document/TranslateProject
2
0
Fork 0
mirror of https://github.com/LCTT/TranslateProject.git synced 2025-03-12 01:40:10 +08:00
Code Issues Packages Projects Releases Wiki Activity

Revert "Merge (#3)" (#4)

Browse Source 
This reverts commit 38dd7895dd.
This commit is contained in:
Martin♡Adele 2019-07-24 00:42:27 +08:00 committed by GitHub
parent 38dd7895dd
commit db9d4b6175
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
59 changed files with 2353 additions and 5769 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

227
published/20171226 Top 10 Microsoft Visio Alternatives for Linux.md
View File

@ -1,227 +0,0 @@
10 个 Linux 中最好的 Visio 替代品
======
> 如果你正在 Linux 中寻找一个好的 Visio 查看器,这里有一些可以在 Linux 中使用的微软 Visio 的替代方案。
[微软 Visio][1] 是创建或生成关键任务图和矢量表示的绝佳工具。虽然它可能是制作平面图或其他类型图表的好工具 —— 但它既不是免费的,也不是开源的
此外,微软 Visio 不是一个独立的产品。它与微软 Office 捆绑在一起。我们过去已经看过 [MS Office 的开源替代品][2]。今天我们将看看你可以在 Linux 上使用哪些工具代替 Visio。
### 适用于 Linux 的最佳 微软 Visio 备选方案
![用于 Linux 的微软 Visio 备选方案][4]
此处为强制性免责声明。该列表不是排名。排名第三的产品并不比排名第六的好。
我还提到了两个可以从 Web 界面使用的非开源 Visio 软件。
| 软件 | 类型 | 许可证类型 |
| --- | --- | --- |
| [LibreOffice Draw][6] | 桌面软件 | 自由开源 |
| [OpenOffice Draw][10] | 桌面软件 | 自由开源 |
| [Dia][12] | 桌面软件 | 自由开源 |
| [yED Graph Editor][14] | 桌面和基于 Web | 免费增值 |
| [Inkscape][16] | 桌面软件 | 自由开源 |
| [Pencil][18] | 桌面和基于 Web | 自由开源 |
| [Graphviz][20] | 桌面软件 | 自由开源 |
| [darw.io][22] | 桌面和基于 Web | 自由开源 |
| [Lucidchart][24] | 基于 Web | 免费增值 |
| [Calligra Flow][27] | 桌面软件 | 自由开源 |
### 1、LibreOffice Draw
![][5]
LibreOffice Draw 模块是微软 Visio 的最佳开源替代方案之一。在它的帮助下,你可以选择制作一个想法的速写或一个复杂的专业平面布置图来展示。流程图、组织结构图、网络图、小册子、海报等等!所有这些都不需要花一分钱。
好的是它与 LibreOffice 捆绑在一起,默认情况下安装在大多数 Linux 发行版中。
#### 主要功能概述:
* 用于制作宣传册/海报的样式和格式工具
* Calc 数据可视化
* PDF 文件编辑功能
* 通过操作图库中的图片来创建相册
* 灵活的绘图工具类似于 微软 Visio (智能连接器,尺寸线等)的工具
* 支持 .VSD 文件(打开)
官网:[LibreOffice Draw][6]
### 2、Apache OpenOffice Draw
![][7]
很多人都知道 OpenOfficeLibreOffice 项目最初就是基于它的),但他们并没有真正意识到 Apache OpenOffice Draw 可以作为微软 Visio 的替代方案。但事实上,它是另一个令人惊奇的开源图表软件工具。与 LibreOffice Draw 不同,它不支持编辑 PDF 文件,但它为任何类型的图表创建提供了绘图工具。
这只是个警告。仅当你的系统中已经有 OpenOffice 时才使用此工具。这是因为[安装 OpenOffice][8] 是一件痛苦的事情,而且它已经[不再继续开发][9]。
#### 主要功能概述:
* 快速创建 3D 形状控制器
* 创建作品的 flash 版本(.swf
* 样式和格式工具
* 与微软 Visio 类似的灵活绘图工具(智能连接器、尺寸线等)
官网:[Apache OpenOffice Draw][10]
### 3、Dia
![][11]
Dia 是另一个有趣的开源工具。它可能不像前面提到的那样处于积极开发之中。但是,如果你正在寻找一个自由而开源的替代微软 Visio 的简单而体面的图表,那么 Dia 可能是你的选择。这个工具可能唯一让你失望的地方就是它的用户界面。除此之外,它还允许你为复杂的图使用强大的工具(但它看起来可能不太好 —— 所以我们建议你用于更简单的图)。
#### 主要功能概述:
* 它可以通过命令行使用
* 样式和格式工具
* 用于自定义形状的形状存储库
* 与微软 Visio 类似的绘图工具(特殊对象、网格线、图层等)
* 跨平台
官网:[Dia][12]
### 4、yED Graph Editor
[视频](https://youtu.be/OmSTwKw7dX4)
是最受欢迎的免费的微软 Visio 替代方案之一。如果你对它是一个免费软件而不是开源项目有些担心,你仍然可以通过 web 浏览器免费使用 [yED 的实时编辑器][13]。如果你想用一个非常易于使用的界面快速绘制图表,这是最好的建议之一。
#### 主要功能概述:
* 拖放功能,方便图表制作
* 支持导入外部数据进行链接
官网:[yED Graph Editor][14]
### 5、Inkscape
![][15]
Inkscape 是一个自由开源的矢量图形编辑器。你将拥有创建流程图或数据流程图的基本功能。它不提供高级的图表绘制工具而是提供创建更简单图表的基本工具。因此当你希望通过使用图库中的可用符号在图库连接器工具的帮助下生成基本图时Inkscape 可能是你的 Visio 替代品。
#### 主要功能概述:
* 连接器工具
* 灵活的绘图工具
* 广泛的文件格式兼容性
官网:[Inkscape][16]
### 6、Pencil 项目
![][17]
Pencil 项目是一个令人印象深刻的开源项目,适用于 Windows、Mac 以及 Linux。它具有易于使用的图形界面使绘图更容易和方便。它有一个很好的内建形状和符号的集合可以使你的图表看起来很棒。它还内置了 Android 和 iOS UI 模板,可以让你在需要时创建应用程序原型。
你也可以将其安装为 Firefox 扩展,但该扩展不能使用项目的最新版本。
#### 主要功能概述:
* 轻松浏览剪贴画(使用 openclipart.org
* 导出为 ODT 文件/PDF 文件
* 图表连接工具
* 跨平台
官网:[Pencil 项目][18]
### 7、Graphviz
![][19]
Graphviz 略有不同。它不是绘图工具,而是专用的图形可视化工具。如果你在网络图中需要多个设计来表示一个节点,那么一定要使用这个工具。当然,你不能用这个工具做平面布置图(至少这不容易)。因此,它最适合于网络图、生物信息学、数据库连接和类似的东西。
#### 主要功能概述:
* 支持命令行使用
* 支持自定义形状和表格节点布局
* 基本样式和格式设置工具
官网:[Graphviz][20]
### 8、Draw.io
[视频](https://youtu.be/Z0D96ZikMkc)
Draw.io 主要是一个基于 Web 的免费图表工具它的强大的工具几乎可以制作任何类型的图表。你只需要拖放然后连接它们以创建流程图、ER 图或任何相关的。此外,如果你喜欢该工具,则可以尝试[离线桌面版本][21]。
#### 主要功能概述:
* 直接上传到云存储服务
* 自定义形状
* 样式和格式工具
* 跨平台
官网:[Draw.io][22]
### 9、Lucidchart
![][23]
Lucidchart 是一个基于 Web 的高级图表工具,它提供了一个具有有限功能的免费订阅。你可以使用免费订阅创建几种类型的图表,并将其导出为图像或 PDF。但是免费版本不支持数据链接和 Visio 导入/导出功能。如果你不需要数据链接功能Lucidchart 可以说是一个生成漂亮的图表的非常好的工具。
#### 主要功能概述:
* 可以集成到 Slack、Jira 核心、Confluence
* 能够制作产品模型
* 导入 Visio 文件
官网:[Lucidchart][24]
### 10、Calligra Flow
![calligra flow][25]
Calligra Flow 是 [Calligra 项目][26]的一部分,旨在提供自由开源的软件工具。使用 Calligra flow 你可以轻松地创建网络图、实体关系图、流程图等
#### 主要功能概述:
* 各种模具盒
* 样式和格式工具
官网:[Calligra Flow][27]
### 总结
既然你已经了解到了这些最好的自由开源的 Visio 替代方案,你对它们有什么看法?
对于你任何方面的需求,它们是否优于 微软 Visio另外如果我们错过了你最喜欢的基于 Linux 的替代微软 Visio 的绘图工具,请在下面的评论中告诉我们。
--------------------------------------------------------------------------------
via: https://itsfoss.com/visio-alternatives-linux/
作者:[Ankush Das][a]
译者:[ZhiW5217](https://github.com/ZhiW5217)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://itsfoss.com/author/ankush/
[1]:https://products.office.com/en/visio/flowchart-software
[2]:https://itsfoss.com/best-free-open-source-alternatives-microsoft-office/
[3]:data:image/gif;base64,R0lGODdhAQABAPAAAP///wAAACwAAAAAAQABAEACAkQBADs=
[4]:https://i0.wp.com/itsfoss.com/wp-content/uploads/2017/12/visio-alternatives-linux-featured.png
[5]:https://i0.wp.com/itsfoss.com/wp-content/uploads/2017/12/libreoffice-draw-microsoft-visio-alternatives.jpg
[6]:https://www.libreoffice.org/discover/draw/
[7]:https://i0.wp.com/itsfoss.com/wp-content/uploads/2017/12/apache-open-office-draw.jpg
[8]:https://itsfoss.com/install-openoffice-ubuntu-linux/
[9]:https://itsfoss.com/openoffice-shutdown/
[10]:https://www.openoffice.org/product/draw.html
[11]:https://i0.wp.com/itsfoss.com/wp-content/uploads/2017/12/dia-screenshot.jpg
[12]:http://dia-installer.de/
[13]:https://www.yworks.com/products/yed-live
[14]:https://www.yworks.com/products/yed
[15]:https://i0.wp.com/itsfoss.com/wp-content/uploads/2017/12/inkscape-screenshot.jpg
[16]:https://inkscape.org/en/
[17]:https://i0.wp.com/itsfoss.com/wp-content/uploads/2017/12/pencil-project.jpg
[18]:http://pencil.evolus.vn/Downloads.html
[19]:https://i0.wp.com/itsfoss.com/wp-content/uploads/2017/12/graphviz.jpg
[20]:http://graphviz.org/
[21]:https://about.draw.io/integrations/#integrations_offline
[22]:https://about.draw.io/
[23]:https://i0.wp.com/itsfoss.com/wp-content/uploads/2017/12/lucidchart-visio-alternative.jpg
[24]:https://www.lucidchart.com/
[25]:https://i0.wp.com/itsfoss.com/wp-content/uploads/2017/12/calligra-flow.jpg
[26]:https://www.calligra.org/
[27]:https://www.calligra.org/flow/

126
published/20180406 MX Linux- A Mid-Weight Distro Focused on Simplicity.md
View File

@ -1,126 +0,0 @@
MX Linux一款专注于简洁性的中等体量发行版
======
> 这个发行版可以使任何人在 Linux 上如家一般。
![](https://www.linux.com/sites/lcom/files/styles/rendered_file/public/mxlinux.png?itok=OLjmCxT9)
Linux 有着如此多种的发行版。许多发行版为了使自己与众不同而做出了很多改变。另一方面,许多发行版之间的区别又是如此之小,你可能会问为什么有人还愿意不厌其烦的重复别人已经做过的工作呢?也正是基于这一疑惑,让我好奇为什么 [antiX][1] 和 [MEPIS][2]这两个社区要联合推出一个特殊的发行版,考虑到具体情况应该会是一个搭载 Xfce 桌面并基于 antiX 的版本,由 MEPIS 社区承担开发。
这一开发中的使用 Xfce 桌面的 antiX 系统是否会基于它之前的发行版呢毕竟antiX 旨在提供一个“基于 Debian 稳定版的快速、轻量级、易于安装的非 systemd 的 live CD 发行版”。antiX 所搭载的桌面是 [LXDE][3],能够极好的满足关于轻量化系统的相关要求和特性。那究竟是什么原因使得 antiX 决定构建另一个轻量化发行版呢,仅仅是因为这次换成了 Xfce 吗好吧Linux 社区中的任何人都知道增加了不同风格的好的轻量级发行版是值得一试的特别是可以使得我们的旧硬件摆脱进入垃圾填埋场的宿命。当然LXDE 和 Xfce 并不完全属于同一类别。LXDE 应该被认为是一个真正的轻量级桌面,而 Xfce 应该被认为是一个中等体量的桌面。朋友们,这就是为什么 MX Linux 是 antiX 的一个重要迭代的关键。一个基于 Debian 的中等体量的发行版,它包含你完成工作所需的所有工具。
但是在 MX Linux 中有一些直接从 antiX 借用来的非常有用的东西 —— 那就是安装工具。当我初次设置了 VirtualBox 虚拟机来安装 MX Linux 时,我认为安装的系统将是我已经习惯的典型的、非常简单的 Linux 系统。令我非常惊讶的是MX Linux 使用的 antiX 安装程序打破了以往的痛点,特别是对于那些对尝试 Linux 持观望态度的人来说。
因此,甚至在我开始尝试 MX Linux 之前,我就对它有了深刻的印象。让我们来看看是什么让这个发行版的安装如此特别,最后再来看看桌面。
你可以从[这里][4]下载 MX Linux 17.1。系统的最低要求是:
* CD/DVD驱动器以及能够从该驱动器引导的 BIOS或 live USB以及能够从 USB 引导的 BIOS
* 英特尔 i486 或 AMD 处理器
* 512 MB 内存
* 5 GB 硬盘空间
* 扬声器AC97 或 HDA-compatible 声卡
* 作为一个 LiveUSB 使用,需要 4 GB 空间
### 安装
MX Linux 安装程序使安装 Linux 变得轻而易举。虽然它可能不是外观最现代化的安装工具,但也已经差不多了。安装的要点是从选择磁盘和选择安装类型开始的(图 1
![install][6]
*图 1MX Linux 的安装程序截图之一*
下一个重要的界面(图 2要求你设置一个计算机名称、域名和如果需要的话为微软网络设置工作组。
![network][8]
*图 2设置网络名称*
配置工作组的能力是第一个真正值得称赞的。这是我记忆中第一款在安装期间提供此选项的发行版。它还应该提示你MX Linux 提供了开箱即用的共享目录功能。它做到了,而且深藏功与名。它并不完美,但它可以在不需要安装任何额外包的情况下工作(稍后将详细介绍)。
最后一个重要的安装界面(需要用户交互)是创建用户帐户和 root 权限的密码(图 3
![user][9]
*图 3设置用户帐户详细信息和 root 用户密码*
最后一个界面设置完成后,安装将完成并要求重新启动。重启后,你将看到登录屏幕。登录并享受 MX Linux 带来的体验。
### 使用
Xfce 桌面是一个非常容易上手的界面。默认设置将面板位于屏幕的左边缘(图 4
![desktop][11]
*图 4MX Linux 的默认桌面*
如果你想将面板移动到更传统的位置,右键单击面板上的空白点,然后单击“面板”>“面板首选项”。在显示的窗口中(图 5单击样式下拉菜单在桌面栏、垂直栏或水平栏之间进行选择你想要的模式。
![panel][13]
*图 5配置 MX Linux 面板*
桌面栏和垂直选项的区别在于,在桌面栏模式下,面板垂直对齐,就像在垂直模式下一样,但是插件是水平放置的。这意味着你可以创建更宽的面板(用于宽屏布局)。如果选择水平布局,它将默在顶部,然后你必须取消锁定面板,单击关闭,然后(使用面板左侧边缘的拖动手柄)将其拖动到底部。你可以回到面板设置窗口并重新锁定面板。
除此之外,使用 Xfce 桌面对于任何级别的用户来说都是无需动脑筋的事情……就是这么简单。你会发现很多涵盖了生产力LibreOffice、Orage Calendar、PDF-Shuffler、图像GIMP)、通信Firefox、Thunderbird、HexChat、多媒体Clementine、guvcview SMTube、VLC媒体播放器的软件和一些 MX Linux 专属的工具(称为 MX 工具,涵盖了 live-USB 驱动器制作工具、网络助手、包管理工具、仓库管理工具、live ISO 快照工具等等)。
### Samba
让我们讨论一下如何将文件夹共享到你的网络。正如我所提到的你不需要安装任何额外的包就可以使其正常工作。只需打开文件管理器右键单击任何位置并选择网络上的共享文件夹。系统将提示你输入管理密码已在安装期间设置。验证成功之后Samba 服务器配置工具将打开(图 6
![sharing][15]
*图 6向网络共享一个目录*
单击“+”按钮配置你的共享。你将被要求指定一个目录,为共享提供一个名称/描述,然后决定该共享是否可写和可见(图 7
![sharing][17]
*图 7在 MX Linux 上配置共享*
当你单击 Access 选项时,你可以选择是让每个人都访问共享,还是限于特定的用户。问题就出在这里。此时,没有用户可以共享。为什么?因为它们还没有被添加。有两种方法可以把它们添加到共享:从命令行或使用我们已经打开的工具。让我们用一种更为简单的方法。在 Samba 服务器配置工具的主窗口中,单击“首选项” > “Samba 用户”。在弹出的窗口中,单击“添加用户”。
将出现一个新窗口(图 8你需要从下拉框中选择用户输入 Windows 用户名,并为用户键入/重新键入密码。
![Samba][19]
*图 8向 Samba 添加用户*
一旦你单击“确定”,这用户就会被添加,并且基于你的网络的对用户的共享功能也随之启用。创建 Samba 共享从未变得如此容易。
### 结论
MX Linux 使任何从桌面操作系统转到 Linux 都变得非常简单。尽管有些人可能会觉得桌面界面不太现代但发行版的主要关注点不是美观而是简洁。为此MX Linux 以出色的方式取得了成功。Linux 的这个特色发行版可以让任何人在使用 Linux 的过程中感到宾至如归。尝试这一中等体量的发行版,看看它能否作为你的日常系统。
--------------------------------------------------------------------------------
via: https://www.linux.com/learn/intro-to-linux/2018/4/mx-linux-mid-weight-distro-focused-simplicity
作者:[JACK WALLEN][a]
译者:[qfzy1233](https://github.com/qfzy1233)
校对:[wxy](https://github.com/wxy)
选题:[lujun9972](https://github.com/lujun9972)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://www.linux.com/users/jlwallen
[1]:https://antixlinux.com/
[2]:https://en.wikipedia.org/wiki/MEPIS
[3]:https://lxde.org/
[4]:https://mxlinux.org/download-links
[5]:/files/images/mxlinux1jpg
[6]:https://www.linux.com/sites/lcom/files/styles/rendered_file/public/mxlinux_1.jpg?itok=i9bNScjH (install)
[7]:/licenses/category/used-permission
[8]:https://www.linux.com/sites/lcom/files/styles/rendered_file/public/mxlinux_2.jpg?itok=72nWxkGo
[9]:https://www.linux.com/sites/lcom/files/styles/rendered_file/public/mxlinux_3.jpg?itok=ppf2l_bm (user)
[10]:/files/images/mxlinux4jpg
[11]:https://www.linux.com/sites/lcom/files/styles/rendered_file/public/mxlinux_4.jpg?itok=mS1eBy9m (desktop)
[12]:/files/images/mxlinux5jpg
[13]:https://www.linux.com/sites/lcom/files/styles/floated_images/public/mxlinux_5.jpg?itok=wsN1hviN (panel)
[14]:/files/images/mxlinux6jpg
[15]:https://www.linux.com/sites/lcom/files/styles/floated_images/public/mxlinux_6.jpg?itok=vw8mIp9T (sharing)
[16]:/files/images/mxlinux7jpg
[17]:https://www.linux.com/sites/lcom/files/styles/floated_images/public/mxlinux_7.jpg?itok=tRIWdcEk (sharing)
[18]:/files/images/mxlinux8jpg
[19]:https://www.linux.com/sites/lcom/files/styles/floated_images/public/mxlinux_8.jpg?itok=ZS6lhZN2 (Samba)
[20]:https://training.linuxfoundation.org/linux-courses/system-administration-training/introduction-to-linux

54
published/20190617 Use ImageGlass to quickly view JPG images as a slideshow.md
View File

@ -1,54 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: (geekpi)
[#]: reviewer: (wxy)
[#]: publisher: (wxy)
[#]: url: (https://linux.cn/article-11141-1.html)
[#]: subject: (Use ImageGlass to quickly view JPG images as a slideshow)
[#]: via: (https://opensource.com/article/19/6/use-imageglass-view-jpg-images-slideshow-windows-10)
[#]: author: (Jeff Macharyas https://opensource.com/users/jeffmacharyas)
使用 ImageGlass 以幻灯片形式快速查看 JPG 图像
======
> 想要在 Windows 10 中以幻灯片形式逐个查看文件夹中的图像么?开源软件可以做到。
![Looking back with binoculars][1]
欢迎阅读今天的系列文章 “我该如何让它实现?”就我而言,我试图在 Windows 10 上以幻灯片形式查看 JPG 图像的文件夹。像往常一样,我转向开源来解决这个问题。
在 Mac 上,以幻灯片形式查看 JPG 图像文件夹只需选择文件夹中的所有图像(`Command-A`),然后按 `Option-Command-Y` 即可。之后,你可以使用箭头键向前翻动。当然,在 Windows 中,你可以通过选择第一个图像,然后单击窗口中黄色的**管理**栏,然后选择**幻灯片**来执行类似的操作。在那里,你可以控制速度,但只能做到:慢、中、快。
我希望像在 Windows 中能像 Mac 一样翻下一张图片。自然地,我 Google 搜索了一下并找到了一个方案。我发现了 [ImageGlass][2] 这个开源应用,其许可证是 [GPL 3.0][3],并且它完美地做到了。这是它的样子:
![Viewing an image in ImageGlass.][4]
### 关于 ImageGlass
ImageGlass 是由 Dương Diệu Pháp 开发的,根据他的网站,他是一名越南开发人员,在 Chainstack 负责前端。他与在美国的 [Kevin Routley][5] 协作,后者“为 ImageGlass 开发新功能”。源代码可以在 [GitHub][6] 上找到。
ImageGlass 支持最常见的图像格式,包括 JPG、GIF、PNG、WEBP、SVG 和 RAW。用户可以轻松自定义扩展名列表。
我遇到的具体问题是需要找到一张用于目录封面的图像。不幸的是,它在一个包含数十张照片的文件夹中。在 ImageGlass 中以幻灯片浏览照片,在我想要的照片前停止,并将其下载到我的项目文件夹中变得很容易。开源再次帮助了我,该应用只花了很短的时间下载和使用。
在 2016 年 3 月 10 日Jason Baker 在他的文章 [9 款 Picasa 的开源替代品][7] 中将 ImageGlass 列为其中之一。如果你有需求,里面还有一些其他有趣的图像相关工具。
--------------------------------------------------------------------------------
via: https://opensource.com/article/19/6/use-imageglass-view-jpg-images-slideshow-windows-10
作者:[Jeff Macharyas][a]
选题:[lujun9972][b]
译者:[geekpi](https://github.com/geekpi)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/jeffmacharyas
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/look-binoculars-sight-see-review.png?itok=NOw2cm39 (Looking back with binoculars)
[2]: https://imageglass.org/
[3]: https://github.com/d2phap/ImageGlass/blob/master/LICENSE
[4]: https://opensource.com/sites/default/files/uploads/imageglass-screenshot.png (Viewing an image in ImageGlass.)
[5]: https://github.com/fire-eggs
[6]: https://github.com/d2phap/ImageGlass
[7]: https://opensource.com/alternatives/picasa

136
published/20190706 How To Delete A Repository And GPG Key In Ubuntu.md
View File

@ -1,136 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: (geekpi)
[#]: reviewer: (wxy)
[#]: publisher: (wxy)
[#]: url: (https://linux.cn/article-11115-1.html)
[#]: subject: (How To Delete A Repository And GPG Key In Ubuntu)
[#]: via: (https://www.ostechnix.com/how-to-delete-a-repository-and-gpg-key-in-ubuntu/)
[#]: author: (sk https://www.ostechnix.com/author/sk/)
如何在 Ubuntu 中删除仓库及其 GPG 密钥
======
![Delete A Repository And GPG Key In Ubuntu][1]
前几天我们讨论了如何在基于 RPM 和 DEB 的系统中[列出已安装的仓库][2]。今天,我们将学习如何在 Ubuntu 中删除仓库及其 GPG 密钥。对于不知道仓库的人,仓库(简称 repo是开发人员存储软件包的地方。仓库的软件包经过全面测试并由 Ubuntu 开发人员专门为每个版本构建。用户可以使用 Apt 包管理器在他们的 Ubuntu 系统上下载和安装这些包。Ubuntu 有四个官方仓库,即 Main、Universe、Restricted 和 Multiverse。
除了官方仓库外,还有许多由开发人员(或软件包维护人员)维护的非官方仓库。非官方仓库通常有官方仓库中不可用的包。所有包都由包维护者用一对密钥(公钥和私钥)签名。如你所知,公钥是发给用户的,私钥必须保密。每当你在源列表中添加新的仓库时,如果 Apt 包管理器想要信任新添加的仓库,你还应该添加仓库密钥(公钥)。使用仓库密钥,你可以确保从正确的人那里获得包。到这里希望你对软件仓库和仓库密钥有了一个基本的了解。现在让我们继续看看如果在 Ubuntu 系统中不再需要仓库及其密钥,那么该如何删除它。
### 在 Ubuntu 中删除仓库
每当使用 `add-apt-repository` 命令添加仓库时,它都将保存在 `/etc/apt/sources.list` 中。
要从 Ubuntu 及其衍生版中删除软件仓库,只需打开 `/etc/apt/sources.list` 文件并查找仓库名字并将其删除即可。
```
$ sudo nano /etc/apt/sources.list
```
正如你在下面的截图中看到的,我在我的 Ubuntu 系统中添加了 [Oracle Virtualbox][3] 仓库。
![][4]
*virtualbox 仓库*
要删除此仓库,只需删除该条目即可。保存并关闭文件。
如果你已添加 PPA 仓库,请查看 `/etc/apt/sources.list.d/` 目录并删除相应的条目。
或者,你可以使用 `add-apt-repository` 命令删除仓库。例如,我要删除 [Systemback][5] 仓库,如下所示。
```
$ sudo add-apt-repository -r ppa:nemh/systemback
```
最后,使用以下命令更新软件源列表:
```
$ sudo apt update
```
### 删除仓库密钥
我们使用 `apt-key` 命令添加仓库密钥。首先,让我们使用命令列出添加的密钥:
```
$ sudo apt-key list
```
此命令将列出所有添加的仓库密钥。
```
/etc/apt/trusted.gpg
--------------------
pub rsa1024 2010-10-31 [SC]
3820 03C2 C8B7 B4AB 813E 915B 14E4 9429 73C6 2A1B
uid [ unknown] Launchpad PPA for Kendek
pub rsa4096 2016-04-22 [SC]
B9F8 D658 297A F3EF C18D 5CDF A2F6 83C5 2980 AECF
uid [ unknown] Oracle Corporation (VirtualBox archive signing key) <[email protected]>
sub rsa4096 2016-04-22 [E]
/etc/apt/trusted.gpg.d/ubuntu-keyring-2012-archive.gpg
------------------------------------------------------
pub rsa4096 2012-05-11 [SC]
790B C727 7767 219C 42C8 6F93 3B4F E6AC C0B2 1F32
uid [ unknown] Ubuntu Archive Automatic Signing Key (2012) <[email protected]>
/etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg
------------------------------------------------------
pub rsa4096 2012-05-11 [SC]
8439 38DF 228D 22F7 B374 2BC0 D94A A3F0 EFE2 1092
uid [ unknown] Ubuntu CD Image Automatic Signing Key (2012) <[email protected]>
/etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg
------------------------------------------------------
pub rsa4096 2018-09-17 [SC]
F6EC B376 2474 EDA9 D21B 7022 8719 20D1 991B C93C
uid [ unknown] Ubuntu Archive Automatic Signing Key (2018) <[email protected]>
```
正如你在上面的输出中所看到的那串长的40 个字符)十六进制值是仓库密钥。如果你希望 APT 包管理器停止信任该密钥,只需使用以下命令将其删除:
```
$ sudo apt-key del "3820 03C2 C8B7 B4AB 813E 915B 14E4 9429 73C6 2A1B"
```
或者,仅指定最后 8 个字符:
```
$ sudo apt-key del 73C62A1B
```
完成!仓库密钥已被删除。运行以下命令更新仓库列表:
```
$ sudo apt update
```
资源:
* [软件仓库 Ubuntu 社区 Wiki][6]
--------------------------------------------------------------------------------
via: https://www.ostechnix.com/how-to-delete-a-repository-and-gpg-key-in-ubuntu/
作者:[sk][a]
选题:[lujun9972][b]
译者:[geekpi](https://github.com/geekpi)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.ostechnix.com/author/sk/
[b]: https://github.com/lujun9972
[1]: https://www.ostechnix.com/wp-content/uploads/2019/07/Delete-a-repository-in-ubuntu-720x340.png
[2]: https://www.ostechnix.com/find-list-installed-repositories-commandline-linux/
[3]: https://www.ostechnix.com/install-oracle-virtualbox-ubuntu-16-04-headless-server/
[4]: https://www.ostechnix.com/wp-content/uploads/2019/07/virtualbox-repository.png
[5]: https://www.ostechnix.com/systemback-restore-ubuntu-desktop-and-server-to-previous-state/
[6]: https://help.ubuntu.com/community/Repositories/Ubuntu

184
published/20190708 10 ways to get started with Linux.md
View File

@ -1,184 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: (wxy)
[#]: reviewer: (wxy)
[#]: publisher: (wxy)
[#]: url: (https://linux.cn/article-11124-1.html)
[#]: subject: (10 ways to get started with Linux)
[#]: via: (https://opensource.com/article/19/7/ways-get-started-linux)
[#]: author: (Seth Kenlon https://opensource.com/users/seth/users/don-watkins)
Linux 入门十法
======
> 想要进入 Linux 之门,试试这十个方法。
![](https://img.linux.net.cn/data/attachment/album/201907/20/061809wwkmb51vqookoqq5.jpg)
文章《[什么是 Linux 用户?][2]》的作者 Anderson Silva 明确表示,现今人们使用 Linux在某种程度上就像使用 Windows 一样,只要你对“使用 Linux”这个事情定义得足够广义。尽管如此如果你的生活中没有太多的使用 Linux 的机会,现在正是以前所未有的方式尝试 Linux 的好时机。
以下是 Linux 入门的十种方法。你可以试试其中一个或者全部试试。
### 1、加入免费 shell 计划
![Free shell screenshot][3]
有很多人在用不上的服务器上运行 Linux 请记住“Linux 服务器”可以是从最新的超级计算机到丢弃的、已经用了 12 年的笔记本电脑中的任何一个)。为了充分利用多余的计算机,许多管理员用这些备用的机器提供了免费的 shell 帐户。
如果你想要登录到 Linux 终端中学习命令、shell 脚本、Python 以及 Web 开发的基础知识,那么免费的 shell 帐户是一种简单、免费的入门方式。下面是一个可以体验一下的简短列表:
* [Freeshell.de][4] 是一个自 2002 年以来一直在线服务的公用 Linux 系统。你可以通过 SSH、IPv6 和 OpenSSL 进行访问,以获得 Linux shell 体验,并且可以使用 MySQL 数据库。
* [Blinkenshell][5] 提供了一个学习 Unix、使用 IRC、托管简单网站和共享文件的 Linux shell。它自 2006 年以来一直在线服务。
* [SDF 公用 Unix 系统][6]成立于 1987 年,提供了免费的 NetBSD 账户。当然NetBSD 不是 Linux但它是开源的 Unix因此它提供了类似的体验。它也有几个自制应用程序因此它不但有普通的免费 shell还提供了老派 BBS。
免费 shell 帐户常会受到滥用,因此你表现出的可信程度和积极参与协作的意愿越多,你的体验就越好。你可以通过专门请求或小额捐赠来证明你的诚意,通常可以访问数据库引擎、编译器和高级编程语言。你还可以要求安装其他软件或库,但需经管理员批准。
#### 如何使用
公用 shell 帐户是尝试真正的 Linux 系统的好方法。你无法获得 root 权限这一事实意味着你可以学习本地软件管理,而无需做更多的维护工作。你可以做很多实际操作,以完成真正的工作,尽管它们对于学习关键任务还不够。
### 2、试试 Windows WSL 2 里面的 Linux
不管你信不信,微软从 2019 年 6 月开始在 Windows 里面带上了 Linux这意味着你可以从 Windows 运行 Linux 应用程序,这是 [Windows 里的 Linux 子系统][7]的第二版WSL 2。虽然它主要针对开发人员但 Windows 用户可以发现 WSL 2 是一个来自于他们熟悉的桌面上的 Linux 环境,而没有被任何虚拟化占用额外资源。这是一个以进程方式运行在 Windows 机器上的 Linux。现阶段它仍然是一个新的动向和正在进行中的工作因此它可能会发生变化。如果你试图用它承担重任你可能会遇到一两个错误但是如果你只是想入门 Linux、学习一些命令并感受在基于文本的环境如何完成工作那么 WSL 2 可能正是你所需要的。
#### 如何使用
WSL 还没有明确的用途或目的,但它在 Windows 机器上提供了 Linux 环境。你可以获得 root 访问权限,并可以运行 Linux 发行版和应用程序,因此这是一种简单而无缝的学习方式。但是,即使 WSL *是Linux*,它也不能给你典型的 Linux 体验。它是由 Windows 提供的 Linux而这不太会是你在现实世界中遇到的情况。WSL 是一个开发和教育工具,但如果你可以使用它,那么你应该试试它。
### 3、把 Linux 放到可启动的 U 盘上
![Porteus Linux][8]
便携 Linux 可以安装到 U 盘上随身携带,并用该 U 盘启动你遇到的任何计算机。你可以获得个性化的 Linux 桌面,而无需担心所用于启动的主机上的数据。该计算机上原有的系统不会与你的 Linux 系统相接触,并且你的 Linux 操作系统也不会影响计算机。它非常适合酒店商务中心、图书馆、学校的公共计算机,或者只是给自己一个不时启动 Linux 的借口。
与许多其他快速获得的 Linux shell 不同,此方法为你提供了一个完整而强大的 Linux 系统,包括桌面环境,可访问你需要的任何软件以及持久的数据存储。
这个系统永远不会改变。你要保存的任何数据都将写入压缩的文件系统中,然后在引导时将其作为覆盖层应用于该系统。这种灵活性允许你选择是以持久模式启动,将所有数据保存回 U 盘;还是以临时模式启动,以便一旦关闭电源,你所做的一切都会消失。换句话说,你可以将其用作不受信任的计算机上的安全信息亭或你信任的计算机上的便携式操作系统。
你可以尝试很多 [U 盘发行版][9],有些带有精简的桌面环境,适用于低功耗计算机,而另一些带有完整的桌面环境。我偏爱 [Porteus][10] Linux。在过去的八年里我每天都把它放在我的钥匙链上在商务旅行中使用它作为我的主要计算平台如果在工作场所或家中计算机发生问题它也会用作工具盘。它是一个可靠而稳定的操作系统有趣且易于使用。
在 Mac 或 Windows 上,下载 [Fedora Media Writer][11] 以创建你下载的任何便携式发行版的可启动 U 盘。
#### 如何使用
从 U 盘启动一个 “实时 Linux” 可提供完整的 Linux 发行版环境。虽然数据存储与你安装到硬盘驱动器的系统略有不同,但其它的所有内容都与你在 Linux 桌面上所期望的一样。在便携式 Linux 操作系统上你几乎没有什么不能做的,所以在你的钥匙串上挂上一个以解锁你遇到的每台计算机的全部潜力吧。
### 4、在线游览
![Linux tour screenshot][12]
Ubuntu 的某个人想到了在浏览器中托管 Ubuntu GNOME 桌面的好主意。如果想要自己尝试一下,可以打开 Web 浏览器并导航到 [tour.ubuntu.com][13]。你可以选择要演示的活动,也可以跳过单个课程并单击 “<ruby>四处看看<rt>Show Yourself Around</rt></ruby>” 按钮。
即使你是 Linux 桌面的新用户,你也可能会发现“四处看看”功能比你想象的更还简单。在线游览中,你可以四处看看,查看可用的应用程序,以及查看典型的默认 Linux 桌面。你不能在 Firefox 中调整设置或启动另一个在线游览(这是我尝试过的第一件事),虽然你可以完成安装应用程序的动作,但你无法启动它们。但是,如果你之前从未使用过 Linux 桌面,并且想要看到各种新奇的东西,那这就是一场旋风之旅。
#### 如何使用
在线游览真的只是一次旅行。如果你从未见过 Linux 桌面,那么这是一个了解它的情况的机会。这不是一个正式的使用,而是一个吸引过客的展示。
### 5、在浏览器中用 JavaScript 运行 Linux
![JSLinux][14]
就在不久之前,虚拟化的计算成本还很高,还仅限于使用先进的硬件的用户。而现在虚拟化已被优化到可以由 JavaScript 引擎执行的程度,这要归功于 Fabrice Bellard它是优秀的开源 [QEMU][15] 机器仿真器和虚拟器的创建者。
Bellard 还启动了 JSLinux 项目,该项目允许你在浏览器中运行 Linux 和其他操作系统,这算是闲暇时间的一个乐趣。它仍然是一个实验性项目,但它是一个技术奇迹。打开 Web 浏览器导航到 [JSLinux][16] 页面,你可以启动基于文本的 Linux shell 或精简的图形 Linux 环境。你可以上传和下载文件到 JSLinux 主机上或(在理论上可以)将文件发送到一个网络备份位置,因为 JSLinux 可以通过 VPN 套接字访问互联网(尽管上限速度取决于 VPN 服务)。
#### 如何使用
你不会在 JSLinux 上正经使用多少时间,这个环境可能太不寻常了,无法学习 Linux 正常工作的广泛课程。但是,如果你厌倦了在一台普通的 PC 上运行 Linux 并想在一个真正独特的平台上试用 Linux那么 JSLinux 就属于这种。
### 6、阅读关于它的书
并非每种 Linux 体验都要用到计算机。也许你是那种喜欢在开始新事物之前保持距离先观察和研究的人,或者你可能还不清楚 “Linux” 所包含的内容,或者你喜欢全情投入其中。关于 Linux 如何工作、运行 Linux 的方式以及 Linux 世界中有什么,有很多书可以读。
你越熟悉开源世界,就越容易理解常用术语,将城市神话与实际经验区分开来。我们不时会发布[图书清单] [17],但我的最爱之一是 Hazel Russman 的《[The Charm of Linux][18]》。这是一个从不同角度巡览 Linux 的过程,是由一位独立作者在发现 Linux 时兴奋之余写作的。
#### 如何使用
没有什么能比一本好书更好。这是体验 Linux 的最不传统的方法,但对于喜欢印刷文字的人来说,它既舒适又有效。
### 7、弄块树莓派
![Raspberry Pi 4][19]
如果你正在使用[树莓派][20],那么你就正在运行 Linux。Linux 和低功耗计算很容易上手。关于树莓派的好处,除了价格低于 100 美元之外,它的[网站][21]是专为教育而设计的。你可以了解树莓派所能做的一切,当你了解之后,就知道了 Linux 可以为你做些什么。
#### 如何使用
树莓派被设计为低功耗计算机。这意味着你不能像过去那样做那么多的多任务处理,但这是一种避免不堪重负的方便方法。树莓派是学习 Linux 及其附带的所有可能性的好方法,它是发现环保、小型、简化计算能力的有趣方式。并且一定要关注 Opensource.com 上的[提示][22]、[技巧][23]和[有趣的][24][活动] [25],特别是在每年三月份的树莓派之周的期间。
### 8、赶上容器热潮
如果你从事于神话般的[云服务][26]的后端工作,那么你已经听说过容器热潮。虽然你可以在 Windows、Azure、Mac 和 Linux 上运行 Docker 和 Kubernetes但你可能不知道容器本身就是 Linux。云计算应用和基础设施实际上是精简的 Linux 系统,部分虚拟化,部分基于裸机。如果启动容器,则会启动微型的超特定的 Linux 发行版。
容器与虚拟机或物理服务器[不同][27]。它们不打算用作通用操作系统。但是,如果你在容器中进行开发,你可以停下来四处打量一下,你将了解到 Linux 系统的结构、保存重要文件的位置以及最常见的命令。你甚至可以[在线尝试容器][28],你可以在我的文章中[深入到 Linux 容器的背后][29]了解它们如何工作的。
#### 如何使用
根据设计,容器特定于一个单一任务,但它们是 Linux因此它们非常灵活。你可以如你预期的使用它们也可以在你的 Linux 实验当中将容器构建到大部分完整系统中。它虽然不提供桌面 Linux 体验,但它是完整的 Linux 体验。
### 9、以虚拟机方式安装 Linux
虚拟化是尝试操作系统的简便方法,[VirtualBox][30] 是一种很好的开源虚拟化方法。VirtualBox 可以在 Windows 和 Mac 上运行,因此你可以将 Linux 安装为虚拟机VM并使用它就好像它只是一个应用程序一样。如果你不习惯安装操作系统VirtualBox 也是一种尝试 Linux 的非常安全的方式,而不会意外地将其安装覆盖在你通常的操作系统上。
#### 如何使用
将 Linux 作为虚拟机运行既方便又简单,既可以作为试运行使用,也可以在需要 Linux 环境时进行双启动或重启进入。它功能齐全,因为它使用虚拟硬件,宿主操作系统负责驱动你的外围设备。将 Linux 作为虚拟机运行的唯一缺点主要是心理上的。如果你打算使用 Linux 作为主要操作系统,但最终默认在宿主操作系统上做除了特定于 Linux 的大多数任务,那么虚拟机就会让你失望。否则,虚拟机是现代技术的胜利,在 VirtualBox 中使用 Linux 可以为你提供 Linux 所提供的所有最佳功能。
### 10、安装一个 Linux
![Fedora Silverblue][31]
如果对上述方式有疑问,那么总会有传统的方式。如果你想给予 Linux 应有的关注,你可以下载 Linux将安装程序刻录到 U 盘(或 DVD如果你更喜欢光学介质的话并将其安装在你的计算机上。Linux 是开源的,所以任何想要花时间打包 Linux 的人都可以分发 Linux并且可以将所有可用的部分分配到通常称为发行版的内容中。无论问哪一个 Linux 用户什么发行版是“最好的”,你必然都会得到一个不同的答案(主要是因为这个术语“最佳”通常是尚未定义的)。大多数人都认可:你应该使用适合你的 Linux 发行版,这意味着你应该测试一些流行的发行版,并坚持使你的计算机按照你期望的行为行事。这是一种务实和功能性的方法。例如,如果发行版无法识别你的网络摄像头而你希望它可以正常工作,则可以使用一个可识别该网络摄像头的发行版。
如果你之前从未安装过操作系统,你会发现大多数 Linux 发行版都包含一个友好且简单的安装程序。只需下载一个发行版(它们以 ISO 文件提供),然后下载 [Fedora Media Writer][11] 来创建一个可启动的安装 U 盘。
#### 如何使用
安装 Linux 并将其用作操作系统是迈向熟悉它的一步。怎么使用它都可以。你可能会发现一些你从未了解过的所需的必备功能,你可能会比你想象的更多地了解计算机,并且可能会改变你的世界观。你使用一个 Linux 桌面,或者是因为它易于下载和安装,或者是因为你想要削弱公司中某些人的霸主地位,或者只是因为它可以帮助你完成工作。
无论你的原因是什么,只需尝试使用上面这些任何(或所有)这些方式。
--------------------------------------------------------------------------------
via: https://opensource.com/article/19/7/ways-get-started-linux
作者:[Seth Kenlon][a]
选题:[lujun9972][b]
译者:[wxy](https://github.com/wxy)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/seth/users/don-watkins
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/OSDC_Penguin_Image_520x292_12324207_0714_mm_v1a.png?itok=p7cWyQv9 (Penguins gathered together in the Artic)
[2]: https://opensource.com/article/19/6/what-linux-user
[3]: https://opensource.com/sites/default/files/uploads/freeshell.png (Free shell screenshot)
[4]: https://freeshell.de
[5]: https://blinkenshell.org/wiki/Start
[6]: https://sdf.org/
[7]: https://devblogs.microsoft.com/commandline/wsl-2-is-now-available-in-windows-insiders/
[8]: https://opensource.com/sites/default/files/uploads/porteus.jpg (Porteus Linux)
[9]: https://linux.cn/article-11040-1.html
[10]: http://porteus.org
[11]: https://getfedora.org/en/workstation/download/
[12]: https://opensource.com/sites/default/files/uploads/linux_tour.jpg (Linux tour screenshot)
[13]: http://tour.ubuntu.com/en/#
[14]: https://opensource.com/sites/default/files/uploads/jslinux.jpg (JSLinux)
[15]: https://www.qemu.org
[16]: https://bellard.org/jslinux/
[17]: https://opensource.com/article/19/1/tech-books-new-skils
[18]: http://www.lulu.com/shop/hazel-russman/the-charm-of-linux/paperback/product-21229401.html
[19]: https://opensource.com/sites/default/files/uploads/raspberry-pi-4-case.jpg (Raspberry Pi 4)
[20]: https://opensource.com/resources/raspberry-pi
[21]: https://www.raspberrypi.org/
[22]: https://opensource.com/article/19/3/raspberry-pi-projects
[23]: https://opensource.com/article/19/3/piflash
[24]: https://opensource.com/article/19/3/gamepad-raspberry-pi
[25]: https://opensource.com/life/16/3/make-music-raspberry-pi-milkytracker
[26]: https://opensource.com/resources/cloud
[27]: https://opensource.com/article/19/6/how-ssh-running-container
[28]: https://linuxcontainers.org/lxd/try-it/
[29]: https://opensource.com/article/18/11/behind-scenes-linux-containers
[30]: https://virtualbox.org
[31]: https://opensource.com/sites/default/files/uploads/fedora-silverblue.png (Fedora Silverblue)

126
published/20190708 Command line quick tips- Permissions.md
View File

@ -1,126 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: (MjSeven)
[#]: reviewer: (wxy)
[#]: publisher: (wxy)
[#]: url: (https://linux.cn/article-11123-1.html)
[#]: subject: (Command line quick tips: Permissions)
[#]: via: (https://fedoramagazine.org/command-line-quick-tips-permissions/)
[#]: author: (Paul W. Frields https://fedoramagazine.org/author/pfrields/)
命令行快速提示:权限
======
![][1]
Fedora 与所有基于 Linux 的系统一样,它提供了一组强大的安全特性。其中一个基本特性是文件和文件夹上的*权限*。这些权限保护文件和文件夹免受未经授权的访问。本文将简要介绍这些权限,并向你展示如何使用它们共享对文件夹的访问。
### 权限基础
Fedora 本质上是一个多用户操作系统,它也有*组*,用户可以是其成员。但是,想象一下一个没有权限概念的多用户系统,不同的登录用户可以随意阅读彼此的内容。你可以想象到这对隐私或安全性并不是很好。
Fedora 上的任何文件或文件夹都分配了三组权限。第一组用于拥有文件或文件夹的*用户*,第二组用于拥有它的*组*,第三组用于其他人,即既不是该文件的用户也不是拥有该文件的组中的用户。有时这被称为*全世界*。
### 权限意味着什么
每组权限都有三种形式:*读*、*写*和*执行*。其中每个都可以用首字母来代替,即 `r`、`w`、`x`。
#### 文件权限
对于*文件*,权限的含义如下所示:
* 读(`r`):可以读取文件内容
* 写(`w`):可以更改文件内容
* 执行(`x`):可以执行文件 —— 这主要用于打算直接运行的程序或脚本
当你对任何文件进行详细信息列表查看时,可以看到这三组权限。尝试查看系统上的 `/etc/services` 文件:
```
$ ls -l /etc/services
-rw-r--r--. 1 root root 692241 Apr 9 03:47 /etc/services
```
注意列表左侧的权限组。如上所述,这些表明三种用户的权限:拥有该文件的用户,拥有该文件的组以及其他人。用户所有者是 `root`,组所有者是 `root` 组。用户所有者具有对文件的读写权限,`root` 组中的任何人都只能读取该文件。最后,其他任何人也只能读取该文件。(最左边的 `-` 显示这是一个常规文件。)
顺便说一下,你通常会在许多(但不是所有)系统配置文件上发现这组权限,它们只由系统管理员而不是普通用户更改。通常,普通用户需要读取其内容。
#### 文件夹(目录)权限
对于文件夹,权限的含义略有不同:
* 读(`r`):可以读取文件夹内容(例如 `ls` 命令)
* 写(`w`):可以更改文件夹内容(可以在此文件夹中创建或删除文件)
* 执行(`x`):可以搜索文件夹,但无法读取其内容。(这听起来可能很奇怪,但解释起来需要更复杂的文件系统细节,这超出了本文的范围,所以现在就这样吧。)
看一下 `/etc/grub.d` 文件夹的例子:
```
$ ls -ld /etc/grub.d
drwx------. 2 root root 4096 May 23 16:28 /etc/grub.d
```
注意最左边的 `d`,它显示这是一个目录或文件夹。权限显示用户所有者(`root`)可以读取、更改和 `cd` 到此文件夹中。但是,没有其他人可以这样做 —— 无论他们是否是 `root` 组的成员。注意,你不能 `cd` 进入该文件夹。
```
$ cd /etc/grub.d
bash: cd: /etc/grub.d: Permission denied
```
注意你自己的主目录是如何设置的:
```
$ ls -ld $HOME
drwx------. 221 paul paul 28672 Jul 3 14:03 /home/paul
```
现在,注意除了作为所有者之外,没有人可以访问此文件夹中的任何内容。这是特意的!你不希望其他人能够在共享系统上读取你的私人内容。
### 创建共享文件夹
你可以利用此权限功能轻松创建一个文件夹以在组内共享。假设你有一个名为 `finance` 的小组,其中有几个成员需要共享文档。因为这些是用户文档,所以将它们存储在 `/home` 文件夹层次结构中是个好主意。
首先,[使用 sudo][2] 创建一个共享文件夹,并将其设置为 `finance` 组所有:
```
$ sudo mkdir -p /home/shared/finance
$ sudo chgrp finance /home/shared/finance
```
默认情况下,新文件夹具有这些权限。注意任何人都可以读取或搜索它,即使他们无法创建或删除其中的文件:
```
drwxr-xr-x. 2 root root 4096 Jul 6 15:35 finance
```
对于金融数据来说,这似乎不是一个好主意。接下来,使用 `chmod` 命令更改共享文件夹的模式(权限)。注意,使用 `g` 更改所属组的权限,使用 `o` 更改其他用户的权限。同样,`u` 会更改用户所有者的权限:
```
$ sudo chmod g+w,o-rx /home/shared/finance
```
生成的权限看起来更好。现在,`finance` 组中的任何人(或用户所有者 `root`)都可以完全访问该文件夹及其内容:
```
drwxrwx---. 2 root finance 4096 Jul 6 15:35 finance
```
如果其他用户尝试访问共享文件夹,他们将无法执行此操作。太棒了!现在,我们的金融部门可以将文档放在一个共享的地方。
### 其他说明
还有其他方法可以操作这些权限。例如,你可能希望将此文件夹中的任何文件设置为 `finance` 组所拥有。这需要本文未涉及的其他设置,但请继续关注我们,以了解关于该主题的更多信息。
--------------------------------------------------------------------------------
via: https://fedoramagazine.org/command-line-quick-tips-permissions/
作者:[Paul W. Frields][a]
选题:[lujun9972][b]
译者:[MjSeven](https://github.com/MjSeven)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://fedoramagazine.org/author/pfrields/
[b]: https://github.com/lujun9972
[1]: https://fedoramagazine.org/wp-content/uploads/2018/10/commandlinequicktips-816x345.jpg
[2]: https://fedoramagazine.org/howto-use-sudo/

