document/TranslateProject
2
0
Fork 0
mirror of https://github.com/LCTT/TranslateProject.git synced 2025-01-25 23:11:02 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'LCTT/master'

Browse Source
This commit is contained in:
wxy 2018-02-16 19:56:09 +08:00
commit d403a52d21
17 changed files with 1068 additions and 1145 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

97
published/20171016 Using the Linux find command with caution.md Normal file
View File

@ -0,0 +1,97 @@
谨慎使用 Linux find 命令
======
> 当使用 Linux 下的 find 命令时,请使用 -ok 选项来避免文件被意外删除,这个选项会在移除任何文件之前都会请求你的许可。
![](https://images.idgesg.net/images/article/2017/10/caution-sign-100738884-large.jpg)
最近有朋友提醒我有一个有用的选项来更加谨慎地运行 `find` 命令,它就是 `-ok`。除了一个重要的区别之外,它的工作方式与 `-exec` 相似,它使 `find` 命令在执行指定的操作之前请求权限。
这有一个例子。如果你使用 `find` 命令查找文件并删除它们,你可能使用的是下面的命令:
```
$ find . -name runme -exec rm {} \;
```
在当前目录及其子目录中中任何名为 “runme” 的文件都将被立即删除 —— 当然,你要有权限删除它们。改用 `-ok` 选项,你会看到类似这样的东西,但 `find` 命令将在删除文件之前会请求权限。回答 `y` 代表 “yes” 将允许 `find` 命令继续并逐个删除文件。
```
$ find . -name runme -ok rm {} \;
< rm ... ./bin/runme > ?
```
### -execdir 命令也是一个选择
另一个可以用来修改 `find` 命令行为,并可能使其更可控的选项是 `-execdir` 。`-exec` 会运行指定的任何命令,而 `-execdir 则从文件所在的目录运行指定的命令,而不是在运行 `find` 命令的目录运行指定的命令。这是两个它的例子:
```
$ pwd
/home/shs
$ find . -name runme -execdir pwd \;
/home/shs/bin
```
```
$ find . -name runme -execdir ls \;
ls rm runme
```
到现在为止还挺好。但要记住的是,`-execdir` 也会在匹配文件的目录中执行该命令。如果运行下面的命令,并且目录包含一个名为 “ls” 的文件那么即使该文件_没有_执行权限它也将运行该文件。使用 `-exec``-execdir` 类似于通过 `source` 来运行命令。
```
$ find . -name runme -execdir ls \;
Running the /home/shs/bin/ls file
```
```
$ find . -name runme -execdir rm {} \;
This is an imposter rm command
```
```
$ ls -l bin
total 12
-r-x------ 1 shs shs 25 Oct 13 18:12 ls
-rwxr-x--- 1 shs shs 36 Oct 13 18:29 rm
-rw-rw-r-- 1 shs shs 28 Oct 13 18:55 runme
```
```
$ cat bin/ls
echo Running the $0 file
$ cat bin/rm
echo This is an imposter rm command
```
### -okdir 选项也会请求权限
要更谨慎,可以使用 `-okdir` 选项。类似 `-ok`,该选项将请求权限来运行该命令。
```
$ find . -name runme -okdir rm {} \;
< rm ... ./bin/runme > ?
```
你也可以小心地指定你想用的命令的完整路径,以避免像上面那样的冒牌命令出现的任何问题。
```
$ find . -name runme -execdir /bin/rm {} \;
```
`find` 命令除了默认打印之外还有很多选项,有些可以使你的文件搜索更精确,但谨慎一点总是好的。
在 [Facebook][1] 和 [LinkedIn][2] 上加入 Network World 社区来进行评论。
--------------------------------------------------------------------------------
via: https://www.networkworld.com/article/3233305/linux/using-the-linux-find-command-with-caution.html
作者:[Sandra Henry-Stocker][a]
译者:[geekpi](https://github.com/geekpi)
校对:[Locez](https://github.com/locez)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://www.networkworld.com/author/Sandra-Henry_Stocker/
[1]:https://www.facebook.com/NetworkWorld/
[2]:https://www.linkedin.com/company/network-world

165
published/20171117 How to Install and Use Docker on Linux.md Normal file
View File

@ -0,0 +1,165 @@
在 Linux 上安装和使用 Docker
======
![](https://www.linux.com/sites/lcom/files/styles/rendered_file/public/use-containers.jpg?itok=s3YLmYHs)
容器现在风靡于 IT 界 —— 这很好理解。容器是轻量级的,包含应用运行所需所有东西(代码、库、运行时环境、系统设置,以及依赖关系)的独立的包。每个容器都部署于它自己的 CPU、内存、块 I/O以及网络资源上所有这些都不依赖于某个内核和操作系统。这也是容器与虚拟机之间最大的不同相比之下虚拟机是一个运行于宿主机操作系统上的完整的操作系统平台而容器不是。
容器允许你以一种前所未有的方式扩展交付能力(不管内部还是外部的)。例如,你可以快速部署多个 NGINX 实例(甚至可以应用于多个不同的阶段 —— 比如开发和生产阶段)。跟虚拟机不同,容器不会消耗太多系统资源。
[Docker][1] 使得创建、部署,和管理容器变得特别简单。更好的是,安装和使用 Docker 在 Linux 平台上特别的方便。
我将会向你演示在 Linux 上安装 Docker 是多么方便,同时带你入门 Docker。我的演示平台是 [Ubuntu 16.04 Server][2],但流程在大多数其它 Linux 平台都差不多。
我这里假设你已经启动了 Ubuntu Server 16.04。
### 安装
由于 Ubuntu Server 16.04 缺少图形界面,我会完全通过命令行来安装和使用 Docker。在你安装前你需要更新 `apt` 然后进行必要的升级。一定要注意,若系统内核升级了,你会需要重启系统。因此最好挑个服务器能重启的时间进行。
运行下面命令更新 `apt`
```
sudo apt update
```
完成后,使用命令升级系统:
```
sudo apt upgrade
```
若内核升级了,你需要用下面命令重启服务器:
```
sudo reboot
```
若内核没有升级,你就可以安装 Docker 了(无需重启)。安装 Docker 的命令为:
```
sudo apt install docker.io
```
若你使用的是其它 Linux 发行版,当尝试用相应的包管理器来安装时却发现没有 `docker.io` 包,则你应该安装 `docker` 包。例如,在 [Fedora][3] 上安装应该用命令:
```
sudo dnf install docker
```
若你使用的是 CentOS 7那么最好使用安装脚本来安装 docker。首先使用命令 `sudo yum check-update` 更新系统。升级完后,输入下面命令来下载并运行所需的脚本:
```
curl -fsSL https://get.docker.com/ | sh
```
默认情况下,只有管理员权限能够运行 docker 命令。考虑到安全问题,你不会想用 root 用户或使用 `sudo` 来运行 Docker 的。要解决这个问题,你需要将自己的用户加入到 docker 组中。命令如下:
```
sudo usermod -a -G docker $USER
```
完成操作后,登出系统然后再重新登录,应该就搞定了。不过若你的平台是 Fedora则添加用户到 docker 组时会发现这个组是不存在的。那该怎么办呢?你需要首先创建这个组。命令如下:
```
sudo groupadd docker && sudo gpasswd -a ${USER} docker && sudo systemctl restart docker
newgrp docker
```
登出后再登录。就可以开始用 Docker 了。
### 启动,暂停以及启用 Docker
安装好 Docker 后,你可以让系统在启动时自动启动 Docker 守护进程。使用下面两个命令来实现这一点:
```
sudo systemctl start docker
sudo systemctl enable docker
```
若需要暂停或重启 Docker 守护进程,则命令为:
```
sudo systemctl stop docker
sudo systemctl restart docker
```
现在可以用 Docker 来部署容器了。
### 拉取镜像
对 Docker 来说,镜像是构建容器的基石。你可以拉下一个镜像(比如 [NGINX][4])然后根据这个镜像部署任意多个容器出来。使用镜像前,你首先需要把镜像拉取到系统中。镜像从注册仓库中拉取,默认情况下安装好的 Docker 包含了一个默认的注册仓库 [Docker Hub][5] —— 这个注册仓库包含了大量别人所贡献的镜像(既包括官方的镜像,也包括用户自己贡献的镜像)。
假设你想要拉取一个 Nginx Web 服务器相关的镜像。在开始拉取前,先检查一下系统中已经有了哪些镜像。输入 `docker images` 命令你会发现现在还没有镜像存在(图 1
![Docker][7]
*图 1还没有镜像。*
让我们来拉取一个镜像。使用下面命令可以从 Docker Hub 中下载 Nginx 镜像:
```
docker pull nginx
```
上面命令会从 Docker Hub 下载最新的(官方的) Nginx 镜像。现在再运行 `docker images` 命令就能看到有列出镜像了(图 2
![Docker][10]
*图 2NGINX 镜像已经被拉取下来了。*
注意到我这里说的是“官方” Nginx 镜像了吗?在 Docker Hub 上有很多的非官方 Nginx 镜像。这些非官方镜像都是基于各种不同的目的而创建出来的。你可以使用下面过命令来搜索 Docker Hub 中的所有 Nginx 镜像:
```
docker search nginx
```
你会发现(图 3 中),有很多基于不同目的所创建的 Nginx 镜像反向代理、PHP-FPMLCTT 译注:<ruby>FastCGI 进程管理器<rt>FastCGI Process Manager</rt></ruby>是一个 PHPFastCGI 管理器,旨在将 FastCGI 进程管理整合进 PHP 包中功能、LetsEncryptLCTT 译注:由 ISRG 提供的免费 SSL 项目Bitnami在树莓派上使用的 Nginx 和 Drupal等等很多很多)。
![Docker hub][12]
*图 3Docker Hub 上找到的各种 NGINX 镜像。*
假设,你想要下载内建有反向代理功能的 Nginx 镜像,有个非官方的镜像 jwilder/nginx-proxy。因此输入下面命令来拉取这个镜像
```
docker pull jwilder/nginx-proxy
```
再输入 `docker images` 命令来查看新拉下来的这个镜像(图 4
![Nginx][14]
*图 4已经有了两种不同的 NGINX 镜像了。*
处于谨慎考虑,我建议只使用官方镜像,毕竟你无法确定非官方镜像是否包含了恶意代码。
有了镜像后就可以用它来部署容器了。下次我们再聊聊如何通过这些 Nginx 镜像来发布容器。
Docker 是一个超级强力的系统可以让你的工作更简单,让你的公司更具有伸缩性,也更灵活。想知道 Docker 还能做什么,运行 `man docker` 然后阅读它的帮助文档吧。
--------------------------------------------------------------------------------
via: https://www.linux.com/learn/intro-to-linux/2017/11/how-install-and-use-docker-linux
作者:[Jack Wallen][a]
译者:[lujun9972](https://github.com/lujun9972)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://www.linux.com/users/jlwallen
[1]:https://www.docker.com/
[2]:http://releases.ubuntu.com/16.04/
[3]:https://getfedora.org/
[4]:https://www.nginx.com/
[5]:https://hub.docker.com/
[6]:/files/images/docker1jpg
[7]:https://www.linux.com/sites/lcom/files/styles/rendered_file/public/docker_1.jpg?itok=CxSyyXyF (Docker)
[8]:/licenses/category/used-permission
[9]:/files/images/docker2jpg
[10]:https://www.linux.com/sites/lcom/files/styles/rendered_file/public/docker_2.jpg?itok=TESa7bYr (Docker)
[11]:/files/images/docker3jpg
[12]:https://www.linux.com/sites/lcom/files/styles/rendered_file/public/docker_3.jpg?itok=_7F4QWqx (Docker hub)
[13]:/files/images/docker4jpg
[14]:https://www.linux.com/sites/lcom/files/styles/rendered_file/public/docker_4.jpg?itok=f13E1L0Q (Nginx)

