document/TranslateProject
2
0
Fork 0
mirror of https://github.com/LCTT/TranslateProject.git synced 2025-03-21 02:10:11 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #6 from LCTT/master

Browse Source 
Update from LCTT
This commit is contained in:
perfiffer 2021-08-12 22:48:06 +08:00 committed by GitHub
commit ba5a6b8606
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
37 changed files with 3306 additions and 1036 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

231
published/20210725 Top 7 Linux Laptops You Can Buy in 2021.md Normal file
View File

@ -0,0 +1,231 @@
[#]: subject: (Top 7 Linux Laptops You Can Buy in 2021)
[#]: via: (https://news.itsfoss.com/best-linux-laptops-2021/)
[#]: author: (Ankush Das https://news.itsfoss.com/author/ankush/)
[#]: collector: (lujun9972)
[#]: translator: (wxy)
[#]: reviewer: (wxy)
[#]: publisher: (wxy)
[#]: url: (https://linux.cn/article-13672-1.html)
2021 年可以购买的 10 大 Linux 笔记本电脑
======
> 想挑选一台安装有 Linux 的新笔记本电脑?这里有几个选项可以考虑。
![](https://news.itsfoss.com/wp-content/uploads/2021/07/linux-laptop.webp)
Linux 笔记本电脑是 MacOS 和 Windows 笔记本电脑的完美替代品。
从技术上讲,你可以通过安装任何你能找到的 Linux 发行版,将你选择的任何笔记本电脑变成一台 Linux 机器。
但是,在这里,我们的重点将放在提供 Linux 开箱即用体验的笔记本电脑上,确保无论你有什么样的预算,都能获得最佳的兼容性和支持。
### 大众品牌的 Linux 笔记本电脑
对于消费者来说,选择由大众品牌制造商生产的 Linux 笔记本电脑往往是最好的选择。
你不必担心售后、延长保修期和服务维修等问题。
戴尔和联想是通常提供预装了 Linux 的笔记本电脑的厂商之一。
请注意,这会因国家/地区的情况而定。
*本文中提到的价格已转换为美元,以方便比较,不包括运费和其他额外费用。*
#### 1、联想 Thinkpad X1 Carbon (第 8 代/第 9 代)
![][1]
**价格**:起价为 **$1535**
联想的整个 Thinkpad 系列是 Linux 用户的一个热门选择。它经久耐用,提供了良好的兼容性。
然而,它的价格一直偏高。
你有三种选择,这取决于你的需求。如果你定制一台第 9 代 Thinkpad 笔记本电脑,你可以选择安装 Ubuntu 20.04 和 Fedora 33。
对于第 8 代机型,似乎 Fedora 33 不在考虑之列,而是提供了 Fedora 32 和 Ubuntu 20.04。
所有的配置都采用英特尔芯片组,第 8 代采用的是 10 代芯片组,第 9 代采用 11 代芯片组。
其他的大部分规格都相似,有 14 英寸显示屏FHD、WQHD 和 UHD 可供选择)、高达 32GB 的内存、1TB 固态硬盘、指纹识别器和 Wi-Fi 6 支持。
- [Thinkpad X1 Carbon (第 9 代)][2]
- [Thinkpad X1 Carbon (第 8 代)][3]
#### 2、戴尔 XPS 13 开发者版
![][4]
**价格**:起价为 **$1059**
戴尔 XPS 系列是一个令人印象深刻的、可以考虑运行 Linux 的笔记本电脑系列。
它是为开发者运行 LinuxUbuntu 20.04)而定制的。
你可以得到一个 13.4 英寸的显示屏(有 FHD 和 UHD 可选)、第 11 代 i5/i7 处理器、高达 32GB 的内存、2TB 固态硬盘、指纹识别器,以及 Wi-Fi 6 支持。
- [戴尔 XPS 13 开发者版][5]
### 纯 Linux 制造商的笔记本电脑
如果你不想要主流的选择,而是想要一些独特的选择,那你可以选择支持纯 Linux 制造商,有几个是你可以考虑的。
#### 1、System76 Gazelle
![][6]
**价格**:起价为 **$1499**
System76 的笔记本电脑将内置他们的 Pop!_OS 操作系统,该系统基于 Ubuntu但提供了**无忧的开箱即用体验**。
可以把 System76 视作 Linux 笔记本电脑中的苹果电脑,他们尽力为其提供的硬件优化了 Pop!_OS。
他们可以完全控制这些软件和硬件,所以这对终端消费者来说应该是令人兴奋的产品整合。
除了 144Hz 的 16.5 英寸显示屏、第 11 代 i7 处理器、高达 8TB 的 NVMe 固态硬盘支持等令人印象深刻的基本配置外,你还会有一个 RTX 3050 GPU应该可以让你在笔记本电脑上处理各种苛刻的任务。
虽然 System76 还有一些其他型号的笔记本电脑,但在写这篇文章时,还没有上市。因此,请随时查看官方商店页面,订购定制的配置。
- [System76 Gazelle][7]
#### 2、Purism 笔记本电脑
![][8]
**价格**:起价为 **$1599**
如果你是一个有安全意识的用户Purism 的笔记本电脑可以作为一个选择。
Librem 14 是他们最新的笔记本电脑之一,带有 [PureOS][9](也是由他们制造的)。
虽然它可能没有提供最新一代的处理器,但你应该对机上的第 10 代 i7 芯片感到满意吧。
它支持高达 64GB 的内存,并具有硬件封禁开关,可以禁用网络摄像头、耳机插孔、蓝牙或无线音频。
- [Librem 14][10]
#### 3、TUXEDO Aura 15
![][11]
**价格**:起价为 **$899**
如果你想要一台 AMD 的笔记本电脑(采用上一代处理器 Ryzen 7 4700UTUXEDO 计算机公司的 Aura 15 是一个不错的选择。
主要规格包括全高清显示屏、高达 64GB 的内存、支持 Wi-Fi 6以及一个 LTE 模块。
它配备了 Ubuntu 或 TUXEDO 操作系统(基于 Ubuntu Budgie可根据你的定制要求。
- [TUXEDO Aura 15][12]
#### 4、TUXEDO Stellaris 15
![][13]
**价格**:起价为 **$2160**
如果你正在寻找最新和最强大的笔记本电脑,并希望用上 RTX 3080 显卡,这应该是一个非常好的选择。
它提供了最新的英特尔/AMD Ryzen 处理器的配置选择,并具有 165Hz 刷新率的 3K 分辨率显示屏。
它绝不是你会觉得在旅行时带着方便的东西,但如果你需要计算能力,你可以选择它。
- [TUXEDO Stellaris 15][21]
#### 5、Slimbook Pro X
![][14]
**价格**:起价为 **$1105**
Slimbook 专注于旅行方便携带的轻薄笔记本电脑型号。
你可以选择各种发行版,包括 UbuntuGNOME、KDE、MATE、KDE Neon、Manjaro 和 Fedora。
你可以得到大部分的基本规格,包括支持高达 2TB 的固态硬盘、64GB 的内存、全高清 IPS 显示屏等等。
虽然你可以选择英特尔和 AMD Ryzen最新一代处理器并分别与 Nvidia 和 Vega 图形处理器相结合,但在写这篇文章时只有 Ryzen 型号有库存。
- [Slimbook Pro X][22]
#### 6、Slimbook Essential
![][23]
**价格**:起价为 **$646**
一个令人印象深刻的预算友好型 Linux 笔记本电脑的选择。
它提供了 AMD Ryzen 和英特尔的变体(最后一代)供你选择。你得到硬件规格还可以,包括高达 64GB 的内存、2TB 的 SSD 支持,但是要少一个大的屏幕和板载专用显卡。
- [Slimbook Essential][15]
#### 7、Jupiter 14 Pro
![][16]
**价格**:起价为 **$1199**
Juno 计算机公司的 Jupiter 14 采用了第 11 代英特尔处理器,并配备了 NVIDIA GTX 1650价格诱人。
它内置了 Ubuntu 20.04 系统,没有其他系统可供选择。
基本配置包括 16GB 内存,与其他一些产品相比,这可能更物超所值一些。
你会发现在他们的网站上可以选择你的地区(英国/欧洲或美国/加拿大),请确保利用这一点。
- [Jupiter Pro 14][17]
#### 荣誉奖PineBook Pro
![][18]
PineBook Pro 是一款基于 ARM 的笔记本电脑(采用 Manjaro ARM 版),预算低廉,对于 Linux 上的很多基本任务来说,应该可以正常工作。
在写这篇文章的时候,它已经没有库存了(直到进一步通知)。然而,当你看到这篇文章时,可以自己去看看一下。
- [Pinebook Pro][19]
### 总结
如果你不喜欢这里的选择,你可以去看看 [其他可以购买 Linux 笔记本电脑的地方][20]。根据你的预算,选择你觉得最适合你的东西。
毕竟,所有的东西都有 Linux 的影子。有些可以让你能够从多个发行版中选择,但大多数人都坚持使用预装的 Ubuntu。
--------------------------------------------------------------------------------
via: https://news.itsfoss.com/best-linux-laptops-2021/
作者:[Ankush Das][a]
选题:[lujun9972][b]
译者:[wxy](https://github.com/wxy)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://news.itsfoss.com/author/ankush/
[b]: https://github.com/lujun9972
[1]: https://i1.wp.com/news.itsfoss.com/wp-content/uploads/2021/07/thinkpad-x1-carbon.jpg?w=1060&ssl=1
[2]: https://www.lenovo.com/us/en/laptops/thinkpad/thinkpad-x1/X1-Carbon-G9/p/22TP2X1X1C9
[3]: https://www.lenovo.com/us/en/laptops/thinkpad/thinkpad-x1/X1-Carbon-Gen-8-/p/22TP2X1X1C8
[4]: https://i1.wp.com/news.itsfoss.com/wp-content/uploads/2021/07/dell-xps-13.jpg?w=1200&ssl=1
[5]: https://www.dell.com/en-us/work/shop/dell-laptops-and-notebooks/new-xps-13-developer-edition/spd/xps-13-9310-laptop/ctox139w10p2c3000u
[6]: https://i1.wp.com/news.itsfoss.com/wp-content/uploads/2021/07/system76-gazelle.jpg?w=1200&ssl=1
[7]: https://system76.com/laptops/gazelle
[8]: https://i2.wp.com/news.itsfoss.com/wp-content/uploads/2021/07/librem14.png?resize=780%2C780&ssl=1
[9]: https://www.pureos.net
[10]: https://puri.sm/products/librem-14/
[11]: https://i0.wp.com/news.itsfoss.com/wp-content/uploads/2021/07/tuxedo-aura-15.jpg?resize=780%2C780&ssl=1
[12]: https://www.tuxedocomputers.com/en/Linux-Hardware/Linux-Notebooks/15-16-inch/TUXEDO-Aura-15-Gen1.tuxedo
[13]: https://i0.wp.com/news.itsfoss.com/wp-content/uploads/2021/07/tuxedo-stellaris.jpg?resize=780%2C780&ssl=1
[14]: https://i2.wp.com/news.itsfoss.com/wp-content/uploads/2021/07/slimbook-pro.jpg?resize=1568%2C849&ssl=1
[15]: https://slimbook.es/en/essential-en
[16]: https://i2.wp.com/news.itsfoss.com/wp-content/uploads/2021/07/jupiter-pro.png?w=1314&ssl=1
[17]: https://junocomputers.com/us/product/jupiter-14-pro/
[18]: https://i2.wp.com/news.itsfoss.com/wp-content/uploads/2021/07/pinebook-pro.png?w=869&ssl=1
[19]: https://www.pine64.org/pinebook-pro/
[20]: https://itsfoss.com/get-linux-laptops/
[21]: https://www.tuxedocomputers.com/en/Linux-Hardware/Linux-Notebooks/15-16-inch/TUXEDO-Stellaris-15-Gen3.tuxedo
[22]: https://slimbook.es/en/store/slimbook-pro-x
[23]: https://i1.wp.com/news.itsfoss.com/wp-content/uploads/2021/07/slimbook-essential.jpg?resize=1568%2C882&ssl=1

142
translated/tech/20210726 Command line quick tips- wc, sort, sed and tr.md → published/20210726 Command line quick tips- wc, sort, sed and tr.md
View File

@ -3,26 +3,24 @@
[#]: author: (mahesh1b https://fedoramagazine.org/author/mahesh1b/)
[#]: collector: (lujun9972)
[#]: translator: (perfiffer)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: reviewer: (wxy)
[#]: publisher: (wxy)
[#]: url: (https://linux.cn/article-13664-1.html)
Command line quick tips: wc, sort, sed and tr
一些命令行小技巧wc、sort、sed 和 tr
======
![][1]
图片由 Ryan Lerch 提供(遵循 CC BY-SA 4.0 协议)
![](https://img.linux.net.cn/data/attachment/album/202108/10/085720hyd795y1wrmd5rx9.jpg)
Linux 发行版十分好用,而且它们有一些用户可能不知道的技巧。让我们来看看一些命令行实用工具,当你热衷于终端而不是 GUI 时,它们可能更顺手。
我们都知道在一个系统上使用终端会更高效。当你编辑和排版一个文本文件时,终端会让你确切的感受到,生活如此简单。
本文将向你介绍 wcsorttr和 sed 命令。
本文将向你介绍 `wc`、`sort`、`tr` 和 `sed` 命令。
## **wc**
### wc
wc 是一个实用工具,全称是 "word count"。顾名思义,它可以用来统计任何文件的行数、单词数和字节数。
`wc` 是一个实用工具,全称是 “word count”。顾名思义,它可以用来统计任何文件的行数、单词数和字节数。
让我们来看看它是如何工作的:
@ -31,22 +29,20 @@ $ wc filename
lines words characters filename
```
输出的是文件的行数,单词数,字符数和文件名。
输出的是文件的行数、单词数、字符数和文件名。
想获得特定的输出,我们必须使用选项:
* -c 打印字节总数
* -l 打印行数
* -w 打印单词总数
* -m 打印字符总数
* `-c` 打印字节总数
* `-l` 打印行数
* `-w` 打印单词总数
* `-m` 打印字符总数
#### wc 示例
让我们来看看它的运行结果。
### wc 示例
让我们来看看它的运行结果:
让我们从一个文本文件 “lormipsm.txt” 开始。首先,我们通过 cat 查看文件内容,然后使用 wc。
让我们从一个文本文件 `lormipsm.txt` 开始。首先,我们通过 `cat` 查看文件内容,然后使用 `wc`
```
$ cat loremipsm.txt
@ -86,36 +82,34 @@ $ wc -m loremipsm.txt
268 loremipsm.txt
```
## **sort**
### sort
sort 命令是最有用的工具之一。它会对文件的数据进行排序。可以根据字符或数字进行升序或降序排列。它也可以用来对文件中的行进行排序和随机化。
`sort` 命令是最有用的工具之一。它会对文件的数据进行排序。可以根据字符或数字进行升序或降序排列。它也可以用来对文件中的行进行排序和随机化。
使用 sort 非常简单。我们需要做的仅仅是提供一个文件名
使用 `sort` 非常简单。我们需要做的仅仅是提供一个文件名
```
$ sort filename
```
默认的是按照字母顺序对数据进行排序。需要注意的是 sort 命令仅仅是对数据进行排序展示。它并不会改写文件。
默认的是按照字母顺序对数据进行排序。需要注意的是 `sort` 命令仅仅是对数据进行排序展示。它并不会改写文件。
使用 sort 命令的一些有用的选项:
使用 `sort` 命令的一些有用的选项:
* -r 将文件中的行按倒序进行排序
* -R 将文件中的行打乱为随机顺序
* -o 将输出保存到另一个文件中
* -k 按照特定列进行排序
* -t 使用指定的分隔符,而不使用空格
* -n 根据数值对数据进行排序
* `-r` 将文件中的行按倒序进行排序
* `-R` 将文件中的行打乱为随机顺序
* `-o` 将输出保存到另一个文件中
* `-k` 按照特定列进行排序
* `-t` 使用指定的分隔符,而不使用空格
* `-n` 根据数值对数据进行排序
#### sort 示例
让我们看看 `sort` 的几个简单示例。
### sort 示例
我们有一个 `list.txt` 的文件,包含逗号分隔的名称和数值。
让我们看看 sort 的几个简单示例:
我们有一个 list.txt 的文件,包含逗号分隔的名称和数值。
首先让我们打印出文件内容并简单排序。
首先让我们打印出文件内容并简单排序:
```
$ cat list.txt
@ -143,7 +137,7 @@ Ruden Dyer, 3
Shyam Head, 2
```
现在对数据进行倒序排序
现在对数据进行倒序排序
```
$ sort -r list.txt
@ -159,7 +153,7 @@ Ananya Lamb, 5
Adelina Rowland, 4
```
让我们打乱数据
让我们打乱数据
```
$ sort -R list.txt
@ -175,7 +169,7 @@ Ananya Lamb, 5
Shyam Head, 2
```
来看一点更复杂的。这次我们根据第二个字段,也就是数值对数据进行排序,并使用 -o 选项将输出保存到另一个文件中。
来看一点更复杂的。这次我们根据第二个字段,也就是数值对数据进行排序,并使用 `-o` 选项将输出保存到另一个文件中:
```
$ sort -n -k2 -t ',' -o sorted_list.txt list.txt
@ -194,13 +188,13 @@ Cieran Wilks, 9
Kristian Felix, 10
```
这里我们使用 -n 选项按数字顺序进行排序,-k 选项用来指定要排序的字段(在本例中为第 2 个字段),-t 选项指定分隔符或字段分隔符(逗号),-o 选项将输出保存到 sorted_list.txt 文件中。
这里我们使用 `-n` 选项按数字顺序进行排序,`-k` 选项用来指定要排序的字段(在本例中为第 2 个字段),`-t` 选项指定分隔符或字段分隔符(逗号),`-o` 选项将输出保存到 `sorted_list.txt` 文件中。
## **sed**
### sed
Sed 是一个流编辑器,用于过滤和转换输出中的文本。这意味着我们不需要对原文件进行修改,只需要对输出进行修改。如果需要,我们可以将更改保存到一个新的文件中。Sed 提供了很多有用的选项用于过滤和编辑数据。
`sed` 是一个流编辑器,用于过滤和转换输出中的文本。这意味着我们不需要对原文件进行修改,只需要对输出进行修改。如果需要,我们可以将更改保存到一个新的文件中。`sed` 提供了很多有用的选项用于过滤和编辑数据。
sed 的语法格式如下:
`sed` 的语法格式如下:
```
$ sed [OPTION] PATTERN filename
@ -208,18 +202,16 @@ $ sed [OPTION] PATTERN filename
sed 常用的一些选项:
* -n : 取消默认输出
* p : 打印指定的数据 
* d : 删除指定行
* q : 退出 sed 脚本
* `-n` 取消默认输出
* `p` 打印指定的数据 
* `d` 删除指定行
* `q` 退出 `sed` 脚本
#### sed 示例
我们来看看 `sed` 是如何运作的。我们从 `data` 文件开始,其中的字段表示编号、名称、年龄和操作系统。
### sed 示例
我们来看看 sed 是如何运作的。我们从 data 文件开始,其中的字段表示编号,名称,年龄和操作系统。
如果行出现在特定的行范围内,该行将打印 2 次。
如果行出现在特定的行范围内,该行将打印 2 次:
```
$ cat data
@ -250,9 +242,9 @@ $ sed '3,7 p' data
9 Mindy Howard 20 Mac
```
这里的操作用单引号括起来,表示第 3 行和第 7 行,并且使用了 p 打印出符合匹配规则的数据。sed 的默认行为是在解析后打印每一行。这意味着由于使用了 p ,第 3 行到第 7 行打印了两次。
这里的操作用单引号括起来,表示第 3 行和第 7 行,并且使用了 `p` 打印出符合匹配规则的数据。sed 的默认行为是在解析后打印每一行。这意味着由于使用了 `p` ,第 3 行到第 7 行打印了两次。
如何打印文件中特定的行?使用 -n 选项来消除在输出中不匹配的行。
如何打印文件中特定的行?使用 `-n` 选项来消除在输出中不匹配的行:
```
$ sed -n '3,7 p' data
@ -265,7 +257,7 @@ $ sed -n '3,7 p' data
使用 -n 仅仅只有第 3 行到第 7 行会被打印。
省略文件中的特定行。使用 d 从输出中删除行。
省略文件中的特定行。使用 `d` 从输出中删除行:
```
$ sed '3 d' data
@ -285,7 +277,7 @@ $ sed '5,9 d' data
4 Gilberto Mack 30 Windows
```
从文件中搜索特定的关键字
从文件中搜索特定的关键字
```
$ sed -n '/linux/ p' data
@ -298,9 +290,9 @@ $ sed -n '/linux/I p' data
8 Ralph Martin 19 linux
```
在这些例子中,我们在 / / 中使用了一个正则表达式。如果文件中有类似的单词,但大小写不一致,可以使用 “I” 使得搜索不区分大小写。回想一下,‘-n 删除了输出中不匹配的行。
在这些例子中,我们在 `/ /` 中使用了一个正则表达式。如果文件中有类似的单词,但大小写不一致,可以使用 `I` 使得搜索不区分大小写。回想一下,`-n` 删除了输出中不匹配的行。
替换文件中的单词
替换文件中的单词
```
$ sed 's/linux/linus/' data
@ -315,28 +307,26 @@ $ sed 's/linux/linus/' data
9 Mindy Howard 20 Mac
```
这里 s/ / / 表示它是一个正则表达式。在两个 / 之间的就是定位的单词和需要替换的新单词。
这里 `s/ / /` 表示它是一个正则表达式。在两个 `/` 之间的就是定位的单词和需要替换的新单词。
## **tr**
### tr
tr 命令可以用来转换或删除字符。它可以将小写字母转换为大写字母,也可以将大写字母转换为小写字母,可以消除重复字符,也可以删除特定字符。
`tr` 命令可以用来转换或删除字符。它可以将小写字母转换为大写字母,也可以将大写字母转换为小写字母,可以消除重复字符,也可以删除特定字符。
tr 的奇怪之处在于,它不同于 wc, sort, sed 那样接受文件作为输入。我们使用 “|” (管道符)为 tr 命令提供输入。
`tr` 的奇怪之处在于,它不同于 `wc`、`sort`、`sed` 那样接受文件作为输入。我们使用 `|` (管道符)为 `tr` 命令提供输入。
```
$ cat filename | tr [OPTION]
```
tr 命令使用的一些选项:
`tr` 命令使用的一些选项:
* -d : 删除给定输入第一个集合中的指定字符,不做转换
* -s : 将重复出现的字符替换为单个
* `-d` 删除给定输入第一个集合中的指定字符,不做转换
* `-s` 将重复出现的字符替换为单个
#### tr 示例
### tr 示例
现在让我们使用 tr 命令将 letter 文件中的所有小写字符转换为大写字符。
现在让我们使用 `tr` 命令将 `letter` 文件中的所有小写字符转换为大写字符:
```
$ cat letter
@ -348,9 +338,9 @@ LINUX IS TOO EASY TO LEARN,
AND YOU SHOULD TRY IT TOO.
```
这里的 a-z A-Z 表示我们想要将 “a” 到 “z” 范围内的小写字符转换为大写字符。
这里的 `a-z`、`A-Z` 表示我们想要将 `a``z` 范围内的小写字符转换为大写字符。
删除文件中的 “o” 字符。
删除文件中的 `o` 字符:
```
$ cat letter | tr -d 'o'
@ -358,7 +348,7 @@ Linux is t easy t learn,
And yu shuld try it t.
```
从文件中压缩字符 “o” 意味着如果 “o” 在文件中重复出现,那么它将会被删除并且只打印一次。
从文件中压缩字符 `o` 意味着如果 `o` 在文件中重复出现,那么它将会被删除并且只打印一次:
```
$ cat letter | tr -s 'o'
@ -366,9 +356,9 @@ Linux is to easy to learn,
And you should try it to.
```
## **结论**
### 总结
这是使用 wc, sort, sed, tr 命令的快速演示。这些命令可以方便快捷的操作终端上的文本文件。你可以使用 man 命令来了解这些命令的更多信息。
这是使用 `wc`、`sort`、`sed`、`tr` 命令的快速演示。这些命令可以方便快捷的操作终端上的文本文件。你可以使用 `man` 命令来了解这些命令的更多信息。
--------------------------------------------------------------------------------
@ -377,7 +367,7 @@ via: https://fedoramagazine.org/command-line-quick-tips-wc-sort-sed-and-tr/
作者:[mahesh1b][a]
选题:[lujun9972][b]
译者:[perfiffer](https://github.com/perfiffer)
校对:[校对者ID](https://github.com/校对者ID)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出

32
translated/tech/20210726 How to Install elementary Tweaks Tool.md → published/20210726 How to Install elementary Tweaks Tool.md
View File

@ -3,22 +3,24 @@
[#]: author: (Arindam https://www.debugpoint.com/author/admin1/)
[#]: collector: (lujun9972)
[#]: translator: (imgradeone)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: reviewer: (wxy)
[#]: publisher: (wxy)
[#]: url: (https://linux.cn/article-13665-1.html)
如何安装 elementary 优化工具
======
> 这篇快速教程演示了如何安装 elementary / Pantheon 优化工具。
elementary 优化工具elementary Tweaks Tool是专为 [elementary OS][1] 设计的实用工具。它提供了一些用于修改 elementary 设置的选项。虽然 elementary 已经提供了绝大多数选项,但还有一小部分的 Pantheon 桌面优化是不能直接通过普通设置修改的,因此这个工具才得以诞生。这个工具与 GNOME 中的 [GNOME Tweaks][2] 有些相似。
![](https://img.linux.net.cn/data/attachment/album/202108/10/092914jj9gzejjglclu160.jpg)
也就是说,安装这个工具其实十分简单,只是 [elementary OS 6 Odin][3] 与早期版本(例如 elementary OS 5 Juno存在一些区别。从 elementary OS 6 Odin 开始,这个工具已经重命名为 Pantheon 优化工具Pantheon Tweaks Tool。下面是安装步骤。
<ruby>elementary 优化工具<rt>elementary Tweaks Tool</rt></ruby>是专为 [elementary OS][1] 设计的实用工具。它提供了一些用于修改 elementary 设置的选项。虽然 elementary 已经提供了绝大多数选项,但还有一小部分的 Pantheon 桌面优化是不能直接通过普通设置修改的,因此这个工具才得以诞生。这个工具与 GNOME 中的 [GNOME Tweaks][2] 有些相似。
也就是说,安装这个工具其实十分简单,只是 [elementary OS 6 Odin][3] 与早期版本(例如 elementary OS 5 Juno存在一些区别。从 elementary OS 6 Odin 开始,这个工具已经重命名为 <ruby>Pantheon 优化工具<rt>Pantheon Tweaks Tool</rt></ruby>。下面是安装步骤。
### 安装 elementary 优化工具
elementary OS 并没有内置用于添加 PPA 的 software-properties-common 软件包。如果您还没有安装此软件包,请使用如下命令安装。
elementary OS 并没有内置用于添加 PPA 的 `software-properties-common` 软件包。如果你还没有安装此软件包,请使用如下命令安装:
```
sudo apt install software-properties-common
@ -26,16 +28,16 @@ sudo apt install software-properties-common
#### elementary OS 6 Odin
该版本的优化工具已经改名,并且独立于原版开发。它的名称是 [Pantheon Tweaks][4]。可以使用如下命令安装它。
该版本的优化工具已经改名,并且独立于原版开发。它的名称是 [Pantheon Tweaks][4]。可以使用如下命令安装它。
```
sudo add-apt-repository -y ppa:philip.scott/pantheon-tweaks
sudo apt install -y pantheon-tweaks
```
#### elementary OS 5 Juno and below
#### elementary OS 5 Juno 及更旧版本
如果您正在使用 elementary OS 5 Juno 或者更旧的版本,您可以使用同一 PPA 安装早期版本的 [elementary-tweaks][5]。在终端输入以下命令即可安装。
如果你正在使用 elementary OS 5 Juno 或者更旧的版本,你可以使用同一 PPA 安装早期版本的 [elementary-tweaks][5]。在终端输入以下命令即可安装。
```
sudo add-apt-repository -y ppa:philip.scott/elementary-tweaks
@ -44,19 +46,17 @@ sudo apt install -y elementary-tweaks
### 使用方法
安装完成后,您可以在 `应用程序菜单 > 系统设置 > Tweaks` 中使用此工具。
安装完成后,你可以在 “应用程序菜单 > 系统设置 > 优化” 中使用此工具。
![设置中的 Tweaks优化选项][6]
Tweaks 窗口,您可以修改一些选项,配置您的 elementary 桌面。
“优化”窗口,你可以修改一些选项,配置你的 elementary 桌面。
![安装完成后的 elementary 优化工具 —— 选项][7]
顺便提示一下,这款工具仅仅是 elementary 桌面设置的前端。如果您知道准确的名称或属性,您可以直接在终端中修改配置。您在这款优化工具中获得的选项也可以在 `dconf` 编辑器中查找 `io.elementary` 路径以修改。
顺便提示一下,这款工具仅仅是 elementary 桌面设置的前端。如果你知道准确的名称或属性,你可以直接在终端中修改配置。你在这款优化工具中获得的选项也可以在 `dconf` 编辑器中查找 `io.elementary` 路径以修改。
如果您在安装或使用优化工具时遇到了一些问题,您可以在评论区留言。
* * *
如果你在安装或使用优化工具时遇到了一些问题,你可以在评论区留言。
--------------------------------------------------------------------------------
@ -65,7 +65,7 @@ via: https://www.debugpoint.com/2021/07/elementary-tweaks-install/
作者:[Arindam][a]
选题:[lujun9972][b]
译者:[imgradeone](https://github.com/imgradeone)
校对:[校对者ID](https://github.com/校对者ID)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出

48
translated/tech/20210730 4 cool new projects to try in Copr from July 2021.md → published/20210730 4 cool new projects to try in Copr from July 2021.md
View File

@ -3,50 +3,50 @@
[#]: author: (Jakub Kadlčík https://fedoramagazine.org/author/frostyx/)
[#]: collector: (lujun9972)
[#]: translator: (geekpi)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: reviewer: (wxy)
[#]: publisher: (wxy)
[#]: url: (https://linux.cn/article-13673-1.html)
COPR 仓库中 4 个很酷的新项目2021.07
======
![][1]
COPR 是个人软件仓库[集合][2],它不在 Fedora 中。这是因为某些软件不符合轻松打包的标准;或者它可能不符合其他 Fedora 标准尽管它是自由而开源的。COPR 可以在 Fedora 套件之外提供这些项目。COPR 中的软件不受 Fedora 基础设施的支持,或者是由项目自己背书的。但是,这是一种尝试新的或实验性的软件的一种巧妙的方式。
COPR 是个人软件仓库 [集合][2],它不在 Fedora 中。这是因为某些软件不符合轻松打包的标准;或者它可能不符合其他 Fedora 标准尽管它是自由而开源的。COPR 可以在 Fedora 套件之外提供这些项目。COPR 中的软件不受 Fedora 基础设施的支持,或者是由项目自己背书的。但是,这是一种尝试新的或实验性的软件的一种巧妙的方式。
本文介绍了 COPR 中一些有趣的新项目。如果你第一次使用 COPR请参阅 [COPR 用户文档][3]。
## [][4] Wike
### Wike
[Wike][5] 是一个用于 GNOME 桌面的维基百科阅读器,在 GNOME Shell 中集成了搜索功能。它提供了对[在线百科全书][6]的无干扰访问。它的界面很简约,但它支持在多种语言之间切换文章、书签、文章目录、黑暗模式等。
[Wike][5] 是一个用于 GNOME 桌面的维基百科阅读器,在 GNOME Shell 中集成了搜索功能。它提供了对 [在线百科全书][6] 的无干扰访问。它的界面很简约,但它支持在多种语言之间切换文章、书签、文章目录、黑暗模式等。
![][7]
### [][8] 安装说明
#### 安装说明
[仓库]][9]目前在 Fedora 33、34 和 Fedora Rawhide 提供 Wike。要安装它请使用这些命令
[仓库][9] 目前为 Fedora 33、34 和 Fedora Rawhide 提供了 Wike。要安装它请使用这些命令
```
sudo dnf copr enable xfgusta/wike
sudo dnf install wike
```
## [][10] DroidCam
### DroidCam
我们正生活在一个混乱的时代,被隔离在家中,我们与朋友和同事的大部分互动都发生在一些视频会议平台上。如果你已经有一部手机,就不要把钱浪费在价格过高的网络摄像头上。[DroidCam][11] 让你将手机与电脑配对,并将其作为专用网络摄像头使用。通过 USB 线或通过 WiFi 进行连接。DroidCam 提供对摄像头的远程控制,并允许缩放、使用自动对焦、切换 LED 灯和其他便利功能。
![][12]
### [][13] 安装说明
#### 安装说明
该[仓库][14]目前为 Fedora 33 和 34 提供 DroidCam。在安装之前请更新你的系统并重新启动或者确保你运行的是最新的内核版本并安装了适当版本的 _kernel-headers_
[仓库][14] 目前为 Fedora 33 和 34 提供 DroidCam。在安装之前请更新你的系统并重新启动或者确保你运行的是最新的内核版本并安装了适当版本的 `kernel-headers`
```
sudo dnf update
sudo reboot
```
Droidcam 依赖 _v4l2loopback_,必须从 [RPM Fusion 免费仓库][15]手动安装。
Droidcam 依赖 `v4l2loopback`,必须从 [RPM Fusion 自由软件仓库][15] 手动安装。
```
sudo dnf install https://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm
@ -54,16 +54,16 @@ sudo dnf install v4l2loopback
sudo modprobe v4l2loopback
```
现在安装 _droidcam_ 软件包:
现在安装 `droidcam` 软件包:
```
sudo dnf copr enable meeuw/droidcam
sudo dnf install droidcam
```
## [][16] Nyxt
### Nyxt
[Nyxt][17] 是一个面向键盘、可无限扩展的网络浏览器,专为高级用户设计。它在很大程度上受到 Emacs 的启发,因此用 Common Lisp 实现和配置,提供熟悉的按键绑定([Emacs][18]、[vi][19]、[CUA][20])。
[Nyxt][17] 是一个面向键盘、可无限扩展的 Web 浏览器,专为高级用户设计。它在很大程度上受到 Emacs 的启发,因此用 Common Lisp 实现和配置,提供熟悉的按键绑定([Emacs][18]、[vi][19]、[CUA][20])。
其他不能错过的杀手锏是一个内置的 REPL、[树形历史][21]、[缓冲区代替标签][22],还有[更多][17]。
@ -71,33 +71,33 @@ Nyxt 与网络引擎无关,所以不用担心页面会以意外的方式呈现
![][23]
### [][24] 安装说明
#### 安装说明
该[仓库][25]目前为 Fedora 33、34 和 Fedora Rawhide 提供 Nyxt。要安装它请使用这些命令
[仓库][25] 目前为 Fedora 33、34 和 Fedora Rawhide 提供 Nyxt。要安装它请使用这些命令
```
sudo dnf copr enable teervo/nyxt
sudo dnf install nyxt
```
## [][26] Bottom
### Bottom
[Bottom][27] 是一个具有可定制界面和多种功能的系统监控器,它从 [gtop][28]、[gotop][29] 和 [htop][30] 获得灵感。因此,它支持[进程][31]监控、[CPU][32]、[RAM][33]和[网络][34]使用监控。除了这些,它还提供了更多奇特的小部件,如[磁盘容量][35]使用情况,[温度传感器][36],和[电池][37]使用情况。
[Bottom][27] 是一个具有可定制界面和多种功能的系统监控器,它从 [gtop][28]、[gotop][29] 和 [htop][30] 获得灵感。因此,它支持 [进程][31] 监控、[CPU][32]、[RAM][33] [网络][34] 使用监控。除了这些,它还提供了更多奇特的小部件,如 [磁盘容量][35] 使用情况,[温度传感器][36],和 [电池][37] 使用情况。
由于小部件的可自定义布局以及[可以只关注一个小部件并最大化它][38]Bottom 可以非常有效地利用屏幕空间。
由于小部件的可自定义布局以及 [可以只关注一个小部件并最大化它][38]Bottom 可以非常有效地利用屏幕空间。
![][39]
### [][40] 安装说明
#### 安装说明
[仓库][41]提供为 Fedora 33、34 和 Fedora Rawhide 提供 Bottom。它也可用于 EPEL 7 和 8。要安装它请使用这些命令
[仓库][41] 为 Fedora 33、34 和 Fedora Rawhide 提供了 Bottom。它也可用于 EPEL 7 和 8。要安装它请使用这些命令
```
sudo dnf copr enable opuk/bottom
sudo dnf install bottom
```
使用 _btm_ 命令来运行该程序。
使用 `btm` 命令来运行该程序。
--------------------------------------------------------------------------------
@ -106,7 +106,7 @@ via: https://fedoramagazine.org/4-cool-new-projects-to-try-in-copr-for-july-2021
作者:[Jakub Kadlčík][a]
选题:[lujun9972][b]
译者:[geekpi](https://github.com/geekpi)
校对:[校对者ID](https://github.com/校对者ID)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出

24
translated/tech/20210801 Use the Linux terminal to see what files are on your computer.md → published/20210801 Use the Linux terminal to see what files are on your computer.md
View File

@ -3,18 +3,20 @@
[#]: author: (Seth Kenlon https://opensource.com/users/seth)
[#]: collector: (lujun9972)
[#]: translator: (piaoshi)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: reviewer: (wxy)
[#]: publisher: (wxy)
[#]: url: (https://linux.cn/article-13669-1.html)
使用 Linux 终端查看你的电脑上有哪些文件
======
通过这个 Linux 教程学习如何使用 ls 命令在终端中列出文件。
![List files on your computer][1]
要在有图形界面的计算机上列出文件你通常可以打开一个文件管理器Linux 上的 **Files**MacOS 上的 **访达**Windows 上的 **文件资源管理器**)来查看文件。
> 通过这个 Linux 教程学习如何使用 ls 命令在终端中列出文件。
要在终端中列出文件,你可以使用 **ls** 命令来列出当前目录中的所有文件。而 **pwd** 命令可以告诉你当前所在的目录。
![](https://img.linux.net.cn/data/attachment/album/202108/11/142450etebpqtp7bl4kupt.jpg)
要在有图形界面的计算机上列出文件你通常可以打开一个文件管理器Linux 上的 “文件”MacOS 上的 “访达”Windows 上的 “文件资源管理器”)来查看文件。
要在终端中列出文件,你可以使用 `ls` 命令来列出当前目录中的所有文件。而 `pwd` 命令可以告诉你当前所在的目录:
```
$ pwd
@ -29,7 +31,7 @@ Templates
Videos
```
你可以通过 **\--all** 选项看到隐藏文件。
你可以通过 `--all`(简写为 `-a` 选项看到隐藏文件:
```
$ pwd
@ -43,11 +45,11 @@ example.txt     Templates
Documents       Videos
```
如你所见,列出的前两项是点。单个点实际上是一个元位置,代表 _你当前所在的文件夹_ 。两个点表示你可以从当前位置返回的上级目录。也就是说,当前目录在另一个文件夹中。当你在计算机目录间移动时,你就可以利用这些元位置为自己创建快捷方式,或者增加你的路径的独特性。
如你所见,列出的前两项是点。单个点`.`实际上是一个元位置,代表 _你当前所在的文件夹_ 。两个点`..`表示你可以从当前位置返回的上级目录。也就是说,当前目录在另一个文件夹中。当你在计算机目录间移动时,你就可以利用这些元位置为自己创建快捷方式,或者增加你的路径的独特性。
### 文件和文件夹以及如何区分它们
你可能会注意到,文件和文件夹是很难区分的。一些 Linux 发行版有一些漂亮的颜色设置,比如所有的文件夹都是蓝色的,文件是白色的,二进制文件是粉色或绿色的,等等。如果你没有看到这些颜色,你可以试试 **ls --color**。如果你有色盲症或者使用的不是彩色显示器,你可以使用 **\--classify** 选项替代:
你可能会注意到,文件和文件夹是很难区分的。一些 Linux 发行版有一些漂亮的颜色设置,比如所有的文件夹都是蓝色的,文件是白色的,二进制文件是粉色或绿色的,等等。如果你没有看到这些颜色,你可以试试 `ls --color`。如果你有色盲症或者使用的不是彩色显示器,你可以使用 `--classify` 选项替代:
```
$ pwd
@ -67,7 +69,7 @@ via: https://opensource.com/article/21/8/linux-list-files
作者:[Seth Kenlon][a]
选题:[lujun9972][b]
译者:[piaoshi](https://github.com/piaoshi)
校对:[校对者ID](https://github.com/校对者ID)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出

