have one more command called **teamnl** let us show some options with **teamnl** command. + +to check the ports in team0 run the following command. + + # teamnl team0 ports + +![teamnl check ports](http://blog.linoxide.com/wp-content/uploads/2015/01/teamnl-check-ports.png) + +Display currently active port of **team0**. + + # teamnl team0 getoption activeport + +![display active port team0](http://blog.linoxide.com/wp-content/uploads/2015/01/display-active-port-team0.png) + +Hurray, we have successfully configured NICs bonding :-) Please share feedback if any. + +-------------------------------------------------------------------------------- + +via: http://linoxide.com/linux-command/interface-nics-bonding-linux/ + +作者:[Arun Pyasi][a] +译者:[译者ID](https://github.com/译者ID) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:http://linoxide.com/author/arunp/ \ No newline at end of file From 01a9f16c46f0a72f7cb5e7e576145cba21d26bc5 Mon Sep 17 00:00:00 2001 From: zhengsihua Date: Thu, 8 Jan 2015 17:00:31 +0800 Subject: [PATCH 90/98] translating --- ...150106 How To Install New Fonts In Ubuntu 14.04 and 14.10.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/sources/tech/20150106 How To Install New Fonts In Ubuntu 14.04 and 14.10.md b/sources/tech/20150106 How To Install New Fonts In Ubuntu 14.04 and 14.10.md index d8b5102066..c25feac7e7 100644 --- a/sources/tech/20150106 How To Install New Fonts In Ubuntu 14.04 and 14.10.md +++ b/sources/tech/20150106 How To Install New Fonts In Ubuntu 14.04 and 14.10.md @@ -1,3 +1,5 @@ +Translating----geeekpi + How To Install New Fonts In Ubuntu 14.04 and 14.10 ================================================================================ ![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/01/fonts.jpg) From 8f5aeea25de604283b3ecf0829f585b0a8d242e2 Mon Sep 17 00:00:00 2001 From: zhengsihua Date: Thu, 8 Jan 2015 17:30:26 +0800 Subject: [PATCH 91/98] translated --- ...all New Fonts In Ubuntu 14.04 and 14.10.md | 64 ------------------- ...all New Fonts In Ubuntu 14.04 and 14.10.md | 64 +++++++++++++++++++ 2 files changed, 64 insertions(+), 64 deletions(-) delete mode 100644 sources/tech/20150106 How To Install New Fonts In Ubuntu 14.04 and 14.10.md create mode 100644 translated/tech/20150106 How To Install New Fonts In Ubuntu 14.04 and 14.10.md diff --git a/sources/tech/20150106 How To Install New Fonts In Ubuntu 14.04 and 14.10.md b/sources/tech/20150106 How To Install New Fonts In Ubuntu 14.04 and 14.10.md deleted file mode 100644 index c25feac7e7..0000000000 --- a/sources/tech/20150106 How To Install New Fonts In Ubuntu 14.04 and 14.10.md +++ /dev/null @@ -1,64 +0,0 @@ -Translating----geeekpi - -How To Install New Fonts In Ubuntu 14.04 and 14.10 -================================================================================ -![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/01/fonts.jpg) - -Ubuntu does come with a bunch of fonts installed by default in it. But at times you might not be satisfied with the available lots of fonts. So, what you can do is to **install additional fonts in Ubuntu 14.04**, 14.10 or any other Linux system such as Linux Mint. - -### Step 1: Get fonts ### - -First and foremost, download your choice of fonts. Now you might be thinking from where can you get new fonts. Don’t worry, a simple Google search will provide you with several websites that have new fonts available for free. You can start with [fonts at Lost Type][1]. [Fonts Squirrel][2] is also a good place to download fonts. - -### Step 2: Install new fonts in Ubuntu ### - -The downloaded fonts might be in a zipped file. Extract it. Most of the fonts are either in [TTF][3] (TrueType Fonts) or in [OTF][4] (OpenType Fonts) format. Whichever it may be, just double click on the font file. It will open it in Font Viewer. In here, you can see the option to install the font in top right corner: - -![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/01/Install_New_Fonts_Ubuntu.png) - -You won’t really see anything being installed as you see when installing a software. Couple of seconds later, you’ll see the status has been changed to Installed. No prizes for guessing that the font has been now installed. - -![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/01/Install_New_Fonts_Ubuntu_1.png) - -Once installed, you can see the newly installed fonts in any application that uses fonts such as GIMP, Pinta etc. - -### Step 2: Install several fonts at once in Linux ### - -No, it is not typo. This is still step 2 but just an alternative. The method we saw above to install fonts in Ubuntu is just fine. But there is a little issue with it. What happens when you have like 20 new fonts to install. Installing all these fonts, one by one, by double clicking on them is cumbersome and inconvenient. Don’t you think the same? - -To install several fonts at once in Ubuntu, all you need to do is to create .fonts directory, if it doesn’t exist already, in your Home directory. And extract or copy paste all those TTF or OTF files in this directory. - -Go to your Home directory in File manager. Press