422
published/20171228 Dual Boot Ubuntu And Arch Linux.md Normal file
View File

@ -0,0 +1,422 @@
详解 Ubuntu 和 Arch Linux 双启动
======
![](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/dual-boot-ubuntu-and-arch-linux_orig.jpg)
Ubuntu 和 Arch Linux 双启动不像听起来那么容易,然而,我将使这个过程尽可能地简单明了。首先,我们需要安装 Ubuntu然后安装 Arch Linux因为配置 Ubuntu grub 更容易实现 Ubuntu 和 Arch Linux 双启动。
### Ubuntu 和 Arch Linux 双启动
你需要准备好以下内容:
1、你需要准备你所选择的 Ubuntu 的特色版本,在这个例子中,我将使用 Ubuntu 17.10 ISO
2、两个优盘
3、Windows 或者 Linux 操作系统的 PC 机
4、Arch Linux ISO
5、基于 Windows 的 Rufus 或是基于 Linux 发行版的 etcher 的两款软件中的一种,要根据自己的系统类型来选择哦。
### ​安装 Ubuntu
​首先, 利用 Rufus 为 Ubuntu 和 Arch Linux [创建可启动的闪存驱动器][1]。另外,也可以使用 `etcher` 创建 Ubuntu 和 Arch Linux 的可启动闪存驱动器。
[![Ubuntu 可启动 USB 镜像写入工具](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/bootable-ubuntu-usb-etcher-image-writer_orig.jpg)][2]
为 Ubuntu 选择 ISO 映像文件,然后选择闪存驱动器,然后单击 `Flash!` 创建可引导的闪存驱动器。等到它完成,瞧!你的可启动闪存驱动器已经准备好使用了。
[![在 linux 下创建 Ubuntu USB 启动程序](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/make-ubuntu-usb-bootable-in-linux_orig.jpg)][3]
打开你的机器并使用载有 Ubuntu 安装媒体的可启动闪存驱动器进行启动。确保引导到 UEFI 或 BIOS 兼容模式,这取决于您所使用的 PC 的类型。我更喜欢使用 UEFI 来构建新的 PC。
[![live Ubuntu 启动](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/live-ubuntu-boot_orig.jpg)][4]
​在成功启动后,您将看到如上图显示,要求您尝试 Ubuntu 或安装 Ubuntu选择安装 Ubuntu。
[![从可启动 USB 安装](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/install-usb-from-live-usb_orig.jpg)][5]
然后检查安装第三方软件的图形和 WiFi 硬件、MP3 和其他媒体。如果你有一个互联网连接,你可以选择在安装 Ubuntu 的时候下载更新,因为它会节省安装时间,并且确保安装的是最新更新。
[![自定义磁盘分区安装 Ubuntu](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/custom-partition-hd-install-ubuntu_orig.jpg)][6]
然后选择点击“Something else”这样我们就可以对硬盘进行分区并预留出 Ubuntu 和 Archlinux 的分区以及它们的交换分区的空间。
[![创建交换分区](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/create-swap-partition-ubuntu_orig.jpg)][7]
​创建一个交换分区。最好是内存的一半大小。在我的例子中,我有 1 GB 的内存,因此创建一个 512 MB 的交换空间。
[![安装 Ubuntu 到根(/)分区](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/install-ubuntu-root-partition_orig.jpg)][8]
然后创建挂载点为 `/` 的分区并且点击“Install Now”按钮。
[![选择时区](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/select-ubuntu-timezone_orig.jpg)][9]
接下来选择你的位置以选择语言和键盘设置。
[![选择键盘布局](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/install-ubuntu-select-location-keyboard-layout_orig.jpg)][10]
​然后创建新用户的用户凭据。
[![创建用户名、系统名并开始安装](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/create-username-system-name-ubuntu-install_orig.jpg)][11]
点击“Next”开始安装。
[![ubuntu installation finishing](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/ubuntu-installation-finishing_orig.jpg)][12]
当安装完成后点击“Restart Now”重启 PC。
[![完成 Ubuntu 安装并重启系统](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/ubuntu-installation-finished_orig.jpg)][13]
​移除安装媒介,按下回车继续。
[![移除安装媒介](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/remove-installation-media-after-ubuntu_orig.jpg)][14]
在确认成功安装后,重新启动并利用 Arch Linux 安装媒介引导。
### ​安装 Arch Linux
​在引导到 Arch Linux 安装媒体时,您应该看到如下所示的初始屏幕。选择 “Boot Arch Linux(x86_64)”。注意 Arch Linux 更类似于一种 [DIY][15](自我定制)的操作系统。
[![Arch Linux 安装引导菜单](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/arch-linux-installation-boot-menu_orig.jpg)][16]
选择之后,它将打开一个`tty1`终端,您将使用它来安装操作系统。
[![tty终端](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/arch-linux-tty1-linux_orig.png)][17]
注意:为了成功安装 Arch Linux您需要一个互联网连接来下载一些必须的系统安装包。所以我们需要检查一下互联网是否运行正常。输入以下命令到终端以检查网络连接。
```
ping linuxandubuntu.com -c 4
```
[![检查互联网连接](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/arch-linux-ping-check-internet-connection_orig.png)][18]
​如果互联网运行正常,你应该得到一个回显,显示发送和接收的数据包的数量。在这种情况下,我们发送了 4 个包,并得到了 4 个反馈,这意味着连接是正常的。
如果想在 Arch Linux 中设置 Wifi请阅读[本文][19]以在 Arch Linux 中配置 Wifi。
​接下来,我们需要选择之前在安装 Ubuntu 时预留出的空闲分区。
```
fdisk -l
```
​上面的命令应该显示可用的磁盘分区在哪里。您应该能看到 Ubuntu 分区以及预留的空闲空间。我们将使用 `cfdisk`命令进行分区。
```
cfdisk
```
[![利用cfdisk命令安装 Arch 分区](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/install-arch-partition-disk-with-cfdisk_orig.png)][20]
执行命令后将看到分区情况。选择其它已分配分区下面的空闲空间。
您需要选择 “New”然后输入分区大小。
[![为 Archlinux 分区](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/partition-free-space-swap-arch-linux_orig.png)][21]
例如9.3G - G 表示千兆字节。
[![挂载 Arch Linux 分区](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/install-arch-linux-partition_orig.png)][22]
如下图所示选择“primary”进行分区
[![将 Arch Linux 的根root分区设置成主分区](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/make-arch-linux-root-as-primary-partition_orig.png)][23]
然后选择写分区条目。
[![选择分区安装 Arch](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/select-partition-to-install-arch_orig.png)][24]
键入“yes”以确认写入分区表。
[![确认创建分区并安装 Arch Linux](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/install-arch-linux-confirm-create-partition_orig.png)][25]
然后选择 “Quit”退出选项。
[![退出 Arch Linux 的cfdisk](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/quit-cfdisk-arch-linux_orig.png)][26] 然后键入:
```
fdisk -l
```
​确认修改。
[![确认分区修改](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/confirm-partition-changes_orig.png)][27]
​然后使用磁盘分区命令:
```
mkfs.ext4 /dev/sda3
```
​确保您选择的分区是我们创建的最后一个分区,这样我们就不会破坏 Ubuntu 分区。
[![完成 Arch Linux 分区安装](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/complete-arch-linux-installation-partition_orig.png)][28]
​然后使用以下命令安装这个分区:
```
mount /dev/sda3 /mnt
```
[![安装基础分区](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/published/mount-base-partition-in-arch-linux.png?1514472693)][29]
用下面命令创建“home”目录
```
mkdir .mnt/home
```
[![安装家目录](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/published/mount-home-partition-arch-linux.png?1514472866)][30]
用以下命令安装“home”目录到这个分区上
```
mount /dev/sda3 /mnt/home
```
[![安装家目录](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/published/make-mount-home-directory.png?1514472960)][31]
现在使用以下命令安装 Archlinux 的基本系统:
```
pacstrap /mnt base
```
请确保网络连接正常。
接下来开始下载和配置安装所用时间取决于你的网速。
[![安装Arch Linux 基础系统](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/published/install-arch-linux-base.png?1514473056)][32]
这一步骤完成后,将完成 Archlinux 基本安装。
Arch Linux 基础系统安装完成后,使用以下命令创建一个 `fstab` 文件:
```
genfstab -U /mnt >> /mnt/etc/fstab
```
[![创建 fstab文件](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/published/create-fstab-file-in-arch-linux.png?1514473226)][33]
在此之后,您需要验证`fstab`文件,使用下面命令:
```
cat /mnt/etc/fstab
```
[![查看 fstab 文件的终端显示](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/published/cat-fstab-file-data-terminal.png?1514473304)][34]
### ​配置 Arch Linux 的基础配置
您将需要在安装时配置以下内容:
1. 系统语言和系统语言环境
2. 系统时区
3. Root 用户密码
4. 设置主机名
首先,您需要使用以下命令将`root`切换为新安装的基础系统用户:
```
arch-chroot /mnt
```
#### 1. 系统语言和系统语言环境
然后必须配置系统语言。必须取消对 en_Utf-8 UTF-8的注释并加载到文件 `/etc/local.gen` 中。
键入:
```
nano /etc/local.gen
```
然后将 en_UTF-8 UTF-8 取消注释。
键入命令:
```
locale-gen
```
生成本地化设置如下:
[![生成本地化配置](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/published/generate-localization-arch-linux.png?1514473406)][35]
相应的需要在 `locale.conf` 文件中配置 LANG 变量。例如:
```
nano /etc/locale.conf
```
​修改为:
```
LANG=en_US.UTF-8
```
配置键盘布局,则在文件 `vconsole.conf` 中进行更改,如下操作:
```
nano /etc/vconsole.conf
```
​修改为:
```
KEYMAP=us-eng
```
#### 2. 系统时区
​配置时区需要利用以下命令实现:
```
ln -sf /usr/share/zoneinfo/Region/City /etc/localtime
```
要查看可用时区,可以在终端使用以下命令:
注意可选时区在屏幕截图中显示为蓝色:
```
ls /usr/share/zoneinfo
```
[![配置时区文件](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/published/setup-zonefile-in-arch-linux.png?1514473483)][36]
[![配置地区](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/setup-country-zonefile_orig.png)][37]
运行 `hwclock` 命令来生成 `/etc/adjtime`(假设硬件时钟被设置为 UTC
```
# hwclock --systohc
```
#### 3. 配置 root 用户密码
​要为 Arch Linux 系统用户 root 设置密码,请使用:
```
passwd
```
​为 root 用户提供一个新的密码并确认密码使其生效。
[![配置系统用户root密码](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/published/setup-arch-linux-root-password.png?1514473649)][38]
#### 4. 配置主机名和网络
​需要创建主机名文件:
```
nano /etc/hostname
```
[![配置主机名](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/published/set-arch-linux-hostname.png?1514473741)][39]
将名字更改为您的用户名:
[![set arch linux username](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/published/set-arch-linux-username.png?1514473822)][40]
然后向主机添加一个匹配的条目:
```
nano /etc/hosts
```
```
127.0.0.1 localhost.localdomain localhost
::1 localhost.localdomain localhost
127.0.1.1 LinuxandUbuntu.localdomain LinuxandUbuntu
```
您需要使网络保持连接,然后使用:
```
systemctl enable dhcpd
```
#### 配置 Grub
然后重启机器,进入 Ubuntu 配置 grub。
你可以键入:
```
reboot
```
[![安装完成后重启](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/published/reboot-system-after-arch-linux-installation.png?1514474180)][41]
Arch Linux 仍然没有出现,因此我们需要在 Ubuntu 中使用 `update-grub` 来安装它。
[![Ubuntu grub 菜单](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/published/ubuntu-grub-menu.png?1514474302)][42]
在Ubuntu中打开终端输入:
```
sudo update-grub
```
这将更新 grub添加 Arch Linux 记录。
### 小结
祝贺您成功地将 Ubuntu 和 Arch Linux 设置为双引导。Ubuntu 安装很简单,但是 Arch Linux 安装对新的 Linux 用户来说是一个挑战。我试着让这个教程变得简单。但是如果你对这篇文章有任何疑问,请在评论部分告诉我。还可以与您的朋友分享这篇文章,并帮助他们学习 Linux。
--------------------------------------------------------------------------------
via: http://www.linuxandubuntu.com/home/dual-boot-ubuntu-and-arch-linux
作者:[LinuxAndUbuntu][a]
译者:[stevenzdg988](https://github.com/stevenzdg988)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:http://www.linuxandubuntu.com
[1]:http://www.linuxandubuntu.com/home/etcher-burn-images-to-sd-card-make-bootable-usb
[2]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/bootable-ubuntu-usb-etcher-image-writer_orig.jpg
[3]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/make-ubuntu-usb-bootable-in-linux_orig.jpg
[4]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/live-ubuntu-boot_orig.jpg
[5]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/install-usb-from-live-usb_orig.jpg
[6]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/custom-partition-hd-install-ubuntu_orig.jpg
[7]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/create-swap-partition-ubuntu_orig.jpg
[8]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/install-ubuntu-root-partition_orig.jpg
[9]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/select-ubuntu-timezone_orig.jpg
[10]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/install-ubuntu-select-location-keyboard-layout_orig.jpg
[11]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/create-username-system-name-ubuntu-install_orig.jpg
[12]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/ubuntu-installation-finishing_orig.jpg
[13]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/ubuntu-installation-finished_orig.jpg
[14]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/remove-installation-media-after-ubuntu_orig.jpg
[15]:http://www.linuxandubuntu.com/home/arch-linux-take-your-linux-knowledge-to-next-level-review
[16]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/arch-linux-installation-boot-menu_orig.jpg
[17]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/arch-linux-tty1-linux_orig.png
[18]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/arch-linux-ping-check-internet-connection_orig.png
[19]:http://www.linuxandubuntu.com/home/how-to-setup-a-wifi-in-arch-linux-using-terminal
[20]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/install-arch-partition-disk-with-cfdisk_orig.png
[21]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/partition-free-space-swap-arch-linux_orig.png
[22]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/install-arch-linux-partition_orig.png
[23]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/make-arch-linux-root-as-primary-partition_orig.png
[24]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/select-partition-to-install-arch_orig.png
[25]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/install-arch-linux-confirm-create-partition_orig.png
[26]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/quit-cfdisk-arch-linux_orig.png
[27]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/confirm-partition-changes_orig.png
[28]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/complete-arch-linux-installation-partition_orig.png
[29]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/edited/mount-base-partition-in-arch-linux.png
[30]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/edited/mount-home-partition-arch-linux.png
[31]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/edited/make-mount-home-directory.png
[32]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/edited/install-arch-linux-base.png
[33]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/edited/create-fstab-file-in-arch-linux.png
[34]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/edited/cat-fstab-file-data-terminal.png
[35]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/edited/generate-localization-arch-linux.png
[36]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/edited/setup-zonefile-in-arch-linux.png
[37]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/setup-country-zonefile_orig.png
[38]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/edited/setup-arch-linux-root-password.png
[39]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/edited/set-arch-linux-hostname.png
[40]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/edited/set-arch-linux-username.png
[41]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/edited/reboot-system-after-arch-linux-installation.png
[42]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/edited/ubuntu-grub-menu.png

24
translated/tech/20180206 Save Some Battery On Our Linux Machines With TLP.md → published/20180206 Save Some Battery On Our Linux Machines With TLP.md
View File