20
translated/tech/20210803 Use the Linux terminal to navigate throughout your computer.md → published/20210803 Use the Linux terminal to navigate throughout your computer.md
View File

@ -3,20 +3,22 @@
[#]: author: (Seth Kenlon https://opensource.com/users/seth)
[#]: collector: (lujun9972)
[#]: translator: (piaoshi)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: reviewer: (wxy)
[#]: publisher: (wxy)
[#]: url: (https://linux.cn/article-13674-1.html)
使用 Linux 终端浏览你的计算机
======
学习在 Linux 终端中从一个目录切换到另一个目录。
![Move around your computer][1]
> 学习在 Linux 终端中从一个目录切换到另一个目录。
![](https://img.linux.net.cn/data/attachment/album/202108/12/113605d3hp448xm8m18wzw.jpg)
要在图形界面中浏览你的计算机上的文件夹,你可能习惯于打开一个窗口来“进入”你的计算机,然后双击一个文件夹,再双击一个子文件夹,如此反复。你也可以使用箭头按钮或按键来回溯。
而要在终端中浏览你的计算机,你可以利用 **cd** 命令。你可以使用 **cd ..** 回到 _上一级_ 目录,或者使用 **cd ./另一个/文件夹的/路径** 来跳过许多文件夹进入一个特定的位置。
而要在终端中浏览你的计算机,你可以利用 `cd` 命令。你可以使用 `cd ..` 回到 _上一级_ 目录,或者使用 `cd ./另一个/文件夹的/路径` 来跳过许多文件夹进入一个特定的位置。
你在互联网上已经使用的 URL 的概念,实际上直接来自 [POSIX][2]。当你浏览某个网站的一个特定页面时,比如 `http://www.example.com/tutorials/lesson2.html`,你实际上做的是进入 `/var/www/imaginarysite/tutorials/` 目录,并打开一个叫 `classic2.html` 的文件。当然,你是在网络浏览器中打开它的,浏览器会将所有那些看起来奇怪的 HTML 代码解释成漂亮的文本和图片。但这两者的思路是完全一样的。
你在互联网上已经使用的 URL 的概念,实际上直接来自 [POSIX][2]。当你浏览某个网站的一个特定页面时,比如 `http://www.example.com/tutorials/lesson2.html`,你实际上做的是进入 `/var/www/imaginarysite/tutorials/` 目录,并打开一个叫 `classic2.html` 的文件。当然,你是在 Web 浏览器中打开它的,浏览器会将所有那些看起来奇怪的 HTML 代码解释成漂亮的文本和图片。但这两者的思路是完全一样的。
如果你把你的计算机看成是互联网(或者把互联网看成是计算机会更合适),那么你就能理解如何在你的文件夹和文件中遨游了。如果从你的用户文件夹(你的家目录,或简记为 `~`)开始,那么你想切换到的文件夹都是相对于这个文件夹而言的:
@ -34,7 +36,7 @@ $ pwd
### 用 Tab 键自动补全
键盘上的 **Tab** 键可以自动补全你开始输入的文件夹和文件的名字。如果你要 **cd**`~/Documents` 文件夹,那么你只需要输入 `cd ~/Doc`,然后按 **Tab** 键即可。你的 Shell 会自动补全 `uments`。这不仅仅是一个令人愉快的便利工具,它也是一种防止错误的方法。如果你按下 **Tab** 键而没有任何东西自动补全,那么可能你 _认为_ 存在于某个位置的文件或文件件实际上并不存在。即使有经验的 Linux 用户也会试图切换到一个当前目录下不存在的文件夹,所以你可以经常使用 **pwd****ls** 命令来确认你确实在你认为你在的目录、以及你的当前目录确实包含了你认为它包含的文件。
键盘上的 `Tab` 键可以自动补全你开始输入的文件夹和文件的名字。如果你要 `cd``~/Documents` 文件夹,那么你只需要输入 `cd ~/Doc`,然后按 `Tab` 键即可。你的 Shell 会自动补全 `uments`。这不仅仅是一个令人愉快的便利工具,它也是一种防止错误的方法。如果你按下 `Tab` 键而没有任何东西自动补全,那么可能你 _认为_ 存在于某个位置的文件或文件件实际上并不存在。即使有经验的 Linux 用户也会试图切换到一个当前目录下不存在的文件夹,所以你可以经常使用 `pwd``ls` 命令来确认你确实在你认为你在的目录、以及你的当前目录确实包含了你认为它包含的文件。
--------------------------------------------------------------------------------
@ -43,7 +45,7 @@ via: https://opensource.com/article/21/8/navigate-linux-directories
作者:[Seth Kenlon][a]
选题:[lujun9972][b]
译者:[piaoshi](https://github.com/piaoshi)
校对:[校对者ID](https://github.com/校对者ID)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出

73
published/20210807 It-s Time for Ubuntu to Opt for a Hybrid Rolling Release Model.md Normal file
View File

@ -0,0 +1,73 @@
[#]: subject: "Its Time for Ubuntu to Opt for a Hybrid Rolling Release Model"
[#]: via: "https://news.itsfoss.com/ubuntu-hybrid-release-model/"
[#]: author: "Abhishek https://news.itsfoss.com/author/root/"
[#]: collector: "lujun9972"
[#]: translator: "wxy"
[#]: reviewer: "wxy"
[#]: publisher: "wxy"
[#]: url: "https://linux.cn/article-13666-1.html"
是时候让 Ubuntu 选择混合滚动发布模式了
======
> 在两个 LTS 版本之间有三个短期版本。Ubuntu 应该用滚动发布模式来取代它们。
![](https://i0.wp.com/news.itsfoss.com/wp-content/uploads/2021/08/Ubuntu-hybrid-release-model.jpg?w=1200&ssl=1)
即使你不是 Ubuntu 的用户,你可能也知道它的发布模式。
有一个 [长期支持LTS版本][1],每两年发布一次,并有五年的支持。在这两个 LTS 版本之间,我们可以看到三个非 LTS 版本,它们的发布时间间隔为 6 个月。
LTS 版本会保持内核不会变化(除非你选择 [HWE 内核][2]),它还维持了各种软件组件不变以提供稳定的生产环境。
介于两者之间的非 LTS 版 Ubuntu 具有 Ubuntu 的新功能、更新一些的内核、新的桌面环境以及 Ubuntu 软件库中的各种软件的新版本。
这些非 LTS 版本作为“试验场”,为最终在 LTS 版本中出现的功能提供测试,这已不是什么秘密。
这就是为什么我建议摆脱这些中间版本,在 LTS 版本之间选择 [滚动发布][3] 模式。个中原因,请听我说。
### 在 LTS 发布之间进行滚动开发
六个月一次的发布计划给 Ubuntu 开发者制定了一个紧凑的工作时间表。这是一个好的方法,它可以使他们的目标集中在一个适当的路线图上。
但是,这也为在每个版本中提供“更多”新功能带来了额外的压力。如果时间很短,这不可能总是做到。还记得 [Ubuntu 不得不从 21.04 版本中删除 GNOME 40][4] 吗?因为开发者没有足够的时间来完成它。
另外,最终用户(比如你和我)想选择留在非 LTS 版本中也是不可行的。其支持在九个月后结束,这意味着即使你没有立即升级到下一个非 LTS 的 Ubuntu 版本,最终你也不得不这样做。如果你在 6 个月内没升级,那你可能就得在 9 个月内升级。
我知道你会说,升级 Ubuntu 版本很简单。点击几下,良好的网速和一个潜在的备份就可以让你在新的 Ubuntu 版本上没有什么麻烦。
我的问题是,为什么要这么麻烦。滚动发布会更简单。让升级在 LTS 版本之间进行。
开发人员在新功能准备好的时候发布。用户随着系统更新不断得到升级,而不是每 6 个月或 9 个月做一次“重大升级”。
你看,那些选择非 LTS 版本的人是那些想要新功能的人让他们通过滚动发布获得新功能。LTS 的发布时间表保持不变,每两年来一次。
### Bug 测试?像其他滚动发布的版本一样做个测试分支好了
当我说滚动发布时,我并不是指像 Arch Linux 那样的滚动。它应该是像 Manjaro 那样的滚动。换句话说,在测试后推出升级版,而不是直接在野外发布。
目前,新的 Ubuntu 版本有测试版,以便早期采用者可以测试它并向开发者提供反馈。这可以通过保留测试和稳定分支来实现,就像许多其他滚动发布的版本一样。
### 你对滚动发布怎么看?
我知道 Ubuntu 的铁杆用户期待着每一次的发布。代号、吉祥物、艺术品和墙纸,这些都是 Ubuntu 的传统的一部分。我们应该打破这种传统吗?
这只是我的看法我很想听听你的看法。Ubuntu 应该选择这种混合滚动模式还是坚持目前的模式?你怎么看呢?
--------------------------------------------------------------------------------
via: https://news.itsfoss.com/ubuntu-hybrid-release-model/
作者:[Abhishek][a]
选题:[lujun9972][b]
译者:[wxy](https://github.com/wxy)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://news.itsfoss.com/author/root/
[b]: https://github.com/lujun9972
[1]: https://itsfoss.com/long-term-support-lts/
[2]: https://itsfoss.com/ubuntu-hwe-kernel/
[3]: https://itsfoss.com/rolling-release/
[4]: https://news.itsfoss.com/no-gnome-40-in-ubuntu-21-04/

104
published/20210811 The Wait is Over- elementary OS 6 ‘Odin- is Finally Here With Exciting Changes.md Normal file
View File

@ -0,0 +1,104 @@
[#]: subject: "The Wait is Over! elementary OS 6 Odin is Finally Here With Exciting Changes"
[#]: via: "https://news.itsfoss.com/elementary-os-6-release/"
[#]: author: "Ankush Das https://news.itsfoss.com/author/ankush/"
[#]: collector: "lujun9972"
[#]: translator: "imgradeone"
[#]: reviewer: "wxy"
[#]: publisher: "wxy"
[#]: url: "https://linux.cn/article-13670-1.html"
久等了elementary OS 6 “Odin” 正式发布,带来令人激动的新变化
======
> 基于 Ubuntu 20.04 LTS备受期待的 elementary OS 6 终于可以下载了。
![](https://i0.wp.com/news.itsfoss.com/wp-content/uploads/2021/08/elementary-os-6-release.jpg?w=1200&ssl=1)
[2021 年最值得期待的 Linux 发行版][1] 之一,终于来了。
elementary OS 6 基于 Ubuntu 20.04 LTS它大幅改进了用户体验和安全性。
虽然我们已经列出了 [elementary OS 6 的新功能列表][2],但咱们还是来看看本次更新的主要亮点吧。
### 正式引入暗黑模式
![][3]
elementary OS 6 加入这个功能可能为时太晚,但至少他们做了极大的努力,让整个系统拥有一致的暗黑模式体验。
你也会注意到,预装应用和应用中心里部分适配过的应用都支持暗黑模式。
暗黑模式在安装 elementary OS 6 后也可以直接在欢迎页设置。
### 通知优化
![][4]
通知现在支持操作按钮和图标徽章,视觉更舒适,也更加易用。
### Flatpak 优先原则
![][5]
为了加强隐私保护和安全性elementary OS 6 提供了开箱即用的 Flatpak 应用支持。
现在,不仅仅是系统应用,在应用中心,所有应用都已经打包为 Flatpak 格式。
### 多点触控手势
![][6]
对于触控板和触摸屏用户elementary OS 6 带来了不错的手势交互,你完全可以借助手势来穿梭于系统中。
你甚至可以通过手势来忽略通知。
### 新应用,新更新
本次更新中,待办事项和固件更新正式加入预装应用。
同时,大部分系统应用(如邮件)也重构了 UI以及获得了一些新功能。
### 其他重要改进
![][7]
如果你想了解更多关于本次更新的内容,我强烈建议你试用 elementary OS 6 来自行探索。
当然,如果你现在就想速览其他重要的新功能,那么我列出几个:
* 在安装应用中心之外的第三方应用时会有警告。
* 在向终端粘贴需要 root 权限的命令时会有警告。
* 更便于区分多任务视图中活动窗口的细节变化。
* 系统设置内置了在线账户集成。
* 辅助功能优化。
* 全新壁纸。
* 改进的安装器。
### 下载 elementary OS 6
你现在可以从 elementary OS 的官网获取 elementary OS 的最新版本。如需了解详情,你也可以查阅 [官方公告][8]。
- [下载 elementary OS 6][9]
--------------------------------------------------------------------------------
via: https://news.itsfoss.com/elementary-os-6-release/
作者:[Ankush Das][a]
选题:[lujun9972][b]
译者:[imgradeone](https://github.com/imgradeone)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://news.itsfoss.com/author/ankush/
[b]: https://github.com/lujun9972
[1]: https://news.itsfoss.com/linux-distros-for-2021/
[2]: https://news.itsfoss.com/elementary-os-6-features/
[3]: https://news.itsfoss.com/wp-content/uploads/2021/08/onboarding-dark.png
[4]: https://news.itsfoss.com/wp-content/uploads/2021/06/notification-badge-elementary-os-6.png
[5]: https://news.itsfoss.com/wp-content/uploads/2021/08/appcenter.png
[6]: https://news.itsfoss.com/wp-content/uploads/2021/08/multitouch-multitasking.png
[7]: https://news.itsfoss.com/wp-content/uploads/2021/08/elementary-os-6-terminal-paste-protection.png
[8]: https://blog.elementary.io/elementary-os-6-odin-released/
[9]: https://elementary.io

2
sources/news/20210720 You Can Now Use KDE Connect in Windows as Well.md
View File

@ -2,7 +2,7 @@
[#]: via: (https://news.itsfoss.com/kde-connect-windows/)
[#]: author: (Ankush Das https://news.itsfoss.com/author/ankush/)
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: translator: (imgradeone)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )

237
sources/news/20210725 Top 7 Linux Laptops You Can Buy in 2021.md
View File

@ -1,237 +0,0 @@
[#]: subject: (Top 7 Linux Laptops You Can Buy in 2021)
[#]: via: (https://news.itsfoss.com/best-linux-laptops-2021/)
[#]: author: (Ankush Das https://news.itsfoss.com/author/ankush/)
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
Top 7 Linux Laptops You Can Buy in 2021
======
Linux laptops are the perfect alternatives to macOS and Windows-powered laptops.
Technically, you can turn any laptop of your choice into a Linux machine by choosing to install any Linux distribution available.
But, here, our focus will be on the laptops that offer Linux out-of-the-box, ensuring the best compatibility and support no matter what kind of budget you have.
### Linux Laptops by Popular Brands
It is often the best choice for a consumer to opt for a Linux laptop built by a popular manufacturer.
You do not have to worry about the after-sales, warranty extensions, and service repairs.
Dell and Lenovo are usually the ones who provide laptops with Linux pre-installed.
Do note that everything is subject to availability depending on the country/region.
*_Pricing mentioned in this article is converted to USD for easy comparison, excluding shipping and other extras._
#### 1\. Lenovo Thinkpad X1 Carbon (Gen 8 / Gen 9)
![][1]
_**Pricing**: Starts at **$1535**_
The entire Thinkpad series by Lenovo is a popular choice among Linux users. It is built to last and offers good compatibility
However, it stays on the expensive side.
You will have three choices to go with depending on what you go for. If you are customizing a Gen 9 Thinkpad laptop, you will have Ubuntu 20.04 and Fedora 33 as your options to have installed.
For Gen 8 models, it seems that Fedora 33 is off the table, and it is Fedora 32 instead, along with Ubuntu 20.04.
All the variants are powered by Intel chipsets, 10th gen for Gen 8 and 11th gen for Gen 9.
Most of the other specifications remain similar with a 14-inch display (FHD, WQHD, and UHD options available), up to 32 GB RAM, 1 TB SSD, fingerprint reader, and Wi-Fi 6 support.
[Thinkpad X1 Carbon (Gen 9)][2]
[Thinkpad X1 Carbon (Gen 8)][3]
#### 2\. Dell XPS 13 Developers Edition
![][4]
_**Pricing**: Starts at **$1059**_
Dell XPS series is an impressive laptop lineup to consider running Linux.
It has been tailored to run Linux (Ubuntu 20.04) with developers in mind.
You get a 13.4-inch display (FHD and UHD options available), 11th gen i5/i7 processor, up to 32 GB RAM, 2 TB SSD, fingerprint reader, and Wi-FI 6 support.
[Dell XPS 13 Developer Edition][5]
### Laptops by Linux-only Manufacturers
If you do not want mainstream options but some unique choices to support Linux-only manufacturers in the process, there are a couple of them that you can consider.
#### 1\. System76 Gazelle
![][6]
_**Pricing**: Starts at **$1499**_
System76s laptop will come baked in with their Pop!_OS operating system which is based on Ubuntu but provides a **hassle-free out-of-the-box experience**.
It is safe to assume that System76 is like the Apple of Linux laptops who try their best to optimize Pop!_OS for their hardware offered.
They have total control over the software and hardware, so that should be some exciting product integration for end consumers.
Along with impressive essentials like 144 Hz 16.5-inch display, i7 11th gen processor, up to 8 TB NVMe SSD support—you also get an RTX 3050 GPU which should enable you to tackle a variety of demanding tasks on your laptop.
While there are some other laptops by System76, it was not available at the time of writing this. So, feel free to check out the official store page and order a customized configuration.
System76 Gazelle
#### 2\. Purism Laptop
![][7]
![][8]
_**Pricing**: Starts at **$1599**_
A laptop by Purism can be an option if you are a security-conscious user.
Librem 14 is one of their latest laptops that comes baked in with [PureOS][9] (also built by them).
While it may not offer the latest generation processors, you should be fine with the i7 10th Gen chip on board.
It supports up to 64 GB of RAM and features hardware kill switches to disable the webcam, headphone jack, Bluetooth, or wireless audio
[Librem 14][10]
#### 3\. TUXEDO Aura 15
![][7]
![][11]
_**Pricing**: Starts at **$899**_
If you want an AMD-powered laptop (with its last-gen processor Ryzen 7 4700U), Aura 15 by TUXEDO Computers is a great pick.
The key specifications include a Full HD display, up to 64 GB RAM, Wi-Fi 6 support, and an LTE module.
It comes with either Ubuntu or TUXEDO OS (based on Ubuntu Budgie) as per your customization.
[TUXEDO Aura 15][12]
#### 4\. TUXEDO Stellaris 15
![][7]
![][13]
_**Pricing**: Starts at **$2160**_
If you are looking for the latest and greatest powerhouse with options to get RTX 3080 on board, this should be a fantastic option.
It offers the latest Intel/Ryzen processor with the configuration choices and features a 3K-res display with a 165 Hz refresh rate.
Definitely not something that you would find convenient to travel with, but if you need the computing power, you can choose to go with it.
TUXEDO Stellaris 15
#### 5\. Slimbook Pro X
![][14]
_**Pricing:** Starts at **$1105**_
Slimbook focuses on lighter Laptop models that you can conveniently travel with.
It gives you the option to choose from a variety of distributions that include Ubuntu (_GNOME, KDE, MATE_), KDE Neon, Manjaro, and Fedora.
You get most of the essential specifications that include up to 2 TB SSD support, 64 GB of RAM, Full HD IPS display, and more.
While you get options for Intel and Ryzen (last-gen processors) coupled with Nvidia and Vega graphics respectively, only Ryzen was available in stock at the time of writing this.
Slimbook Pro X
#### 6\. Slimbook Essential
![][1]
_**Pric**__**ing:** Starts at **$646**_
An impressive option for a budget-friendly Linux laptop.
It offers both Ryzen and Intel variants (last-gen) to choose from. You should get the basic specifications that include up to 64 GB RAM, 2 TB SSD support, minus a great screen and dedicated graphics onboard.
[Slimbook Essential][15]
#### 7\. Jupiter 14 Pro by Juno Computers
![][16]
_**Pricing**: Starts at **$1199**_
Featuring the 11th gen Intel processors, Jupiter 14 by Juno Computers is a sweet deal with NVIDIA GTX 1650 on board.
It comes baked in with Ubuntu 20.04 with no other options to choose from.
The base configuration includes 16 GB RAM, which could make the value offering slightly better compared to some others.
You will find the ability to choose your region on their website (UK/Europe or US/Canada), make sure to utilize that.
[Jupiter Pro 14][17]
#### Honorable Mention: **PineBook Pro**
![][18]
PineBook Pro is an ARM-based laptop (with Manjaro ARM edition) that is budget-friendly and should work fine for a lot of basic tasks on Linux.
It is out of stock (until further notice) at the time of writing this. However, you might want to check that for yourself when you read this.
[Pinebook Pro][19]
### Wrapping Up
If you do not like the choices presented here, you may check out [other places from where you can by Linux laptops][20]. Depending on your budget, pick what you feel is best for you.
After all, everything comes with Linux baked in. Some give you the ability to choose from multiple distros but most of them stick to Ubuntu pre-installed.
#### Big Tech Websites Get Millions in Revenue, It's FOSS Got You!
If you like what we do here at It's FOSS, please consider making a donation to support our independent publication. Your support will help us keep publishing content focusing on desktop Linux and open source software.
I'm not interested
--------------------------------------------------------------------------------
via: https://news.itsfoss.com/best-linux-laptops-2021/
作者:[Ankush Das][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://news.itsfoss.com/author/ankush/
[b]: https://github.com/lujun9972
[1]: data:image/svg+xml;base64,PHN2ZyBoZWlnaHQ9IjQzOSIgd2lkdGg9Ijc4MCIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB2ZXJzaW9uPSIxLjEiLz4=
[2]: https://www.lenovo.com/us/en/laptops/thinkpad/thinkpad-x1/X1-Carbon-G9/p/22TP2X1X1C9
[3]: https://www.lenovo.com/us/en/laptops/thinkpad/thinkpad-x1/X1-Carbon-Gen-8-/p/22TP2X1X1C8
[4]: data:image/svg+xml;base64,PHN2ZyBoZWlnaHQ9IjQ3MiIgd2lkdGg9Ijc4MCIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB2ZXJzaW9uPSIxLjEiLz4=
[5]: https://www.dell.com/en-us/work/shop/dell-laptops-and-notebooks/new-xps-13-developer-edition/spd/xps-13-9310-laptop/ctox139w10p2c3000u
[6]: data:image/svg+xml;base64,PHN2ZyBoZWlnaHQ9IjU0MCIgd2lkdGg9Ijc4MCIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB2ZXJzaW9uPSIxLjEiLz4=
[7]: data:image/svg+xml;base64,PHN2ZyBoZWlnaHQ9Ijc4MCIgd2lkdGg9Ijc4MCIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB2ZXJzaW9uPSIxLjEiLz4=
[8]: https://i2.wp.com/news.itsfoss.com/wp-content/uploads/2021/07/librem14.png?resize=780%2C780&ssl=1
[9]: https://www.pureos.net
[10]: https://puri.sm/products/librem-14/
[11]: https://i0.wp.com/news.itsfoss.com/wp-content/uploads/2021/07/tuxedo-aura-15.jpg?resize=780%2C780&ssl=1
[12]: https://www.tuxedocomputers.com/en/Linux-Hardware/Linux-Notebooks/15-16-inch/TUXEDO-Aura-15-Gen1.tuxedo
[13]: https://i0.wp.com/news.itsfoss.com/wp-content/uploads/2021/07/tuxedo-stellaris.jpg?resize=780%2C780&ssl=1
[14]: data:image/svg+xml;base64,PHN2ZyBoZWlnaHQ9IjQyMyIgd2lkdGg9Ijc4MCIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB2ZXJzaW9uPSIxLjEiLz4=
[15]: https://slimbook.es/en/essential-en
[16]: data:image/svg+xml;base64,PHN2ZyBoZWlnaHQ9IjQ2OCIgd2lkdGg9Ijc4MCIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB2ZXJzaW9uPSIxLjEiLz4=
[17]: https://junocomputers.com/us/product/jupiter-14-pro/
[18]: data:image/svg+xml;base64,PHN2ZyBoZWlnaHQ9IjQ0MSIgd2lkdGg9Ijc4MCIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB2ZXJzaW9uPSIxLjEiLz4=
[19]: https://www.pine64.org/pinebook-pro/
[20]: https://itsfoss.com/get-linux-laptops/

75
sources/news/20210807 It-s Time for Ubuntu to Opt for a Hybrid Rolling Release Model.md
View File

@ -1,75 +0,0 @@
[#]: subject: "Its Time for Ubuntu to Opt for a Hybrid Rolling Release Model"
[#]: via: "https://news.itsfoss.com/ubuntu-hybrid-release-model/"
[#]: author: "Abhishek https://news.itsfoss.com/author/root/"
[#]: collector: "lujun9972"
[#]: translator: " "
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
Its Time for Ubuntu to Opt for a Hybrid Rolling Release Model
======
Even if you are not an Ubuntu user, you probably are aware of its release model.
There is a [long term support (LTS) release][1] that comes every two year and gets supported for five years. In between the two LTS releases, we see three non-LTS releases that are released at an interval of six months.
The LTS version retains the same kernel (unless you opt for [HWE kernel][2]) and it also holds on to various software components to provide a stable production environment.
The non-LTS Ubuntu releases that come in between feature new features from Ubuntu, newer kernel, new desktop environment and newer version of various software available from Ubuntu repositories.
It is no secret that these non-LTS releases work as a testing ground for the features that would eventually land in the LTS release.
And this is why I suggest to get rid of these intermediate releases and opt for a [rolling release][3] model between the LTS releases. Here me out, please.
### Go rolling in-between the LTS releases
The six monthly release schedule gives the Ubuntu developers a tight schedule to work on. Its good in the way that keeps their objective in focus with a proper roadmap.
But it also builds additional pressure to deliver more new features in every release. That cannot always happen if the timeframe is short. Remember how [Ubuntu had to drop GNOME 40 from 21.04][4] because the developers didnt get enough time to work on it?
Also, its not that the end user (like you and me) gets a choice to stay with a non-LTS release. The support ends in nine months, which mean that even if you did not upgrade to the next non-LTS Ubuntu version immediately, you have to do it eventually. If it does not happen in six months, it has to in nine months.
I know you would say that upgrading Ubuntu version is simple. A few clicks, good internet speed and a potential backup will put you on the new Ubuntu version without much trouble.
And my questions is, why bother with that. A rolling release will be even simpler. Let the upgrades come between the LTS releases.
Developers release the new features when it is ready. Users get the upgrades with the system updates continually, instead of doing a major upgrade every six or nine months.
See, the people who opt for non-LTS release are the ones who want new features. Let them get the new features through rolling releases. The LTS release schedule remains the same, coming every two years.
#### Bug testing? Get a testing branch like other rolling releases
When I say rolling, I do not mean rolling like Arch Linux. It should be rolling like Manjaro. In other words, roll out the upgrades after testing rather than just releasing them in the wild.
At present, the new Ubuntu versions have beta releases so that early adopters can test it and provide feedback to the developers. This can be achieved by keeping testing and stable branches, like many other rolling release distributions.
### Rolling release or not? What do you think?
I know that hardcore Ubuntu users look forward to every single release. The code name, the mascot, the artwork and the wallpapers, these are all part of Ubuntus legacy. Should we break with this legacy?
Its just my opinion and I am interested to hear yours. Should Ubuntu opt for this hybrid rolling model or stick with the current one? What do you think?
#### Big Tech Websites Get Millions in Revenue, It's FOSS Got You!
If you like what we do here at It's FOSS, please consider making a donation to support our independent publication. Your support will help us keep publishing content focusing on desktop Linux and open source software.
I'm not interested
--------------------------------------------------------------------------------
via: https://news.itsfoss.com/ubuntu-hybrid-release-model/
作者:[Abhishek][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://news.itsfoss.com/author/root/
[b]: https://github.com/lujun9972
[1]: https://itsfoss.com/long-term-support-lts/
[2]: https://itsfoss.com/ubuntu-hwe-kernel/
[3]: https://itsfoss.com/rolling-release/
[4]: https://news.itsfoss.com/no-gnome-40-in-ubuntu-21-04/

198
sources/news/20210811 Top 11 New Features in elementary OS 6 Linux Release.md Normal file
View File

@ -0,0 +1,198 @@
[#]: subject: "Top 11 New Features in elementary OS 6 Linux Release"
[#]: via: "https://news.itsfoss.com/elementary-os-6-features/"
[#]: author: "Ankush Das https://news.itsfoss.com/author/ankush/"
[#]: collector: "lujun9972"
[#]: translator: " "
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
Top 11 New Features in elementary OS 6 Linux Release
======
elementary OS 6 is a major upgrade after a few good years of updates to the 5.x series.
While the 5.x series has had numerous feature updates and improvements, [elementary OS 6][1] looks to be an exciting endeavor.
Here, we shall take a look at all the new features and additions that have been introduced with elementary OS 6.
### 1\. Dark Style &amp; Accent Color
![][2]
[elementary OS][3] approaches the dark style theme similar to how mainstream options work, as an opt-in preference. You get to choose it from the Welcome screen right after you install elementary OS 6.
While the addition of a dark mode may sound like something minor, they seem to have put a great deal of effort to provide a consistent dark mode experience overall.
All the first-party applications seamlessly support both the dark style and light theme.
elementary OS will also let the app developers respect the users preference in elementary OS 6. So, if the user prefers a dark mode or light mode, the app can adapt to that.
Along with new accent colors available, there is an automatic accent color preference that picks the color from your current wallpaper.
### 2\. Improved Notifications &amp; Redesigned Notification Center
The notifications now support icon badges and action buttons, which should make up for a better experience.
![][4]
This could let you quickly open links, mark a message read, along with several other possibilities.
Urgent notifications have a new look and a unique sound to help you identify them.
In addition to the notification improvements, the notification center has also been revamped to look better and clean with multiple notifications.
### 3\. Online Accounts
Finally, with elementary OS 6, you will be able to add online accounts from the system settings.
Once signed in, your data will sync across the system apps wherever supported (like Calendar, Tasks).
It should also show up in the system tray notifications.
### 4\. First-Party Flatpak Apps &amp; Permissions View
To improve privacy and security across the platform, elementary OS 6 chose the Flatpak-first approach.
elementary OS now has its own AppCenter Flatpak repository. Some of the default applications come baked in as Flatpak packages and all the applications listed in AppCenter are available as Flatpaks as well.
Overall, this means a better sandboxing experience where all of your applications will stay isolated from each other without accessing your sensitive data.
![][5]
And, to top it all off, elementary OS 6 adds “Portals” where the applications will request permission to access your files or launch another application.
You also get to control all the permissions from the System Settings.
### 5\. Multi-Touch Gestures
![][6]
For Laptop and touchpad users, the new multi-touch gestures are going to come in extremely handy.
From accessing the multitasking view to navigating through the workspaces, you can do it all using multi-touch gestures.
Not just limited to certain functions on the desktop, you can interact with notifications, swipe through applications, and can have a seamless system-wide experience with the new multi-touch gestures.
You can customize the gestures or learn more about it from the Gestures section under the System Settings.
### 6\. Screen Shield
With elementary OS 5, some noticed an issue with automatic screen locking when you want to run a time-consuming task or simply watch videos.
However, this changes with elementary OS 6, not only it solves the issue, it brings in a new implementation in the form of “**Screen Shield**” feature.
So, you can easily keep your system awake without sudden disruptions when watching a video or performing a time-consuming task.
It utilizes GNOMEs daemon settings to have better compatibility with third-party applications.
### 7\. New Tasks App
![][7]
A new tasks app has been added in elementary OS 6 where you can manage tasks, get reminded of them, and organize them on your system or synchronize it with an online account.
I may not replace it with Planner just yet, but it is a good addition to have baked in.
### 8\. Firmware Updates App
![][5]
You can get the latest firmware updates for supported devices without fiddling with any other settings.
Just look for the “Firmware” application from the menu to get started.
### 9\. App Updates
Several applications have been updated while introducing new capabilities.
For instance, Epiphany browser was renamed to “Web” and is now available as a Flatpak to facilitate quick updates.
It also includes tracking protection and ad blocking built-in.
Some other notable changes include:
* The camera app has recieved a new UI overhaul with the ability to switch cameras, mirroring of image, and more.
* AppCenter not just lists Flatpak apps now but also notifies you when an application has completed installation to let you quickly open it.
* Files app has also received improvements in the form a new sidebar and list view. Also, a double-click is now required to open a file and a single click can navigate through folders.
Other applications like Mail, Calendar have also received improvements for better online integrations.
### 10\. Improved Desktop Workflow &amp; Screenshot Utility
![][8]
The multitasking view now helps you clearly distinguish among multiple active windows. And the hot corners view lets you move the window to a new workspace and maximize the window as well.
![][9]
The screenshot utility can be moved around in the window, not just stuck to the center of the window. You can also drag and drop the image from the preview without needing to save it.
### 11\. Improved Installer
![][10]
You will notice some new subtle animations, and some efforts have been made to provide a consistent layout of the installer without re-sizing the window.
![][11]
![][11]
![][12]
![][12]
![][12]
![][13]
![][13]
![][12]
![][12]
It isnt a major overhaul, but they mention that the new installer comes with an improved disk detection and error handling, which should make the installation seamless.
### Wrapping Up
[elementary OS 6][3] is an exciting release with several improvements. Even though the look and feel is not entirely different, it has been polished across the board.
I like what they are doing to provide a consistent and beautiful user experience. Also, changes like system-wide Flatpak should make things easier and safer for users.
What do you think about this release? Have you tried it yet?
#### Big Tech Websites Get Millions in Revenue, It's FOSS Got You!
If you like what we do here at It's FOSS, please consider making a donation to support our independent publication. Your support will help us keep publishing content focusing on desktop Linux and open source software.
I'm not interested
--------------------------------------------------------------------------------
via: https://news.itsfoss.com/elementary-os-6-features/
作者:[Ankush Das][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://news.itsfoss.com/author/ankush/
[b]: https://github.com/lujun9972
[1]: https://news.itsfoss.com/elementary-os-6-release/
[2]: data:image/svg+xml;base64,PHN2ZyBoZWlnaHQ9IjQzOSIgd2lkdGg9Ijc4MCIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB2ZXJzaW9uPSIxLjEiLz4=
[3]: https://elementary.io
[4]: data:image/svg+xml;base64,PHN2ZyBoZWlnaHQ9IjE4MCIgd2lkdGg9IjcyNCIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB2ZXJzaW9uPSIxLjEiLz4=
[5]: data:image/svg+xml;base64,PHN2ZyBoZWlnaHQ9IjU3NyIgd2lkdGg9Ijc4MCIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB2ZXJzaW9uPSIxLjEiLz4=
[6]: data:image/svg+xml;base64,PHN2ZyBoZWlnaHQ9IjQ0MCIgd2lkdGg9Ijc4MCIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB2ZXJzaW9uPSIxLjEiLz4=
[7]: data:image/svg+xml;base64,PHN2ZyBoZWlnaHQ9IjU5MSIgd2lkdGg9Ijc4MCIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB2ZXJzaW9uPSIxLjEiLz4=
[8]: data:image/svg+xml;base64,PHN2ZyBoZWlnaHQ9IjgxNSIgd2lkdGg9Ijc4MCIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB2ZXJzaW9uPSIxLjEiLz4=
[9]: data:image/svg+xml;base64,PHN2ZyBoZWlnaHQ9IjY5MiIgd2lkdGg9IjY2MCIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB2ZXJzaW9uPSIxLjEiLz4=
[10]: data:image/svg+xml;base64,PHN2ZyBoZWlnaHQ9IjU2NyIgd2lkdGg9Ijc4MCIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB2ZXJzaW9uPSIxLjEiLz4=
[11]: data:image/svg+xml;base64,PHN2ZyBoZWlnaHQ9IjUzOSIgd2lkdGg9Ijc4MCIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB2ZXJzaW9uPSIxLjEiLz4=
[12]: data:image/svg+xml;base64,PHN2ZyBoZWlnaHQ9IjUzNCIgd2lkdGg9Ijc4MCIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB2ZXJzaW9uPSIxLjEiLz4=
[13]: data:image/svg+xml;base64,PHN2ZyBoZWlnaHQ9IjQ5NyIgd2lkdGg9Ijc4MCIgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnIiB2ZXJzaW9uPSIxLjEiLz4=

116
sources/talk/20210811 My first programming language and early adventures.md Normal file
View File

@ -0,0 +1,116 @@
[#]: subject: "My first programming language and early adventures"
[#]: via: "https://opensource.com/article/21/8/my-first-programming-language"
[#]: author: "Tomasz Waraksa https://opensource.com/users/tomasz"
[#]: collector: "lujun9972"
[#]: translator: " "
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
My first programming language and early adventures
======
A student in 1988 in Poland is invited to a computer lab.
![Old UNIX computer][1]
A few days ago, contributors to Opensource.com were asked to share our personal stories about how we got into programming. Many entertaining and fascinating responses were submitted. It would be interesting to quantify these data in time. Intriguing patterns emerged. The 70s generation was nostalgic about Fortran, punch cards, and dial-up access to shared mainframes. 80s kids (amongst which I qualify) shared stories of C, BASIC, or Pascal and their beloved Atari and Commodore computers. Surprisingly few stories from the 90s arrived. Almost like there's a generation gap. Maybe teenagers were running away in horror from C++, MFC, and the dreaded Hungarian notation, which was the order of the day. Then there's strange silence from the youngest generation. Maybe our young Raspberry Pi enthusiasts are [too busy making things][2].
Here's more about my road to programming.
### My first programming language
My first programming language was Microsoft BASIC. I learned it on the mighty MSX SpectraVideo 738 home PC. The MSX standard was a home computer architecture based on the Z80 CPU. Developed in the 80s by Microsoft, it was produced by Sony, Philips, Pioneer, Sharp, Yamaha, and many other vendors. My home country is Poland, and we were still under communist rule, and cut off from modern IT technology due to economic sanctions against us. But the winds of change came during the late 80s, and the MSX Spectravideo made it to my school.
![MSX Specravideo 738][3]
Image CC BY-SA [Hans Otten][4]
I was a student at the time, so I wasn't paid. I got so fascinated with programming that I would be willing to pay myself for the pleasure. Thankfully, all schools and universities were free at that time. Imagine you would start your IT career with zero debt! I started during my early high school years, in 1988 in Poland. I had been growing long hair, playing guitar, listening to Black Sabbath, and hoping to have a rock band one day—all the while missing out on computers. And I had a friend, who I'll call Mr. Briefcase. He was another student, and also a computer nerd with a reputation. He entered the room one day and asked _how are you?_ He had to listen to me for a while, because the Polish _will_ tell you how they are, if you ask. Then he said: _"Hey, I'm going to the computer lab. You can join me. There's no one there today except me."_ I jumped excitedly: _"The entire evening?"_ He answered: _"Sure thing. I'll be busy, but you can play games and stuff."_
When we first entered the lab, it felt like a Star Destroyer command center from [Star Wars][5]. The following hardware was available:
* One beautiful IBM PC clone, Spectravideo SVI-838 xPress-16 with an excellent clickety keyboard—no modern mechanical keyboard has yet been able to replicate that experience. Unfortunately, it was off-limits for newcomers like me.
* ZX Spectrums—I was not too fond of these, since they looked like toys with their rubbery keyboards.
* Futuristic MSX SVI-738 computers with color screens and Seikosha dot-matrix printers.
The choice was made. I played for a while but got bored very quickly. I asked Mr. Briefcase:
**Me**: _So what is it that youre doing?_ 
**Briefcase**: _Programming._ 
**Me**: _How do you do that?_ 
**Briefcase**: _Here._
And he threw a manual at me.
### Hello world
I ran through the "hello world!" examples, and then stumbled onto a chapter about computer graphics. It turned out that our MSX had impressive graphic capabilities. After an hour of struggling with English, which was still foreign to me, there it was—my first working computer program, written in BASIC. I was thrilled, flabbergasted, and completely hooked. I could command this computing device to _do things_. Beautiful things. Utterly stupid things. Boring things. And it would do them all, without hesitation, line after line, only sometimes responding with `Syntax error!`
It was pure magic! The very next day, I signed up for the computer lab.
### Computer graphics
In the following months, I had a lot of fun with computer graphics. Those machines were amazingly efficient in educating young people in computing. Programming a language interpreter was the only way to interact with it. It booted, and you had to enter commands to do anything useful. If you were curious enough, you would inevitably ask—are there more commands? In the end, you got sucked into programming without even knowing it. The entry threshold was so low.
![Code][6]
Image CC0 Alan Smithee
For example, to draw a circle on the screen, all I had to do was:
* Boot the computer and wait a few seconds. Yes, it only took seconds to boot!
* Write `10 CIRCLE 100`,`100`,`50` and press **ENTER**. Yes, we had to number the lines ourselves.
* Write `run` and press **ENTER**.
There was a simplicity to programming in those days. Today, you have choices to make before you write a single line of code. You have to choose your development platform (web, desktop, both), your programming language, your framework, and more.
Of course there are always choices to make, but it feels simpler when all you need are a few resources, and when your computer has only **64kB** of memory—the usual on 8-bit machines. To give you a sense of scale—a single high-resolution desktop icon on my Pop_OS Linux box can be bigger than that. Yet within this tiny memory, it could run an operating system and an academic-grade compiler. It could run graphic programs with flawless sprite animation and collision detection. It would play percussion tracks through a programmable noise generator. I have to admit, [I know it's possible][7] but I hardly know where to begin with these kinds of activities today.
### Pascal and beyond
My MSX had a 3.5" floppy drive—an amazing thing these days. One day we received floppies with the CPM 2.2 operating system and a [Turbo Pascal 3.0 compiler][8]. This is how I tasted my first actual programming language, while avoiding further exposure to BASIC. Turbo Pascal was beautiful: expressive, concise, safe, and structured. There's an anecdotal theory about why programmers from Central and Eastern Europe have such highly valued skills. In western countries, C and C++ were the order of the day, full of fun quirks and idiosyncrasies. Over here though, we started with Pascal. It was a programming language of choice in schools and universities. The differences between these two are substantial, and the theory is that they wired our young minds in a substantially different way.
![Turbo Pascal][9]
Image [Public Domain][10]
Pascal was much more disciplined than C, and it was as "close to the metal" as it gets. Pascal had pointers, direct memory operations, and even `asm ... end` block for assembly code injection. Yet pointers weren't thrown in everywhere like they are in C, and buffer overflow attacks through null-terminated strings were non-existent. Strings in Pascal is just an array of characters, and only the first entry contains the explicit string length. Simple! It also had a proper module system, precompiled libraries, strict type control, and a blazing fast compiler on top of that.
Turbo Pascal had an enormous impact on the way I think while programming. Eventually it implemented object-oriented programming, and smoothly prepared me for complex software architectures and programming on Windows with Borland Delphi. I touched C and C++ only when I had no other choice.
Decades later, I've realized that all my career, I have unconsciously followed in the footsteps of [Anders Hejlsberg][11]. He and his team were creators of a highly successful line of Turbo compilers at Borland. Then they created Delphi, which was a relief for Windows programmers struggling with Visual Basic, WFC, MFC, Charles Petzold books, and Hungarian notation. After Borland, he continued at Microsoft and created [.NET][12], which I happily jumped into. Finally, he created TypeScript, which became the backbone of modern enterprise web development.
Nowadays, I'm busy architecting and developing large web applications for enterprises. JavaScript and TypeScript is the order of the day, with back-ends running on NodeJS, .NET, or Python and writing little utilities and scripts with Python and Bash, and struggling with complexities of cloud computing and [YAML][13]. After all these years, I still enjoy the thrill. I can't imagine a more satisfying job that keeps challenging me and never gets dull and boring.
--------------------------------------------------------------------------------
via: https://opensource.com/article/21/8/my-first-programming-language
作者:[Tomasz Waraksa][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/tomasz
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/retro_old_unix_computer.png?itok=SYAb2xoW (Old UNIX computer)
[2]: https://opensource.com/articles/21/3/raspberry-pi-projects
[3]: https://opensource.com/sites/default/files/svi738.jpg (MSX Specravideo 738)
[4]: http://msx.hansotten.com/special-msx-hardware/svi-738-xpress/
[5]: https://opensource.com/article/21/5/open-source-star-wars
[6]: https://opensource.com/sites/default/files/basic.jpg (Code)
[7]: https://opensource.com/article/17/10/python-101
[8]: https://en.wikipedia.org/wiki/Turbo_Pascal
[9]: https://opensource.com/sites/default/files/uploads/turbo-pascal.png (Turbo Pascal)
[10]: https://commons.wikimedia.org/wiki/File:Turbopascal_6.png
[11]: https://en.wikipedia.org/wiki/Anders_Hejlsberg
[12]: https://opensource.com/article/19/9/getting-started-net
[13]: https://www.redhat.com/sysadmin/yaml-beginners