Ctrl+H to [show hidden files in Ubuntu][5]. Right click to make a new folder and name it .fonts. That dot at the beginning is important. In Linux, if you put dot ahead of the file name, it hides the file from normal view. - -#### Alternative: #### - -Alternatively, you can install Font Manager application and manage fonts in GUI. To install Font Manager in Ubuntu, open a terminal and use the command below: - - sudo apt-get install font-manager - -Open the Font Manager from Unity Dash. You can see installed fonts and option to install new fonts, remove existing fonts etc here. - -![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/01/Font_Manager_Ubuntu.jpeg) - -To remove Font Manager, use the command below: - - sudo apt-get remove font-manager - -I hope this quick helped you to install fonts in Ubuntu and other Linux systems. Do let me know if you have questions or suggestions. - --------------------------------------------------------------------------------- - -via: http://itsfoss.com/install-fonts-ubuntu-1404-1410/ - -作者:[Abhishek][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 - -[a]:http://itsfoss.com/author/Abhishek/ -[1]:http://www.losttype.com/browse/ -[2]:http://www.fontsquirrel.com/ -[3]:http://en.wikipedia.org/wiki/TrueType -[4]:http://en.wikipedia.org/wiki/OpenType -[5]:http://itsfoss.com/hide-folders-and-show-hidden-files-in-ubuntu-beginner-trick/ \ No newline at end of file diff --git a/translated/tech/20150106 How To Install New Fonts In Ubuntu 14.04 and 14.10.md b/translated/tech/20150106 How To Install New Fonts In Ubuntu 14.04 and 14.10.md new file mode 100644 index 0000000000..fd108461d2 --- /dev/null +++ b/translated/tech/20150106 How To Install New Fonts In Ubuntu 14.04 and 14.10.md @@ -0,0 +1,64 @@ +如何在Ubuntu 14.04 和14.10 上安装新的字体 +================================================================================ +![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/01/fonts.jpg) + +Ubuntu默认自带了很多字体。但你或许对这些字体还不满意。因此,你可以做的是在**Ubuntu 14.04、 14.10或者像Linux Mint其他的系统中安装额外的字体**。 + +### 第一步: 获取字体 ### + +第一步也是最重要的,下载你选择的字体。现在你或许在考虑从哪里下载字体。不要担心,Google搜索可以给你提供几个免费的字体网站。你可以先去看看[ Lost Type 的字体][1]。[Squirrel的字体][2]同样也是一个下载字体的好地方。 + +### 第二步:在Ubuntu中安装新字体 ### + +Font Viewer. In here, you can see the option to install the font in top right corner: +下载的字体文件可能是一个压缩包。先解压它。大多数字体文件的格式是[TTF][3] (TrueType Fonts) 或者[OTF][4] (OpenType Fonts)。无论是哪种,只要双击字体文件。它会自动用字体查看器打开。这里你可以在右上角看到安装安装选项。 + +![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/01/Install_New_Fonts_Ubuntu.png) + +在安装字体时不会看到其他信息。几秒钟后,你会看到状态变成已安装。不用猜,这就是已安装的字体。 + +![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/01/Install_New_Fonts_Ubuntu_1.png) + +安装完毕后,你就可以在GIMP、Pina等应用中看到你新安装的字体了。 + +### 第二步:在Linux上一次安装几个字体 ### + +我没有打错。这仍旧是第二步但是只是是一个备选方案。我上面看到的在Ubuntu中安装字体的方法是不错的。但是这有一个小问题。当你有20个新字体要安装时。一个个单独双击即繁琐又麻烦。你不这么认为么? + +要在Ubuntu中一次安装几个字体,你要做的是创建一个.fonts文件夹,如果在你的家目录下还不存在这个目录的话。并把解压后的TTF和OTF文件复制到这个文件夹内。 + +在文件管理器中进入家目录。按下Ctrl+H [显示Ubuntu中的隐藏文件][5]。 右键创建一个文件夹并命名为.fonts。 这里的点很重要。在Linux中,在文件的前面加上点意味在普通的视图中都会隐藏。 + +#### 备选方案: #### + +另外你可以安装字体管理程序来以GUI的形式管理字体。要在Ubuntu中安装字体管理程序,打开终端并输入下面的命令: + + sudo apt-get install font-manager + +Open the Font Manager from Unity Dash. You can see installed fonts and option to install new fonts, remove existing fonts etc here. +从Unity Dash中打开字体管理器。你可以看到已安装的字体和安装新字体、删除字体等选项。 + +![](http://itsfoss.itsfoss.netdna-cdn.com/wp-content/uploads/2015/01/Font_Manager_Ubuntu.jpeg) + +要卸载字体管理器,使用下面的命令: + + sudo apt-get remove font-manager + +我希望这篇文章可以帮助你在Ubuntu或其他Linux系统上安装字体。如果你有任何问题或建议请让我知道。 + +-------------------------------------------------------------------------------- + +via: http://itsfoss.com/install-fonts-ubuntu-1404-1410/ + +作者:[Abhishek][a] +译者:[geekpi](https://github.com/geekpi) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:http://itsfoss.com/author/Abhishek/ +[1]:http://www.losttype.com/browse/ +[2]:http://www.fontsquirrel.com/ +[3]:http://en.wikipedia.org/wiki/TrueType +[4]:http://en.wikipedia.org/wiki/OpenType +[5]:http://itsfoss.com/hide-folders-and-show-hidden-files-in-ubuntu-beginner-trick/ \ No newline at end of file From 05b53a429694eec76678c824ff04f8f28a3d807a Mon Sep 17 00:00:00 2001 From: wxy Date: Fri, 9 Jan 2015 07:17:09 +0800 Subject: [PATCH 92/98] PUB:20141211 Yes, This Trojan Infects Linux. No, It' s Not The Tuxpocalypse @tinyeyeser --- ...This Trojan Infects Linux. No, It' s Not The Tuxpocalypse.