@ -1,8 +1,9 @@
TLP 帮助我们的 Linux 机器节能省电
======
![](http://www.linuxandubuntu.com/home/save-some-battery-on-our-linux-machines-with-tlp)
我发现 Linux 下电池的寿命普遍要比 windows 下要短。尽管如此,这可是 [Linux][1],我们总会有有办法的。
![](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/save-some-battery-on-our-linux-machines-with-tlp_orig.jpg)
我发现 Linux 下电池的寿命普遍要比 Windows 下要短。尽管如此,这可是 Linux我们总会有有办法的。
现在来讲一下这个名叫 TLP 的小工具,它能帮你的设备省点电。
@ -12,32 +13,27 @@ TLP 帮助我们的 Linux 机器节能省电
sudo apt install tlp
```
[![install tlp in linux](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/published/install-tlp-in-linux.jpeg1517926012)][2]
[![install tlp in linux](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/published/install-tlp-in-linux.jpeg?1517926012)][2]
对于其他的发行版,你可以阅读[官方网站 ][3] 上的指南。
对于其他的发行版,你可以阅读[官方网站][3]上的指南。
安装完成之后,你只有在第一次的时候需要运行下面命令来启动 tlp。TLP 会在下次启动系统时自动运行。
[![start tlp on linux](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/published/start-tlp-on-linux.jpeg1517926209)][4]
[![start tlp on linux](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/published/start-tlp-on-linux.jpeg?1517926209)][4]
​现在 TLP 已经被启动起来了,而且已经设置好了节省电池所需要的默认配置。我们可以查看该配置文件。文件路径为 **/etc/default/tlp**。我们需要编辑该文件来修改各项配置。
​现在 TLP 已经被启动起来了,而且已经设置好了节省电池所需要的默认配置。我们可以查看该配置文件。文件路径为 `/etc/default/tlp`。我们需要编辑该文件来修改各项配置。
配置文件中有很多选项,要启用某个选项的话之胥敖删除行首的 **#** 就行了。每个选项能够赋予什么值都有说明。下面是你可能会用到的选项 -
配置文件中有很多选项,要启用某个选项的话之胥敖删除行首的 `#` 就行了。每个选项能够赋予什么值都有说明。下面是你可能会用到的选项:
* 自动休眠 USB 设备
* 设定启动时启用/禁用无线设备
* 降低硬盘转速
* 关闭无线设备
* 设置 CPU 以性能优先还是节能优先
### 结论
TLP 是一个超棒的工具,可以延长 Linux 系统中电池的寿命。我个人的经验是使用 TLP 能延长至少 30-40% 的电池寿命。
TLP 是一个超棒的工具,可以延长 Linux 系统的电池使用寿命。我个人的经验是使用 TLP 能延长至少 30-40% 的电池使用寿命。
--------------------------------------------------------------------------------
@ -45,7 +41,7 @@ via: http://www.linuxandubuntu.com/home/save-some-battery-on-our-linux-machines-
作者:[LinuxAndUbuntu][a]
译者:[lujun9972](https://github.com/lujun9972)
校对:[校对者ID](https://github.com/校对者ID)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出

4
sources/talk/20180214 How to Encrypt Files with Tomb on Ubuntu 16.04 LTS.md
View File

@ -1,3 +1,5 @@
translating by Auk7F7
How to Encrypt Files with Tomb on Ubuntu 16.04 LTS
==================================================
@ -254,4 +256,4 @@ via: [https://www.howtoforge.com/tutorial/how-to-install-and-use-tomb-file-encry
作者: [Dan Fries](https://www.howtoforge.com/) 选题者: [@lujun9972](https://github.com/lujun9972) 译者: [译者ID](https://github.com/译者ID) 校对: [校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出

100
sources/tech/20180104 Whats behind the Intel design flaw forcing numerous patches.md
View File

@ -1,100 +0,0 @@
Translating by qhwdw
Whats behind the Intel design flaw forcing numerous patches?
============================================================
### There's obviously a big problem, but we don't know exactly what.
![](https://cdn.arstechnica.net/wp-content/uploads/2015/06/intel-48-core-larrabee-probably-640x427.jpg)
Both Windows and Linux are receiving significant security updates that can, in the worst case, cause performance to drop by half, to defend against a problem that as yet hasn't been fully disclosed.
Patches to the Linux kernel have been trickling in over the past few weeks. Microsoft has been [testing the Windows updates in the Insider program since November][3], and it is expected to put the alterations into mainstream Windows builds on Patch Tuesday next week. Microsoft's Azure has scheduled maintenance next week, and Amazon's AWS is scheduled for maintenance on Friday—presumably related.
Since the Linux patches [first came to light][4], a clearer picture of what seems to be wrong has emerged. While Linux and Windows differ in many regards, the basic elements of how these two operating systems—and indeed, every other x86 operating system such as FreeBSD and [macOS][5]—handle system memory is the same, because these parts of the operating system are so tightly coupled to the capabilities of the processor.
### Keeping track of addresses
Every byte of memory in a system is implicitly numbered, those numbers being each byte's address. The very earliest operating systems operated using physical memory addresses, but physical memory addresses are inconvenient for lots of reasons. For example, there are often gaps in the addresses, and (particularly on 32-bit systems), physical addresses can be awkward to manipulate, requiring 36-bit numbers, or even larger ones.
Accordingly, modern operating systems all depend on a broad concept called virtual memory. Virtual memory systems allow both programs and the kernels themselves to operate in a simple, clean, uniform environment. Instead of the physical addresses with their gaps and other oddities, every program, and the kernel itself, uses virtual addresses to access memory. These virtual addresses are contiguous—no need to worry about gaps—and sized conveniently to make them easy to manipulate. 32-bit programs see only 32-bit addresses, even if the physical address requires 36-bit or more numbering.
While this virtual addressing is transparent to almost every piece of software, the processor does ultimately need to know which physical memory a virtual address refers to. There's a mapping from virtual addresses to physical addresses, and that's stored in a large data structure called a page table. Operating systems build the page table, using a layout determined by the processor, and the processor and operating system in conjunction use the page table whenever they need to convert between virtual and physical addresses.
This whole mapping process is so important and fundamental to modern operating systems and processors that the processor has dedicated cache—the translation lookaside buffer, or TLB—that stores a certain number of virtual-to-physical mappings so that it can avoid using the full page table every time.
The use of virtual memory gives us a number of useful features beyond the simplicity of addressing. Chief among these is that each individual program is given its own set of virtual addresses, with its own set of virtual to physical mappings. This is the fundamental technique used to provide "protected memory;" one program cannot corrupt or tamper with the memory of another program, because the other program's memory simply isn't part of the first program's mapping.
But these uses of an individual mapping per process, and hence extra page tables, puts pressure on the TLB cache. The TLB isn't very big—typically a few hundred mappings in total—and the more page tables a system uses, the less likely it is that the TLB will include any particular virtual-to-physical translation.
### Half and half
To make the best use of the TLB, every mainstream operating system splits the range of virtual addresses into two. One half of the addresses is used for each program; the other half is used for the kernel. When switching between processes, only half the page table entries change—the ones belonging to the program. The kernel half is common to every program (because there's only one kernel), and so it can use the same page table mapping for every process. This helps the TLB enormously; while it still has to discard mappings belonging to the process' half of memory addresses, it can keep the mappings for the kernel's half.
This design isn't completely set in stone. Work was done on Linux to make it possible to give a 32-bit process the entire range of addresses, with no sharing between the kernel's page table and that of each program. While this gave the programs more address space, it carried a performance cost, because the TLB had to reload the kernel's page table entries every time kernel code needed to run. Accordingly, this approach was never widely used on x86 systems.
One downside of the decision to split the virtual address space between the kernel and each program is that the memory protection is weakened. If the kernel had its own set of page tables and virtual addresses, it would be afforded the same protection as different programs have from one another; the kernel's memory would be simply invisible. But with the split addressing, user programs and the kernel use the same address range, and, in principle, a user program would be able to read and write kernel memory.
To prevent this obviously undesirable situation, the processor and virtual addressing system have a concept of "rings" or "modes." x86 processors have lots of rings, but for this issue, only two are relevant: "user" (ring 3) and "supervisor" (ring 0). When running regular user programs, the processor is put into user mode, ring 3\. When running kernel code, the processor is in ring 0, supervisor mode, also known as kernel mode.
These rings are used to protect the kernel memory from user programs. The page tables aren't just mapping from virtual to physical addresses; they also contain metadata about those addresses, including information about which rings can access an address. The kernel's page table entries are all marked as only being accessible to ring 0; the program's entries are marked as being accessible from any ring. If an attempt is made to access ring 0 memory while in ring 3, the processor blocks the access and generates an exception. The result of this is that user programs, running in ring 3, should not be able to learn anything about the kernel and its ring 0 memory.
At least, that's the theory. The spate of patches and update show that somewhere this has broken down. This is where the big mystery lies.
### Moving between rings
Here's what we do know. Every modern processor performs a certain amount of speculative execution. For example, given some instructions that add two numbers and then store the result in memory, a processor might speculatively do the addition before ascertaining whether the destination in memory is actually accessible and writeable. In the common case, where the location  _is_  writeable, the processor managed to save some time, as it did the arithmetic in parallel with figuring out what the destination in memory was. If it discovers that the location isn't accessible—for example, a program trying to write to an address that has no mapping and no physical location at all—then it will generate an exception and the speculative execution is wasted.
Intel processors, specifically—[though not AMD ones][6]—allow speculative execution of ring 3 code that writes to ring 0 memory. The processors  _do_  properly block the write, but the speculative execution minutely disturbs the processor state, because certain data will be loaded into cache and the TLB in order to ascertain whether the write should be allowed. This in turn means that some operations will be a few cycles quicker, or a few cycles slower, depending on whether their data is still in cache or not. As well as this, Intel's processors have special features, such as the Software Guard Extensions (SGX) introduced with Skylake processors, that slightly change how attempts to access memory are handled. Again, the processor does still protect ring 0 memory from ring 3 programs, but again, its caches and other internal state are changed, creating measurable differences.
What we don't know, yet, is just how much kernel memory information can be leaked to user programs or how easily that leaking can occur. And which Intel processors are affected? Again it's not entirely clear, but indications are that every Intel chip with speculative execution (which is all the mainstream processors introduced since the Pentium Pro, from 1995) can leak information this way.
The first wind of this problem came from researchers from [Graz Technical University in Austria][7]. The information leakage they discovered was enough to undermine kernel mode Address Space Layout Randomization (kernel ASLR, or KASLR). ASLR is something of a last-ditch effort to prevent the exploitation of [buffer overflows][8]. With ASLR, programs and their data are placed at random memory addresses, which makes it a little harder for attackers to exploit security flaws. KASLR applies that same randomization to the kernel so that the kernel's data (including page tables) and code are randomly located.
The Graz researchers developed [KAISER][9], a set of Linux kernel patches to defend against the problem.
If the problem were just that it enabled the derandomization of ASLR, this probably wouldn't be a huge disaster. ASLR is a nice protection, but it's known to be imperfect. It's meant to be a hurdle for attackers, not an impenetrable barrier. The industry reaction—a fairly major change to both Windows and Linux, developed with some secrecy—suggests that it's not just ASLR that's defeated and that a more general ability to leak information from the kernel has been developed. Indeed, researchers have [started to tweet][10] that they're able to leak and read arbitrary kernel data. Another possibility is that the flaw can be used to escape out of a virtual machine and compromise a hypervisor.
The solution that both the Windows and Linux developers have picked is substantially the same, and derived from that KAISER work: the kernel page table entries are no longer shared with each process. In Linux, this is called Kernel Page Table Isolation (KPTI).
With the patches, the memory address is still split in two; it's just the kernel half is almost empty. It's not quite empty, because a few kernel pieces need to be mapped permanently, whether the processor is running in ring 3  _or_  ring 0, but it's close to empty. This means that even if a malicious user program tries to probe kernel memory and leak information, it will fail—there's simply nothing to leak. The real kernel page tables are only used when the kernel itself is running.
This undermines the very reason for the split address space in the first place. The TLB now needs to clear out any entries related to the real kernel page tables every time it switches to a user program, putting an end to the performance saving that splitting enabled.
The impact of this will vary depending on the workload. Every time a program makes a call into the kernel—to read from disk, to send data to the network, to open a file, and so on—that call will be a little more expensive, since it will force the TLB to be flushed and the real kernel page table to be loaded. Programs that don't use the kernel much might see a hit of perhaps 2-3 percent—there's still some overhead because the kernel always has to run occasionally, to handle things like multitasking.
But workloads that call into the kernel a ton will see much greater performance drop off. In a benchmark, a program that does virtually nothing  _other_  than call into the kernel saw [its performance drop by about 50 percent][11]; in other words, each call into the kernel took twice as long with the patch than it did without. Benchmarks that use Linux's loopback networking also see a big hit, such as [17 percent][12] in this Postgres benchmark. Real database workloads using real networking should see lower impact, because with real networks, the overhead of calling into the kernel tends to be dominated by the overhead of using the actual network.
While Intel systems are the ones known to have the defect, they may not be the only ones affected. Some platforms, such as SPARC and IBM's S390, are immune to the problem, as their processor memory management doesn't need the split address space and shared kernel page tables; operating systems on those platforms have always isolated their kernel page tables from user mode ones. But others, such as ARM, may not be so lucky; [comparable patches for ARM Linux][13] are under development.
<aside class="ad_native" id="ad_xrail_native" style="box-sizing: inherit;"></aside>
[][15][PETER BRIGHT][14]Peter is Technology Editor at Ars. He covers Microsoft, programming and software development, Web technology and browsers, and security. He is based in Brooklyn, NY.
--------------------------------------------------------------------------------
via: https://arstechnica.com/gadgets/2018/01/whats-behind-the-intel-design-flaw-forcing-numerous-patches/
作者:[ PETER BRIGHT ][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://arstechnica.com/author/peter-bright/
[1]:https://arstechnica.com/author/peter-bright/
[2]:https://arstechnica.com/gadgets/2018/01/whats-behind-the-intel-design-flaw-forcing-numerous-patches/?comments=1
[3]:https://twitter.com/aionescu/status/930412525111296000
[4]:https://lwn.net/SubscriberLink/741878/eb6c9d3913d7cb2b/
[5]:https://twitter.com/aionescu/status/948609809540046849
[6]:https://lkml.org/lkml/2017/12/27/2
[7]:https://gruss.cc/files/kaiser.pdf
[8]:https://arstechnica.com/information-technology/2015/08/how-security-flaws-work-the-buffer-overflow/
[9]:https://github.com/IAIK/KAISER
[10]:https://twitter.com/brainsmoke/status/948561799875502080
[11]:https://twitter.com/grsecurity/status/947257569906757638
[12]:https://www.postgresql.org/message-id/20180102222354.qikjmf7dvnjgbkxe@alap3.anarazel.de
[13]:https://lwn.net/Articles/740393/
[14]:https://arstechnica.com/author/peter-bright
[15]:https://arstechnica.com/author/peter-bright

154
sources/tech/20180125 Building a Linux-based HPC system on the Raspberry.md
View File

@ -1,154 +0,0 @@
Translating by qhwdw
Building a Linux-based HPC system on the Raspberry Pi with Ansible
============================================================
### Create a high-performance computing cluster with low-cost hardware and open source software.
![Building a Linux-based HPC system on the Raspberry Pi with Ansible](https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/code_computer_development_programming.png?itok=4OM29-82 "Building a Linux-based HPC system on the Raspberry Pi with Ansible")
Image by : opensource.com
In my [previous article for Opensource.com][14], I introduced the [OpenHPC][15] project, which aims to accelerate innovation in high-performance computing (HPC). This article goes a step further by using OpenHPC's capabilities to build a small HPC system. To call it an  _HPC system_  might sound bigger than it is, so maybe it is better to say this is a system based on the [Cluster Building Recipes][16] published by the OpenHPC project.
The resulting cluster consists of two Raspberry Pi 3 systems acting as compute nodes and one virtual machine acting as the master node:
![Map of HPC cluster](https://opensource.com/sites/default/files/u128651/hpc_with_pi-1.png "Map of HPC cluster")
My master node is running CentOS on x86_64 and my compute nodes are running a slightly modified CentOS on aarch64.
This is what the setup looks in real life:
![HPC hardware setup](https://opensource.com/sites/default/files/u128651/hpc_with_pi-2.jpg "HPC hardware setup")
To set up my system like an HPC system, I followed some of the steps from OpenHPC's Cluster Building Recipes [install guide for CentOS 7.4/aarch64 + Warewulf + Slurm][17] (PDF). This recipe includes provisioning instructions using [Warewulf][18]; because I manually installed my three systems, I skipped the Warewulf parts and created an [Ansible playbook][19] for the steps I took.