157
sources/tech/20200204 Managing your attached hardware on Linux with systemd-udevd.md
View File

@ -1,157 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: (YungeG)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Managing your attached hardware on Linux with systemd-udevd)
[#]: via: (https://opensource.com/article/20/2/linux-systemd-udevd)
[#]: author: (David Clinton https://opensource.com/users/dbclinton)
Managing your attached hardware on Linux with systemd-udevd
======
Manipulate how your Linux system handles physical devices with udev.
![collection of hardware on blue backround][1]
Linux does a great job automatically recognizing, loading, and exposing attached hardware devices from countless vendors. In fact, it was this feature that, many years ago, convinced me to insist that my employer convert its entire infrastructure to Linux. The pain point was the way a certain company in Redmond couldn't load drivers for the integrated network card on our Compaq desktops while Linux did it effortlessly.
In the years since then, Linux's library of recognized devices has grown enormously along with the sophistication of the process. And the star of that show is [udev][2]. Udev's job is to listen for events from the Linux kernel involving changes to the state of a device. It could be a new USB device that's plugged in or pulled out, or it might be a wireless mouse going offline as it's drowned in spilled coffee.
Udev's job is to handle all changes of state by, for instance, assigning the names or permissions through which devices are accessed. A record of those changes can be accessed through [dmesg][3]. Since dmesg typically spits out thousands of entries, it's smart to filter the results. The example below shows how Linux identifies my WiFi interface. It shows the chipset my wireless device uses (**ath9k**), the original name it was assigned early in the process (**wlan0**), and the big, ugly permanent name it's currently using (**wlxec086b1ef0b3**):
```
$ dmesg | grep wlan
[    5.396874] ath9k_htc 1-3:1.0 wlxec086b1ef0b3: renamed from wlan0
```
In this article, I'll discuss why anyone might want to use a name like that. Along the way, I'll explore the anatomy of udev configuration files and then show how to make changes to udev settings, including how to edit the way the system names devices. This article is based on a module from my new course, [Linux System Optimization][4].
### Understanding the udev configuration system
On systemd machines, udev operations are managed by the **systemd-udevd** daemon. You can check the status of the udev daemon the regular systemd way using **systemctl status systemd-udevd**.
Technically, udev works by trying to match each system event it receives against sets of rules found in either the **/lib/udev/rules.d/** or **/etc/udev/rules.d/** directories. Rules files include match keys and assignment keys. The set of available match keys includes **action**, **name**, and **subsystem**. This means that if a device with a specified name that's part of a specified subsystem is detected, then it will be assigned a preset configuration.
Then, the "assignment" key/value pairs are used to apply the desired configuration. You could, for instance, assign a new name to the device, associate it with a filesystem symlink, or restrict access to a particular owner or group. Here's an excerpt from such a rule from my workstation:
```
$ cat /lib/udev/rules.d/73-usb-net-by-mac.rules
# Use MAC based names for network interfaces which are directly or indirectly
# on USB and have an universally administered (stable) MAC address (second bit
# is 0). Don't do this when ifnames is disabled via kernel command line or
# customizing/disabling 99-default.link (or previously 80-net-setup-link.rules).
IMPORT{cmdline}="net.ifnames"
ENV{net.ifnames}=="0", GOTO="usb_net_by_mac_end"
ACTION=="add", SUBSYSTEM=="net", SUBSYSTEMS=="usb", NAME=="", \
    ATTR{address}=="?[014589cd]:*", \
    TEST!="/etc/udev/rules.d/80-net-setup-link.rules", \
    TEST!="/etc/systemd/network/99-default.link", \
    IMPORT{builtin}="net_id", NAME="$env{ID_NET_NAME_MAC}"
```
The **add** action tells udev to fire up whenever a new device is plugged in that is part of the networking subsystem _and_ is a USB device. In addition, if I understand it correctly, the rule will apply only when the device has a MAC address consisting of characters within a certain range and, in addition, only if the **80-net-setup-link.rules** and **99-default.link** files do _not_ exist.
Assuming all these conditions are met, the interface ID will be changed to match the device's MAC address. Remember the previous dmesg entry showing how my interface name was changed from **wlan0** to that nasty **wlxec086b1ef0b3** name? That was a result of this rule's execution. How do I know? Because **ec:08:6b:1e:f0:b3** is the device's MAC address (minus the colons):
```
$ ifconfig -a
wlxec086b1ef0b3: flags=4163&lt;UP,BROADCAST,RUNNING,MULTICAST&gt;  mtu 1500
        inet 192.168.0.103  netmask 255.255.255.0  broadcast 192.168.0.255
        inet6 fe80::7484:3120:c6a3:e3d1  prefixlen 64  scopeid 0x20&lt;link&gt;
        ether ec:08:6b:1e:f0:b3  txqueuelen 1000  (Ethernet)
        RX packets 682098  bytes 714517869 (714.5 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 472448  bytes 201773965 (201.7 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
```
This udev rule exists by default within Linux. I didn't have to write it myself. But why bother—especially seeing how difficult it is to work with such an interface designation? Take a second look at the comments included with the rule:
```
# Use MAC based names for network interfaces which are directly or indirectly
# on USB and have an universally administered (stable) MAC address (second bit
# is 0). Don't do this when ifnames is disabled via kernel command line or
# customizing/disabling 99-default.link (or previously 80-net-setup-link.rules).
```
Note how this rule is designed specifically for USB-based network interfaces. Unlike PCI network interface cards (NICs), USB devices are likely to be removed and replaced from time to time. This means that there's no guarantee that their ID won't change. They could be **wlan0** one day and **wlan3** the next. To avoid confusing the applications, assign devices absolute IDs—like the one given to my USB interface.
### Manipulating udev settings
For my next trick, I'm going to grab the MAC address and current ID for the Ethernet network interface on a [VirtualBox][5] virtual machine and then use that information to create a new udev rule that will change the interface ID. Why? Well, perhaps I'm planning to work with the device from the command line, and having to type that long name can be annoying. Here's how that will work.
Before I can change my ID, I'll need to disable [Netplan][6]'s current network configuration. That'll force Linux to pay attention to the new configuration. Here's my current network interface configuration file in the **/etc/netplan/** directory:
```
$ less /etc/netplan/50-cloud-init.yaml
# This file is generated from information provided by
# the datasource.  Changes to it will not persist across an instance.
# To disable cloud-init's network configuration capabilities, write a file
# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
# network: {config: disabled}
network:
    ethernets:
        enp0s3:
            addresses: []
            dhcp4: true
    version: 2
```
The **50-cloud-init.yaml** file contains a very basic interface definition. But it also includes some important information about disabling the configuration in the comments. To do so, I'll move to the **/etc/cloud/cloud.cfg.d** directory and create a new file called **99-disable-network-config.cfg** and add the **network: {config: disabled}** string.
While I haven't tested this method on distros other than Ubuntu, it should work on any flavor of Linux with systemd (which is nearly all of them). Whatever you're using, you'll get a good look at writing udev config files and testing them.
Next, I need to gather some system information. Running the **ip** command reports that my Ethernet interface is called **enp0s3** and its MAC address is **08:00:27:1d:28:10**:
```
$ ip a
2: enp0s3: &lt;BROADCAST,MULTICAST,UP,LOWER_UP&gt; mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 08:00:27:1d:28:10 brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.115/24 brd 192.168.0.255 scope global dynamic enp0s3
```
Now, I'll create a new file called **peristent-net.rules** in the **/etc/udev/rules.d** directory. I'm going to give the file a name that starts with a low number, 10:
```
$ cat /etc/udev/rules.d/10-persistent-network.rules
ACTION=="add", SUBSYSTEM=="net",ATTR{address}=="08:00:27:1d:28:10",NAME="eth3"
```
The lower the number, the earlier Linux will execute the file, and I want this one to go early. The file contains code that will give the name **eth3** to a network device when it's added—as long as its address matches **08:00:27:1d:28:10**, which is my interface's MAC address. 
Once I save the file and reboot the machine, my new interface name should be in play. I may need to log in directly to my virtual machine and use **dhclient** to manually get Linux to request an IP address on this newly named network. Opening SSH sessions might be impossible without doing that first:
```
`$ sudo dhclient eth3`
```
Done. So you're now able to force udev to make your computer refer to a NIC the way you want. But more importantly, you've got the tools to figure out how to manage _any_ misbehaving device.
--------------------------------------------------------------------------------
via: https://opensource.com/article/20/2/linux-systemd-udevd
作者:[David Clinton][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/dbclinton
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/osdc_BUS_Apple_520.png?itok=ZJu-hBV1 (collection of hardware on blue backround)
[2]: https://en.wikipedia.org/wiki/Udev
[3]: https://en.wikipedia.org/wiki/Dmesg
[4]: https://pluralsight.pxf.io/RqrJb
[5]: https://www.virtualbox.org/
[6]: https://netplan.io/

2
sources/tech/20200504 Understanding systemd at startup on Linux.md
View File

@ -1,5 +1,5 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: translator: (YungeG)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )

2
sources/tech/20210802 Use OpenCV on Fedora Linux - part 1.md
View File

@ -2,7 +2,7 @@
[#]: via: (https://fedoramagazine.org/use-opencv-on-fedora-linux-part-1/)
[#]: author: (Onuralp SEZER https://fedoramagazine.org/author/thunderbirdtr/)
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: translator: (geekpi)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )

2
sources/tech/20210803 Set up a VPN server on your Linux PC.md
View File

@ -2,7 +2,7 @@
[#]: via: (https://opensource.com/article/21/8/openvpn-server-linux)
[#]: author: (D. Greg Scott https://opensource.com/users/greg-scott)
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: translator: (perfiffer)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )

52
sources/tech/20210804 Move files in the Linux terminal.md
View File

@ -1,52 +0,0 @@
[#]: subject: (Move files in the Linux terminal)
[#]: via: (https://opensource.com/article/21/8/move-files-linux)
[#]: author: (Seth Kenlon https://opensource.com/users/seth)
[#]: collector: (lujun9972)
[#]: translator: (geekpi)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
Move files in the Linux terminal
======
Use the mv command to move a file from one location to another.
![Moving files][1]
To move a file on a computer with a graphical interface, you open the folder where the file is currently located, and then open another window to the folder you want to move the file into. Finally, you drag and drop the file from one to the other.
To move a file in a terminal, you use the ** **mv** command to move a file from one location to another.
```
$ mv example.txt ~/Documents
$ ls ~/Documents
example.txt
```
In this example, you've moved **example.txt** from its current folder into the **Documents** folder.
As long as you know where you want to take a file _from_ and where you want to move it _to_, you can send files from any location to any location, no matter where you are. This can be a serious time saver compared to navigating through all the folders on your computer in a series of windows just to locate a file, and then opening a new window to where you want that file to go, and then dragging that file.
The **mv** command by default does exactly as it's told: it moves a file from one location to another. Should a file with the same name already exist in the destination location, it gets overwritten. To prevent a file from being overwritten without warning, use the **\--interactive** (or **-i** for short) option:
```
$ mv -i example.txt ~/Documents
mv: overwrite '/home/tux/Documents/example.txt'?
```
--------------------------------------------------------------------------------
via: https://opensource.com/article/21/8/move-files-linux
作者:[Seth Kenlon][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/seth
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/ch01s05.svg_.png?itok=PgKQEDZ7 (Moving files)

172
sources/tech/20210805 Configure your OpenVPN server on Linux.md
View File

@ -1,172 +0,0 @@
[#]: subject: "Configure your OpenVPN server on Linux"
[#]: via: "https://opensource.com/article/21/7/openvpn-firewall"
[#]: author: "D. Greg Scott https://opensource.com/users/greg-scott"
[#]: collector: "lujun9972"
[#]: translator: " "
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
Configure your OpenVPN server on Linux
======
After you install OpenVPN, it's time to configure it.
![Lock][1]
OpenVPN creates an encrypted tunnel between two points, preventing a third party from accessing your network traffic. By setting up your virtual private network (VPN) server, you become your own VPN provider. Many popular VPN services already use [OpenVPN][2], so why tie your connection to a specific provider when you can have complete control?
The [first article][3] in this series set up a server for your VPN, and the [second article][4] demonstrated how to install and configure the OpenVPN server software. This third article shows how to start OpenVPN with authentication in place.
To set up an OpenVPN server, you must:
* Create a configuration file.
* Set the `sysctl` value `net.ipv4.ip_forward = 1` to enable routing.
* Set up appropriate ownership for all configuration and authentication files to run the OpenVPN server daemon under a non-root account.
* Set OpenVPN to start with the appropriate configuration file.
* Configure your firewall.
### Configuration file
You must create a server config file in `/etc/openvpn/server/`. You can start from scratch if you want, and OpenVPN includes several sample configuration files to use as a starting point. Have a look in `/usr/share/doc/openvpn/sample/sample-config-files/` to see them all.
If you want to build a config file by hand, start with either `server.conf` or `roadwarrior-server.conf` (as appropriate), and place your config file in `/etc/openvpn/server`. Both files are extensively commented, so read the comments and decide which makes the most sense for your situation.
You can save time and aggravation by using my prebuilt server and client configuration file templates and `sysctl` file to turn on network routing. This configuration also includes customization to log connects and disconnects. It keeps logs on the OpenVPN server in `/etc/openvpn/server/logs`.
If you use my templates, you'll need to edit them to use your IP addresses and hostnames.
To use my prebuilt config templates, scripts, and `sysctl` to turn on IP forwarding, download my script:
```
$ curl \
<https://www.dgregscott.com/ovpn/OVPNdownloads.sh> &gt; \
OVPNdownloads.sh
```
Read the script to get an idea of what it does. Here's a quick overview of its actions:
* Creates the appropriate directories on your OpenVPN server
* Downloads server and client config file templates from my website
* Downloads my custom scripts and places them into the correct directory with correct permissions
* Downloads `99-ipforward.conf` and places it into `/etc/sysctl.d` to turn on IP forwarding at the next boot
* Sets up ownership for everything in `/etc/openvpn`
Once you're satisfied that you understand what the script does, make it executable and run it:
```
$ chmod +x OVPNdownloads.sh
$ sudo ./OVPNdownloads.sh
```
Here are the files it copies (notice the file ownership):
```
$ ls -al -R /etc/openvpn
/etc/openvpn:
total 12
drwxr-xr-x.   4 openvpn openvpn   34 Apr  6 20:35 .
drwxr-xr-x. 139 root    root    8192 Apr  6 20:35 ..
drwxr-xr-x.   2 openvpn openvpn   33 Apr  6 20:35 client
drwxr-xr-x.   4 openvpn openvpn   56 Apr  6 20:35 server
/etc/openvpn/client:
total 4
drwxr-xr-x. 2 openvpn openvpn   33 Apr  6 20:35 .
drwxr-xr-x. 4 openvpn openvpn   34 Apr  6 20:35 ..
-rw-r--r--. 1 openvpn openvpn 1764 Apr  6 20:35 OVPNclient2020.ovpn
/etc/openvpn/server:
total 4
drwxr-xr-x. 4 openvpn openvpn   56 Apr  6 20:35 .
drwxr-xr-x. 4 openvpn openvpn   34 Apr  6 20:35 ..
drwxr-xr-x. 2 openvpn openvpn   59 Apr  6 20:35 ccd
drwxr-xr-x. 2 openvpn openvpn    6 Apr  6 20:35 logs
-rw-r--r--. 1 openvpn openvpn 2588 Apr  6 20:35 OVPNserver2020.conf
/etc/openvpn/server/ccd:
total 8
drwxr-xr-x. 2 openvpn openvpn  59 Apr  6 20:35 .
drwxr-xr-x. 4 openvpn openvpn  56 Apr  6 20:35 ..
-rwxr-xr-x. 1 openvpn openvpn 917 Apr  6 20:35 client-connect.sh
-rwxr-xr-x. 1 openvpn openvpn 990 Apr  6 20:35 client-disconnect.sh
/etc/openvpn/server/logs:
total 0
drwxr-xr-x. 2 openvpn openvpn  6 Apr  6 20:35 .
drwxr-xr-x. 4 openvpn openvpn 56 Apr  6 20:35 ..
```
Here's the `99-ipforward.conf` file:
```
# Turn on IP forwarding. OpenVPN servers need to do routing
net.ipv4.ip_forward = 1
```
Edit `OVPNserver2020.conf` and `OVPNclient2020.ovpn` to include your IP addresses. Also, edit `OVPNserver2020.conf` to include your server certificate names from earlier. Later, you will rename and edit a copy of `OVPNclient2020.ovpn` for use with your client computers. The blocks that start with `***?` show you where to edit.
### File ownership
If you used the automated script from my website, file ownership is already in place. If not, you must ensure that your system has a user called `openvpn` that is a member of a group named `openvpn`. You must set the ownership of everything in `/etc/openvpn` to that user and group. It's safe to do this if you're unsure whether the user and group already exist because `useradd` will refuse to create a user with the same name as one that already exists:
```
$ sudo useradd openvpn
$ sudo chown -R openvpn.openvpn /etc/openvpn
```
### Firewall
If you decided not to disable the firewalld service in step 1, then your server's firewall service might not allow VPN traffic by default. Using the [`firewall-cmd` command][5], you can enable the OpenVPN service, which opens the necessary ports and routes traffic as necessary:
```
$ sudo firewall-cmd --add-service openvpn --permanent
$ sudo firewall-cmd --reload
```
No need to get lost in a maze of iptables!
### Start your server
You can now start your OpenVPN server. So that it starts automatically after a reboot, use the `enable` subcommand of `systemctl`:
```
`systemctl enable --now openvpn-server@OVPNserver2020.service`
```
### Final steps
The fourth and final article in this article will demonstrate how to set up clients to connect to your OpenVPN from afar.
* * *
_This article is based on D. Greg Scott's [blog][6] and is reused with permission._
--------------------------------------------------------------------------------
via: https://opensource.com/article/21/7/openvpn-firewall
作者:[D. Greg Scott][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/greg-scott
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/security-lock-password.jpg?itok=KJMdkKum (Lock)
[2]: https://openvpn.net/
[3]: https://opensource.com/article/21/7/vpn-openvpn-part-1
[4]: https://opensource.com/article/21/7/vpn-openvpn-part-2
[5]: https://www.redhat.com/sysadmin/secure-linux-network-firewall-cmd
[6]: https://www.dgregscott.com/how-to-build-a-vpn-in-four-easy-steps-without-spending-one-penny/

2
sources/tech/20210806 Change your Linux Desktop Wallpaper Every Hour -Here-s How.md
View File

@ -2,7 +2,7 @@
[#]: via: "https://www.debugpoint.com/2021/08/change-wallpaper-every-hour/"
[#]: author: "Arindam https://www.debugpoint.com/author/admin1/"
[#]: collector: "lujun9972"
[#]: translator: " "
[#]: translator: "geekpi"
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "

102
sources/tech/20210807 How to Install Java on Fedora Linux.md
View File

@ -1,102 +0,0 @@
[#]: subject: "How to Install Java on Fedora Linux"
[#]: via: "https://itsfoss.com/install-java-fedora/"
[#]: author: "Abhishek Prakash https://itsfoss.com/author/abhishek/"
[#]: collector: "lujun9972"
[#]: translator: "geekpi"
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
How to Install Java on Fedora Linux
======
Love it or hate it, it is difficult to avoid Java.
Java is still a very popular programming language taught in the schools and used in the enterprises.
If you want to use a Java-based tool or program in Java, youll need to have Java on your system.
This becomes confusing because there are so many technical terms around java.
* Java Development Kit (JDK) for creating Java programs
* Java Runtime Environment (JRE) or Java Virtual Machine (JVM) for running Java programs
On top of that, youll come across [OpenJDK][1] and [Oracle Java SE][2]. OpenJDK is what is recommended because it is open source. If you have exclusive need then only you should go for Oracle Java SE.
There is one more thing here. Even OpenJDK has several versions available. At the time of writing this article, Fedora 34 has OpenJDK 1.8, OpenJDK 11 and OpenJDK 16 available.
It is up to you to decide which Java version you want.
### Installing Java on Fedora Linux
First thing first, check if Java is already installed and which version it is. I am not kidding. Fedora usually comes with Java preinstalled.
To check, use the following command:
```
java -version
```
As you can see in the screenshot below, I have Java 11 (OpenJDK 11) installed on my Fedora system.
![Check Java version][3]
Lets say you want to install another version of Java. You may check the available options with the following command:
```
sudo dnf search openjdk
```
The sudo here is not required but it will refresh the metadata for sudo user which will eventually help when you install another version of Java.
The above command will show a huge output with plenty of similar looking packages. You have to focus on the initial few words to understand the different versions available.
![Available Java versions in Fedora][4]
For example, to install Java 8 (OpenJDK 1.8), the package name should be java-1.8.0-openjdk.x86_64 or java-1.8.0-openjdk. Use it to install it:
```
sudo dnf install java-1.8.0-openjdk.x86_64
```
![Install Java Fedora][5]
Thats good. Now you have both Java 11 and Java 8 installed on your system. But how will you use one of them?
#### Switch Java version on Fedora
Your Java version in use remains the same unless you explicitly change it. Use this command to list the installed Java versions on your system:
```
sudo alternatives --config java
```
Youll notice a number before the Java versions. The + sign before the Java versions indicate the current Java version in use.
You can specify the number to switch the Java version. So, in the example below, if I enter 2, it will change the Java version on the system from Java 11 to Java 8.
![Switching between installed Java versions][6]
Thats all you need to do for installing Java on Fedora.
--------------------------------------------------------------------------------
via: https://itsfoss.com/install-java-fedora/
作者:[Abhishek Prakash][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://itsfoss.com/author/abhishek/
[b]: https://github.com/lujun9972
[1]: https://openjdk.java.net/
[2]: https://www.oracle.com/java/technologies/javase-downloads.html
[3]: https://i1.wp.com/itsfoss.com/wp-content/uploads/2021/08/check-java-version-fedora.png?resize=800%2C271&ssl=1
[4]: https://itsfoss.com/wp-content/uploads/2021/08/available-java-versions-fedora-800x366.webp
[5]: https://i0.wp.com/itsfoss.com/wp-content/uploads/2021/08/install-java-fedora.png?resize=800%2C366&ssl=1
[6]: https://i1.wp.com/itsfoss.com/wp-content/uploads/2021/08/switch-java-versions-fedora.png?resize=800%2C513&ssl=1

87
sources/tech/20210807 Remove files and folders in the Linux terminal.md
View File

@ -1,87 +0,0 @@
[#]: subject: "Remove files and folders in the Linux terminal"
[#]: via: "https://opensource.com/article/21/8/remove-files-linux-terminal"
[#]: author: "Seth Kenlon https://opensource.com/users/seth"
[#]: collector: "lujun9972"
[#]: translator: " "
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
Remove files and folders in the Linux terminal
======
Learn to safely remove files and folders in the Linux terminal.
![Removing files][1]
To remove a file on a computer using a graphical interface, you usually drag a file or a folder to a "trash" or "recycle" bin. Alternately, you might be able to select the file or folder you want to remove, right-click, and select **Delete**.
When removing a file or folder in the terminal, there is no trash bin, at least by default. On a graphical desktop, the Trash is a protected directory so that users don't accidentally trash the Trash, or move it from its default location and lose track of it. The Trash is just a highly managed folder, so you can make your own Trash folder for use in your terminal.
### Setting up a trash bin for the terminal
Create a directory called **Trash** in your home directory:
```
`$ mkdir ~/Trash`
```
### Removing a file
When you want to remove a file or folder, use the **mv** command to move a file or directory to your Trash:
```
`$ mv example.txt ~/Trash`
```
### Deleting a file or folder permanently
When you're ready to remove a file or folder from your system permanently, you can use the **rm** command to erase all of the data in your Trash folder. By directing the **rm** command to an asterisk (`*`), you delete all files and folders inside the **Trash** folder without deleting the **Trash** folder itself. If you accidentally delete the **Trash** folder, however, you can just recreate it because directories are easy and free to create.
```
`$ rm --recursive ~/Trash/*`
```
### Removing an empty directory
Deleting an empty directory has the special command **rmdir**, which only removes an empty directory, protecting you from recursive mistakes.
```
$ mkdir full
$ touch full/file.txt
$ rmdir full
rmdir: failed to remove 'full/': Directory not empty
$ mkdir empty
$ rmdir empty
```
### Better trash
There are [commands for trashing files][2] that aren't included by default in your terminal, but that you can install from a software repository. They make it even easier to trash files, because they manage and use the very same Trash folder you use on your desktop.
```
$ trash ~/example.txt
$ trash --list
example.txt
$ trash --empty
```
--------------------------------------------------------------------------------
via: https://opensource.com/article/21/8/remove-files-linux-terminal
作者:[Seth Kenlon][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/seth
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/ch01s10.svg_.png?itok=p07au80e (Removing files)
[2]: https://www.redhat.com/sysadmin/recover-file-deletion-linux

97
sources/tech/20210809 How to Enable Minimize, Maximize Window Buttons in elementary OS.md Normal file
View File