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename {translated/news => published}/20141211 Yes, This Trojan Infects Linux. No, It' s Not The Tuxpocalypse.md (99%) diff --git a/translated/news/20141211 Yes, This Trojan Infects Linux. No, It' s Not The Tuxpocalypse.md b/published/20141211 Yes, This Trojan Infects Linux. No, It' s Not The Tuxpocalypse.md similarity index 99% rename from translated/news/20141211 Yes, This Trojan Infects Linux. No, It' s Not The Tuxpocalypse.md rename to published/20141211 Yes, This Trojan Infects Linux. No, It' s Not The Tuxpocalypse.md index a1ccaafd1b..b50120920a 100644 --- a/translated/news/20141211 Yes, This Trojan Infects Linux. No, It' s Not The Tuxpocalypse.md +++ b/published/20141211 Yes, This Trojan Infects Linux. No, It' s Not The Tuxpocalypse.md @@ -66,7 +66,7 @@ via: http://www.omgubuntu.co.uk/2014/12/government-spying-turla-linux-trojan-fou 作者:[Joey-Elijah Sneddon][a] 译者:[Mr小眼儿](http://blog.csdn.net/tinyeyeser) -校对:[校对者ID](https://github.com/校对者ID) +校对:[wxy](https://github.com/wxy) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 From b1e81109cad9d00c26855322048727331e312139 Mon Sep 17 00:00:00 2001 From: wxy Date: Fri, 9 Jan 2015 07:21:07 +0800 Subject: [PATCH 93/98] PUB:20141208 U.S. Marine Corps Wants to Change OS for Radar System from Windows XP to Linux @H-mudcup --- ...nge OS for Radar System from Windows XP to Linux.md | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) rename {translated/news => published}/20141208 U.S. Marine Corps Wants to Change OS for Radar System from Windows XP to Linux.md (84%) diff --git a/translated/news/20141208 U.S. Marine Corps Wants to Change OS for Radar System from Windows XP to Linux.md b/published/20141208 U.S. Marine Corps Wants to Change OS for Radar System from Windows XP to Linux.md similarity index 84% rename from translated/news/20141208 U.S. Marine Corps Wants to Change OS for Radar System from Windows XP to Linux.md rename to published/20141208 U.S. Marine Corps Wants to Change OS for Radar System from Windows XP to Linux.md index 01c8d0d4f4..3b9f45c840 100644 --- a/translated/news/20141208 U.S. Marine Corps Wants to Change OS for Radar System from Windows XP to Linux.md +++ b/published/20141208 U.S. Marine Corps Wants to Change OS for Radar System from Windows XP to Linux.md @@ -1,6 +1,4 @@ -Traslated by H-mudcup - -美国海军陆战队想把雷达操作系统从Windows XP换成Linux +美国海军陆战队要把雷达操作系统从Windows XP换成Linux ================================================================================ **一个新的雷达系统已经被送回去升级了** @@ -18,13 +16,13 @@ Traslated by H-mudcup >一谈到稳定性和性能,没什么能真的比得过Linux。这就是为什么美国海军陆战队的领导们已经决定让Northrop Grumman Corp. Electronic Systems把新送到的地面/空中任务导向雷达(G/ATOR)的操作系统从Windows XP换成Linux。 -地面/空中任务导向雷达(G/ATOR)系统已经研制了很多年。很可能在这项工程启动的时候Windows XP被认为是合理的选择。在研制的这段时间,事情发生了变化。微软已经撤销了对Windows XP的支持而且只有极少的几个组织会使用它。操作系统要么升级要么被换掉。在这种情况下,Linux成了合理的选择。特别是当替换的费用很可能远远少于更新的费用。 +地面/空中任务导向雷达(G/ATOR)系统已经研制了很多年。很可能在这项工程启动的时候Windows XP被认为是合理的选择。但在研制的这段时间,事情发生了变化。微软已经撤销了对Windows XP的支持而且只有极少的几个组织会使用它。操作系统要么升级要么被换掉。在这种情况下,Linux成了合理的选择。特别是当替换的费用很可能远远少于更新的费用。 有个很有趣的地方值得注意一下。地面/空中任务导向雷达(G/ATOR)才刚刚送到美国海军陆战队,但是制造它的公司却还是选择了保留这个过时的操作系统。一定有人注意到的这样一个事实。这是一个糟糕的决定,并且指挥系统已经被告知了可能出现的问题了。 ### G/ATOR雷达的软件将是基于Linux的 ### -Unix类系统,比如基于BSD或者基于Linux的操作系统,通常会出现在条件苛刻的领域,或者任何情况下都不能失败的的技术中。例如,这就是为什么大多数的服务器都运行着Linux。一个雷达系统配上一个几乎不可能崩溃的操作系统看起来非常相配。 +Unix类系统,比如基于BSD或者基于Linux的操作系统,通常会出现在条件苛刻的领域,或者任何情况下都不允许失败的的技术中。例如,这就是为什么大多数的服务器都运行着Linux。一个雷达系统配上一个几乎不可能崩溃的操作系统看起来非常相配。 “弗吉尼亚州Quantico海军基地海军陆战队系统司令部的官员,在周三宣布了一项与Northrop Grumman Corp. Electronic Systems在林西科姆高地的部分的总经理签订的价值1020万美元的修正合同。这个合同的修改将包括这样一项,把G/ATOR的控制电脑从微软的Windows XP操作系统换成与国防信息局(DISA)兼容的Linux操作系统。” @@ -40,7 +38,7 @@ via: http://news.softpedia.com/news/U-S-Marine-Corps-Want-to-Change-OS-for-Radar 作者:[Silviu Stahie][a] 译者:[H-mudcup](https://github.com/H-mudcup) -校对:[校对者ID](https://github.com/校对者ID) +校对:[wxy](https://github.com/wxy) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 From f884444180e09d3ee4f873feaadda9e04cb67e25 Mon Sep 17 00:00:00 2001 From: wxy Date: Fri, 9 Jan 2015 08:04:22 +0800 Subject: [PATCH 94/98] PUB:20141106 5 Awesome Open Source Backup Software For Linux and Unix-like Systems @barney-ro --- ...oftware For Linux and Unix-like Systems.md | 34 +++++++++---------- 1 file changed, 17 insertions(+), 17 deletions(-) rename {translated/share => published}/20141106 5 Awesome Open Source Backup Software For Linux and Unix-like Systems.md (75%) diff --git a/translated/share/20141106 5 Awesome Open Source Backup Software For Linux and Unix-like Systems.md b/published/20141106 5 Awesome Open Source Backup Software For Linux and Unix-like Systems.md similarity index 75% rename from translated/share/20141106 5 Awesome Open Source Backup Software For Linux and Unix-like Systems.md rename to published/20141106 5 Awesome Open Source Backup Software For Linux and Unix-like Systems.md index d3f12cb979..b967cee5a6 100644 --- a/translated/share/20141106 5 Awesome Open Source Backup Software For Linux and Unix-like Systems.md +++ b/published/20141106 5 Awesome Open Source Backup Software For Linux and Unix-like Systems.md @@ -1,6 +1,6 @@ -Linux 和类Unix 系统上5个极品的开源软件备份工具 +Linux 和类 Unix 系统上5个最佳开源备份工具 ================================================================================ -一个好的备份最基本的就是为了能够从一些错误中恢复 +一个好的备份最基本的目的就是为了能够从一些错误中恢复: - 人为的失误 - 磁盘阵列或是硬盘故障 @@ -13,7 +13,7 @@ Linux 和类Unix 系统上5个极品的开源软件备份工具 确定你正在部署的软件具有下面的特性 -1. **开源软件** - 你务必要选择那些源码可以免费获得,并且可以修改的软件。确信可以恢复你的数据,即使是软件的供应商或者/或是项目停止继续维护这个软件或者是拒绝继续为这个软件提供补丁。 +1. **开源软件** - 你务必要选择那些源码可以免费获得,并且可以修改的软件。确信可以恢复你的数据,即使是软件供应商/项目停止继续维护这个软件,或者是拒绝继续为这个软件提供补丁。 2. **跨平台支持** - 确定备份软件可以很好的运行各种需要部署的桌面操作系统和服务器系统。 @@ -21,21 +21,21 @@ Linux 和类Unix 系统上5个极品的开源软件备份工具 4. **自动转换** - 自动转换本来是没什么,除了对于各种备份设备,包括图书馆,近线存储和自动加载,自动转换可以自动完成一些任务,包括加载,挂载和标签备份像磁带这些媒体设备。 -5. **备份介质** - 确定你可以备份到磁带,硬盘,DVD 和云存储像AWS。 +5. **备份介质** - 确定你可以备份到磁带,硬盘,DVD 和像 AWS 这样的云存储。 -6. **加密数据流** - 确定所有客户端到服务器的传输都被加密,保证在LAN/WAN/Internet 中传输的安全性。 +6. **加密数据流** - 确定所有客户端到服务器的传输都被加密,保证在 LAN/WAN/Internet 中传输的安全性。 7. **数据库支持** - 确定备份软件可以备份到数据库,像MySQL 或是 Oracle。 -8. **备份可以跨越多个卷** - 备份软件(转存文件)可以把每个备份文件分成几个部分,允许将每个部分存在于不同的卷。这样可以保证一些数据量很大的备份(像100TB的文件)可以被存储在一些比单个部分大的设备中,比如说像硬盘和磁盘卷。 +8. **备份可以跨越多个卷** - 备份软件(转储文件时)可以把每个备份文件分成几个部分,允许将每个部分存在于不同的卷。这样可以保证一些数据量很大的备份(像100TB的文件)可以被存储在一些单个容量较小的设备中,比如说像硬盘和磁盘卷。 9. **VSS (卷影复制)** - 这是[微软的卷影复制服务(VSS)][1],通过创建数据的快照来备份。确定备份软件支持VSS的MS-Windows 客户端/服务器。 10. **重复数据删除** - 这是一种数据压缩技术,用来消除重复数据的副本(比如,图片)。 -11. **许可证和成本** - 确定你[理解和使用的开源许可证][3]下的软件源码你可以得到。 +11. **许可证和成本** - 确定你对备份软件所用的[许可证了解和明白其使用方式][3]。 -12. **商业支持** - 开源软件可以提供社区支持(像邮件列表和论坛)和专业的支持(像发行版提供额外的付费支持)。你可以使用付费的专业支持以培训和咨询为目的。 +12. **商业支持** - 开源软件可以提供社区支持(像邮件列表和论坛)和专业的支持(如发行版提供额外的付费支持)。你可以使用付费的专业支持为你提供培训和咨询。 13. **报告和警告** - 最后,你必须能够看到备份的报告,当前的工作状态,也能够在备份出错的时候提供警告。 @@ -59,7 +59,7 @@ Linux 和类Unix 系统上5个极品的开源软件备份工具 ### Amanda - 又一个客户端服务器备份工具 ### -AMANDA 是 Advanced Maryland Automatic Network Disk Archiver 的缩写。它允许系统管理员创建一个单独的服务器来备份网络上的其他主机到磁带驱动器或硬盘或者是自动转换器。 +AMANDA 是 Advanced Maryland Automatic Network Disk Archiver 的缩写。它允许系统管理员创建一个单独的备份服务器来将网络上的其他主机的数据备份到磁带驱动器、硬盘或者是自动换盘器。 - 操作系统:支持跨平台运行。 - 备份级别:完全,差异,增量,合并。 @@ -75,7 +75,7 @@ AMANDA 是 Advanced Maryland Automatic Network Disk Archiver 的缩写。它允 ### Backupninja - 轻量级备份系统 ### -Backupninja 是一个简单易用的备份系统。你可以简单的拖放配置文件到 /etc/backup.d/ 目录来备份多个主机。 +Backupninja 是一个简单易用的备份系统。你可以简单的拖放一个配置文件到 /etc/backup.d/ 目录来备份到多个主机。 ![](http://s0.cyberciti.org/uploads/cms/2014/11/ninjabackup-helper-script.jpg) @@ -93,7 +93,7 @@ Backupninja 是一个简单易用的备份系统。你可以简单的拖放配 ### Backuppc - 高效的客户端服务器备份工具### -Backuppc 可以用来备份基于LInux 和Windows 系统的主服务器硬盘。它配备了一个巧妙的池计划来最大限度的减少磁盘储存,磁盘I/O 和网络I/O。 +Backuppc 可以用来备份基于Linux 和Windows 系统的主服务器硬盘。它配备了一个巧妙的池计划来最大限度的减少磁盘储存、磁盘 I/O 和网络I/O。 ![](http://s0.cyberciti.org/uploads/cms/2014/11/BackupPCServerStatus.jpg) @@ -111,7 +111,7 @@ Backuppc 可以用来备份基于LInux 和Windows 系统的主服务器硬盘。 ### UrBackup - 最容易配置的客户端服务器系统 ### -UrBackup 是一个非常容易配置的开源客户端服务器备份系统,通过图像和文件备份的组合完成了数据安全性和快速的恢复。你的文件可以通过Web界面或者是在Windows资源管理器中恢复,而驱动卷的备份用引导CD或者是USB 棒来恢复(逻辑恢复)。一个Web 界面使得配置你自己的备份服务变得非常简单。 +UrBackup 是一个非常容易配置的开源客户端服务器备份系统,通过镜像 方式和文件备份的组合完成了数据安全性和快速的恢复。磁盘卷备份可以使用可引导 CD 或U盘,通过Web界面或Windows资源管理器来恢复你的文件(硬恢复)。一个 Web 界面使得配置你自己的备份服务变得非常简单。 ![](http://s0.cyberciti.org/uploads/cms/2014/11/urbackup.jpg) @@ -129,19 +129,19 @@ UrBackup 是一个非常容易配置的开源客户端服务器备份系统, ### 其他供你考虑的一些极好用的开源备份软件 ### -Amanda,Bacula 和上面所提到的软件都是功能丰富,但是配置比较复杂对于一些小的网络或者是单独的服务器。我建议你学习和使用一下的备份软件: +Amanda,Bacula 和上面所提到的这些软件功能都很丰富,但是对于一些小的网络或者是单独的服务器来说配置比较复杂。我建议你学习和使用一下的下面这些备份软件: -1. [Rsnapshot][10] - 我建议用这个作为对本地和远程的文件系统快照工具。查看[怎么设置和使用这个工具在Debian 和Ubuntu linux][11]和[基于CentOS,RHEL 的操作系统][12]。 +1. [Rsnapshot][10] - 我建议用这个作为对本地和远程的文件系统快照工具。看看[在Debian 和Ubuntu linux][11]和[基于CentOS,RHEL 的操作系统][12]怎么设置和使用这个工具。 2. [rdiff-backup][13] - 另一个好用的类Unix 远程增量备份工具。 3. [Burp][14] - Burp 是一个网络备份和恢复程序。它使用了librsync来节省网络流量和节省每个备份占用的空间。它也使用了VSS(卷影复制服务),在备份Windows计算机时进行快照。 4. [Duplicity][15] - 伟大的加密和高效的备份类Unix操作系统。查看如何[安装Duplicity来加密云备份][16]来获取更多的信息。 -5. [SafeKeep][17] - SafeKeep是一个集中和易于使用的备份应用程序,结合了镜像和增量备份最佳功能的备份应用程序。 +5. [SafeKeep][17] - SafeKeep是一个中心化的、易于使用的备份应用程序,结合了镜像和增量备份最佳功能的备份应用程序。 6. [DREBS][18] - DREBS 是EBS定期快照的工具。它被设计成在EBS快照所连接的EC2主机上运行。 7. 古老的unix 程序,像rsync, tar, cpio, mt 和dump。 ###结论### -我希望你会发现这篇有用的文章来备份你的数据。不要忘了验证你的备份和创建多个数据备份。然而,对于磁盘阵列并不是一个备份解决方案。使用任何一个上面提到的程序来备份你的服务器,桌面和笔记本电脑和私人的移动设备。如果你知道其他任何开源的备份软件我没有提到的,请分享在评论里。 +我希望你会发现这篇有用的文章来备份你的数据。不要忘了验证你的备份和创建多个数据备份。注意,磁盘阵列并不是一个备份解决方案!使用任何一个上面提到的程序来备份你的服务器、桌面和笔记本电脑和私人的移动设备。如果你知道其他任何开源的备份软件我没有提到的,请分享在评论里。 -------------------------------------------------------------------------------- @@ -149,7 +149,7 @@ via: http://www.cyberciti.biz/open-source/awesome-backup-software-for-linux-unix 作者:[nixCraft][a] 译者:[barney-ro](https://github.com/barney-ro) -校对:[校对者ID](https://github.com/校对者ID) +校对:[wxy](https://github.com/wxy) 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 From bab7c60dc29de34894dc8336a25dc8177f53325b Mon Sep 17 00:00:00 2001 From: H-mudcup Date: Fri, 9 Jan 2015 08:14:24 +0800 Subject: [PATCH 95/98] Update 20140701 Easy File Comparisons With These Great Free Diff Tools.md --- ... Easy File Comparisons With These Great Free Diff Tools.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/sources/share/20140701 Easy File Comparisons With These Great Free Diff Tools.md b/sources/share/20140701 Easy File Comparisons With These Great Free Diff Tools.md index 92dbf74103..3b5b88f0dc 100644 --- a/sources/share/20140701 Easy File Comparisons With These Great Free Diff Tools.md +++ b/sources/share/20140701 Easy File Comparisons With These Great Free Diff Tools.md @@ -1,3 +1,5 @@ +Translating By H-mudcup + Easy File Comparisons With These Great Free Diff Tools ================================================================================ by Frazer Kline @@ -163,4 +165,4 @@ via: http://www.linuxlinks.com/article/2014062814400262/FileComparisons.html [2]:https://sourcegear.com/diffmerge/ [3]:http://furius.ca/xxdiff/ [4]:http://diffuse.sourceforge.net/ -[5]:http://www.caffeinated.me.uk/kompare/ \ No newline at end of file +[5]:http://www.caffeinated.me.uk/kompare/ From f0e9447450c639f7153c6ae2713d75585f43eb0e Mon Sep 17 00:00:00 2001 From: Ping Date: Fri, 9 Jan 2015 09:12:04 +0800 Subject: [PATCH 96/98] =?UTF-8?q?Mr-Ping=20=E7=BF=BB=E8=AF=91=E4=B8=AD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- ...up and Restore Your Apps and PPAs in Ubuntu Using Aptik.