62
published/20190709 Sysadmin vs SRE- What-s the difference.md
View File

@ -1,62 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: (vizv)
[#]: reviewer: (wxy)
[#]: publisher: (wxy)
[#]: url: (https://linux.cn/article-11113-1.html)
[#]: subject: (Sysadmin vs SRE: What's the difference?)
[#]: via: (https://opensource.com/article/19/7/sysadmins-vs-sres)
[#]: author: (Vince Power https://opensource.com/users/vincepower/users/craig5/users/dawnparzych/users/penglish)
系统管理员与网站可靠性工程师SRE对比区别在那儿
======
> 系统管理员和网站可靠性工程师SRE下同对于任何组织来讲都很重要。本篇将介绍下两者的不同之处。
![](https://img.linux.net.cn/data/attachment/album/201907/17/214505qgk19kjuvzb2m1m4.jpg)
在 IT 行业成为多面手或是专家的争议一直存在。99% 的传统系统管理员都被归到了多面手这类。<ruby>[网站可靠性工程师][2]<rt>site reliability engineer</rt></ruby>SRE的角色则更加专精并且在如 Google 般有着一定规模的头部公司中对其的需求不断增加。但总的来说这两者对于跑着应用的基础设施有着同样的目标:为应用的消费者提供良好的体验。然而两者的出发点却截然不同。
### 系统管理员:中立善良的化身
系统管理员一般都是从基础的桌面或网络支持成长过来的,并一路习得大多数系统管理员都会掌握的广泛的技能。此时这些系统管理员会对他们所负责的系统和应用了如指掌。他们会知道一号服务器上的应用每隔一个星期二就需要重启一次,或是九号服务器周三会静默的崩溃。他们会对服务器的监视作出微调以忽略无关紧要的信息,尽管那个被标记为<ruby>致命<rt>fatal<rt></ruby>的错误信息每个月第三个周日都会显示。
总的来讲,系统管理员了解如何照料那些跑着你核心业务的服务器。这些系统管理员已经成长到开始使用自动化工具去处理所有归他们管的服务器上的例行任务。他们虽然喜欢使用模板、<ruby>黄金镜像<rt>golden images</rt></ruby>、以及标准,但同时也有着足够的灵活度去修改一个服务器上的参数以解决错误,并注释为什么那个服务器的配置与众不同。
尽管系统管理员很伟大,但他们也有着一些怪癖。其中一项就是没有他们神圣的授权你永远也获取不了系统的 root 访问权限,另一项则是任何不是出于他们的主意的变更都要在文档中被记录为应用提供方的要求,并仍然需要再次核对。
他们所管理的服务器是他们的地盘,没有人可以随意干涉。
### SRE灭霸将为之自豪
与成为系统管理员的道路相反,从开发背景和从系统管理员背景成长为 SRE 的可能性相近。SRE 的职位出现的时长与应用开发环境的生命周期相近。
随着一个组织的发展而引入的类似于[持续集成][4]和[持续发布][5] (CI/CD) 的 [DevOps][3] 概念,通常会出现技能空缺,以让这些<ruby>不可变<rt>immutable</rt></ruby>的应用部署到多个环境并随着业务需求进行扩展。这将是 SRE 的舞台。的确,一个系统管理员可以学习额外的工具,但大体上成为一个全职的职位更容易跟的上发展。一个专精的专家更有意义。
SRE 使用如<ruby>[代码即基础设施][6]<rt>infrastructure-as-code</rt></ruby>的概念去制作模板,然后调用它们来部署用以运行应用的环境,并以使用一键完整重现每个应用和它们的环境作为目标。因此会出现这样的情况:测试环境中一号服务器里的一号应用的二进制文件与生产环境中十五号服务器的完全一致,仅环境相关的变量如密码和数据库链接字串有所不同。
SRE 也会在配置发生改变时完全销毁一个环境并重新构建它。对于任何系统他们都不带一点感情。每个系统只是个被打了标记和安排了生命周期的数字而已,甚至连例行的对服务器打补丁也要重新部署整个<ruby>应用栈<rt>application stack</rt></ruby>
### 总结
对于一些情况,尤其是运维一些大型的基于 DevOps 的环境时,一个 SRE 所能提供的用于处理各种规模的业务的专业技能当然更具优势。但每次他们在运气不好走入死胡同时都会去寻求他的系统管理员友人或是 [来自地狱的混蛋运维BOFH][7] ,得到他那身经百战的故障排除技能,和那些用于给组织提供价值的丰富经验的帮助。
--------------------------------------------------------------------------------
via: https://opensource.com/article/19/7/sysadmins-vs-sres
作者:[Vince Power][a]
选题:[lujun9972][b]
译者:[vizv](https://github.com/vizv)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/vincepower/users/craig5/users/dawnparzych/users/penglish
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/rh_003499_01_linux11x_cc.png?itok=XMDOouJR (People work on a computer server with devices)
[2]: https://en.wikipedia.org/wiki/Site_Reliability_Engineering
[3]: https://opensource.com/resources/devops
[4]: https://en.wikipedia.org/wiki/Continuous_integration
[5]: https://en.wikipedia.org/wiki/Continuous_delivery
[6]: https://en.wikipedia.org/wiki/Infrastructure_as_code
[7]: http://www.bofharchive.com/BOFH.html

178
published/20190710 32-bit life support- Cross-compiling with GCC.md
View File

@ -1,178 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: (robsean)
[#]: reviewer: (wxy)
[#]: publisher: (wxy)
[#]: url: (https://linux.cn/article-11120-1.html)
[#]: subject: (32-bit life support: Cross-compiling with GCC)
[#]: via: (https://opensource.com/article/19/7/cross-compiling-gcc)
[#]: author: (Seth Kenlon https://opensource.com/users/seth)
32 位支持:使用 GCC 交叉编译
======
> 使用 GCC 在单一的构建机器上来为不同的 CPU 架构交叉编译二进制文件。
![](https://img.linux.net.cn/data/attachment/album/201907/19/054242nwhludz9tm2lwd8t.jpg)
如果你是一个开发者,要创建二进制软件包,像一个 RPM、DEB、Flatpak 或 Snap 软件包,你不得不为各种不同的目标平台编译代码。典型的编译目标包括 32 位和 64 位的 x86 和 ARM。你可以在不同的物理或虚拟机器上完成你的构建但这需要你为何几个系统。作为代替你可以使用 GNU 编译器集合 ([GCC][2]) 来交叉编译,在单一的构建机器上为几个不同的 CPU 架构产生二进制文件。
假设你有一个想要交叉编译的简单的掷骰子游戏。在大多数系统上,以 C 语言来编写这个相对简单,出于给添加现实的复杂性的目的,我以 C++ 语言写这个示例,所以程序依赖于一些不在 C 语言中东西 (具体来说就是 `iostream`)。
```
#include <iostream>
#include <cstdlib>
using namespace std;
void lose (int c);
void win (int c);
void draw ();
int main() {
int i;
do {
cout << "Pick a number between 1 and 20: \n";
cin >> i;
int c = rand ( ) % 21;
if (i > 20) lose (c);
else if (i < c ) lose (c);
else if (i > c ) win (c);
else draw ();
}
while (1==1);
}
void lose (int c )
{
cout << "You lose! Computer rolled " << c << "\n";
}
void win (int c )
{
cout << "You win!! Computer rolled " << c << "\n";
}
void draw ( )
{
cout << "What are the chances. You tied. Try again, I dare you! \n";
}
```
在你的系统上使用 `g++` 命令编译它:
```
$ g++ dice.cpp -o dice
```
然后,运行它来确认其工作:
```
$ ./dice
Pick a number between 1 and 20:
[...]
```
你可以使用 `file` 命令来查看你刚刚生产的二进制文件的类型:
```
$ file ./dice
dice: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically
linked (uses shared libs), for GNU/Linux 5.1.15, not stripped
```
同样重要,使用 `ldd` 命令来查看它链接哪些库:
```
$ ldd dice
linux-vdso.so.1 =&gt; (0x00007ffe0d1dc000)
libstdc++.so.6 =&gt; /usr/lib/x86_64-linux-gnu/libstdc++.so.6
(0x00007fce8410e000)
libc.so.6 =&gt; /lib/x86_64-linux-gnu/libc.so.6
(0x00007fce83d4f000)
libm.so.6 =&gt; /lib/x86_64-linux-gnu/libm.so.6
(0x00007fce83a52000)
/lib64/ld-linux-x86-64.so.2 (0x00007fce84449000)
libgcc_s.so.1 =&gt; /lib/x86_64-linux-gnu/libgcc_s.so.1
(0x00007fce8383c000)
```
从这些测试中,你已经确认了两件事:你刚刚运行的二进制文件是 64 位的,并且它链接的是 64 位库。
这意味着,为实现 32 位交叉编译,你必需告诉 `g++` 来:
1. 产生一个 32 位二进制文件
2. 链接 32 位库,而不是 64 位库
### 设置你的开发环境
为编译成 32 位二进制,你需要在你的系统上安装 32 位的库和头文件。如果你运行一个纯 64 位系统,那么,你没有 32 位的库或头文件,并且需要安装一个基础集合。最起码,你需要 C 和 C++ 库(`glibc` 和 `libstdc++`)以及 GCC 库(`libgcc`)的 32 位版本。这些软件包的名称可能在每个发行版中不同。在 Slackware 系统上,一个纯 64 位的带有 32 位兼容的发行版,可以从 [Alien BOB][3] 提供的 `multilib` 软件包中获得。在 Fedora、CentOS 和 RHEL 系统上:
```
$ yum install libstdc++-*.i686
$ yum install glibc-*.i686
$ yum install libgcc.i686
```
不管你正在使用什么系统,你同样必须安装一些你工程使用的 32 位库。例如,如果你在你的工程中包含 `yaml-cpp`,那么,在编译工程前,你必需安装 `yaml-cpp` 的 32 位版本,或者,在很多系统上,安装 `yaml-cpp` 的开发软件包(例如,在 Fedora 系统上的 `yaml-cpp-devel`)。
一旦这些处理好了,编译是相当简单的:
```
$ g++ -m32 dice.cpp -o dice32 -L /usr/lib -march=i686
```
`-m32` 标志告诉 GCC 以 32 位模式编译。`-march=i686` 选项进一步定义来使用哪种最优化类型(参考 `info gcc` 了解选项列表)。`-L` 标志设置你希望 GCC 来链接的库的路径。对于 32 位来说通常是 `/usr/lib`,不过,这依赖于你的系统是如何设置的,它可以是 `/usr/lib32`,甚至 `/opt/usr/lib`,或者任何你知道存放你的 32 位库的地方。
在代码编译后,查看你的构建的证据:
```
$ file ./dice32
dice: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV),
dynamically linked (uses shared libs) [...]
```
接着,当然, `ldd ./dice32` 也会指向你的 32 位库。
### 不同的架构
在 64 位相同的处理器家族上允许 GCC 做出很多关于如何编译代码的假设来编译 32 位软件。如果你需要为完全不同的处理器编译,你必需安装适当的交叉构建实用程序。安装哪种实用程序取决于你正在编译的东西。这个过程比为相同的 CPU 家族编译更复杂一点。
当你为相同处理器家族交叉编译时,你可以期待找到与 32 位库集的相同的 64 位库集,因为你的 Linux 发行版是同时维护这二者的。当为一个完全不同的架构编译时,你可能不得不穷追你的代码所需要的库。你需要的版本可能不在你的发行版的存储库中,因为你的发行版可能不为你的目标系统提供软件包,或者它不在容易到达的位置提供所有的软件包。如果你正在编译的代码是你写的,那么你可能非常清楚它的依赖关系是什么,并清楚在哪里找到它们。如果代码是你下载的,并需要编译,那么你可能不熟悉它的要求。在这种情况下,研究正确编译代码需要什么(它们通常被列在 `README``INSTALL` 文件中,当然也出现在源文件代码自身之中),然后收集需要的组件。
例如,如果你需要为 ARM 编译 C 代码,你必须首先在 Fedora 或 RHEL 上安装 `gcc-arm-linux-gnu`32 位)或 `gcc-aarch64-linux-gnu`64 位);或者,在 Ubuntu 上安装 `arm-linux-gnueabi-gcc``binutils-arm-linux-gnueabi`。这提供你需要用来构建(至少)一个简单的 C 程序的命令和库。此外,你需要你的代码使用的任何库。你可以在惯常的位置(大多数系统上在 `/usr/include`)放置头文件,或者,你可以放置它们在一个你选择的目录,并使用 `-I` 选项将 GCC 指向它。
当编译时,不使用标准的 `gcc``g++` 命令。作为代替,使用你安装的 GCC 实用程序。例如:
```
$ arm-linux-gnu-g++ dice.cpp \
-I/home/seth/src/crossbuild/arm/cpp \
-o armdice.bin
```
验证你构建的内容:
```
$ file armdice.bin
armdice.bin: ELF 32-bit LSB executable, ARM, EABI5 version 1 (SYSV) [...]
```
### 库和可交付结果
这是一个如何使用交叉编译的简单的示例。在真实的生活中,你的源文件代码可能产生的不止于一个二进制文件。虽然你可以手动管理,在这里手动管理可能不是好的正当理由。在我接下来的文章中,我将说明 GNU 自动工具GNU 自动工具做了使你的代码可移植的大部分工作。
--------------------------------------------------------------------------------
via: https://opensource.com/article/19/7/cross-compiling-gcc
作者:[Seth Kenlon][a]
选题:[lujun9972][b]
译者:[robsean](https://github.com/robsean)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/seth
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/tools_osyearbook2016_sysadmin_cc.png?itok=Y1AHCKI4 (Wratchet set tools)
[2]: https://gcc.gnu.org/
[3]: http://www.slackware.com/~alien/multilib/

256
published/20190710 Test 200- Linux And Unix Operating Systems Online For Free.md
View File

@ -1,256 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: (0x996)
[#]: reviewer: (wxy)
[#]: publisher: (wxy)
[#]: url: (https://linux.cn/article-11118-1.html)
[#]: subject: (Test 200+ Linux And Unix Operating Systems Online For Free)
[#]: via: (https://www.ostechnix.com/test-100-linux-and-unix-operating-systems-online-for-free/)
[#]: author: (sk https://www.ostechnix.com/author/sk/)
在线试用 200 多种 Linux 和 Unix 操作系统
======
![DistroTest——在线试用200多种Linux和Unix操作系统][1]
不久前我们介绍过[OSBoxes][2],该网站提供了一系列免费且开箱即用的 Linux 和 Unix 虚拟机。你可以在你的 Linux 系统中下载这些虚拟机并用 VirtualBox 或 VMWare workstation 试用。今天,我偶然发现一个名叫 “DistroTest” 的类似服务。与 OSBoxes 不同之处在于 DistroTest 让你免费试用现场版 Linux 和 Unix 操作系统。你可以在线试用 200 多种 Linux 和 Unix 操作系统而无需在本地安装它们。只要打开该网站,选择你需要的 Linux/Unix 发行版,然后开始试用!
两个名为 Klemann Andy 和 Forster Tobias 的好心人用 Qemu 在 Debian 上运行了这项网络服务。这里列出的公开发行版在使用上没有任何限制。你可以象使用本地系统一样使用系统的所有功能。你可以安装和卸载软件。你可以测试安装的程序甚至删除或格式化硬盘删除系统文件。简而言之DistroTest让喜欢尝试不同发行版的的人自行决定
* 最适合他们的发行版
* 想要哪种图形界面
* 他们可以选择哪些配置
本文撰写之时DistroTest 提供了 227 种操作系统的 711 个版本。我已经使用 Linux 很多年,但我从未听说过这里列出的一些发行版。说实话我甚至不知道 Linux 操作系统有如此之多的版本。
DistroTest 网站提供的 Linux 发行版的列表如下。LCTT 译注:其中也包括部分非 Linux 的操作系统如 FreeBSD 和 FreeDOS或是分区工具如 Gparted
* 4mLinux
* AbsoluteLinux
* AlpineLinux
* Antergos
* antiX Linux
* Aptosid
* ArchBang
* ArchLabs
* ArchLinux
* Archman
* ArchStrike
* ArtixLinux
* AryaLinux
* AvLinux
* BackBoxLinux
* BigLinux
* Bio-Linux
* BlackArch
* BlackLab
* BlackPantherOS
* blag
* BlankOn
* Bluestar
* Bodhi
* BunsenLabs
* Caine
* Calculate Linux Desktop
* CentOS 7
* Chakra
* ChaletOS
* ClearOS
* Clonezilla
* ConnochaetOS
* Cucumber
* Damn Small Linux
* Debian
* Devil-Linux
* Devuan
* DragonFly BSD
* Dragora
* Dyne:bolic
* Edubuntu
* elementaryOS
* Elive Linux
* Emmabuntüs
* Emmabuntüs
* Endless OS
* EnsoOS
* Exe GNU/Linux
* ExTiX
* Fatdog64
* Fedora
* FerenOS
* FreeBSD
* FreeDOS
* Frugalware
* Frugalware
* G4L
* GeckoLinux
* Gentoo
* GNewSense
* GoboLinux
* Gparted
* GreenieLinux
* GRML
* GuixSD
* Haiku
* Heads
* Kali Linux
* Kanotix
* KaOS
* Knoppix
* Kodachi
* KolibriOS
* Korora
* Kwort
* Linux Lite
* Linux Mint
* LiveRaizo
* LMDE
* LXLE OS
* Macpup
* Mageia
* MakuluLinux
* Manjaro
* MauiLinux
* MenuetOS
* MiniNo
* Modicia
* Musix
* MX Linux
* Nas4Free
* Neptune
* NetBSD
* Netrunner
* NixOs
* NuTyX
* OpenIndiana
* OpenMandriva
* openSUSE
* OracleLinux
* OSGeo live
* OviOS
* Parabola
* Pardus
* Parrot
* Parsix
* PCLinuxOS
* PeachOSI
* Peppermint
* Pinguy
* PinguyOS
* plopLinux
* PointLinux
* Pop!_OS
* PORTEUS
* Puppy Linux
* PureOS
* Q4OS
* QubesOS
* Quirky
* ReactOS
* Redcore
* Rescatux
* RevengeOS
* RoboLinux
* Rockstor
* ROSA
* Runtu
* Sabayon
* SalentOS
* Salix
* ScientificLinux
* Siduction
* Slax
* SliTaz
* Solus
* SolydK
* SparkyLinux
* Springdale
* Stresslinux
* SubgraphOS
* SwagArch (18.03)
* Tails
* Tanglu
* Tiny Core
* Trisquel
* TrueOS
* TurnKey Linux
* Ubuntu及其官方衍生版本
* Uruk
* VectorLinux
* VineLinux
* VoidLinux
* Voyager
* VyOS
* WattOs
* Zentyal
* Zenwalk
* Zevenet
* Zorin OS
### 如何使用?
要试用任何操作系统,点击下面的链接: https://distrotest.net/
在这个网站,你会看到可用的操作系统列表。单击你想了解的发行版名称即可。
![1][4]
用 DistroTest 试用 200 多种Linux和Unix操作系统
本文中我会试用 Arch Linux。
单击发行版链接后,在跳转到的页面单击 “System start” 按钮即可启动所选操作系统。
![1][5]
此现场版操作系统会在新浏览器窗口中启动。你可以通过内建的 noVNC viewer 访问它。请在浏览器中启用/允许 DistroTest 网站的弹出窗口,否则无法看到弹出的 noVNC 窗口。
按回车启动现场版系统。
![1][6]
这就是 Arch Linux 现场版系统:
![1][7]
你可以免费使用这个系统 1 小时。你可以试用该现场版操作系统、安装应用、卸载应用、删除或修改系统文件、测试配置或脚本。每次关机后,一切都会恢复成默认配置。
一旦试用结束,回到 DistroTest 页面并停止你试用的系统。如果你不想启用 DistroTest 页面的弹出窗口,用你本地系统安装的任意 VNC 客户端也可以。VNC 登录信息可在同一页面找到。
![1][8]
DistroTest 服务对两类用户比较实用:想在线试用 Linux/Unix 系统,或是没有喜欢的操作系统现场版 ISO 镜像文件的人。我在 4G 网络上测试的结果一切正常。
### 实际上,我没法在这个虚拟机里安装新软件
试用期间我注意到的一个问题是这个虚拟机没有联网。除了本地环回接口之外没有其他网络接口。没有联网也没有本地镜像源的情况下我没法下载和安装新软件。我不知道为何网站声称可以安装软件。也许在这点上我遗漏了什么。我在 DistroTest 上能做的只是看看现成的系统,试用现场版而不能安装任何软件。
推荐阅读:
* [免费在线学习和练习 Linux命令][9]
* [在浏览器中运行 Linux 和其他操作系统][10]
暂时就这样了。我不知道 DistroTest 团队如何设法托管了这么多操作系统。我肯定这会花不少时间。这的确是件值得称赞的工作。我非常感激项目成员的无私行为。荣誉归于你们。加油!
--------------------------------------------------------------------------------
via: https://www.ostechnix.com/test-100-linux-and-unix-operating-systems-online-for-free/
作者:[sk][a]
选题:[lujun9972][b]
译者:[0x996](https://github.com/0x996)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.ostechnix.com/author/sk/
[b]: https://github.com/lujun9972
[1]: https://www.ostechnix.com/wp-content/uploads/2018/07/test-Linux-and-Unix-online-686x340.jpg
[2]: https://www.ostechnix.com/osboxes-free-unixlinux-virtual-machines-for-vmware-and-virtualbox/
[3]: https://distrotest.net/
[4]: https://www.ostechnix.com/wp-content/uploads/2018/07/Distrotest-5.png
[5]: https://www.ostechnix.com/wp-content/uploads/2018/07/Distrotest-1.png
[6]: https://www.ostechnix.com/wp-content/uploads/2018/07/Distrotest-2.png
[7]: https://www.ostechnix.com/wp-content/uploads/2018/07/Distrotest-3.png
[8]: https://www.ostechnix.com/wp-content/uploads/2018/07/Distrotest-4-1.png
[9]: https://www.ostechnix.com/learn-and-practice-linux-commands-online-for-free/
[10]: https://www.ostechnix.com/run-linux-operating-systems-browser/

144
published/20190711 How to install Elasticsearch on MacOS.md
View File

@ -1,144 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: (geekpi)
[#]: reviewer: (wxy)
[#]: publisher: (wxy)
[#]: url: (https://linux.cn/article-11125-1.html)
[#]: subject: (How to install Elasticsearch on MacOS)
[#]: via: (https://opensource.com/article/19/7/installing-elasticsearch-macos)
[#]: author: (Lauren Maffeo https://opensource.com/users/lmaffeo/users/don-watkins)
如何在 MacOS 上安装 Elasticsearch
======
> 安装 Elasticsearch 很复杂!以下是如何在 Mac 上安装。
![](https://img.linux.net.cn/data/attachment/album/201907/20/064958dnnwvp8wqzqq4fm2.jpg)
[Elasticsearch][2] 是一个用 Java 开发的开源全文搜索引擎。用户上传 JSON 格式的数据集。然后Elasticsearch 在向集群索引中的文档添加可搜索的引用之前先保存原始文档。
Elasticsearch 创建还不到九年但它是最受欢迎的企业搜索引擎。Elastic 在 2019 年 6 月 25 日发布了最新的更新版本 7.2.0。
[Kibana][3] 是 Elasticsearch 的开源数据可视化工具。此工具可帮助用户在 Elasticsearch 集群的内容索引之上创建可视化。
[Sunbursts][4]、[地理空间数据地图][5]、[关系分析][6]和实时数据面板只是其中几个功能。并且由于 Elasticsearch 的机器学习能力,你可以了解哪些属性可能会影响你的数据(如服务器或 IP 地址)并查找异常模式。
在上个月的 [DevFest DC][7] 中Booz Allen Hamilton 的首席数据科学家 [Summer Rankin 博士][8]将 TED Talk 的内容数据集上传到了 Elasticsearch然后使用 Kibana 快速构建了面板。出于好奇,几天后我去了一个 Elasticsearch 聚会。
由于本课程针对的是新手,因此我们从第一步开始:在我们的笔记本上安装 Elastic 和 Kibana。如果没有安装这两个包我们无法将莎士比亚的文本数据集作为测试 JSON 文件创建可视化了。
接下来,我将分享在 MacOS 上下载、安装和运行 Elasticsearch V7.1.1 的分步说明。这是我在 2019 年 6 月中旬参加 Elasticsearch 聚会时的最新版本。
### 下载适合 MacOS 的 Elasticsearch
1、进入 <https://www.elastic.co/downloads/elasticsearch>,你会看到下面的页面:
![The Elasticsearch download page.][9]
2、在**下载**区,单击 **MacOS**,将 Elasticsearch TAR 文件(例如,`elasticsearch-7.1.1-darwin-x86_64.tar`)下载到 `Downloads` 文件夹。
 
3、双击此文件并解压到自己的文件夹中例如`elasticsearch-7.1.1`),这其中包含 TAR 中的所有文件。
**提示**:如果你希望 Elasticsearch 放在另一个文件夹中,现在可以移动它。
### 在 MacOS 命令行中运行 Elasticsearch
如果你愿意,你可以只用命令行运行 Elasticsearch。只需遵循以下流程
1、[打开终端窗口][10]。
2、在终端窗口中输入你的 Elasticsearch 文件夹。例如(如果你移动了程序,请将 `Downloads` 更改为正确的路径):
```
$ cd ~Downloads/elasticsearch-1.1.0
```
3、切换到 Elasticsearch 的 `bin` 子文件夹,然后启动该程序。例如:
```
$ cd bin
$ ./elasticsearch
```
这是我启动 Elasticsearch 1.1.0 时命令行终端显示的一些输出:
![Terminal output when running Elasticsearch.][11]
**注意**默认情况下Elasticsearch 在前台运行,这可能会导致计算机速度变慢。按 `Ctrl-C` 可以阻止 Elasticsearch 运行。
### 使用 GUI 运行 Elasticsearch
如果你更喜欢点击操作,你可以像这样运行 Elasticsearch
1、打开一个新的 **Finder** 窗口。
2、在左侧 Finder 栏中选择 `Downloads`(如果你将 Elasticsearch 移动了另一个文件夹,请进入它)。
3、打开名为 `elasticsearch-7.1.1` 的文件夹(对于此例)。出现了八个子文件夹。
![The elasticsearch/bin menu.][12]
4、打开 `bin` 子文件夹。如上面的截图所示,此子文件夹中有 20 个文件。
 
5、单击第一个文件`elasticsearch`
请注意,你可能会收到安全警告,如下所示:
![The security warning dialog box.][13]
这时候要打开程序需要:
1. 在警告对话框中单击 **OK**
2. 打开**系统偏好**。
3. 单击**安全和隐私**,打开如下窗口:
![Where you can allow your computer to open the downloaded file.][14]
4. 单击**永远打开**,打开如下所示的确认对话框:
![Security confirmation dialog box.][15]
5. 单击**打开**。会打开一个终端窗口并启动 Elasticsearch。
启动过程可能需要一段时间,所以让它继续运行。最终,它将完成,你最后将看到类似这样的输出:
![Launching Elasticsearch in MacOS.][16]
### 了解更多
安装 Elasticsearch 之后,就可以开始探索了!
该工具的 [Elasticsearch开始使用][17]指南会根据你的目标指导你。它的介绍视频介绍了在 [Elasticsearch Service][18] 上启动托管集群执行基本搜索查询通过创建、读取、更新和删除CRUDREST API 等方式操作数据的步骤。
本指南还提供文档链接,开发控制台命令,培训订阅以及 Elasticsearch Service 的免费试用版。此试用版允许你在 AWS 和 GCP 上部署 Elastic 和 Kibana 以支持云中的 Elastic 集群。
在本文的后续内容中,我们将介绍在 MacOS 上安装 Kibana 所需的步骤。此过程将通过不同的数据可视化将你的 Elasticsearch 查询带到一个新的水平。 敬请关注!
--------------------------------------------------------------------------------
via: https://opensource.com/article/19/7/installing-elasticsearch-macos
作者:[Lauren Maffeo][a]
选题:[lujun9972][b]
译者:[geekpi](https://github.com/geekpi)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/lmaffeo/users/don-watkins
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/search_find_code_issue_bug_programming.png?itok=XPrh7fa0 (magnifying glass on computer screen)
[2]: https://www.getapp.com/it-management-software/a/qbox-dot-io-hosted-elasticsearch/
[3]: https://www.elastic.co/products/kibana
[4]: https://en.wikipedia.org/wiki/Pie_chart#Ring
[5]: https://en.wikipedia.org/wiki/Spatial_analysis
[6]: https://en.wikipedia.org/wiki/Correlation_and_dependence
[7]: https://www.devfestdc.org/
[8]: https://www.summerrankin.com/about
[9]: https://opensource.com/sites/default/files/uploads/wwa1f3_600px_0.png (The Elasticsearch download page.)
[10]: https://support.apple.com/en-ca/guide/terminal/welcome/mac
[11]: https://opensource.com/sites/default/files/uploads/io6t1a_600px.png (Terminal output when running Elasticsearch.)
[12]: https://opensource.com/sites/default/files/uploads/o43yku_600px.png (The elasticsearch/bin menu.)
[13]: https://opensource.com/sites/default/files/uploads/elasticsearch_security_warning_500px.jpg (The security warning dialog box.)
[14]: https://opensource.com/sites/default/files/uploads/the_general_tab_of_the_system_preferences_security_and_privacy_window.jpg (Where you can allow your computer to open the downloaded file.)
[15]: https://opensource.com/sites/default/files/uploads/confirmation_dialog_box.jpg (Security confirmation dialog box.)
[16]: https://opensource.com/sites/default/files/uploads/y5dvtu_600px.png (Launching Elasticsearch in MacOS.)
[17]: https://www.elastic.co/webinars/getting-started-elasticsearch?ultron=%5BB%5D-Elastic-US+CA-Exact&blade=adwords-s&Device=c&thor=elasticsearch&gclid=EAIaIQobChMImdbvlqOP4wIVjI-zCh3P_Q9mEAAYASABEgJuAvD_BwE
[18]: https://info.elastic.co/elasticsearch-service-gaw-v10-nav.html?ultron=%5BB%5D-Elastic-US+CA-Exact&blade=adwords-s&Device=c&thor=elasticsearch%20service&gclid=EAIaIQobChMI_MXHt-SZ4wIVJBh9Ch3wsQfPEAAYASAAEgJo9fD_BwE

106
published/20190713 ElectronMail - a Desktop Client for ProtonMail and Tutanota.md
View File

@ -1,106 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: (geekpi)
[#]: reviewer: (wxy)
[#]: publisher: (wxy)
[#]: url: (https://linux.cn/article-11128-1.html)
[#]: subject: (ElectronMail a Desktop Client for ProtonMail and Tutanota)
[#]: via: (https://itsfoss.com/electronmail/)
[#]: author: (John Paul https://itsfoss.com/author/john/)
ElectronMailProtonMail 和 Tutanota 的桌面客户端
======
互联网上的大多数人都拥有来自 Google 等大公司的电子邮件帐户,但这些帐户不尊重你的隐私。值得庆幸的是,目前有 [Tutanota][1] 和 [ProtonMail][2] 等具有隐私意识的替代品。问题是并非所有人都有桌面客户端。今天,我们将研究一个为你解决该问题的项目。我们来看看 ElectronMail 吧。
> Electron 警告!
> 以下应用是使用 Electron 构建的(也就是名为 ElectronMail 的原因之一)。如果使用 Electron 让你感到不安,请将此视为触发警告。
### ElectronMailTutanota 和 ProtonMail 的桌面客户端
![Electron Mail About][3]
[ElectronMail][4] 可以简单地视作 ProtonMail 和 Tutanota 的电子邮件客户端。它使用三大技术构建:[Electron][5]、[TypeScript][6] 和 [Angular][7]。它包括以下功能:
* 针对每个电子邮件提供商提供多帐户支持
* 加密本地存储
* 适用于 Linux、Windows、macOS 和 FreeBSD
* 原生通知系统
* 带有未读消息总数的系统托盘图标
* 用主密码保护帐户信息
* 可切换的视图布局
* 可离线访问电子邮件
* 电子邮件在本地加密存储
* 批量导出电子邮件为 EML 文件
* 全文搜索
* 内置/预打包的 Web 客户端
* 可以为每个帐户配置代理
* 拼写检查
* 支持双因素身份验证,以提高安全性
目前ElectronMail 仅支持 Tutanota 和 ProtonMail。我觉得他们将来会增加更多。根据 [GitHub 页面][4]:“多电子邮件提供商支持。目前支持 ProtonMail 和 Tutanota。”
ElectronMail 目前是 MIT 许可证。
#### 如何安装 ElectronMail
目前,有几种方法可以在 Linux 上安装 ElectronMail。对于Arch 和基于 Arch 的发行版,你可以从[Arch 用户仓库][8]安装它。ElectrionMail 还有一个 Snap 包。要安装它,只需输入 `sudo snap install electron-mail` 即可。
对于所有其他 Linux 发行版,你可以[下载][9] `.deb``.rpm` 文件。
![Electron Mail Inbox][10]
你也可以[下载][9]用于 Windows 中的 `.exe` 安装程序或用于 macOS 的 `.dmg` 文件。甚至还有给 FreeBSD 用的文件。
#### 删除 ElectronMail
如果你安装了 ElectronMail 并确定它不适合你,那么[开发者][12]建议采用几个步骤。 **在卸载应用之前,请务必遵循以下步骤。**
如果你使用了“保持登录”功能,请单击菜单上的“注销”。这将删除本地保存的主密码。卸载 ElectronMail 后也可以删除主密码,但这涉及编辑系统密钥链。
你还需要手动删除设置文件夹。在系统托盘中选择应用图标后,单击“打开设置文件夹”可以找到它。
![Electron Mail Setting][13]
### 我对 ElectronMail 的看法
我通常不使用电子邮件客户端。事实上,我主要依赖于 Web 客户端。所以,这个应用对我没太大用处。
话虽这么说,但是 ElectronMail 看着不错,而且很容易设置。它有大量开箱即用的功能,并且高级功能并不难使用。
我遇到的一个问题与搜索有关。根据功能列表ElectronMail 支持全文搜索。但是Tutanota 的免费版本仅支持有限的搜索。我想知道 ElectronMail 如何处理这个问题。
最后ElectronMail 只是一个基于 Web Email 的一个 Electron 封装。我宁愿在浏览器中打开它们,而不是将单独的系统资源用于运行 Electron。如果你只[使用 Tutanota他们有自己官方的 Electron 桌面客户端][14]。你可以尝试一下。
我最大的问题是安全性。这是两个非常安全的电子邮件应用的非官方应用。如果有办法捕获你的登录信息或阅读你的电子邮件怎么办?比我聪明的人必须通过源代码才能确定。这始终是一个安全项目的非官方应用的问题。
你有没有使用过 ElectronMail你认为是否值得安装 ElectronMail你最喜欢的邮件客户端是什么请在下面的评论中告诉我们。
如果你发现这篇文章很有趣请花一点时间在社交媒体、Hacker News 或 [Reddit][15] 上分享它。
--------------------------------------------------------------------------------
via: https://itsfoss.com/electronmail/
作者:[John Paul][a]
选题:[lujun9972][b]
译者:[geekpi](https://github.com/geekpi)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://itsfoss.com/author/john/
[b]: https://github.com/lujun9972
[1]: https://itsfoss.com/tutanota-review/
[2]: https://itsfoss.com/protonmail/
[3]: https://i0.wp.com/itsfoss.com/wp-content/uploads/2019/07/electron-mail-about.jpg?resize=800%2C500&ssl=1
[4]: https://github.com/vladimiry/ElectronMail
[5]: https://electronjs.org/
[6]: http://www.typescriptlang.org/
[7]: https://angular.io/
[8]: https://aur.archlinux.org/packages/electronmail-bin
[9]: https://github.com/vladimiry/ElectronMail/releases
[10]: https://i0.wp.com/itsfoss.com/wp-content/uploads/2019/07/electron-mail-inbox.jpg?ssl=1
[12]: https://github.com/vladimiry
[14]: https://linux.cn/article-10688-1.html
[15]: http://reddit.com/r/linuxusersgroup

79
published/20190714 Excellent- Ubuntu LTS Users Will Now Get the Latest Nvidia Driver Updates -No PPA Needed Anymore.md
View File

@ -1,79 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: (wxy)
[#]: reviewer: (wxy)
[#]: publisher: (wxy)
[#]: url: (https://linux.cn/article-11110-1.html)
[#]: subject: (Excellent! Ubuntu LTS Users Will Now Get the Latest Nvidia Driver Updates [No PPA Needed Anymore])
[#]: via: (https://itsfoss.com/ubuntu-lts-latest-nvidia-drivers/)
[#]: author: (Ankush Das https://itsfoss.com/author/ankush/)
好消息Ubuntu LTS 用户不需要 PPA 也可以获得最新的 Nvidia 驱动更新
======
> 要在 Ubuntu LTS 上获得的最新 Nvidia 驱动程序,你不必再使用 PPA 了。最新的驱动程序现在将在 Ubuntu LTS 版本的存储库中提供。
![][1]
你可能已经注意到在 Ubuntu 上安装最新和最好的 Nvidia 二进制驱动程序更新的麻烦。
默认情况下Ubuntu 提供开源的 [Nvidia Nouveau 驱动程序][2],这有时会导致 Ubuntu 卡在启动屏幕上。
你也可以轻松地[在 Ubuntu 中安装专有的 Nvidia 驱动程序][3]。问题是默认 [Ubuntu 存储库][4]中的 Nvidia 驱动程序不是最新的。为此,几年前 [Ubuntu 引入了一个专门的 PPA][5]以解决这个问题。
[使用官方 PPA][6] 仍然是安装闭源图形驱动程序的一个不错的解决方法。但是,它绝对不是最方便的选择。
但是现在Ubuntu 同意将最新的 Nvidia 驱动程序更新作为 SRU[StableReleaseUpdates][7])的一部分提供。所以,你将在使用 Ubuntu LTS 版本时也拥有 Nvidia 驱动程序了。
好吧,这意味着你不再需要在 Ubuntu LTS 版本上单独下载/安装 Nvidia 图形驱动程序。
就像你会获得浏览器或核心操作系统更新(或安全更新)的更新包一样,你将获得所需的 Nvidia 二进制驱动程序的更新包。
### 这个最新的 Nvidia 显卡驱动程序可靠吗?
SRU 字面上指的是 Ubuntu或基于 Ubuntu 的发行版)的稳定更新。因此,要获得最新的图形驱动程序,你应该等待它作为稳定更新释出,而不是选择预先发布的更新程序。
当然,没有人能保证它能在所有时间内都正常工作 —— 但安装起来比预先发布的更安全。
### 怎样获得最新的 Nvidia 驱动程序?
![Software Updates Nvidia][8]
你只需从软件更新选项中的其他驱动程序部分启用“使用 NVIDIA 驱动程序元数据包……”。
最初,[The Linux Experiment][10] 通过视频分享了这个消息 —— 然后 Ubuntu 的官方 Twitter 作为公告重新推送了它。你可以观看下面的视频以获取更多详细信息:
- [https://youtu.be/NFdeWTQIpjo](https://youtu.be/NFdeWTQIpjo)
### 支持哪些 Ubuntu LTS 版本?
目前Ubuntu 18.04 LTS 已经可用了,它也将很快在 Ubuntu 16.04 LTS 上可用(随后的 LTS 也将次第跟上)。
### 总结
现在你可以安装最新的 Nvidia 二进制驱动程序更新了,你认为这有何帮助?
如果你已经测试了预先发布的软件包,请在下面的评论中告诉我们你对此的看法。
--------------------------------------------------------------------------------
via: https://itsfoss.com/ubuntu-lts-latest-nvidia-drivers/
作者:[Ankush Das][a]
选题:[lujun9972][b]
译者:[wxy](https://github.com/wxy)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://itsfoss.com/author/ankush/
[b]: https://github.com/lujun9972
[1]: https://i0.wp.com/itsfoss.com/wp-content/uploads/2019/07/nvidia-ubuntu-logo.png?resize=800%2C450&ssl=1
[2]: https://nouveau.freedesktop.org/wiki/
[3]: https://itsfoss.com/install-additional-drivers-ubuntu/
[4]: https://itsfoss.com/ubuntu-repositories/
[5]: https://itsfoss.com/ubuntu-official-ppa-graphics/
[6]: https://itsfoss.com/ppa-guide/
[7]: https://wiki.ubuntu.com/StableReleaseUpdates
[8]: https://i1.wp.com/itsfoss.com/wp-content/uploads/2019/07/software-updates-nvidia.jpg?fit=800%2C542&ssl=1
[9]: https://itsfoss.com/ubuntu-17-04-release-features/
[10]: https://twitter.com/thelinuxEXP

72
published/20190716 Become a lifelong learner and succeed at work.md
View File

@ -1,72 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: (heguangzhi)
[#]: reviewer: (wxy)
[#]: publisher: (wxy)
[#]: url: (https://linux.cn/article-11130-1.html)
[#]: subject: (Become a lifelong learner and succeed at work)
[#]: via: (https://opensource.com/open-organization/19/7/informal-learning-adaptability)
[#]: author: (Colin Willis https://opensource.com/users/colinwillishttps://opensource.com/users/marcobravo)
成为终身学习者,并在工作中取得成功
======
> 在具有适应性文化的开放组织中,学习应该一直持续 —— 但不会总是出现在正式场合。我们真的明白它是如何工作的吗?
![Writing in a notebook][1]
持续学习是指人们为发展自己而进行的持续的、职业驱动的、有意识的学习过程。对于那些自认是持续学习者的人来说,学习从未停止 —— 这些人从日常经历中看到学习机会。与同事进行辩论、反思反馈、在互联网上寻找问题的解决方案、尝试新事物或冒险都是一个人在工作中可以进行的非正式学习活动的例子。
持续学习是开放组织中任何人的核心能力。毕竟,开放的组织是建立在同行相互思考、争论和行动的基础上的。在开放组织的模棱两可、话语驱动的世界中茁壮成长,每天都需要员工具备这些技能。
不幸的是,科学文献在传播我们在工作中学习的知识方面、帮助个人欣赏和发展自己的学习能力方面,做得很差。因此,在本文系列中,我将向你介绍非正式学习,并帮助你理解将学习视为一种技能会如何帮助你在任何组织中茁壮成长,尤其是在开放式组织中。
### 为什么这么正式?
迄今为止,对组织中学习的科学研究主要集中在正式学习而不是非正式学习的设计、交付和评估上。
投资于员工知识、技能和能力的发展是一个组织保持其相对于竞争对手优势的重要方式。组织通过创建或购买课程、在线课程、研讨会等来使学习机会正规化。这些课程旨在像个人传授与工作相关的内容,就像学校里的班级一样。对于一个组织来说,提供一门课程是一种简单(如果成本高昂的话)的方法,可以确保其员工的技能或知识保持最新。同样,教室环境是研究人员的天然实验室,使得基于培训的研究和工作不仅可能,而且强大。
当然,有些东西人们不需要培训来学习;通常,人们通过研究答案、与同事交谈、思考、实验或适应变化来学习。事实上,[最近的评估表明][2] 70% 到 80% 的与工作相关的知识不是在培训中学到的,而是在工作中非正式学到的。这并不是说正规的培训无效;培训可能非常有效,但它是一种精确的干预方式。在工作的大部分方面正式培训一个人是不现实的,尤其是当这些工作变得更加复杂的时候。
因此,非正式学习,或者任何发生在结构化学习环境之外的学习,对工作场所来说是极其重要的。事实上,[最近的科学证据][3]表明,非正式学习比正式培训更能预测工作表现。
那么,为什么机构和科学界如此关注培训呢?
### 循环过程
除了我前面提到的原因,研究非正式学习可能非常困难。与正式学习不同,非正式学习发生在非结构化环境中,高度依赖于个人,很难或不可能观察到。
直到最近,大多数关于非正式学习的研究都集中在定义非正式学习的合格特征和确定非正式学习在理论上是如何与工作经验联系在一起的。研究人员描述了一个[动态的周期性过程][4],通过这个过程,个人可以在组织中非正式地学习。
与正式学习一样,非正式学习发生在非结构化环境中,高度依赖于个人,很难或不可能观察。
在这个过程中,个人和组织都有创造学习机会的机构。例如,一个人可能对学习某样东西感兴趣,并为此表现出学习行为。组织以向个人提供反馈的形式,可能表明需要学习。这可能是一个糟糕的绩效评估、一个在项目中发表的评论、或者一个不是个人指导的组织环境的更广泛的变化。这些力量在组织环境中(例如,有人尝试了一个新想法,他或她的同事认识到并奖励了这种行为)或者通过在个人的头脑中反思(例如,有人反思了关于他或她的表现的,并决定在学习工作中付出更多的努力)。与培训不同,非正式学习不遵循正式的线性过程。个人可以随时体验过程的任何部分,同时体验过程的多个部分。
### 开放组织中的非正式学习
具体而言,在开放组织中,既减少了对等级制度的重视程度,又更加注重对参与式文化的重视程度,这两者都推动了这种非正式的学习。简而言之,开放式组织只是为个人和组织环境提供了更多互动和激发学习的机会。此外,想法和变革需要开放式组织中员工给予更广泛的认同 —— 而认同需要对他人的适应性和洞察力的欣赏。
也就是说,仅仅增加学习机会并不能保证学习会发生或成功。有人甚至可能会说,开放式组织中常见的模糊性和公开性话语可能会阻止不擅长持续学习的人——同样,随着时间的推移学习的习惯和开放式组织的核心能力——尽可能有效地为组织做出贡献。
解决这些问题需要一种以一致的方式跟踪非正式学习。最近,科学界呼吁创造衡量非正式学习的方法,这样就可以进行系统的研究来解决非正式学习的前因后果的问题。我自己的研究集中在这一呼吁上,我花了几年时间发展和完善我们对非正式学习行为的理解,以便可以衡量它们。
在本文系列的第二部分,我将重点介绍我最近在一个开放式组织中进行的一项研究的成果,在该研究中,我测试了我对非正式学习行为的研究,并将它们与更广泛的工作环境和个人工作成果联系起来。
--------------------------------------------------------------------------------
via: https://opensource.com/open-organization/19/7/informal-learning-adaptability
作者:[Colin Willis][a]
选题:[lujun9972][b]
译者:[heguangzhi](https://github.com/heguangzhi)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/colinwillishttps://opensource.com/users/marcobravo
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/notebook-writing-pen.jpg?itok=uA3dCfu_ (Writing in a notebook)
[2]: https://www.groupoe.com/images/Accelerating_On-the-Job-Learning_-_White_Paper.pdf
[3]: https://www.researchgate.net/publication/316490244_Antecedents_and_Outcomes_of_Informal_Learning_Behaviors_a_Meta-Analysis
[4]: https://psycnet.apa.org/record/2008-13469-009

128
published/20190716 Save and load Python data with JSON.md
View File

@ -1,128 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: (HankChow)
[#]: reviewer: (wxy)
[#]: publisher: (wxy)
[#]: url: (https://linux.cn/article-11133-1.html)
[#]: subject: (Save and load Python data with JSON)
[#]: via: (https://opensource.com/article/19/7/save-and-load-data-python-json)
[#]: author: (Seth Kenlon https://opensource.com/users/seth)
使用 Python 处理 JSON 格式的数据
======
> 如果你不希望从头开始创造一种数据格式来存放数据JSON 是一个很好的选择。如果你对 Python 有所了解,就更加事半功倍了。下面就来介绍一下如何使用 Python 处理 JSON 数据。
![Cloud and databsae incons][1]
[JSON][2] 的全称是 <ruby>JavaScript 对象表示法<rt>JavaScript Object Notation</rt></ruby>。这是一种以键值对的形式存储数据的格式,并且很容易解析,因而成为了一种被广泛使用的数据格式。另外,不要因为 JSON 名称而望文生义JSON 并不仅仅在 JavaScript 中使用,它也可以在其它语言中使用。下文会介绍它是如何在 Python 中使用的。
首先我们给出一个 JSON 示例:
```
{
"name":"tux",
"health":"23",
"level":"4"
}
```
上面是一个和编程语言无关的原生 JSON 数据。熟悉 Python 的人会看出来这个 JSON 数据跟 Python 中的<ruby>字典<rt>dictionary</rt></ruby>长得很像。而这两者之间确实非常相似,如果你对 Python 中的列表和字典数据结构有一定的理解,那么 JSON 理解起来也不难。
### 使用字典存放数据
如果你的应用需要存储一些结构复杂的数据,不妨考虑使用 JSON 格式。对比你可能曾经用过的自定义格式的文本配置文件JSON 提供了更加结构化的可递归的存储格式。同时Python 自带的 `json` 模块已经提供了可以将 JSON 数据导入/导出应用时所需的所有解析库。因此,你不需要针对 JSON 自行编写代码进行解析而其他开发人员在与你的应用进行数据交互的时候也不需要去解析新的数据格式。正是这个原因JSON 在数据交换时被广泛地采用了。
以下是一段在 Python 中使用嵌套字典的代码:
```
#!/usr/bin/env python3
import json
# instantiate an empty dict
team = {}
# add a team member
team['tux'] = {'health': 23, 'level': 4}
team['beastie'] = {'health': 13, 'level': 6}
team['konqi'] = {'health': 18, 'level': 7}
```
这段代码声明了一个名为 `team` 的字典,并初始化为一个空字典。
如果要给这个字典添加内容,首先需要创建一个键,例如上面示例中的 `tux`、`beastie`、`konqi`,然后为这些键一一提供对应的值。上面示例中的值由一个个包含游戏玩家信息的字典充当。
字典是一种可变的变量。字典中的数据可以随时添加、删除或更新。这样的特性使得字典成为了应用程序存储数据的极好选择。
### 使用 JSON 格式存储数据
如果存放在字典中的数据需要持久存储,这些数据就需要写到文件当中。这个时候就需要用到 Python 中的 `json` 模块了:
```
with open('mydata.json', 'w') as f:
json.dump(team, f)
```
上面的代码首先创建了一个名为 `mydata.json` 的文件,然后以写模式打开了这个文件,这个被打开的文件以变量 `f` 表示(当然也可以用任何你喜欢的名称,例如 `file`、`output` 等)。而 `json` 模块中的 `dump()` 方法则是用于将一个字典输出到一个文件中。
从应用中导出数据就是这么简单,同时这些导出的数据是结构化的、可理解的。现在可以查看导出的数据:
```
$ cat mydata.json
{"tux": {"health": 23, "level": 4}, "beastie": {"health": 13, "level": 6}, "konqi": {"health": 18, "level": 7}}
```
### 从 JSON 文件中读取数据
如果已经将数据以 JSON 格式导出到文件中了,也有可能需要将这些数据读回到应用中去。这个时候,可以使用 Python `json` 模块中的 `load()` 方法:
```
#!/usr/bin/env python3
import json
f = open('mydata.json')
team = json.load(f)
print(team['tux'])
print(team['tux']['health'])
print(team['tux']['level'])
print(team['beastie'])
print(team['beastie']['health'])
print(team['beastie']['level'])
# when finished, close the file
f.close()
```
这个方法实现了和保存文件大致相反的操作。使用一个变量 `f` 来表示打开了的文件,然后使用 `json` 模块中的 `load()` 方法读取文件中的数据并存放到 `team` 变量中。
其中的 `print()` 展示了如何查看读取到的数据。在过于复杂的字典中迭代调用字典键的时候有可能会稍微转不过弯来,但只要熟悉整个数据的结构,就可以慢慢摸索出其中的逻辑。
当然,这里使用 `print()` 的方式太不灵活了。你可以将其改写成使用 `for` 循环的形式:
```
for i in team.values():
print(i)
```
### 使用 JSON
如上所述,在 Python 中可以很轻松地处理 JSON 数据。因此只要你的数据符合 JSON 的模式,就可以选择使用 JSON。JSON 非常灵活易用,下次使用 Python 的时候不妨尝试一下。
--------------------------------------------------------------------------------
via: https://opensource.com/article/19/7/save-and-load-data-python-json
作者:[Seth Kenlon][a]
选题:[lujun9972][b]
译者:[HankChow](https://github.com/HankChow)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/seth
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/bus_cloud_database.png?itok=lhhU42fg (Cloud and databsae incons)
[2]: https://json.org

