document/TranslateProject
2
0
Fork 0
mirror of https://github.com/LCTT/TranslateProject.git synced 2025-01-25 23:11:02 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'LCTT/master'

Browse Source
This commit is contained in:
Xingyu.Wang 2018-09-07 18:50:09 +08:00
commit dc68c95d2e
17 changed files with 1188 additions and 621 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
published/20180226 Linux Virtual Machines vs Linux Live Images.md Normal file
View File

@ -0,0 +1,61 @@
Linux 虚拟机与 Linux 现场镜像版
======
> Linux 虚拟机与 Linux 现场镜像版各有优势,也有不足。
首先我得承认,我非常喜欢频繁尝试新的 [Linux 发行版本][1]。然而,我用来测试它们的方法根据每次目标而有所不同。在这篇文章中,我们来看看两种运行 Linux 的模式:虚拟机或<ruby>现场镜像版<rt>live image</rt></ruby>。每一种方式都存在优势,但是也有一些不足。
### 首次测试一个全新的 Linux 发行版
当我首次测试一个全新 Linux 发行版时,我使用的方法很大程度上依赖于我当前所拥有的 PC 资源。如果我使用台式机,我会在一台虚拟机中运行该发行版来测试。使用这种方法的原因是,我可以下载并测试该发行版,不只是在一个现场环境中,而且也可以作为一个带有持久存储的安装的系统。
另一方面,如果我的 PC 不具备强劲的硬件,那么通过 Linux 的虚拟机安装来测试发行版是适得其反的。我会将那台 PC 压榨到它的极限,诚然,更好的是使用现场版的 Linux 映像,而不是从闪存驱动器中运行。
### 体验新的 Linux 发行版本的软件
如果你有兴趣查看发行版本的桌面环境或可用的软件,那使用它的现场镜像版就没错了。一个现场版环境可以提供给你所预期的全局视角、其所提供的软件和用户体验的整体感受。
公平的说,你也可以在虚拟机上达到同样的效果,但是它有一点不好,如果这么做会让更多数据填满你的磁盘空间。毕竟这只是对发行版的一个简单体验。记得我在第一节说过:我喜欢在虚拟机上运行 Linux 来做测试。用这个方式我就能看到如何去安装它、分区是怎么样的等等,而使用现场镜像版时你就看不到这些。
这种体验方式通常表明你只想对该发行版本有个大致了解,所以在这种情况下,这种只需要付出最小的精力和时间的方式是一种不错的办法。
### 随身携带一个发行版
这种方式虽然不像几年前那样普遍,这种随身携带一个 Linux 发行版的能力也许是出于对某些用户的考虑。显然,虚拟机安装对于便携性并无太多帮助。不过,现场镜像版实际上是十分便携的。现场镜像版可以写入到 DVD 当中或复制到一个闪存盘中而便于携带。
从 Linux 的便携性这个概念上展开来说,当要在一个朋友的电脑上展示 Linux 如何工作,使用一个闪存盘上的现场镜像版也是很方便的。这可以使你能演示 Linux 如何丰富他们的生活,而不用必须在他们的 PC 上运行一个虚拟机。使用现场镜像版这就有点双赢的感觉了。
### 选择做双引导 Linux
这接下来的方式是个大工程。考虑一下,也许你是一个 Windows 用户。你喜欢玩 Linux但又不愿意冒险。除了在某些情况下会出些状况或者识别个别分区时遇到问题双引导方式就没啥挑剔的。无论如何使用 Linux 虚拟机或现场镜像版都对于你来说是一个很好的选择。
现在,我在某些事情上采取了奇怪的立场。我认为长期在闪存盘上运行现场镜像版要比虚拟机更有价值。这有两个原因。首先,您将会习惯于真正运行 Linux而不是在 Windows 之上的虚拟机中运行它。其次,您可以设置闪存盘以包含持久存储的用户数据。
我知道你会说用一个虚拟机运行 Linux 也是如此,然而,使用现场镜像版的方式,你绝不会因为更新而被破坏任何东西。为什么?因为你不会更新你的宿主系统或者客户系统。请记住,有整个 Linux 发行版本被设计为持久存储的 Linux 发行版。Puppy Linux 就是一个非常好的例子。它不仅能运行在要被回收或丢弃的个人 PC 上,它也可以让你永远不被频繁的系统升级所困扰,这要感谢该发行版处理安全更新的方式。这不是一个常规的 Linux 发行版,而是以这样的一种方式封闭了安全问题——即持久存储的现场镜像版中没有什么令人担心的坏东西。
### Linux 虚拟机绝对是一个最好的选择
在我结束这篇文章时,让我告诉你。有一种场景下,使用 Virtual Box 等虚拟机绝对比现场镜像版更好:记录 Linux 发行版的桌面环境。
例如,我制作了一个视频,里面介绍和点评了许多 Linux 发行版。使用现场镜像版进行此操作需要我用硬件设备捕获屏幕,或者从现场镜像版的软件仓库中安装捕获软件。显然,虚拟机比 Linux 发行版的现场镜像版更适合这项工作。
一旦你需要采集音频进行混音,毫无疑问,如果您要使用软件来捕获您的点评语音,那么您肯定希望拥有一个宿主操作系统,里面包含了一个起码的捕获环境的所有基本需求。同样,您可以使用硬件设备来完成所有这一切,但如果您只是做兼职的视频/音频捕获, 那么这可能要付出成本高昂的代价。
### Linux 虚拟机 VS. Linux 现场镜像版
你最喜欢尝试新发行版的方式是哪些?也许,你是那种可以很好地格式化磁盘、将风险置之脑后的人,所以这里说的这些都是没用的?
我在网上互动的大多数人都倾向于遵循我上面提及的方法,但是我很想知道哪种方式更加适合你。点击评论框,让我知道在体验 Linux 发行版世界最伟大和最新的版本时,您更喜欢哪种方法。
--------------------------------------------------------------------------------
via: https://www.datamation.com/open-source/linux-virtual-machines-vs-linux-live-images.html
作者:[Matt Hartley][a]
译者:[sober-wang](https://github.com/sober-wang)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://www.datamation.com/author/Matt-Hartley-3080.html
[1]:https://www.datamation.com/open-source/best-linux-distro.html

341
published/20180529 How To Add Additional IP (Secondary IP) In Ubuntu System.md Normal file
View File

@ -0,0 +1,341 @@
如何在 Ubuntu 系统中添加一个辅助 IP 地址
======
Linux 管理员应该意识到这一点,因为这是一项例行任务。很多人想知道为什么我们需要在服务器中添加多个 IP 地址,以及为什么我们需要将它添加到单块网卡中?我说的对吗?
你可能也会有类似的问题:在 Linux 中如何为单块网卡分配多个 IP 地址?在本文中,你可以得到答案。
当我们对一个新服务器进行设置时,理想情况下它将有一个 IP 地址,即服务器主 IP 地址,它与服务器主机名对应。
我们不应在服务器主 IP 地址上托管任何应用程序,这是不可取的。如果要在服务器上托管任何应用程序,我们应该为此添加辅助 IP。
这是业界的最佳实践,它允许用户安装 SSL 证书。大多数系统都配有单块网卡,这足以添加额外的 IP 地址。
**建议阅读:**
- [在 Linux 命令行中 9 种方法检查公共 IP 地址][1]
- [在 Linux 终端中 3 种简单的方式来检查 DNS域名服务器记录][2]
- [在 Linux 上使用 Dig 命令检查 DNS域名服务器记录][3]
- [在 Linux 上使用 Nslookup 命令检查 DNS域名服务器记录][4]
- [在 Linux 上使用 Host 命令检查 DNS域名服务器记录][5]
我们可以在同一个接口上添加 IP 地址,或者在同一设备上创建子接口,然后在其中添加 IP。默认情况下一直到 Ubuntu 14.04 LTS接口给名称为 `ethX (eth0)`,但是从 Ubuntu 15.10 之后网络接口名称已从 `ethX` 更改为 `enXXXXX`(对于服务器是 ens33桌面版是 enp0s3
在本文中,我们将教你如何在 Ubuntu 上执行此操作并且衍生到其它发行版to 校正:这句自己加的)。
**注意:**别在 DNS 详细信息后添加 IP 地址。如果是这样DNS 将无法正常工作。
### 如何在 Ubuntu 14.04 LTS 中添加临时辅助 IP 地址
在系统中添加 IP 地址之前,运行以下任一命令即可验证服务器主 IP 地址:
```
# ifconfig
# ip addr
# ip addr
eth0 Link encap:Ethernet HWaddr 08:00:27:98:b7:36
inet addr:192.168.56.150 Bcast:192.168.56.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe98:b736/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:4 errors:0 dropped:0 overruns:0 frame:0
TX packets:105 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:902 (902.0 B) TX bytes:16423 (16.4 KB)
eth1 Link encap:Ethernet HWaddr 08:00:27:6a:cf:d3
inet addr:10.0.3.15 Bcast:10.0.3.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe6a:cfd3/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:80 errors:0 dropped:0 overruns:0 frame:0
TX packets:146 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:8698 (8.6 KB) TX bytes:17047 (17.0 KB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:25 errors:0 dropped:0 overruns:0 frame:0
TX packets:25 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:1730 (1.7 KB) TX bytes:1730 (1.7 KB)
```
如我所见,服务器主 IP 地址是 `192.168.56.150`,我将下一个 IP `192.168.56.151` 作为辅助 IP使用以下方法完成
```
# ip addr add 192.168.56.151/24 broadcast 192.168.56.255 dev eth0 label eth0:1
```
输入以下命令以检查新添加的 IP 地址。如果你重新启动服务器,那么新添加的 IP 地址会消失,因为我们的 IP 是临时添加的。
```
# ip addr
1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 08:00:27:98:b7:36 brd ff:ff:ff:ff:ff:ff
inet 192.168.56.150/24 brd 192.168.56.255 scope global eth0
valid_lft forever preferred_lft forever
inet 192.168.56.151/24 brd 192.168.56.255 scope global secondary eth0:1
valid_lft forever preferred_lft forever
inet6 fe80::a00:27ff:fe98:b736/64 scope link
valid_lft forever preferred_lft forever
3: eth1: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 08:00:27:6a:cf:d3 brd ff:ff:ff:ff:ff:ff
inet 10.0.3.15/24 brd 10.0.3.255 scope global eth1
valid_lft forever preferred_lft forever
inet6 fe80::a00:27ff:fe6a:cfd3/64 scope link
valid_lft forever preferred_lft forever
```
### 如何在 Ubuntu 14.04 LTS 中添加永久辅助 IP 地址
要在 Ubuntu 系统上添加永久辅助 IP 地址,只需编辑 `/etc/network/interfaces` 文件并添加所需的 IP 详细信息。
```
# vi /etc/network/interfaces
```
```
# vi /etc/network/interfaces
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet static
address 192.168.56.150
netmask 255.255.255.0
network 192.168.56.0
broadcast 192.168.56.255
gateway 192.168.56.1
auto eth0:1
iface eth0:1 inet static
address 192.168.56.151
netmask 255.255.255.0
```
保存并关闭文件,然后重启网络接口服务。
```
# service networking restart
# ifdown eth0:1 && ifup eth0:1
```
验证新添加的 IP 地址:
```
# ifconfig
eth0 Link encap:Ethernet HWaddr 08:00:27:98:b7:36
inet addr:192.168.56.150 Bcast:192.168.56.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe98:b736/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:5 errors:0 dropped:0 overruns:0 frame:0
TX packets:84 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:962 (962.0 B) TX bytes:11905 (11.9 KB)
eth0:1 Link encap:Ethernet HWaddr 08:00:27:98:b7:36
inet addr:192.168.56.151 Bcast:192.168.56.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
eth1 Link encap:Ethernet HWaddr 08:00:27:6a:cf:d3
inet addr:10.0.3.15 Bcast:10.0.3.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe6a:cfd3/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:4924 errors:0 dropped:0 overruns:0 frame:0
TX packets:3185 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:4037636 (4.0 MB) TX bytes:422516 (422.5 KB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
```
### 如何在 Ubuntu 16.04 LTS 中临时添加辅助 IP 地址
正如本文开头所述,网络接口名称从 Ubuntu 15.10 就开始从 ethX 更改为 enXXXX (enp0s3),所以,替换你的接口名称。
在执行此操作之前,先检查系统上的 IP 信息:
```
# ifconfig
# ip addr
enp0s3: flags=4163 mtu 1500
inet 192.168.56.201 netmask 255.255.255.0 broadcast 192.168.56.255
inet6 fe80::a00:27ff:fe97:132e prefixlen 64 scopeid 0x20
ether 08:00:27:97:13:2e txqueuelen 1000 (Ethernet)
RX packets 7 bytes 420 (420.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 294 bytes 24747 (24.7 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
enp0s8: flags=4163 mtu 1500
inet 10.0.3.15 netmask 255.255.255.0 broadcast 10.0.3.255
inet6 fe80::344b:6259:4dbe:eabb prefixlen 64 scopeid 0x20
ether 08:00:27:12:e8:c1 txqueuelen 1000 (Ethernet)
RX packets 1 bytes 590 (590.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 97 bytes 10209 (10.2 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73 mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10
loop txqueuelen 1000 (Local Loopback)
RX packets 325 bytes 24046 (24.0 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 325 bytes 24046 (24.0 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
```
如我所见,服务器主 IP 地址是 `192.168.56.201`,所以,我将下一个 IP `192.168.56.202` 作为辅助 IP使用以下命令完成。
```
# ip addr add 192.168.56.202/24 broadcast 192.168.56.255 dev enp0s3
```
运行以下命令来检查是否已分配了新的 IP。当你重启机器时它会消失。
```
# ip addr
1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s3: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 08:00:27:97:13:2e brd ff:ff:ff:ff:ff:ff
inet 192.168.56.201/24 brd 192.168.56.255 scope global enp0s3
valid_lft forever preferred_lft forever
inet 192.168.56.202/24 brd 192.168.56.255 scope global secondary enp0s3
valid_lft forever preferred_lft forever
inet6 fe80::a00:27ff:fe97:132e/64 scope link
valid_lft forever preferred_lft forever
3: enp0s8: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 08:00:27:12:e8:c1 brd ff:ff:ff:ff:ff:ff
inet 10.0.3.15/24 brd 10.0.3.255 scope global dynamic enp0s8
valid_lft 86353sec preferred_lft 86353sec
inet6 fe80::344b:6259:4dbe:eabb/64 scope link
valid_lft forever preferred_lft forever
```
### 如何在 Ubuntu 16.04 LTS 中添加永久辅助 IP 地址
要在 Ubuntu 系统上添加永久辅助 IP 地址,只需编辑 `/etc/network/interfaces` 文件并添加所需 IP 的详细信息。
我们不应该在 `dns-nameservers` 行之后添加辅助 IP 地址,因为它不会起作用,应该以下面的格式添加 IP 详情。
此外,我们不需要添加子接口(我们之前在 Ubuntu 14.04 LTS 中的做法):
```
# vi /etc/network/interfaces
# interfaces(5) file used by ifup(8) and ifdown(8)
auto lo
iface lo inet loopback
# The primary network interface
auto enp0s3
iface enp0s3 inet static
address 192.168.56.201
netmask 255.255.255.0
iface enp0s3 inet static
address 192.168.56.202
netmask 255.255.255.0
gateway 192.168.56.1
network 192.168.56.0
broadcast 192.168.56.255
dns-nameservers 8.8.8.8 8.8.4.4
dns-search 2daygeek.local
```
保存并关闭文件,然后重启网络接口服务:
```
# systemctl restart networking
# ifdown enp0s3 && ifup enp0s3
```
运行以下命令来检查是否已经分配了新的 IP
```
# ip addr
1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s3: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 08:00:27:97:13:2e brd ff:ff:ff:ff:ff:ff
inet 192.168.56.201/24 brd 192.168.56.255 scope global enp0s3
valid_lft forever preferred_lft forever
inet 192.168.56.202/24 brd 192.168.56.255 scope global secondary enp0s3
valid_lft forever preferred_lft forever
inet6 fe80::a00:27ff:fe97:132e/64 scope link
valid_lft forever preferred_lft forever
3: enp0s8: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 08:00:27:12:e8:c1 brd ff:ff:ff:ff:ff:ff
inet 10.0.3.15/24 brd 10.0.3.255 scope global dynamic enp0s8
valid_lft 86353sec preferred_lft 86353sec
inet6 fe80::344b:6259:4dbe:eabb/64 scope link
valid_lft forever preferred_lft forever
```
让我来 ping 一下新 IP 地址:
```
# ping 192.168.56.202 -c 4
PING 192.168.56.202 (192.168.56.202) 56(84) bytes of data.
64 bytes from 192.168.56.202: icmp_seq=1 ttl=64 time=0.019 ms
64 bytes from 192.168.56.202: icmp_seq=2 ttl=64 time=0.087 ms
64 bytes from 192.168.56.202: icmp_seq=3 ttl=64 time=0.034 ms
64 bytes from 192.168.56.202: icmp_seq=4 ttl=64 time=0.042 ms
--- 192.168.56.202 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3068ms
rtt min/avg/max/mdev = 0.019/0.045/0.087/0.026 ms
```
--------------------------------------------------------------------------------
via: https://www.2daygeek.com/how-to-add-additional-ip-secondary-ip-in-ubuntu-debian-system/
作者:[Prakash Subramanian][a]
选题:[lujun9972](https://github.com/lujun9972)
译者:[MjSeven](https://github.com/MjSeven)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://www.2daygeek.com/author/prakash/
[1]:https://www.2daygeek.com/check-find-server-public-ip-address-linux/
[2]:https://www.2daygeek.com/check-find-dns-records-of-domain-in-linux-terminal/
[3]:https://www.2daygeek.com/dig-command-check-find-dns-records-lookup-linux/
[4]:https://www.2daygeek.com/nslookup-command-check-find-dns-records-lookup-linux/
[5]:https://www.2daygeek.com/host-command-check-find-dns-records-lookup-linux/