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/sources/tech/20100105 How to Backup and Restore Your Apps and PPAs in Ubuntu Using Aptik.md b/sources/tech/20100105 How to Backup and Restore Your Apps and PPAs in Ubuntu Using Aptik.md index 6d4d4b1aa3..f0daed9e19 100644 --- a/sources/tech/20100105 How to Backup and Restore Your Apps and PPAs in Ubuntu Using Aptik.md +++ b/sources/tech/20100105 How to Backup and Restore Your Apps and PPAs in Ubuntu Using Aptik.md @@ -1,3 +1,5 @@ +Mr-Ping 翻译中 + How to Backup and Restore Your Apps and PPAs in Ubuntu Using Aptik ================================================================================ ![00_lead_image_aptik](http://cdn5.howtogeek.com/wp-content/uploads/2014/12/650x300x00_lead_image_aptik.png.pagespeed.ic.n3TJwp8YK_.png) @@ -152,4 +154,4 @@ via: http://www.howtogeek.com/206454/how-to-backup-and-restore-your-apps-and-ppa 本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 -[1]:http://www.howtogeek.com/203768 \ No newline at end of file +[1]:http://www.howtogeek.com/203768 From bdeba77fdcdd6c31a2e6fcece0eb33d4ce288138 Mon Sep 17 00:00:00 2001 From: tinyeyeser Date: Fri, 9 Jan 2015 09:19:45 +0800 Subject: [PATCH 97/98] =?UTF-8?q?=E5=B7=B2=E7=BF=BB=E8=AF=91=20by=E5=B0=8F?= =?UTF-8?q?=E7=9C=BC=E5=84=BF?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../tech/20150104 Docker Image Insecurity.md | 134 ----------------- .../tech/20150104 Docker Image Insecurity.md | 135 ++++++++++++++++++ 2 files changed, 135 insertions(+), 134 deletions(-) delete mode 100644 sources/tech/20150104 Docker Image Insecurity.md create mode 100644 translated/tech/20150104 Docker Image Insecurity.md diff --git a/sources/tech/20150104 Docker Image Insecurity.md b/sources/tech/20150104 Docker Image Insecurity.md deleted file mode 100644 index 6e68dca0c4..0000000000 --- a/sources/tech/20150104 Docker Image Insecurity.md +++ /dev/null @@ -1,134 +0,0 @@ -翻译中 by小眼儿 - -Docker Image Insecurity -================================================================================ -Recently while downloading an “official” container image with Docker I saw this line: - - ubuntu:14.04: The image you are pulling has been verified - -I assumed this referenced Docker’s [heavily promoted][1] image signing system and didn’t investigate further at the time. Later, while researching the cryptographic digest system that Docker tries to secure images with, I had the opportunity to explore further. What I found was a total systemic failure of all logic related to image security. - -Docker’s report that a downloaded image is “verified” is based solely on the presence of a signed manifest, and Docker never verifies the image checksum from the manifest. An attacker could provide any image alongside a signed manifest. This opens the door to a number of serious vulnerabilities. - -Images are downloaded from an HTTPS server and go through an insecure streaming processing pipeline in the Docker daemon: - - [decompress] -> [tarsum] -> [unpack] - -This pipeline is performant but completely insecure. Untrusted input should not be processed before verifying its signature. Unfortunately Docker processes images three times before checksum verification is supposed to occur. - -However, despite [Docker’s claims][2], image checksums are never actually checked. This is the only section[0][3] of Docker’s code related to verifying image checksums, and I was unable to trigger the warning even when presenting images with mismatched checksums. - - if img.Checksum != "" && img.Checksum != checksum { - log.Warnf("image layer checksum mismatch: computed %q, - expected %q", checksum, img.Checksum) - } - -### Insecure processing pipeline ### - -**Decompress** - -Docker supports three compression algorithms: gzip, bzip2, and xz. The first two use the Go standard library implementations, which are [memory-safe][4], so the exploit types I’d expect to see here are denial of service attacks like crashes and excessive CPU and memory usage. - -The third compression algorithm, xz, is more interesting. Since there is no native Go implementation, Docker [execs][5] the `xz` binary to do the decompression. - -The xz binary comes from the [XZ Utils][6] project, and is built from approximately[1][7] twenty thousand lines of C code. C is not a memory-safe language. This means malicious input to a C program, in this case the Docker image XZ Utils is unpacking, could potentially execute arbitrary code. - -Docker exacerbates this situation by *running* `xz` as root. This means that if there is a single vulnerability in `xz`, a call to `docker pull` could result in the complete compromise of your entire system. - -**Tarsum** - -The use of tarsum is