+ # chsh <用户名> -s <新shell>
# chsh linuxtechi -s /bin/sh
-### Q:3 有什么不同的类型在shell脚本中使用? ###
+### Q:3 可以在shell脚本中使用哪些类型的变量? ###
-答:在shell脚本,我们可以使用两个类型变量:
+答:在shell脚本,我们可以使用两种类型的变量:
- 系统定义变量
- 用户定义变量
+系统变量是由系统系统自己创建的。这些变量通常由大写字母组成,可以通过“**set**”命令查看。
-系统变量是由系统系统自己创建的。这些变量由大写字母组成,可以通过“**set**”命令查看。
+用户变量由系统用户来生成和定义,变量的值可以通过命令“`echo $<变量名>`”查看。
-用户变量由系统用户来生成,变量的值可以通过命令“`echo $<变量名>`”查看
-
-### Q:4 如何同时重定向标准输出和错误输出到同一位置? ###
+### Q:4 如何将标准输出和错误输出同时重定向到同一位置? ###
答:这里有两个方法来实现:
-方法1:2>&1 (# ls /usr/share/doc > out.txt 2>&1 )
+方法一:
-方法二:&> (# ls /usr/share/doc &> out.txt )
+ 2>&1 (如# ls /usr/share/doc > out.txt 2>&1 )
-### Q:5 shell脚本中“if”的语法 ? ###
+方法二:
-答:基础语法:
+ &> (如# ls /usr/share/doc &> out.txt )
+
+### Q:5 shell脚本中“if”语法如何嵌套? ###
+
+答:基础语法如下:
if [ 条件 ]
then
@@ -72,9 +75,9 @@ Linux Shell脚本 入门25问
如果结束状态不是0,说明命令执行失败。
-### Q:7 在shell脚本中如何比较两个数 ? ###
+### Q:7 在shell脚本中如何比较两个数字 ? ###
-答:测试用例使用if-then来比较两个数,例子如下:
+答:在if-then中使用测试命令( -gt 等)来比较两个数字,例子如下:
#!/bin/bash
x=10
@@ -89,11 +92,11 @@ Linux Shell脚本 入门25问
### Q:8 shell脚本中break命令的作用 ? ###
-答:break命令一个简单的用途是退出执行中的循环。我们可以在while 和until循环中使用break命令跳出循环。
+答:break命令一个简单的用途是退出执行中的循环。我们可以在while和until循环中使用break命令跳出循环。
### Q:9 shell脚本中continue命令的作用 ? ###
-答:continue命令不同于break命令,它只跳出当前循环的迭代,而不是整个循环。continue命令很多时候是很有用的,例如错误发生,但我们依然希望循环继续的时候。
+答:continue命令不同于break命令,它只跳出当前循环的迭代,而不是**整个**循环。continue命令很多时候是很有用的,例如错误发生,但我们依然希望继续执行大循环的时候。
### Q:10 告诉我shell脚本中Case语句的语法 ? ###
@@ -116,14 +119,14 @@ Linux Shell脚本 入门25问
### Q:11 shell脚本中while循环语法 ? ###
-答:如同for循环,while循环重复自己所有命令只要条件成立,不同于for循环。基础语法:
+答:如同for循环,while循环只要条件成立就重复它的命令块。不同于for循环,while循环会不断迭代,直到它的条件不为真。基础语法:
while [ 条件 ]
do
命令…
done
-### Q:12 如何使脚本成为可执行状态 ? ###
+### Q:12 如何使脚本可执行 ? ###
答:使用chmod命令来使脚本可执行。例子如下:
@@ -131,11 +134,11 @@ Linux Shell脚本 入门25问
### Q:13 “#!/bin/bash”的作用 ? ###
-答:#!/bin/bash是shell脚本的第一行,总所周知,#符号调用hash而!调用bang。它的意思是命令使用 /bin/bash来执行命令
+答:#!/bin/bash是shell脚本的第一行,称为释伴(shebang)行。这里#符号叫做hash,而! 叫做 bang。它的意思是命令通过 /bin/bash 来执行。
### Q:14 shell脚本中for循环语法 ? ###
-答:for循环基础语法:
+答:for循环的基础语法:
for 变量 in 循环列表
do
@@ -147,13 +150,13 @@ Linux Shell脚本 入门25问
### Q:15 如何调试shell脚本 ? ###
-答:使用'-x'参数(sh -x myscript.sh)可以调试shell脚本。另一个种方法是使用‘-nv’参数( sh -nv myscript.sh)
+答:使用'-x'参数(sh -x myscript.sh)可以调试shell脚本。另一个种方法是使用‘-nv’参数( sh -nv myscript.sh)。
### Q:16 shell脚本如何比较字符串? ###
-答:test命令可以用来比较字符串。Test命令比较字符串通过比较每一个字符来比较。
+答:test命令可以用来比较字符串。测试命令会通过比较字符串中的每一个字符来比较。
-### Q:17 Bourne shell(bash) 中有哪些特别变量 ? ###
+### Q:17 Bourne shell(bash) 中有哪些特殊的变量 ? ###
答:下面的表列出了Bourne shell为命令行设置的特殊变量。
@@ -175,7 +178,7 @@ Linux Shell脚本 入门25问
$0
- 来自命令行脚本的名字
+命令行中的脚本名字
|
@@ -252,7 +255,7 @@ Linux Shell脚本 入门25问
-d 文件名
- 返回true,如果文件存在并且是一个目录
+如果文件存在并且是目录,返回true
|
@@ -260,7 +263,7 @@ Linux Shell脚本 入门25问
-e 文件名
- 返回true,如果文件存在
+如果文件存在,返回true
|
@@ -268,7 +271,7 @@ Linux Shell脚本 入门25问
-f 文件名
- 返回true,如果文件存在并且是普通文件
+如果文件存在并且是普通文件,返回true
|
@@ -276,7 +279,7 @@ Linux Shell脚本 入门25问
-r 文件名
- 返回true,如果文件存在并拥有读权限
+如果文件存在并可读,返回true
|
@@ -284,7 +287,7 @@ Linux Shell脚本 入门25问
-s 文件名
- 返回true,如果文件存在并且不为空
+如果文件存在并且不为空,返回true
|
@@ -292,7 +295,7 @@ Linux Shell脚本 入门25问
-w 文件名
- 返回true,如果文件存在并拥有写权限
+如果文件存在并可写,返回true
|
@@ -300,7 +303,7 @@ Linux Shell脚本 入门25问
-x 文件名
- 返回true,如果文件存在并拥有执行权限
+如果文件存在并可执行,返回true
|
@@ -308,15 +311,15 @@ Linux Shell脚本 入门25问
### Q:19 在shell脚本中,如何写入注释 ? ###
-答:注释可以用来描述一个脚本可以做什么和它是如何工作的。每一个注释以#开头。例子如下:
+答:注释可以用来描述一个脚本可以做什么和它是如何工作的。每一行注释以#开头。例子如下:
#!/bin/bash
# This is a command
echo “I am logged in as $USER”
-### Q:20 如何得到来自终端的命令输入到shell脚本? ###
+### Q:20 如何让 shell 就脚本得到来自终端的输入? ###
-答:read命令可以读取来自终端(使用键盘)的数据。read命令接入用户的输入并置于变量中。例子如下:
+答:read命令可以读取来自终端(使用键盘)的数据。read命令得到用户的输入并置于你给出的变量中。例子如下:
# vi /tmp/test.sh
@@ -330,9 +333,9 @@ Linux Shell脚本 入门25问
LinuxTechi
My Name is LinuxTechi
-### Q:21 如何取消设置或取消变量 ? ###
+### Q:21 如何取消变量或取消变量赋值 ? ###
-答:“unset”命令用于去取消或取消设置一个变量。语法如下所示:
+答:“unset”命令用于取消变量或取消变量赋值。语法如下所示:
# unset <变量名>
@@ -345,7 +348,7 @@ Linux Shell脚本 入门25问
### Q:23 do-while语句的基本格式 ? ###
-答:do-while语句类似于while语句,但检查条件语句之前先执行命令。下面是用do-while语句的语法
+答:do-while语句类似于while语句,但检查条件语句之前先执行命令(LCTT 译注:意即至少执行一次。)。下面是用do-while语句的语法
do
{
@@ -354,7 +357,7 @@ Linux Shell脚本 入门25问
### Q:24 在shell脚本如何定义函数呢 ? ###
-答:函数是拥有名字的代码块。当我们定义代码块,我们就可以在我们的脚本调用名字,该块就会被执行。示例如下所示:
+答:函数是拥有名字的代码块。当我们定义代码块,我们就可以在我们的脚本调用函数名字,该块就会被执行。示例如下所示:
$ diskusage () { df -h ; }
@@ -371,7 +374,7 @@ Linux Shell脚本 入门25问
### Q:25 如何在shell脚本中使用BC(bash计算器) ? ###
-答:使用下列格式,在shell脚本中使用bc
+答:使用下列格式,在shell脚本中使用bc:
variable=`echo “options; expression” | bc`
@@ -381,7 +384,7 @@ via: http://www.linuxtechi.com/linux-shell-scripting-interview-questions-answers
作者:[Pradeep Kumar][a]
译者:[VicYu/Vic020](http://vicyu.net)
-校对:[校对者ID](https://github.com/校对者ID)
+校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
diff --git a/translated/tech/20150205 How To Install or Configure VNC Server On CentOS 7.0.md b/published/201504/20150205 How To Install or Configure VNC Server On CentOS 7.0.md
similarity index 65%
rename from translated/tech/20150205 How To Install or Configure VNC Server On CentOS 7.0.md
rename to published/201504/20150205 How To Install or Configure VNC Server On CentOS 7.0.md
index 58c846e4d6..713fb7ab34 100644
--- a/translated/tech/20150205 How To Install or Configure VNC Server On CentOS 7.0.md
+++ b/published/201504/20150205 How To Install or Configure VNC Server On CentOS 7.0.md
@@ -1,24 +1,22 @@
-===>> boredivan翻译中 <<===
-怎样在CentOS 7.0上安装/配置VNC服务器
+怎样在CentOS 7.0上安装和配置VNC服务器
================================================================================
-这是一个关于怎样在你的 CentOS 7 上安装配置 [VNC][1] 服务的教程。当然这个教程也适合 RHEL 7 。在这个教程里,我们将学习什么是VNC以及怎样在 CentOS 7 上安装配置 [VNC 服务器][1]。
+这是一个关于怎样在你的 CentOS 7 上安装配置 [VNC][1] 服务的教程。当然这个教程也适合 RHEL 7 。在这个教程里,我们将学习什么是 VNC 以及怎样在 CentOS 7 上安装配置 [VNC 服务器][1]。
我们都知道,作为一个系统管理员,大多数时间是通过网络管理服务器的。在管理服务器的过程中很少会用到图形界面,多数情况下我们只是用 SSH 来完成我们的管理任务。在这篇文章里,我们将配置 VNC 来提供一个连接我们 CentOS 7 服务器的方法。VNC 允许我们开启一个远程图形会话来连接我们的服务器,这样我们就可以通过网络远程访问服务器的图形界面了。
-VNC 服务器是一个自由且开源的软件,它可以让用户可以远程访问服务器的桌面环境。另外连接 VNC 服务器需要使用 VNC viewer 这个客户端。
+VNC 服务器是一个自由开源软件,它可以让用户可以远程访问服务器的桌面环境。另外连接 VNC 服务器需要使用 VNC viewer 这个客户端。
** 一些 VNC 服务器的优点:**
- 远程的图形管理方式让工作变得简单方便。
- 剪贴板可以在 CentOS 服务器主机和 VNC 客户端机器之间共享。
- CentOS 服务器上也可以安装图形工具,让管理能力变得更强大。
- 只要安装了 VNC 客户端,任何操作系统都可以管理 CentOS 服务器了。
- 比 ssh 图形和 RDP 连接更可靠。
+- 远程的图形管理方式让工作变得简单方便。
+- 剪贴板可以在 CentOS 服务器主机和 VNC 客户端机器之间共享。
+- CentOS 服务器上也可以安装图形工具,让管理能力变得更强大。
+- 只要安装了 VNC 客户端,通过任何操作系统都可以管理 CentOS 服务器了。
+- 比 ssh 图形转发和 RDP 连接更可靠。
-那么,让我们开始安装 VNC 服务器之旅吧。我们需要按照下面的步骤一步一步来搭建一个有效的 VNC。
+那么,让我们开始安装 VNC 服务器之旅吧。我们需要按照下面的步骤一步一步来搭建一个可用的 VNC。
-
-首先,我们需要一个有效的桌面环境(X-Window),如果没有的话要先安装一个。
+首先,我们需要一个可用的桌面环境(X-Window),如果没有的话要先安装一个。
**注意:以下命令必须以 root 权限运行。要切换到 root ,请在终端下运行“sudo -s”,当然不包括双引号(“”)**
@@ -34,7 +32,8 @@ VNC 服务器是一个自由且开源的软件,它可以让用户可以远程
#yum install gnome-classic-session gnome-terminal nautilus-open-terminal control-center liberation-mono-fonts
-
+
+ ### 设置默认启动图形界面
# unlink /etc/systemd/system/default.target
# ln -sf /lib/systemd/system/graphical.target /etc/systemd/system/default.target
@@ -56,13 +55,13 @@ VNC 服务器是一个自由且开源的软件,它可以让用户可以远程
### 3. 配置 VNC ###
-然后,我们需要在 **/etc/systemd/system/** 目录里创建一个配置文件。我们可以从 **/lib/systemd/sytem/vncserver@.service** 拷贝一份配置文件范例过来。
+然后,我们需要在 `/etc/systemd/system/` 目录里创建一个配置文件。我们可以将 `/lib/systemd/sytem/vncserver@.service` 拷贝一份配置文件范例过来。
# cp /lib/systemd/system/vncserver@.service /etc/systemd/system/vncserver@:1.service
-接着我们用自己最喜欢的编辑器(这儿我们用的 **nano** )打开 **/etc/systemd/system/vncserver@:1.service** ,找到下面这几行,用自己的用户名替换掉 。举例来说,我的用户名是 linoxide 所以我用 linoxide 来替换掉 :
+接着我们用自己最喜欢的编辑器(这儿我们用的 **nano** )打开 `/etc/systemd/system/vncserver@:1.service` ,找到下面这几行,用自己的用户名替换掉 。举例来说,我的用户名是 linoxide 所以我用 linoxide 来替换掉 :
ExecStart=/sbin/runuser -l -c "/usr/bin/vncserver %i"
PIDFile=/home//.vnc/%H%i.pid
@@ -83,8 +82,7 @@ VNC 服务器是一个自由且开源的软件,它可以让用户可以远程
# systemctl daemon-reload
-Finally, we'll create VNC password for the user . To do so, first you'll need to be sure that you have sudo access to the user, here I will login to user "linoxide" then, execute the following. To login to linoxide we'll run "**su linoxide" without quotes** .
-最后还要设置一下用户的 VNC 密码。要设置某个用户的密码,必须要获得该用户的权限,这里我用 linoxide 的权限,执行“**su linoxide**”就可以了。
+最后还要设置一下用户的 VNC 密码。要设置某个用户的密码,必须要有能通过 sudo 切换到用户的权限,这里我用 linoxide 的权限,执行“`su linoxide`”就可以了。
# su linoxide
$ sudo vncpasswd
@@ -112,7 +110,7 @@ Finally, we'll create VNC password for the user . To do so, first you'll need to
-现在就可以用 IP 和端口号(例如 192.168.1.1:1 ,这里的端口不是服务器的端口,而是视 VNC 连接数的多少从1开始排序——译注)来连接 VNC 服务器了。
+现在就可以用 IP 和端口号(LCTT 译注:例如 192.168.1.1:1 ,这里的端口不是服务器的端口,而是视 VNC 连接数的多少从1开始排序)来连接 VNC 服务器了。
### 6. 用 VNC 客户端连接服务器 ###
@@ -122,33 +120,33 @@ Finally, we'll create VNC password for the user . To do so, first you'll need to
你可以用像 [Tightvnc viewer][3] 和 [Realvnc viewer][4] 的客户端来连接到服务器。
-要用其他用户和端口连接 VNC 服务器,请回到第3步,添加一个新的用户和端口。你需要创建 **vncserver@:2.service** 并替换配置文件里的用户名和之后步骤里响应的文件名、端口号。**请确保你登录 VNC 服务器用的是你之前配置 VNC 密码的时候使用的那个用户名**
+要用更多的用户连接,需要创建配置文件和端口,请回到第3步,添加一个新的用户和端口。你需要创建 `vncserver@:2.service` 并替换配置文件里的用户名和之后步骤里相应的文件名、端口号。**请确保你登录 VNC 服务器用的是你之前配置 VNC 密码的时候使用的那个用户名**。
+VNC 服务本身使用的是5900端口。鉴于有不同的用户使用 VNC ,每个人的连接都会获得不同的端口。配置文件名里面的数字告诉 VNC 服务器把服务运行在5900的子端口上。在我们这个例子里,第一个 VNC 服务会运行在5901(5900 + 1)端口上,之后的依次增加,运行在5900 + x 号端口上。其中 x 是指之后用户的配置文件名 `vncserver@:x.service` 里面的 x 。
+在建立连接之前,我们需要知道服务器的 IP 地址和端口。IP 地址是一台计算机在网络中的独特的识别号码。我的服务器的 IP 地址是96.126.120.92,VNC 用户端口是1。
-VNC 服务本身使用的是5900端口。鉴于有不同的用户使用 VNC ,每个人的连接都会获得不同的端口。配置文件名里面的数字告诉 VNC 服务器把服务运行在5900的子端口上。在我们这个例子里,第一个 VNC 服务会运行在5901(5900 + 1)端口上,之后的依次增加,运行在5900 + x 号端口上。其中 x 是指之后用户的配置文件名 **vncserver@:x.service** 里面的 x 。
-
-在建立连接之前,我们需要知道服务器的 IP 地址和端口。IP 地址是一台计算机在网络中的独特的识别号码。我的服务器的 IP 地址是96.126.120.92,VNC 用户端口是1。执行下面的命令可以获得服务器的公网 IP 地址。
+执行下面的命令可以获得服务器的公网 IP 地址(LCTT 译注:如果你的服务器放在内网或使用动态地址的话,可以这样获得其公网 IP 地址)。
# curl -s checkip.dyndns.org|sed -e 's/.*Current IP Address: //' -e 's/<.*$//'
### 总结 ###
-好了,现在我们已经在运行 CentOS 7 / RHEL 7 (Red Hat Enterprises Linux)的服务器上安装配置好了 VNC 服务器。VNC 是自由及开源的软件中最简单的一种能实现远程控制服务器的一种工具,也是 Teamviewer Remote Access 的一款优秀的替代品。VNC 允许一个安装了 VNC 客户端的用户远程控制一台安装了 VNC 服务的服务器。下面还有一些经常使用的相关命令。好好玩!
+好了,现在我们已经在运行 CentOS 7 / RHEL 7 的服务器上安装配置好了 VNC 服务器。VNC 是自由开源软件中最简单的一种能实现远程控制服务器的工具,也是一款优秀的 Teamviewer Remote Access 替代品。VNC 允许一个安装了 VNC 客户端的用户远程控制一台安装了 VNC 服务的服务器。下面还有一些经常使用的相关命令。好好玩!
#### 其他命令: ####
- 关闭 VNC 服务。
- # systemctl stop vncserver@:1.service
+ # systemctl stop vncserver@:1.service
- 禁止 VNC 服务开机启动。
- # systemctl disable vncserver@:1.service
+ # systemctl disable vncserver@:1.service
- 关闭防火墙。
- # systemctl stop firewalld.service
+ # systemctl stop firewalld.service
--------------------------------------------------------------------------------
@@ -156,7 +154,7 @@ via: http://linoxide.com/linux-how-to/install-configure-vnc-server-centos-7-0/
作者:[Arun Pyasi][a]
译者:[boredivan](https://github.com/boredivan)
-校对:[校对者ID](https://github.com/校对者ID)
+校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
diff --git a/translated/tech/20150205 How To Scan And Check A WordPress Website Security Using WPScan, Nmap, And Nikto.md b/published/201504/20150205 How To Scan And Check A WordPress Website Security Using WPScan, Nmap, And Nikto.md
similarity index 89%
rename from translated/tech/20150205 How To Scan And Check A WordPress Website Security Using WPScan, Nmap, And Nikto.md
rename to published/201504/20150205 How To Scan And Check A WordPress Website Security Using WPScan, Nmap, And Nikto.md
index fbd5fcf924..77838086fe 100644
--- a/translated/tech/20150205 How To Scan And Check A WordPress Website Security Using WPScan, Nmap, And Nikto.md
+++ b/published/201504/20150205 How To Scan And Check A WordPress Website Security Using WPScan, Nmap, And Nikto.md
@@ -5,27 +5,28 @@
数百万个网站用着 WordPress ,这当然是有原因的。WordPress 是众多内容管理系统中对开发者最友好的,本质上说你可以用它做任何事情。不幸的是,每天都有些吓人的报告说某个主要的网站被黑了,或者某个重要的数据库被泄露了之类的,吓得人一愣一愣的。
如果你还没有安装 WordPress ,可以看下下面的文章。
+
在基于 Debian 的系统上:
-- [How to install WordPress On Ubuntu][1]
+- [如何在 Ubuntu 上安装 WordPress][1]
在基于 RPM 的系统上:
-- [How to install wordpress On CentOS][2]
+- [如何在 CentOS 上安装 WordPress][2]
-我之前的文章 [How To Secure WordPress Website][3] 里面列出的**备忘录**为读者维护 WordPress 的安全提供了一点帮助。
+我之前的文章 [ 如何安全加固 WordPress 站点][3] 里面列出的**备忘录**为读者维护 WordPress 的安全提供了一点帮助。
-在这篇文章里面,我将说明 **wpscan** 的安装过程,以及怎样使用 wpscan 来锁定任何已知的会让你的站点变得易受攻击的插件和主题。还有怎样安装和使用一款免费的网络探索和攻击的安全扫描软件 **nmap** 。最后展示的是使用 **nikto** 的步骤。
+在这篇文章里面,我将介绍 **wpscan** 的安装过程,以及怎样使用 wpscan 来定位那些已知的会让你的站点变得易受攻击的插件和主题。还有怎样安装和使用一款免费的网络探索和攻击的安全扫描软件 **nmap** 。最后展示的是使用 **nikto** 的步骤。
### 用 WPScan 测试 WordPress 中易受攻击的插件和主题 ###
**WPScan** 是一个 WordPress 黑盒安全扫描软件,用 Ruby 写成,它是专门用来寻找已知的 WordPress 的弱点的。它为安全专家和 WordPress 管理员提供了一条评估他们的 WordPress 站点的途径。它的基于开源代码,在 GPLv3 下发行。
-### 下载和安装 WPScan ###
+#### 下载和安装 WPScan ####
在我们开始安装之前,很重要的一点是要注意 wpscan 不能在 Windows 下工作,所以你需要使用一台 Linux 或者 OS X 的机器来完成下面的事情。如果你只有 Windows 的系统,拿你可以下载一个 Virtualbox 然后在虚拟机里面安装任何你喜欢的 Linux 发行版本。
-WPScan 的源代码被放在 Github 上,所以需要先安装 git。
+WPScan 的源代码放在 Github 上,所以需要先安装 git(LCTT 译注:其实你也可以直接从 Github 上下载打包的源代码,而不必非得装 git )。
sudo apt-get install git
@@ -44,7 +45,7 @@ git 装好了,我们就要安装 wpscan 的依赖包了。
现在 wpscan 装好了,我们就可以用它来搜索我们 WordPress 站点潜在的易受攻击的文件。wpcan 最重要的方面是它能列出不仅是插件和主题,也能列出用户和缩略图的功能。WPScan 也可以用来暴力破解 WordPress —— 但这不是本文要讨论的内容。
-#### 跟新 WPScan ####
+#### 更新 WPScan ####
ruby wpscan.rb --update
@@ -95,7 +96,6 @@ git 装好了,我们就要安装 wpscan 的依赖包了。
列举主题和列举插件差不多,只要用"--enumerate t"就可以了。
-
ruby wpscan.rb --url http(s)://www.host-name.com --enumerate t
或者只列出易受攻击的主题:
@@ -135,7 +135,7 @@ WPscan 也可以用来列举某个 WordPress 站点的用户和有效的登录
#### 列举 Timthumb 文件 ####
-关于 WPscan ,我要说的最后一个功能是列举 timthub 相关的文件。近年来,timthumb 已经成为攻击者眼里的一个普通的目标,因为无数的漏洞被找出来并发到论坛上、邮件列表等等地方。用下面的命令可以通过 wpscan 找出易受攻击的 timthub 文件:
+关于 WPscan ,我要说的最后一个功能是列举 timthub (缩略图)相关的文件。近年来,timthumb 已经成为攻击者眼里的一个常见目标,因为无数的漏洞被找出来并发到论坛上、邮件列表等等地方。用下面的命令可以通过 wpscan 找出易受攻击的 timthub 文件:
ruby wpscan.rb --url http(s)://www.host-name.com --enumerate tt
@@ -143,11 +143,10 @@ WPscan 也可以用来列举某个 WordPress 站点的用户和有效的登录
**Nmap** 是一个开源的用于网络探索和安全审查方面的工具。它可以迅速扫描巨大的网络,也可一单机使用。Nmap 用原始 IP 数据包通过不同寻常的方法判断网络里那些主机是正在工作的,那些主机上都提供了什么服务(应用名称和版本),是什么操作系统(以及版本),用的什么类型的防火墙,以及很多其他特征。
-### 在 Debian 和 Ubuntu 上下载和安装 nmap ###
+#### 在 Debian 和 Ubuntu 上下载和安装 nmap ####
要在基于 Debian 和 Ubuntu 的操作系统上安装 nmap ,运行下面的命令:
-
sudo apt-get install nmap
**输出样例**
@@ -168,7 +167,7 @@ WPscan 也可以用来列举某个 WordPress 站点的用户和有效的登录
Processing triggers for man-db ...
Setting up nmap (5.21-1.1ubuntu1) ...
-#### 打个例子 ####
+#### 举个例子 ####
输出 nmap 的版本:
@@ -182,7 +181,7 @@ WPscan 也可以用来列举某个 WordPress 站点的用户和有效的登录
Nmap version 5.21 ( http://nmap.org )
-### 在 Centos 上下载和安装 nmap ###
+#### 在 Centos 上下载和安装 nmap ####
要在基于 RHEL 的 Linux 上面安装 nmap ,输入下面的命令:
@@ -227,7 +226,7 @@ WPscan 也可以用来列举某个 WordPress 站点的用户和有效的登录
Complete!
-#### 举个比方 ####
+#### 举个例子 ####
输出 nmap 版本号:
@@ -239,7 +238,7 @@ WPscan 也可以用来列举某个 WordPress 站点的用户和有效的登录
#### 用 Nmap 扫描端口 ####
-你可以用 nmap 来获得很多关于你的服务器的信息,它让你站在对你的网站不怀好意的人的角度看你自己的网站。
+你可以用 nmap 来获得很多关于你的服务器的信息,它可以让你站在对你的网站不怀好意的人的角度看你自己的网站。
因此,请仅用它测试你自己的服务器或者在行动之前通知服务器的所有者。
@@ -277,7 +276,7 @@ nmap 的作者提供了一个测试服务器:
sudo nmap -p port_number remote_host
-扫描一个网络,找出那些服务器在线,分别运行了什么服务
+扫描一个网络,找出哪些服务器在线,分别运行了什么服务。
这就是传说中的主机探索或者 ping 扫描:
@@ -294,19 +293,19 @@ nmap 的作者提供了一个测试服务器:
MAC Address: 00:11:32:11:15:FC (Synology Incorporated)
Nmap done: 256 IP addresses (4 hosts up) scanned in 2.80 second
-理解端口配置和如何发现你的服务器上的攻击的载体只是确保你的信息和你的 VPS 安全的第一步。
+理解端口配置和如何发现你的服务器上的攻击目标只是确保你的信息和你的 VPS 安全的第一步。
### 用 Nikto 扫描你网站的缺陷 ###
-[Nikto][4] 网络扫描器是一个开源的 web 服务器的扫描软件,它可以用来扫描 web 服务器上的恶意的程序和文件。Nikto 也可一用来检查软件版本是否过期。Nikto 能进行简单而快速地扫描以发现服务器上危险的文件和程序。扫描结束后会给出一个日志文件。`
+[Nikto][4] 网络扫描器是一个开源的 web 服务器的扫描软件,它可以用来扫描 web 服务器上的恶意的程序和文件。Nikto 也可以用来检查软件版本是否过期。Nikto 能进行简单而快速地扫描以发现服务器上危险的文件和程序。扫描结束后会给出一个日志文件。`
-### 在 Linux 服务器上下载和安装 Nikto ###
+#### 在 Linux 服务器上下载和安装 Nikto ####
Perl 在 Linux 上是预先安装好的,所以你只需要从[项目页面][5]下载 nikto ,解压到一个目录里面,然后开始测试。
wget https://cirt.net/nikto/nikto-2.1.4.tar.gz
-你可以用某个归档管理工具或者用下面这个命令,同时使用 tar 和 gzip 。
+你可以用某个归档管理工具解包,或者如下同时使用 tar 和 gzip :
tar zxvf nikto-2.1.4.tar.gz
cd nikto-2.1.4
@@ -369,7 +368,7 @@ Perl 在 Linux 上是预先安装好的,所以你只需要从[项目页面][5]
**输出样例**
-会有十分冗长的输出,可能一开始会让人感到困惑。许多 Nikto 的警报会返回 OSVDB 序号。这是开源缺陷数据库([http://osvdb.org/][6])的意思。你可以在 OSVDB 上找出相关缺陷的深入说明。
+会有十分冗长的输出,可能一开始会让人感到困惑。许多 Nikto 的警报会返回 OSVDB 序号。这是由开源缺陷数据库([http://osvdb.org/][6])所指定。你可以在 OSVDB 上找出相关缺陷的深入说明。
$ nikto -h http://www.host-name.com
- Nikto v2.1.4
@@ -402,7 +401,7 @@ Perl 在 Linux 上是预先安装好的,所以你只需要从[项目页面][5]
**Nikto** 是一个非常轻量级的通用工具。因为 Nikto 是用 Perl 写的,所以它可以在几乎任何服务器的操作系统上运行。
-希望这篇文章能在你找你的 wordpress 站点的缺陷的时候给你一些提示。我之前的文章[怎样保护 WordPress 站点][7]记录了一个**清单**,可以让你保护你的 WordPress 站点的工作变得更简单。
+希望这篇文章能在你检查 wordpress 站点的缺陷的时候给你一些提示。我之前的文章[如何安全加固 WordPress 站点][7]记录了一个**清单**,可以让你保护你的 WordPress 站点的工作变得更简单。
有想说的,留下你的评论。
@@ -412,7 +411,7 @@ via: http://www.unixmen.com/scan-check-wordpress-website-security-using-wpscan-n
作者:[anismaj][a]
译者:[boredivan](https://github.com/boredivan)
-校对:[校对者ID](https://github.com/校对者ID)
+校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
diff --git a/published/20150209 Fix Cannot Empty Trash In Ubuntu 14.04 [Quick Tip].md b/published/201504/20150209 Fix Cannot Empty Trash In Ubuntu 14.04 [Quick Tip].md
similarity index 100%
rename from published/20150209 Fix Cannot Empty Trash In Ubuntu 14.04 [Quick Tip].md
rename to published/201504/20150209 Fix Cannot Empty Trash In Ubuntu 14.04 [Quick Tip].md
diff --git a/translated/tech/20150209 Install the Gnome Flashback classical desktop on Ubuntu 14.10 or Linux Mint 17.md b/published/201504/20150209 Install the Gnome Flashback classical desktop on Ubuntu 14.10 or Linux Mint 17.md
similarity index 60%
rename from translated/tech/20150209 Install the Gnome Flashback classical desktop on Ubuntu 14.10 or Linux Mint 17.md
rename to published/201504/20150209 Install the Gnome Flashback classical desktop on Ubuntu 14.10 or Linux Mint 17.md
index ae7968afd0..a881b2fcc6 100644
--- a/translated/tech/20150209 Install the Gnome Flashback classical desktop on Ubuntu 14.10 or Linux Mint 17.md
+++ b/published/201504/20150209 Install the Gnome Flashback classical desktop on Ubuntu 14.10 or Linux Mint 17.md
@@ -1,10 +1,10 @@
-在Ubuntu14.10/Mint7上安装Gnome Flashback classical桌面
+在Ubuntu14.10/Mint7上安装Gnome Flashback 经典桌面
================================================================================
如果你不喜欢现在的Unity桌面,[Gnome Flashback][1]桌面环境是一个简单的并且很棒的选择,让你能找回曾经经典的桌面。
Gnome Flashback基于GTK3并提供与原先gnome桌面视觉上相似的界面。
-gnome flashback的另一个改变是采用了源自mint和xface的MATE桌面,但无论mint还是xface都是基于gtk2的。
+ Gnome Flashback的另一个改变是采用了源自mint和xface的MATE桌面,但无论mint还是xface都是基于GTK2的。
### 安装 Gnome Flashback ###
@@ -12,7 +12,7 @@ gnome flashback的另一个改变是采用了源自mint和xface的MATE桌面,
$ sudo apt-get install gnome-session-flashback
-然后注销到达登录界面,单击密码输入框右上角的徽标型按钮,即可选择桌面环境。可供选择的有Gnome Flashback (Metacity) 会话模式和Gnome Flashback (Compiz)会话模式。
+然后注销返回到登录界面,单击密码输入框右上角的徽标型按钮,即可选择桌面环境。可供选择的有Gnome Flashback (Metacity) 会话模式和Gnome Flashback (Compiz)会话模式。
Metacity更轻更快,而Compiz则能带给你更棒的桌面效果。下面是我使用gnome flashback桌面的截图。
@@ -24,17 +24,17 @@ Metacity更轻更快,而Compiz则能带给你更棒的桌面效果。下面是
### 1. 安装 Gnome Tweak Tool ###
-Gnome Tweak Tool能够帮助你定制比如字体、主题等,那些在Unity桌面的控制中心十分困难或是不可能完成的任务。
+Gnome Tweak Tool能够帮助你定制比如字体、主题等,这些在Unity桌面的控制中心是十分困难,几乎不可能完成的任务。
$ sudo apt-get install gnome-tweak-tool
-启动按步骤 应用程序 > 系统工具 > 首选项 > Tweak Tool
+启动按步骤: 应用程序 > 系统工具 > 首选项 > Tweak Tool
### 2. 在面板上添加小应用 ###
-默认的右键点击面板是没有效果的。你可以尝试在右键点击面板的同时按住键盘上的Alt+Super (win)键,这样定制面板的相关选项将会出现。
+默认的右键点击面板是没有效果的。你可以尝试在右键点击面板的同时按住键盘上的Alt+Super (win)键,这样就会出现定制面板的相关选项。
-你可以修改或删除面板并在上面添加些小应用。在这个例子中我们移除了底部面板,并用Plank dock来代替它的位置。
+你可以修改或删除面板,并在上面添加些小应用。在这个例子中我们移除了底部面板,并用Plank dock来代替它的位置。
在顶部面板的中间添加一个显示时间的小应用。通过配置使它显示时间和天气。
@@ -42,7 +42,7 @@ Gnome Tweak Tool能够帮助你定制比如字体、主题等,那些在Unity
### 3. 将窗口标题栏的按钮右置 ###
-在ubuntu中,最小化、最大化和关闭按钮默认实在标题栏的左侧的。需要稍作手脚才能让他们乖乖回到右边去。
+在ubuntu中,最小化、最大化和关闭按钮默认是在标题栏左侧的。需要稍作手脚才能让他们乖乖回到右边去。
想让窗口的按钮到右边可以使用下面的命令,这是我在askubuntu上找到的。
@@ -50,7 +50,7 @@ Gnome Tweak Tool能够帮助你定制比如字体、主题等,那些在Unity
### 4.安装 Plank dock ###
-plank dock位于屏幕底部用于启动应用和切换打开的窗口。会在必要的时间隐藏自己,并在需要的时候出现。elementary OS使用的dock就是plank dock。
+plank dock位于屏幕底部,用于启动应用和切换打开的窗口。它会在必要的时间隐藏自己,并在需要的时候出现。elementary OS使用的dock就是plank dock。
运行以下命令安装:
@@ -58,11 +58,11 @@ plank dock位于屏幕底部用于启动应用和切换打开的窗口。会在
$ sudo apt-get update
$ sudo apt-get install plank -y
-现在启动 应用程序 > 附件 > Plank。若想让它开机自动启动,找到 应用程序 > 系统工具 > 首选项 > 启动应用程序 并将“plank”的命令加到列表中。
+现在启动:应用程序 > 附件 > Plank。若想让它开机自动启动,找到 应用程序 > 系统工具 > 首选项 > 启动应用程序 并将“plank”的命令加到列表中。
### 5. 安装 Conky 系统监视器 ###
-Conky非常酷,它用系统的中如CPU和内存使用率的统计值来装饰桌面。它不太占资源并且运行的大部分时间都不惹麻烦。
+Conky非常酷,它用系统的中如CPU和内存使用率的统计值来装饰桌面。它不太占资源,并且绝大部分情况下运行都不会有什么问题。
运行如下命令安装:
@@ -70,7 +70,7 @@ Conky非常酷,它用系统的中如CPU和内存使用率的统计值来装饰
$ sudo apt-get update
$ sudo apt-get install conky-manager
-现在启动 应用程序 > 附件 > Conky Manager 选择你想在桌面上显示的部件。Conky Manager同样可以配置到启动项中。
+现在启动:应用程序 > 附件 > Conky Manager ,选择你想在桌面上显示的部件。Conky Manager同样可以配置到启动项中。
### 6. 安装CCSM ###
@@ -80,10 +80,10 @@ Conky非常酷,它用系统的中如CPU和内存使用率的统计值来装饰
$ sudo apt-get install compizconfig-settings-manager
-启动按步骤 应用程序 > 系统工具 > 首选项 > CompizConfig Settings Manager.
+启动按步骤: 应用程序 > 系统工具 > 首选项 > CompizConfig Settings Manager.
->在虚拟机中经常会发生compiz会话中装饰窗口消失。可以通过启动Compiz设置,在打开"Copy to texture",注销后重新登录即可。
+> 在虚拟机中经常会发生compiz会话中装饰窗口消失。可以通过启动Compiz设置,并启用"Copy to texture"插件,注销后重新登录即可。
不过值得一提的是Compiz 会话会比Metacity慢。
@@ -92,8 +92,8 @@ Conky非常酷,它用系统的中如CPU和内存使用率的统计值来装饰
via: http://www.binarytides.com/install-gnome-flashback-ubuntu/
作者:[Silver Moon][a]
-译者:[译者ID](https://github.com/译者ID)
-校对:[校对者ID](https://github.com/校对者ID)
+译者:[martin2011qi](https://github.com/martin2011qi)
+校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
diff --git a/published/20150209 Linux FAQs with Answers--How to fix 'fatal error--x264.h--No such file or directory' on Linux.md b/published/201504/20150209 Linux FAQs with Answers--How to fix 'fatal error--x264.h--No such file or directory' on Linux.md
similarity index 100%
rename from published/20150209 Linux FAQs with Answers--How to fix 'fatal error--x264.h--No such file or directory' on Linux.md
rename to published/201504/20150209 Linux FAQs with Answers--How to fix 'fatal error--x264.h--No such file or directory' on Linux.md
diff --git a/published/20150211 Install Mumble in Ubuntu an Opensource VoIP Apps.md b/published/201504/20150211 Install Mumble in Ubuntu an Opensource VoIP Apps.md
similarity index 100%
rename from published/20150211 Install Mumble in Ubuntu an Opensource VoIP Apps.md
rename to published/201504/20150211 Install Mumble in Ubuntu an Opensource VoIP Apps.md
diff --git a/published/20150211 Simple Steps Migration From MySQL To MariaDB On Linux.md b/published/201504/20150211 Simple Steps Migration From MySQL To MariaDB On Linux.md
similarity index 100%
rename from published/20150211 Simple Steps Migration From MySQL To MariaDB On Linux.md
rename to published/201504/20150211 Simple Steps Migration From MySQL To MariaDB On Linux.md
diff --git a/published/201504/20150215 How to analyze and view Apache web server logs interactively on Linux.md b/published/201504/20150215 How to analyze and view Apache web server logs interactively on Linux.md
new file mode 100644
index 0000000000..06a32d3fcb
--- /dev/null
+++ b/published/201504/20150215 How to analyze and view Apache web server logs interactively on Linux.md
@@ -0,0 +1,144 @@
+在 Linux 中以交互方式实时查看Apache web访问统计
+================================================================================
+
+无论你是在网站托管业务,还是在自己的VPS上运行几个网站,你总会有需要显示访客统计信息,例如前几的访客、访问请求的文件(无论动态或者静态)、所用的带宽、客户端的浏览器,和访问的来源网站,等等。
+
+[GoAccess][1] 是一款用于Apache或者Nginx的命令行日志分析器和交互式查看器。使用这款工具,你不仅可以浏览到之前提及的相关数据,还可以通过分析网站服务器日志来进一步挖掘数据 - 而且**这一切都是在一个终端窗口实时输出的**。由于今天的[大多数web服务器][2]都使用Debian的衍生版或者基于RedHat的发行版来作为底层操作系统,所以本文中我告诉你如何在Debian和CentOS中安装和使用GoAccess。
+
+### 在Linux系统安装GoAccess ###
+
+在Debian,Ubuntu及其衍生版本,运行以下命令来安装GoAccess:
+
+ # aptitude install goaccess
+
+在CentOS中,你将需要使你的[EPEL 仓库][3]可用然后执行以下命令:
+
+ # yum install goaccess
+
+在Fedora,同样使用yum命令:
+
+ # yum install goaccess
+
+
+如果你想从源码安装GoAccess来使用更多功能(例如 GeoIP 定位功能),需要在你的操作系统安装[必需的依赖包][4],然后按以下步骤进行:
+
+ # wget http://tar.goaccess.io/goaccess-0.8.5.tar.gz
+ # tar -xzvf goaccess-0.8.5.tar.gz
+ # cd goaccess-0.8.5/
+ # ./configure --enable-geoip
+ # make
+ # make install
+
+以上安装的版本是 0.8.5,但是你也可以在该软件的网站[下载页][5]确认是否是最新版本。
+
+由于GoAccess不需要后续的配置,一旦安装你就可以马上使用。
+
+### 运行 GoAccess ###
+
+开始使用GoAccess,只需要对它指定你的Apache访问日志。
+
+对于Debian及其衍生版本:
+
+ # goaccess -f /var/log/apache2/access.log
+
+基于红帽的发行版:
+
+ # goaccess -f /var/log/httpd/access_log
+
+当你第一次启动GoAccess,你将会看到如下的屏幕中选择日期和日志格式。正如前面所述,你可以按空格键进行选择,并按F10确认。至于日期和日志格式,你可能需要参考[Apache 文档][6]来刷新你的记忆。
+
+在这个例子中,选择常见日志格式(Common Log Format(CLF)):
+
+
+
+然后按F10 确认。你将会从屏幕上看到统计数据。为了简洁起见,这里只显示了首部,也就是日志文件的摘要,如下图所示:
+
+
+
+### 通过 GoAccess来浏览网站服务器统计数据 ###
+
+你可以按向下的箭头滚动页面,你会发现以下区域,它们是按请求排序的。这里提及的目录顺序可能会根据你的发行版或者你所选的安装方式(从源和库)不同而不同:
+
+1. 每天唯一访客(来自同样IP、同一日期和同一浏览器的请求被认为是是唯一访问)
+
+ 
+
+2. 请求的文件(网页URL)
+
+ 
+
+3. 请求的静态文件(例如,.png文件,.js文件等等)
+
+4. 来源的URLs(每一个URL请求的出处)
+
+5. HTTP 404 未找到的响应代码
+
+ 
+
+6. 操作系统
+
+7. 浏览器
+
+8. 主机地址(客户端IP地址)
+
+ 
+
+9. HTTP 状态代码
+
+ 
+
+10. 前几位的来源站点
+
+11. 来自谷歌搜索引擎的前几位的关键字
+
+如果你想要检查已经存档的日志,你可以通过管道将它们发送给GoAccess,如下:
+
+在Debian及其衍生版本:
+
+ # zcat -f /var/log/apache2/access.log* | goaccess
+
+在基于红帽的发行版:
+
+ # cat /var/log/httpd/access* | goaccess
+
+如果你需要上述部分的详细报告(1至11项),直接按下其序号再按O(大写o),就可以显示出你需要的详细视图。下面的图像显示5-O的输出(先按5,再按O)
+
+
+
+如果要显示GeoIP位置信息,打开主机部分的详细视图,如前面所述,你将会看到正在请求你的服务器的客户端IP地址所在的位置。
+
+
+
+如果你的系统还不是很忙碌,以上提及的章节将不会显示大量的信息,但是这种情形可以通过在你网站服务器越来越多的请求发生改变。
+
+### 保存用于离线分析的报告 ###
+
+有时候你不想每次都实时去检查你的系统状态,可以保存一份在线的分析文件或打印出来。要生成一个HTML报告,只需要通过之前提到GoAccess命令,将输出来重定向到一个HTML文件即可。然后,用web浏览器来将这份报告打开即可。
+
+ # zcat -f /var/log/apache2/access.log* | goaccess > /var/www/webserverstats.html
+
+一旦报告生成,你将需要点击展开的链接来显示每个类别详细的视图信息:
+
+
+
+可以查看youtube视频:https://youtu.be/UVbLuaOpYdg 。
+
+正如我们通过这篇文章讨论,GoAccess是一个非常有价值的工具,它能给系统管理员实时提供可视的HTTP 统计分析。虽然GoAccess的默认输出是标准输出,但是你也可以将他们保存到JSON,HTML或者CSV文件。这种转换可以让 GoAccess在监控和显示网站服务器的统计数据时更有用。
+
+--------------------------------------------------------------------------------
+
+via: http://xmodulo.com/interactive-apache-web-server-log-analyzer-linux.html
+
+作者:[Gabriel Cánepa][a]
+译者:[disylee](https://github.com/disylee)
+校对:[wxy](https://github.com/wxy)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[a]:http://xmodulo.com/author/gabriel
+[1]:http://goaccess.io/
+[2]:http://w3techs.com/technologies/details/os-linux/all/all
+[3]:http://linux.cn/article-2324-1.html
+[4]:http://goaccess.io/download#dependencies
+[5]:http://goaccess.io/download
+[6]:http://httpd.apache.org/docs/2.4/logs.html
diff --git a/published/20150215 How to share files between computers over network with btsync.md b/published/201504/20150215 How to share files between computers over network with btsync.md
similarity index 100%
rename from published/20150215 How to share files between computers over network with btsync.md
rename to published/201504/20150215 How to share files between computers over network with btsync.md
diff --git a/translated/tech/20150225 Linux FAQs with Answers--How to fix 'fatal error--lame or lame.h--No such file or directory' on Linux.md b/published/201504/20150225 Linux FAQs with Answers--How to fix 'fatal error--lame or lame.h--No such file or directory' on Linux.md
similarity index 92%
rename from translated/tech/20150225 Linux FAQs with Answers--How to fix 'fatal error--lame or lame.h--No such file or directory' on Linux.md
rename to published/201504/20150225 Linux FAQs with Answers--How to fix 'fatal error--lame or lame.h--No such file or directory' on Linux.md
index 685e637072..2d37fb0a33 100644
--- a/translated/tech/20150225 Linux FAQs with Answers--How to fix 'fatal error--lame or lame.h--No such file or directory' on Linux.md
+++ b/published/201504/20150225 Linux FAQs with Answers--How to fix 'fatal error--lame or lame.h--No such file or directory' on Linux.md
@@ -6,7 +6,7 @@ Linux 有问必答:如何在Linux中修复“fatal error: lame/lame.h: No such
fatal error: lame/lame.h: No such file or directory
-[LAME][1]("LAME Ain't an MP3 Encoder")是一个流行的LPGL授权的MP3编码器。许多视频编码工具使用或者支持LAME。这其中有[FFmpeg][2]、 VLC、 [Audacity][3]、 K3b、 RipperX等。
+[LAME][1]("LAME Ain't an MP3 Encoder")是一个流行的LPGL授权的MP3编码器。许多视频编码工具使用或者支持LAME,如 [FFmpeg][2]、 VLC、 [Audacity][3]、 K3b、 RipperX等。
要修复这个编译错误,你需要安装LAME库和开发文件,按照下面的来。
@@ -20,7 +20,7 @@ Debian和它的衍生版在基础库中已经提供了LAME库,因此可以用a
在基于RED HAT的版本中,LAME在RPM Fusion的免费仓库中就有,那么你需要先设置[RPM Fusion (免费)仓库][4]。
-RPM Fusion设置完成后,如下安装LAME开发文件。
+RPM Fusion设置完成后,如下安装LAME开发包。
$ sudo yum --enablerepo=rpmfusion-free-updates install lame-devel
@@ -42,7 +42,7 @@ RPM Fusion设置完成后,如下安装LAME开发文件。
$ ./configure --help
-共享/静态LAME默认安装在 /usr/local/lib。要让共享库可以被其他程序使用,完成最后一步:
+共享/静态的LAME库默认安装在 /usr/local/lib。要让共享库可以被其他程序使用,完成最后一步:
用编辑器打开 /etc/ld.so.conf,加入下面这行。
@@ -56,7 +56,6 @@ RPM Fusion设置完成后,如下安装LAME开发文件。
如果你的发行版(比如 CentOS 7)没有提供预编译的LAME库,或者你想要自定义LAME库,你需要从源码自己编译。下面是在基于Red Hat的系统中编译安装LAME库的方法。
-
$ sudo yum install gcc git
$ wget http://downloads.sourceforge.net/project/lame/lame/3.99/lame-3.99.5.tar.gz
$ tar -xzf lame-3.99.5.tar.gz
@@ -87,7 +86,7 @@ via: http://ask.xmodulo.com/fatal-error-lame-no-such-file-or-directory.html
作者:[Dan Nanni][a]
译者:[geekpi](https://github.com/geekpi)
-校对:[校对者ID](https://github.com/校对者ID)
+校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
diff --git a/translated/tech/20150225 Linux FAQs with Answers--How to install a USB webcam in Raspberry Pi.md b/published/201504/20150225 Linux FAQs with Answers--How to install a USB webcam in Raspberry Pi.md
similarity index 91%
rename from translated/tech/20150225 Linux FAQs with Answers--How to install a USB webcam in Raspberry Pi.md
rename to published/201504/20150225 Linux FAQs with Answers--How to install a USB webcam in Raspberry Pi.md
index 805a0aaca4..80974a1761 100644
--- a/translated/tech/20150225 Linux FAQs with Answers--How to install a USB webcam in Raspberry Pi.md
+++ b/published/201504/20150225 Linux FAQs with Answers--How to install a USB webcam in Raspberry Pi.md
@@ -1,12 +1,12 @@
-Linux有问必答 -- 如何在树莓派上安装USB网络摄像头
+Linux有问必答:如何在树莓派上安装USB网络摄像头
================================================================================
> **Question**: 我可以在树莓派上使用标准的USB网络摄像头么?我该如何检查USB网络摄像头与树莓派是否兼容?另外我该如何在树莓派上安装它?
-如果你想在树莓上拍照或者录影,你可以安装[树莓派的摄像头板][1]。如果你不想要为摄像头模块花费额外的金钱,那有另外一个方法,就是你常见的[USB 摄像头][2]。你可能已经在PC上安装了。
+如果你想在树莓上拍照或者录影,你可以安装[树莓派的摄像头板][1]。如果你不想要为摄像头模块花费额外的金钱,那有另外一个方法,就是你常见的[USB 摄像头][2]。你可能已经在PC上安装过了。
本教程中,我会展示如何在树莓派上设置摄像头。我们假设你使用的系统是Raspbian。
-在此之前,你最好检查一下你的摄像头是否在[这些][3]已知与树莓派兼容的摄像头之中。如果你的摄像头不在这个兼容列表中,不要丧气,仍然有可能你的摄像头被树莓派检测到。
+在此之前,你最好检查一下你的摄像头是否在[这些][3]已知与树莓派兼容的摄像头之中。如果你的摄像头不在这个兼容列表中,不要丧气,仍然有可能树莓派能检测到你的摄像头。
### 检查USB摄像头是否雨树莓派兼容 ###
@@ -34,7 +34,7 @@ fswebcam安装完成后,在终端中运行下面的命令来抓去一张来自
$ fswebcam --no-banner -r 640x480 image.jpg
-这条命令可以抓取一张640x480分辨率的照片,并且用jpg格式保存。它不会在照片的地步留下任何标志.
+这条命令可以抓取一张640x480分辨率的照片,并且用jpg格式保存。它不会在照片的底部留下任何水印.