46
translated/tech/20180822 How To Switch Between TTYs Without Using Function Keys In Linux.md → published/20180822 How To Switch Between TTYs Without Using Function Keys In Linux.md
View File

@ -3,86 +3,85 @@
![](https://www.ostechnix.com/wp-content/uploads/2018/08/Switch-Between-TTYs-720x340.png)
本简要指南介绍了在类 Unix 操作系统中如何在不使用功能键的情况下切换 TTY。在进一步讨论之前我们将了解 TTY 是什么。正如在 AskUbuntu 论坛的一个[**答案**][1]中所提到的,**TTY**这个词来自 **T**ele **TY** pewriter。在 Unix 的早期,连接到计算机的用户终端就是机电电传机或电传打字机(简称 tty。从那时起TTY 这个名称继续用于纯文本控制台。如今所有文本控制台都代表虚拟控制台而不是物理控制台。TTY 命令打印连接到标准输入的终端的文件名。
本简要指南介绍了在类 Unix 操作系统中如何在不使用功能键的情况下切换 TTY。在进一步讨论之前我们将了解 TTY 是什么。正如在 AskUbuntu 论坛的一个[答案][1]中所提到的,**TTY**这个词来自 **T**ele**TY**pewriter(电传打字机)。在 Unix 的早期,连接到计算机的用户终端就是机电电传机或电传打字机(简称 tty。从那时起TTY 这个名称继续用于纯文本控制台。如今所有文本控制台都代表虚拟控制台而不是物理控制台。TTY 命令打印连接到标准输入的终端的文件名。
### 在 Linux 中切换 TTY
默认情况下Linux 中有 7 个 tty。它们被称为 tty1、tty2。。。tty7。1 到 6 tty 只是命令行。第 7 个 tty 是 GUI你的 X 桌面会话)。你可以使用 **CTRL+ALT+Fn** 键在不同的 TTY 之间切换。例如,要切换到 tty1我们按下 CTRL+ALT+F1。这就是 tty1 在 Ubuntu 18.04 LTS 服务器中的样子。
默认情况下Linux 中有 7 个 tty。它们被称为 tty1、tty2……tty7。1 到 6 的 tty 只是命令行。第 7 个 tty 是 GUI你的 X 桌面会话)。你可以使用 `CTRL+ALT+Fn` 键在不同的 TTY 之间切换。例如,要切换到 tty1我们按下 `CTRL+ALT+F1`。这就是 tty1 在 Ubuntu 18.04 LTS 服务器中的样子。
![](https://www.ostechnix.com/wp-content/uploads/2018/08/tty1.png)
如果你的系统没有 X 会话,
如果你的系统没有 X 会话, 只需要按下 `Alt+Fn` 键,不需要按下 `CTRL`
在某些 Linux 版本中(例如,从 Ubuntu 17.10 开始),登录页面开始使用虚拟控制台 1。因此你需要按 CTRL+ALT+F3 到 CTRL+ALT+F6 来访问虚拟控制台。要返回桌面环境,请在 Ubuntu 17.10 及更高版本上按下 CTRL+ALT+F2 或 CTRL+ALT+F7。
在某些 Linux 版本中(例如,从 Ubuntu 17.10 开始),登录屏开始使用 1 号虚拟控制台。因此,你需要按 `CTRL+ALT+F3``CTRL+ALT+F6` 来访问虚拟控制台。要返回桌面环境,请在 Ubuntu 17.10 及更高版本上按下 `CTRL+ALT+F2``CTRL+ALT+F7`
目前为止我们看到我们可以使用 CTRL+ALT+功能键F1-F7)在 TTY 之间轻松切换。但是,如果出于任何原因你不想使用功能键,那么在 Linux 中有一个名为 **“chvt”** 的简单命令。
目前为止我们看到我们可以使用 `CTRL+ALT+Fn``F1` - `F7`)在 TTY 之间轻松切换。但是,如果出于任何原因你不想使用功能键,那么在 Linux 中有一个名为 `chvt` 的简单命令。
“chvt N” 命令让你切换到前台终端 N这与按 CTRL+ALT+Fn 相同。如果它不存在,则创建相应的屏幕。
`chvt N` 命令让你切换到前台终端 N这与按 `CTRL+ALT+Fn` 相同。如果它不存在,则创建相应的屏幕。
让我们试试显示当前的 tty
让我们试试打印当前的 tty
```
$ tty
```
我的 Ubuntu 18.04 LTS 服务器的示例输出。
![](https://www.ostechnix.com/wp-content/uploads/2018/08/tty-command-output.png)
现在让我们切换到 tty2。为此请输入
```
$ sudo chvt 2
```
记住你需要在 chvt 命令中使用 “sudo”
记住你需要在 `chvt` 命令一同使用 `sudo`
现在,使用命令检查当前的 tty
```
$ tty
```
你会看到 tty 现在已经改变了。
同样,你可以使用 “sudo chvt 3” 切换到 tty3使用 “sudo chvt 4” 切换到 tty4 等等。
同样,你可以使用 `sudo chvt 3` 切换到 tty3使用 `sudo chvt 4` 切换到 tty4 等等。
当任何一个功能键不起作用时chvt 命令会很有用。
当任何一个功能键不起作用时,`chvt` 命令会很有用。
要查看活动虚拟控制台的总数,请运行:
```
$ fgconsole
2
```
如你所见,我的系统中有两个活动的 VT
如你所见,我的系统中有两个活动的虚拟终端
你可以使用以下命令查看下一个未分配的虚拟终端:
```
$ fgconsole --next-available
3
```
如果虚拟控制台不是前台控制台,并且它没有打开任何进程来读取或写入,并且未在其屏幕上选择任何文本,则它是未使用的。
要移除未使用的 VT只需键入
要移除未使用的虚拟终端,只需键入:
```
$ deallocvt
```
上面的命令为所有未使用的虚拟控制台释放内核内存和数据结构。简单地说,此命令将释放连接到未使用的虚拟控制台的所有资源。
有关更多详细信息,请参阅相应命令的手册页。
```
$ man tty
$ man chvt
$ man fgconsole
$ man deallocvt
```
就是这些了。希望这很有用。还有更多的好东西。敬请关注!
@ -90,7 +89,6 @@ $ man deallocvt
干杯!
--------------------------------------------------------------------------------
via: https://www.ostechnix.com/how-to-switch-between-ttys-without-using-function-keys-in-linux/
@ -98,7 +96,7 @@ via: https://www.ostechnix.com/how-to-switch-between-ttys-without-using-function
作者:[SK][a]
选题:[lujun9972](https://github.com/lujun9972)
译者:[geekpi](https://github.com/geekpi)
校对:[校对者ID](https://github.com/校对者ID)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出