113
published/20190717 How to install Kibana on MacOS.md
View File

@ -1,113 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: (wxy)
[#]: reviewer: (wxy)
[#]: publisher: (wxy)
[#]: url: (https://linux.cn/article-11135-1.html)
[#]: subject: (How to install Kibana on MacOS)
[#]: via: (https://opensource.com/article/19/7/installing-kibana-macos)
[#]: author: (Lauren Maffeo https://opensource.com/users/lmaffeo)
如何在 MacOS 上安装 Kibana
======
> Elasticsearch 当安装好了之后Kibana 插件可以为这个功能强大的搜索工具添加可视化功能。
![](https://img.linux.net.cn/data/attachment/album/201907/22/204048vl8t88y6q8988229.jpg)
在我之前的文章中,我向 Mac 用户介绍了[安装 Elasticsearch][2] 的步骤,这是世界上最受欢迎的企业级搜索引擎。(这里有一篇针对 Linux 用户的[单独文章][3]。)其自然语言处理能力使得 Elasticsearch 在数据集中查找细节方面表现出色。一旦你发现了你需要的数据,如果你已经安装了 [Kibana][4],你可以将它提升到一个新的水平。
Kibana 是 Elasticsearch 的开源的数据可视化插件。当你在 Elasticsearch 中找到了数据Kibana 就会帮助你将其放入折线图、[时间序列查询][5]、地理空间地图等。该工具非常适合于必须展示其研究成果的数据科学家,尤其是那些使用开源数据的人。
### 安装 Kibana
你需要在 Elasticsearch 之外单独安装 Kibana。因为我安装了 Elasticsearch 7.1.1,所以我将安装 Kibana 1.1。版本的匹配非常重要Kibana 需要针对相同版本的 Elasticsearch 节点运行。 Kibana 运行在 node.js 上。)
以下是我为 MacOS 安装 Kibana 7.1.1 时所遵循的步骤:
1、确保 Elasticsearch 已下载并运行。如果需要,请参阅上一篇文章。
**注意**:你至少需要先安装 Elasticsearch 1.4.4 或更高版本才能使用 Kibana。这是因为你需要向 Kibana 提供要连接的 Elasticsearch 实例的 URL 以及你要搜索的 Elasticsearch 索引。通常,最好安装两者的最新版本。
2、单击[此处][6]下载 Kibana。你将看到如下的网页它会提示你在**下载**部分的右上角下载 Kibana for Mac
![Download Kibana here.][7]
3、在你的 `Downloads` 文件夹中,打开 .tar 文件以展开它。此操作将创建一个具有相同名称的文件夹(例如,`kibana-7.1.1-darwin-x86_64`)。
4、如果你希望 Kibana 放在另一个文件夹中,请立即移动它。
仔细检查 Elasticsearch 是否正在运行,如果没有,请在继续之前启动它。(如果你需要说明,请参阅上一篇文章。)
### 打开 Kibana 插件
Elasticsearch 运行起来后,你现在可以启动 Kibana 了。该过程类似于启动 Elasticsearch
1、从 Mac 的 `Downloads` 文件夹(或 Kibana 移动到的新文件夹)里,打开 Kibana 文件夹(即 `~Downloads/kibana-7.1.1-darwin-x86_64`)。
2、打开 `bin` 子文件夹。
![The Kibana bin folder.][8]
3、运行 `kibana-plugin`。你可能会遇到上一篇文章中出现的相同安全警告:
  
![Security warning][9]
通常,如果收到此警告,请按照那篇文章中的说明清除警告并打开 Kibana。请注意如果我在终端中没有运行 Elasticsearch 的情况下打开该插件,我会收到相同的安全警告。要解决此问题,如上一篇文章中所述,打开 Elasticsearch 并在终端中运行它。使用 GUI 启动 Elasticsearch 也应该打开终端。
然后,我右键单击 `kibana-plugin` 并选择“打开”。这个解决方案对我有用,但你可能需要尝试几次。 我的 Elasticsearch 聚会中的几个人在他们的设备上打开 Kibana 时遇到了一些麻烦。
### 更改 Kibana 的主机和端口号
Kibana 的默认设置将其配置为在 `localhost:5601` 上运行。你需要更新文件(在这个例子的情况下)`~Downloads/kibana-7.1.1-darwin-x86_64/config/kibana.yml` 以在运行 Kibana 之前更改主机或端口号。
![The Kibana config directory.][10]
以下是我的 Elasticsearch 聚会组里配置 Kibana 时终端的样子,因此默认为 `http://localhost:9200`,这是查询 Elasticsearch 实例时使用的 URL
![Configuring Kibana's host and port connections.][11]
### 从命令行运行 Kibana
打开插件后,可以从命令行或 GUI 运行 Kibana。这是终端连接到 Elasticsearch 后的样子:
![Kibana running once it's connected to Elasticsearch.][12]
与 Elasticsearch 一样Kibana 默认在前台运行。你可以按 `Ctrl-C` 来停止它。
### 总结
Elasticsearch 和 Kibana 是占用大量存储空间的大型软件包。有这么多人一次下载这两个软件包当我的Elasticsearch 会员和我下载它们两个时,我平均要下载几分钟。这可能是由于 WiFi 不佳和/或用户数量太多,但如果发生同样的事情,请记住这种可能性。
之后,由于我的笔记本电脑存储空间不足,我无法上传我们正在使用的 JSON 文件。我能够按照讲师的可视化进行操作,但无法实时使用 Kibana。因此在下载 Elasticsearch 和 Kibana 之前,请确保设备上有足够的空间(至少几千兆字节)来上传和使用这些工具搜索文件。
要了解有关 Kibana 的更多信息,他们的用户指南[简介][13]是理想的。(你可以根据你正在使用的 Kibana 版本配置该指南。)他们的演示还向你展示了如何[在几分钟内构建仪表板][14],然后进行首次部署。
玩得开心!
--------------------------------------------------------------------------------
via: https://opensource.com/article/19/7/installing-kibana-macos
作者:[Lauren Maffeo][a]
选题:[lujun9972][b]
译者:[wxy](https://github.com/wxy)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/lmaffeo
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/analytics-graphs-charts.png?itok=sersoqbV (Analytics: Charts and Graphs)
[2]: https://linux.cn/article-11125-1.html
[3]: https://opensource.com/article/19/7/installing-elasticsearch-and-kibana-linux
[4]: https://www.elastic.co/products/kibana
[5]: https://en.wikipedia.org/wiki/Time_series
[6]: https://www.elastic.co/downloads/kibana
[7]: https://opensource.com/sites/default/files/uploads/download_kibana.png (Download Kibana here.)
[8]: https://opensource.com/sites/default/files/uploads/kibana_bin_folder.png (The Kibana bin folder.)
[9]: https://opensource.com/sites/default/files/uploads/security_warning.png (Security warning)
[10]: https://opensource.com/sites/default/files/uploads/kibana_config_directory.png (The Kibana config directory.)
[11]: https://opensource.com/sites/default/files/uploads/kibana_host_port_config.png (Configuring Kibana's host and port connections.)
[12]: https://opensource.com/sites/default/files/uploads/kibana_running.png (Kibana running once it's connected to Elasticsearch.)
[13]: https://www.elastic.co/guide/en/kibana/7.2/introduction.html
[14]: https://www.elastic.co/webinars/getting-started-kibana?baymax=rtp&elektra=docs&storm=top-video&iesrc=ctr

98
published/20190718 Epic Games Backs Blender Foundation with -1.2m Epic MegaGrants.md
View File

@ -1,98 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: (wxy)
[#]: reviewer: (wxy)
[#]: publisher: (wxy)
[#]: url: (https://linux.cn/article-11121-1.html)
[#]: subject: (Epic Games Backs Blender Foundation with $1.2m Epic MegaGrants)
[#]: via: (https://itsfoss.com/epic-games-blender-grant/)
[#]: author: (Ankush Das https://itsfoss.com/author/ankush/)
Epic Games 给予 Blender 基金会 120 万美元的拨款支持
======
[Epic MegaGrants][1] 是 [Epic Games][2] 的一个计划,用于支持游戏开发人员、企业专业人士、内容创建者和工具开发人员使用<ruby>虚幻引擎<rt>Unreal Engine</rt></ruby>UE做出神奇的作品或增强 3D 图形社区的开源功能。
作为该计划的一部分Epic Games 给予 [Blender 基金会][3] 120 万美元拨款以帮助改善他们的发展。如果你还不知道Blender 是[最好的开源视频编辑][4]之一,特别是以创建专业的 3D 计算机图形而闻名。
**Tim Sweeney**Epic Games 的创始人兼首席执行官)这样评论这笔授予:
> “开放式工具、库和平台对数字内容生态系统的未来至关重要。……Blender 是艺术社区持久的资源,我们的目标是确保其进步,造福所有创作者。”
即使这是个好消息,也有人对此不满意。在本文中,我们将看一下得到该拨款后的 Blender 基金会的计划,以及人们对此的看法。
### Blender 基金会的改进计划
![Image Credit : BlenderNation][5]
在[新闻稿][6]当中Blender 基金会提到了如何利用这笔资金以及用于何种目的:
> “Epic MegaGrant 将在未来三年内逐步交付,并将为 Blender 的<ruby>专业 Blender 发展计划<rt>Professionalizing Blender Development Initiative</rt></ruby>做出贡献。”
所以,没错,这笔财务帮助将以现金提供 —— 但是,它要在 3 年内完成。也就是说,我们要期待 Blender 基金会及其软件质量得到重大改进还有很长时间。
这是 **Ton Roosendaal**Blender 基金会的创始人)需要说明的它将如何被利用:
> “Epic Games 的支持对 Blender 是一个重要里程碑”Blender 基金会的创始人兼董事长 Ton Roosendaal 说道。“由于这项拨款,我们将对我们的项目组织进行大量投入,以改善支持、协作和代码质量实践。因此,我们期望更多来自该行业的贡献者加入我们的项目。”
### 为什么人们对此不是很喜欢?
让我澄清一下,就我个人而言,我不喜欢用 Epic Game 的市场或客户端玩游戏。
由于各种原因(功能、隐私等),我更喜欢 [Steam][7] 而不是 Epic Games。
Epic Games 被称为游戏社区中的坏人,因为它最近几款游戏专属于其平台 —— 尽管很多人警告用户该平台上的隐私问题。
不仅如此Epic Games 的首席执行官在过去发过这样的推特:
> 安装 Linux 相当于人们不喜欢美国的政治趋势时就搬到加拿大。
>
> 不,我们必须为今天的自由而战,如今我们拥有自由。
>
> - Tim Sweeney@TimSweeneyEpic[2018年2月15日][8]
嗯,这并不直接暗示他讨厌 Linux 或者没有积极推动 Linux 的游戏开发 —— 但是只是因为很多历史情况,人们并不真正信任 Epic Games 的决策。所以,他们并不欣赏与 Blender 基金会的联系(即使这个财务帮助是积极的)。
这与财务帮助无关。但是Epic Games 缺乏良好的声誉(当然是主观的),因此,人们对此的看法是消极的。看看拨款公告后的一些推文:
> 希望不要走向排它……这可能会破坏你的声誉。
>
> - Ray@ Epicshadow1994[2019年7月15日][9]
> 我对将来会变成什么样感到怀疑。EPIC 最近一直在采取敌对战术。
>
> - acrid Heartwood@acrid_heartwood[2019年7月15日][10]
### 总而言之
你仍然可以[通过 Lutris 在 Linux 上运行 Epic Games][11]但这是很单薄的非官方尝试。Epic Games 没有表示有兴趣正式支持该项目。
所以,很明显不是每个人都信任 Epic Games。因此这个消息带来了各种消极反应。
但是,这笔拨款肯定会帮助 Blender 基金会改善其组织和软件质量。
你怎么看待这件事?请在下面的评论中告诉我们您的想法。
--------------------------------------------------------------------------------
via: https://itsfoss.com/epic-games-blender-grant/
作者:[Ankush Das][a]
选题:[lujun9972][b]
译者:[wxy](https://github.com/wxy)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://itsfoss.com/author/ankush/
[b]: https://github.com/lujun9972
[1]: https://www.unrealengine.com/en-US/megagrants
[2]: https://www.epicgames.com/store/en-US/
[3]: https://www.blender.org/
[4]: https://itsfoss.com/open-source-video-editors/
[5]: https://i1.wp.com/itsfoss.com/wp-content/uploads/2019/07/epic-games-blender-megagrant.jpg?resize=800%2C450&ssl=1
[6]: https://www.blender.org/press/epic-games-supports-blender-foundation-with-1-2-million-epic-megagrant/
[7]: https://itsfoss.com/install-steam-ubuntu-linux/
[8]: https://twitter.com/TimSweeneyEpic/status/964284402741149698?ref_src=twsrc%5Etfw
[9]: https://twitter.com/Epicshadow1994/status/1150787326626263042?ref_src=twsrc%5Etfw
[10]: https://twitter.com/acrid_heartwood/status/1150789691979030528?ref_src=twsrc%5Etfw
[11]: https://linux.cn/article-10968-1.html

81
sources/news/20190714 Excellent- Ubuntu LTS Users Will Now Get the Latest Nvidia Driver Updates -No PPA Needed Anymore.md Normal file
View File

@ -0,0 +1,81 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Excellent! Ubuntu LTS Users Will Now Get the Latest Nvidia Driver Updates [No PPA Needed Anymore])
[#]: via: (https://itsfoss.com/ubuntu-lts-latest-nvidia-drivers/)
[#]: author: (Ankush Das https://itsfoss.com/author/ankush/)
Excellent! Ubuntu LTS Users Will Now Get the Latest Nvidia Driver Updates [No PPA Needed Anymore]
======
_**Brief: To get the latest Nvidia drivers in Ubuntu LTS versions, you dont have to use PPA anymore. The latest drivers will now be available in the repositories of the Ubuntu LTS versions.**_
![][1]
You might be aware of the troubles to install the latest and greatest Nvidia binary driver updates on Ubuntu.
By default, Ubuntu provides the open source [Nvidia Nouveau drivers][2] that some time result in Ubuntu being stuck at boot screen.
You can also [install the proprietary Nvidia driver in Ubuntu][3] easily. The problem is that the Nvidia drivers in the default [Ubuntu repositories][4] are not the latest one. To solve this problem, [Ubuntu introduced a dedicated PPA][5] a few years back.
[Using the official PPA][6] is still a decent workaround for installing the closed source graphics driver. However, it is definitely not the most convenient option.
But, now, Ubuntu agreed to include the latest Nvidia driver update as part of the SRU ([StableReleaseUpdates][7]). So, you will have Nvidia drivers baked in with Ubuntu LTS versions.
Well, this means that you no longer have to separately download/install the Nvidia graphics drivers on Ubuntu LTS versions.
Just like you get an update for your browser or the core OS updates (or the security updates), similarly, you will get the required Nvidia binary driver update packages.
### Can We Rely on the Latest Nvidia Graphics Driver?
SRU literally refers to stable updates for Ubuntu (or Ubuntu-based distros). So, instead of opting for the pre-released updates in order to get the latest graphics driver, you should wait for it to drop as a stable update.
Of course, no one can guarantee that it will work 100% of the time but it will be way more safe to install than the pre-released ones.
### How Can I Get the latest Nvidia drivers?
![Software Updates Nvidia][8]
You just have to enable “Using NVIDIA driver meta package….” from the additional drivers section in the software update option.
[][9]
Suggested read  Ubuntu 17.04 Release Date, Features And Upgrade Procedure
Originally, [The Linux Experiment][10] shared this news through a video which then Ubuntus official Twitter handle re-tweeted as an announcement. You can watch the video below to get more details on it:
### Which Ubuntu LTS Versions are Supported?
For now, Ubuntu 18.04 LTS supports this out of the box. It will soon be available for Ubuntu 16.04 LTS (and later LTS versions will follow).
**Wrapping Up**
Now that you can install the latest Nvidia binary driver updates, how do you think will it help you?
If you have tested a pre-released package, let us know your thoughts on that in the comments below.
--------------------------------------------------------------------------------
via: https://itsfoss.com/ubuntu-lts-latest-nvidia-drivers/
作者:[Ankush Das][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://itsfoss.com/author/ankush/
[b]: https://github.com/lujun9972
[1]: https://i0.wp.com/itsfoss.com/wp-content/uploads/2019/07/nvidia-ubuntu-logo.png?resize=800%2C450&ssl=1
[2]: https://nouveau.freedesktop.org/wiki/
[3]: https://itsfoss.com/install-additional-drivers-ubuntu/
[4]: https://itsfoss.com/ubuntu-repositories/
[5]: https://itsfoss.com/ubuntu-official-ppa-graphics/
[6]: https://itsfoss.com/ppa-guide/
[7]: https://wiki.ubuntu.com/StableReleaseUpdates
[8]: https://i1.wp.com/itsfoss.com/wp-content/uploads/2019/07/software-updates-nvidia.jpg?fit=800%2C542&ssl=1
[9]: https://itsfoss.com/ubuntu-17-04-release-features/
[10]: https://twitter.com/thelinuxEXP

53
sources/talk/20190617 Use ImageGlass to quickly view JPG images as a slideshow.md Normal file
View File

@ -0,0 +1,53 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Use ImageGlass to quickly view JPG images as a slideshow)
[#]: via: (https://opensource.com/article/19/6/use-imageglass-view-jpg-images-slideshow-windows-10)
[#]: author: (Jeff Macharyas https://opensource.com/users/jeffmacharyas)
Use ImageGlass to quickly view JPG images as a slideshow
======
Want to view images from a folder one-by-one in a slideshow on Windows
10? Open source to the rescue.
![Looking back with binoculars][1]
Welcome to todays episode of "How Can I Make This Work?" In my case, I was trying to view a folder of JPG images as a slideshow on Windows 10. As often happens, I turned to open source to solve the issue.
On a Mac, viewing a folder of JPG images as a slideshow is a simple matter of selecting all the images in a folder ( **Command-A** ), and then pressing **Option-Command-Y**. From there, you can advance the images with the arrow key. Of course, you can do a similar thing on Windows by selecting the first image, then clicking on the window frame's yellow **Manage** bar, then selecting **Slide Show**. There, you can control the speed, but only to a point: slow, medium, and fast.
I wanted to advance the images in Windows the same way I do it on a Mac. Naturally, I fired up the Googler and searched for a solution. There, I found the [ImageGlass][2] open source app, [licensed GPL 3.0][3], and it did the trick perfectly. Here's what it looks like:
![Viewing an image in ImageGlass.][4]
### About ImageGlass
ImageGlass was developed by Dương Diệu Pháp, a Vietnamese developer who works on the front end for Chainstack, according to his website. He collaborates with US-based [Kevin Routley][5], who "develops new features for ImageGlass." The source code is available on [GitHub][6].
ImageGlass supports most common image formats, including JPG, GIF, PNG, WEBP, SVG, and RAW. Users can customize this extension list easily.
My specific problem was needing to find an image for a catalog cover. Unfortunately, it was in a folder containing dozens of photos. Navigating through the slideshow in ImageGlass, stopping on the image I wanted, and downloading it into my project folder turned out to be easy. Open source to the rescue yet again, and the app took only seconds to download and use.
ImageGlass was featured as a Picasa alternative in Jason Bakers article [9 open source alternatives to][7] [Picasa][7] from March 10, 2016. There are some other interesting image-related open source tools in there as well if you are in need.
--------------------------------------------------------------------------------
via: https://opensource.com/article/19/6/use-imageglass-view-jpg-images-slideshow-windows-10
作者:[Jeff Macharyas][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/jeffmacharyas
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/look-binoculars-sight-see-review.png?itok=NOw2cm39 (Looking back with binoculars)
[2]: https://imageglass.org/
[3]: https://github.com/d2phap/ImageGlass/blob/master/LICENSE
[4]: https://opensource.com/sites/default/files/uploads/imageglass-screenshot.png (Viewing an image in ImageGlass.)
[5]: https://github.com/fire-eggs
[6]: https://github.com/d2phap/ImageGlass
[7]: https://opensource.com/alternatives/picasa

17
sources/talk/20190705 Lessons in Vendor Lock-in- Google and Huawei.md
View File

@ -1,11 +1,11 @@
[#]: collector: "lujun9972"
[#]: translator: "acyanbird "
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
[#]: subject: "Lessons in Vendor Lock-in: Google and Huawei"
[#]: via: "https://www.linuxjournal.com/content/lessons-vendor-lock-google-and-huawei"
[#]: author: "Kyle Rankin https://www.linuxjournal.com/users/kyle-rankin"
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Lessons in Vendor Lock-in: Google and Huawei)
[#]: via: (https://www.linuxjournal.com/content/lessons-vendor-lock-google-and-huawei)
[#]: author: (Kyle Rankin https://www.linuxjournal.com/users/kyle-rankin)
Lessons in Vendor Lock-in: Google and Huawei
======
@ -43,6 +43,7 @@ What's more, the Google Apps suite isn't just a convenient way to load Gmail or
Without access to these OS updates, Huawei now will have to decide whether to create its own LineageOS-style Android fork or a whole new phone OS of its own. In either case, it will have to abandon the Google Play Store ecosystem and use F-Droid-style app repositories, or if it goes 100% alone, it will need to create a completely new app ecosystem. If its engineers planned for this situation, then they likely are working on this plan right now; otherwise, they are all presumably scrambling to address an event that "should never happen". Here's hoping that if you find yourself in a similar case of vendor lock-in with an overseas company that's too big to fail, you never get caught in the middle of a trade war.
--------------------------------------------------------------------------------
via: https://www.linuxjournal.com/content/lessons-vendor-lock-google-and-huawei

73
sources/talk/20190716 Server hardware makers shift production out of China.md
View File

@ -1,73 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Server hardware makers shift production out of China)
[#]: via: (https://www.networkworld.com/article/3409784/server-hardware-makers-shift-production-out-of-china.html)
[#]: author: (Andy Patrizio https://www.networkworld.com/author/Andy-Patrizio/)
Server hardware makers shift production out of China
======
Tariffs on Chinese products and unstable U.S./China relations cause server makers to speed up their move out of China.
![Etereuti \(CC0\)][1]
The supply chain of vendors that build servers and network communication devices is accelerating its shift of production out of China to Taiwan and North America, along with other nations not subject to the trade war between the U.S. and China.
Last May, the Trump Administration levied tariffs on a number of imported Chinese goods, computer components among them. The tariffs ranged from 10-25%. Consumers were hit hardest, since they are more price sensitive than IT buyers. PC World said the [average laptop price could rise by $120][2] just for the tariffs.
But since the tariff was based on the value of the product, that means server hardware prices could skyrocket, since servers cost much more than PCs.
**[ Read also: [HPEs CEO lays out his technology vision][3] ]**
### Companies that are moving production out of China
The Taiwanese tech publication DigiTimes reported (article now locked behind a paywall) that Mitac Computing Technology, a server ODM, reactivated an old production line at Hsinchu Science Park (HSP) in Taiwan at the end of 2018 and restarted another for motherboard SMT process in March 2019. The company plans to establish one more SMT production line prior to the end of 2019.
It went on to say Mitac plans to produce all of its high-end U.S.-bound servers in Taiwan and is looking to move 30% of its overall server production lines back to Taiwan in the next three years.
Wiwynn, a cloud computing server subsidiary of Wistron, is primarily assembling its U.S.-bound servers in Mexico and has also recently established a production site in southern Taiwan per clients' requests.
Taiwan-based server chassis and assembly player AIC recently expanded the number of its factories in Taiwan to four and has been aggressively forming cooperation with its partners to expand its capacity. Many Taiwan-based component suppliers are also expanding their capacity in Taiwan.
**[ [Get certified as an Apple Technical Coordinator with this seven-part online course from PluralSight.][4] ]**
Several ODMs, such as Inventec, Wiwynn, Wistron, and Foxconn, all have plants in Mexico, while Quanta Computer has production lines in the U.S. Wiwynn also plans to open manufacturing facilities in eastern U.S.
“This is not something that just happened overnight, its a process that started a few years ago. The tariffs just accelerated the desire of ODMs to do it,” said Ashish Nadkarni, group vice president for infrastructure systems, platforms and technologies at IDC. “Since [President] Trump has come into office there has been saber rattling about China and a trade war. There has also been a focus on margins.”
He added that component makers are definitely moving out of China to other parts of Asia, like Korea, the Philippines, and Vietnam.
### HPE, Dell and Lenovo should remain unaffected
The big three branded server makers are all largely immunized against the tariffs. HP Enterprise, Dell, and Lenovo all have U.S.-based assemblies and their contract manufacturers are in Taiwan, said Nadkarni. So, their costs should remain unaffected by tariffs.
The tariffs are not affecting sales as much as revenue for hyperscale whitebox vendors is being stressed. Hyperscale companies such as Amazon Web Services (AWS), Microsoft, Google, etc. have contracts with vendors such as Inspur and Super Micro, and if prices fluctuate, thats not their problem. The hardware vendor is expected to deliver at the agreed cost.
So margins, already paper thin, cant be passed on to the customer, unlike the aforementioned laptop example.
“Its not the end customers who are affected by it, its the vendors who are affected by it. Certain things they can pass on, like component prices. But if the build value goes up, thats not the customers problem, thats the vendors problem,” said Nadkarni.
So while it may cost you more to buy a laptop as this trade fracas goes on, it shouldnt cost more to buy a server.
Join the Network World communities on [Facebook][5] and [LinkedIn][6] to comment on topics that are top of mind.
--------------------------------------------------------------------------------
via: https://www.networkworld.com/article/3409784/server-hardware-makers-shift-production-out-of-china.html
作者:[Andy Patrizio][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.networkworld.com/author/Andy-Patrizio/
[b]: https://github.com/lujun9972
[1]: https://images.idgesg.net/images/article/2018/07/asia_china_flag_grunge-stars_pixabay_etereuti-100763424-large.jpg
[2]: https://www.pcworld.com/article/3403405/trump-tariffs-on-chinese-goods-could-cost-you-120-more-for-notebook-pcs-say-dell-hp-and-cta.html
[3]: https://www.networkworld.com/article/3394879/hpe-s-ceo-lays-out-his-technology-vision.html
[4]: https://pluralsight.pxf.io/c/321564/424552/7490?u=https%3A%2F%2Fwww.pluralsight.com%2Fpaths%2Fapple-certified-technical-trainer-10-11
[5]: https://www.facebook.com/NetworkWorld/
[6]: https://www.linkedin.com/company/network-world

107
sources/talk/20190717 How edge computing is driving a new era of CDN.md
View File

@ -1,107 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (How edge computing is driving a new era of CDN)
[#]: via: (https://www.networkworld.com/article/3409027/how-edge-computing-is-driving-a-new-era-of-cdn.html)
[#]: author: (Matt Conran https://www.networkworld.com/author/Matt-Conran/)
How edge computing is driving a new era of CDN
======
A CDN is an edge application and an edge application is a superset of what your CDN is doing.
![geralt \(CC0\)][1]
We are living in a hyperconnected world where anything can now be pushed to the cloud. The idea of having content located in one place, which could be useful from the managements perspective, is now redundant. Today, the users and data are omnipresent.
The customers expectations have up-surged because of this evolution. There is now an increased expectation of high-quality service and a decrease in customers patience. In the past, one could patiently wait 10 hours to download the content. But this is certainly not the scenario at the present time. Nowadays we have high expectations and high-performance requirements but on the other hand, there are concerns as well. The internet is a weird place, with unpredictable asymmetric patterns, buffer bloat and a list of other [performance-related problems][2] that I wrote about on Network Insight. _[Disclaimer: the author is employed by Network Insight.]_
Also, the internet is growing at an accelerated rate. By the year 2020, the internet is expected to reach 1.5 Gigabyte of traffic per day per person. In the coming times, the world of the Internet of Things (IoT) driven by objects will far supersede these data figures as well. For example, a connected airplane will generate around 5 Terabytes of data per day. This spiraling level of volume requires a new approach to data management and forces us to re-think how we delivery applications.
[RELATED: How Notre Dame is going all in with Amazons cloud][3]
Why? Because all this information cannot be processed by a single cloud or an on-premise location. Latency will always be a problem. For example, in virtual reality (VR) anything over 7 milliseconds will cause motion sickness. When decisions are required to be taken in real-time, you cannot send data to the cloud. You can, however, make use of edge computing and a multi-CDN design.
### Introducing edge computing and multi-CDN
The rate of cloud adoption, all-things-video, IoT and edge computing are bringing life back to CDNs and multi-CDN designs. Typically, a multi-CDN is an implementation pattern that includes more than one CDN vendor. The traffic direction is performed by using different metrics, whereby traffic can either be load balanced or failed across the different vendors.
Edge computing moves actions as close as possible to the source. It is the point where the physical world interacts with the digital world. Logically, the decentralized approach of edge computing will not take over the centralized approach. They will be complementary to each other, so that the application can run at its peak level, depending on its position in the network.
For example, in IoT, saving battery life is crucial. Lets assume an IoT device can conduct the transaction in 10ms round trip time (RTT), instead of 100ms RTT. As a result, it can use 10 times less battery.
### The internet, a performance bottleneck
The internet is designed on the principle that everyone can talk to everyone, thereby providing universal connectivity whether required or not. There has been a number of design changes with network address translation (NAT) being the biggest. However, essentially the role of the internet has remained the same in terms of connectivity, regardless of location.
With this type of connectivity model, distance is an important determinant for the applications performance. Users on the other side of the planet will suffer regardless of buffer sizes or other device optimizations. Long RTT is experienced as packets go back and forth before the actual data transmission. Although caching and traffic redirection is being used but limited success has been achieved so far.
### The principles of application delivery
When transmission control protocol (TCP) starts, it thinks it is back in the late 1970s. It assumes that all services are on a local area network (LAN) and there is no packet loss. It then starts to work backward from there. Back when it was designed, we didn't have real-time traffic, such as voice and video that is latency and jitter sensitive.
Ideally, TCP was designed for the ease of use and reliability, not to boost the performance. You actually need to optimize the TCP stack. And this is why CDNs are very good at performing such tasks. For example, if a connection is received from a mobile phone, a CDN will start with the assumption that there is going to be high jitter and packet loss. This allows them to size the TCP window correctly that accurately match network conditions.
How do you magnify the performance, what options do you have? In a generic sense, many look to lowering the latency. However, with applications, such as video streaming, latency does not tell you if the video is going to buffer. One can only assume that lower latency will lead to less buffering. In such a scenario, measurement-based on throughput is a far better performance metric since will tell you how fast an object will load.
We have also to consider the page load times. At the network level, it's the time to first byte (TTFB) and ping. However, these mechanisms dont tell you much about the user experience as everything fits into one packet. Using ping will not inform you about the bandwidth problems.
And if a web page goes slower by 25% once packet loss exceeds 5% and you are measuring time to the first byte which is the 4th packet - what exactly can you learn? TTFB is comparable to an internet control message protocol (ICMP) request just one layer up the stack. It's good if something is broken but not if there is underperformance issue.
When you examine the history of TTFB measuring, you will find that it was deployed due to the lack of Real User Monitoring (RUM) measurements. Previously TTFB was as good in approximating how fast something was going to load, but we don't have to approximate anymore as we can measure it with RUM. RUM is measurements from the end-users. An example could be the metrics generated from a webpage that is being served to an actual user.
Conclusively, TTFB, ping and page load times are not sophisticated measurements. We should prefer RUM time measurements as much as we can. This provides a more accurate picture of the user experience. This is something which has become critical over the last decade.
Now we are living in a world of RUM which lets us build our network based on what matters to the business users. All CDNs should aim for RUM measurements. For this, they may need to integrate with traffic management systems that intelligently measure on what the end-user really sees.
### The need for multi-CDN
Primarily, the reasons one would opt for a multi-CDN environment are availability and performance. No single CDN can be the fastest to everyone and everywhere in the world. It is impossible due to the internet's connectivity model. However, combining the best of two or even more CDN providers will increase the performance.
A multi-CDN will give a faster performance and higher availability than what can be achieved with a single CDN. A good design is what runs two availability zones. A better design is what runs two availability zones with a single CDN provider. However, superior design is what runs two availability zones in a multi-CDN environment.
### Edge applications will be the new norm
Its not that long ago that there was a transition from the heavy physical monolithic architecture to the agile cloud. But all that really happened was the transition from the physical appliance to a virtual cloud-based appliance. Maybe now is the time that we should ask, is this the future that we really want?
One of the main issues in introducing edge applications is the mindset. It is challenging to convince yourself or your peers that the infrastructure you have spent all your time working on and investing in is not the best way forward for your business. 
Although the cloud has created a big buzz, just because you migrate to the cloud does not mean that your applications will run faster. In fact, all you are really doing is abstracting the physical pieces of the architecture and paying someone else to manage it. The cloud has, however, opened the door for the edge application conversation. We have already taken the first step to the cloud and now it's time to make the second move.
Basically, when you think about edge applications: its simplicity is a programmable CDN. A CDN is an edge application and an edge application is a superset of what your CDN is doing. Edge applications denote cloud computing at the edge. It is a paradigm to distribute the application closer to the source for lower latency, additional resilience, and simplified infrastructure, where you still have control and privacy.
From an architectural point of view, an edge application provides more resilience than deploying centralized applications. In today's world of high expectations, resilience is a necessity for the continuity of business. Edge applications allow you to collapse the infrastructure into an architecture that is cheaper, simpler and more attentive to the application. The less in the expanse of infrastructure, the more time you can focus on what really matters to your business - the customer.
### An example of an edge architecture
An example of edge architecture is within each PoP, every application has its own isolated JavaScript (JS) environment. JavaScript is great for security isolation and the performance guarantees scale. The JavaScript is a dedicated isolated instance that executes the code at the edge.
Most likely, each JavaScript has its own virtual machine (VM). The sole operation that the VM is performing is the JavaScript runtime engine and the only thing it is running is the customer's code. One could use Google V8 open-source high-performance JavaScript and WebAssembly engine.
Lets face it, if you continue building more PoPs, you will hit the law of diminishing returns. When it comes to application such as mobile, you really are maxed out when throwing PoPs to form a solution. So we need to find another solution.
In the coming times, we are going to witness a trend where most applications will become global, which means edge applications. It certainly makes little sense to place all the application in one location when your users are everywhere else.
**This article is published as part of the IDG Contributor Network. [Want to Join?][4]**
Join the Network World communities on [Facebook][5] and [LinkedIn][6] to comment on topics that are top of mind.
--------------------------------------------------------------------------------
via: https://www.networkworld.com/article/3409027/how-edge-computing-is-driving-a-new-era-of-cdn.html
作者:[Matt Conran][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.networkworld.com/author/Matt-Conran/
[b]: https://github.com/lujun9972
[1]: https://images.techhive.com/images/article/2017/02/network-traffic-100707086-large.jpg
[2]: https://network-insight.net/2016/12/buffers-packet-drops/
[3]: https://www.networkworld.com/article/3014599/cloud-computing/how-notre-dame-is-going-all-in-with-amazon-s-cloud.html#tk.nww-fsb
[4]: https://www.networkworld.com/contributor-network/signup.html
[5]: https://www.facebook.com/NetworkWorld/
[6]: https://www.linkedin.com/company/network-world

71
sources/talk/20190717 MPLS is hanging on in this SD-WAN world.md
View File

@ -1,71 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (MPLS is hanging on in this SD-WAN world)
[#]: via: (https://www.networkworld.com/article/3409070/mpls-is-hanging-on-in-this-sd-wan-world.html)
[#]: author: (Andy Patrizio https://www.networkworld.com/author/Andy-Patrizio/)
MPLS is hanging on in this SD-WAN world
======
The legacy networking protocol is still viable and there is no need to replace it in certain use cases, argues one cloud provider.
![jamesteohart][1]
The [SD-WAN networking market is booming and is expected to grow][2] to $17 billion by 2025, and no wonder. Software-defined wide-area networking eliminates the need for expensive routers and does all the network connectivity in the cloud.
Among its advantages is the support for secure cloud connectivity, one area where multiprotocol label switching (MPLS) falls short. MPLS is a data protocol from before the internet took off and while ideal for communications within the corporate firewall, it doesnt lend itself to cloud and outside communications well.
You would think that would seal MPLSs fate, but just like IPv6 is ever so slowly replacing IPv4, MPLS is hanging on and some IT pros are even increasing their investment.
**[ Related: [MPLS explained What you need to know about multi-protocol label switching][3] ]**
Avant Communications, a cloud services provider that specializes in SD-WAN, recently issued a report entitled [State of Disruption][4] that found that 83% of enterprises that use or are familiar with MPLS plan to increase their MPLS network infrastructure this year, and 40% say they will “significantly increase” their use of it.
The report did not find one protocol winning that the expense of another. Just as 83% plan to use MPLS, 78% acknowledged plans to use SD-WAN in their corporate networks by the end of the year. Although SD-WAN is on the rise, MPLS is clearly not going away anytime soon. Both SD-WAN and MPLS can live together in harmony, adding value to each other.
“SD-WAN is the most disruptive technology in our study. Its not surprising that adoption of new technologies is slowest among the largest companies. The wave of SD-WAN disruption has not fully hit larger companies yet, but our belief is that it is moving quickly upmarket,” the report stated.
While SD-WAN is much better suited for the job of cloud connectivity, 50% of network traffic is still staying within the corporate firewall. So while SD-WAN can solve the connection issues, so can MPLS. And if you have it deployed, rip and replace makes no sense.
“MPLS continues to have a strong role in modern networks, and we expect that to continue,” the report stated. “This is especially true among larger enterprises that have larger networks depending on MPLS. While youll find MPLS at the core for a long time to come, we expect to see a shared environment with SD-WAN at the edge, enabled by broadband Internet and other lower cost networks. “
And MPLS isnt without its advantages, most notably it can [guarantee performance][5] while SD-WAN, at the mercy of the public internet, cannot.
As broadband networks continue to improve in performance, SD-WAN will allow companies to reduce their reliance on MPLS, especially as equipment ages and is replaced. Avant expects that, for the foreseeable future, there will continue to be a very viable role for both.
**More about SD-WAN:**
* [How to buy SD-WAN technology: Key questions to consider when selecting a supplier][6]
* [How to pick an off-site data-backup method][7]
* [SD-Branch: What it is and why youll need it][8]
* [What are the options for security SD-WAN?][9]
Join the Network World communities on [Facebook][10] and [LinkedIn][11] to comment on topics that are top of mind.
--------------------------------------------------------------------------------
via: https://www.networkworld.com/article/3409070/mpls-is-hanging-on-in-this-sd-wan-world.html
作者:[Andy Patrizio][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.networkworld.com/author/Andy-Patrizio/
[b]: https://github.com/lujun9972
[1]: https://images.idgesg.net/images/article/2019/07/the-latest-in-innovation-in-the-sd-wan-managed-services-market1400-100801684-large.jpg
[2]: https://www.prnewswire.com/news-releases/software-defined-wide-area-network-sd-wan-market-to-hit-17bn-by-2025-global-market-insights-inc-300795304.html
[3]: https://www.networkworld.com/article/2297171/sd-wan/network-security-mpls-explained.html
[4]: https://www.goavant.net/Disruption
[5]: https://www.networkworld.com/article/2297171/network-security-mpls-explained.html
[6]: https://www.networkworld.com/article/3323407/sd-wan/how-to-buy-sd-wan-technology-key-questions-to-consider-when-selecting-a-supplier.html
[7]: https://www.networkworld.com/article/3328488/backup-systems-and-services/how-to-pick-an-off-site-data-backup-method.html
[8]: https://www.networkworld.com/article/3250664/lan-wan/sd-branch-what-it-is-and-why-youll-need-it.html
[9]: https://www.networkworld.com/article/3285728/sd-wan/what-are-the-options-for-securing-sd-wan.html?nsdr=true
[10]: https://www.facebook.com/NetworkWorld/
[11]: https://www.linkedin.com/company/network-world

73
sources/talk/20190717 Public internet should be all software-defined.md
View File

@ -1,73 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Public internet should be all software-defined)
[#]: via: (https://www.networkworld.com/article/3409783/public-internet-should-be-all-software-defined.html)
[#]: author: (Patrick Nelson https://www.networkworld.com/author/Patrick-Nelson/)
Public internet should be all software-defined
======
Having a programmable public internet will correct inefficiencies in the current system, engineers at NOIA say.
![Thinkstock][1]
The public internet should migrate to a programmable backbone-as-a-service architecture, says a team of network engineers behind NOIA, a startup promising to revolutionize global traffic. They say the internet will be more efficient if internet protocols and routing technologies are re-worked and then combined with a traffic-trading blockchain.
Its “impossible to use internet for modern applications,” the company says on its website. “Almost all global internet companies struggle to ensure uptime and reliable user experience.”
Thats because modern techniques arent being introduced fully, NOIA says. The engineers say algorithms should be implemented to route traffic and that segment routing technology should be adopted. Plus, blockchain should be instigated to trade internet transit capacity. A “programmable internet solves the webs inefficiencies,” a representative from NOIA told me.
**[ Read also: [What is IPv6, and why arent we there yet?][2] ]**
### Deprecate the public internet
NOIA has started introducing a caching, distributed content delivery application to improve website loading times, but it wants to ultimately deprecate the existing internet completely.
The company currently has 353 active cache nodes around the world, with a total 27 terabytes of storage for that caching system—NOIA clients contribute spare bandwidth and storage. Its also testing a network backbone using four providers with European and American locations that it says will be the [development environment for its envisaged software-defined and radical internet replacement][3].
### The problem with today's internet
The “internet is a mesh of tangled up cables,” [NOIA says][4]. “Thousands of physically connected networks” are involved. Any configuration alterations in any of the jumble of networks causes issues with the protocols, it explains. The company is referring to Border Gateway Protocol (BGP), which lets routers discover paths to IP addresses through the disparate network. Because BGP only forwards to a neighboring router, it doesnt manage the entire route. That introduces “severe variability” or unreliability.
“It is impossible to guarantee service reliability without using overlay networks. Low-latency, performance-critical applications, and games cannot operate on public Internet,” the company says.
### How a software-defined internet works
NOIA's idea is to use [IPv6][5], the latest internet protocol. IPv6 features an expanded packet size and allows custom headers. The company then adds segment routing to create Segment Routing over IPv6 (SRv6). That SRv6 combo adds routing information to each data packet sent—a packet-level programmable network, in other words.
Segment routing, roughly, is an updated internet protocol that lets routers comprehend routing information in packet headers and then perform the routing. Cisco has been using it, too.
NOIAs network then adds the SRv6 amalgamation to distributed ledger technology (blockchain) in order to let ISPs and data centers buy and sell the routes—buyers can choose their routes in the exchange, too.
In addition to trade, blockchain introduces security. It's worth noting that routings arent the only internet technologies that could be disrupted due to blockchain. In April I wrote about [organizations that propose moving data storage transactions over to distributed ledgers][6]. They say that will be more secure than anything seen before. [Ethernets lack of inherent security could be corrected by smart contract, trackable verifiable transactions][7], say some. And, of course, supply chain, the automotive vertical, and the selling of sensor data overall may emerge as [use-contenders for secure, blockchain in the internet of things][8].
In NOIAs case, with SRv6 blended with distributed ledgers, the encrypted ledger holds the IP addresses, but it is architecturally decentralized—no one controls it. Thats one element of added security, along with the aforementioned trading, provided by the ledger.
That trading could handle the question of whos paying for all this. However, NOIA says current internet hardware will be able to understand the segment routings, so no new equipment investments are needed.
Join the Network World communities on [Facebook][9] and [LinkedIn][10] to comment on topics that are top of mind.
--------------------------------------------------------------------------------
via: https://www.networkworld.com/article/3409783/public-internet-should-be-all-software-defined.html
作者:[Patrick Nelson][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.networkworld.com/author/Patrick-Nelson/
[b]: https://github.com/lujun9972
[1]: https://images.idgesg.net/images/article/2018/05/dns_browser_http_web_internet_thinkstock-100758191-large.jpg
[2]: https://www.networkworld.com/article/3254575/lan-wan/what-is-ipv6-and-why-aren-t-we-there-yet.html
[3]: https://medium.com/noia/development-update-06-20-07-04-2879f9fce3cb
[4]: https://noia.network/
[5]: https://www.networkworld.com/article/3254575/what-is-ipv6-and-why-aren-t-we-there-yet.html
[6]: https://www.networkworld.com/article/3390722/how-data-storage-will-shift-to-blockchain.html
[7]: https://www.networkworld.com/article/3356496/how-blockchain-will-manage-networks.html
[8]: https://www.networkworld.com/article/3330937/how-blockchain-will-transform-the-iot.html
[9]: https://www.facebook.com/NetworkWorld/
[10]: https://www.linkedin.com/company/network-world

102
sources/talk/20190718 Smart cities offer window into the evolution of enterprise IoT technology.md
View File

@ -1,102 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Smart cities offer window into the evolution of enterprise IoT technology)
[#]: via: (https://www.networkworld.com/article/3409787/smart-cities-offer-window-into-the-evolution-of-enterprise-iot-technology.html)
[#]: author: (Fredric Paul https://www.networkworld.com/author/Fredric-Paul/)
Smart cities offer window into the evolution of enterprise IoT technology
======
Smart-city technologies such as 0G networking hold clues for successful large-scale implementations of the internet of things in enterprise settings.
![Benjamin Hung modified by IDG Comm. \(CC0\)][1]
Powering smart cities is one of the most ambitious use cases for the internet of things (IoT), combining a wide variety of IoT technologies to create coherent systems that span not just individual buildings or campuses but entire metropolises. As such, smart cities offer a window into the evolution of enterprise IoT technologies and implementations on the largest scale.
And thats why I connected with [Christophe Fourtet][2], CSO and co-founder of [Sigfox][3], a French global network operator, to learn more about using wireless networks to connect large numbers of low-power objects, ranging from smartwatches to electricity meters. (And I have to admit I was intrigued by the 0G network moniker, which conjured visions of weightless IoT devices floating in space, or maybe [OG-][4]style old-school authenticity. Thats not at all what its about, of course.)
**[ Learns more: [Download a PDF bundle of five essential articles about IoT in the enterprise][5] ]**
According to Fourtet, "Sigfoxs global 0G network specializes in inexpensively conveying small amounts of data over long ranges—without sacrificing quality. Whereas other networks aim to collect and transmit as much data as possible, as quickly as possible, we deliver small packets of information at regular intervals, giving customers only the critical information they need."
The software-based wireless 0G network listens to devices without the need to establish and maintain network connection, eliminating signaling overhead. With network and computing complexity managed in the cloud, energy consumption and costs of connected devices are dramatically reduced, [the company says][6]. Just as important, the low power requirements can also dramatically cut battery requirements for IoT devices.
Around the world, customers like Michelin, General Motors, and Airbus use the 0G networks to connect IoT devices, and the network is supported by more than 660 partner organizations, including device makers and service providers such as Urbansense and Bosch. Sigfox cited [0G-connected IoT devices enabling Danish cities][7] to monitor quality of life data, from detecting defects in buildings to tracking garbage collection.
### 0G applications beyond smart cities
In addition to smart cities applications, Sigfox serves several industry verticals, including manufacturing, agriculture, and retail. Common use cases include supply-chain management and asset tracking, both within factory/warehouse environments and between locations as containers/shipments move through the supply chain around the globe. The network is uniquely equipped for supply chain use cases due to its cost-efficiency, long-lasting batteries with totally predictable autonomy, and wide-range reach.
In facilities management, the 0G network can connect IoT devices that track ambient factors such temperature, humidity, and occupancy. Doing so helps managers leverage occupancy data to adjust the amount of space a company needs to rent, reducing overhead costs. It can also help farmers optimize the planting, care, and harvesting of crops.
Operating as a backup solution to ensure connectivity during a broadband network outage, 0G networking built into a cable box or router could allow service providers to access hardware even when the primary network is down, Fourtet said.
“The 0G network does not promise a continuation of these services,” Fourtet noted, “but it can provide access to the necessary information to solve challenges associated with outages.”
In a more dire example in the home and commercial building security market, sophisticated burglars could use cellular and Wi-Fi jammers to block a security systems access to a network so even though alarms were issued, the service might never receive them, Fourtet said. But the 0G network can send an alert to the alarm system provider even if it has been jammed or blocked, he said.
### How 0g networks are used today
Current 0G implementations include helping [Louis Vuitton track luggage][8] for its traveling customers. Using a luggage tracker powered by by [Sigfoxs Monarch service][9], a suitcase can stay connected to the 0G network throughout a trip, automatically recognizing and adapting to local radio frequency standards. The idea is for travelers to track the location of their bags at major airports in multiple countries, Fourtet said, while low energy consumption promises a six-month battery life with a very small battery.
At the Special Olympics World Games Abu Dhabi 2019, [iWire, LITE-ON and Sigfox worked together][10] to create a tracking solution designed to help safeguard 10,000 athletes and delegates. Sensors connected to the Sigfox 0G network and outfitted with Wi-Fi capabilities were equipped with tiny batteries designed to provide uninterrupted service throughout the weeklong event. The devices “periodically transmitted messages that helped to identify the location of athletes and delegates in case they went off course,” Fourtet said, while LITE-ON incorporated a panic button for use in case of emergencies. In fact, during the event, the system was used to locate a lost athlete and return them to the Games without incident, he said.
French car manufacturer [Groupe PSA][11] uses the 0G network to optimize shipping container routes between suppliers and assembly plants. [Track&amp;Trace][11] works with IBMs cloud-based IoT technologies to track container locations and alert Groupe PSA when issues crop up, Fourtet said.
### 0G is still growing
“It takes time to build a new network,” Fourtet said. So while Sigfox has delivered 0G network coverage in 60 countries across five continents, covering 1 billion people  (including 51 U.S. metropolitan areas covering 30% of the population), Fourtet acknowledged, “[We] still have a ways to go to build our global network.” In the meantime, the company is expanding its Connectivity-as-a-Service (CaaS) solutions to enable coverage in areas where the 0G network does not yet exist.
**More on IoT:**
* [What is the IoT? How the internet of things works][12]
* [What is edge computing and how its changing the network][13]
* [Most powerful Internet of Things companies][14]
* [10 Hot IoT startups to watch][15]
* [The 6 ways to make money in IoT][16]
* [What is digital twin technology? [and why it matters]][17]
* [Blockchain, service-centric networking key to IoT success][18]
* [Getting grounded in IoT networking and security][5]
* [Building IoT-ready networks must become a priority][19]
* [What is the Industrial IoT? [And why the stakes are so high]][20]
Join the Network World communities on [Facebook][21] and [LinkedIn][22] to comment on topics that are top of mind.
--------------------------------------------------------------------------------
via: https://www.networkworld.com/article/3409787/smart-cities-offer-window-into-the-evolution-of-enterprise-iot-technology.html
作者:[Fredric Paul][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.networkworld.com/author/Fredric-Paul/
[b]: https://github.com/lujun9972
[1]: https://images.idgesg.net/images/article/2018/07/tokyo_asia_smart-city_iot_networking_by-benjamin-hung-unsplash-100764249-large.jpg
[2]: https://www.sigfox.com/en/sigfox-story
[3]: https://www.sigfox.com/en
[4]: https://www.dictionary.com/e/slang/og/
[5]: https://www.networkworld.com/article/3269736/internet-of-things/getting-grounded-in-iot-networking-and-security.html
[6]: https://www.sigfox.com/en/sigfox-iot-technology-overview
[7]: https://www.youtube.com/watch?v=WXc722WGjnE&t=1s
[8]: https://www.sigfox.com/en/news/sigfox-and-louis-vuitton-partner-innovative-luggage-tracker
[9]: https://www.sigfox.com/en/solutions/sigfox-services
[10]: https://www.sigfox.com/en/news/case-study-special-olympics-2019
[11]: https://www.sigfox.com/en/news/ibm-revolutionizes-container-tracking-groupe-psa-sigfox
[12]: https://www.networkworld.com/article/3207535/internet-of-things/what-is-the-iot-how-the-internet-of-things-works.html
[13]: https://www.networkworld.com/article/3224893/internet-of-things/what-is-edge-computing-and-how-it-s-changing-the-network.html
[14]: https://www.networkworld.com/article/2287045/internet-of-things/wireless-153629-10-most-powerful-internet-of-things-companies.html
[15]: https://www.networkworld.com/article/3270961/internet-of-things/10-hot-iot-startups-to-watch.html
[16]: https://www.networkworld.com/article/3279346/internet-of-things/the-6-ways-to-make-money-in-iot.html
[17]: https://www.networkworld.com/article/3280225/internet-of-things/what-is-digital-twin-technology-and-why-it-matters.html
[18]: https://www.networkworld.com/article/3276313/internet-of-things/blockchain-service-centric-networking-key-to-iot-success.html
[19]: https://www.networkworld.com/article/3276304/internet-of-things/building-iot-ready-networks-must-become-a-priority.html
[20]: https://www.networkworld.com/article/3243928/internet-of-things/what-is-the-industrial-iot-and-why-the-stakes-are-so-high.html
[21]: https://www.facebook.com/NetworkWorld/
[22]: https://www.linkedin.com/company/network-world

151
sources/talk/20190718 Worst DNS attacks and how to mitigate them.md
View File