@ -0,0 +1,97 @@
[#]: subject: "How to Enable Minimize, Maximize Window Buttons in elementary OS"
[#]: via: "https://www.debugpoint.com/2021/08/enable-minimize-maximize-elementary/"
[#]: author: "Arindam https://www.debugpoint.com/author/admin1/"
[#]: collector: "lujun9972"
[#]: translator: " "
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
How to Enable Minimize, Maximize Window Buttons in elementary OS
======
This is how you can enable the Minimize, Maximize window buttons in
elementary OS.
Many people (mostly new users to elementary OS) asks these questions in various forums:
1. How do I enable minimize buttons in elementary OS?
2. How to I enable restore, minimize, maximize?
3. Is it possible to bring back the minimize and maximize buttons?
And they are completely valid questions, and Its okay to ask questions. Right? This guide to help them to get those buttons in elementary OS.
The Pantheon desktop which is used by elementary OS does not come with default standard window buttons. The reason primarily being a different concept of handling user behavior and activities via Dock and Application menu. Arguably, this design or implementation of this behavior mimics macOS.
That said, many users prefers the window buttons because it is a “muscle-memory'” thing and some migrated from other desktop environments, even windows.
Although elementary doesnt provide you this as a default settings, you can still enable it. Heres how.
### Enable minimize maximize Buttons elementary OS
Open a terminal and install the software properties common which is required for adding a PPA. By default, this package is not installed in elementary OS (dont ask me why, seriously?).
```
sudo apt install software-properties-common
```
#### elementary OS 6 Odin
The Tweak tool is renamed with a new name and being developed separately. It is called [Pantheon Tweaks][1]. And using the following commands you can install it.
```
sudo add-apt-repository -y ppa:philip.scott/pantheon-tweaks
sudo apt install -y pantheon-tweaks
```
#### elementary OS 5 Juno and below
If you are using elementary OS 5 June and below, you can install the earlier [elementary-tweaks][2] using the same PPA. Follow the below commands from terminal.
```
sudo add-apt-repository -y ppa:philip.scott/elementary-tweaks
sudo apt install -y elementary-tweaks
```
#### Change the settings
* After installation, click on the Application at the top bar and open System Settings.
In the **System settings** window, click on **Tweaks** under Personal section.
* In the Tweaks window, go to **Appearance** section.
* Under **Window** Controls, select **Layout: Windows**.
![enable minimize maximize buttons elementary OS][3]
* And you should have the minimized, maximize and close button on the right side of the top window bar.
There are other combinations as well, such as Ubuntu, macOS, etc. You can choose whatever you feel like:
![Other Options of Window buttons in elementary][4]
This step completes the guide. There are other options in gsettings which you may try to use, but the window manager gala recently removed those options. Hence, they may not work at the moment.
I hope this guide helps you to enable minimize maximize buttons elementary OS. Let me know in the comment box below if you need any help.
* * *
--------------------------------------------------------------------------------
via: https://www.debugpoint.com/2021/08/enable-minimize-maximize-elementary/
作者:[Arindam][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.debugpoint.com/author/admin1/
[b]: https://github.com/lujun9972
[1]: https://github.com/pantheon-tweaks/pantheon-tweaks
[2]: https://github.com/elementary-tweaks/elementary-tweaks
[3]: https://www.debugpoint.com/blog/wp-content/uploads/2021/08/enable-minimize-maximize-buttons-elementary-OS-1024x501.png
[4]: https://www.debugpoint.com/blog/wp-content/uploads/2021/08/Other-Options-of-Window-buttons-in-elementary.jpg

589
sources/tech/20210809 NMState- A declarative networking config tool.md Normal file
View File

@ -0,0 +1,589 @@
[#]: subject: "NMState: A declarative networking config tool"
[#]: via: "https://fedoramagazine.org/nmstate-a-declarative-networking-config-tool/"
[#]: author: "Maurizio Garcia https://fedoramagazine.org/author/malgnuz/"
[#]: collector: "lujun9972"
[#]: translator: " "
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
NMState: A declarative networking config tool
======
![][1]
Comic excerpted from photo by [Bee Felten-Leidel][2] on [Unsplash][3]
This article describes and demonstrates NMState, a network manager that uses a declarative approach to configure hosts. This means you define the desired configuration state through an API and the tool applies the configuration through a provider.
### Configuration approaches: imperative vs declarative
Networking management can be a very complex task depending on the size and diversity of the environment. In the early days of IT, networking management relied on manual procedures performed by network administrators over networking devices. Nowadays, Infrastructure as Code (IaC) allows automation of those tasks in a different way. There are, essentially two approaches: imperative or declarative.
In an imperative approach you define “how” you will arrive at a desired configuration state. The declarative paradigm defines “what” is the desired configuration state, so it does not shape which steps are required nor in which order they must be performed. This approach is currently gathering more adepts and you can find it on most of the management and orchestration tools currently used.
### NMState: a declarative tool
NMState is a network manager that allows you to configure hosts following a declarative approach. It means you define the desired configuration state through a northbound declarative API and this tool applies the configuration through a southbound provider.
Currently the only provider supported by NMState is NetworkManager, which is the main service to address networking capabilities on Fedora Linux. However, the development life cycle of NMState will add other providers gradually.
For further information regarding NMState please visit either its project [site][4] or github [repository][5].
### Installation
NMState is available on Fedora Linux 29+ and requires NetworkManager 1.26 or later installed and running on the system. The following shows the installation on Fedora Linux 34:
```
$ sudo dnf -y install nmstate
output omitted
Installed:
NetworkManager-config-server-1:1.30.4-1.fc34.noarch gobject-introspection-1.68.0-3.fc34.x86_64 nispor-1.0.1-2.fc34.x86_64 nmstate-1.0.3-2.fc34.noarch
python3-gobject-base-3.40.1-1.fc34.x86_64 python3-libnmstate-1.0.3-2.fc34.noarch python3-nispor-1.0.1-2.fc34.noarch python3-varlink-30.3.1-2.fc34.noarch
Complete!
```
At this point you can use _nmstatectl_ as a command line tool for NMState. Please refer to either _nmstatectl help_ or _man nmstatectl_ for further information about this tool.
### Using NMstate
Start by checking the NMState version installed in the system:
```
$ nmstatectl version
1.0.3
```
Check the current configuration of a networking interface, e.g. the _eth0_ configuration:
```
$ nmstatectl show eth0
2021-06-29 10:28:21,530 root DEBUG NetworkManager version 1.30.4
2021-06-29 10:28:21,531 root DEBUG Async action: Retrieve applied config: ethernet eth0 started
2021-06-29 10:28:21,531 root DEBUG Async action: Retrieve applied config: ethernet eth1 started
2021-06-29 10:28:21,532 root DEBUG Async action: Retrieve applied config: ethernet eth0 finished
2021-06-29 10:28:21,533 root DEBUG Async action: Retrieve applied config: ethernet eth1 finished
---
dns-resolver:
config: {}
running:
search: []
server:
- 192.168.122.1
route-rules:
config: []
routes:
config: []
running:
- destination: fe80::/64
metric: 100
next-hop-address: ''
next-hop-interface: eth0
table-id: 254
- destination: 0.0.0.0/0
metric: 100
next-hop-address: 192.168.122.1
next-hop-interface: eth0
table-id: 254
- destination: 192.168.122.0/24
metric: 100
next-hop-address: ''
next-hop-interface: eth0
table-id: 254
interfaces:
- name: eth0
type: ethernet
state: up
ipv4:
enabled: true
address:
- ip: 192.168.122.238
prefix-length: 24
auto-dns: true
auto-gateway: true
auto-route-table-id: 0
auto-routes: true
dhcp: true
ipv6:
enabled: true
address:
- ip: fe80::c3c9:c4f9:75b1:a570
prefix-length: 64
auto-dns: true
auto-gateway: true
auto-route-table-id: 0
auto-routes: true
autoconf: true
dhcp: true
lldp:
enabled: false
mac-address: 52:54:00:91:E4:4E
mtu: 1500
```
 As you can see above the networking configuration shows four main sections:
* **dns-resolver**: this section has the nameserver configuration for this interface.
* **route-rules**: it states the routing rules. 
* **routes**: it includes both dynamic and static routes.
* **Interfaces**: this section describes both ipv4 and ipv6 settings.
### Modify the configuration
You can modify the desired configuration state in two modes: 
* **Interactive**: editing the interface configuration through _nmstatectl edit_. This command invokes the text editor defined by the environment variable EDITOR so the network state can be edited in yaml format. After finishing the edition NMState will apply the new network configuration unless there are syntax errors.
* **File-based**: applying the interface configuration using _nmstatectl apply_ which imports a desired configuration state from a yaml or json file earlier created.
The following sections show you how to change the networking configuration using NMState. These changes can be disruptive to the system so the recommendation is to perform these tasks on a test system or guest VM till you get a better understanding of NMState.
The test system in use herehas two Ethernet interfaces: _eth0_ and _eth1_:
```
$ ip -br -4 a
lo UNKNOWN 127.0.0.1/8
eth0 UP 192.168.122.238/24
eth1 UP 192.168.122.108/24
```
#### Example of interactive configuration mode:
```
Change the MTU of eth0 interface to 9000 bytes using the nmstatectl edit command as follows (all changes are in bold):
```
```
$ sudo nmstatectl edit eth0
---
dns-resolver:
config: {}
running:
search: []
server:
- 192.168.122.1
route-rules:
config: []
routes:
config: []
running:
- destination: fe80::/64
metric: 100
next-hop-address: ''
next-hop-interface: eth0
table-id: 254
- destination: 0.0.0.0/0
metric: 100
next-hop-address: 192.168.122.1
next-hop-interface: eth0
table-id: 254
- destination: 192.168.122.0/24
metric: 100
next-hop-address: ''
next-hop-interface: eth0
table-id: 254
interfaces:
- name: eth0
type: ethernet
state: up
ipv4:
enabled: true
address:
- ip: 192.168.122.123
prefix-length: 24
auto-dns: true
auto-gateway: true
auto-route-table-id: 0
auto-routes: true
dhcp: true
ipv6:
enabled: true
address:
- ip: fe80::c3c9:c4f9:75b1:a570
prefix-length: 64
auto-dns: true
auto-gateway: true
auto-route-table-id: 0
auto-routes: true
autoconf: true
dhcp: true
lldp:
enabled: false
mac-address: 52:54:00:91:E4:4E
mtu: 9000
```
After saving and exiting the edito, NMState applies the new network desired state:
```
2021-06-29 11:29:05,726 root DEBUG Nmstate version: 1.0.3
2021-06-29 11:29:05,726 root DEBUG Applying desire state: {'dns-resolver': {'config': {}, 'running': {'search': [], 'server': ['192.168.122.1']}}, 'route-rules': {'config': []}, 'routes': {'config': [], 'running': [{'destination': 'fe80::/64', 'metric': 102, 'next-hop-address': '', 'next-hop-interface': 'eth0', 'table-id': 254}, {'destination': '0.0.0.0/0', 'metric': 102, 'next-hop-address': '192.168.122.1', 'next-hop-interface': 'eth0', 'table-id': 254}, {'destination': '192.168.122.0/24', 'metric': 102, 'next-hop-address': '', 'next-hop-interface': 'eth0', 'table-id': 254}]}, 'interfaces': [{'name': 'eth0', 'type': 'ethernet', 'state': 'up', 'ipv4': {'enabled': True, 'address': [{'ip': '192.168.122.238', 'prefix-length': 24}], 'auto-dns': True, 'auto-gateway': True, 'auto-route-table-id': 0, 'auto-routes': True, 'dhcp': True}, 'ipv6': {'enabled': True, 'address': [{'ip': 'fe80::5054:ff:fe91:e44e', 'prefix-length': 64}], 'auto-dns': True, 'auto-gateway': True, 'auto-route-table-id': 0, 'auto-routes': True, 'autoconf': True, 'dhcp': True}, 'lldp': {'enabled': False}, 'mac-address': '52:54:00:91:E4:4E', 'mtu': 9000}]}
--- output omitted ---
2021-06-29 11:29:05,760 root DEBUG Async action: Update profile uuid:2bdee700-f62b-365a-bd1d-69d9c31a9f0c iface:eth0 type:ethernet started
2021-06-29 11:29:05,792 root DEBUG Async action: Update profile uuid:2bdee700-f62b-365a-bd1d-69d9c31a9f0c iface:eth0 type:ethernet finished
```
Now, use both the _ip_ command and also the _eth0_ configuration file to check that the _MTU_ of _eth0_ is 9000 bytes.
```
$ ip link show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc fq_codel state UP mode DEFAULT group default qlen 1000
link/ether 52:54:00:91:e4:4e brd ff:ff:ff:ff:ff:ff
altname enp1s0
$ sudo cat /etc/NetworkManager/system-connections/eth0.nmconnection
[sudo] password for admin:
[connection]
id=eth0
uuid=2bdee700-f62b-365a-bd1d-69d9c31a9f0c
type=ethernet
interface-name=eth0
lldp=0
permissions=
[ethernet]
cloned-mac-address=52:54:00:91:E4:4E
mac-address-blacklist=
mtu=9000
[ipv4]
dhcp-client-id=mac
dhcp-timeout=2147483647
dns-search=
method=auto
[ipv6]
addr-gen-mode=eui64
dhcp-duid=ll
dhcp-iaid=mac
dhcp-timeout=2147483647
dns-search=
method=auto
ra-timeout=2147483647
[proxy]
```
#### Example of file-based configuration mode:
Lets use the file-based approach to set a new config state. In this case disable the IPv6 configuration in _eth1_ interface.
First, create a yaml file to define the desired state of the _eth1_ interface. Use _nmstatectl show_ to save the current settings then _nmstatectl edit_ to disable IPv6. Again, all changes are in bold and deletions are shown with strike-through:
```
$ nmstatectl show eth1 > eth1.yaml
$ vi eth1.yaml
---
dns-resolver:
config: {}
running:
search: []
server:
- 192.168.122.1
route-rules:
config: []
routes:
config: []
running:
- destination: fe80::/64
metric: 101
next-hop-address: ''
next-hop-interface: eth1
table-id: 254
- destination: 0.0.0.0/0
metric: 101
next-hop-address: 192.168.122.1
next-hop-interface: eth1
table-id: 254
- destination: 192.168.122.0/24
metric: 101
next-hop-address: ''
next-hop-interface: eth1
table-id: 254
interfaces:
- name: eth1
type: ethernet
state: up
ipv4:
enabled: true
address:
- ip: 192.168.122.108
prefix-length: 24
auto-dns: true
auto-gateway: true
auto-route-table-id: 0
auto-routes: true
dhcp: true
ipv6:
enabled: false
address:
- ip: fe80::5054:ff:fe3c:9b04
prefix-length: 64
auto-dns: true
auto-gateway: true
auto-route-table-id: 0
auto-routes: true
autoconf: true
dhcp: true
lldp:
enabled: false
mac-address: 52:54:00:3C:9B:04
mtu: 1500
```
After saving the new configuration, use it to apply the new state:
```
$ sudo nmstatectl apply eth1.yaml
2021-06-29 12:17:21,531 root DEBUG Nmstate version: 1.0.3
2021-06-29 12:17:21,531 root DEBUG Applying desire state: {'dns-resolver': {'config': {}, 'running': {'search': [], 'server': ['192.168.122.1']}}, 'route-rules': {'config': []}, 'routes': {'config': [], 'running': [{'destination': 'fe80::/64', 'metric': 101, 'next-hop-address': '', 'next-hop-interface': 'eth1', 'table-id': 254}, {'destination': '0.0.0.0/0', 'metric': 101, 'next-hop-address': '192.168.122.1', 'next-hop-interface': 'eth1', 'table-id': 254}, {'destination': '192.168.122.0/24', 'metric': 101, 'next-hop-address': '', 'next-hop-interface': 'eth1', 'table-id': 254}]}, 'interfaces': [{'name': 'eth1', 'type': 'ethernet', 'state': 'up', 'ipv4': {'enabled': True, 'address': [{'ip': '192.168.122.108', 'prefix-length': 24}], 'auto-dns': True, 'auto-gateway': True, 'auto-route-table-id': 0, 'auto-routes': True, 'dhcp': True}, 'ipv6': {'enabled': False}, 'lldp': {'enabled': False}, 'mac-address': '52:54:00:3C:9B:04', 'mtu': 1500}]}
--- output omitted ---
2021-06-29 12:17:21,582 root DEBUG Async action: Update profile uuid:5d7244cb-673d-3b88-a675-32e31fad4347 iface:eth1 type:ethernet started
2021-06-29 12:17:21,587 root DEBUG Async action: Update profile uuid:5d7244cb-673d-3b88-a675-32e31fad4347 iface:eth1 type:ethernet finished
--- output omitted ---
Desired state applied:
---
dns-resolver:
config: {}
running:
search: []
server:
- 192.168.122.1
route-rules:
config: []
routes:
config: []
running:
- destination: fe80::/64
metric: 101
next-hop-address: ''
next-hop-interface: eth1
table-id: 254
- destination: 0.0.0.0/0
metric: 101
next-hop-address: 192.168.122.1
next-hop-interface: eth1
table-id: 254
- destination: 192.168.122.0/24
metric: 101
next-hop-address: ''
next-hop-interface: eth1
table-id: 254
interfaces:
- name: eth1
type: ethernet
state: up
ipv4:
enabled: true
address:
- ip: 192.168.122.108
prefix-length: 24
auto-dns: true
auto-gateway: true
auto-route-table-id: 0
auto-routes: true
dhcp: true
ipv6:
enabled: false
lldp:
enabled: false
mac-address: 52:54:00:3C:9B:04
mtu: 1500
```
You can check that the _eth1_ interface does not have any IPv6 configured:
```
$ ip -br a
lo UNKNOWN 127.0.0.1/8 ::1/128
eth0 UP 192.168.122.238/24 fe80::5054:ff:fe91:e44e/64
eth1 UP 192.168.122.108/24
$ sudo cat /etc/NetworkManager/system-connections/eth1.nmconnection
[connection]
id=eth1
uuid=5d7244cb-673d-3b88-a675-32e31fad4347
type=ethernet
interface-name=eth1
lldp=0
permissions=
[ethernet]
cloned-mac-address=52:54:00:3C:9B:04
mac-address-blacklist=
mtu=1500
[ipv4]
dhcp-client-id=mac
dhcp-timeout=2147483647
dns-search=
method=auto
[ipv6]
addr-gen-mode=eui64
dhcp-duid=ll
dhcp-iaid=mac
dns-search=
method=disabled
[proxy]
```
#### Applying changes temporarily
An interesting feature of NMState allows you to configure a desired networking state temporarily. In case you are satisfied with the configuration you can commit it afterwards. Otherwise it will rollback when the timeout expires (default is 60 sec).
Modify the _eth1_ configuration from the previous example so it has an IPv4 static address instead of getting it dynamically by DHCP.
```
$ vi eth1.yaml
---
dns-resolver:
config: {}
running:
search: []
server:
- 192.168.122.1
route-rules:
config: []
routes:
config: []
running:
- destination: fe80::/64
metric: 101
next-hop-address: ''
next-hop-interface: eth1
table-id: 254
- destination: 0.0.0.0/0
metric: 101
next-hop-address: 192.168.122.1
next-hop-interface: eth1
table-id: 254
- destination: 192.168.122.0/24
metric: 101
next-hop-address: ''
next-hop-interface: eth1
table-id: 254
interfaces:
- name: eth1
type: ethernet
state: up
ipv4:
enabled: true
address:
- ip: 192.168.122.110
prefix-length: 24
auto-dns: true
auto-gateway: true
auto-route-table-id: 0
auto-routes: true
dhcp: false
ipv6:
enabled: false
lldp:
enabled: false
mac-address: 52:54:00:3C:9B:04
mtu: 1500
```
Now, apply this config temporarily using the option _no-commit_ so it will be valid only for 30 seconds. This can be done adding the option _timeout_. Meanwhile, we will run the _ip  -br a_ command three times to see how the IPv4 address configured in _eth1_ interface changes and then the configuration rolls back.
```
$ ip -br a && sudo nmstatectl apply --no-commit --timeout 30 eth1.yaml && sleep 10 && ip -br a && sleep 25 && ip -br a
lo UNKNOWN 127.0.0.1/8 ::1/128
eth0 UP 192.168.122.238/24 fe80::5054:ff:fe91:e44e/64
eth1 UP 192.168.122.108/24
2021-06-29 17:29:18,266 root DEBUG Nmstate version: 1.0.3
2021-06-29 17:29:18,267 root DEBUG Applying desire state: {'dns-resolver': {'config': {}, 'running': {'search': [], 'server': ['192.168.122.1']}}, 'route-rules': {'config': []}, 'routes': {'config': [], 'running': [{'destination': 'fe80::/64', 'metric': 101, 'next-hop-address': '', 'next-hop-interface': 'eth1', 'table-id': 254}, {'destination': '0.0.0.0/0', 'metric': 101, 'next-hop-address': '192.168.122.1', 'next-hop-interface': 'eth1', 'table-id': 254}, {'destination': '192.168.122.0/24', 'metric': 101, 'next-hop-address': '', 'next-hop-interface': 'eth1', 'table-id': 254}]}, 'interfaces': [{'name': 'eth1', 'type': 'ethernet', 'state': 'up', 'ipv4': {'enabled': True, 'address': [{'ip': '192.168.122.110', 'prefix-length': 24}], 'dhcp': False}, 'ipv6': {'enabled': False}, 'lldp': {'enabled': False}, 'mac-address': '52:54:00:3C:9B:04', 'mtu': 1500}]}
--- output omitted ---
Desired state applied:
---
dns-resolver:
config: {}
running:
search: []
server:
- 192.168.122.1
route-rules:
config: []
routes:
config: []
running:
- destination: fe80::/64
metric: 101
next-hop-address: ''
next-hop-interface: eth1
table-id: 254
- destination: 0.0.0.0/0
metric: 101
next-hop-address: 192.168.122.1
next-hop-interface: eth1
table-id: 254
- destination: 192.168.122.0/24
metric: 101
next-hop-address: ''
next-hop-interface: eth1
table-id: 254
interfaces:
- name: eth1
type: ethernet
state: up
ipv4:
enabled: true
address:
- ip: 192.168.122.110
prefix-length: 24
dhcp: false
ipv6:
enabled: false
lldp:
enabled: false
mac-address: 52:54:00:3C:9B:04
mtu: 1500
Checkpoint: NetworkManager|/org/freedesktop/NetworkManager/Checkpoint/7
lo UNKNOWN 127.0.0.1/8 ::1/128
eth0 UP 192.168.122.238/24 fe80::5054:ff:fe91:e44e/64
eth1 UP 192.168.122.110/24
lo UNKNOWN 127.0.0.1/8 ::1/128
eth0 UP 192.168.122.238/24 fe80::5054:ff:fe91:e44e/64
eth1 UP 192.168.122.108/24
```
As you can see from above, the _eth1_ IP address changed temporarily from 192.168.122.108 to 192.168.122.110 and then it returned to 192.168.122.108 after the timeout expired.
### Conclusion
NMState is a declarative networking configuration tool that currently applies the desired networking configuration state in a host through the NetworkManager API. This state can be defined either interactively using a text editor or with a file-based approach creating a yaml or json file.
This kind of tool provides Infrastructure as Code, it allows the automation of networking tasks and also reduces potential misconfigurations or unstable networking scenarios that could arise using legacy configuration methods.
--------------------------------------------------------------------------------
via: https://fedoramagazine.org/nmstate-a-declarative-networking-config-tool/
作者:[Maurizio Garcia][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://fedoramagazine.org/author/malgnuz/
[b]: https://github.com/lujun9972
[1]: https://fedoramagazine.org/wp-content/uploads/2021/07/magic-816x345.jpg
[2]: https://unsplash.com/@marigard?utm_source=unsplash&utm_medium=referral&utm_content=creditCopyText
[3]: https://unsplash.com/s/photos/magic?utm_source=unsplash&utm_medium=referral&utm_content=creditCopyText
[4]: https://nmstate.io/
[5]: https://github.com/nmstate/nmstate

215
sources/tech/20210809 Parsing command options in Lua.md Normal file
View File

@ -0,0 +1,215 @@
[#]: subject: "Parsing command options in Lua"
[#]: via: "https://opensource.com/article/21/8/parsing-commands-lua"
[#]: author: "Seth Kenlon https://opensource.com/users/seth"
[#]: collector: "lujun9972"
[#]: translator: " "
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
Parsing command options in Lua
======
My favorite way to solve the problem of parsing in Lua is alt-getopt.
![Woman sitting in front of her laptop][1]
When you enter a command into your terminal, there are usually [options][2], also called _switches_ or _flags_, that you can use to modify how the command runs. This is a useful convention defined by the [POSIX specification][3], so as a programmer, it's helpful to know how to detect and parse options.
As with most languages, there are several ways to solve the problem of parsing options in Lua. My favorite is [alt-getopt][4].
### Installing
The easiest way to obtain and use **alt-getopt** in your code is to [install it with LuaRocks][5]. For most use-cases, you probably want to install it into your local project directory:
```
$ mkdir local
$ luarocks --tree=local install alt-getopt 
Installing <https://luarocks.org/alt-getopt-0.X.Y-1.src.rock>
[...]
alt-getopt 0.X.Y-1 is now installed in /tux/myproject/local (license: MIT/X11)
```
Alternately, you can download the code from [GitHub][6].
### Adding a library to your Lua code
Assuming you've installed the library locally, then you can define your Lua package path and then `require` the **alt-getopt** package:
```
package.path = package.path .. ';local/share/lua/5.1/?.lua'
local alt_getopt = require("alt_getopt")
```
If you've installed it to a known system location, you can omit the `package.path` line (because Lua already knows to look for system-wide libraries.)
Now you're set to parse options in Lua.
### Option parsing in Lua
The first thing you must do to parse options is to define the valid options your application can accept. The **alt_getopt** library sees all options primarily as short options, meaning that you define options as single letters. You can add long versions later.
When you define valid options, you create a list delimited by colons (`:`), which is interpreted by the `get_opts` function provided by **alt-getopts**.
First, create some variables to represent the options. The variables `short_opt` and `optarg` represent the short option and the option argument. These are arbitrary variable names, so you can call them anything (as long as it's a valid name for a variable).
The table `long_opts` must exist, but I find it easiest to define the values of the long options after you've decided on the short options, so leave it empty for now.
```
local long_opts = {}
local short_opt
local optarg
```
With those variables declared, you can iterate over the arguments provided by the user, checking to see whether any argument matches your approved list of valid short options.
If a valid option is found, you use the `pairs` function in Lua to extract the value of the option.
To create an option that accepts no argument of its own but is either _on_ or _off_ (often called a _switch_), you place the short option you want to define to the right of a colon (`:`) character.
In this example, I've created a loop to check for the short option `-a`, which is a switch:
```
short_opt,optarg = alt_getopt.get_opts (arg, ":a", long_opts)
local optvalues = {}
for k,v in pairs (short_opt) do
   table.insert (optvalues, "value of " .. k .. " is " .. v .. "\n")
end
table.sort (optvalues)
io.write (table.concat (optvalues))
for i = optarg,#arg do
   io.write (string.format ("ARGV [%s] = %s\n", i, arg [i]))
end
```
At the end of this sample code, I included a for-loop to iterate over any remaining arguments in the command because anything not detected as a valid option must be an argument (probably a file name, URI, or whatever it is that your application operates upon).
Test the code:
```
$ lua test.lua -a 
value of a is 1
```
The test script has successfully detected the option `-a`, and has assigned it a value of **1** to represent that it does exist.
Try it again with an extra argument:
```
$ lua test.lua -a hello
value of a is 1
ARGV [2] = hello
```
### Options with arguments
Some options require an argument all their own. For instance, you might want to allow the user to point your application to a custom configuration file, set an attribute to a color, or set the resolution of a graphic. In **alt_getopt**, options that accept arguments are placed on the left of the colon (`:`) in the short options list.
```
`short_opt,optarg = alt_getopt.get_opts (arg, "c:a", long_opts)`
```
Test the code:
```
$ lua test.lua -a -c my.config
value of a is 1
value of c is my.config
```
Try it again, this time with a spare argument:
```
$ lua test.lua -a -c my.config hello
value of a is 1
value of c is my.config
ARGV [4] = hello
```
### Long options
Short options are great for power users, but they don't tend to be very memorable. You can create a table of long options that point to short options so users can learn long options before abbreviating their commands with single-letter options.
```
local long_opts = {
   alpha = "a",
   config = "c"
}
```
Users now have the choice between long and short options:
```
$ lua test.lua --config my.config --alpha hello
value of a is 1
value of c is my.config
ARGV [4] = hello
```
### Option parsing
Here's the full demonstration code for your reference:
```
#!/usr/bin/env lua
package.path = package.path .. ';local/share/lua/5.1/?.lua'
local alt_getopt = require("alt_getopt")
local long_opts = {
   alpha = "a",
   config = "c"
}
local short_opt
local optarg
short_opt,optarg = alt_getopt.get_opts (arg, "c:a", long_opts)
local optvalues = {}
for k,v in pairs (short_opt) do
   table.insert (optvalues, "value of " .. k .. " is " .. v .. "\n")
end
table.sort (optvalues)
io.write (table.concat (optvalues))
for i = optarg,#arg do
   io.write (string.format ("ARGV [%s] = %s\n", i, arg [i]))
end
```
There are further examples in the project's Git repository. Including options for your users is an important feature for any application, and Lua makes it easy to do. There are other libraries aside from **alt_getopt**, but I find this one easy and quick to use.
--------------------------------------------------------------------------------
via: https://opensource.com/article/21/8/parsing-commands-lua
作者:[Seth Kenlon][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/seth
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/OSDC_women_computing_4.png?itok=VGZO8CxT (Woman sitting in front of her laptop)
[2]: https://opensource.com/article/21/7/linux-terminal-basics#options
[3]: https://opensource.com/article/19/7/what-posix-richard-stallman-explains
[4]: https://luarocks.org/modules/mpeterv/alt-getopt
[5]: https://opensource.com/article/19/11/getting-started-luarocks
[6]: https://github.com/cheusov/lua-alt-getopt