71
sources/tech/20111221 30 Best Sources For Linux - -BSD - Unix Documentation On the Web.md
View File

@ -1,5 +1,12 @@
30 Best Sources For Linux / *BSD / Unix Documentation On the Web
# sober-wang 翻译中
30 Best Sources For Linux / *BSD / Unix Documentation On the We
======
Man pages are written by sys-admin and developers for IT techs, and are intended more as a reference than as a how to. Man pages are very useful for people who are already familiar with Linux, Unix, and BSD operating systems. Use man pages when you just need to know the syntax for particular commands or configuration file, but they are not helpful for new Linux users. Man pages are not good for learning something new for the first time. Here are thirty best documentation sites on the web for learning Linux and Unix like operating systems.
![Dennis Ritchie and Ken Thompson working with UNIX PDP11][1]
@ -12,8 +19,8 @@ Please note that BSD manpages are usually better as compare to Linux.
RHEL is developed by Red Hat and targeted toward the commercial market. It has one of the best documentations covering basis of RHEL to advanced topics like security, SELinux, virtualization, directory server, clustering, JBOSS, HPC, and much more. Red Hat documentation has been translated into twenty-two languages and is available in multi-page HTML, single-page HTML, PDF, and EPUB formats. The good news is you can use the same documentation for CentOS or Scientific Linux (community enterprise distros). All of these documents ship with the OS, so if you don't have a network connection, then you have them there as well. The RHEL docs **covers everything from installation to configuring clusters**. The only downside is you need to be a paid customer. This is perfect for an enterprise company.
1. RHEL Documentation: [in HTML/PDF format][3]
2. Support forums: Only available to Red Hat customer portal to submit a support case.
1. RHEL Documentation: [in HTML/PDF format][3]
2. Support forums: Only available to Red Hat customer portal to submit a support case.
@ -366,87 +373,87 @@ via: https://www.cyberciti.biz/tips/linux-unix-bsd-documentations.html
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://www.cyberciti.biz
[1]:https://www.cyberciti.biz/media/new/tips/2011/12/unix-pdp11.jpg (Dennis Ritchie and Ken Thompson working with UNIX PDP11)
[2]:https://www.cyberciti.biz/media/new/tips/2011/12/redhat-enterprise-linux-docs-150x150.png (Red hat Enterprise Linux Docs)
[1]:https://www.cyberciti.biz/media/new/tips/2011/12/unix-pdp11.jpg "Dennis Ritchie and Ken Thompson working with UNIX PDP11"
[2]:https://www.cyberciti.biz/media/new/tips/2011/12/redhat-enterprise-linux-docs-150x150.png "Red hat Enterprise Linux Docs"
[3]:https://access.redhat.com/documentation/en-us/
[4]:https://www.cyberciti.biz/media/new/tips/2011/12/centos-linux-wiki-150x150.png (Centos Linux Wiki, Support, Documents)
[5]:https://www.cyberciti.biz/media/new/tips/2011/12/arch-linux-wiki-150x150.png (Arch Linux wiki and tutorials )
[4]:https://www.cyberciti.biz/media/new/tips/2011/12/centos-linux-wiki-150x150.png "Centos Linux Wiki, Support, Documents"
[5]:https://www.cyberciti.biz/media/new/tips/2011/12/arch-linux-wiki-150x150.png "Arch Linux wiki and tutorials "
[6]:https://wiki.archlinux.org/index.php/Category:Networking_%28English%29
[7]:https://bbs.archlinux.org/
[8]:https://wiki.archlinux.org/
[9]:https://www.cyberciti.biz/media/new/tips/2011/12/gentoo-linux-wiki1-150x150.png (Gentoo Linux Handbook and Wiki)
[9]:https://www.cyberciti.biz/media/new/tips/2011/12/gentoo-linux-wiki1-150x150.png "Gentoo Linux Handbook and Wiki"
[10]:http://www.gentoo.org/doc/en/handbook/
[11]:https://wiki.gentoo.org
[12]:https://forums.gentoo.org/
[13]:http://gentoo-wiki.com
[14]:https://www.cyberciti.biz/media/new/tips/2011/12/ubuntu-linux-wiki.png (Ubuntu Linux Wiki and Forums)
[14]:https://www.cyberciti.biz/media/new/tips/2011/12/ubuntu-linux-wiki.png "Ubuntu Linux Wiki and Forums"
[15]:https://help.ubuntu.com/community
[16]:https://help.ubuntu.com/
[17]:https://ubuntuforums.org/
[18]:https://www.cyberciti.biz/media/new/tips/2011/12/ibm-devel.png (IBM: Technical for Linux programmers and system administrators)
[18]:https://www.cyberciti.biz/media/new/tips/2011/12/ibm-devel.png "IBM: Technical for Linux programmers and system administrators"
[19]:https://www.ibm.com/developerworks/learn/linux/index.html
[20]:https://www.ibm.com/developerworks/community/forums/html/public?lang=en
[21]:https://www.cyberciti.biz/media/new/tips/2011/12/freebsd-docs.png (Freebsd Documentation)
[22]:https://www.cyberciti.biz/media/new/tips/2011/12/bash-hackers-wiki-150x150.png (Bash hackers wiki for bash users)
[21]:https://www.cyberciti.biz/media/new/tips/2011/12/freebsd-docs.png "Freebsd Documentation"
[22]:https://www.cyberciti.biz/media/new/tips/2011/12/bash-hackers-wiki-150x150.png "Bash hackers wiki for bash users"
[23]:http://wiki.bash-hackers.org/doku.php
[24]:https://www.cyberciti.biz/media/new/tips/2011/12/bash-faq-150x150.png (Bash FAQ: Answers to frequently asked questions about GNU/BASH)
[24]:https://www.cyberciti.biz/media/new/tips/2011/12/bash-faq-150x150.png "Bash FAQ: Answers to frequently asked questions about GNU/BASH"
[25]:http://mywiki.wooledge.org/BashPitfalls
[26]:https://mywiki.wooledge.org/BashFAQ
[27]:https://www.cyberciti.biz/media/new/tips/2011/12/howtoforge-150x150.png (Howtoforge tutorials)
[27]:https://www.cyberciti.biz/media/new/tips/2011/12/howtoforge-150x150.png "Howtoforge tutorials"
[28]:https://howtoforge.com/
[29]:https://www.cyberciti.biz/media/new/tips/2011/12/openbsd-faq-150x150.png (OpenBSD Documenation)
[29]:https://www.cyberciti.biz/media/new/tips/2011/12/openbsd-faq-150x150.png "OpenBSD Documenation"
[30]:https://www.openbsd.org/faq/index.html
[31]:https://www.openbsd.org/mail.html
[32]:https://www.cyberciti.biz/media/new/tips/2011/12/calomel_org.png (Open Source Research and Reference Documentation)
[32]:https://www.cyberciti.biz/media/new/tips/2011/12/calomel_org.png "Open Source Research and Reference Documentation"
[33]:https://calomel.org
[34]:https://www.cyberciti.biz/media/new/tips/2011/12/slackware-linux-book-150x150.png (Slackware Linux Book and Documentation )
[34]:https://www.cyberciti.biz/media/new/tips/2011/12/slackware-linux-book-150x150.png "Slackware Linux Book and Documentation "
[35]:http://www.slackbook.org/
[36]:https://www.cyberciti.biz/media/new/tips/2011/12/tldp-150x150.png (Linux Learning Site and Documentation )
[36]:https://www.cyberciti.biz/media/new/tips/2011/12/tldp-150x150.png "Linux Learning Site and Documentation "
[37]:http://tldp.org/LDP/abs/html/index.html
[38]:http://tldp.org/HOWTO/HOWTO-INDEX/howtos.html
[39]:http://tldp.org/
[40]:https://www.cyberciti.biz/media/new/tips/2011/12/linuxhomenetworking-150x150.png (Linux Home Networking )
[40]:https://www.cyberciti.biz/media/new/tips/2011/12/linuxhomenetworking-150x150.png "Linux Home Networking "
[41]:http://www.linuxhomenetworking.com/
[42]:https://www.cyberciti.biz/media/new/tips/2011/12/linux-action-show-150x150.png (Linux Podcast )
[42]:https://www.cyberciti.biz/media/new/tips/2011/12/linux-action-show-150x150.png "Linux Podcast "
[43]:http://www.jupiterbroadcasting.com/show/linuxactionshow/
[44]:https://www.commandlinefu.com/commands/browse/sort-by-votes
[45]:https://www.cyberciti.biz/media/new/tips/2011/12/commandlinefu.png (The best Unix / Linux Commands )
[45]:https://www.cyberciti.biz/media/new/tips/2011/12/commandlinefu.png "The best Unix / Linux Commands "
[46]:https://commandlinefu.com/
[47]:https://www.debian-administration.org/hof
[48]:https://www.cyberciti.biz/media/new/tips/2011/12/debian-admin.png (Debian Linux Adminstration: Tips and Tutorial For Sys Admin)
[48]:https://www.cyberciti.biz/media/new/tips/2011/12/debian-admin.png "Debian Linux Adminstration: Tips and Tutorial For Sys Admin"
[49]:https://www.debian-administration.org/
[50]:https://www.cyberciti.biz/media/new/tips/2011/12/catonmat-150x150.png (Sed, Awk, Perl Tutorials)
[50]:https://www.cyberciti.biz/media/new/tips/2011/12/catonmat-150x150.png "Sed, Awk, Perl Tutorials"
[51]:http://www.catonmat.net/blog/worlds-best-introduction-to-sed/
[52]:https://www.catonmat.net/blog/sed-one-liners-explained-part-one/
[53]:https://www.catonmat.net/blog/the-definitive-guide-to-bash-command-line-history/
[54]:https://www.catonmat.net/blog/awk-one-liners-explained-part-one/
[55]:https://catonmat.net/
[56]:https://www.cyberciti.biz/media/new/tips/2011/12/debian-wiki-150x150.png (Debian Linux Tutorials and Wiki)
[56]:https://www.cyberciti.biz/media/new/tips/2011/12/debian-wiki-150x150.png "Debian Linux Tutorials and Wiki"
[57]:https://www.debian.org/doc/
[58]:https://wiki.debian.org/
[59]:https://www.debian.org/support
[60]:http://swift.siphos.be/linux_sea/
[61]:https://www.cyberciti.biz/media/new/tips/2011/12/orelly-150x150.png (Oreilly Free Linux / Unix / Php / Javascript / Ubuntu Books)
[61]:https://www.cyberciti.biz/media/new/tips/2011/12/orelly-150x150.png "Oreilly Free Linux / Unix / Php / Javascript / Ubuntu Books"
[62]:http://commons.oreilly.com/wiki/index.php/O%27Reilly_Commons
[63]:https://www.cyberciti.biz/media/new/tips/2011/12/ubuntu-guide-150x150.png (Ubuntu Book For New Users)
[63]:https://www.cyberciti.biz/media/new/tips/2011/12/ubuntu-guide-150x150.png "Ubuntu Book For New Users"
[64]:http://ubuntupocketguide.com/
[65]:https://www.cyberciti.biz/media/new/tips/2011/12/rute-150x150.png (GNU/LINUX system administration free book)
[65]:https://www.cyberciti.biz/media/new/tips/2011/12/rute-150x150.png "GNU/LINUX system administration free book"
[66]:https://web.archive.org/web/20160204213406/http://rute.2038bug.com/rute.html.gz
[67]:https://www.cyberciti.biz/media/new/tips/2011/12/advanced-linux-programming-150x150.png (Download Advanced Linux Programming PDF version)
[67]:https://www.cyberciti.biz/media/new/tips/2011/12/advanced-linux-programming-150x150.png "Download Advanced Linux Programming PDF version"
[68]:https://github.com/MentorEmbedded/advancedlinuxprogramming
[69]:https://www.cyberciti.biz/media/new/tips/2011/12/lpic-150x150.png (Download Linux Professional Institute Certification PDF Book)
[69]:https://www.cyberciti.biz/media/new/tips/2011/12/lpic-150x150.png "Download Linux Professional Institute Certification PDF Book"
[70]:http://academy.delmar.edu/Courses/ITSC1358/eBooks/LPI-101.LinuxTrainingCourseNotes.pdf
[71]://www.cyberciti.biz/faq/top5-linux-video-editing-system-software/
[72]:https://www.cyberciti.biz/media/new/tips/2011/12/floss-manuals.png (Download manuals about free and open source software)
[72]:https://www.cyberciti.biz/media/new/tips/2011/12/floss-manuals.png "Download manuals about free and open source software"
[73]:https://flossmanuals.net/
[74]:https://www.cyberciti.biz/media/new/tips/2011/12/linux-starter-150x150.png (New to Linux? Start Linux starter book [ PDF version ])
[74]:https://www.cyberciti.biz/media/new/tips/2011/12/linux-starter-150x150.png "New to Linux? Start Linux starter book [ PDF version ]"
[75]:http://www.tuxradar.com/linuxstarterpack
[76]:https://linux.com
[77]:https://lwn.net/
[78]:http://hints.macworld.com/
[79]:https://developer.apple.com/library/mac/navigation/
[80]:https://developer.apple.com/library/mac/#documentation/OpenSource/Conceptual/ShellScripting/Introduction/Introduction.html
[81]:https://support.apple.com/kb/index?page=search&locale=en_US&q=
[81]:https://support.apple.com/kb/index?page=search&amp;locale=en_US&amp;q=
[82]:https://www.netbsd.org/docs/
[83]:https://www.flickr.com/photos/9479603@N02/3311745151/in/set-72157614479572582/
[84]:https://twitter.com/nixcraft

2
sources/tech/20171003 Trash-Cli - A Command Line Interface For Trashcan On Linux.md
View File

@ -1,3 +1,5 @@
ucasFL translating
Trash-Cli : A Command Line Interface For Trashcan On Linux
======
Everyone knows about `Trashcan` which is common for all users like Linux, or Windows, or Mac. Whenever you delete a file or folder, it will be moved to trash.