Once my cluster was set up by the [Ansible][26] playbooks, I could start to submit jobs to my resource manager. The resource manager, [Slurm][27] in my case, is the instance in the cluster that decides where and when my jobs are executed. One possibility to start a simple job on the cluster is:
```
[ohpc@centos01 ~]$ srun hostname
calvin
```
If I need more resources, I can tell Slurm that I want to run my command on eight CPUs:
```
[ohpc@centos01 ~]$ srun -n 8 hostname
hobbes
hobbes
hobbes
hobbes
calvin
calvin
calvin
calvin
```
In the first example, Slurm ran the specified command (`hostname`) on a single CPU, and in the second example Slurm ran the command on eight CPUs. One of my compute nodes is named `calvin` and the other is named `hobbes`; that can be seen in the output of the above commands. Each of the compute nodes is a Raspberry Pi 3 with four CPU cores.
Another way to submit jobs to my cluster is the command `sbatch`, which can be used to execute scripts with the output written to a file instead of my terminal.
```
[ohpc@centos01 ~]$ cat script1.sh
#!/bin/sh
date
hostname
sleep 10
date
[ohpc@centos01 ~]$ sbatch script1.sh
Submitted batch job 101
```
This will create an output file called `slurm-101.out` with the following content:
```
Mon 11 Dec 16:42:31 UTC 2017
calvin
Mon 11 Dec 16:42:41 UTC 2017
```
To demonstrate the basic functionality of the resource manager, simple and serial command line tools are suitable—but a bit boring after doing all the work to set up an HPC-like system.
A more interesting application is running an [Open MPI][20] parallelized job on all available CPUs on the cluster. I'm using an application based on [Game of Life][21], which was used in a [video][22] called "Running Game of Life across multiple architectures with Red Hat Enterprise Linux." In addition to the previously used MPI-based Game of Life implementation, the version now running on my cluster colors the cells for each involved host differently. The following script starts the application interactively with a graphical output:
```
$ cat life.mpi
#!/bin/bash
module load gnu6 openmpi3
if [[ "$SLURM_PROCID" != "0" ]]; then
    exit
fi
mpirun ./mpi_life -a -p -b
```
I start the job with the following command, which tells Slurm to allocate eight CPUs for the job:
```
$ srun -n 8 --x11 life.mpi
```
For demonstration purposes, the job has a graphical interface that shows the current result of the calculation:
![](https://opensource.com/sites/default/files/u128651/hpc_with_pi-3.png)
The position of the red cells is calculated on one of the compute nodes, and the green cells are calculated on the other compute node. I can also tell the Game of Life program to color the cell for each used CPU (there are four per compute node) differently, which leads to the following output:
![](https://opensource.com/sites/default/files/u128651/hpc_with_pi-4.png)
Thanks to the installation recipes and the software packages provided by OpenHPC, I was able to set up two compute nodes and a master node in an HPC-type configuration. I can submit jobs to my resource manager, and I can use the software provided by OpenHPC to start MPI applications utilizing all my Raspberry Pis' CPUs.
* * *
_To learn more about using OpenHPC to build a Raspberry Pi cluster, please attend Adrian Reber's talks at [DevConf.cz 2018][10], January 26-28, in Brno, Czech Republic, and at the [CentOS Dojo 2018][11], on February 2, in Brussels._
### About the author
[![](https://opensource.com/sites/default/files/styles/profile_pictures/public/pictures/gotchi-square.png?itok=PJKu7LHn)][23] Adrian Reber - Adrian is a Senior Software Engineer at Red Hat and is migrating processes at least since 2010\. He started to migrate processes in a high performance computing environment and at some point he migrated so many processes that he got a PhD for that and since he joined Red Hat he started to migrate containers. Occasionally he still migrates single processes and is still interested in high performance computing topics.[More about me][12]
--------------------------------------------------------------------------------
via: https://opensource.com/article/18/1/how-build-hpc-system-raspberry-pi-and-openhpc
作者:[Adrian Reber ][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://opensource.com/users/adrianreber
[1]:https://opensource.com/resources/what-are-linux-containers?utm_campaign=containers&intcmp=70160000000h1s6AAA
[2]:https://opensource.com/resources/what-docker?utm_campaign=containers&intcmp=70160000000h1s6AAA
[3]:https://opensource.com/resources/what-is-kubernetes?utm_campaign=containers&intcmp=70160000000h1s6AAA
[4]:https://developers.redhat.com/blog/2016/01/13/a-practical-introduction-to-docker-container-terminology/?utm_campaign=containers&intcmp=70160000000h1s6AAA
[5]:https://opensource.com/file/384031
[6]:https://opensource.com/file/384016
[7]:https://opensource.com/file/384021
[8]:https://opensource.com/file/384026
[9]:https://opensource.com/article/18/1/how-build-hpc-system-raspberry-pi-and-openhpc?rate=l9n6B6qRcR20LJyXEoUoWEZ4mb2nDc9sFZ1YSPc60vE
[10]:https://devconfcz2018.sched.com/event/DJYi/openhpc-introduction
[11]:https://wiki.centos.org/Events/Dojo/Brussels2018
[12]:https://opensource.com/users/adrianreber
[13]:https://opensource.com/user/188446/feed
[14]:https://opensource.com/article/17/11/openhpc
[15]:https://openhpc.community/
[16]:https://openhpc.community/downloads/
[17]:https://github.com/openhpc/ohpc/releases/download/v1.3.3.GA/Install_guide-CentOS7-Warewulf-SLURM-1.3.3-aarch64.pdf
[18]:https://en.wikipedia.org/wiki/Warewulf
[19]:http://people.redhat.com/areber/openhpc/ansible/
[20]:https://www.open-mpi.org/
[21]:https://en.wikipedia.org/wiki/Conway%27s_Game_of_Life
[22]:https://www.youtube.com/watch?v=n8DvxMcOMXk
[23]:https://opensource.com/users/adrianreber
[24]:https://opensource.com/users/adrianreber
[25]:https://opensource.com/users/adrianreber
[26]:https://www.ansible.com/
[27]:https://slurm.schedmd.com/
[28]:https://opensource.com/tags/raspberry-pi
[29]:https://opensource.com/tags/programming
[30]:https://opensource.com/tags/linux
[31]:https://opensource.com/tags/ansible

81
sources/tech/20180209 Linux rmdir Command for Beginners (with Examples).md
View File

@ -1,81 +0,0 @@
translated by cyleft
Linux rmdir Command for Beginners (with Examples)
======
So we've already discussed [the rm command][1] that's primarily used for deleting files and directories from the Linux command line. However, there's another, related command line utility that is specifically aimed at removing directories. The tool in question is **rmdir** , and in this tutorial, we will discuss the basics of it using some easy to understand examples.
#### Linux rmdir command
As the name suggests, the rmdir command is focused at removing directories, although empty-ones only. Following is its syntax:
```
rmdir [OPTION]... DIRECTORY...
```
And here's how the man page explains it:
```
Remove the DIRECTORY(ies), if they are empty.
```
The following Q&A-styled examples should give you a good idea on how this utility works.
#### Q1. How rmdir works?
That's pretty straight forward - just pass the directory name as input to the command. For example:
```
rmdir test-dir
```
[![How rmdir works][2]][3]
#### Q2. How to make rmdir ignore non-empty directories.
BY default, the rmdir command throws an error if you try deleting a non-empty directory. However, if you want, you can suppress this behavior of rmdir using the --ignore-fail-on-non-empty option.
For example:
[![How to make rmdir ignore non-empty directories][4]][5]
#### Q3. How to make rmdir remove parent directories as well?
Just like in the case of [mkdir][6], you can also ask rmdir to perform its operation on parent directories. What that means is, you can also delete parent directories of a directory in one go. This feature is accessible through the -p command line option.
For example, the following command will delete both 'test' and 'test-dir' directories.
```
rmdir -p test/test-dir/
```
**Note** : For this operation to work, all parent directories should not contain anything other than the empty-directory being deleted.
#### Q4. What is the difference between rmdir and rm -r ?
If you remember, you can also delete directories using the rm command by enabling the -r option it provides. So what's the difference between that and rmdir? Well, the answer is rmdir only works in the case of empty directories - there's no way whatsoever you can use to make rmdir delete non-empty directories.
So rmdir is a useful in tool in those situations where you otherwise need to check if a directory is empty before deleting it.
#### Conclusion
As you'll agree, rmdir isn't a complex command to understand and use. Plus, it offers only a handful command line options. We've discussed almost all of them here, so practice the examples mentioned in this article, and you should be good to go. Just in case you need, [here's the man page][7] for rmdir.
--------------------------------------------------------------------------------
via: https://www.howtoforge.com/linux-rmdir-command/
作者:[Himanshu Arora][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://www.howtoforge.com
[1]:https://www.howtoforge.com/linux-rm-command/
[2]:https://www.howtoforge.com/images/command-tutorial/rm-basic-usage1.png
[3]:https://www.howtoforge.com/images/command-tutorial/big/rm-basic-usage1.png
[4]:https://www.howtoforge.com/images/command-tutorial/rmdir-ignore-nonempty.png
[5]:https://www.howtoforge.com/images/command-tutorial/big/rmdir-ignore-nonempty.png
[6]:https://www.howtoforge.com/linux-mkdir-command/
[7]:https://linux.die.net/man/1/rmdir

1
sources/tech/20180210 How to create AWS ec2 key using Ansible.md
View File

@ -1,3 +1,4 @@
@qianghaohao 翻译中
How to create AWS ec2 key using Ansible
======

191
sources/tech/20180214 Building a Linux-based HPC system on the Raspberry Pi with Ansible.md
View File

@ -1,191 +0,0 @@
Building a Linux-based HPC system on the Raspberry Pi with Ansible
==================================================================
### Create a high-performance computing cluster with low-cost hardware and open source software.
![Building a Linux-based HPC system on the Raspberry Pi with Ansible](https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/code_computer_development_programming.png?itok=4OM29-82 "Building a Linux-based HPC system on the Raspberry Pi with Ansible")
Image by :opensource.com
### Get the newsletter
Join the 85,000 open source advocates who receive our giveaway alerts and article roundups.
In my [previous article for Opensource.com](https://opensource.com/article/17/11/openhpc), I introduced the [OpenHPC](https://openhpc.community/) project, which aims to accelerate innovation in high-performance computing (HPC). This article goes a step further by using OpenHPC's capabilities to build a small HPC system. To call it an _HPC system_ might sound bigger than it is, so maybe it is better to say this is a system based on the [Cluster Building Recipes](https://openhpc.community/downloads/) published by the OpenHPC project.
The resulting cluster consists of two Raspberry Pi 3 systems acting as compute nodes and one virtual machine acting as the master node:
![Map of HPC cluster](https://opensource.com/sites/default/files/u128651/hpc_with_pi-1.png "Map of HPC cluster")
My master node is running CentOS on x86_64 and my compute nodes are running a slightly modified CentOS on aarch64.
This is what the setup looks in real life:
![HPC hardware setup](https://opensource.com/sites/default/files/u128651/hpc_with_pi-2.jpg "HPC hardware setup")
To set up my system like an HPC system, I followed some of the steps from OpenHPC's Cluster Building Recipes [install guide for CentOS 7.4/aarch64 + Warewulf + Slurm](https://github.com/openhpc/ohpc/releases/download/v1.3.3.GA/Install_guide-CentOS7-Warewulf-SLURM-1.3.3-aarch64.pdf) (PDF). This recipe includes provisioning instructions using [Warewulf](https://en.wikipedia.org/wiki/Warewulf); because I manually installed my three systems, I skipped the Warewulf parts and created an [Ansible playbook](http://people.redhat.com/areber/openhpc/ansible/) for the steps I took.
Linux Containers
* [What are Linux containers?](https://opensource.com/resources/what-are-linux-containers?utm_campaign=containers&intcmp=70160000000h1s6AAA)
* [What is Docker?](https://opensource.com/resources/what-docker?utm_campaign=containers&intcmp=70160000000h1s6AAA)
* [What is Kubernetes?](https://opensource.com/resources/what-is-kubernetes?utm_campaign=containers&intcmp=70160000000h1s6AAA)
* [An introduction to container terminology](https://developers.redhat.com/blog/2016/01/13/a-practical-introduction-to-docker-container-terminology/?utm_campaign=containers&intcmp=70160000000h1s6AAA)
Once my cluster was set up by the [Ansible](https://www.ansible.com/) playbooks, I could start to submit jobs to my resource manager. The resource manager, [Slurm](https://slurm.schedmd.com/) in my case, is the instance in the cluster that decides where and when my jobs are executed. One possibility to start a simple job on the cluster is:
```
[ohpc@centos01 ~]$ srun hostname
calvin
```
If I need more resources, I can tell Slurm that I want to run my command on eight CPUs:
```
[ohpc@centos01 ~]$ srun -n 8 hostname
hobbes
hobbes
hobbes
hobbes
calvin
calvin
calvin
calvin
```
In the first example, Slurm ran the specified command (`hostname`) on a single CPU, and in the second example Slurm ran the command on eight CPUs. One of my compute nodes is named `calvin` and the other is named `hobbes`; that can be seen in the output of the above commands. Each of the compute nodes is a Raspberry Pi 3 with four CPU cores.
Another way to submit jobs to my cluster is the command `sbatch`, which can be used to execute scripts with the output written to a file instead of my terminal.
```
[ohpc@centos01 ~]$ cat script1.sh
#!/bin/sh
date
hostname
sleep 10
date
[ohpc@centos01 ~]$ sbatch script1.sh
Submitted batch job 101
```
This will create an output file called `slurm-101.out` with the following content:
```
Mon 11 Dec 16:42:31 UTC 2017
calvin
Mon 11 Dec 16:42:41 UTC 2017
```
To demonstrate the basic functionality of the resource manager, simple and serial command line tools are suitable—but a bit boring after doing all the work to set up an HPC-like system.
A more interesting application is running an [Open MPI](https://www.open-mpi.org/) parallelized job on all available CPUs on the cluster. I'm using an application based on [Game of Life](https://en.wikipedia.org/wiki/Conway%27s_Game_of_Life), which was used in a [video](https://www.youtube.com/watch?v=n8DvxMcOMXk) called "Running Game of Life across multiple architectures with Red Hat Enterprise Linux." In addition to the previously used MPI-based Game of Life implementation, the version now running on my cluster colors the cells for each involved host differently. The following script starts the application interactively with a graphical output:
```
$ cat life.mpi
#!/bin/bash
module load gnu6 openmpi3
if [[ "$SLURM_PROCID" != "0" ]]; then
exit
fi
mpirun ./mpi_life -a -p -b
```
I start the job with the following command, which tells Slurm to allocate eight CPUs for the job:
```
$ srun -n 8 --x11 life.mpi
```
For demonstration purposes, the job has a graphical interface that shows the current result of the calculation:
![](https://opensource.com/sites/default/files/u128651/hpc_with_pi-3.png)
The position of the red cells is calculated on one of the compute nodes, and the green cells are calculated on the other compute node. I can also tell the Game of Life program to color the cell for each used CPU (there are four per compute node) differently, which leads to the following output:
![](https://opensource.com/sites/default/files/u128651/hpc_with_pi-4.png)
Thanks to the installation recipes and the software packages provided by OpenHPC, I was able to set up two compute nodes and a master node in an HPC-type configuration. I can submit jobs to my resource manager, and I can use the software provided by OpenHPC to start MPI applications utilizing all my Raspberry Pis' CPUs.
* * *
_To learn more about using OpenHPC to build a Raspberry Pi cluster, please attend Adrian Reber's talks at [DevConf.cz 2018](https://devconfcz2018.sched.com/event/DJYi/openhpc-introduction), January 26-28, in Brno, Czech Republic, and at the [CentOS Dojo 2018](https://wiki.centos.org/Events/Dojo/Brussels2018), on February 2, in Brussels._
About the author
----------------
[![](https://opensource.com/sites/default/files/styles/profile_pictures/public/pictures/gotchi-square.png?itok=PJKu7LHn)](https://opensource.com/users/adrianreber)
Adrian Reber - Adrian is a Senior Software Engineer at Red Hat and is migrating processes at least since 2010. He started to migrate processes in a high performance computing environment and at some point he migrated so many processes that he got a PhD for that and since he joined Red Hat he started to migrate containers. Occasionally he still migrates single processes and is still interested in high performance computing topics.
[More about me](https://opensource.com/users/adrianreber)
* * *
via: [https://opensource.com/article/18/1/how-build-hpc-system-raspberry-pi-and-openhpc](https://opensource.com/article/18/1/how-build-hpc-system-raspberry-pi-and-openhpc)
作者: [Adrian Reber](https://opensource.com/users/adrianreber) 选题者: [@lujun9972](https://github.com/lujun9972) 译者: [译者ID](https://github.com/译者ID) 校对: [校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出

93
translated/tech/20171016 Using the Linux find command with caution.md
View File

@ -1,93 +0,0 @@
谨慎使用 Linux find 命令
======
![](https://images.idgesg.net/images/article/2017/10/caution-sign-100738884-large.jpg)
最近有朋友提醒我可以添加一个有用的选项来更加谨慎地运行 find 命令,它是 -ok。除了一个重要的区别之外它的工作方式与 -exec 相似,它使 find 命令在执行指定的操作之前请求权限。
这有一个例子。如果你使用 find 命令查找文件并删除它们,则可以运行下面的命令:
```
$ find . -name runme -exec rm {} \;
```
在当前目录及其子目录中中任何名为 “runme” 的文件都将被立即删除 - 当然,你要有权删除它们。改用 -ok 选项你会看到类似这样的东西find 命令将在删除文件之前会请求权限。回答 **y** 代表 “yes” 将允许 find 命令继续并逐个删除文件。
```
$ find . -name runme -ok rm {} \;
< rm ... ./bin/runme > ?
```
### -exedir 命令也是一个选项
另一个可以用来修改 find 命令行为并可能使其更可控的选项是 -execdir 。其中 -exec 运行指定的任何命令,-execdir 从文件所在的目录运行指定的命令,而不是在运行 find 命令的目录运行。这是一个它的例子:
```
$ pwd
/home/shs
$ find . -name runme -execdir pwd \;
/home/shs/bin
```
```
$ find . -name runme -execdir ls \;
ls rm runme
```
到现在为止还挺好。但要记住的是,-execdir 也会在匹配文件的目录中执行命令。如果运行下面的命令,并且目录包含一个名为 “ls” 的文件那么即使该文件没有_执行权限它也将运行该文件。使用 **-exec** 或 **-execdir** 类似于通过 source 来运行命令。
```
$ find . -name runme -execdir ls \;
Running the /home/shs/bin/ls file
```
```
$ find . -name runme -execdir rm {} \;
This is an imposter rm command
```
```
$ ls -l bin
total 12
-r-x------ 1 shs shs 25 Oct 13 18:12 ls