192
sources/tech/20210810 How I use Terraform and Helm to deploy the Kubernetes Dashboard.md Normal file
View File

@ -0,0 +1,192 @@
[#]: subject: "How I use Terraform and Helm to deploy the Kubernetes Dashboard"
[#]: via: "https://opensource.com/article/21/8/terraform-deploy-helm"
[#]: author: "Ayush Sharma https://opensource.com/users/ayushsharma"
[#]: collector: "lujun9972"
[#]: translator: " "
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
How I use Terraform and Helm to deploy the Kubernetes Dashboard
======
Terraform can deploy Helm Charts. Is it right for you?
![Ship captain sailing the Kubernetes seas][1]
When I'm working on projects that require provisioning cloud infrastructure, my workflow has two disparate components: one is infrastructure orchestration, which includes Terraform to bring up the infrastructure (for instance, new EKS clusters), and the second is the provisioning component, which includes Ansible or Bash scripts to instantiate and initialize that infrastructure to accept new deployments (for instance, installing Cluster Autoscaler, kube-state-metrics, and so on.)
The reason for this is simple: very few tools can cross over and handle both the orchestration and the provisioning side. When I stumbled on the Helm provider for Terraform, I wanted to explore the possibility of using one tool to handle both sides: using Terraform to bring up a new EKS cluster and provision it with Prometheus, Loki, Grafana, Cluster Autoscaler, and others, all in one neat and clean deployment. But that's not happening until I figure out how to use this thing, so below is my experience using Terraform and Helm for something simple: deploying the Kubernetes Dashboard.
### The Helm provider
The Helm provider works like the other cloud providers. You can specify the path of the `KUBECONFIG` or other credentials, run `terraform init`, and the Helm provider gets initialized.
### Deploying the Kubernetes Dashboard
I'm going to use [Minikube for this test][2].
My `main.tf` file contains the following:
```
provider "helm" {
  kubernetes {
    config_path = "~/.kube/config"
  }
}
resource "helm_release" "my-kubernetes-dashboard" {
  name = "my-kubernetes-dashboard"
  repository = "<https://kubernetes.github.io/dashboard/>"
  chart      = "kubernetes-dashboard"
  namespace  = "default"
  set {
    name  = "service.type"
    value = "LoadBalancer"
  }
  set {
    name  = "protocolHttp"
    value = "true"
  }
  set {
    name  = "service.externalPort"
    value = 80
  }
  set {
    name  = "replicaCount"
    value = 2
  }
  set {
    name  = "rbac.clusterReadOnlyRole"
    value = "true"
  }
}
```
In the above Terraform, I'm deploying the `kubernetes-dashboard` Chart from `https://kubernetes.github.io/dashboard/` into the namespace `default`. I'm also using the `set` variable to override the Chart's defaults:
1. `service.type`: I'm changing this to `LoadBalancer` to review my changes locally. Remember to run `minikube tunnel` in a separate window, or this won't work.
2. `protocolHttp`: I'm deploying the non-secure version to suppress HTTPS warnings on `localhost`.
3. `service.externalPort`: This needs to be 80 for non-secure.
4. `replicaCount`: I'm changing this to 2 to see if these changes even work :)
5. `rbac.clusterReadOnlyRole`: This should be `true` for the Dashboard to have the correct permissions.
### Executing our Terraform
Let's start by initializing Terraform with `terraform init`:
```
Initializing the backend...
Initializing provider plugins...
\- Finding latest version of hashicorp/helm...
\- Installing hashicorp/helm v2.2.0...
\- Installed hashicorp/helm v2.2.0 (signed by HashiCorp)
Terraform has created a lock file .terraform.lock.hcl to record the provider
selections it made above. Include this file in your version control repository
so that Terraform can guarantee to make the same selections by default when
you run "terraform init" in the future.
Terraform has been successfully initialized!
You may now begin working with Terraform. Try running "terraform plan" to see
any changes that are required for your infrastructure. All Terraform commands
should now work.
If you ever set or change modules or backend configuration for Terraform,
rerun this command to reinitialize your working directory. If you forget, other
commands will detect it and remind you to do so if necessary.
```
So far, so good. Terraform successfully initialized the Helm provider. And now for `terraform apply`:
```
Terraform used the selected providers to generate the following execution plan. Resource actions are indicated with the following symbols:
  + create
Terraform will perform the following actions:
  # helm_release.my-kubernetes-dashboard will be created
  + resource "helm_release" "my-kubernetes-dashboard" {
      + atomic                     = false
      + chart                      = "kubernetes-dashboard"
      + cleanup_on_fail            = false
      [...]
      + set {
          + name  = "service.type"
          + value = "LoadBalancer"
        }
    }
Plan: 1 to add, 0 to change, 0 to destroy.
Do you want to perform these actions?
  Terraform will perform the actions described above.
  Only 'yes' will be accepted to approve.
  Enter a value: yes
helm_release.my-kubernetes-dashboard: Creating...
helm_release.my-kubernetes-dashboard: Still creating... [10s elapsed]
helm_release.my-kubernetes-dashboard: Creation complete after 14s [id=my-kubernetes-dashboard]
```
(Remember to run `minikube tunnel` in another terminal window, otherwise the `apply` won't work).
### Verifying our changes
Let's check if our pods are up using `kubectl get po` and `kubectl get svc`:
```
~ kubectl get po
NAME                                       READY   STATUS    RESTARTS   AGE
my-kubernetes-dashboard-7bc7ccfbd9-56w56   1/1     Running   0          18m
my-kubernetes-dashboard-7bc7ccfbd9-f6jc4   1/1     Running   0          18m
~ kubectl get svc
NAME                      TYPE           CLUSTER-IP       EXTERNAL-IP      PORT(S)        AGE
kubernetes                ClusterIP      10.96.0.1        &lt;none&gt;           443/TCP        20m
my-kubernetes-dashboard   LoadBalancer   10.104.144.125   10.104.144.125   80:32066/TCP   19m
```
Our pods are deployed, and the load balancer is working. Now check the UI: 
![Kubernetes Workloads dashboard][3]
Figure 2: Kubernetes Workloads dashboard
### Conclusion
You can [find the examples from this article in my Gitlab repo][4].
With Helm provisioning now a part of Terraform, my work life is that much easier. I do realize that the separation between Infrastructure and Provisioning served a different purpose: Infrastructure changes were usually one-off or didn't require frequent updates, maybe a few times when governance or security rules for my org changed. Provisioning changes, on the other hand, frequently occurred, sometimes with every release. So having Terraform (Infrastructure) and Helm Charts (Provisioning) in two different repos with two different tools and two different review workflows made sense. I'm not sure merging them using a single tool is the best idea, but one less tool in the toolchain is always a huge win. I think the pros and cons of this will vary from one project to another and one team to another.
--------------------------------------------------------------------------------
via: https://opensource.com/article/21/8/terraform-deploy-helm
作者:[Ayush Sharma][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/ayushsharma
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/ship_captain_devops_kubernetes_steer.png?itok=LAHfIpek (Ship captain sailing the Kubernetes seas)
[2]: https://opensource.com/article/18/10/getting-started-minikube
[3]: https://opensource.com/sites/default/files/2021-07-12-terraform-plus-helm-a-match-made-in-heaven-hell-dashboard.png
[4]: https://gitlab.com/ayush-sharma/example-assets/-/tree/main/kubernetes/tf_helm

109
sources/tech/20210810 How to get the most out of GitOps right now.md Normal file
View File

@ -0,0 +1,109 @@
[#]: subject: "How to get the most out of GitOps right now"
[#]: via: "https://opensource.com/article/21/8/gitops"
[#]: author: "Itiel Shwartz https://opensource.com/users/itielschwartz2021"
[#]: collector: "lujun9972"
[#]: translator: " "
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
How to get the most out of GitOps right now
======
GitOps is a great starting point to understand what is running in
production, but it may need a little more augmentation to get it working
just right for your engineering team.
![Team checklist and to dos][1]
You may have encountered this brief introduction to GitOps shared by prevalent cloud software engineer, [Kelsey Hightower][2]:
> GitOps: versioned CI/CD on top of declarative infrastructure. Stop scripting and start shipping. <https://t.co/SgUlHgNrnY>
>
> — Kelsey Hightower (@kelseyhightower) [January 17, 2018][3]
In the world of [infrastructure as code][4], GitOps is a popular way to manage automated deployments through continuous integration/continuous development (CI/CD) and microservices architecture in general, as most of our infrastructure is essentially defined in config files today (e.g., YAML, JSON, HCL). This is not limited to Kubernetes (K8s), but it's often highly associated with K8s clusters. (I'll explain why in a second.) This basically means that changing anything in your production infrastructure is as simple as changing a line of code.
The reason GitOps is so closely identified with K8s is that K8s is completely configured in declarative YAML, and therefore, you can quickly achieve the benefits of using GitOps as it is really just software-defined infrastructure. When it comes to properly applying GitOps in your engineering organization, the main thing you need to pay attention to is how you enforce changes to your cluster or infrastructure.
When you choose the GitOps path, you can only do it through a single source of truth: your source-code management (SCM) repository (e.g., GitLab, GitHub, Bitbucket, or your own hosting solution) that enforces the version-control policy for your entire organization. This means the only way to make changes to your infrastructure is through a pull request in your repository. This is how version control is maintained at scale in large engineering organizations using GitOps.
### The state of real-world deployments
The GitOps doctrine claims to be the new and simpler way to achieve CI/CD, except that the CD part of CI/CD is a much more complex beast than GitOps practices would have you believe. With GitOps, the CD part breaks down to a very binary approach to engineering environments. You're either in staging or production, where you just flip the switch and your code is in production. In my years of experience as an engineer, I have yet to participate in a significant code change, feature rollout, or another major deployment that is that simple.
There is plenty more legwork encapsulated in staging or production versioning completely abstracted from the CD process with GitOps. This means that any engineering process that takes quality seriously will have a few stages between the CI and CD phases of a major deployment. These include testing, validating results, verifying that changes propagated, retesting, and often doing partial rollouts (canary and such). These are just a few examples of how CD is managed in engineering organizations.
#### GitOps tips for doing deployments better
When it comes to GitOps, there's no need to reinvent the CI/CD (and particularly the CD) wheel. If you're like most people and achieve CI/CD by duct taping your CD process with some custom scripts before and after deployment to get it over the finish line, know there are better ways to do this with GitOps facilitators. Using GitOps facilitators such as the open source, Cloud Native Computing Foundation (CNCF)-hosted [Argo CD][5] enables users to take all those custom scripts and manage them at scale in a single place. This ensures best practices when using scripts in your CI/CD process, making them canonical and repeatable every time they run.
What's more, since there is an agent that is continuously syncing state, it reduces human errors by enforcing the committed state.
### Manage chaos across repositories with GitOps
With complex deployment architectures such as K8s or even just plain old microservices, even small changes to the code often affect other interdependent services. Mapping these dependencies with GitOps tends to become a hellscape. Often with shared repos and files, you need to sync the state. However, what you'll also often find is that errors, misconfigurations, or even just bugs can create a [butterfly effect][6] that starts a cascade of failures that becomes extremely hard to track and understand in GitOps.
One common method to solve this challenge with GitOps is to create a "super repo," which is essentially a centralized monorepo that contains pointers to all the relevant dependencies, files, resources, and such. However, this quickly becomes a messy garbage bag "catchall" of a repository, where it is extremely hard to understand, track, and log changes.
When you have many dependencies, for this to work in GitOps, these dependencies need to be represented in Git. This requires your organization to be "Git native." This means you'll need to do a lot of duct-tape automation work to create modules and submodules to connect and correlate between your super repo and the relevant subrepos. Many times, this comes with a lot of maintenance overhead that becomes extremely difficult to maintain over time.
If you don't do this, you're not achieving the benefits of GitOps, and you're mostly just stuck with the downsides. You could achieve similar capabilities through a YAML file that encapsulates all the versions and dependencies, similar to a Helm umbrella chart. Without going fully Git native, you could essentially be anything else—and not GitOps.
While in the GitOps world, repos represent the single source of truth for environments, in practice, there are many third-party integrations in any given deployment. These integrations can be anything from your authentication and authorization (e.g., Auth0) to your database, which are, for the most part, updated externally to your repo. These changes to external resources, which could significantly impact your production and deployments, have no representation inside your single-source-of-truth repo at all. This could be a serious blind spot in your entire deployment.
#### GitOps tips for managing chaos better
When using GitOps, treat your configurations the same way you would treat your code. Don't scrimp on validation pipelines, ensure proper pull request hygiene, and maintain any other practices you apply when managing code at scale to avoid this chaos. Don't panic! If something incorrect gets pushed and you're concerned it will propagate to all servers, clusters, and repos, all you need to do is run `git revert`, and you can undo your last commit.
Also, similar to my recommendation regarding syncing state, using GitOps facilitators can help with managing Git practices, being Git native, and handling Kubernetes deployments (as well as being Kubernetes native).
Last, to avoid any disorder or complexity, ensure that your Git repository's state is as close as possible to your production environments to avoid any drift of your environments from your GitOps operation.
### 3 tips for using GitOps
Here are my tips for getting the most out of GitOps:
1. Make sure to build visibility into your GitOps automation early, so you're not running blind across your many repos. When it comes to making GitOps work optimally, you should work out of a single repo per application. When these start to add up, visibility can become a real pain point. Think about the dependencies and how to engineer enough visibility into the system, so if something goes wrong, you'll know how to track it down to its source and fix it.
2. One way to do that is to plan for every kind of failure scenario. What happens when dependencies crash? When it comes to GitOps, merge conflicts are a way of life. How do you manage high-velocity deployments and promotions to production that can overwhelm a GitOps system? Think about the many potential challenges, failures, and conflicts, and have a playbook for each. Also, following up on the first point, make sure there is sufficient visibility for each to troubleshoot rapidly. And of course, don't forget the `git revert` command in the event failure happens.
3. Use a monorepo. There, I said it. The age-old mono vs. multi-repo debate. When it comes to GitOps, there's no question which is the better choice. While a centralized monorepo has disadvantages (e.g., it can get messy, become a nightmare to understand build processes, etc.), it also can help solve a large majority of hassles with cross-repo dependencies.
As an engineer, I felt this pain directly. I realized there's a pressing need for something to correlate these dependencies and visibility challenges I felt every single day of my GitOps life.
I wanted a better solution for tracking and cascading failures in a complex microservices setup to a root cause or code change. Everything I had tried to date, including GitOps, provided only partial information, very little correlation, and almost no causation.
GitOps tools (like Argo CD) help solve many issues that arise with DIY GitOps. Using such tools can be a good thing to consider when going down the GitOps route because they:
* Are natively designed for Kubernetes
* Are suitable for small teams using image-puller
* Have strong community support (e.g., Argo CD through the CNCF, which is also easy to use with other Argo tools)
* Provide an improved developer experience with a good user interface for applications
* Natively integrate with Git, which helps minimize chaos and complexity
### The bottom line
Deployment processes, particularly with new versions, are a _complex_ engineering feat. To get these right, you need to invest effort in both the technology and design of the process. For example, what is the best way to deploy and validate my application in production?
GitOps is a really good starting point to understand what is running in production. Just bear in mind that it may also need a little more augmentation with additional tools and DIY automation to get it working just right for your engineering team. This way, GitOps' shine is 24K rather than fool's gold for your organization.
--------------------------------------------------------------------------------
via: https://opensource.com/article/21/8/gitops
作者:[Itiel Shwartz][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/itielschwartz2021
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/todo_checklist_team_metrics_report.png?itok=oB5uQbzf (Team checklist and to dos)
[2]: https://twitter.com/kelseyhightower
[3]: https://twitter.com/kelseyhightower/status/953638870888849408?ref_src=twsrc%5Etfw
[4]: https://www.redhat.com/en/topics/automation/what-is-infrastructure-as-code-iac
[5]: https://argoproj.github.io/argo-cd/
[6]: https://en.wikipedia.org/wiki/Butterfly_effect

101
sources/tech/20210810 elementary OS 6 ODIN Released. This is What-s New..md Normal file
View File

@ -0,0 +1,101 @@
[#]: subject: "elementary OS 6 ODIN Released. This is Whats New."
[#]: via: "https://www.debugpoint.com/2021/08/elementary-os-6/"
[#]: author: "Arindam https://www.debugpoint.com/author/admin1/"
[#]: collector: "lujun9972"
[#]: translator: " "
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
elementary OS 6 ODIN Released. This is Whats New.
======
The team announced the release of elementary OS 6 ODIN, and it is
immediately available for download. We recap the release in this post.
![elementary OS 6 ODIN Desktop][1]
The elementary OS 6 code named “ODIN” was a long due. This release coming after more than two years since its predecessor, [elementary OS 5.1 Hera][2]. A lot had happened in the last two years, that includes a full-fledged pandemic. Despite all the challenges, roadblocks a brand new and much awaited release is here.
Lets take a look at whats new.
### elementary OS 6 Odin Whats New
The team promises the following items in a nutshell in this release:
> Empowering you to be in control and express yourself,
> Continuing to innovate with new features, and
> Making elementary OS easier to get and more inclusive
* This release is based on Ubuntu 20.04 and Linux Kernel 5.8. If you ask me, its late at this moment to have a new version of a distro based on Ubuntu 20.04 whereas next LTS is due in 2022.
* Dark theme and new ascent color is introduced in this release. With the dark theme enabled, all the default applications, windows automatically adapt to dark mode. This mode also can be set based on sunset and sunrise at your location.
* The ascent colors applied across the system when chosen. A fair and nice list of assent colors are available.
* The new dark theme is designed such as way that third party app developers can easily integrate their application to follow elementary OS stylesheet.
![Dark and Light theme][3]
* All apps in AppCenter are now Flatpak apps which runs in their separate sandbox. This is one of the best move by elementary team and all the Flatpak apps requires separate permission controls via settings.
* If you are a touchpad/touch device fan, then you are in for a treat. Three finger swipe up gestures brings up the activities overview.
* Three finger left and right swap between dynamic workspaces.
* And all the applicable apps uses two finger gestures.
* Notifications are revamped with new look and can follow dark theme.
* A new task application introduced to track your tasks and can sync with online accounts.
* elementary OS 6 comes with firmware updates built in, powered by the Linux Vendor Firmware Service. Firmware updates are provided for supported devices by hardware manufacturers like Star Labs, Dell, Lenovo, HP, Intel, Logitech, Wacom, 8bitdo, and many more—now supported devices can get the latest updates for security and stability straight from System Settings → System → Firmware or by searching the Applications Menu for “Firmware.”
* Native applications are updated and redesigned completely. Epiphany browser is renamed as Web. Mail is completely rewritten with tighter integration with online accounts.
* Files introduces a different behavioral change. You need to single click to browse folders, but double click for files. This can not be changed via gsettings.
* And many more updates, which you can read in the [change log][4] here.
[][5]
SEE ALSO:   elementary OS 6 Beta Released. Download and Test Now!
### Minimum System Requirement for elementary OS 6
Heres a system specification for this version, before you hit download.
* Recent Intel i3 or comparable dual-core 64-bit processor
* 4 GB of system memory (RAM)
* Solid state drive (SSD) with 15 GB of free space
* Internet access
* Built-in or wired mouse/touchpad and keyboard
* 1024×768 minimum resolution display
### elementary OD 6 Odin Download
The .iso files for the new release is available in below link. Due to rush, the servers might be busy, hence it is recommended to use torrents if possible.
[Download elementary OS 6 ODIN][6]
### How to Upgrade
There is no upgrade path available at the moment to upgrade to elementary 6 from elementary 5.1. Hence, you need to take backups and do a fresh installation via .iso available in above link.
### Closing Notes
There is no question that elementary OS is a one-of-a-kind Linux Distribution today. And its popularity is increasing everyday due to the awesome Pantheon desktop. It is one of the rare Linux distribution which appeals both macOS and Windows users. That said, I think the development process requires a bit faster and two years of the wait between versions is too long for IT. This release is based on Ubuntu 20.04 which is already two years old, and we have a new LTS coming up on 2022. And of course there is no upgrade path. I believe if the team work on these aspects, considering dedicated developers, donations, I think it would be one of the best Linux distro.
* * *
--------------------------------------------------------------------------------
via: https://www.debugpoint.com/2021/08/elementary-os-6/
作者:[Arindam][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.debugpoint.com/author/admin1/
[b]: https://github.com/lujun9972
[1]: https://www.debugpoint.com/blog/wp-content/uploads/2021/08/elementary-OS-6-ODIN-Desktop-1024x576.jpg
[2]: https://www.debugpoint.com/2019/12/elementary-os-hera-released/
[3]: https://www.debugpoint.com/blog/wp-content/uploads/2021/08/Dark-and-Light-theme-1024x692.png
[4]: https://blog.elementary.io/elementary-os-6-odin-released/
[5]: https://www.debugpoint.com/2021/05/elementary-os-6-beta/
[6]: https://elementary.io/

294
sources/tech/20210811 Build your own Fedora IoT Remix.md Normal file
View File