@ -1,151 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Worst DNS attacks and how to mitigate them)
[#]: via: (https://www.networkworld.com/article/3409719/worst-dns-attacks-and-how-to-mitigate-them.html)
[#]: author: (Michael Cooney https://www.networkworld.com/author/Michael-Cooney/)
Worst DNS attacks and how to mitigate them
======
DNS threats, including DNS hijacking, tunneling, phishing, cache poisoning and DDoS attacks, are all on the rise.
![Max Bender \(CC0\)][1]
The Domain Name System remains under constant attack, and there seems to be no end in sight as threats grow increasingly sophisticated.
DNS, known as the internets phonebook, is part of the global internet infrastructure that translates between familiar names and the numbers computers need to access a website or send an email. While DNS has long been the target of assailants looking to steal all manner of corporate and private information, the threats in the [past year][2] or so indicate a worsening of the situation.
**More about DNS:**
* [DNS in the cloud: Why and why not][3]
* [DNS over HTTPS seeks to make internet use more private][4]
* [How to protect your infrastructure from DNS cache poisoning][5]
* [ICANN housecleaning revokes old DNS security key][6]
IDC reports that 82% of companies worldwide have faced a DNS attack over the past year. The research firm recently published its fifth annual [Global DNS Threat Report][7], which is based on a survey IDC conducted on behalf of DNS security vendor EfficientIP of 904 organizations across the world during the first half of 2019.
According to IDC's research, the average costs associated with a DNS attack rose by 49% compared to a year earlier. In the U.S., the average cost of a DNS attack tops out at more than $1.27 million. Almost half of respondents (48%) report losing more than $500,000 to a DNS attack, and nearly 10% say they lost more than $5 million on each breach. In addition, the majority of U.S. organizations say that it took more than one day to resolve a DNS attack.
“Worryingly, both in-house and cloud applications were damaged, with growth of over 100% for in-house application downtime, making it now the most prevalent damage suffered,” IDC wrote. "DNS attacks are moving away from pure brute-force to more sophisticated attacks acting from the internal network. This will force organizations to use intelligent mitigation tools to cope with insider threats."
### Sea Turtle DNS hijacking campaign
An ongoing DNS hijacking campaign known as Sea Turtle is one example of what's occuring in today's DNS threat landscape.
This month, [Cisco Talos][8] security researchers said the people behind the Sea Turtle campaign have been busy [revamping their attacks][9] with new infrastructure and going after new victims.
**[ [Prepare to become a Certified Information Security Systems Professional with this comprehensive online course from PluralSight. Now offering a 10-day free trial!][10] ]**
In April, Talos released a [report detailing][11] Sea Turtle and calling it the “first known case of a domain name registry organization that was compromised for cyber espionage operations.” Talos says the ongoing DNS threat campaign is a state-sponsored attack that abuses DNS to harvest credentials to gain access to sensitive networks and systems in a way that victims are unable to detect, which displays unique knowledge on how to manipulate DNS.
By obtaining control of victims DNS, the attackers can change or falsify any data on the Internet and illicitly modify DNS name records to point users to actor-controlled servers; users visiting those sites would never know, Talos reports. 
The hackers behind Sea Turtle appear to have regrouped after the April report from Talos and are redoubling their efforts with new infrastructure  a move Talos researchers find to be unusual: “While many actors will slow down once they are discovered, this group appears to be unusually brazen, and will be unlikely to be deterred going forward,” Talos [wrote][9] in July.
“Additionally, we discovered a new DNS hijacking technique that we assess with moderate confidence is connected to the actors behind Sea Turtle. This new technique is similar in that the threat actors compromise the name server records and respond to DNS requests with falsified A records,” Talos stated. 
“This new technique has only been observed in a few highly targeted operations. We also identified a new wave of victims, including a country code top-level domain (ccTLD) registry, which manages the DNS records for every domain [that] uses that particular country code; that access was used to then compromise additional government entities. Unfortunately, unless there are significant changes made to better secure DNS, these sorts of attacks are going to remain prevalent,” Talos wrote.
### DNSpionage attack upgrades its tools
Another newer threat to DNS comes in the form of an attack campaign called [DNSpionage][12]. 
DNSpionage initially used two malicious websites containing job postings to compromise targets via crafted Microsoft Office documents with embedded macros. The malware supported HTTP and DNS communication with the attackers. And the attackers are continuing to develop new assault techniques.
“The threat actor's ongoing development of DNSpionage malware shows that the attacker continues to find new ways to avoid detection. DNS tunneling is a popular method of exfiltration for some actors, and recent examples of DNSpionage show that we must ensure DNS is monitored as closely as an organization's normal proxy or weblogs,” [Talos wrote][13]. “DNS is essentially the phonebook of the internet, and when it is tampered with, it becomes difficult for anyone to discern whether what they are seeing online is legitimate.”
The DNSpionage campaign targeted various businesses in the Middle East as well as United Arab Emirates government domains.
“One of the biggest problems with DNS attacks or the lack of protection from them is complacency,” said Craig Williams, director of Talos outreach. Companies think DNS is stable and that they dont need to worry about it. “But what we are seeing with attacks like DNSpionage and Sea Turtle are kind of the opposite, because attackers have figured out how to use it to their advantage how to use it to do damage to credentials in a way, in the case of Sea Turtle, that the victim never even knows it happened. And thats a real potential problem.”
If you know, for example, your name server has been compromised, then you can force everyone to change their passwords. But if instead they go after the registrar and the registrar points to the bad guys name, you never knew it happened because nothing of yours was touched thats why these new threats are so nefarious, Williams said.
“Once attackers start using it publicly, successfully, other bad guys are going to look at it and say, Hey, why don't I use that to harvest a bunch of credentials from the sites I am interested in,’” Williams said.
### **The DNS IoT risk**
Another developing risk would be the proliferation of IoT devices.  The Internet Corporation for Assigned Names and Numbers (ICANN) recently wrote a [paper on the risk that IoT brings to DNS][14]. 
“The IoT is a risk to the DNS because various measurement studies suggest that IoT devices could stress the DNS infrastructure in ways that we have not seen before,” ICANN stated.   “For example, a software update for a popular IP-enabled IoT device that causes the device to use the DNS more frequently (e.g., regularly lookup random domain names to check for network availability) could stress the DNS in individual networks when millions of devices automatically install the update at the same time.”
While this is a programming error from the perspective of individual devices, it could result in a significant attack vector from the perspective of DNS infrastructure operators. Incidents like this have already occurred on a small scale, but they may occur more frequently in the future due to the growth of heterogeneous IoT devices from manufacturers that equip their IoT devices with controllers that use the DNS, ICANN stated.
ICANN also suggested that IoT botnets will represent an increased threat to DNS operators. “Larger DDoS attacks, partly because IoT bots are more difficult to eradicate. Current botnet sizes are on the order of hundreds of thousands. The most well-known example is the Mirai botnet, which involved 400K (steady-state) to 600K (peak) infected IoT devices.  The Hajime botnet hovers around 400K infected IoT devices, but has not launched any DDoS attacks yet. With the growth of the IoT, these attacks may grow to involve millions of bots and as a result larger DDoS attacks.
### **DNS security warnings grow**
The UK's [National Cyber Security Centre (NCSC)][15] issued a warning this month about ongoing DNS attacks, particularly focusing on DNS hijacking. It cited a number of risks associated with the uptick in DNS hijacking including:
**Creating malicious DNS records.** A malicious DNS record could be used, for example, to create a phishing website that is present within an organizations familiar domain. This may be used to phish employees or customers.
**Obtaining SSL certificates.** Domain-validated SSL certificates are issued based on the creation of DNS records; thus an attacker may obtain valid SSL certificates for a domain name, which could be used to create a phishing website intended to look like an authentic website, for example.
**Transparent proxying.** One serious risk employed recently involves transparently proxying traffic to intercept data. The attacker modifies an organizations configured domain zone entries (such as “A” or “CNAME” records) to point traffic to their own IP address, which is infrastructure they manage.
“An organization may lose total control of their domain and often the attackers will change the domain ownership details making it harder to recover,” the NCSC wrote.
These new threats, as well as other dangers, led the U.S. government to issue a warning earlier this year about DNS attacks on federal agencies. 
The Department of Homeland Securitys Cybersecurity and Infrastructure Security Agency (CISA) told all federal agencies to bolt down their DNS in the face of a series of global hacking campaigns.
CISA said in its [Emergency Directive][16] that it was tracking a series of incidents targeting DNS infrastructure. CISA wrote that it “is aware of multiple executive branch agency domains that were impacted by the tampering campaign and has notified the agencies that maintain them.”
CISA says that attackers have managed to intercept and redirect web and mail traffic and could target other networked services. The agency said the attacks start with compromising user credentials of an account that can make changes to DNS records.  Then the attacker alters DNS records, like Address, Mail Exchanger, or Name Server records, replacing the legitimate address of the services with an address the attacker controls.
These actions let the attacker direct user traffic to their own infrastructure for manipulation or inspection before passing it on to the legitimate service, should they choose. This creates a risk that persists beyond the period of traffic redirection, CISA stated. 
“Because the attacker can set DNS record values, they can also obtain valid encryption certificates for an organizations domain names. This allows the redirected traffic to be decrypted, exposing any user-submitted data. Since the certificate is valid for the domain, end users receive no error warnings,” CISA stated.
### **Get on the DNSSEC bandwagon**
“Enterprises that are potential targets in particular those that capture or expose user and enterprise data through their applications should heed this advisory by the NSCS and should pressure their DNS and registrar vendors to make DNSSEC and other domain security best practices easy to implement and standardized,” said Kris Beevers, co-founder and CEO of DNS security vendor [NS1][17]. “They can easily implement DNSSEC signing and other domain security best practices with technologies in the market today. At the very least, they should work with their vendors and security teams to audit their implementations.”
DNSSEC was in the news earlier this year when in response to increased DNS attacks, ICANN called for an intensified community effort to install stronger DNS security technology. 
Specifically, ICANN wants full deployment of the Domain Name System Security Extensions ([DNSSEC][18]) across all unsecured domain names. DNSSEC adds a layer of security on top of DNS. Full deployment of DNSSEC ensures end users are connecting to the actual web site or other service corresponding to a particular domain name, ICANN said. “Although this will not solve all the security problems of the Internet, it does protect a critical piece of it the directory lookup complementing other technologies such as SSL (https:) that protect the conversation, and provide a platform for yet-to-be-developed security improvements,” ICANN stated.
DNSSEC technologies have been around since about 2010 but are not widely deployed, with less than 20% of the worlds DNS registrars having deployed it, according to the regional internet address registry for the Asia-Pacific region ([APNIC][19]).
DNSSEC adoption has been lagging because it was viewed as optional and can require a tradeoff between security and functionality, said NS1's Beevers.
### **Traditional DNS threats**
While DNS hijacking may be the front line attack method, other more traditional threats still exist. 
The IDC/EfficientIP study found most popular DNS threats have changed compared with last year. Phishing (47%) is now more popular than last years favorite, DNS-based malware (39%), followed by DDoS attacks (30%), false positive triggering (26%), and lock-up domain attacks (26%).
--------------------------------------------------------------------------------
via: https://www.networkworld.com/article/3409719/worst-dns-attacks-and-how-to-mitigate-them.html
作者:[Michael Cooney][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.networkworld.com/author/Michael-Cooney/
[b]: https://github.com/lujun9972
[1]: https://images.idgesg.net/images/article/2018/08/anonymous_faceless_hooded_mand_in_scary_halloween_mask_finger_to_lips_danger_threat_stealth_attack_hacker_hush_silence_warning_by_max_bender_cc0_via_unsplash_1200x800-100766358-large.jpg
[2]: https://www.fireeye.com/blog/threat-research/2019/01/global-dns-hijacking-campaign-dns-record-manipulation-at-scale.html
[3]: https://www.networkworld.com/article/3273891/hybrid-cloud/dns-in-the-cloud-why-and-why-not.html
[4]: https://www.networkworld.com/article/3322023/internet/dns-over-https-seeks-to-make-internet-use-more-private.html
[5]: https://www.networkworld.com/article/3298160/internet/how-to-protect-your-infrastructure-from-dns-cache-poisoning.html
[6]: https://www.networkworld.com/article/3331606/security/icann-housecleaning-revokes-old-dns-security-key.html
[7]: https://www.efficientip.com/resources/idc-dns-threat-report-2019/
[8]: https://www.talosintelligence.com/
[9]: https://blog.talosintelligence.com/2019/07/sea-turtle-keeps-on-swimming.html
[10]: https://pluralsight.pxf.io/c/321564/424552/7490?u=https%3A%2F%2Fwww.pluralsight.com%2Fpaths%2Fcertified-information-systems-security-professional-cisspr
[11]: https://blog.talosintelligence.com/2019/04/seaturtle.html
[12]: https://www.networkworld.com/article/3390666/cisco-dnspionage-attack-adds-new-tools-morphs-tactics.html
[13]: https://blog.talosintelligence.com/2019/04/dnspionage-brings-out-karkoff.html
[14]: https://www.icann.org/en/system/files/files/sac-105-en.pdf
[15]: https://www.ncsc.gov.uk/news/ongoing-dns-hijacking-and-mitigation-advice
[16]: https://cyber.dhs.gov/ed/19-01/
[17]: https://ns1.com/
[18]: https://www.icann.org/resources/pages/dnssec-qaa-2014-01-29-en
[19]: https://www.apnic.net/

2
sources/tech/20131228 Introduction to Clojure - Modern dialect of Lisp (Part 1).md
View File

@ -1,5 +1,5 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: translator: (ninifly)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )

1
sources/tech/20171006 7 deadly sins of documentation.md
View File

@ -1,4 +1,3 @@
leemeans translating
7 deadly sins of documentation
======
![](https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/osdc-lead-cat-writing-king-typewriter-doc.png?itok=afaEoOqc)

242
sources/tech/20171226 Top 10 Microsoft Visio Alternatives for Linux.md Normal file
View File

@ -0,0 +1,242 @@
Top 10 Microsoft Visio Alternatives for Linux
======
**Brief: If you are looking for a good Visio viewer in Linux, here are some alternatives to Microsoft Visio that you can use in Linux.**
[Microsoft Visio][1] is a great tool for creating or generating mission-critical diagrams and vector representations. While it may be a good tool for making floor plans or other kinds of diagrams - it is neither free nor open source.
Moreover, Microsoft Visio is not a standalone product. It comes bundled with Microsoft Office. We have already seen [open source alternatives to MS Office][2] in the past. Today we'll see what tools you can use in place of Visio on Linux.
## Best Microsoft Visio alternatives for Linux
![Microsoft Visio Alternatives for Linux][4]
Mandatory disclaimer here. The list is not a ranking. The product at number three is not better than the one at number six on the list.
I have also mentioned a couple of non open source Visio software that you can use from the web interface.
| Software | Type | License Type |
| LibreOffice Draw | Desktop Software | Free and Open Source |
| OpenOffice Draw | Desktop Software | Free and Open Source |
| Dia | Desktop Software | Free and Open Source |
| yED Graph Editor | Desktop and web-based | Freemium |
| Inkscape | Desktop Software | Free and Open Source |
| Pencil | Desktop and web-based | Free and Open Source |
| Graphviz | Desktop Software | Free and Open Source |
| darw.io | Desktop and web-based | Free and Open Source |
| Lucidchart | Web-based | Freemium |
| Calligra Flow | Desktop Software | Free and Open Source |
### 1. LibreOffice Draw
![][5]
LibreOffice Draw module is one of the best open source alternatives to Microsoft Visio. With the help of it, you can either choose to make a quick sketch of an idea or a complex professional floor plan for presentation. Flowcharts, organization charts, network diagrams, brochures, posters, and what not! All that without even requiring to spend a penny.
Good thing is that it comes bundled with LibreOffice which is installed in most Linux distributions by default.
#### Overview of Key Features:
* Style & Formatting tools to make Brochures/Posters
* Calc Data Visualization
* PDF-File editing capability
* Create Photo Albums by manipulating the pictures from Gallery
* Flexible Diagramming tools similar to the ones with Microsoft Visio (Smart Connectors, Dimension lines, etc.,)
* Supports .VSD files (to open)
[LibreOffice Draw][6]
### 2. Apache OpenOffice Draw
![][7]
A lot of people do know about OpenOffice (on which LibreOffice project was initially based on) but they don't really mention Apache OpenOffice Draw as an alternative to Microsoft Visio. But, for a fact - it is yet another amazing open-source diagramming software tool. Unlike LibreOffice Draw, it does not support editing PDF files but it does offer drawing tools for any type of diagram creation.
Just a caveat here. Use this tool only if you have OpenOffice already on your system. This is because [installing OpenOffice][8] is a pain and it is [not properly developed anymore][9].
#### Overview of Key Features:
* 3D Controller to create shapes quickly
* Create (.swf) flash versions of your work
* Style & Formatting tools
* Flexible Diagramming tools similar to the ones with Microsoft Visio (Smart Connectors, Dimension lines, etc.,)
[Apache OpenOffice Draw][10]
### 3. Dia
![][11]
Dia is yet another interesting open source tool. It may not seem to be under active development like the other ones mentioned. But, if you were looking for a free and open source alternative to Microsoft Visio for simple and decent diagrams - Dia could be your choice. The only let down of this tool for you could be its user interface. Apart from that, it does let you utilize powerful tools for a complex diagram (but it may not look great - so we recommend it for simpler diagrams).
#### Overview of Key Features:
* It can be used via command-line
* Styling & Formatting tools
* Shape Repository for custom shapes
* Diagramming tools similar to the ones with Microsoft Visio (Special Objects, Grid Lines, Layers, etc.,)
* Cross-platform
[Dia][12]
### 4. yED Graph Editor
yED Graph editor is one of the most loved free Microsoft Visio alternative. If you worry about it being a freeware but not an open source project, you can still utilize [yED's live editor][13] via your web browser for free. It is one of the best recommendations if you want to make diagrams quickly with a very easy-to-use interface.
#### Overview of Key Features:
* Drag and drop feature for easy diagram making
* Supports importing external data for linking
[yED Graph Editor][14]
### 5. Inkscape
![][15]
Inkscape is a free and open source vector graphics editor. You get the basic functionalities of creating a flowchart or a data flow diagram. It does not offer advanced diagramming tools but the basic ones to create simpler diagrams. So, Inkscape could be your Visio alternative only if you are looking to generate basic diagrams with the help of diagram connector tool by utilizing the available symbols from the library.
#### Overview of Key Features:
* Connector Tool
* Flexible drawing tools
* Broad file format compatibility
[Inkscape][16]
### 6. Pencil Project
![][17]
Pencil Project is an impressive open source initiative that is available for both Windows and Mac along with Linux. It features an easy-to-use GUI which makes diagramming easier and convenient. A good collection of inbuilt shapes and symbols to make your diagrams look great. It also comes baked in with Android and iOS UI stencils to let you start prototyping apps when needed.
You can also have it installed as a Firefox extension - but the extension does not utilize the latest build of the project.
#### Overview of Key Features:
* Browse cliparts easily (utilizing openclipart.org)
* Export as an ODT file / PDF file
* Diagram connector tool
* Cross-platform
[Pencil Project][18]
### 7. Graphviz
![][19]
Graphviz is slightly different. It is not a drawing tool but a dedicated graph visualization tool. You should definitely utilize this tool if you are into network diagrams which require several designs to represent a node. Well, of course, you can't make a floor plan with this tool (it won't be easy at least). So, it is best-suited for network diagrams, bioinformatics, database connections, and similar stuff.
#### Overview of Key Features:
* Supports command-line usage
* Supports custom shapes & tabular node layouts
* Basic stying and formatting tools
[Graphviz][20]
### 8. Draw.io
Draw.io is primarily a free web-based diagramming tool with powerful tools to make almost any type of diagrams. You just need to drag n drop and then connect them to create a flowchart, an E-R diagram, or anything relevant. Also, if you like the tool, you can try the [offline desktop version][21].
**Overview of Key Features:**
* Direct uploads to a cloud storage service
* Custom Shapes
* Styling & Formatting tools
* Cross-platform
[Draw.io][22]
### 9. Lucidchart
![][23]
Lucidchart is a premium web-based diagramming tool which offers a free subscription with limited features. You can utilize the free subscription to create several types of diagrams and export them as an image or a PDF. However, the free version does not support data linking and Visio import/export functionality. If you do not need data linking -Lucidchart could prove to be a very good tool while generating beautiful diagrams.
#### Overview of Key Features:
* Integrations to Slack, Jira Core, Confluence
* Ability to make product mockups
* Import Visio files
[Lucidchart][24]
### 10. Calligra Flow
![calligra flow][25]
Calligra Flow is a part of [Calligra Project][26] which aims to provide free and open source software tools. With Calligra flow, you can easily create network diagrams, entity-relation diagrams, flowcharts, and more.
#### Overview of Key Features:
* Wide range of stencil boxes
* Styling and formatting tools
[Calligra Flow][27]
### Wrapping Up
Now that you know about the best free and open source Visio alternatives, what do you think about them?
Are they better than Microsoft Visio in any aspect of your requirements? Also, let us know in the comments below if we missed any of your favorite diagramming tools as an Linux alternative to Microsoft Visio.
--------------------------------------------------------------------------------
via: https://itsfoss.com/visio-alternatives-linux/
作者:[Ankush Das][a]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://itsfoss.com/author/ankush/
[1]:https://products.office.com/en/visio/flowchart-software
[2]:https://itsfoss.com/best-free-open-source-alternatives-microsoft-office/
[3]:data:image/gif;base64,R0lGODdhAQABAPAAAP///wAAACwAAAAAAQABAEACAkQBADs=
[4]:https://4bds6hergc-flywheel.netdna-ssl.com/wp-content/uploads/2017/12/visio-alternatives-linux-featured.png
[5]:https://4bds6hergc-flywheel.netdna-ssl.com/wp-content/uploads/2017/12/libreoffice-draw-microsoft-visio-alternatives.jpg
[6]:https://www.libreoffice.org/discover/draw/
[7]:https://4bds6hergc-flywheel.netdna-ssl.com/wp-content/uploads/2017/12/apache-open-office-draw.jpg
[8]:https://itsfoss.com/install-openoffice-ubuntu-linux/
[9]:https://itsfoss.com/openoffice-shutdown/
[10]:https://www.openoffice.org/product/draw.html
[11]:https://4bds6hergc-flywheel.netdna-ssl.com/wp-content/uploads/2017/12/dia-screenshot.jpg
[12]:http://dia-installer.de/
[13]:https://www.yworks.com/products/yed-live
[14]:https://www.yworks.com/products/yed
[15]:https://4bds6hergc-flywheel.netdna-ssl.com/wp-content/uploads/2017/12/inkscape-screenshot.jpg
[16]:https://inkscape.org/en/
[17]:https://4bds6hergc-flywheel.netdna-ssl.com/wp-content/uploads/2017/12/pencil-project.jpg
[18]:http://pencil.evolus.vn/Downloads.html
[19]:https://4bds6hergc-flywheel.netdna-ssl.com/wp-content/uploads/2017/12/graphviz.jpg
[20]:http://graphviz.org/
[21]:https://about.draw.io/integrations/#integrations_offline
[22]:https://about.draw.io/
[23]:https://4bds6hergc-flywheel.netdna-ssl.com/wp-content/uploads/2017/12/lucidchart-visio-alternative.jpg
[24]:https://www.lucidchart.com/
[25]:https://4bds6hergc-flywheel.netdna-ssl.com/wp-content/uploads/2017/12/calligra-flow.jpg
[26]:https://www.calligra.org/
[27]:https://www.calligra.org/flow/

70
published/20190703 How to Manually Install Security Updates on Debian-Ubuntu.md → sources/tech/20190703 How to Manually Install Security Updates on Debian-Ubuntu.md
View File