-rwxr-x--- 1 shs shs 36 Oct 13 18:29 rm
-rw-rw-r-- 1 shs shs 28 Oct 13 18:55 runme
```
```
$ cat bin/ls
echo Running the $0 file
$ cat bin/rm
echo This is an imposter rm command
```
### -okdir 选项也会请求权限
要更谨慎,可以使用 **-okdir** 选项。类似 **-ok**,该选项将请求权限来运行该命令。
```
$ find . -name runme -okdir rm {} \;
< rm ... ./bin/runme > ?
```
你也可以小心地指定你想用的命令的完整路径,以避免像上面那样的冒牌命令出现的任何问题。
```
$ find . -name runme -execdir /bin/rm {} \;
```
find 命令除了默认打印之外还有很多选项,有些可以使你的文件搜索更精确,但谨慎一点总是好的。
在 [Facebook][1] 和 [LinkedIn][2] 上加入网络世界社区来进行评论。
--------------------------------------------------------------------------------
via: https://www.networkworld.com/article/3233305/linux/using-the-linux-find-command-with-caution.html
作者:[Sandra Henry-Stocker][a]
译者:[geekpi](https://github.com/geekpi)
校对:[Locez](https://github.com/locez)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://www.networkworld.com/author/Sandra-Henry_Stocker/
[1]:https://www.facebook.com/NetworkWorld/
[2]:https://www.linkedin.com/company/network-world

164
translated/tech/20171117 How to Install and Use Docker on Linux.md
View File

@ -1,164 +0,0 @@
在 Linux 上安装被使用 Docker
======
![](https//www.linux.com/sites/lcom/files/styles/rendered_file/public/use-containers.jpgitok=s3YLmYHs)
容器现在风靡于 IT 界 -- 这很好理解。容器是轻量级的,包含应用运行所需所有东西(代码,库,运行时环境,系统设置,以及依赖关系)的独立的包。每个容器都有自己的 CPU内存block I/O以及网络资源所有这些都不依赖于单独的内核和操作系统。这也是容器与虚拟机之间最大的不同; 相比之下,虚拟机是一个运行于主机操作系统上的完整的操作系统平台,而容器不是。
容器允许你以一种前所未有的方式扩展交付能力(不管内部还是外部的)。例如,你可以快速部署多个 NGINX 实例(甚至可以应用于多个不同的阶段 -- 比如开发和生产阶段)。跟虚拟机不同,容器不会消耗太多系统资源。
[Docker][1] 使得创建,部署,和管理容器变得特别简单。更好的是,安装和使用 Docker 在 Linux 平台上特别的方便。
我将会向你演示在 Linux 上安装 Docker 是多么方便,同时带你入门 Docker。我的演示平台是 [Ubuntu 16.04 Server][2],但流程在大多数其他 Linux 平台都差不多。
我这里假设你已经启动了 Ubuntu Server 16.04。
### 安装
由于 Ubuntu Server 16.04 缺少图形界面,我会完全在完全通过命令行来安装和使用 Docker。在你安装前你需要更新 apt 然后进行必要的升级。一定要注意,若系统内核升级了,你会需要重启系统。因此最好挑个服务器能重启的时间进行。
运行下面命令更新 apt
```
sudo apt update
```
完成后,使用命令升级系统:
```
sudo apt upgrade
```
若内核升级了,你需要用下面命令重启服务器:
```
sudo reboot
```
若内核没有升级,你就可以安装 Docker 了(无需重启)。安装 Docker 的命令为:
```
sudo apt install docker.io
```
若你使用的是其他 Linux 发行版,当尝试用相应的包管理器来安装时却发现没有 docker.io 包,则你应该安装 docker 包。例如,在 [Fedora][3] 上安装应该用命令:
```
sudo dnf install docker
```
若你使用的是 CentOS 7那么最好使用安装脚本来安装 docker。首先使用命令 `sudo yum check-update` 更新系统。升级完后,输入下面命令来下载并运行所需的脚本:
```
curl -fsSL https://get.docker.com/ | sh
```
默认情况下,只有管理员权限能够运行 docker 命令。考虑到安全问题,你不会想用 root 用户或使用 sudo 来运行 Docker 的。要解决这个问题,你需要将自己的用户加入到 docker 组中。命令如下:
```
sudo usermod -a -G docker $USER
```
完成操作后,登出系统然后再重新登陆,应该就搞定了。不过若你的平台是 Fedora则添加用户到 docker 组时会发现这个组是不存在的。那该怎么办呢?你需要首先创建这个组。命令如下:
```
sudo groupadd docker && sudo gpasswd -a ${USER} docker && sudo systemctl restart docker
newgrp docker
```
登出后再登陆。就可以开始用 Docker 了。
### 启动,暂停以及启用 Docker
安装好 Docker 后,你可以让系统在启动时自动启动 Docker 守护进程。使用下面两个命令来实现这一点:
```
sudo systemctl start docker
sudo systemctl enable docker
```
若需要暂停或重启 Docker 守护进程,则命令为:
```
sudo systemctl stop docker
sudo systemctl restart docker
```
现在可以用 Docker 来部署容器了。
### 拉取镜像
对 Docker 来说,镜像是构建容器的基石。你可以拉下一个镜像 (比如 [NGINX][4]) 然后根据这个镜像部署任意多个容器出来。使用镜像前,你首先需要把镜像拉取到系统中。镜像从注册仓库中拉取,默认情况下安装好的 Docker 包含了一个默认的注册仓库 [Docker Hub][5] -- 这个注册仓库包含了大量别人所贡献的镜像(即包活官方的镜像也包括用户自己贡献的镜像)。
假设你想要拉取一个 Nginx web 服务器相关的镜像。在开始拉取前,先检查一下系统中已经有了哪些镜像。输入 `docker images` 命令你会发现现在还没有镜像存在(图 1)。
![Docker][7]
图 1还没有镜像。
[Used with permission][8]
让我们来拉取一个镜像。使用下面命令可以从 Docker Hub 中下载 Nginx 镜像:
```
docker pull nginx
```
上面命令会从 Docker Hub 下载最新的(官方的) Nginx 镜像。现在再运行 `docker images` 命令就能看到有列出镜像了(图 2)。
![Docker][10]
图 2NGINX 镜像已经被拉取下来了。
[Used with permission][8]
注意到我这里说的是 "官方" Nginx 镜像了吗?在 Docker Hub 上有很多的非官方 Nginx 镜像。这些非官方镜像都是基于各种不同的目的而创建出来的。你可以使用下面过命令来搜索 Docker Hub 中的所有 Nginx 镜像
```
docker search nginx
```
你会发现(图 3),有很多基于不同目的所创建的 Nginx 镜像(反向代理PHP-FPM(LCTT 注FastCGI Process Manager(FastCGI 进程管理器)是一个 PHPFastCGI 管理器,旨在将 FastCGI 进程管理整合进 PHP 包中。)功能LetsEncrypt(LCTT 注:由 ISRGInternet Security Research Group 提供的免费 SSL 项目)Bitnami(LCTT 注:一个开源项目,提供 wordpress、joomla、drupal、bbpress 等开源程序的傻瓜式安装包下载,所有的安装包内置了服务器环境),在树梅派上使用 Nginx 和 Drupal等等很多很多)。
![Docker hub][12]
图 3Docker Hub 上找到的各种 NGINX 镜像。
[Used with permission][8]
假设,你想要下载内建有反向代理功能的 Nginx 镜像。这个非官方的镜像为 jwilder/nginx-proxy。因此输入下面命令来拉取这个镜像
```
docker pull jwilder/nginx-proxy
```
再输入 `docker images` 命令来查看新拉下来的这个镜像(图 4)。
![Nginx][14]
图 4已经有了两种不同的 NGINX 镜像了。
[Used with permission][8]
处于谨慎考虑,我建议只使用官方镜像,毕竟你无法确定非官方镜像是否包含了恶意代码。
有了镜像后就可以用它来部署容器了。下次我们再聊聊如何通过这些 Nginx 镜像来发布容器。
Docker 是一个超级强力的系统可以让你的工作更简单,让你的公司更具有伸缩性,也更灵活。想知道 Docker 还能做什么,运行 `man docker` 然后阅读他的帮助文档吧。
--------------------------------------------------------------------------------
via: https://www.linux.com/learn/intro-to-linux/2017/11/how-install-and-use-docker-linux
作者:[Jack Wallen][a]
译者:[lujun9972](https://github.com/lujun9972)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://www.linux.com/users/jlwallen
[1]:https://www.docker.com/
[2]:http://releases.ubuntu.com/16.04/
[3]:https://getfedora.org/
[4]:https://www.nginx.com/
[5]:https://hub.docker.com/
[6]:/files/images/docker1jpg
[7]:https://www.linux.com/sites/lcom/files/styles/rendered_file/public/docker_1.jpg?itok=CxSyyXyF (Docker)
[8]:/licenses/category/used-permission
[9]:/files/images/docker2jpg
[10]:https://www.linux.com/sites/lcom/files/styles/rendered_file/public/docker_2.jpg?itok=TESa7bYr (Docker)
[11]:/files/images/docker3jpg
[12]:https://www.linux.com/sites/lcom/files/styles/rendered_file/public/docker_3.jpg?itok=_7F4QWqx (Docker hub)
[13]:/files/images/docker4jpg
[14]:https://www.linux.com/sites/lcom/files/styles/rendered_file/public/docker_4.jpg?itok=f13E1L0Q (Nginx)

299
translated/tech/20171228 Dual Boot Ubuntu And Arch Linux.md
View File

@ -1,299 +0,0 @@
Ubuntu 和 Arch Linux 双启动
======
![](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/dual-boot-ubuntu-and-arch-linux_orig.jpg)
**Ubuntu And Arch Linux 双启动** 不像听起来那么容易, 然而,我将使这个过程尽可能地简单明了。首先,我们需要安装 Ubuntu然后安装 Arch Linux因为配置 Ubuntu grub更容易实现**Ubuntu 和 Arch Linux 双启动**
### Ubuntu And Arch Linux 双启动
你需要准备好以下内容:
1、你需要准备你所选择的 Ubuntu 的特色版本,在这个例子中,我将使用 Ubuntu 17.10 ISO
2、两个优盘
3、Windows 或者 Linux 操作系统的 PC 机
4、Arch Linux ISO
5、基于 Windows 的 Rufus 或是基于 Linux 发行版的 etcher 的两款软件中的一种,要根据自己的系统类型来选择哦。
### ​安装 Ubuntu
​首先, 利用 `Rufus` 为 Ubuntu 和 Arch Linux[创建可引导的闪存驱动器][1]。另外,也可以使用 `etcher` 创建 Ubuntu 和 Arch Linux 的可引导闪存驱动器。
[![Ubuntu 可启动 USB 镜像写入工具](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/bootable-ubuntu-usb-etcher-image-writer_orig.jpg)][2]
为 Ubuntu 选择 ISO 映像文件,然后选择闪存驱动器,然后单击 `Flash` 创建可引导的闪存驱动器。等到它完成,瞧!你的启动闪存已经准备好使用了。
[![make ubuntu usb bootable in linux在 linux 下创建 Ubuntu USB 引导程序](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/make-ubuntu-usb-bootable-in-linux_orig.jpg)][3]
打开你的机器并使用载有 Ubuntu 安装媒体的启动闪存驱动器进行启动。确保引导到 UEFI 或 BIOS 兼容模式,这取决于您所使用的 PC 的类型。我更喜欢使用 UEFI 来构建新的 PC 。
[![Ubuntu 自生系统登陆](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/live-ubuntu-boot_orig.jpg)][4]
​在成功启动后,您将看到如上图显示,要求您尝试 Ubuntu 或安装 Ubuntu选择安装 Ubuntu。
[![从自生可启动 USB 安装](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/install-usb-from-live-usb_orig.jpg)][5]
然后检查安装第三方软件的图形和 Wifi 硬件MP3 和其他媒体。如果你有一个互联网连接,你可以选择在安装 Ubuntu 的时候下载更新,因为它会节省安装时间,并且确保安装的是最新更新。
[![自定义磁盘分区安装 Ubuntu](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/custom-partition-hd-install-ubuntu_orig.jpg)][6]
​然后选择点击`Something else`,这样我们就可以对硬盘进行分区,并预留出 Ubuntu 和 Archlinux 的分区以及他们的交换分区的空间。
[![create swap partition ubuntu](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/create-swap-partition-ubuntu_orig.jpg)][7]
​创建一个交换分区。最好是内存的一半大小。在我的例子中,我有 1 GB 的内存,因此创建一个 512 MB 的交换空间。
[![安装 Ubuntu 到根(/)分区](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/install-ubuntu-root-partition_orig.jpg)][8]
然后创建一个带有挂载点`/`的根分区并且点击`Install Now`按钮。
[![选择时区](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/select-ubuntu-timezone_orig.jpg)][9]
接下来选择语言和键盘设置。
[![选择键盘布局](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/install-ubuntu-select-location-keyboard-layout_orig.jpg)][10]
​然后创建新用户的用户凭据。
[![创建用户名, 系统名及安装](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/create-username-system-name-ubuntu-install_orig.jpg)][11]
​点击`Next`开始安装。
[![ubuntu installation finishing](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/ubuntu-installation-finishing_orig.jpg)][12]
​当安装完成后点击`Restart Now`重启 PC。
[![完成 Ubtuntu 安装并重启系统](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/ubuntu-installation-finished_orig.jpg)][13]
​移除安装媒介,按下回车继续。
[![移除安装媒介](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/remove-installation-media-after-ubuntu_orig.jpg)][14]
在确认成功安装后,重新启动并利用 Arch Linux 安装媒介引导。
### ​安装 Arch Linux
​在引导到 **Arch Linux 安装媒体**时,您应该看到如下所示的初始屏幕。选择 `Boot Arch Linux(x86_64)`。注意 Arch Linux 更多情况下类似于 [DYF][15] (自我定制)的一种操作系统。
[![Arch Linux 安装引导菜单](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/arch-linux-installation-boot-menu_orig.jpg)][16]
选择之后,它将打开一个`tty1`终端,您将使用它来安装操作系统。
[![tty终端](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/arch-linux-tty1-linux_orig.png)][17] 注意:为了成功安装 Arch Linux您需要一个互联网连接来下载一些必须的系统安装包。所以我们需要检查一下互联网是否运行正常。输入以下命令到终端以检查网络连接。
```ping linuxandubuntu.com -c 4```
[![检查互联网连接](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/arch-linux-ping-check-internet-connection_orig.png)][18]
如果因特网运行正常你应该得到一个回显显示发送和接收的数据包的数量。在这种情况下我们发送了4个回波并得到了4个反馈这意味着连接是正常的。
如果想在 Arch Linux 中设置 Wifi请阅读[本文][19],在 Arch Linux 中配置 Wifi。
​接下来,我们需要选择之前在安装 Ubuntu 时预留出的空闲分区。
```fdisk -l``
​上面的命令应该显示可用的磁盘分区在哪里。您应该能看到 Ubuntu 分区以及预留的空闲空间。我们将使用`cfdisk`命令进行分区。
```cfdisk```
[![利用cfdisk命令安装 Ach 分区](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/install-arch-partition-disk-with-cfdisk_orig.png)][20]
执行命令后将看到分区情况。选择其他已分配分区下面的空闲空间。
您需要选择 `New`,然后输入分区大小。
[![为 Archlinux 分区](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/partition-free-space-swap-arch-linux_orig.png)][21] 例如9.3G - G 表示千兆字节。[![安装 Arch Linux 分区](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/install-arch-linux-partition_orig.png)][22]
如下图所示,选择`primary`进行分区
[![将 Arch Linux 的根root分区设置成主分区](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/make-arch-linux-root-as-primary-partition_orig.png)][23] 然后选择写分区条目。 [![选择分区安装 Arch](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/select-partition-to-install-arch_orig.png)][24]
​键入`yes`,以确认写入分区表。
[![确认创建分区并安装 Arch Linux](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/install-arch-linux-confirm-create-partition_orig.png)][25]
然后选择 `Quit`(退出)选项。
[![退出 Arch Linux 的cfdisk](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/quit-cfdisk-arch-linux_orig.png)][26] 然后键入:
```fdisk -l```
​确认修改
[![确认分区修改](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/confirm-partition-changes_orig.png)][27]
​然后使用磁盘分区命令:
```mkfs.ext4 /dev/sda3```
​确保您选择的分区是我们创建的最后一个分区,这样我们就不会破坏 Ubuntu 分区。
[![完成 Arch Linux 分区安装](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/complete-arch-linux-installation-partition_orig.png)][28]
​然后使用以下命令安装这个分区 -
```mount /dev/sda3 /mnt```
[![安装基础分区](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/published/mount-base-partition-in-arch-linux.png?1514472693)][29]
用下面命令创建`home`目录
```mkdir .mnt/home```
[![安装家目录](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/published/mount-home-partition-arch-linux.png?1514472866)][30]
​用一下命令安装`home`目录到这个分区上
mount /dev/sda3 /mnt/home
[![安装家目录](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/published/make-mount-home-directory.png?1514472960)][31]
现在使用以下命令安装 Archlinux 的基本系统:
```pacstrap /mnt base```
请确保网络连接正常。
接下来开始下载和配置安装所用时间取决于你的网速。
[![安装Arch Linux 基础系统](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/published/install-arch-linux-base.png?1514473056)][32]
这一步骤完成后,将完成 Archlinux 基本安装。
Arch Linux 基础系统安装完成后,使用以下命令创建一个`fstab`文件:
genfstab -U /mnt >> /mnt/etc/fstab
[![创建 fstab文件](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/published/create-fstab-file-in-arch-linux.png?1514473226)][33]
在此之后,您需要验证`fstab`文件,使用下面命令:
```cat /mnt/etc/fstab```
[![查看fstab文件的终端显示](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/published/cat-fstab-file-data-terminal.png?1514473304)][34]
### Configuring Arch Linux: the basic configuration配置 Arch Linux:基础配置
您将需要在安装时配置以下内容:
1. 系统语言和系统语言环境
2. 系统时区
3. Root用户密码
4. 设置主机名
Firstly, you will need to switch to the newly installed base by changing root into the system using the command:
首先,您需要使用以下命令将`root`切换为新安装的基础系统用户:
```arch-chroot /mnt```
#### 系统语言和系统语言环境
然后必须配置系统语言。必须取消对 en_Utf-8 UTF-8的注释并加载到文件`/etc/local.gen`中
键入:
```nano /etc/local.gen```
然后将 en_UTF-8 UTF-8 取消注释
键入命令:
```locale-gen```
生成本地化设置如下:
[![生成本地化配置](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/published/generate-localization-arch-linux.png?1514473406)][35] 相应的需要在`locale.conf`文件中配置 LANG 变量。例如:
```nano /etc/locale.conf```
​修改为:
```LANG=en_US.UTF-8```
配置键盘布局,则在文件`vconsole.conf`中进行更改,如下操作:
```nano /etc/vconsole.conf```
​修改为:
```KEYMAP=us-eng```
#### 2\. 系统时区
​配置时区需要利用一下命令实现
```ln -sf /usr/share/zoneinfo/Region/City /etc/localtime```
要查看可用时区,可以在终端使用以下命令:
注意可选时区在屏幕截图中显示为蓝色:
```ls /usr/share/zoneinfo```
[![配置时区文件](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/published/setup-zonefile-in-arch-linux.png?1514473483)][36] [![配置地区](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/setup-country-zonefile_orig.png)][37] 运行`hwclock`命令来生成``/etc/adjtime``(假设硬件时钟被设置为UTC):
```# hwclock --systohc```
#### 3\. 配置 Root 用户密码
​要为 Arch Linux 系统用户`root`设置密码,请使用:
```Passwd```
​为`root`用户提供一个新的密码并确认密码使其生效。
[![配置系统用户root密码](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/published/setup-arch-linux-root-password.png?1514473649)][38]
#### 4\. 配置主机名和网络
​需要创建主机名文件:
```nano /etc/hostname```
[![配置主机名](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/published/set-arch-linux-hostname.png?1514473741)][39]
将名字更改为您的用户名:
[![set arch linux username](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/published/set-arch-linux-username.png?1514473822)][40] 然后向主机添加一个匹配的条目:
```nano /etc/hosts
127.0.0.1 localhost.localdomain localhost
::1 localhost.localdomain localhost
127.0.1.1 LinuxandUbuntu.localdomain LinuxandUbuntu```
您需要使网络保持连接,然后使用:
```systemctl enable dhcpd```
#### 配置 Grub
然后重启机器,进入 Ubuntu 配置 grub。
你可以键入:
```reboot```
[![安装完成后重启](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/published/reboot-system-after-arch-linux-installation.png?1514474180)][41]
Arch Linux 安装仍然没有出现,因此我们需要在 Ubuntu 中使用 `update-grub`来安装它。
[![Ubuntu grub 菜单](http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/published/ubuntu-grub-menu.png?1514474302)][42] 在Ubuntu中打开终端输入:
```sudo update-grub```
它应该更新grub添加 Arch Linux 记录。
### 小结
祝贺您成功地将Ubuntu和Arch Linux设置为双引导。Ubuntu安装很简单但是Arch Linux安装对新的Linux用户来说是一个挑战。我试着让这个教程变得简单。但是如果你对这篇文章有任何疑问请在评论部分告诉我。还可以与您的朋友分享这篇文章并帮助他们学习Linux。
--------------------------------------------------------------------------------
via: http://www.linuxandubuntu.com/home/dual-boot-ubuntu-and-arch-linux
作者:[LinuxAndUbuntu][a]
译者:[stevenzdg988](https://github.com/stevenzdg988)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:http://www.linuxandubuntu.com
[1]:http://www.linuxandubuntu.com/home/etcher-burn-images-to-sd-card-make-bootable-usb
[2]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/bootable-ubuntu-usb-etcher-image-writer_orig.jpg
[3]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/make-ubuntu-usb-bootable-in-linux_orig.jpg
[4]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/live-ubuntu-boot_orig.jpg
[5]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/install-usb-from-live-usb_orig.jpg
[6]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/custom-partition-hd-install-ubuntu_orig.jpg
[7]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/create-swap-partition-ubuntu_orig.jpg
[8]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/install-ubuntu-root-partition_orig.jpg
[9]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/select-ubuntu-timezone_orig.jpg
[10]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/install-ubuntu-select-location-keyboard-layout_orig.jpg
[11]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/create-username-system-name-ubuntu-install_orig.jpg
[12]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/ubuntu-installation-finishing_orig.jpg
[13]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/ubuntu-installation-finished_orig.jpg
[14]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/remove-installation-media-after-ubuntu_orig.jpg
[15]:http://www.linuxandubuntu.com/home/arch-linux-take-your-linux-knowledge-to-next-level-review
[16]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/arch-linux-installation-boot-menu_orig.jpg
[17]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/arch-linux-tty1-linux_orig.png
[18]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/arch-linux-ping-check-internet-connection_orig.png
[19]:http://www.linuxandubuntu.com/home/how-to-setup-a-wifi-in-arch-linux-using-terminal
[20]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/install-arch-partition-disk-with-cfdisk_orig.png
[21]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/partition-free-space-swap-arch-linux_orig.png
[22]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/install-arch-linux-partition_orig.png
[23]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/make-arch-linux-root-as-primary-partition_orig.png
[24]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/select-partition-to-install-arch_orig.png
[25]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/install-arch-linux-confirm-create-partition_orig.png
[26]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/quit-cfdisk-arch-linux_orig.png
[27]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/confirm-partition-changes_orig.png
[28]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/complete-arch-linux-installation-partition_orig.png
[29]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/edited/mount-base-partition-in-arch-linux.png
[30]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/edited/mount-home-partition-arch-linux.png
[31]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/edited/make-mount-home-directory.png
[32]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/edited/install-arch-linux-base.png
[33]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/edited/create-fstab-file-in-arch-linux.png
[34]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/edited/cat-fstab-file-data-terminal.png
[35]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/edited/generate-localization-arch-linux.png
[36]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/edited/setup-zonefile-in-arch-linux.png
[37]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/setup-country-zonefile_orig.png
[38]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/edited/setup-arch-linux-root-password.png
[39]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/edited/set-arch-linux-hostname.png
[40]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/edited/set-arch-linux-username.png
[41]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/edited/reboot-system-after-arch-linux-installation.png
[42]:http://www.linuxandubuntu.com/uploads/2/1/1/5/21152474/edited/ubuntu-grub-menu.png