@@ -52,7 +52,7 @@ via: http://ask.xmodulo.com/install-usb-webcam-raspberry-pi.html
作者:[Kristophorus Hadiono][a]
译者:[geekpi](https://github.com/geekpi)
-校对:[校对者ID](https://github.com/校对者ID)
+校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
diff --git a/published/20150225 Torvalds--'People who start writing kernel code get hired really quickly'.md b/published/201504/20150225 Torvalds--'People who start writing kernel code get hired really quickly'.md
similarity index 100%
rename from published/20150225 Torvalds--'People who start writing kernel code get hired really quickly'.md
rename to published/201504/20150225 Torvalds--'People who start writing kernel code get hired really quickly'.md
diff --git a/published/201504/20150227 Chess in a Few Bytes.md b/published/201504/20150227 Chess in a Few Bytes.md
new file mode 100644
index 0000000000..941f6de274
--- /dev/null
+++ b/published/201504/20150227 Chess in a Few Bytes.md
@@ -0,0 +1,116 @@
+只有几百个字节大小的国际象棋程序
+================================================================================
+
+当我在这里提到了 ZX81 电脑时,我已经暴露了我的年龄。ZX81 是一个由英国开发者(Sincilair 研究所)生产的家庭电脑,它拥有"高达" 1KB 的内存!上面的 1KB 并不是打印错误,这个家庭电脑确实只配置有 1KB 的板载内存。但这个内存大小上的限制并没有阻止爱好者制作种类繁多的软件。事实上,这个机器引发了一代编程奇才的出现,这让他们掌握了让程序在该机上运行起来的技能。这个机器可以通过一个 16 KB 的内存卡来进行升级,这就提供了更多的编程可能。但未经扩展的 1KB 机器仍然激励着编程者们发布卓越的软件。
+
+
+
+我最喜爱的 ZX81 游戏有: 模拟飞行(Flight Simulation), 3D 版怪物迷宫(3D Monster Maze), 小蜜蜂(Galaxians), 以及最重要的 1K ZX Chess。 只有最后一个程序是为未扩展版的 ZX81 电脑设计的。事实上,David Horne 开发的 1K ZX Chess 只使用了仅仅 672 字节的 RAM(LCTT 译注:如果读者有兴趣,可以看看[这里](http://users.ox.ac.uk/~uzdm0006/scans/1kchess/)对该程序的代码及解释)。尽管如此,该游戏尽力去实现大多数的国际象棋规则,并提供了一个计算机虚拟对手。虽然一些重要的规则被忽略了(如:王车易位,兵的升变,和吃过路兵)
+(LCTT 译注:参考了[这里](http://zh.wikibooks.org/zh/%E5%9B%BD%E9%99%85%E8%B1%A1%E6%A3%8B/%E8%A7%84%E5%88%99)和[这里](http://en.wikipedia.org/wiki/Rules_of_chess)),但能够和人工智能相对抗,这仍然令人惊讶。这个游戏占据了我逝去的青春里的相当一部分。
+
+1K ZX Chess 保持了在所有计算机上国际象棋的最小实现的地位长达 33 年之久,直到今年由 BootChess 打破了该记录,紧接着由 Toledo AtomChess 打破。这三个程序都没有实现所有的国际象棋规则,所以为了完整性,我介绍了我最喜爱的那些实现了所有国际象棋规则的极小的国际象棋。
+
+Linux 有着一系列极其强大的国际象棋引擎,如 Stockfish, Critter, Togo II, Crafty, GNU Chess 和 Komodo 。 在这篇文章精选的国际象棋程序虽敌不过这些好的国际象棋程序,但它们展示了使用微不足道的代码库究竟可以实现多少东西。
+
+----------
+
+### Toledo Atomchess
+
+
+
+你可能已经看到了大量有关 BootChess 新闻报道,这个只用 487 字节写就的国际象棋程序,一举打破了先前最小的国际象棋程序 1K ZX Chess 的记录。所以,Óscar Toledo Gutiérrez 挽起袖子自己编写了一个更加紧凑的国际象棋游戏。Toledo Atomchess 是仅有 481 字节的 x86 汇编代码,都能放到引导扇区里。 在难以置信的代码大小下,这个引擎实现了一个可玩的国际象棋游戏。
+
+特点包括:
+
+- 基本的棋子移动
+- 用 ASCII 文本表现的棋盘
+- 以代数形式来输入移动(注:如 D2D4)
+- 3 层的搜索深度
+
+显然,为了将这个国际象棋程序压缩到 481 字节中,作者必须做出某些牺牲,这些局限包括:
+
+- 没有兵的升变
+- 没有王车易位
+- 没有吃过路兵
+- 没有移动确认
+
+该作者也使用 C,JavaScript 和 Java 来写这个国际象棋程序,每种实现都非常小。
+
+- 网站: [nanochess.org/chess6.html][1]
+- 开发者: Óscar Toledo Gutiérrez
+- 协议: 非商业用途可免费使用
+- 版本号: -
+
+----------
+
+### BootChess
+
+
+
+BootChess 是一个国际象棋的极其小巧的计算机实现。这个程序被塞进到仅仅 487 字节里,并可运行在 Windows, Mac OS X 和 Linux 等操作系统。BootChess 的棋盘和棋子单独用文本表示,其中 P 代表兵, Q 用来代表王后,以及“点”代表空白格子。
+
+特点包括:
+
+- 象棋棋盘和用户输入的形象的文本表示
+- 引导扇区大小(512 字节)的可玩的象棋游戏
+- 只需 x86 bios 硬件引导程序(没有软件依赖)
+- 所有主要的正规移动包括双兵开局
+- 兵升变为王后(与 1k ZX Chess 相反)
+- 名为 taxiMax > minMax half-ply 的 CPU 人工智能
+- 硬编码的西班牙白子开局
+
+同样,它也存在一些重要的限制。这些遗漏的功能包括:
+
+- 兵的低升变(升变为非王后的棋子)
+- 吃过路兵
+- 没有王车易位
+- 3 次位置重复和局规则(注:下一步之前,同样的移动出现了两次;可以参考[这里](http://www.netplaces.com/chess-basics/ending-the-game/three-position-repetition.htm))
+- 50 步移动和局规则(注:在连续的50个回合内,双方既没有棋子被吃掉,也没有兵被移动过,则和局;可以参考[这里](http://www.chessvariants.org/d.chess/chess.html))
+- 没有开放式和封闭式布局
+- 一个或多个 minMAX/negaMax 全层人工智能
+
+- 网站: [www.pouet.net/prod.php?which=64962][2]
+- 开发者: Olivier "Baudsurfer/RSi" Poudade
+- 协议: WTFPL v2
+- 版本号: .02
+
+----------
+
+###Micro-Max
+
+
+
+Micro-Max 是一个用 133 行 C 语言写就的象棋源程序。
+
+作者实现了一个 hash 变换表,该引擎检查输入移动的合法性,以及支持 FIDE(注: World Chess Federation 缩写,参见其[官网](https://www.fide.com/)) 的全部规则,除了低升变。
+
+特点包括:
+
+- 递归的 negamax 搜索
+- 反夺的静态搜索
+- 反夺规则的扩展
+- 迭代深化
+- 最佳移动优先的 `排序`
+- 存储分数和最佳移动的 Hash 表
+- 完整的 FIDE 规则(除了低位升变)和移动合法性检查
+
+还有一个 1433个字符的较大版本,但允许你使用完整的 FIDE 规则的低升变。
+
+- 网站: [home.hccnet.nl/h.g.muller/max-src2.html][3]
+- 开发者: Harm Geert Muller
+- 协议: The MIT License
+- 版本号: 3.2
+
+--------------------------------------------------------------------------------
+
+via: http://www.linuxlinks.com/article/20150222033906262/ChessBytes.html
+
+作者:Frazer Kline
+译者:[FSSlc](https://github.com/FSSlc)
+校对:[wxy](https://github.com/wxy)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[1]:http://nanochess.org/chess6.html
+[2]:http://www.pouet.net/prod.php?which=64962
+[3]:http://home.hccnet.nl/h.g.muller/max-src2.html
\ No newline at end of file
diff --git a/published/20150302 How to Setup Passwordless SSH Logon to Ubuntu 14.04.md b/published/201504/20150302 How to Setup Passwordless SSH Logon to Ubuntu 14.04.md
similarity index 100%
rename from published/20150302 How to Setup Passwordless SSH Logon to Ubuntu 14.04.md
rename to published/201504/20150302 How to Setup Passwordless SSH Logon to Ubuntu 14.04.md
diff --git a/published/20150304 How To Fix 'Not Enough Free Disk Space On boot' In Ubuntu.md b/published/201504/20150304 How To Fix 'Not Enough Free Disk Space On boot' In Ubuntu.md
similarity index 100%
rename from published/20150304 How To Fix 'Not Enough Free Disk Space On boot' In Ubuntu.md
rename to published/201504/20150304 How To Fix 'Not Enough Free Disk Space On boot' In Ubuntu.md
diff --git a/published/20150306 Nmap--Not Just for Evil.md b/published/201504/20150306 Nmap--Not Just for Evil.md
similarity index 100%
rename from published/20150306 Nmap--Not Just for Evil.md
rename to published/201504/20150306 Nmap--Not Just for Evil.md
diff --git a/translated/tech/20150309 10 Useful 'ls' Command Interview Questions--Part 2.md b/published/201504/20150309 10 Useful 'ls' Command Interview Questions--Part 2.md
similarity index 56%
rename from translated/tech/20150309 10 Useful 'ls' Command Interview Questions--Part 2.md
rename to published/201504/20150309 10 Useful 'ls' Command Interview Questions--Part 2.md
index f2cd020692..a166b8d36d 100644
--- a/translated/tech/20150309 10 Useful 'ls' Command Interview Questions--Part 2.md
+++ b/published/201504/20150309 10 Useful 'ls' Command Interview Questions--Part 2.md
@@ -1,154 +1,169 @@
-10个有用的‘ls’命令面试问题-第二部分
+10 个‘ls’命 令面试的问题(二)
================================================================================
-这是关于文件列表命令的第二篇文章,继续探讨‘ls’命令的其他方面。该系列的第一篇文章收到了Tecmint社区的高度关注,如果你错过了该系列的第一部分,你可能会访问以下地址:
+这是关于文件列表命令的第二篇文章,继续探讨‘ls’命令的其他方面。该系列的第一篇文章受到了社区的高度关注,如果你错过了该系列的第一部分,可以访问以下地址:
-- [15 Interview Questions on “ls” Command – Part 1][1]
+- [15 个‘ls’命令的面试问题(一)][1]
这篇文章通过样例来很好地展现‘ls’命令的深入应用,我们加倍小心地来写这篇文章来保持其简洁可理解性,同时又能提供最全面的服务。
-10 Interview Questions on ls Command
-### 1. 假如你想要以长列表的形式列出目录中的内容,但是不打印文件创建者名称以及文件所属组。同时在输出中显示其不同之处。###
+*10 ‘ls’ 命令面试的问题*
+
+### 16. 假如你想要以长列表的形式列出目录中的内容,但是不打印文件创建者名称以及文件所属组。看看输出有何不同之处。###
a. ls 命令在与‘-l’选项一起使用时会将文件以长列表格式输出。
# ls -l
-List Files in- Long List Format
+
+*以长格式列出文件*
b. ls 命令在与‘-l’和‘--author’一起使用时,会将文件以长列表格式输出并带有文件创建者的名称信息。
# ls -l --author
-List Files By Author
+
+*列出文件的创建者*
c. ls 命令在与‘-g’选项 一起将会列出文件名但是不带属主名称。
# ls -g
-List Files Without Printing Owner Name
-d. ls 命令在与'-G'和‘-l’选项一起将会使用长列表格式列出文件名称带式不带文件所属组名称。
+*列出文件但不列出属主*
+
+d. ls 命令在与'-G'和‘-l’选项一起将会使用长列表格式列出文件名称但是不带文件所属组名称。
+
# ls -Gl
-List Files Without Printing Group
-### 2. 使用用户友好的格式打印出当前目录中的文件以及文件夹的大小,你会如何做?###
+*列出文件但是不列出所属组*
+
+### 17. 使用易读格式打印出当前目录中的文件以及文件夹的大小,你会如何做?###
+
+这里我们需要使用'-h'选项(人类可阅读的、易读的)同‘-l’或‘-s’选项与ls命令一起使用来得到想要的输出。
-这里我们需要使用'-h'选项(人类可阅读的)同‘-l’或‘-s’选项与ls命令一起使用来得到想要的输出。
# ls -hl
-List Files in Human Readable Format
+
+*以易读格式的长列表列出文件*
# ls -hs
-List File Sizes in Long List Format
+
+*以易读格式的短列表列出文件*
**注意**: ‘-h’选项使用1024(计算机中的标准)的幂,文件或文件夹的大小分别以K,M和G作为输出单位。
-### 3. 既然‘-h’选项是使用1024的幂作为标准来输出大小,那么ls命令还支持其他的幂值呢?###
+### 18. 既然‘-h’选项是使用1024的幂作为标准来输出大小,那么ls命令是否还支持其他的幂值呢?###
-存在一个选项 ‘-si’与选项‘-h’相似,不同之处在于前者以使用1000的幂,后者使用1024的幂。
+存在一个选项 ‘--si’与选项‘-h’相似,不同之处在于前者以使用1000的幂,后者使用1024的幂。
- # ls -si
+ # ls --si
-
-Supported Power Values of ls Command
+所以'--si'也可以与‘-l’选项一起使用来按照1000的幂来输出文件夹的大小,并且以长列表格式显示。
-所以'-si'也可以与‘-l’选项一起使用来按照1000的幂来输出文件夹的大小,并且以长列表格式显示。
+ # ls --si -l
- # ls -si -l
+(LCTT 译注:此处原文参数有误,附图也不对,因此删除之)
-
-List Files by Power Values
+### 19. 假如要你使用逗号‘,’作为分隔符来打印一个目录中的内容,可以吗? 对于长列表形式也可行吗?###
-### 4. 假如要你使用逗号‘,’作为分隔符来打印一个目录中的内容,可以吗? 对于长列表形式也可行吗?###
-
-当然!linux的ls命令当与其选项‘-m’一起使用时可以在打印目录内容时以逗号‘,’分割。由于逗号分割的内容是水平填充的,ls命令不能在垂直列出内容时使用逗号来分割内容。
+当然!linux的ls命令当与其选项‘-m’一起使用时可以在打印目录内容时以逗号‘,’分割。由于逗号分割的内容是水平填充的,ls命令不能在垂直列出内容时使用逗号来分割内容。
# ls -m
-Print Contents of Directory by Comma
+
+*以逗号分隔显示内容*
当使用长列表格式时,‘-m’选项就没有什么效果了。
# ls -ml
-Listing Content Horizontally
-### 5. 有办法将目录的内容逆序打印出来吗?###
+*长列表不能使用逗号分隔列表*
+
+### 20. 有办法将目录的内容逆序打印出来吗?###
可以!上面的情形可以轻松地通过'-r'选项搞定,该选项将输出顺序倒置。这个选项也可以与‘-l’选项一起使用。
# ls -r
-List Content in Reverse Order
+
+*逆序列出*
# ls -rl
-Long List Content in Reverse Order
-### 6. 如果你被分配一个任务,来递归地打印各个子目录,你会如何应付?注意哟,只针对子目录而不是文件哦。###
+*逆序长列表*
+
+### 21. 如果你被分配一个任务,来递归地打印各个子目录,你会如何应付?注意,只针对子目录而不是文件哦。###
小意思!使用“-R”选项就可以轻轻松松拿下,它也可以更进一步地与其他选项如‘-l’和‘-m’选项等组合使用。
+
# ls -R
-Print Sub Directories in Recursively
-### 7. 如何按照文件大小对其进行排序?###
+*递归列出子目录*
+
+### 22. 如何按照文件大小对其进行排序?###
linux命令行选项'-S'赋予了ls命令这个超能力。按照文件大小从大到小的顺序排序:
# ls -S
-Sort Files with ls Command
+*按文件大小排序*
按照文件大小从小到大的顺序排序。
# ls -Sr
-Sort Files in Descending Order
-### 8. 列出目录中的内容按照一行一个文件并且不带额外信息的方式 ###
+*从小到大的排序*
-选项‘-l’在此可以解决这个问题,使用‘-l’选项来使用ls命令可以将目录中的内容按照一行一个文件并且不带额外信息的方式进行输出。
+### 23. 按照一行一个文件列出目录中的内容,并且不带额外信息的方式 ###
+
+选项‘-1’在此可以解决这个问题,使用‘-1’选项来使用ls命令可以将目录中的内容按照一行一个文件并且不带额外信息的方式进行输出。
# ls -1
-List Files Without Information
-### 9. 现在委派给你一个任务,你必须将目录中的内容输出到终端而且需要使用双引号引起来,你会如何做?###
+*不带其他信息,一行一个列出文件*
-存在一个选项‘-Q’会将ls命令的输出内容用双引号引起来。
+### 24. 现在委派给你一个任务,你必须将目录中的内容输出到终端而且需要使用双引号引起来,你会如何做?###
+
+有一个选项‘-Q’会将ls命令的输出内容用双引号引起来。
# ls -Q
-Print Files with Double Quotes
-### 10. 想象一下你正在与一个包含有很多文件和文件夹的目录打交道,你需要使目录名显示在文件名之前,你如何做?###
+*输出的文件名用引号引起来*
+
+### 25. 想象一下你正在与一个包含有很多文件和文件夹的目录打交道,你需要使目录名显示在文件名之前,你如何做?###
# ls --group-directories-first
-Print Directories First
-先点到为止,我们会马上提供该系列文章的下一部分。别换频道,关注Tecmint。 另外别忘了在下面的评论中提出你们宝贵的反馈信息,喜欢就分享,帮助我们得到更好的传播吧!
+*目录优先显示*
+
+先点到为止,我们会马上提供该系列文章的下一部分。别换频道,关注我们。 另外别忘了在下面的评论中提出你们宝贵的反馈信息,喜欢就分享,帮助我们得到更好的传播吧!
--------------------------------------------------------------------------------
@@ -156,9 +171,9 @@ via: http://www.tecmint.com/ls-interview-questions/
作者:[Ravi Saive][a]
译者:[theo-l](https://github.com/theo-l)
-校对:[校对者ID](https://github.com/校对者ID)
+校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
[a]:http://www.tecmint.com/author/admin/
-[1]:http://www.tecmint.com/ls-command-interview-questions/
+[1]:http://linux.cn/article-5349-1.html
diff --git a/translated/tech/20150309 15 Interview Questions on Linux 'ls ' Command--Part 1.md b/published/201504/20150309 15 Interview Questions on Linux 'ls ' Command--Part 1.md
similarity index 63%
rename from translated/tech/20150309 15 Interview Questions on Linux 'ls ' Command--Part 1.md
rename to published/201504/20150309 15 Interview Questions on Linux 'ls ' Command--Part 1.md
index 77e42ff9e9..db7c9a3b88 100644
--- a/translated/tech/20150309 15 Interview Questions on Linux 'ls ' Command--Part 1.md
+++ b/published/201504/20150309 15 Interview Questions on Linux 'ls ' Command--Part 1.md
@@ -1,85 +1,91 @@
-关于linux中的“ls”命令的15个面试问题 - 第一部分
+15 个‘ls’命令的面试问题(一)
================================================================================
-Unix或类Unix系统中的“文件列表”命令“ls”是最基础并且使用的最广泛的命令行中工具之一。
-它是一个在GNU基本工具集以及BSD各种变体上可用的与POSIX兼容的工具。
-“ls”命令可以通过与大量的选项一起使用来达到想要的结果。
+Unix或类Unix系统中的“文件列表”命令“ls”是最基础并且使用的最广泛的命令行中工具之一。它是一个POSIX兼容工具,在GNU基本工具集以及BSD各种变体上都可以使用。“ls”命令可以结合大量的选项来达到想要的结果。
+
这篇文章的目的在于通过相关的样例来深入讨论文件列表命令。
-15个“ls”命令问题。
-### 1. 你会如何从目录中列出文件?###
+*15个“ls”命令问题。*
-答:使用linux文件列表命令“ls”驾到拯救。
+### 1. 如何列出目录中的文件?###
+
+答:linux文件列表命令“ls”就是干这个的。
# ls
-列出文件
-同时,我们也可以使用“echo(打印)”命令与一个通配符(*)相关联的方式在目录中列出其中的所有文件。
+*列出文件*
+
+同时,我们也可以使用“echo(回显)”命令与一个通配符(*)参数来雷锤目录中的所有文件。
# echo *
-列出所有的文件。
-### 2. 你会如何只通过使用echo命令来列出目录中的所有文件?###
+*列出所有的文件。*
+
+### 2. 如何只使用echo命令来只列出所有目录?###
# echo */
-列出所有的目录
-### 3. 你会怎样列出一个目录中的所有文件, 包括隐藏的dot文件?###
+*列出所有的目录*
+
+### 3. 怎样列出一个目录中的所有文件, 包括隐藏的以“.”开头的文件?###
答:我们需要将“-a”选项与“ls”命令一起使用。
# ls -a
-列出所有的隐藏文件。
-### 4. 如何列出目录中除了 “当前目录暗喻(.)”和“父目录暗喻(..)”之外的所有文件,包括隐藏文件?###
+*列出所有的隐藏文件。*
+
+### 4. 如何列出目录中除了 “当前目录 .”和“父目录 ..”之外的所有文件,包括隐藏文件?###
答: 我们需要将“-A”选项与“ls”命令一起使用
# ls -A
-别列出暗喻文件。
-### 5. 如何将当前目录中的内容使用长格式打印列表?###
+*别列出指代当前目录和父目录的文件*
+
+### 5. 如何使用长格式打印出当前目录内容?###
答: 我们需要将“-l”选项与“ls”命令一起使用。
# ls -l
-列出文件的长格式。
+
+*列出文件的长格式。*
上面的样例中,其输出结果看起来向下面这样。
drwxr-xr-x 5 avi tecmint 4096 Sep 30 11:31 Binary
-上面的drwxr-xr-x 是文件的权限,分别代表了文件所有者,组以及对整个世界。 所有者具有读(r),写(w)以及执行(x)等权限。 该文件所属组具有读(r)和执行(x)但是没有写的权限,相同的权限预示着
-对于整个世界的其他可以访问该文件的用户。
+上面的drwxr-xr-x 是文件的权限,分别代表了文件所有者,所属组以及“整个世界”。 所有者具有读(r),写(w)以及执行(x)等权限。 该文件所属组具有读(r)和执行(x)但是没有写的权限,整个世界的其他可以访问到该文件的人也具有相同权限。
- 开头的‘d’意味着这是一个目录
-- 数字'5'表示符号链接
+- 数字'5'表示符号链接(有5个符号链接)
- 文件 Binary归属于用户 “avi”以及用户组 "tecmint"
- Sep 30 11:31 表示文件最后一次的访问日期与时间。
### 6. 假如让你来将目录中的内容以长格式列表打印,并且显示出隐藏的“点文件”,你会如何实现?###
-答: 我们需要同时将"-a"和"-l"选项与“ls”命令一起使用。
+答: 我们需要同时将"-a"和"-l"选项与“ls”命令一起使用(LCTT 译注:单字符选项可以合并写)。
# ls -la
-打印目录内容
-同时,如果我们不想列出“当前目录暗喻”和"父目录暗喻",可以将“-A”和“-l”选项同“ls”命令一起使用。
+*打印目录内容*
+
+此外,如果我们不想列出“当前目录”和"父目录",可以将“-A”和“-l”选项同“ls”命令一起使用。
# ls -lA
@@ -90,9 +96,10 @@ Unix或类Unix系统中的“文件列表”命令“ls”是最基础并且使
# ls --author -l
-列出文件创建者。
-### 8. 如何对非显示字符进行转义打印?###
+*列出文件创建者。*
+
+### 8. 如何对用转义字符打印出非显示字符?###
答:我们只需要使用“-b”选项来对非显示字符进行转义打印
@@ -100,52 +107,58 @@ Unix或类Unix系统中的“文件列表”命令“ls”是最基础并且使
-### 9. 指定特定的单位格式来列出文件和目录的大小,你会如何实现?###
-答: 在此可以同时使用选项“-block-size=scale”和“-l”,但是我们需要用特定的单位如M,K等来替换‘scale’。
+### 9. 用指定特定的单位格式来列出文件和目录的大小,你会如何实现?###
+
+答: 在此可以同时使用选项“-block-size=scale”和“-l”,但是我们需要用特定的单位如M,K等来替换‘scale’参数。
# ls --block-size=M -l
# ls --block-size=K -l
-列出文件大小单位格式。
-### 10. 列出目录中的非备份文件,也就是那些文件名以‘~’结尾的文件###
+*列出文件大小单位格式。*
+
+### 10. 列出目录中的文件,但是不显示备份文件,即那些文件名以‘~’结尾的文件###
答: 选项‘-B’赶来救驾。
# ls -B
-列出非备份文件
-### 11. 将目录中的所有文件按照名称进行排序并与最后修改时间信息进行关联显示###
+*列出非备份文件*
+
+### 11. 将目录中的所有文件按照名称进行排序,并显示其最后修改时间信息?###
答: 为了实现这个需求,我们需要同时将“-c”和"-l"选项与命令一起使用。
# ls -cl
-文件排序
+
+*文件排序*
### 12. 将目录中的文件按照修改时间进行排序,并显示相关联的信息。###
-答: 我们需要同时使用3个选项--'-l','-t','-c'--与命令‘ls’一起使用来对文件使用修改时间排序,最新的修改时间排在最前。
+答: 我们需要同时使用3个选项:'-l','-t','-c' 来对文件使用修改时间排序,最新的修改时间排在最前。
# ls -ltc
-按照修改时间对文件排序。
+
+*按照修改时间对文件排序。*
### 13. 如何控制‘ls’命令的输出颜色的有无?###
-答: 需要使用选项‘--color=parameter’,parameter参数值具有三种不同值,“auto(自动)”,“always(一直)”,“never(无色)”。
+答: 需要使用选项‘--color=parameter’,参数具有三种不同值,“auto(自动)”,“always(一直)”,“never(无色)”。
# ls --color=never
# ls --color=auto
# ls --color=always
-ls的输出颜色
+
+*ls的输出颜色*
### 14. 假如只需要列出目录本身,而不是目录的内容,你会如何做?###
@@ -154,9 +167,10 @@ ls的输出颜色
# ls -d
-列出目录本身
-### 15. 为长格式列表命令"ls -l"创建别名“ll”,并将其结果输出到一个文件而不是标准输出中。###
+*列出目录本身*
+
+### 15. 为长格式列表命令"ls -l"创建一个别名“ll”,并将其结果输出到一个文件而不是标准输出中。###
答:在上述的这个场景中,我们需要将别名添加到.bashrc文件中,然后使用重定向操作符将输出写入到文件而不是标准输出中。我们将会使用编辑器nano。
@@ -166,13 +180,14 @@ ls的输出颜色
# nano ll.txt
-为ls命令创建别名。
+
+*为ls命令创建别名。*
先到此为止,别忘了在下面的评论中提出你们的宝贵意见,我会再次带着另外的有趣的文章在此闪亮登场。
### 参考阅读:###
-- [10 个‘ls’命令的面试问题-第二部分][1]
+- [10 个‘ls’命令的面试问题(二)][1]
- [Linux中15个基础的'ls'命令][2]
--------------------------------------------------------------------------------
@@ -187,4 +202,4 @@ via: http://www.tecmint.com/ls-command-interview-questions/
[a]:http://www.tecmint.com/author/avishek/
[1]:http://www.tecmint.com/ls-interview-questions/
-[2]:http://www.tecmint.com/15-basic-ls-command-examples-in-linux/
+[2]:http://linux.cn/article-5109-1.html
diff --git a/published/20150310 4 Linux Based Mini PC You Can Buy In 2015.md b/published/201504/20150310 4 Linux Based Mini PC You Can Buy In 2015.md
similarity index 100%
rename from published/20150310 4 Linux Based Mini PC You Can Buy In 2015.md
rename to published/201504/20150310 4 Linux Based Mini PC You Can Buy In 2015.md
diff --git a/published/201504/20150310 How To Get Email Alerts for SSH Login on Linux Server.md b/published/201504/20150310 How To Get Email Alerts for SSH Login on Linux Server.md
new file mode 100644
index 0000000000..06d06029fc
--- /dev/null
+++ b/published/201504/20150310 How To Get Email Alerts for SSH Login on Linux Server.md
@@ -0,0 +1,59 @@
+如何设置 Linux 上 SSH 登录的 Email 提醒
+================================================================================
+
+
+虚拟私有服务器 (VPS)上启用 SSH 服务使得该服务器暴露到互联网中,为黑客攻击提供了机会,尤其是当 VPS 还允许root 直接访问时。VPS 应该为每次 SSH 登录成功尝试配置一个自动的 email 警告。 VPS 服务器的所有者会得到各种 SSH 服务器访问日志的通知,例如登录者、登录时间以及来源 IP 地址等信息。这是一个对于服务器拥有者来说,保护服务器避免未知登录尝试的重要安全关注点。这是因为如果黑客使用暴力破解方式通过 SSH 来登录到你的 VPS 的话,后果很严重。在本文中,我会解释如何在 CentOS 6、 CentOS 7、 RHEL 6 和 RHEL 7上为所有的 SSH 用户登录设置一个 email 警告。
+
+1. 使用root用户登录到你的服务器;
+
+2. 在全局源定义处配置警告(/etc/bashrc),这样就会对 root 用户以及普通用户都生效:
+
+ [root@vps ~]# vi /etc/bashrc
+
+ 将下面的内容加入到上述文件的尾部。
+
+ echo 'ALERT - Root Shell Access (vps.ehowstuff.com) on:' `date` `who` | mail -s "Alert: Root Access from `who | cut -d'(' -f2 | cut -d')' -f1`" recipient@gmail.com
+
+3. 你也可以选择性地让警告只对 root 用户生效:
+
+ [root@vps ~]# vi .bashrc
+
+ 将下面的内容添加到/root/.bashrc的尾部:
+
+ echo 'ALERT - Root Shell Access (vps.ehowstuff.com) on:' `date` `who` | mail -s "Alert: Root Access from `who | cut -d'(' -f2 | cut -d')' -f1`" recipient@gmail.com
+
+ 整个配置文件样例:
+
+ # .bashrc
+
+ # User specific aliases and functions
+
+ alias rm='rm -i'
+ alias cp='cp -i'
+ alias mv='mv -i'
+
+ # Source global definitions
+ if [ -f /etc/bashrc ]; then
+ . /etc/bashrc
+ fi
+ echo 'ALERT - Root Shell Access (vps.ehowstuff.com) on:' `date` `who` | mail -s "Alert: Root Access from `who | cut -d'(' -f2 | cut -d')' -f1`" recipient@gmail.com
+
+4. 你也可以选择性地让警告只对特定的普通用户生效(例如 skytech):
+
+ [root@vps ~]# vi /home/skytech/.bashrc
+
+ 将下面的内容加入到/home/skytech/.bashrc文件尾部:
+
+ echo 'ALERT - Root Shell Access (vps.ehowstuff.com) on:' `date` `who` | mail -s "Alert: Root Access from `who | cut -d'(' -f2 | cut -d')' -f1`" recipient@gmail.com
+
+--------------------------------------------------------------------------------
+
+via: http://www.ehowstuff.com/how-to-get-email-alerts-for-ssh-login-on-linux-server/
+
+作者:[skytech][a]
+译者:[theo-l](https://github.com/theo-l)
+校对:[wxy](https://github.com/wxy)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[a]:http://www.ehowstuff.com/author/mhstar/
diff --git a/published/20150316 Linux FAQs with Answers--How to convert between local time and UNIX timestamp in Perl.md b/published/201504/20150316 Linux FAQs with Answers--How to convert between local time and UNIX timestamp in Perl.md
similarity index 100%
rename from published/20150316 Linux FAQs with Answers--How to convert between local time and UNIX timestamp in Perl.md
rename to published/201504/20150316 Linux FAQs with Answers--How to convert between local time and UNIX timestamp in Perl.md
diff --git a/published/20150318 Fedora GNOME Keyboard Shortcuts.md b/published/201504/20150318 Fedora GNOME Keyboard Shortcuts.md
similarity index 100%
rename from published/20150318 Fedora GNOME Keyboard Shortcuts.md
rename to published/201504/20150318 Fedora GNOME Keyboard Shortcuts.md
diff --git a/published/201504/20150318 Install And Use 'Go For It!' To Do App In Linux.md b/published/201504/20150318 Install And Use 'Go For It!' To Do App In Linux.md
new file mode 100644
index 0000000000..d76fecea59
--- /dev/null
+++ b/published/201504/20150318 Install And Use 'Go For It!' To Do App In Linux.md
@@ -0,0 +1,91 @@
+在Linux上安装使用‘Go for it!’备忘软件
+===============================================================================
+
+
+你在 Linux 桌面是如何管理任务和备忘的?我喜欢[用 Ubuntu 的粘帖便签][1]很久了。但是我要面对与其他设备同步的麻烦,特别是我的智能手机。这就是我为什么选择使用 [Google Keep][2] 的原因了。
+
+Google Keep 是一款功能丰富的软件,我十分喜爱,而且喜欢到把它叫做 [Linux 的 Evernote ][3]地步。但是并不是每个人都喜欢一款功能丰富的备忘录软件。极简主义是目前的主流,很多人喜欢。如果你是极简主义的追求者之一,而且正在寻找一款开源的备忘录软件,那么你应该试一试 [Go For It!][4]。
+
+### Go For It!高效的Linux桌面软件 ###
+
+Go For It!是一款简洁的备忘软件,借助定时提醒帮助你专注于工作。所以,当你添加一个任务到列表后,可以附上一个定时器。到设定时间后,它就会提醒你去做任务。你可以看看其帅哥开发者 [Manuel Kehl][5] 制作的视频(youtube 视频) : https://www.youtube.com/watch?v=mnw556C9FZQ
+
+### 安装 Go For It!###
+
+要在 Ubuntu 15.04,14.04 和其他基于 Ubuntu 的Linux 发行版,如Linux Mint, elementary OS Freya 等上面安装 Go For It!请使用这款软件官方的 PPA:
+
+ sudo add-apt-repository ppa:mank319/go-for-it
+ sudo apt-get update
+ sudo apt-get install go-for-it
+
+你也可以下载 .deb 包,Windows 安装包和源代码,链接如下:
+
+- [Download source code][6]
+- [Download .deb binaries][7]
+- [Download for Windows][8]
+
+### 在Linux桌面使用 Go For It!###
+
+Go For It!使用真心方便。你只需添加任务到列表中,任务会自动存入 todo.txt 文件中。
+
+
+
+每个任务默认定时25分钟。
+
+
+
+任务一旦完成,就会被自动存档到 done.txt 文件中。根据设置,它会在规定的时间间隔或者任务过期前不久,发送桌面提醒:
+
+
+
+你可以从配置里面修改所有的偏好。
+
+
+
+目前一切都看着挺好。但是在智能手机上使用体验怎样呢?如果你不能使它在不同设备间同步,那这款高效软件就是不完整的。好消息是 Go For It!是基于 [todo.txt][9] 的,这意味着你可以用第三方软件和像 Dropbox 一样的云服务来使用它。
+
+### 在安卓手机和平板上使用Go For It! ###
+
+在这里你需要做一些工作。首先的首先,在 Linux 和你的安卓手机上安装 Dropbox,如果之前没有安装的话。下一步你要做的就是要配置 Go For It!和 **修改 todo.txt 的目录到 Dropbox 的路径下**。
+
+然后,你得去下载 [Simpletask Andriod app][10]。这是免费的应用。安装它。当你第一次运行 Simletask 的时候,你会被要求关联你的账号到 Dropbox:
+
+
+
+一旦你完成了 Simpletask 与 Dropbox 的关联,就可以打开应用了。如果你已经修改了 Go For It 的配置,将文件保存到Dropbox 上,你就应该可以在 Simpletask 里看到。而如果你没有看到,点击应用底部的设置,选择 Open Todo file 的选项:
+
+
+
+现在,你应该可以看到 Simpletask 同步的任务了。
+
+### 总结 ###
+
+对于 Simpletask,你就可以以类似[标记语言工具][11]的风格使用它。对于小巧和专注而言,Go For It!是一款不错的备忘软件。一个干净的界面是额外的加分点。如果拥有它自己的手机应用就更好了,但是我们也有临时替代方案了。
+
+底层来讲,Go For It! 不会运行在后台。这就是说,你不得不让它一直保持运行。它甚至没有一个最小化的按钮,这有一点小小的烦扰。我想要看到的是有一个小的指示程序,运行在后台,并且快速进入主面板,这肯定会提升其可用性。
+
+试试 Go For It!吧,分享一下你的使用体验。在 Linux 桌面上,你还使用了哪些其他的备忘软件?比起其他你最喜欢的同类应用,Go For It!怎么样?
+
+-------------------------------------------------------------------------------
+
+
+via: http://itsfoss.com/go-for-it-to-do-app-in-linux/
+
+作者:[Abhishek][a]
+译者:[wi-cuckoo](https://github.com/wi-cuckoo)
+校对:[wxy](https://github.com/wxy)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[a]:http://itsfoss.com/author/abhishek/
+[1]:http://itsfoss.com/indicator-stickynotes-windows-like-sticky-note-app-for-ubuntu/
+[2]:http://itsfoss.com/install-google-keep-ubuntu-1310/
+[3]:http://itsfoss.com/5-evernote-alternatives-linux/
+[4]:http://manuel-kehl.de/projects/go-for-it/
+[5]:http://manuel-kehl.de/about-me/
+[6]:https://github.com/mank319/Go-For-It
+[7]:https://launchpad.net/~mank319/+archive/ubuntu/go-for-it
+[8]:http://manuel-kehl.de/projects/go-for-it/download-windows-version/
+[9]:http://todotxt.com/
+[10]:https://play.google.com/store/apps/details?id=nl.mpcjanssen.todotxtholo&hl=en
+[11]:http://itsfoss.com/install-latex-ubuntu-1404/
diff --git a/translated/talk/20150318 The future of Linux storage.md b/published/201504/20150318 The future of Linux storage.md
similarity index 86%
rename from translated/talk/20150318 The future of Linux storage.md
rename to published/201504/20150318 The future of Linux storage.md
index 23a2dfc674..f2224a5bb7 100644
--- a/translated/talk/20150318 The future of Linux storage.md
+++ b/published/201504/20150318 The future of Linux storage.md
@@ -2,7 +2,7 @@ Linux存储的未来
================================================================================
> **摘要**:Linux系统的软件开发者们正致力于使Linux支持更多种类的文件和存储方案。
-波士顿 - 在[Linux基金会][1]最近的[Vault][2]展示会上,全都是关于文件系统和存储方案的讨论。你可以会想关于这两个主题并没有什么展值得讨论的最新进展,但事实并非如此。
+波士顿 - 在[Linux基金会][1]最近的[Vault][2]展示会上,全都是关于文件系统和存储方案的讨论。你可以会觉得关于这两个主题并没有什么值得讨论的最新进展,但事实并非如此。
@@ -14,17 +14,17 @@ Linux存储的未来
### Btrfs ###
-例如,Chris Mason,一位来自Facebook的软件工程师,也是[Btrfs][6](对外宣称Butter FS)的维护者之一,说明了Facebook是如何使用这种文件系统。Btrfs拥有文件系统固有的许多优点,比如既能处理大量的小文件,也能处理大小可达16EB的单个文件;支持RAID的baked(烦请校正补充);内置的文件系统压缩,以及集成了对多种存储设备的支持。
+例如,Chris Mason,一位来自Facebook的软件工程师,也是[Btrfs][6](念做 Butter FS)的维护者之一,介绍了Facebook是如何使用这种文件系统。Btrfs拥有文件系统固有的许多优点,比如既能处理大量的小文件,也能处理大小可达16EB的单个文件;支持RAID ;内置的文件系统压缩,以及集成了对多种存储设备的支持。
-当然,Facebook的服务器也运行在Linux上。更准确地讲,是运行在一个基于[CentOS][7]的内部发行版上,它是基于3.10和3.18版的内核。对Facebook来说,真正的收获是Btrfs在由Facebook持续的更新用户操作带来的巨大的IOPS(每秒钟输入输出的操作数)的负载下依旧保持稳定和快速。
+当然,Facebook的服务器也运行在Linux上。更准确地讲,是运行在一个基于[CentOS][7]的内部发行版上,它是基于3.10和3.18版的内核。对Facebook来说,真正的收获是Btrfs在Facebook持续更新的用户操作所带来的巨大的IOPS(每秒钟输入输出的操作数)的负载下依旧保持稳定和快速。
这就是好消息,但坏消息是对于像MySQL一样的传统DBMS(数据库管理系统)来说Btrfs还是太慢了。对此,Facebook采用了[XFS][8]。为了协同这两种文件系统,Facebook又用到了一种叫做[Gluster][9]的开源分布式文件系统。
-Facebook,一直与上游的负责Btrfs的Linux内核开发者保持密切联系,致力于提高Btrfs在DBMS上的速度。Mason和他的同事在[RocksDB][10]数据库上使用Btrfs以达成目标,RocksDB是一种为提供快速存储开发的持久化键值存储系统,可以作为客户端服务器模式数据库的基础部分。
+Facebook,一直与上游的负责Btrfs的Linux内核开发者保持密切联系,致力于提高Btrfs在DBMS上的速度。Mason和他的同事的目标是在[RocksDB][10]数据库上使用Btrfs,RocksDB是一种为提供快速存储开发的持久化键值存储系统,可以作为客户端服务器模式数据库的基础部分。
当然Btrfs也还存在一些问题,比如,如果有用户傻到用数据把硬盘几乎要撑爆时,Btrfs会在硬盘被完全装满前阻止用户继续写入。对某些工程来说,比如[CoreOS][12],一款依赖容器化的企业版Linux系统,这种问题是致命的。[因此,CoreOS已经切换到使用xt4和overlayfs了][11]。
-Btrfs的开发人员正致力于数据去重。在这一点上,当文件系统中拥有超过一个的相同文件时,会自动删除多余文件。正如Mason所说,“并非每个人都需要这个功能,但如果有人需要,那就是真的需要!”
+Btrfs的开发人员正致力于数据去重。在这一点上,当文件系统中拥有超过一个的相同文件时,会自动删除多余文件。正如Mason所说,“并非每个人都需要这个功能,但如果有人需要,那就是真的有用!”
在正在开展的重要性工作中,Btrfs并非是唯一的文件系统。John Spary,[Red Hat][13]的一位高级软件工程师,提到了另一款名为[Ceph][14]的分布式文件系统。
@@ -38,7 +38,7 @@ Ceph提供了一种分布式对象存储方案和文件系统,反过来它依
但是,Ceph FS仍值得去做,正如Spray所说,“因为兼容POSIX的文件系统是操作系统通用的。”这并不是说Ceph FS就一无是处。“它并不是支离破碎的,相反它奏效了。所缺的是修复和监控工具。”
-Red Hat目前正致力于获得[fsck][17]和日志修复工具、快照强化、更好客户端访问控制,以及云与容器的集成。尽管Ceph FS到目前为止只是一种有潜力或者没前景的文件系统,但仍然值得用在生产环境中。
+Red Hat目前正致力于完成[fsck][17]和日志修复工具开发、快照强化、更好客户端访问控制,以及云与容器的集成。尽管Ceph FS到目前为止只是一种有潜力或者没前景的文件系统,但仍然值得用在生产环境中。
### 文件与存储的差别与目标 ###
@@ -56,7 +56,7 @@ via: http://www.zdnet.com/article/linux-storage-futures/
作者:[Steven J. Vaughan-Nichols][a]
译者:[KayGuoWhu](https://github.com/KayGuoWhu)
-校对:[校对者ID](https://github.com/校对者ID)
+校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
diff --git a/published/201504/20150323 Papyrus--An Open Source Note Manager.md b/published/201504/20150323 Papyrus--An Open Source Note Manager.md
new file mode 100644
index 0000000000..e5742facde
--- /dev/null
+++ b/published/201504/20150323 Papyrus--An Open Source Note Manager.md
@@ -0,0 +1,59 @@
+Papyrus:开源笔记管理工具
+================================================================================
+
+
+在上一篇帖子中,我们介绍了[待办事项管理软件Go For It!][1]。今天我们将介绍一款名为**Papyrus的开源笔记软件**
+
+[Papyrus][2] 是[Kaqaz 笔记管理][3]的一个分支,使用 Qt5 开发。它不仅有简洁、易用的界面,(其宣称)还具备了较好的安全性。由于强调简洁,我觉得 Papyrus 与 OneNote 比较相像。你可以将你的笔记像"纸张"一样分类整理,还可以给他们添加标签进行分组。够简单的吧!
+
+## Papyrus 的特性: ###
+
+虽然 Papyrus 强调简洁,它依然有很多丰富的功能。它的一些主要功能如下:
+- 按类别和标签管理笔记
+- 高级搜索选项
+- 触屏模式
+- 全屏选项
+- 备份至 Dropbox/硬盘/外部存储
+- 允许加密某些页面
+- 可与其他软件共享笔记
+- 与 Dropbox 加密同步
+- 除 Linux 外,还可在 Android,Windows 和 OS X 使用
+
+### 安装 Papyrus ###
+
+Papyrus 为 Android 用户提供了 APK 安装包。Windows 和 OS X 也有安装文件。Linux 用户还可以获取程序的源码。Ubuntu 及其它基于 Ubuntu 的发行版可以使用 .deb 包进行安装。根据你的系统及习惯,你可以从 Papyrus 的下载页面中获取不同的文件:
+
+- [下载 Papyrus][4]
+
+### 软件截图 ###
+
+以下是此软件的一些截图:
+
+
+
+
+
+
+
+
+
+
+试试Papyrus吧,你会喜欢上它的。在下方评论区和我们分享你的使用经验吧。
+
+(LCTT译注:此软件暂无中文版)
+
+--------------------------------------------------------------------------------
+
+via: http://itsfoss.com/papyrus-open-source-note-manager/
+
+作者:[Abhishek][a]
+译者:[KevinSJ](https://github.com/KevinSJ)
+校对:[Caroline](https://github.com/carolinewuyan)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[a]:http://itsfoss.com/author/abhishek/
+[1]:http://linux.cn/article-5337-1.html
+[2]:http://aseman.co/en/products/papyrus/
+[3]:https://github.com/sialan-labs/kaqaz/
+[4]:http://aseman.co/en/products/papyrus/
diff --git a/published/20150323 Red Hat Developer Toolset 3.1 beta arrives.md b/published/201504/20150323 Red Hat Developer Toolset 3.1 beta arrives.md
similarity index 100%
rename from published/20150323 Red Hat Developer Toolset 3.1 beta arrives.md
rename to published/201504/20150323 Red Hat Developer Toolset 3.1 beta arrives.md
diff --git a/published/20150324 How to Install Telegram Messenger Application on Linux.md b/published/201504/20150324 How to Install Telegram Messenger Application on Linux.md
similarity index 100%
rename from published/20150324 How to Install Telegram Messenger Application on Linux.md
rename to published/201504/20150324 How to Install Telegram Messenger Application on Linux.md
diff --git a/translated/tech/20150324 Prips--Print IP address on a given range.md b/published/201504/20150324 Prips--Print IP address on a given range.md
similarity index 83%
rename from translated/tech/20150324 Prips--Print IP address on a given range.md
rename to published/201504/20150324 Prips--Print IP address on a given range.md
index a628c1e122..4d663bb953 100644
--- a/translated/tech/20150324 Prips--Print IP address on a given range.md
+++ b/published/201504/20150324 Prips--Print IP address on a given range.md
@@ -10,7 +10,7 @@ prips是一个可以打印出指定范围内所有ip地址的一个工具。它
### 使用prips ###
-### prips语法 ###
+prips语法
prips [-c] [-d delim] [-e exclude] [-f format] [-i incr] start end
prips [-c] [-d delim] [-e exclude] [-f format] [-i incr] CIDR-block
@@ -20,10 +20,10 @@ prips是一个可以打印出指定范围内所有ip地址的一个工具。它
prips接受下面的命令行选项:
- -c -- 以CIDR形式打印范围。
-- -d delim -- 用ASCII码作为分隔符,0 <= delim <= 255。
+- -d 分隔符 -- 用ASCII码作为分隔符,0 <= 分隔符 <= 255。
- -e -- 排除输出的范围。
-- -f format -- 设置地址格式 (16进制, 10进制, 或者dot).
-- -i incr -- 设置增长上限
+- -f 格式 -- 设置地址格式 (hex:16进制, dec:10进制, 或者dot:以点分隔).
+- -i 增长 -- 设置增长上限
### Prips示例 ###
@@ -31,7 +31,7 @@ prips接受下面的命令行选项:
prips 192.168.32.0 192.168.32.255
-同样使用CIDR标示:
+同上面一样,使用CIDR标示:
prips 192.168.32/24
@@ -53,7 +53,7 @@ via: http://www.ubuntugeek.com/prips-print-ip-address-on-a-given-range.html
作者:[ruchi][a]
译者:[geekpi](https://github.com/geekpi)
-校对:[校对者ID](https://github.com/校对者ID)
+校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
diff --git a/translated/share/20150326 Mydumper--Mysql Database Backup tool.md b/published/201504/20150326 Mydumper--Mysql Database Backup tool.md
similarity index 57%
rename from translated/share/20150326 Mydumper--Mysql Database Backup tool.md
rename to published/201504/20150326 Mydumper--Mysql Database Backup tool.md
index 97e83e0933..dd1fd14110 100644
--- a/translated/share/20150326 Mydumper--Mysql Database Backup tool.md
+++ b/published/201504/20150326 Mydumper--Mysql Database Backup tool.md
@@ -1,16 +1,13 @@
Mydumper - MySQL数据库备份工具
================================================================================
-Mydumper 是MySQL数据库服务器备份工具,它比MySQL自带的mysqldump快很多。它还有在转储本身的时候检索远程服务器二进制日志文件的能力。
+Mydumper 是 MySQL 数据库服务器备份工具,它比 MySQL 自带的 mysqldump 快很多。它还有在转储的同时获取远程服务器二进制日志文件的能力。
### Mydumper 的优势 ###
-o 并行性 (因此有高速度) 和 性能 (避免了昂贵的字符集转换例程, 高效的代码)
-
-o 更容易管理输出 (每个表独立的文件,转储元数据等,简单的查看/解析数据)
-
-o 一致性 -- 在所有线程中维护快照, 提供准确的主从结点日志位置等。
-
-o 可管理性 -- 支持对包含和排除指定的数据库和表的PCRE操作(译者注:PCRE,Perl Compatible Regular Expression,Perl兼容正则表达式)
+- 并行能力 (因此有高速度) 和性能 (高效的代码避免了耗费 CPU 处理能力的字符集转换过程)
+- 更容易管理输出 (每个表都对应独立的文件,转储元数据等,便于查看/解析数据)
+- 一致性 :跨线程维护快照, 提供精确的主从日志定位等。
+- 可管理性 : 支持用 PCRE 来包含/排除指定的数据库和表(LCTT译注:PCRE,Perl Compatible Regular Expression,Perl兼容正则表达式)
### 在Ubuntu上安装 mydumper ###
@@ -26,20 +23,20 @@ o 可管理性 -- 支持对包含和排除指定的数据库和表的PCRE操作(
应用程序选项:
-- -B, --database 转储的数据库
-- -T, --tables-list 逗号分隔的转储表列表(不排除正则表达式)
+- -B, --database 要转储的数据库
+- -T, --tables-list 逗号分隔的转储表列表(不会被正则表达式排除)
- -o, --outputdir 保存输出文件的目录
- -s, --statement-size 插入语句的字节大小, 默认是1000000个字节
-- -r, --rows 把表分为每个这么多行的块
+- -r, --rows 把表按行数切块
- -c, --compress 压缩输出文件
-- -e, --build-empty-files 尽管表中没有数据也创建输出文件
-- -x, --regex 匹配‘db.table'的正则表达式
-- -i, --ignore-engines 逗号分隔的忽略存储引擎列表
-- -m, --no-schemas 不转储有数据的表架构
-- -k, --no-locks 不执行临时共享读锁. 警告: 这会导致备份的不一致性
+- -e, --build-empty-files 空表也输出文件
+- -x, --regex 匹配‘db.table’的正则表达式
+- -i, --ignore-engines 以逗号分隔的被忽略的存储引擎列表
+- -m, --no-schemas 不转储表架构
+- -k, --no-locks 不执行临时共享读锁。警告: 这会导致备份的不一致性
- -l, --long-query-guard 设置长查询的计时器秒数,默认是60秒
-- --kill-long-queries 杀死长查询 (而不是退出)
-- -b, --binlogs 获取二进制日志文件和转储数据的快照
+- --kill-long-queries 杀死长查询 (而不是退出程序)
+- -b, --binlogs 获取二进制日志文件快照并转储数据
- -D, --daemon 开启守护进程模式
- -I, --snapshot-interval 每个转储快照之间的间隔时间(分钟), 需要开启 --daemon, 默认是60分钟
- -L, --logfile 日志文件的名字,默认是stdout
@@ -67,21 +64,21 @@ o 可管理性 -- 支持对包含和排除指定的数据库和表的PCRE操作(
--threads=2 \
--compress-protocol
-Mydumper输出数据的说明
+Mydumper 输出数据的说明
-Mydumper不直接指定输出的文件,而是输出到文件夹的文件中。--outputdir 选项指定要使用的目录名称。
+Mydumper 不直接指定输出的文件,而是输出到文件夹的文件中。--outputdir 选项指定要使用的目录名称。
输出分为两部分
-架构
+**表结构**
-对数据库中的每个表,创建包含 CREATE TABLE 语句的文件。文件命名为:
+对数据库中的每个表,创建一个包含 CREATE TABLE 语句的文件。文件命名为:
dbname.tablename-schema.sql.gz
-数据
+**数据**
-对于每个行数多余--rows参数的表, 创建文件名字为:
+每个表名跟着按 --rows 参数所切块的数量, 创建文件名字为:
dbname.tablename.0000n.sql.gz
@@ -103,7 +100,7 @@ via: http://www.ubuntugeek.com/mydumper-mysql-database-backup-tool.html
作者:[ruchi][a]
译者:[ictlyh](https://github.com/ictlyh)
-校对:[校对者ID](https://github.com/校对者ID)
+校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
diff --git a/translated/share/20150330 Picty--Managing Photos Made Easy.md b/published/201504/20150330 Picty--Managing Photos Made Easy.md
similarity index 58%
rename from translated/share/20150330 Picty--Managing Photos Made Easy.md
rename to published/201504/20150330 Picty--Managing Photos Made Easy.md
index 644501a65e..d1b9fb63bb 100644
--- a/translated/share/20150330 Picty--Managing Photos Made Easy.md
+++ b/published/201504/20150330 Picty--Managing Photos Made Easy.md
@@ -1,19 +1,17 @@
-Translated by H-mudcup
-
Picty:让图片管理变简单
================================================================================
### 关于Picty ###
-**Picty**是个免费,简单,却强大的照片收藏管理器,它可以帮助你管理你的照片。它的设计围绕着管理**元数据**和**无损**的处理图像的方法。Picty目前同时支持在线(基于网页的)和离线(本地的)收藏集。在本地的收藏集中,图片将被保存在一个本地的文件夹和它的子文件夹中。为了加快用户主目录里图片的查询速度,它会维持一个数据库。在在线(基于网页的)收藏集中,你可以通过网页浏览器上传并分享图片。拥有适当权限的个人用户可以把图片分享给任何人,而且每个用户可以同时开放多个收藏集,收藏集也可以被多个用户分享。通过一个转载插件在收藏集间传递图片就有了个简单的交互界面。
+**Picty**是个免费,简单,却强大的照片收藏管理器,它可以帮助你管理你的照片。它是围绕着**元数据**管理和图像**无损**处理设计的。Picty目前同时支持在线(基于网页的)和离线(本地的)收藏集。在本地的收藏集中,图片将被保存在一个本地的文件夹及其子文件夹中。为了加快用户主目录里图片的查询速度,它会维持一个数据库。在在线(基于网页的)收藏集中,你可以通过网页浏览器上传并分享图片。拥有适当权限的个人用户可以把图片分享给任何人,而且用户可以同时打开多个收藏集,收藏集也可以分享给多个用户。有个简单的界面可以通过传输插件在收藏集之间传输图片。
-你可以从你的相机或任何设备中下载任何数量的照片。除此之外,Picty允许你在下载前浏览在你相机里的图片集。Picty是个轻量级的应用,还有着清爽的界面。它支持Linux和Windows平台。
+你可以从你的相机或任何设备中下载任何数量的照片。除此之外,Picty允许你在下载前浏览在你相机里的图片集。Picty是个轻量级的应用,界面清爽。它支持Linux和Windows平台。
### 功能 ###
- 支持大相片集(20000张以上)。
-- 同时开放多个收藏集还可以在它们之间传照片。
+- 同时打开多个收藏集,还可以在它们之间传照片。
- 收藏集包括:
- 本地文件系统中保存图片的文件夹。
- 相机、电话及其他媒体设备中的图片。
@@ -21,28 +19,28 @@ Picty:让图片管理变简单
- Picty不是把相片“导入”到它的数据库中,它仅仅提供了一个界面来访问它们,不管它们保存在哪。为了保持迅速的反应以及能使你在离线时浏览图片的能力,Picty会保存缩略图和元数据的缓存。
- 以业界标准格式Exif、IPTC和Xmp读写元数据。
- 无损的方法:
- - Picty把所有改变包括图像编辑以元数据写入。例如,一个图片可以以任何方式剪切保存,原来的像素仍然保存在该文件里。
- - 修改会保存在Picty的收藏集缓存中直到你把你对元数据的修改保存到图片中。你能很容易撤销你不喜欢的未保存的修改。
-- 基本图片编辑:
+ - Picty把所有改变包括图像编辑以元数据的方式写入。例如,一个图片可以以任何方式剪切保存,原来的图像仍然保存在该文件里。
+ - 修改会保存在Picty的收藏集缓存中直到你把你对元数据的修改保存到图片中,所以你能很容易撤销你不喜欢的未保存的修改。
+- 基本图片编辑功能:
- 目前支持基本的图像增强,如亮度、对比度、色彩、剪切以及矫正。
- - Improvements to those tools and other tools coming soon (red eye reduction, levels, curves, noise reduction)对这些工具的改善和其他的工具即将到来。(红眼消除、拉伸、弯曲、噪声消除)
+ - 将要推出一些工具改进及更多工具。(红眼消除、拉伸、弯曲、噪声消除)
- 图片标签:
- 使用标准的IPTC和Xmp关键词为图片做标签。
- - 一个树状标签图让你能很容易的管理标签和对你的收藏集进行导航。
+ - 一个树状标签图让你能很容易的管理标签和在收藏集内导航。
- 文件夹视图:
- - 按照目录的结构对你的图片收藏进行导航
+ - 按照目录的结构对你的图片收藏集进行导航
- 支持多屏显示
- Picty可以设置成让你在一个屏幕上浏览你的收藏集同时在另一个屏幕上全屏显示图片。
- 可个性化
- 可以为外部工具创建快捷方式
- 支持插件——目前提供的功能中有许多(标签和文件夹视图以及所有的图片编辑工具)都可以通过插件提供。
- - 使用Python编写——自带batteries!(python的这个特点使它可在mac、Linux和windows上直接安装使用,无需复杂的设置。)
+ - 使用Python编写——内置电池(batteries included)!