@ -1,44 +1,48 @@
[#]: collector: (lujun9972)
[#]: translator: (hopefully2333)
[#]: reviewer: (wxy)
[#]: publisher: (wxy)
[#]: url: (https://linux.cn/article-11132-1.html)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (How to Manually Install Security Updates on Debian/Ubuntu?)
[#]: via: (https://www.2daygeek.com/manually-install-security-updates-ubuntu-debian/)
[#]: author: (Magesh Maruthamuthu https://www.2daygeek.com/author/magesh/)
如何在 Debian/Ubuntu 上手动安装安全更新?
How to Manually Install Security Updates on Debian/Ubuntu?
======
在 Linux 上通过命令行安装一个包程序是一件简单的事。在一行命令中组合使用多个命令能让你更加简单地完成任务。
Installing a package in Linux from command line is a simple task.
安全更新也同样如此。
In a single command or combining of multiple commands could make you to complete your task easily.
在这个教程里面,我们会向你展示如何查看可用的安全更新,以及如何在 Ubuntu、LinuxMint 等等这些基于 Debian 的系统中安装它们。
The same can be done for security updates as well.
有三种方法可以完成这件事,下面会详细地描述这三种方法。
In this tutorial, we will show you how to check available security update and install them on Debian based systems such as Ubuntu, LinuxMint, etc,.
作为一个 Linux 管理员,你应该让你的系统保持为最新,这会让你的系统更安全,保护你的系统抵抗意想不到的攻击。
It can be done using three methods. All these methods are described in this article in details.
如果你因为一些应用的依赖问题不能解决,导致不能给所有的系统进行全部更新。那至少,你应该打上安全补丁来让你的系统 100% 符合要求。
As a Linux administrator, you should keep your system up-to-date, that makes your system more secure. It protects your system against unwanted attack.
### 方法一:如何检查 Debian/Ubuntu 中是否有任何可用的安全更新?
If you are not able to patch entire system with all updates due to some application dependency. At-least, you should install only security patches to make your system 100% compliance.
在进行补丁安装之前,检查可用安全更新列表始终是一个好习惯。它会为你提供将在你的系统中进行更新的软件包的列表。
### How to Install unattended-upgrades package in Debian/Ubuntu?
默认情况下,你的系统上应该是已经安装了 `unattended-upgrades` 包的。但是如果你的系统没有装这个包,那么请使用下面的命令来安装它。
By default `unattended-upgrades` package should be installed on your system. But in case if its not installed use the following command to install it.
使用 [APT-GET 命令][1] 或者 [APT 命令][2] 来安装 `unattended-upgrades` 包。
Use **[APT-GET Command][1]** or **[APT Command][2]** to install unattended-upgrades package.
```
$ sudo apt-get install unattended-upgrades
or
$ sudo apt install unattended-upgrades
```
**什么是试运行?** 大多数的 Linux 命令都有一个试运行选项,它会给出实际的输出但不会下载或安装任何东西。
### Method-1: How to Check if any Security Updates are available in Debian/Ubuntu?
为此,你需要在 `unattended-upgrades` 命令中添加 `--dry-run` 选项。
Its always a good practice to check list of available security updates before performing the patch installation. It will give you the list of packages that are going to be updated in your system.
**Whats dry run?** Most of the Linux commands have a dry run option, which stimulate the actual output but nothing will be downloaded or installed.
To do so, you need to add `--dry-run` option with unattended-upgrades command.
```
$ sudo unattended-upgrade --dry-run -d
@ -97,21 +101,21 @@ vim-tiny
xxd
```
如果在终端里,上面的命令输出说 “No packages found that can be upgraded unattended and no pending auto-removals”这意味着你的系统已经是最新的了。
If the above command output says **“No packages found that can be upgraded unattended and no pending auto-removals”** in the Terminal, this implies your System is up-to-date.
#### 如何在 Debian/Ubuntu 中安装可用的安全更新?
### How to Install available Security Updates in Debian/Ubuntu?
如果你在上面的命令输出中获得了任意的软件包更新,就运行下面的命令来安装它们。
If your got any package updates in the above command output. Then run the following command to install them.
```
$ sudo unattended-upgrade -d
```
除此之外,你也可以使用 `apt-get` 命令来进行安装。但是这个方法有点棘手,我会建议用户用第一个选项。
Alternatively this can be done from apt-get command. Its bit tricky. However, i would suggest users to go with first option.
### 方法二:如何使用 apt-get 命令在 Debian/Ubuntu 中检查是否有可用的安全更新?
### Method-2: How to Check if any Security Updates are available in Debian/Ubuntu Using apt-get Command?
在你的 Debian/Ubuntu 系统中运行下面的命令来查看可用安全更新的列表。
Run the following command to check list of available security updates in your Debian/Ubuntu system
```
$ sudo apt-get -s dist-upgrade | grep "^Inst" | grep -i securi
@ -156,19 +160,19 @@ Inst gcc [4:7.3.0-3ubuntu2.1] (4:7.4.0-1ubuntu2.3 Ubuntu:18.04/bionic-updates, U
Inst g++ [4:7.3.0-3ubuntu2.1] (4:7.4.0-1ubuntu2.3 Ubuntu:18.04/bionic-updates, Ubuntu:18.04/bionic-security [amd64])
```
#### 如何使用 apt-get 命令在 Debian/Ubuntu 系统中安装可用的安全更新?
### How to Install available Security Updates in Debian/Ubuntu Using apt-get Command?
如果你在上面命令的输出中发现任何的软件包更新。就运行下面的命令来安装它们。
If you found any package updates in the above output. Finally run the following command to install them.
```
$ sudo apt-get -s dist-upgrade | grep "^Inst" | grep -i securi | awk -F " " {'print $2'} | xargs apt-get install
```
除此之外,也可以使用 `apt` 命令来完成。但是这个方法有点棘手,我会建议用户用第一个方式。
Alternatively this can be done from apt command. Its bit tricky. However, i would suggest users to go with first option.
### 方法三:如何使用 apt 命令在 Debian/Ubuntu 系统中检查是否有可用的安全更新?
### Method-3: How to Check if any Security Updates are available in Debian/Ubuntu Using apt Command?
在 Debian/Ubuntu 系统中运行下面的命令来查看可用安全更新的列表。
Run the following command to check list of available security updates in your Debian/Ubuntu system
```
$ sudo apt list --upgradable | grep -e "-security"
@ -213,15 +217,15 @@ vim-tiny/bionic-updates,bionic-security 2:8.0.1453-1ubuntu1.1 amd64 [upgradable
xxd/bionic-updates,bionic-security 2:8.0.1453-1ubuntu1.1 amd64 [upgradable from: 2:8.0.1453-1ubuntu1]
```
#### 如何在 Debian/Ubuntu 系统中使用 apt 命令来安装可用的安全更新?
### How to Install available Security Updates in Debian/Ubuntu Using apt Command?
如果你在上面命令的输出中发现任何的软件包更新。就运行下面的命令来安装它们。
If you found any package updates in the above output. Finally run the following command to install them.
```
$ sudo apt list --upgradable | grep -e "-security" | awk -F "/" '{print $1}' | xargs apt install
```
同样,下面的文件也会告诉你更新包的总数。
Also, the following file will give you the packages update count.
```
$ sudo cat /var/lib/update-notifier/updates-available
@ -236,8 +240,8 @@ via: https://www.2daygeek.com/manually-install-security-updates-ubuntu-debian/
作者:[Magesh Maruthamuthu][a]
选题:[lujun9972][b]
译者:[hopefully2333](https://github.com/hopefully2333)
校对:[wxy](https://github.com/wxy)
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出

2
sources/tech/20190703 Parse arguments with Python.md
View File

@ -1,5 +1,5 @@
[#]: collector: (lujun9972)
[#]: translator: (geekpi)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )

134
sources/tech/20190706 How To Delete A Repository And GPG Key In Ubuntu.md Normal file
View File

@ -0,0 +1,134 @@
[#]: collector: (lujun9972)
[#]: translator: (geekpi)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (How To Delete A Repository And GPG Key In Ubuntu)
[#]: via: (https://www.ostechnix.com/how-to-delete-a-repository-and-gpg-key-in-ubuntu/)
[#]: author: (sk https://www.ostechnix.com/author/sk/)
How To Delete A Repository And GPG Key In Ubuntu
======
![Delete A Repository And GPG Key In Ubuntu][1]
The other day we discussed how to [**list the installed repositories**][2] in RPM and DEB-based systems. Today, we are going to learn how to delete a repository along with its GPG key in Ubuntu. For those wondering, a repository (shortly **repo** ) is a central place where the developers keep the software packages. The packages in the repositories are thoroughly tested and built specifically for each version by Ubuntu developers. The users can download and install these packages on their Ubuntu system using **Apt** **package manager**. Ubuntu has four official repositories namely **Main** , **Universe** , **Restricted** and **Multiverse**.
Apart from the official repositories, there are many unofficial repositories maintained by developers (or package maintainers). The unofficial repositories usually have the packages which are not available in the official repositories. All packages are signed with pair of keys, a public and private key, by the package maintainer. As you already know, the public key is given out to the users and the private must be kept secret. Whenever you add a new repository in the sources list, you should also add the repository key if Apt package manager wants to trust the newly added repository. Using the repository keys, you can ensure that youre getting the packages from the right person. Hope you got a basic idea about software repositories and repository keys. Now let us go ahead and see how to delete the repository and its key if it is no longer necessary in Ubuntu systems.
### Delete A Repository In Ubuntu
Whenever you add a repository using “add-apt-repository” command, it will be stored in **/etc/apt/sources.list** file.
To delete a software repository from Ubuntu and its derivatives, just open the /etc/apt/sources.list file and look for the repository entry and delete it.
```
$ sudo nano /etc/apt/sources.list
```
As you can see in the below screenshot, I have added [**Oracle Virtualbox**][3] repository in my Ubuntu system.
![][4]
virtualbox repository
To delete this repository, simply remove the entry. Save and close the file.
If you have added PPA repositories, look into **/etc/apt/sources.list.d/** directory and delete the respective entry.
Alternatively, you can delete the repository using “add-apt-repository” command. For example, I am deleting the [**Systemback**][5] repository like below.
```
$ sudo add-apt-repository -r ppa:nemh/systemback
```
Finally, update the software sources list using command:
```
$ sudo apt update
```
### Delete Repository keys
We use “apt-key” command to add the repository keys. First, let us list the added keys using command:
```
$ sudo apt-key list
```
This command will list all added repository keys.
```
/etc/apt/trusted.gpg
--------------------
pub rsa1024 2010-10-31 [SC]
3820 03C2 C8B7 B4AB 813E 915B 14E4 9429 73C6 2A1B
uid [ unknown] Launchpad PPA for Kendek
pub rsa4096 2016-04-22 [SC]
B9F8 D658 297A F3EF C18D 5CDF A2F6 83C5 2980 AECF
uid [ unknown] Oracle Corporation (VirtualBox archive signing key) <[email protected]>
sub rsa4096 2016-04-22 [E]
/etc/apt/trusted.gpg.d/ubuntu-keyring-2012-archive.gpg
------------------------------------------------------
pub rsa4096 2012-05-11 [SC]
790B C727 7767 219C 42C8 6F93 3B4F E6AC C0B2 1F32
uid [ unknown] Ubuntu Archive Automatic Signing Key (2012) <[email protected]>
/etc/apt/trusted.gpg.d/ubuntu-keyring-2012-cdimage.gpg
------------------------------------------------------
pub rsa4096 2012-05-11 [SC]
8439 38DF 228D 22F7 B374 2BC0 D94A A3F0 EFE2 1092
uid [ unknown] Ubuntu CD Image Automatic Signing Key (2012) <[email protected]>
/etc/apt/trusted.gpg.d/ubuntu-keyring-2018-archive.gpg
------------------------------------------------------
pub rsa4096 2018-09-17 [SC]
F6EC B376 2474 EDA9 D21B 7022 8719 20D1 991B C93C
uid [ unknown] Ubuntu Archive Automatic Signing Key (2018) <[email protected]>
```
As you can see in the above output, the long (40 characters) hex value is the repository key. If you want APT package manager to stop trusting the key, simply delete it using command:
```
$ sudo apt-key del "3820 03C2 C8B7 B4AB 813E 915B 14E4 9429 73C6 2A1B"
```
Or, specify the last 8 characters only:
```
$ sudo apt-key del 73C62A1B
```
Done! The repository key has been deleted. Run the following command to update the repository lists:
```
$ sudo apt update
```
**Resource:**
* [**Software repositories Ubuntu Community Wiki**][6]
--------------------------------------------------------------------------------
via: https://www.ostechnix.com/how-to-delete-a-repository-and-gpg-key-in-ubuntu/
作者:[sk][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.ostechnix.com/author/sk/
[b]: https://github.com/lujun9972
[1]: https://www.ostechnix.com/wp-content/uploads/2019/07/Delete-a-repository-in-ubuntu-720x340.png
[2]: https://www.ostechnix.com/find-list-installed-repositories-commandline-linux/
[3]: https://www.ostechnix.com/install-oracle-virtualbox-ubuntu-16-04-headless-server/
[4]: https://www.ostechnix.com/wp-content/uploads/2019/07/virtualbox-repository.png
[5]: https://www.ostechnix.com/systemback-restore-ubuntu-desktop-and-server-to-previous-state/
[6]: https://help.ubuntu.com/community/Repositories/Ubuntu

184
sources/tech/20190708 10 ways to get started with Linux.md Normal file
View File

@ -0,0 +1,184 @@
[#]: collector: (lujun9972)
[#]: translator: (wxy)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (10 ways to get started with Linux)
[#]: via: (https://opensource.com/article/19/7/ways-get-started-linux)
[#]: author: (Seth Kenlon https://opensource.com/users/seth/users/don-watkins)
10 ways to get started with Linux
======
Ready to dive in and learn Linux? Try these 10 ways to get started.
![Penguins gathered together in the Artic][1]
The article _[What is a Linux user?][2]_ by Anderson Silva made it clear that these days people are as likely to use Linux (in some way) as they are to use Windows, as long as your definition of "using Linux" is sufficiently broad. Still, if you don't have enough Linux in your life, now is a great time to try Linux in a way you've never tried before.
Here are 10 ways to get started with Linux. Try one or try them all.
### 1\. Join a free shell
![Free shell screenshot][3]
There are a lot of people running Linux with more Linux servers than they know what to do with (keep in mind that a "Linux server" can be anything from the latest supercomputer to a discarded 12-year-old laptop). To put excess computers to good use, many administrators open their spare boxes up for free shell accounts.
If you want to log time in a Linux terminal to learn commands, shell scripting, Python, and the basics of web development, a free shell account is an easy, no-cost way to get started. Here's a short list to try:
* [Freeshell.de][4] is a public access Linux system that's been online since 2002. You get SSH access (to experiment in a Linux shell), IPv6, and OpenSSL, and you can request a MySQL database.
* [Blinkenshell][5] provides a Linux shell to learn Unix, use IRC, host simple websites, and share files. It's been online since 2006.
* [SDF Public Access Unix System][6] was established in 1987 to offer free NetBSD accounts. NetBSD isn't Linux, of course, but it's open source Unix, so it offers a similar experience. It also has several homebrewed applications, so it straddles the line between old-school BBS and plain-old free shell.
Free shell accounts are subject to a lot of abuse, so the more you demonstrate trustworthiness and willingness to participate in the goings-on of the collective, the better your experience. You can often gain access (through a special request or a small donation to demonstrate goodwill) to database engines, compilers, and advanced programming languages. You can also ask for additional software or libraries to be installed, subject to administrator approval.
#### How to use it
Public access shell accounts are a great way to try out a real Linux system. The fact that you don't get root access means you get to learn local software management without having to mow your own lawn or fix leaky faucets. You can do just enough real-life activities to make them viable for getting real work done, although they're not reliable enough to be mission critical.
### 2\. Try Linux on Windows with WSL 2
Believe it or not, Microsoft started shipping Linux with Windows as of June 2019, meaning you can run Linux applications from Windows as the second iteration of the [Windows Subsystem for Linux][7] (WSL 2). While it's primarily aimed at developers, Windows users will find WSL 2 to be a Linux environment from the comfort of a familiar desktop without any virtualization taking up extra resources. This is Linux running as a process on your Windows machine. At this time, it's still a new initiative and a work in progress, so it's subject to change. If you try to push it too far too soon, you're likely to encounter a bug or two, but if you're just looking to get started with Linux, learn some commands, and get a feel for getting serious work done in a text-based environment, WSL 2 may be exactly what you need.
#### How to use it
WSL doesn't yet have a clear pathway or purpose, but it provides a Linux environment on your Windows machine. You get root access and can run Linux distributions and applications, so it's an easy and seamless way to learn. However, even though WSL _is Linux_, it's not exactly a typical Linux experience. It's Linux provided by Windows, and that's not what you're likely to encounter in the real world. WSL is a development and educational tool, but if it's available to you, then you should use it.
### 3\. Carry Linux on a bootable thumb drive
![Porteus Linux][8]
Carry Linux, installed to a USB thumb drive, everywhere you go, and boot any computer you encounter from that thumb drive. You get a personalized Linux desktop, and you don't have to worry about the data on the host computer you've booted from. The computer doesn't touch your Linux OS, and your Linux OS doesn't affect the computer. It's ideal for public computers at hotel business centers, libraries, schools, or just to give yourself an excuse to boot into Linux from time to time.
Unlike many other quick hacks to get to a Linux shell, this method offers you a full and robust Linux system, complete with a desktop, access to whatever software you need, and persistent data storage.
The system never changes. Any data you want to save is written into a compressed filesystem, which is then applied as an overlay to the system when you boot. This flexibility allows you to choose whether to boot in persistent mode, saving all data back to the thumb drive, or in an ephemeral mode, so everything you do disappears once you power down. In other words, you can use this as a secure kiosk on an untrusted computer or as your portable OS on computers you trust.
There are many [thumb drive distributions][9] you can try, some with minimal desktop environments for low-powered computers and others with a full desktop. I'm partial to [Porteus][10] Linux. I've carried it on my keychain every day for the past eight years, using it as my primary computing platform during business travel as well as a utility disk if computer problems strike at work or home. It's a reliable and stable operating system that's fun and easy to use.
On Mac or Windows, download the [Fedora Media Writer][11] to create a bootable thumb drive of whatever portable distribution you download.
#### How to use it
Booting a "live Linux" from a USB thumb drive provides a complete Linux distribution. While data storage is done a little differently from a system you install to a hard drive, everything else is as you'd expect from a Linux desktop. There's little you can't do on a portable Linux OS, so install one on your keychain to unlock the full potential of every computer you encounter.
### 4\. Take an online tour
![Linux tour screenshot][12]
Somebody over at Ubuntu thought up the brilliant idea of hosting an Ubuntu GNOME desktop in the browser. To try it out for yourself, open a web browser and navigate to [tour.ubuntu.com][13]. You can select which activity you want demonstrated, or you can skip individual lessons and click the Show Yourself Around button.
Even if you're new to the Linux desktop, you might find showing yourself around is more familiar than you might expect. From the online tour, you can look around, see what applications are available, and view what a typical default Linux desktop is like. You can't adjust settings or launch another tour in Firefox (it was the first thing I tried, naturally), and while you can go through the motions of installing applications, you can't launch them. But if you've never used a Linux desktop before and you want to see what all the fuss is about, this is the whirlwind tour.
#### How to use it
An online tour is truly just a tour. If you've never seen a Linux desktop in action, this is an opportunity to get a glimpse of what it's like. Not intended for serious work, this is an attractive display to entice passers-by.
### 5\. Run Linux in the browser with JavaScript
![JSLinux][14]
Not so long ago, virtualization used to be computationally expensive, limited to users with premium hardware. Now virtualization has been optimized to the point that it can be performed by a JavaScript engine, thanks to Fabrice Bellard, the creator of the excellent and open source [QEMU][15] machine emulator and virtualizer.
Bellard also started the JSLinux project, which allows you to run Linux and other operating systems in a browser, in his spare time for fun. It's still an experimental project, but it's a technical marvel. Open a web browser to the [JSLinux][16] page, and you can boot a text-based Linux shell or a minimal graphical Linux environment. You can upload and download files to your JSLinux host or (theoretically) send your files to a network backup location, because JSLinux has access to the internet through a VPN socket (although at capped speeds, dependent upon the VPN service).
#### How to use it
You won't be doing serious work on JSLinux anytime soon, and the environment is arguably too unusual to learn broad lessons about how Linux normally works. If, however, you're bored of running Linux on a plain old PC and would like to try Linux on a truly distinctive platform, JSLinux is in a class all its own.
### 6\. Read about it
Not every Linux experience happens on the computer. Maybe you're the sort of person who likes to keep your distance, observe, and do your research before jumping into something new, or maybe you're just not clear yet on what "Linux" encompasses, or maybe you love full immersion. There's a wealth of information to read about how Linux works, what it's like to run Linux, and what's happening in the Linux world.
The more you get familiar with the world of open source, the easier it is to understand the common lingo and to separate urban myth from actual experience. We publish [book lists][17] from time to time, but one of my favorites is [_The Charm of Linux_][18] by Hazel Russman. It's a tour through Linux from many different angles, written by an independent author out of excitement over discovering Linux.
#### How to use it
Nothing beats kicking back with a good book. This is the least traditional method of experiencing Linux, but for people who love the printed word, it's both comforting and effective.
### 7\. Get a Raspberry Pi
![Raspberry Pi 4][19]
If you're using a [Raspberry Pi][20], you're running Linux. It's that easy to get started with Linux and low-powered computing. The great thing about the Pi, aside from it costing well under $100, is that its [website][21] is designed for education. You can learn all about what the Pi does, and while you're at it, all about what Linux can do for you.
#### How to use it
The Pi is, by design, a low-powered computer. That means you can't do as much multitasking as you might be used to, but that's a convenient way to keep yourself from getting overwhelmed. The Raspberry Pi is a great way to learn Linux and all of the possibilities that come with it, and it's a fun way to discover the power of eco-friendly, small-form-factor, simplified computing. And be sure to stay tuned to Opensource.com—especially during Pi Week every March—for [tips][22] and [tricks][23] and [fun][24] [activities][25].
### 8\. Climb aboard the container craze
If you work near the back end of the mythical [cloud][26], then you've heard about the container craze. While you can run Docker and Kubernetes on Windows, Azure, Mac, and Linux, you may not know that the containers themselves are Linux. Cloud computing apps and infrastructure are literally minimal Linux systems that run partly virtualized and partly on bare metal. If you launch a container, you are launching a miniature, hyper-specific Linux distribution.
Containers are [different][27] than virtual machines or physical servers. They're not intended to be used as a general-purpose operating system. However, if you are developing in a container, you might want to pause and have a look around. You'll get a glimpse of how a Linux system is structured, where important files are kept, and which commands are the most common. You can even [try a container online][28], and you can read all about how they work in my article about going [behind the scenes with Linux containers][29].
#### How to use it
Containers are, by design, specific to a single task, but they're Linux, so they're extremely flexible. You can use them as they're intended, or you can build a container out into a mostly complete system for your Linux experiments. It's not a desktop Linux experience, but it's a full Linux experience.
### 9\. Install Linux as a VM
Virtualization is the easy way to try an operating system, and [VirtualBox][30] is a great open source way to virtualize. VirtualBox runs on Windows and Mac, so you can install Linux as a virtual machine (VM) and use it almost as if it were just another application. If you're not accustomed to installing an operating system, VirtualBox is also a very safe way to try Linux without accidentally installing it over your usual OS.
#### How to use it
Running Linux as a VM is convenient and easy, either as a trial run or an alternative to dual-booting or rebooting when you need a Linux environment. It's full-featured and, because it uses virtual hardware, the host operating system drives your peripherals. The only disadvantage to running Linux as a virtual machine is primarily psychological. If you intend to use Linux as your main OS, but end up defaulting to the host OS for all but the most Linux-specific tasks, then the VM has failed you. Otherwise, a VM is a triumph of modern technology, and using Linux in VirtualBox provides you with all the best features Linux has to offer.
### 10\. Install it
![Fedora Silverblue][31]
When in doubt, there's always the traditional route. If you want to give Linux the attention it deserves, you can download Linux, burn the installer to a thumb drive (or a DVD, if you prefer optical media), and install it on your computer. Linux is open source, so it can be distributed by anyone who wants to take the time to bundle Linux—and all the bits and pieces that make it usable—into what is commonly called a _distribution_ (or "distro") for short. Ask any Linux user, and you're bound to get a different answer for which distribution is "best" (mostly because the term "best" is often left undefined). Most people admit that you should use the Linux distribution that works for you, meaning that you should test a few popular distros and settle on the one that makes your computer behave as you expect it to behave. This is a pragmatic and functional approach. For example, should a distribution fail to recognize your webcam and you want your webcam to work, then use a distribution that recognizes your webcam.
If you've never installed an operating system before, you'll find most Linux distributions include a friendly and easy installer. Just download a distribution (they are delivered as ISO files), and download the [Fedora Media Writer][11] to create a bootable installation thumb drive.
#### How to use it
Installing Linux and using it as an operating system is a step toward becoming familiar and familial with it. There's no wrong way to use it. You might discover must-have features you never knew you needed, you might learn more about computers than you ever imagined you could, and you may shift in your worldview. Or you might use a Linux desktop because it was easy to download and install, or because you want to cut out the middleman of some corporate overlord, or because it helps you get your work done.
Whatever your reason, just give Linux a try with any (or all) of these options.
--------------------------------------------------------------------------------
via: https://opensource.com/article/19/7/ways-get-started-linux
作者:[Seth Kenlon][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/seth/users/don-watkins
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/OSDC_Penguin_Image_520x292_12324207_0714_mm_v1a.png?itok=p7cWyQv9 (Penguins gathered together in the Artic)
[2]: https://opensource.com/article/19/6/what-linux-user
[3]: https://opensource.com/sites/default/files/uploads/freeshell.png (Free shell screenshot)
[4]: https://freeshell.de
[5]: https://blinkenshell.org/wiki/Start
[6]: https://sdf.org/
[7]: https://devblogs.microsoft.com/commandline/wsl-2-is-now-available-in-windows-insiders/
[8]: https://opensource.com/sites/default/files/uploads/porteus.jpg (Porteus Linux)
[9]: https://opensource.com/article/19/6/tiny-linux-distros-you-have-try
[10]: http://porteus.org
[11]: https://getfedora.org/en/workstation/download/
[12]: https://opensource.com/sites/default/files/uploads/linux_tour.jpg (Linux tour screenshot)
[13]: http://tour.ubuntu.com/en/#
[14]: https://opensource.com/sites/default/files/uploads/jslinux.jpg (JSLinux)
[15]: https://www.qemu.org
[16]: https://bellard.org/jslinux/
[17]: https://opensource.com/article/19/1/tech-books-new-skils
[18]: http://www.lulu.com/shop/hazel-russman/the-charm-of-linux/paperback/product-21229401.html
[19]: https://opensource.com/sites/default/files/uploads/raspberry-pi-4-case.jpg (Raspberry Pi 4)
[20]: https://opensource.com/resources/raspberry-pi
[21]: https://www.raspberrypi.org/
[22]: https://opensource.com/article/19/3/raspberry-pi-projects
[23]: https://opensource.com/article/19/3/piflash
[24]: https://opensource.com/article/19/3/gamepad-raspberry-pi
[25]: https://opensource.com/life/16/3/make-music-raspberry-pi-milkytracker
[26]: https://opensource.com/resources/cloud
[27]: https://opensource.com/article/19/6/how-ssh-running-container
[28]: https://linuxcontainers.org/lxd/try-it/
[29]: https://opensource.com/article/18/11/behind-scenes-linux-containers
[30]: https://virtualbox.org
[31]: https://opensource.com/sites/default/files/uploads/fedora-silverblue.png (Fedora Silverblue)

133
sources/tech/20190708 Command line quick tips- Permissions.md Normal file
View File

@ -0,0 +1,133 @@
[#]: collector: (lujun9972)
[#]: translator: (MjSeven)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Command line quick tips: Permissions)
[#]: via: (https://fedoramagazine.org/command-line-quick-tips-permissions/)
[#]: author: (Paul W. Frields https://fedoramagazine.org/author/pfrields/)
Command line quick tips: Permissions
======
![][1]
Fedora, like all Linux based systems, comes with a powerful set of security features. One of the basic features is _permissions_ on files and folders. These permissions allow files and folders to be secured from unauthorized access. This article explains a bit about these permissions, and shows you how to share access to a folder using them.
### Permission basics
Fedora is by nature a multi-user operating system. It also has _groups_, which users can be members of. But imagine for a moment a multi-user system with no concept of permissions. Different logged in users could read each others content at will. This isnt very good for privacy or security, as you can imagine.
Any file or folder on Fedora has three sets of permissions assigned. The first set is for the _user_ who owns the file or folder. The second is for the _group_ that owns it. The third set is for everyone else whos not the user who owns the file, or in the group that owns the file. Sometimes this is called the _world_.
### What permissions mean
Each set of permissions comes in three flavors — _read_, _write_, and _execute_. Each of these has an initial that stands for the permission, thus _r_, _w_, and _x_.
#### File permissions
For _files_, heres what these permissions mean:
* Read (r): the file content can be read
* Write (w): the file content can be changed
* Execute (x): the file can be executed — this is used primarily for programs or scripts that are meant to be run directly
*
You can see the three sets of these permissions when you do a long listing of any file. Try this with the _/etc/services_ file on your system:
```
$ ls -l /etc/services
-rw-r--r--. 1 root root 692241 Apr 9 03:47 /etc/services
```
Notice the groups of permissions at the left side of the listing. These are provided in three sets, as mentioned above — for the user who owns the file, for the group that owns the file, and for everyone else. The user owner is _root_ and the group owner is the _root_ group. The user owner has read and write access to the file. Anyone in the group _root_ can only read the file. And finally, anyone else can also only read the file. (The dash at the far left shows this is a regular file.)
By the way, youll commonly find this set of permissions on many (but not all) system configuration files. They are only meant to be changed by the system administrator, not regular users. Often regular users need to read the content as well.
#### Folder (directory) permissions
For folders, the permissions have slightly different meaning:
* Read (r): the folder contents can be read (such as the _ls_ command)
* Write (w): the folder contents can be changed (files can be created or erased in this folder)
* Execute (x): the folder can be searched, although its contents cannot be read. (This may sound strange, but the explanation requires more complex details of file systems outside the scope of this article. So just roll with it for now.)
Take a look at the _/etc/grub.d_ folder for example:
```
$ ls -ld /etc/grub.d
drwx------. 2 root root 4096 May 23 16:28 /etc/grub.d
```
Note the _d_ at the far left. It shows this is a directory, or folder. The permissions show the user owner (_root_) can read, change, and _cd_ into this folder. However, no one else can do so — whether theyre a member of the _root_ group or not. Notice you cant _cd_ into the folder, either:
```
$ cd /etc/grub.d
bash: cd: /etc/grub.d: Permission denied
```
Notice how your own home directory is setup:
```
$ ls -ld $HOME
drwx------. 221 paul paul 28672 Jul 3 14:03 /home/paul
```
Now, notice how no one, other than you as the owner, can access anything in this folder. This is intentional! You wouldnt want others to be able to read your private content on a shared system.
### Making a shared folder
You can exploit this permissions capability to easily make a folder to share within a group. Imagine you have a group called _finance_ with several members who need to share documents. Because these are user documents, its a good idea to store them within the _/home_ folder hierarchy.
To get started, [use][2] _[sudo][2]_ to make a folder for sharing, and set it to be owned by the _finance_ group:
```
$ sudo mkdir -p /home/shared/finance
$ sudo chgrp finance /home/shared/finance
```
By default the new folder has these permissions. Notice how it can be read or searched by anyone, even if they cant create or erase files in it:
```
drwxr-xr-x. 2 root root 4096 Jul 6 15:35 finance
```
That doesnt seem like a good idea for financial data. Next, use the _chmod_ command to change the mode (permissions) of the shared folder. Note the use of _g_ to change the owning groups permissions, and _o_ to change other users permissions. Similarly, _u_ would change the user owners permissions:
```
$ sudo chmod g+w,o-rx /home/shared/finance
```
The resulting permissions look better. Now, anyone in the _finance_ group (or the user owner _root_) have total access to the folder and its contents:
```
drwxrwx---. 2 root finance 4096 Jul 6 15:35 finance
```
If any other user tries to access the shared folder, they wont be able to do so. Great! Now our finance group can put documents in a shared place.
### Other notes
There are additional ways to manipulate these permissions. For example, you may want any files in this folder to be set as owned by the group _finance_. This requires additional settings not covered in this article, but stay tuned to the Magazine for more on that topic soon.
--------------------------------------------------------------------------------
via: https://fedoramagazine.org/command-line-quick-tips-permissions/
作者:[Paul W. Frields][a]
选题:[lujun9972][b]
译者:[MjSeven](https://github.com/MjSeven)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://fedoramagazine.org/author/pfrields/
[b]: https://github.com/lujun9972
[1]: https://fedoramagazine.org/wp-content/uploads/2018/10/commandlinequicktips-816x345.jpg
[2]: https://fedoramagazine.org/howto-use-sudo/

63
sources/tech/20190709 Sysadmin vs SRE- What-s the difference.md Normal file
View File

@ -0,0 +1,63 @@
Viz 开始翻译 (¯﹃¯)
[#]: collector: (lujun9972)
[#]: translator: (vizv)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Sysadmin vs SRE: What's the difference?)
[#]: via: (https://opensource.com/article/19/7/sysadmins-vs-sres)
[#]: author: (Vince Power https://opensource.com/users/vincepower/users/craig5/users/dawnparzych/users/penglish)
Sysadmin vs SRE: What's the difference?
======
Both sysadmins and site reliability engineers are valuable parts of any
organization. Here's a look at each role differs.
![People work on a computer server with devices][1]
In the IT world, there has always been a pull between generalist and specialist. The stereotypical sysadmin falls in the generalist category 99 times out of 100. The [site reliability engineer (SRE)][2] role is specialized, however, and grew out of the needs of one of the first companies to know real scale: Google. Ultimately, these two roles have the same goal for the applications whose infrastructure they operate: providing a good experience for the applications consumers. Yet, these roles have drastically different starting points.
### Sysadmins: Neutral good incarnate
Sysadmins typically grow into their position by starting as entry-level desktop and network support, and then over time acquiring the broad set of skills most sysadmins have in common. By that point, these sysadmins know all of the systems and applications they are responsible for. They know the app on server one needs to be restarted every other Tuesday, or the service on server nine will crash on Wednesday with no errors. They have fine-tuned their monitoring so it ignores what doesnt matter, even that error that happens on the third Sunday of the month, despite the fact that its marked as fatal.
In short, sysadmins know how to feed and care for the servers that run the core of your business. These sysadmins have grown to use automation to handle routine tasks across all the servers they manage. They love templates, golden images, and standards, but are flexible enough to make a parameter change on just the one server that has an error, and then make a note regarding why that server is now uniquely configured.
Sysadmins are great, but they have a couple of quirks. The first being that you just do not get root access without divine intervention, and that any changes they make which were not their idea have to be documented as required by the application they are working withs vendor, and then will still be double-checked.
The servers are their domain, and no one messes with their stuff.
### SREs: Thanos would be proud
As opposed to the path to becoming a sysadmin, SREs are as likely to come from a development background as a sysadmin background. The SRE position is closer to the lifecycle you find in an application development environment.
As an organization grows and introduces [DevOps][3] concepts like [continuous integration][4] and [continuous delivery][5] (CI/CD), there will often be a skills gap on how to run those immutable applications across multiple environments while having them scale to meet the businesss needs. This is the world of an SRE. Yes, a sysadmin can learn the additional tools, but at scale, this easily becomes a full-time position to keep up. A specialist makes sense.
SREs use concepts like [infrastructure-as-code][6] to produce templates, which are called to deploy the environment an application will run in, with the goal of every application and its environment being completely reproducible with the push of a button. So, app one on server one in system testing will have the exact same binaries that will be used on server fifteen in production, with the exception of environment-specific variables like passwords and database connection strings.
An SRE will also completely destroy an environment and rebuild it based on a configuration change. There is no emotional attachment to any system. Each system is just a number and is tagged and lifecycled accordingly, even to the point that routine server patching is done by redeploying the entire application stack.
### Conclusion
In certain situations, especially when operating in large DevOps-based environments, the specialized skills an SRE provides regarding how to handle any level of scale definitely offer an advantage. And every time they get stuck, they will seek out the help of their friendly neighborhood sysadmin—or [(BOFH)][7] on a bad day—for those well-honed troubleshooting skills, and the breadth of experiences which sysadmins rely on to provide value to any organization they are a part of.
--------------------------------------------------------------------------------
via: https://opensource.com/article/19/7/sysadmins-vs-sres
作者:[Vince Power][a]
选题:[lujun9972][b]
译者:[vizv](https://github.com/vizv)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/vincepower/users/craig5/users/dawnparzych/users/penglish
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/rh_003499_01_linux11x_cc.png?itok=XMDOouJR (People work on a computer server with devices)
[2]: https://en.wikipedia.org/wiki/Site_Reliability_Engineering
[3]: https://opensource.com/resources/devops
[4]: https://en.wikipedia.org/wiki/Continuous_integration
[5]: https://en.wikipedia.org/wiki/Continuous_delivery
[6]: https://en.wikipedia.org/wiki/Infrastructure_as_code
[7]: http://www.bofharchive.com/BOFH.html

189
sources/tech/20190710 32-bit life support- Cross-compiling with GCC.md Normal file
View File

@ -0,0 +1,189 @@
[#]: collector: (lujun9972)
[#]: translator: (robsean)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (32-bit life support: Cross-compiling with GCC)
[#]: via: (https://opensource.com/article/19/7/cross-compiling-gcc)
[#]: author: (Seth Kenlon https://opensource.com/users/seth)
32-bit life support: Cross-compiling with GCC
======
Use GCC to cross-compile binaries for different architectures from a
single build machine.
![Wratchet set tools][1]
If you're a developer creating binary packages, like an RPM, DEB, Flatpak, or Snap, you have to compile code for a variety of different target platforms. Typical targets include 32-bit and 64-bit x86 and ARM. You could do your builds on different physical or virtual machines, but that means maintaining several systems. Instead, you can use the GNU Compiler Collection ([GCC][2]) to cross-compile, producing binaries for several different architectures from a single build machine.
Assume you have a simple dice-rolling game that you want to cross-compile. Something written in C is relatively easy on most systems, so to add complexity for the sake of realism, I wrote this example in C++, so the program depends on something not present in C (**iostream**, specifically).
```
#include &lt;iostream&gt;
#include &lt;cstdlib&gt;
using namespace std;
void lose (int c);
void win (int c);
void draw ();
int main() {
  int i;
    do {
      cout &lt;&lt; "Pick a number between 1 and 20: \n";
      cin &gt;&gt; i;
      int c = rand ( ) % 21;
      if (i &gt; 20) lose (c);
      else if (i &lt; c ) lose (c);
      else if (i &gt; c ) win (c);
      else draw ();
      }
      while (1==1);
      }
void lose (int c )
  {
    cout &lt;&lt; "You lose! Computer rolled " &lt;&lt; c &lt;&lt; "\n";
  }
void win (int c )
  {
    cout &lt;&lt; "You win!! Computer rolled " &lt;&lt; c &lt;&lt; "\n";
   }
void draw ( )
   {
     cout &lt;&lt; "What are the chances. You tied. Try again, I dare you! \n";
   }
```
Compile it on your system using the **g++** command:
```
`$ g++ dice.cpp -o dice`
```
Then run it to confirm that it works:
```
$ ./dice
Pick a number between 1 and 20:
[...]
```
You can see what kind of binary you just produced with the **file** command:
```
$ file ./dice
dice: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically
linked (uses shared libs), for GNU/Linux 5.1.15, not stripped
```
And just as important, what libraries it links to with **ldd**:
```
$ ldd dice
linux-vdso.so.1 =&gt; (0x00007ffe0d1dc000)
libstdc++.so.6 =&gt; /usr/lib/x86_64-linux-gnu/libstdc++.so.6
(0x00007fce8410e000)
libc.so.6 =&gt; /lib/x86_64-linux-gnu/libc.so.6
(0x00007fce83d4f000)
libm.so.6 =&gt; /lib/x86_64-linux-gnu/libm.so.6
(0x00007fce83a52000)
/lib64/ld-linux-x86-64.so.2 (0x00007fce84449000)
libgcc_s.so.1 =&gt; /lib/x86_64-linux-gnu/libgcc_s.so.1
(0x00007fce8383c000)
```
You have confirmed two things from these tests: The binary you just ran is 64-bit, and it is linked to 64-bit libraries.
That means that, in order to cross-compile for 32-bit, you must tell **g++** to:
1. Produce a 32-bit binary
2. Link to 32-bit libraries instead of the default 64-bit libraries
### Setting up your dev environment
To compile to 32-bit, you need 32-bit libraries and headers installed on your system. If you run a pure 64-bit system, then you have no 32-bit libraries or headers and need to install a base set. At the very least, you need the C and C++ libraries (**glibc** and **libstdc++**) along with 32-bit version of GCC libraries (**libgcc**). The names of these packages may vary from distribution to distribution. On Slackware, a pure 64-bit distribution with 32-bit compatibility is available from the **multilib** packages provided by [Alien BOB][3]. On Fedora, CentOS, and RHEL:
```
$ yum install libstdc++-*.i686
$ yum install glibc-*.i686
$ yum install libgcc.i686
```
Regardless of the system you're using, you also must install any 32-bit libraries your project uses. For instance, if you include **yaml-cpp** in your project, then you must install the 32-bit version of **yaml-cpp** or, on many systems, the development package for **yaml-cpp** (for instance, **yaml-cpp-devel** on Fedora) before compiling it.
Once that's taken care of, the compilation is fairly simple:
```
`$ g++ -m32 dice.cpp -o dice32 -L /usr/lib -march=i686`
```
The **-m32** flag tells GCC to compile in 32-bit mode. The **-march=i686** option further defines what kind of optimizations to use (refer to **info gcc** for a list of options). The **-L** flag sets the path to the libraries you want GCC to link to. This is usually **/usr/lib** for 32-bit, although, depending on how your system is set up, it could be **/usr/lib32** or even **/opt/usr/lib** or any place you know you keep your 32-bit libraries.
After the code compiles, see proof of your build:
```
$ file ./dice32
dice: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV),
dynamically linked (uses shared libs) [...]
```
And, of course, **ldd ./dice32** points to your 32-bit libraries.
### Different architectures
Compiling 32-bit on 64-bit for the same processor family allows GCC to make many assumptions about how to compile the code. If you need to compile for an entirely different processor, you must install the appropriate cross-build GCC utilities. Which utility you install depends on what you are compiling. This process is a little more complex than compiling for the same CPU family.
When you're cross-compiling for the same family, you can expect to find the same set of 32-bit libraries as 64-bit libraries, because your Linux distribution is maintaining both. When compiling for an entirely different architecture, you may have to hunt down libraries required by your code. The versions you need may not be in your distribution's repositories because your distribution may not provide packages for your target system, or it may not mirror all packages in a convenient location. If the code you're compiling is yours, then you probably have a good idea of what its dependencies are and possibly where to find them. If the code is something you have downloaded and need to compile, then you probably aren't as familiar with its requirements. In that case, investigate what the code requires to build correctly (they're usually listed in the README or INSTALL files, and certainly in the source code itself), then go gather the components.
For example, if you need to compile C code for ARM, you must first install **gcc-arm-linux-gnu** (32-bit) or **gcc-aarch64-linux-gnu** (64-bit) on Fedora or RHEL, or **arm-linux-gnueabi-gcc** and **binutils-arm-linux-gnueabi** on Ubuntu. This provides the commands and libraries you need to build (at least) a simple C program. Additionally, you need whatever libraries your code uses. You can place header files in the usual location (**/usr/include** on most systems), or you can place them in a directory of your choice and point GCC to it with the **-I** option.
When compiling, don't use the standard **gcc** or **g++** command. Instead, use the GCC utility you installed. For example:
```
$ arm-linux-gnu-g++ dice.cpp \
  -I/home/seth/src/crossbuild/arm/cpp \
  -o armdice.bin
```
Verify what you've built:
```
$ file armdice.bin
armdice.bin: ELF 32-bit LSB executable, ARM, EABI5 version 1 (SYSV) [...]
```
### Libraries and deliverables
This was a simple example of how to use cross-compiling. In real life, your source code may produce more than just a single binary. While you can manage this manually, there's probably no good reason to do that. In my next article, I'll demonstrate GNU Autotools, which does most of the work required to make your code portable.
--------------------------------------------------------------------------------
via: https://opensource.com/article/19/7/cross-compiling-gcc
作者:[Seth Kenlon][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/seth
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/tools_osyearbook2016_sysadmin_cc.png?itok=Y1AHCKI4 (Wratchet set tools)
[2]: https://gcc.gnu.org/
[3]: http://www.slackware.com/~alien/multilib/

269
sources/tech/20190710 Test 200- Linux And Unix Operating Systems Online For Free.md Normal file
View File

@ -0,0 +1,269 @@
[#]: collector: (lujun9972)
[#]: translator: (0x996 is translating)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Test 200+ Linux And Unix Operating Systems Online For Free)
[#]: via: (https://www.ostechnix.com/test-100-linux-and-unix-operating-systems-online-for-free/)
[#]: author: (sk https://www.ostechnix.com/author/sk/)
Test 200+ Linux And Unix Operating Systems Online For Free
======
![DistroTest - Test 200+ Linux And Unix Operating Systems Online For Free][1]
A while ago we have covered about [**OSBoxes**][2], a website that offers a collection of free, ready-to-use Linux and Unix VMs. You can download and try them on your Linux system using VirtualBox or VMWare workstation. Today, I stumbled upon a similar service named **“DistroTest”**. Unlike OSBoxes, DistroTest allows you to try the live Linux and Unix operating systems for free. You can test 200+ Linux and Unix operating systems online without having to install them locally. Just visit the website, choose the Linux/Unix distro of your choice and fire it up!
Two good Samaritans named **Klemann Andy** and **Forster Tobias** have hosted this web service on **Debian** using **Qemu**. There is no restrictions to use the public distros listed here. You can use all functions of the system as the way you do in your local system. You can install and uninstall software. You can test installed programs and
even delete or format the hard disk or system files. In a nutshell, DistoTest lets the distro hoppers to decide;
* Which distribution is the best for them,
* Which graphical interface they want,
* Which configuration options they have.
As of writing this guide, DistroTest is hosting **711 versions with 227 operating systems**. I have been using Linux for years, however I never heard some of the Linux distros listed here. To be honest, I dont even actually know this much of Linux operating systems exists.
Here is the list of available Linux distributions in DistroTrest website.
* 4mLinux
* AbsoluteLinux
* AlpineLinux
* Antergos
* antiX Linux
* Aptosid
* ArchBang
* ArchLabs
* ArchLinux
* Archman
* ArchStrike
* ArtixLinux
* AryaLinux
* AvLinux
* BackBoxLinux
* BigLinux
* Bio-Linux
* BlackArch
* BlackLab
* BlackPantherOS
* blag
* BlankOn
* Bluestar
* Bodhi
* BunsenLabs
* Caine
* Calculate Linux Desktop
* CentOS 7
* Chakra
* ChaletOS
* ClearOS
* Clonezilla
* ConnochaetOS
* Cucumber
* Damn Small Linux
* Debian
* Devil-Linux
* Devuan
* DragonFly BSD
* Dragora
* Dyne:bolic
* Edubuntu
* elementaryOS
* Elive Linux
* Emmabuntüs
* Emmabuntüs
* Endless OS
* EnsoOS
* Exe GNU/Linux
* ExTiX
* Fatdog64
* Fedora
* FerenOS
* FreeBSD
* FreeDOS
* Frugalware
* Frugalware
* G4L
* GeckoLinux
* Gentoo
* GNewSense
* GoboLinux
* Gparted
* GreenieLinux
* GRML
* GuixSD
* Haiku
* Heads
* Kali Linux
* Kanotix
* KaOS
* Knoppix
* Kodachi
* KolibriOS
* Korora
* Kwort
* Linux Lite
* Linux Mint
* LiveRaizo
* LMDE
* LXLE OS
* Macpup
* Mageia
* MakuluLinux
* Manjaro
* MauiLinux
* MenuetOS
* MiniNo
* Modicia
* Musix
* MX Linux
* Nas4Free
* Neptune
* NetBSD
* Netrunner
* NixOs
* NuTyX
* OpenIndiana
* OpenMandriva
* openSUSE
* OracleLinux
* OSGeo live
* OviOS
* Parabola
* Pardus
* Parrot
* Parsix
* PCLinuxOS
* PeachOSI
* Peppermint
* Pinguy
* PinguyOS
* plopLinux
* PointLinux
* Pop!_OS
* PORTEUS
* Puppy Linux
* PureOS
* Q4OS
* QubesOS
* Quirky
* ReactOS
* Redcore
* Rescatux
* RevengeOS
* RoboLinux
* Rockstor
* ROSA
* Runtu
* Sabayon
* SalentOS
* Salix
* ScientificLinux
* Siduction
* Slax
* SliTaz
* Solus
* SolydK
* SparkyLinux
* Springdale
* Stresslinux
* SubgraphOS
* SwagArch (18.03)
* Tails
* Tanglu
* Tiny Core
* Trisquel
* TrueOS
* TurnKey Linux
* Ubuntu and its official variants
* Uruk
* VectorLinux
* VineLinux
* VoidLinux
* Voyager
* VyOS
* WattOs
* Zentyal
* Zenwalk
* Zevenet
* Zorin OS
### How does it work?
To test any operating systems, head over to the following link:
![1][3]
In this website, you will see the list of available OSes. Click on the name of the distribution you want to explore.
![1][4]
Test 100+ Linux and Unix operating systems Using DistroTest
For the purpose of this guide, I am going to test Arch Linux.
Once you clicked on the distributions link, you will be then redirected to the next screen where you can start the OS by clicking on **System start** button.
![1][5]
Now, the live system will start in a new browser window and you can access it from the built-in **noVNC viewer**. Please enable/allow the pop-ups in your web browser for this site, otherwise you cant see the noVNC application.
Hit ENTER to boot into the live system.
![1][6]
Here is the Arch Linux live system:
![1][7]
You can **use this system for an hour** for free. You can now test the live OS, install applications, remove applications, delete or modify system files, and test a configuration or script. After every shutdown, everything is back to the default settings.
Once youre done, go back to the DistroTest page and stop your test system. If you dont want to enable the pop-ups in DistroTest page, just use any locally installed VNC client applications in your system. The VNC client login details are given in the same page itself.
![1][8]
DistroTest service can be useful for those who wants to test a Linux/Unix operating system online or for those who dont have the live ISO of the preferred OS. It works just fine as far as I tested in 4G Internet connection.
### Actually, I cant install new software in the VMs
**One problem** I noticed while testing is the VMs are not connected to the network. There is no network interface available, except the loopback interface. I couldnt figure it out how to download and install new software without connecting to Internet or local mirror. I dont know why/how they claim we can install software. May be I am missing something here. All I can do at DistroTest is **take a look at the existing systems, test them live and without any installation**.
* * *
**Suggested read:**
* [**Learn And Practice Linux Commands Online For FREE!**][9]
* [**Run Linux And Other Operating Systems In Your Browser**][10]
* * *
And, thats all for now. I dont know how the DistroTest team managed to host this much of operating systems. I am sure it would have taken a lot of time. It is really a commendable work. I really appreciate the self-less act of the project members. Kudos to you guys. More power to you!
--------------------------------------------------------------------------------
via: https://www.ostechnix.com/test-100-linux-and-unix-operating-systems-online-for-free/
作者:[sk][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.ostechnix.com/author/sk/
[b]: https://github.com/lujun9972
[1]: https://www.ostechnix.com/wp-content/uploads/2018/07/test-Linux-and-Unix-online-686x340.jpg
[2]: https://www.ostechnix.com/osboxes-free-unixlinux-virtual-machines-for-vmware-and-virtualbox/
[3]: https://distrotest.net/
[4]: https://www.ostechnix.com/wp-content/uploads/2018/07/Distrotest-5.png
[5]: https://www.ostechnix.com/wp-content/uploads/2018/07/Distrotest-1.png
[6]: https://www.ostechnix.com/wp-content/uploads/2018/07/Distrotest-2.png
[7]: https://www.ostechnix.com/wp-content/uploads/2018/07/Distrotest-3.png
[8]: https://www.ostechnix.com/wp-content/uploads/2018/07/Distrotest-4-1.png
[9]: https://www.ostechnix.com/learn-and-practice-linux-commands-online-for-free/
[10]: https://www.ostechnix.com/run-linux-operating-systems-browser/

154
sources/tech/20190711 How to install Elasticsearch on MacOS.md Normal file
View File

@ -0,0 +1,154 @@
[#]: collector: (lujun9972)
[#]: translator: (geekpi)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (How to install Elasticsearch on MacOS)
[#]: via: (https://opensource.com/article/19/7/installing-elasticsearch-macos)
[#]: author: (Lauren Maffeo https://opensource.com/users/lmaffeo/users/don-watkins)
How to install Elasticsearch on MacOS
======
Installing Elasticsearch is complex! Here's how to do it on a Mac.
![magnifying glass on computer screen][1]
[Elasticsearch][2] is an open source, full-text search engine developed in Java. Users upload datasets as JSON files. Then, Elasticsearch stores the original document before adding a searchable reference to the document in the clusters index.
Less than nine years after its creation, Elasticsearch is the most popular enterprise search engine. Elastic released its latest update—version 7.2.0 —on June 25, 2019.
[Kibana][3] is an open source data visualizer for Elasticsearch. This tool helps users create visualizations on top of content indexed in an Elasticsearch cluster.
[Sunbursts][4], [geospatial data maps][5], [relationship analyses][6], and dashboards with live data are just a few options. And thanks to Elasticsearchs machine learning prowess, you can learn which properties might influence your data (like servers or IP addresses) and find abnormal patterns.
At [DevFest DC][7] last month, [Dr. Summer Rankin][8]—lead data scientist at Booz Allen Hamilton—uploaded a dataset of content from TED Talks to Elasticsearch, then used Kibana to quickly build a dashboard. Intrigued, I went to an Elasticsearch meetup days later.
Since this course was for newbies, we started at Square One: Installing Elastic and Kibana on our laptops. Without both packages installed, we couldnt create our own visualizations from the dataset of Shakespeare texts we were using as a dummy JSON file.
Next, I will share step-by-step instructions for downloading, installing, and running Elasticsearch Version 7.1.1 on MacOS. This was the latest version when I attended the Elasticsearch meetup in mid-June 2019.
### Downloading Elasticsearch for MacOS
1. Go to <https://www.elastic.co/downloads/elasticsearch>, which takes you to the webpage below:
![The Elasticsearch download page.][9]
2. In the **Downloads** section, click **MacOS**, which downloads the Elasticsearch TAR file (for example, **elasticsearch-7.1.1-darwin-x86_64.tar**) into your **Downloads** folder.
3. Double-click this file to unpack it into its own folder (for example, **elasticsearch-7.1.1**), which contains all of the files that were in the TAR.
**Tip**: If you want Elasticsearch to live in another folder, now is the time to move this folder.
### Running Elasticsearch from the MacOS command line
You can run Elasticsearch only using the command line if you prefer. Just follow this process:
1. [Open a **Terminal** window][10].
2. In the terminal window, enter your Elasticsearch folder. For example (if you moved the program, change **Downloads** to the correct path):
**$ cd ~Downloads/elasticsearch-1.1.0**
3. Change to the Elasticsearch **bin** subfolder, and start the program. For example:
**$ cd bin $ ./elasticsearch**
Heres some of the output that my command line terminal displayed when I launched Elasticsearch 1.1.0:
![Terminal output when running Elasticsearch.][11]
**NOTE**: Elasticsearch runs in the foreground by default, which can cause your computer to slow down. Press **Ctrl-C to** stop Elasticsearch from running.
### Running Elasticsearch using the GUI
If you prefer your point-and-click environment, you can run Elasticsearch like so:
1. Open a new **Finder** window.
2. Select **Downloads** in the left Finder sidebar (or, if you moved Elasticsearch to another folder, navigate to there).
3. Open the folder called (for the sake of this example) **elasticsearch-7.1.1**. A selection of eight subfolders appears.
![The elasticsearch/bin menu.][12]
4. Open the **bin** subfolder. As the screenshot above shows, this subfolder yields 20 assets.
5. Click the first option, which is **elasticsearch**.
Note that you may get a security warning, as shown below:
![The security warning dialog box.][13]
 
In order to open the program in this case:
1. Click **OK** in the warning dialog box.
2. Open **System Preferences**.
3. Click **Security &amp; Privacy**, which opens the window shown below:
![Where you can allow your computer to open the downloaded file.][14]
4. Click **Open Anyway**, which opens the confirmation dialog box shown below:
![Security confirmation dialog box.][15]
5. Click **Open**. A terminal window opens and launches Elasticsearch.
The launch process can take a while, so let it run. Eventually, it will finish, and you will see output similar to this at the end:
![Launching Elasticsearch in MacOS.][16]
### Learning more
Once youve installed Elasticsearch, its time to start exploring!
The tools [Elasticsearch: Getting Started][17] guide directs you based on your goals. Its introductory video walks through steps to launch a hosted cluster on [Elasticsearch Service][18], perform basic search queries, play with data through create, read, update, and delete (CRUD) REST APIs, and more.
This guide also offers links to documentation, dev console commands, training subscriptions, and a free trial of Elasticsearch Service. This trial lets you deploy Elastic and Kibana on AWS and GCP to support your Elastic clusters in the cloud.
In the follow-up to this article, well walk through the steps youll take to install Kibana on MacOS. This process will take your Elasticsearch queries to the next level via diverse data visualizations. Stay tuned!
--------------------------------------------------------------------------------
via: https://opensource.com/article/19/7/installing-elasticsearch-macos
作者:[Lauren Maffeo][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/lmaffeo/users/don-watkins
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/search_find_code_issue_bug_programming.png?itok=XPrh7fa0 (magnifying glass on computer screen)
[2]: https://www.getapp.com/it-management-software/a/qbox-dot-io-hosted-elasticsearch/
[3]: https://www.elastic.co/products/kibana
[4]: https://en.wikipedia.org/wiki/Pie_chart#Ring
[5]: https://en.wikipedia.org/wiki/Spatial_analysis
[6]: https://en.wikipedia.org/wiki/Correlation_and_dependence
[7]: https://www.devfestdc.org/
[8]: https://www.summerrankin.com/about
[9]: https://opensource.com/sites/default/files/uploads/wwa1f3_600px_0.png (The Elasticsearch download page.)
[10]: https://support.apple.com/en-ca/guide/terminal/welcome/mac
[11]: https://opensource.com/sites/default/files/uploads/io6t1a_600px.png (Terminal output when running Elasticsearch.)
[12]: https://opensource.com/sites/default/files/uploads/o43yku_600px.png (The elasticsearch/bin menu.)
[13]: https://opensource.com/sites/default/files/uploads/elasticsearch_security_warning_500px.jpg (The security warning dialog box.)
[14]: https://opensource.com/sites/default/files/uploads/the_general_tab_of_the_system_preferences_security_and_privacy_window.jpg (Where you can allow your computer to open the downloaded file.)
[15]: https://opensource.com/sites/default/files/uploads/confirmation_dialog_box.jpg (Security confirmation dialog box.)
[16]: https://opensource.com/sites/default/files/uploads/y5dvtu_600px.png (Launching Elasticsearch in MacOS.)
[17]: https://www.elastic.co/webinars/getting-started-elasticsearch?ultron=%5BB%5D-Elastic-US+CA-Exact&blade=adwords-s&Device=c&thor=elasticsearch&gclid=EAIaIQobChMImdbvlqOP4wIVjI-zCh3P_Q9mEAAYASABEgJuAvD_BwE
[18]: https://info.elastic.co/elasticsearch-service-gaw-v10-nav.html?ultron=%5BB%5D-Elastic-US+CA-Exact&blade=adwords-s&Device=c&thor=elasticsearch%20service&gclid=EAIaIQobChMI_MXHt-SZ4wIVJBh9Ch3wsQfPEAAYASAAEgJo9fD_BwE

162
sources/tech/20190711 Type Linux Commands In Capital Letters To Run Them As Sudo User.md Normal file
View File

@ -0,0 +1,162 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Type Linux Commands In Capital Letters To Run Them As Sudo User)
[#]: via: (https://www.ostechnix.com/type-linux-commands-in-capital-letters-to-run-them-as-sudo-user/)
[#]: author: (sk https://www.ostechnix.com/author/sk/)
Type Linux Commands In Capital Letters To Run Them As Sudo User
======
![Type Linux Commands In Capital Letters To Run Them As Sudo User][1]
The reason I love Linux community a lot is they create so many FUN projects which you rarely find in any other propriety operating systems. A while ago, we looked at a fun project named [**“Hollywood”**][2] which turns the Terminal into a Hollywood technical melodrama hacker interface in Ubuntu-like systems. There are few other utilities available, for example **cowsay** , **fortune** , **sl** and **toilet** (!) etc., to kill your free time and keep you entertained! They may not be useful, but these utilities are really entertaining and fun to use. Today, I stumbled upon yet another similar utility named **“SUDO”**. As the name implies, whenever you type Linux commands in capital letters, the SUDO utility will run them as sudo user! Meaning, you need not to type “sudo” in-front of the Linux commands you about to run. Cool, yeah?
### Install SUDO
* * *
**A word of caution:**
Before installing this (or any utility), take a look at the source code (Link given at the end) and see if there are suspicious/malicious code included to harm your system. Test it in a VM. If you like or found it useful, you can use it in your personal/production systems.
* * *
Git clone the SUDO repository:
```
$ git clone https://github.com/jthistle/SUDO.git
```
This command will clone the contents of SUDO GIT repository and saves them in a directory named “SUDO” in your current working directory.
```
Cloning into 'SUDO'...
remote: Enumerating objects: 42, done.
remote: Counting objects: 100% (42/42), done.
remote: Compressing objects: 100% (29/29), done.
remote: Total 42 (delta 17), reused 30 (delta 12), pack-reused 0
Unpacking objects: 100% (42/42), done.
```
Switch to SUDO directory:
```
$ cd SUDO/
```
And, install it using command:
```
$ ./install.sh
```
The command will add the following entries in your **~/.bashrc** file:
```
[...]
# SUDO - shout at bash to su commands
# Distributed under GNU GPLv2, @jthistle on github
shopt -s expand_aliases
IFS_=${IFS}
IFS=":" read -ra PATHS <<< "$PATH"
for i in "${PATHS[@]}"; do
for j in $( ls "$i" ); do
if [ ${j^^} != $j ] && [ $j != "sudo" ]; then
alias ${j^^}="sudo $j"
fi
done
done
alias SUDO='sudo $(history -p !!)'
IFS=${IFS_}
# end SUDO
```
It will also take a backup of your **~/.bashrc** and save it as **~/.bashrc.old**. You can restore it if anything goes catastrophically wrong.
Finally, update the changes using command:
```
$ source ~/.bashrc
```
### Now, type Linux Commands in Capital letters to run them as Sudo user
Usually, we execute Linux commands that requires sudo/root privileges like below.
```
$ sudo mkdir /ostechnix
```
Right? Yes! The above command will create directory named “ostechnix” in root (/). Let us cancel this command using **Ctrl+c**.
Once SUDO is installed, you can **type any Linux command in capital without sudo** and run them. So, you can run the above command like below:
```
$ MKDIR /ostechnix
$ TOUCH /ostechnix/test.txt
$ LS /ostechnix
```
![][3]
Type Linux Commands In Capital Letters To Run Them As Sudo User
Please note that **it will not bypass the sudo password**. You still need to type sudo password to execute the given command. It will only help to avoid typing “sudo” in-front of each command.
* * *
**Related read:**
* [**How To Run Particular Commands Without Sudo Password In Linux**][4]
* [**How To Restore Sudo Privileges To A User**][5]
* [**How To Grant And Remove Sudo Privileges To Users On Ubuntu**][6]
* [**How To Find All Sudo Users In Your Linux System**][7]
* [**How To Display Asterisks When You Type Password In Terminal**][8]
* [**How To Change The Sudo Prompt In Linux**][9]
* * *
Of course, typing “sudo” will take only a few seconds, so it is not a big deal. I must tell this is just fun and USELESS project to pass time. If you dont like it, go away and learn something useful. If you like it, give it a go and have fun!
**Resource:**
* [**SUDO GitHub Repository**][10]
--------------------------------------------------------------------------------
via: https://www.ostechnix.com/type-linux-commands-in-capital-letters-to-run-them-as-sudo-user/
作者:[sk][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.ostechnix.com/author/sk/
[b]: https://github.com/lujun9972
[1]: https://www.ostechnix.com/wp-content/uploads/2019/07/sudo-720x340.png
[2]: https://www.ostechnix.com/turn-ubuntu-terminal-hollywood-technical-melodrama-hacker-interface/
[3]: https://www.ostechnix.com/wp-content/uploads/2019/07/SUDO-in-action.gif
[4]: https://www.ostechnix.com/run-particular-commands-without-sudo-password-linux/
[5]: https://www.ostechnix.com/how-to-restore-sudo-privileges-to-a-user/
[6]: https://www.ostechnix.com/how-to-grant-and-remove-sudo-privileges-to-users-on-ubuntu/
[7]: https://www.ostechnix.com/find-sudo-users-linux-system/
[8]: https://www.ostechnix.com/display-asterisks-type-password-terminal/
[9]: https://www.ostechnix.com/change-sudo-prompt-linux-unix/
[10]: https://github.com/jthistle/SUDO

118
sources/tech/20190713 ElectronMail - a Desktop Client for ProtonMail and Tutanota.md Normal file
View File

@ -0,0 +1,118 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (ElectronMail a Desktop Client for ProtonMail and Tutanota)
[#]: via: (https://itsfoss.com/electronmail/)
[#]: author: (John Paul https://itsfoss.com/author/john/)
ElectronMail a Desktop Client for ProtonMail and Tutanota
======
The majority of people on the internet have email accounts from big companies, such as Google, that do not respect your privacy. Thankfully, there are privacy conscience alternatives like [Tutanota][1] and [ProtonMail][2]. The problems is that not all of them have a desktop client. Today, we will look at a project that seeks to solve that problem for you. Lets take a look at ElectronMail.
Electron-ic warning!
The following app is built with Electron (the name is ElectronMail for a reason). If the use of Electron upsets you, please consider this a trigger warning.
### ElectronMail: Desktop Client for Tutanota and ProtonMail
![Electron Mail About][3]
[ElectronMail][4] is simply put an email client for ProtonMail and Tutanota. It is built using three big technologies: [Electron][5], [TypeScript][6] and [Angular][7]. It includes the following features:
* Multi accounts support per each email provider
* Encrypted local storage
* Available for Linux, Windows, macOS, and FreeBSD
* Native notifications
* System tray icon with a total number of unread messages
* Master password to protect account information
* Switchable view layouts
* Offline access to the emails
* Encrypted local storage for emails
* Batch emails export to EML files
* Full-text search
* Built-in/prepackaged web clients
* Configuring proxy per account
* Spell Checking
* Support for two-factor authentication for extra security
Currently, ElectronMail only supports Tutanota and ProtonMail. I get the feeling that they will be adding more in the future. According to the [GitHub page][4]: “Multi email providers support. ProtonMail and Tutanota at the moment.”
ElectronMail is licensed under the MIT license.
#### How to install ElectronMail
Currently, there are several options to install ElectronMail on Linux. for Arch and Arch-based distros, you can install it from the [Arch User Repository][8]. There is also a Snap available for ElectrionMail. To install it, just enter `sudo snap install electron-mail`.
For all other Linux distros, you can [download][9] a `.deb` or `.rpm` file.
![Electron Mail Inbox][10]
You can also [download][9] an `.exe` installer for Windows or a `.dmg` file for macOS. There is even a file for FreeBSD.
[][11]
Suggested read  Zettlr - Markdown Editor for Writers and Researchers
#### Removing ElectronMail
If you install ElectronMail and decide that it is not for you, there are a couple steps that the [developer][12] recommends. **Be sure to follow these steps before you uninstall the application.**
If you are using the “Keep Me Signed In” feature, click “Log out” on the menu. This will delete the locally stored master password. It is possible to delete the master password after uninstalling ElectronMail, but that would involve editing the system keychain.
You will also need to delete the settings folder manually. You can find it by clicking “Open setting folder” after selecting the applications icon in the system tray.
![Electron Mail Setting][13]
### My Thoughts on ElectronMail
I dont usually use email clients. In fact, I mostly depend on web clients. So, I dont have much use for this application.
That being said, ElectronMail has a nice feel to it and is easy to set up. It has a good number of features activated out of the box and the advanced features arent that hard to activate.
The one question I have relates to search. According to the features list, ElectronMail supports full-text search. However, the free version of Tutanota only supports a limited search. I wonder how ElectronMail handles that.
At the end of the day, ElectronMail is just an Electron wrapper for a couple of web-based emails. I would rather just have them open in my browser than dedicate separate system resources to running Electron. If you only [use Tutanota email, they have their own official Electron-based desktop client][14]. You may try that.
My biggest issue is with security. This is an unofficial app for two very secure email apps. What if there is a way to capture your login info or read through your emails? Someone who is smarter than I would have to go through the source code to know for sure. That is always the issue with unofficial apps for a security project.
[][14]
Suggested read  Secure Email Service Tutanota Has a Desktop App Now
Have you every used ElectronMail? Do you think it would be worthwhile to install ElectronMail? What is your favorite email client? Please let us know in the comments below.
If you found this article interesting, please take a minute to share it on social media, Hacker News or [Reddit][15].
--------------------------------------------------------------------------------
via: https://itsfoss.com/electronmail/
作者:[John Paul][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://itsfoss.com/author/john/
[b]: https://github.com/lujun9972
[1]: https://itsfoss.com/tutanota-review/
[2]: https://itsfoss.com/protonmail/
[3]: https://i0.wp.com/itsfoss.com/wp-content/uploads/2019/07/electron-mail-about.jpg?resize=800%2C500&ssl=1
[4]: https://github.com/vladimiry/ElectronMail
[5]: https://electronjs.org/
[6]: http://www.typescriptlang.org/
[7]: https://angular.io/
[8]: https://aur.archlinux.org/packages/electronmail-bin
[9]: https://github.com/vladimiry/ElectronMail/releases
[10]: https://i0.wp.com/itsfoss.com/wp-content/uploads/2019/07/electron-mail-inbox.jpg?ssl=1
[11]: https://itsfoss.com/zettlr-markdown-editor/
[12]: https://github.com/vladimiry
[13]: https://i1.wp.com/itsfoss.com/wp-content/uploads/2019/07/electron-mail-setting.jpg?ssl=1
[14]: https://itsfoss.com/tutanota-desktop/
[15]: http://reddit.com/r/linuxusersgroup

364
sources/tech/20190715 Understanding software design patterns.md Normal file
View File

@ -0,0 +1,364 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Understanding software design patterns)
[#]: via: (https://opensource.com/article/19/7/understanding-software-design-patterns)
[#]: author: (Bryant Son https://opensource.com/users/brsonhttps://opensource.com/users/erezhttps://opensource.com/users/brson)
Understanding software design patterns
======
Design patterns help eliminate redundant coding. Learn how to use the
singleton pattern, factory pattern, and observer pattern using Java.
![clouds in the sky with blue pattern][1]
If you are a programmer or a student pursuing computer science or a similar discipline, sooner or later, you will encounter the term "software design pattern." According to Wikipedia, _"a [software design pattern][2] is a general, reusable solution to a commonly occurring problem within a given context in software design."_ Here is my take on the definition: When you have been working on a coding project for a while, you often begin to think, "Huh, this seems redundant. I wonder if I can change the code to be more flexible and accepting of changes?" So, you begin to think about how to separate what stays the same from what needs to change often.
> A **design pattern** is a way to make your code easier to change by separating the part that stays the same and the part that needs constant changes.
Not surprisingly, everyone who has worked on a programming project has probably had the same thought. Especially for any industry-level project, where it's common to work with dozens or even hundreds of developers; the collaboration process suggests that there have to be some standards and rules to make the code more elegant and adaptable to changes. That is why we have [object-oriented programming][3] (OOP) and [software framework tools][4]. A design pattern is somewhat similar to OOP, but it goes further by considering changes as part of the natural development process. Basically, the design pattern leverages some ideas from OOP, like abstractions and interfaces, but focuses on the process of changes.
When you start to work on a project, you often hear the term _refactoring_, which means _to change the code to be more elegant and reusable;_ this is where the design pattern shines. Whenever you're working on existing code (whether built by someone else or your past self), knowing the design patterns helps you begin to see things differently—you will discover problems and ways to improve the code.
There are numerous design patterns, but three popular ones, which I'll present in this introductory article, are singleton pattern, factory pattern, and observer pattern.
### How to follow this guide
I want this tutorial to be as easy as possible for anyone to understand, whether you are an experienced programmer or a beginner to coding. The design pattern concept is not exactly easy to understand, and reducing the learning curve when you start a journey is always a top priority. Therefore, in addition to this article with diagrams and code pieces, I've also created a [GitHub repository][5] you can clone and run the code to implement the three design patterns on your own. You can also follow along with the following [YouTube video][6] I created.
#### Prerequisites
If you just want to get the idea of design patterns in general, you do not need to clone the sample project or install any of the tools. However, to run the sample code, you need to have the following installed:
* **Java Development Kit (JDK):** I highly recommend [OpenJDK][7].
* **Apache Maven:** The sample project is built using [Apache Maven][8]; fortunately, many IDEs come with Maven installed.
* **Interactive development editor (IDE):** I use [IntelliJ Community Edition][9], but you can use [Eclipse IDE][10] or any other Java IDE of your choice
* **Git:** If you want to clone the project, you need a [Git][11] client.
To clone the project and follow along, run the following command after you install Git:
```
`git clone https://github.com/bryantson/OpensourceDotComDemos.git`
```
Then, in your favorite IDE, you can import the code in the TopDesignPatterns repo as an Apache Maven project.
I am using Java, but you can implement the design pattern using any programming language that supports the [abstraction principle][12].
### Singleton pattern: Avoid creating an object every single time
The [singleton pattern][13] is a very popular design pattern that is also relatively simple to implement because you need just one class. However, many developers debate whether the singleton design pattern's benefits outpace its problems because it lacks clear benefits and is easy to abuse. Few developers implement singleton directly; instead, programming frameworks like Spring Framework and Google Guice have built-in singleton design pattern features.
But knowing about singleton is still tremendously useful. The singleton pattern makes sure that a class is created only once and provides a global point of access to it.
> **Singleton pattern:** Ensures that only one instantation is created and avoids creating multiple instances of the same object.
The diagram below shows the typical process for creating a class object. When the client asks to create an object, the constructor creates, or instantiates, an object and returns to the class with the caller method. However, this happens every single time an object is requested—the constructor is called, a new object is created, and it returns with a unique object. I guess the creators of the OOP language had a reason behind creating a new object every single time, but the proponents of the singleton process say this is redundant and a waste of resources.
![Normal class instantiation][14]
The following diagram creates the object using the singleton pattern. Here, the constructor is called only when the object is requested the first time through a designated getInstance() method. This is usually done by checking the null value, and the object is saved inside the singleton class as a private field value. The next time the getInstance() is called, the class returns the object that was created the first time. No new object is created; it just returns the old one.
![Singleton pattern instantiation][15]
The following script shows the simplest possible way to create the singleton pattern:
```
package org.opensource.demo.singleton;
public class OpensourceSingleton {
    private static OpensourceSingleton uniqueInstance;
    private OpensourceSingleton() {
    }
    public static OpensourceSingleton getInstance() {
        if (uniqueInstance == null) {
            uniqueInstance = new OpensourceSingleton();
        }
        return uniqueInstance;
    }
}
```
On the caller side, here is how the singleton class will be called to get an object:
```
Opensource newObject = Opensource.getInstance();
```
This code demonstrates the idea of a singleton well:
1. When getInstance() is called, it checks whether the object was already created by checking the null value.
2. If the value is null, it creates a new object, saves it into the private field, and returns the object to the caller. Otherwise, it returns the object that was created previously.
The main problem with this singleton implementation is its disregard for parallel processes. When multiple processes using threads access the resource simultaneously, a problem occurs. There is one solution to this, and it is called _double-checked locking_ for multithread safety, which is shown here:
```
package org.opensource.demo.singleton;
public class ImprovedOpensourceSingleton {
    private volatile static ImprovedOpensourceSingleton uniqueInstance;
    private ImprovedOpensourceSingleton() {}
    public static ImprovedOpensourceSingleton getInstance() {
        if (uniqueInstance == null) {
            synchronized (ImprovedOpensourceSingleton.class) {
                if (uniqueInstance == null) {
                    uniqueInstance = new ImprovedOpensourceSingleton();
                }
            }
        }
        return uniqueInstance;
    }
}
```
Just to emphasize the previous point, make sure to implement your singleton directly only when you believe is a safe option to do so. The best way is to leverage the singleton feature is by using a well-made programming framework.
### Factory pattern: Delegate object creation to the factory class to hide creation logic
The [factory pattern][16] is another well-known design pattern, but it is a little more complex. There are several ways to implement the factory pattern, but the following sample code demonstrates the simplest possible way. The factory pattern defines an interface for creating an object but lets the subclasses decide which class to instantiate.
> **Factory pattern:** Delegates object creation to the factory class so it hides the creation logic.
The diagram below shows how the simplest factory pattern is implemented.
![Factory pattern][17]
Instead of the client directly calling the object creation, the client asks the factory class for a certain object, type x. Based on the type, the factory pattern decides which object to create and to return.
In this code sample, OpensourceFactory is the factory class implementation that takes the _type_ from the caller and decides which object to create based on that input value:
```
package org.opensource.demo.factory;
public class OpensourceFactory {
    public OpensourceJVMServers getServerByVendor([String][18] name) {
        if(name.equals("Apache")) {
            return new Tomcat();
        }
        else if(name.equals("Eclipse")) {
            return new Jetty();
        }
        else if (name.equals("RedHat")) {
            return new WildFly();
        }
        else {
            return null;
        }
    }
}
```
And OpenSourceJVMServer is a 100% abstraction class (or an interface class) that indicates what to implement, not how:
```
package org.opensource.demo.factory;
public interface OpensourceJVMServers {
    public void startServer();
    public void stopServer();
    public [String][18] getName();
}
```
Here is a sample implementation class for OpensourceJVMServers. When "RedHat" is passed as the type to the factory class, the WildFly server is created:
```
package org.opensource.demo.factory;
public class WildFly implements OpensourceJVMServers {
    public void startServer() {
        [System][19].out.println("Starting WildFly Server...");
    }
    public void stopServer() {
        [System][19].out.println("Shutting Down WildFly Server...");
    }
    public [String][18] getName() {
        return "WildFly";
    }
}
```
### Observer pattern: Subscribe to topics and get notified about updates
Finally, there is the [observer pattern][20]_._ Like the singleton pattern, few professional programmers implement the observer pattern directly. However, many messaging queue and data service implementations borrow the observer pattern concept. The observer pattern defines one-to-many dependencies between objects so that when one object changes state, all of its dependents are notified and updated automatically.
> **Observer pattern:** Subscribe to the topics/subjects where the client can be notified if there is an update.
The easiest way to think about the observer pattern is to imagine a mailing list where you can subscribe to any topic, whether it is open source, technologies, celebrities, cooking, or anything else that interests you. Each topic maintains a list of its subscribers, which is equivalent to an "observer" in the observer pattern. When a topic is updated, all of its subscribers (observers) are notified of the changes. And a subscriber can always unsubscribe from a topic.
As the following diagram shows, the client can be subscribed to different topics and add the observer to be notified about new information. Because the observer listens continuously to the subject, the observer notifies the client about any change that occurs.
![Observer pattern][21]
Let's look at the sample code for the observer pattern, starting with the subject/topic class:
```
package org.opensource.demo.observer;
public interface Topic {
    public void addObserver([Observer][22] observer);
    public void deleteObserver([Observer][22] observer);
    public void notifyObservers();
}
```
This code describes an interface for different topics to implement the defined methods. Notice how an observer can be added, removed, or notified.
Here is an example implementation of the topic:
```
package org.opensource.demo.observer;
import java.util.List;
import java.util.ArrayList;
public class Conference implements Topic {
    private List&lt;Observer&gt; listObservers;
    private int totalAttendees;
    private int totalSpeakers;
    private [String][18] nameEvent;
    public Conference() {
        listObservers = new ArrayList&lt;Observer&gt;();
    }
    public void addObserver([Observer][22] observer) {
        listObservers.add(observer);
    }
    public void deleteObserver([Observer][22] observer) {
        int i = listObservers.indexOf(observer);
        if (i &gt;= 0) {
            listObservers.remove(i);
        }
    }
    public void notifyObservers() {
        for (int i=0, nObservers = listObservers.size(); i &lt; nObservers; ++ i) {
            [Observer][22] observer = listObservers.get(i);
            observer.update(totalAttendees,totalSpeakers,nameEvent);
        }
    }
    public void setConferenceDetails(int totalAttendees, int totalSpeakers, [String][18] nameEvent) {
        this.totalAttendees = totalAttendees;
        this.totalSpeakers = totalSpeakers;
        this.nameEvent = nameEvent;
        notifyObservers();
    }
}
```
This class defines the implementation of a particular topic. When a change happens, this implementation is where it is invoked. Notice that this takes the number of observers, which is stored as the list, and can both notify and maintain the observers.
Here is an observer class:
```
package org.opensource.demo.observer;
public interface [Observer][22] {
    public void update(int totalAttendees, int totalSpeakers, [String][18] nameEvent);
}
```
This class defines an interface that different observers can implement to take certain actions.
For example, the observer implementation can print out the number of attendees and speakers at a conference:
```
package org.opensource.demo.observer;
public class MonitorConferenceAttendees implements [Observer][22] {
    private int totalAttendees;
    private int totalSpeakers;
    private [String][18] nameEvent;
    private Topic topic;
    public MonitorConferenceAttendees(Topic topic) {
        this.topic = topic;
        topic.addObserver(this);
    }
    public void update(int totalAttendees, int totalSpeakers, [String][18] nameEvent) {
        this.totalAttendees = totalAttendees;
        this.totalSpeakers = totalSpeakers;
        this.nameEvent = nameEvent;
        printConferenceInfo();
    }
    public void printConferenceInfo() {
        [System][19].out.println(this.nameEvent + " has " + totalSpeakers + " speakers and " + totalAttendees + " attendees");
    }
}
```
### Where to go from here?
Now that you've read this introductory guide to design patterns, you should be in a good place to pursue other design patterns, such as facade, template, and decorator. There are also concurrent and distributed system design patterns like the circuit breaker pattern and the actor pattern.
However, I believe it's best to hone your skills first by implementing these design patterns in your side projects or just as practice. You can even begin to contemplate how you can apply these design patterns in your real projects. Next, I highly recommend checking out the [SOLID principles][23] of OOP. After that, you will be ready to look into the other design patterns.
--------------------------------------------------------------------------------
via: https://opensource.com/article/19/7/understanding-software-design-patterns
作者:[Bryant Son][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/brsonhttps://opensource.com/users/erezhttps://opensource.com/users/brson
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/rh_003601_05_mech_osyearbook2016_cloud_cc.png?itok=XSV7yR9e (clouds in the sky with blue pattern)
[2]: https://en.wikipedia.org/wiki/Software_design_pattern
[3]: https://en.wikipedia.org/wiki/Object-oriented_programming
[4]: https://en.wikipedia.org/wiki/Software_framework
[5]: https://github.com/bryantson/OpensourceDotComDemos/tree/master/TopDesignPatterns
[6]: https://www.youtube.com/watch?v=VlBXYtLI7kE&feature=youtu.be
[7]: https://openjdk.java.net/
[8]: https://maven.apache.org/
[9]: https://www.jetbrains.com/idea/download/#section=mac
[10]: https://www.eclipse.org/ide/
[11]: https://git-scm.com/
[12]: https://en.wikipedia.org/wiki/Abstraction_principle_(computer_programming)
[13]: https://en.wikipedia.org/wiki/Singleton_pattern
[14]: https://opensource.com/sites/default/files/uploads/designpatterns1_normalclassinstantiation.jpg (Normal class instantiation)
[15]: https://opensource.com/sites/default/files/uploads/designpatterns2_singletonpattern.jpg (Singleton pattern instantiation)
[16]: https://en.wikipedia.org/wiki/Factory_method_pattern
[17]: https://opensource.com/sites/default/files/uploads/designpatterns3_factorypattern.jpg (Factory pattern)
[18]: http://www.google.com/search?hl=en&q=allinurl%3Adocs.oracle.com+javase+docs+api+string
[19]: http://www.google.com/search?hl=en&q=allinurl%3Adocs.oracle.com+javase+docs+api+system
[20]: https://en.wikipedia.org/wiki/Observer_pattern
[21]: https://opensource.com/sites/default/files/uploads/designpatterns4_observerpattern.jpg (Observer pattern)
[22]: http://www.google.com/search?hl=en&q=allinurl%3Adocs.oracle.com+javase+docs+api+observer
[23]: https://en.wikipedia.org/wiki/SOLID

2
sources/tech/20190715 What is POSIX- Richard Stallman explains.md
View File

@ -1,5 +1,5 @@
[#]: collector: (lujun9972)
[#]: translator: (martin2011qi)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )

488
sources/tech/20190716 Security scanning your DevOps pipeline.md
View File

@ -1,488 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Security scanning your DevOps pipeline)
[#]: via: (https://opensource.com/article/19/7/security-scanning-your-devops-pipeline)
[#]: author: (Jessica Repka https://opensource.com/users/jrepkahttps://opensource.com/users/marcobravohttps://opensource.com/users/jrepka)
Security scanning your DevOps pipeline
======
A hands-on introduction to container security using Anchore with Jenkins
on Kubernetes.
![Target practice][1]
Security is one of the most important considerations for running in any environment, and using open source software is a great way to handle security without going over budget in your corporate environment or for your home setup. It is easy to talk about the concepts of security, but it's another thing to understand the tools that will get you there. This tutorial explains how to set up security using [Jenkins][2] with [Anchore][3].
There are many ways to run [Kubernetes][4]. Using [Minikube][5], a prepackaged virtual machine (VM) environment designed for local testing, reduces the complexity of running an environment.
Technology | What is it?
---|---
[Jenkins][2] | An open source automation server
[Anchore][3] | A centralized service for inspection, analysis, and certification of container images
[Minikube][5] | A single-node Kubernetes cluster inside a VM
In this tutorial, you'll learn how to add Jenkins and Anchore to Kubernetes and configure a scanning pipeline for new container images and registries.
_Note: For best performance in this tutorial, Minikube requires at least four CPUs._
### Basic requirements
#### Knowledge
* Docker (including a [Docker Hub][6] account)
* Minikube
* Jenkins
* Helm
* Kubectl
#### Software
* Minikube
* Helm
* Kubectl client
* Anchore CLI installed locally
### Set up the environment
[Install Minikube][7] in whatever way that makes sense for your environment. If you have enough resources, I recommend giving a bit more than the default memory and CPU power to your VM:
```
$ minikube config set memory 8192
⚠️  These changes will take effect upon a minikube delete and then a minikube start
$ minikube config set cpus 4
⚠️  These changes will take effect upon a minikube delete and then a minikube start
```
If you are already running a Minikube instance, you must delete it using **minikube delete** before continuing.
Next, [install Helm][8], the standard Kubernetes package manager, in whatever way makes sense for your operating system.
Now you're ready to install the applications.
### Install and configure Anchore and Jenkins
To begin, start Minikube and its dashboard.
```
$ minikube start
😄  minikube v1.1.0 on darwin (amd64)
💡  Tip: Use 'minikube start -p &lt;name&gt;' to create a new cluster, or 'minikube delete' to delete this one.
🔄  Restarting existing virtualbox VM for "minikube" ...
 Waiting for SSH access ...
🐳  Configuring environment for Kubernetes v1.14.2 on Docker 18.09.6
🔄  Relaunching Kubernetes v1.14.2 using kubeadm ...
 Verifying: apiserver proxy etcd scheduler controller dns
🏄  Done! kubectl is now configured to use "minikube"
$ minikube dashboard
🔌  Enabling dashboard ...
🤔  Verifying dashboard health ...
🚀  Launching proxy ...
🤔  Verifying proxy health ...
🎉  Opening <http://127.0.0.1:52646/api/v1/namespaces/kube-system/services/http:kubernetes-dashboard:/proxy/> in your default browser...
```
As long as you stay connected to this terminal session, you will have access to a visual dashboard for Minikube at **127.0.0.1:52646**.
![Minikube dashboard][9]
 
### Create namespace and install Jenkins
The next step is to get the Jenkins build environment up and running. To start, ensure your storage is configured for persistence so you can reuse it later. Set the storage class for **Persistent Volumes** before you install Helm, so its installation will be persistent across reboots.
Either exit the dashboard using CTRL+C or open a new terminal to run:
```
$ minikube addons enable default-storageclass
 default-storageclass was successfully enabled
```
**Using namespaces**
I test quite a few different applications, and I find it incredibly helpful to use [namespaces][10] in Kubernetes. Leaving everything in the default namespace can overcrowd it and make it challenging to uninstall a Helm-installed application. If you stick to this for Jenkins, you can remove it by running **helm del --purge jenkins --namespace jenkins** then **kubectl delete ns jenkins**. This is much easier than manually hunting and pecking through a long list of containers.
### Install Helm
To use Helm, Kubernetes' default package manager, initialize an environment and install Jenkins.
```
$ kubectl create ns jenkins
namespace "jenkins" created
$ helm init
helm init
Creating /Users/alleycat/.helm
Creating /Users/alleycat/.helm/repository
Creating /Users/alleycat/.helm/repository/cache
Creating /Users/alleycat/.helm/repository/local
Creating /Users/alleycat/.helm/plugins
Creating /Users/alleycat/.helm/starters
Creating /Users/alleycat/.helm/cache/archive
Creating /Users/alleycat/.helm/repository/repositories.yaml
Adding stable repo with URL: <https://kubernetes-charts.storage.googleapis.com>
Adding local repo with URL: <http://127.0.0.1:8879/charts>
$HELM_HOME has been configured at /Users/alleycat/.helm.
Tiller (the Helm server-side component) has been installed into your Kubernetes Cluster.
Please note: by default, Tiller is deployed with an insecure 'allow unauthenticated users' policy.
To prevent this, run `helm init` with the --tiller-tls-verify flag.
For more information on securing your installation see: <https://docs.helm.sh/using\_helm/\#securing-your-helm-installation>
$ helm install --name jenkins stable/jenkins --namespace jenkins
NAME:   jenkins
LAST DEPLOYED: Tue May 28 11:12:39 2019
NAMESPACE: jenkins
STATUS: DEPLOYED
RESOURCES:
==&gt; v1/ConfigMap
NAME           DATA  AGE
jenkins        5     0s
jenkins-tests  1     0s
==&gt; v1/Deployment
NAME     READY  UP-TO-DATE  AVAILABLE  AGE
jenkins  0/1    1           0          0s
==&gt; v1/PersistentVolumeClaim
NAME     STATUS   VOLUME    CAPACITY  ACCESS MODES  STORAGECLASS  AGE
jenkins  Pending  standard  0s
==&gt; v1/Pod(related)
NAME                      READY  STATUS   RESTARTS  AGE
jenkins-7565554b8f-cvhbd  0/1    Pending  0         0s
==&gt; v1/Role
NAME                     AGE
jenkins-schedule-agents  0s
==&gt; v1/RoleBinding
NAME                     AGE
jenkins-schedule-agents  0s
==&gt; v1/Secret
NAME     TYPE    DATA  AGE
jenkins  Opaque  2     0s
==&gt; v1/Service
NAME           TYPE          CLUSTER-IP    EXTERNAL-IP  PORT(S)         AGE
jenkins        LoadBalancer  10.96.90.0    &lt;pending&gt;    8080:32015/TCP  0s
jenkins-agent  ClusterIP     10.103.85.49  &lt;none&gt;       50000/TCP       0s
==&gt; v1/ServiceAccount
NAME     SECRETS  AGE
jenkins  1        0s
NOTES:
1\. Get your 'admin' user password by running:
  printf $(kubectl get secret --namespace jenkins jenkins -o jsonpath="{.data.jenkins-admin-password}" | base64 --decode);echo
2\. Get the Jenkins URL to visit by running these commands in the same shell:
  NOTE: It may take a few minutes for the LoadBalancer IP to be available.
        You can watch the status of by running 'kubectl get svc --namespace jenkins -w jenkins'
  export SERVICE_IP=$(kubectl get svc --namespace jenkins jenkins --template "{{ range (index .status.loadBalancer.ingress 0) }}{{ . }}{{ end }}")
  echo http://$SERVICE_IP:8080/login
3\. Login with the password from step 1 and the username: admin
For more information on running Jenkins on Kubernetes, visit:
<https://cloud.google.com/solutions/jenkins-on-container-engine>
```
Note the Bash one-liner above that begins with **printf**; it allows you to query for the Jenkins password and it can be challenging to find your [default Jenkins password][11] without it. Take note of it and save it for later.
### Set up port forwarding to log into the UI
Now that you've installed Minikube and Jenkins, log in to configure Jenkins. You'll need the Pod name for port forwarding:
```
$ kubectl get pods --namespace jenkins
NAME                       READY     STATUS    RESTARTS   AGE
jenkins-7565554b8f-cvhbd   1/1       Running   0          9m
```
Run the following to set up port forwarding (using your Jenkins pod name, which will be different from mine below):
```
# verify your pod name from the namespace named jenkins
kubectl get pods --namespace jenkins
NAME                       READY     STATUS    RESTARTS   AGE
jenkins-7565554b8f-cvhbd   1/1       Running   0          37m
# then forward it
$ kubectl port-forward jenkins-7565554b8f-cvhbd 8088:8080 -n jenkins
Forwarding from 127.0.0.1:8088 -&gt; 8080
Forwarding from [::1]:8088 -&gt; 8080
```
Note that you will need multiple tabs in your terminal once you run the port-forwarding command.
Leave this tab open going forward to maintain your port-forwarding session.
Navigate to Jenkins in your preferred browser by going to **localhost:8088**. The default username is **admin** and the password is stored in Kubernetes Secrets. Use the command at the end of the **helm install jenkins** step:
```
$ printf $(kubectl get secret --namespace jenkins jenkins -o jsonpath="{.data.jenkins-admin-password}" | base64 --decode);echo
Jfstacz2vy
```
After logging in, the UI will display **Welcome to Jenkins!**
![Jenkins UI][12]
From here we'll have to install some plugins to Jenkins for our pipeline to work properly. From the main page choose **Manage Jenkins **on the left-hand side.
![][13]
 
Then choose **Manage Plugins**
![][14]
Then choose **Available **
**![][15]**
Then choose the checkboxes beside these plugins shown below
![][16]
![][17]
Once you have checked the boxes scroll to the bottom of the page and choose **Install without Restart**.
 
![][18]
 
 
#### Deploy Anchore
[Anchore Engine][19] "is an open source project that provides a centralized service for inspection, analysis, and certification of container images." Deploy it within Minikube to do some security inspection on your Jenkins pipeline. Add a security namespace for the Helm install, then run an installation:
```
$ kubectl create ns security
namespace "security" created
$ helm install --name anchore-engine stable/anchore-engine --namespace security
NAME:   anchore-engine
LAST DEPLOYED: Wed May 29 12:22:25 2019
NAMESPACE: security
STATUS: DEPLOYED
## And a lot more output
```
Confirm that the service is up and running with this command:
```
kubectl run -i --tty anchore-cli --restart=Always --image anchore/engine-cli --env ANCHORE_CLI_USER=admin --env ANCHORE_CLI_PASS=${ANCHORE_CLI_PASS} --env ANCHORE_CLI_URL=<http://anchore-engine-anchore-engine-api.security.svc.cluster.local:8228/v1/>
If you don't see a command prompt, try pressing enter.
[anchore@anchore-cli-86d7fd9568-rmknw anchore-cli]$
```
If you are logged into an Anchore container (similar to above), then the system is online. The default password for Anchore is **admin/foobar**. Type **exit** to leave the terminal.
Use port forwarding again to access the Anchore Engine API from your host system:
```
$ kubectl get pods --namespace security
NAME                                                         READY     STATUS    RESTARTS   AGE
anchore-engine-anchore-engine-analyzer-7cf5958795-wtw69      1/1       Running   0          3m
anchore-engine-anchore-engine-api-5c4cdb5587-mxkd7           1/1       Running   0          3m
anchore-engine-anchore-engine-catalog-648fcf54fd-b8thl       1/1       Running   0          3m
anchore-engine-anchore-engine-policy-7b78dd57f4-5dwsx        1/1       Running   0          3m
anchore-engine-anchore-engine-simplequeue-859c989f99-5dwgf   1/1       Running   0          3m
anchore-engine-postgresql-844dfcc468-s92c5                   1/1       Running   0          3m
# Find the API pod name above and add it to the command below
$ kubectl port-forward anchore-engine-anchore-engine-api-5c4cdb5587-mxkd7 8228:8228 --namespace security
```
### Join Anchore and Jenkins
Go back to the Jenkins UI at **<http://127.0.0.1:8088/>**. On the main menu, click **Manage Jenkins &gt; Manage Plugins**. Choose the **Available** tab, then scroll down or search for the **Anchore Container Image Scanner Plugin**. Check the box next to the plugin and choose **Install without restart**.
![Jenkins plugin manager][20]
Once the installation completes, go back to the main menu in Jenkins and choose **Manage Jenkins**, then **Configure System**. Scroll down to **Anchore Configuration**. Confirm **Engine Mode** is selected and a URL is entered, which is output from the Helm installation. Add the username and password (default **admin/foobar**). For debugging purposes, check **Enable DEBUG logging**.
![Anchore plugin mode][21]
Now that the plugin is configured, you can set up a Jenkins pipeline to scan your container builds.
### Jenkins pipeline and Anchore scanning
The purpose of this setup is to be able to inspect container images on the fly to ensure they meet security requirements. To do so, use Anchore Engine and give it permission to access your images. In this example, they are on Docker Hub, but they could also be on Quay or any other [container registry supported by Anchore][22]. 
In order to run the necessary commands on the command line, we need to find our Anchore pod name, then SSH into it using **kubectl exec**:
```
$ kubectl get all
NAME                               READY     STATUS    RESTARTS   AGE
pod/anchore-cli-86d7fd9568-rmknw   1/1       Running   2          2d
NAME                 TYPE        CLUSTER-IP   EXTERNAL-IP   PORT(S)   AGE
service/kubernetes   ClusterIP   10.96.0.1    &lt;none&gt;        443/TCP   7d
NAME                          DESIRED   CURRENT   UP-TO-DATE   AVAILABLE   AGE
deployment.apps/anchore-cli   1         1         1            1           2d
NAME                                     DESIRED   CURRENT   READY     AGE
replicaset.apps/anchore-cli-86d7fd9568   1         1         1         2d
# Lets connect to our anchore-cli pod
$ kubectl exec -it anchore-cli-86d7fd9568-rmknw -i -t -- bash
[anchore@anchore-cli-86d7fd9568-rmknw anchore-cli]$ anchore-cli --u admin  --p foobar  registry add index.docker.io &lt;username&gt; &lt;password&gt;
Registry: index.docker.io
User: jrepka
Type: docker_v2
Verify TLS: True
Created: 2019-05-14T22:37:59Z
Updated: 2019-05-14T22:37:59Z
```
Anchore Engine is now ready to work with your registry. There are [several ways][23] it can do so, including:
* Analyzing images
* Inspecting image content
* Scanning repositories
* Viewing security vulnerabilities
Point Anchore Engine toward an image to analyze it against your policy. For our testing, we'll use the publicly available [Cassandra][24] image:
```
[anchore@anchore-cli-86d7fd9568-rmknw anchore-cli]$ anchore-cli --u admin  --p foobar   image add
docker.io/library/cassandra:latest
Image Digest: sha256:7f7afff84384e36593b085d62e087674029de9aced4482c7780f155d8ee55fad
Parent Digest: sha256:800084987d58c2a62daeea4662ecdd79fd4928d449279bd410ef7690ef482469
Analysis Status: not_analyzed
Image Type: docker
Analyzed At: None
Image ID: a34c036183d18527684cdb613fbb1c806c7e1bc26f6911dcc25e918aa7b093fc
Dockerfile Mode: None
Distro: None
Distro Version: None
Size: None
Architecture: None
Layer Count: None
Full Tag: docker.io/library/cassandra:latest
Tag Detected At: 2019-07-09T17:44:45Z
```
You will also need to grab a default policy ID to test against for your pipeline. (In a future article, I will go into customizing policy and whitelist rules.)
Run the following command to get the policy ID:
```
[anchore@anchore-cli-86d7fd9568-rmknw anchore-cli]$ anchore-cli --u admin  --p foobar policy list
Policy ID                                   Active        Created                     Updated                    
2c53a13c-1765-11e8-82ef-23527761d060        True          2019-05-14T22:12:05Z        2019-05-14T22:12:05Z
```
Now that you have added a registry and the image you want, you can build a pipeline to scan it continuously.
Scanning works in this order: **Build, push, scan.** To prevent images that do not meet security requirements from making it into production, I recommend a tiered approach to security scanning: promote a container image to a separate development environment and promote it to production only once it passes the Anchore Engine's scan.
We can't do anything too exciting until we configure our custom policy, so we will make sure a scan completes successfully by running a Hello World version of it. Below is an example workflow written in Groovy:
```
node {
   echo 'Hello World'
}
```
To run this code, log back into the Jenkins UI at **localhost:8088**, choose New Item, Pipeline, then place this code block into the Pipeline Script area.
![The "Hello World" of Jenkins][25]
It will take some time to complete since we're building the entire Cassandra image added above. You will see a blinking red icon in the meantime. 
![Jenkins building][26]
And it will eventually finish and pass. That means we have set everything up correctly.
### That's a wrap
If you made it this far, you have a running Minikube configuration with Jenkins and Anchore Engine. You also have one or more images hosted on a container registry service and a way for Jenkins to show errors when images don't meet the default policy. In the next article, we will build a custom pipeline that verifies security policies set by Anchore Engine.
Anchore can also be used to scan large-scale Amazon Elastic Container Registries (ECRs), as long as the credentials are configured properly in Jenkins.
### Other resources
This is a lot of information for one article. If you'd like more details, the following links (which include my GitHub for all the examples in this tutorial) may help:
* [Anchore scan example][27]
* [Anchore Engine][28]
* [Running Kubernetes locally via Minikube][5]
* [Jenkins Helm Chart][29]
Are there any specific pipelines you want me to build in the next tutorial? Let me know in the comments.
--------------------------------------------------------------------------------
via: https://opensource.com/article/19/7/security-scanning-your-devops-pipeline
作者:[Jessica Repka][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/jrepkahttps://opensource.com/users/marcobravohttps://opensource.com/users/jrepka
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/target-security.png?itok=Ca5-F6GW (Target practice)
[2]: https://jenkins.io/
[3]: https://anchore.com/
[4]: https://opensource.com/resources/what-is-kubernetes
[5]: https://kubernetes.io/docs/setup/minikube/
[6]: https://hub.docker.com/
[7]: https://kubernetes.io/docs/tasks/tools/install-minikube/
[8]: https://helm.sh/docs/using_helm/#installing-helm
[9]: https://opensource.com/sites/default/files/uploads/minikube-dashboard.png (Minikube dashboard)
[10]: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/
[11]: https://opensource.com/article/19/6/jenkins-admin-password-helm-kubernetes
[12]: https://opensource.com/sites/default/files/uploads/welcometojenkins.png (Jenkins UI)
[13]: https://opensource.com/sites/default/files/lead-images/screen_shot_2019-06-20_at_4.52.06_pm.png
[14]: https://opensource.com/sites/default/files/lead-images/screen_shot_2019-06-20_at_4.52.30_pm.png
[15]: https://opensource.com/sites/default/files/lead-images/screen_shot_2019-06-20_at_4.59.20_pm.png
[16]: https://opensource.com/sites/default/files/resize/lead-images/screen_shot_2019-06-14_at_8.26.55_am-500x288.png
[17]: https://opensource.com/sites/default/files/resize/lead-images/screen_shot_2019-06-14_at_8.26.25_am-500x451.png
[18]: https://opensource.com/sites/default/files/lead-images/screen_shot_2019-06-20_at_5.05.10_pm.png
[19]: https://github.com/anchore/anchore-engine
[20]: https://opensource.com/sites/default/files/uploads/jenkins-install-without-restart.png (Jenkins plugin manager)
[21]: https://opensource.com/sites/default/files/uploads/anchore-configuration.png (Anchore plugin mode)
[22]: https://github.com/anchore/enterprise-docs/blob/master/content/docs/using/ui_usage/registries/_index.md
[23]: https://docs.anchore.com/current/docs/using/cli_usage/
[24]: http://cassandra.apache.org/
[25]: https://opensource.com/sites/default/files/articles/jenkins_hello_world_pipeline_opensourcecom.png (The "Hello World" of Jenkins)
[26]: https://opensource.com/sites/default/files/jenkins_build_opensourcecom.png (Jenkins building)
[27]: https://github.com/Alynder/anchore_example
[28]: https://github.com/anchore/anchore-engine/wiki
[29]: https://github.com/helm/charts/tree/master/stable/jenkins

126
sources/tech/20190717 Bond WiFi and Ethernet for easier networking mobility.md
View File

@ -1,126 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Bond WiFi and Ethernet for easier networking mobility)
[#]: via: (https://fedoramagazine.org/bond-wifi-and-ethernet-for-easier-networking-mobility/)
[#]: author: (Ben Cotton https://fedoramagazine.org/author/bcotton/)
Bond WiFi and Ethernet for easier networking mobility
======
![][1]
Sometimes one network interface isnt enough. Network bonding allows multiple network connections to act together with a single logical interface. You might do this because you want more bandwidth than a single connection can handle. Or maybe you want to switch back and forth between your wired and wireless networks without losing your network connection.
The latter applies to me. One of the benefits to working from home is that when the weather is nice, its enjoyable to work from a sunny deck instead of inside. But every time I did that, I lost my network connections. IRC, SSH, VPN — everything goes away, at least for a moment while some clients reconnect. This article describes how I set up network bonding on my Fedora 30 laptop to seamlessly move from the wired connection my laptop dock to a WiFi connection.
In Linux, interface bonding is handled by the bonding kernel module. Fedora does not ship with this enabled by default, but it is included in the kernel-core package. This means that enabling interface bonding is only a command away:
```
sudo modprobe bonding
```
Note that this will only have effect until you reboot. To permanently enable interface bonding, create a file called _bonding.conf_ in the _/etc/modules-load.d_ directory that contains only the word “bonding”.
Now that you have bonding enabled, its time to create the bonded interface. First, you must get the names of the interfaces you want to bond. To list the available interfaces, run:
```
sudo nmcli device status
```
You will see output that looks like this:
```
DEVICE TYPE STATE CONNECTION
enp12s0u1 ethernet connected Wired connection 1
tun0 tun connected tun0
virbr0 bridge connected virbr0
wlp2s0 wifi disconnected --
p2p-dev-wlp2s0 wifi-p2p disconnected --
enp0s31f6 ethernet unavailable --
lo loopback unmanaged --
virbr0-nic tun unmanaged --
```
In this case, there are two (wired) Ethernet interfaces available. _enp12s0u1_ is on a laptop docking station, and you can tell that its connected from the _STATE_ column. The other, _enp0s31f6_, is the built-in port in the laptop. There is also a WiFi connection called _wlp2s0_. _enp12s0u1_ and _wlp2s0_ are the two interfaces were interested in here. (Note that its not necessary for this exercise to understand how network devices are named, but if youre interested you can see the [systemd.net-naming-scheme man page][2].)
The first step is to create the bonded interface:
```
sudo nmcli connection add type bond ifname bond0 con-name bond0
```
In this example, the bonded interface is named _bond0_. The “_con-name bond0_” sets the connection name to _bond0_; leaving this off would result in a connection named _bond-bond0_. You can also set the connection name to something more human-friendly, like “Docking station bond” or “Ben”
The next step is to add the interfaces to the bonded interface:
```
sudo nmcli connection add type ethernet ifname enp12s0u1 master bond0 con-name bond-ethernet
sudo nmcli connection add type wifi ifname wlp2s0 master bond0 ssid Cotton con-name bond-wifi
```
As above, the connection name is specified to be [more descriptive][3]. Be sure to replace _enp12s0u1_ and _wlp2s0_ with the appropriate interface names on your system. For the WiFi interface, use your own network name (SSID) where I use “Cotton”. If your WiFi connection has a password (and of course it does!), youll need to add that to the configuration, too. The following assumes youre using [WPA2-PSK][4] authentication
```
sudo nmcli connection modify bond-wifi wifi-sec.key-mgmt wpa-psk
sudo nmcli connection edit bond-wif
```
The second command will bring you into the interactive editor where you can enter your password without it being logged in your shell history. Enter the following, replacing _password_ with your actual password
```
set wifi-sec.psk password
save
quit
```
Now youre ready to start your bonded interface and the secondary interfaces you created
```
sudo nmcli connection up bond0
sudo nmcli connection up bond-ethernet
sudo nmcli connection up bond-wifi
```
You should now be able to disconnect your wired or wireless connections without losing your network connections.
### A caveat: using other WiFi networks
This configuration works well when moving around on the specified WiFi network, but when away from this network, the SSID used in the bond is not available. Theoretically, one could add an interface to the bond for every WiFi connection used, but that doesnt seem reasonable. Instead, you can disable the bonded interface:
```
sudo nmcli connection down bond0
```
When back on the defined WiFi network, simply start the bonded interface as above.
### Fine-tuning your bond
By default, the bonded interface uses the “load balancing (round-robin)” mode. This spreads the load equally across the interfaces. But if you have a wired and a wireless connection, you may want to prefer the wired connection. The “active-backup” mode enables this. You can specify the mode and primary interface when you are creating the interface, or afterward using this command (the bonded interface should be down):
```
sudo nmcli connection modify bond0 +bond.options "mode=active-backup,primary=enp12s0u1"
```
The [kernel documentation][5] has much more information about bonding options.
--------------------------------------------------------------------------------
via: https://fedoramagazine.org/bond-wifi-and-ethernet-for-easier-networking-mobility/
作者:[Ben Cotton][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://fedoramagazine.org/author/bcotton/
[b]: https://github.com/lujun9972
[1]: https://fedoramagazine.org/wp-content/uploads/2019/07/networkingmobility-816x345.jpg
[2]: https://www.freedesktop.org/software/systemd/man/systemd.net-naming-scheme.html
[3]: https://en.wikipedia.org/wiki/Master/slave_(technology)#Terminology_concerns
[4]: https://en.wikipedia.org/wiki/Wi-Fi_Protected_Access#Target_users_(authentication_key_distribution)
[5]: https://www.kernel.org/doc/Documentation/networking/bonding.txt

130
sources/tech/20190717 Get going with EtherCalc, a web-based alternative to Google Sheets.md
View File

@ -1,130 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Get going with EtherCalc, a web-based alternative to Google Sheets)
[#]: via: (https://opensource.com/article/19/7/get-going-ethercalc)
[#]: author: (Scott Nesbitt https://opensource.com/users/scottnesbitthttps://opensource.com/users/greg-phttps://opensource.com/users/marcobravo)
Get going with EtherCalc, a web-based alternative to Google Sheets
======
EtherCalc is an open source spreadsheet that makes it easy to work
remotely and collaborate with others.
![Open data brain][1]
Spreadsheets can be very useful—and not just for [managing your finances][2]. That said, desktop spreadsheets have their limitations. The biggest is that you need to be at your computer to use one. On top of that, collaborating on a spreadsheet can quickly become a messy affair.
Enter [EtherCalc][3], an open source, web-based spreadsheet. While not as fully featured as a desktop spreadsheet, EtherCalc packs enough features for most people.
Let's take a look at how to get started using it.
### Getting EtherCalc
If you're self-hosting, you can [download the code][4], get it through [Sandstorm.io][5], or use npm (the Node.js package manager) to install it on a server.