well-meaning but completely flawed. In order to get a deterministic checksum of the contents of an arbitrarily encoded tar file, Docker decodes the tar and then hashes specific portions, while excluding others, in a [deterministic order][8]. - -Since this processing is done in order to generate the checksum, it is decoding untrusted data which could be designed to exploit the tarsum code[2][9]. Potential exploits here are denial of service as well as logic flaws that could cause files to be injected, skipped, processed differently, modified, appended to, etc. without the checksum changing. - -**Unpacking** - -Unpacking consists of decoding the tar and placing files on the disk. This is extraordinarily dangerous as there have been three other vulnerabilities reported[3][10] in the unpack stage at the time of writing. - -There is no situation where data that has not been verified should be unpacked onto disk. - -### libtrust ### - -[libtrust][11] is a Docker package that claims to provide “authorization and access control through a distributed trust graph.” Unfortunately no specification appears to exist, however it looks like it implements some parts of the [Javascript Object Signing and Encryption][12] specifications along with other unspecified algorithms. - -Downloading an image with a manifest signed and verified using libtrust is what triggers this inaccurate message (only the manifest is checked, not the actual image contents): - - ubuntu:14.04: The image you are pulling has been verified - -Currently only “official” image manifests published by Docker, Inc are signed using this system, but from discussions I participated in at the last Docker Governance Advisory Board meeting[4][13], my understanding is that Docker, Inc is planning on deploying this more widely in the future. The intended goal is centralization with Docker, Inc controlling a Certificate Authority that then signs images and/or client certificates. - -I looked for the signing key in Docker’s code but was unable to find it. As it turns out the key is not embedded in the binary as one would expect. Instead the Docker daemon fetches it [over HTTPS from a CDN][14] before each image download. This is a terrible approach as a variety of attacks could lead to trusted keys being replaced with malicious ones. These attacks include but are not limited to: compromise of the CDN vendor, compromise of the CDN origin serving the key, and man in the middle attacks on clients downloading the keys. - -### Remediation ### - -I [reported][15] some of the issues I found with the tarsum system before I finished this research, but so far nothing I have reported has been fixed. - -Some steps I believe should be taken to improve the security of the Docker image download system: -Drop tarsum and actually verify image digests - -Tarsum should not be used for security. Instead, images must be fully downloaded and their cryptographic signatures verified before any processing takes place. - -**Add privilege isolation** - -Image processing steps that involve decompression or unpacking should be run in isolated processes (containers?) that have only the bare minimum required privileges to operate. There is no scenario where a decompression tool like `xz` should be run as root. - -**Replace libtrust** - -Libtrust should be replaced with [The Update Framework][16] which is explicitly designed to solve the real problems around signing software binaries. The threat model is very comprehensive and addresses many things that have not been considered in libtrust. There is a complete specification as well as a reference implementation written in Python, and I have begun work on a [Go implementation][17] and welcome contributions. - -As part of adding TUF to Docker, a local keystore should be added that maps root keys to registry URLs so that users can have their own signing keys that are not managed by Docker, Inc. - -I would like to note that using non-Docker, Inc hosted registries is a very poor user experience in general. Docker, Inc seems content with relegating third party registries to second class status when there is no technical reason to do so. This is a problem both for the ecosystem in general and the security of end users. A comprehensive, decentralized security model for third party registries is both necessary and desirable. I encourage Docker, Inc to take this into consideration when redesigning their security model and image verification system. - -### Conclusion ### - -Docker users should be aware that the code responsible for downloading images is shockingly insecure. Users should only download images whose provenance is without question. At present, this does *not* include “trusted” images hosted by Docker, Inc including the official Ubuntu and other base images. - -The best option is to block `index.docker.io` locally, and download and verify images manually before importing them into Docker using `docker load`. Red Hat’s security blog has [a good post about this][18]. - -Thanks to Lewis Marshall for pointing out the tarsums are never verified. - -- [Checksum