### 安装方法 ###
#### 1、从PPA安装 ####
-Picty开发人员为基于Debian的发行版,如Ubuntu,创建了一个PPA,让安装更简单。
+Picty开发人员为Ubuntu这样的基于 Debian的发行版创建了一个PPA,让安装更简单。
要在Ubuntu和它的衍生版上安装,请运行以下命令:
@@ -76,13 +74,13 @@ Picty开发人员为基于Debian的发行版,如Ubuntu,创建了一个PPA,
-你可以选择已存在的收藏集、设备或目录。让我们创建一个**新收藏集** 。要这样做,得先点击新收藏集(New Collection)按钮。进入收藏集,然后浏览都你保存图片的地方。最后,点击**创建(Create)**按钮。
+你可以选择已存在的收藏集、设备或目录。这里让我们创建一个**新收藏集** ,请先点击新收藏集(New Collection)按钮。进入收藏集,然后浏览到你保存图片的地方。最后,点击**创建(Create)**按钮。
-你可以修改,旋转,添加/移除标签,设置每个图片的描述。要这么做,只需右击任何一个图片然后爱做什么做什么。
+你可以对每张图片进行修改,旋转,添加/移除标签,设置描述。只需右击任何一个图片然后爱做什么做什么。
访问下面这个Google组可以得到更多关于Picty相片管理器的信息和支持。
@@ -96,7 +94,7 @@ via: http://www.unixmen.com/picty-managing-photos-made-easy/
作者:[SK][a]
译者:[H-mudcup](https://github.com/H-mudcup)
-校对:[校对者ID](https://github.com/校对者ID)
+校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
diff --git a/published/20150402 The VirtualBox 5.0 beta is finally here.md b/published/201504/20150402 The VirtualBox 5.0 beta is finally here.md
similarity index 100%
rename from published/20150402 The VirtualBox 5.0 beta is finally here.md
rename to published/201504/20150402 The VirtualBox 5.0 beta is finally here.md
diff --git a/translated/tech/150409 How to Run GUI Apps in a Docker Container.md b/published/201504/20150409 How to Run GUI Apps in a Docker Container.md
similarity index 73%
rename from translated/tech/150409 How to Run GUI Apps in a Docker Container.md
rename to published/201504/20150409 How to Run GUI Apps in a Docker Container.md
index abca032354..4f2e439799 100644
--- a/translated/tech/150409 How to Run GUI Apps in a Docker Container.md
+++ b/published/201504/20150409 How to Run GUI Apps in a Docker Container.md
@@ -1,12 +1,12 @@
如何在Docker容器中运行GUI程序
================================================================================
-各位,今天我们将学习如何在[Docker][1]之中运行GUI程序。我们可以轻易地在Docker容器中运行大多数GUI程序且不出错。Docker是一个开源项目,提供了一个打包、分发和运行任意程序的轻量级容器的开放平台。它没有语言支持、框架或者打包系统的限制并可以在任何地方、任何时候,从小型的家用电脑到高端的服务器都可以运行。这让人们可以打包不同的包用于部署和扩展网络应用,数据库和后端服务而不必依赖于特定的栈或者提供商。
+各位,今天我们将学习如何在[Docker][1]之中运行GUI程序。我们可以轻易地在Docker容器中运行大多数GUI程序且不出错。Docker是一个开源项目,提供了一个打包、分发和运行任意程序的轻量级容器的开放平台。它没有语言支持、框架或者打包系统的限制,并可以运行在任何地方、任何时候,从小型的家用电脑到高端的服务器都可以运行。这让人们可以打包不同的包用于部署和扩展网络应用,数据库和后端服务而不必依赖于特定的栈或者提供商。
下面是我们该如何在Docker容器中运行GUI程序的简单步骤。本教程中,我们会用Firefox作为例子。
### 1. 安装 Docker ###
-在开始事前,我们首先得确保在Linux主机中已经安装了Docker。这里,我运行的是CentOS 7 主机,我们将运行yum管理器和下面的命令来安装Docker。
+在开始前,我们首先得确保在Linux主机中已经安装了Docker。这里,我运行的是CentOS 7 主机,我们将运行yum管理器和下面的命令来安装Docker。
# yum install docker
@@ -16,7 +16,7 @@
### 2. 创建 Dockerfile ###
-现在,Docker守护进程已经在运行中了,我们现在准备创建自己的Firefox Docker容器。我们要创建一个Dockerfile,这里我们要输入需要的配置来创建一个可以工作的Firefox容器。我们取下CentOS中最新的Docker镜像。至此,我们需要用文本编辑器创建一个名为Dockerfile的文件。
+现在,Docker守护进程已经在运行中了,我们现在准备创建自己的Firefox Docker容器。我们要创建一个Dockerfile,在其中我们要输入需要的配置来创建一个可以工作的Firefox容器。为了运行 Docker 镜像我们需要使用最新版本的CentOS。要创建 Docker 镜像,我们需要用文本编辑器创建一个名为Dockerfile的文件。
# nano Dockerfile
@@ -25,12 +25,12 @@
#!/bin/bash
FROM centos:7
RUN yum install -y firefox
- # Replace 0 with your user / group id
+ # 用你自己的 uid /gid 替换下面的0
RUN export uid=0 gid=0
RUN mkdir -p /home/developer
RUN echo "developer:x:${uid}:${gid}:Developer,,,:/home/developer:/bin/bash" >> /etc/passwd
RUN echo "developer:x:${uid}:" >> /etc/group
- RUN echo "developer ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers
+ RUN echo "developer ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
RUN chmod 0440 /etc/sudoers
RUN chown ${uid}:${gid} -R /home/developer
@@ -56,13 +56,13 @@
### 4. 运行Docker容器 ###
-现在,如果一切顺利,我们现在可以在运行着CentOS 7镜像的Docker容器中运行我们的GUI程序也就是Firefox浏览器了。
+现在,如果一切顺利,我们现在可以在运行在CentOS 7镜像中的Docker容器里面运行我们的GUI程序也就是Firefox浏览器了。
# docker run -ti --rm -e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix firefox
### 总结 ###
-在Dcoker容器中运行GUI程序是一次很棒的体验,它对你的主机文件系统没有任何的伤害。它完全依赖你的Docker容器。本教程中,我尝试了CentOS 7 Docker中的Firefox。我们可以用这个技术尝试更多的GUI程序。如果你有任何问题、建议、反馈请在下面的评论栏中写下来,这样我们可以提升或更新我们的内容。谢谢!
+在Docker容器中运行GUI程序是一次很棒的体验,它对你的主机文件系统没有任何的伤害。它完全依赖你的Docker容器。本教程中,我尝试了CentOS 7 Docker中的Firefox。我们可以用这个技术尝试更多的GUI程序。如果你有任何问题、建议、反馈请在下面的评论栏中写下来,这样我们可以提升或更新我们的内容。谢谢!
--------------------------------------------------------------------------------
@@ -70,7 +70,7 @@ via: http://linoxide.com/linux-how-to/run-gui-apps-docker-container/
作者:[Arun Pyasi][a]
译者:[geekpi](https://github.com/geekpi)
-校对:[校对者ID](https://github.com/校对者ID)
+校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
diff --git a/translated/talk/20150410 10 Famous IT Skills in Demand That Will Get You Hired.md b/published/201504/20150410 10 Famous IT Skills in Demand That Will Get You Hired.md
similarity index 93%
rename from translated/talk/20150410 10 Famous IT Skills in Demand That Will Get You Hired.md
rename to published/201504/20150410 10 Famous IT Skills in Demand That Will Get You Hired.md
index 286572f959..df972fb96b 100644
--- a/translated/talk/20150410 10 Famous IT Skills in Demand That Will Get You Hired.md
+++ b/published/201504/20150410 10 Famous IT Skills in Demand That Will Get You Hired.md
@@ -6,41 +6,41 @@
### 1. VMware ###
-VMware公司设计的虚拟化和云计算软件高居榜首。VMware首次宣布商业支持x86架构的虚拟化。VMware的需求在上个季度已经增长至16%。
+VMware公司设计的虚拟化和云计算软件高居榜首。VMware首次宣布商业支持x86架构的虚拟化。VMware的招聘需求在上个季度已经增长至16%。
最新稳定发行版: 11.0
### 2. MySQL ###
-这款开源的关系型数据库管理系统憾居第二。直到2013年,MySQL都还是第二大使用广泛的RDBMS(注:Relational Database Management System)。上季度MySQL的需求已经达到了11%。继甲骨文公司之后,著名的MarialDB也已经被分出MySQL了,值得去拥有。
+这款开源的关系型数据库管理系统憾居第二。直到2013年,MySQL都还是第二大使用广泛的RDBMS(注:Relational Database Management System)。上季度MySQL的招聘需求已经达到了11%。非常著名的MarialDB就是来自被甲骨文公司收购之后的MySQL的分支。值得掌握。
最新稳定发行版: 5.6.23
### 3. Apache ###
-这个跨平台的开源网页(HTTP)服务器位居第三。截至上个季度,Apache的需求已经超过了13%。
+这个跨平台的开源网页(HTTP)服务器位居第三。截至上个季度,Apache的招聘需求已经超过了13%。
最新稳定发行版: 2.4.12
### 4. AWS ###
-亚马逊网页服务器是亚马逊网站提供的所有远程计算服务的集合,AWS排在第四位。上个季度,AWS的需求已经呈现出将近14%的增长。
+AWS是亚马逊网站提供的所有远程计算服务的集合,AWS排在第四位。上个季度,AWS的招聘需求已经呈现出将近14%的增长。
### 5. Puppet ###
-Puppet作为配置管理系统被应用在设置IT基础架构,它排在第五位。它用Ruby语言编写,属于客户端-服务器型的结构。上个季度puppet的需求已经增长超过9%。
+Puppet作为配置管理系统被应用在设置IT基础架构,它排在第五位。它用Ruby语言编写,属于客户端-服务器型的结构。上个季度puppet的招聘需求已经增长超过9%。
最新稳定发行版: 3.7.3
### 6. Hadoop ###
-Hadoop是用Java编写的一款开源软件框架,用于处理大数据。列表中Hadoop位列第六。对Hadoop的需求在上个季度已经下降了0.2个百分点。
+Hadoop是用Java编写的一款开源软件框架,用于处理大数据。列表中Hadoop位列第六。对Hadoop的招聘需求在上个季度已经下降了0.2个百分点。
最新稳定发行版: 2.6.0
### 7. Git ###
-Linux Torvalds最初编写的著名版本控制系统Git排在了第七。Git的需求在上个季度已经超过了7%。
+Linux Torvalds最初编写的著名版本控制系统Git排在了第七。Git的招聘需求在上个季度已经超过了7%。
最新稳定发行版: 2.3.4
@@ -58,6 +58,8 @@ Oracle公司开发的SQL扩展版,占据第八的位置。PL/SQL从Oracle 7后
这款最著名的企业资源规划软件排在了第十。上个季度SAP在需求市场表现出将近3.5%的增长。
+具体数据表格如下:
+
diff --git a/translated/tech/20150413 Elementary OS 0.3 Freya Screenshots - Download and Install Guide.md b/published/201504/20150413 Elementary OS 0.3 Freya Screenshots - Download and Install Guide.md
similarity index 51%
rename from translated/tech/20150413 Elementary OS 0.3 Freya Screenshots - Download and Install Guide.md
rename to published/201504/20150413 Elementary OS 0.3 Freya Screenshots - Download and Install Guide.md
index 23db1ace55..345cae0272 100644
--- a/translated/tech/20150413 Elementary OS 0.3 Freya Screenshots - Download and Install Guide.md
+++ b/published/201504/20150413 Elementary OS 0.3 Freya Screenshots - Download and Install Guide.md
@@ -1,11 +1,11 @@
-Elementart OS 0.3 Freya快照 - 下载和安装指南
+直击 Elementart OS 0.3 Freya - 下载和安装指南
===========================================================================
-Elementary OS是一个以Ubuntu为基础的轻量级操作系统,广受欢迎。目前已经发行了上个版本,而第四个版本将会以即将到来的Ubuntu16.04为基础开发。
+Elementary OS是一个以Ubuntu为基础的轻量级操作系统,广受欢迎。目前已经发行了三个版本,而第四个版本将会以即将到来的Ubuntu16.04为基础开发。
-- **Jupiter (0.1)**: 第一个基于Ubuntu10.10的Elementary OS稳定发行版,在2011年三月发布。
-- **(Luna (0.2)**: 基于Ubuntu12.04的Elementary OS第二个稳定发行版,于2012年11月发布。
-- **(Freya (0.3)**: 基于Ubuntu 14.04的Elementary OS第三个稳定发行版,2015年二月8号发布。
-- **(Loki (0.4)**: 未来Elementary OS第四版,计划以Ubuntu16.04为基础,并且提供更新服务直到2021年。
+- **Jupiter (0.1)**: 第一个Elementary OS稳定发行版基于Ubuntu 10.10,在2011年三月发布。
+- **Luna (0.2)**: Elementary OS第二个稳定发行版基于Ubuntu 12.04,于2012年11月发布。
+- **Freya (0.3)**: Elementary OS第三个稳定发行版基于Ubuntu 14.04的,2015年二月8号发布。
+- **Loki (0.4)**: 未来Elementary OS第四版,计划以Ubuntu16.04为基础,并且提供更新服务直到2021年。
Freya是目前最新的Elementary OS版本(0.3)。最初是被命名为ISIS,但是后来改了,是为了避免与同名的恐怖组织产生任何的联系。Freya有一些非常不错的预装应用。
@@ -13,15 +13,15 @@ Freya是目前最新的Elementary OS版本(0.3)。最初是被命名为ISIS
这里列举了一些特性,但并非Elementary OS 0.3的所有特性。
-- 根据通知设定面板提供更好的交互性消息通知,包括一个系统级别的“Do Not Disturb”模式。
-- 最新版Elementary OS为网页应用中微软核心字体提供更好的emoji表情支持和替换。
-- Privacy模式是一个新的防火墙工具,很容易使用,可以帮助保护电脑免遭恶意脚本和应用的攻击。
-- 统一了登入和锁定界面
-- 拥有应用中心菜单,提升了界面效果和功能,包括快速列表动作,从搜索中拉取,和支持快速数学计算。
-- 重新设计多任务视图,提供更多的应用专注工具。
-- 更新了软件栈(Linux 3.16, Gtk 3.14 和Vala 0.26),为了对最新开发应用更好的支持和加强功能。
-- 统一了扩展固件接口(UEFI)支持
-- 通过新的捕捉入口协助,WiFi连接变得更容易。
+- 更好的交互性消息通知,可在通知设定面板设定系统级别的“Do Not Disturb(不要打扰)”模式。
+- 最新版Elementary OS提供更好的emoji表情支持,及内置替换了网页应用中的微软核心字体。
+- Privacy模式是一个新的防火墙工具,易于使用,可以帮助保护电脑免遭恶意脚本和应用的攻击。
+- 统一风格的登入和锁定界面。
+- 改进了界面效果和功能的应用中心菜单,包括快速操作列表,搜索拖放,支持快速数学计算。
+- 重新设计的多任务视图提供更多以应用为中心的功能。
+- 更新了软件栈(Linux 3.16, Gtk 3.14 和Vala 0.26),更好的支持和增强了最新开发的应用。
+- UEFI支持。
+- 通过新的联网助手,WiFi连接变得更容易。
### 下载64位&32位版本 ###
@@ -30,23 +30,23 @@ Freya是目前最新的Elementary OS版本(0.3)。最初是被命名为ISIS
### 安装Elementary OS 0.3 (Freya) ###
-下载Elementary OS 0.3的ISO文件,并且写入一个USB启动盘或者DVD/CD。32位和64位的结构都是可以的。当计算机从Elementary OS ISO文件启动后,有两个选项可用,或试用而不安装,或直接安装到计算机里,选择第二项。Elmentary OS也可以安装与已有操作系统并存,构成双重启动。
+下载Elementary OS 0.3的ISO文件,并且写入到一个USB启动盘或者DVD/CD。支持32位和64位的架构。当计算机从Elementary OS ISO文件启动后,有两个选项可用,或不安装而仅试用,或直接安装到计算机里。这里选择第二项。Elmentary OS也可以与已有操作系统并存安装,构成双重启动。
-在更进一步之前会检查系统要求和资源有效性。如果你的系统有足够的资源,点击继续。
+在进行下面的步骤之前会检查系统要求和资源有效性。如果你的系统有足够的资源,点击继续。
-安装向导提供许多安装形式。选取最适合你的选项,通常地,第一个选项被大多数选用 i.e. “擦除磁盘以安装Elementary”。选择这个选项,必须保证你的数据都已经被合理的备份了,因为磁盘(分区)将会被擦除,所有数据将会丢失。
+安装向导提供许多安装形式。选取最适合你的选项,通常大多数都选用第一个选项:“擦除磁盘以安装Elementary”。选择该选项,必须保证你的原有数据都已经正确备份了,因为磁盘(分区)将会被擦除,其上所有的数据将会丢失。
-一个对话框显示了被Elementary OS使用和格式化的磁盘分区列表,确保数据完整后点击继续。
+接下来的对话框显示了Elementary OS所使用和需要格式化的磁盘分区列表,确保数据完整后点击继续。
-选择你的位置,确定时区,点击继续。
+选择你的地理位置,确定时区,点击继续。
@@ -54,11 +54,11 @@ Freya是目前最新的Elementary OS版本(0.3)。最初是被命名为ISIS
-填入你的信息,选择一个强度高的超级用户/管理员密码,点击继续。
+填入你的信息,选择一个高强度的超级用户/管理员密码,点击继续。
-当你的信息提供后,核心安装进程就会启动,正在安装组件的详细信息会在一个小对话框里随进度条一闪而过。
+当你的信息提供后,核心安装进程就会启动,正在安装的组件的详细信息会在一个小对话框里随进度条一闪而过。
@@ -66,7 +66,7 @@ Freya是目前最新的Elementary OS版本(0.3)。最初是被命名为ISIS
-启动时,Elementary OS的标志显得十分优雅,然后密码保护的管理员登入和游客访问选项会出现。游客访问有相当多的限制功能,而且没有安装的特权。
+启动时,Elementary OS将显示它优雅的logo,然后会出现密码保护的管理员登入和游客访问选项。游客访问有相当多的限制功能,而且没有安装软件的权限。
@@ -76,27 +76,27 @@ Freya是目前最新的Elementary OS版本(0.3)。最初是被命名为ISIS
### 个性化桌面 ###
-Elementary OS 0.3以其轻巧和美观而为我们熟知,每个人有自己独特的审美观念和计算机使用习惯。桌面反映出每一个计算机使用者个性化的观点。如其他操作系统一样,Elementary OS 0.3也提供了许多选项来个性化配置桌面,包括壁纸,字体大小,主题等等。
+Elementary OS 0.3以其轻巧和美观而为我们熟知,每个人有自己独特的审美观和计算机使用习惯。桌面反映出每一个计算机使用者的个人偏好。如其他操作系统一样,Elementary OS 0.3也提供了许多选项来个性化配置桌面,包括壁纸,字体大小,主题等等。
基本的个性化配置,点击Applications > System Settings > Desktop
-我们可以改变壁纸,泊板和启用桌面热角。
+我们可以改变壁纸,泊板(dock)和启用桌面热角。
-默认提供了很少的壁纸,更多的可以从网上下载或者从你的相机传输。
+默认提供了很少的壁纸,更多的可以从网上下载或者从你的相机传输过来。
-Elementary OS真正的美丽在于优雅的Dock面板。桌面上没有任何图标,一些应用图标停靠在dock面板上加强了显示效果,提供了快速访问常用应用的捷径。
+Elementary OS真正的美丽在于优雅的泊板。桌面上没有任何图标,泊板上的应用图标显示逼真,通过它可以快速访问常用应用。
-用户可以使用桌面的四个角定制要显示什么。
+用户可以定制桌面的四个角的功能。
-通过elementary tweaks工具的安装,可以达到更高级的个性化定制。
+通过安装elementary tweaks工具来更深入的个性化定制。
-使用如下命令,添加稳定的个人软件包档案(PPA)到高级软件包管理工具(APT)仓库。
+可以使用如下命令,将稳定的个人软件包档案(PPA)添加到高级软件包管理工具(APT)仓库。
sudo add-apt-repository ppa:mpstark/elementary-tweaks-daily
@@ -108,13 +108,13 @@ Elementary OS真正的美丽在于优雅的Dock面板。桌面上没有任何图
-更新仓库后,我们就可以安装inkscape(不知是什么),用以下命令完成
+更新仓库后,我们就可以安装elementary-tweaks,用以下命令完成
sudo apt-get install elementary-tweaks
-我们可以在个人区域的Application > System Settings下看到Tweaks选项的一个添加项。目前它提供给我们更多的选项,个性化定制我们的桌面。
+我们可以在Application > System Settings下的个人区域的看到增加了一个Tweaks项目。它现在可以给我们提供更多的个性化定制选项。
@@ -126,7 +126,7 @@ Elementary OS真正的美丽在于优雅的Dock面板。桌面上没有任何图
### 总结 ###
-Elementary OS十分接近Linux的发行版Ubuntu,它的正反两方面也都十分相似。Elementary OS在外观和体验上都十分轻巧和优雅,并且正在快速地走向成熟。它有潜力成为Windows和OS X操作系统之外的第三选择。最新的Elementary OS 0.3 (Freya)正凭借更好功能基础,在迅速的流行。想了解更多信息,最近的更新和下载,请访问官方[网站][1]。
+Elementary OS十分接近Linux发行版Ubuntu,它的优缺点两方面也都十分相似。Elementary OS在外观和体验上都十分轻巧和优雅,并且正在快速地走向成熟。它有潜力成为Windows和OS X操作系统之外的第三选择。最新的Elementary OS 0.3(Freya)以其良好的功能基础而迅速流行。想了解更多信息,最近的更新和下载,请访问其官方[网站][1]。
--------------------------------------------------------------------------------
@@ -134,7 +134,7 @@ via: http://linoxide.com/ubuntu-how-to/elementary-os-0-3-freya-install-guide/
作者:[Aun Raza][a]
译者:[wi-cuckoo](https://github.com/wi-cuckoo)
-校对:[校对者ID](https://github.com/校对者ID)
+校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
diff --git a/published/20150413 Linux Kernel 4.0 Features Live Kernel Patching PS3 Support.md b/published/201504/20150413 Linux Kernel 4.0 Features Live Kernel Patching PS3 Support.md
similarity index 100%
rename from published/20150413 Linux Kernel 4.0 Features Live Kernel Patching PS3 Support.md
rename to published/201504/20150413 Linux Kernel 4.0 Features Live Kernel Patching PS3 Support.md
diff --git a/published/20150415 HTTP Public Key Pinning Extension HPKP for Apache, NGINX and Lighttpd.md b/published/201504/20150415 HTTP Public Key Pinning Extension HPKP for Apache, NGINX and Lighttpd.md
similarity index 100%
rename from published/20150415 HTTP Public Key Pinning Extension HPKP for Apache, NGINX and Lighttpd.md
rename to published/201504/20150415 HTTP Public Key Pinning Extension HPKP for Apache, NGINX and Lighttpd.md
diff --git a/published/201504/20150417 How to Install Linux Kernel 4.0 from Elrepo or Source on Ubuntu or CentOs.md b/published/201504/20150417 How to Install Linux Kernel 4.0 from Elrepo or Source on Ubuntu or CentOs.md
new file mode 100644
index 0000000000..a725043f67
--- /dev/null
+++ b/published/201504/20150417 How to Install Linux Kernel 4.0 from Elrepo or Source on Ubuntu or CentOs.md
@@ -0,0 +1,150 @@
+如何在Ubuntu/CentOS上安装Linux内核4.0
+================================================================================
+大家好,今天我们学习一下如何从Elrepo或者源代码来安装最新的Linux内核4.0。代号为‘Hurr durr I'm a sheep’的Linux内核4.0是目前为止最新的主干内核。它是稳定版3.19.4之后发布的内核。4月12日是所有的开源运动爱好者的大日子,Linux Torvalds宣布了Linux内核4.0的发布,它现在就已经可用了。由于包括了一些很棒的功能,例如无重启补丁(实时补丁),新的升级驱动,最新的硬件支持以及很多有趣的功能都有新的版本,它原本被期望是一次重要版本。但是实际上内核4.0并不认为是期望中的重要版本,Linus 表示期望4.1会是一个更重要的版本。实时补丁功能已经集成到了SUSE企业版Linux操作系统上。你可以在[发布公告][1]上查看关于这次发布的更多详细内容。
+
+> **警告**: 安装新的内核可能会导致你的系统不可用或不稳定。如果你仍然使用以下命令继续安装,请确保备份所有重要数据到外部硬盘。
+
+### 在Ubuntu 15.04上安装Linux内核4.0 ###
+
+如果你正在使用Linux的发行版Ubuntu 15.04,你可以直接通过Ubuntu内核网站安装。在你的Ubuntu15.04上安装最新的Linux内核4.0,你需要在shell或终端中在root访问权限下运行以下命令。
+
+#### 在 64位 Ubuntu 15.04 ####
+
+ $ wget http://kernel.ubuntu.com/~kernel-ppa/mainline/v4.0-vivid/linux-image-4.0.0-040000-generic_4.0.0-040000.201504121935_amd64.deb
+ $ wget http://kernel.ubuntu.com/~kernel-ppa/mainline/v4.0-vivid/linux-headers-4.0.0-040000-generic_4.0.0-040000.201504121935_amd64.deb
+
+ $ sudo dpkg -i linux-headers-4.0.0*.deb linux-image-4.0.0*.deb
+
+#### 在 32位 Ubuntu 15.04 ####
+
+ $ wget http://kernel.ubuntu.com/~kernel-ppa/mainline/v4.0-vivid/linux-image-4.0.0-040000-generic_4.0.0-040000.201504121935_i386.deb
+ $ wget http://kernel.ubuntu.com/~kernel-ppa/mainline/v4.0-vivid/linux-headers-4.0.0-040000-generic_4.0.0-040000.201504121935_i386.deb
+
+ $ sudo dpkg -i linux-headers-4.0.0*.deb linux-image-4.0.0*.deb
+
+### 在CentOS 7上安装Linux内核4.0 ###
+
+我们可以用两种简单的方式在CentOS 7上安装Linux内核4.0。
+
+1. 从Elrepo软件仓库安装
+1. 从源代码编译安装
+
+我们首先用ElRepo安装,这是最简单的方式:
+
+#### 使用 Elrepo 安装 ####
+
+**1. 下载和安装ELRepo**
+
+我们首先下载ELRepo的GPG密钥并安装relrepo-release安装包。因为我们用的是CentOS 7,我们使用以下命令安装elrepo-release-7.0-2.el7.elrepo.noarch.rpm。
+
+注: 如果你启用了secure boot,请查看[这个网页获取更多信息][2]。
+
+ # rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
+ # rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-2.el7.elrepo.noarch.rpm
+
+
+
+**2. 升级Linux内核到4.0版本**
+
+现在,我们准备从ELRepo软件仓库安装最新的稳定版内核4.0。安装它我们需要在CentOS 7的shell或者终端中输入以下命令。
+
+ # yum --enablerepo=elrepo-kernel install kernel-ml
+
+
+
+上面的命令会自动安装为CentOS 7构建的Linux内核4.0。
+
+现在,下面的是另一种方式,通过编译源代码安装最新的内核4.0。
+
+#### 从源代码编译安装 ####
+
+**1. 安装依赖软件**
+
+首先我们需要为编译linux内核安装依赖的软件。要完成这些,我们需要在一个终端或者shell中运行以下命令。
+
+ # yum groupinstall "Development Tools"
+
+ # yum install gcc ncurses ncurses-devel
+
+
+
+然后,我们会升级我们的整个系统。
+
+ # yum update
+
+**2. 下载源代码**
+
+现在我们通过wget命令从Linux内核的官方仓库中下载最新发布的linux内核4.0的源代码。你也可以使用你的浏览器直接从[kernel.org][3]网站下载内核。
+
+ # cd /tmp/
+ # wget https://www.kernel.org/pub/linux/kernel/v4.x/linux-4.0.tar.xz
+
+
+
+**3. 解压tar压缩包**
+
+文件下载好后我们在/usr/src/文件夹下用以下命令解压。
+
+ # tar -xf linux-4.0.tar.xz -C /usr/src/
+ # cd /usr/src/linux-4.0/
+
+
+
+**4. 配置**
+
+配置Linux内核有两种选择的。我们可以创建一个新的自定义配置文件或者使用已有的配置文件来构建和安装Linux内核。这都取决于你自己的需要。
+
+**配置新的内核**
+
+现在我们在shell或终端中运行make menuconfig命令来配置Linux内核。我们执行以下命令后会显示一个包含所有菜单的弹出窗口。在这里我们可以选择我们新的内核配置。如果你不熟悉这些菜单,那就敲击ESC键两次退出。
+
+ # make menuconfig
+
+
+
+**已有的配置**
+
+如果你想用已有的配置文件配置你最新的内核,那就输入下面的命令。如果你对配置有任何调整,你可以选择Y或者N,或者仅仅是按Enter键继续。
+
+ # make oldconfig
+
+#### Step 5. 编译Linux内核 ####
+
+下一步,我们会执行make命令来编译内核4.0。取决于你的系统配置,编译至少需要20-30分钟。
+
+注:如果编译内核的时候出现`bc command not found`的错误,你可以用**yum install bc**命令安装bc修复这个错误。
+
+ # make
+
+
+
+#### 6. 安装Linux内核4.0 ####
+
+编译完成后,我们终于要在你的Linux系统上安装**内核**了。下面的命令会在/boot目录下创建文件并且在Grub 菜单中新建一个内核条目。
+
+ # make modules_install install
+
+#### 7. 验证内核 ####
+
+安装完最新的内核4.0后我们希望能验证它。做这些我们只需要在终端中输入以下命令。如果所有都进展顺利,我们会看到内核版本,例如4.0出现在输出列表中。
+
+ # uname -r
+
+#### 结论 ####
+
+好了,我们成功地在我们的CentOS 7操作系统上安装了最新的Linux内核版本4.0。通常并不需要升级linux内核,因为和之前版本运行良好的硬件可能并不适合新的版本。我们要确保它包括能使你的硬件正常工作的功能和配件。但大部分情况下,新的稳定版本内核能使你的硬件性能更好。因此,如果你有任何问题,评论,反馈,请在下面的评论框中注明,让我们知道需要增加或者删除什么问题。多谢!享受最新的稳定版Linux内核4.0吧 :-)
+
+--------------------------------------------------------------------------------
+
+via: http://linoxide.com/how-tos/install-linux-kernel-4-0-elrepo-source/
+
+作者:[Arun Pyasi][a]
+译者:[ictlyh](https://github.com/ictlyh)
+校对:[wxy](https://github.com/wxy)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[a]:http://linoxide.com/author/arunp/
+[1]:http://linux.cn/article-5259-1.html
+[2]:http://elrepo.org/tiki/SecureBootKey
+[3]:http://kernel.org/
\ No newline at end of file
diff --git a/published/201504/20150423 The Most Popular Programming Languages in to GitHub Since 2012.md b/published/201504/20150423 The Most Popular Programming Languages in to GitHub Since 2012.md
new file mode 100644
index 0000000000..b47b1c2ed5
--- /dev/null
+++ b/published/201504/20150423 The Most Popular Programming Languages in to GitHub Since 2012.md
@@ -0,0 +1,32 @@
+GitHub 上最流行的编程语言
+================================================================================
+
+
+编程语言不仅仅是开发者用来创建程序或表达算法的工具,它们也是对创造力进行编码和解码的仪器。通过观察编程语言的历史,我们在追求为解决问题找到一个更好的方法,促进协作,构建好的产品以及重用他人的工作上得到一个独特的观点。
+
+我们有大约 70% 的客户向我们的服务发送应用日志,因此我们能追踪哪种语言是最流行的,以及哪种语言获得了开发人员的关注。
+
+基于从2012年以来的历史的[GitHub 归档][1]和[GitHut][2]数据,我们分析了GitHub上大部分开发者的动作并绘制成你下面看到的信息图表。我们主要关注:
+
+- 活跃库的数量,这是反应了人们正在研究的项目的有用度量。
+- 每种语言总的推送数量以及每个库的平均推送次数。这些指标是由某种语言编写的项目的创新效率的指示器。
+- 每个库新的fork数和发现的问题数目,这也显示了活跃度和创新性。
+- 每个库新的观察者,这是开发人员兴趣的指示器。
+
+### 查看信息图表并告诉我们你的想法!在你的同龄人中是怎么选择你使用的语言的? ###
+
+
+
+--------------------------------------------------------------------------------
+
+via: https://www.loggly.com/blog/the-most-popular-programming-languages-in-to-github-since-2012/
+
+作者:[Justin Mares][a]
+译者:[ictlyh](https://github.com/ictlyh)
+校对:[wxy](https://github.com/wxy)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[a]:https://www.loggly.com/blog/author/guest/
+[1]:https://www.githubarchive.org/
+[2]:http://githut.info/
\ No newline at end of file
diff --git a/published/201504/30 Things to Do After Minimal RHEL or CentOS 7 Installation--1.md b/published/201504/30 Things to Do After Minimal RHEL or CentOS 7 Installation--1.md
new file mode 100644
index 0000000000..45ccd2208a
--- /dev/null
+++ b/published/201504/30 Things to Do After Minimal RHEL or CentOS 7 Installation--1.md
@@ -0,0 +1,238 @@
+安装完最小化 RHEL/CentOS 7 后需要做的 30 件事情(一)
+================================================================================
+CentOS 是一个工业标准的 Linux 发行版,是红帽企业版 Linux 的衍生版本。你安装完后马上就可以使用,但是为了更好地使用你的系统,你需要进行一些升级、安装新的软件包、配置特定服务和应用程序等操作。
+
+这篇文章介绍了 “安装完 RHEL/CentOS 7 后需要做的 30 件事情”。阅读帖子的时候请先完成 RHEL/CentOS 最小化安装,这是首选的企业和生产环境。如果还没有,你可以按照下面的指南,它会告诉你两者的最小化安装方法。
+
+- [最小化安装 CentOS 7][1]
+- [最小化安装 RHEL 7][2]
+
+我们会基于工业标准的需求来介绍以下列出的这些重要工作。我们希望这些东西在你配置服务器的时候能有所帮助。
+
+1. 注册并启用红帽订阅
+2. 使用静态 IP 地址配置网络
+3. 设置服务器的主机名称
+4. 更新或升级最小化安装的 CentOS
+5. 安装命令行 Web 浏览器
+6. 安装 Apache HTTP 服务器
+7. 安装 PHP
+8. 安装 MariaDB 数据库
+9. 安装并配置 SSH 服务器
+10. 安装 GCC (GNU 编译器集)
+11. 安装 Java
+12. 安装 Apache Tomcat
+13. 安装 Nmap 检查开放端口
+14. 配置防火墙
+15. 安装 Wget
+16. 安装 Telnet
+17. 安装 Webmin
+18. 启用第三方库
+19. 安装 7-zip 工具
+20. 安装 NTFS-3G 驱动
+21. 安装 Vsftpd FTP 服务器
+22. 安装和配置 sudo
+23. 安装并启用 SELinux
+24. 安装 Rootkit Hunter
+25. 安装 Linux Malware Detect (LMD)
+26. 用 Speedtest-cli 测试服务器带宽
+27. 配置 Cron 作业
+28. 安装 Owncloud
+29. 启用 VirtualBox 虚拟化
+30. 用密码保护 GRUB
+
+### 1. 注册并启用红帽订阅 ###
+
+RHEL 7 最小化安装完成后,就应该注册并启用系统红帽订阅库, 并执行一个完整的系统更新。这只当你有一个可用的红帽订阅时才能有用。你要注册才能启用官方红帽系统库,并时不时进行操作系统更新。(LCTT 译注:订阅服务是收费的)
+
+在下面的指南中我们已经包括了一个如何注册并激活红帽订阅的详细说明。
+
+- [在 RHEL 7 中注册并启用红帽订阅][3]
+
+**注意**: 这一步仅适用于有一个有效订阅的红帽企业版 Linux。如果你用的是 CentOS 服务器,请查看后面的章节。
+
+### 2. 使用静态 IP 地址配置网络 ###
+
+你第一件要做的事情就是为你的 CentOS 服务器配置静态 IP 地址、路由以及 DNS。我们会使用 ip 命令代替 ifconfig 命令。当然,ifconfig 命令对于大部分 Linux 发行版来说还是可用的,还能从默认库安装。
+
+ # yum install net-tools [它提供 ifconfig 工具,如果你不习惯 ip 命令,还可以使用它]
+
+
+
+(LCTT 译注:关于 ip 命令的使用,请参照:http://www.linux.cn/article-3631-1.html )
+
+但正如我之前说,我们会使用 ip 命令来配置静态 IP 地址。所以,确认你首先检查了当前的 IP 地址。
+
+ # ip addr show
+
+
+
+现在用你的编辑器打开并编辑文件 /etc/sysconfig/network-scripts/ifcfg-enp0s3 (LCTT 译注:你的网卡名称可能不同,如果希望修改为老式网卡名称,参考:http://www.linux.cn/article-4045-1.html )。这里,我使用 vi 编辑器,另外你要确保你是 root 用户才能保存更改。
+
+ # vi /etc/sysconfig/network-scripts/ifcfg-enp0s3
+
+我们会编辑文件中的四个地方。注意下面的四个地方并保证不碰任何其它的东西。也保留双引号,在它们中间输入你的数据。
+
+ IPADDR = "[在这里输入你的静态 IP]"
+ GATEWAY = "[输入你的默认网关]"
+ DNS1 = "[你的DNS 1]"
+ DNS2 = "[你的DNS 2]"
+
+更改了 ‘ifcfg-enp0s3’ 之后,它看起来像下面的图片。注意你的 IP,网关和 DNS 可能会变化,请和你的 ISP(译者注:互联网服务提供商,即给你提供接入的服务的电信或 IDC) 确认。保存并退出。
+
+
+
+*网络详情*
+
+重启网络服务并检查 IP 是否和分配的一样。如果一切都顺利,用 Ping 查看网络状态。
+
+ # service network restart
+
+
+
+*重启网络服务*
+
+重启网络后,确认检查了 IP 地址和网络状态。
+
+ # ip addr show
+ # ping -c4 google.com
+
+
+
+*验证 IP 地址*
+
+
+
+*检查网络状态*
+
+(LCTT 译注:关于设置静态 IP 地址的更多信息,请参照:http://www.linux.cn/article-3977-1.html )
+
+### 3. 设置服务器的主机名称 ###
+
+下一步是更改 CentOS 服务器的主机名称。查看当前分配的主机名称。
+
+ # echo $HOSTNAME
+
+
+
+*查看系统主机名称*
+
+要设置新的主机名称,我们需要编辑 ‘/etc/hostsname’ 文件并用想要的名称替换旧的主机名称。
+
+ # vi /etc/hostname
+
+
+
+*在 CentOS 中设置主机名称*
+
+设置完了主机名称之后,务必注销后重新登录确认主机名称。登录后检查新的主机名称。
+
+ $ echo $HOSTNAME
+
+
+
+*确认主机名称*
+
+你也可以用 ‘hostname’ 命令查看你当前的主机名。
+
+ $ hostname
+
+(LCTT 译注:关于设置静态、瞬态和灵活主机名的更多信息,请参考:http://www.linux.cn/article-3937-1.html )
+
+### 4. 更新或升级最小化安装的 CentOS ###
+
+这样做除了更新安装已有的软件最新版本以及安全升级,不会安装任何新的软件。总的来说更新(update)和升级(upgrade)是相同的,除了事实上 升级 = 更新 + 更新时进行废弃处理。
+
+ # yum update && yum upgrade
+
+
+
+*更新最小化安装的 CentOS 服务器*
+
+**重要**: 你也可以运行下面的命令,这不会弹出软件更新的提示,你也就不需要输入 ‘y’ 接受更改。
+
+然而,查看服务器上会发生的变化总是一个好主意,尤其是在生产中。因此使用下面的命令虽然可以为你自动更新和升级,但并不推荐。
+
+ # yum -y update && yum -y upgrade
+
+### 5. 安装命令行 Web 浏览器 ###
+
+大部分情况下,尤其是在生产环境中,我们通常用没有 GUI 的命令行安装 CentOS,在这种情况下我们必须有一个能通过终端查看网站的命令行浏览工具。为了实现这个目的,我们打算安装名为 ‘links’ 的著名工具。
+
+ # yum install links
+
+
+
+*Links: 命令行 Web 浏览器*
+
+请查看我们的文章 [用 links 工具命令行浏览 Web][4] 了解用 links 工具浏览 web 的方法和例子。
+
+### 6. 安装 Apache HTTP 服务器 ###
+
+不管你因为什么原因使用服务器,大部分情况下你都需要一个 HTTP 服务器运行网站、多媒体、用户端脚本和很多其它的东西。
+
+ # yum install httpd
+
+
+
+*安装 Apache 服务器*
+
+如果你想更改 Apache HTTP 服务器的默认端口号(80)为其它端口,你需要编辑配置文件 ‘/etc/httpd/conf/httpd.conf’ 并查找以下面开始的行:
+
+ LISTEN 80
+
+把端口号 ‘80’ 改为其它任何端口(例如 3221),保存并退出。
+
+
+
+*更改 Apache 端口*
+
+增加刚才分配给 Apache 的端口通过防火墙,然后重新加载防火墙。
+
+允许 http 服务通过防火墙(永久)。
+
+ # firewall-cmd –add-service=http
+
+允许 3221 号端口通过防火墙(永久)。
+
+ # firewall-cmd –permanent –add-port=3221/tcp
+
+重新加载防火墙。
+
+ # firewall-cmd –reload
+
+(LCTT 译注:关于 firewall 的进一步使用,请参照:http://www.linux.cn/article-4425-1.html )
+
+完成上面的所有事情之后,是时候重启 Apache HTTP 服务器了,然后新的端口号才能生效。
+
+ # systemctl restart httpd.service
+
+现在添加 Apache 服务到系统层使其随系统自动启动。
+
+ # systemctl start httpd.service
+ # systemctl enable httpd.service
+
+(LCTT 译注:关于 systemctl 的进一步使用,请参照:http://www.linux.cn/article-3719-1.html )
+
+如下图所示,用 links 命令行工具 验证 Apache HTTP 服务器。
+
+ # links 127.0.0.1
+
+
+
+*验证 Apache 状态*
+
+--------------------------------------------------------------------------------
+
+via: http://www.tecmint.com/things-to-do-after-minimal-rhel-centos-7-installation/
+
+作者:[Avishek Kumar][a]
+译者:[ictlyh](https://github.com/ictlyh)
+校对:[wxy](https://github.com/wxy)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[a]:http://www.tecmint.com/author/avishek/
+[1]:http://www.tecmint.com/centos-7-installation/
+[2]:http://www.tecmint.com/redhat-enterprise-linux-7-installation/
+[3]:http://www.tecmint.com/enable-redhat-subscription-reposiories-and-updates-for-rhel-7/
+[4]:http://www.tecmint.com/command-line-web-browsers/
\ No newline at end of file
diff --git a/published/201504/30 Things to Do After Minimal RHEL or CentOS 7 Installation--2.md b/published/201504/30 Things to Do After Minimal RHEL or CentOS 7 Installation--2.md
new file mode 100644
index 0000000000..6eeff54bae
--- /dev/null
+++ b/published/201504/30 Things to Do After Minimal RHEL or CentOS 7 Installation--2.md
@@ -0,0 +1,154 @@
+安装完最小化 RHEL/CentOS 7 后需要做的 30 件事情(二)
+================================================================================
+### 7. 安装 PHP ###
+
+PHP 是用于 web 基础服务的服务器端脚本语言。它也经常被用作通用编程语言。在最小化安装的 CentOS 中安装 PHP:
+
+ # yum install php
+
+安装完 php 之后,确认重启 Apache 服务以便在 Web 浏览器中渲染 PHP。
+
+ # systemctl restart httpd.service
+
+下一步,通过在 Apache 文档根目录下创建下面的 php 脚本验证 PHP。
+
+ # echo -e "" > /var/www/html/phpinfo.php
+
+现在在 Linux 命令行中查看我们刚才创建的 PHP 文件(phpinfo.php)。
+
+ # php /var/www/html/phpinfo.php
+ 或者
+ # links http://127.0.0.1/phpinfo.php
+
+
+
+*验证 PHP*
+
+### 8. 安装 MariaDB 数据库 ###
+
+MariaDB 是 MySQL 的一个分支。RHEL 以及它的衍生版已经从 MySQL 迁移到 MariaDB。这是一个主流的数据库管理系统,也是一个你必须拥有的工具。不管你在配置怎样的服务器,或迟或早你都会需要它。在最小化安装的 CentOS 上安装 MariaDB,如下所示:
+
+ # yum install mariadb-server mariadb
+
+
+
+*安装 MariaDB 数据库*
+
+启动 MariaDB 并配置它开机时自动启动。
+
+ # systemctl start mariadb.service
+ # systemctl enable mariadb.service
+
+允许 mysql(mariadb) 服务通过防火墙(LCTT 译注:如果你的 MariaDB 只用在本机,则务必不要设置防火墙允许通过,使用 UNIX Socket 连接你的数据库;如果需要在别的服务器上连接数据库,则尽量使用内部网络,而不要将数据库服务暴露在公开的互联网上。)
+
+ # firewall-cmd –add-service=mysql
+
+现在是时候确保 MariaDB 服务器安全了(LCTT 译注:这个步骤主要是设置 mysql 管理密码)。
+
+ # /usr/bin/mysql_secure_installation
+
+
+
+*保护 MariaDB 数据库*
+
+请阅读:
+
+- [在 CentOS 7.0 上安装 LAMP (Linux, Apache, MariaDB, PHP/PhpMyAdmin)][1]
+- [在 CentOS 7.0 上创建 Apache 虚拟主机][2]
+
+### 9. 安装和配置 SSH 服务器 ###
+
+SSH 即 Secure Shell,是 Linux 远程管理的默认协议。 SSH 是随最小化 CentOS 服务器中安装运行的最重要的软件之一。
+
+检查当前已安装的 SSH 版本。
+
+ # SSH -V
+
+
+
+*检查 SSH 版本*
+
+使用更安全的 SSH 协议,而不是默认的协议,并更改端口号进一步加强安全。编辑 SSH 的配置文件 ‘/etc/ssh/ssh_config’。
+
+去掉下面行的注释或者从协议行中删除 1,然后行看起来像这样(LCTT 译注: SSH v1 是过期废弃的不安全协议):
+
+ # Protocol 2,1 (原来)
+ Protocol 2 (现在)
+
+这个改变强制 SSH 使用 协议 2,它被认为比协议 1 更安全,同时也确保在配置中更改端口号 22 为其它。
+
+
+
+*保护 SSH 登录*
+
+取消 SSH 中的‘root login’, 只允许通过普通用户账号登录后才能使用 su 切换到 root,以进一步加强安全。请打开并编辑配置文件 ‘/etc/ssh/sshd_config’ 并更改 PermitRootLogin yes 为 PermitRootLogin no。
+
+ # PermitRootLogin yes (原来)
+ PermitRootLogin no (现在)
+
+
+
+*取消 SSH Root 直接登录*
+
+最后,重启 SSH 服务启用更改。
+
+ # systemctl restart sshd.service
+
+请查看:
+
+- [加密和保护 SSH 服务器的 5 个最佳实践][3]
+- [5 个简单步骤实现使用 SSH Keygen 无密码登录 SSH][4]
+- [在 PuTTY 中实现 “无密码 SSH 密钥验证”][5]
+
+### 10. 安装 GCC (GNU 编译器集) ###
+
+GCC 即 GNU 编译器集,是一个 GNU 项目开发的支持多种编程语言的编译系统(LCTT 译注:在你需要自己编译构建软件时需要它)。在最小化安装的 CentOS 没有默认安装。运行下面的命令安装 gcc 编译器。
+
+ # yum install gcc
+
+
+
+*在 CentOS 上安装 GCC*
+
+检查安装的 gcc 版本。
+
+ # gcc --version
+
+
+
+*检查 GCC 版本*
+
+### 11. 安装 Java ###
+
+Java是一种通用的基于类的,面向对象的编程语言。在最小化 CentOS 服务器中没有默认安装(LCTT 译注:如果你没有任何 Java 应用,可以不用装它)。按照下面命令从库中安装 Java。
+
+ # yum install java
+
+
+
+*安装 Java*
+
+检查安装的 Java 版本。
+
+ # java -version
+
+
+
+*检查 Java 版本*
+
+--------------------------------------------------------------------------------
+
+via: http://www.tecmint.com/things-to-do-after-minimal-rhel-centos-7-installation/2/
+
+作者:[Avishek Kumar][a]
+译者:[ictlyh](https://github.com/ictlyh)
+校对:[wxy](https://github.com/wxy)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[a]:http://www.tecmint.com/author/avishek/
+[1]:http://www.tecmint.com/install-lamp-in-centos-7/
+[2]:http://www.tecmint.com/apache-virtual-hosting-in-centos/
+[3]:http://www.tecmint.com/5-best-practices-to-secure-and-protect-ssh-server/
+[4]:http://www.tecmint.com/ssh-passwordless-login-using-ssh-keygen-in-5-easy-steps/
+[5]:http://www.tecmint.com/ssh-passwordless-login-with-putty/
\ No newline at end of file
diff --git a/published/201504/30 Things to Do After Minimal RHEL or CentOS 7 Installation--3.md b/published/201504/30 Things to Do After Minimal RHEL or CentOS 7 Installation--3.md
new file mode 100644
index 0000000000..318d38b03c
--- /dev/null
+++ b/published/201504/30 Things to Do After Minimal RHEL or CentOS 7 Installation--3.md
@@ -0,0 +1,277 @@
+安装完最小化 RHEL/CentOS 7 后需要做的 30 件事情(三)
+================================================================================
+### 12. 安装 Apache Tomcat ###
+
+Tomcat 是由 Apache 设计的用来运行 Java HTTP web 服务器的 servlet 容器。按照下面的方法安装 tomcat,但需要指出的是安装 tomcat 之前必须先安装 Java。
+
+ # yum install tomcat
+
+
+
+*安装 Apache Tomcat*
+
+安装完 tomcat 之后,启动 tomcat 服务。
+
+ # systemctl start tomcat
+
+查看 tomcat 版本。
+
+ # /usr/sbin/tomcat version
+
+
+
+*查看 tomcat 版本*
+
+允许 tomcat 服务和默认端口(8080) 通过防火墙并重新加载设置。
+
+ # firewall-cmd –zone=public –add-port=8080/tcp --permanent
+ # firewall-cmd –reload
+
+现在该保护 tomcat 服务器了,添加一个用于访问和管理的用户和密码。我们需要编辑文件 ‘/etc/tomcat/tomcat-users.xml’。查看类似下面的部分:
+
+
+ ....