But what if you don't have a server? You can use one of the many hosted instances of EtherCalc—for example, at [EtherCalc.org][6], the [instance hosted][7] by the folks at [Framasoft][8], or use it through [Sandstorm Oasis][9].
### What can you use EtherCalc for?
Just about everything you'd use a desktop spreadsheet for. That could be to balance your budget, track your savings, record your income, schedule meetings, or take an inventory of your possessions.
I've used EtherCalc to track time on freelance projects, to create invoices for those projects, and even to share article ideas with my fellow [Opensource.com community moderators][10]. How you use EtherCalc is up to your needs and your imagination.
### Working with EtherCalc
The first step is to create a spreadsheet.
![Empty EtherCalc spreadsheet][11]
If you've used a desktop or web-based spreadsheet before, EtherCalc will look somewhat familiar. As with any spreadsheet, you type what you need to type in the cells on the sheet. The includes column headings, labels, and functions (more on those in a moment).
Before you do anything else, bookmark the URL to your spreadsheet. EtherCalc uses randomly generated URLs—for example, <https://ethercalc.org/9krfqj2en6cke>—which aren't easy to remember.
### Formatting your spreadsheet
To add formatting to your spreadsheet, highlight the cell or cells that you want to format and click the **Format** menu.
![EtherCalc's Format menu][12]
You can add borders and padding, change fonts and their attributes, align text, and change the format of numbers, for example to dates or currency formats. When you're done, click the **Save to:** button to apply the formatting.
### Adding functions
_Functions_ enable you to add data, manipulate data, and make calculations in a spreadsheet. They can do a lot more, too.
To add a function to your spreadsheet, click a cell. Then, click the **Function** button on the toolbar.
![EtherCalc Function button][13]
That opens a list all of the functions EtherCalc supports, along with a short description of what each function does.
![EtherCalc Functions list][14]
Select the function you want to use, then click **Paste**. EtherCalc adds the function, along with an opening parenthesis, to the cell. Type what you need to after the parenthesis, then type a closing parenthesis. For example, if you want to total up all the numbers in column B in the spreadsheet using the _=SUM()_ function, type _B1:B21_ and close the parenthesis.
![Entering a function in EtherCalc ][15]
You can also add functions by double-clicking in a cell and typing them. There's no reference in the documentation for EtherCalc's functions. However, it does support [OpenFormula][16] (a standard for math formulas that spreadsheets support). If you're not familiar with spreadsheet functions, you can look up what you need in the [OpenFormula specification][17] or this handy dandy [reference to LibreOffice Calc's functions][18].
### Collaborating with others
Earlier this year, I worked with two friends on a content strategy project. I'm in New Zealand, one friend is in British Columbia, and the other is in Toronto. Since we were working across time zones, each of us needed access to the spreadsheet we were using to track and coordinate our work. Emailing a LibreOffice Calc file wasn't an option. Instead, we turned to EtherCalc, and it worked very well.
Collaborating with EtherCalc starts with sharing your spreadsheet's URL with your collaborators. You can tell when someone else is working on the spreadsheet by the blue border that appears around one or more cells.
![Collaborating in EtherCalc][19]
You and your collaborators can enter information into the spreadsheet simultaneously. All you need to remember is to respect the sanctity of those blue borders.
The **Comment** tab comes in handy when you need to ask a question, include additional information, or make a note to follow up on something. To add a comment, click the tab, and type what you need to type. When you're finished, click **Save**.
![Adding a comment in EtherCalc][20]
You can tell when a cell has a comment by the small red triangle in the top-right corner of the cell. Hold your mouse pointer over it to view the comment.
![Viewing a comment in EtherCalc][21]
### Final thoughts
EtherCalc doesn't do everything that, say, [LibreOffice Calc][22] or [Gnumeric][23] can do. And there's nothing wrong with that. In this case, the [80/20 rule][24] applies.
If you need a simple spreadsheet and one that you can work on with others, EtherCalc is a great choice. It takes a bit of getting used to, but once you do, you'll have no problems using EtherCalc.
--------------------------------------------------------------------------------
via: https://opensource.com/article/19/7/get-going-ethercalc
作者:[Scott Nesbitt][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/scottnesbitthttps://opensource.com/users/greg-phttps://opensource.com/users/marcobravo
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/osdc_520x292_opendata_0613mm.png?itok=UIjD_jhK (Open data brain)
[2]: https://opensource.com/article/17/8/budget-libreoffice-calc
[3]: https://ethercalc.net/
[4]: https://github.com/audreyt/ethercalc
[5]: https://sandstorm.io
[6]: https://ethercalc.org
[7]: https://accueil.framacalc.org/en/
[8]: https://opensource.com/article/18/8/framasoft
[9]: https://oasis.sandstorm.io/
[10]: https://opensource.com/community-moderator-program
[11]: https://opensource.com/sites/default/files/uploads/ethercalc-empty-spreadsheet.png (Empty EtherCalc spreadsheet)
[12]: https://opensource.com/sites/default/files/uploads/ethercalc-formatting.png (EtherCalc's Format menu)
[13]: https://opensource.com/sites/default/files/uploads/ethercalc-function.png (EtherCalc Function button)
[14]: https://opensource.com/sites/default/files/uploads/ethercalc-function-list.png (EtherCalc Functions list)
[15]: https://opensource.com/sites/default/files/uploads/ethercalc-function-example.png (Entering a function in EtherCalc )
[16]: https://en.wikipedia.org/wiki/OpenFormula
[17]: https://docs.oasis-open.org/office/v1.2/os/OpenDocument-v1.2-os-part2.html
[18]: https://help.libreoffice.org/Calc/Functions_by_Category
[19]: https://opensource.com/sites/default/files/uploads/ethercalc-collaborators.png (Collaborating in EtherCalc)
[20]: https://opensource.com/sites/default/files/uploads/ethercalc-add-comment.png (Adding a comment in EtherCalc)
[21]: https://opensource.com/sites/default/files/uploads/ethercalc-view-comment.png (Viewing a comment in EtherCalc)
[22]: https://www.libreoffice.org/discover/calc/
[23]: http://www.gnumeric.org/
[24]: https://en.wikipedia.org/wiki/Pareto_principle

225
sources/tech/20190717 Mastering user groups on Linux.md
View File

@ -1,225 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: (0x996)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Mastering user groups on Linux)
[#]: via: (https://www.networkworld.com/article/3409781/mastering-user-groups-on-linux.html)
[#]: author: (Sandra Henry-Stocker https://www.networkworld.com/author/Sandra-Henry_Stocker/)
Mastering user groups on Linux
======
Managing user groups on Linux systems is easy, but the commands can be more flexible than you might be aware.
![Scott 97006 \(CC BY 2.0\)][1]
User groups play an important role on Linux systems. They provide an easy way for a select groups of users to share files with each other. They also allow sysadmins to more effectively manage user privileges, since they can assign privileges to groups rather than individual users.
While a user group is generally created whenever a user account is added to a system, theres still a lot to know about how they work and how to work with them.
**[ Two-Minute Linux Tips: [Learn how to master a host of Linux commands in these 2-minute video tutorials][2] ]**
### One user, one group?
Most user accounts on Linux systems are set up with the user and group names the same. The user "jdoe" will be set up with a group named "jdoe" and will be the only member of that newly created group. The users login name, user id, and group id will be added to the **/etc/passwd** and **/etc/group** files when the account is added, as shown in this example:
```
$ sudo useradd jdoe
$ grep jdoe /etc/passwd
jdoe:x:1066:1066:Jane Doe:/home/jdoe:/bin/sh
$ grep jdoe /etc/group
jdoe:x:1066:
```
The values in these files allow the system to translate between the text (jdoe) and numeric (1066) versions of the user id — jdoe is 1066 and 1066 is jdoe.
The assigned UID (user id) and GID (group id) for each user are generally the same and configured sequentially. If Jane Doe in the above example were the most recently added user, the next new user would likely be assigned 1067 as their user and group IDs.
### GID = UID?
UIDs and GIDs can get of out sync. For example, if you add a group using the **groupadd** command without specifying a group id, your system will assign the next available group id (in this case, 1067). The next user to be added to the system would then get 1067 as a UID but 1068 as a GID.
You can avoid this issue by specifying a smaller group id when you add a group rather than going with the default. In this command, we add a new group and provide a GID that is smaller than the range used for user accounts.
```
$ sudo groupadd -g 500 devops
```
If it works better for you, you can specify a shared group when you create accounts. For example, you might want to assign new development staff members to a devops group instead of putting each one in their own group.
```
$ sudo useradd -g staff bennyg
$ grep bennyg /etc/passwd
bennyg:x:1064:50::/home/bennyg:/bin/sh
```
### Primary and secondary groups
There are actually two types of groups — primary and secondary.
The **primary group** is the one thats recorded in the **/etc/passwd** file, configured when an account is set up. When a user creates a file, its their primary group that is associated with it.
```
$ whoami
jdoe
$ grep jdoe /etc/passwd
jdoe:x:1066:1066:John Doe:/home/jdoe:/bin/bash
^
|
+-------- primary group
$ touch newfile
$ ls -l newfile
-rw-rw-r-- 1 jdoe jdoe 0 Jul 16 15:22 newfile
^
|
+-------- primary group
```
**Secondary groups** are those that users might be added to once they already have accounts. Secondary group memberships show up in the /etc/group file.
```
$ grep devops /etc/group
devops:x:500:shs,jadep
^
|
+-------- secondary group for shs and jadep
```
The **/etc/group** file assigns names to user groups (e.g., 500 = devops) and records secondary group members.
### Preferred convention
The convention of having each user a member of their own group and optionally a member of any number of secondary groups allows users to more easily separate files that are personal from those they need to share with co-workers. When a user creates a file, members of the various user groups they belong to don't necessarily have access. A user will have to use the **chgrp** command to associate a file with a secondary group.
### Theres no place like /home
One important detail when adding a new account is that the **useradd** command does not necessarily add a home directory for a new user. If you want this step to be taken only some of the time, you can add **-m** (think of this as the “make home” option) with your useradd commands.
```
$ sudo useradd -m -g devops -c "John Doe" jdoe2
```
The options in this command:
* **-m** creates the home directory and populates it with start-up files
* **-g** specifies the group to assign the user to
* **-c** adds a descriptor for the account (usually the persons name)
If you want a home directory to be created _all_ of the time, you can change the default behavior by editing the **/etc/login.defs** file. Change or add a setting for the CREATE_HOME variable and set it to “yes”:
```
$ grep CREATE_HOME /etc/login.defs
CREATE_HOME yes
```
Another option is to set yourself up with an alias so that **useradd** always uses the -m option.
```
$ alias useradd=useradd -m
```
Make sure you add the alias to your ~/.bashrc or similar start-up file to make it permanent.
### Looking into /etc/login.defs
Heres a command to list all the setting in the /etc/login.defs file. The **grep** commands are hiding comments and blank lines.
```
$ cat /etc/login.defs | grep -v "^#" | grep -v "^$"
MAIL_DIR /var/mail
FAILLOG_ENAB yes
LOG_UNKFAIL_ENAB no
LOG_OK_LOGINS no
SYSLOG_SU_ENAB yes
SYSLOG_SG_ENAB yes
FTMP_FILE /var/log/btmp
SU_NAME su
HUSHLOGIN_FILE .hushlogin
ENV_SUPATH PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
ENV_PATH PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games
TTYGROUP tty
TTYPERM 0600
ERASECHAR 0177
KILLCHAR 025
UMASK 022
PASS_MAX_DAYS 99999
PASS_MIN_DAYS 0
PASS_WARN_AGE 7
UID_MIN 1000
UID_MAX 60000
GID_MIN 1000
GID_MAX 60000
LOGIN_RETRIES 5
LOGIN_TIMEOUT 60
CHFN_RESTRICT rwh
DEFAULT_HOME yes
CREATE_HOME yes <===
USERGROUPS_ENAB yes
ENCRYPT_METHOD SHA512
```
Notice the various settings in this file determine the range of user ids to be used along with password aging and other setting (e.g., umask).
### How to display a users groups
Users can be members of multiple groups for various reasons. Group membership gives a user access to group-owned files and directories, and sometimes this behavior is critical. To generate a list of the groups that some user belongs to, use the **groups** command.
```
$ groups jdoe
jdoe : jdoe adm admin cdrom sudo dip plugdev lpadmin staff sambashare
```
You can list your own groups by typing “groups” without an argument.
### How to add users to groups
If you want to add an existing user to another group, you can do that with a command like this:
```
$ sudo usermod -a -G devops jdoe
```
You can also add a user to multiple groups by specifying the groups in a comma-separated list:
```
$ sudo usermod -a -G devops,mgrs jdoe
```
The **-a** argument means “add” while **-G** lists the groups.
You can remove a user from a group by editing the **/etc/group** file and removing the username from the list. The usermod command may also have an option for removing a member from a group.
```
fish:x:16:nemo,dory,shark
|
V
fish:x:16:nemo,dory
```
### Wrap-up
Adding and managing user groups isn't particularly difficult, but consistency in how you configure accounts can make it easier in the long run.
**[ Now see: [Must-know Linux Commands][3] ]**
Join the Network World communities on [Facebook][4] and [LinkedIn][5] to comment on topics that are top of mind.
--------------------------------------------------------------------------------
via: https://www.networkworld.com/article/3409781/mastering-user-groups-on-linux.html
作者:[Sandra Henry-Stocker][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.networkworld.com/author/Sandra-Henry_Stocker/
[b]: https://github.com/lujun9972
[1]: https://images.idgesg.net/images/article/2019/07/carrots-100801917-large.jpg
[2]: https://www.youtube.com/playlist?list=PL7D2RMSmRO9J8OTpjFECi8DJiTQdd4hua
[3]: https://www.networkworld.com/article/3391029/must-know-linux-commands.html
[4]: https://www.facebook.com/NetworkWorld/
[5]: https://www.linkedin.com/company/network-world

96
sources/tech/20190717 Start tinkering with the Circuit Playground Express.md
View File

@ -1,96 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Start tinkering with the Circuit Playground Express)
[#]: via: (https://opensource.com/article/19/7/circuit-playground-express)
[#]: author: (Don Watkins https://opensource.com/users/don-watkins)
Start tinkering with the Circuit Playground Express
======
Learn what you can do with these tiny gadgets and a bit of Python code.
![Tools in a cloud][1]
I've been a gadget person as long as I can remember, so I was delighted when I discovered an Adafruit [Circuit Playground Express][2] (CPX) in the swag bag I got at [PyConUS][3] in May. I became fascinated with these little devices last year, when Nina Zakharenko highlighted them in her All Things Open presentation, [Five Things You Didn't Know Python Could Do][4], with Python-powered earrings.
After finding one in my PyCon bag, I set out to learn more about these mesmerizing little devices. First, I attended a "how-to" session at one of the Open Spaces meetups at PyCon. But learning always requires hands-on practice, and that's what I did when I got home. I connected the CPX device to my Linux laptop with a USB-to-MicroUSB cable. The unit mounts just like any standard USB drive, listed as CIRCUITPY.
![Circuit Playground Express mounted as USB drive][5]
The CPX works on MacOS, [Windows][6], and Linux (including [Chromebooks][7]). The device comes pre-loaded with code and some sound files. [Adafruit][8]'s extremely well-written documentation answered most of my questions. I discovered the unit can be programmed on Linux three different ways: [MakeCode][9], the [Arduino IDE][10], and the Python-based [CircuitPython][11], which I chose.
Adafruit provides excellent documentation for [creating and editing CircuitPython code][12], which I found helpful. You can use a variety of editors (e.g., Emacs, Visual Studio Code, gedit), but Adafruit recommends the [Mu Python editor][13], which I [wrote about][14] last year. I [installed Mu][15] on my system with **pip3 install --user mu-editor**. Then I opened a terminal and entered **mu-editor**. It asked me how to run Mu, and I chose Adafruit Circuit Python. Then I was able to look at the code that powers the CPX.
![Selecting CircuitPython mode to run Mu][16]
To open a connection between Mu and the CPX connected to your computer, press the Serial button in Mu. Then you can see any serial data from the CPX and edit it using Python's REPL shell.
Adafruit's programmers have written a library called **adafruit_circuitplayground.express** that enables CircuitPython to interact with the CPX board. To use it, add **import adafruit.circuitplayground.express** to your code. Or, to make it simpler, you can use the acronym **cpx**, shortening the code (as shown below) to **from adafruit_circuitplayground.express import cpx**.
![Importing Adafruit's CPX library][17]
The way you name your file is essential. The four options are code.txt, code.py, main.txt, and main.py. CircuitPython looks for the code files in that order and runs the first one it finds. Save the code to your CIRCUITPY drive each time you change it.
The main.py code included with a new CPX offers an example of the device's capabilities.
![CPX's default main.py][18]
When you execute this code, the CPX displays beautiful, brightly colored LEDs whirling in a rainbow of colors. With my rudimentary knowledge, I could tweak a few settings, like increasing the brightness and turning on the TOUCH_PIANO capability, but other modifications were beyond my coding ability at this point.
Eager to do more, I wanted to find code snippets I could use as building blocks to learn. First, I reached out to [Nina Zakharenko][19] on Twitter and asked for some help. She recommended I contact [Kattni Rembor][20], who pointed me to her GitHub repo and some [code examples][21] she wrote for the Chicago Linux User Group.
Each of these simple building blocks left me more confident in my Python journey. In addition to making lights blink, the CPX can also function as a sensor, and I wanted to try that. Here is code for a simple light sensor:
![CPX code for a blinking LED][22]
And here is the CPX with the D13 LED blinking:
![CPX with a blinking LED][23]
I also discovered a way to create some fun for my grandson by making the CPX "come to life." I recorded a couple of .wav files with Audacity and saved them to the device. Then I wrote some simple code that utilized the A and B buttons on the device to make the CPX "talk" to him:
![Code to play a sound when a button is pressed on CPX][24]
I've really enjoyed tinkering with the code to explore the CPX's capabilities. I am always looking for ways to make Python code come alive for students I teach. The CPX is a great way to help new users learn and enjoy coding and digital making. Another excellent resource for new users is Mike Barela's book _[Getting Started with Adafruit Circuit Playground Express][25]_. I found its information and examples very helpful as I was learning.
Get a [Circuit Playground Express][2] and start writing your own code. And then please share how you are using it in the comments.
--------------------------------------------------------------------------------
via: https://opensource.com/article/19/7/circuit-playground-express
作者:[Don Watkins][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/don-watkins
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/cloud_tools_hardware.png?itok=PGjJenqT (Tools in a cloud)
[2]: https://www.adafruit.com/product/3333
[3]: https://us.pycon.org/2019/
[4]: https://youtu.be/WlGkBqBRsik
[5]: https://opensource.com/sites/default/files/uploads/circuitplaygroundexpress_mounted.png (Circuit Playground Express mounted as USB drive)
[6]: https://learn.adafruit.com/adafruit-circuit-playground-express/adafruit2-windows-driver-installation
[7]: https://learn.adafruit.com/using-circuit-playground-express-makecode-circuitpython-on-a-chromebook/overview
[8]: https://learn.adafruit.com/adafruit-circuit-playground-express
[9]: https://makecode.adafruit.com/
[10]: https://learn.adafruit.com/adafruit-circuit-playground-express/arduino
[11]: https://circuitpython.org/
[12]: https://learn.adafruit.com/adafruit-circuit-playground-express/creating-and-editing-code
[13]: https://codewith.mu/en/
[14]: https://opensource.com/article/18/8/getting-started-mu-python-editor-beginners
[15]: https://codewith.mu/en/howto/1.0/install_with_python
[16]: https://opensource.com/sites/default/files/uploads/circuitplaygroundexpress_mu.png (Selecting CircuitPython mode to run Mu)
[17]: https://opensource.com/sites/default/files/uploads/circuitplaygroundexpress_import-cpx.png (Importing Adafruit's CPX library)
[18]: https://opensource.com/sites/default/files/uploads/circuitplaygroundexpress_main-py.png (CPX's default main.py)
[19]: https://twitter.com/nnja
[20]: https://learn.adafruit.com/users/kattni
[21]: https://github.com/kattni/ChiPy_2018
[22]: https://opensource.com/sites/default/files/uploads/circuitplaygroundexpress_simpleblinkingled.png (CPX code for a blinking LED)
[23]: https://opensource.com/sites/default/files/uploads/circuitplaygroundexpress_d13blinking.jpg (CPX with a blinking LED)
[24]: https://opensource.com/sites/default/files/uploads/circuitplaygroundexpress_talking.png (Code to play a sound when a button is pressed on CPX)
[25]: https://www.adafruit.com/product/3944

110
sources/tech/20190718 How to apply -release early, release often- to build a better brand.md
View File

@ -1,110 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (How to apply 'release early, release often' to build a better brand)
[#]: via: (https://opensource.com/article/19/7/build-better-brand)
[#]: author: (Alex Kimball https://opensource.com/users/alex-kimballhttps://opensource.com/users/marcobravo)
How to apply 'release early, release often' to build a better brand
======
Try this faster, more collaborative process to promote your project.
![][1]
The importance of open source—and specifically the maxim "release early, release often" (RERO)—can hardly be overstated. 
This approach born at the command line has impacted the world as organizations of every shape and size discover what open, collaborative processes can do. Look around. The evidence is everywhere: on our phones, in our cars, in schools and hospitals.
If we still built software the way we used to, innovations across these and countless other areas may never have seen the light of day.
The worlds of marketing and brand development are no different. In today's fast-moving tech industry, marketers and strategists are taking a page out of the dev team's playbook, applying more agile methods to creating brand messaging and visual identities.
Why? For the same reasons cathedral-style development is no longer the best way to build apps: it's too isolated, too slow, and too disconnected from the reality of how the rest of the world works.
Fans of the TV series _Mad Men_ will be familiar with how marketing used to be done, especially within an agency. Marketing messages—taglines, slogans, jingles, and the like—developed by creative powerhouses with a unique gift they (and only they) seemed to truly understand.
A typical project would go something like this:
* The client hires the agency. Much excitement as the journey sets off; after a very brief introductory meeting, the client sends along a few existing materials.
* The agency retreats to its creative confines to wait for divine inspiration to strike.
* Many weeks and months later, the agency returns with—_**eureka!**_—the answer!
Why these antiquated processes don't work:
* They allow little room for the voice of the customer.
* They allow little room for the voice of those within the company who know it best and care about it most.
* They hold precious the final product until the very end, increasing the likelihood that bugs in the creative code will survive until it's too late. All destination. No journey.
That's not how today's most agile, most innovative companies build their software. It shouldn't be how they build their brands.
### 3 simple steps to begin your RERO journey
Applying RERO to your brand projects is simple. Start with these three steps:
#### 1\. Set clear expectations
As the well-known African proverb cautions: "If you want to go fast, go alone; if you want to go far, go together." When it comes to projects guided by RERO principles, setting clear expectations early can be the key to going farther, faster.
At any project's outset, gather your working team, partners, clients, or anyone else expected to contribute, and make sure everyone is prepared to adopt an agile mindset. Progress will be measured in speedy steps, not big leaps. In a room packed with perfectionists, some will likely bristle at this new approach—don't worry.
Don't forget the logistics, either. Share the project schedule, clearly outlining the milestones where all are expected to participate, as well as windows of working time where individual progress should be made.
#### 2\. Share silly first drafts
Ideas, especially rough ones, should be welcomed with open arms. We call these early explorations Silly First Drafts. The SFD is a crucial piece of our creative puzzle. Naming it makes it less scary. An open invitation to share with the team even the smallest seed of an idea without fear of ridicule or rejection.
Easier said than done, for sure. As a writer, I struggle to take this advice more than I'd care to admit. Putting something you've created out there before it's ready for primetime feels like a mortal sin. Not so in the RERO world. The goal of the SFD is to create more, more quickly — and get what you create in front of users and customers who can help you make it even better. To dive in, get messy and create in the open for more eyes to see and help improve.
Some content creators will bristle at this approach initially. Encourage them to embrace this discomfort with a more curious, growth-oriented mindset. Apply what the improv world calls a "Yes, and…" mindset, which emphasizes additive contributions not subtractive naysaying.
Emphasize the journey _and_ the destination. Not a simple binary of success or failure, but rather an opportunity for continuous development. At the project level, this approach helps combat progress-killing factors like the dreaded "paralysis by analysis." How much time have we all lost to hand-wringing indecision and over-thinking?
Gather input on anything you've created—whether lines of code or lines of copy—and your final product will thank you. Just make sure these "fresh eyes" know what to look for. Equip your team to understand how they can be most helpful. Highlight specific areas where feedback is most needed (and by contrast, where things are feeling pretty good).
#### 3\. Embrace technology
This last step is probably the easiest but worth mentioning, as it's overlooked more often than you might expect. Collaboration software has made life a lot easier for all of us lately and can be a crucial strategy to implement a RERO approach for your next project effectively.
##### Team communication
Today's crop of online messaging platforms is well-suited to match the pace of a RERO-guided process. Provide all project contributors—especially those who work remotely—with a single, always-available venue for productive discussions. For our money, the best open source option of the bunch is [Mattermost][2]. It does just about everything Slack can do—file sharing, real-time chat, robust integrations—while also letting you access the source code.
Set a few parameters for the team around best practices to keep the channel positive and productive. Without at least a few rules in place, channels and threads can quickly become side-tracked and GIF-overloaded. Describe the purpose of each channel when it's created so that everyone knows why it exists and what you're there to do.
##### Content creation
For content-related tasks that require word processing, spreadsheets, and presentations, open source alternatives to the Microsoft Office suite of products have been available for decades—chief among them was the now-defunct OpenOffice. Since its final release in 2011, a handful of other providers have picked up the torch.
LibreOffice is a good option, but by the development team's own admission, it may not be the best choice for enterprise deployments. For business-critical applications, check out [Collabora Online][3]. This hosted solution offers a full suite of office applications with powerful team tools for live collaborative editing, support for all major file formats, and data security protections.
With project files accessible to anyone with a modern browser, you won't have to worry about "I can't open it" issues that arise when your PC-loving executive goes to review work from the Mac-loving design team. And when revision histories are updated automatically, it's easy to revisit previous drafts and chronicle the journey you've taken.
Just be sure to set some ground rules as all your cooks enter the content kitchen at once. Allow one content creator to retain editing permissions while granting other team members comment-only or view-only permissions. This helps keep revisions to the core piece of content firmly within the realm of the person who created it and helps ensure all reviewers are reacting to the same version.
### How the future of business is built
Release early, release often is more relevant to our world than ever. This faster, more collaborative process is the way businesses of all kinds must create their futures.
Follow the steps outlined above, and you and your team will be well on your way to applying the principles of agile development, rapid iteration, and continuous innovation to your next brand development project.
--------------------------------------------------------------------------------
via: https://opensource.com/article/19/7/build-better-brand
作者:[Alex Kimball][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/alex-kimballhttps://opensource.com/users/marcobravo
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/branding_opensource_intersection.png?itok=4lf-f5NB
[2]: https://mattermost.com/
[3]: https://www.collaboraoffice.com/code/

85
sources/tech/20190718 Redirect a GitHub Pages site with this HTTP hack.md
View File

@ -1,85 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Redirect a GitHub Pages site with this HTTP hack)
[#]: via: (https://opensource.com/article/19/7/permanently-redirect-github-pages)
[#]: author: (Oleksii Tsvietnov https://opensource.com/users/oleksii-tsvietnov)
Redirect a GitHub Pages site with this HTTP hack
======
Learn how to configure two repositories to serve as static websites with
custom domain names.
![computer servers processing data][1]
I run a few static websites for my private projects on [GitHub Pages][2]. I'm absolutely happy with the service, as it supports custom domains, automatically redirects to HTTPS, and transparently installs SSL certificates (with automatic issuing via [Let's Encrypt][3]). It is very fast (thanks to [Fastly's][4] content delivery network) and is extremely reliable (I haven't had any issues for years). Taking into account the fact that I get all of this for free, it perfectly matches my needs at the moment.
It has, however, one important limitation: because it serves static websites only, this means no query parameters, no dynamic content generated on the server side, no options for injecting any server-side configuration (e.g., .htaccess), and the only things I can push to the website's root directory are static assets (e.g., HTML, CSS, JS, JPEG, etc.). In general, this is not a big issue. There are a lot of open source [static site generators][5] available, such as [Jekyll][6], which is available by default from the dashboard, and [Pelican][7], which I prefer in most cases. Nevertheless, when you need to implement something that is traditionally solved on the server side, a whole new level of challenge begins. 
For example, I recently had to change a custom domain name for one of my websites. Keeping the old one was ridiculously expensive, and I wasn't willing to continue wasting money. I found a cheaper alternative and immediately faced a bigger problem: all the search engines have the old name in their indexes. Updating indexes takes time, and until that happens, I would have to redirect all requests to the new location. Ideally, I would redirect each indexed resource to the equivalent on the new site, but at minimum, I needed to redirect requests to the new start page. I had access to the old domain name for enough time, and therefore, I could run the site separately on both domain names at the same time.
There is one proper solution to this situation that should be used whenever possible: Permanent redirect, or the [301 Moved Permanently][8] status code, is the way to redirect pages implemented in the HTTP protocol. The only issue is that it's supposed to happen on the server side within a server response's HTTP header. But the only solution I could implement resides on a client side; that is, either HTML code or JavaScript. I didn't consider the JS variant because I didn't want to rely on the script's support in web browsers. Once I defined the task, I recalled a solution: the [**HTML &lt;meta&gt; tag**][9] **&lt;meta http-equiv&gt;** with the [**refresh**][10] [HTTP header][11]. Although it can be used to ask browsers to reload a page or jump to another URL after a specified number of seconds, after some research, I learned it is more complicated than I thought with some interesting facts and details.
### The solution
**TL;DR** (for anyone who isn't interested in all the details): In brief, this solution configures two repositories to serve as static websites with custom domain names.
On the site with the old domain, I reconstructed the website's entire directory structure and put the following index.html (including the root) in each of them: 
```
&lt;!DOCTYPE HTML&gt;                                                                
&lt;html lang="en"&gt;                                                                
    &lt;head&gt;                                                                      
        &lt;meta charset="utf-8"&gt;
        &lt;meta http-equiv="refresh" content="0;url={{THE_NEW_URL}}" /&gt;      
        &lt;link rel="canonical" href="{{THE_NEW_URL}}" /&gt;                    
    &lt;/head&gt;                                                                                                                                                                  
    &lt;body&gt;                                                                      
        &lt;h1&gt;                                                                    
            The page been moved to &lt;a href="{{THE_NEW_URL}}"&gt;{{THE_NEW_URL}}&lt;/a&gt;
        &lt;/h1&gt;                                                                  
    &lt;/body&gt;                                                                    
&lt;/html&gt;
```
When someone opens a resource on the old domain, most web browsers promptly redirect to the same resource on the new website (thanks to **http-equiv="refresh"**). For any resources that were missed or nonexistent, it's helpful to create a **404.html** file in the old website's root directory with similar content, but without **rel="canonical"** (because there is no a canonical page, in this case).
The last piece of the puzzle is the [canonical link relation][12] (**rel="canonical"**), which prevents duplicating content as long as the implemented redirect _is not permanent._ From the HTTP response's perspective, it happens when [the request has succeeded][13] and there is an indication for search engines that a resource has moved and should be associated with a new (preferred) location.
I have learned a few interesting facts related to **http-equiv="refresh"** and **rel="canonical"**. The HTML metatag **http-equiv** is used to simulate the presence of an HTTP header in a server response. That is, web developers without access to the web server's configuration can get a similar result by "injecting" HTTP headers from an HTML document (the "body" of an HTTP response). It seems the **refresh** header, which has been used by all popular web browsers for many years, _doesn't really exist_. At least not as a standardized HTTP header. There was a plan to add it in the HTTP/1.1 specification that was [deferred to HTTP/1.2][14] (or later), but it never happened.
### Summary
The task of finding the real source URL for a resource is far from trivial. There are different scheme names (HTTP, HTTPS), multiple query parameters (page.html, page.html?a=1), various hostnames that resolve to the same IP address, etc. All of these options make a webpage look different to search engines, but the page is still the same. It gets even worse when the same content is published on independent web services. In 2009, Google, Yahoo, and Microsoft announced [support for a canonical link element][15] to clean up duplicate URLs on sites by allowing webmasters to choose a canonical (preferred) URL for a group of possible URLs for the same page. This helps search engines pick up the correct URL to associate with the content and can also improve [SEO for a site][16].
--------------------------------------------------------------------------------
via: https://opensource.com/article/19/7/permanently-redirect-github-pages
作者:[Oleksii Tsvietnov][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/oleksii-tsvietnov
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/server_data_system_admin.png?itok=q6HCfNQ8 (computer servers processing data)
[2]: https://pages.github.com/
[3]: https://letsencrypt.org/
[4]: https://www.fastly.com/
[5]: https://www.staticgen.com/
[6]: https://jekyllrb.com/
[7]: https://github.com/getpelican/pelican
[8]: https://tools.ietf.org/html/rfc2616#section-10.3.2
[9]: https://developer.mozilla.org/en-US/docs/Web/HTML/Element/meta
[10]: http://www.otsukare.info/2015/03/26/refresh-http-header
[11]: https://tools.ietf.org/html/rfc2616#section-14
[12]: https://tools.ietf.org/html/rfc6596
[13]: https://tools.ietf.org/html/rfc2616#section-10.2.1
[14]: https://lists.w3.org/Archives/Public/ietf-http-wg-old/1996MayAug/0594.html
[15]: https://www.mattcutts.com/blog/canonical-link-tag/
[16]: https://yoast.com/rel-canonical/

121
sources/tech/20190718 What you need to know to be a sysadmin.md
View File

@ -1,121 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: (WangYueScream )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (What you need to know to be a sysadmin)
[#]: via: (https://opensource.com/article/19/7/be-a-sysadmin)
[#]: author: (Seth Kenlon https://opensource.com/users/sethhttps://opensource.com/users/marcobravohttps://opensource.com/users/kimvila)
What you need to know to be a sysadmin
======
Kickstart your sysadmin career by gaining these minimum competencies.
![People work on a computer server with devices][1]
The system administrator of yesteryear jockeyed users and wrangled servers all day, in between mornings and evenings spent running hundreds of meters of hundreds of cables. This is still true today, with the added complexity of cloud computing, containers, and virtual machines.
Looking in from the outside, it can be difficult to pinpoint what exactly a sysadmin does, because they play at least a small role in so many places. Nobody goes into a career already knowing everything they need for a job, but everyone needs a strong foundation. If you're looking to start down the path of system administration, here's what you should be concentrating on in your personal or formal training.
### Bash
When you learn the Bash shell, you don't just learn the Bash shell. You learn a common interface to Linux systems, BSD, MacOS, and even Windows (under the right conditions). You learn the importance of syntax, so you can quickly adapt to systems like Cisco routers' command line or Microsoft's PowerShell, and eventually, you can even learn more powerful languages like Python or Go. And you also begin to think procedurally so you can analyze complex problems and break them down into individual components, which is key because _that's_ how systems, like the internet, or an organization's intranet, or a web server, or a backup solution, are designed.
But wait. There's more.
Knowing the Bash shell has become particularly important because of the recent trend toward DevOps and [containers][2]. Your career as a sysadmin may lead you into a world where infrastructure is treated like code, which usually means you'll have to know the basics of scripting, the structure of [YAML-based][3] configuration, and how to [interact][4] with [containers][5] (tiny Linux systems running inside a [sandboxed file][6]). Knowing Bash is the gateway to efficient management of the most exciting open source technology, so go get [Bourne Again][7].
#### Resources
There are many ways to get practice in the Bash shell.
Try a [portable Linux distribution][8]. You don't have to install Linux to use Linux, so grab a spare thumb drive and spend your evenings or weekends getting comfortable with a text-based interface.
There are several excellent [Bash articles][9] available here on opensource.com as well as [on Enable SysAdmin][10].
The problem with telling someone to practice with Bash is that to practice, you must have something to do. And until you know how to use Bash, you probably won't be able to think of anything to do. If that's your situation, go to Over The Wire and play [Bandit][11]. It's a game aimed at absolute beginners, with 34 levels of interactive basic hacking to get you comfortable with the Linux shell.
### Web server setup
Once you're comfortable with Bash, you should try setting up a web server. Not all sysadmins go around setting up web servers or even maintain web servers, but the skills you acquire while installing and starting the HTTP daemon, configuring Apache or Nginx, setting up the [correct permissions][12], and [configuring a firewall][13], are the same skills you need on a daily basis. After a little bit of effort, you may start to notice certain patterns in your labor. There are concepts you probably took for granted before trying to administer production-ready software and hardware, and you're no longer shielded from them in your fledgling role as an administrator. It might be frustrating at first because everyone likes to be good at everything they do, but that's actually a good thing. Let yourself be bad at new skills. That's how you learn.
And besides, the more you struggle through your first steps, the sweeter it is when you finally see that triumphant "it works!" default index.html.
#### Resources
David Both wrote an excellent article on [Apache web server][14] configuration. For extra credit, step through his follow-up article on how to [host multiple sites][15] on one machine.
### DHCP
The Dynamic Host Configuration Protocol (DHCP) is the system that assigns IP addresses to devices on a network. At home, the modem or router your ISP (internet service provider) supports probably has an embedded DHCP server in it, so it's likely out of your purview. If you've ever logged into your home router to adjust the IP address range or set up a static address for some of your network devices, then you're at least somewhat familiar with the concept. You may understand that devices on a network are assigned the equivalent of phone numbers in the form of IP addresses, and you may realize that computers communicate with one another by broadcasting messages addressed to a specific IP address. Message headers are read by routers along the path, each of which works to direct the message to the next most logical router along the path toward its ultimate goal.
Even if you understand these concepts, the inevitable escalation of basic familiarity with DHCP is to set up a DHCP server. Installing and configuring your own DHCP server provides you the opportunity to introduce DHCP collisions on your home network (try to avoid that, if you can, as it will definitely kill your network until it's resolved), control the distribution of addresses, create subnets, and monitor connections and lease times.
More importantly, setting up DHCP and experimenting with different configurations helps you understand inter-networking. You understand how networks represent "partitions" in data transference and what steps you have to take to pass information from one to the other. That's vital for a sysadmin to know because the network is easily one of the most important aspects of the job.
#### Resources
Before running your own DHCP server, ensure that the DHCP server in your home router (if you have one) is inactive. Once you have it up and running, read Archit Modi's [guide to network commands][16] for tips on how to explore your network.
### Network cables
It might sound mundane, but getting familiar with how network cables work not only makes for a really fun weekend but also gives you a whole new understanding of how data gets across the wires. The best way to learn is to go to your local hobby shop and purchase a Cat 5 cutter and crimper and a few Cat 5 terminators. Then head home, grab a spare Ethernet cable, and cut the terminators off. Spend whatever amount of time it takes to get that cable back in commission.
Once you have solved that puzzle, do it again, this time creating a working [crossover cable][17].
You should also start obsessing _now_ about cable management. If you're not naturally inclined to run cables neatly along the floor molding or the edges of a desk or to bind cables together to keep them orderly, then make it a goal to permanently condition yourself with a phobia of messy cables. You won't understand why this is necessary at first, but the first time you walk into a server room, you will immediately know.
### Ansible
[Ansible][18] is configuration management software, and it's a bit of a bridge between sysadmin and DevOps. Sysadmins use Ansible to configure fresh installs of an operating system and to maintain specific states on machines. DevOps uses Ansible to reduce time and effort spent on tooling so that more time and effort gets spent on developing. You should learn Ansible as part of your sysadmin training, with an eye toward the practices of DevOps, because most of what DevOps is pioneering now will end up as part of your workflow in the system administration of the future.
The good thing about Ansible is that you can start using it now. It's cross-platform, and it scales both up and down. Ansible may be overkill for a single-user computer, but then again, Ansible could change the way you spin up virtual machines, or it could help you synchronize the states of all the computers in your home or [home lab][19].
#### Resources
Read "[How to manage your workstation configuration with Ansible][20]" by Jay LaCroix for the quintessential introduction to get started with Ansible on a casual basis.
### Break stuff
Problems arise on computers because of user error, buggy software, administrator (that's you!) error, and any number of other factors. There's no way to predict what's going to fail or why, so part of your personal sysadmin training regime should be to poke at the systems you set up until they fail. The worse you are to your own lab infrastructure, the more likely you are to find weak points. And the more often you repair those weak spots, the more confident you become in your problem-solving skills.
Aside from the rigors of setting up all the usual software and hardware, your primary job as a sysadmin is to find solutions. There will be times when you encounter a problem outside your job description, and it may not even be possible for you to fix it, but it'll be up to you to find a workaround.
The more you break stuff now and work to fix it, the better prepared you will be to work as a sysadmin.
* * *
Are you a working sysadmin? Are there tasks you wish you'd prepared better for? Add them in the comments below!
--------------------------------------------------------------------------------
via: https://opensource.com/article/19/7/be-a-sysadmin
作者:[Seth Kenlon][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/sethhttps://opensource.com/users/marcobravohttps://opensource.com/users/kimvila
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/rh_003499_01_linux11x_cc.png?itok=XMDOouJR (People work on a computer server with devices)
[2]: https://opensource.com/article/19/6/kubernetes-dump-truck
[3]: https://www.redhat.com/sysadmin/yaml-tips
[4]: https://opensource.com/article/19/6/how-ssh-running-container
[5]: https://opensource.com/resources/what-are-linux-containers
[6]: https://opensource.com/article/18/11/behind-scenes-linux-containers
[7]: https://opensource.com/article/18/7/admin-guide-bash
[8]: https://opensource.com/article/19/6/linux-distros-to-try
[9]: https://opensource.com/tags/bash
[10]: https://www.redhat.com/sysadmin/managing-files-linux-terminal
[11]: http://overthewire.org/wargames/bandit
[12]: https://opensource.com/article/19/6/understanding-linux-permissions
[13]: https://www.redhat.com/sysadmin/secure-linux-network-firewall-cmd
[14]: https://opensource.com/article/18/2/how-configure-apache-web-server
[15]: https://opensource.com/article/18/3/configuring-multiple-web-sites-apache
[16]: https://opensource.com/article/18/7/sysadmin-guide-networking-commands
[17]: https://en.wikipedia.org/wiki/Ethernet_crossover_cable
[18]: https://opensource.com/sitewide-search?search_api_views_fulltext=ansible
[19]: https://opensource.com/article/19/6/create-centos-homelab-hour
[20]: https://opensource.com/article/18/3/manage-workstation-ansible

80
sources/tech/20190719 Buying a Linux-ready laptop.md
View File

@ -1,80 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Buying a Linux-ready laptop)
[#]: via: (https://opensource.com/article/19/7/linux-laptop)
[#]: author: (Ricardo Berlasso https://opensource.com/users/rgb-eshttps://opensource.com/users/greg-phttps://opensource.com/users/chrisodhttps://opensource.com/users/victorhckhttps://opensource.com/users/hankghttps://opensource.com/users/noplanman)
Buying a Linux-ready laptop
======
Tuxedo makes it easy to buy an out-of-the-box "penguin-ready" laptop.
![Penguin with green background][1]
Recently, I bought and started using a Tuxedo Book BC1507, a Linux laptop computer. Ten years ago, if someone had told me that, by the end of the decade, I could buy top-quality, "penguin-ready" laptops from companies such as [System76][2], [Slimbook][3], and [Tuxedo][4], I probably would have laughed. Well, now I'm laughing, but with joy!
Going beyond designing computers for free/libre open source software (FLOSS), all three companies recently [announced][5] they are trying to eliminate proprietary BIOS software by switching to [Coreboot][6].
### Buying it
Tuxedo Computers is a German company that builds Linux-ready laptops. In fact, if you want a different operating system, it costs more.
Buying the computer was incredibly easy. Tuxedo offers many payment methods: not only credit cards but also PayPal and even bank transfers. Just fill out the bank transfer form on Tuxedo's web page, and the company will send you the bank coordinates.
Tuxedo builds every computer on demand, and picking exactly what you want is as easy as selecting the basic model and exploring the drop-down menus to select different components. There is a lot of information on the page to guide you in the purchase.
If you pick a different Linux distribution from the recommended one, Tuxedo does a "net install," so have a network cable ready to finish the installation, or you can burn your preferred image onto a USB key. I used a DVD with the openSUSE Leap 15.1 installer through an external DVD reader instead, but you get the idea.
The model I chose accepts up to two disks: one SSD and the other either an SSD or a conventional hard drive. As I was already over budget, I decided to pick a conventional 1TB disk and increase the RAM to 16GB. The processor is an 8th Generation i5 with four cores. I selected a back-lit Spanish keyboard, a 1920×1080/96dpi screen, and an SD card reader—all in all, a great system.
If you're fine with the default English or German keyboard, you can even ask for a penguin icon on the Meta key! I needed a Spanish keyboard, which doesn't offer this option.
### Receiving and using it
The perfectly packaged computer arrived in total safety to my door just six working days after the payment was registered. After unpacking the computer and unlocking the battery, I was ready to roll.
![Tuxedo Book BC1507][7]
The new toy on top of my (physical) desktop.
The computer's design is really nice and feels solid. Even though the chassis on this model is not aluminum, it stays cool. The fan is really quiet, and the airflow goes to the back edge, not to the sides, as in many other laptops. The battery provides several hours of autonomy from an electrical outlet. An option in the BIOS called FlexiCharger stops charging the battery after it reaches a certain percentage, so you don't need to remove the battery when you work for a long time while plugged in.
The keyboard is really comfortable and surprisingly quiet. Even the touchpad keys are quiet! Also, you can easily adjust the light intensity on the back-lit keyboard.
Finally, it's easy to access every component in the laptop so the computer can be updated or repaired without problems. Tuxedo even sends spare screws!
### Conclusion
After a month of heavy use, I'm really happy with the system. I got exactly what I asked for, and everything works perfectly.
Because they are usually high-end systems, Linux-included computers tend to be on the expensive side of the spectrum. If you compare the price of a Tuxedo or Slimbook computer with something with similar specifications from a more established brand, the prices are not that different. If you are after a powerful system to use with free software, don't hesitate to support these companies: What they offer is worth the price.
Let's us know in the comments about your experience with Tuxedo and other "penguin-friendly" companies.
* * *
_This article is based on "[My new 'penguin ready' laptop: Tuxedo-Book-BC1507][8]," published on Ricardo's blog, [From Mind to Type][9]._
--------------------------------------------------------------------------------
via: https://opensource.com/article/19/7/linux-laptop
作者:[Ricardo Berlasso][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/rgb-eshttps://opensource.com/users/greg-phttps://opensource.com/users/chrisodhttps://opensource.com/users/victorhckhttps://opensource.com/users/hankghttps://opensource.com/users/noplanman
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/linux_penguin_green.png?itok=ENdVzW22 (Penguin with green background)
[2]: https://system76.com/
[3]: https://slimbook.es/en/
[4]: https://www.tuxedocomputers.com/
[5]: https://www.tuxedocomputers.com/en/Infos/News/Tuxedo-Computers-stands-for-Free-Software-and-Security-.tuxedo
[6]: https://coreboot.org/
[7]: https://opensource.com/sites/default/files/uploads/tuxedo-600_0.jpg (Tuxedo Book BC1507)
[8]: https://frommindtotype.wordpress.com/2019/06/17/my-new-penguin-ready-laptop-tuxedo-book-bc1507/
[9]: https://frommindtotype.wordpress.com/

375
sources/tech/20190719 Modifying Windows local accounts with Fedora and chntpw.md
View File

@ -1,375 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Modifying Windows local accounts with Fedora and chntpw)
[#]: via: (https://fedoramagazine.org/modifying-windows-local-accounts-with-fedora-and-chntpw/)
[#]: author: (Shaun Assam https://fedoramagazine.org/author/sassam/)
Modifying Windows local accounts with Fedora and chntpw
======
![][1]
I recently encountered a problem at work where a clients Windows 10 PC lost trust to the domain. The user is an executive and the hindrance of his computer can affect real-time mission-critical tasks. He gave me 30 minutes to resolve the issue while he attended a meeting.
Needless to say, Ive encountered this issue many times in my career. Its an easy fix using the Windows 7/8/10 installation media to reset the Administrator password, remove the PC off the domain and rejoin it. Unfortunately it didnt work this time. After 20 minutes of scouring the net and scanning through the Microsoft Docs with no success, I turned to my development machine running Fedora with hopes of finding a solution.
With _dnf search_ I found a utility called **chntpw**:
```
$ dnf search windows | grep password
```
According to the summary, _chntpw_ will “change passwords in Windows SAM files.”
Little did I know at the time there was more to this utility than explained in the summary. Hence, this article will go through the steps I used to successfully reset a Windows local user password using _chntpw_ and a Fedora Workstation Live boot USB. The article will also cover some of the features of _chntpw_ used for basic user administration.
### Installation and setup
If the PC can connect to the internet after booting the live media, install _chntpw_ from the official Fedora repository with:
```
$ sudo dnf install chntpw
```
If youre unable to access the internet, no sweat! Fedora Workstation Live boot media has all the dependencies installed out-of-the-box, so all we need is the package. You can find the builds for your Fedora version from the [Fedora Projects Koji][2] site. You can use another computer to download the utility and use a USB thumb drive, or other form of media to copy the package.
First and foremost we need to create the Fedora Live USB stick. If you need instructions, the article on [How to make a Fedora USB stick][3] is a great reference.
Once the key is created shut-down the Windows PC, insert the thumb drive if the USB key was created on another computer, and turn on the PC — be sure to boot from the USB drive. Once the live media boots, select “Try Fedora” and open the Terminal application.
Also, we need to mount the Windows drive to access the files. Enter the following command to view all drive partitions with an NTFS filesystem:
```
$ sudo blkid | grep ntfs
```
Most hard drives are assigned to _/dev/sdaX_ where X is the partition number — virtual drives may be assigned to _/dev/vdX_, and some newer drives (like SSDs) use _/dev/nvmeX_. For this example the Windows C drive is assigned to _/dev/sda2_. To mount the drive enter:
```
$ sudo mount /dev/sda2 /mnt
```
Fedora Workstation contains the _ntfs-3g_ and _ntfsprogs_ packages out-of-the-box. If youre using a spin that does not have NTFS working out of the box, you can install these two packages from the official Fedora repository with:
```
$ sudo dnf install ntfs-3g ntfsprogs
```
Once the drive is mounted, navigate to the location of the SAM file and verify that its there:
```
$ cd /mnt/Windows/System32/config
$ ls | grep SAM
SAM
SAM.LOG1
SAM.LOG2
```
### Clearing or resetting a password
Now its time to get to work. The help flag **-h** provides everything we need to know about this utility and how to use it:
```
$ chntpw -h
chntpw: change password of a user in a Windows SAM file,
or invoke registry editor. Should handle both 32 and 64 bit windows and
all version from NT3.x to Win8.1
chntpw [OPTIONS] [systemfile] [securityfile] [otherreghive] […]
-h This message
-u Username or RID (0x3e9 for example) to interactively edit
-l list all users in SAM file and exit
-i Interactive Menu system
-e Registry editor. Now with full write support!
-d Enter buffer debugger instead (hex editor),
-v Be a little more verbose (for debuging)
-L For scripts, write names of changed files to /tmp/changed
-N No allocation mode. Only same length overwrites possible (very safe mode)
-E No expand mode, do not expand hive file (safe mode)
Usernames can be given as name or RID (in hex with 0x first)
See readme file on how to get to the registry files, and what they are.
Source/binary freely distributable under GPL v2 license. See README for details.
NOTE: This program is somewhat hackish! You are on your own!
```
Use the **-l** parameter to display a list of users it reads from the SAM file:
```
$ sudo chntpw -l SAM
chntpw version 1.00 140201, (c) Petter N Hagen
Hive name (from header): <\SystemRoot\System32\Config\SAM>
ROOT KEY at offset: 0x001020 * Subkey indexing type is: 686c
File size 65536 [10000] bytes, containing 7 pages (+ 1 headerpage)