code context][19]. -- [cloc][20] says 18,141 non-blank, non-comment lines of C and 5,900 lines of headers in v5.2.0. -- Very similar bugs been [found in Android][21], which allowed arbitrary files to be injected into signed packages, and [the Windows Authenticode][22] signature system, which allowed binary modification. -- Specifically: [CVE-2014-6407][23], [CVE-2014-9356][24], and [CVE-2014-9357][25]. There were two Docker [security releases][26] in response. -- See page 8 of the [notes from the 2014-10-28 DGAB meeting][27]. - --------------------------------------------------------------------------------- - -via: https://titanous.com/posts/docker-insecurity - -作者:[titanous][a] -译者:[译者ID](https://github.com/译者ID) -校对:[校对者ID](https://github.com/校对者ID) - -本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 - -[a]:https://twitter.com/titanous -[1]:https://blog.docker.com/2014/10/docker-1-3-signed-images-process-injection-security-options-mac-shared-directories/ -[2]:https://blog.docker.com/2014/10/docker-1-3-signed-images-process-injection-security-options-mac-shared-directories/ -[3]:https://titanous.com/posts/docker-insecurity#fn:0 -[4]:https://en.wikipedia.org/wiki/Memory_safety -[5]:https://github.com/docker/docker/blob/0874f9ab77a7957633cd835241a76ee4406196d8/pkg/archive/archive.go#L91-L95 -[6]:http://tukaani.org/xz/ -[7]:https://titanous.com/posts/docker-insecurity#fn:1 -[8]:https://github.com/docker/docker/blob/0874f9ab77a7957633cd835241a76ee4406196d8/pkg/tarsum/tarsum_spec.md -[9]:https://titanous.com/posts/docker-insecurity#fn:2 -[10]:https://titanous.com/posts/docker-insecurity#fn:3 -[11]:https://github.com/docker/libtrust -[12]:https://tools.ietf.org/html/draft-ietf-jose-json-web-signature-11 -[13]:https://titanous.com/posts/docker-insecurity#fn:4 -[14]:https://github.com/docker/docker/blob/0874f9ab77a7957633cd835241a76ee4406196d8/trust/trusts.go#L38 -[15]:https://github.com/docker/docker/issues/9719 -[16]:http://theupdateframework.com/ -[17]:https://github.com/flynn/go-tuf -[18]:https://securityblog.redhat.com/2014/12/18/before-you-initiate-a-docker-pull/ -[19]:https://github.com/docker/docker/blob/0874f9ab77a7957633cd835241a76ee4406196d8/image/image.go#L114-L116 -[20]:http://cloc.sourceforge.net/ -[21]:http://www.saurik.com/id/17 -[22]:http://blogs.technet.com/b/srd/archive/2013/12/10/ms13-098-update-to-enhance-the-security-of-authenticode.aspx -[23]:https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6407 -[24]:https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9356 -[25]:https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9357 -[26]:https://groups.google.com/d/topic/docker-user/nFAz-B-n4Bw/discussion -[27]:https://docs.google.com/document/d/1JfWNzfwptsMgSx82QyWH_Aj0DRKyZKxYQ1aursxNorg/edit?pli=1 diff --git a/translated/tech/20150104 Docker Image Insecurity.md b/translated/tech/20150104 Docker Image Insecurity.md new file mode 100644 index 0000000000..5efa79ae02 --- /dev/null +++ b/translated/tech/20150104 Docker Image Insecurity.md @@ -0,0 +1,135 @@ +Docker的镜像并不安全! +================================================================================ +最近使用Docker下载“官方”容器镜像的时候,我发现这样一句话: + + ubuntu:14.04: The image you are pulling has been verified (您所拉取的镜像已经经过验证) + +起初我以为这条信息引自Docker[大力推广][1]的镜像签名系统,因此也就没有继续跟进。后来,研究加密摘要系统的时候——Docker用这套系统来对镜像进行安全加固——我才有机会更深入的发现,逻辑上整个与镜像安全相关的部分具有一系列系统性问题。 + +Docker所报告的,一个已下载的镜像经过“验证”,它基于的仅仅是一个标记清单(signed manifest),而Docker却从未根据清单对镜像的校验和进行验证。一名攻击者以此可以提供任意所谓具有标记清单的镜像。一系列严重漏洞的大门就此敞开。 + +镜像经由HTTPS服务器下载后,通过一个未加密的管道流进入Docker守护进程: + + [decompress] -> [tarsum] -> [unpack] + +这条管道的性能没有问题,但是却完全没有经过加密。不可信的输入在签名验证之前是不应当进入管道的。不幸的是,Docker在上面处理镜像的三个步骤中,都没有对校验和进行验证。 + +然而,不论Docker如何[声明][2],实际上镜像的校验和从未经过校验。下面是Docker与镜像校验和的验证相关的代码[片段][3],即使我提交了校验和不匹配的镜像,都无法触发警告信息。 + + if img.Checksum != "" && img.Checksum != checksum { + log.Warnf("image layer checksum mismatch: computed %q, + expected %q", checksum, img.Checksum) + } + +### 不安全的处理管道 ### + +**解压缩** + +Docker支持三种压缩算法:gzip、bzip2和xz。前两种使用Go的标准库实现,是[内存安全(memory-safe)][4]的,因此这里我预计的攻击类型应该是拒绝服务类的攻击,包括CPU和内存使用上的当机或过载等等。 + +第三种压缩算法,xz,比较有意思。因为没有现成的Go实现,Docker 通过[执行(exec)][5]`xz`二进制命令来实现解压缩。 + +xz二进制程序来自于[XZ Utils][6]项目,由[大概][7]2万行C代码生成而来。而C语言不是一门内存安全的语言。这意味着C程序的恶意输入,在这里也就是Docker镜像的XZ Utils解包程序,潜在地可能会执行任意代码。 + +Docker以root权限*运行* `xz` 命令,更加恶化了这一潜在威胁。这意味着如果在`xz`中出现了一个漏洞,对`docker pull`命令的调用就会导致用户整个系统的完全沦陷。 + +**Tarsum** + +对tarsum的使用,其出发点是好的,但却是最大的败笔。为了得到任意一个加密tar文件的准确校验和,Docker先对tar文件进行解密,然后求出特定部分的哈希值,同时排除剩余的部分,而这些步骤的[顺序都是固定的][8]。 + +由于其生成校验和的步骤固定,它解码不可信数据的过程就有可能被设计成[攻破tarsum的代码][9]。这里潜在的攻击既包括拒绝服务攻击,还有逻辑上的漏洞攻击,可能导致文件被感染、忽略、进程被篡改、植入等等,这一切攻击的同时,校验和可能都是不变的。 + + +**解包** + +解包的过程包括tar解码和生成硬盘上的文件。这一过程尤其危险,因为在解包写入硬盘的过程中有另外三个[已报告的漏洞][10]。 + +任何情形下未经验证的数据都不应当解包后直接写入硬盘。 + +### libtrust ### + +Docker的工具包[libtrust][11],号称“通过一个分布式的信任图表进行认证和访问控制”。很不幸,对此官方没有任何具体的说明,看起来它好像是实现了一些[javascript对象标记和加密][12]规格以及其他一些未说明的算法。 + +使用libtrust下载一个清单经过签名和认证的镜像,就可以触发下面这条不准确的信息(说不准确,是因为事实上它验证的只是清单,并非真正的镜像): + + ubuntu:14.04: The image you are pulling has been verified(您所拉取的镜像已经经过验证) + +目前只有Docker公司“官方”发布的镜像清单使用了这套签名系统,但是上次我参加Docker[管理咨询委员会][13]的会议讨论时,我所理解的是,Docker公司正计划在未来扩大部署这套系统。