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+*保护 Tomcat*
+
+我们在这里添加用户 “tecmint” 到 tomcat 的管理员/管理组中,使用 “tecmint” 作为密码。先停止再启动 tomcat 服务以使更改生效,并添加 tomcat 服务到随系统启动。
+
+ # systemctl stop tomcat
+ # systemctl start tomcat
+ # systemctl enable tomcat.service
+
+请阅读: [在 RHEL/CentOS 7.0/6.x 中安装和配置 Apache Tomcat 8.0.9][5]
+
+### 13. 安装 Nmap 监视开放端口 ###
+
+Nmap 网络映射器用来分析网络,通过运行它可以发现网络的映射关系。nmap 并没有默认安装,你需要从库中安装它。
+
+ # yum install nmap
+
+
+
+*安装 Nmap 监视工具*
+
+列出主机中所有的开放端口以及对应使用它们的服务。
+
+ # namp 127.0.01
+
+!监视开放端口](http://www.tecmint.com/wp-content/uploads/2015/04/Monitor-Open-Ports.jpeg)
+
+*监视开放端口*
+
+你也可以使用 firewall-cmd 列出所有端口,但我发现 nmap 更有用。
+
+ # firewall-cmd –list-ports
+
+
+
+*在防火墙中检查开放端口*
+
+请阅读: [Nmap 监视开放端口的 29 个有用命令][1]
+
+### 14. 配置 FirewallD ###
+
+firewalld 是动态管理服务器的防火墙服务。在 CentOS 7 中 Firewalld 移除了 iptables 服务。在红帽企业版 Linux 和它的衍生版中默认安装了 Firewalld。如果有 iptables 的话为了使每个更改生效需要清空所有旧的规则然后创建新规则。
+
+然而用firewalld,不需要清空并重新创建新规则就可以实现更改生效。
+
+检查 Firewalld 是否运行。
+
+ # systemctl status firewalld
+ 或
+ # firewall-cmd –state
+
+
+
+*检查 Firewalld 状态*
+
+获取所有的区域列表。
+
+ # firewall-cmd --get-zones
+
+
+
+*检查 Firewalld 区域*
+
+在切换之前先获取区域的详细信息。
+
+ # firewall-cmd --zone=work --list-all
+
+
+
+*检查区域详情*
+
+获取默认区域。
+
+ # firewall-cmd --get-default-zone
+
+
+
+*Firewalld 默认区域*
+
+切换到另一个区域,比如 ‘work’。
+
+ # firewall-cmd --set-default-zone=work
+
+
+
+*切换 Firewalld 区域*
+
+列出区域中的所有服务。
+
+ # firewall-cmd --list-services
+
+
+
+*列出 Firewalld 区域的服务*
+
+添加临时服务,比如 http,然后重载 firewalld。
+
+ # firewall-cmd --add-service=http
+ # firewall-cmd –reload
+
+
+
+*添加临时 http 服务*
+
+添加永久服务,比如 http,然后重载 firewalld。
+
+ # firewall-cmd --add-service=http --permanent
+ # firewall-cmd --reload
+
+
+
+*添加永久 http 服务*
+
+删除临时服务,比如 http。
+
+ # firewall-cmd --remove-service=http
+ # firewall-cmd --reload
+
+
+
+*删除临时 Firewalld 服务*
+
+删除永久服务,比如 http
+
+ # firewall-cmd --zone=work --remove-service=http --permanent
+ # firewall-cmd --reload
+
+
+
+*删除永久服务*
+
+允许一个临时端口(比如 331)。
+
+ # firewall-cmd --add-port=331/tcp
+ # firewall-cmd --reload
+
+
+
+*打开临时端口*
+
+允许一个永久端口(比如 331)。
+
+ # firewall-cmd --add-port=331/tcp --permanent
+ # firewall-cmd --reload
+
+
+
+*打开永久端口*
+
+阻塞/移除临时端口(比如 331)。
+
+ # firewall-cmd --remove-port=331/tcp
+ # firewall-cmd --reload
+
+
+
+*移除临时端口*
+
+阻塞/移除永久端口(比如 331)。
+
+ # firewall-cmd --remove-port=331/tcp --permanent
+ # firewall-cmd --reload
+
+
+
+*移除永久端口*
+
+停用 firewalld。
+
+ # systemctl stop firewalld
+ # systemctl disable firewalld
+ # firewall-cmd --state
+
+
+
+*停用 Firewalld 服务*
+
+启用 firewalld。
+
+ # systemctl enable firewalld
+ # systemctl start firewalld
+ # firewall-cmd --state
+
+
+
+*启用 Firewalld*
+
+- [如何在 RHEL/CentOS 7 中配置 ‘Firewalld’][2]
+- [配置和管理 Firewalld 的有用 ‘Firewalld’ 规则][3]
+
+### 15. 安装 Wget ###
+
+Wget 是从 web 服务器获取(下载)内容的命令行工具。它是你使用 wget 命令获取 web 内容或下载任何文件必须要有的重要工具。
+
+ # yum install wget
+
+
+
+*安装 Wget 工具*
+
+关于在终端中如何使用 wget 命令下载文件的方法和实际例子,请阅读[10 个 Wget 命令例子][4]。
+
+### 16. 安装 Telnet 客户端###
+
+Telnet 是通过 TCP/IP 允许用户登录到相同网络上的另一台计算机的网络协议。和远程计算机的连接建立后,它就成为了一个允许你在自己的计算机上用所有提供给你的权限和远程主机交互的虚拟终端。(LCTT 译注:除非你真的需要,不要安装 telnet 服务,也不要用 telnet 客户端连接另外一个 telnet 服务,因为 telnet 是明文传输的。不过如下用 telnet 客户端检测另外一个服务的端口是否工作是常用的操作。)
+
+Telnet 对于检查远程计算机或主机的监听端口也非常有用。
+
+ # yum install telnet
+ # telnet google.com 80
+
+
+
+*Telnet 端口检查*
+
+--------------------------------------------------------------------------------
+
+via: http://www.tecmint.com/things-to-do-after-minimal-rhel-centos-7-installation/3/
+
+作者:[Avishek Kumar][a]
+译者:[ictlyh](https://github.com/ictlyh)
+校对:[wxy](https://github.com/wxy)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[a]:http://www.tecmint.com/author/avishek/
+[1]:http://linux.cn/article-2561-1.html
+[2]:http://linux.cn/article-4425-1.html
+[3]:http://www.tecmint.com/firewalld-rules-for-centos-7/
+[4]:http://linux.cn/article-4129-1.html
+[5]:http://www.tecmint.com/install-apache-tomcat-in-centos/
\ No newline at end of file
diff --git a/published/201504/Debian 8 Jessie released.md b/published/201504/Debian 8 Jessie released.md
new file mode 100644
index 0000000000..48167b6712
--- /dev/null
+++ b/published/201504/Debian 8 Jessie released.md
@@ -0,0 +1,88 @@
+Debian 8 "Jessie" 发布
+=====================================================
+
+**2015年4月25日** ,在经历了近24个月的持续开发之后,Debian 项目自豪地宣布最新的稳定版本8的发布(代号 “**Jessie**” ),归功于[Debian安全团队][1]和[Debian长期支持][2]团队的工作,该版本将在接下来的5年内获得支持。
+
+
+
+“**Jessie**” 与新的默认 init 系统 `systemd` 一同到来。`systemd` 套件提供了许多激动人心的特性,如更快的启动速度、系统服务的 cgroups 支持、以及独立出部分服务的可能性。不过,`sysvinit` init系统在 “**Jessie**” 中依然可用。
+
+在 “**Wheezy**” 中引入的 UEFI 支持(*“Unified Extensible Firmware Interface”*,统一的可扩展固件接口)同样在 “**Jessie**” 中得到了大幅改进。其中包含了许多已知固件 bug 的临时性解决方案,支持32位系统上的UEFI,也支持64位内核运行在32位 UEFI 固件上(后者仅被包含在我们的 `amd64/i386` “multi-arch” 安装介质中)。
+
+自上个版本发布以来,Debian 项目的成员同样对我们的支持服务做出了重要改进。其中之一是[可浏览所有 Debian 的源码][3],该服务目前放在 [sources.debian.net][4]。当然,在超过20000个源码包里想要找到正确的文件确实令人望而生畏。因此,我们同样十分高兴地上线 [Debian 代码搜索][5],它放在 [codesearch.debian.net][6]。这两项服务都由一个完全重写并且更加反应敏捷的[包追踪系统][7]提供。
+
+该版本包含大量的软件包更新,如:
+
+* Apache 2.4.10
+* Asterisk 11.13.1
+* GIMP 2.8.14
+* 一个GNOME桌面环境 3.14 的升级版本
+* GCC 编译器 4.9.2
+* Icedove 31.6.0 (一个 Mozilla Thunderbird 的再发布版本)
+* Iceweasel 31.6.0esr (一个 Mozilla Firefox 的再发布版本)
+* KDE Plasma Workspaces 和 KDE Applications 4.11.13
+* LibreOffice 4.3.3
+* Linux 3.16.7-ctk9
+* MariaDB 10.0.16 和 MySQL 5.5.42
+* Nagios 3.5.1
+* OpenJDK 7u75
+* Perl 5.20.2
+* PHP 5.6.7
+* PostgreSQL 9.4.1
+* Python 2.7.9 和 3.4.2
+* Samba 4.1.17
+* Tomcat 7.0.56 和 8.0.14
+* Xen Hypervisor 4.4.1
+* Xfce 4.10桌面环境
+* 超过43000个其它可供使用的软件包,从将近20100个源码包编译而来
+
+与如此之多的软件包选择和照例的广泛架构支持,Debian 再次向它的目标:成为通用操作系统迈出正确的一步。Debian 适用于各种不同情形:从桌面系统到上网本;从开发服务器到集群系统;以及数据库,web,或存储服务器。同时,在此基础之上的质量保证工作,如对 Debian 上所有包的自动安装和升级测试,让 “**Jessie**” 可以满足用户拥有一个稳定的 Debian 版本的高期望值。
+
+总共支持十种架构:32位PC/Intel IA-32(`i386`),64位PC/Intel EM64T / x86-64 (`amd64`),Motorola/IBM PowerPC (旧硬件的`powerpc`和新的64位`ppc64el`(little-endian)),MIPS (`mips` 大端和 `mipsel`小端),IBM S/390 (64位 `s390x`)以及 ARM 新老32位硬件的`armel`和`armhf`,加上给新64位 *“AArch64”* 架构的`arm64`。
+
+### 想尝试一下? ###
+
+如果你仅仅是想在不安装的情况下体验 Debian 8 “**Jessie**”,你可以使用一个特殊的镜像,即 live 镜像,可以用在 CD,U 盘以及网络启动设置上。最先只有 `amd64` 和 `i386` 架构提供这些镜像。Live 镜像同样可以用来安装 Debian。更多信息请访问 [Debian Live 主页][8]。
+
+但是如果你想安装 Debian 到你的计算机的话,有不少安装媒介可供你选择,如蓝光碟,DVD,CD 以及 U 盘,或者从网络安装。有几种桌面环境:GNOME,KDE Plasma 桌面及 Plasma 应用,Xfce 以及 LXDE,它们可以从CD镜像中安装,也可以从 CD/DVD 的启动菜单里选择想要的桌面环境。另外,同样提供了多架构 CD 和 DVD,可以从单一磁盘选择安装不同架构的系统。或者你还可以创建可启动 U 盘安装媒介(参看[安装指南][9]获得更多细节)。对云用户,Debian 还提供了[预构建 OpenStack 镜像][10]可供使用。
+
+安装镜像现在同样可以通过 [bittorrent][11](推荐下载方式),[jigdo][12] 或 [HTTP][13] 下载,查看[Debian 光盘][14]获得更进一步的信息。“**Jessie**” 不久将提供实体 DVD,CD-ROM,以及无数[供应商][15]的蓝光碟。
+
+### 升级 Debian ###
+
+如果从前一个版本 Debian 7(代号 “**Wheezy**” )升级到 Debian 8,大部分配置情况 apt-get 包管理工具都能够自动解决。Debian 系统一如既往地能够就地无痛升级,无需强制停机。强烈推荐阅读[发行注记][16]和[安装指南][17]来了解可能存在的问题,并了解安装和升级建议。发行注记会在发布后的几周内进一步改进,并翻译成其他语言。
+
+## 关于 Debian ##
+
+Debian 是一个自由操作系统,由成千上万来自全世界的志愿者通过互联网协作开发。Debian 项目的关键力量是它的志愿者基础,它对 Debian 社群契约和自由软件的贡献,以及对提供最好的操作系统可能的承诺。Debian 8是其前进方向上又一重要一步。
+
+## 联系信息 ##
+
+获取更多信息,请访问 Debian 主页 [https://www.debian.org/][18] 或发送电子邮件至。
+
+--------------------------------------------------------------------------------
+
+via: https://www.debian.org/News/2015/20150426
+
+译者:[alim0x](https://github.com/alim0x) 校对:[wxy](https://github.com/wxy)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[1]:http://security-team.debian.org/
+[2]:https://wiki.debian.org/LTS
+[3]:https://www.debian.org/News/weekly/2013/14/#sources
+[4]:https://sources.debian.net/
+[5]:https://www.debian.org/News/weekly/2014/17/#DCS
+[6]:https://codesearch.debian.net/
+[7]:https://tracker.debian.org/
+[8]:http://live.debian.net/
+[9]:https://www.debian.org/releases/jessie/installmanual
+[10]:http://cdimage.debian.org/cdimage/openstack/current/
+[11]:https://www.debian.org/CD/torrent-cd/
+[12]:https://www.debian.org/CD/jigdo-cd/#which
+[13]:https://www.debian.org/CD/http-ftp/
+[14]:https://www.debian.org/CD/
+[15]:https://www.debian.org/CD/vendors
+[16]:https://www.debian.org/releases/jessie/releasenotes
+[17]:https://www.debian.org/releases/jessie/installmanual
+[18]:https://www.debian.org/
diff --git a/published/201504/GNOME-Pie 0.6 Application Launcher Released.md b/published/201504/GNOME-Pie 0.6 Application Launcher Released.md
new file mode 100644
index 0000000000..199d13f1a6
--- /dev/null
+++ b/published/201504/GNOME-Pie 0.6 Application Launcher Released.md
@@ -0,0 +1,52 @@
+GNOME-Pie 0.6.1 应用启动器发布,酷炫新特性[多图+视频]
+=============================================
+
+**Simon Schneegans 高兴地[宣布][1]他的 GNOME-Pie 0.6.1 已可供下载使用。GNOME-Pie 是一个可以在包括 GNOME 和 Unity 在内的多种桌面环境中作为应用启动器的小工具。**
+
+
+
+GNOME-Pie 0.6.1 看起来是个主要版本更新,引入了许多新特性,比如支持半个或四分之一圆,可选择每个启动器想要的形状,也可以自动根据位置调整形状(圆形,半个或四分之一圆),以及多彩的动态图标。
+
+此外,软件现在还适配若干类dock应用,包括elementary OS 的 Plank,Ubuntu 的 Unity,以及通用的 Docky。一些已有的 GNOME-Pie 主题也已更新,还引入了全新的为半圆启动器布局设计的主题 Simple,。
+
+“Gnome-Pie 新版本已发布,实际上已经发布了两个版本:0.6.0和之后的0.6.1,修复了[issue #73][2],”Simon Schneegans 在发布声明上说道,“新版本修复了许多 bug,还带来了许多新特性!”
+
+
+
+### 现在就可在Ubuntu上安装GNOME-Pie ###
+
+Ubuntu 及其衍生版用户现在就可通过 Simon Schneegans 的PPA源安装 GNOME-Pie。只需打开终端,运行下列命令即可。GNOME-Pie 适用于 Ubuntu 14.04 LTS,14.10和15.04。
+
+ sudo add-apt-repository ppa:simonschneegans/testing
+ sudo apt-get update
+ sudo apt-get install gnome-pie
+
+
+其他 GNU/Linux 发行版用户可以从官网下载 GNOME-Pie 0.6.1 的源代码,或者近期在系统的软件源中搜索新版GNOME-Pie。
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+--------------------------------------------------
+
+via: http://news.softpedia.com/news/GNOME-Pie-0-6-Application-Launcher-Released-with-Many-New-Features-Video-478914.shtml
+
+译者:[alim0x](https://github.com/alim0x) 校对:[wxy](https://github.com/wxy)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[1]:http://simmesimme.github.io/news/2015/04/18/gnome-pie-061/
+[2]:https://github.com/Simmesimme/Gnome-Pie/issues/73
diff --git a/published/How to create a custom backup plan for Debian with backupninja.md b/published/201504/How to create a custom backup plan for Debian with backupninja.md
similarity index 100%
rename from published/How to create a custom backup plan for Debian with backupninja.md
rename to published/201504/How to create a custom backup plan for Debian with backupninja.md
diff --git a/translated/share/20150407 Ambient Noise Player for Ubuntu Plays Relaxing Sounds to Keep You Creative.md b/published/20150407 Ambient Noise Player for Ubuntu Plays Relaxing Sounds to Keep You Creative.md
similarity index 67%
rename from translated/share/20150407 Ambient Noise Player for Ubuntu Plays Relaxing Sounds to Keep You Creative.md
rename to published/20150407 Ambient Noise Player for Ubuntu Plays Relaxing Sounds to Keep You Creative.md
index f468b24754..c636b01820 100644
--- a/translated/share/20150407 Ambient Noise Player for Ubuntu Plays Relaxing Sounds to Keep You Creative.md
+++ b/published/20150407 Ambient Noise Player for Ubuntu Plays Relaxing Sounds to Keep You Creative.md
@@ -1,9 +1,8 @@
-Translated by H-mudcup
-
-适用于Ubuntu的环境音播放器播放让人放松的声音保持你的创造力
+环境音播放器:让人放松的声音,保持你的创造力
================================================================================
-对于某些人来说雨声是个令人安心的声音
+
+*对于某些人来说雨声是个令人安心的声音*
**如果我想变得非常有效率,我不能听‘正常’的音乐。它会使我分心,我会开始跟着唱或者让我想起另一首歌,结局就是我在自己的音乐库里到处戳并且……反正,你懂的。**
@@ -23,11 +22,11 @@ Translated by H-mudcup
Google Play和苹果应用商店充满了环境音和白噪声的应用。现在,在Ubuntu里有同样的应用了。
-‘[Ambient Noise][1]‘ ‘[环境音][1]’——人如其名——是一个专门被设计成播放这种声音的音频播放器。他甚至可以同Ubuntu声音菜单整合到一起,给你‘选择,点击即放松’的体验。
+‘[Ambient Noise (环境音)][1] ’——人如其名,这是一个专门被设计成播放这种声音的音频播放器。他甚至可以同Ubuntu声音菜单整合到一起,给你‘选择,点击即放松’的体验。
-这个应用(又被称为‘ANoise播放器’,由Marcos Costales制作)带有**8个高品质声道**。
+这个应用(又被称为‘ANoise播放器’,由Marcos Costales制作)带有**8个高品质音频**。
-这8个预设声道涵盖了多种环境,从下雨时有节奏的声音,到夜晚大自然静谧的旋律,还有下午熙熙攘攘的咖啡店的嗡嗡声。
+这8个预设音频涵盖了多种环境,从下雨时有节奏的声音,到夜晚大自然静谧的旋律,还有下午熙熙攘攘的咖啡店的嗡嗡声。
### 在Ubuntu上安装ANoise播放器 ###
@@ -39,9 +38,9 @@ Google Play和苹果应用商店充满了环境音和白噪声的应用。现在
sudo apt-get update && sudo apt-get install anoise
-安装好以后只需从Unity Dash(或DE里等价的地方)里打开它,通过声音菜单选择你喜欢的环境音然后……放松吧!这个应用甚至记得你上次用的环境音。
+安装好以后只需从Unity Dash(或桌面环境里类同的地方)里打开它,通过声音菜单选择你喜欢的环境音然后……放松吧!这个应用甚至记得你上次用的环境音。
-Even so, give it a try out and see if it suits your needs. I would say let me know what you think, but I will be too focused to hear — and so might you!即便如此,你还是要试一试看它是否能满足你的需要。我要说的是让我直到你是怎么想的,但是我将会专心致志到听不到你的声音——你可能也会这样!
+即便如此,你还是要试一试看它是否能满足你的需要。我要说的是让我知道你是怎么想的,但是我将会专心致志到听不到你的声音——你可能也会这样!
--------------------------------------------------------------------------------
@@ -49,7 +48,7 @@ via: http://www.omgubuntu.co.uk/2015/04/ambient-noise-player-app-for-ubuntu-linu
作者:[Joey-Elijah Sneddon][a]
译者:[H-mudcup](https://github.com/H-mudcup)
-校对:[校对者ID](https://github.com/校对者ID)
+校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
diff --git a/published/20150410 This tool can alert you about evil twin access points in the area.md b/published/20150410 This tool can alert you about evil twin access points in the area.md
new file mode 100644
index 0000000000..a43aa8206f
--- /dev/null
+++ b/published/20150410 This tool can alert you about evil twin access points in the area.md
@@ -0,0 +1,41 @@
+EvilAP_Defender:可以警示和攻击 WIFI 热点陷阱的工具
+===============================================================================
+
+**开发人员称,EvilAP_Defender甚至可以攻击流氓Wi-Fi接入点**
+
+这是一个新的开源工具,可以定期扫描一个区域,以防出现恶意 Wi-Fi 接入点,同时如果发现情况会提醒网络管理员。
+
+这个工具叫做 EvilAP_Defender,是为监测攻击者所配置的恶意接入点而专门设计的,这些接入点冒用合法的名字诱导用户连接上。
+
+这类接入点被称做假面猎手(evil twin),使得黑客们可以从所接入的设备上监听互联网信息流。这可以被用来窃取证书、钓鱼网站等等。
+
+大多数用户设置他们的计算机和设备可以自动连接一些无线网络,比如家里的或者工作地方的网络。通常,当面对两个同名的无线网络时,即SSID相同,有时候甚至连MAC地址(BSSID)也相同,这时候大多数设备会自动连接信号较强的一个。
+
+这使得假面猎手攻击容易实现,因为SSID和BSSID都可以伪造。
+
+[EvilAP_Defender][1]是一个叫Mohamed Idris的人用Python语言编写,公布在GitHub上面。它可以使用一个计算机的无线网卡来发现流氓接入点,这些坏蛋们复制了一个真实接入点的SSID,BSSID,甚至是其他的参数如通道,密码,隐私协议和认证信息等等。
+
+该工具首先以学习模式运行,以便发现合法的接入点[AP],并且将其加入白名单。然后可以切换到正常模式,开始扫描未认证的接入点。
+
+如果一个恶意[AP]被发现了,该工具会用电子邮件提醒网络管理员,但是开发者也打算在未来加入短信提醒功能。
+
+该工具还有一个保护模式,在这种模式下,应用会发起一个denial-of-service [DoS]攻击反抗恶意接入点,为管理员采取防卫措施赢得一些时间。
+
+“DoS 将仅仅针对有着相同SSID的而BSSID(AP的MAC地址)不同或者不同信道的流氓 AP,”Idris在这款工具的文档中说道。“这是为了避免攻击到你的正常网络。”
+
+尽管如此,用户应该切记在许多国家,攻击别人的接入点很多时候都是非法的,甚至是一个看起来像是攻击者操控的恶意接入点。
+
+要能够运行这款工具,需要Aircrack-ng无线网套装,一个支持Aircrack-ng的无线网卡,MySQL和Python运行环境。
+
+--------------------------------------------------------------------------------
+
+via: http://www.infoworld.com/article/2905725/security0/this-tool-can-alert-you-about-evil-twin-access-points-in-the-area.html
+
+作者:[Lucian Constantin][a]
+译者:[wi-cuckoo](https://github.com/wi-cuckoo)
+校对:[wxy](https://github.com/wxy)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[a]:http://www.infoworld.com/author/Lucian-Constantin/
+[1]:https://github.com/moha99sa/EvilAP_Defender/blob/master/README.TXT
diff --git a/published/20150415 Strong SSL Security on nginx.md b/published/20150415 Strong SSL Security on nginx.md
new file mode 100644
index 0000000000..094c50bd37
--- /dev/null
+++ b/published/20150415 Strong SSL Security on nginx.md
@@ -0,0 +1,290 @@
+增强 nginx 的 SSL 安全性
+================================================================================
+[][1]
+
+本文向你介绍如何在 nginx 服务器上设置健壮的 SSL 安全机制。我们通过禁用 SSL 压缩来降低 CRIME 攻击威胁;禁用协议上存在安全缺陷的 SSLv3 及更低版本,并设置更健壮的加密套件(cipher suite)来尽可能启用前向安全性(Forward Secrecy);此外,我们还启用了 HSTS 和 HPKP。这样我们就拥有了一个健壮而可经受考验的 SSL 配置,并可以在 Qually Labs 的 SSL 测试中得到 A 级评分。
+
+如果不求甚解的话,可以从 [https://cipherli.st][2] 上找到 nginx 、Apache 和 Lighttpd 的安全设置,复制粘帖即可。
+
+本教程在 Digital Ocean 的 VPS 上测试通过。如果你喜欢这篇教程,想要支持作者的站点的话,购买 Digital Ocean 的 VPS 时请使用如下链接:[https://www.digitalocean.com/?refcode=7435ae6b8212][3] 。
+
+本教程可以通过[发布于 2014/1/21 的][4] SSL 实验室测试的严格要求(我之前就通过了测试,如果你按照本文操作就可以得到一个 A+ 评分)。
+
+- [本教程也可用于 Apache ][5]
+- [本教程也可用于 Lighttpd ][6]
+- [本教程也可用于 FreeBSD, NetBSD 和 OpenBSD 上的 nginx ,放在 BSD Now 播客上][7]: [http://www.bsdnow.tv/tutorials/nginx][8]
+
+你可以从下列链接中找到这方面的进一步内容:
+
+- [野兽攻击(BEAST)][9]
+- [罪恶攻击(CRIME)][10]
+- [怪物攻击(FREAK )][11]
+- [心血漏洞(Heartbleed)][12]
+- [完备的前向安全性(Perfect Forward Secrecy)][13]
+- [RC4 和 BEAST 的处理][14]
+
+我们需要编辑 nginx 的配置,在 Ubuntu/Debian 上是 `/etc/nginx/sited-enabled/yoursite.com`,在 RHEL/CentOS 上是 `/etc/nginx/conf.d/nginx.conf`。
+
+本文中,我们需要编辑443端口(SSL)的 `server` 配置中的部分。在文末你可以看到完整的配置例子。
+
+*在编辑之前切记备份一下配置文件!*
+
+### 野兽攻击(BEAST)和 RC4 ###
+
+简单的说,野兽攻击(BEAST)就是通过篡改一个加密算法的 CBC(密码块链)的模式,从而可以对部分编码流量悄悄解码。更多信息参照上面的链接。
+
+针对野兽攻击(BEAST),较新的浏览器已经启用了客户端缓解方案。推荐方案是禁用 TLS 1.0 的所有加密算法,仅允许 RC4 算法。然而,[针对 RC4 算法的攻击也越来越多](http://www.isg.rhul.ac.uk/tls/) ,很多已经从理论上逐步发展为实际可行的攻击方式。此外,有理由相信 NSA 已经实现了他们所谓的“大突破”——攻破 RC4 。
+
+禁用 RC4 会有几个后果。其一,当用户使用老旧的浏览器时,比如 Windows XP 上的 IE 会用 3DES 来替代 RC4。3DES 要比 RC4 更安全,但是它的计算成本更高,你的服务器就需要为这些用户付出更多的处理成本。其二,RC4 算法能减轻 野兽攻击(BEAST)的危害,如果禁用 RC4 会导致 TLS 1.0 用户会换到更容易受攻击的 AES-CBC 算法上(通常服务器端的对野兽攻击(BEAST)的“修复方法”是让 RC4 优先于其它算法)。我认为 RC4 的风险要高于野兽攻击(BEAST)的风险。事实上,有了客户端缓解方案(Chrome 和 Firefox 提供了缓解方案),野兽攻击(BEAST)就不是什么大问题了。而 RC4 的风险却在增长:随着时间推移,对加密算法的破解会越来越多。
+
+### 怪物攻击(FREAK) ###
+
+怪物攻击(FREAK)是一种中间人攻击,它是由来自 [INRIA、微软研究院和 IMDEA][15] 的密码学家们所发现的。怪物攻击(FREAK)的缩写来自“Factoring RSA-EXPORT Keys(RSA 出口密钥因子分解)”
+
+这个漏洞可上溯到上世纪九十年代,当时美国政府禁止出口加密软件,除非其使用编码密钥长度不超过512位的出口加密套件。
+
+这造成了一些现在的 TLS 客户端存在一个缺陷,这些客户端包括: 苹果的 SecureTransport 、OpenSSL。这个缺陷会导致它们会接受出口降级 RSA 密钥,即便客户端并没有要求使用出口降级 RSA 密钥。这个缺陷带来的影响很讨厌:在客户端存在缺陷,且服务器支持出口降级 RSA 密钥时,会发生中间人攻击,从而导致连接的强度降低。
+
+攻击分为两个组成部分:首先是服务器必须接受“出口降级 RSA 密钥”。
+
+中间人攻击可以按如下流程:
+
+- 在客户端的 Hello 消息中,要求标准的 RSA 加密套件。
+- 中间人攻击者修改该消息为‘export RSA’(输出级 RSA 密钥)。
+- 服务器回应一个512位的输出级 RSA 密钥,并以其长期密钥签名。
+- 由于 OpenSSL/SecureTransport 的缺陷,客户端会接受这个弱密钥。
+- 攻击者根据 RSA 模数分解因子来恢复相应的 RSA 解密密钥。
+- 当客户端编码‘pre-master secret’(预主密码)给服务器时,攻击者现在就可以解码它并恢复 TLS 的‘master secret’(主密码)。
+- 从这里开始,攻击者就能看到了传输的明文并注入任何东西了。
+
+本文所提供的加密套件不启用输出降级加密,请确认你的 OpenSSL 是最新的,也强烈建议你将客户端也升级到新的版本。
+
+### 心血漏洞(Heartbleed) ###
+
+心血漏洞(Heartbleed) 是一个于2014年4月公布的 OpenSSL 加密库的漏洞,它是一个被广泛使用的传输层安全(TLS)协议的实现。无论是服务器端还是客户端在 TLS 中使用了有缺陷的 OpenSSL,都可以被利用该缺陷。由于它是因 DTLS 心跳扩展(RFC 6520)中的输入验证不正确(缺少了边界检查)而导致的,所以该漏洞根据“心跳”而命名。这个漏洞是一种缓存区超读漏洞,它可以读取到本不应该读取的数据。
+
+哪个版本的 OpenSSL 受到心血漏洞(Heartbleed)的影响?
+
+各版本情况如下:
+
+- OpenSSL 1.0.1 直到 1.0.1f (包括)**存在**该缺陷
+- OpenSSL 1.0.1g **没有**该缺陷
+- OpenSSL 1.0.0 分支**没有**该缺陷
+- OpenSSL 0.9.8 分支**没有**该缺陷
+
+这个缺陷是2011年12月引入到 OpenSSL 中的,并随着 2012年3月14日 OpenSSL 发布的 1.0.1 而泛滥。2014年4月7日发布的 OpenSSL 1.0.1g 修复了该漏洞。
+
+升级你的 OpenSSL 就可以避免该缺陷。
+
+### SSL 压缩(罪恶攻击 CRIME) ###
+
+罪恶攻击(CRIME)使用 SSL 压缩来完成它的魔法,SSL 压缩在下述版本是默认关闭的: nginx 1.1.6及更高/1.0.9及更高(如果使用了 OpenSSL 1.0.0及更高), nginx 1.3.2及更高/1.2.2及更高(如果使用较旧版本的 OpenSSL)。
+
+如果你使用一个早期版本的 nginx 或 OpenSSL,而且你的发行版没有向后移植该选项,那么你需要重新编译没有一个 ZLIB 支持的 OpenSSL。这会禁止 OpenSSL 使用 DEFLATE 压缩方式。如果你禁用了这个,你仍然可以使用常规的 HTML DEFLATE 压缩。
+
+### SSLv2 和 SSLv3 ###
+
+SSLv2 是不安全的,所以我们需要禁用它。我们也禁用 SSLv3,因为 TLS 1.0 在遭受到降级攻击时,会允许攻击者强制连接使用 SSLv3,从而禁用了前向安全性(forward secrecy)。
+
+如下编辑配置文件:
+
+ ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+
+### 卷毛狗攻击(POODLE)和 TLS-FALLBACK-SCSV ###
+
+SSLv3 会受到[卷毛狗漏洞(POODLE)][16]的攻击。这是禁用 SSLv3 的主要原因之一。
+
+Google 提出了一个名为 [TLS\_FALLBACK\_SCSV][17] 的SSL/TLS 扩展,它用于防止强制 SSL 降级。如果你升级 到下述的 OpenSSL 版本会自动启用它。
+
+- OpenSSL 1.0.1 带有 TLS\_FALLBACK\_SCSV 1.0.1j 及更高。
+- OpenSSL 1.0.0 带有 TLS\_FALLBACK\_SCSV 1.0.0o 及更高。
+- OpenSSL 0.9.8 带有 TLS\_FALLBACK\_SCSV 0.9.8zc 及更高。
+
+[更多信息请参照 NGINX 文档][18]。
+
+### 加密套件(cipher suite) ###
+
+前向安全性(Forward Secrecy)用于在长期密钥被破解时确保会话密钥的完整性。PFS(完备的前向安全性)是指强制在每个/每次会话中推导新的密钥。
+
+这就是说,泄露的私钥并不能用来解密(之前)记录下来的 SSL 通讯。
+
+提供PFS(完备的前向安全性)功能的是那些使用了一种 Diffie-Hellman 密钥交换的短暂形式的加密套件。它们的缺点是系统开销较大,不过可以使用椭圆曲线的变体来改进。
+
+以下两个加密套件是我推荐的,之后[Mozilla 基金会][19]也推荐了。
+
+推荐的加密套件:
+
+ ssl_ciphers 'AES128+EECDH:AES128+EDH';
+
+向后兼容的推荐的加密套件(IE6/WinXP):
+
+ ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
+
+如果你的 OpenSSL 版本比较旧,不可用的加密算法会自动丢弃。应该一直使用上述的完整套件,让 OpenSSL 选择一个它所支持的。
+
+加密套件的顺序是非常重要的,因为其决定了优先选择哪个算法。上述优先推荐的算法中提供了PFS(完备的前向安全性)。
+
+较旧版本的 OpenSSL 也许不能支持这个算法的完整列表,AES-GCM 和一些 ECDHE 算法是相当新的,在 Ubuntu 和 RHEL 中所带的绝大多数 OpenSSL 版本中不支持。
+
+#### 优先顺序的逻辑 ####
+
+- ECDHE+AESGCM 加密是首选的。它们是 TLS 1.2 加密算法,现在还没有广泛支持。当前还没有对它们的已知攻击。
+- PFS 加密套件好一些,首选 ECDHE,然后是 DHE。
+- AES 128 要好于 AES 256。有一个关于 AES256 带来的安全提升程度是否值回成本的[讨论][20],结果是显而易见的。目前,AES128 要更值一些,因为它提供了不错的安全水准,确实很快,而且看起来对时序攻击更有抵抗力。
+- 在向后兼容的加密套件里面,AES 要优于 3DES。在 TLS 1.1及其以上,减轻了针对 AES 的野兽攻击(BEAST)的威胁,而在 TLS 1.0上则难以实现该攻击。在非向后兼容的加密套件里面,不支持 3DES。
+- RC4 整个不支持了。3DES 用于向后兼容。参看 [#RC4\_weaknesses][21] 中的讨论。
+
+#### 强制丢弃的算法 ####
+
+- aNULL 包含了非验证的 Diffie-Hellman 密钥交换,这会受到中间人(MITM)攻击
+- eNULL 包含了无加密的算法(明文)
+- EXPORT 是老旧的弱加密算法,是被美国法律标示为可出口的
+- RC4 包含的加密算法使用了已弃用的 ARCFOUR 算法
+- DES 包含的加密算法使用了弃用的数据加密标准(DES)
+- SSLv2 包含了定义在旧版本 SSL 标准中的所有算法,现已弃用
+- MD5 包含了使用已弃用的 MD5 作为哈希算法的所有算法
+
+### 更多设置 ###
+
+确保你也添加了如下行:
+
+ ssl_prefer_server_ciphers on;
+ ssl_session_cache shared:SSL:10m;
+
+在一个 SSLv3 或 TLSv1 握手过程中选择一个加密算法时,一般使用客户端的首选算法。如果设置了上述配置,则会替代地使用服务器端的首选算法。
+
+- [关于 ssl\_prefer\_server\_ciphers 的更多信息][22]
+- [关于 ssl\_ciphers 的更多信息][23]
+
+### 前向安全性和 Diffie Hellman Ephemeral (DHE)参数 ###
+
+前向安全性(Forward Secrecy)的概念很简单:客户端和服务器协商一个永不重用的密钥,并在会话结束时销毁它。服务器上的 RSA 私钥用于客户端和服务器之间的 Diffie-Hellman 密钥交换签名。从 Diffie-Hellman 握手中获取的预主密钥会用于之后的编码。因为预主密钥是特定于客户端和服务器之间建立的某个连接,并且只用在一个限定的时间内,所以称作短暂模式(Ephemeral)。
+
+使用了前向安全性,如果一个攻击者取得了一个服务器的私钥,他是不能解码之前的通讯信息的。这个私钥仅用于 Diffie Hellman 握手签名,并不会泄露预主密钥。Diffie Hellman 算法会确保预主密钥绝不会离开客户端和服务器,而且不能被中间人攻击所拦截。
+
+所有版本的 nginx(如1.4.4)都依赖于 OpenSSL 给 Diffie-Hellman (DH)的输入参数。不幸的是,这意味着 Diffie-Hellman Ephemeral(DHE)将使用 OpenSSL 的默认设置,包括一个用于密钥交换的1024位密钥。因为我们正在使用2048位证书,DHE 客户端就会使用一个要比非 DHE 客户端更弱的密钥交换。
+
+我们需要生成一个更强壮的 DHE 参数:
+
+ cd /etc/ssl/certs
+ openssl dhparam -out dhparam.pem 4096
+
+然后告诉 nginx 将其用作 DHE 密钥交换:
+
+ ssl_dhparam /etc/ssl/certs/dhparam.pem;
+
+### OCSP 装订(Stapling) ###
+
+当连接到一个服务器时,客户端应该使用证书吊销列表(CRL)或在线证书状态协议(OCSP)记录来校验服务器证书的有效性。CRL 的问题是它已经增长的太大了,永远也下载不完了。
+
+OCSP 更轻量级一些,因为我们每次只请求一条记录。但是副作用是当连接到一个服务器时必须对第三方 OCSP 响应器发起 OCSP 请求,这就增加了延迟和带来了潜在隐患。事实上,CA 所运营的 OCSP 响应器非常不可靠,浏览器如果不能及时收到答复,就会静默失败。攻击者通过 DoS 攻击一个 OCSP 响应器可以禁用其校验功能,这样就降低了安全性。
+
+解决方法是允许服务器在 TLS 握手中发送缓存的 OCSP 记录,以绕开 OCSP 响应器。这个机制节省了客户端和 OCSP 响应器之间的通讯,称作 OCSP 装订。
+
+客户端会在它的 CLIENT HELLO 中告知其支持 status\_request TLS 扩展,服务器仅在客户端请求它的时候才发送缓存的 OCSP 响应。
+
+大多数服务器最多会缓存 OCSP 响应48小时。服务器会按照常规的间隔连接到 CA 的 OCSP 响应器来获取刷新的 OCSP 记录。OCSP 响应器的位置可以从签名的证书中的授权信息访问(Authority Information Access)字段中获得。
+
+- [阅读我的教程:在 NGINX 中启用 OCSP 装订][24]
+
+### HTTP 严格传输安全(HSTS) ###
+
+如有可能,你应该启用 [HTTP 严格传输安全(HSTS)][25],它会引导浏览器和你的站点之间的通讯仅通过 HTTPS。
+
+- [阅读我关于 HSTS 的文章,了解如何配置它][26]
+
+### HTTP 公钥固定扩展(HPKP) ###
+
+你也应该启用 [HTTP 公钥固定扩展(HPKP)][27]。
+
+公钥固定的意思是一个证书链必须包括一个白名单中的公钥。它确保仅有白名单中的 CA 才能够为某个域名签署证书,而不是你的浏览器中存储的任何 CA。
+
+我已经写了一篇[关于 HPKP 的背景理论及在 Apache、Lighttpd 和 NGINX 中配置例子的文章][28]。
+
+### 配置范例 ###
+
+ server {
+
+ listen [::]:443 default_server;
+
+ ssl on;
+ ssl_certificate_key /etc/ssl/cert/raymii_org.pem;
+ ssl_certificate /etc/ssl/cert/ca-bundle.pem;
+
+ ssl_ciphers 'AES128+EECDH:AES128+EDH:!aNULL';
+
+ ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+ ssl_session_cache shared:SSL:10m;
+
+ ssl_stapling on;
+ ssl_stapling_verify on;
+ resolver 8.8.4.4 8.8.8.8 valid=300s;
+ resolver_timeout 10s;
+
+ ssl_prefer_server_ciphers on;
+ ssl_dhparam /etc/ssl/certs/dhparam.pem;
+
+ add_header Strict-Transport-Security max-age=63072000;
+ add_header X-Frame-Options DENY;
+ add_header X-Content-Type-Options nosniff;
+
+ root /var/www/;
+ index index.html index.htm;
+ server_name raymii.org;
+
+ }
+
+### 结尾 ###
+
+如果你使用了上述配置,你需要重启 nginx:
+
+ # 首先检查配置文件是否正确
+ /etc/init.d/nginx configtest
+ # 然后重启
+ /etc/init.d/nginx restart
+
+现在使用 [SSL Labs 测试][29]来看看你是否能得到一个漂亮的“A”。当然了,你也得到了一个安全的、强壮的、经得起考验的 SSL 配置!
+
+- [参考 Mozilla 关于这方面的内容][30]
+
+--------------------------------------------------------------------------------
+
+via: https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html
+
+作者:[Remy van Elst][a]
+译者:[wxy](https://github.com/wxy)
+校对:[wxy](https://github.com/wxy)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[a]:https://raymii.org/
+[1]:https://www.ssllabs.com/ssltest/analyze.html?d=raymii.org
+[2]:https://cipherli.st/
+[3]:https://www.digitalocean.com/?refcode=7435ae6b8212
+[4]:http://blog.ivanristic.com/2014/01/ssl-labs-stricter-security-requirements-for-2014.html
+[5]:https://raymii.org/s/tutorials/Strong_SSL_Security_On_Apache2.html
+[6]:https://raymii.org/s/tutorials/Pass_the_SSL_Labs_Test_on_Lighttpd_%28Mitigate_the_CRIME_and_BEAST_attack_-_Disable_SSLv2_-_Enable_PFS%29.html
+[7]:http://www.bsdnow.tv/episodes/2014_08_20-engineering_nginx
+[8]:http://www.bsdnow.tv/tutorials/nginx
+[9]:https://en.wikipedia.org/wiki/Transport_Layer_Security#BEAST_attack
+[10]:https://en.wikipedia.org/wiki/CRIME_%28security_exploit%29
+[11]:http://blog.cryptographyengineering.com/2015/03/attack-of-week-freak-or-factoring-nsa.html
+[12]:http://heartbleed.com/
+[13]:https://en.wikipedia.org/wiki/Perfect_forward_secrecy
+[14]:https://en.wikipedia.org/wiki/Transport_Layer_Security#Dealing_with_RC4_and_BEAST
+[15]:https://www.smacktls.com/
+[16]:https://raymii.org/s/articles/Check_servers_for_the_Poodle_bug.html
+[17]:https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00
+[18]:http://wiki.nginx.org/HttpSslModule#ssl_protocols
+[19]:https://wiki.mozilla.org/Security/Server_Side_TLS
+[20]:http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg11247.html
+[21]:https://wiki.mozilla.org/Security/Server_Side_TLS#RC4_weaknesses
+[22]:http://wiki.nginx.org/HttpSslModule#ssl_prefer_server_ciphers
+[23]:http://wiki.nginx.org/HttpSslModule#ssl_ciphers
+[24]:https://raymii.org/s/tutorials/OCSP_Stapling_on_nginx.html
+[25]:https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security
+[26]:https://linux.cn/article-5266-1.html
+[27]:https://wiki.mozilla.org/SecurityEngineering/Public_Key_Pinning
+[28]:https://linux.cn/article-5282-1.html
+[29]:https://www.ssllabs.com/ssltest/
+[30]:https://wiki.mozilla.org/Security/Server_Side_TLS
\ No newline at end of file
diff --git a/published/20150417 14 Useful Examples of Linux 'sort' Command--Part 1.md b/published/20150417 14 Useful Examples of Linux 'sort' Command--Part 1.md
new file mode 100644
index 0000000000..c483c4035f
--- /dev/null
+++ b/published/20150417 14 Useful Examples of Linux 'sort' Command--Part 1.md
@@ -0,0 +1,132 @@
+Linux 的 ‘sort’命令的14个有用的范例(一)
+=============================================================
+Sort是用于对单个或多个文本文件内容进行排序的Linux程序。Sort命令以空格作为字段分隔符,将一行分割为多个关键字对文件进行排序。需要注意的是除非你将输出重定向到文件中,否则Sort命令并不对文件内容进行实际的排序(即文件内容没有修改),只是将文件内容按有序输出。
+
+本文的目标是通过14个实际的范例让你更深刻的理解如何在Linux中使用sort命令。
+
+1、 首先我们将会创建一个用于执行‘sort’命令的文本文件(tecmint.txt)。工作路径是‘/home/$USER/Desktop/tecmint’。
+
+下面命令中的‘-e’选项将启用‘\\’转义,将‘\n’解析成换行
+
+ $ echo -e "computer\nmouse\nLAPTOP\ndata\nRedHat\nlaptop\ndebian\nlaptop" > tecmint.txt
+
+
+
+2、 在开始学习‘sort’命令前,我们先看看文件的内容及其显示方式。
+
+ $ cat tecmint.txt
+
+
+
+3、 现在,使用如下命令对文件内容进行排序。
+
+ $ sort tecmint.txt
+
+
+
+**注意**:上面的命令并不对文件内容进行实际的排序,仅仅是将其内容按有序方式输出。
+
+4、 对文件‘tecmint.txt’文件内容排序,并将排序后的内容输出到名为sorted.txt的文件中,然后使用[cat][1]命令查看验证sorted.txt文件的内容。
+
+ $ sort tecmint.txt > sorted.txt
+ $ cat sorted.txt
+
+
+
+5、 现在使用‘-r’参数对‘tecmint.txt’文件内容进行逆序排序,并将输出内容重定向到‘reversesorted.txt’文件中,并使用cat命令查看文件的内容。
+
+ $ sort -r tecmint.txt > reversesorted.txt
+ $ cat reversesorted.txt
+
+
+
+6、 创建一个新文件(lsl.txt),文件内容为在home目录下执行‘ls -l’命令的输出。
+
+ $ ls -l /home/$USER > /home/$USER/Desktop/tecmint/lsl.txt
+ $ cat lsl.txt
+
+
+
+我们将会看到对其他字段进行排序的例子,而不是对默认的开始字符进行排序。
+
+7、 基于第二列(符号连接的数量)对文件‘lsl.txt’进行排序。
+
+ $ sort -nk2 lsl.txt
+
+**注意**:上面例子中的‘-n’参数表示对数值内容进行排序。当想基于文件中的数值列对文件进行排序时,必须要使用‘-n’参数。
+
+
+
+8、 基于第9列(文件和目录的名称,非数值)对文件‘lsl.txt’进行排序。
+
+ $ sort -k9 lsl.txt
+
+
+
+9、 sort命令并非仅能对文件进行排序,我们还可以通过管道将命令的输出内容重定向到sort命令中。
+
+ $ ls -l /home/$USER | sort -nk5
+
+
+
+10、 对文件tecmint.txt进行排序,并删除重复的行。然后检查重复的行是否已经删除了。
+
+ $ cat tecmint.txt
+ $ sort -u tecmint.txt
+
+
+
+目前我们发现的排序规则:
+
+除非指定了‘-r’参数,否则排序的优先级按下面规则排序
+
+ - 以数字开头的行优先级最高
+ - 以小写字母开头的行优先级次之
+ - 待排序内容按字典序进行排序
+ - 默认情况下,‘sort’命令将带排序内容的每行关键字当作一个字符串进行字典序排序(数字优先级最高,参看规则 1)
+
+11、 在当前位置创建第三个文件‘lsla.txt’,其内容用‘ls -lA’命令的输出内容填充。
+
+ $ ls -lA /home/$USER > /home/$USER/Desktop/tecmint/lsla.txt
+ $ cat lsla.txt
+
+
+
+了解ls命令的读者都知道‘ls -lA’ 等于 ‘ls -l’ + 隐藏文件,所以这两个文件的大部分内容都是相同的。
+
+12、 对上面两个文件内容进行排序输出。
+
+ $ sort lsl.txt lsla.txt
+
+
+
+注意文件和目录的重复
+
+13、 现在我们看看怎样对两个文件进行排序、合并,并且删除重复行。
+
+ $ sort -u lsl.txt lsla.txt
+
+
+
+此时,我们注意到重复的行已经被删除了,我们可以将输出内容重定向到文件中。
+
+14、 我们同样可以基于多列对文件内容进行排序。基于第2,5(数值)和9(非数值)列对‘ls -l’命令的输出进行排序。
+
+ $ ls -l /home/$USER | sort -t "," -nk2,5 -k9
+
+
+
+先到此为止了,在接下来的文章中我们将会学习到‘sort’命令更多的详细例子。届时敬请关注我们。保持分享精神。若喜欢本文,敬请将本文分享给你的朋友。
+
+--------------------------------------------------------------------------------
+
+via: http://www.tecmint.com/sort-command-linux/
+
+作者:[Avishek Kumar][a]
+译者:[cvsher](https://github.com/cvsher)
+校对:[wxy](https://github.com/wxy)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[a]:http://www.tecmint.com/author/avishek/
+[1]:http://www.tecmint.com/13-basic-cat-command-examples-in-linux/
diff --git a/published/20150420 7 Interesting Linux 'sort' Command Examples--Part 2.md b/published/20150420 7 Interesting Linux 'sort' Command Examples--Part 2.md
new file mode 100644
index 0000000000..476274b495
--- /dev/null
+++ b/published/20150420 7 Interesting Linux 'sort' Command Examples--Part 2.md
@@ -0,0 +1,134 @@
+Linux 的 'sort'命令的七个有趣实例(二)
+================================================================================
+
+在[上一篇文章][1]里,我们已经探讨了关于sort命令的多个例子,如果你错过了这篇文章,可以点击下面的链接进行阅读。今天的这篇文章作为上一篇文章的继续,将讨论关于sort命令的剩余用法,与上一篇一起作为Linux ‘sort’命令的完整指南。
+
+- [Linux 的 ‘sort’命令的14个有用的范例(一)][1]
+
+在我们继续深入之前,先创建一个文本文档‘month.txt’,并且将上一次给出的数据填进去。
+
+ $ echo -e "mar\ndec\noct\nsep\nfeb\naug" > month.txt
+ $ cat month.txt
+
+
+
+15、 通过使用’M‘选项,对’month.txt‘文件按照月份顺序进行排序。
+
+ $ sort -M month.txt
+
+**注意**:‘sort’命令需要至少3个字符来确认月份名称。
+
+
+
+16、 把数据整理成方便人们阅读的形式,比如1K、2M、3G、2T,这里面的K、G、M、T代表千、兆、吉、梯。
+(LCTT 译注:此处命令有误,ls 命令应该增加 -h 参数,径改之)
+
+ $ ls -lh /home/$USER | sort -h -k5
+
+
+
+17、 在上一篇文章中,我们在例子4中创建了一个名为‘sorted.txt’的文件,在例子6中创建了一个‘lsl.txt’。‘sorted.txt'已经排好序了而’lsl.txt‘还没有。让我们使用sort命令来检查两个文件是否已经排好序。
+
+ $ sort -c sorted.txt
+
+
+
+如果它返回0,则表示文件已经排好序。
+
+ $ sort -c lsl.txt
+
+
+
+报告无序。存在矛盾……
+
+18、 如果文字之间的分隔符是空格,sort命令自动地将空格后的东西当做一个新文字单元,如果分隔符不是空格呢?
+
+考虑这样一个文本文件,里面的内容可以由除了空格之外的任何符号分隔,比如‘|’,‘\’,‘+’,‘.’等……
+
+创建一个分隔符为+的文本文件。使用‘cat‘命令查看文件内容。
+
+ $ echo -e "21+linux+server+production\n11+debian+RedHat+CentOS\n131+Apache+Mysql+PHP\n7+Shell Scripting+python+perl\n111+postfix+exim+sendmail" > delimiter.txt
+
+----------
+
+ $ cat delimiter.txt
+
+
+
+现在基于由数字组成的第一个域来进行排序。
+
+ $ sort -t '+' -nk1 delimiter.txt
+
+
+
+然后再基于非数字的第四个域排序。
+
+
+
+如果分隔符是制表符,你需要在’+‘的位置上用$’\t’代替,如上例所示。
+
+19、 对主用户目录下使用‘ls -l’命令得到的结果基于第五列(‘文件大小’)进行一个乱序排列。
+
+ $ ls -l /home/avi/ | sort -k5 -R
+
+
+
+每一次你运行上面的脚本,你得到结果可能都不一样,因为结果是随机生成的。
+
+正如我在上一篇文章中提到的规则2所说——sort命令会将以小写字母开始的行排在大写字母开始的行前面。看一下上一篇文章的例3,字符串‘laptop’在‘LAPTOP’前出现。
+
+20、 如何覆盖默认的排序优先权?在这之前我们需要先将环境变量LC_ALL的值设置为C。在命令行提示栏中运行下面的代码。
+
+ $ export LC_ALL=C
+
+然后以非默认优先权的方式对‘tecmint.txt’文件重新排序。
+
+ $ sort tecmint.txt
+
+
+
+*覆盖排序优先权*
+
+不要忘记与example 3中得到的输出结果做比较,并且你可以使用‘-f’,又叫‘-ignore-case’(忽略大小写)的选项来获取更有序的输出。
+
+ $ sort -f tecmint.txt
+
+
+
+21、 给两个输入文件进行‘sort‘,然后把它们连接成一行!
+
+我们创建两个文本文档’file1.txt‘以及’file2.txt‘,并用数据填充,如下所示,并用’cat‘命令查看文件的内容。
+
+ $ echo -e “5 Reliable\n2 Fast\n3 Secure\n1 open-source\n4 customizable” > file1.txt
+ $ cat file1.txt
+
+
+
+用如下数据填充’file2.txt‘。
+
+ $ echo -e “3 RedHat\n1 Debian\n5 Ubuntu\n2 Kali\n4 Fedora” > file2.txt
+ $ cat file2.txt
+
+
+
+现在我们对两个文件进行排序并连接。
+
+ $ join <(sort -n file1.txt) <(sort file2.txt)
+
+
+
+
+我所要讲的全部内容就在这里了,希望与各位保持联系,也希望各位经常来逛逛。有反馈就在下面评论吧。
+
+--------------------------------------------------------------------------------
+
+via: http://www.tecmint.com/linux-sort-command-examples/
+
+作者:[Avishek Kumar][a]
+译者:[DongShuaike](https://github.com/DongShuaike)
+校对:[wxy](https://github.com/wxy)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[a]:http://www.tecmint.com/author/avishek/
+[1]:http://www.tecmint.com/sort-command-linux/
diff --git a/published/20150423 uperTuxKart 0.9 Released--The Best Racing Game on Linux Just Got Even Better.md b/published/20150423 uperTuxKart 0.9 Released--The Best Racing Game on Linux Just Got Even Better.md
new file mode 100644
index 0000000000..70355325b6
--- /dev/null
+++ b/published/20150423 uperTuxKart 0.9 Released--The Best Racing Game on Linux Just Got Even Better.md
@@ -0,0 +1,35 @@
+SuperTuxKart 0.9 已发行 —— Linux 中最好的竞速类游戏越来越棒了!