2
sources/tech/20171202 Scrot Linux command-line screen grabs made simple.md
View File

@ -1,3 +1,5 @@
ucasFL translating
# Scrot: Linux command-line screen grabs made simple
by [Scott Nesbitt][a] · November 30, 2017

2
sources/tech/20180324 How To Compress And Decompress Files In Linux.md
View File

@ -1,3 +1,5 @@
ucasFL translating
How To Compress And Decompress Files In Linux
======

100
sources/tech/20180830 How To Reset MySQL Or MariaDB Root Password.md
View File

@ -1,100 +0,0 @@
translating---geekpi
How To Reset MySQL Or MariaDB Root Password
======
![](https://www.ostechnix.com/wp-content/uploads/2018/08/Reset-MySQL-Or-MariaDB-Root-Password-720x340.png)
Few months ago, I had [**setup LAMP stack in Ubuntu 18.04**][1] server. Today, I tried to login as root user in my database server, but I completely forgot the password. After couple Google searches and going through some blog posts, I successfully reset the password. For those wondering how to do this, this brief tutorial explains how can we reset MySQL or MariaDB Root password in Unix-like operating systems.
### Reset MySQL or MariaDB Root password
First, stop the database server.
If you use MySQL, type the following command and hit ENTER key.
```
$ sudo systemctl stop mysql
```
For MariaDB:
```
$ sudo systemctl stop mariadb
```
Next, restart the database server without permission checking using the following command:
```
$ sudo mysqld_safe --skip-grant-tables &
```
Here, the **`--skip-grant-tables`**option allows you to connect without a password and with all privileges. If you start your server with this option, it also enables `--skip-networking`option which is used to prevent the other clients from connecting to the database server. And, the ampersand **( &)** symbol is used to run the command in background, so you could type the other commands in the following steps. Please be mindful that the above command is dangerous and your database server becomes insecure. You should run this command only for a brief period to reset the password.
Next, login to your MySQL/MariaDB server as root user:
```
$ mysql
```
At the **mysql >** or **MariaDB [(none)] >** prompt, run the following command to reset the root user password:
```
UPDATE mysql.user SET Password=PASSWORD('NEW-PASSWORD') WHERE User='root';
```
Replace **NEW-PASSWORD** in the above command with your own password.
Then, type following commands to exit from the mysql console.
```
FLUSH PRIVILEGES;
exit
```
Finally, shutdown the running database server that you started earlier with `--skip-grant-tables`option. To do so, run:
```
$ sudo mysqladmin -u root -p shutdown
```
You will be asked to enter your mysql/mariadb root user password that you set in the previous step.
Now, start mysql/mariadb service normally using command:
```
$ sudo systemctl start mysql
```
For MariaDB:
```
$ sudo systemctl start mariadb
```
Verify if the password has really been changed using the following command:
```
$ mysql -u root -p
```
And, thats all for today. More good stuffs to come. Stay tuned!
Cheers!
--------------------------------------------------------------------------------
via: https://www.ostechnix.com/how-to-reset-mysql-or-mariadb-root-password/
作者:[SK][a]
选题:[lujun9972](https://github.com/lujun9972)
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.ostechnix.com/author/sk/
[1]: https://www.ostechnix.com/install-apache-mariadb-php-lamp-stack-ubuntu-16-04/

2
sources/tech/20180905 8 great Python libraries for side projects.md
View File

@ -1,3 +1,5 @@
ucasFL translating
8 great Python libraries for side projects
======

2
sources/tech/20180905 Find your systems easily on a LAN with mDNS.md
View File

@ -1,3 +1,5 @@
translating---geekpi
Find your systems easily on a LAN with mDNS
======

246
sources/tech/20180906 3 top open source JavaScript chart libraries.md Normal file
View File

@ -0,0 +1,246 @@
3 top open source JavaScript chart libraries
======
![](https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/books_library_reading_list_colorful.jpg?itok=jJtnyniB)
Charts and graphs are important for visualizing data and making websites appealing. Visual presentations make it easier to analyze big chunks of data and convey information. JavaScript chart libraries enable you to visualize data in a stunning, easy to comprehend, and interactive manner and improve your website's design.
In this article, learn about three top open source JavaScript chart libraries.
### 1\. Chart.js
[Chart.js][1] is an open source JavaScript library that allows you to create animated, beautiful, and interactive charts on your application. It's available under the MIT License.
With Chart.js, you can create various impressive charts and graphs, including bar charts, line charts, area charts, linear scale, and scatter charts. It is completely responsive across various devices and utilizes the HTML5 Canvas element for rendering.
Here is example code that draws a bar chart using the library. We'll include it in this example using the Chart.js content delivery network (CDN). Note that the data used is for illustration purposes only.
```
<!DOCTYPE html>
<html>
<head>
  <script src="https://cdnjs.cloudflare.com/ajax/libs/Chart.js/2.5.0/Chart.min.js"></script>
</head>
<body>
   
    <canvas id="bar-chart" width=300" height="150"></canvas>
   
    <script>
     
new Chart(document.getElementById("bar-chart"), {
    type: 'bar',
    data: {
      labels: ["North America", "Latin America", "Europe", "Asia", "Africa"],
      datasets: [
        {
          label: "Number of developers (millions)",
          backgroundColor: ["red", "blue","yellow","green","pink"],
          data: [7,4,6,9,3]
        }
      ]
    },
    options: {
      legend: { display: false },
      title: {
        display: true,
        text: 'Number of Developers in Every Continent'
      },
      scales: {
            yAxes: [{
                ticks: {
                    beginAtZero:true
                }
            }]
        }
    }
});
    </script>
   
   
</body>
</html>
```
As you can see from this code, bar charts are constructed by setting **type** to **bar**. You can change the direction of the bar to other types—such as setting **type** to **horizontalBar**.
The bars' colors are set by providing the type of color in the **backgroundColor** array parameter.
The colors are allocated to the label and data that share the same index in their corresponding array. For example, "Latin America," the second label, will be set to "blue" (the second color) and 4 (the second number in the data).
Here is the output of this code.
![](https://opensource.com/sites/default/files/uploads/chartjs-output.png)
### 2\. Chartist.js
[Chartist.js][2] is a simple JavaScript animation library that allows you to create customizable and beautiful responsive charts and other designs. The open source library is available under the WTFPL or MIT License.
The library was developed by a group of developers who were dissatisfied with existing charting tools, so it offers wonderful functionalities to designers and developers.
After including the Chartist.js library and its CSS files in your project, you can use them to create various types of charts, including animations, bar charts, and line charts. It utilizes SVG to render the charts dynamically.
Here is an example of code that draws a pie chart using the library.
```
<!DOCTYPE html>
<html>
<head>
   
    <link href="https//cdn.jsdelivr.net/chartist.js/latest/chartist.min.css" rel="stylesheet" type="text/css" />
   
    <style>
        .ct-series-a .ct-slice-pie {
            fill: hsl(100, 20%, 50%); /* filling pie slices */
            stroke: white; /*giving pie slices outline */          
            stroke-width: 5px;  /* outline width */
          }
          .ct-series-b .ct-slice-pie {
            fill: hsl(10, 40%, 60%);
            stroke: white;
            stroke-width: 5px;
          }
          .ct-series-c .ct-slice-pie {
            fill: hsl(120, 30%, 80%);
            stroke: white;
            stroke-width: 5px;
          }
          .ct-series-d .ct-slice-pie {
            fill: hsl(90, 70%, 30%);
            stroke: white;
            stroke-width: 5px;
          }
          .ct-series-e .ct-slice-pie {
            fill: hsl(60, 140%, 20%);
            stroke: white;
            stroke-width: 5px;
          }
    </style>
     </head>
<body>
    <div class="ct-chart ct-golden-section"></div>
    <script src="https://cdn.jsdelivr.net/chartist.js/latest/chartist.min.js"></script>
    <script>
       
      var data = {
            series: [45, 35, 20]
            };
      var sum = function(a, b) { return a + b };
      new Chartist.Pie('.ct-chart', data, {
        labelInterpolationFnc: function(value) {
          return Math.round(value / data.series.reduce(sum) * 100) + '%';
            }
              });
     </script>
</body>
</html>
```
Instead of specifying various style-related components of your project, the Chartist JavaScript library allows you to use various pre-built CSS styles. You can use them to control the appearance of the created charts.
For example, the pre-created CSS classis used to build the container for the pie chart. And, theclass is used to get the aspect ratios, which scale with responsive designs and saves you the hassle of calculating fixed dimensions. Chartist also provides other classes of container ratios you can utilize in your project.
For styling the various pie slices, you can use the default . **ct-series-a** class. The letter **a** is iterated with every series count (a, b, c, etc.) such that it corresponds with the slice to be styled.
The **Chartist.Pie** method is used for creating a pie chart. To create another type of chart, such as a line chart, use **Chartist.Line.**
Here is the output of the code.
![](https://opensource.com/sites/default/files/uploads/chartistjs-output.png)
### 3\. D3.js
[D3.js][3] is another great open source JavaScript chart library. It's available under the BSD license. D3 is mainly used for manipulating and adding interactivity to documents based on the provided data.
You can use this amazing 3D animation library to visualize your data using HTML5, SVG, and CSS and make your website appealing. Essentially, D3 enables you to bind data to the Document Object Model (DOM) and then use data-based functions to make changes to the document.
Here is example code that draws a simple bar chart using the library.
```
<!DOCTYPE html>
<html>
<head>
     
    <style>
    .chart div {
      font: 15px sans-serif;
      background-color: lightblue;
      text-align: right;
      padding:5px;
      margin:5px;
      color: white;
      font-weight: bold;
    }
       
    </style>
     </head>
<body>
    <div class="chart"></div>
   
    <script src="https://cdnjs.cloudflare.com/ajax/libs/d3/5.5.0/d3.min.js"></script>
    <script>
      var data = [342,222,169,259,173];
      d3.select(".chart")
        .selectAll("div")
        .data(data)
          .enter()
          .append("div")
          .style("width", function(d){ return d + "px"; })
          .text(function(d) { return d; });
       
 
    </script>
</body>
</html>
```
The main concept in using the D3 library is to first apply CSS-style selections to point to the DOM nodes and then apply operators to manipulate them—just like in other DOM frameworks like jQuery.
After the data is bound to a document, the . **enter()** function is invoked to build new nodes for incoming data. All the methods invoked after the . **enter()** function will be called for every item in the data.
Here is the output of the code.
![](https://opensource.com/sites/default/files/uploads/d3js-output.png)
### Wrapping up
[JavaScript][4] charting libraries provide you with powerful tools for implementing data visualization on your web properties. With these three open source libraries, you can enhance the beauty and interactivity of your websites.
Do you know of another powerful frontend library for creating JavaScript animation effects? Please let us know in the comment section below.
--------------------------------------------------------------------------------
via: https://opensource.com/article/18/9/open-source-javascript-chart-libraries
作者:[Dr.Michael J.Garbade][a]
选题:[lujun9972](https://github.com/lujun9972)
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/drmjg
[1]: https://www.chartjs.org/
[2]: https://gionkunz.github.io/chartist-js/
[3]: https://d3js.org/
[4]: https://www.liveedu.tv/guides/programming/javascript/