99
translated/tech/20180104 Whats behind the Intel design flaw forcing numerous patches.md Normal file
View File

@ -0,0 +1,99 @@
Intel 设计缺陷背后的原因是什么?
============================================================
### 我们知道有问题,但是并不知道问题的详细情况。
![](https://cdn.arstechnica.net/wp-content/uploads/2015/06/intel-48-core-larrabee-probably-640x427.jpg)
最近 Windows 和 Linux 都发送了重大安全更新,为防范这个尚未完全公开的问题,在最坏的情况下,它可能会导致性能下降多达一半。
在过去的几周Linux 内核陆续打了几个补丁。Microsoft [自 11 月份开始也内部测试了 Windows 更新][3],并且它预计在下周二的例行补丁中将这个改进推送到主流 Windows 构建版中。Microsoft 的 Azure 也在下周的维护窗口中做好了安排,而 Amazon 的 AWS 也安排在周五对相关的设施进行维护。
自从 Linux 第一个补丁 [KPTI内核页表隔离的当前的发展][4] ,明确描绘了出现的错误以后。虽然 Linux 和 Windows 基于不同的考虑,对此持有不同的看法,但是这两个操作系统 — 当然还有其它的 x86 操作系统,比如 FreeBSD 和 [macOS][5] — 对系统内存的处理采用了相同的方式,因为对于操作系统在这一部分特性是与底层的处理器高度耦合的。
### 保持地址跟踪
在一个系统中的每个内存字节都是隐性编码的,这些数字是每个字节的地址。早期的操作系统使用物理内存地址,但是,物理内存地址由于各种原因,它并不很合适。例如,在地址中经常会有空隙,并且(尤其是 32 位的系统上)物理地址很难操作,需要 36 位的数字,甚至更多。
因此,现在操作系统完全依赖一个叫虚拟内存的概念。虚拟内存系统允许程序和内核一起在一个简单、清晰、统一的环境中各自去操作。而不是使用空隙和其它奇怪的东西的物理内存,每个程序和内核自身都使用虚拟地址去访问内存。这些虚拟地址是连续的 — 不用担心有空隙 — 并且合适的大小也更便于操作。32 位的程序仅可以看到 32 位的地址,而不用管物理地址是 36 位还是更多位。
虽然虚拟地址对每个软件几乎是透明的,但是,处理器最终还是需要知道虚拟地址引用的物理地址是哪个。因此,有一个虚拟地址到物理地址的映射,它保存在一个被称为页面表的数据结构中。操作系统构建页面表,使用一个由处理器决定的布局,并且处理器和操作系统在虚拟地址和物理地址之间进行转换时就需要用到页面表。
这个映射过程是非常重要的,它也是现代操作系统和处理器的重要基础,处理器有专用的缓存 — translation lookaside buffer简称 TLB— 它保存了一定数量的虚拟地址到物理地址的映射,这样就不需要每次都使用全部页面。
虚拟内存的使用为我们提供了很多除了简单寻址之外的有用的特性。其中最主要的是,每个程序都有了自己独立的一组虚拟地址,有了它自己的一组虚拟地址到物理地址的映射。这就是用于提供“内存保护”的关键技术,一个程序不能破坏或者篡改其它程序使用的内存,因为其它程序的内存并不在它的地址映射范围之内。
由于每个进程使用一个单独的映射,因此每个程序也就有了一个额外的页面表,这就使得 TLB 缓存很拥挤。TLB 并不大 — 一般情况下总共可以容纳几百个映射 — 而系统使用的页面表越多TLB 能够包含的任何特定的虚拟地址到物理地址的映射就越少。
### 一半一半
为了更好地使用 TLB每个主流的操作系统都将虚拟地址范围一分为二。一半用于程序另一半用于内核。当进程切换时仅有一半的页面表条目发生变化 — 仅属于程序的那一半。内核的那一半是每个程序公用的(因为只有一个内核)并且因此它可以为每个进程使用相同的页面表映射。这对 TLB 的帮助非常大;虽然它仍然会丢弃属于进程的那一半内存地址映射;但是它还保持着另一半属于内核的映射。
这种设计并不是一成不变的。在 Linux 上做了一项工作,使它可以为一个 32 位的进程提供整个地址范围而不用在内核页面表和每个进程之间共享。虽然这样为程序提供了更多的地址空间但这是以牺牲性能为代价的因为每次内核代码需要运行时TLB 重新加载内核的页面表条目。因此,这种方法并没有广泛应用到 x86 的系统上。
在内核和每个程序之间分割虚拟地址的这种做法的一个负面影响是,内存保护被削弱了。如果内核有它自己的一组页面表和虚拟地址,它将在不同的程序之间提供相同的保护;内核内存将是简单的不可见。但是使用地址分割之后,用户程序和内核使用了相同的地址范围,并且从原理上来说,一个用户程序有可能去读写内核内存。
为避免这种明显不好的情况,处理器和虚拟地址系统有一个 “Ring" 或者 ”模式“的概念。x86 处理器有许多 rings但是对于这个问题仅有两个是相关的"user" ring 3和 "supervisor"ring 0。当运行普通的用户程序时处理器将置为用户模式 ring 3。当运行内核代码时处理器将处于 ring 0 —— supervisor 模式,也称为内核模式。
这些 rings 也用于从用户程序中保护内核内存。页面表并不仅仅有虚拟地址到物理地址的映射;它也包含关于这些地址的元数据,包含哪个 rings 可能访问哪个地址的信息。内核页面表条目被标记为仅 ring 0 可以访问;程序的条目被标记为任何 ring 都可以访问。如果一个处于 ring 3 中的进程去尝试访问标记为 ring 0 的内存,处理器将阻止这个访问并生成一个意外错误信息。运行在 ring 3 中的用户程序不能得到内核以及运行在 ring 0 内存中的任何东西。
至少理论上是这样的。大量的补丁和更新表明,这个地方已经被突破了。这就是最大的谜团所在。
### Ring 间迁移
这就是我们所知道的。每个现代处理器都执行一定数量的推测运行。例如,给一些指令,让两个数加起来,然后将结果保存在内存中,在查明内存中的目标是否可访问和可写入之前,一个处理器可能已经推测性地做了加法。在一些常见案例中,在位置是可写入的地方,处理器节省了一些时间,因为它以并行方式计算出内存中的目标是什么。如果它发现目标位置不可写入 — 例如,一个程序尝试去写入到一个没有映射的地址以及压根就不存在的物理位置— 然后它将产生一个意外错误,而推测运行就白做了。
Intel 处理器,尤其是 — [虽然不是 AMD 的][6] — 但允许对 ring 3 代码进行推测运行并写入到 ring 0 内存中的处理器上。处理器并不完全阻止这种写入,但是推测运行轻微扰乱了处理器状态,因为,为了查明目标位置是否可写入,某些数据已经被加载到缓存和 TLB 中。这又意味着一些操作可能快几个周期或者慢几个周期这取决于它们所需要的数据是否仍然在缓存中。除此之外Intel 的处理器还有一些特殊的功能,比如,在 Skylake 处理器上引入的软件保护扩展SGX指令它改变了一点点访问内存的方式。同样的处理器仍然是保护 ring 0 的内存不被来自 ring 3 的程序所访问,但是同样的,它的缓存和其它内部状态已经发生了变化,产生了可测量的差异。
我们至今仍然并不知道具体的情况,到底有多少内核的内存信息泄露给了用户程序,或者信息泄露的情况有多容易发生。以及有哪些 Intel 处理器会受到影响?也或者并不完全清楚,但是,有迹象表明每个 Intel 芯片都使用了推测运行(是自 1995 年 Pentium Pro 以来的,所有主流处理器吗?),它们都可能会因此而泄露信息。
这个问题第一次被披露是由来自 [奥地利的 Graz Technical University][7] 的研究者。他们披露的信息表明这个问题已经足够破坏内核模式地址空间布局随机化(内核 ASLR或称 KASLR。ASLR 是防范 [缓冲区溢出][8] 漏洞利用的最后一道防线。启用 ASLR 之后程序和它们的数据被置于随机的内存地址中它将使一些安全漏洞利用更加困难。KASLR 将这种随机化应用到内核中,这样就使内核的数据(包括页面表)和代码也随机化分布。
Graz 的研究者开发了 [KAISER][9],一组防范这个问题的 Linux 内核补丁。
如果这个问题正好使 ASLR 的随机化被破坏了这或许将成为一个巨大的灾难。ASLR 是一个非常强大的保护措施,但是它并不是完美的,这意味着对于黑客来说将是一个很大的障碍,一个无法逾越的障碍。整个行业对此的反应是 — Windows 和 Linux 都有一个非常重要的变化,秘密开发 — 这表明不仅是 ASLR 被破坏了,而且从内核泄露出信息的更普遍的技术被开发出来了。确实是这样的,研究者已经 [在 tweet 上发布信息][10],他们已经可以随意泄露和读取内核数据了。另一种可能是,漏洞可能被用于从虚拟机中”越狱“,并可能会危及 hypervisor。
Windows 和 Linux 选择的解决方案是非常相似的,将 KAISER 分为两个区域:内核页面表的条目不再是由每个进程共享。在 Linux 中这被称为内核页面表隔离KPTI
应用补丁后,内存地址仍然被一分为二:这样使内核的那一半几乎是空的。当然它并不是非常的空,因为一些内核片断需要永久映射,不论进程是运行在 ring 3 还是 ring 0 中,它都几乎是空的。这意味着如果恶意用户程序尝试去探测内核内存以及泄露信息,它将会失败 — 因为那里几乎没有信息。而真正的内核页面中只有当内核自身运行的时刻它才能被用到。
这样做就破坏了最初将地址空间分割的理由。现在每次切换到用户程序时TLB 需要实时去清除与内核页面表相关的所有条目,这样就失去了启用分割带来的性能提升。
影响的具体大小取决于工作负载。每当一个程序被调入到内核 — 从磁盘读入、发送数据到网络、打开一个文件等等 — 这种调用的成本可能会增加一点点,因为它强制 TLB 清除了缓存并实时加载内核页面表。不使用内核的程序可能会观测到 2 - 3 个百分点的性能影响 — 这里仍然有一些开销,因为内核仍然是偶尔会运行去处理一些事情,比如多任务等等。
但是大量调用进入到内核的工作负载将观测到很大的性能损失。在一个基准测试中,一个除了调入到内核之外什么都不做的程序,观察到 [它的性能下降大约为 50%][11];换句话说就是,打补丁后每次对内核的调用的时间要比不打补丁调用内核的时间增加一倍。基准测试使用的 Linux 的网络回环loopback也观测到一个很大的影响比如在 Postgres 的基准测试中大约是 [17%][12]。真实的数据库负载使用了实时网络可能观测到的影响要低一些,因为使用实时网络时,内核调用的开销基本是使用真实网络的开销。
虽然对 Intel 系统的影响是众所周知的,但是它们可能并不是唯一受影响的。其它的一些平台,比如 SPARC 和 IBM 的 S390是不受这个问题影响的因为它们的处理器的内存管理并不需要分割地址空间和共享内核页面表在这些平台上的操作系统一直就是将它们的内核页面表从用户模式中隔离出来的。但是其它的比如 ARM可能就没有这么幸运了[适用于 ARM Linux 的类似补丁][13] 正在开发中。
<aside class="ad_native" id="ad_xrail_native" style="box-sizing: inherit;"></aside>
[][15][PETER BRIGHT][14] 是 Ars 的一位技术编辑。他涉及微软、编程及软件开发、Web 技术和浏览器、以及安全方面。它居住在纽约的布鲁克林。
--------------------------------------------------------------------------------
via: https://arstechnica.com/gadgets/2018/01/whats-behind-the-intel-design-flaw-forcing-numerous-patches/
作者:[ PETER BRIGHT ][a]
译者:[qhwdw](https://github.com/qhwdw)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://arstechnica.com/author/peter-bright/
[1]:https://arstechnica.com/author/peter-bright/
[2]:https://arstechnica.com/gadgets/2018/01/whats-behind-the-intel-design-flaw-forcing-numerous-patches/?comments=1
[3]:https://twitter.com/aionescu/status/930412525111296000
[4]:https://linux.cn/article-9201-1.html
[5]:https://twitter.com/aionescu/status/948609809540046849
[6]:https://lkml.org/lkml/2017/12/27/2
[7]:https://gruss.cc/files/kaiser.pdf
[8]:https://arstechnica.com/information-technology/2015/08/how-security-flaws-work-the-buffer-overflow/
[9]:https://github.com/IAIK/KAISER
[10]:https://twitter.com/brainsmoke/status/948561799875502080
[11]:https://twitter.com/grsecurity/status/947257569906757638
[12]:https://www.postgresql.org/message-id/20180102222354.qikjmf7dvnjgbkxe@alap3.anarazel.de
[13]:https://lwn.net/Articles/740393/
[14]:https://arstechnica.com/author/peter-bright
[15]:https://arstechnica.com/author/peter-bright