+================================================================================
+**热门竞速类游戏 SuperTuxKart 的新版本已经[打包发行][1]登陆下载服务器**
+
+
+
+*Super Tux Kart 0.9 发行海报*
+
+SuperTuxKart 0.9 相较前一版本做了巨大的升级,内部运行着刚出炉的新引擎(有个炫酷的名字叫‘Antarctica(南极洲)’),目的是要呈现更加炫酷的图形环境,从阴影到场景的纵深,外加卡丁车更好的物理效果。
+
+突出的图形表现也增加了对显卡的要求。SuperTuxKart 开发人员给玩家的建议是,要有图像处理能力比得上(或者,想要完美的话,要超过) Intel HD Graphics 3000, NVIDIA GeForce 8600 或 AMD Radeon HD 3650 的显卡。
+
+### 其他改变 ###
+
+SuperTuxKart 0.9 中与图像的改善同样吸引人眼球的是一对**全新赛道**,新的卡丁车,新的在线账户可以记录和分享**全新推出的成就系统**里赢得的徽章,以及大量的改装和涂装的微调。
+
+点击播放下面的官方发行视频,看看基于调色器的 STK 0.9 所散发的光辉吧。(youtube 视频:https://www.youtube.com/0FEwDH7XU9Q )
+
+Ubuntu 用户可以从项目网站上下载新发行版已编译的二进制文件。
+
+- [下载 SuperTuxKart 0.9][2]
+
+--------------------------------------------------------------------------------
+
+via: http://www.omgubuntu.co.uk/2015/04/supertuxkart-0-9-released
+
+作者:[Joey-Elijah Sneddon][a]
+译者:[H-mudcup](https://github.com/H-mudcup)
+校对:[wxy](https://github.com/wxy)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[a]:https://plus.google.com/117485690627814051450/?rel=author
+[1]:http://supertuxkart.blogspot.co.uk/2015/04/supertuxkart-09-released.html
+[2]:http://supertuxkart.sourceforge.net/Downloads
diff --git a/published/20150504 How To Install Visual Studio Code On Ubuntu.md b/published/20150504 How To Install Visual Studio Code On Ubuntu.md
new file mode 100644
index 0000000000..b3bb071dc5
--- /dev/null
+++ b/published/20150504 How To Install Visual Studio Code On Ubuntu.md
@@ -0,0 +1,63 @@
+在Ubuntu中安装Visual Studio Code
+================================================================================
+
+
+微软令人意外地[发布了Visual Studio Code][1],并支持主要的桌面平台,当然包括linux。如果你是一名需要在ubuntu工作的web开发人员,你可以**非常轻松的安装Visual Studio Code**。
+
+我将要使用[Ubuntu Make][2]来安装Visual Studio Code。Ubuntu Make,就是以前的Ubuntu开发者工具中心,是一个命令行工具,帮助用户快速安装各种开发工具、语言和IDE。也可以使用Ubuntu Make轻松[安装Android Studio][3] 和其他IDE,如Eclipse。本文将展示**如何在Ubuntu中使用Ubuntu Make安装Visual Studio Code**。(译注:也可以直接去微软官网下载安装包)
+
+### 安装微软Visual Studio Code ###
+
+开始之前,首先需要安装Ubuntu Make。虽然Ubuntu Make存在Ubuntu15.04官方库中,**但是需要Ubuntu Make 0.7以上版本才能安装Visual Studio**。所以,需要通过官方PPA更新到最新的Ubuntu Make。此PPA支持Ubuntu 14.04, 14.10 和 15.04。
+
+注意,**仅支持64位版本**。
+
+打开终端,使用下列命令,通过官方PPA来安装Ubuntu Make:
+
+ sudo add-apt-repository ppa:ubuntu-desktop/ubuntu-make
+ sudo apt-get update
+ sudo apt-get install ubuntu-make
+
+安装Ubuntu Make完后,接着使用下列命令安装Visual Studio Code:
+
+ umake web visual-studio-code
+
+安装过程中,将会询问安装路径,如下图:
+
+
+
+在抛出一堆要求和条件后,它会询问你是否确认安装Visual Studio Code。输入‘a’来确定:
+
+
+
+确定之后,安装程序会开始下载并安装。安装完成后,你可以发现Visual Studio Code 图标已经出现在了Unity启动器上。点击图标开始运行!下图是Ubuntu 15.04 Unity的截图:
+
+
+
+### 卸载Visual Studio Code###
+
+卸载Visual Studio Code,同样使用Ubuntu Make命令。如下:
+
+ umake web visual-studio-code --remove
+
+如果你不打算使用Ubuntu Make,也可以通过微软官方下载安装文件。
+
+- [下载Visual Studio Code Linux版][4]
+
+怎样!是不是超级简单就可以安装Visual Studio Code,这都归功于Ubuntu Make。我希望这篇文章能帮助到你。如果您有任何问题或建议,欢迎给我留言。
+
+--------------------------------------------------------------------------------
+
+via: http://itsfoss.com/install-visual-studio-code-ubuntu/
+
+作者:[Abhishek][a]
+译者:[Vic020/VicYu](http://vicyu.net)
+校对:[wxy](https://github.com/wxy)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[a]:http://itsfoss.com/author/abhishek/
+[1]:https://linux.cn/article-5376-1.html
+[2]:https://wiki.ubuntu.com/ubuntu-make
+[3]:http://itsfoss.com/install-android-studio-ubuntu-linux/
+[4]:https://code.visualstudio.com/Download
diff --git a/published/20150506 How to Securely Store Passwords and Api Keys Using Vault.md b/published/20150506 How to Securely Store Passwords and Api Keys Using Vault.md
new file mode 100644
index 0000000000..e2073d0b18
--- /dev/null
+++ b/published/20150506 How to Securely Store Passwords and Api Keys Using Vault.md
@@ -0,0 +1,164 @@
+如何使用Vault安全的存储密码和API密钥
+=======================================================================
+Vault是用来安全的获取秘密信息的工具,它可以保存密码、API密钥、证书等信息。Vault提供了一个统一的接口来访问秘密信息,其具有健壮的访问控制机制和丰富的事件日志。
+
+对关键信息的授权访问是一个困难的问题,尤其是当有许多用户角色,并且用户请求不同的关键信息时,例如用不同权限登录数据库的登录配置,用于外部服务的API密钥,SOA通信的证书等。当保密信息由不同的平台进行管理,并使用一些自定义的配置时,情况变得更糟,因此,安全的存储、管理审计日志几乎是不可能的。但Vault为这种复杂情况提供了一个解决方案。
+
+### 突出特点 ###
+
+**数据加密**:Vault能够在不存储数据的情况下对数据进行加密、解密。开发者们便可以存储加密后的数据而无需开发自己的加密技术,Vault还允许安全团队自定义安全参数。
+
+**安全密码存储**:Vault在将秘密信息(API密钥、密码、证书)存储到持久化存储之前对数据进行加密。因此,如果有人偶尔拿到了存储的数据,这也没有任何意义,除非加密后的信息能被解密。
+
+**动态密码**:Vault可以随时为AWS、SQL数据库等类似的系统产生密码。比如,如果应用需要访问AWS S3 桶,它向Vault请求AWS密钥对,Vault将给出带有租期的所需秘密信息。一旦租用期过期,这个秘密信息就不再存储。
+
+**租赁和更新**:Vault给出的秘密信息带有租期,一旦租用期过期,它便立刻收回秘密信息,如果应用仍需要该秘密信息,则可以通过API更新租用期。
+
+**撤销**:在租用期到期之前,Vault可以撤销一个秘密信息或者一个秘密信息树。
+
+### 安装Vault ###
+
+有两种方式来安装使用Vault。
+
+**1. 预编译的Vault二进制** 能用于所有的Linux发行版,下载地址如下,下载之后,解压并将它放在系统PATH路径下,以方便调用。
+
+- [下载预编译的二进制 Vault (32-bit)][1]
+- [下载预编译的二进制 Vault (64-bit)][2]
+- [下载预编译的二进制 Vault (ARM)][3]
+
+
+
+*下载相应的预编译的Vault二进制版本。*
+
+
+
+*解压下载到本地的二进制版本。*
+
+祝贺你!您现在可以使用Vault了。
+
+
+
+**2. 从源代码编译**是另一种在系统中安装Vault的方式。在安装Vault之前需要安装GO和GIT。
+
+在 **Redhat系统中安装GO** 使用下面的指令:
+
+ sudo yum install go
+
+在 **Debin系统中安装GO** 使用下面的指令:
+
+ sudo apt-get install golang
+
+或者
+
+ sudo add-apt-repository ppa:gophers/go
+
+ sudo apt-get update
+
+ sudo apt-get install golang-stable
+
+在 **Redhat系统中安装GIT** 使用下面的命令:
+
+ sudo yum install git
+
+在 **Debian系统中安装GIT** 使用下面的命令:
+
+ sudo apt-get install git
+
+一旦GO和GIT都已被安装好,我们便可以开始从源码编译安装Vault。
+
+> 将下列的Vault仓库拷贝至GOPATH
+
+ https://github.com/hashicorp/vault
+
+> 测试下面的文件是否存在,如果它不存在,那么Vault没有被克隆到合适的路径。
+
+ $GOPATH/src/github.com/hashicorp/vault/main.go
+
+> 执行下面的指令来编译Vault,并将二进制文件放到系统bin目录下。
+
+ make dev
+
+
+
+### 一份Vault入门教程 ###
+
+我们已经编制了一份Vault的官方交互式教程,并带有它在SSH上的输出信息。
+
+**概述**
+
+这份教程包括下列步骤:
+
+- 初始化并启封您的Vault
+- 在Vault中对您的请求授权
+- 读写秘密信息
+- 密封您的Vault
+
+#### **初始化您的Vault**
+
+首先,我们需要为您初始化一个Vault的工作实例。在初始化过程中,您可以配置Vault的密封行为。简单起见,现在使用一个启封密钥来初始化Vault,命令如下:
+
+ vault init -key-shares=1 -key-threshold=1
+
+您会注意到Vault在这里输出了几个密钥。不要清除您的终端,这些密钥在后面的步骤中会使用到。
+
+
+
+#### **启封您的Vault**
+
+当一个Vault服务器启动时,它是密封的状态。在这种状态下,Vault被配置为知道物理存储在哪里及如何存取它,但不知道如何对其进行解密。Vault使用加密密钥来加密数据。这个密钥由"主密钥"加密,主密钥不保存。解密主密钥需要入口密钥。在这个例子中,我们使用了一个入口密钥来解密这个主密钥。
+
+ vault unseal
+
+
+
+####**为您的请求授权**
+
+在执行任何操作之前,连接的客户端必须是被授权的。授权的过程是检验一个人或者机器是否如其所申明的那样具有正确的身份。这个身份用在向Vault发送请求时。为简单起见,我们将使用在步骤2中生成的root令牌,这个信息可以回滚终端屏幕看到。使用一个客户端令牌进行授权:
+
+ vault auth
+
+
+
+####**读写保密信息**
+
+现在Vault已经被设置妥当,我们可以开始读写默认挂载的秘密后端里面的秘密信息了。写在Vault中的秘密信息首先被加密,然后被写入后端存储中。后端存储机制绝不会看到未加密的信息,并且也没有在Vault之外解密的需要。
+
+ vault write secret/hello value=world
+
+当然,您接下来便可以读这个保密信息了:
+
+ vault read secret/hello
+
+
+
+####**密封您的Vault**
+
+还有一个用I来密封Vault的API。它将丢掉现在的加密密钥并需要另一个启封过程来恢复它。密封仅需要一个拥有root权限的操作者。这是一种罕见的"打破玻璃过程"的典型部分。
+
+这种方式中,如果检测到一个入侵,Vault数据将会立刻被锁住,以便最小化损失。如果不能访问到主密钥碎片的话,就不能再次获取数据。
+
+ vault seal
+
+
+
+这便是入门教程的结尾。
+
+### 总结 ###
+
+Vault是一个非常有用的应用,它提供了一个可靠且安全的存储关键信息的方式。另外,它在存储前加密关键信息、审计日志维护、以租期的方式获取秘密信息,且一旦租用期过期它将立刻收回秘密信息。Vault是平台无关的,并且可以免费下载和安装。要发掘Vault的更多信息,请访问其[官方网站][4]。
+
+--------------------------------------------------------------------------------
+
+via: http://linoxide.com/how-tos/secure-secret-store-vault/
+
+作者:[Aun Raza][a]
+译者:[wwy-hust](https://github.com/wwy-hust)
+校对:[wxy](https://github.com/wxy)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
+
+[a]:http://linoxide.com/author/arunrz/
+[1]:https://dl.bintray.com/mitchellh/vault/vault_0.1.0_linux_386.zip
+[2]:https://dl.bintray.com/mitchellh/vault/vault_0.1.0_linux_amd64.zip
+[3]:https://dl.bintray.com/mitchellh/vault/vault_0.1.0_linux_arm.zip
+[4]:https://vaultproject.io/
diff --git a/published/20150506 Linux FAQs with Answers--How to configure a Linux bridge with Network Manager on Ubuntu.md b/published/20150506 Linux FAQs with Answers--How to configure a Linux bridge with Network Manager on Ubuntu.md
new file mode 100644
index 0000000000..b1ff96e30b
--- /dev/null
+++ b/published/20150506 Linux FAQs with Answers--How to configure a Linux bridge with Network Manager on Ubuntu.md
@@ -0,0 +1,86 @@
+Linux 有问必答:如何在Ubuntu上配置网桥
+===============================================================================
+> **Question**: 我需要在我的Ubuntu主机上建立一个Linux网桥,共享一个网卡给其他一些虚拟主机或在主机上创建的容器。我目前正在Ubuntu上使用网络管理器(Network Manager),所以最好>能使用网络管理器来配置一个网桥。我该怎么做?
+
+网桥是一个硬件装备,用来将两个或多个数据链路层(OSI七层模型中第二层)互联,以使得不同网段上的网络设备可以互相访问。当你想要互联一个主机里的多个虚拟机器或者以太接口时,就需要在Linux主机里有一个类似桥接的概念。这里使用的是一种软网桥。
+
+有很多的方法来配置一个Linux网桥。举个例子,在一个无外接显示/键盘的服务器环境里,你可以使用[brct][1]手动地配置一个网桥。而在桌面环境下,在网络管理器里也支持网桥设置。那就让我们测试一下如何用网络管理器配置一个网桥吧。
+
+### 要求 ###
+
+为了避免[任何问题][2],建议你的网络管理器版本为0.9.9或者更高,它用在 Ubuntu 15.04或者更新的版本。
+
+ $ apt-cache show network-manager | grep Version
+
+----------
+
+ Version: 0.9.10.0-4ubuntu15.1
+ Version: 0.9.10.0-4ubuntu15
+
+### 创建一个网桥 ###
+
+使用网络管理器创建网桥最简单的方式就是通过nm-connection-editor。这款GUI(图形用户界面)的工具允许你傻瓜式地配置一个网桥。
+
+首先,启动nm-connection-editor。
+
+ $ nm-connection-editor
+
+该编辑器的窗口会显示给你一个列表,列出目前配置好的网络连接。点击右上角的“添加”按钮,创建一个网桥。
+
+
+
+接下来,选择“Bridge”(网桥)作为连接类型。
+
+
+
+现在,开始配置网桥,包括它的名字和所桥接的连接。如果没有创建过其他网桥,那么默认的网桥接口会被命名为bridge0。
+
+回顾一下,创建网桥的目的是为了通过网桥共享你的以太网卡接口,所以你需要添加以太网卡接口到网桥。在图形界面添加一个新的“桥接的连接”可以实现上述目的。点击“Add”按钮。
+
+
+
+选择“以太网”作为连接类型。
+
+
+
+在“设备的 MAC 地址”区域,选择你想要从属于网桥的接口。本例中,假设该接口是eth0。
+
+
+
+点击“常规”标签,并且选中两个复选框,分别是“当其可用时自动连接到该网络”和“所有用户都可以连接到该网络”。
+
+
+
+切换到“IPv4 设置”标签,为网桥配置DHCP或者是静态IP地址。注意,你应该为从属的以太网卡接口eth0使用相同的IPv4设定。本例中,我们假设eth0是用过DHCP配置的。因此,此处选择“自动(DHCP)”。如果eth0被指定了一个静态IP地址,那么你也应该指定相同的IP地址给网桥。
+
+
+
+最后,保存网桥的设置。
+
+现在,你会看见一个新增的网桥连接被创建在“网络连接”窗口里。因为已经从属与网桥,以前配置好的有线连接 eth0 就不再需要了,所以去删除原来的有线连接吧。
+
+
+
+这时候,网桥连接会被自动激活。从指定给eth0的IP地址被网桥接管起,你将会暂时丢失一下连接。当IP地址赋给了网桥,你将会通过网桥连接回你的以太网卡接口。你可以通过“Network”设置确认一下。
+
+
+
+同时,检查可用的接口。提醒一下,网桥接口必须已经取代了任何你的以太网卡接口拥有的IP地址。
+
+
+
+就这么多了,现在,网桥已经可以用了。
+
+--------------------------------------------------------------------------------
+
+via: http://ask.xmodulo.com/configure-linux-bridge-network-manager-ubuntu.html
+
+作者:[Dan Nanni][a]
+译者:[wi-cuckoo](https://github.com/wi-cuckoo)
+校对:[wxy](https://github.com/wxy)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
+
+[a]:http://ask.xmodulo.com/author/nanni
+[1]:http://xmodulo.com/how-to-configure-linux-bridge-interface.html
+[2]:https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/1273201
diff --git a/published/20150507 Command Line Tool to Monitor Linux Containers Performance.md b/published/20150507 Command Line Tool to Monitor Linux Containers Performance.md
new file mode 100644
index 0000000000..161e030c11
--- /dev/null
+++ b/published/20150507 Command Line Tool to Monitor Linux Containers Performance.md
@@ -0,0 +1,185 @@
+监控 Linux 容器性能的命令行神器
+================================================================================
+ctop是一个新的基于命令行的工具,它可用于在容器层级监控进程。容器通过利用控制器组(cgroup)的资源管理功能,提供了操作系统层级的虚拟化环境。该工具从cgroup收集与内存、CPU、块输入输出的相关数据,以及拥有者、开机时间等元数据,并以人性化的格式呈现给用户,这样就可以快速对系统健康状况进行评估。基于所获得的数据,它可以尝试推测下层的容器技术。ctop也有助于在低内存环境中检测出谁在消耗大量的内存。
+
+### 功能 ###
+
+ctop的一些功能如下:
+
+- 收集CPU、内存和块输入输出的度量值
+- 收集与拥有者、容器技术和任务统计相关的信息
+- 通过任意栏对信息排序
+- 以树状视图显示信息
+- 折叠/展开cgroup树
+- 选择并跟踪cgroup/容器
+- 选择显示数据刷新的时间窗口
+- 暂停刷新数据
+- 检测基于systemd、Docker和LXC的容器
+- 基于Docker和LXC的容器的高级特性
+ - 打开/连接shell以进行深度诊断
+ - 停止/杀死容器类型
+
+### 安装 ###
+
+**ctop**是由Python写成的,因此,除了需要Python 2.6或其更高版本外(带有内建的光标支持),别无其它外部依赖。推荐使用Python的pip进行安装,如果还没有安装pip,请先安装,然后使用pip安装ctop。
+
+*注意:本文样例来自Ubuntu(14.10)系统*
+
+ $ sudo apt-get install python-pip
+
+使用pip安装ctop:
+
+ poornima@poornima-Lenovo:~$ sudo pip install ctop
+
+ [sudo] password for poornima:
+
+ Downloading/unpacking ctop
+
+ Downloading ctop-0.4.0.tar.gz
+
+ Running setup.py (path:/tmp/pip_build_root/ctop/setup.py) egg_info for package ctop
+
+ Installing collected packages: ctop
+
+ Running setup.py install for ctop
+
+ changing mode of build/scripts-2.7/ctop from 644 to 755
+
+ changing mode of /usr/local/bin/ctop to 755
+
+ Successfully installed ctop
+
+ Cleaning up...
+
+如果不选择使用pip安装,你也可以使用wget直接从github安装:
+
+ poornima@poornima-Lenovo:~$ wget https://raw.githubusercontent.com/yadutaf/ctop/master/cgroup_top.py -O ctop
+
+ --2015-04-29 19:32:53-- https://raw.githubusercontent.com/yadutaf/ctop/master/cgroup_top.py
+
+ Resolving raw.githubusercontent.com (raw.githubusercontent.com)... 199.27.78.133
+
+ Connecting to raw.githubusercontent.com (raw.githubusercontent.com)|199.27.78.133|:443... connected.
+
+ HTTP request sent, awaiting response... 200 OK Length: 27314 (27K) [text/plain]
+
+ Saving to: ctop
+
+ 100%[======================================>] 27,314 --.-K/s in 0s
+
+ 2015-04-29 19:32:59 (61.0 MB/s) - ctop saved [27314/27314]
+
+----------
+
+ poornima@poornima-Lenovo:~$ chmod +x ctop
+
+如果cgroup-bin包没有安装,你可能会碰到一个错误消息,你可以通过安装需要的包来解决。
+
+ poornima@poornima-Lenovo:~$ ./ctop
+
+ [ERROR] Failed to locate cgroup mountpoints.
+
+ poornima@poornima-Lenovo:~$ sudo apt-get install cgroup-bin
+
+下面是ctop的输出样例:
+
+
+
+*ctop屏幕*
+
+### 用法选项 ###
+
+ ctop [--tree] [--refresh=] [--columns=] [--sort-col=] [--follow=] [--fold=, ...] ctop (-h | --help)
+
+当你进入ctop屏幕,可使用上(↑)和下(↓)箭头键在容器间导航。点击某个容器就选定了该容器,按q或Ctrl+C退出该容器。
+
+现在,让我们来看看上面列出的那一堆选项究竟是怎么用的吧。
+
+**-h / --help - 显示帮助信息**
+
+ poornima@poornima-Lenovo:~$ ctop -h
+ Usage: ctop [options]
+
+ Options:
+ -h, --help show this help message and exit
+ --tree show tree view by default
+ --refresh=REFRESH Refresh display every
+ --follow=FOLLOW Follow cgroup path
+ --columns=COLUMNS List of optional columns to display. Always includes
+ 'name'
+ --sort-col=SORT_COL Select column to sort by initially. Can be changed
+ dynamically.
+
+
+**--tree - 显示容器的树形视图**
+
+默认情况下,会显示列表视图
+
+当你进入ctop窗口,你可以使用F5按钮在树状/列表视图间切换。
+
+**--fold= - 在树形视图中折叠名为 \ 的 cgroup 路径**
+
+该选项需要与 --tree 选项组合使用。
+
+例子: ctop --tree --fold=/user.slice
+
+
+
+*'ctop --fold'的输出*
+
+在ctop窗口中,使用+/-键来展开或折叠子cgroup。
+
+注意:在写本文时,pip仓库中还没有最新版的ctop,还不支持命令行的‘--fold’选项
+
+**--follow= - 跟踪/高亮 cgroup 路径**
+
+例子: ctop --follow=/user.slice/user-1000.slice
+
+正如你在下面屏幕中所见到的那样,带有“/user.slice/user-1000.slice”路径的cgroup被高亮显示,这让用户易于跟踪,就算显示位置变了也一样。
+
+
+
+*'ctop --follow'的输出*
+
+你也可以使用‘f’按钮来让高亮的行跟踪选定的容器。默认情况下,跟踪是关闭的。
+
+**--refresh= - 按指定频率刷新显示,默认1秒**
+
+这对于按每用户需求来显示改变刷新率时很有用。使用‘p’按钮可以暂停刷新并选择文本。
+
+**--columns= - 限定只显示选定的列。'name' 需要是第一个字段,其后跟着其它字段。默认情况下,字段包括:owner, processes,memory, cpu-sys, cpu-user, blkio, cpu-time**
+
+例子: ctop --columns=name,owner,type,memory
+
+
+
+*'ctop --column'的输出*
+
+**-sort-col= - 按指定的列排序。默认使用 cpu-user 排序**
+
+例子: ctop --sort-col=blkio
+
+如果有Docker和LXC支持的额外容器,跟踪选项也是可用的:
+
+ press 'a' - 接驳到终端输出
+
+ press 'e' - 打开容器中的一个 shell
+
+ press 's' - 停止容器 (SIGTERM)
+
+ press 'k' - 杀死容器 (SIGKILL)
+
+目前 Jean-Tiare Le Bigot 还在积极开发 [ctop][1] 中,希望我们能在该工具中见到像本地 top 命令一样的特性 :-)
+
+--------------------------------------------------------------------------------
+
+via: http://linoxide.com/how-tos/monitor-linux-containers-performance/
+
+作者:[B N Poornima][a]
+译者:[GOLinux](https://github.com/GOLinux)
+校对:[wxy](https://github.com/wxy)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
+
+[a]:http://linoxide.com/author/bnpoornima/
+[1]:https://github.com/yadutaf/ctop
diff --git a/published/20150511 OpenSSL command line Root and Intermediate CA including OCSP, CRL and revocation.md b/published/20150511 OpenSSL command line Root and Intermediate CA including OCSP, CRL and revocation.md
new file mode 100644
index 0000000000..9bd388f67c
--- /dev/null
+++ b/published/20150511 OpenSSL command line Root and Intermediate CA including OCSP, CRL and revocation.md
@@ -0,0 +1,406 @@
+建立你自己的 CA 服务:OpenSSL 命令行 CA 操作快速指南
+================================================================================
+
+这些是关于使用 OpenSSL 生成证书授权(CA)、中间证书授权和末端证书的速记随笔,内容包括 OCSP、CRL 和 CA 颁发者信息,以及指定颁发和有效期限等。
+
+我们将建立我们自己的根 CA,我们将使用根 CA 来生成一个中间 CA 的例子,我们将使用中间 CA 来签署末端用户证书。
+
+### 根 CA ###
+
+创建根 CA 授权目录并切换到该目录:
+
+ mkdir ~/SSLCA/root/
+ cd ~/SSLCA/root/
+
+为我们的根 CA 生成一个8192位长的 SHA-256 RSA 密钥:
+
+ openssl genrsa -aes256 -out rootca.key 8192
+
+样例输出:
+
+ Generating RSA private key, 8192 bit long modulus
+ .........++
+ ....................................................................................................................++
+ e is 65537 (0x10001)
+
+如果你想要用密码保护该密钥,请添加 `-aes256` 选项。
+
+创建自签名根 CA 证书 `ca.crt`;你需要为你的根 CA 提供一个身份:
+
+ openssl req -sha256 -new -x509 -days 1826 -key rootca.key -out rootca.crt
+
+样例输出:
+
+ You are about to be asked to enter information that will be incorporated
+ into your certificate request.
+ What you are about to enter is what is called a Distinguished Name or a DN.
+ There are quite a few fields but you can leave some blank
+ For some fields there will be a default value,
+ If you enter '.', the field will be left blank.
+ -----
+ Country Name (2 letter code) [AU]:NL
+ State or Province Name (full name) [Some-State]:Zuid Holland
+ Locality Name (eg, city) []:Rotterdam
+ Organization Name (eg, company) [Internet Widgits Pty Ltd]:Sparkling Network
+ Organizational Unit Name (eg, section) []:Sparkling CA
+ Common Name (e.g. server FQDN or YOUR name) []:Sparkling Root CA
+ Email Address []:
+
+创建一个存储 CA 序列的文件:
+
+ touch certindex
+ echo 1000 > certserial
+ echo 1000 > crlnumber
+
+放置 CA 配置文件,该文件持有 CRL 和 OCSP 末端的存根。
+
+ # vim ca.conf
+ [ ca ]
+ default_ca = myca
+
+ [ crl_ext ]
+ issuerAltName=issuer:copy
+ authorityKeyIdentifier=keyid:always
+
+ [ myca ]
+ dir = ./
+ new_certs_dir = $dir
+ unique_subject = no
+ certificate = $dir/rootca.crt
+ database = $dir/certindex
+ private_key = $dir/rootca.key
+ serial = $dir/certserial
+ default_days = 730
+ default_md = sha1
+ policy = myca_policy
+ x509_extensions = myca_extensions
+ crlnumber = $dir/crlnumber
+ default_crl_days = 730
+
+ [ myca_policy ]
+ commonName = supplied
+ stateOrProvinceName = supplied
+ countryName = optional
+ emailAddress = optional
+ organizationName = supplied
+ organizationalUnitName = optional
+
+ [ myca_extensions ]
+ basicConstraints = critical,CA:TRUE
+ keyUsage = critical,any
+ subjectKeyIdentifier = hash
+ authorityKeyIdentifier = keyid:always,issuer
+ keyUsage = digitalSignature,keyEncipherment,cRLSign,keyCertSign
+ extendedKeyUsage = serverAuth
+ crlDistributionPoints = @crl_section
+ subjectAltName = @alt_names
+ authorityInfoAccess = @ocsp_section
+
+ [ v3_ca ]
+ basicConstraints = critical,CA:TRUE,pathlen:0
+ keyUsage = critical,any
+ subjectKeyIdentifier = hash
+ authorityKeyIdentifier = keyid:always,issuer
+ keyUsage = digitalSignature,keyEncipherment,cRLSign,keyCertSign
+ extendedKeyUsage = serverAuth
+ crlDistributionPoints = @crl_section
+ subjectAltName = @alt_names
+ authorityInfoAccess = @ocsp_section
+
+ [alt_names]
+ DNS.0 = Sparkling Intermidiate CA 1
+ DNS.1 = Sparkling CA Intermidiate 1
+
+ [crl_section]
+ URI.0 = http://pki.sparklingca.com/SparklingRoot.crl
+ URI.1 = http://pki.backup.com/SparklingRoot.crl
+
+ [ocsp_section]
+ caIssuers;URI.0 = http://pki.sparklingca.com/SparklingRoot.crt
+ caIssuers;URI.1 = http://pki.backup.com/SparklingRoot.crt
+ OCSP;URI.0 = http://pki.sparklingca.com/ocsp/
+ OCSP;URI.1 = http://pki.backup.com/ocsp/
+
+如果你需要设置某个特定的证书生效/过期日期,请添加以下内容到`[myca]`:
+
+ # format: YYYYMMDDHHMMSS
+ default_enddate = 20191222035911
+ default_startdate = 20181222035911
+
+### 创建中间 CA###
+
+生成中间 CA (名为 intermediate1)的私钥:
+
+ openssl genrsa -out intermediate1.key 4096
+
+生成中间 CA 的 CSR:
+
+ openssl req -new -sha256 -key intermediate1.key -out intermediate1.csr
+
+样例输出:
+
+ You are about to be asked to enter information that will be incorporated
+ into your certificate request.
+ What you are about to enter is what is called a Distinguished Name or a DN.
+ There are quite a few fields but you can leave some blank
+ For some fields there will be a default value,
+ If you enter '.', the field will be left blank.
+ -----
+ Country Name (2 letter code) [AU]:NL
+ State or Province Name (full name) [Some-State]:Zuid Holland
+ Locality Name (eg, city) []:Rotterdam
+ Organization Name (eg, company) [Internet Widgits Pty Ltd]:Sparkling Network
+ Organizational Unit Name (eg, section) []:Sparkling CA
+ Common Name (e.g. server FQDN or YOUR name) []:Sparkling Intermediate CA
+ Email Address []:
+
+ Please enter the following 'extra' attributes
+ to be sent with your certificate request
+ A challenge password []:
+ An optional company name []:
+
+确保中间 CA 的主体(CN)和根 CA 不同。
+
+用根 CA 签署 中间 CA 的 CSR:
+
+ openssl ca -batch -config ca.conf -notext -in intermediate1.csr -out intermediate1.crt
+
+样例输出:
+
+ Using configuration from ca.conf
+ Check that the request matches the signature
+ Signature ok
+ The Subject's Distinguished Name is as follows
+ countryName :PRINTABLE:'NL'
+ stateOrProvinceName :ASN.1 12:'Zuid Holland'
+ localityName :ASN.1 12:'Rotterdam'
+ organizationName :ASN.1 12:'Sparkling Network'
+ organizationalUnitName:ASN.1 12:'Sparkling CA'
+ commonName :ASN.1 12:'Sparkling Intermediate CA'
+ Certificate is to be certified until Mar 30 15:07:43 2017 GMT (730 days)
+
+ Write out database with 1 new entries
+ Data Base Updated
+
+生成 CRL(同时采用 PEM 和 DER 格式):
+
+ openssl ca -config ca.conf -gencrl -keyfile rootca.key -cert rootca.crt -out rootca.crl.pem
+
+ openssl crl -inform PEM -in rootca.crl.pem -outform DER -out rootca.crl
+
+每次使用该 CA 签署证书后,请生成 CRL。
+
+如果你需要撤销该中间证书:
+
+ openssl ca -config ca.conf -revoke intermediate1.crt -keyfile rootca.key -cert rootca.crt
+
+### 配置中间 CA ###
+
+为该中间 CA 创建一个新文件夹,然后进入该文件夹:
+
+ mkdir ~/SSLCA/intermediate1/
+ cd ~/SSLCA/intermediate1/
+
+从根 CA 拷贝中间证书和密钥:
+
+ cp ~/SSLCA/root/intermediate1.key ./
+ cp ~/SSLCA/root/intermediate1.crt ./
+
+创建索引文件:
+
+ touch certindex
+ echo 1000 > certserial
+ echo 1000 > crlnumber
+
+创建一个新的 `ca.conf` 文件:
+
+ # vim ca.conf
+ [ ca ]
+ default_ca = myca
+
+ [ crl_ext ]
+ issuerAltName=issuer:copy
+ authorityKeyIdentifier=keyid:always
+
+ [ myca ]
+ dir = ./
+ new_certs_dir = $dir
+ unique_subject = no
+ certificate = $dir/intermediate1.crt
+ database = $dir/certindex
+ private_key = $dir/intermediate1.key
+ serial = $dir/certserial
+ default_days = 365
+ default_md = sha1
+ policy = myca_policy
+ x509_extensions = myca_extensions
+ crlnumber = $dir/crlnumber
+ default_crl_days = 365
+
+ [ myca_policy ]
+ commonName = supplied
+ stateOrProvinceName = supplied
+ countryName = optional
+ emailAddress = optional
+ organizationName = supplied
+ organizationalUnitName = optional
+
+ [ myca_extensions ]
+ basicConstraints = critical,CA:FALSE
+ keyUsage = critical,any
+ subjectKeyIdentifier = hash
+ authorityKeyIdentifier = keyid:always,issuer
+ keyUsage = digitalSignature,keyEncipherment
+ extendedKeyUsage = serverAuth
+ crlDistributionPoints = @crl_section
+ subjectAltName = @alt_names
+ authorityInfoAccess = @ocsp_section
+
+ [alt_names]
+ DNS.0 = example.com
+ DNS.1 = example.org
+
+ [crl_section]
+ URI.0 = http://pki.sparklingca.com/SparklingIntermidiate1.crl
+ URI.1 = http://pki.backup.com/SparklingIntermidiate1.crl
+
+ [ocsp_section]
+ caIssuers;URI.0 = http://pki.sparklingca.com/SparklingIntermediate1.crt
+ caIssuers;URI.1 = http://pki.backup.com/SparklingIntermediate1.crt
+ OCSP;URI.0 = http://pki.sparklingca.com/ocsp/
+ OCSP;URI.1 = http://pki.backup.com/ocsp/
+
+修改 `[alt_names]` 部分,添加你需要的主体备选名。如果你不需要主体备选名,请移除该部分包括`subjectAltName = @alt_names`的行。
+
+如果你需要设置一个指定的生效/到期日期,请添加以下内容到 `[myca]`:
+
+ # format: YYYYMMDDHHMMSS
+ default_enddate = 20191222035911
+ default_startdate = 20181222035911
+
+生成一个空白 CRL(同时以 PEM 和 DER 格式):
+
+ openssl ca -config ca.conf -gencrl -keyfile rootca.key -cert rootca.crt -out rootca.crl.pem
+
+ openssl crl -inform PEM -in rootca.crl.pem -outform DER -out rootca.crl
+
+### 生成末端用户证书 ###
+
+我们使用这个新的中间 CA 来生成一个末端用户证书,请重复以下操作来使用该 CA 为每个用户签署。
+
+ mkdir enduser-certs
+
+生成末端用户的私钥:
+
+ openssl genrsa -out enduser-certs/enduser-example.com.key 4096
+
+生成末端用户的 CSR:
+
+ openssl req -new -sha256 -key enduser-certs/enduser-example.com.key -out enduser-certs/enduser-example.com.csr
+
+样例输出:
+
+ You are about to be asked to enter information that will be incorporated
+ into your certificate request.
+ What you are about to enter is what is called a Distinguished Name or a DN.
+ There are quite a few fields but you can leave some blank
+ For some fields there will be a default value,
+ If you enter '.', the field will be left blank.
+ -----
+ Country Name (2 letter code) [AU]:NL
+ State or Province Name (full name) [Some-State]:Noord Holland
+ Locality Name (eg, city) []:Amsterdam
+ Organization Name (eg, company) [Internet Widgits Pty Ltd]:Example Inc
+ Organizational Unit Name (eg, section) []:IT Dept
+ Common Name (e.g. server FQDN or YOUR name) []:example.com
+ Email Address []:
+
+ Please enter the following 'extra' attributes
+ to be sent with your certificate request
+ A challenge password []:
+ An optional company name []:
+
+使用中间 CA 签署末端用户的 CSR:
+
+ openssl ca -batch -config ca.conf -notext -in enduser-certs/enduser-example.com.csr -out enduser-certs/enduser-example.com.crt
+
+样例输出:
+
+ Using configuration from ca.conf
+ Check that the request matches the signature
+ Signature ok
+ The Subject's Distinguished Name is as follows
+ countryName :PRINTABLE:'NL'
+ stateOrProvinceName :ASN.1 12:'Noord Holland'
+ localityName :ASN.1 12:'Amsterdam'
+ organizationName :ASN.1 12:'Example Inc'
+ organizationalUnitName:ASN.1 12:'IT Dept'
+ commonName :ASN.1 12:'example.com'
+ Certificate is to be certified until Mar 30 15:18:26 2016 GMT (365 days)
+
+ Write out database with 1 new entries
+ Data Base Updated
+
+生成 CRL(同时以 PEM 和 DER 格式):
+
+ openssl ca -config ca.conf -gencrl -keyfile intermediate1.key -cert intermediate1.crt -out intermediate1.crl.pem
+
+ openssl crl -inform PEM -in intermediate1.crl.pem -outform DER -out intermediate1.crl
+
+每次你使用该 CA 签署证书后,都需要生成 CRL。
+
+如果你需要撤销该末端用户证书:
+
+ openssl ca -config ca.conf -revoke enduser-certs/enduser-example.com.crt -keyfile intermediate1.key -cert intermediate1.crt
+
+样例输出:
+
+ Using configuration from ca.conf
+ Revoking Certificate 1000.
+ Data Base Updated
+
+通过连接根证书和中间证书来创建证书链文件。
+
+ cat ../root/rootca.crt intermediate1.crt > enduser-certs/enduser-example.com.chain
+
+发送以下文件给末端用户:
+
+ enduser-example.com.crt
+ enduser-example.com.key
+ enduser-example.com.chain
+
+你也可以让末端用户提供他们自己的 CSR,而只发送给他们这个 .crt 文件。不要把它从服务器删除,否则你就不能撤销了。
+
+### 校验证书 ###
+
+你可以对证书链使用以下命令来验证末端用户证书:
+
+ openssl verify -CAfile enduser-certs/enduser-example.com.chain enduser-certs/enduser-example.com.crt
+ enduser-certs/enduser-example.com.crt: OK
+
+你也可以针对 CRL 来验证。首先,将 PEM 格式的 CRL 和证书链相连接:
+
+ cat ../root/rootca.crt intermediate1.crt intermediate1.crl.pem > enduser-certs/enduser-example.com.crl.chain
+
+验证证书:
+
+ openssl verify -crl_check -CAfile enduser-certs/enduser-example.com.crl.chain enduser-certs/enduser-example.com.crt
+
+没有撤销时的输出:
+
+ enduser-certs/enduser-example.com.crt: OK
+
+撤销后的输出如下:
+
+ enduser-certs/enduser-example.com.crt: CN = example.com, ST = Noord Holland, C = NL, O = Example Inc, OU = IT Dept
+ error 23 at 0 depth lookup:certificate revoked
+
+--------------------------------------------------------------------------------
+
+via: https://raymii.org/s/tutorials/OpenSSL_command_line_Root_and_Intermediate_CA_including_OCSP_CRL%20and_revocation.html
+
+作者:Remy van Elst
+译者:[GOLinux](https://github.com/GOLinux)
+校对:[wxy](https://github.com/wxy)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
diff --git a/published/30 Things to Do After Minimal RHEL or CentOS 7 Installation--4.md b/published/30 Things to Do After Minimal RHEL or CentOS 7 Installation--4.md
new file mode 100644
index 0000000000..b6d7ae7f10
--- /dev/null
+++ b/published/30 Things to Do After Minimal RHEL or CentOS 7 Installation--4.md
@@ -0,0 +1,190 @@
+安装完最小化 RHEL/CentOS 7 后需要做的 30 件事情(四)
+================================================================================
+### 17. 安装 Webmin ###
+
+Webmin 是基于 Web 的 Linux 配置工具。它像一个中央系统,用于配置各种系统设置,比如用户、磁盘分配、服务以及 HTTP 服务器、Apache、MySQL 等的配置。
+
+ # wget http://prdownloads.sourceforge.net/webadmin/webmin-1.740-1.noarch.rpm
+ # rpm -ivh webmin-*.rpm
+
+
+
+*安装 Webmin*
+
+安装完 webmin 后,你会在终端上得到一个消息,提示你用 root 密码在端口 10000 登录你的主机 (http://ip-address:10000)。 如果运行的是无接口的服务器你可以转发端口然后从有接口的服务器上访问它。(LCTT 译注:无接口[headless]服务器指没有访问接口或界面的服务器,在此次场景,指的是是出于内网的服务器,可采用外网/路由器映射来访问该端口)
+
+### 18. 启用第三方库 ###
+
+添加不受信任的库并不是一个好主意,尤其是在生产环境中,这可能导致致命的问题。但仅作为例子在这里我们会添加一些社区证实可信任的库,以安装第三方工具和软件包。
+
+为企业版 Linux(EPEL)库添加额外的软件包。
+
+ # yum install epel-release
+
+添加社区企业版 Linux (Community Enterprise Linux)库:
+
+ # rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-2.el7.elrepo.noarch.rpm
+
+
+
+*安装 Epel 库*
+
+**注意!** 添加第三方库的时候尤其需要注意。
+
+### 19. 安装 7-zip 工具 ###
+
+在最小化安装 CentOS 时你并没有获得类似 unzip 或者 untar 的工具。我们可以选择根据需要来安装每个工具,或一个能处理所有格式的工具。7-zip 就是一个能压缩和解压所有已知类型文件的工具。
+
+ # yum install p7zip
+
+
+
+*安装 7zip 工具*
+
+**注意**: 该软件包从 Fedora EPEL 7 的库中下载和安装。
+
+### 20. 安装 NTFS-3G 驱动 ###
+
+NTFS-3G,一个很小但非常有用的 NTFS 驱动,在大部分类 UNIX 发行版上都可用。它对于挂载和访问 Windows NTFS 文件系统很有用。尽管也有其它可用的替代品,比如 Tuxera,但 NTFS-3G 是使用最广泛的。
+
+ # yum install ntfs-3g
+
+
+
+*安装 NTFS-3G 用于挂载 Windows 分区*
+
+ntfs-3g 安装完成之后,你可以使用以下命令挂载 Windows NTFS 分区(我的 Windows 分区是 /dev/sda5)。
+
+ # mount -ro ntfs-3g /dev/sda5 /mnt
+ # cd /mnt
+ # ls -l
+
+### 21. 安装 Vsftpd FTP 服务器 ###
+
+VSFTPD 表示 Very Secure File Transfer Protocol Daemon,是用于类 UNIX 系统的 FTP 服务器。它是现今最高效和安全的 FTP 服务器之一。
+
+ # yum install vsftpd
+
+
+
+*安装 Vsftpd FTP*
+
+编辑配置文件 ‘/etc/vsftpd/vsftpd.conf’ 用于保护 vsftpd。
+
+ # vi /etc/vsftpd/vsftpd.conf
+
+编辑一些值并使其它行保留原样,除非你知道自己在做什么。
+
+ anonymous_enable=NO
+ local_enable=YES
+ write_enable=YES
+ chroot_local_user=YES
+
+你也可以更改端口号,记得让 vsftpd 端口通过防火墙。
+
+ # firewall-cmd --add-port=21/tcp
+ # firewall-cmd --reload
+
+下一步重启 vsftpd 并启用开机自动启动。
+
+ # systemctl restart vsftpd
+ # systemctl enable vsftpd
+
+### 22. 安装和配置 sudo ###
+
+sudo 通常被称为 super do 或者 suitable user do,是一个类 UNIX 操作系统中用其它用户的安全权限执行程序的软件。让我们来看看怎样配置 sudo。
+
+ # visudo
+
+这会打开 /etc/sudoers 并进行编辑
+
+
+
+*sudoers 文件*
+
+1. 给一个已经创建好的用户(比如 tecmint)赋予所有权限(等同于 root)。
+
+ tecmint ALL=(ALL) ALL
+
+2. 如果给一个已经创建好的用户(比如 tecmint)赋予除了重启和关闭服务器以外的所有权限(等同于 root)。
+
+ 首先,再一次打开文件并编辑如下内容:
+
+ cmnd_Alias nopermit = /sbin/shutdown, /sbin/reboot
+
+ 然后,用逻辑操作符(!)添加该别名。
+
+ tecmint ALL=(ALL) ALL,!nopermit
+
+3. 如果准许一个组(比如 debian)运行一些 root 权限命令,比如(增加或删除用户)。
+
+ cmnd_Alias permit = /usr/sbin/useradd, /usr/sbin/userdel
+
+ 然后,给组 debian 增加权限。
+
+ debian ALL=(ALL) permit
+
+### 23. 安装并启用 SELinux ###
+
+SELinux 表示 Security-Enhanced Linux,是内核级别的安全模块。
+
+ # yum install selinux-policy
+
+
+
+*安装 SElinux 策略*
+
+查看 SELinux 当前模式。
+
+ # getenforce
+
+
+
+*查看 SELinux 模式*
+
+输出是 Enforcing,意味着 SELinux 策略已经生效。
+
+如果需要调试,可以临时设置 selinux 模式为允许。不需要重启。
+
+ # setenforce 0
+
+调试完了之后再次设置 selinux 为强制模式,无需重启。
+
+ # setenforce 1
+
+(LCTT 译注:在生产环境中,SELinux 固然会提升安全,但是也确实会给应用部署和运行带来不少麻烦。具体是否部署,需要根据情况而定。)
+
+### 24. 安装 Rootkit Hunter ###
+
+Rootkit Hunter,简写为 RKhunter,是在 Linux 系统中扫描 rootkits 和其它可能有害攻击的程序。
+
+ # yum install rkhunter
+
+
+
+*安装 Rootkit Hunter*
+
+在 Linux 中,从脚本文件以计划作业的形式运行 rkhunter 或者手动扫描有害攻击。
+
+ # rkhunter --check
+
+
+
+*扫描 rootkits*
+
+
+
+*RootKit 扫描结果*
+
+
+--------------------------------------------------------------------------------
+
+via: http://www.tecmint.com/things-to-do-after-minimal-rhel-centos-7-installation/4/
+
+作者:[Avishek Kumar][a]
+译者:[ictlyh](https://github.com/ictlyh)
+校对:[wxy](https://github.com/wxy)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[a]:http://www.tecmint.com/author/avishek/
\ No newline at end of file
diff --git a/published/30 Things to Do After Minimal RHEL or CentOS 7 Installation--5.md b/published/30 Things to Do After Minimal RHEL or CentOS 7 Installation--5.md
new file mode 100644
index 0000000000..446d6c663d
--- /dev/null
+++ b/published/30 Things to Do After Minimal RHEL or CentOS 7 Installation--5.md
@@ -0,0 +1,140 @@
+安装完最小化 RHEL/CentOS 7 后需要做的 30 件事情(五)
+================================================================================
+### 25. 安装 Linux Malware Detect (LMD) ###
+
+Linux Malware Detect (LMD) 是 GNU GPLv2 协议下发布的开源 Linux 恶意程序扫描器,它是特别为面临威胁的主机环境所设计的。LMD 完整的安装、配置以及使用方法可以查看:
+
+- [安装 LMD 并和 ClamAV 一起使用作为反病毒引擎][1]
+
+### 26. 用 Speedtest-cli 测试服务器带宽 ###
+
+speedtest-cli 是用 python 写的用于测试网络下载和上传带宽的工具。关于 speedtest-cli 工具的完整安装和使用请阅读我们的文章[用命令行查看 Linux 服务器带宽][2]
+
+### 27. 配置 Cron 任务 ###
+
+这是最广泛使用的软件工具之一。它是一个任务调度器,比如,现在安排一个以后可以自动运行的作业。它用于未处理记录的日志和维护,以及其它日常工作,比如常规备份。所有的调度都写在文件 /etc/crontab 中。
+
+crontab 文件包含下面的 6 个域:
+
+ 分 时 日期 月份 星期 命令
+ (0-59) (0-23) (1-31) (1/jan-12/dec) (0-6/sun-sat) Command/script
+
+
+
+*Crontab 域*
+
+要在每天 04:30 运行一个 cron 任务(比如运行 /home/$USER/script.sh)。
+
+ 分 时 日期 月份 星期 命令
+ 30 4 * * * speedtest-cli
+
+就把下面的条目增加到 crontab 文件 ‘/etc/crontab/’。
+
+ 30 4 * * * /home/$user/script.sh
+
+把上面一行增加到 crontab 之后,它会在每天的 04:30 am 自动运行,输出取决于脚本文件的内容。另外脚本也可以用命令代替。关于更多 cron 任务的例子,可以阅读[Linux 上的 11 个 Cron 任务例子][3]
+
+### 28. 安装 Owncloud ###
+
+Owncloud 是一个基于 HTTP 的数据同步、文件共享和远程文件存储应用。更多关于安装 owncloud 的内容,你可以阅读这篇文章:[在 Linux 上创建个人/私有云存储][4]
+
+### 29. 启用 Virtualbox 虚拟化 ###
+
+虚拟化是创建虚拟操作系统、硬件和网络的过程,是当今最热门的技术之一。我们会详细地讨论如何安装和配置虚拟化。
+
+我们的最小化 CentOS 服务器是一个无用户界面服务器(LCTT 译注:无用户界面[headless]服务器指没有监视器和鼠标键盘等外设的服务器)。我们通过安装下面的软件包,让它可以托管虚拟机,虚拟机可通过 HTTP 访问。
+
+ # yum groupinstall 'Development Tools' SDL kernel-devel kernel-headers dkms
+
+
+
+*安装开发工具*
+
+更改工作目录到 ‘/etc/yum.repos.d/’ 并下载 VirtualBox 库。
+
+ # wget -q http://download.virtualbox.org/virtualbox/debian/oracle_vbox.asc
+
+安装刚下载的密钥。
+
+ # rpm --import oracle_vbox.asc
+
+升级并安装 VirtualBox。
+
+ # yum update && yum install virtualbox-4.3
+
+下一步,下载和安装 VirtualBox 扩展包。
+
+ # wget http://download.virtualbox.org/virtualbox/4.3.12/Oracle_VM_VirtualBox_Extension_Pack-4.3.12-93733.vbox-extpack
+ # VBoxManage extpack install Oracle_VM_VirtualBox_Extension_Pack-4.3.12-93733.vbox-extpack
+
+
+
+*安装 VirtualBox 扩展包*
+
+
+
+*正在安装 VirtualBox 扩展包*
+
+添加用户 ‘vbox’ 用于管理 VirtualBox 并把它添加到组 vboxusers 中。
+
+ # adduser vbox
+ # passwd vobx
+ # usermod -G vboxusers vbox
+
+安装 HTTPD 服务器。
+
+ # yum install httpd
+
+安装 PHP (支持 soap 扩展)。
+
+ # yum install php php-devel php-common php-soap php-gd
+
+下载 phpVirtualBox(一个 PHP 写的开源的 VirtualBox 用户界面)。
+
+ # wget http://sourceforge.net/projects/phpvirtualbox/files/phpvirtualbox-4.3-1.zip
+
+解压 zip 文件并把解压后的文件夹复制到 HTTP 工作目录。
+
+ # unzip phpvirtualbox-4.*.zip
+ # cp phpvirtualbox-4.3-1 -R /var/www/html
+
+下一步,重命名文件 /var/www/html/phpvirtualbox/config.php-example 为 var/www/html/phpvirtualbox/config.php。
+
+ # mv config.php.example config.php
+
+打开配置文件并添加我们上一步创建的 ‘username ’ 和 ‘password’。
+
+ # vi config.php
+
+最后,重启 VirtualBox 和 HTTP 服务器。
+
+ # service vbox-service restart
+ # service httpd restart
+
+转发端口并从一个有用户界面的服务器上访问它。
+
+ http://192.168.0.15/phpvirtualbox-4.3-1/
+
+
+
+*登录 PHP Virtualbox*
+
+
+
+*PHP Virtualbox 面板*
+
+--------------------------------------------------------------------------------
+
+via: http://www.tecmint.com/things-to-do-after-minimal-rhel-centos-7-installation/5/
+
+作者:[Avishek Kumar][a]
+译者:[ictlyh](https://github.com/ictlyh)
+校对:[wxy](https://github.com/wxy)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[a]:http://www.tecmint.com/author/avishek/
+[1]:https://linux.cn/article-5156-1.html
+[2]:https://linux.cn/article-3796-1.html
+[3]:http://www.tecmint.com/11-cron-scheduling-task-examples-in-linux/
+[4]:https://linux.cn/article-2494-1.html
\ No newline at end of file
diff --git a/published/30 Things to Do After Minimal RHEL or CentOS 7 Installation--6.md b/published/30 Things to Do After Minimal RHEL or CentOS 7 Installation--6.md
new file mode 100644
index 0000000000..c2c00c95a6
--- /dev/null
+++ b/published/30 Things to Do After Minimal RHEL or CentOS 7 Installation--6.md
@@ -0,0 +1,86 @@
+安装完最小化 RHEL/CentOS 7 后需要做的 30 件事情(六)
+================================================================================
+### 30. 用密码保护 GRUB ###
+
+用密码保护你的 boot 引导程序这样你就可以在启动时获得额外的安全保障。同时你也可以在实物层面获得保护。通过在引导时给 GRUB 加锁防止任何无授权访问来保护你的服务器。
+
+首先备份两个文件,这样如果有任何错误出现,你可以有回滚的选择。备份 ‘/etc/grub2/grub.cfg’ 为 ‘/etc/grub2/grub.cfg.old’。
+
+ # cp /boot/grub2/grub.cfg /boot/grub2/grub.cfg.old
+
+同样,备份 ‘/etc/grub.d/10\_linux’ 为 ‘/etc/grub.d/10\_linux.old’。
+
+ # cp /etc/grub.d/10_linux /etc/grub.d/10_linux.old
+
+打开文件 ‘/etc/grub.d/10\_linux’ 并在文件末尾添加下列行。
+
+ cat < Mayank Sharma tests five supercharged text editors that can crunch more than just words.
-
-If you’ve been using Linux long, you know that whether you want to edit an app’s configuration file, hack together a shell script, or write/review bits of code, the likes of LibreOffice just won’t cut it. Although the words mean almost the same thing, you don’t need a word processor for these tasks; you need a text editor.
-
-In this group test we’ll be looking at five humble text editors that are more than capable of heavy-lifting texting duties. They can highlight syntax and auto-indent code just as effortlessly as they can spellcheck documents. You can use them to record macros and manage code snippets just as easily as you can copy/paste plain text.
-
-Some simple text editors even exceed their design goals thanks to plugins that infuse them with capabilities to rival text-centric apps from other genres. They can take on the duties of a source code editor and even an Integrated Development Environment.
-
-Two of most popular and powerful plain text editors are Emacs and Vim. However, we didn’t include them in this group test for a couple of reasons. Firstly, if you are using either, congratulations: you don’t need to switch. Secondly, both of these have a steep learning curve, especially to the GUI-oriented desktop generation who have access to alternatives that are much more inviting.
-
-### The contenders: ###
-
-#### Gedit ####
-
-- URL:http://projects.gnome.org/gedit/
-- Version: 3.10
-- Licence: GPL
-- Is Gnome’s default text editor up to the challenge?
-
-#### Kate ####
-
-- URL: www.kate-editor.org
-- Version: 3.11
-- Licence: LGPL/GPL
-- Will Kate challenge fate?
-
-#### Sublime Text ####
-
-- URL: www.sublimetext.com
-- Version: 2.0.2
-- Licence: Proprietary
-- Proprietary software in the land of free with the heart of gold.
-
-#### UltraEdit ####
-
-- URL: www.ultraedit.com
-- Version: 4.1.0.4
-- Licence: Proprietary
-- Does it do enough to justify its price?
-
-#### jEdit ####
-
-- URL: www.jedit.org
-- Version: 5.1.0
-- Licence: GPL
-- Will the Java-based editor spoil the party for the rest?
-
-
-There’s a fine balance between stuffing an app with features and exposing all of them to the user. Geddit keeps most of its features hidden.
-
-### The crucial criteria ###
-
-All the tools, except Gedit and jEdit, were installed on Fedora and Ubuntu via their recommended installation method. The former already shipped with the default Gnome desktop and the latter stubbornly refused to install on Fedora. Since these are relatively simple apps, they have no esoteric dependencies, the only exception being jEdit, which requires Oracle Java.
-
-Thanks to the continued efforts of both Gnome and KDE, all editors look great and function properly irrespective of the desktop environment they are running on. That not only rules it out as an evaluation criterion, it also means that you are no longer bound by the tools that ship with your favourite desktop environment.
-
-In addition to their geekier functionality, we also tested all our candidates for general-purpose text editing. However, they are not designed to mimic all the functionality of a modern-day word processor and weren’t evaluated as such.
-
-
-
-Kate can double up as a versatile can capable integrated development environment (IDE).
-
-### Programming language support ###
-
-UltraEdit does syntax highlighting, can fold code and has project management capabilities. There’s also a function list, which is supposed to list all the functions in the source file, but it didn’t work for any of our test code files. UltraEdit also supports HTML5, and has a HTML toolbar with which you can add commonly-used HTML tags.
-
-Even Gnome’s default text editor, Gedit, has several code-oriented features such as bracket matching, automatic indentation, and will also highlight syntax for various programming languages including C, C++, Java, HTML, XML, Python, Perl, and many others.
-
-If you’re looking for more programming assistance, look at Sublime and Kate. Sublime supports several programming languages and (as well as the popular ones) is able to highlight syntax for C#, D, Dylan, Erlang, Groovy, Haskell, Lisp, Lua, MATLAB, OCaml, R, and even SQL. If that isn’t enough for you, you can download add-ons to support even more languages.
-
-Furthermore, its syntax highlighting ability offers several customisable options. The app will also match braces, to ensure they are all properly rounded off, and the auto-complete function in Sublime works with variables created by the user.
-
-Just like Komodo IDE, sublime also displays a scrollable preview of the full source code, which is really handy for navigating long code files and lets you jump between different parts of the file.
-
-One of the best features of Sublime is its ability to run code for certain languages like C++, Python, Ruby, etc from within the editor itself, assuming of course you have the compiler and other build system tools installed on your computer. This helps save time and eliminates the need to switch out to the command line.
-
-You can also enable the build system in Kate with plugins. Furthermore, you can add a simple front-end to the GDB debugger. Kate will work with Git, Subversion and Mercurial version control systems, and also provides some functionality for project management.
-
-It does all this in addition to highlighting syntax for over 180 languages, along with other assistance like bracket matching, auto-completion and auto-indentation. It also supports code folding and can even collapse functions within a program.
-
-The only disappointment is jEdit, which bills itself as a programmer’s text editor, but it struggled with other basic functions such as code folding and wouldn’t even suggest or complete functions.
-
-**Verdict:**
-
-- Gedit:3/5
-- Kate:5/5
-- Sublime:5/5
-- UltraEdit3/5
-- jEdit:1/5
-
-
-
-If you don’t like Sublime’s Charcoal appearance, you can choose one of the other 22 themes included with ti.
-
-### Keyboard control ###
-
-Users of an advanced text editor expect to control and operate it exclusively via the keyboard. Furthermore, some apps even allow their users to further customise the key bindings for the shortcuts.
-
-You can easily work with Gedit using its extensive keyboard shortcut keys. There are keys for working with and editing files as well as invoke tools for common tasks such as spellchecking a document. You can access a list of default shortcut keys from within the app, but there’s no graphical way to customise them. Similarly, to customise the keybindings in Sublime, you need to make modifications in its XML keymap files. Sublime has been criticised for its lack of a graphical interface to define keyboard shortcuts, but long-term users have defended the current file-based mechanism, which gives them more control.