56
sources/tech/20180906 Two open source alternatives to Flash Player.md Normal file
View File

@ -0,0 +1,56 @@
Two open source alternatives to Flash Player
======
![](https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/bulb-light-energy-power-idea.png?itok=zTEEmTZB)
In July 2017, Adobe sounded the [death knell][1] for its Flash Media Player, announcing it would end support for the once-ubiquitous online video player in 2020. In truth, however, Flash has been on the decline for the past eight years following a rash of zero-day attacks that damaged its reputation. Its future dimmed after Apple announced in 2010 it would not support the technology, and its demise accelerated in 2016 after Google stopped enabling Flash by default (in favor of HTML5) in the Chrome browser.
Even so, Adobe is still issuing monthly updates for the software, which has slipped from being used on 28.5% of all websites in 2011 to [only 4.4.%][2] as of August 2018. More evidence of Flashs decline: Google director of engineering [Parisa Tabriz said][3] the number of Chrome users who access Flash content via the browser has declined from 80% in 2014 to under eight percent in 2018.
Although few* video creators are publishing in Flash format today, there are still a lot of Flash videos out there that people will want to access for years to come. Given that the official applications days are numbered, open source software creators have a great opportunity to step in with alternatives to Adobe Flash Media Player. Two of those applications are Lightspark and GNU Gnash. Neither are perfect substitutions, but help from willing contributors could make them viable alternatives.
### Lightspark
[Lightspark][4] is a Flash Player alternative for Linux machines. While its still in alpha, development has accelerated since Adobe announced it would sunset Flash in 2017. According to its website, Lightspark implements about 60% of the Flash APIs and [works][5] on many leading websites including BBC News, Google Play Music, and Amazon Music.
Lightspark is written in C++/C and licensed under [LGPLv3][6]. The project lists 41 contributors and is actively soliciting bug reports and other contributions. For more information, check out its [GitHub repository][5].
### GNU Gnash
[GNU Gnash][7] is a Flash Player for GNU/Linux operating systems including Ubuntu, Fedora, and Debian. It works as standalone software and as a plugin for the Firefox and Konqueror browsers.
Gnashs main drawback is that it doesnt support the latest versions of Flash files—it supports most Flash SWF v7 features, some v8 and v9 features, and offers no support for v10 files. Its in beta release, and since its licensed under the [GNU GPLv3 or later][8], you can help contribute to modernizing it. Access its [project page][9] for more information.
### Want to create Flash?
*Just because most people aren't publishing Flash videos these days, that doesn't mean there will never, ever be a need to create SWF files. If you find yourself in that position, these two open source tools might help:
* [Motion-Twin ActionScript 2 Compiler][10] (MTASC): A command-line compiler that can generate SWF files without Adobe Animate (the current iteration of Adobe's video-creator software).
* [Ming][11]: A library written in C that can generate SWF files. It also contains some [utilities][12] you can use to work with Flash files.
--------------------------------------------------------------------------------
via: https://opensource.com/alternatives/flash-media-player
作者:[Opensource.com][a]
选题:[lujun9972](https://github.com/lujun9972)
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com
[1]: https://theblog.adobe.com/adobe-flash-update/
[2]: https://w3techs.com/technologies/details/cp-flash/all/all
[3]: https://www.bleepingcomputer.com/news/security/google-chrome-flash-usage-declines-from-80-percent-in-2014-to-under-8-percent-today/
[4]: http://lightspark.github.io/
[5]: https://github.com/lightspark/lightspark/wiki/Site-Support
[6]: https://github.com/lightspark/lightspark/blob/master/COPYING
[7]: https://www.gnu.org/software/gnash/
[8]: http://www.gnu.org/licenses/gpl-3.0.html
[9]: http://savannah.gnu.org/projects/gnash/
[10]: http://tech.motion-twin.com/mtasc.html
[11]: http://www.libming.org/
[12]: http://www.libming.org/WhatsIncluded

238
sources/tech/20180906 What a shell dotfile can do for you.md Normal file
View File

@ -0,0 +1,238 @@
What a shell dotfile can do for you
======
![](https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/coffee_cafe_brew_laptop_desktop.jpg?itok=G-n1o1-o)
Ask not what you can do for your shell dotfile, but what a shell dotfile can do for you!
I've been all over the OS map, but for the past several years my daily drivers have been Macs. For a long time, I used Bash, but when a few friends started proselytizing [zsh][1], I gave it a shot. It didn't take long for me to appreciate it, and several years later, I strongly prefer it for many of the little things that it does.
I've been using zsh (provided via [Homebrew][2], not the system installed), and the [Oh My Zsh enhancement][3].
The examples in this article are for my personal `.zshrc`. Most will work directly in Bash, and I don't believe that any rely on Oh My Zsh, but your mileage may vary. There was a period when I was maintaining a shell dotfile for both zsh and Bash, but I did eventually give up on my `.bashrc`.
### We're all mad here
If you want the possibility of using the same dotfile across OS's, you'll want to give your dotfile a little smarts.
```
### Mac Specifics
if [[ "$OSTYPE" == "darwin"* ]]; then
        # Mac-specific stuff here.
fi
```
For instance, I expect the Alt + arrow keys to move the cursor by the word rather than by a single space. To make this happen in [iTerm2][4] (my preferred shell), I add this snippet to the Mac-specific portion of my .zshrc:
```
### Mac Specifics
if [[ "$OSTYPE" == "darwin"* ]]; then
        ### Mac cursor commands for iTerm2; map ctrl+arrows or alt+arrows to fast-move
        bindkey -e
        bindkey '^[[1;9C' forward-word
        bindkey '^[[1;9D' backward-word
        bindkey '\e\e[D' backward-word
        bindkey '\e\e[C' forward-word
fi
```
### What about Bob?
While I came to love my shell dotfile, I didn't always want the same things available on my home machines as on my work machines. One way to solve this is to have supplementary dotfiles to use at home but not at work. Here's how I accomplished this:
```
if [[ `egrep 'dnssuffix1|dnssuffix2' /etc/resolv.conf` ]]; then
        if [ -e $HOME/.work ]
                source $HOME/.work
        else
                echo "This looks like a work machine, but I can't find the ~/.work file"
        fi
fi
```
In this case, I key off of my work dns suffix (or multiple suffixes, depending on your situation) and source a separate file that makes my life at work a little better.
### That thing you do
Now is probably a good time to quit using the tilde (`~`) to represent your home directory when writing scripts. You'll find that there are some contexts where it's not recognized. Getting in the habit of using the environment variable `$HOME` will save you a lot of troubleshooting time and headaches later on.
The logical extension would be to have OS-specific dotfiles to include if you are so inclined.
### Memory, all alone in the moonlight
I've written embarrassing amounts of shell, and I've come to the conclusion that I really don't want to write more. It's not that shell can't do what I need most of the time, but I find that if I'm writing shell, I'm probably slapping together a duct-tape solution rather than permanently solving the problem.
Likewise, I hate memorizing things, and throughout my career, I have had to do radical context shifting during the course of a day. The practical consequence is that I've had to re-learn many things several times over the years. ("Wait... which for-loop structure does this language use?")
So, every so often I decide that I'm tired of looking up how to do something again. One way that I improve my life is by adding aliases.
A common scenario for anyone who works with systems is finding out what's taking up all of the disk. Unfortunately, I have never been able to remember this incantation, so I made a shell alias, creatively called `bigdirs`:
```
alias bigdirs='du --max-depth=1 2> /dev/null | sort -n -r | head -n20'
```
While I could be less lazy and actually memorize it, well, that's just not the Unix way...
### Typos, and the people who love them
Another way that using shell aliases improves my life is by saving me from typos. I don't know why, but I've developed this nasty habit of typing a `w` after the sequence `ea`, so if I want to clear my terminal, I'll often type `cleawr`. Unfortunately, that doesn't mean anything to my shell. Until I add this little piece of gold:
```
alias cleawr='clear'
```
In one instance of Windows having an equivalent, but better, command, I find myself typing `cls`. It's frustrating to see your shell throw up its hands, so I add:
```
alias cls='clear'
```
Yes, I'm aware of `ctrl + l`, but I never use it.
### Amuse yourself
Work can be stressful. Sometimes you just need to have a little fun. If your shell doesn't know the command that it clearly should just do, maybe you want to shrug your shoulders right back at it! You can do this with a function:
```
shrug() { echo "¯\_(ツ)_/¯"; }
```
If that doesn't work, maybe you need to flip a table:
```
fliptable() { echo "(╯°□°)╯ ┻━┻"; } # Flip a table. Example usage: fsck -y /dev/sdb1 || fliptable
```
Imagine my chagrin and frustration when I needed to flip a desk and I couldn't remember what I had called it. So I added some more shell aliases:
```
alias flipdesk='fliptable'
alias deskflip='fliptable'
alias tableflip='fliptable'
```
And sometimes you need to celebrate:
```
disco() {
        echo "(•_•)"
        echo "<)   )╯"
        echo " /    \ "
        echo ""
        echo "\(•_•)"
        echo " (   (>"
        echo " /    \ "
        echo ""
        echo " (•_•)"
        echo "<)   )>"
        echo " /    \ "
}
```
Typically, I'll pipe the output of these commands to `pbcopy `and paste it into the relevant chat tool I'm using.
I got this fun function from a Twitter account that I follow called "Command Line Magic:" [@climagic][5]. Since I live in Florida now, I'm very happy that this is the only snow in my life:
```
snow() {
        clear;while :;do echo $LINES $COLUMNS $(($RANDOM%$COLUMNS));sleep 0.1;done|gawk '{a[$3]=0;for(x in a) {o=a[x];a[x]=a[x]+1;printf "\033[%s;%sH ",o,x;printf "\033[%s;%sH*\033[0;0H",a[x],x;}}'
}
```
### Fun with functions
We've seen some examples of functions that I use. Since few of these examples require an argument, they could be done as aliases. I use functions out of personal preference when it's more than a single short statement.
At various times in my career, I've run [Graphite][6], an open-source, scalable, time-series metrics solution. There have been enough instances where I needed to transpose a metric path (delineated with periods) to a filesystem path (delineated with slashes), or vice versa, that it became useful to have dedicated functions for these tasks:
```
# Useful for converting between Graphite metrics and file paths
function dottoslash() {
        echo $1 | sed 's/\./\//g'
}
function slashtodot() {
        echo $1 | sed 's/\//\./g'
}
```
During another time in my career, I was running a lot of Kubernetes. If you aren't familiar with running Kubernetes, you need to write a lot of YAML. Unfortunately, it's not hard to write invalid YAML. Worse, Kubernetes doesn't validate YAML before trying to apply it, so you won't find out it's invalid until you apply it. Unless you validate it first:
```
function yamllint() {
        for i in $(find . -name '*.yml' -o -name '*.yaml'); do echo $i; ruby -e "require 'yaml';YAML.load_file(\"$i\")"; done
}
```
Because I got tired of embarrassing myself and occasionally breaking a customer's setup, I wrote this little snippet and added it as a pre-commit hook to all of my relevant repos. Something similar would be very helpful as part of your continuous integration process, especially if you're working as part of a team.
### Oh, fingers, where art thou?
I was once an excellent touch-typist. Those days are long gone. I typo more than I would have believed possible.
At different times, I have used a fair amount of either Chef or Kubernetes. Fortunately for me, I never used both at the same time.
Part of the Chef ecosystem is Test Kitchen, a suite of tools that facilitate testing, which is invoked with the commands `kitchen test`. Kubernetes is managed with a CLI tool `kubectl`. Both commands require several subcommands, and neither rolls off the fingers particularly fluidly.
Rather than create a bunch of "typo aliases," I aliased those commands to `k`:
```
alias k='kitchen test $@'
```
or
```
alias k='kubectl $@'
```
### Timesplitters
The last half of my career has involved writing more code with other people. I've worked in many environments where we have forked copies of repos on our account and use pull requests as part of the review process. When I want to make sure that my fork of a given repo is up to date with the parent, I use `fetchupstream`:
```
alias fetchupstream='git fetch upstream && git checkout master && git merge upstream/master && git push'
```
### Mine eyes have seen the glory of the coming of color
I like color. It can make things like diffs easier to use.
```
alias diff='colordiff'
```
I thought that colorized man pages was a neat trick, so I incorporated this function:
```
# Colorized man pages, from:
# http://boredzo.org/blog/archives/2016-08-15/colorized-man-pages-understood-and-customized
man() {
        env \
                LESS_TERMCAP_md=$(printf "\e[1;36m") \
                LESS_TERMCAP_me=$(printf "\e[0m") \
                LESS_TERMCAP_se=$(printf "\e[0m") \
                LESS_TERMCAP_so=$(printf "\e[1;44;33m") \
                LESS_TERMCAP_ue=$(printf "\e[0m") \
                LESS_TERMCAP_us=$(printf "\e[1;32m") \
                man "$@"
}
```
I love the command `which`. It simply tells you where in the filesystem the command you're running comes from—unless it's a shell function. After multiple cascading dotfiles, sometimes it's not clear where a function is defined or what it does. It turns out that the `whence` and `type` commands can help with that.
```
# Where is a function defined?
whichfunc() {
        whence -v $1
        type -a $1
}
```
### Conclusion
I hope this article helps and inspires you to find ways to improve your daily shell-using experience. They don't need to be huge, novel, or complex. They might solve a minor but frequent bit of friction, create a shortcut, or even offer a solution to reducing common typos.
You're welcome to look through my [dotfiles repo][7], but I warn you that it could use a lot of cleaning up. Feel free to use anything that you find helpful, and please be excellent to one another.
--------------------------------------------------------------------------------
via: https://opensource.com/article/18/9/shell-dotfile
作者:[H.Waldo Grunenwald][a]
选题:[lujun9972](https://github.com/lujun9972)
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/gwaldo
[1]: http://www.zsh.org/
[2]: https://brew.sh/
[3]: https://github.com/robbyrussell/oh-my-zsh
[4]: https://www.iterm2.com/
[5]: https://twitter.com/climagic
[6]: https://github.com/graphite-project/
[7]: https://github.com/gwaldo/dotfiles