@ -0,0 +1,294 @@
[#]: subject: "Build your own Fedora IoT Remix"
[#]: via: "https://fedoramagazine.org/build-your-own-fedora-iot-remix/"
[#]: author: "Alexander Wellbrock https://fedoramagazine.org/author/w4tsn/"
[#]: collector: "lujun9972"
[#]: translator: " "
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
Build your own Fedora IoT Remix
======
![][1]
Background excerpted from photo by [S. Tsuchiya][2] on [Unsplash][3]
Fedora IoT Edition is aimed at the Internet of Things. It was introduced in the article [How to turn on an LED][4] with Fedora IoT in 2018. It is based on [RPM-OSTree][5] as a core technology to gain some nifty properties and features which will be covered in a moment.
RPM-OSTree is a high-level tool built on [libostree][6] which is a set of tools establishing a “git-like” model for committing and exchanging filesystem trees, deployment of said trees, bootloader configuration and layered RPM package management. Such a system benefits from the following properties:
* Transactional upgrade and rollback
* Read-only filesystem areas
* Potentially small updates through deltas
* Branching, including rebase and multiple deployments
* Reproducible filesystem
* Specification of filesystem through version-controlled code
Exchange of filesystem trees and corresponding commits is done through OSTree repositories or remotes. When using one of the Fedora Editions based on RPM-OSTree there are remotes from which the system downloads commits and applies them, rather than downloading and installing separate RPMs.
A [Remix][7] in the Fedora ecosystem is an altered, opinionated version of the OS. It covers the needs of a specific niche. This article will dive into the world of building your own filesystem commits based on Fedora IoT Edition. You will become acquainted to the tools, terminology, design and processes of such a system. If you follow the directions in this guide you will end up with your own Fedora IoT Remix.
### Preparations
You will need some packages to get started. On non-ostree systems install the packages _ostree_ and _rpm-ostree_. Both are available in the Fedora Linux package repositories. Additionally install _git_ to access the Fedora IoT ostree spec sources.
```
sudo dnf install ostree rpm-ostree git
```
Assuming you have a spare, empty folder laying around to work with, start there by creating some files and folders that will be needed along the way.
```
mkdir .cache .build-repo .deploy-repo .tmp custom
```
The _.cache_ directory is used by all build commands around rpm-ostree. The folders _build_ and _deploy_ store separate repositories to keep the build environment separate from the actual remix. The _.tmp_ directory is used to combine the git-managed upstream sources (from Fedora IoT, for example) with modifications kept in the _custom_ directory.
As you build your own OSTree as derivative from Fedora IoT you will need the sources. Clone them into the folder _.fedora-iot-spec_. They contain several configuration files specifying how the ostree filesystem for Fedora IoT is built, what packages to include, etc.
```
git clone -b "f34" https://pagure.io/fedora-iot/ostree.git .fedora-iot-spec
```
#### OSTree repositories
Create repositories to build and store an OSTree filesystem and its contents . A place to store commits and manage their metadata. Wait, what? What is an OSTree commit anyway? Glad you ask! With _rpm-ostree_ you build so-called _libostree commits_. The terminology is roughly based on git. They essentially work in similar ways. Those commits store diffs from one state of the filesystem to the next. If you change a binary blob inside the tree, the commit contains this change. You can deploy this specific version of the filesystem at any time.
Use the _ostree init_ command to create two _ostree repositories_.
```
ostree --repo=".build-repo" init --mode=bare-user
ostree --repo=".deploy-repo" init --mode=archive
```
The main difference between the repositories is their mode. Create the build repository in “bare-user” mode and the “production” repository in “archive” mode. The _bare*_ mode is well suited for build environments. The “user” portion additionally allows non-root operation and storing extended attributes. Create the other repository in _archive_ mode. It stores objects compressed; making them easy to move around. If all that doesnt mean a thing to you, dont worry. The specifics dont matter for your primary goal here to build your own Remix.
Let me share just a little anecdote on this: When I was working on building ostree-based systems on GitLab CI/CD pipelines and we had to move the repositories around different jobs, we once tried to move them uncompressed in _bare-user_ mode via caches. We learned that, while this works with _archive_ repos, it does not with _bare*_ repos. Important filesystem attributes will get corrupted on the way.
#### Custom flavor
Whats a Remix without any customization? Not much! Create some configuration files as adjustment for your own OS. Assuming you want to deploy the Remix on a system with a hardware watchdog (a [Raspberry Pi][8], for example) start with a watchdog configuration file:
```
./custom/watchdog.conf
watchdog-device = /dev/watchdog
max-load-1 = 24
max-load-15 = 9
realtime = yes
priority = 1
watchdog-timeout = 15 # Broadcom BCM2835 limitation
```
The _postprocess-script_ is an arbitrary shell script executed inside the target filesystem tree as part of the build process. It allows for last-minute customization of the filesystem in a restricted and (by default) network-less environment. Its a good place to ensure the correct file permissions are set for the custom watchdog configuration file.
```
./custom/treecompose-post.sh
#!/bin/sh
set -e
# Prepare watchdog
chown root:root /etc/watchdog.conf
chmod 0644 /etc/watchdog.conf
```
#### Plant a Treefile
Fedora IoT is pretty minimal and keeps its main focus on security and best-practices. The rest is up to you and your use-case. As a consequence, the watchdog package is not provided from the get-go. In RPM-OSTree the spec file is called [Treefile][9] and encoded in [JSON][10]. In the _Treefile_ you specify what packages to install, files and folders to exclude from packages, _configuration files_ to add to the _filesystem tree_ and _systemd units_ to enable by default.
```
./custom/treefile.json
{
"ref": "OSTreeBeard/stable/x86_64",
"ex-jigdo-spec": "fedora-iot.spec",
"include": "fedora-iot-base.json",
"boot-location": "modules",
"packages": [
"watchdog"
],
"remove-files": [
"etc/watchdog.conf"
],
"add-files": [
["watchdog.conf", "/etc/watchdog.conf"]
],
"units": [
"watchdog.service"
],
"postprocess-script": "treecompose-post.merged.sh"
}
```
The _ref_ is basically the branch name within the repository. Use it to refer to this specific spec in _rpm-ostree_ operations. With _ex-jigdo-spec_ and _include_ you link this _Treefile_ to the configuration of the _Fedora IoT sources_. Additionally specify the _Fedora Updates repo_ in the _repos_ section. It is not part of the sources so you will have to add that yourself. More on that in a moment.
With _packages_ you instruct _rpm-ostree_ to install the _watchdog_ package. Exclude the _watchdog.conf_ file and replace it with the one from the _custom_ directory by using _remove-files_ and _add-files_. Now just enable the _watchdog.service_ and you are good to go.
All available treefile options are available in the [official RPM-OSTree documentation][11].
#### Add another RPM repository
In its initial configuration the OSTree only uses the initial Fedora 34 package repository. Add the Fedora 34 Updates repository as well. To do so, add the following file to your _custom_ directory.
```
./custom/fedora-34-updates.repo
[fedora-34-updates]
name=Fedora 34 - $basearch - Updates
#baseurl=http://download.fedoraproject.org/pub/fedora/linux/updates/$releasever/Everything/$basearch/
metalink=https://mirrors.fedoraproject.org/metalink?repo=updates-released-f34&arch=$basearch
enabled=1
repo_gpgcheck=0
type=rpm
gpgcheck=1
#metadata_expire=7d
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-34-$basearch
skip_if_unavailable=False
```
Now tell rpm-ostree in the spec for your Remix to include this repository. Use the _treefile_s _repos_ section.
```
./custom/treefile.json
{
...
"repos": [
"fedora-34",
"fedora-34-updates"
],
...
}
```
### Build your own Fedora IoT Remix
You have all that need to build your first ostree based filesystem. By now you setup a certain project structure, downloaded the Fedora IoT upstream specs, and added some customization and initialized the ostree repositories. All you need to do now is throw everything together and create a nicely flavored Fedora IoT Remix salsa.
```
cp ./.fedora-iot-spec/* .tmp/
cp ./custom/* .tmp/
```
Combine the _postprocessing-scripts_ of the _Fedora IoT upstream sources_ and your _custom_ directory.
```
cat "./.fedora-iot-spec/treecompose-post.sh" "./custom/treecompose-post.sh" > ".tmp/treecompose-post.merged.sh"
chmod +x ".tmp/treecompose-post.merged.sh"
```
Remember that you specified _treecompose-post.merged.sh_ as your post-processing script earlier in _treefile.json_? Thats where this file comes from.
Note that all the files systemd units, scripts, configurations mentioned in _ostree.json_ are now available in _.tmp_. This folder is the build context that all the references are relative to.
You are only one command away from kicking off your first build of a customized Fedora IoT. Now, kick-of the build with _rpm-ostree compose tree_ command. Now grab a cup of coffee, enjoy and wait for the build to finish. That may take between 5 to 10 minutes depending on your host hardware. See you later!
```
sudo rpm-ostree compose tree --unified-core --cachedir=".cache" --repo=".build-repo" --write-commitid-to="$COMMIT_FILE" ".tmp/treefile.json"
```
#### Prepare for deployment
Oh, erm, you are back already? Ehem. Good! The _.build-repo_ now stores a complete filesystem tree of around 700 to 800 MB of compressed data. The last thing to do before you consider putting this on the network and deploying it on your device(s) (at least for now) is to add a _commit_ with an arbitrary _commit subject_ and _metadata_ and to pull the result over to the _deploy-repo_.
```
sudo ostree --repo=".deploy-repo" pull-local ".build-repo" "OSTreeBeard/stable/x86_64"
```
The _deploy-repo_ can now be placed on any file-serving webserver and then used as a new _ostree remote_ … theoretically. I wont go through the topic of security for ostree remotes just yet. As an initial advise though: Always sign OSTree commits with GPG to ensure the authenticity of your updates. Apart from that its only a matter of adding the remote configuration on your target and using _rpm-ostree rebase_ to switch over to this Remix.
As a final thing before you leave to do outside stuff (like with fresh air, sun, ice-cream or whatever), take a look around the newly built filesystem to ensure that everything is in place.
#### Explore the filesystem
Use _ostree refs_ to list available refs in the repo or on your system.
```
$ ostree --repo=".deploy-repo" refs
OSTreeBeard/stable/x86_64
```
Take a look at the commits of a ref with _ostree log_.
```
$ ostree --repo=".deploy-repo" log OSTreeBeard/stable/x86_64
commit 849c0648969c8c2e793e5d0a2f7393e92be69216e026975f437bdc2466c599e9
ContentChecksum: bcaa54cc9d8ffd5ddfc86ed915212784afd3c71582c892da873147333e441b26
Date: 2021-07-27 06:45:36 +0000
Version: 34
(no subject)
```
List the ostree filesystem contents with _ostree ls_.
```
$ ostree --repo=".build-repo" ls OSTreeBeard/stable/x86_64
d00755 0 0 0 /
l00777 0 0 0 /bin -> usr/bin
l00777 0 0 0 /home -> var/home
l00777 0 0 0 /lib -> usr/lib
l00777 0 0 0 /lib64 -> usr/lib64
l00777 0 0 0 /media -> run/media
l00777 0 0 0 /mnt -> var/mnt
l00777 0 0 0 /opt -> var/opt
l00777 0 0 0 /ostree -> sysroot/ostree
l00777 0 0 0 /root -> var/roothome
l00777 0 0 0 /sbin -> usr/sbin
l00777 0 0 0 /srv -> var/srv
l00777 0 0 0 /tmp -> sysroot/tmp
d00755 0 0 0 /boot
d00755 0 0 0 /dev
d00755 0 0 0 /proc
d00755 0 0 0 /run
d00755 0 0 0 /sys
d00755 0 0 0 /sysroot
d00755 0 0 0 /usr
d00755 0 0 0 /var
$ ostree --repo=".build-repo" ls OSTreeBeard/stable/x86_64 /usr/etc/watchdog.conf
-00644 0 0 208 /usr/etc/watchdog.conf
```
Take note that the _watchdog.conf_ file is located under _/usr/etc/watchdog.conf_. On booted deployment this is located at _/etc/watchdog.conf_ as usual.
### Where to go from here?
You took a brave step in building a customized Fedora IoT on your local machine. First I introduced you the concepts and vocabulary so you could understand where you were at and where you wanted to go. You then ensured all the tools were in place. You looked at the ostree repository modes and mechanics before analyzing a typical _ostree configuration_. To spice it up and make it a bit more interesting you made an additional service and configuration ready to role out on your device(s). To do that you added the Fedora Updates RPM repository and then kicked off the build process. Last but not least, you packaged the result up in a format ready to be placed somewhere on the network.
There are a lot more topics to cover. I could explain how to configure an NGINX to serve ostree remotes effectively. Or how to ensure the security and authenticity of the filesystem and updates through GPG signatures. Also, how one manually alters the filesystem and what tooling is available for building the filesystem. There is also more to be explained about how to test the Remix and how to build flashable images and installation media.
Let me know in the comments what you think and what you care about. Tell me what youd like to read next. If you already built Fedora IoT, Im happy to read your stories too.
### References
* [Fedora IoT documentation][12]
* [libostree documentation][13]
* [rpm-ostree documentation][5]
--------------------------------------------------------------------------------
via: https://fedoramagazine.org/build-your-own-fedora-iot-remix/
作者:[Alexander Wellbrock][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://fedoramagazine.org/author/w4tsn/
[b]: https://github.com/lujun9972
[1]: https://fedoramagazine.org/wp-content/uploads/2021/08/rpi-816x345.jpg
[2]: https://unsplash.com/@s_tsuchiya?utm_source=unsplash&utm_medium=referral&utm_content=creditCopyText
[3]: https://unsplash.com/s/photos/raspberry-pi?utm_source=unsplash&utm_medium=referral&utm_content=creditCopyText
[4]: https://fedoramagazine.org/turnon-led-fedora-iot/
[5]: https://coreos.github.io/rpm-ostree/
[6]: https://ostreedev.github.io/ostree/
[7]: https://fedoraproject.org/wiki/Remix
[8]: https://en.wikipedia.org/wiki/Raspberry_Pi
[9]: https://rpm-ostree.readthedocs.io/en/stable/manual/treefile/
[10]: https://en.wikipedia.org/wiki/JSON
[11]: https://coreos.github.io/rpm-ostree/treefile/
[12]: https://docs.fedoraproject.org/en-US/iot/
[13]: https://ostreedev.github.io/ostree/introduction/

198
sources/tech/20210811 Monitor your Linux system in your terminal with procps-ng.md Normal file
View File

@ -0,0 +1,198 @@
[#]: subject: "Monitor your Linux system in your terminal with procps-ng"
[#]: via: "https://opensource.com/article/21/8/linux-procps-ng"
[#]: author: "Seth Kenlon https://opensource.com/users/seth"
[#]: collector: "lujun9972"
[#]: translator: " "
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
Monitor your Linux system in your terminal with procps-ng
======
How to find the process ID (PID) of a program. The most common Linux
tools for this are provided by the procps-ng package, including the ps
and pstree, pidof, and pgrep commands.
![System monitor][1]
A process, in [POSIX][2] terminology, is an ongoing event being managed by an operating systems kernel. A process is spawned when you launch an application, although there are many other processes running in the background of your computer, including programs to keep your system time accurate, to monitor for new filesystems, to index files, and so on.
Most operating systems have a system activity monitor of some kind so you can learn what processes are running at any give moment. Linux has a few for you to choose from, including GNOME System Monitor and KSysGuard. Both are useful applications on the desktop, but Linux also provides the ability to monitor your system in your terminal. Regardless of which you choose, its a common task for those who take an active role in managing their computer is to examine a specific process.
In this article, I demonstrate how to find the process ID (PID) of a program. The most common tools for this are provided by the [procps-ng][3] package, including the `ps` and `pstree`, `pidof`, and `pgrep` commands.
### Find the PID of a running program
Sometimes you want to get the process ID (PID) of a specific application you know you have running. The `pidof` and `pgrep` commands find processes by command name.
The `pidof` command returns the PIDs of a command, searching for the exact command by name:
```
$ pidof bash
1776 5736
```
The `pgrep` command allows for regular expressions (regex):
```
$ pgrep .sh
1605
1679
1688
1776
2333
5736
$ pgrep bash
5736
```
### Find a PID by file
You can find the PID of the process using a specific file with the `fuser` command.
```
$ fuser --user ~/example.txt                    
/home/tux/example.txt:  3234(tux)
```
### Get a process name by PID
If you have the PID _number_ of a process but not the command that spawned it, you can do a "reverse lookup" with `ps`:
```
$ ps 3234
 PID TTY      STAT   TIME COMMAND
5736 pts/1    Ss     0:00 emacs
```
### List all processes
The `ps` command lists processes. You can list every process on your system with the `-e` option:
```
$ ps -e | less
PID TTY          TIME CMD
  1 ?        00:00:03 systemd
  2 ?        00:00:00 kthreadd
  3 ?        00:00:00 rcu_gp
  4 ?        00:00:00 rcu_par_gp
  6 ?        00:00:00 kworker/0:0H-events_highpri
[...]
5648 ?        00:00:00 gnome-control-c
5656 ?        00:00:00 gnome-terminal-
5736 pts/1    00:00:00 bash
5791 pts/1    00:00:00 ps
5792 pts/1    00:00:00 less
(END)
```
### List just your processes
The output of `ps -e` can be overwhelming, so use `-U` to see the processes of just one user:
```
$ ps -U tux | less
 PID TTY          TIME CMD
3545 ?        00:00:00 systemd
3548 ?        00:00:00 (sd-pam)
3566 ?        00:00:18 pulseaudio
3570 ?        00:00:00 gnome-keyring-d
3583 ?        00:00:00 dbus-daemon
3589 tty2     00:00:00 gdm-wayland-ses
3592 tty2     00:00:00 gnome-session-b
3613 ?        00:00:00 gvfsd
3618 ?        00:00:00 gvfsd-fuse
3665 tty2     00:01:03 gnome-shell
[...]
```
That produces 200 fewer (give or take a hundred, depending on the system you're running it on) processes to sort through.
You can view the same output in a different format with the `pstree` command:
```
$ pstree -U tux -u --show-pids
[...]
├─gvfsd-metadata(3921)─┬─{gvfsd-metadata}(3923)
                     └─{gvfsd-metadata}(3924)
├─ibus-portal(3836)─┬─{ibus-portal}(3840)
                  └─{ibus-portal}(3842)
├─obexd(5214)
├─pulseaudio(3566)─┬─{pulseaudio}(3640)
                 ├─{pulseaudio}(3649)
                 └─{pulseaudio}(5258)
├─tracker-store(4150)─┬─{tracker-store}(4153)
                    ├─{tracker-store}(4154)
                    ├─{tracker-store}(4157)
                    └─{tracker-store}(4178)
└─xdg-permission-(3847)─┬─{xdg-permission-}(3848)
                        └─{xdg-permission-}(3850)
```
### List just your processes with context
You can see extra context for all of the processes you own with the `-u` option.
```
$ ps -U tux -u
USER  PID %CPU %MEM    VSZ   RSS TTY STAT START  TIME COMMAND
tux  3545  0.0  0.0  89656  9708 ?   Ss   13:59  0:00 /usr/lib/systemd/systemd --user
tux  3548  0.0  0.0 171416  5288 ?   S    13:59  0:00 (sd-pam)
tux  3566  0.9  0.1 1722212 17352 ?  S&lt;sl 13:59  0:29 /usr/bin/pulseaudio [...]
tux  3570  0.0  0.0 664736  8036 ?   SLl  13:59  0:00 /usr/bin/gnome-keyring-daemon [...]
[...]
tux  5736  0.0  0.0 235628  6036 pts/1 Ss 14:18  0:00 bash
tux  6227  0.0  0.4 2816872 74512 tty2 Sl+14:30  0:00 /opt/firefox/firefox-bin [...]
tux  6660  0.0  0.0 268524  3996 pts/1 R+ 14:50  0:00 ps -U tux -u
tux  6661  0.0  0.0 219468  2460 pts/1 S+ 14:50  0:00 less
```
### Troubleshoot with PIDs
If youre having trouble with a specific application, or youre just curious about what else on your system an application uses, you can see a memory map of the running process with `pmap`:
```
$ pmap 1776
5736:   bash
000055f9060ec000   1056K r-x-- bash
000055f9063f3000     16K r---- bash
000055f906400000     40K rw---   [ anon ]
00007faf0fa67000   9040K r--s- passwd
00007faf1033b000     40K r-x-- libnss_sss.so.2
00007faf10345000   2044K ----- libnss_sss.so.2
00007faf10545000      4K rw--- libnss_sss.so.2
00007faf10546000 212692K r---- locale-archive
00007faf1d4fb000   1776K r-x-- libc-2.28.so
00007faf1d6b7000   2044K ----- libc-2.28.so
00007faf1d8ba000      8K rw--- libc-2.28.so
[...]
```
### Process IDs
The **procps-ng** package has all the commands you need to investigate and monitor what your system is using at any moment. Whether youre just curious about how all the disparate parts of a Linux system fit together, or whether youre investigating an error, or youre looking to optimize how your computer is performing, learning these commands gives you a significant advantage for understanding your OS.
--------------------------------------------------------------------------------
via: https://opensource.com/article/21/8/linux-procps-ng
作者:[Seth Kenlon][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/seth
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/system-monitor-splash.png?itok=0UqsjuBQ (System monitor)
[2]: https://opensource.com/article/19/7/what-posix-richard-stallman-explains
[3]: https://gitlab.com/procps-ng

75
sources/tech/20210811 My top 5 tips for setting up Terraform.md Normal file
View File

@ -0,0 +1,75 @@
[#]: subject: "My top 5 tips for setting up Terraform"
[#]: via: "https://opensource.com/article/21/8/terraform-tips"
[#]: author: "Ayush Sharma https://opensource.com/users/ayushsharma"
[#]: collector: "lujun9972"
[#]: translator: " "
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
My top 5 tips for setting up Terraform
======
These are the lessons I've learned after five years with Terraform.
![Puzzle pieces coming together to form a computer screen][1]
Working with Terraform for over five years has taught me some key lessons. Five practices have been critical to having a logical and usable Terraform setup regardless of the size of the team or the nature of the project.
### 1\. Know your target audience.
This one might seem obvious, but I've seen it go wrong several times. When organizing Terraform code, either standardizing the directory structure or defining naming conventions, it's vital to consider the intended audience. Will your team be using these Terraform scripts and modules? Are you handing the work over to another team? Will new people be joining your team sooner or later? Are you working on this project solo? Will you be using this setup in six months or a year, or will it be assigned to someone else?
Questions like these affect several decisions. Ideally, you should have [Remote State][2] and [State Locking][3] in place regardless of the team size now or in the future. Remote State will ensure your laptop is not the only place your Terraform works, and State Locking will ensure that only one person at a time is changing the infrastructure.
The naming convention should make sense to the eventual owners of the project, not just the team that is writing the code. If the project is for another team, make sure they have a say in the naming convention. If non-technical stakeholders or internal security/GCR teams review the code, make sure they check the naming convention. In addition to resource names, you should leverage resource tags to highlight any data classification/privacy requirements (high, medium, low) for more careful examination by reviewers.
### 2\. Reuse. Reuse. Reuse.
The [Terraform Registry][4] provides a library of ready-to-use modules for the most common use-cases. I've written about the extensive parameterization available in the VPC module and security groups. Simply calling modules with different parameters is enough to handle most, if not all, potential use cases. Reuse these shared modules as much as possible to avoid endless typing, testing, checking, fixing, and refactoring.
I've also found that separating modules and resources based on the frequency of use or change is beneficial. For example, infrastructure scaffolding used only once belongs together, such as setting up the VPC, security groups, routing tables, VPC endpoints, and so on. But things like private hosted zone entries, autoscaling groups, target groups, load balancers, etc., might change with every deployment, so separating these from the one-time scaffolding will make code reviews easier and debugging faster.
### 3\. Be explicit rather than implicit.
There are common patterns to Terraform code that I have seen lead to incorrect assumptions baked into the design. Teams can assume that the Terraform version used to write the code today will never change, or the external modules won't change, or the providers they are using won't change. These lead to invisible issues a few weeks down the road when these external dependencies inevitably get updated.
Ensure you explicitly define versions everywhere possible: In the main Terraform block, in the provider block, in the module block, etc. Defining versions ensures that your dependent libraries stay frozen so that you can explicitly update dependencies when required after thorough discussions, reviews, and testing.
### 4\. Automate everywhere. Your laptop. Your shared VM. Your CI/CD.
Leveraging automation at every stage of the deployment process can avoid future problems before they even arise.
Use [Git pre-commit hooks][5] to run `terraform fmt` and `terraform validate` before you commit your code. Pre-commit hooks ensure that code is, at a bare minimum, adequately formatted and syntactically correct. Check-in this pre-commit file to the repo, and everyone on your team can benefit from the same automation. This small but vital quality control at the first step of the process can achieve substantial time savings as your project progresses.
All modern deployment tools have CI processes. You can use these to run SAST and unit testing tools when pushing your code to origin. I've written on my blog about how [Checkov can test Terraform code for security and compliance and create custom checks][6] for organization-specific conventions. Add these unit testing tools to your CI pipeline to improve code quality and robustness.
### 5\. Have an awesome README.md.
We all like to think that Terraform code is self-documenting. Sure it is, but only if your future team already knows your company's naming conventions and guidelines and secret handshakes and inside jokes and whatever else your repo contains besides valid Terraform code. Getting into the habit of having a good `README.md` can be a huge time saver, and it keeps your team honest by holding them accountable for everything explicitly committed to in the README.
At a minimum, your README should contain the steps to initialize the right Terraform environment on your workstations (Linux, Windows, Mac, and so on), including the Terraform version to install. It should specify the required dependencies (Checkov, TerraGrunt, and others) with versions and any handy Linux aliases your team uses (some people like to define `tff` as a short-hand for `terraform fmt`). Most importantly, the branching and PR review strategy and process, naming conventions, and resource tagging standards should be specified.
The README should pass a simple test: if a new member joins your team tomorrow, is the README enough to teach them what to do and how to do it correctly? If not, you may find yourself hosting never-ending standards and process meetings repeatedly for the next few months.
### Wrap up
After many years of working with Terraform, these are my five best bits of wisdom to pass along. Feel free to share your own best practices below.
--------------------------------------------------------------------------------
via: https://opensource.com/article/21/8/terraform-tips
作者:[Ayush Sharma][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/ayushsharma
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/puzzle_computer_solve_fix_tool.png?itok=U0pH1uwj (Puzzle pieces coming together to form a computer screen)
[2]: https://www.terraform.io/docs/language/state/index.html
[3]: https://www.terraform.io/docs/language/state/locking.html
[4]: https://registry.terraform.io/
[5]: https://opensource.com/life/16/8/how-construct-your-own-git-server-part-6
[6]: https://notes.ayushsharma.in/2021/07/cloud-infrastructure-sast-terraform-checkov

152
translated/tech/20200204 Managing your attached hardware on Linux with systemd-udevd.md Normal file
View File

@ -0,0 +1,152 @@
[#]: collector: (lujun9972)
[#]: translator: (YungeG)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Managing your attached hardware on Linux with systemd-udevd)
[#]: via: (https://opensource.com/article/20/2/linux-systemd-udevd)
[#]: author: (David Clinton https://opensource.com/users/dbclinton)
在 Linux 使用 systemd-udevd 管理你的附加硬件
======
使用 udev 管理你的 Linux 系统处理物理设备的方式。
![collection of hardware on blue backround][1]
Linux 能够出色地自动从不计其数的设备厂商中识别、加载、并暴露硬件设备。事实上,很多年以前,正是这个特性说服我,坚持让我的雇员将整个基础架构转换到 Linux。痛点在于 Redmond 的某家公司不能在我们的 Compaq 台式机加载集成网卡的驱动,而 Linux 可以轻松实现这一点。
从那以后的岁月里,已识别设备的 Linux 库随着驱动加载流程复杂度的增加与日俱增,而 [udev][2] 就是解决这个问题的希望之星。udev 负责监听 Linux 内核发出的改变设备状态的事件。这里的设备可能是一个插入或拔出的新 USB 设备,或者是一个因浸入洒出的咖啡中而脱机的无线鼠标。
In the years since then, Linux's library of recognized devices has grown enormously along with the sophistication of the process. And the star of that show is [udev][2]. Udev's job is to listen for events from the Linux kernel involving changes to the state of a device. It could be a new USB device that's plugged in or pulled out, or it might be a wireless mouse going offline as it's drowned in spilled coffee.
udev 负责处理所有状态变更,比如指定访问设备使用的名称和权限。这些更改的记录可以通过 [dmesg][3] 获取。由于 dmesg 的输出通常有几千行,对结果进行过滤通常是聪明的选择。下面的例子说明了 Linux 如何识别我的 WiFi 接口。这个例子展示了我的无线设备使用的芯片组(**ath9k**)、启动过程早期阶段分配的原始名称(**wlan0**)、以及正在使用的又臭又长的永久名称(**wlxec086b1ef0b3**
```
$ dmesg | grep wlan
[    5.396874] ath9k_htc 1-3:1.0 wlxec086b1ef0b3: renamed from wlan0
```
我将在这篇文章中讨论为何每个人都可能想要使用一个类似的名称。在这个过程中,我会探索剖析 udev 的配置文件,然后展示如何更改 udev 的设置,包括编辑系统命名设备的方式。这篇文件基于我的新课程中的一个模块,[Linux 系统优化][4]。
### 理解 udev 配置系统
使用 systemd 的机器上udev 操作由 **systemd-udevd** 守护进程管理,你可以通过常规的 systemd 方式使用 **systemctl status systemd-udevd** 检查 udev 守护进程的状态。
严格来说udev 试图将收到的每个系统事件与 **/lib/udev/rules.d/** 和 **/etc/udev/rules.d/** 目录下找到的规则进行匹配。规则文件包括匹配键和分配键,可用的匹配键包括 **action**、**name**、和 **subsystem**。这意味着如果探测到一个属于某个子系统的、带有特定名称的设备,就会给设备指定一个预设的配置。
接着,“分配”键值对被拿来应用想要的配置。例如,你可以给设备分配一个新名称、将其关联到文件系统中的一个符号链接、或者限制为只能由特定的所有者或组访问。这是从我的工作站摘出的一条规则:
```
$ cat /lib/udev/rules.d/73-usb-net-by-mac.rules
# Use MAC based names for network interfaces which are directly or indirectly
# on USB and have an universally administered (stable) MAC address (second bit
# is 0). Don't do this when ifnames is disabled via kernel command line or
# customizing/disabling 99-default.link (or previously 80-net-setup-link.rules).
IMPORT{cmdline}="net.ifnames"
ENV{net.ifnames}=="0", GOTO="usb_net_by_mac_end"
ACTION=="add", SUBSYSTEM=="net", SUBSYSTEMS=="usb", NAME=="", \
    ATTR{address}=="?[014589cd]:*", \
    TEST!="/etc/udev/rules.d/80-net-setup-link.rules", \
    TEST!="/etc/systemd/network/99-default.link", \
    IMPORT{builtin}="net_id", NAME="$env{ID_NET_NAME_MAC}"
```
**add** 动作告诉 udev只要新插入的设备属于网络子系统*并且*是一个 USB 设备,就执行操作。此外,如果我理解正确的话,只有设备的 MAC 地址由特定范围内的字符组成,并且 **80-net-setup-link.rules****99-default.link** 文件*不*存在时,规则才会生效。
假定所有的条件都满足,接口 ID 会变成设备的 MAC 地址。还记得之前的 dmesg 信息显示我的接口名称从 **wlan0** 改成了讨厌的 **wlxec086b1ef0b3** 吗?那都是这条规则的功劳。我怎么知道?因为 **ec:08:6b:1e:f0:b3** 是设备的 MAC 地址(不包括冒号)。
```
$ ifconfig -a
wlxec086b1ef0b3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.0.103  netmask 255.255.255.0  broadcast 192.168.0.255
        inet6 fe80::7484:3120:c6a3:e3d1  prefixlen 64  scopeid 0x20<link>
        ether ec:08:6b:1e:f0:b3  txqueuelen 1000  (Ethernet)
        RX packets 682098  bytes 714517869 (714.5 MB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 472448  bytes 201773965 (201.7 MB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
```
Linux 默认包含这条 udev 规则,我不需要自己写。但是为什么费力进行这样的命名呢——尤其是看到这样的接口命名这么难使用后?仔细看一下包含在规则中的注释:
```
# Use MAC based names for network interfaces which are directly or indirectly
# on USB and have an universally administered (stable) MAC address (second bit
# is 0). Don't do this when ifnames is disabled via kernel command line or
# customizing/disabling 99-default.link (or previously 80-net-setup-link.rules).
```
留意一下这个规则是如何专为基于 USB 的网络接口设计的。和 PCI 网络接口卡NICs不同USB 设备很可能时不时地被移除或者替换,这意味着无法保证它们的 ID 不变。某一天 ID 可能是 **wlan0**,第二天却变成了 **wlan3**。为了避免迷惑应用程序,指定绝对 ID 给设备——就像分配给我的 USB 接口的 ID。
### 操作 udev 的设置
下一个示例中,我将从 [VirtualBox][5] 虚拟机里抓取以太网接口的 MAC 地址和当前 ID然后用这些信息创建一个改变接口 ID 的 udev 新规则。为什么这么做?也许我打算从命令行操作设备,需要输入那么长的名称让人十分烦恼。下面是工作原理。
改变 ID 之前,我需要关闭 [Netplan][6] 当前的网络配置,促使 Linux 使用新的配置。下面是 **/etc/netplan/** 目录下我的当前网络接口配置文件:
```
$ less /etc/netplan/50-cloud-init.yaml
# This file is generated from information provided by
# the datasource.  Changes to it will not persist across an instance.
# To disable cloud-init's network configuration capabilities, write a file
# /etc/cloud/cloud.cfg.d/99-disable-network-config.cfg with the following:
# network: {config: disabled}
network:
    ethernets:
        enp0s3:
            addresses: []
            dhcp4: true
    version: 2
```
**50-cloud-init.yaml** 文件包含一个非常基本的接口定义,但是注释中也包含一些关闭配置的重要信息。为此,我将移动到 **/etc/cloud/cloud.cfg.d** 目录,创建一个名为 **/etc/cloud/cloud.cfg.d** 的新文件,插入 **network: {config: disabled}** 字符串。
尽管我只在 Ubuntu 发行版上测试了这个方法,但它应该在任何一个带有 systemd 的 Linux几乎所有的 Linux 发行版都有 systemd上都可以工作。不管你使用哪个都可以很好地了解编写 udev 配置文件并对其进行测试。
接下来,我需要收集一些系统信息。执行 **ip** 命令,显示我的以太网接口名为 **enp0s3**MAC 地址是 **08:00:27:1d:28:10**
```
$ ip a
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 08:00:27:1d:28:10 brd ff:ff:ff:ff:ff:ff
    inet 192.168.0.115/24 brd 192.168.0.255 scope global dynamic enp0s3
```
现在,我要在 **/etc/udev/rules.d** 目录创建一个名为 **peristent-net.rules** 的新文件。我将给文件一个以较小的数字 10 开头的名称:
```
$ cat /etc/udev/rules.d/10-persistent-network.rules
ACTION=="add", SUBSYSTEM=="net",ATTR{address}=="08:00:27:1d:28:10",NAME="eth3"
```
数字越小Linux 越早执行文件,我想要这个文件早点执行。文件被添加时,包含其中的代码就会分配名称 **eth3** 给网络设备——只要设备的地址能够匹配 **08:00:27:1d:28:10**,即我的接口的 MAC 地址 。
保存文件并重启计算机后,我的新接口名应该就会生效。我可能需要直接登陆虚拟机,使用 **dhclient** 手动让 Linux 为这个新命名的网络请求一个 IP 地址。在执行下列命令前,可能无法打开 SSH 会话:
```
$ sudo dhclient eth3
```
大功告成。现在你能够促使 udev 控制计算机按照你想要的方式引用一个 NIC但更重要的是你拥有了指明怎样处理*任何*发生故障的设备的工具。
--------------------------------------------------------------------------------
via: https://opensource.com/article/20/2/linux-systemd-udevd
作者:[David Clinton][a]
选题:[lujun9972][b]
译者:[YungeG](https://github.com/YungeG)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/dbclinton
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/osdc_BUS_Apple_520.png?itok=ZJu-hBV1 (collection of hardware on blue backround)
[2]: https://en.wikipedia.org/wiki/Udev
[3]: https://en.wikipedia.org/wiki/Dmesg
[4]: https://pluralsight.pxf.io/RqrJb
[5]: https://www.virtualbox.org/
[6]: https://netplan.io/