-
-UltraEdit is proud of its “everything is customisable” motto, which it extend to keyboard shortcuts. You can define custom hotkeys for navigating the menus and also define your own multi-key key-mappings for accessing its plethora of functions.
-
-In addition to its fully customisable keyboard shortcuts, jEdit also has pre-defined keymaps for Emacs. Kate is equally impressive in this respect. It has an easily accessible window to customise the key bindings. You can change the default keys, as well as define alternate ones. Furthermore, Kate also has a Vi mode which will let users operate Kate using Vi keys.
-
-**Verdict:**
-
-- Gedit:2/5
-- Kate:5/5
-- Sublime:3/5
-- UltraEdit:4/5
-- jEdit:5/5
-
-### Snippets and macros ###
-
-Macros help you cut down the time spent on editing and organising data by automating repetitive steps, while Snippets of code extend a similar functionality to programmers by creating reusable chunks of source code. Both have the ability to save you time.
-
-The vanilla Gedit installation doesn’t have either of these functionalities, but you can enable them via separate plugins. While the Snippets plugin ships with Gedit, you’ll have to manually download and install the macro plugin (it’s called gedit-macropy and is hosted on GitHub) before you can enable it from within Gedit.
-
-Kate takes the same plugins route to enable the snippets feature. Once added, the plugin also adds a repository of snippets for PHP, Bash and Java. You can display the list of snippets in the sidebar for easier access. Right-click on a snippet to edit its contents as well as its shortcut key combination. However, very surprisingly, it doesn’t support macros – despite repeated hails from users since 2002!
-
-jEdit too has a plugin for enabling snippets. But it can record macros from user actions and you can also write them in the BeanShell scripting language (BeanShell supports scripted objects as simple method closures like those in Perl and JavaScript). jEdit also has a plugin that will download several macros from jEdit’s website.
-
-Sublime ships with inbuilt ability to create both snippets and macros, and ships with several snippets of frequently used functions for most popular programming languages.
-
-Snippets in UltraEdit are called Smart Templates and just like with Sublime you can insert them based upon the kind of source file you’re editing. To complement the Macro recording function, UltraEdit also has an integrated javascript-based scripting language to automate tasks. You can also download user-submitted macros and scripts from the editor’s website.
-
-**Verdict:**
-
-- Gedit:3/5
-- Kate:1/5
-- Sublime:5/5
-- UltraEdit:5/5
-- jEdit:5/5
-
-
-
-UltraEdit’s UI is highly configurable — you can customise the layout of the toolbars and menus just as easily as you can change many other aspects.
-
-### Ease of use ###
-
-Unlike a bare-bones text editor, the text editors in this feature are brimming with features to accommodate a wide range of users — from document writers to programmers. Instead of stripping features from the apps, their developers are looking for avenues to add more functionality.
-
-Although at first glance most apps in this group test have a very similar layout, upon closer inspection, you’ll notice several usability differences. We have a weak spot for apps that expose their functionality and features by making judicious use of the user interface, instead of just overwhelming the user.
-
-### Gedit: 4/5 ###
-
-Gedit wears a very vanilla look. It has an easy interface with minimal menus and buttons. This is a two-edged sword though, as some users might fail to realise its true potential.
-
-The app can open multiple files in tabs that can be rearranged and moved between windows. Users can optionally enable panels on the side and bottom for displaying a file browser and the output of a tool enabled by a plugin. The app will detect when an open file is modified by another application and offers to reload that file.
-
-The UI has been given a major overhaul in the latest version of the app yet to make its way into Gnome. However it isn’t yet stable, and while it maintains all features, several plugins that interact with the menu will need to be updated.
-
-### Kate: 5/5 ###
-
-Although a major part of its user interface resembles Gedit, Kate tucks in tabs at either side and its menus are much fuller. The app is approachable and invites users to explore other features.
-
-Kate can transparently open and save files over all protocols supported by KDE’s KIO including HTTP, FTP, SSH, SMB and WebDAV. You can use the app to work with multiple files at the same time. But unlike the traditional horizontal tab switching bar in most app, Kate has tabs on either side of the screen. The left sidebar will display an index of open files. Programmers who need to see different parts of the same file at the same time will also appreciate its ability to split the interface horizontally as well as vertically.
-
-### Sublime: 5/5 ###
-
-Sublime lets you view up to four files at the same time in various arrangements. There’s also a full-screen distraction free mode that just displays the file and the menu, for when you’re in the zone.
-
-The editor also has a minimap on the right, which is useful for navigating long files. The app ships with several snippets for popular functions in several programming languages, which makes it very usable for developers. Another neat editing feature, whether you are working with text documents or code, is the ability to swap and shuffle selections.
-
-### UltraEdit: 3/5 ###
-
-UltraEdit’s interface is loaded with several toolbars at the top and bottom of the interface. Along with the tabs to switch between documents, panes on either side and the gutter area, these leave little room for the editor window.
-
-Web developers working with HTML files have lots of assistance at their fingertips. You can also access remote files via FTP and SFTP. Advanced features such as recording a macro and comparing files are also easily accessible.
-
-Using the app’s Preferences window you can tweak various aspects of the app, including the colour scheme and other features like syntax highlighting.
-
-### jEdit: 3/5 ###
-
-In terms of usability, one of the first red-flags was jEdit’s inability to install on RPM-based distros. Navigating the editor takes some getting used to, since its menus aren’t in the same order as in other popular apps and some have names that won’t be familiar to the average desktop user. However, the app include detailed inbuilt help, which will help ease the learning curve.
-
-jEdit highlights the current line you are on and enables you to split windows in multiple viewing modes. You can easily install and manage plugins from within the app, and in addition to full macros, jEdit also lets you record quick temporary ones.
-
-
-
-Thanks to its Java underpinnings, jEdit doesn’t really feel at home on any desktop environment
-
-### Availability and support ###
-
-There are several similarities between Gedit and Kate. Both apps take advantage of their respective parent project, Gnome and KDE, and are bundled with several mainstream distros. Yet both projects are cross-platform and have Windows and Mac OS X ports as well as native Linux versions.
-
-Gedit is hosted on Gnome’s web infrastructure and has a brief user guide, information about the various plugins, and the usual channels of getting in touch including a mailing list and IRC channel. You’ll also find usage information on the websites of other Gnome-based distros such as Ubuntu. Similarly, Kate gets the benefit of KDE’s resources and hosts detailed user information as well as a mailing list and IRC channel. You can access their respective user guides offline from within the app as well.
-
-UltraEdit is also available for Windows and Mac OS X besides Linux, and has detailed user guides on getting started, though there’s none included within the app. To assist users, UltraEdit hosts a database of frequently asked questions, a bunch of power tips that have detailed information about several specific features, and users can engage with one another other on forum boards. Additionally, paid users can also seek support from the developers via email.
-
-Sublime supports the same number of platforms, however you don’t need to buy a separate licence for each platform. The developer keeps users abreast with ongoing development via a blog and also participates actively in the hosted forums. The highlight of the project’s support infrastructure is the freely available detailed tutorial and video course. Sublime is lovely.
-
-Because it’s written in Java, jEdit is available on several platforms. On its website you’ll find a detailed user guide and links to documentation of some plugins. However, there are no avenues for users to engage with other users or the developer.
-
-**Verdict:**
-
-- Gedit: 4/5
-- Kate: 4/5
-- Sublime: 5/5
-- UltraEdit: 3/5
-- jEdit: 2/5
-
-### Add-on and plugins ###
-
-Different users have different requirements, and a single lightweight app can only do as much. This is where plugins come into the picture. The apps rely on these small pluggable widgets to extend their feature set and be of use to even more number of users.
-
-The one exception is UltraEdit. The app has no third-party plugins, but its developers do point out that third-party tools such as HtmlTidy are already installed with UltraEdit.
-
-Gedit ships with a number of plugins installed, and you can download more with the gedit-plugins package. The project’s website also points to several third-party plugins based on their compatibility with the Gedit versions.
-
-Three useful plugins for programmers are Code Comment, Terminal Plugin, which adds a terminal in the bottom panel, and the Session Saver. The Session Saver is really useful when you’re working on a project with multiple files. You can open all the files in tabs, save your session and when you restore it with a single click it’ll open all the files in the same tab order as you saved them.
-
-Similarly, you can extend Kate by adding plugins using its built-in plugin manager. In addition to the impressive projects plugins, some others that will be of use to developers include an embedded terminal, ability to compile and debug code and execute SQL queries on databases.
-
-Plugins for Sublime are written in Python, and the text editor includes a tool called Package Control, which is a little bit like apt-get in that it enables the user to find, install, upgrade and remove plugin packages. With plugins, you can bring the Git version control to Sublime, as well as the JSLint tool to improve JavaScript. The Sublime Linter plugin is a must have for coders and will point out any errors in your code.
-
-jEdit boasts the most impressive plugin infrastructure. The app has over 200 plugins, which can be browsed in the dedicated site of their own. The website lists plugins under various categories such as File Management, Version Control, Text, etc. You’ll find lots of plugins housed under each category.
-
-Some of the best plugins are the Android plugin, which provides utilities to work on Android projects; the TomcatSwitch plugin, using which you can create and control an external Jakarta Tomcat server process; and the Vimulator plugin, for Vi-like capabilities. You can install these plugins using jEdit’s using its plugin manager.
-
-**Verdict**
-
-- Gedit: 3/5
-- Kate: 4/5
-- Sublime: 4/5
-- UltraEdit: 1/5
-- jEdit: 5/5
-
-### Plain ol’ text editing ###
-
-Despite all their powerful extra-curricular activities that might even displace full-blown apps across several genres, there will be times when you just need to use these text editing behemoths to read, write, or edit plain and simple text. While you can use all of them to enter text, we are evaluating them for access to common text-editing conveniences.
-
-Gedit which is Gnome’s default text editor, supports an undo and redo mechanism as well as search and replace. It can spellcheck documents in multiple languages and can also access and edit remote files using Gnome GVFS libraries.
-
-You can spellcheck documents with Kate as well, which also lets you perform a Google search on any highlighted text. It’s also got a line modification system which visually alerts users of lines which have modified and unsaved changes in a file. In addition, it enables users to set bookmarks within a file to ease navigation of lengthy documents.
-
-Sublime has a wide selection of editing commands, such as indenting text and formatting paragraphs. Its auto-save feature helps prevent users from losing their work. Advanced users will appreciate the regex-based recursive find and replace feature, as well as the ability to select multiple non-contiguous spans of text and act on them collectively.
-
-UltraEdit also enables the use of regular expressions for its search and replace feature and can edit remote files via FTP. One unique feature of jEdit is its support for an unlimited number of clipboard which it calls registers. You can copy snippets of text to these registers which are available across editing sessions.
-
-**Verdict:**
-
-- Gedit: 4/5
-- Kate: 5/5
-- Sublime: 5/5
-- UltraEdit: 4/5
-- jEdit: 4/5
-
-### Our verdict ###
-
-All the editors in this feature are good enough to replace your existing text editor for editing text files and tweaking configuration files. In fact, chances are they’ll even double up as your IDE. These apps are chock full of bells and whistles, and their developers aren’t thinking of stripping features, but adding more and more and more.
-
-At the tail end of this test we have jEdit. Not only does it insist on using the proprietary Oracle Java Runtime Environment, it failed to install on our Fedora machine, and the developer doesn’t actively engage with its users.
-
-UltraEdit does little better. This commercial proprietary tool focuses on web developers, and doesn’t offer anything to non-developer power users that makes it worth recommending over free software alternatives.
-
-On the third podium position we have Gedit. There’s nothing inherently wrong with Gnome’s default editor, but despite all its positive aspects, it’s simply outclassed by Sublime and Kate. Out of the box, Kate is a more versatile editor than Gedit, and outscores Gnome’s default editor even after taking their respective plugin systems into consideration.
-
-Both Sublime and Kate are equally good. They performed equally well in most of our tests. Whatever ground it lost to Sublime for not supporting macros, it gained for its keyboard friendliness and its ease of use in defining custom keybindings.
-
-Kate’s success can be drawn from the fact that it offers the maximum number of features with minimal learning curve. Just fire it up and use it as a simple text editor, or easily edit configuration file with syntax highlighting, or even use it to collaborate and work on a complex programming project thanks to its project management capabilities.
-
-We aren’t pitching Kate to replace a full-blown integrated development environment such as [insert your favourite specialised tool here]. But it’s an ideal all-rounder and a perfect stepping stone to a specialised tool.
-
-Kate is designed for moments when you need something that’s quick to respond, doesn’t overwhelm you with its interface and is just as useful as something that might otherwise be overkill.
-
-### 1st Kate ###
-
-- Licence LGPL/GPL Version 3.11
-- www.kate-editor.org
-- The ultimate mild-mannered text editor with super powers.
-- Kate is one of the best apps to come out of the KDE project.
-
-### 2nd Sublime Text ###
-
-- Licence Proprietary Version 2.0.2
-- www.sublimetext.com
-- A professionally done text editor that’s worth every penny – easy to use, full of features and it looks great.
-
-### 3rd Gedit ###
-
-- Licence GPL Version 3.10
-- http://projects.gnome.org/gedit
-- Gets it done from Gnome. It’s a wonderful text editor and does an admirable job, but the competition here is too great.
-
-### 4th UltraEdit ###
-
-- Licence Proprietary Version 4.1.0.4
-- www.ultraedit.com
-- Focuses on bundling conveniences for web developers without offering anything special for general users.
-
-### 5th jEdit ###
-
-- Licence GPL Version 5.1.0
-- www.jedit.org
-- A lack of support, lack of working on Fedora and a lack of looking nice relegate jEdit to the bottom slot.
-
-### You may also wish to try… ###
-
-The default text editor that ships with your distro will also be able to assist you with some advanced tasks. There’s KDE’s KWrite and Raspbian’s Nano, for instance. KWrite inherits some of Kate’s features thanks to KDE’s katepart component, and Nano has sprung back into limelight thanks to its availability for Raspberry Pi.
-
-If you wish to follow the steps of Linux gurus, you could always try the revered text editors Emacs and Vim. First time users who want to get a taste for the power of Vim might want to consider gVim, which exposes Vim’s power via a graphical interface.
-
-Besides jEdit and Kate, there are other editors that mimic the usability of veteran advanced editors like Emacs and Vim, such as the JED editor and Joe’s Own Editor, both of which have an emulation mode for Emacs. On the other hand, if you are looking for lightweight code editors check out Bluefish and Geany. They exist to fill the niche between text editors and full-fledged integrated development platforms.
-
---------------------------------------------------------------------------------
-
-via: http://www.linuxvoice.com/text-editors/
-
-作者:[Ben Everard][a]
-译者:[译者ID](https://github.com/译者ID)
-校对:[校对者ID](https://github.com/校对者ID)
-
-本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
-
-[a]:http://www.linuxvoice.com/author/ben_everard/
diff --git a/sources/share/20141013 Compact Text Editors Great for Remote Editing and Much More.md b/sources/share/20141013 Compact Text Editors Great for Remote Editing and Much More.md
index 42b2700b49..21b0756b9a 100644
--- a/sources/share/20141013 Compact Text Editors Great for Remote Editing and Much More.md
+++ b/sources/share/20141013 Compact Text Editors Great for Remote Editing and Much More.md
@@ -1,4 +1,4 @@
-(translating by runningwater)
+wyangsun翻译中
Compact Text Editors Great for Remote Editing and Much More
================================================================================
A text editor is software used for editing plain text files. This type of software has many different uses including modifying configuration files, writing programming language source code, jotting down thoughts, or even making a grocery list. Given that editors can be used for such a diverse range of activities, it is worth spending the time finding an editor that best suites your preferences.
@@ -217,4 +217,4 @@ via: http://www.linuxlinks.com/article/20141011073917230/TextEditors.html
[2]:http://www.vim.org/
[3]:http://ne.di.unimi.it/
[4]:http://www.gnu.org/software/zile/
-[5]:http://nano-editor.org/
\ No newline at end of file
+[5]:http://nano-editor.org/
diff --git a/sources/share/20150407 10 Truly Amusing Easter Eggs in Linux.md b/sources/share/20150407 10 Truly Amusing Easter Eggs in Linux.md
index 6d02c4cfbb..413d50d6d6 100644
--- a/sources/share/20150407 10 Truly Amusing Easter Eggs in Linux.md
+++ b/sources/share/20150407 10 Truly Amusing Easter Eggs in Linux.md
@@ -1,3 +1,4 @@
+KevinSJ translating
10 Truly Amusing Easter Eggs in Linux
================================================================================
@@ -151,4 +152,4 @@ via: http://www.linux.com/news/software/applications/820944-10-truly-amusing-lin
[13]:http://nmap.org/book/output-formats-script-kiddie.html
[14]:http://nmap.org/book/output-formats-script-kiddie.html
[15]:https://www.youtube.com/watch?v=Ql1uLyuWra8
-[16]:http://en.wikipedia.org/wiki/Neko_%28computer_program%29
\ No newline at end of file
+[16]:http://en.wikipedia.org/wiki/Neko_%28computer_program%29
diff --git a/sources/share/20150410 This tool can alert you about evil twin access points in the area.md b/sources/share/20150410 This tool can alert you about evil twin access points in the area.md
deleted file mode 100644
index b698c5df3b..0000000000
--- a/sources/share/20150410 This tool can alert you about evil twin access points in the area.md
+++ /dev/null
@@ -1,41 +0,0 @@
-translating wi-cuckoo
-This tool can alert you about evil twin access points in the area
-================================================================================
-**EvilAP_Defender can even attack rogue Wi-Fi access points for you, the developer says**
-
-A new open-source tool can periodically scan an area for rogue Wi-Fi access points and can alert network administrators if any are found.
-
-The tool, called EvilAP_Defender, was designed specifically to detect malicious access points that are configured by attackers to mimic legitimate ones in order to trick users to connect to them.
-
-These access points are known as evil twins and allow hackers to intercept Internet traffic from devices connected to them. This can be used to steal credentials, spoof websites, and more.
-
-Most users configure their computers and devices to automatically connect to some wireless networks, like those in their homes or at their workplace. However, when faced with two wireless networks that have the same name, or SSID, and sometimes even the same MAC address, or BSSID, most devices will automatically connect to the one that has the stronger signal.
-
-This makes evil twin attacks easy to pull off because both SSIDs and BSSIDs can be spoofed.
-
-[EvilAP_Defender][1] was written in Python by a developer named Mohamed Idris and was published on GitHub. It can use a computer's wireless network card to discover rogue access points that duplicate a real access point's SSID, BSSID, and even additional parameters like channel, cipher, privacy protocol, and authentication.
-
-The tool will first run in learning mode, so that the legitimate access point [AP] can be discovered and whitelisted. It can then be switched to normal mode to start scanning for unauthorized access points.
-
-If an evil AP is discovered, the tool can alert the network administrator by email, but the developer also plans to add SMS-based alerts in the future.
-
-There is also a preventive mode in which the tool can launch a denial-of-service [DoS] attack against the evil AP to buy the administrator some time to take defensive measures.
-
-"The DoS will only be performed for evil APs which have the same SSID but a different BSSID (AP's MAC address) or run on a different channel," Idris said in the tool's documentation. "This is to avoid attacking your legitimate network."
-
-However, users should remember that attacking someone else's access point, even a likely malicious one operated by an attacker, is most likely illegal in many countries.
-
-In order to run, the tool needs the Aircrack-ng wireless suite, a wireless card supported by Aircrack-ng, MySQL and the Python runtime.
-
---------------------------------------------------------------------------------
-
-via: http://www.infoworld.com/article/2905725/security0/this-tool-can-alert-you-about-evil-twin-access-points-in-the-area.html
-
-作者:[Lucian Constantin][a]
-译者:[译者ID](https://github.com/译者ID)
-校对:[校对者ID](https://github.com/校对者ID)
-
-本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
-
-[a]:http://www.infoworld.com/author/Lucian-Constantin/
-[1] https://github.com/moha99sa/EvilAP_Defender/blob/master/README.TXT
diff --git a/sources/share/20150429 Synfig Studio 1.0--Open Source Animation Gets Serious.md b/sources/share/20150429 Synfig Studio 1.0--Open Source Animation Gets Serious.md
new file mode 100644
index 0000000000..326593d7a3
--- /dev/null
+++ b/sources/share/20150429 Synfig Studio 1.0--Open Source Animation Gets Serious.md
@@ -0,0 +1,42 @@
+Translating by H-mudcup
+Synfig Studio 1.0 — Open Source Animation Gets Serious
+================================================================================
+
+
+**A brand new version of the free, open-source 2D animation software Synfig Studio is now available to download. **
+
+The first release of the cross-platform software in well over a year, Synfig Studio 1.0 builds on its claim of offering “industrial-strength solution for creating film-quality animation” with a suite of new and improved features.
+
+Among them is an improved user interface that the project developers say is ‘easier’ and ‘more intuitive’ to use. The client adds a new **single-window mode** for tidy working and has been **reworked to use the latest GTK3 libraries**.
+
+On the features front there are several notable changes, including the addition of a fully-featured bone system.
+
+This **joint-and-pivot ‘skeleton’ framework** is well suited to 2D cut-out animation and should prove super efficient when coupled with the complex deformations new to this release, or used with Synfig’s popular ‘automatic interpolated keyframes’ (read: frame-to-frame morphing).
+
+注:youtube视频
+
+
+New non-destructive cutout tools, friction effects and initial support for full frame-by-frame bitmap animation, may help unlock the creativity of open-source animators, as might the addition of a sound layer for syncing the animation timeline with a soundtrack!
+
+### Download Synfig Studio 1.0 ###
+
+Synfig Studio is not a tool suited for everyone, though the latest batch of improvements in this latest release should help persuade some animators to give the free animation software a try.
+
+If you want to find out what open-source animation software is like for yourself, you can grab an installer for Ubuntu for the latest release direct from the project’s Sourceforge page using the links below.
+
+- [Download Synfig 1.0 (64bit) .deb Installer][1]
+- [Download Synfig 1.0 (32bit) .deb Installer][2]
+
+--------------------------------------------------------------------------------
+
+via: http://www.omgubuntu.co.uk/2015/04/synfig-studio-new-release-features
+
+作者:[oey-Elijah Sneddon][a]
+译者:[译者ID](https://github.com/译者ID)
+校对:[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[a]:https://plus.google.com/117485690627814051450/?rel=author
+[1]:http://sourceforge.net/projects/synfig/files/releases/1.0/linux/synfigstudio_1.0_amd64.deb/download
+[2]:http://sourceforge.net/projects/synfig/files/releases/1.0/linux/synfigstudio_1.0_x86.deb/download
diff --git a/sources/share/20150512 Guake 0.7.0 Released--A Drop-Down Terminal for Gnome Desktops.md b/sources/share/20150512 Guake 0.7.0 Released--A Drop-Down Terminal for Gnome Desktops.md
new file mode 100644
index 0000000000..40adc3390c
--- /dev/null
+++ b/sources/share/20150512 Guake 0.7.0 Released--A Drop-Down Terminal for Gnome Desktops.md
@@ -0,0 +1,115 @@
+Guake 0.7.0 Released – A Drop-Down Terminal for Gnome Desktops
+================================================================================
+Linux commandline is the best and most powerful thing that fascinates a new user and provides extreme power to experienced users and geeks. For those who work on Server and Production, they are already aware of this fact. It would be interesting to know that Linux console was one of those first features of the kernel that was written by Linus Torvalds way back in the year 1991.
+
+Terminal is a powerful tool that is very reliable as it does not have any movable part. Terminal serves as an intermediate between console and GUI environment. Terminal themselves are GUI application that run on top of a desktop environment. There are a lot of terminal application some of which are Desktop Environment specific and rest are universal. Terminator, Konsole, Gnome-Terminal, Terminology, XFCE terminal, xterm are a few terminal emulators to name.
+
+You may get a list of most widely used Terminal Emulator follow the below link.
+
+- [20 Useful Terminals for Linux][1]
+
+Last day while surfing web, I came across a terminal namely ‘guake‘ which is a terminal for gnome. Though this is not the first time I have learned about Guake. I’d known this application nearly one year ago but somehow I could not write on this and later it was out of my mind until I heard it again. So finally the article is here. We will be taking you to Guake features, installation on Debian, Ubuntu and Fedora followed by quick testing.
+
+#### What is Guake? ####
+
+Guake is a Drop Down Terminal for Gnome Environment. Written from scratch mostly in Python and a little in C this application is released under GPLv2+ and is available for Linux and alike systems. Guake is inspired by a console in computer game Quake which slides down from the top by pressing a specially Key (Default is F12) and then slides-up when the same key is pressed.
+
+Important to mention that Guake is not the first of this kind. Yakuake which stands for Yet Another Kuake, a terminal emulator for KDE Desktop Environment and Tilda which is a GTK+ terminal Emulator are also inspired by the same slide up/down console of computer game Quake.
+
+#### Features of Guake ####
+
+- Lightweight
+- Simple Easy and Elegant
+- Functional
+- Powerful
+- Good Looking
+- Smooth integration of terminal into GUI
+- Appears when you call and disappear once you are done by pressing a predefined hot key
+- Support for hotkeys, tabs, background transparency makes it a brilliant application, must for every Gnome User.
+- Extremely configurable
+- Plenty of color palette included, fixed and recognized
+- Shortcut for transparency level
+- Run a script when Guake starts via Guake Preferences.
+- Able to run on more than one monitor
+
+Guake 0.7.0 was released recently, which brings numerous fixes as well as some new features as discussed above. For complete Guake 0.7.0 changelog and source tarball packages can be found [Here][2].
+
+### Installing Guake Terminal in Linux ###
+
+If you are interested in compiling Guake from source you may download the source from the link above, build it yourself before installing.
+
+However Guake is available to be installed on most of the distributions from repository or by adding an additional repository. Here, we will be installing Guake on Debian, Ubuntu, Linux Mint and Fedora systems.
+
+First get the latest software package list from the repository and then install Guake from the default repository as shown below.
+
+ ---------------- On Debian, Ubuntu and Linux Mint ----------------
+ $ sudo apt-get update
+ $ apt-get install guake
+
+----------
+
+ ---------------- On Fedora 19 Onwards ----------------
+ # yum update
+ # yum install guake
+
+After installation, start the Guake from another terminal as:
+
+ $ guake
+
+After starting it, use F12 (Default) to roll down and roll up the terminal on your Gnome Desktop.
+
+Seems very beautiful specially the transparent background. Roll down… Roll up… Roll down… Roll up…. run command. Open another tab run command… Roll up… Roll down…
+
+
+Guake Terminal in Action
+
+If your wallpaper or working windows color don’t match you may like to change your wallpaper or reduce the transparency of the Guake terminal color.
+
+Next is to look into Guake Properties to edit settings as per requirements. Run Guake Preferences either by running it from Application Menu or by running the below command.
+
+ $ guake --preferences
+
+
+Guake Terminal Properties
+
+Scrolling Properties..
+
+
+Guake Scrolling Settings
+
+Appearance Properties – Here you can modify text and background color as well as tune transparency.
+
+
+Appearance Properties
+
+Keyboard Shortcuts – Here you may edit and Modify Toggle key for Guage Visibility (default is F12).
+
+
+Keyboard Shortcuts
+
+Compatibility Setting – Perhaps you won’t need to edit it.
+
+
+Compatibility Setting
+
+### Conclusion ###
+
+This Project is not too young and not too old, hence has reached certain level of maturity and is quiet solid and works out of the box. For someone like me who need to switch between GUI and Console very often Guake is a boon. I don’t need to manage an extra window, open and close frequently, use tab among a huge pool of opened applications to find terminal or switch to different workspace to manage terminal now all I need is F12.
+
+I think this is a must tool for any Linux user who makes use of GUI and Console at the same time, equally. I am going to recommend it to anyone who want to work on a system where interaction between GUI and Console is smooth and hassle free.
+
+That’s all for now. Let us know if there is any problem in installing and running. We will be here to help you. Also tell us your’s experience about Guake. Provide us with your valuable feedback in the comments below. Like and share us and help us get spread.
+
+--------------------------------------------------------------------------------
+
+via: http://www.tecmint.com/install-guake-terminal-ubuntu-mint-fedora/
+
+作者:[Avishek Kumar][a]
+译者:[译者ID](https://github.com/译者ID)
+校对:[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
+
+[a]:http://www.tecmint.com/author/avishek/
+[1]:http://www.tecmint.com/linux-terminal-emulators/
+[2]:https://github.com/Guake/guake/releases/tag/0.7.0
\ No newline at end of file
diff --git a/sources/talk/20141211 Open source all over the world.md b/sources/talk/20141211 Open source all over the world.md
index 130201bff4..bd306edd5a 100644
--- a/sources/talk/20141211 Open source all over the world.md
+++ b/sources/talk/20141211 Open source all over the world.md
@@ -1,4 +1,3 @@
-[raywang]
Open source all over the world
================================================================================
diff --git a/sources/talk/20141224 The Curious Case of the Disappearing Distros.md b/sources/talk/20141224 The Curious Case of the Disappearing Distros.md
index 3fe7cd788c..b9fc7875d7 100644
--- a/sources/talk/20141224 The Curious Case of the Disappearing Distros.md
+++ b/sources/talk/20141224 The Curious Case of the Disappearing Distros.md
@@ -1,12 +1,8 @@
-theol-l translating
-
The Curious Case of the Disappearing Distros
-关于消失的发行版的古怪情形。
================================================================================
"Linux is a big game now, with billions of dollars of profit, and it's the best thing since sliced bread, but corporations are taking control, and slowly but systematically, community distros are being killed," said Google+ blogger Alessandro Ebersol. "Linux is slowly becoming just like BSD, where companies use and abuse it and give very little in return."
-"Linux现在成为了一个大型的游戏,同时具有巨额的利润,这是有史以来最好的事情。但是公司企业进行了控制,于是缓慢而系统的社区发行版就逐渐被干掉了,",Google+的一个博主 Alessandro Ebersol说到。"Linux开始变得像BSD--一些公司使用和滥用但是没有任何回报--一样缓慢。"
Well the holidays are pretty much upon us at last here in the Linux blogosphere, and there's nowhere left to hide. The next two weeks or so promise little more than a blur of forced social occasions and too-large meals, punctuated only -- for the luckier ones among us -- by occasional respite down at the Broken Windows Lounge.
diff --git a/sources/talk/20150410 10 Top Distributions in Demand to Get Your Dream Job.md b/sources/talk/20150410 10 Top Distributions in Demand to Get Your Dream Job.md
index 5632351b37..0e3e611ea4 100644
--- a/sources/talk/20150410 10 Top Distributions in Demand to Get Your Dream Job.md
+++ b/sources/talk/20150410 10 Top Distributions in Demand to Get Your Dream Job.md
@@ -1,4 +1,3 @@
-Translating by weychen
10 Top Distributions in Demand to Get Your Dream Job
================================================================================
We are coming up with a series of five articles which aims at making you aware of the top skills which will help you in getting yours dream job. In this competitive world you can not rely on one skill. You need to have balanced set of skills. There is no measure of a balanced skill set except a few conventions and statistics which changes from time-to-time.
diff --git a/sources/talk/20150511 Open Source History--Why Did Linux Succeed.md b/sources/talk/20150511 Open Source History--Why Did Linux Succeed.md
new file mode 100644
index 0000000000..9a5a19686a
--- /dev/null
+++ b/sources/talk/20150511 Open Source History--Why Did Linux Succeed.md
@@ -0,0 +1,73 @@
+Open Source History: Why Did Linux Succeed?
+================================================================================
+> Why did Linux, the Unix-like operating system kernel started by Linus Torvalds in 1991 that became central to the open source world, succeed where so many similar projects, including GNU HURD and the BSDs, fail?
+
+
+
+One of the most puzzling questions about the history of free and open source is this: Why did Linux succeed so spectacularly, whereas similar attempts to build a free or open source, Unix-like operating system kernel met with considerably less success? I don't know the answer to that question. But I have rounded up some theories, which I'd like to lay out here.
+
+First, though, let me make clear what I mean when I write that Linux was a great success. I am defining it in opposition primarily to the variety of other Unix-like operating system kernels, some of them open and some not, that proliferated around the time Linux was born. [GNU][1] HURD, the free-as-in-freedom kernel whose development began in [May 1991][2], is one of them. Others include Unices that most people today have never heard of, such as various derivatives of the Unix variant developed at the University of California at Berkeley, BSD; Xenix, Microsoft's take on Unix; academic Unix clones including Minix; and the original Unix developed under the auspices of AT&T, which was vitally important in academic and commercial computing circles during earlier decades, but virtually disappeared from the scene by the 1990s.
+
+#### Related ####
+
+- [Open Source History: Tracing the Origins of Hacker Culture and the Hacker Ethic][3]
+- [Unix and Personal Computers: Reinterpreting the Origins of Linux][4]
+
+I'd also like to make clear that I'm writing here about kernels, not complete operating systems. To a great extent, the Linux kernel owes its success to the GNU project as a whole, which produced the crucial tools, including compilers, a debugger and a BASH shell implementation, that are necessary to build a Unix-like operating system. But GNU developers never created a viable version of the the HURD kernel (although they are [still trying][5]). Instead, Linux ended up as the kernel that glued the rest of the GNU pieces together, even though that had never been in the GNU plans.
+
+So it's worth asking why Linux, a kernel launched by Linus Torvalds, an obscure programmer in Finland, in 1991—the same year as HURD—endured and thrived within a niche where so many other Unix-like kernels, many of which enjoyed strong commercial backing and association with the leading Unix hackers of the day, failed to take off. To that end, here are a few theories pertaining to that question that I've come across as I've researched the history of the free and open source software worlds, along with the respective strengths and weaknesses of these various explanations.
+
+### Linux Adopted a Decentralized Development Approach ###
+
+This is the argument that comes out of Eric S. Raymond's essay, "[The Cathedral and the Bazaar][6]," and related works, which make the case that software develops best when a large number of contributors collaborate continuously within a relatively decentralized organizational structure. That was generally true of Linux, in contrast to, for instance, GNU HURD, which took a more centrally directed approach to code development—and, as a result, "had been evidently failing" to build a complete operating system for a decade, in Raymond's view.
+
+To an extent, this explanation makes sense, but it has some significant flaws. For one, Torvalds arguably assumed a more authoritative role in directing Linux code development—deciding which contributions to include and reject—than Raymond and others have wanted to recognize. For another, this reasoning does not explain why GNU succeeded in producing so much software besides a working kernel. If only decentralized development works well in the free/open source software world, then all of GNU's programming efforts should have been a bust—which they most certainly were not.
+
+### Linux is Pragmatic; GNU is Ideological ###
+
+Personally, I find this explanation—which supposes that Linux grew so rapidly because its founder was a pragmatist who initially wrote the kernel just to be able to run a tailored Unix OS on his computer at home, not as part of a crusade to change the world through free software, as the GNU project aimed to do—the most compelling.
+
+Still, it has some weaknesses that make it less than completely satisfying. In particular, while Torvalds himself adopted pragmatic principles, not all members of the community that coalesced around his project, then or today, have done the same. Yet, Linux has succeeded all the same.
+
+Moreover, if pragmatism was the key to Linux's endurance, then why, again, was GNU successful in building so many other tools besides a kernel? If having strong political beliefs about software prevents you from pursuing successful projects, GNU should have been an outright failure, not an endeavor that produced a number of software packages that remain foundational to the IT world today.
+
+Last but not least, many of the other Unix variants of the late 1980s and early 1990s, especially several BSD off-shoots, were the products of pragmatism. Their developers aimed to build Unix variants that could be more freely shared than those restricted by expensive commercial licenses, but they were not deeply ideological about programming or sharing code. Neither was Torvalds, and it is therefore difficult to explain Linux's success, and the failure of other Unix projects, in terms of ideological zeal.
+
+### Operating System Design ###
+
+There are technical differences between Linux and some other Unix variants that are important to keep in mind when considering the success of Linux. Richard Stallman, the founder of the GNU project, pointed to these in explaining, in an email to me, why HURD development had lagged: "It is true that the GNU Hurd is not a practical success. Part of the reason is that its basic design made it somewhat of a research project. (I chose that design thinking it was a shortcut to get a working kernel in a hurry.)"
+
+Linux is also different from other Unix variants in the sense that Torvalds wrote all of the Linux code himself. Having a Unix of his own, free of other people's code, was one of his stated intentions when he [first announced Linux][7] in August 1991. This characteristic sets Linux apart from most of the other Unix variants that existed at that time, which derived their code bases from either AT&T Unix or Berkeley's BSD.
+
+I'm not a computer scientist, so I'm not qualified to decide whether the Linux code was simply superior to that of the other Unices, explaining why Linux succeeded. But that's an argument someone might make—although it does not account for the disparity in culture and personnel between Linux and other Unix kernels, which, to me, seem more important than code in understanding Linux's success.
+
+### The "Community" Put Its Support Behind Linux ###
+
+Stallman also wrote that "mainly the reason" for Linux's success was that "Torvalds made Linux free software, and since then more of the community's effort has gone into Linux than into the Hurd." That's not exactly a complete explanation for Linux's trajectory, since it does not account for why the community of free software developers followed Torvalds instead of HURD or another Unix. But it nonetheless highlights this shift as a large part of how Linux prevailed.
+
+A fuller account of the free software community's decision to endorse Linux would have to explain why developers did so even though, at first, Linux was a very obscure project—much more so, by any measure, than some of the other attempts at the time to create a freer Unix, such as NET BSD and 386/BSD—as well as one whose affinity with the goals of the free software movement was not at first clear. Originally, Torvalds released Linux under a license that simply prevented its commercial use. It was considerably later that he switched to the GNU General Public License, which protects the openness of source code.
+
+So, those are the explanations I've found for Linux's success as an open source operating system kernel—a success which, to be sure, has been measured in some respects (desktop Linux never became what its proponents hoped, for instance). But Linux has also become foundational to the computing world in ways that no other Unix-like OS has. Maybe Apple OS X and iOS, which derive from BSD, come close, but they don't play such a central role as Linux in powering the Internet, among other things.
+
+Have other ideas on why Linux became what it did, or why its counterparts in the Unix world have now almost all sunk into obscurity? (I know: BSD variants still have a following today, and some commercial Unices remain important enough for [Red Hat][8] (RHT) to be [courting their users][9]. But none of these Unix holdouts have conquered everything from Web servers to smartphones in the way Linux has.) I'd be delighted to hear them.
+
+--------------------------------------------------------------------------------
+
+via: http://thevarguy.com/open-source-application-software-companies/050415/open-source-history-why-did-linux-succeed
+
+作者:[hristopher Tozzi][a]
+译者:[译者ID](https://github.com/译者ID)
+校对:[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
+
+[a]:http://thevarguy.com/author/christopher-tozzi
+[1]:http://gnu.org/
+[2]:http://www.gnu.org/software/hurd/history/hurd-announce
+[3]:http://thevarguy.com/open-source-application-software-companies/042915/open-source-history-tracing-origins-hacker-culture-and-ha
+[4]:http://thevarguy.com/open-source-application-software-companies/042715/unix-and-personal-computers-reinterpreting-origins-linux
+[5]:http://thevarguy.com/open-source-application-software-companies/042015/30-years-hurd-lives-gnu-updates-open-source-
+[6]:http://www.catb.org/esr/writings/cathedral-bazaar/cathedral-bazaar/
+[7]:https://groups.google.com/forum/#!topic/comp.os.minix/dlNtH7RRrGA[1-25]
+[8]:http://www.redhat.com/
+[9]:http://thevarguy.com/open-source-application-software-companies/032614/red-hat-grants-certification-award-unix-linux-migration-a
\ No newline at end of file
diff --git a/sources/talk/The history of Android/13 - The history of Android.md b/sources/talk/The history of Android/13 - The history of Android.md
deleted file mode 100644
index 31f5cd7eb4..0000000000
--- a/sources/talk/The history of Android/13 - The history of Android.md
+++ /dev/null
@@ -1,104 +0,0 @@
-【translating】The history of Android
-================================================================================
-
-
-### Android 2.1, update 1—the start of an endless war ###
-
-Google was a major launch partner for the first iPhone—the company provided Google Maps, Search, and YouTube for Apple’s mobile operating system. At the time, Google CEO Eric Schmidt was a member of Apple’s board of directors. In fact, during the original iPhone presentation, [Schmidt was the first person on stage][] after Steve Jobs, and he joked that the two companies were so close they could merge into “AppleGoo."
-
-While Google was developing Android, the relationship between the two companies slowly became contentious. Still, Google largely kept Apple happy by keeping key iPhone features, like pinch zoom, out of Android. The Nexus One, though, was the first slate-style Android flagship without a keyboard, which gave the device the same form factor as the iPhone. Combined with the newer software and Google branding, this was the last straw for Apple. According to Walter Isaacson’s biography on Steve Jobs, after seeing the Nexus One in January 2010, the Apple CEO was furious, saying "I will spend my last dying breath if I need to, and I will spend every penny of Apple's $40 billion in the bank, to right this wrong... I'm going to destroy Android, because it's a stolen product. I'm willing to go thermonuclear war on this."
-
-All of this happened behind closed doors, only coming out years after the Nexus One was released. The public first caught wind of this growing rift between Google and Apple when, a month after the release of Android 2.1, an update shipped for the Nexus One called “[2.1 update 1.][2]" The updated added one feature, something iOS long held over the head of Android: pinch-zoom.
-
-While Android supported multi-touch APIs since version 2.0, the default operating system apps stayed clear of this useful feature at the behest of Jobs. After reconciliation meetings over the Nexus One failed, there was no longer a reason to keep pinch zoom out of Android. Google pushed all their chips into the middle of the table, hit the update button, and was finally “all-in" with Android.
-
-With pinch zoom enabled in Google Maps, the Browser, and the Gallery, the Google-Apple smartphone war was on. In the coming years, the two companies would become bitter enemies. A month after the pinch zoom update, Apple went on the warpath, suing everyone and everything that used Android. HTC, Motorola, and Samsung were all brought to court, and some of them are still in court. Schmidt resigned from Apple’s board of directors. Google Maps and YouTube were kicked off of the iPhone, and Apple even started a rival mapping service. Today, the two players that were almost "AppleGoo" compete in smartphones, tablets, laptops, movies, TV shows, music, books, apps, e-mail, productivity software, browsers, personal assistants, cloud storage, mobile advertising, instant messaging, mapping, and set-top-boxes... and soon the two will be competing in car computers, wearables, mobile payments, and living room gaming.
-
-### Android 2.2 Froyo—faster and Flash-ier ###
-
-[Android 2.2][3] came out four months after the release of 2.1, in May 2010. Froyo featured major under-the-hood improvements for Android, all made in the name of speed. The biggest addition was just-in-time (JIT) compilation. JIT automatically converted java bytecode into native code at runtime, which led to drastic performance improvements across the board.
-
-The Browser got a performance boost, too, thanks to the integration of the V8 javascript engine from Chrome. This was the first of many features the Android browser would borrow from Chrome, and eventually the stock browser would be completely replaced by a mobile version of Chrome. Until that day came, though, the Android team needed to ship a browser. Pulling in Chrome parts was an easy way to upgrade.
-
-While Google was focusing on making its platform faster, Apple was making its platform bigger. Google's rival released the 10-inch iPad a month earlier, ushering in the modern era of tablets. While some large Froyo and Gingerbread tablets were released, Google's official response—Android 3.0 Honeycomb and the Motorola Xoom—would not arrive for nine months.
-
-
-Froyo added a two-icon dock at the bottom and universal search.
-Photo by Ron Amadeo
-
-The biggest change on the Froyo homescreen was the new dock at the bottom, which filled the previously empty space to the left and right of the app drawer with phone and browser icons. Both of these icons were custom-designed white versions of the stock icons, and they were not user-configurable.
-
-The default layout removed all the icons, and it only stuck the new tips widget on the screen, which directed you to click on the launcher icon to access your apps. The Google Search widget gained a Google logo which doubled as a button. Tapping it would open the search interface and allow you to restrict a search by Web, apps, or contacts.
-
-
-The downloads page showing the “update all" button, the Flash app, a flash-powered site where anything is possible, and the “move to SD" button.
-Photo by [Ryan Paul][4]
-
-Some of the best additions to Froyo were more download controls for the Android Market. There was now an “Update all" button pinned to the bottom of the Downloads page. Google also added an automatic updating feature, which would automatically install apps as long as the permissions hadn't changed; automatic updating was off by default, though.
-
-The second picture shows Adobe Flash Player, which was exclusive to Froyo. The app plugged in to the browser and allowed for a “full Web" experience. In 2010, this meant pages heavy with Flash navigation and video. Flash was one of Android's big differentiators compared to the iPhone. Steve Jobs started a holy war against Flash, declaring it an obsolete, buggy piece of software, and Apple would not allow it on iOS. So Android picked up the Flash ball and ran with it, giving users the option of having a semi-workable implementation on Android.
-
-At the time, Flash could bring even a desktop computer to its knees, so keeping it on all the time on a mobile phone delivered terrible performance. To fix this, Flash on Android's browser could be set to "on-demand"—Flash content would not load until users clicked on the Flash placeholder icon. Flash support would last on Android until 4.1, when Adobe gave up and killed the project. Ultimately Flash never really worked well on Android. The lack of Flash on the iPhone, the most popular mobile device, pushed the Internet to eventually dump the platform.
-
-The last picture shows the newly added ability to move apps to the SD card, which, in an era when phones came with 512MB of internal storage, was sorely needed.
-
-
-The car app and camera app. The camera could now rotate.
-Photo by Ron Amadeo
-
-The camera app was finally updated to support portrait mode. The camera settings were moved out of the drawer and into a semi-transparent strip of buttons next to the shutter button and other controls. This new design seemed to take a lot of inspiration from the Cooliris Gallery app, with transparent, springy speech bubble popups. It was quite strange to see the high-tech Cooliris-style UI design grafted on to the leather-bound camera app—the aesthetics didn't match at all.
-
-
-The semi-broken Facebook app is a good example of the common 2x3 navigation page. Google Goggles was included but also broken.
-Photo by Ron Amadeo
-
-Unlike the Facebook client included in Android 2.0 and 2.1, the 2.2 version still sort of works and can sign in to Facebook's servers. The Facebook app is a good example of Google's design guidelines for apps at the time, which suggested having a navigational page consisting of a 3x2 grid of icons as the main page of an app.
-
-This was Google's first standardized attempt at getting navigational elements out of the menu button and onto the screen, where users could find them. This design was usable, but it added an extra roadblock between launching an app and using an app. Google would later realize that when users launch an app, it was a better idea to show them content instead of an interstitial navigational screen. In Facebook for instance, opening to the news feed would be much more appropriate. And later app designs would relegate navigation to a second-tier location—first as tabs at the top of the screen, and later Google would settle on the "Navigation Drawer," a slide-out panel containing all the locations in an app.
-
-Also packed in with Froyo was Google Goggles, a visual search app which would try to identify the subject of a picture. It was useful for identifying works of art, landmarks, and barcodes, but not much else. These first two setup screens, along with the camera interface, are all that work in the app anymore. Today, you can't actually complete a search with a client this old. There wasn't much to see anyway; it was a camera interface that returned a search results page.
-
-
-The Twitter app, which was an animation-filled collaboration between Google and Twitter.
-Photo by Ron Amadeo
-
-Froyo included the first Android Twitter app, which was actually a collaboration between Google and Twitter. At the time, a Twitter app was one of the big holes in Android's app lineup. Developers favored the iPhone, and with Apple's head start and stringent design requirements, the App Store's app selection was far superior to Android's. But Google needed a Twitter app, so it teamed up with the company to get the first version out the door.
-
-This represented Google's newer design language, which meant it had an interstitial navigation page and a "tech-demo" approach to animations. The Twitter app was even more heavy-handed with animation effects than the Cooliris Gallery—everything moved all the time. The clouds at the top and bottom of every page continually scrolled at varying speeds, and the Twitter bird at the bottom flapped its wings and moved its head left and right.
-
-The Twitter app actually featured an early precursor to the Action Bar, a persistent strip of top-aligned controls that was introduced in Android 3.0 . Along the top of every screen was a blue bar containing the Twitter logo and buttons like search, refresh, and compose tweet. The big difference between this and the later action bars was that the Twitter/Google design lacks an "Up" button in the top right corner, and it actually uses an entire second bar to show your current location within the app. In the second picture above, you can see a whole bar dedicated to the location label "Tweets" (and, of course, the continuously scrolling clouds). The Twitter logo in the second bar acted as another navigational element, sometimes showing additional drill down areas within the current section and sometimes showing the entire top-level shortcut group.
-
-The 2.3 Tweet stream didn't look much different from what it does today, save for the hidden action buttons (reply, retweet, etc), which were all under the right-aligned arrow buttons. They popped up in a speech bubble menu that looked just like the navigational popup. The faux-action bar was doing serious work on the create tweet page. It housed the twitter logo, remaining character count, and buttons to attach a picture, take a picture, and a contact mention button.
-
-The Twitter app even came with a pair of home screen widgets. The big one took up eight slots and gave you a compose bar, update button, one tweet, and left and right arrows to view more tweets. The little one showed a tweet and reply button. Tapping on the compose bar on the large widget immediately launched the main "Create Tweet," rendering the "update" button worthless.
-
-
-Google Talk and the new USB dialog.
-Photo by Ron Amadeo
-
-Elsewhere, Google Talk (and the unpictured SMS app) changed from a dark theme to a light theme, which made both of them look a lot closer to the current, modern apps. The USB storage screen that popped up when you plugged into a computer changed from a simple dialog box to a full screen interface. Instead of a text-only design, the screen now had a mutant Android/USB-stick hybrid.
-
-While Android 2.2 didn’t feature much in the way of user-facing features, a major UI overhaul was coming in the next two versions. Before all the UI work, though, Google wanted to revamp the core of Android. Android 2.2 accomplished that.
-
-----------
-
-
-
-[Ron Amadeo][a] / Ron is the Reviews Editor at Ars Technica, where he specializes in Android OS and Google products. He is always on the hunt for a new gadget and loves to rip things apart to see how they work.
-
-[@RonAmadeo][t]
-
---------------------------------------------------------------------------------
-
-via: http://arstechnica.com/gadgets/2014/06/building-android-a-40000-word-history-of-googles-mobile-os/13/
-
-译者:[译者ID](https://github.com/译者ID) 校对:[校对者ID](https://github.com/校对者ID)
-
-本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
-
-[1]:http://www.youtube.com/watch?v=9hUIxyE2Ns8#t=3016
-[2]:http://arstechnica.com/gadgets/2010/02/googles-nexus-one-gets-multitouch/
-[3]:http://arstechnica.com/information-technology/2010/07/android-22-froyo/
-[4]:http://arstechnica.com/information-technology/2010/07/android-22-froyo/
-[a]:http://arstechnica.com/author/ronamadeo
-[t]:https://twitter.com/RonAmadeo
diff --git a/sources/talk/The history of Android/14 - The history of Android.md b/sources/talk/The history of Android/14 - The history of Android.md
deleted file mode 100644
index 3377527026..0000000000
--- a/sources/talk/The history of Android/14 - The history of Android.md
+++ /dev/null
@@ -1,84 +0,0 @@
-alim0x translating
-
-The history of Android
-================================================================================
-### Voice Actions—a supercomputer in your pocket ###
-
-In August 2010, a new feature “[Voice Actions][1]" launched in the Android Market as part of the Voice Search app. Voice Actions allowed users to issue voice commands to their phone, and Android would try to interpret them and do something smart. Something like "Navigate to [address]" would fire up Google Maps and start turn-by-turn navigation to your stated destination. You could also send texts or e-mails, make a call, open a Website, get directions, or view a location on a map—all just by speaking.
-
-注:youtube视频地址
-
-
-Voice Actions was the culmination of a new app design philosophy for Google. Voice Actions was the most advanced voice control software for its time, and the secret was that Google wasn’t doing any computing on the device. In general, voice recognition was very CPU intensive. In fact, many voice recognition programs still have a “speed versus accuracy" setting, where users can choose how long they are willing to wait for the voice recognition algorithms to work—more CPU power means better accuracy.
-
-Google’s innovation was not bothering to do the voice recognition computing on the phone’s limited processor. When a command was spoken, the user’s voice was packaged up and shipped out over the Internet to Google’s cloud servers. There, Google’s farm of supercomputers pored over the message, interpreted it, and shipped it back to the phone. It was a long journey, but the Internet was finally fast enough to accomplish something like this in a second or two.
-
-Many people throw the phrase “cloud computing" around to mean “anything that is stored on a server," but this was actual cloud computing. Google was doing hardcore compute operations in the cloud, and because it is throwing a ridiculous amount of CPU power at the problem, the only limit to the voice recognition accuracy is the algorithms themselves. The software didn't need to be individually “trained" by each user, because everyone who used Voice Actions was training it all the time. Using the power of the Internet, Android put a supercomputer in your pocket, and, compared to existing solutions, moving the voice recognition workload from a pocket-sized computer to a room-sized computer greatly increased accuracy.
-
-Voice recognition had been a project of Google’s for some time, and it all started with an 800 number. [1-800-GOOG-411][1] was a free phone information service that Google launched in April 2007. It worked just like 411 information services had for years—users could call the number and ask for a phone book lookup—but Google offered it for free. No humans were involved in the lookup process, the 411 service was powered by voice recognition and a text-to-speech engine. Voice Actions was only possible after three years of the public teaching Google how to hear.
-
-Voice recognition was a great example of Google’s extremely long-term thinking—the company wasn't afraid to invest in a project that wouldn’t become a commercial product for several years. Today, voice recognition powers products all across Google. It’s used for voice input in the Google Search app, Android’s voice typing, and on Google.com. It’s also the primary input interface for Google Glass and [Android Wear][2].
-
-The company even uses it beyond input. Google's voice recognition technology is used to transcribe YouTube videos, which powers automatic closed captioning for the hearing impaired. The transcription is even indexed by Google, so you can search for words that were said in the video. Voice is the future of many products, and this long-term planning has led Google to be one of the few major tech companies with an in-house voice recognition service. Most other voice recognition products, like Apple’s Siri and Samsung devices, are forced to use—and pay a license fee for—voice recognition from Nuance.
-
-With the computer hearing system up and running, Google is applying this strategy to computer vision next. That's why things like Google Goggles, Google Image Search, and [Project Tango][3] exist. Just like the days of GOOG-411, these projects are in the early stages. When [Google's robot division][4] gets off the ground with a real robot, it will need to see and hear, and Google's computer vision and hearing projects will likely give the company a head start.
-
-
-The Nexus S, the first Nexus phone made by Samsung.
-
-### Android 2.3 Gingerbread—the first major UI overhaul ###
-
-Gingerbread was released in December 2010, a whopping seven months after the release of 2.2. The wait was worth it, though, as Android 2.3 changed just about every screen in the OS. It was the first major overhaul since the initial formation of Android in version 0.9. 2.3 would kick off a series of continual revamps in an attempt to turn Android from an ugly duckling into something that was capable of holding its own—aesthetically—against the iPhone.
-
-And speaking of Apple, six months earlier, the company released the iPhone 4 and iOS 4, which added multitasking and Facetime video chat. Microsoft was finally back in the game, too. The company jumped into the modern smartphone era with the launch of Windows Phone 7 in November 2010.
-
-Android 2.3 focused a lot on the interface design, but with no direction or design documents, many apps ended up getting a new bespoke theme. Some apps went with a flatter, darker theme, some used a gradient-filled, bubbly dark theme, and others went with a high-contrast white and green look. While it wasn't cohesive, Gingerbread accomplished the goal of modernizing nearly every part of the OS. It was a good thing, too, because the next phone version of Android wouldn’t arrive until nearly a year later.
-
-Gingerbread’s launch device was the Nexus S, Google’s second flagship device and the first Nexus manufactured by Samsung. While today we are used to new CPU models every year, back then that wasn't the case. The Nexus S had a 1GHz Cortex A8 processor, just like the Nexus One. The GPU was slightly faster, and that was it in the speed department. It was a little bigger than the Nexus One, with a 4-inch, 800×480 AMOLED display.