148
sources/tech/20170829 How To Set Up PF Firewall on FreeBSD to Protect a Web Server.md → translated/tech/20170829 How To Set Up PF Firewall on FreeBSD to Protect a Web Server.md
View File

@ -1,85 +1,84 @@
How To Set Up PF Firewall on FreeBSD to Protect a Web Server
如何在 FreeBSD 上设置 PF 防火墙来保护 Web 服务器
======
I am a new FreeBSD server user and moved from netfilter on Linux. How do I setup a firewall with PF on FreeBSD server to protect a web server with single public IP address and interface?
[![How To Set Up a Firewall with PF on FreeBSD to Protect a Web Server][1]][1]
我是从 Linux 迁移过来的 FreeBSD 新用户Linux 中使用的是 netfilter 防火墙框架LCTT 译注netfilter 是由 Rusty Russell 提出的 Linux 2.4 内核防火墙框架)。那么在 FreeBSD 上,我该如何设置 PF 防火墙,从而来保护只有一个公共 IP 地址和端口的 web 服务器呢?
PF is an acronym for packet filter. It was created for OpenBSD but has been ported to FreeBSD and other operating systems. It is a stateful packet filtering engine. This tutorial will show you how to set up a firewall with PF on FreeBSD 10.x and 11.x server to protect your web server.
PF <ruby>包过滤器<rt>packet filter</rt></ruby>的简称。它是为 OpenBSD开发的但是已经被移植到了 FreeBSD 以及其它操作系统上。PF 是一个状态包过滤引擎。在这篇教程中,我将向你展示如何在 FreeBSD 10.x 以及 11.x 中设置 PF 防火墙,从而来保护 web 服务器。
### 第一步:开启 PF 防火墙
## Step 1 - Turn on PF firewall
你需要把下面这几行内容添加到文件 “/etc/rc.conf” 文件中:
You need to add the following three lines to /etc/rc.conf file:
```
# echo 'pf_enable="YES"' >> /etc/rc.conf
# echo 'pf_rules="/usr/local/etc/pf.conf"' >> /etc/rc.conf
# echo 'pflog_enable="YES"' >> /etc/rc.conf
# echo 'pflog_logfile="/var/log/pflog"' >> /etc/rc.conf
```
Where,
在这里:
1. **pf_enable="YES"** - Turn on PF service.
2. **pf_rules="/usr/local/etc/pf.conf"** - Read PF rules from this file.
3. **pflog_enable="YES"** - Turn on logging support for PF.
4. **pflog_logfile="/var/log/pflog"** - File where pflogd should store the logfile i.e. store logs in /var/log/pflog file.
1. **pf_enable="YES"** - 开启 PF 服务
2. **pf_rules="/usr/local/etc/pf.conf"** - 从文件 “/usr/local/etc/pf.conf” 中读取 PF 规则
3. **pflog_enable="YES"** - 为 PF 服务打开日志支持
4. **pflog_logfile="/var/log/pflog"** - 存储日志的文件,即日志存于文件 “/var/log/pflog” 中
### 第二步:在 “/usr/local/etc/pf.conf” 文件中创建防火墙规则
输入下面这个命令打开文件(超级用户模式下):
[![How To Set Up a Firewall with PF on FreeBSD to Protect a Web Server][1]][1]
## Step 2 - Creating firewall rules in /usr/local/etc/pf.conf
Type the following command:
```
# vi /usr/local/etc/pf.conf
```
Append the following PF rulesets :
在文件中添加下面这些 PF 规则集:
```
# vim: set ft=pf
# /usr/local/etc/pf.conf
## Set your public interface ##
## 设置公共端口 ##
ext_if="vtnet0"
## Set your server public IP address ##
## 设置服务器公共 IP 地址 ##
ext_if_ip="172.xxx.yyy.zzz"
## Set and drop these IP ranges on public interface ##
## 设置并删除下面这些公共端口上的 IP 范围 ##
martians = "{ 127.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, \
10.0.0.0/8, 169.254.0.0/16, 192.0.2.0/24, \
0.0.0.0/8, 240.0.0.0/4 }"
## Set http(80)/https (443) port here ##
## 设置 http(80)/https (443) 端口 ##
webports = "{http, https}"
## enable these services ##
## 启用下面这些服务 ##
int_tcp_services = "{domain, ntp, smtp, www, https, ftp, ssh}"
int_udp_services = "{domain, ntp}"
## Skip loop back interface - Skip all PF processing on interface ##
## 跳过回环端口 - 跳过端口上的所有 PF 处理 ##
set skip on lo
## Sets the interface for which PF should gather statistics such as bytes in/out and packets passed/blocked ##
## 设置 PF 应该统计的端口信息,如发送/接收字节数,通过/禁止的包的数目 ##
set loginterface $ext_if
## Set default policy ##
## 设置默认策略 ##
block return in log all
block out all
# Deal with attacks based on incorrect handling of packet fragments
# 基于 IP 分片的错误处理来防御攻击
scrub in all
# Drop all Non-Routable Addresses
# 删除所有不可达路由地址
block drop in quick on $ext_if from $martians to any
block drop out quick on $ext_if from any to $martians
## Blocking spoofed packets
## 禁止欺骗包
antispoof quick for $ext_if
# Open SSH port which is listening on port 22 from VPN 139.xx.yy.zz Ip only
# I do not allow or accept ssh traffic from ALL for security reasons
# 打开 SSH 端口SSH 服务仅从 VPN IP 139.xx.yy.zz 监听 22 号端口
# 出于安全原因,我不允许/接收 SSH 流量
pass in quick on $ext_if inet proto tcp from 139.xxx.yyy.zzz to $ext_if_ip port = ssh flags S/SA keep state label "USER_RULE: Allow SSH from 139.xxx.yyy.zzz"
## Use the following rule to enable ssh for ALL users from any IP address #
## 使用下面这些规则来为所有来自任何 IP 地址的用户开启 SSH 服务 #
## pass in inet proto tcp to $ext_if port ssh
### [ OR ] ###
## pass in inet proto tcp to $ext_if port 22
@ -90,44 +89,46 @@ pass inet proto icmp icmp-type echoreq
# All access to our Nginx/Apache/Lighttpd Webserver ports
pass proto tcp from any to $ext_if port $webports
# Allow essential outgoing traffic
# 允许重要的发送流量
pass out quick on $ext_if proto tcp to any port $int_tcp_services
pass out quick on $ext_if proto udp to any port $int_udp_services
# Add custom rules below
# 在下面添加自定义规则
```
Save and close the file. PR [welcome here to improve rulesets][2]. To check for syntax error, run:
保存并关闭文件。欢迎来参考我的[规则集][2]。如果要检查语法错误,可以运行:
`# service pf check`
OR
`/etc/rc.d/pf check`
OR
`# pfctl -n -f /usr/local/etc/pf.conf `
## Step 3 - Start PF firewall
### 第三步:开始运行 PF 防火墙
The commands are as follows. Be careful you might be disconnected from your server over ssh based session:
命令如下。请小心,如果是基于 SSH 的会话,你可能会和服务器断开连接。
### Start PF
*开启 PF 防火墙:*
`# service pf start`
### Stop PF
*停用 PF 防火墙:*
`# service pf stop`
### Check PF for syntax error
*检查语法错误:*
`# service pf check`
### Restart PF
*重启服务:*
`# service pf restart`
### See PF status
*查看 PF 状态:*
`# service pf status`
Sample outputs:
示例输出:
```
Status: Enabled for 0 days 00:02:18 Debug: Urgent
@ -165,24 +166,24 @@ Counters
map-failed 0 0.0/s
```
#### 开启/关闭/重启 pflog 服务的命令
### Command to start/stop/restart pflog service
Type the following commands:
输入下面这些命令
```
# service pflog start
# service pflog stop
# service pflog restart
```
## Step 4 - A quick introduction to pfctl command
### 第四步:`pfctl` 命令的简单介绍
You need to use the pfctl command to see PF ruleset and parameter configuration including status information from the packet filter. Let us see all common commands:
你需要使用 `pfctl` 命令来查看 PF 规则集和参数配置,包括来自<ruby>包过滤器<rt>packet filter</rt></ruby>的状态信息。让我们来看一下所有常见命令:
### Show PF rules information
#### 显示 PF 规则信息
`# pfctl -s rules`
Sample outputs:
示例输出:
```
block return in log all
block drop out all
@ -201,15 +202,15 @@ pass out quick on vtnet0 proto udp from any to any port = domain keep state
pass out quick on vtnet0 proto udp from any to any port = ntp keep state
```
#### Show verbose output for each rule
#### 显示每条规则的详细内容
`# pfctl -v -s rules`
#### Add rule numbers with verbose output for each rule
在每条规则的详细输出中添加规则编号:
`# pfctl -vvsr show`
#### Show state
#### 显示状态信息
```
# pfctl -s state
@ -217,18 +218,19 @@ pass out quick on vtnet0 proto udp from any to any port = ntp keep state
# pfctl -s state | grep 'something'
```
### How to disable PF from the CLI
#### 如何在命令行中禁止 PF 服务
`# pfctl -d `
### How to enable PF from the CLI
#### 如何在命令行中启用 PF 服务
`# pfctl -e `
### How to flush ALL PF rules/nat/tables from the CLI
#### 如何在命令行中刷新 PF 规则/NAT/路由表
`# pfctl -F all`
Sample outputs:
示例输出:
```
rules cleared
nat cleared
@ -239,27 +241,29 @@ pf: statistics cleared
pf: interface flags reset
```
#### How to flush only the PF RULES from the CLI
#### 如何在命令行中仅刷新 PF 规则
`# pfctl -F rules `
#### How to flush only queue's from the CLI
#### 如何在命令行中仅刷新队列
`# pfctl -F queue `
#### How to flush all stats that are not part of any rule from the CLI
#### 如何在命令行中刷新统计信息(它不是任何规则的一部分)
`# pfctl -F info`
#### How to clear all counters from the CLI
#### 如何在命令行中清除所有计数器
`# pfctl -z clear `
## Step 5 - See PF log
### 第五步:查看 PF 日志
PF 日志是二进制格式的。使用下面这一命令来查看:
PF logs are in binary format. To see them type:
`# tcpdump -n -e -ttt -r /var/log/pflog`
Sample outputs:
示例输出:
```
Aug 29 15:41:11.757829 rule 0/(match) block in on vio0: 86.47.225.151.55806 > 45.FOO.BAR.IP.23: S 757158343:757158343(0) win 52206 [tos 0x28]
Aug 29 15:41:44.193309 rule 0/(match) block in on vio0: 5.196.83.88.25461 > 45.FOO.BAR.IP.26941: S 2224505792:2224505792(0) ack 4252565505 win 17520 (DF) [tos 0x24]
@ -295,30 +299,32 @@ Aug 29 15:55:07.001743 rule 0/(match) block in on vio0: 190.83.174.214.58863 > 4
Aug 29 15:55:51.269549 rule 0/(match) block in on vio0: 142.217.201.69.26112 > 45.FOO.BAR.IP.22: S 757158343:757158343(0) win 22840 <mss 1460>
Aug 29 15:58:41.346028 rule 0/(match) block in on vio0: 169.1.29.111.29765 > 45.FOO.BAR.IP.23: S 757158343:757158343(0) win 28509
Aug 29 15:59:11.575927 rule 0/(match) block in on vio0: 187.160.235.162.32427 > 45.FOO.BAR.IP.5358: S 22445:22445(0) win 14600 [tos 0x28]
Aug 29 15:59:37.826598 rule 0/(match) block in on vio0: 94.74.81.97.54656 > 45.FOO.BAR.IP.3128: S 2720157526:2720157526(0) win 1024 [tos 0x28]
Aug 29 15:59:37.826598 rule 0/(match) block in on vio0: 94.74.81.97.54656 > 45.FOO.BAR.IP.3128: S 2720157526:2720157526(0) win 1024 [tos 0x28]stateful
Aug 29 15:59:37.991171 rule 0/(match) block in on vio0: 94.74.81.97.54656 > 45.FOO.BAR.IP.3128: R 2720157527:2720157527(0) win 1200 [tos 0x28]
Aug 29 16:01:36.990050 rule 0/(match) block in on vio0: 182.18.8.28.23299 > 45.FOO.BAR.IP.445: S 1510146048:1510146048(0) win 16384
```
To see live log run:
如果要查看实时日志,可以运行:
`# tcpdump -n -e -ttt -i pflog0`
For more info the [PF FAQ][3], [FreeBSD HANDBOOK][4] and the following man pages:
如果你想了解更多信息,可以访问 [PF FAQ][3] 和 [FreeBSD HANDBOOK][4] 以及下面这些 man 页面:
```
# man tcpdump
# man pfctl
# man pf
```
## about the author:
### 关于作者
The author is the creator of nixCraft and a seasoned sysadmin and a trainer for the Linux operating system/Unix shell scripting. He has worked with global clients and in various industries, including IT, education, defense and space research, and the nonprofit sector. Follow him on [Twitter][5], [Facebook][6], [Google+][7].
我是 nixCraft 的创立者,一个经验丰富的系统管理员,同时也是一位 Linux 操作系统/Unix shell 脚本培训师。我在不同的行业与全球客户工作过,包括 IT、教育、国防和空间研究、以及非营利组织。你可以在 [Twitter][5]、[Facebook][6] 或 [Google+][7] 上面关注我。
--------------------------------------------------------------------------------
via: https://www.cyberciti.biz/faq/how-to-set-up-a-firewall-with-pf-on-freebsd-to-protect-a-web-server/
作者:[Vivek Gite][a]
译者:[译者ID](https://github.com/译者ID)
译者:[ucasFL](https://github.com/ucasFL)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
@ -330,4 +336,4 @@ via: https://www.cyberciti.biz/faq/how-to-set-up-a-firewall-with-pf-on-freebsd-t
[4]:https://www.freebsd.org/doc/handbook/firewalls.html
[5]:https://twitter.com/nixcraft
[6]:https://facebook.com/nixcraft
[7]:https://plus.google.com/+CybercitiBiz
[7]:https://plus.google.com/+CybercitiBiz