他们的目标是以Docker公司为中心,控制一个认证授权机构,对镜像进行签名和(或)客户认证。 + +我试图从Docker的代码中找到签名秘钥,但是没找到。好像它并不像我们所期望的把密钥嵌在二进制代码中,而是在每次镜像下载前,由Docker守护进程[通过HTTPS从CDN][14]远程获取。这是一个多么糟糕的方案,有无数种攻击手段可能会将可信密钥替换成恶意密钥。这些攻击包括但不限于:CDN供应商出问题、CDN初始密钥出现问题、客户端下载时的中间人攻击等等。 + +### 补救 ### + +研究结束前,我[报告][15]了一些在tarsum系统中发现的问题,但是截至目前我报告的这些问题仍然 +没有修复。 + +要改进Docker镜像下载系统的安全问题,我认为应当有以下措施: + +**摒弃tarsum并且真正对镜像本身进行验证** + +出于安全原因tarsum应当被摒弃,同时,镜像在完整下载后、其他步骤开始前,就对镜像的加密签名进行验证。 + +**添加权限隔离** + +镜像的处理过程中涉及到解压缩或解包的步骤必须在隔离的进程(容器?)中进行,即只给予其操作所需的最小权限。任何场景下都不应当使用root运行`xz`这样的解压缩工具。 + +**替换 libtrust** + +应当用[更新框架(The Update Framework)][16]替换掉libtrust,这是专门设计用来解决软件二进制签名此类实际问题的。其威胁模型非常全方位,能够解决libtrust中未曾考虑到的诸多问题,目前已经有了完整的说明文档。除了已有的Python实现,我已经开始着手用[Go语言实现][17]的工作,也欢迎大家的贡献。 + +作为将更新框架加入Docker的一部分,还应当加入一个本地密钥存储池,将root密钥与registry的地址进行映射,这样用户就可以拥有他们自己的签名密钥,而不必使用Docker公司的了。 + +我注意到使用Docker公司非官方的宿主仓库往往会是一种非常糟糕的用户体验。当没有技术上的原因时,Docker也会将第三方的仓库内容降为二等地位来看待。这个问题不仅仅是生态问题,还是一个终端用户的安全问题。针对第三方仓库的全方位、去中心化的安全模型即必须又迫切。我希望Docker公司在重新设计他们的安全模型和镜像认证系统时能采纳这一点。 + +### 结论 ### + +Docker用户应当意识到负责下载镜像的代码是非常不安全的。用户们应当只下载那些出处没有问题的镜像。目前,这里的“没有问题”并不包括Docker公司的“可信(trusted)”镜像,例如官方的Ubuntu和其他基础镜像。 + +最好的选择就是在本地屏蔽 `index.docker.io`,然后使用`docker load`命令在导入Docker之前手动下载镜像并对其进行验证。Red Hat的安全博客有一篇[很好的文章][18],大家可以看看。 + +感谢Lewis Marshall指出tarsum从未真正验证。 + +- [校验和的代码][19] +- [cloc][20]介绍了18141行没有空格没有注释的C代码,以及5900行的header代码,版本号为v5.2.0。 +- [Android中也发现了][21]类似的bug,能够感染已签名包中的任意文件。同样出现问题的还有[Windows的Authenticode][22]认证系统,二进制文件会被篡改。 +- 特别的:[CVE-2014-6407][23]、 [CVE-2014-9356][24]以及 [CVE-2014-9357][25]。目前已有两个Docker[安全发布][26]有了回应。 +- 参见[2014-10-28 DGAB会议记录][27]的第8页。 + +-------------------------------------------------------------------------------- + +via: https://titanous.com/posts/docker-insecurity + +作者:[titanous][a] +译者:[Mr小眼儿](http://blog.csdn.net/tinyeyeser) +校对:[校对者ID](https://github.com/校对者ID) + +本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出 + +[a]:https://twitter.com/titanous +[1]:https://blog.docker.com/2014/10/docker-1-3-signed-images-process-injection-security-options-mac-shared-directories/ +[2]:https://blog.docker.com/2014/10/docker-1-3-signed-images-process-injection-security-options-mac-shared-directories/ +[3]:https://titanous.com/posts/docker-insecurity#fn:0 +[4]:https://en.wikipedia.org/wiki/Memory_safety +[5]:https://github.com/docker/docker/blob/0874f9ab77a7957633cd835241a76ee4406196d8/pkg/archive/archive.go#L91-L95 +[6]:http://tukaani.org/xz/ +[7]:https://titanous.com/posts/docker-insecurity#fn:1 +[8]:https://github.com/docker/docker/blob/0874f9ab77a7957633cd835241a76ee4406196d8/pkg/tarsum/tarsum_spec.md +[9]:https://titanous.com/posts/docker-insecurity#fn:2 +[10]:https://titanous.com/posts/docker-insecurity#fn:3 +[11]:https://github.com/docker/libtrust +[12]:https://tools.ietf.org/html/draft-ietf-jose-json-web-signature-11 +[13]:https://titanous.com/posts/docker-insecurity#fn:4 +[14]:https://github.com/docker/docker/blob/0874f9ab77a7957633cd835241a76ee4406196d8/trust/trusts.go#L38 +[15]:https://github.com/docker/docker/issues/9719 +[16]:http://theupdateframework.com/ +[17]:https://github.com/flynn/go-tuf +[18]:https://securityblog.redhat.com/2014/12/18/before-you-initiate-a-docker-pull/ +[19]:https://github.com/docker/docker/blob/0874f9ab77a7957633cd835241a76ee4406196d8/image/image.go#L114-L116 +[20]:http://cloc.sourceforge.net/ +[21]:http://www.saurik.com/id/17 +[22]:http://blogs.technet.com/b/srd/archive/2013/12/10/ms13-098-update-to-enhance-the-security-of-authenticode.aspx +[23]:https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6407 +[24]:https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9356 +[25]:https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9357 +[26]:https://groups.google.com/d/topic/docker-user/nFAz-B-n4Bw/discussion +[27]:https://docs.google.com/document/d/1JfWNzfwptsMgSx82QyWH_Aj0DRKyZKxYQ1aursxNorg/edit?pli=1 \ No newline at end of file From 328b4d883844d6526a0f662fb8737e3ed99355c7 Mon Sep 17 00:00:00 2001 From: wxy Date: Fri, 9 Jan 2015 09:21:52 +0800 Subject: [PATCH 98/98] PUB:20140910 With Apple Watch Unveiled, Could an Ubuntu Smartwatch Be Next @su-kaiyao --- ... Apple Watch Unveiled, Could an Ubuntu Smartwatch Be Next.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename {translated/talk => published}/20140910 With Apple Watch Unveiled, Could an Ubuntu Smartwatch Be Next.md (98%) diff --git a/translated/talk/20140910 With Apple Watch Unveiled, Could an Ubuntu Smartwatch Be Next.md b/published/20140910 With Apple Watch Unveiled, Could an Ubuntu Smartwatch Be Next.md similarity index 98% rename from translated/talk/20140910 With Apple Watch Unveiled, Could an Ubuntu Smartwatch Be Next.md rename to published/20140910 With Apple Watch Unveiled, Could an Ubuntu Smartwatch Be Next.md index a949c46d6b..1be6871302 100644 --- a/translated/talk/20140910 With Apple Watch Unveiled, Could an Ubuntu Smartwatch Be Next.md +++ b/published/20140910 With Apple Watch Unveiled, Could an Ubuntu Smartwatch Be Next.md @@ -1,4 +1,4 @@ -伴随Apple Watch的揭幕,下一个智能手表会是Ubuntu吗? +Apple Watch之后,下一个智能手表会是Ubuntu吗? === **苹果借助‘Apple Watch’的发布,证实了其进军穿戴式电子设备市场的长期传言**