-
-Spec wise, the Nexus S might seem like a tame upgrade, but it was actually home to a lot of firsts for Android. The Nexus S was Google’s first flagship to shun a MicroSD slot, shipping with 16GB on-board memory. The Nexus One had only 512MB of storage, but it had a MicroSD slot. Removing the SD slot simplified storage management for users—there was just one pool now—but hurt expandability for power users. It was also Google's first phone to have NFC, a special chip in the back of the phone that could transfer information when touched to another NFC chip. For now, the Nexus S could only read NFC tags—it couldn't send data.
-
-Thanks to some upgrades in Gingerbread, the Nexus S was one of the first Android phones to ship without a hardware D-Pad or trackball. The Nexus S was now down to just the power, volume, and the four navigation buttons. The Nexus S was also a precursor to the [crazy curved-screen phones][6] of today, as Samsung outfitted the Nexus S with a piece of slightly curved glass.
-
-
-Gingerbread changed the status bar and wallpaper, and it added a bunch of new icons.
-Photo by Ron Amadeo
-
-An upgraded "Nexus" live wallpaper was released as an exclusive addition to the Nexus S. It was basically the same idea as the Nexus One version, with its animated streaks of light. On the Nexus S, the "grid" design was removed and replaced with a wavy blue/gray background. The dock at the bottom was given square corners and colored icons.
-
-
-The new notification panel and menu.
-Photo by Ron Amadeo
-
-The status bar was finally overhauled from the version that first debuted in 0.9. The bar was changed from a white gradient to flat black, and all the icons were redrawn in gray and green. Just about everything looked crisper and more modern thanks to the sharp-angled icon design and higher resolution. The strangest decisions were probably the removal of the time period from the status bar clock and the confusing shade of gray that was used for the signal bars. Despite gray being used for many status bar icons, and there being four gray bars in the above screenshot, Android was actually indicating no cellular signal. Green bars would indicate a signal, gray bars indicated “empty" signal slots.
-
-The green status bar icons in Gingerbread also doubled as a status indicator of network connectivity. If you had a working connection to Google's servers, the icons would be green, if there was no connection to Google, the icons turned white. This let you easily identify the connectivity status of your connection while you were out and about.
-
-The notification panel was changed from the aging Android 1.5 design. Again, we saw a UI piece that changed from a light theme to a dark theme, getting a dark gray header, black background, and black-on-gray text.
-
-The menu was darkened too, changing from a white background to a black one with a slight transparency. The contrast between the menu icons and the background wasn’t as strong as it should be, because the gray icons are the same color as they were on the white background. Requiring a color change would mean every developer would have to make new icons, so Google went with the preexisting gray color on black. This was a change at the system level, so this new menu would show up in every app.
-
-----------
-
-
-
-[Ron Amadeo][a] / Ron is the Reviews Editor at Ars Technica, where he specializes in Android OS and Google products. He is always on the hunt for a new gadget and loves to rip things apart to see how they work.
-
-[@RonAmadeo][t]
-
---------------------------------------------------------------------------------
-
-via: http://arstechnica.com/gadgets/2014/06/building-android-a-40000-word-history-of-googles-mobile-os/14/
-
-译者:[译者ID](https://github.com/译者ID) 校对:[校对者ID](https://github.com/校对者ID)
-
-本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
-
-[1]:http://arstechnica.com/gadgets/2010/08/google-beefs-up-voice-search-mobile-sync/
-[2]:http://arstechnica.com/business/2007/04/google-rolls-out-free-411-service/
-[3]:http://arstechnica.com/gadgets/2014/03/in-depth-with-android-wear-googles-quantum-leap-of-a-smartwatch-os/
-[4]:http://arstechnica.com/gadgets/2014/02/googles-project-tango-is-a-smartphone-with-kinect-style-computer-vision/
-[5]:http://arstechnica.com/gadgets/2013/12/google-robots-former-android-chief-will-lead-google-robotics-division/
-[6]:http://arstechnica.com/gadgets/2013/12/lg-g-flex-review-form-over-even-basic-function/
-[a]:http://arstechnica.com/author/ronamadeo
-[t]:https://twitter.com/RonAmadeo
diff --git a/sources/talk/The history of Android/15 - The history of Android.md b/sources/talk/The history of Android/15 - The history of Android.md
index 078e106d1c..9ca4176245 100644
--- a/sources/talk/The history of Android/15 - The history of Android.md
+++ b/sources/talk/The history of Android/15 - The history of Android.md
@@ -1,3 +1,5 @@
+alim0x translating
+
The history of Android
================================================================================
@@ -83,4 +85,4 @@ via: http://arstechnica.com/gadgets/2014/06/building-android-a-40000-word-histor
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
[a]:http://arstechnica.com/author/ronamadeo
-[t]:https://twitter.com/RonAmadeo
\ No newline at end of file
+[t]:https://twitter.com/RonAmadeo
diff --git a/sources/tech/20141219 What is good audio editing software on Linux.md b/sources/tech/20141219 What is good audio editing software on Linux.md
index d9228b4eda..ccc6a0883b 100644
--- a/sources/tech/20141219 What is good audio editing software on Linux.md
+++ b/sources/tech/20141219 What is good audio editing software on Linux.md
@@ -1,8 +1,7 @@
-Translating by ly0
-
-Linux下一些蛮不错的音频编辑软件
+What is good audio editing software on Linux
================================================================================
-无论你是一个业余的音乐家或者仅仅是一个上课撸教授音的学,你总是需要和录音打交道。如果你有很长的时间仅仅用Mac干这种事情,那么可以和这个过程说拜拜了,现在Linux也可以干同样的事情。简而言之,这里有一个简单但是不错的音频编辑软件列表,来满足你对不同任务和需求。
+
+Whether you are an amateur musician or just a student recording his professor, you need to edit and work with audio recordings. If for a long time such task was exclusively attributed to Macintosh, this time is over, and Linux now has what it takes to do the job. In short, here is a non-exhaustive list of good audio editing software, fit for different tasks and needs.
### 1. Audacity ###
diff --git a/sources/tech/2015-04-29 web caching basics terminology http headers and caching strategies.md b/sources/tech/2015-04-29 web caching basics terminology http headers and caching strategies.md
new file mode 100644
index 0000000000..07fd4fcd42
--- /dev/null
+++ b/sources/tech/2015-04-29 web caching basics terminology http headers and caching strategies.md
@@ -0,0 +1,446 @@
+translating by wwy-hust
+
+Web Caching Basics: Terminology, HTTP Headers, and Caching Strategies
+=====================================================================
+
+### Introduction
+
+Intelligent content caching is one of the most effective ways to improve
+the experience for your site's visitors. Caching, or temporarily storing
+content from previous requests, is part of the core content delivery
+strategy implemented within the HTTP protocol. Components throughout the
+delivery path can all cache items to speed up subsequent requests,
+subject to the caching policies declared for the content.
+
+In this guide, we will discuss some of the basic concepts of web content
+caching. This will mainly cover how to select caching policies to ensure
+that caches throughout the internet can correctly process your content.
+We will talk about the benefits that caching affords, the side effects
+to be aware of, and the different strategies to employ to provide the
+best mixture of performance and flexibility.
+
+What Is Caching?
+----------------
+
+Caching is the term for storing reusable responses in order to make
+subsequent requests faster. There are many different types of caching
+available, each of which has its own characteristics. Application caches
+and memory caches are both popular for their ability to speed up certain
+responses.
+
+Web caching, the focus of this guide, is a different type of cache. Web
+caching is a core design feature of the HTTP protocol meant to minimize
+network traffic while improving the perceived responsiveness of the
+system as a whole. Caches are found at every level of a content's
+journey from the original server to the browser.
+
+Web caching works by caching the HTTP responses for requests according
+to certain rules. Subsequent requests for cached content can then be
+fulfilled from a cache closer to the user instead of sending the request
+all the way back to the web server.
+
+Benefits
+--------
+
+Effective caching aids both content consumers and content providers.
+Some of the benefits that caching brings to content delivery are:
+
+- **Decreased network costs**: Content can be cached at various points
+ in the network path between the content consumer and content origin.
+ When the content is cached closer to the consumer, requests will not
+ cause much additional network activity beyond the cache.
+- **Improved responsiveness**: Caching enables content to be retrieved
+ faster because an entire network round trip is not necessary. Caches
+ maintained close to the user, like the browser cache, can make this
+ retrieval nearly instantaneous.
+- **Increased performance on the same hardware**: For the server where
+ the content originated, more performance can be squeezed from the
+ same hardware by allowing aggressive caching. The content owner can
+ leverage the powerful servers along the delivery path to take the
+ brunt of certain content loads.
+- **Availability of content during network interruptions**: With
+ certain policies, caching can be used to serve content to end users
+ even when it may be unavailable for short periods of time from the
+ origin servers.
+
+Terminology
+-----------
+
+When dealing with caching, there are a few terms that you are likely to
+come across that might be unfamiliar. Some of the more common ones are
+below:
+
+- **Origin server**: The origin server is the original location of the
+ content. If you are acting as the web server administrator, this is
+ the machine that you control. It is responsible for serving any
+ content that could not be retrieved from a cache along the request
+ route and for setting the caching policy for all content.
+- **Cache hit ratio**: A cache's effectiveness is measured in terms of
+ its cache hit ratio or hit rate. This is a ratio of the requests
+ able to be retrieved from a cache to the total requests made. A high
+ cache hit ratio means that a high percentage of the content was able
+ to be retrieved from the cache. This is usually the desired outcome
+ for most administrators.
+- **Freshness**: Freshness is a term used to describe whether an item
+ within a cache is still considered a candidate to serve to a client.
+ Content in a cache will only be used to respond if it is within the
+ freshness time frame specified by the caching policy.
+- **Stale content**: Items in the cache expire according to the cache
+ freshness settings in the caching policy. Expired content is
+ "stale". In general, expired content cannot be used to respond to
+ client requests. The origin server must be re-contacted to retrieve
+ the new content or at least verify that the cached content is still
+ accurate.
+- **Validation**: Stale items in the cache can be validated in order
+ to refresh their expiration time. Validation involves checking in
+ with the origin server to see if the cached content still represents
+ the most recent version of item.
+- **Invalidation**: Invalidation is the process of removing content
+ from the cache before its specified expiration date. This is
+ necessary if the item has been changed on the origin server and
+ having an outdated item in cache would cause significant issues for
+ the client.
+
+There are plenty of other caching terms, but the ones above should help
+you get started.
+
+What Can be Cached?
+-------------------
+
+Certain content lends itself more readily to caching than others. Some
+very cache-friendly content for most sites are:
+
+- Logos and brand images
+- Non-rotating images in general (navigation icons, for example)
+- Style sheets
+- General Javascript files
+- Downloadable Content
+- Media Files
+
+These tend to change infrequently, so they can benefit from being cached
+for longer periods of time.
+
+Some items that you have to be careful in caching are:
+
+- HTML pages
+- Rotating images
+- Frequently modified Javascript and CSS
+- Content requested with authentication cookies
+
+Some items that should almost never be cached are:
+
+- Assets related to sensitive data (banking info, etc.)
+- Content that is user-specific and frequently changed
+
+In addition to the above general rules, it's possible to specify
+policies that allow you to cache different types of content
+appropriately. For instance, if authenticated users all see the same
+view of your site, it may be possible to cache that view anywhere. If
+authenticated users see a user-sensitive view of the site that will be
+valid for some time, you may tell the user's browser to cache, but tell
+any intermediary caches not to store the view.
+
+Locations Where Web Content Is Cached
+-------------------------------------
+
+Content can be cached at many different points throughout the delivery
+chain:
+
+- **Browser cache**: Web browsers themselves maintain a small cache.
+ Typically, the browser sets a policy that dictates the most
+ important items to cache. This may be user-specific content or
+ content deemed expensive to download and likely to be requested
+ again.
+- **Intermediary caching proxies**: Any server in between the client
+ and your infrastructure can cache certain content as desired. These
+ caches may be maintained by ISPs or other independent parties.
+- **Reverse Cache**: Your server infrastructure can implement its own
+ cache for backend services. This way, content can be served from the
+ point-of-contact instead of hitting backend servers on each request.
+
+Each of these locations can and often do cache items according to their
+own caching policies and the policies set at the content origin.
+
+Caching Headers
+---------------
+
+Caching policy is dependent upon two different factors. The caching
+entity itself gets to decide whether or not to cache acceptable content.
+It can decide to cache less than it is allowed to cache, but never more.
+
+The majority of caching behavior is determined by the caching policy,
+which is set by the content owner. These policies are mainly articulated
+through the use of specific HTTP headers.
+
+Through various iterations of the HTTP protocol, a few different
+cache-focused headers have arisen with varying levels of sophistication.
+The ones you probably still need to pay attention to are below:
+
+- **`Expires`**: The `Expires` header is very straight-forward,
+ although fairly limited in scope. Basically, it sets a time in the
+ future when the content will expire. At this point, any requests for
+ the same content will have to go back to the origin server. This
+ header is probably best used only as a fall back.
+- **`Cache-Control`**: This is the more modern replacement for the
+ `Expires` header. It is well supported and implements a much more
+ flexible design. In almost all cases, this is preferable to
+ `Expires`, but it may not hurt to set both values. We will discuss
+ the specifics of the options you can set with `Cache-Control` a bit
+ later.
+- **`Etag`**: The `Etag` header is used with cache validation. The
+ origin can provide a unique `Etag` for an item when it initially
+ serves the content. When a cache needs to validate the content it
+ has on-hand upon expiration, it can send back the `Etag` it has for
+ the content. The origin will either tell the cache that the content
+ is the same, or send the updated content (with the new `Etag`).
+- **`Last-Modified`**: This header specifies the last time that the
+ item was modified. This may be used as part of the validation
+ strategy to ensure fresh content.
+- **`Content-Length`**: While not specifically involved in caching,
+ the `Content-Length` header is important to set when defining
+ caching policies. Certain software will refuse to cache content if
+ it does not know in advanced the size of the content it will need to
+ reserve space for.
+- **`Vary`**: A cache typically uses the requested host and the path
+ to the resource as the key with which to store the cache item. The
+ `Vary` header can be used to tell caches to pay attention to an
+ additional header when deciding whether a request is for the same
+ item. This is most commonly used to tell caches to key by the
+ `Accept-Encoding` header as well, so that the cache will know to
+ differentiate between compressed and uncompressed content.
+
+### An Aside about the Vary Header
+
+The `Vary` header provides you with the ability to store different
+versions of the same content at the expense of diluting the entries in
+the cache.
+
+In the case of `Accept-Encoding`, setting the `Vary` header allows for a
+critical distinction to take place between compressed and uncompressed
+content. This is needed to correctly serve these items to browsers that
+cannot handle compressed content and is necessary in order to provide
+basic usability. One characteristic that tells you that
+`Accept-Encoding` may be a good candidate for `Vary` is that it only has
+two or three possible values.
+
+Items like `User-Agent` might at first glance seem to be a good way to
+differentiate between mobile and desktop browsers to serve different
+versions of your site. However, since `User-Agent` strings are
+non-standard, the result will likely be many versions of the same
+content on intermediary caches, with a very low cache hit ratio. The
+`Vary` header should be used sparingly, especially if you do not have
+the ability to normalize the requests in intermediate caches that you
+control (which may be possible, for instance, if you leverage a content
+delivery network).
+
+How Cache-Control Flags Impact Caching
+--------------------------------------
+
+Above, we mentioned how the `Cache-Control` header is used for modern
+cache policy specification. A number of different policy instructions
+can be set using this header, with multiple instructions being separated
+by commas.
+
+Some of the `Cache-Control` options you can use to dictate your
+content's caching policy are:
+
+- **`no-cache`**: This instruction specifies that any cached content
+ must be re-validated on each request before being served to a
+ client. This, in effect, marks the content as stale immediately, but
+ allows it to use revalidation techniques to avoid re-downloading the
+ entire item again.
+- **`no-store`**: This instruction indicates that the content cannot
+ be cached in any way. This is appropriate to set if the response
+ represents sensitive data.
+- **`public`**: This marks the content as public, which means that it
+ can be cached by the browser and any intermediate caches. For
+ requests that utilized HTTP authentication, responses are marked
+ `private` by default. This header overrides that setting.
+- **`private`**: This marks the content as `private`. Private content
+ may be stored by the user's browser, but must *not* be cached by any
+ intermediate parties. This is often used for user-specific data.
+- **`max-age`**: This setting configures the maximum age that the
+ content may be cached before it must revalidate or re-download the
+ content from the origin server. In essence, this replaces the
+ `Expires` header for modern browsing and is the basis for
+ determining a piece of content's freshness. This option takes its
+ value in seconds with a maximum valid freshness time of one year
+ (31536000 seconds).
+- **`s-maxage`**: This is very similar to the `max-age` setting, in
+ that it indicates the amount of time that the content can be cached.
+ The difference is that this option is applied only to intermediary
+ caches. Combining this with the above allows for more flexible
+ policy construction.
+- **`must-revalidate`**: This indicates that the freshness information
+ indicated by `max-age`, `s-maxage` or the `Expires` header must be
+ obeyed strictly. Stale content cannot be served under any
+ circumstance. This prevents cached content from being used in case
+ of network interruptions and similar scenarios.
+- **`proxy-revalidate`**: This operates the same as the above setting,
+ but only applies to intermediary proxies. In this case, the user's
+ browser can potentially be used to serve stale content in the event
+ of a network interruption, but intermediate caches cannot be used
+ for this purpose.
+- **`no-transform`**: This option tells caches that they are not
+ allowed to modify the received content for performance reasons under
+ any circumstances. This means, for instance, that the cache is not
+ able to send compressed versions of content it did not receive from
+ the origin server compressed and is not allowed.
+
+These can be combined in different ways to achieve various caching
+behavior. Some mutually exclusive values are:
+
+- `no-cache`, `no-store`, and the regular caching behavior indicated
+ by absence of either
+- `public` and `private`
+
+The `no-store` option supersedes the `no-cache` if both are present. For
+responses to unauthenticated requests, `public` is implied. For
+responses to authenticated requests, `private` is implied. These can be
+overridden by including the opposite option in the `Cache-Control`
+header.
+
+Developing a Caching Strategy
+-----------------------------
+
+In a perfect world, everything could be cached aggressively and your
+servers would only be contacted to validate content occasionally. This
+doesn't often happen in practice though, so you should try to set some
+sane caching policies that aim to balance between implementing long-term
+caching and responding to the demands of a changing site.
+
+### Common Issues
+
+There are many situations where caching cannot or should not be
+implemented due to how the content is produced (dynamically generated
+per user) or the nature of the content (sensitive banking information,
+for example). Another problem that many administrators face when setting
+up caching is the situation where older versions of your content are out
+in the wild, not yet stale, even though new versions have been
+published.
+
+These are both frequently encountered issues that can have serious
+impacts on cache performance and the accuracy of content you are
+serving. However, we can mitigate these issues by developing caching
+policies that anticipate these problems.
+
+### General Recommendations
+
+While your situation will dictate the caching strategy you use, the
+following recommendations can help guide you towards some reasonable
+decisions.
+
+There are certain steps that you can take to increase your cache hit
+ratio before worrying about the specific headers you use. Some ideas
+are:
+
+- **Establish specific directories for images, css, and shared
+ content**: Placing content into dedicated directories will allow you
+ to easily refer to them from any page on your site.
+- **Use the same URL to refer to the same items**: Since caches key
+ off of both the host and the path to the content requested, ensure
+ that you refer to your content in the same way on all of your pages.
+ The previous recommendation makes this significantly easier.
+- **Use CSS image sprites where possible**: CSS image sprites for
+ items like icons and navigation decrease the number of round trips
+ needed to render your site and allow your site to cache that single
+ sprite for a long time.
+- **Host scripts and external resources locally where possible**: If
+ you utilize javascript scripts and other external resources,
+ consider hosting those resources on your own servers if the correct
+ headers are not being provided upstream. Note that you will have to
+ be aware of any updates made to the resource upstream so that you
+ can update your local copy.
+- **Fingerprint cache items**: For static content like CSS and
+ Javascript files, it may be appropriate to fingerprint each item.
+ This means adding a unique identifier to the filename (often a hash
+ of the file) so that if the resource is modified, the new resource
+ name can be requested, causing the requests to correctly bypass the
+ cache. There are a variety of tools that can assist in creating
+ fingerprints and modifying the references to them within HTML
+ documents.
+
+In terms of selecting the correct headers for different items, the
+following can serve as a general reference:
+
+- **Allow all caches to store generic assets**: Static content and
+ content that is not user-specific can and should be cached at all
+ points in the delivery chain. This will allow intermediary caches to
+ respond with the content for multiple users.
+- **Allow browsers to cache user-specific assets**: For per-user
+ content, it is often acceptable and useful to allow caching within
+ the user's browser. While this content would not be appropriate to
+ cache on any intermediary caching proxies, caching in the browser
+ will allow for instant retrieval for users during subsequent visits.
+- **Make exceptions for essential time-sensitive content**: If you
+ have content that is time-sensitive, make an exception to the above
+ rules so that the out-dated content is not served in critical
+ situations. For instance, if your site has a shopping cart, it
+ should reflect the items in the cart immediately. Depending on the
+ nature of the content, the `no-cache` or `no-store` options can be
+ set in the `Cache-Control` header to achieve this.
+- **Always provide validators**: Validators allow stale content to be
+ refreshed without having to download the entire resource again.
+ Setting the `Etag` and the `Last-Modified` headers allow caches to
+ validate their content and re-serve it if it has not been modified
+ at the origin, further reducing load.
+- **Set long freshness times for supporting content**: In order to
+ leverage caching effectively, elements that are requested as
+ supporting content to fulfill a request should often have a long
+ freshness setting. This is generally appropriate for items like
+ images and CSS that are pulled in to render the HTML page requested
+ by the user. Setting extended freshness times, combined with
+ fingerprinting, allows caches to store these resources for long
+ periods of time. If the assets change, the modified fingerprint will
+ invalidate the cached item and will trigger a download of the new
+ content. Until then, the supporting items can be cached far into the
+ future.
+- **Set short freshness times for parent content**: In order to make
+ the above scheme work, the containing item must have relatively
+ short freshness times or may not be cached at all. This is typically
+ the HTML page that calls in the other assisting content. The HTML
+ itself will be downloaded frequently, allowing it to respond to
+ changes rapidly. The supporting content can then be cached
+ aggressively.
+
+The key is to strike a balance that favors aggressive caching where
+possible while leaving opportunities to invalidate entries in the future
+when changes are made. Your site will likely have a combination of:
+
+- Aggressively cached items
+- Cached items with a short freshness time and the ability to
+ re-validate
+- Items that should not be cached at all
+
+The goal is to move content into the first categories when possible
+while maintaining an acceptable level of accuracy.
+
+Conclusion
+----------
+
+Taking the time to ensure that your site has proper caching policies in
+place can have a significant impact on your site. Caching allows you to
+cut down on the bandwidth costs associated with serving the same content
+repeatedly. Your server will also be able to handle a greater amount of
+traffic with the same hardware. Perhaps most importantly, clients will
+have a faster experience on your site, which may lead them to return
+more frequently. While effective web caching is not a silver bullet,
+setting up appropriate caching policies can give you measurable gains
+with minimal work.
+
+
+---
+
+作者: [Justin Ellingwood](https://www.digitalocean.com/community/users/jellingwood)
+
+译者:[译者ID](https://github.com/译者ID)
+
+校对:[校对者ID](https://github.com/校对者ID)
+
+推荐:[royaso](https://github.com/royaso)
+
+via: https://www.digitalocean.com/community/tutorials/web-caching-basics-terminology-http-headers-and-caching-strategies
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+
diff --git a/sources/tech/20150108 Interface (NICs) Bonding in Linux using nmcli.md b/sources/tech/20150108 Interface (NICs) Bonding in Linux using nmcli.md
deleted file mode 100644
index fa02f19ce6..0000000000
--- a/sources/tech/20150108 Interface (NICs) Bonding in Linux using nmcli.md
+++ /dev/null
@@ -1,136 +0,0 @@
-Interface (NICs) Bonding in Linux using nmcli
-================================================================================
-Today, we'll learn how to perform Interface (NICs) bonding in our CentOS 7.x using nmcli (Network Manager Command Line Interface).
-
-NICs (Interfaces) bonding is a method for linking **NICs** together logically to allow fail-over or higher throughput. One of the ways to increase the network availability of a server is by using multiple network interfaces. The Linux bonding driver provides a method for aggregating multiple network interfaces into a single logical bonded interface. It is a new implementation that does not affect the older bonding driver in linux kernel; it offers an alternate implementation.
-
-**NIC bonding is done to provide two main benefits for us:**
-
-1. **High bandwidth**
-1. **Redundancy/resilience**
-
-Now lets configure NICs bonding in CentOS 7. We'll need to decide which interfaces that we would like to configure a Team interface.
-
-run **ip link** command to check the available interface in the system.
-
- $ ip link
-
-
-
-Here we are using **eno16777736** and **eno33554960** NICs to create a team interface in **activebackup** mode.
-
-Use **nmcli** command to create a connection for the network team interface,with the following syntax.
-
- # nmcli con add type team con-name CNAME ifname INAME [config JSON]
-
-Where **CNAME** will be the name used to refer the connection ,**INAME** will be the interface name and **JSON** (JavaScript Object Notation) specifies the runner to be used.**JSON** has the following syntax:
-
- '{"runner":{"name":"METHOD"}}'
-
-where **METHOD** is one of the following: **broadcast, activebackup, roundrobin, loadbalance** or **lacp**.
-
-### 1. Creating Team Interface ###
-
-Now let us create the team interface. here is the command we used to create the team interface.
-
- # nmcli con add type team con-name team0 ifname team0 config '{"runner":{"name":"activebackup"}}'
-
-
-
-run **# nmcli con show** command to verify the team configuration.
-
- # nmcli con show
-
-
-
-### 2. Adding Slave Devices ###
-
-Now lets add the slave devices to the master team0. here is the syntax for adding the slave devices.
-
- # nmcli con add type team-slave con-name CNAME ifname INAME master TEAM
-
-Here we are adding **eno16777736** and **eno33554960** as slave devices for **team0** interface.
-
- # nmcli con add type team-slave con-name team0-port1 ifname eno16777736 master team0
-
- # nmcli con add type team-slave con-name team0-port2 ifname eno33554960 master team0
-
-
-
-Verify the connection configuration using **#nmcli con show** again. now we could see the slave configuration.
-
- #nmcli con show
-
-
-
-### 3. Assigning IP Address ###
-
-All the above command will create the required configuration files under **/etc/sysconfig/network-scripts/**.
-
-Lets assign an IP address to this team0 interface and enable the connection now. Here is the command to perform the IP assignment.
-
- # nmcli con mod team0 ipv4.addresses "192.168.1.24/24 192.168.1.1"
- # nmcli con mod team0 ipv4.method manual
- # nmcli con up team0
-
-
-
-### 4. Verifying the Bonding ###
-
-Verify the IP address information in **#ip add show team0** command.
-
- #ip add show team0
-
-
-
-Now lets check the **activebackup** configuration functionality using the **teamdctl** command.
-
- # teamdctl team0 state
-
-
-
-Now lets disconnect the active port and check the state again. to confirm whether the active backup configuration is working as expected.
-
- # nmcli dev dis eno33554960
-
-
-
-disconnected the active port and now check the state again using **#teamdctl team0 state**.
-
- # teamdctl team0 state
-
-
-
-Yes its working cool !! we will connect the disconnected connection back to team0 using the following command.
-
- #nmcli dev con eno33554960
-
-
-
-We have one more command called **teamnl** let us show some options with **teamnl** command.
-
-to check the ports in team0 run the following command.
-
- # teamnl team0 ports
-
-
-
-Display currently active port of **team0**.
-
- # teamnl team0 getoption activeport
-
-
-
-Hurray, we have successfully configured NICs bonding :-) Please share feedback if any.
-
---------------------------------------------------------------------------------
-
-via: http://linoxide.com/linux-command/interface-nics-bonding-linux/
-
-作者:[Arun Pyasi][a]
-译者:[译者ID](https://github.com/译者ID)
-校对:[校对者ID](https://github.com/校对者ID)
-
-本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
-
-[a]:http://linoxide.com/author/arunp/
\ No newline at end of file
diff --git a/sources/tech/20150112 What are useful command-line network monitors on Linux.md b/sources/tech/20150112 What are useful command-line network monitors on Linux.md
deleted file mode 100644
index eeda3f0542..0000000000
--- a/sources/tech/20150112 What are useful command-line network monitors on Linux.md
+++ /dev/null
@@ -1,136 +0,0 @@
-translating by coloka
-What are useful command-line network monitors on Linux
-================================================================================
-Network monitoring is a critical IT function for businesses of all sizes. The goal of network monitoring can vary. For example, the monitoring activity can be part of long-term network provisioning, security protection, performance troubleshooting, network usage accounting, and so on. Depending on its goal, network monitoring is done in many different ways, such as performing packet-level sniffing, collecting flow-level statistics, actively injecting probes into the network, parsing server logs, etc.
-
-While there are many dedicated network monitoring systems capable of 24/7/365 monitoring, you can also leverage command-line network monitors in certain situations, where a dedicated monitor is an overkill. If you are a system admin, you are expected to have hands-on experience with some of well known CLI network monitors. Here is a list of **popular and useful command-line network monitors on Linux**.
-
-### Packet-Level Sniffing ###
-
-In this category, monitoring tools capture individual packets on the wire, dissect their content, and display decoded packet content or packet-level statistics. These tools conduct network monitoring from the lowest level, and as such, can possibly do the most fine-grained monitoring at the cost of network I/O and analysis efforts.
-
-1. **dhcpdump**: a comman-line DHCP traffic sniffer capturing DHCP request/response traffic, and displays dissected DHCP protocol messages in a human-friendly format. It is useful when you are troubleshooting DHCP related issues.
-
-2. **[dsniff][1]**: a collection of command-line based sniffing, spoofing and hijacking tools designed for network auditing and penetration testing. They can sniff various information such as passwords, NSF traffic, email messages, website URLs, and so on.
-
-3. **[httpry][2]**: an HTTP packet sniffer which captures and decode HTTP requests and response packets, and display them in a human-readable format.
-
-4. **IPTraf**: a console-based network statistics viewer. It displays packet-level, connection-level, interface-level, protocol-level packet/byte counters in real-time. Packet capturing can be controlled by protocol filters, and its operation is full menu-driven.
-
-
-
-5. **[mysql-sniffer][3]**: a packet sniffer which captures and decodes packets associated with MySQL queries. It displays the most frequent or all queries in a human-readable format.
-
-6. **[ngrep][4]**: grep over network packets. It can capture live packets, and match (filtered) packets against regular expressions or hexadecimal expressions. It is useful for detecting and storing any anomalous traffic, or for sniffing particular patterns of information from live traffic.
-
-7. **[p0f][5]**: a passive fingerprinting tool which, based on packet sniffing, reliably identifies operating systems, NAT or proxy settings, network link types and various other properites associated with an active TCP connection.
-
-8. **pktstat**: a command-line tool which analyzes live packets to display connection-level bandwidth usages as well as descriptive information of protocols involved (e.g., HTTP GET/POST, FTP, X11).
-
-
-
-9. **Snort**: an intrusion detection and prevention tool which can detect/prevent a variety of backdoor, botnets, phishing, spyware attacks from live traffic based on rule-driven protocol analysis and content matching.
-
-10. **tcpdump**: a command-line packet sniffer which is capable of capturing nework packets on the wire based on filter expressions, dissect the packets, and dump the packet content for packet-level analysis. It is widely used for any kinds of networking related troubleshooting, network application debugging, or [security][6] monitoring.
-
-11. **tshark**: a command-line packet sniffing tool that comes with Wireshark GUI program. It can capture and decode live packets on the wire, and show decoded packet content in a human-friendly fashion.
-
-### Flow-/Process-/Interface-Level Monitoring ###
-
-In this category, network monitoring is done by classifying network traffic into flows, associated processes or interfaces, and collecting per-flow, per-process or per-interface statistics. Source of information can be libpcap packet capture library or sysfs kernel virtual filesystem. Monitoring overhead of these tools is low, but packet-level inspection capabilities are missing.
-
-12. **bmon**: a console-based bandwidth monitoring tool which shows various per-interface information, including not-only aggregate/average RX/TX statistics, but also a historical view of bandwidth usage.
-
-
-
-13. **[iftop][7]**: a bandwidth usage monitoring tool that can shows bandwidth usage for individual network connections in real time. It comes with ncurses-based interface to visualize bandwidth usage of all connections in a sorted order. It is useful for monitoring which connections are consuming the most bandwidth.
-
-14. **nethogs**: a process monitoring tool which offers a real-time view of upload/download bandwidth usage of individual processes or programs in an ncurses-based interface. This is useful for detecting bandwidth hogging processes.
-
-15. **netstat**: a command-line tool that shows various statistics and properties of the networking stack, such as open TCP/UDP connections, network interface RX/TX statistics, routing tables, protocol/socket statistics. It is useful when you diagnose performance and resource usage related problems of the networking stack.
-
-16. **[speedometer][8]**: a console-based traffic monitor which visualizes the historical trend of an interface's RX/TX bandwidth usage with ncurses-drawn bar charts.
-
-
-
-17. **[sysdig][9]**: a comprehensive system-level debugging tool with a unified interface for investigating different Linux subsystems. Its network monitoring module is capable of monitoring, either online or offline, various per-process/per-host networking statistics such as bandwidth usage, number of connections/requests, etc.
-
-18. **tcptrack**: a TCP connection monitoring tool which displays information of active TCP connections, including source/destination IP addresses/ports, TCP state, and bandwidth usage.
-
-
-
-19. **vnStat**: a command-line traffic monitor which maintains a historical view of RX/TX bandwidh usage (e.g., current, daily, monthly) on a per-interface basis. Running as a background daemon, it collects and stores interface statistics on bandwidth rate and total bytes transferred.
-
-### Active Network Monitoring ###
-
-Unlike passive monitoring tools presented so far, tools in this category perform network monitoring by actively "injecting" probes into the network and collecting corresponding responses. Monitoring targets include routing path, available bandwidth, loss rates, delay, jitter, system settings or vulnerabilities, and so on.
-
-20. **[dnsyo][10]**: a DNS monitoring tool which can conduct DNS lookup from open resolvers scattered across more than 1,500 different networks. It is useful when you check DNS propagation or troubleshoot DNS configuration.
-
-21. **[iperf][11]**: a TCP/UDP bandwidth measurement utility which can measure maximum available bandwidth between two end points. It measures available bandwidth by having two hosts pump out TCP/UDP probe traffic between them either unidirectionally or bi-directionally. It is useful when you test the network capacity, or tune the parameters of network stack. A variant called [netperf][12] exists with more features and better statistics.
-
-22. **[netcat][13]/socat**: versatile network debugging tools capable of reading from, writing to, or listen on TCP/UDP sockets. They are often used alongside with other programs or scripts for backend network transfer or port listening.
-
-23. **nmap**: a command-line port scanning and network discovery utility. It relies on a number of TCP/UDP based scanning techniques to detect open ports, live hosts, or existing operating systems on the local network. It is useful when you audit local hosts for vulnerabilities or build a host map for maintenance purpose. [zmap][14] is an alernative scanning tool with Internet-wide scanning capability.
-
-24. ping: a network testing tool which works by exchaning ICMP echo and reply packets with a remote host. It is useful when you measure round-trip-time (RTT) delay and loss rate of a routing path, as well as test the status or firewall rules of a remote system. Variations of ping exist with fancier interface (e.g., [noping][15]), multi-protocol support (e.g., [hping][16]) or parallel probing capability (e.g., [fping][17]).
-
-
-
-25. **[sprobe][18]**: a command-line tool that heuristically infers the bottleneck bandwidth between a local host and any arbitrary remote IP address. It uses TCP three-way handshake tricks to estimate the bottleneck bandwidth. It is useful when troubleshooting wide-area network performance and routing related problems.
-
-26. **traceroute**: a network discovery tool which reveals a layer-3 routing/forwarding path from a local host to a remote host. It works by sending TTL-limited probe packets and collecting ICMP responses from intermediate routers. It is useful when troubleshooting slow network connections or routing related problems. Variations of traceroute exist with better RTT statistics (e.g., [mtr][19]).
-
-### Application Log Parsing ###
-
-In this category, network monitoring is targeted at a specific server application (e.g., web server or database server). Network traffic generated or consumed by a server application is monitored by analyzing its log file. Unlike network-level monitors presented in earlier categories, tools in this category can analyze and monitor network traffic from application-level.
-
-27. **[GoAccess][20]**: a console-based interactive viewer for Apache and Nginx web server traffic. Based on access log analysis, it presents a real-time statistics of a number of metrics including daily visits, top requests, client operating systems, client locations, client browsers, in a scrollable view.
-
-
-
-28. **[mtop][21]**: a command-line MySQL/MariaDB server moniter which visualizes the most expensive queries and current database server load. It is useful when you optimize MySQL server performance and tune server configurations.
-
-
-
-29. **[ngxtop][22]**: a traffic monitoring tool for Nginx and Apache web server, which visualizes web server traffic in a top-like interface. It works by parsing a web server's access log file and collecting traffic statistics for individual destinations or requests.
-
-### Conclusion ###
-
-In this article, I presented a wide variety of command-line network monitoring tools, ranging from the lowest packet-level monitors to the highest application-level network monitors. Knowing which tool does what is one thing, and choosing which tool to use is another, as any single tool cannot be a universal solution for your every need. A good system admin should be able to decide which tool is right for the circumstance at hand. Hopefully the list helps with that.
-
-You are always welcome to improve the list with your comment!
-
---------------------------------------------------------------------------------
-
-via: http://xmodulo.com/useful-command-line-network-monitors-linux.html
-
-作者:[Dan Nanni][a]
-译者:[译者ID](https://github.com/译者ID)
-校对:[校对者ID](https://github.com/校对者ID)
-
-本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
-
-[a]:http://xmodulo.com/author/nanni
-[1]:http://www.monkey.org/~dugsong/dsniff/
-[2]:http://xmodulo.com/monitor-http-traffic-command-line-linux.html
-[3]:https://github.com/zorkian/mysql-sniffer
-[4]:http://ngrep.sourceforge.net/
-[5]:http://lcamtuf.coredump.cx/p0f3/
-[6]:http://xmodulo.com/recommend/firewallbook
-[7]:http://xmodulo.com/how-to-install-iftop-on-linux.html
-[8]:https://excess.org/speedometer/
-[9]:http://xmodulo.com/monitor-troubleshoot-linux-server-sysdig.html
-[10]:http://xmodulo.com/check-dns-propagation-linux.html
-[11]:https://iperf.fr/
-[12]:http://www.netperf.org/netperf/
-[13]:http://xmodulo.com/useful-netcat-examples-linux.html
-[14]:https://zmap.io/
-[15]:http://noping.cc/
-[16]:http://www.hping.org/
-[17]:http://fping.org/
-[18]:http://sprobe.cs.washington.edu/
-[19]:http://xmodulo.com/better-alternatives-basic-command-line-utilities.html#mtr_link
-[20]:http://goaccess.io/
-[21]:http://mtop.sourceforge.net/
-[22]:http://xmodulo.com/monitor-nginx-web-server-command-line-real-time.html
\ No newline at end of file
diff --git a/sources/tech/20150123 How to make a file immutable on Linux.md b/sources/tech/20150123 How to make a file immutable on Linux.md
index 7d46d1de68..622cc4e5b3 100644
--- a/sources/tech/20150123 How to make a file immutable on Linux.md
+++ b/sources/tech/20150123 How to make a file immutable on Linux.md
@@ -1,5 +1,3 @@
-Translating by Medusar
-
How to make a file immutable on Linux
================================================================================
Suppose you want to write-protect some important files on Linux, so that they cannot be deleted or tampered with by accident or otherwise. In other cases, you may want to prevent certain configuration files from being overwritten automatically by software. While changing their ownership or permission bits on the files by using chown or chmod is one way to deal with this situation, this is not a perfect solution as it cannot prevent any action done with root privilege. That is when chattr comes in handy.
diff --git a/sources/tech/20150126 Installing Cisco Packet tracer in Linux.md b/sources/tech/20150126 Installing Cisco Packet tracer in Linux.md
index edac7a7490..539a624e1f 100644
--- a/sources/tech/20150126 Installing Cisco Packet tracer in Linux.md
+++ b/sources/tech/20150126 Installing Cisco Packet tracer in Linux.md
@@ -1,3 +1,5 @@
+[Translating by DongShuaike]
+
Installing Cisco Packet tracer in Linux
================================================================================
@@ -194,4 +196,4 @@ via: http://www.unixmen.com/installing-cisco-packet-tracer-linux/
[1]:https://www.netacad.com/
[2]:https://www.dropbox.com/s/5evz8gyqqvq3o3v/Cisco%20Packet%20Tracer%206.1.1%20Linux.tar.gz?dl=0
[3]:http://www.oracle.com/technetwork/java/javase/downloads/jre8-downloads-2133155.html
-[4]:https://www.netacad.com/
\ No newline at end of file
+[4]:https://www.netacad.com/
diff --git a/sources/tech/20150126 iptraf--A TCP or UDP Network Monitoring Utility.md b/sources/tech/20150126 iptraf--A TCP or UDP Network Monitoring Utility.md
index f39d53a47d..01a9dc18f9 100644
--- a/sources/tech/20150126 iptraf--A TCP or UDP Network Monitoring Utility.md
+++ b/sources/tech/20150126 iptraf--A TCP or UDP Network Monitoring Utility.md
@@ -1,4 +1,4 @@
-Ping -- Translating
+[Trnslating by DongShuaike]
iptraf: A TCP/UDP Network Monitoring Utility
================================================================================
diff --git a/sources/tech/20150128 Docker-2 Setting up a private Docker registry.md b/sources/tech/20150128 Docker-2 Setting up a private Docker registry.md
deleted file mode 100644
index 9a9341b4b7..0000000000
--- a/sources/tech/20150128 Docker-2 Setting up a private Docker registry.md
+++ /dev/null
@@ -1,241 +0,0 @@
-Setting up a private Docker registry
-================================================================================
-
-
-[TL;DR] This is the second post in a series of 3 on how my company moved its infrastructure from PaaS to Docker based deployment.
-
-- [First part][1]: where I talk about the process we went thru before approaching Docker;
-- [Third pard][2]: where I show how to automate the entire process of building images and deploying a Rails app with Docker.
-
-----------
-
-Why would ouy want ot set up a provate registry? Well, for starters, Docker Hub only allows you to have one free private repo. Other companies are beginning to offer similar services, but they are all not very cheap. In addition, if you need to deploy production ready applications built with Docker, you might not want to publish those images on the public Docker Hub.
-
-This is a very pragmatic approach to dealing with the intricacies of setting up a private Docker registry. For the tutorial we will be using a small 512MB instance on DigitalOcean (from now on DO). I also assume you already know the basics of Docker since I will be concentrating on some more complicated stuff.
-
-### Local set up ###
-
-First of all you need to install **boot2docker** and docker CLI. If you already have your basic Docker environment up and running, you can just skip to the next section.
-
-From the terminal run the following command[1][3]:
-
- brew install boot2docker docker
-
-If everything is ok[2][4], you will now be able to start the VM inside which Docker will run with the following command:
-
- boot2docker up
-
-Follow the instructions, copy and paste the export commands that boot2docker will print in the terminal. If you now run `docker ps` you should be greeted by the following line
-
- CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
-
-Ok, Docker is ready to go. This will be enough for the moment. Let's go back to setting up the registry.
-
-### Creating the server ###
-
-Log into you DO account and create a new Droplet by selecting an image with Docker pre-installed[^n].
-
-
-
-You should receive your root credentials via email. Log into your instance and run `docker ps` to see if eveything is ok.
-
-### Setting up AWS S3 ###
-
-We are going to use Amazon Simple Storage Service (S3) as the storage layer for our registry / repository. We will need to create a bucket and user credentials to allow our docker container accessoing it.
-
-Login into your AWS account (if you don't have one you can set one up at [http://aws.amazon.com/][5]) and from the console select S3 (Simple Storage Service).
-
-
-
-Click on **Create Bucket**, enter a unique name for your bucket (and write it down, we're gonna need it later), then click on **Create**.
-
-
-
-That's it! We're done setting up the storage part.
-
-### Setup AWS access credentials ###
-
-We are now going to create a new user. Go back to your AWS console and select IAM (Identity & Access Management).
-
-
-
-In the dashboard, on the left side of the webpage, you should click on Users. Then select **Create New Users**.
-
-You should be presented with the following screen:
-
-
-
-Enter a name for your user (e.g. docker-registry) and click on Create. Write down (or download the csv file with) your Access Key and Secret Access Key that we'll need when running the Docker container. Go back to your users list and select the one you just created.
-
-Under the Permission section, click on Attach User Policy. In the next screen, you will be presented with multiple choices: select Custom Policy.
-
-
-
-Here's the content of the custom policy:
-
- {
- "Version": "2012-10-17",
- "Statement": [
- {
- "Sid": "SomeStatement",
- "Effect": "Allow",
- "Action": [
- "s3:*"
- ],
- "Resource": [
- "arn:aws:s3:::docker-registry-bucket-name/*",
- "arn:aws:s3:::docker-registry-bucket-name"
- ]
- }
- ]
- }
-
-This will allow the user (i.e. the registry) to manage (read/write) content on the bucket (make sure to use the bucket name you previously defined when setting up AWS S3). To sum it up: when you'll be pushing Docker images from your local machine to your repository, the server will be able to upload them to S3.
-
-### Installing the registry ###
-
-Now let's head back to our DO server and SSH into it. We are going to use[^n] one of the [official Docker registry images][6].
-
-Let's start our registry with the following command:
-
- docker run \
- -e SETTINGS_FLAVOR=s3 \
- -e AWS_BUCKET=bucket-name \
- -e STORAGE_PATH=/registry \
- -e AWS_KEY=your_aws_key \
- -e AWS_SECRET=your_aws_secret \
- -e SEARCH_BACKEND=sqlalchemy \
- -p 5000:5000 \
- --name registry \
- -d \
- registry
-
-Docker should pull the required fs layers from the Docker Hub and eventually start the daemonised container.
-
-### Testing the registry ###
-
-If everything worked out, you should now be able to test the registry by pinging it and by searching its content (though for the time being it's still empty).
-
-Our registry is very basic and it does not provide any means of authentication. Since there are no easy ways of adding authentication (at least none that I'm aware of that are easy enough to implment in order to justify the effort), I've decided that the easiest way of querying / pulling / pushing the registry is an unsecure (over HTTP) connection tunneled thru SSH.
-
-Opening an SSH tunnel from your local machine is straightforward:
-
- ssh -N -L 5000:localhost:5000 root@your_registry.com
-
-The command is tunnelling connections over SSH from port 5000 of the registry server (which is the one we exposed with the `docker run` command in the previous paragraph) to port 5000 on the localhost.
-
-If you now browse to the following address [http://localhost:5000/v1/_ping][7] you should get the following very simple response
-
- {}
-
-This just means that the registry is working correctly. You can also list the whole content of the registry by browsing to [http://localhost:5000/v1/search][8] that will get you a similar response:
-
- {
- "num_results": 2,
- "query": "",
- "results": [
- {
- "description": "",
- "name": "username/first-repo"
- },
- {
- "description": "",
- "name": "username/second-repo"
- }
- ]
- }
-
-### Building an image ###
-
-Let's now try and build a very simple Docker image to test our newly installed registry. On your local machine, create a Dockerfile with the following content[^n]:
-
- # Base image with ruby 2.2.0
- FROM ruby:2.2.0
-
- MAINTAINER Michelangelo Chasseur
-
-...and build it:
-
- docker build -t localhost:5000/username/repo-name .
-
-The `localhost:5000` part is especially important: the first part of the name of a Docker image will tell the `docker push` command the endpoint towards which we are trying to push our image. In our case, since we are connecting to our remote private registry via an SSH tunnel, `localhost:5000` represents exactly the reference to our registry.
-
-If everything works as expected, when the command returns, you should be able to list your newly created image with the `docker images` command. Run it and see it for yourself.
-
-### Pushing to the registry ###
-
-Now comes the trickier part. It took a me a while to realize what I'm about to describe, so just be patient if you don't get it the first time you read and try to follow along. I know that all this stuff will seem pretty complicated (and it would be if you didn't automate the process), but I promise in the end it will all make sense. In the next post I will show a couple of shell scripts and Rake tasks that will automate the whole process and will let you deploy a Rails to your registry app with a single easy command.
-
-The docker command you are running from your terminal is actually using the boot2docker VM to run the containers and do all the magic stuff. So when we run a command like `docker push some_repo` what is actually happening is that it's the boot2docker VM that is reacing out for the registry, not our localhost.
-
-This is an extremely important point to understand: in order to push the Docker image to the remote private registry, the SSH tunnel needs to be established from the boot2docker VM and not from your local machine.
-
-There are a couple of ways to go with it. I will show you the shortest one (which is not probably the easiest to understand, but it's the one that will let us automate the process with shell scripts).
-
-First of all though we need to sort one last thing with SSH.
-
-### Setting up SSH ###
-
-Let's add our boot2docker SSH key to our remote server (registry) known hosts. We can do so using the ssh-copy-id utility that you can install with the following command shouldn't you already have it:
-
- brew install ssh-copy-id
-
-Then run:
-
- ssh-copy-id -i /Users/username/.ssh/id_boot2docker root@your-registry.com
-
-Make sure to substitute `/Users/username/.ssh/id_boot2docker` with the correct path of your ssh key.
-
-This will allow us to connect via SSH to our remote registry without being prompted for the password.
-
-Finally let's test it out:
-
- boot2docker ssh "ssh -o 'StrictHostKeyChecking no' -i /Users/michelangelo/.ssh/id_boot2docker -N -L 5000:localhost:5000 root@registry.touchwa.re &" &
-
-To break things out a little bit:
-
-- `boot2docker ssh` lets you pass a command as a parameter that will be executed by the boot2docker VM;
-- the final `&` indicates that we want our command to be executed in the background;
-- `ssh -o 'StrictHostKeyChecking no' -i /Users/michelangelo/.ssh/id_boot2docker -N -L 5000:localhost:5000 root@registry.touchwa.re &` is the actual command our boot2docker VM will run;
- - the `-o 'StrictHostKeyChecking no'` will make sure that we are not prompted with security questions;
- - the `-i /Users/michelangelo/.ssh/id_boot2docker` indicates which SSH key we want our VM to use for authentication purposes (note that this should be the key you added to your remote registry in the previous step);
- - finally we are opening a tunnel on mapping port 5000 to localhost:5000.
-
-### Pulling from another server ###
-
-You should now be able to push your image to the remote registry by simply issuing the following command:
-
- docker push localhost:5000/username/repo_name
-
-In the [next post][9] we'll se how to automate some of this stuff and we'll containerize a real Rails application. Stay tuned!
-
-P.S. Please use the comments to let me know of any inconsistencies or fallacies in my tutorial. Hope you enjoyed it!
-
-1. I'm also assuming you are running on OS X.
-1. For a complete list of instructions to set up your docker environment and requirements, please visit [http://boot2docker.io/][10]
-1. Select Image > Applications > Docker 1.4.1 on 14.04 at the time of this writing.
-1. [https://github.com/docker/docker-registry/][11]
-1. This is just a stub, in the next post I will show you how to bundle a Rails application into a Docker container.
-
---------------------------------------------------------------------------------
-
-via: http://cocoahunter.com/2015/01/23/docker-2/
-
-作者:[Michelangelo Chasseur][a]
-译者:[译者ID](https://github.com/译者ID)
-校对:[校对者ID](https://github.com/校对者ID)
-
-本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
-
-[a]:http://cocoahunter.com/author/michelangelo/
-[1]:http://cocoahunter.com/2015/01/23/docker-1/
-[2]:http://cocoahunter.com/2015/01/23/docker-3/
-[3]:http://cocoahunter.com/2015/01/23/docker-2/#fn:1
-[4]:http://cocoahunter.com/2015/01/23/docker-2/#fn:2
-[5]:http://aws.amazon.com/
-[6]:https://registry.hub.docker.com/_/registry/
-[7]:http://localhost:5000/v1/_ping
-[8]:http://localhost:5000/v1/search
-[9]:http://cocoahunter.com/2015/01/23/docker-3/
-[10]:http://boot2docker.io/
-[11]:https://github.com/docker/docker-registry/
\ No newline at end of file
diff --git a/sources/tech/20150128 Docker-3 Automated Docker-based Rails deployments.md b/sources/tech/20150128 Docker-3 Automated Docker-based Rails deployments.md
deleted file mode 100644
index f450361a68..0000000000
--- a/sources/tech/20150128 Docker-3 Automated Docker-based Rails deployments.md
+++ /dev/null
@@ -1,253 +0,0 @@
-Automated Docker-based Rails deployments
-================================================================================
-
-
-[TL;DR] This is the third post in a series of 3 on how my company moved its infrastructure from PaaS to Docker based deployment.
-
-- [First part][1]: where I talk about the process we went thru before approaching Docker;
-- [Second part][2]: where I explain how setting up a private registry for in house secure deployments.
-
-----------
-
-In this final part we will see how to automate the whole deployment process with a real world (though very basic) example.
-
-### Basic Rails app ###
-
-Let's dive into the topic right away and bootstrap a basic Rails app. For the purpose of this demonstration I'm going to use Ruby 2.2.0 and Rails 4.1.1
-
-From the terminal run:
-
- $ rvm use 2.2.0
- $ rails new && cd docker-test
-
-Let's create a basic controller:
-
- $ rails g controller welcome index
-
-...and edit `routes.rb` so that the root of the project will point to our newly created welcome#index method:
-
- root 'welcome#index'
-
-Running `rails s` from the terminal and browsing to [http://localhost:3000][3] should bring you to the index page. We're not going to make anything fancier to the app, it's just a basic example to prove that when we'll build and deploy the container everything is working.
-
-### Setup the webserver ###
-
-We are going to use Unicorn as our webserver. Add `gem 'unicorn'` and `gem 'foreman'` to the Gemfile and bundle it up (run `bundle install` from the command line).
-
-Unicorn needs to be configured when the Rails app launches, so let's put a **unicorn.rb** file inside the **config** directory. [Here is an example][4] of a Unicorn configuration file. You can just copy & paste the content of the Gist.
-
-Let's also add a Procfile with the following content inside the root of the project so that we will be able to start the app with foreman:
-
- web: bundle exec unicorn -p $PORT -c ./config/unicorn.rb
-
-If you now try to run the app with **foreman start** everything should work as expected and you should have a running app on [http://localhost:5000][5]
-
-### Building a Docker image ###
-
-Now let's build the image inside which our app is going to live. In the root of our Rails project, create a file named **Dockerfile** and paste in it the following:
-
- # Base image with ruby 2.2.0
- FROM ruby:2.2.0
-
- # Install required libraries and dependencies
- RUN apt-get update && apt-get install -qy nodejs postgresql-client sqlite3 --no-install-recommends && rm -rf /var/lib/apt/lists/*
-
- # Set Rails version
- ENV RAILS_VERSION 4.1.1
-
- # Install Rails
- RUN gem install rails --version "$RAILS_VERSION"
-
- # Create directory from where the code will run
- RUN mkdir -p /usr/src/app
- WORKDIR /usr/src/app
-
- # Make webserver reachable to the outside world
- EXPOSE 3000
-
- # Set ENV variables
- ENV PORT=3000
-
- # Start the web app
- CMD ["foreman","start"]
-
- # Install the necessary gems
- ADD Gemfile /usr/src/app/Gemfile
- ADD Gemfile.lock /usr/src/app/Gemfile.lock
- RUN bundle install --without development test
-
- # Add rails project (from same dir as Dockerfile) to project directory
- ADD ./ /usr/src/app
-
- # Run rake tasks
- RUN RAILS_ENV=production rake db:create db:migrate
-
-Using the provided Dockerfile, let's try and build an image with the following command[1][7]:
-
- $ docker build -t localhost:5000/your_username/docker-test .