58
translated/tech/20180226 Linux Virtual Machines vs Linux Live Images.md
View File

@ -1,58 +0,0 @@
Linxu 虚拟机 vs Linux 实体机
======
首先我得承认,我非常倾向于频繁尝试新的[ linux 发行版本 ][1],我的目标是为了解决每一个 Linux 发行版的依赖,所以我用一些方法来测试它们。在一些文章中,我们将会看到两种运行 Linux 的模式,虚拟机或实体机。每一种方式都存在优势,但是有一些障碍会伴随着这两种方式。
### 第一时间测试一个新的 Linux 发行版
为了第一时间去做 Linux 发型版本的依赖测试,我把它们运行在我目前所拥有的所有类型的 PC 上。如果我用我的台式机,我将运行一个 Linux 虚拟机做测试。使用这种方法的原因是,不仅仅是生活环境下我可以下载测并测试发行版,但也会用稳定的生产环境安装。
在另一方面如果我在工作中我的PC不具备强力的硬件条件的在一个虚拟机上测试 Linux 发型版本的时候将会产生相反的效果。老实的讲,我会将电脑性能压榨到极限,如果在经济条件服务的情况下我会使用实体机运行 Linux 镜像替代虚拟机
### 在一个新的 Linux 发行版本上运行旅游软件
如果你有兴趣查看发行版本的桌面环境或购买软件,你不能因为发行版本的一个实时图片而诽谤它。一个生活环境提供给你希望的鸟瞰全局的视角,如何使用户体验更好是由应用程序提供的。
公平的说,一个虚拟化安装你也可以做同样的事,但是它有点不好,如果这么做你将要消除硬件上的许多数据。毕竟这是一个简单的发行版。记得我说过在第一部分-我做测试喜欢在虚拟机上运行 Linux 。这个方式我就能看见如何去安装它,使用镜像安装时你讲看不见有区别的操作和其他工作原理。
通常你仅能看见一个关于发行版本的简短介绍,关于功能用最少的阻力和时间投入,是解决这个问题的好办法。
### 随身携带一个
这个话题虽然不像几年前那样普遍,使用 Linux 发行版的能力可能是许多用户所顾虑的。明显,适合他们自己携带的系统,虚拟机是无法提供的。无论如何,一个 Linux 发行版本的镜像是具有可移植性的。一个镜像能够轻松的写入到 DVD 或者 Flash 存储设备中。
在 Linux 可移植性的概念上花费时间,这有益于在一个朋友的电脑上使用 Flash 存储设备安装镜像版 Linux 。这个授权使你能证明 Linux 能充实他们的生活,虽然在他们的 PC 上运行一个虚拟机是不可靠的。在喜爱使用镜像的用户哪里,它是双赢的。
### 选择做双系统 Linux
这是一个巨大的项目。考虑一些事,例如你在使用 Windows .你喜欢玩 Linux ,但是宁可不获取插件。在一些出状况或考虑你不是拥有单独分区,双系统将是一个问题。不管什么样的情况,同时使用 Linux 虚拟机和镜像系统都对于你是一个很好的选择。
现在,我在一些事物上采取奇怪的立场。长期运行 Linux 镜像在 Flash 存储或虚拟机,我知道你将为了更多的价值走更远。对于这个说法有两个原因。第一个,在 Windows 中安装一个虚拟机 VS 真正的运行的 Linux 。第二,用一个持续的存储设备你的 Flash 存储,安装 Linux 和你的数据。
我知道你会说用一个虚拟机运行 Linux 也是如此,无论如何你都无法升级到用镜像安装的地步。为什么?你不会更新你的宿主系统或者客户系统。记住,有一些发行 Linux 发行版本被设定为只能在持久存储中运行。Puppy Linux 就是一个非常好的例子。它仅能运行在个人 PC 上,否则它将进入死循环或被丢弃,它允许你永远不被单调的系统省级困扰,由于发行版会安全的处理这些更新。它不是一个正常的 Linux 发行版,有一个持久的免费镜像这样的方式用一堵墙个离开,多么可怕。
### Linux 虚拟机是一个绝好的选择
我就讲到这里这篇文章是时候结束了。Virtual Box 绝对是一个非常不错的运行 Linux 虚拟机的虚拟化产品。
例如,我制作了一个录像,里面介绍和评论了许多 Linux 发行版。硬件安装或者虚拟机安装一个从 Linux 发行版镜像库获得的镜像,一个实时的操作我们需要通过屏幕去捕获它。很明显,虚拟机运行 Linux 和 镜像安装更适合。
一旦你需要在音频资料中采集到混音,这没有问题,那如果你用软件去采集你的信息,为了一个合理的采集环境,你将需要一个本地安装的系统,这里面包含了所有的基本要求。在一次,用一个硬件安装方式,但是这开销可能很大,如果你仅仅是用与视频和音频操作,这需要花费一部分时间。
### Linux 虚拟机 VS Linux 镜像
你最喜欢尝试新发行版的方式是那些?也许,你会格式化磁盘,然后豁出去了,因此,不需要任何理由
大多数人告诉我他们喜欢上面的方法,但是我很像知道哪种方式更加适合你。点击评论,让我知道在 Linux 发行世界最伟大和最新的版本时,您更喜欢哪种方法。
--------------------------------------------------------------------------------
via: https://www.datamation.com/open-source/linux-virtual-machines-vs-linux-live-images.html
作者:[Matt Hartley][a]
译者:[sober-wang](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://www.datamation.com/author/Matt-Hartley-3080.html
[1]:https://www.datamation.com/open-source/best-linux-distro.html

336
translated/tech/20180529 How To Add Additional IP (Secondary IP) In Ubuntu System.md
View File