Used for data: 346/37816 blocks/bytes, unused: 23/7016 blocks/bytes.
| RID -|---------- Username ------------| Admin? |- Lock? --|
| 01f4 | Administrator | ADMIN | dis/lock |
| 01f7 | DefaultAccount | | dis/lock |
| 03e8 | defaultuser0 | | dis/lock |
| 01f5 | Guest | | dis/lock |
| 03ea | sysadm | ADMIN | |
| 01f8 | WDAGUtilityAccount | | dis/lock |
| 03e9 | WinUser | | |
```
Now that we have a list of Windows users we can edit the account. Use the **-u** parameter followed by the username and the name of the SAM file. For this example, edit the _sysadm_ account:
```
$ sudo chntpw -u sysadm SAM
chntpw version 1.00 140201, (c) Petter N Hagen
Hive name (from header): <\SystemRoot\System32\Config\SAM>
ROOT KEY at offset: 0x001020 * Subkey indexing type is: 686c
File size 65536 [10000] bytes, containing 7 pages (+ 1 headerpage)
Used for data: 346/37816 blocks/bytes, unused: 23/7016 blocks/bytes.
================= USER EDIT ====================
RID : 1002 [03ea]
Username: sysadm
fullname: SysADM
comment :
homedir :
00000220 = Administrators (which has 2 members)
Account bits: 0x0010 =
[ ] Disabled | [ ] Homedir req. | [ ] Passwd not req. |
[ ] Temp. duplicate | [X] Normal account | [ ] NMS account |
[ ] Domain trust ac | [ ] Wks trust act. | [ ] Srv trust act |
[ ] Pwd don't expir | [ ] Auto lockout | [ ] (unknown 0x08) |
[ ] (unknown 0x10) | [ ] (unknown 0x20) | [ ] (unknown 0x40) |
Failed login count: 0, while max tries is: 0
Total login count: 0
- - - User Edit Menu:
1 - Clear (blank) user password
(2 - Unlock and enable user account) [seems unlocked already]
3 - Promote user (make user an administrator)
4 - Add user to a group
5 - Remove user from a group
q - Quit editing user, back to user select
Select: [q] >
```
To clear the password press **1** and ENTER. If successful you will see the following message:
```
...
Select: [q] > 1
Password cleared!
================= USER EDIT ====================
RID : 1002 [03ea]
Username: sysadm
fullname: SysADM
comment :
homedir :
00000220 = Administrators (which has 2 members)
Account bits: 0x0010 =
[ ] Disabled | [ ] Homedir req. | [ ] Passwd not req. |
[ ] Temp. duplicate | [X] Normal account | [ ] NMS account |
[ ] Domain trust ac | [ ] Wks trust act. | [ ] Srv trust act |
[ ] Pwd don't expir | [ ] Auto lockout | [ ] (unknown 0x08) |
[ ] (unknown 0x10) | [ ] (unknown 0x20) | [ ] (unknown 0x40) |
Failed login count: 0, while max tries is: 0
Total login count: 0
** No NT MD4 hash found. This user probably has a BLANK password!
** No LANMAN hash found either. Try login with no password!
...
```
Verify the change by repeating:
```
$ sudo chntpw -l SAM
chntpw version 1.00 140201, (c) Petter N Hagen
Hive name (from header): <\SystemRoot\System32\Config\SAM>
ROOT KEY at offset: 0x001020 * Subkey indexing type is: 686c
File size 65536 [10000] bytes, containing 7 pages (+ 1 headerpage)
Used for data: 346/37816 blocks/bytes, unused: 23/7016 blocks/bytes.
| RID -|---------- Username ------------| Admin? |- Lock? --|
| 01f4 | Administrator | ADMIN | dis/lock |
| 01f7 | DefaultAccount | | dis/lock |
| 03e8 | defaultuser0 | | dis/lock |
| 01f5 | Guest | | dis/lock |
| 03ea | sysadm | ADMIN | *BLANK* |
| 01f8 | WDAGUtilityAccount | | dis/lock |
| 03e9 | WinUser | | |
...
```
The “Lock?” column now shows _BLANK_ for the sysadm user. Type **q** to exit and **y** to write the changes to the SAM file. Reboot the machine into Windows and login using the account (in this case _sysadm_) without a password.
### Features
Furthermore, _chntpw_ can perform basic Windows user administrative tasks. It has the ability to promote the user to the administrators group, unlock accounts, view and modify group memberships, and edit the registry.
#### The interactive menu
_chntpw_ has an easy-to-use interactive menu to guide you through the process. Use the **-i** parameter to launch the interactive menu:
```
$ chntpw -i SAM
chntpw version 1.00 140201, (c) Petter N Hagen
Hive name (from header): <\SystemRoot\System32\Config\SAM>
ROOT KEY at offset: 0x001020 * Subkey indexing type is: 686c
File size 65536 [10000] bytes, containing 7 pages (+ 1 headerpage)
Used for data: 346/37816 blocks/bytes, unused: 23/7016 blocks/bytes.
<>========<> chntpw Main Interactive Menu <>========<>
Loaded hives:
1 - Edit user data and passwords
2 - List groups
- - -
9 - Registry editor, now with full write support!
q - Quit (you will be asked if there is something to save)
```
#### Groups and account membership
To display a list of groups and view its members, select option **2** from the interactive menu:
```
...
What to do? [1] -> 2
Also list group members? [n] y
=== Group # 220 : Administrators
0 | 01f4 | Administrator |
1 | 03ea | sysadm |
=== Group # 221 : Users
0 | 0004 | NT AUTHORITY\INTERACTIVE |
1 | 000b | NT AUTHORITY\Authenticated Users |
2 | 03e8 | defaultuser0 |
3 | 03e9 | WinUser |
=== Group # 222 : Guests
0 | 01f5 | Guest |
=== Group # 223 : Power Users
...
=== Group # 247 : Device Owners
```
#### Adding the user to the administrators group
To elevate the user with administrative privileges press **1** to edit the account, then **3** to promote the user:
```
...
Select: [q] > 3
=== PROMOTE USER
Will add the user to the administrator group (0x220)
and to the users group (0x221). That should usually be
what is needed to log in and get administrator rights.
Also, remove the user from the guest group (0x222), since
it may forbid logins.
(To add or remove user from other groups, please other menu selections)
Note: You may get some errors if the user is already member of some
of these groups, but that is no problem.
Do it? (y/n) [n] : y
Adding to 0x220 (Administrators) …
sam_put_user_grpids: success exit
Adding to 0x221 (Users) …
sam_put_user_grpids: success exit
Removing from 0x222 (Guests) …
remove_user_from_grp: NOTE: group not in users list of groups, may mean user not member at all. Safe. Continuing.
remove_user_from_grp: NOTE: user not in groups list of users, may mean user was not member at all. Does not matter, continuing.
sam_put_user_grpids: success exit
Promotion DONE!
```
#### Editing the Windows registry
Certainly the most noteworthy, as well as the most powerful, feature of chntpw is the ability to edit the registry and write to it. Select **9** from the interactive menu:
```
...
What to do? [1] -> 9
Simple registry editor. ? for help.
> ?
Simple registry editor:
hive [] - list loaded hives or switch to hive number
cd - change current key
ls | dir [] - show subkeys & values,
cat | type - show key value
dpi - show decoded DigitalProductId value
hex - hexdump of value data
ck [] - Show keys class data, if it has any
nk - add key
dk - delete key (must be empty)
ed - Edit value
nv - Add value
dv - Delete value
delallv - Delete all values in current key
rdel - Recursively delete key & subkeys
ek - export key to (Windows .reg file format)
debug - enter buffer hexeditor
st [] - debug function: show struct info
q - quit
```
#### Finding help
As we saw earlier, the **-h** parameter allows us to quickly access a reference guide to the options available with chntpw. The man page contains detailed information and can be accessed with:
```
$ man chntpw
```
Also, if youre interested in a more hands-on approach, spin up a virtual machine. [Windows Server 2019][4] has an evaluation period of 180 days, and [Windows Hyper-V Server 2019][5] is unlimited. Creating a Windows guest VM will provide the basics to modify the Administrator account for testing and learning. For help with quickly creating a guest VM refer to the article [Getting started with virtualization in Gnome Boxes][6].
### Conclusion
_chntpw_ is a hidden gem for Linux administrators and IT professionals alike. While a nifty tool to quickly reset Windows account passwords, it can also be used to troubleshoot and modify local Windows accounts with a no-nonsense feel that delivers. This is perhaps only one such tool for solving the problem, though. If youve experienced this issue and have an alternative solution, feel free to put it in the comments below.
This tool, like many other “hacking” tools, holds with it an ethical responsibility. Even chntpw states:
> NOTE: This program is somewhat hackish! You are on your own!
When using such programs, we should remember the three edicts outlined in the message displayed when running **sudo** for the first time:
1. Respect the privacy of others.
2. Think before you type.
3. With great power comes great responsibility.
* * *
_Photo by _[_Silas Köhler_][7]_ on _[_Unsplash_][8]_,_
--------------------------------------------------------------------------------
via: https://fedoramagazine.org/modifying-windows-local-accounts-with-fedora-and-chntpw/
作者:[Shaun Assam][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://fedoramagazine.org/author/sassam/
[b]: https://github.com/lujun9972
[1]: https://fedoramagazine.org/wp-content/uploads/2019/07/chntpw-816x345.jpg
[2]: https://koji.fedoraproject.org/koji/packageinfo?packageID=6945
[3]: https://fedoramagazine.org/make-fedora-usb-stick/
[4]: https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2019
[5]: https://www.microsoft.com/en-us/evalcenter/evaluate-hyper-v-server-2019
[6]: https://fedoramagazine.org/getting-started-with-virtualization-in-gnome-boxes/
[7]: https://unsplash.com/@silas_crioco?utm_source=unsplash&utm_medium=referral&utm_content=creditCopyText
[8]: https://unsplash.com/search/photos/key-lock?utm_source=unsplash&utm_medium=referral&utm_content=creditCopyText

165
sources/tech/20190720 How to Upgrade Debian 9 (Stretch) to Debian 10 (Buster) via Command Line.md
View File

@ -1,165 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: (robsean)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (How to Upgrade Debian 9 (Stretch) to Debian 10 (Buster) via Command Line)
[#]: via: (https://www.linuxtechi.com/upgrade-debian-9-to-debian-10-command-line/)
[#]: author: (Pradeep Kumar https://www.linuxtechi.com/author/pradeep/)
How to Upgrade Debian 9 (Stretch) to Debian 10 (Buster) via Command Line
======
Hello All!!!, Good to See you! So we saw how to install [Debian 10(Buster)][1] in the previous article. Today, we are going to learn how to upgrade from Debian 9 to Debian 10. Since we have already seen about Debian 10 and its features, lets not go deep into it. But readers who didnt have the chance to read that article, lets give a quick update about Debian 10 and its new features.
<https://www.linuxtechi.com/wp-content/uploads/2019/07/Upgrade-Debian-9-to-Debian-10.jpg>
After almost two years of development, the team at Debian has finally released a stable version of Buster, code name for Debian 10. Buster is a LTS (Long Term Support) version and hence will be supported for the next 5 years by Debian.
### Debian 10 (Buster) New Features
Debian 10 (Buster) comes packed with a lot of new features which could be rewarding to most of the Debian fans out there. Some of the features include:
* GNOME Desktop 3.30
* AppArmor enabled by default
* Supports Linux Kernel 4.19.0-4
* Supports OpenJDk 11.0
* Moved from Nodejs 4-8 to Nodejs 10.15.2
* Iptables replaced by NFTables
and a lot more.
### Step by Step Guide to Upgrade from Debian 9 to Debian 10
Before we start upgrading to Debian 10, lets look at the prerequisites needed for the upgrade:
### Step 1) Debian upgrade prerequisites
* A good internet connection
* Root user permission
* Data backup
It is extremely important to backup all your application code bases, data files, user account details, configuration files, so that you can always revert to the previous version if anything goes wrong during the upgrade.
### Step 2) Upgrade Debian 9 Existing Packages
Next step is to upgrade all your existing packages as any packages that are tagged as held back cannot be upgraded and there is a possibility the upgrade from Debian 9 to Debian 10 may fail or cause some issues. So, lets not take any chances and better upgrade the packages. Use the following code to upgrade the packages:
```
root@linuxtechi:~$ sudo apt update && sudo apt upgrade -y
```
### Step 3) Modify Package Repository file (/etc/sources.list)
Next step is to modify package repository file “/etc/sources.list” where you need to replace the text “Stretch” with the text “Buster”.
But before you change anything, make sure to create a backup of the sources.list file as shown below:
```
root@linuxtechi:~$ sudo cp /etc/apt/sources.list /etc/apt/sources.list.bak
```
Now use below sed commands to replace the text **stretch** with **buster** in package repository file, example is shown below,
```
root@linuxtechi:~$ sudo sed -i 's/stretch/buster/g' /etc/apt/sources.list
root@linuxtechi:~$ sudo sed -i 's/stretch/buster/g' /etc/apt/sources.list.d/*.list
```
Once the text is updated, you need to update the package index like shown below:
```
root@linuxtechi:~$ sudo apt update
```
Before start upgrading  your existing Debian OS , lets verify the current version using the following command,
```
root@linuxtechi:~$ cat /etc/*-release
PRETTY_NAME="Debian GNU/Linux 9 (stretch)"
NAME="Debian GNU/Linux"
VERSION_ID="9"
VERSION="9 (stretch)"
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"
root@linuxtechi:~$
```
### Step 4) Upgrade from Debian 9 to Debian 10
Once you made all the changes, it is time to upgrade from Debian 9 Debian 10. But before that, make sure to update your packages again as shown below:
```
root@linuxtechi:~$ sudo apt update && sudo apt upgrade -y
```
During packages upgrade you will be prompted to start the services, so choose your preferred option
Once all the packages are updated in your system, it is time to upgrade your distribution package. Use the following code to upgrade the distribution:
```
root@linuxtechi:~$ sudo apt dist-upgrade -y
```
The upgrade process may take a few minutes depending upon your internet connection. Remember during the upgrade process, youll also be asked a few questions whether you need to restart the services during the packages are upgraded and whether you need to keep the existing configurations files. If you dont want to make any custom changes, simply type “Y” and let the upgrade process continue.
### Step 5) Verify Upgrade
Once the upgrade process is completed, reboot your machine and check the version using the following command:
```
root@linuxtechi:~$ lsb_release -a
```
If you get the output as shown below:
```
Distributor ID: Debian
Description: Debian GNU/Linux 10 (buster)
Release: 10
Codename: buster
root@linuxtechi:~$
```
Yes, you have successfully upgraded from Debian 9 to Debian 10.
Alternate way to verify upgrade
```
root@linuxtechi:~$ cat /etc/*-release
PRETTY_NAME="Debian GNU/Linux 10 (buster)"
NAME="Debian GNU/Linux"
VERSION_ID="10"
VERSION="10 (buster)"
VERSION_CODENAME=buster
ID=debian
HOME_URL="https://www.debian.org/"
SUPPORT_URL="https://www.debian.org/support"
BUG_REPORT_URL="https://bugs.debian.org/"
root@linuxtechi:~$
```
### Conclusion
Hope the above step by step guide provided you with all the information needed to upgrade from Debian 9(Stretch) to Debian 10 (Buster) easily. Please give us your feedback, suggestions and your experiences with the all new Debian 10 in the comments section. For more such Linux tutorials and articles, keep visiting LinuxTechi.com every now and then.
--------------------------------------------------------------------------------
via: https://www.linuxtechi.com/upgrade-debian-9-to-debian-10-command-line/
作者:[Pradeep Kumar][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.linuxtechi.com/author/pradeep/
[b]: https://github.com/lujun9972
[1]: https://www.linuxtechi.com/debian-10-buster-installation-guide/

169
sources/tech/20190722 How to run virtual machines with virt-manager.md
View File

@ -1,169 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (How to run virtual machines with virt-manager)
[#]: via: (https://fedoramagazine.org/full-virtualization-system-on-fedora-workstation-30/)
[#]: author: (Marco Sarti https://fedoramagazine.org/author/msarti/)
How to run virtual machines with virt-manager
======
![][1]
In the beginning there was dual boot, it was the only way to have more than one operating system on the same laptop. At the time, it was difficult for these operating systems to be run simultaneously or interact with each other. Many years passed before it was possible, on common PCs, to run an operating system inside another through virtualization.
Recent PCs or laptops, including moderately-priced ones, have the hardware features to run virtual machines with performance close to the physical host machine.
Virtualization has therefore become normal, to test operating systems, as a playground for learning new techniques, to create your own home cloud, to create your own test environment and much more. This article walks you through using Virt Manager on Fedora to setup virtual machines.
### Introducing QEMU/KVM and Libvirt
Fedora, like all other Linux systems, comes with native support for virtualization extensions. This support is given by KVM (Kernel based Virtual Machine) currently available as a kernel module.
QEMU is a complete system emulator that works together with KVM and allows you to create virtual machines with hardware and peripherals.
Finally [libvirt][2] is the API layer that allows you to administer the infrastructure, ie create and run virtual machines.
The set of these three technologies, all open source, is what were going to install on our Fedora Workstation.
### Installation
#### Step 1: install packages
Installation is a fairly simple operation. The Fedora repository provides the “virtualization” package group that contains everything you need.
```
```
sudo dnf install @virtualization
```
```
#### Step 2: edit the libvirtd configuration
By default the system administration is limited to the root user, if you want to enable a regular user you have to proceed as follows.
Open the /etc/libvirt/libvirtd.conf file for editing
```
```
sudo vi /etc/libvirt/libvirtd.conf
```
```
Set the domain socket group ownership to libvirt
```
```
unix_sock_group = "libvirt"
```
```
Adjust the UNIX socket permissions for the R/W socket
```
```
unix_sock_rw_perms = "0770"
```
```
#### Step 3: start and enable the libvirtd service
```
```
sudo systemctl start libvirtd
sudo systemctl enable libvirtd
```
```
#### Step 4: add user to group
In order to administer libvirt with the regular user you must add the user to the libvirt group, otherwise every time you start virtual-manager you will be asked for the password for sudo.
```
```
sudo usermod -a -G libvirt $(whoami)
```
```
This adds the current user to the group. You must log out and log in to apply the changes.
### Getting started with virt-manager
The libvirt system can be managed either from the command line (virsh) or via the virt-manager graphical interface. The command line can be very useful if you want to do automated provisioning of virtual machines, for example with [Ansible][3], but in this article we will concentrate on the user-friendly graphical interface.
The virt-manager interface is simple. The main form shows the list of connections including the local system connection.
The connection settings include virtual networks and storage definition. it is possible to define multiple virtual networks and these networks can be used to communicate between guest systems and between the guest systems and the host.
### Creating your first virtual machine
To start creating a new virtual machine, press the button at the top left of the main form:
![][4]
The first step of the wizard requires the installation mode. You can choose between a local installation media, network boot / installation or an existing virtual disk import:
![][5]
Choosing the local installation media the next step will require the ISO image path:
![ ][6]
The subsequent two steps will allow you to size the CPU, memory and disk of the new virtual machine. The last step will ask you to choose network preferences: choose the default network if you want the virtual machine to be separated from the outside world by a NAT, or bridged if you want it to be reachable from the outside. Note that if you choose bridged the virtual machine cannot communicate with the host machine.
Check “Customize configuration before install” if you want to review or change the configuration before starting the setup:
![][7]
The virtual machine configuration form allows you to review and modify the hardware configuration. You can add disks, network interfaces, change boot options and so on. Press “Begin installation” when satisfied:
![][8]
At this point you will be redirected to the console where to proceed with the installation of the operating system. Once the operation is complete, you will have the working virtual machine that you can access from the console:
![][9]
The virtual machine just created will appear in the list of the main form, where you will also have a graph of the CPU and memory occupation:
![][10]
libvirt and virt-manager is a powerful tool that allows great customization to your virtual machines with enterprise level management. If something even simpler is desired, note that Fedora Workstation comes with [GNOME Boxes pre-installed and can be sufficient for basic virtualization needs][11].
--------------------------------------------------------------------------------
via: https://fedoramagazine.org/full-virtualization-system-on-fedora-workstation-30/
作者:[Marco Sarti][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://fedoramagazine.org/author/msarti/
[b]: https://github.com/lujun9972
[1]: https://fedoramagazine.org/wp-content/uploads/2019/07/virt-manager-816x346.jpg
[2]: https://libvirt.org/
[3]: https://fedoramagazine.org/get-the-latest-ansible-2-8-in-fedora/
[4]: https://fedoramagazine.org/wp-content/uploads/2019/07/Screenshot-from-2019-07-14-09-41-45.png
[5]: https://fedoramagazine.org/wp-content/uploads/2019/07/Screenshot-from-2019-07-14-09-30-53.png
[6]: https://fedoramagazine.org/wp-content/uploads/2019/07/Screenshot-from-2019-07-14-10-42-39.png
[7]: https://fedoramagazine.org/wp-content/uploads/2019/07/Screenshot-from-2019-07-14-10-43-21.png
[8]: https://fedoramagazine.org/wp-content/uploads/2019/07/Screenshot-from-2019-07-14-10-44-58.png
[9]: https://fedoramagazine.org/wp-content/uploads/2019/07/Screenshot-from-2019-07-14-10-55-35.png
[10]: https://fedoramagazine.org/wp-content/uploads/2019/07/Screenshot-from-2019-07-14-11-09-22.png
[11]: https://fedoramagazine.org/getting-started-with-virtualization-in-gnome-boxes/

230
sources/tech/20190723 8 Best Open Source CRM Software.md
View File

@ -1,230 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (8 Best Open Source CRM Software)
[#]: via: (https://itsfoss.com/best-open-source-crm/)
[#]: author: (Ankush Das https://itsfoss.com/author/ankush/)
8 Best Open Source CRM Software
======
_**In this article, we list some of the best open source CRM software available for small and medium sized businesses.**_
### What is CRM?
CRM stands for [Customer Relationship Management][1]. A CRM software enables the companies to interact with their potential and existing customers, understand and manage their requirement. This improved the relation of the organization with customer and you know that a happy customer brings profitability to the business.
No matter how big your team is (small business or a big firm), a CRM software always comes in handy when you want to keep things organized in your business.
You may avoid a CRM software for a couple of employees when you start a business. However, to streamline the process and make the work efficient and fast you will eventually need a CRM software.
But, what about the level of control (or security) in a CRM software? Do you want a transparent CRM software which you can take control of?
Well, that is when an open source CRM software comes into play. You can host it yourself, and you can customize it as per your requirements. You may also opt for the hosted version where you dont have to manage it yourself.
In this article, we talk about some of the best open-source CRM software I have found.
### Best Free and Open Source CRM Software
![][2]
Let me clarify something. CRM is intended for businesses and when there is a software created for business organizations, the developers would also like to make money. This is why almost all of the free and open source software also have their paid enterprise versions available.
While you can download the open source version and host it on your own Linux based server, the enterprise versions are hosted by the developers themselves so that you dont have to manage it. Some enterprise versions also provide premium features that are not available for the open source versions. Ticket support is also a feature available only for the enterprise versions.
I have tried to highlight their premium features in the list. Of course, t_he list below is in no particular order of ranking._
#### 1\. SuiteCRM
![Suitecrm Hosting][3]
Key Highlights:
* Sever-basis charge instead of per-user subscription for hosted service
* Open-source
* Affordable managed hosting plans
* Supports third party integration
* 7-days free trial
SuiteCRM was originally inspired (and forked) from SugarCRMs open-source version. Well, that is no longer available. So, SuiteCRM is the open source alternative for organizations who utilized SugarCRM earlier.
[][4]
Suggested read  Use Do Not Disturb Mode in Ubuntu With NoNotifications
In addition to all the essential features a CRM has to offer, SuiteCRM offers some great affordable managed hosting deals for organizations. With an impressive pricing plan (on server-basis with unlimited users), [SuiteCRM takes aim at Salesforce][5] which is promising.
[SuiteCRM][6]
#### 2\. Odoo
![][7]
Key Highlights:
* Open-source edition available
* Enterprise edition pricing on a per-user basis
* Wide variety of third party integrations
* 15-days free trial
Odoo is yet another popular open-source CRM solution. However, in contrast to SuitCRM, you will observe the pricing plan per user. So, if you are just starting out with a lot of users you might find it a bit pricey.
The third-party integrations can be done easily and you can find the pricing for each app/integration when purchasing a subscription. You can either opt for the open source community edition or purchase the enterprise edition.
[Odoo][8]
#### 3\. Vtiger
![][9]
Key Highlights:
* Open source edition based on SugarCRM
* Separate pricing plans for Marketing, Sales, Help desk or all-in-one
* Regional pricing available for some countries like India
* Per-user pricing
Vtiger offers a cloud version and an open source version. Of course, if you opt for the open source version, you get to host it yourself and manage it all by yourself or hire a team.
After observing the pricing plan, the managed cloud version obviously looks promising. with separate pricing plans for sales, marketing, and help desk. However, if you have the required technical expertise, the open-source version is good enough as well. Also, it was interesting to see a regional pricing plan for India because they have an office here.
[Vtiger][10]
#### 4\. ConcourseSuite
![][11]
Key Highlights:
* Offers a separate (but outdated) open source community edition
* Provides a 5-user trial plan for the latest version
ConcourseSuite is a simple CRM which offers open-source version as well. The community edition (or the open-source version) is outdated which you can still utilize as a basic CRM.
In case you want the latest version (which is the enhanced version of the community edition), you will have to opt for a 5-user trial or purchase the enterprise/cloud version. I couldnt find a clear pricing plan but its pricing page did mention $10,000 for unlimited users. So, you will probably find out about it after trying out the trial.
[ConcourseSuite][12]
#### 5\. EspoCRM
![][13]
Key Highlights:
* The ability to switch to on-premise anytime.
* Actively maintained open source (self-hosted) package.
EspoCRM is new to the scene and it is an impressive CRM software. You can download it for free and host it yourself or opt for the cloud solution where they do it for you.
[][14]
Suggested read  10 Amazing Websites Every Linux Gamer Must Follow
They have got a detailed [documentation][15] in case you want to try it yourself. Also, if you want to go with the cloud solution you can always switch to on-premise anytime you want. I guess that makes it a bit more appealing.
[EspoCRM][16]
#### 6\. Axelor CRM
![Axelor Crm][17]
Key Highlights:
* A complete suite of ERP, CRM, and BPM.
* Mobile apps for Android and iOS
Axelor is normally a complete suite of ERP, CRM, and BPM. Here, we talk about the CRM which is an incredible open source CRM available out there.
In addition to the web app, it also offers mobiles apps for Android and iOS. So, no matter you host it yourself or purchase a subscription for managed hosting Axelor CRM is a great choice to keep up across multiple platforms.
#### 7\. Crust CRM (Corteza)
![][18]
Key Highlights:
* A unified open source solution
* Recently launched with latest features on board
[Crust CRM][19] is one of the best enterprise-level Slack/Salesforce alternatives. Well, the primary aim of Crust CRM is to provide you a unified platform.
Crust CRM offers a community edition “Corteza” which is open-source in nature with all the latest features that you get with Crust CRM. It has been recently launched so you can expect it to be compatible with a lot of services. You need to go through the [technical documentation][20] to set it up.
[Corteza][21]
#### 8\. X2CRM
![][22]
Key Highlights:
* The open-source package is no longer actively maintained but available.
* On-premise and hosted options available
X2CRM is yet another convincing open source solution. The open source package includes all the modules (Sales, Marketing, and Support).
However, do note that the open source package isnt actively maintained anymore so if you want the latest and greatest features, you will have to purchase it. You can let them manage everything (hosted solution) or you get to manage everything and opt for their support and optimization services (on-premise).
[X2CRM][23]
### Wrapping Up
I had made the [list of best open source CMS][24] earlier. You may read that to get some ideas about which open source technology to use for creating your business website.
Coming back to CRM, if you would ever consider trying out an open source CRM, these are the best ones I would recommend. Did I miss one of your favorites? Let us know about it in the comments down below.
--------------------------------------------------------------------------------
via: https://itsfoss.com/best-open-source-crm/
作者:[Ankush Das][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://itsfoss.com/author/ankush/
[b]: https://github.com/lujun9972
[1]: https://en.wikipedia.org/wiki/Customer_relationship_management
[2]: https://i1.wp.com/itsfoss.com/wp-content/uploads/2019/07/open-source-crm-software.png?resize=800%2C450&ssl=1
[3]: https://i1.wp.com/itsfoss.com/wp-content/uploads/2019/05/suitecrm-hosting.jpg?resize=800%2C457&ssl=1
[4]: https://itsfoss.com/do-not-disturb-mode-ubuntu/
[5]: https://itsfoss.com/suitecrm-ondemand/
[6]: https://suitecrm.com/
[7]: https://i2.wp.com/itsfoss.com/wp-content/uploads/2019/07/odoocrm.jpg?fit=800%2C384&ssl=1
[8]: https://www.odoo.com/page/crm
[9]: https://i2.wp.com/itsfoss.com/wp-content/uploads/2019/07/vtiger.jpg?fit=800%2C419&ssl=1
[10]: https://www.vtiger.com/
[11]: https://i0.wp.com/itsfoss.com/wp-content/uploads/2019/07/concoursesuite-crm.jpg?fit=800%2C629&ssl=1
[12]: https://www.concursive.com/show/concoursesuite/wiki/How+to+Get+ConcourseSuite
[13]: https://i2.wp.com/itsfoss.com/wp-content/uploads/2019/07/espo-crm.jpg?ssl=1
[14]: https://itsfoss.com/best-linux-gaming-websites/
[15]: https://github.com/espocrm/documentation
[16]: https://www.espocrm.com/
[17]: https://i1.wp.com/itsfoss.com/wp-content/uploads/2019/07/axelor-crm.jpg?fit=800%2C526&ssl=1
[18]: https://i1.wp.com/itsfoss.com/wp-content/uploads/2019/07/corteza.jpg?resize=800%2C417&ssl=1
[19]: https://www.crust.tech/products/crust-crm/
[20]: https://github.com/cortezaproject/corteza-docs
[21]: https://cortezaproject.org/
[22]: https://i1.wp.com/itsfoss.com/wp-content/uploads/2019/07/x2crm.png?ssl=1
[23]: https://x2crm.com/download
[24]: https://itsfoss.com/open-source-cms/

119
sources/tech/20190723 How to Create a User Account Without useradd Command in Linux.md
View File

@ -1,119 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (How to Create a User Account Without useradd Command in Linux?)
[#]: via: (https://www.2daygeek.com/linux-user-account-creation-in-manual-method/)
[#]: author: (Magesh Maruthamuthu https://www.2daygeek.com/author/magesh/)
How to Create a User Account Without useradd Command in Linux?
======
There are three commands are available in Linux to create an user account.
Did you ever tried to create a user account in Linux using manual method?
I mean to say without using an above three commands.
If you dont know how to do that? we are here to help you on this and will show you in details.
Have you wondering, how its possible? If yes, dont worry, as we have mentioned many times that anything can be done on Linux. It is one of the example.
Yes, we can create it. Are you excited to know more it?
* **[Three Methods To Create A User Account In Linux?][1]**
* **[Two Methods To Create Bulk Users In Linux][2]**
I dont want to you to wait any more. Lets do it right away.
To do so, first, we need to find out last created UID and GID information. Once you have these information handy then proceed to next step.
```
# cat /etc/passwd | tail -1
tuser1:x:1153:1154:Test User:/home/tuser1:/bin/bash
```
Based on the above output. Last created user UID is 1153 and GID is 1154. To experiment this, we are going to add `tuser2` in the system.
Now, add an entry of user details in /etc/passwd. There are seven fields exist and you need to add required details.
```
+-----------------------------------------------------------------------+
|username:password:UID:GID:Comments:User Home Directory:User Login Shell|
+-----------------------------------------------------------------------+
| | | | | | |
1 2 3 4 5 6 7
1- Username: This field indicates the User name. Characters length should be between 1 to 32.
2- Password (x): It indicates that encrypted password is stored at /etc/shadow file.
3- User ID: It indicates the user ID (UID) each user should be contain unique UID. UID (0-Zero) is reserved for root, UID (1-99) reserved for system users and UID (100-999) reserved for system accounts/groups
4- Group ID (GID): It indicates the group ID (GID) each group should be contain unique GID is stored at /etc/group file.
5- Comment/User ID Info: It indicates the command field. This field can be used to describe the user information.
6- Home directory (/home/$USER): It indicates the user's home directory.
7- shell (/bin/bash): It indicates the user's shell.
```
Add the user information in end of the file.
```
# vi /etc/passwd
tuser2:x:1154:1155:Test User2:/home/tuser2:/bin/bash
```
You have to create a group with same name. So, add a group details in /etc/group file as well.
```
# vi /etc/group
tuser2:x:1155:
```
Once you done the above two steps, then set a password for user.
```
# passwd tuser2
Changing password for user tuser2.
New password:
Retype new password:
passwd: all authentication tokens updated successfully.
```
Finally, try to login with newly created user.
```
# ssh [email protected]
[email protected]'s password:
Creating directory '/home/tuser2'.
$ls -la
total 16
drwx------. 2 tuser2 tuser2 59 Jun 17 09:46 .
drwxr-xr-x. 15 root root 4096 Jun 17 09:46 ..
-rw-------. 1 tuser2 tuser2 18 Jun 17 09:46 .bash_logout
-rw-------. 1 tuser2 tuser2 193 Jun 17 09:46 .bash_profile
-rw-------. 1 tuser2 tuser2 231 Jun 17 09:46 .bashrc
```
--------------------------------------------------------------------------------
via: https://www.2daygeek.com/linux-user-account-creation-in-manual-method/
作者:[Magesh Maruthamuthu][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.2daygeek.com/author/magesh/
[b]: https://github.com/lujun9972
[1]: https://www.2daygeek.com/linux-user-account-creation-useradd-adduser-newusers/
[2]: https://www.2daygeek.com/linux-bulk-users-creation-useradd-newusers/

35
published/20190211 Introducing kids to computational thinking with Python.md → translated/talk/20190211 Introducing kids to computational thinking with Python.md
View File

@ -1,8 +1,8 @@
[#]: collector: (lujun9972)
[#]: translator: (WangYueScream)
[#]: reviewer: (wxy)
[#]: publisher: (wxy)
[#]: url: (https://linux.cn/article-11116-1.html)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Introducing kids to computational thinking with Python)
[#]: via: (https://opensource.com/article/19/2/break-down-stereotypes-python)
[#]: author: (Don Watkins https://opensource.com/users/don-watkins)
@ -11,37 +11,40 @@
利用 Python 引导孩子的计算机思维
========================
> 编程可以给低收入家庭的学生提供足够的技能信心和知识,进而让他们摆脱因为家庭收入低带来的经济和社会地位上的劣势。
编程可以给低收入家庭的学生提供足够的技能信心和知识,进而让他们摆脱因为家庭收入低带来的经济和社会地位上的劣势。
![](https://img.linux.net.cn/data/attachment/album/201907/17/231228k3t9skntnlst59h9.jpg)
![](https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/idea_innovation_kid_education.png?itok=3lRp6gFa)
尽管暑假期间底特律公共图书馆的[帕克曼分部][1]挤满了无聊的孩子并且占用了所有的电脑,图书馆工作人员并不觉得这会是个问题,反而更多是一个机会。他们成立一个名为 [Parkman Coders][2] 的编程社团,社团以 [Qumisha Goss][3] 为首,她是图书管理员,也负责利用 Python 的魔力引导弱势儿童的计算机思维。
四年前 [Qumisha Goss][3] 刚发起 Parkman Coders 计划的时候, “Q”(代表她)并不是太懂编程。之后她通过努力成为图书馆里教学和技术方面的专家和树莓派认证讲师。
四年前 [Qumisha Goss][3] 刚发起 Parkman Coders 计划的时候, “Q” 并不是太懂编程。之后她通过努力成为图书馆里教学和技术方面的专家和 Raspberry Pi 认证讲师。
社团最开始采用 [Scratch][4] 教学但很快学生就对这种图形化的块编程感到乏味他们觉得这就是个“婴儿玩具”。Q 坦言,“我们意识到是时候需要在课程内容这方面做些改变了,如果是为了维持课程内容对初学者的友好性继续选择 Scratch 教学,这无疑会影响孩子们后期继续保持对编程的关注。”因此,她开始教授孩子们 Python。
Q 是在 [Code.org][5] 平台玩地牢骷髅怪物这个关卡的时候第一次接触到 Python。她最开始是通过 [Python Programming: An Introduction to Computer Science][6][Python for Kids][7] 这两本书学习 Python。她也推荐 [Automate the Boring Stuff with Python][8][Lauren Ipsum: A Story about Computer Science and Other Improbable Things][9] 这两本书。
Q 是在 [Code.org][5] 平台玩地牢骷髅怪物这个关卡的时候第一次接触到 Python。她最开始是通过 [Python Programming: An Introduction to Computer Science][6] 和 [Python for Kids][7] 这两本书学习 Python。她也推荐 [Automate the Boring Stuff with Python][8] 和 [Lauren Ipsum: A Story about Computer Science and Other Improbable Things][9] 这两本书。
### 建立一个基于树莓派的创客空间
Q 决定使用[树莓派][10]电脑来避免学生可能会因为自己的不当操作对图书馆的电脑造成损害,而且这些电脑因为便携性等问题也不方便用来构建组成一个创客空间。[树莓派][10]的购买价格加上它的灵活性和便携性包括生态圈里面的一些适合教学的自由免费软件,让大家更能感受到她的决策的可行性和可靠性。
### 建立一个基于 Raspberry Pi 的创客空间
虽然图书馆发起 [Parkman Coders][2] 社区计划的本意是通过努力创造一个吸引孩子们的学习空间,进而维持图书馆的平和,但社区发展的很快,很受大家欢迎,以至于这座建立于 1921 的大楼的空间,电脑和插座都不够用了。他们最开始是 20 个孩子共享 10 台[树莓派][10]来进行授课,但后来图书馆陆续收到了来自个人和公司比如 Microsoft、4H和 Detroit Public Library Foundation 的资金援助从而能够购买更多设备以支撑社区的进一步壮大发展。
目前,每节课程大概有 40 个孩子参加,而且图书馆也有了足够的[树莓派][10]让参与者人手一台设备甚至还可以送出去一些。鉴于不少 [Parkman Coders][2] 的参与者来自于低收入家庭,图书馆也能提供别人捐赠的 Chromebooks 给他们使用
Q 决定使用 [Raspberry Pi][10] 电脑来避免学生可能会因为自己的不当操作对图书馆的电脑造成损害,而且这些电脑因为便携性等问题也不方便用来构建组成一个创客空间。[Raspberry Pi][10] 的购买价格加上它的灵活性和便携性包括生态圈里面的一些适合教学的自由免费软件,让大家更能感受到她的决策的可行性和可靠性
Q 说,“当孩子们的表现可以证明他们能够很好的使用[树莓派][10]或者 [Microbit][11] 而且定期来参加课程,我们也会提供设备允许他们可以带回家练习。但即便这样也还是会遇到很多问题,比如他们在家无法访问网络或者没有显示器、键盘、鼠标等外设。”
虽然图书馆发起 [Parkman Coders][2] 社区计划的本意是通过努力创造一个吸引孩子们的学习空间进而维持图书馆的平和,但社区发展的很快,很受大家欢迎以至于这座建立于 1921 的大楼的空间,电脑和插座都不够用了。他们最开始是 20 个孩子共享 10 台 [Raspberry Pi][10] 来进行授课,但后来图书馆陆续收到了来自个人和公司比如 Microsoft4H和 Detroit Public Library Foundation 的资金援助从而能够购买更多设备以支撑社区的进一步壮大发展。
目前,大概有 40 个孩子参加了每节课程而且图书馆也有了足够的 [Raspberry Pi][10] 让参与者人手一台设备甚至还可以分发出去。鉴于不少 [Parkman Coders][2] 的参与者来自于低收入家庭,图书馆也能提供别人捐赠的 Chromebooks 给他们使用。
Q 说,“当孩子们的表现可以证明他们能够很好的使用 [Raspberry Pi][10] 或者 [Microbit][11] 而且定期来参加课程,我们也会提供设备允许他们可以带回家练习。但即便这样也还是会遇到很多问题,比如他们在家无法访问网络或者没有显示器,键盘,鼠标等外设。”
### 利用 Python 学习生存技能,打破束缚
Q 说,“我认为教授孩子们计算机科学的主要目的是让他们学会批判性思考和解决问题的能力。我希望随着孩子们长大成人,不管他们选择在哪个领域继续发展他们的未来,这些经验教训都会一直伴随他们成长。此外,我也希望这个课程能够激发孩子们对创造的自豪感。能够清楚的意识到‘这是我做的’是一种很强烈、很有用的感受。而且一旦孩子们越早能够有这种成功的体验,我相信未来的路上他们都会满怀热情迎接新的挑战而不是逃避。”
Q 说,“我认为教授孩子们计算机科学的主要目的是让他们学会批判性思考和解决问题的能力。我希望随着孩子们长大成人,不管他们选择在哪个领域继续发展他们的未来,这些经验教训都会一直伴随他们成长。此外,我也希望这个课程能够激发孩子们对创造的自豪感。能够清楚的意识到‘这是我做的’是一种很强烈很有用的感受。而且一旦孩子们越早能够有这种成功的体验,我相信未来的路上他们都会满怀热情迎接新的挑战而不是逃避。”
她继续分享道,“在学习编程的过程中,你不得不对单词的拼写和大小写高度警惕。受限于孩子年龄,有时候阅读认知会是个大问题。为了确保课程受众的包容性,我们会在授课过程中大声拼读,同样我们也会极力鼓励孩子们大声说出他们不知道的或者不能正确拼写的单词,以便我们纠正。”
Q 也会尝试尽力去给需要帮助的孩子们更多的关注。她解释道,“如果我确认有孩子遇到困难不能跟上我们的授课进度,我们会尝试在课下时间安排老师辅导帮助他,但还是会允许他们继续参加编程。我们想帮助到他们而不是让他们因为挫败而沮丧的不参与进来。”
Q 也会尝试尽力去给需要帮助的孩子们更多的关注。她解释道,“如果我确认有孩子遇到困难不能跟上我们的授课进度,我们会尝试在课下时间安排老师辅导帮助他,但还是会允许他们继续参加编程。我们想帮助到他们而不是让他们因为挫败而沮丧的不参与进来。”
最重要的是,[Parkman Coders][2] 计划所追求的是能够帮助每个孩子认识到每个人都会有独特的技能和能力。参与进来的大部分孩子都是非裔美国人一半是女孩。Q 直言,“我们所生活在的这个世界,我们成长的过程中,伴随着各种各种的社会偏见,这些都常常会限制我们对自己所能达到的成就的准确认知。”她坚信孩子们需要一个没有偏见的空间,“他们可以尝试很多新事物,不会因为担心犯错责骂而束手束脚,可以放心大胆的去求知探索。”
最重要的是, [Parkman Coders][2] 计划所追求的是能够帮助每个孩子认识到每个人都会有独特的技能和能力。参与进来的大部分孩子都是非裔美国人一半是女孩。Q 直言,“我们所生活在的这个世界,我们成长的过程中,伴随着各种各种的社会偏见,这些都常常会限制我们对自己所能达到的成就的准确认知。”她坚信孩子们需要一个没有偏见的空间,“他们可以尝试很多新事物,不会因为担心犯错责骂而束手束脚,可以放心大胆的去求知探索。”
Q 和 [Parkman Coders][2] 计划所营造的环境氛围能够帮助到参与者摆脱低家庭收入带来的劣势。如果说社区能够发展壮大到今天的规模真有什么独特秘诀的话那大概就是Q 解释道,“确保你有一个令人舒适的空间,充满了理解与宽容,这样大家才会被吸引过来。让来的人不忘初心,做好传道受业解惑的准备;当大家参与进来并感觉到充实愉悦,自然而然会想要留下来。”
@ -53,7 +56,7 @@ via: https://opensource.com/article/19/2/break-down-stereotypes-python
作者:[Don Watkins][a]
选题:[lujun9972][b]
译者:[WangYueScream](https://github.com/WangYueScream)
校对:[wxy](https://github.com/wxy)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出

139
translated/tech/20180406 MX Linux- A Mid-Weight Distro Focused on Simplicity.md Normal file
View File

@ -0,0 +1,139 @@
MX Linux: 一款专注于简洁性的发行版
======
![](https://www.linux.com/sites/lcom/files/styles/rendered_file/public/mxlinux.png?itok=OLjmCxT9)
Linux 有着如此多种的发型版。许多发行版为了使自己与众不同而做出了很多改变。另一方面,许多发行版之间的区别又是如此之小,你可能会问为什么有人还愿意不厌其烦的重复别人已经做过的工作呢?也正是基于这一疑惑,让我好奇为什么 [antiX][1] 和 [MEPIS][2]这两个社区要联合推出一个特殊的发行版,考虑到具体情况应该会是一个搭载 Xfce 桌面并基于 antiX 的版本,由 MEPIS 社区承担开发。
这一开发中的使用 Xfce 桌面的 antiX 系统是否会基于他之前的发行版呢毕竟antiX 旨在提供一个“快速、轻量级、易于安装的、支持linux live CD 且基于Debian Stable的发行版”。antiX 所搭载的桌面是 [LXDE][3],能够极好的满足关于轻量化系统的相关要求和特性。那究竟是什么原因使得 antiX 决定构建另一个轻量化发行版呢,仅仅是因为这次换成了 Xfce 吗好吧Linux 社区中的任何人都知道,差异之处体现了不同版本的特性,一个好的轻量级发行版是值得一试的(特别是可以使得我们的旧硬件摆脱进入垃圾填埋场的宿命)。当然LXDE 和 Xfce 并不完全属于同一类别。LXDE应该被认为是一个真正的轻量级桌面而 Xfce 应该被认为是一个中等重量的桌面。朋友们,这就是为什么 MX Linux 是 antiX 的一个重要迭代的关键。一个基于Debian的中等体量的发行版它包含你完成工作所需的所有工具。
但是在 MX linux 中有一些直接从 antiX 借用来的非常有用的东西—那就是安装工具。当我第一次设置VirtualBox 的虚拟机来安装 MX Linux 时我认为安装将是我已经习惯的典型的、非常简单的Linux安装。令我非常惊讶的是MX Linux 使用的 antiX 安装程序打破了以往的痛点,特别是对于那些对尝试 Linux 持观望态度的人来说。
因此,甚至在我开始尝试 MX Linux 之前,我就对它有了深刻的印象。让我们来看看是什么让这个发行版的安装如此特别,最后再来看看桌面。
你可以从[这里][4]下载 MX Linux 17.1。系统的最低要求是:
* CD/DVD驱动器(以及能够从该驱动器引导的BIOS)或活动USB(以及能够从USB引导的BIOS)
* 英特尔 i486 或 AMD 处理器
* 512 MB 内存
* 5 GB 硬盘空间
* 扬声器AC97 或 HDA-compatible 声卡
* 作为一个 LiveUSB 使用,需要 4 GB 空间
### 安装
MX Linux安装程序使安装 Linux 变得轻而易举。虽然它可能不是外观最现代化的安装工具,但也已经差不多了。安装的要点是从选择磁盘和选择安装类型开始的(图1)。
![install][6]
图1:MX Linux 的安装程序截图之一。
[Used with permission][7]
下一个重要的界面(图2)要求你为MS网络设置一个计算机名称、域名和(如果需要的话)工作组。
配置工作组的能力是真正值得称赞的第一项。这是我记忆中第一款在安装期间提供此选项的发行版。它还应该提示你MX Linux 提供了开箱即用共享目录的功能。它做到了,而且深藏功与名。它并不完美,但它可以在不需要安装任何额外包的情况下工作(稍后将详细介绍)。
最后一个重要的安装界面(需要用户交互)是创建用户帐户和 root 权限的密码(图3)。
![user][9]
图3:设置用户帐户详细信息和 root 用户密码。
[Used with permission][7]
最后一个界面设置完成后安装将完成并要求重新启动。重启后你将看到登录屏幕。登录并享受MX Linux 带来的体验。
### 使用
Xfce桌面是一个非常容易上手的界面。默认设置将面板位于屏幕的左边缘(图4)。
![desktop ][11]
图4: MX Linux 的默认桌面。
[Used with permission][7]
如果你想将面板移动到更传统的位置,右键单击面板上的空白点,然后单击面板>面板首选项。在生成的窗口中(图5),单击样式下拉菜单,在桌面栏、垂直栏或水平栏之间进行选择你想要的模式。
![panel][13]
图5:配置 MX Linux 面板。
[Used with permission][7]
桌面栏和垂直选项的区别在于,在桌面栏模式下,面板垂直对齐,就像在垂直模式下一样,但是插件是水平放置的。这意味着你可以创建更宽的面板(用于宽屏布局)。如果选择水平布局,它将默在顶部,然后你必须取消锁定面板,单击关闭,然后(使用面板左侧边缘的拖动手柄)将其拖动到底部。你可以回到面板设置窗口并重新锁定面板。
除此之外,使用 Xfce 桌面对于任何级别的用户来说都是无需动脑筋的事情……就是这么简单。你会发现很多生产力代表的软件(LibreOffice, Orage日历,PDF-Shuffler)、图像软件(GIMP)、通信(Firefox,Thunderbird,HexChat),多媒体(Clementine、guvcview SMTube, VLC媒体播放器),和一些 MX Linux 专属的工具(称为MX工具,涵盖了 live-USB 驱动器制作工具,包管理工具,repo 管理工具,回购经理,live ISO 快照工具,等等)。
![sharing][15]
图6:向网络共享一个目录。
[Used with permission][7]
### Samba
让我们讨论一下如何将文件夹共享到你的网络。正如我所提到的,你不需要安装任何额外的包就可以使其正常工作。只需打开文件管理器,右键单击任何位置,并选择网络上的共享文件夹。系统将提示你输入管理密码(已在安装期间设置)。验证成功之后Samba服务器配置工具将打开(图6)。
![sharing][17]
图7在MX Linux上配置共享。
[Used with permission][7]
单击+按钮并配置你的共享。你将被要求指定一个目录,为共享提供一个名称/描述,然后决定该共享是否可写且可见(图7)。
当你单击 Access 选项时,你可以选择是让每个人都访问共享,还是限于特定的用户。问题就出在这里。此时,没有用户可以共享。为什么?因为它们还没有被添加。,有两种方法可以把它们添加到共享:从命令行或使用我们已经打开的工具。让我们用一种更为简单的方法。在Samba服务器配置工具的主窗口中单击Preferences > Samba Users。在弹出的窗口中单击 Add user。
将出现一个新窗口(图8)你需要从下拉框中选择用户输入Windows用户名并为用户键入/重新键入密码。
![Samba][19]
图8:向 Samba 添加用户。
[Used with permission][7]
一旦你单击确定,用户将被添加,并且基于你的网络的对用户的共享功能也随之启用。创建 Samba 共享从未变得如此容易。
### 结论
MX Linux 使任何从桌面操作系统转到 Linux 都变得非常简单。尽管有些人可能会觉得桌面界面不太现代但发行版的主要关注点不是美观而是简洁。为此MX Linux 以出色的方式取得了成功。Linux 的这种特性可以让任何人在使用 Linux 的过程中感到宾至如归。尝试这一中等体量的发行版,看看它能否作为你的日常系统。
从Linux 基金会和 edX 的[“Linux入门”][20]课程了解更多关于Linux的知识。
--------------------------------------------------------------------------------
via: https://www.linux.com/learn/intro-to-linux/2018/4/mx-linux-mid-weight-distro-focused-simplicity
作者:[JACK WALLEN][a]
译者:[qfzy1233](https://github.com/qfzy1233)
校对:[校对者ID](https://github.com/校对者ID)
选题:[lujun9972](https://github.com/lujun9972)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://www.linux.com/users/jlwallen
[1]:https://antixlinux.com/
[2]:https://en.wikipedia.org/wiki/MEPIS
[3]:https://lxde.org/
[4]:https://mxlinux.org/download-links
[5]:/files/images/mxlinux1jpg
[6]:https://www.linux.com/sites/lcom/files/styles/rendered_file/public/mxlinux_1.jpg?itok=i9bNScjH (install)
[7]:/licenses/category/used-permission
[8]:/files/images/mxlinux3jpg
[9]:https://www.linux.com/sites/lcom/files/styles/rendered_file/public/mxlinux_3.jpg?itok=ppf2l_bm (user)
[10]:/files/images/mxlinux4jpg
[11]:https://www.linux.com/sites/lcom/files/styles/rendered_file/public/mxlinux_4.jpg?itok=mS1eBy9m (desktop)
[12]:/files/images/mxlinux5jpg
[13]:https://www.linux.com/sites/lcom/files/styles/floated_images/public/mxlinux_5.jpg?itok=wsN1hviN (panel)
[14]:/files/images/mxlinux6jpg
[15]:https://www.linux.com/sites/lcom/files/styles/floated_images/public/mxlinux_6.jpg?itok=vw8mIp9T (sharing)
[16]:/files/images/mxlinux7jpg
[17]:https://www.linux.com/sites/lcom/files/styles/floated_images/public/mxlinux_7.jpg?itok=tRIWdcEk (sharing)
[18]:/files/images/mxlinux8jpg
[19]:https://www.linux.com/sites/lcom/files/styles/floated_images/public/mxlinux_8.jpg?itok=ZS6lhZN2 (Samba)
[20]:https://training.linuxfoundation.org/linux-courses/system-administration-training/introduction-to-linux

163
translated/tech/20190711 Type Linux Commands In Capital Letters To Run Them As Sudo User.md
View File

@ -1,163 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: (geekpi)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Type Linux Commands In Capital Letters To Run Them As Sudo User)
[#]: via: (https://www.ostechnix.com/type-linux-commands-in-capital-letters-to-run-them-as-sudo-user/)
[#]: author: (sk https://www.ostechnix.com/author/sk/)
用大写字母输入 Linux 命令以将其作为 Sudo 用户运行
======
![Type Linux Commands In Capital Letters To Run Them As Sudo User][1]
我非常喜欢 Linux 社区的原因是他们创建了很多有趣的项目,你很少能在任何其他操作系统中找到它们。不久前,我们看了一个名为 [**“Hollywood”**][2] 的有趣项目,它在类 Ubuntu 系统将终端变成了好莱坞技术情景剧的黑客界面。还有一些其他工具,例如 **cowsay**、**fortune**、**sl** 和 **toilet** 等,用来打开时间和自娱自乐!它们可能没有用,但这些程序娱乐性不错并且使用起来很有趣。今天,我偶然发现了另一个名为 **“SUDO”** 的类似工具。正如名字暗示的那样,你无论何时用大写字母输入 Linux 命令SUDO 程序都会将它们作为 sudo 用户运行!这意味着,你无需在要运行的 Linux 命令前面输入 “sudo”。很酷不是么
### 安装 SUDO
* * *
**提醒一句:**
在安装(或任何程序)之前,请查看源代码(最后给出的链接),并查看是否包含会损害你的系统的可疑/恶意代码。在 VM中 测试它。如果你喜欢或觉得它很有用,你可以在个人/生产系统中使用它。
* * *
用 Git 克隆 SUDO 仓库:
```
$ git clone https://github.com/jthistle/SUDO.git
```
此命令将克隆 SUDO GIT 仓库的内容,并将它们保存在当前目录下的 “SUDO” 的目录中。
```
Cloning into 'SUDO'...
remote: Enumerating objects: 42, done.
remote: Counting objects: 100% (42/42), done.
remote: Compressing objects: 100% (29/29), done.
remote: Total 42 (delta 17), reused 30 (delta 12), pack-reused 0
Unpacking objects: 100% (42/42), done.
```
切换到 SUDO 目录:
```
$ cd SUDO/
```
并使用命令安装它:
```
$ ./install.sh
```
该命令将在 **~/.bashrc** 文件中添加以下行:
```
[...]
# SUDO - shout at bash to su commands
# Distributed under GNU GPLv2, @jthistle on github
shopt -s expand_aliases
IFS_=${IFS}
IFS=":" read -ra PATHS <<< "$PATH"
for i in "${PATHS[@]}"; do
for j in $( ls "$i" ); do
if [ ${j^^} != $j ] && [ $j != "sudo" ]; then
alias ${j^^}="sudo $j"
fi
done
done
alias SUDO='sudo $(history -p !!)'
IFS=${IFS_}
# end SUDO
```
它还会备份你的 **~/.bashrc** 并将其保存为 **~/.bashrc.old**。如果有重大错误,你可以恢复它。
最后,使用命令更新更改:
```
$ source ~/.bashrc
```
### 现在,用大写字母中输入 Linux 命令,将它们作为 Sudo 用户运行
通常我们像下面那样执行需要 sudo/root 权限的命令。
```
$ sudo mkdir /ostechnix
```
对么?没错!上面的命令将在根目录(/)中创建名为 “ostechnix” 的目录。让我们使用 **Ctrl + c** 取消。
一旦安装了 SUDO你就可以**在没有 sudo 的情况下输入任何大写 Linux 命令**并运行它们。因此,你可以像下面那样运行上面的命令:
```
$ MKDIR /ostechnix
$ TOUCH /ostechnix/test.txt
$ LS /ostechnix
```
![][3]
用大写字母输入 Linux 命令以将其作为 Sudo 用户运行
请注意**它无法绕过 sudo 密码**。你仍然需要键入 sudo 密码才能执行给定的命令。它只会有助于避免在每个命令前面输入“sudo”。
* * *
**相关阅读Related read:=**
* [**如何在 Linux 中没有 Sudo 密码运行特定命令**][4]
* [**如何恢复用户的 Sudo 权限**][5]
* [**如何在 Ubuntu 上为用户授予和删除 Sudo 权限**][6]
* [**如何在 Linux 系统中查找所有 Sudo 用户**][7]
* [**如何在终端中输入密码时显示星号**][8]
* [**如何更改 Linux 中的 Sudo 提示符**][9]
* * *
当然,输入 “sudo” 只需几秒钟,所以这不是什么大问题。 我必须告诉这是一个用来消磨时间的有趣且无用的项目。 如果你不喜欢它,那就去学习一些有用的东西吧。 如果你喜欢它,试一试,玩得开心!
**资源:**
* [**SUDO GitHub 仓库**][10]
--------------------------------------------------------------------------------
via: https://www.ostechnix.com/type-linux-commands-in-capital-letters-to-run-them-as-sudo-user/
作者:[sk][a]
选题:[lujun9972][b]
译者:[geekpi](https://github.com/geekpi)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.ostechnix.com/author/sk/
[b]: https://github.com/lujun9972
[1]: https://www.ostechnix.com/wp-content/uploads/2019/07/sudo-720x340.png
[2]: https://www.ostechnix.com/turn-ubuntu-terminal-hollywood-technical-melodrama-hacker-interface/
[3]: https://www.ostechnix.com/wp-content/uploads/2019/07/SUDO-in-action.gif
[4]: https://www.ostechnix.com/run-particular-commands-without-sudo-password-linux/
[5]: https://www.ostechnix.com/how-to-restore-sudo-privileges-to-a-user/
[6]: https://www.ostechnix.com/how-to-grant-and-remove-sudo-privileges-to-users-on-ubuntu/
[7]: https://www.ostechnix.com/find-sudo-users-linux-system/
[8]: https://www.ostechnix.com/display-asterisks-type-password-terminal/
[9]: https://www.ostechnix.com/change-sudo-prompt-linux-unix/
[10]: https://github.com/jthistle/SUDO

360
translated/tech/20190715 Understanding software design patterns.md
View File

@ -1,360 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: (arrowfeng)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Understanding software design patterns)
[#]: via: (https://opensource.com/article/19/7/understanding-software-design-patterns)
[#]: author: (Bryant Son https://opensource.com/users/brsonhttps://opensource.com/users/erezhttps://opensource.com/users/brson)
理解软件设计模式
======
设计模式可以帮助消除冗余代码。学习如何利用Java使用单例模式、工厂模式和观察者模式。
![clouds in the sky with blue pattern][1]
如果你是一名正在致力于计算机科学或者相关学科的程序员或者学生,很快,你将会遇到一条术语 “软件设计模式。” 根据维基百科_" [软件设计模式][2]是在平常的软件设计工作中所遭遇的问题是一种通用的, 可重复使用的解决方案。“_ 这里是我对定义的理解:当你在编码项目上的同时,你经常会思考,“呵呵,这里貌似是冗余代码,我想是否我能改变代码使得更灵活并且这个改变是可接受的?”因此,你将开始思考怎样分割那些保持不变的内容和需要经常改变的内容。
> 设计模式是一种通过分割那些保持不变的部分和经常变化的部分,让你的代码更容易修改的方法。
不出意外的话,每个从事编码工程的人都可能会有同样的思考。特别是那些工业级别的工程,在那里通常工作着数十甚至数百名开发者;协作过程表明必须有一些标准和规则来使代码更加优雅并适应变化。 这就是为什么我们有 [面向对象编程][3]OOP和 [软件框架工具][4]。设计模式有点类似于OOP但它通过将变化视为自然开发过程的一部分而进一步发展。基本上设计模式利用了一些OOP的思想比如抽象和接口但是专注于改变的过程。
当你开始开发项目时, 你经常会听到这样一个术语 _重构__意味着通过改变代码使它变得更优雅和可复用_ 这就是设计模式耀眼的地方。 无论什么时候你处理现有代码时(无论是由其他人构建还是你自己过去构建的),了解设计模式可以帮助你以不同的方式看待事物,你将发现问题以及改进代码的方法。
那里有很多种设计模式,其中单例模式,工厂模式,和观察者模式三种最受欢迎,在这篇文章中我将会一一介绍它们。
### 如何遵循本指南
无论你是一位有经验的编程工作者还是一名刚刚接触的新手,我想让这篇教程很容易让每个人都可以理解。设计模式概念并不容易理解,减少开始旅程时的学习曲线始终是首要任务。因此,除了这篇带有图表和代码片段的文章外,我还创建了一个 [GitHub仓库][5],你可以克隆和在你的电脑上运行代码去实现这三种设计模式。你也可以观看我创建的 [YouTube视频][6]。
#### 必要条件
如果你只是想了解一般的设计模式思想,则无需克隆示例项目或安装任何工具。但是,如果要运行示例代码,你需要安装以下工具:
* **Java Development Kit (JDK):** 我强烈建议 [OpenJDK][7]。
* **Apache Maven:** 这个简单的工程使用 [Apache Maven][8] 构建; 幸好许多IDEs自带了Maven。
* **Interactive development editor (IDE):** 我使用 [IntelliJ Community Edition][9], 但是你也可以使用 [Eclipse IDE][10] 或者其他你喜欢的 Java IDE。
* **Git:** 如果你想克隆这个工程,你需要 [Git][11]客户端。
安装好Git后运行下列命令克隆这个工程
```
`git clone https://github.com/bryantson/OpensourceDotComDemos.git`
```
然后在你喜欢的IDE中你可以将TopDesignPatterns仓库中的代码作为Apache Maven项目导入。
我正在使用Java但你也可以使用支持 [抽象原理][12]的任何编程语言来实现设计模式。
### 单例模式:避免每次创建一个对象
[单例模式][13]是非常受欢迎的设计模式它的实现相对来说很简单因为你只需要一个类。然而许多开发人员争论单例设计模式的是否利大于弊因为它缺乏明显的好处并且容易被滥用。很少有开发人员直接实现单例相反像Spring Framework和Google Guice等编程框架内置了单例设计模式的特性。
但是了解单例模式仍然有巨大的用处。单例模式确保一个类仅创建一次且提供了一个对他的全局访问点。
> **Singleton pattern:** 确保仅有一个实例被创建且避免在同样的工程中创建多个实例。
下面这幅图展示了经典的类对象创建过程。当客户端请求创建一个对象时,构造函数会创建或者实例化一个对象并调用方法返回这个类。但是每次请求一个对象都会发生这样的情况——构造函数被调用,一个新的对象被创建并且它返回一个唯一的对象。我猜面向对象语言的创建者有每次都创建一个新对象的原因,但是单例过程的支持者说这是冗余的且浪费资源。
![Normal class instantiation][14]
下面这幅图使用单例模式创建对象。这里,构造函数仅当对象首次通过调用预先设计好的 getInstance() 方法时才会被调用。这通常通过检查值是否为 null 来完成,并且这个对象被作为私有变量保存在单例类的内部。下次 getInstance() 被调用时,这个类会返回第一次被创建的对象。没有新的对象产生;它只是返回旧的那一个。
![Singleton pattern instantiation][15]
下面这段代码展示了创建单例模式最简单的方法:
```
package org.opensource.demo.singleton;
public class OpensourceSingleton {
    private static OpensourceSingleton uniqueInstance;
    private OpensourceSingleton() {
    }
    public static OpensourceSingleton getInstance() {
        if (uniqueInstance == null) {
            uniqueInstance = new OpensourceSingleton();
        }
        return uniqueInstance;
    }
}
```
在调用方, 这里展示了如何调用单例类来获取对象:
```
Opensource newObject = Opensource.getInstance();
```
这段代码很好的验证了单例模式的思想:
1. 当 getInstance() 被调用时,它通过检查 null 值来见检查对象是否已经被创建。
2. 如果值为空,它会创建一个新对象并把它保存到私有域,返回这个对象给调用者。否则直接返回之前被创建的对象。
单例模式实现的主要问题是它忽略了并行进程。当多个进程使用线程同时访问资源时,这个问题就产生了。对于这种情况有对应的解决方案,它被称为 _双重检查锁_ 用于多线程安全,如下所示:
```
package org.opensource.demo.singleton;
public class ImprovedOpensourceSingleton {
    private volatile static ImprovedOpensourceSingleton uniqueInstance;
    private ImprovedOpensourceSingleton() {}
    public static ImprovedOpensourceSingleton getInstance() {
        if (uniqueInstance == null) {
            synchronized (ImprovedOpensourceSingleton.class) {
                if (uniqueInstance == null) {
                    uniqueInstance = new ImprovedOpensourceSingleton();
                }
            }
        }
        return uniqueInstance;
    }
}
```
只是为了强调前一点,确保只有在你认为这是一个安全的选项时才能直接实现你的单例模式。最好的方法是通过使用一个制作精良的编程框架来利用单例功能。
### 工厂模式:将对象创建委派给工厂类以隐藏创建逻辑
[工厂模式][16] 是另一种众所周知的设计模式,但是有一小点复杂。实现工厂模式的方法有很多,而下列的代码示例为最简单的实现方式。为了创建对象,工厂模式定义了一个接口,让它的子类去决定哪一个子类实例化。
> **Factory pattern:** 将对象创建委派给工厂类,因此它能隐藏创建逻辑。
下列的图片展示了最简单的工厂模式是如何实现的?
![Factory pattern][17]
客户端请求工厂类创建某个对象,类型 x而不是客户端直接调用对象创建。根据类型工厂模式决定要创建和返回的对象。
在下列代码示例中OpensourceFactory 是工厂类实现,它从调用者那里获取 _类型_ 并根据该输入值决定要创建和返回的对象:
```
package org.opensource.demo.factory;
public class OpensourceFactory {
    public OpensourceJVMServers getServerByVendor([String][18] name) {
        if(name.equals("Apache")) {
            return new Tomcat();
        }
        else if(name.equals("Eclipse")) {
            return new Jetty();
        }
        else if (name.equals("RedHat")) {
            return new WildFly();
        }
        else {
            return null;
        }
    }
}
```
OpenSourceJVMServer 是一个100%的抽象类(或者一个接口类),它指示要实现的是什么,而不是怎样实现:
```
package org.opensource.demo.factory;
public interface OpensourceJVMServers {
    public void startServer();
    public void stopServer();
    public [String][18] getName();
}
```
这是一个 OpensourceJVMServers 实现类示例。当 “RedHat” 被作为类型传递给工厂类WildFly 服务器将被创建:
```
package org.opensource.demo.factory;
public class WildFly implements OpensourceJVMServers {
    public void startServer() {
        [System][19].out.println("Starting WildFly Server...");
    }
    public void stopServer() {
        [System][19].out.println("Shutting Down WildFly Server...");
    }
    public [String][18] getName() {
        return "WildFly";
    }
}
```
### 观察者模式:订阅主题并获取相关更新的通知
最后是[观察者模式][20]。像单例模式那样,很少有专业的程序员直接实现观察者模式。但是,许多消息队列和数据服务实现都借用了观察者模式的概念。观察者模式在对象之间定义了一对多的依赖关系,当一个对象的状态发生改变时,所有依赖它的对象都将被自动地通知和更新。
> **Observer pattern:** 如果有更新,那么订阅了该话题/主题的客户端将被通知。
思考观察者模式的最简单方法是想象一个邮件列表,你可以在其中订阅任何主题,无论是开源,技术,名人,烹饪还是您感兴趣的任何其他内容。每个主题维护者一个它的订阅者列表,在观察者模式中它们相当于观察者。当某一个主题更新时,它所有的订阅者(观察者)都将被通知这次改变。并且订阅者总是能取消某一个主题的订阅。
如下图所示,客户端可以订阅不同的主题并添加观察者以获得最新信息的通知。因为观察者不断的监听着这个主题,这个观察者会通知客户端任何发生的改变。
![Observer pattern][21]
让我们呢来看看观察者模式的代码示例,从主题/话题类开始:
```
package org.opensource.demo.observer;
public interface Topic {
    public void addObserver([Observer][22] observer);
    public void deleteObserver([Observer][22] observer);
    public void notifyObservers();
}
```
这段代码描述了一个接口为不同的主题去实现已定义的方法。注意一个观察者如何被添加、移除和通知。
这是一个主题的实现示例:
```
package org.opensource.demo.observer;
import java.util.List;
import java.util.ArrayList;
public class Conference implements Topic {
    private List&lt;Observer&gt; listObservers;
    private int totalAttendees;
    private int totalSpeakers;
    private [String][18] nameEvent;
    public Conference() {
        listObservers = new ArrayList&lt;Observer&gt;();
    }
    public void addObserver([Observer][22] observer) {
        listObservers.add(observer);
    }
    public void deleteObserver([Observer][22] observer) {
        int i = listObservers.indexOf(observer);
        if (i &gt;= 0) {
            listObservers.remove(i);
        }
    }
    public void notifyObservers() {
        for (int i=0, nObservers = listObservers.size(); i &lt; nObservers; ++ i) {
            [Observer][22] observer = listObservers.get(i);
            observer.update(totalAttendees,totalSpeakers,nameEvent);
        }
    }
    public void setConferenceDetails(int totalAttendees, int totalSpeakers, [String][18] nameEvent) {
        this.totalAttendees = totalAttendees;
        this.totalSpeakers = totalSpeakers;
        this.nameEvent = nameEvent;
        notifyObservers();
    }
}
```
这段代码定义了一个特定主题的实现。当发生改变时,这个实现调用它自己的方法。 注意这将获取存储为列表的观察者的数量,并且可以通知和维护观察者。
这是一个观察者类:
```
package org.opensource.demo.observer;
public interface [Observer][22] {
    public void update(int totalAttendees, int totalSpeakers, [String][18] nameEvent);
}
```
这个类定义了一个接口,不同的观察者可以实现该接口以执行特定的操作。
例如,实现了该接口的观察者可以在会议上打印出与会者和发言人的数量:
```
package org.opensource.demo.observer;
public class MonitorConferenceAttendees implements [Observer][22] {
    private int totalAttendees;
    private int totalSpeakers;
    private [String][18] nameEvent;
    private Topic topic;
    public MonitorConferenceAttendees(Topic topic) {
        this.topic = topic;
        topic.addObserver(this);
    }
    public void update(int totalAttendees, int totalSpeakers, [String][18] nameEvent) {
        this.totalAttendees = totalAttendees;
        this.totalSpeakers = totalSpeakers;
        this.nameEvent = nameEvent;
        printConferenceInfo();
    }
    public void printConferenceInfo() {
        [System][19].out.println(this.nameEvent + " has " + totalSpeakers + " speakers and " + totalAttendees + " attendees");
    }
}
```
### 之后去哪?
现在你已经阅读了这篇对于设计模式的介绍引导,你应该去一个好地方寻求其他设计模式,例如外观模式,模版模式和装饰器模式。也有一些并发和分布式系统的设计模式如断路器模式和锚定模式。
可是我相信最好的磨砺你的技能首先是通过在你的边缘工程或者练习中实现这些设计模式。你甚至可以开始考虑如何在实际项目中应用这些设计模式。接下来我强烈建议您查看OOP的 [SOLID原则][23]。之后,你将准备好了解其他设计模式。
However, I believe it's best to hone your skills first by implementing these design patterns in your side projects or just as practice. You can even begin to contemplate how you can apply these design patterns in your real projects. Next, I highly recommend checking out the [SOLID principles][23] of OOP. After that, you will be ready to look into the other design patterns.
--------------------------------------------------------------------------------
via: https://opensource.com/article/19/7/understanding-software-design-patterns
作者:[Bryant Son][a]
选题:[lujun9972][b]
译者:[arrowfeng](https://github.com/arrowfeng)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/brsonhttps://opensource.com/users/erezhttps://opensource.com/users/brson
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/rh_003601_05_mech_osyearbook2016_cloud_cc.png?itok=XSV7yR9e (clouds in the sky with blue pattern)
[2]: https://en.wikipedia.org/wiki/Software_design_pattern
[3]: https://en.wikipedia.org/wiki/Object-oriented_programming
[4]: https://en.wikipedia.org/wiki/Software_framework
[5]: https://github.com/bryantson/OpensourceDotComDemos/tree/master/TopDesignPatterns
[6]: https://www.youtube.com/watch?v=VlBXYtLI7kE&feature=youtu.be
[7]: https://openjdk.java.net/
[8]: https://maven.apache.org/
[9]: https://www.jetbrains.com/idea/download/#section=mac
[10]: https://www.eclipse.org/ide/
[11]: https://git-scm.com/
[12]: https://en.wikipedia.org/wiki/Abstraction_principle_(computer_programming)
[13]: https://en.wikipedia.org/wiki/Singleton_pattern
[14]: https://opensource.com/sites/default/files/uploads/designpatterns1_normalclassinstantiation.jpg (Normal class instantiation)
[15]: https://opensource.com/sites/default/files/uploads/designpatterns2_singletonpattern.jpg (Singleton pattern instantiation)
[16]: https://en.wikipedia.org/wiki/Factory_method_pattern
[17]: https://opensource.com/sites/default/files/uploads/designpatterns3_factorypattern.jpg (Factory pattern)
[18]: http://www.google.com/search?hl=en&q=allinurl%3Adocs.oracle.com+javase+docs+api+string
[19]: http://www.google.com/search?hl=en&q=allinurl%3Adocs.oracle.com+javase+docs+api+system
[20]: https://en.wikipedia.org/wiki/Observer_pattern
[21]: https://opensource.com/sites/default/files/uploads/designpatterns4_observerpattern.jpg (Observer pattern)
[22]: http://www.google.com/search?hl=en&q=allinurl%3Adocs.oracle.com+javase+docs+api+observer
[23]: https://en.wikipedia.org/wiki/SOLID