153
translated/tech/20180125 Building a Linux-based HPC system on the Raspberry.md Normal file
View File

@ -0,0 +1,153 @@
使用 Ansible 在树莓派上构建一个基于 Linux 的高性能计算系统
============================================================
### 使用低成本的硬件和开源软件设计一个高性能计算集群。
![Building a Linux-based HPC system on the Raspberry Pi with Ansible](https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/code_computer_development_programming.png?itok=4OM29-82 "Building a Linux-based HPC system on the Raspberry Pi with Ansible")
图片来源opensource.com
在我的 [Opensource.com 上前面的文章中][14],我介绍了 [OpenHPC][15] 项目它的目标是致力于加速高性能计算HPC的创新。这篇文章将更深入来介绍使用 OpenHPC 的特性来构建一个小型的 HPC 系统。将它称为 _HPC 系统_  可能有点“扯虎皮拉大旗”的意思,因此,更确切的说法应该是,通过 OpenHPC 项目发布的 [方法构建集群][16] 系统。
这个集群由两台树莓派 3 系统作为活动计算节点,以及一台虚拟机作为主节点,结构示意如下:
![Map of HPC cluster](https://opensource.com/sites/default/files/u128651/hpc_with_pi-1.png "Map of HPC cluster")
我的主节点运行的是 x86_64 架构的 CentOS 操作系统,而计算节点运行了 aarch64 的轻度修改版的 CentOS 操作系统。
下图是真实的设备工作照:
![HPC hardware setup](https://opensource.com/sites/default/files/u128651/hpc_with_pi-2.jpg "HPC hardware setup")
去配置一台像上图这样的 HPC 系统,我是按照 OpenHPC 集群构建方法 ——  [CentOS 7.4/aarch64 + Warewulf + Slurm 安装指南][17] (PDF) 的一些步骤来做的。这个方法包括 [Warewulf][18] 提供的使用说明;因为我的那三个系统是手动安装的,我跳过了 Warewulf 部分以及创建 [Ansible playbook][19] 的一些步骤。
在 [Ansible][26] playbooks 中设置完成我的集群之后,我就可以向资源管理器提交作业了。在我的这个案例中, [Slurm][27] 充当了资源管理器,它是集群中的一个实例,由它来决定我的作业什么时候在哪里运行。其中一种可做的事情是,在集群上启动一个简单的作业:
```
[ohpc@centos01 ~]$ srun hostname
calvin
```
如果需要更多的资源,我可以去告诉 Slurm我希望在 8 个 CPU 上去运行我的命令:
```
[ohpc@centos01 ~]$ srun -n 8 hostname
hobbes
hobbes
hobbes
hobbes
calvin
calvin
calvin
calvin
```
在第一个示例中Slurm 在一个单个的 CPU 上运行了指定的命令(`hostname`而在第二个示例中Slurm 在 8 个 CPU 上运行了那个命令。我的计算节点一个命名为 `calvin`,而另一个命名为 `hobbes`;在上面的命令输出部分可以看到它们的名字。每个计算节点都是由 4 个 CPU 核心的树莓派 3 构成的。
在我的集群中提交作业的另一种方法是使用命令 `sbatch`,它可以用于运行脚本,将输出写入到一个文件,而不是我的终端上。
```
[ohpc@centos01 ~]$ cat script1.sh
#!/bin/sh
date
hostname
sleep 10
date
[ohpc@centos01 ~]$ sbatch script1.sh
Submitted batch job 101
```
它将创建一个名为 `slurm-101.out` 的输出文件,这个输出文件包含下列的内容:
```
Mon 11 Dec 16:42:31 UTC 2017
calvin
Mon 11 Dec 16:42:41 UTC 2017
```
为示范资源管理器的基本功能、简单的和一系列的命令行工具这个集群系统是挺合适的但是去配置一个类似HPC 系统去做各种工作就有点无聊了。
一个更有趣的应用是在这个集群的所有可用 CPU 上运行一个 [Open MPI][20] 并行作业。我使用了一个基于 [Game of Life][21] 的应用,它被用于一个名为“使用 Red Hat 企业版 Linux 跨多种架构运行 `Game of Life`“的 [视频][22]。除了以前实现的基于 MPI 的 `Game of Life` 之外,在我的集群中现在运行的这个版本对每个涉及的主机的单元格颜色都是不同的。下面的脚本以图形输出的方式来交互式启动应用:
```
$ cat life.mpi
#!/bin/bash
module load gnu6 openmpi3
if [[ "$SLURM_PROCID" != "0" ]]; then
    exit
fi
mpirun ./mpi_life -a -p -b
```
我使用下面的命令来启动作业,它告诉 Slurm为这个作业分配 8 个 CPU
```
$ srun -n 8 --x11 life.mpi
```
为了演示,这个作业有一个图形界面,它展示了当前计算的结果:
![](https://opensource.com/sites/default/files/u128651/hpc_with_pi-3.png)
红色单元格是由其中一个计算节点来计算的,而绿色单元格是由另外一个计算节点来计算的。我也可以让 `Game of Life` 程序为使用的每个 CPU 核心(这里的每个计算节点有四个核心)去生成不同的颜色,这样它的输出如下:
![](https://opensource.com/sites/default/files/u128651/hpc_with_pi-4.png)
感谢 OpenHPC 提供的软件包和安装方法,因为它们我可以去配置一个由两个计算节点和一个主节点的 HPC 式的系统。我可以在资源管理器上提交作业,然后使用 OpenHPC 提供的软件在我的树莓派的 CPU 上去启动 MPI 应用程序。
* * *
_想学习更多的关于使用 OpenHPC 去构建树莓派集群,请参与 Adrian Reber 在 [DevConf.cz 2018][10] 的讨论,它于 1月 26-28 日在 BrnoCzech Republic 举行,以及在 [CentOS Dojo 2018][11] ,它于 2 月 2 日在 Brussels 举行。_
### 关于作者
[![](https://opensource.com/sites/default/files/styles/profile_pictures/public/pictures/gotchi-square.png?itok=PJKu7LHn)][23] Adrian Reber —— Adrian 是 Red Hat 的高级软件工程师,他早在 2010 年就开始了迁移的过程,迁移到高性能计算环境中,从那个时候起迁移了许多的程序,并因此获得了博士学位,然后加入了 Red Hat 公司并开始去迁移到容器。偶尔他仍然去迁移单个进程,并且它至今仍然对高性能计算非常感兴趣。[关于我的更多信息点这里][12]
--------------------------------------------------------------------------------
via: https://opensource.com/article/18/1/how-build-hpc-system-raspberry-pi-and-openhpc
作者:[Adrian Reber ][a]
译者:[qhwdw](https://github.com/qhwdw)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://opensource.com/users/adrianreber
[1]:https://opensource.com/resources/what-are-linux-containers?utm_campaign=containers&amp;intcmp=70160000000h1s6AAA
[2]:https://opensource.com/resources/what-docker?utm_campaign=containers&amp;intcmp=70160000000h1s6AAA
[3]:https://opensource.com/resources/what-is-kubernetes?utm_campaign=containers&amp;intcmp=70160000000h1s6AAA
[4]:https://developers.redhat.com/blog/2016/01/13/a-practical-introduction-to-docker-container-terminology/?utm_campaign=containers&amp;intcmp=70160000000h1s6AAA
[5]:https://opensource.com/file/384031
[6]:https://opensource.com/file/384016
[7]:https://opensource.com/file/384021
[8]:https://opensource.com/file/384026
[9]:https://opensource.com/article/18/1/how-build-hpc-system-raspberry-pi-and-openhpc?rate=l9n6B6qRcR20LJyXEoUoWEZ4mb2nDc9sFZ1YSPc60vE
[10]:https://devconfcz2018.sched.com/event/DJYi/openhpc-introduction
[11]:https://wiki.centos.org/Events/Dojo/Brussels2018
[12]:https://opensource.com/users/adrianreber
[13]:https://opensource.com/user/188446/feed
[14]:https://opensource.com/article/17/11/openhpc
[15]:https://openhpc.community/
[16]:https://openhpc.community/downloads/
[17]:https://github.com/openhpc/ohpc/releases/download/v1.3.3.GA/Install_guide-CentOS7-Warewulf-SLURM-1.3.3-aarch64.pdf
[18]:https://en.wikipedia.org/wiki/Warewulf
[19]:http://people.redhat.com/areber/openhpc/ansible/
[20]:https://www.open-mpi.org/
[21]:https://en.wikipedia.org/wiki/Conway%27s_Game_of_Life
[22]:https://www.youtube.com/watch?v=n8DvxMcOMXk
[23]:https://opensource.com/users/adrianreber
[24]:https://opensource.com/users/adrianreber
[25]:https://opensource.com/users/adrianreber
[26]:https://www.ansible.com/
[27]:https://slurm.schedmd.com/
[28]:https://opensource.com/tags/raspberry-pi
[29]:https://opensource.com/tags/programming
[30]:https://opensource.com/tags/linux
[31]:https://opensource.com/tags/ansible

86
sources/tech/20180206 Programming in Color with ncurses.md → translated/tech/20180206 Programming in Color with ncurses.md Normal file → Executable file
View File