@ -1,336 +0,0 @@
如何在 Ubuntu 系统中添加一个辅助 IP 地址
======
Linux 管理员应该意识到这一点,因为这是一项例行任务。很多人想知道为什么我们需要在服务器中添加多个 IP 地址,以及为什么我们需要将它添加到单块网卡中?我说的对吗?
你可能也会有类似的问题:在 Linux 中如何为单块网卡分配多个 IP 地址?在本文中,你可以得到答案。
当我们对一个新服务器进行设置时,理想情况下它将有一个 IP 地址,即服务器主 IP 地址,它与服务器主机名对应。
我们不应在服务器主 IP 地址上托管任何应用程序,这是不可取的。如果要在服务器上托管任何应用程序,我们应该为此添加辅助 IP。
这是业界的最佳实践,它允许用户安装 SSL 证书。大多数系统都配有单块网卡,这足以添加额外的 IP 地址。
**建议阅读:**
**(#)** [在 Linux 命令行中 9 种方法检查公共 IP 地址][1]
**(#)** [在 Linux 终端中 3 种简单的方式来检查 DNS域名服务器记录][2]
**(#)** [在 Linux 上使用 Dig 命令检查 DNS域名服务器记录][3]
**(#)** [在 Linux 上使用 Nslookup 命令检查 DNS域名服务器记录][4]
**(#)** [在 Linux 上使用 Host 命令检查 DNS域名服务器记录][5]
我们可以在同一个接口上添加 IP 地址,或者在同一设备上创建子接口,然后在其中添加 IP。默认情况下一直到 Ubuntu 14.04 LTS接口给名称为 `ethX (eth0)`,但是从 Ubuntu 15.10 之后网络接口名称已从 `ethX` 更改为 `enXXXXX`(对于服务器是 ens33桌面版是 enp0s3
在本文中,我们将教你如何在 Ubuntu 上执行此操作并且衍生到其它发行版to 校正:这句自己加的)。
**`注意:`**别在 DNS 详细信息后添加 IP 地址。如果是这样DNS 将无法正常工作。
### 如何在 Ubuntu 14.04 LTS 中添加临时辅助 IP 地址
在系统中添加 IP 地址之前,运行以下任一命令即可验证服务器主 IP 地址:
```
# ifconfig
or
# ip addr
eth0 Link encap:Ethernet HWaddr 08:00:27:98:b7:36
inet addr:192.168.56.150 Bcast:192.168.56.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe98:b736/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:4 errors:0 dropped:0 overruns:0 frame:0
TX packets:105 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:902 (902.0 B) TX bytes:16423 (16.4 KB)
eth1 Link encap:Ethernet HWaddr 08:00:27:6a:cf:d3
inet addr:10.0.3.15 Bcast:10.0.3.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe6a:cfd3/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:80 errors:0 dropped:0 overruns:0 frame:0
TX packets:146 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:8698 (8.6 KB) TX bytes:17047 (17.0 KB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:25 errors:0 dropped:0 overruns:0 frame:0
TX packets:25 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:1730 (1.7 KB) TX bytes:1730 (1.7 KB)
```
如我所见,服务器主 IP 地址是 `192.168.56.150`,我将下一个 IP `192.168.56.151` 作为辅助 IP使用以下方法完成
```
# ip addr add 192.168.56.151/24 broadcast 192.168.56.255 dev eth0 label eth0:1
```
输入以下命令以检查新添加的 IP 地址。如果你重新启动服务器,那么新添加的 IP 地址会消失,因为我们的 IP 是临时添加的。
```
# ip addr
1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 08:00:27:98:b7:36 brd ff:ff:ff:ff:ff:ff
inet 192.168.56.150/24 brd 192.168.56.255 scope global eth0
valid_lft forever preferred_lft forever
inet 192.168.56.151/24 brd 192.168.56.255 scope global secondary eth0:1
valid_lft forever preferred_lft forever
inet6 fe80::a00:27ff:fe98:b736/64 scope link
valid_lft forever preferred_lft forever
3: eth1: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 08:00:27:6a:cf:d3 brd ff:ff:ff:ff:ff:ff
inet 10.0.3.15/24 brd 10.0.3.255 scope global eth1
valid_lft forever preferred_lft forever
inet6 fe80::a00:27ff:fe6a:cfd3/64 scope link
valid_lft forever preferred_lft forever
```
### 如何在 Ubuntu 14.04 LTS 中添加永久辅助 IP 地址
要在 Ubuntu 系统上添加永久辅助 IP 地址,只需编辑 `/etc/network/interfaces` 文件并添加所需的 IP 详细信息。
```
# vi /etc/network/interfaces
# The loopback network interface
auto lo
iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet static
address 192.168.56.150
netmask 255.255.255.0
network 192.168.56.0
broadcast 192.168.56.255
gateway 192.168.56.1
auto eth0:1
iface eth0:1 inet static
address 192.168.56.151
netmask 255.255.255.0
```
保存并关闭文件,然后重启网络接口服务。
```
# service networking restart
or
# ifdown eth0:1 && ifup eth0:1
```
验证新添加的 IP 地址:
```
# ifconfig
eth0 Link encap:Ethernet HWaddr 08:00:27:98:b7:36
inet addr:192.168.56.150 Bcast:192.168.56.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe98:b736/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:5 errors:0 dropped:0 overruns:0 frame:0
TX packets:84 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:962 (962.0 B) TX bytes:11905 (11.9 KB)
eth0:1 Link encap:Ethernet HWaddr 08:00:27:98:b7:36
inet addr:192.168.56.151 Bcast:192.168.56.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
eth1 Link encap:Ethernet HWaddr 08:00:27:6a:cf:d3
inet addr:10.0.3.15 Bcast:10.0.3.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe6a:cfd3/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:4924 errors:0 dropped:0 overruns:0 frame:0
TX packets:3185 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:4037636 (4.0 MB) TX bytes:422516 (422.5 KB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
```
### 如何在 Ubuntu 16.04 LTS 中临时添加辅助 IP 地址
正如本文开头所述,网络接口名称从 Ubuntu 15.10 就开始从 ethX 更改为 enXXXX (enp0s3),所以,替换你的接口名称。
在执行此操作之前,先检查系统上的 IP 信息:
```
# ifconfig
or
# ip addr
enp0s3: flags=4163 mtu 1500
inet 192.168.56.201 netmask 255.255.255.0 broadcast 192.168.56.255
inet6 fe80::a00:27ff:fe97:132e prefixlen 64 scopeid 0x20
ether 08:00:27:97:13:2e txqueuelen 1000 (Ethernet)
RX packets 7 bytes 420 (420.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 294 bytes 24747 (24.7 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
enp0s8: flags=4163 mtu 1500
inet 10.0.3.15 netmask 255.255.255.0 broadcast 10.0.3.255
inet6 fe80::344b:6259:4dbe:eabb prefixlen 64 scopeid 0x20
ether 08:00:27:12:e8:c1 txqueuelen 1000 (Ethernet)
RX packets 1 bytes 590 (590.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 97 bytes 10209 (10.2 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73 mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10
loop txqueuelen 1000 (Local Loopback)
RX packets 325 bytes 24046 (24.0 KB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 325 bytes 24046 (24.0 KB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
```
如我所见,服务器主 IP 地址是 `192.168.56.201`,所以,我将下一个 IP `192.168.56.202` 作为辅助 IP使用以下命令完成。
```
# ip addr add 192.168.56.202/24 broadcast 192.168.56.255 dev enp0s3
```
运行以下命令来检查是否已分配了新的 IP。当你重启机器时它会消失。
```
# ip addr
1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s3: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 08:00:27:97:13:2e brd ff:ff:ff:ff:ff:ff
inet 192.168.56.201/24 brd 192.168.56.255 scope global enp0s3
valid_lft forever preferred_lft forever
inet 192.168.56.202/24 brd 192.168.56.255 scope global secondary enp0s3
valid_lft forever preferred_lft forever
inet6 fe80::a00:27ff:fe97:132e/64 scope link
valid_lft forever preferred_lft forever
3: enp0s8: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 08:00:27:12:e8:c1 brd ff:ff:ff:ff:ff:ff
inet 10.0.3.15/24 brd 10.0.3.255 scope global dynamic enp0s8
valid_lft 86353sec preferred_lft 86353sec
inet6 fe80::344b:6259:4dbe:eabb/64 scope link
valid_lft forever preferred_lft forever
```
### 如何在 Ubuntu 16.04 LTS 中添加永久辅助 IP 地址
要在 Ubuntu 系统上添加永久辅助 IP 地址,只需编辑 `/etc/network/interfaces` 文件并添加所需 IP 的详细信息。
我们不应该在 dns-nameservers 之后添加辅助 IP 地址,因为它不会起作用,应该以下面的格式添加 IP 详情。
此外,我们不需要添加子接口(我们之前在 Ubuntu 14.04 LTS 中的做法):
```
# vi /etc/network/interfaces
# interfaces(5) file used by ifup(8) and ifdown(8)
auto lo
iface lo inet loopback
# The primary network interface
auto enp0s3
iface enp0s3 inet static
address 192.168.56.201
netmask 255.255.255.0
iface enp0s3 inet static
address 192.168.56.202
netmask 255.255.255.0
gateway 192.168.56.1
network 192.168.56.0
broadcast 192.168.56.255
dns-nameservers 8.8.8.8 8.8.4.4
dns-search 2daygeek.local
```
保存并关闭文件,然后重启网络接口服务:
```
# systemctl restart networking
or
# ifdown enp0s3 && ifup enp0s3
```
运行以下命令来检查是否已经分配了新的 IP
```
# ip addr
1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s3: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 08:00:27:97:13:2e brd ff:ff:ff:ff:ff:ff
inet 192.168.56.201/24 brd 192.168.56.255 scope global enp0s3
valid_lft forever preferred_lft forever
inet 192.168.56.202/24 brd 192.168.56.255 scope global secondary enp0s3
valid_lft forever preferred_lft forever
inet6 fe80::a00:27ff:fe97:132e/64 scope link
valid_lft forever preferred_lft forever
3: enp0s8: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 08:00:27:12:e8:c1 brd ff:ff:ff:ff:ff:ff
inet 10.0.3.15/24 brd 10.0.3.255 scope global dynamic enp0s8
valid_lft 86353sec preferred_lft 86353sec
inet6 fe80::344b:6259:4dbe:eabb/64 scope link
valid_lft forever preferred_lft forever
```
让我来 ping 一下新 IP 地址:
```
# ping 192.168.56.202 -c 4
PING 192.168.56.202 (192.168.56.202) 56(84) bytes of data.
64 bytes from 192.168.56.202: icmp_seq=1 ttl=64 time=0.019 ms
64 bytes from 192.168.56.202: icmp_seq=2 ttl=64 time=0.087 ms
64 bytes from 192.168.56.202: icmp_seq=3 ttl=64 time=0.034 ms
64 bytes from 192.168.56.202: icmp_seq=4 ttl=64 time=0.042 ms
--- 192.168.56.202 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3068ms
rtt min/avg/max/mdev = 0.019/0.045/0.087/0.026 ms
```
--------------------------------------------------------------------------------
via: https://www.2daygeek.com/how-to-add-additional-ip-secondary-ip-in-ubuntu-debian-system/
作者:[Prakash Subramanian][a]
选题:[lujun9972](https://github.com/lujun9972)
译者:[MjSeven](https://github.com/MjSeven)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]:https://www.2daygeek.com/author/prakash/
[1]:https://www.2daygeek.com/check-find-server-public-ip-address-linux/
[2]:https://www.2daygeek.com/check-find-dns-records-of-domain-in-linux-terminal/
[3]:https://www.2daygeek.com/dig-command-check-find-dns-records-lookup-linux/
[4]:https://www.2daygeek.com/nslookup-command-check-find-dns-records-lookup-linux/
[5]:https://www.2daygeek.com/host-command-check-find-dns-records-lookup-linux/

98
translated/tech/20180830 How To Reset MySQL Or MariaDB Root Password.md Normal file
View File

@ -0,0 +1,98 @@
如何重置 MySQL 或 MariaDB 的 Root 密码
======
![](https://www.ostechnix.com/wp-content/uploads/2018/08/Reset-MySQL-Or-MariaDB-Root-Password-720x340.png)
几个月前,我在[**Ubuntu 18.04 上安装了 LAMP**][1]。今天,我尝试以 root 用户身份登录数据库,但我完全忘记了密码。经过一阵 Google 搜索并浏览一些文章后,我成功重置了密码。对于那些想知道如何做到这一点的人,这个简短的教程解释了如何在类 Unix 操作系统中重置 MySQL 或 MariaDB Root 密码。
### 重置 MySQL 或 MariaDB Root 密码
首先,停止数据库。
如果你使用 MySQL请输入以下命令并下按回车键。
```
$ sudo systemctl stop mysql
```
对于 MariaDB
```
$ sudo systemctl stop mariadb
```
接下来,使用以下命令在没有权限检查的情况下重新启动数据库:
```
$ sudo mysqld_safe --skip-grant-tables &
```
这里, **`--skip-grant-tables`** 选项让你在没有密码和所有权限的情况下进行连接。如果使用此选项启动服务器,它还会启用 `--skip-networking` 选项,这用于防止其他客户端连接到数据库服务器。并且,**( &)**符号用于在后台运行命令,因此你可以在以下步骤中输入其他命令。请注意,上述命令很危险,并且你的数据库会变得不安全。你应该只在短时间内运行此命令以重置密码。
接下来,以 root 用户身份登录 MySQL/MariaDB 服务器:
```
$ mysql
```
**mysql >****MariaDB [(none)] >** 提示符下,运行以下命令重置 root 用户密码:
```
UPDATE mysql.user SET Password=PASSWORD('NEW-PASSWORD') WHERE User='root';
```
使用你自己的密码替换上述命令中的 **NEW-PASSWORD**
然后,输入以下命令退出 mysql 控制台。
```
FLUSH PRIVILEGES;
exit
```
最后,关闭之前使用 `--skip-grant-tables` 选项运行的数据库。为此,运行:
```
$ sudo mysqladmin -u root -p shutdown
```
系统将要求你输入在上一步中设置的 mysql/mariadb 用户密码。
现在,使用以下命令正常启动 mysql/mariadb 服务:
```
$ sudo systemctl start mysql
```
对于 MariaDB
```
$ sudo systemctl start mariadb
```
使用以下命令验证密码是否确实已更改:
```
$ mysql -u root -p
```
今天就是这些了。还有更多好东西。敬请期待!
干杯!
--------------------------------------------------------------------------------
via: https://www.ostechnix.com/how-to-reset-mysql-or-mariadb-root-password/
作者:[SK][a]
选题:[lujun9972](https://github.com/lujun9972)
译者:[geekpi](https://github.com/geekpi)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.ostechnix.com/author/sk/
[1]: https://www.ostechnix.com/install-apache-mariadb-php-lamp-stack-ubuntu-16-04/