26
translated/tech/20210723 5 useful ways to manage Kubernetes with kubectl.md
View File

@ -3,7 +3,7 @@
[#]: author: (Alan Smithee https://opensource.com/users/alansmithee)
[#]: collector: (lujun9972)
[#]: translator: (geekpi)
[#]: reviewer: ( )
[#]: reviewer: (turbokernel)
[#]: publisher: ( )
[#]: url: ( )
@ -12,19 +12,19 @@
学习kubectl提升你与 Kubernetes 的互动方式。
![Ship captain sailing the Kubernetes seas][1]
Kubernetes 是帮助你以有组织的方式运行大量容器的软件。除了提供工具来管理(或[编排][2])运行的容器,Kubernetes 还帮助这些容器根据需要进行扩展。有了 Kubernetes 作为你的中央控制面板(或称 _control plane_),你需要一种方法来管理 Kubernetes而这项工作的工具就是 kubectl。`kubectl` 命令让你控制、维护、分析和排 Kubernetes 集群的故障。与许多使用 `ctl`(“控制”的缩写)后缀的工具一样,如 systemctl 和 sysctlkubectl 拥有大量的功能和任务权限,所以如果你正在运行 Kubernetes你最终会经常使用它。它是一个有很多选项的大命令,所以下面是 kubectl 使之变得简单的五个常见任务。
Kubernetes 可以帮你编排运行大量容器的软件。Kubernetes 不仅提供工具来管理(或[编排][2])运行的容器,还帮助这些容器根据需要进行扩展。有了 Kubernetes 作为你的中央控制平台(或称 _control plane_),你需要一种方式来管理 Kubernetes而这项工作的工具就是 kubectl。`kubectl` 命令让你控制、维护、分析和排 Kubernetes 集群的故障。与许多使用 `ctl`(“控制”的缩写)后缀的工具一样,如 systemctl 和 sysctlkubectl 拥有大量的功能和任务权限,所以如果你正在运行 Kubernetes你最终会经常使用它。它是一个拥有众多选项的命令,所以下面是 kubectl 中简单易用的五个常见任务。
### 1\. 列出并描述资源
按照设计,容器往往会成倍增加。在某些条件下,它们可以快速增加。如果你只能通过 `podman ps``docker ps` 来查看正在运行的容器,这可能会让你不知所措。通过 `kubectl get``kubectl describe`,你可以获得关于哪些 pod 正在运行以及它们正在处理的容器的信息。更重要的是,你可以通过使用 `--namespace``name``--selector`等选项,只获得你需要的信息。
按照设计,容器往往会成倍增加。在某些条件下,它们可以快速增加。如果你只能通过 `podman ps``docker ps` 来查看正在运行的容器,这可能会让你不知所措。通过 `kubectl get``kubectl describe`,你可以列出正在运行的 pod 以及它们正在处理的容器信息。更重要的是,你可以通过使用 `--namespace``name``--selector`等选项,只列出所需信息。
`get` 子命令不仅仅对 pod 和容器有用。它有关于节点、命名空间、部署、服务和复制的信息。
`get` 子命令不仅仅对 pod 和容器有用。它有关于节点、命名空间、发布、服务和副本的信息。
### 2\. 创建资源
如果你只通过类似 OpenShift、OKD 或 Kubernetes 提供的 Web 用户界面UI创建过部署,但你想从 Linux 终端控制你的集群,那么可以使用 `kubectl create`。`kubectl create` 命令并不只是实例化一个新的应用部署。Kubernetes 中还有很多其他组件可以创建,比如服务、配额和 [CronJob][3]。
如果你只通过类似 OpenShift、OKD 或 Kubernetes 提供的 Web 用户界面UI创建过发布,但你想从 Linux 终端控制你的集群,那么可以使用 `kubectl create`。`kubectl create` 命令并不只是实例化一个新的应用发布。Kubernetes 中还有很多其他组件可以创建,比如服务、配额和 [计划任务][3]。
Kubernetes 中的 CronJob 可以创建一个临时的 pod用来在你选择的时间表上执行一些任务。它们并不难设置。下面是一个 CronJob让一个 BusyBox 镜像每分钟响应 “hello world”。
Kubernetes 中的计划任务可以创建一个临时的 pod用来在你选择的时间表上执行一些任务。它们并不难设置。下面是一个计划任务,让一个 BusyBox 镜像每分钟打印 “hello world”。
```
@ -36,7 +36,7 @@ hello-world \
### 3\. 编辑文件
你可能了解 Kubernetes 中的对象都有相应的配置文件,但在文件系统中查找相应的文件可能很麻烦。有了 `kubectl edit`,你可以把注意力放在对象上,而不是定义它们的文件上。你可以让 `kubectl` 为你找到并打开文件(它遵循 `KUBE_EDITOR` 环境变量,所以你可以把编辑器设置成你喜欢的)。
Kubernetes 中的对象都有相应的配置文件,但在文件系统中查找相应的文件较为麻烦。有了 `kubectl edit`,你可以把注意力放在对象上,而不是定义文件上。你可以通过 `kubectl` 找到并打开文件(关联 `KUBE_EDITOR` 环境变量,你可以设置成你喜欢的编辑器)。
```
@ -44,18 +44,18 @@ $ KUBE_EDITOR=emacs \
kubectl edit cronjob/hello-world
```
### 4\. 容器之间的交换文件
### 4\. 容器之间的传输文件
初次接触容器的人往往对他们直接无法访问的共享系统的概念感到困惑。他们可能会在容器引擎或 kubectl 中了解到 `exec` 选项,但当他们不能从容器中取文件或将文件放入容器中时,容器仍然会显得不透明。使用 `kubectl cp` 命令,你可以把容器当做远程服务器,使复制文件到容器或从容器复制文件不比 SSH 命令更复杂
初次接触容器的人往往对无法直接访问的共享系统的概念感到困惑。他们可能会在容器引擎或 kubectl 中了解到 `exec` 选项,但当他们不能从容器中取文件或将文件放入容器中时,容器仍然会显得不透明。使用 `kubectl cp` 命令,你可以把容器当做远程服务器,使主机和容器之间文件传输如 SSH 命令一样简单
```
`$ kubectl cp foo my-pod:/tmp`
```
### 5\. 应用更
### 5\. 应用
对 Kubernetes 对象进行修改,可以在任何时候通过 `kubectl apply` 命令完成。你所要做的就是将该命令指向一个配置文件:
对 Kubernetes 对象进行修改,可以通过 `kubectl apply` 命令完成。你所要做的就是将该命令指向一个配置文件:
```
@ -73,7 +73,7 @@ $ kubectl apply -n argocd \
### 使用 kubectl
Kubectl 是一个强大的工具,由于它是一个终端命令,它可以写成脚本,并以许多 Web UI 无法实现的方式使用。学习 kubectl 是进一步了解 Kubernetes、容器、pod 以及围绕这些重要的云计算创新的所有技术的一个好方法。[下载我们的 kubectl 速查表][5],以获得快速参考,其中包括命令示例,以帮助你学习,并在你成为专家后提醒你注意细节。
Kubectl 是一个强大的工具,由于它是一个终端命令,它可以写成脚本,并能实现用众多 Web UI 无法实现的功能。学习 kubectl 是进一步了解 Kubernetes、容器、pod 以及围绕这些重要的云计算创新技术的一个好方法。[下载我们的 kubectl 速查表][5],以获得快速参考,其中包括命令示例,以帮助你学习,并在为你提供注意细节。
--------------------------------------------------------------------------------
@ -82,7 +82,7 @@ via: https://opensource.com/article/21/7/kubectl
作者:[Alan Smithee][a]
选题:[lujun9972][b]
译者:[geekpi](https://github.com/geekpi)
校对:[校对者ID](https://github.com/校对者ID)
校对:[turbokernel](https://github.com/turbokernel)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出

52
translated/tech/20210804 Move files in the Linux terminal.md Normal file
View File

@ -0,0 +1,52 @@
[#]: subject: (Move files in the Linux terminal)
[#]: via: (https://opensource.com/article/21/8/move-files-linux)
[#]: author: (Seth Kenlon https://opensource.com/users/seth)
[#]: collector: (lujun9972)
[#]: translator: (geekpi)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
在 Linux 终端中移动文件
======
使用 mv 命令将一个文件从一个位置移动到另一个位置。
![Moving files][1]
要在有图形界面的计算机上移动一个文件,你要打开该文件当前所在的文件夹,然后打开另一个窗口到你想把文件移到的文件夹。最后,你把文件从一个窗口拖到另一个窗口。
要在终端中移动文件,你可以使用 **mv** 命令将文件从一个位置移动到另一个位置。
```
$ mv example.txt ~/Documents
$ ls ~/Documents
example.txt
```
在这个例子中,你已经把 **example.txt** 从当前文件夹移到了 **Documents** 文件夹中。
只要你知道一个文件在__哪里__又想把它移到_哪里_去你就可以把文件从任何地方移动到任何地方而不管你在哪里。与在一系列窗口中浏览你电脑上的所有文件夹以找到一个文件然后打开一个新窗口到你想让该文件去的地方再拖动该文件相比这可以大大节省时间。
默认情况下,**mv** 命令完全按照它被告知的那样做:它将一个文件从一个位置移动到另一个位置。如果在目标位置已经存在一个同名的文件,它将被覆盖。为了防止文件在没有警告的情况下被覆盖,请使用 **\--interactive**(或简写 **-i**)选项。
```
$ mv -i example.txt ~/Documents
mv: overwrite '/home/tux/Documents/example.txt'?
```
--------------------------------------------------------------------------------
via: https://opensource.com/article/21/8/move-files-linux
作者:[Seth Kenlon][a]
选题:[lujun9972][b]
译者:[geekpi](https://github.com/geekpi)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/seth
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/ch01s05.svg_.png?itok=PgKQEDZ7 (Moving files)

173
translated/tech/20210805 Configure your OpenVPN server on Linux.md Normal file
View File

@ -0,0 +1,173 @@
[#]: subject: "Configure your OpenVPN server on Linux"
[#]: via: "https://opensource.com/article/21/7/openvpn-firewall"
[#]: author: "D. Greg Scott https://opensource.com/users/greg-scott"
[#]: collector: "lujun9972"
[#]: translator: "geekpi"
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
在 Linux 上配置你的 OpenVPN 服务器
======
在你安装了 OpenVPN 之后,是时候配置它了。
![Lock][1]
OpenVPN 在两点之间建立一个加密的隧道防止第三方访问你的网络流量。通过设置你的虚拟私人网络VPN服务器你就成为你自己的 VPN 供应商。许多流行的 VPN 服务已经使用 [OpenVPN][2],所以当你可以完全控制时,为什么要把你的连接绑定到一个特定的供应商?
本系列中的[第一篇][3]设置了一个 VPN 服务器,[第二篇][4]演示了如何安装和配置 OpenVPN 服务器软件。这第三篇文章展示了如何在认证到位的情况下启动 OpenVPN。
要设置一个 OpenVPN 服务器,你必须:
* 创建一个配置文件。
* 设置 `sysctl``net.ipv4.ip_forward = 1` 以启用路由。
* 为所有的配置和认证文件设置适当的所有权,以便在一个非 root 账户下运行 OpenVPN 服务器守护程序。
* 设置 OpenVPN 以适当的配置文件启动。
* 配置你的防火墙。
### 配置文件
你必须在 `/etc/openvpn/server/` 中创建一个服务器配置文件。如果你想的话你可以从头开始OpenVPN 包括了几个样本配置文件,可以作为开始。看看 `/usr/share/doc/openvpn/sample/sample-config-files/` 就知道了。
如果你想手工建立一个配置文件,从 `server.conf``roadwarrior-server.conf` 开始(视情况而定),并将你的配置文件放在 `/etc/openvpn/server` 中。这两个文件都有大量的注释,所以请阅读注释并决定哪一个适用你的情况。
你可以通过使用我预先建立的服务器和客户端配置文件模板和 `sysctl` 文件来打开网络路由,从而节省时间和麻烦。这个配置还包括自定义记录连接和断开的情况。它在 OpenVPN 服务器的 `/etc/openvpn/server/logs` 中保存日志。
如果你使用我的模板,你将需要编辑它们以使用你的 IP 地址和主机名。
要使用我的预建配置模板、脚本和 `sysctl` 来打开 IP 转发,请下载我的脚本:
```
$ curl \
<https://www.dgregscott.com/ovpn/OVPNdownloads.sh> &gt; \
OVPNdownloads.sh
```
阅读该脚本,了解它的工作内容。下面是它的行为概述:
* 在你的 OpenVPN 服务器上创建适当的目录
* 从我的网站下载服务器和客户端的配置文件模板
* 下载我的自定义脚本,并以正确的权限把它们放到正确的目录中。
* 下载 `99-ipforward.conf` 并把它放到 `/etc/sysctl.d` 中,以便在下次启动时打开 IP 转发功能。
* 为 `/etc/openvpn` 中的所有内容设置了所有权
当你确定你理解了这个脚本的作用,就使它可执行并运行它:
```
$ chmod +x OVPNdownloads.sh
$ sudo ./OVPNdownloads.sh
```
下面是它复制的文件(注意文件的所有权):
```
$ ls -al -R /etc/openvpn
/etc/openvpn:
total 12
drwxr-xr-x. 4 openvpn openvpn 34 Apr 6 20:35 .
drwxr-xr-x. 139 root root 8192 Apr 6 20:35 ..
drwxr-xr-x. 2 openvpn openvpn 33 Apr 6 20:35 client
drwxr-xr-x. 4 openvpn openvpn 56 Apr 6 20:35 server
/etc/openvpn/client:
total 4
drwxr-xr-x. 2 openvpn openvpn 33 Apr 6 20:35 .
drwxr-xr-x. 4 openvpn openvpn 34 Apr 6 20:35 ..
-rw-r--r--. 1 openvpn openvpn 1764 Apr 6 20:35 OVPNclient2020.ovpn
/etc/openvpn/server:
total 4
drwxr-xr-x. 4 openvpn openvpn 56 Apr 6 20:35 .
drwxr-xr-x. 4 openvpn openvpn 34 Apr 6 20:35 ..
drwxr-xr-x. 2 openvpn openvpn 59 Apr 6 20:35 ccd
drwxr-xr-x. 2 openvpn openvpn 6 Apr 6 20:35 logs
-rw-r--r--. 1 openvpn openvpn 2588 Apr 6 20:35 OVPNserver2020.conf
/etc/openvpn/server/ccd:
total 8
drwxr-xr-x. 2 openvpn openvpn 59 Apr 6 20:35 .
drwxr-xr-x. 4 openvpn openvpn 56 Apr 6 20:35 ..
-rwxr-xr-x. 1 openvpn openvpn 917 Apr 6 20:35 client-connect.sh
-rwxr-xr-x. 1 openvpn openvpn 990 Apr 6 20:35 client-disconnect.sh
/etc/openvpn/server/logs:
total 0
drwxr-xr-x. 2 openvpn openvpn 6 Apr 6 20:35 .
drwxr-xr-x. 4 openvpn openvpn 56 Apr 6 20:35 ..
```
下面是 `99-ipforward.conf` 文件:
```
# Turn on IP forwarding. OpenVPN servers need to do routing
net.ipv4.ip_forward = 1
```
编辑 `OVPNserver2020.conf``OVPNclient2020.ovpn` 以包括你的 IP 地址。同时,编辑 `OVPNserver2020.conf` 以包括你先前的服务器证书名称。稍后,你将重新命名和编辑 `OVPNclient2020.ovpn` 的副本,以便在你的客户电脑上使用。以 `***?` 开头的块显示了你要编辑的地方。
### 文件所有权
如果你使用了我网站上的自动脚本,文件所有权就已经到位了。如果没有,你必须确保你的系统有一个叫 `openvpn` 的用户,并且是 `openvpn` 组的成员。你必须将 `/etc/openvpn` 中的所有内容的所有权设置为该用户和组。如果你不确定该用户和组是否已经存在,这样做是安全的,因为 `useradd` 会拒绝创建一个与已经存在的用户同名的用户:
```
$ sudo useradd openvpn
$ sudo chown -R openvpn.openvpn /etc/openvpn
```
### 防火墙
如果你在步骤 1 中决定不禁用 firewalld 服务,那么你的服务器的防火墙服务可能默认不允许 VPN 流量。使用 [`firewall-cmd` 命令][5],你可以启用 OpenVPN 服务,它可以打开必要的端口并根据需要路由流量:
```
$ sudo firewall-cmd --add-service openvpn --permanent
$ sudo firewall-cmd --reload
```
没有必要在 iptables 的迷宫中迷失方向!
### 启动你的服务器
现在你可以启动你的 OpenVPN 服务器了。为了让它在重启后自动启动,使用 `systemctl``enable` 子命令:
```
`systemctl enable --now openvpn-server@OVPNserver2020.service`
```
### 最后的步骤
本文的第四篇也是最后一篇文章将演示如何设置客户端,以便从远处连接到你的 OpenVPN。
* * *
_本文基于 D.Greg Scott 的[博客][6]经许可后重新使用。_
--------------------------------------------------------------------------------
via: https://opensource.com/article/21/7/openvpn-firewall
作者:[D. Greg Scott][a]
选题:[lujun9972][b]
译者:[geekpi](https://github.com/geekpi)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/greg-scott
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/security-lock-password.jpg?itok=KJMdkKum (Lock)
[2]: https://openvpn.net/
[3]: https://opensource.com/article/21/7/vpn-openvpn-part-1
[4]: https://opensource.com/article/21/7/vpn-openvpn-part-2
[5]: https://www.redhat.com/sysadmin/secure-linux-network-firewall-cmd
[6]: https://www.dgregscott.com/how-to-build-a-vpn-in-four-easy-steps-without-spending-one-penny/

102
translated/tech/20210807 How to Install Java on Fedora Linux.md Normal file
View File

@ -0,0 +1,102 @@
[#]: subject: "How to Install Java on Fedora Linux"
[#]: via: "https://itsfoss.com/install-java-fedora/"
[#]: author: "Abhishek Prakash https://itsfoss.com/author/abhishek/"
[#]: collector: "lujun9972"
[#]: translator: "geekpi"
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
如何在 Fedora Linux 上安装 Java
======
不管是爱它还是恨它,都很难避开 Java。
Java 仍然是一种非常流行的编程语言,在学校里教,在企业里用。
如果你想使用基于 Java 的工具或用 Java 编程,你就需要在你的系统上安装 Java。
这就变得很混乱,因为围绕着 Java 有很多技术术语。
* Java 开发工具包JDK用于创建 Java 程序
* Java 运行环境JRE或 Java 虚拟机JVM用于运行 Java 程序。
除此之外,你还会遇到 [OpenJDK][1] 和 [Oracle Java SE][2]。OpenJDK 是被推荐的,因为它是开源的。如果你有专门的需求,那么你只应该选择 Oracle Java SE。
这里还有一件事。即使是 OpenJDK 也有几个版本可供选择。在写这篇文章的时候Fedora 34 有 OpenJDK 1.8、OpenJDK 11 和 OpenJDK 16 可用。
你可以自行决定想要哪个Java版本。
### 在 Fedora Linux 上安装 Java
首先,检查是否已经安装了 Java以及它是哪个版本。我不是在开玩笑。Fedora 通常预装了 Java。
要检查它,请使用以下命令:
```
java -version
```
正如你在下面的截图中看到的,我的 Fedora 系统上安装了 Java 11OpenJDK 11
![Check Java version][3]
假设你想安装另一个版本的 Java。你可以用下面的命令检查可用的选项
```
sudo dnf search openjdk
```
这里的sudo不是必须的但它会刷新 sudo 用户的元数据,这在你安装另一个版本的 Java 时会有帮助。
上面的命令将显示很多输出,其中有很多看起来相似的软件包。你必须专注于最初的几个词来理解不同的版本。
![Available Java versions in Fedora][4]
例如,要安装 Java 8 (OpenJDK 1.8),包的名字应该是 java-1.8.0-openjdk.x86_64 或者 java-1.8.0-openjdk。用它来安装
```
sudo dnf install java-1.8.0-openjdk.x86_64
```
![Install Java Fedora][5]
这就好了。现在你的系统上同时安装了 Java 11 和 Java 8。但你将如何使用其中一个呢
#### 在 Fedora 上切换 Java 版本
你正在使用的 Java 版本保持不变,除非你明确改变它。使用这个命令来列出系统上安装的 Java 版本:
```
sudo alternatives --config java
```
你会注意到在 Java 版本前有一个数字。Java 版本前的 + 号表示当前正在使用的 Java 版本。
你可以指定这个数字来切换 Java 版本。因此,在下面的例子中,如果我输入 2它将把系统中的 Java 版本从 Java 11 改为 Java 8。
![Switching between installed Java versions][6]
这就是你在 Fedora 上安装 Java 所需要做的一切。
--------------------------------------------------------------------------------
via: https://itsfoss.com/install-java-fedora/
作者:[Abhishek Prakash][a]
选题:[lujun9972][b]
译者:[geekpi](https://github.com/geekpi)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://itsfoss.com/author/abhishek/
[b]: https://github.com/lujun9972
[1]: https://openjdk.java.net/
[2]: https://www.oracle.com/java/technologies/javase-downloads.html
[3]: https://i1.wp.com/itsfoss.com/wp-content/uploads/2021/08/check-java-version-fedora.png?resize=800%2C271&ssl=1
[4]: https://itsfoss.com/wp-content/uploads/2021/08/available-java-versions-fedora-800x366.webp
[5]: https://i0.wp.com/itsfoss.com/wp-content/uploads/2021/08/install-java-fedora.png?resize=800%2C366&ssl=1
[6]: https://i1.wp.com/itsfoss.com/wp-content/uploads/2021/08/switch-java-versions-fedora.png?resize=800%2C513&ssl=1

87
translated/tech/20210807 Remove files and folders in the Linux terminal.md Normal file
View File

@ -0,0 +1,87 @@
[#]: subject: "Remove files and folders in the Linux terminal"
[#]: via: "https://opensource.com/article/21/8/remove-files-linux-terminal"
[#]: author: "Seth Kenlon https://opensource.com/users/seth"
[#]: collector: "lujun9972"
[#]: translator: "unigeorge"
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
在 Linux 终端中删除文件和文件夹
======
本教程讲述了如何在 Linux 终端中安全地删除文件和文件夹。
![Removing files][1]
要想使用图形化界面删除计算机上的文件,你可能会直接将文件或文件夹拖拽到 “垃圾箱” 或 “回收站”。或者你也可以选择要删除的文件或文件夹,右键单击并选择 **删除**
而在终端中删除文件或文件夹时并没有垃圾箱一说至少默认情况下没有。在图形化桌面上Trash即垃圾箱文件夹是一个受保护的目录保护机制可以防止用户不小心将该目录删除或将其从默认位置移动从而导致找不到它。Trash 本质不过是一个被高度管理的文件夹,因此你可以创建自己的 Trash 文件夹以在终端中使用。
### 为终端设置一个垃圾箱
在家目录中创建一个名为 **Trash** 的目录:
```
$ mkdir ~/Trash
```
### 删除文件
要删除文件或文件夹时,使用 **mv** 命令将文件或文件夹移至 Trash 中:
```
$ mv example.txt ~/Trash
```
### 永久删除文件或文件夹
当你准备从系统中永久删除某个文件或文件夹时,可以使用 **rm** 命令清除垃圾箱文件夹中的所有数据。通过将 **rm** 命令指向星号(`*`),可以删除 **Trash** 文件夹内的所有文件和文件夹,而不会删除 **Trash** 文件夹本身。因为用户可以方便且自由地创建目录,所以即使不小心删除了 **Trash** 文件夹,你也可以再次新建一个。
```
$ rm --recursive ~/Trash/*
```
### 删除空目录
删除空目录有一个专门的命令 **rmdir** ,它只能用来删除空目录,从而保护你免受递归删除错误的影响。
```
$ mkdir full
$ touch full/file.txt
$ rmdir full
rmdir: failed to remove 'full/': Directory not empty
$ mkdir empty
$ rmdir empty
```
### 更好的删除方式
此外还有一些并没有默认安装在终端上的 [删除文件命令][2],你可以从软件库安装它们。这些命令管理和使用的 **Trash** 文件夹与你在桌面模式使用的是同一个(而非你自己单独创建的),从而使删除文件变得更加方便。
```
$ trash ~/example.txt
$ trash --list
example.txt
$ trash --empty
```
--------------------------------------------------------------------------------
via: https://opensource.com/article/21/8/remove-files-linux-terminal
作者:[Seth Kenlon][a]
选题:[lujun9972][b]
译者:[unigeorge](https://github.com/unigeorge)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/seth
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/ch01s10.svg_.png?itok=p07au80e (Removing files)
[2]: https://www.redhat.com/sysadmin/recover-file-deletion-linux