@ -1,17 +1,16 @@
Leemeans translating
Programming in Color with ncurses
使用ncurses进行颜色编程
======
In parts [one][1] and [two][2] of my article series about programming with the ncurses library, I introduced a few curses functions to draw text on the screen, query characters from the screen and read from the keyboard. To demonstrate several of these functions, I created a simple adventure game in curses that drew a game map and player character using simple characters. In this follow-up article, I show how to add color to a curses program.
在我的使用ncurses库进行编程的系列文章的[第一篇][1]和[第二篇][2]中我已经介绍了一些curses的函数来在屏幕上作画、从屏幕上查询和从键盘读取字符。为了搞清楚这些函数我使用curses来利用简单字符绘制游戏地图和玩家字符创建了一个简单的冒险游戏。在这篇紧接着的文章里我展示了如何为你的curses程序添加颜色。
Drawing on the screen is all very well and good, but if it's all white-on-black text, your program might seem dull. Colors can help convey more information—for example, if your program needs to indicate success or failure. In such a case, you could display text in green or red to help emphasize the outcome. Or, maybe you simply want to use colors to "snazz" up your program to make it look prettier.
在屏幕上绘图一切都挺好的,但是如果只有黑底白字的文本,你的程序可能看起来很无趣。颜色可以帮助传递更多的信息。举个例子,如果你的程序需要报告(执行)成功或者(执行)失败时。在这样的情况下你可以使用绿色或者红色来帮助强调输出。或者,你只是简单地想要“潮艺”一下给你的程序来让它看起来更美观。
In this article, I use a simple example to demonstrate color manipulation via the curses functions. In my previous article, I wrote a basic adventure-style game that lets you move a player character around a crudely drawn map. However, the map was entirely black and white text, relying on shapes to suggest water (~) or mountains (^), so let's update the game to use colors.
在这篇文章中我用一个简单的例子来展示通过curses函数进行颜色操作。在我先前的文章中我写了一个允许你在一个粗糙绘制的地图上移动玩家字符的初级冒险类游戏。但是那里面的地图完全是白色和黑色的文本通过形状来表明是水()或者山(^)。所以,让我们将游戏更新到使用颜色(的版本)吧。
### Color Essentials
### 颜色要素
Before you can use colors, your program needs to know if it can rely on the terminal to display the colors correctly. On modern systems, this always should be true. But in the classic days of computing, some terminals were monochromatic, such as the venerable VT52 and VT100 terminals, usually providing white-on-black or green-on-black text.
在你可以使用颜色之前你的程序得要知道它是否可以依靠终端正确地显示颜色。在现代操作系统上此处应该永远为true。但是在经典的计算机上一些终端是单色的例如令人尊敬的VT52和VT100终端一般(它们)提供黑底白色或者黑底绿色的文本。
To query the terminal capability for colors, use the has_colors() function. This will return a true value if the terminal can display color, and a false value if not. It is usually used to start an if block, like this:
可以使用has_colors()函数查询终端的颜色功能。这个函数将会在终端可以显示颜色的时候返回true否则将会返回false。这个函数一般用于if块的开头就像这样
```
@ -23,9 +22,9 @@ if (has_colors() == FALSE) {
```
Having determined that the terminal can display color, you then can set up curses to use colors with the start_color() function. Now you're ready to define the colors your program will use.
在知道终端可以显示颜色之后你可以使用start_color()函数来设置curses使用颜色。现在是时候定义程序将要使用的颜色了。
In curses, you define colors in pairs: a foreground color on a background color. This allows curses to set both color attributes at once, which often is what you want to do. To establish a color pair, use init_pair() to define a foreground and background color, and associate it to an index number. The general syntax is:
在curses中你应该按对定义颜色一个前景色放在一个背景色上。这样允许curses一次性设置两个颜色属性这也是一般你想要使用的方式。通过init_pair()函数可以定义一个前景色和背景色并关联到索引数字来设置颜色对。大致语法如下:
```
@ -33,7 +32,7 @@ init_pair(index, foreground, background);
```
Consoles support only eight basic colors: black, red, green, yellow, blue, magenta, cyan and white. These colors are defined for you with the following names:
控制台支持八种基础的颜色:黑色、红色、绿色、黄色、蓝色、品红色、青色和白色。这些颜色通过下面的名称为你定义好了:
* COLOR_BLACK
@ -51,9 +50,9 @@ Consoles support only eight basic colors: black, red, green, yellow, blue, magen
* COLOR_WHITE
### Applying the Colors
### 应用颜色
In my adventure game, I'd like the grassy areas to be green and the player's "trail" to be a subtle yellow-on-green dotted path. Water should be blue, with the tildes in the similar cyan color. I'd like mountains to be grey, but black text on a white background should make for a reasonable compromise. To make the player's character more visible, I'd like to use a garish red-on-magenta scheme. I can define these colors pairs like so:
在我的冒险游戏中,我想要让草地呈现绿色而玩家的足迹变成不易察觉的绿底黄色点迹。水应该是蓝色,那些(表示波浪的)腭化符号应该是近似青色的。我想让山是灰色的,但是我可以用白底黑色文本做一个可用的折中方案。(译注:意为终端预设的颜色没有灰色,使用白底黑色文本做一个折中方案)为了让玩家的字符更易见,我想要使用一个刺目的品红底红色设计。我可以像这样定义这些颜色对:
```
@ -65,8 +64,7 @@ init_pair(4, COLOR_RED, COLOR_MAGENTA);
```
To make my color pairs easy to remember, my program defines a few symbolic constants:
为了让颜色对更容易记忆,我的程序中定义了一些符号常量:
```
#define GRASS_PAIR 1
@ -77,8 +75,7 @@ To make my color pairs easy to remember, my program defines a few symbolic const
```
With these constants, my color definitions become:
有了这些常量,我的颜色定义就变成了:
```
start_color();
@ -89,8 +86,7 @@ init_pair(PLAYER_PAIR, COLOR_RED, COLOR_MAGENTA);
```
Whenever you want to display text using a color, you just need to tell curses to set that color attribute. For good programming practice, you also should tell curses to undo the color combination when you're done using the colors. To set the color, use attron() before calling functions like mvaddch(), and then turn off the color attributes with attroff() afterward. For example, when I draw the player's character, I might do this:
在任何时候你想要使用颜色显示文本你只需要告诉curses设置那种颜色属性。为了更好的编程实践你同样应该在你完成了颜色使用的时候告诉curses取消颜色组合。为了设置颜色应该在调用像mvaddch()这样的函数之前使用attron()然后通过attroff()关闭颜色属性。例如,在我绘制玩家的字符的时候,我应该这样做:
```
attron(COLOR_PAIR(PLAYER_PAIR));
@ -99,8 +95,7 @@ attroff(COLOR_PAIR(PLAYER_PAIR));
```
Note that applying colors to your programs adds a subtle change to how you query the screen. Normally, the value returned by mvinch() is of type chtype Without color attributes, this is basically an integer and can be used as such. But, colors add extra attributes to the characters on the screen, so chtype carries extra color information in an extended bit pattern. If you use mvinch(), the returned value will contain this extra color value. To extract just the "text" value, such as in the is_move_okay() function, you need to apply a bitwise & with the A_CHARTEXT bit mask:
记住将颜色应用到你的程序添加了不可见的改变到你如何查询屏幕。一般来讲由mvinch()函数返回的值是**没有**带颜色属性的类型chtype这个值基本上是一个整型值也可以就当作整型值来用。但是由于(使用)颜色添加了额外的属性到屏幕上的字符上所以chtype按照扩展的位模式携带了额外的颜色信息。一旦你使用mvinch(),返回值将会包含这些额外的颜色值。为了只提取**文本**值例如在is_move_okay()函数中你需要和A_CHARTEXT做&位运算:
```
int is_move_okay(int y, int x)
@ -116,8 +111,7 @@ int is_move_okay(int y, int x)
```
With these changes, I can update the adventure game to use colors:
通过这些修改,我可以用颜色更新这个冒险游戏:
```
/* quest.c */
@ -145,14 +139,14 @@ int main(void)
int y, x;
int ch;
/* initialize curses */
/* 初始化curses */
initscr();
keypad(stdscr, TRUE);
cbreak();
noecho();
/* initialize colors */
/* 初始化颜色 */
if (has_colors() == FALSE) {
endwin();
@ -168,19 +162,18 @@ int main(void)
clear();
/* initialize the quest map */
/* 初始化探索地图 */
draw_map();
/* start player at lower-left */
/* 在左下角创建新角色 */
y = LINES - 1;
x = 0;
do {
/* by default, you get a blinking cursor - use it to
indicate player * */
/* 默认情况下,你获得了一个闪烁的光标--用来指明玩家 * */
attron(COLOR_PAIR(PLAYER_PAIR));
mvaddch(y, x, PLAYER);
@ -190,7 +183,7 @@ int main(void)
ch = getch();
/* test inputted key and determine direction */
/* 测试输入键值并获取方向 */
switch (ch) {
case KEY_UP:
@ -246,7 +239,7 @@ int is_move_okay(int y, int x)
{
int testch;
/* return true if the space is okay to move into */
/* 当空白处可以进入的时候返回true */
testch = mvinch(y, x);
return (((testch & A_CHARTEXT) == GRASS)
@ -257,9 +250,9 @@ void draw_map(void)
{
int y, x;
/* draw the quest map */
/* 绘制探索地图 */
/* background */
/* 背景 */
attron(COLOR_PAIR(GRASS_PAIR));
for (y = 0; y < LINES; y++) {
@ -267,7 +260,7 @@ void draw_map(void)
}
attroff(COLOR_PAIR(GRASS_PAIR));
/* mountains, and mountain path */
/* 山峰和山路 */
attron(COLOR_PAIR(MOUNTAIN_PAIR));
for (x = COLS / 2; x < COLS * 3 / 4; x++) {
@ -279,7 +272,7 @@ void draw_map(void)
mvhline(LINES / 4, 0, GRASS, COLS);
attroff(COLOR_PAIR(GRASS_PAIR));
/* lake */
/* */
attron(COLOR_PAIR(WATER_PAIR));
for (y = 1; y < LINES / 2; y++) {
@ -290,8 +283,7 @@ void draw_map(void)
```
Unless you have a keen eye, you may not be able to spot all of the changes necessary to support color in the adventure game. The diff tool shows all the instances where functions were added or code was changed to support colors:
你可能不能认出所有为了在冒险游戏里面支持颜色需要的修改除非你目光敏锐。diff工具展示了所有为了支持颜色而添加的函数或者修改的代码
```
$ diff quest-color/quest.c quest/quest.c
@ -361,34 +353,32 @@ $ diff quest-color/quest.c quest/quest.c
```
### Let's Play—Now in Color
### 开始玩吧--现在有颜色了
The program now has a more pleasant color scheme, more closely matching the original tabletop gaming map, with green fields, blue lake and imposing gray mountains. The hero clearly stands out in red and magenta livery.
程序现在有了更舒服的颜色设计了,更匹配起初的桌游地图,有绿地、蓝色的湖和壮观的灰色山峰。英雄穿着红色的制服十分夺目。
![](http://www.linuxjournal.com/files/linuxjournal.com/ufiles/imagecache/large-550px-centered/u1000009/quest-map_0.jpg)
Figure 1\. A Simple Tabletop Game Map, with a Lake and Mountains
图 1\. 一个简单的带湖和山的桌游地图
![](http://www.linuxjournal.com/files/linuxjournal.com/ufiles/imagecache/large-550px-centered/u1000009/quest-color-start.png)
Figure 2\. The player starts the game in the lower-left corner.
图 2\.玩家站在左下角
![](http://www.linuxjournal.com/files/linuxjournal.com/ufiles/imagecache/large-550px-centered/u1000009/quest-color-1.png)
Figure 3\. The player can move around the play area, such as around the lake, through the mountain pass and into unknown regions.
With colors, you can represent information more clearly. This simple example uses colors to indicate playable areas (green) versus impassable regions (blue or gray). I hope you will use this example game as a starting point or reference for your own programs. You can do so much more with curses, depending on what you need your program to do.
In a follow-up article, I plan to demonstrate other features of the ncurses library, such as how to create windows and frames. In the meantime, if you are interested in learning more about curses, I encourage you to read Pradeep Padala's [NCURSES Programming HOWTO][3], at the Linux Documentation Project.
图 3\. 玩家可以在游戏区域移动,比如围绕湖,通过山的通道到达未知的区域。
通过颜色,你可以更清楚地展示信息。这个例子使用颜色指出可游戏的区域(绿色)相对着不可通过的区域(蓝色或者灰色)。我希望你可以使用这个示例游戏作为你自己的程序的一个起点或者参照。取决于你需要你的程序做什么你可以通过curses做得更多。
在下一篇文章我计划展示ncurses库的其它特性比如怎样创建窗口和边框。同时如果你对于学习 curses 有兴趣,我建议你去读位于 [Linux 文档计划](http://www.tldp.org)的 Pradeep Padala 写的 [NCURSES Programming HOWTO](http://tldp.org/HOWTO/NCURSES-Programming-HOWTO)。
--------------------------------------------------------------------------------
via: http://www.linuxjournal.com/content/programming-color-ncurses
作者:[Jim Hall][a]
译者:[译者ID](https://github.com/译者ID)
译者:[leemeans](https://github.com/leemeans)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
@ -396,4 +386,4 @@ via: http://www.linuxjournal.com/content/programming-color-ncurses
[a]:http://www.linuxjournal.com/users/jim-hall
[1]:http://www.linuxjournal.com/content/getting-started-ncurses
[2]:http://www.linuxjournal.com/content/creating-adventure-game-terminal-ncurses
[3]:http://tldp.org/HOWTO/NCURSES-Programming-HOWTO
[3]:http://tldp.org/HOWTO/NCURSES-Programming-HOWTO

80
translated/tech/20180209 Linux rmdir Command for Beginners (with Examples).md Normal file
View File

@ -0,0 +1,80 @@
为初学者准备的 Linux rmdir 命令(案例教程)
======
在 Linux 命令行上删除文件和目录,我们已经讨论过 [rm 命令][1] 的使用。然而,这里有另一个相关的命令行工具,专门针对目录的删除。这是所指的工具就是 **rmdir**,本教程中,我们将根据一些简单的实例来讨论它。
#### Linux rmdir 命令
见名知意rmdirremoveDirectory 命令专门针对删除目录,不过通常目录内空空如也。如下是它的语法:
```
rmdir [OPTION]... DIRECTORY...
```
下面是 man 文档的说明:
```
删除目录(索引),如其目录为空。
```
在理解此程序如何工作方面,下面的问答风格的案例可能会给您带来更好的灵感。
#### Q1. rmdir 命令如何工作?
这非常直接,只需将目录名作为输入参数传递给它。
比如:
```
rmdir test-dir
```
[![rmdir 命令如何工作][2]][3]
#### Q2. 如何让 rmdir 忽视非空目录?
通常情况下rmdir 命令会在您删除非空目录时抛出一个错误。然而,如果需要的话,您可以在非空目录下使用 --ignore-fail-on-non-empty 选项,忽略它。
比如说:
[![如何让 rmdir 忽视非空目录][4]][5]
#### Q3. 如何让 rmdir 命令移除父目录?
和 [mkdir][6] 一样,您可以通过要求 rmdir 命令在其父目录执行操作。这意味着,您可以一次性删除目录和目录的上级目录。这个功能可以通过 -p 命令选项实现。
比如,下面的命令将会删除 'test' 和 'test-dir' 目录。
```
rmdir -p test/test-dir/
```
**注意** 欲此操作生效,所有被删除的父目录都不应该包含任何空目录之外的目录。
#### Q4. rmdir 和 rm -r 有何区别?
如果还有印象,您还可以通过提供 -r 选项的 rm 命令删除目录。那 rmdir 和 rm -r 区别何在rmdir 仅在空目录下生效 - 您没有办法使用 rmdir 删除非空目录。
因此rmdir 在删除需要检测目录是否为空的情况下,是一个有效的工具。
#### 总结
相信您会认同rmdir 并不是一个难以理解和使用的复杂命令。除此之外,它仅提供少量命令行选项。在此,我们几乎讨论了所有的选项,如果您想掌握的更好,练习在本教程提到的案例即可。关于 rmdir[这里另有 man 文档][7],备您不时之需。
--------------------------------------------------------------------------------
via: https://www.howtoforge.com/linux-rmdir-command/
作者:[Himanshu Arora][a]
译者:[CYLeft](https://github.com/CYLeft)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://www.howtoforge.com
[1]:https://www.howtoforge.com/linux-rm-command/
[2]:https://www.howtoforge.com/images/command-tutorial/rm-basic-usage1.png
[3]:https://www.howtoforge.com/images/command-tutorial/big/rm-basic-usage1.png
[4]:https://www.howtoforge.com/images/command-tutorial/rmdir-ignore-nonempty.png
[5]:https://www.howtoforge.com/images/command-tutorial/big/rmdir-ignore-nonempty.png
[6]:https://www.howtoforge.com/linux-mkdir-command/
[7]:https://linux.die.net/man/1/rmdir