-
-And again, if everything worked out correctly, the last line of the long log output should read something like:
-
- Successfully built 82e48769506c
- $ docker images
- REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
- localhost:5000/your_username/docker-test latest 82e48769506c About a minute ago 884.2 MB
-
-Let's try and run the container!
-
- $ docker run -d -p 3000:3000 --name docker-test localhost:5000/your_username/docker-test
-
-You should be able to reach your Rails app running inside the Docker container at port 3000 of your boot2docker VM[2][8] (in my case [http://192.168.59.103:3000][6]).
-
-### Automating with shell scripts ###
-
-Since you should already know from the previous post3 how to push your newly created image to a private regisitry and deploy it on a server, let's skip this part and go straight to automating the process.
-
-We are going to define 3 shell scripts and finally tie it all together with rake.
-
-### Clean ###
-
-Every time we build our image and deploy we are better off always clean everything. That means the following:
-
-- stop (if running) and restart boot2docker;
-- remove orphaned Docker images (images that are without tags and that are no longer used by your containers).
-
-Put the following into a **clean.sh** file in the root of your project.
-
- echo Restarting boot2docker...
- boot2docker down
- boot2docker up
-
- echo Exporting Docker variables...
- sleep 1
- export DOCKER_HOST=tcp://192.168.59.103:2376
- export DOCKER_CERT_PATH=/Users/user/.boot2docker/certs/boot2docker-vm
- export DOCKER_TLS_VERIFY=1
-
- sleep 1
- echo Removing orphaned images without tags...
- docker images | grep "" | awk '{print $3}' | xargs docker rmi
-
-Also make sure to make the script executable:
-
- $ chmod +x clean.sh
-
-### Build ###
-
-The build process basically consists in reproducing what we just did before (docker build). Create a **build.sh** script at the root of your project with the following content:
-
- docker build -t localhost:5000/your_username/docker-test .
-
-Make the script executable.
-
-### Deploy ###
-
-Finally, create a **deploy.sh** script with this content:
-
- # Open SSH connection from boot2docker to private registry
- boot2docker ssh "ssh -o 'StrictHostKeyChecking no' -i /Users/username/.ssh/id_boot2docker -N -L 5000:localhost:5000 root@your-registry.com &" &
-
- # Wait to make sure the SSH tunnel is open before pushing...
- echo Waiting 5 seconds before pushing image.
-
- echo 5...
- sleep 1
- echo 4...
- sleep 1
- echo 3...
- sleep 1
- echo 2...
- sleep 1
- echo 1...
- sleep 1
-
- # Push image onto remote registry / repo
- echo Starting push!
- docker push localhost:5000/username/docker-test
-
-If you don't understand what's going on here, please make sure you've read thoroughfully [part 2][9] of this series of posts.
-
-Make the script executable.
-
-### Tying it all together with rake ###
-
-Having 3 scripts would now require you to run them individually each time you decide to deploy your app:
-
-1. clean
-1. build
-1. deploy / push
-
-That wouldn't be much of an effort, if it weren't for the fact that developers are lazy! And lazy be it, then!
-
-The final step to wrap things up, is tying the 3 parts together with rake.
-
-To make things even simpler you can just append a bunch of lines of code to the end of the already present Rakefile in the root of your project. Open the Rakefile file - pun intended :) - and paste the following:
-
- namespace :docker do
- desc "Remove docker container"
- task :clean do
- sh './clean.sh'
- end
-
- desc "Build Docker image"
- task :build => [:clean] do
- sh './build.sh'
- end
-
- desc "Deploy Docker image"
- task :deploy => [:build] do
- sh './deploy.sh'
- end
- end
-
-Even if you don't know rake syntax (which you should, because it's pretty awesome!), it's pretty obvious what we are doing. We have declared 3 tasks inside a namespace (docker).
-
-This will create the following 3 tasks:
-
-- rake docker:clean
-- rake docker:build
-- rake docker:deploy
-
-Deploy is dependent on build, build is dependent on clean. So every time we run from the command line
-
- $ rake docker:deploy
-
-All the script will be executed in the required order.
-
-### Test it ###
-
-To see if everything is working, you just need to make a small change in the code of your app and run
-
- $ rake docker:deploy
-
-and see the magic happening. Once the image has been uploaded (and the first time it could take quite a while), you can ssh into your production server and pull (thru an SSH tunnel) the docker image onto the server and run. It's that easy!
-
-Well, maybe it takes a while to get accustomed to how everything works, but once it does, it's almost (almost) as easy as deploying with Heroku.
-
-P.S. As always, please let me have your ideas. I'm not sure this is the best, or the fastest, or the safest way of doing devops with Docker, but it certainly worked out for us.
-
-- make sure to have **boot2docker** up and running.
-- If you don't know your boot2docker VM address, just run `$ boot2docker ip`
-- if you don't, you can read it [here][10]
-
---------------------------------------------------------------------------------
-
-via: http://cocoahunter.com/2015/01/23/docker-3/
-
-作者:[Michelangelo Chasseur][a]
-译者:[译者ID](https://github.com/译者ID)
-校对:[校对者ID](https://github.com/校对者ID)
-
-本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
-
-[a]:http://cocoahunter.com/author/michelangelo/
-[1]:http://cocoahunter.com/docker-1
-[2]:http://cocoahunter.com/2015/01/23/docker-2/
-[3]:http://localhost:3000/
-[4]:https://gist.github.com/chasseurmic/0dad4d692ff499761b20
-[5]:http://localhost:5000/
-[6]:http://192.168.59.103:3000/
-[7]:http://cocoahunter.com/2015/01/23/docker-3/#fn:1
-[8]:http://cocoahunter.com/2015/01/23/docker-3/#fn:2
-[9]:http://cocoahunter.com/2015/01/23/docker-2/
-[10]:http://cocoahunter.com/2015/01/23/docker-2/
\ No newline at end of file
diff --git a/sources/tech/20150211 Install Linux-Dash (Web Based Monitoring tool) on Ubntu 14.10.md b/sources/tech/20150211 Install Linux-Dash (Web Based Monitoring tool) on Ubntu 14.10.md
index fe2432f8b3..6817a75b03 100644
--- a/sources/tech/20150211 Install Linux-Dash (Web Based Monitoring tool) on Ubntu 14.10.md
+++ b/sources/tech/20150211 Install Linux-Dash (Web Based Monitoring tool) on Ubntu 14.10.md
@@ -1,5 +1,6 @@
Install Linux-Dash (Web Based Monitoring tool) on Ubntu 14.10
================================================================================
+
A low-overhead monitoring web dashboard for a GNU/Linux machine. Simply drop-in the app and go!.Linux Dash's interface provides a detailed overview of all vital aspects of your server, including RAM and disk usage, network, installed software, users, and running processes. All information is organized into sections, and you can jump to a specific section using the buttons in the main toolbar. Linux Dash is not the most advanced monitoring tool out there, but it might be a good fit for users looking for a slick, lightweight, and easy to deploy application.
### Linux-Dash Features ###
diff --git a/sources/tech/20150225 Linux FAQs with Answers--How to disable IPv6 on Linux.md b/sources/tech/20150225 Linux FAQs with Answers--How to disable IPv6 on Linux.md
deleted file mode 100644
index 2c783bf5c0..0000000000
--- a/sources/tech/20150225 Linux FAQs with Answers--How to disable IPv6 on Linux.md
+++ /dev/null
@@ -1,149 +0,0 @@
-Translating by ZTinoZ
-Linux FAQs with Answers--How to disable IPv6 on Linux
-================================================================================
-> **Question**: I notice that one of my applications is trying to establish a connection over IPv6. But since our local network is not able to route IPv6 traffic, the IPv6 connection times out, and the application falls back to IPv4, which causes unnecessary delay. As I don't have any need for IPv6 at the moment, I would like to disable IPv6 on my Linux box. What is a proper way to turn off IPv6 on Linux?
-
-IPv6 has been introduced as a replacement of IPv4, the traditional 32-bit address space used in the Internet, to solve the imminent exhaustion of available IPv4 address space. However, since IPv4 has been used by every host or device connected to the Internet, it is practically impossible to switch every one of them to IPv6 overnight. Numerous IPv4 to IPv6 transition mechanisms (e.g., dual IP stack, tunneling, proxying) have been proposed to facilitate the adoption of IPv6, and many applications are being rewritten, as we speak, to add support for IPv6. One thing for sure is that IPv4 and IPv6 will inevitably coexist for the forseeable future.
-
-Ideally the [ongoing IPv6 transition process][1] should not be visible to end users, but the mixed IPv4/IPv6 environment might sometimes cause you to encounter various hiccups originating from unintended interaction between IPv4 and IPv6. For example, you may experience timeouts from applications such as apt-get or ssh trying to unsuccessfully connecting via IPv6, DNS server accidentally dropping AAAA DNS records for IPv6, or your IPv6-capable device not compatible with your ISP's legacy IPv4 network, etc.
-
-Of course this doesn't mean that you should blindly disable IPv6 on you Linux box. With all the benefits promised by IPv6, we as a society want to fully embrace it eventually, but as part of troubleshooting process for end-user experienced hiccups, you may try turning off IPv6 to see if indeed IPv6 is a culprit.
-
-Here are a few techniques allowing you to disable IPv6 partially (e.g., for a certain network interface) or completely on Linux. These tips should be applicable to all major Linux distributions including Ubuntu, Debian, Linux Mint, CentOS, Fedora, RHEL, and Arch Linux.
-
-### Check if IPv6 is Enabled on Linux ###
-
-All modern Linux distributions have IPv6 automatically enabled by default. To see IPv6 is activated on your Linux, use ifconfig or ip commands. If you see "inet6" in the output of these commands, this means your Linux has IPv6 enabled.
-
- $ ifconfig
-
-
-
- $ ip addr
-
-
-
-### Disable IPv6 Temporarily ###
-
-If you want to turn off IPv6 temporarily on your Linux system, you can use /proc file system. By "temporarily", we mean that the change we make to disable IPv6 will not be preserved across reboots. IPv6 will be enabled back again after you reboot your Linux box.
-
-To disable IPv6 for a particular network interface, use the following command.
-
- $ sudo sh -c 'echo 1 > /proc/sys/net/ipv6/conf//disable_ipv6'
-
-For example, to disable IPv6 for eth0 interface:
-
- $ sudo sh -c 'echo 1 > /proc/sys/net/ipv6/conf/eth0/disable_ipv6'
-
-
-
-To enable IPv6 back on eth0 interface:
-
- $ sudo sh -c 'echo 0 > /proc/sys/net/ipv6/conf/eth0/disable_ipv6'
-
-If you want to disable IPv6 system-wide for all interfaces including loopback interface, use this command:
-
- $ sudo sh -c 'echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6'
-
-### Disable IPv6 Permanently across Reboots ###
-
-The above method does not permanently disable IPv6 across reboots. IPv6 will be activated again once you reboot your system. If you want to turn off IPv6 for good, there are several ways you can do it.
-
-#### Method One ####
-
-The first method is to apply the above /proc changes persistently in /etc/sysctl.conf file.
-
-That is, open /etc/sysctl.conf with a text editor, and add the following lines.
-
- # to disable IPv6 on all interfaces system wide
- net.ipv6.conf.all.disable_ipv6 = 1
-
- # to disable IPv6 on a specific interface (e.g., eth0, lo)
- net.ipv6.conf.lo.disable_ipv6 = 1
- net.ipv6.conf.eth0.disable_ipv6 = 1
-
-To activate these changes in /etc/sysctl.conf, run:
-
- $ sudo sysctl -p /etc/sysctl.conf
-
-or simply reboot.
-
-#### Method Two ####
-
-An alternative way to disable IPv6 permanently is to pass a necessary kernel parameter via GRUB/GRUB2 during boot time.
-
-Open /etc/default/grub with a text editor, and add "ipv6.disable=1" to GRUB_CMDLINE_LINUX variable.
-
- $ sudo vi /etc/default/grub
-
-----------
-
- GRUB_CMDLINE_LINUX="xxxxx ipv6.disable=1"
-
-In the above, "xxxxx" denotes any existing kernel parameter(s). Add "ipv6.disable=1" after them.
-
-
-
-Finally, don't forget to apply the modified GRUB/GRUB2 settings by running:
-
-On Debian, Ubuntu or Linux Mint:
-
- $ sudo update-grub
-
-On Fedora, CentOS/RHEL:
-
- $ sudo grub2-mkconfig -o /boot/grub2/grub.cfg
-
-Now IPv6 will be completely disabled once you reboot your Linux system.
-
-### Other Optional Steps after Disabling IPv6 ###
-
-Here are a few optional steps you can consider after disabling IPv6. This is because while you disable IPv6 in the kernel, other programs may still try to use IPv6. In most cases, such application behaviors will not break things, but you want to disable IPv6 for them for efficiency or safety reason.
-
-#### /etc/hosts ####
-
-Depending on your setup, /etc/hosts may contain one or more IPv6 hosts and their addresses. Open /etc/hosts with a text editor, and comment out all lines which contain IPv6 hosts.
-
- $ sudo vi /etc/hosts
-
-----------
-
- # comment these IPv6 hosts
- # ::1 ip6-localhost ip6-loopback
- # fe00::0 ip6-localnet
- # ff00::0 ip6-mcastprefix
- # ff02::1 ip6-allnodes
- # ff02::2 ip6-allrouters
-
-#### Network Manager ####
-
-If you are using NetworkManager to manage your network settings, you can disable IPv6 on NetworkManager as follows. Open the wired connection on NetworkManager, click on "IPv6 Settings" tab, and choose "Ignore" in "Method" field. Save the change and exit.
-
-
-
-#### SSH server ####
-
-By default, OpenSSH server (sshd) tries to bind on both IPv4 and IPv6 addresses.
-
-To force sshd to bind only on IPv4 address, open /etc/ssh/sshd_config with a text editor, and add the following line. inet is for IPv4 only, and inet6 is for IPv6 only.
-
- $ sudo vi /etc/ssh/sshd_config
-
-----------
-
- AddressFamily inet
-
-and restart sshd server.
-
---------------------------------------------------------------------------------
-
-via: http://ask.xmodulo.com/disable-ipv6-linux.html
-
-作者:[Dan Nanni][a]
-译者:[译者ID](https://github.com/译者ID)
-校对:[校对者ID](https://github.com/校对者ID)
-
-本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
-
-[a]:http://ask.xmodulo.com/author/nanni
-[1]:http://www.google.com/intl/en/ipv6/statistics.html
diff --git a/sources/tech/20150227 Enjoy Android Apps on Ubuntu using ARChon Runtime.md b/sources/tech/20150227 Enjoy Android Apps on Ubuntu using ARChon Runtime.md
index f6def514b8..0f7a2d20aa 100644
--- a/sources/tech/20150227 Enjoy Android Apps on Ubuntu using ARChon Runtime.md
+++ b/sources/tech/20150227 Enjoy Android Apps on Ubuntu using ARChon Runtime.md
@@ -1,4 +1,4 @@
-translating by KayGuoWhu
+[translating by KayGuoWhu]
Enjoy Android Apps on Ubuntu using ARChon Runtime
================================================================================
Before, we gave try to many android app emulating tools like Genymotion, Virtualbox, Android SDK, etc to try to run android apps on it. But, with this new Chrome Android Runtime, we are able to run Android Apps on our Chrome Browser. So, here are the steps we'll need to follow to install Android Apps on Ubuntu using ARChon Runtime.
diff --git a/sources/tech/20150316 How to Test Your Internet Speed Bidirectionally from Command Line Using 'Speedtest-CLI' Tool.md b/sources/tech/20150316 How to Test Your Internet Speed Bidirectionally from Command Line Using 'Speedtest-CLI' Tool.md
index a2e5ebc1d8..ee125e70a6 100644
--- a/sources/tech/20150316 How to Test Your Internet Speed Bidirectionally from Command Line Using 'Speedtest-CLI' Tool.md
+++ b/sources/tech/20150316 How to Test Your Internet Speed Bidirectionally from Command Line Using 'Speedtest-CLI' Tool.md
@@ -1,3 +1,5 @@
+translating by createyuan
+
How to Test Your Internet Speed Bidirectionally from Command Line Using ‘Speedtest-CLI’ Tool
================================================================================
We always need to check the speed of the Internet connection at home and office. What we do for this? Go to websites like Speedtest.net and begin test. It loads JavaScript in the web browser and then select best server based upon ping and output the result. It also uses a Flash player to produce graphical results.
@@ -129,4 +131,4 @@ via: http://www.tecmint.com/check-internet-speed-from-command-line-in-linux/
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
[a]:http://www.tecmint.com/author/avishek/
-[1]:http://www.tecmint.com/speedtest-mini-server-to-test-bandwidth-speed/
\ No newline at end of file
+[1]:http://www.tecmint.com/speedtest-mini-server-to-test-bandwidth-speed/
diff --git a/sources/tech/20150318 How to Manage and Use LVM (Logical Volume Management) in Ubuntu.md b/sources/tech/20150318 How to Manage and Use LVM (Logical Volume Management) in Ubuntu.md
index 570217f220..d062a85336 100644
--- a/sources/tech/20150318 How to Manage and Use LVM (Logical Volume Management) in Ubuntu.md
+++ b/sources/tech/20150318 How to Manage and Use LVM (Logical Volume Management) in Ubuntu.md
@@ -1,3 +1,4 @@
+translating by runningwater
How to Manage and Use LVM (Logical Volume Management) in Ubuntu
================================================================================
@@ -258,7 +259,7 @@ That should cover most of what you need to know to use LVM. If you’ve got some
via: http://www.howtogeek.com/howto/40702/how-to-manage-and-use-lvm-logical-volume-management-in-ubuntu/
-译者:[译者ID](https://github.com/译者ID)
+译者:[runningwater](https://github.com/runningwater)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
diff --git a/sources/tech/20150320 Sleuth Kit--Open Source Forensic Tool to Analyze Disk Images and Recover Files.md b/sources/tech/20150320 Sleuth Kit--Open Source Forensic Tool to Analyze Disk Images and Recover Files.md
index 4e8461528e..2f138a9e3d 100644
--- a/sources/tech/20150320 Sleuth Kit--Open Source Forensic Tool to Analyze Disk Images and Recover Files.md
+++ b/sources/tech/20150320 Sleuth Kit--Open Source Forensic Tool to Analyze Disk Images and Recover Files.md
@@ -1,6 +1,3 @@
-
-tranlating by haimingfg
-
Sleuth Kit - Open Source Forensic Tool to Analyze Disk Images and Recover Files
================================================================================
SIFT is a Ubuntu based forensics distribution provided by SANS Inc. It consist of many forensics tools such as Sleuth kit / Autopsy etc . However, Sleuth kit/Autopsy tools can be installed on Ubuntu/Fedora distribution instead of downloading complete distribution of SIFT.
diff --git a/sources/tech/20150323 How to set up networking between Docker containers.md b/sources/tech/20150323 How to set up networking between Docker containers.md
deleted file mode 100644
index 7f950494be..0000000000
--- a/sources/tech/20150323 How to set up networking between Docker containers.md
+++ /dev/null
@@ -1,160 +0,0 @@
-How to set up networking between Docker containers
-================================================================================
-As you may be aware, Docker container technology has emerged as a viable lightweight alternative to full-blown virtualization. There are a growing number of use cases of Docker that the industry adopted in different contexts, for example, enabling rapid build environment, simplifying configuration of your infrastructure, isolating applications in multi-tenant environment, and so on. While you can certainly deploy an application sandbox in a standalone Docker container, many real-world use cases of Docker in production environments may involve deploying a complex multi-tier application in an ensemble of multiple containers, where each container plays a specific role (e.g., load balancer, LAMP stack, database, UI).
-
-There comes the problem of **Docker container networking**: How can we interconnect different Docker containers spawned potentially across different hosts when we do not know beforehand on which host each container will be created?
-
-One pretty neat open-source solution for this is [weave][1]. This tool makes interconnecting multiple Docker containers pretty much hassle-free. When I say this, I really mean it.
-
-In this tutorial, I am going to demonstrate **how to set up Docker networking across different hosts using weave**.
-
-### How Weave Works ###
-
-
-
-Let's first see how weave works. Weave creates a network of "peers", where each peer is a virtual router container called "weave router" residing on a distinct host. The weave routers on different hosts maintain TCP connections among themselves to exchange topology information. They also establish UDP connections among themselves to carry inter-container traffic. A weave router on each host is then connected via a bridge to all other Docker containers created on the host. When two containers on different hosts want to exchange traffic, a weave router on each host captures their traffic via a bridge, encapsulates the traffic with UDP, and forwards it to the other router over a UDP connection.
-
-Each weave router maintains up-to-date weave router topology information, as well as container's MAC address information (similar to switch's MAC learning), so that it can make forwarding decision on container traffic. Weave is able to route traffic between containers created on hosts which are not directly reachable, as long as two hosts are interconnected via an intermediate weave router on weave topology. Optionally, weave routers can be set to encrypt both TCP control data and UDP data traffic based on public key cryptography.
-
-### Prerequisite ###
-
-Before using weave on Linux, of course you need to set up Docker environment on each host where you want to run [Docker][2] containers. Check out [these][3] [tutorials][4] on how to create Docker containers on Ubuntu or CentOS/Fedora.
-
-Once Docker environment is set up, install weave on Linux as follows.
-
- $ wget https://github.com/zettio/weave/releases/download/latest_release/weave
- $ chmod a+x weave
- $ sudo cp weave /usr/local/bin
-
-Make sure that /usr/local/bin is include in your PATH variable by appending the following in /etc/profile.
-
- export PATH="$PATH:/usr/local/bin"
-
-Repeat weave installation on every host where Docker containers will be deployed.
-
-Weave uses TCP/UDP 6783 port. If you are using firewall, make sure that these port numbers are not blocked by the firewall.
-
-### Launch Weave Router on Each Host ###
-
-When you want to interconnect Docker containers across multiple hosts, the first step is to launch a weave router on every host.
-
-On the first host, run the following command, which will create and start a weave router container.
-
- $ sudo weave launch
-
-The first time you run this command, it will take a couple of minutes to download a weave image before launching a router container. On successful launch, it will print the ID of a launched weave router.
-
-To check the status of the router, use this command:
-
- $ sudo weave status
-
-
-
-Since this is the first weave router launched, there will be only one peer in the peer list.
-
-You can also verify the launch of a weave router by using docker command.
-
- $ docker ps
-
-
-
-On the second host, run the following command, where we specify the IP address of the first host as a peer to join.
-
- $ sudo weave launch
-
-When you check the status of the router, you will see two peers: the current host and the first host.
-
-
-
-As you launch more routers on subsequent hosts, the peer list will grow accordingly. When launching a router, just make sure that you specify any previously launched peer's IP address.
-
-At this point, you should have a weave network up and running, which consists of multiple weave routers across different hosts.
-
-### Interconnect Docker Containers across Multiple Hosts ###
-
-Now it is time to launch Docker containers on different hosts, and interconnect them on a virtual network.
-
-Let's say we want to create a private network 10.0.0.0/24, to interconnect two Docker containers. We will assign random IP addressses from this subnet to the containers.
-
-When you create a Docker container to deploy on a weave network, you need to use weave command, not docker command. Internally, the weave command uses docker command to create a container, and then sets up Docker networking on it.
-
-Here is how to create a Ubuntu container on hostA, and attach the container to 10.0.0.0/24 subnet with an IP addresss 10.0.0.1.
-
- hostA:~$ sudo weave run 10.0.0.1/24 -t -i ubuntu
-
-On successful run, it will print the ID of a created container. You can use this ID to attach to the running container and access its console as follows.
-
- hostA:~$ docker attach
-
-Move to hostB, and let's create another container. Attach it to the same subnet (10.0.0.0/24) with a different IP address 10.0.0.2.
-
- hostB:~$ sudo weave run 10.0.0.2/24 -t -i ubuntu
-
-Let's attach to the second container's console as well:
-
- hostB:~$ docker attach
-
-At this point, those two containers should be able to ping each other via the other's IP address. Verify that from each container's console.
-
-
-
-If you check the interfaces of each container, you will see an interface named "ethwe" which is assigned an IP address (e.g., 10.0.0.1 and 10.0.0.2) you specified.
-
-
-
-### Other Advanced Usages of Weave ###
-
-Weave offers a number of pretty neat features. Let me briefly cover a few here.
-
-#### Application Isolation ####
-
-Using weave, you can create multiple virtual networks and dedicate each network to a distinct application. For example, create 10.0.0.0/24 for one group of containers, and 10.10.0.0/24 for another group of containers, and so on. Weave automatically takes care of provisioning these networks, and isolating container traffic on each network. Going further, you can flexibly detach a container from one network, and attach it to another network without restarting containers. For example:
-
-First launch a container on 10.0.0.0/24:
-
- $ sudo weave run 10.0.0.2/24 -t -i ubuntu
-
-Detach the container from 10.0.0.0/24:
-
- $ sudo weave detach 10.0.0.2/24
-
-Re-attach the container to another network 10.10.0.0/24:
-
- $ sudo weave attach 10.10.0.2/24
-
-
-
-Now this container should be able to communicate with other containers on 10.10.0.0/24. This is a pretty useful feature when network information is not available at the time you create a container.
-
-#### Integrate Weave Networks with Host Network ####
-
-Sometimes you may need to allow containers on a virtual weave network to access physical host network. Conversely, hosts may want to access containers on a weave network. To support this requirement, weave allows weave networks to be integrated with host network.
-
-For example, on hostA where a container is running on network 10.0.0.0/24, run the following command.
-
- hostA:~$ sudo weave expose 10.0.0.100/24
-
-This will assign IP address 10.0.0.100 to hostA, so that hostA itself is also connected to 10.0.0.0/24 network. Obviously, you need to choose an IP address which is not used by any other containers on the network.
-
-At this point, hostA should be able to access any containers on 10.0.0.0/24, whether or not the containers are residing on hostA. Pretty neat!
-
-### Conclusion ###
-
-As you can see, weave is a pretty useful Docker networking tool. This tutorial only covers a glimpse of [its powerful features][5]. If you are more ambitious, you can try its multi-hop routing, which can be pretty useful in multi-cloud environment, dynamic re-routing, which is a neat fault-tolerance feature, or even its distributed DNS service which allows you to name containers on weave networks. If you decide to use this gem in your environment, feel free to share your use case!
-
---------------------------------------------------------------------------------
-
-via: http://xmodulo.com/networking-between-docker-containers.html
-
-作者:[Dan Nanni][a]
-译者:[译者ID](https://github.com/译者ID)
-校对:[校对者ID](https://github.com/校对者ID)
-
-本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
-
-[a]:http://xmodulo.com/author/nanni
-[1]:https://github.com/zettio/weave
-[2]:http://xmodulo.com/recommend/dockerbook
-[3]:http://xmodulo.com/manage-linux-containers-docker-ubuntu.html
-[4]:http://xmodulo.com/docker-containers-centos-fedora.html
-[5]:http://zettio.github.io/weave/features.html
\ No newline at end of file
diff --git a/sources/tech/20150330 How to secure SSH login with one-time passwords on Linux.md b/sources/tech/20150330 How to secure SSH login with one-time passwords on Linux.md
deleted file mode 100644
index 9133679994..0000000000
--- a/sources/tech/20150330 How to secure SSH login with one-time passwords on Linux.md
+++ /dev/null
@@ -1,180 +0,0 @@
-How to secure SSH login with one-time passwords on Linux
-================================================================================
-As someone says, security is a not a product, but a process. While SSH protocol itself is cryptographically secure by design, someone can wreak havoc on your SSH service if it is not administered properly, be it weak passwords, compromised keys or outdated SSH client.
-
-As far as SSH authentication is concerned, [public key authentication][1] is in general considered more secure than password authentication. However, key authentication is actually not desirable or even less secure if you are logging in from a public or shared computer, where things like stealth keylogger or memory scraper can always a possibility. If you cannot trust the local computer, it is better to use something else. This is when "one-time passwords" come in handy. As the name implies, each one-time password is for single-use only. Such disposable passwords can be safely used in untrusted environments as they cannot be re-used even when they are stolen.
-
-One way to generate disposable passwords is [Google Authenticator][2]. In this tutorial, I am going to demonstrate another way to create one-time passwords for SSH login: [OTPW][3], a one-time password login package. Unlike Google Authenticator, you do not rely on any third party for one-time password generation and verification.
-
-### What is OTPW? ###
-
-OTPW consists of one-time password generator and PAM-integrated verification routines. In OTPW, one-time passwords are generated apriori with the generator, and carried by a user securely (e.g., printed in a paper sheet). Cryptographic hash of the generated passwords are then stored in the SSH server host. When a user logs in with a one-time password, OTPW's PAM module verifies the password, and invalidates it to prevent re-use.
-
-### Step One: Install and Configure OTPW on Linux ###
-
-#### Debian, Ubuntu or Linux Mint ####
-
-Install OTPW packages with apt-get.
-
- $ sudo apt-get install libpam-otpw otpw-bin
-
-Open a PAM configuration file for SSH (/etc/pam.d/sshd) with a text editor, and comment out the following line (to disable password authentication).
-
- #@include common-auth
-
-and add the following two lines (to enable one-time password authentication):
-
- auth required pam_otpw.so
- session optional pam_otpw.so
-
-
-
-#### Fedora or CentOS/RHEL ####
-
-OTPW is not available as a prebuilt package on Red Hat based systems. So let's install OTPW by building it from the source.
-
-First, install prerequites:
-
- $ sudo yum git gcc pam-devel
- $ git clone https://www.cl.cam.ac.uk/~mgk25/git/otpw
- $ cd otpw
-
-Open Makefile with a text editor, and edit a line that starts with "PAMLIB=" as follows.
-
-On 64-bit system:
-
- PAMLIB=/usr/lib64/security
-
-On 32-bit system:
-
- PAMLIB=/usr/lib/security
-
-Compile and install it. Note that installation will automatically restart an SSH server. So be ready to be disconnected if you are on an SSH connection.
-
- $ make
- $ sudo make install
-
-Now you need to update SELinux policy since /usr/sbin/sshd tries to write to user's home directory, which is not allowed by default SELinux policy. The following commands will do. If you are not using SELinux, skip this step.
-
- $ sudo grep sshd /var/log/audit/audit.log | audit2allow -M mypol
- $ sudo semodule -i mypol.pp
-
-Next, open a PAM configuration file for SSH (/etc/pam.d/sshd) with a text editor, and comment out the following line (to disable password authentication).
-
- #auth substack password-auth
-
-and add the following two lines (to enable one-time password authentication):
-
- auth required pam_otpw.so
- session optional pam_otpw.so
-
-#### Step Two: Configure SSH Server for One-time Passwords ####
-
-The next step is to configure an SSH server to accept one-time passwords.
-
-Open /etc/ssh/sshd_config with a text editor, and set the following three parameters. Make sure that you do not add these lines more than once, because that will cause an SSH server to fail.
-
- UsePrivilegeSeparation yes
- ChallengeResponseAuthentication yes
- UsePAM yes
-
-You also need to disable default password authentication. Optionally, enable public key authentication, so that you can fall back to key-based authentication in case you do not have one-time passwords.
-
- PubkeyAuthentication yes
- PasswordAuthentication no
-
-Now restart SSH server.
-
-Debian, Ubuntu or Linux Mint:
-
- $ sudo service ssh restart
-
-Fedora or CentOS/RHEL 7:
-
- $ sudo systemctl restart sshd
-
-#### Step Three: Generate One-time Passwords with OTPW ####
-
-As mentioned earlier, you need to create one-time passwords beforehand, and have them stored on the remote SSH server host. For this, run otpw-gen tool as the user you will be logging in as.
-
- $ cd ~
- $ otpw-gen > temporary_password.txt
-
-
-
-It will ask you to set a prefix password. When you later log in, you need to type this prefix password AND one-time password. Essentially the prefix password is another layer of protection. Even if the password sheet falls into the wrong hands, the prefix password forces them to brute-force.
-
-Once the prefix password is set, the command will generate 280 one-time passwords, and store them in the output text file (e.g., temporary_password.txt). Each password (length of 8 characters by default) is preceded by a three-digit index number. You are supposed to print the file in a sheet and carry it with you.
-
-
-
-You will also see ~/.otpw file created, where cryptographic hashs of these passwords are stored. The first three digits in each line indicate the index number of the password that will be used for SSH login.
-
- $ more ~/.otpw
-
-----------
-
- OTPW1
- 280 3 12 8
- 191ai+:ENwmMqwn
- 218tYRZc%PIY27a
- 241ve8ns%NsHFmf
- 055W4/YCauQJkr:
- 102ZnJ4VWLFrk5N
- 2273Xww55hteJ8Y
- 1509d4b5=A64jBT
- 168FWBXY%ztm9j%
- 000rWUSdBYr%8UE
- 037NvyryzcI+YRX
- 122rEwA3GXvOk=z
-
-### Test One-time Passwords for SSH Login ###
-
-Now let's login to an SSH server in a usual way:
-
- $ ssh user@remote_host
-
-If OTPW is successfully set up, you will see a slightly different password prompt:
-
- Password 191:
-
-Now open up your password sheet, and look for index number "191" in the sheet.
-
- 023 kBvp tq/G 079 jKEw /HRM 135 oW/c /UeB 191 fOO+ PeiD 247 vAnZ EgUt
-
-According to sheet above, the one-time password for number "191" is "fOO+PeiD". You need to prepend your prefix password to it. For example, if your prefix password is "000", the actual one-time password you need to type is "000fOO+PeiD".
-
-Once you successfully log in, the password used is automatically invalidated. If you check ~/.otpw, you will notice that the first line is replaced with "---------------", meaning that password "191" has been voided.
-
- OTPW1
- 280 3 12 8
- ---------------
- 218tYRZc%PIY27a
- 241ve8ns%NsHFmf
- 055W4/YCauQJkr:
- 102ZnJ4VWLFrk5N
- 2273Xww55hteJ8Y
- 1509d4b5=A64jBT
- 168FWBXY%ztm9j%
- 000rWUSdBYr%8UE
- 037NvyryzcI+YRX
- 122rEwA3GXvOk=z
-
-### Conclusion ###
-
-In this tutorial, I demonstrated how to set up one-time password login for SSH using OTPW package. You may realized that a print sheet can be considered a less fancy version of security token in two-factor authentication. Yet, it is simpler and you do not rely on any third-party for its implementation. Whatever mechanism you are using to create disposable passwords, they can be helpful when you need to log in to an SSH server from an untrusted public computer. Feel free to share your experience or opinion on this topic.
-
---------------------------------------------------------------------------------
-
-via: http://xmodulo.com/secure-ssh-login-one-time-passwords-linux.html
-
-作者:[Dan Nanni][a]
-译者:[译者ID](https://github.com/译者ID)
-校对:[校对者ID](https://github.com/校对者ID)
-
-本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
-
-[a]:http://xmodulo.com/author/nanni
-[1]:http://xmodulo.com/how-to-force-ssh-login-via-public-key-authentication.html
-[2]:http://xmodulo.com/two-factor-authentication-ssh-login-linux.html
-[3]:http://www.cl.cam.ac.uk/~mgk25/otpw.html
\ No newline at end of file
diff --git a/sources/tech/20150331 Conky--The Ultimate X Based System Monitor Application.md b/sources/tech/20150331 Conky--The Ultimate X Based System Monitor Application.md
index fdb2648a36..b54d6763d3 100644
--- a/sources/tech/20150331 Conky--The Ultimate X Based System Monitor Application.md
+++ b/sources/tech/20150331 Conky--The Ultimate X Based System Monitor Application.md
@@ -1,3 +1,5 @@
+FSSlc translating
+
Conky – The Ultimate X Based System Monitor Application
================================================================================
Conky is a system monitor application written in ‘C’ Programming Language and released under GNU General Public License and BSD License. It is available for Linux and BSD Operating System. The application is X (GUI) based that was originally forked from [Torsmo][1].
@@ -144,4 +146,4 @@ via: http://www.tecmint.com/install-conky-in-ubuntu-debian-fedora/
[3]:http://ubuntuforums.org/showthread.php?t=281865
[4]:http://conky.sourceforge.net/screenshots.html
[5]:http://ubuntuforums.org/showthread.php?t=281865/
-[6]:http://conky.sourceforge.net/
\ No newline at end of file
+[6]:http://conky.sourceforge.net/
diff --git a/sources/tech/20150331 How to set up remote desktop on Linux VPS using x2go.md b/sources/tech/20150331 How to set up remote desktop on Linux VPS using x2go.md
index 8f98a2ba02..8b3eed8330 100644
--- a/sources/tech/20150331 How to set up remote desktop on Linux VPS using x2go.md
+++ b/sources/tech/20150331 How to set up remote desktop on Linux VPS using x2go.md
@@ -1,3 +1,5 @@
+translating by createyuan
+
How to set up remote desktop on Linux VPS using x2go
================================================================================
As everything is moved to the cloud, virtualized remote desktop becomes increasingly popular in the industry as a way to enhance employee's productivity. Especially for those who need to roam constantly across multiple locations and devices, remote desktop allows them to stay connected seamlessly to their work environment. Remote desktop is attractive for employers as well, achieving increased agility and flexibility in work environments, lower IT cost due to hardware consolidation, desktop security hardening, and so on.
@@ -134,4 +136,4 @@ via: http://xmodulo.com/x2go-remote-desktop-linux.html
[5]:http://wiki.x2go.org/doku.php/doc:newtox2go
[6]:http://wiki.x2go.org/doku.php/doc:de-compat
[7]:http://xmodulo.com/how-to-set-up-epel-repository-on-centos.html
-[8]:http://xmodulo.com/go/digitalocean
\ No newline at end of file
+[8]:http://xmodulo.com/go/digitalocean
diff --git a/sources/tech/20150401 ZMap Documentation.md b/sources/tech/20150401 ZMap Documentation.md
index 3cde747acf..d2aa316c1f 100644
--- a/sources/tech/20150401 ZMap Documentation.md
+++ b/sources/tech/20150401 ZMap Documentation.md
@@ -1,5 +1,3 @@
-translating by martin.
-
ZMap Documentation
================================================================================
1. Getting Started with ZMap
diff --git a/sources/tech/20150409 Install Inkscape - Open Source Vector Graphic Editor.md b/sources/tech/20150409 Install Inkscape - Open Source Vector Graphic Editor.md
deleted file mode 100644
index afe663f074..0000000000
--- a/sources/tech/20150409 Install Inkscape - Open Source Vector Graphic Editor.md
+++ /dev/null
@@ -1,95 +0,0 @@
-Install Inkscape - Open Source Vector Graphic Editor
-================================================================================
-Inkscape is an open source vector graphic editing tool which uses Scalable Vector Graphics (SVG) and that makes it different from its competitors like Xara X, Corel Draw and Adobe Illustrator etc. SVG is a widely-deployed royalty-free graphics format developed and maintained by the W3C SVG Working Group. It is a cross platform tool which runs fine on Linux, Windows and Mac OS.
-
-Inkscape development was started in 2003, Inkscape's bug tracking system was hosted on Sourceforge initially but it was migrated to Launchpad afterwards. Its current latest stable version is 0.91. It is under continuous development and bug fixes and we will be reviewing its prominent features and installing process in the article.
-
-### Salient Features ###
-
-Lets review the outstanding features of this application categorically.
-
-#### Creating Objects ####
-
-- Drawing different colored sized and shaped freehand lines through pencil tool, straight lines and curves through Bezier (pen) tool, applying freehand calligraphic strokes through calligraphic tool etc
-- Creating, selecting, editing and formatting text through text tool. Manipulating text in plain text boxes, on paths or in shapes
-- Helps draw various shapes like rectangles, ellipses, circles, arcs, polygons, stars, spirals etc and then resize, rotate and modify (turn sharp edges round) them
-- Create and embed bitmaps with simple commands
-
-#### Object manipulation ####
-
-- Skewing, moving, scaling, rotating objects through interactive manipulations and pacifying the numeric values
-- Performing raising and lowering Z-order operations
-- Grouping and ungrouping objects to create a virtual scope for editing or manipulation
-- Layers form a hierarchal tree and can be locked or rearranged for various manipulations
-- Distribution and alignment commands
-
-#### Fill and Stroke ####
-
-- Copy/paste styles
-- Pick Color tool
-- Selecting colors on a continuous plot based on vectors of RGB, HSL, CMS, CMYK and color wheel
-- Gradient editor helps creating and managing multi-stop gradients
-- Define an image or selection and use it to pattern fill
-- Dashed Strokes can be used with few predefined dashed patterns
-- Beginning, middle and ending marks through path markers
-
-#### Operation on Paths ####
-
-- Node Editing: Moving nodes and Bezier handles, node alignment and distribution etc
-- Boolean operations like yes or no conditions
-- Simplifying paths with variable levels or thresholds
-- Path insetting and outsetting along with link and offset objects
-- Converting bitmap images into paths (color and monochrome paths) through path tracing
-
-#### Text manipulation ####
-
-- All installed outlined fonts can be used even for right to left align objects
-- Formatting text, letter spacing, line spacing or kerning
-- Text on path and on shapes where both text and path or shapes can be edited or modified
-
-#### Rendering ####
-
-- Inkscape fully support anti-aliased display which is a technique that reduces or eliminates aliasing by shading the pixels along the border.
-- Support for alpha transparency display and PNG export
-
-### Install Inkscape on Ubuntu 14.04 and 14.10 ###
-
-In order to install Inkscape on Ubuntu, we will need to first [add its stable Personal Package Archive][1] (PPA) to Advanced Package Tool (APT) repository. Launch the terminal and run following command to add its PPA.
-
- sudo add-apt-repository ppa:inkscape.dev/stable
-
-
-
-Once the PPA has been added to the APT repository we need to update it using following command.
-
- sudo apt-get update
-
-
-
-After updating the repository we are ready to install inkscape which is accomplished using the following command.
-
- sudo apt-get install inkscape
-
-
-
-Congratulation, Inkscape has been installed now and all set for image editing and making full use of feature rich application.
-
-
-
-### Conclusion ###
-
-Inkscape is a feature rich graphic editing tool which empowers its user with state of the art capabilities. It is an open source application which is freely available for installation and customizations and supports wide range of file formats including but not limited to JPEG, PNG, GIF and PDF. Visit its [official website][2] for more news and updates regarding this application.
-
---------------------------------------------------------------------------------
-
-via: http://linoxide.com/tools/install-inkscape-open-source-vector-graphic-editor/
-
-作者:[Aun Raza][a]
-译者:[译者ID](https://github.com/译者ID)
-校对:[校对者ID](https://github.com/校对者ID)
-
-本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
-
-[a]:http://linoxide.com/author/arunrz/
-[1]:https://launchpad.net/~inkscape.dev/+archive/ubuntu/stable
-[2]:https://inkscape.org/en/
\ No newline at end of file
diff --git a/sources/tech/20150413 A Walk Through Some Important Docker Commands.md b/sources/tech/20150413 A Walk Through Some Important Docker Commands.md
deleted file mode 100644
index 33f1c02885..0000000000
--- a/sources/tech/20150413 A Walk Through Some Important Docker Commands.md
+++ /dev/null
@@ -1,105 +0,0 @@
-A Walk Through Some Important Docker Commands
-================================================================================
-Hi everyone today we'll learn some important Docker Commands that you'll need to learn before you go with Docker. Docker is an Open Source project that provides an open platform to pack, ship and run any application as a lightweight container. It has no boundaries of Language support, Frameworks or packaging system and can be run anywhere, anytime from a small home computers to high-end servers. It makes them great building blocks for deploying and scaling web apps, databases, and back-end services without depending on a particular stack or provider.
-
-Docker commands are easy to learn and easy to implement or take into practice. Here are some easy Docker commands you'll need to know to run Docker and fully utilize it.
-
-### 1. Pulling a Docker Image ###
-
-First of all, we'll need to pull a docker image to get started cause containers are built using Docker Images. We can get the required docker image from the Docker Registry Hub. Before we pull any image using pull command, we'll need to protect our system as there is identified a malicious issue with pull command. To protect our system from this issue, we'll need to add **127.0.0.1 index.docker.io** into /etc/hosts entry. We can do using our favorite text editor.
-
- # nano /etc/hosts
-
-Now, add the following lines into it and then save and exit.
-
- 127.0.0.1 index.docker.io
-
-
-
-To pull a docker image, we'll need to run the following command.
-
- # docker pull registry.hub.docker.com/busybox
-
-
-
-We can check whether any Docker image is available in our local host for the use or not.
-
- # docker images
-
-
-
-### 2. Running a Docker Container ###
-
-Now, after we have successfully pulled a required or desired Docker image. We'll surely want to run that Docker image. We can run a docker container out of the image using docker run command. We have several options and flags to run a docker container on the top of the Docker image. To run a docker image and to get into the container we'll use -t and -i flag as shown below.
-
- # docker run -it busybox
-
-
-
-From the above command, we'll get entered into the container and can access its content via the interactive shell. We can press **Ctrl-D** in order to exit from the shell access.
-
-Now, to run the container in background, we'll detach the shell using -d flag as shown below.
-
- # docker run -itd busybox
-
-
-
-If we want to attach into a running container, we can use attach command with the container id. The container id can be fetched using the command **docker ps** .
-
- # docker attach
-
-
-
-### 3. Checking Containers ###
-
-It is very easy to check the log whether the container is running or not. We can use the following command to check whether there is any docker container running in the real time or not using the following command.
-
- # docker ps
-
-Now, to check logs about the running or past running containers we'll need to run the following command.
-
- # docker ps -a
-
-
-
-### 4. Inspecting a Docker Container ###
-
-We can check every information about a Docker Container using the inspect command.
-
- # docker inspect
-
-
-
-### 5. Killing and Deleting Command ###
-
-We can kill or stop process or docker containers using its docker id as shown below.
-
- # docker stop
-
-To stop every containers running, we'll need to run the following command.
-
- # docker kill $(docker ps -q)
-
-Now, if we wanna remove a docker image, run the below command.
-
- # docker rm
-
-If we wanna remove all the docker images at once, we can run the below.
-
- # docker rm $(docker ps -aq)
-
-### Conclusion ###
-
-These docker commands are highly essential to learn to fully utilize and use Docker. Docker gets too simple with these commands providing end users an easy platform for computing. It is extremely easy for anyone to learn about Docker commands with this above tutorial. If you have any questions, suggestions, feedback please write them in the comment box below so that we can improve and update our contents. Thank you ! Enjoy :-)
-
---------------------------------------------------------------------------------
-
-via: http://linoxide.com/linux-how-to/important-docker-commands/
-
-作者:[Arun Pyasi][a]
-译者:[译者ID](https://github.com/译者ID)
-校对:[校对者ID](https://github.com/校对者ID)
-
-本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
-
-[a]:http://linoxide.com/author/arunp/
\ No newline at end of file
diff --git a/sources/tech/20150413 How to manage remote MySQL databases on Linux VPS using a GUI tool.md b/sources/tech/20150413 How to manage remote MySQL databases on Linux VPS using a GUI tool.md
deleted file mode 100644
index c157ce65d5..0000000000
--- a/sources/tech/20150413 How to manage remote MySQL databases on Linux VPS using a GUI tool.md
+++ /dev/null
@@ -1,179 +0,0 @@
-demon 翻译中
-How to manage remote MySQL databases on Linux VPS using a GUI tool
-================================================================================
-If you need to run a MySQL server on a remote [VPS instance][1], how will you manage databases hosted by the server remotely? Perhaps web-based database administration tools such as [phpMyAdmin][2] or [Adminer][3] will first come to mind. These web-based management tools require a backend web server and PHP engine up and running. However, if your VPS instance is used as a standalone database server (e.g., for a multi-tier app), provisioning a whole LAMP stack for occasional database management is a waste of VPS resource. Worse, the LAMP stack with an additional HTTP port can be a source of security vulnerabilities of your VPS.
-
-Alternatively, you can turn to a native MySQL client running on a client host. Of course a pure command-line MySQL client (mysql-client) can be your default choice if nothing else. But the capabilities of the command-line client are limited, so it is not suitable for production-level database administration such as visual SQL development, performance tuning, schema validation, etc. If you are looking for full-blown MySQL administration features, a MySQL GUI tool will meet your requirements better.
-
-### What is MySQL Workbench? ###
-
-Developed as an integrated database tool environment by Oracle, [MySQL Workbench][4] is more than a simple MySQL client. In a nutshell, Workbench is a cross-platform (e.g., Linux, MacOS X, Windows) GUI tool for database design, development and administration. The Community Edition of MySQL Workbench is available for free under the GPL. As a database administrator, you can use Workbench to configure MySQL server, manage MySQL users, perform database backup and recovery, and monitor database health, all in GUI-based user-frienly environment.
-
-In this tutorial, let's review how to install and use MySQL Workbench on Linux.
-
-### Install MySQL Workbench on Linux ###
-
-To set up remote database administration environment, grab any desktop Linux machine where you will be running MySQL Workbench. While some Linux distributions (e.g., Debian/Ubuntu) carry MySQL Workbench in their repositories, it is a good idea to install it from the official repositories, as they offer the latest version. Here is how to set up the official Workbench repository and install Workbench from it.
-
-#### Debian-based Desktop (Debia, Ubuntu, Mint): ####
-
-Go to the [official website][5]. Download and install the DEB file for the repository. Choose one that matches with your environment.
-
-For example, on Ubuntu 14.10:
-
- $ wget http://dev.mysql.com/get/mysql-apt-config_0.3.4-2ubuntu14.10_all.deb
- $ sudo dpkg -i mysql-apt-config_0.3.4-2ubuntu14.10_all.deb
-
-on Debian 7:
-
- $ wget http://dev.mysql.com/get/mysql-apt-config_0.3.3-1debian7_all.deb
- $ sudo dpkg -i mysql-apt-config_0.3.3-1debian7_all.deb
-
-When installing the DEB file, you will see the following package configuration menu, and be asked to choose MySQL product to configure.
-
-
-
-Choose "Utilities". Once you are done with configuration, choose "Apply" to save it.
-
-Finally, update package index, and install Workbench.
-
- $ sudo apt-get update
- $ sudo apt-get install mysql-workbench
-
-#### Red Hat-based Desktop (CentOS, Fedora, RHEL): ####
-
-Go to the [official website][6]. Download and install the RPM repository package for your Linux evironment.
-
-For example, on CentOS 7:
-
- $ wget http://dev.mysql.com/get/mysql-community-release-el7-5.noarch.rpm
- $ sudo yum localinstall mysql-community-release-el7-5.noarch.rpm
-
-on Fedora 21:
-
- $ wget http://dev.mysql.com/get/mysql-community-release-fc21-6.noarch.rpm
- $ sudo yum localinstall mysql-community-release-fc21-6.noarch.rpm
-
-Verify that "MySQL Tools Community" repository has been set up.
-
- $ yum repolis enabled
-
-
-
-Go ahead and install Workbench.
-
- $ sudo yum install mysql-workbench-community
-
-### Set up a Secure Remote Database Connection ###
-
-The next step is to set up a remote connection to your MySQL server running on a VPS. Of course you can connect directly to the remote MySQL server from Workbench GUI (after [enabling remote access][7] in the database server). However, it is a huge security risk to do so, as someone can easily eavesdrop on database access traffic, and a publicly-open MySQL port can be another attack vector.
-
-A better approach is to disable remote access of MySQL server (i.e., only allow access from 127.0.0.1 of a VPS). Then set up an SSH tunnel between a local client machine and a remote VPS, so that MySQL traffic can be securely relayed via their loopback interfaces. Compared to setting up SSL-based encrypted connections, configuring SSH tunneling requires little effort as it only requires SSH server, which is already deployed on most VPS instances.
-
-Let's see how we can set up an SSH tunnel for MySQL Workbench.
-
-In this setup, you don't need to enable remote access of a MySQL server.
-
-On a local client host where MySQL Workbench will be running, type the following command. Replace 'user' and 'remote_vps' with your own info.
-
- $ ssh user@remote_vps -L 3306:127.0.0.1:3306 -N
-
-You will be asked to type an SSH password for your VPS. Once you successfully log in to the VPS, an SSH tunnel will be established between port 3306 of local host and port 3306 of a remote VPS. Note that you won't see any message in the foreground.
-
-Optionally, you can set the SSH tunnel running in the background. For that, press Ctrl+Z to stop the command, type bg and press ENTER.
-
-
-
-The SSH tunnel will now be running in the background.
-
-### Manage a Remote MySQL Server with MySQL Workbench ###
-
-With an SSH tunnel established, you are ready to connect to a remote MySQL server from MySQL Workbench.
-
-Launch Workbench by typing:
-
- $ mysql-workbench
-
-
-
-Click on the plus icon at the top of the Workbench screen to create a new database connection. Fill in connection information as follows.
-
-- **Connection Name**: any description (e.g., My remote VPS database)
-- **Hostname**: 127.0.0.1
-- **Port**: 3306
-- **Username**: MySQL username (e.g., root)
-
-
-
-Note that since the tunnel's local endpoint is 127.0.0.1:3306, the hostname field must be 127.0.0.1, not the IP address/hostname of a remote VPS.
-
-Once you set up a new database connection, you will see a new box for the connection appear on Workbench window. Click on the box to actually establish a connection to a remote MySQL server.
-
-
-
-Once you are logged in to the MySQL server, you will see various administrative tasks in the left-side panel. Let's review some of common administrative tasks.
-
-#### MySQL Server Status ####
-
-This menus shows real-time dashboard of database server resource usage (e.g., traffic, connections, read/write).
-
-
-
-#### Client Connections ####
-
-The total number of client connections is a critical resource to monitor. This menu shows detailed information of individual client connections.
-
-
-
-#### Users and Privileges ####
-
-This menu allows you to manage MySQL users, including their resource limits and privileges.
-
-
-
-#### MySQL Server Administration ####
-
-You can start or stop a MySQL server, and examine its server logs.
-
-
-
-#### Database Schema Management ####
-
-You can view, change or inspect database schema visually. For that, choose and right-click on any database or table under "Schemas" heading.
-
-
-
-
-
-#### Database Query ####
-
-You can execute any arbitrary query (as long as your login privilege allows), and inspect its result.
-
-
-
-Note that performance statistics and reports are available for MySQL server 5.6 and higher. For 5.5 and lower, the performance section will be grayed out.
-
-### Conclusion ###
-
-The clean and intuitive tabbed interface, comprehensive feature sets, and open-source licensing make MySQL Workbench one of the best visual database design and administration tools out there. One known downside of Workbench is its performance. I notice that Workbench sometimes gets sluggish while running queries on a busy server. Despite its less than stellar performance, I still consider MySQL Workbench an essential tool for any professional MySQL database administrator and designer.
-
-Have you ever used Workbench in your work environment? Or do you recommend any other GUI tool? Feel free to share your experience.
-
---------------------------------------------------------------------------------
-
-via: http://xmodulo.com/remote-mysql-databases-gui-tool.html
-
-作者:[Dan Nanni][a]
-译者:[译者ID](https://github.com/译者ID)
-校对:[校对者ID](https://github.com/校对者ID)
-
-本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
-
-[a]:http://xmodulo.com/author/nanni
-[1]:http://xmodulo.com/go/digitalocean
-[2]:http://ask.xmodulo.com/install-phpmyadmin-centos.html
-[3]:http://xmodulo.com/set-web-based-database-management-system-adminer.html
-[4]:http://mysqlworkbench.org/
-[5]:http://dev.mysql.com/downloads/repo/apt/
-[6]:http://dev.mysql.com/downloads/repo/yum/
-[7]:http://xmodulo.com/how-to-allow-remote-access-to-mysql.html
diff --git a/sources/tech/20150413 Linux FAQs with Answers--How to configure PCI-passthrough on virt-manager.md b/sources/tech/20150413 Linux FAQs with Answers--How to configure PCI-passthrough on virt-manager.md
deleted file mode 100644
index f90070d34a..0000000000
--- a/sources/tech/20150413 Linux FAQs with Answers--How to configure PCI-passthrough on virt-manager.md
+++ /dev/null
@@ -1,55 +0,0 @@
-Linux FAQs with Answers--How to configure PCI-passthrough on virt-manager
-================================================================================
-> **Question**: I would like to dedicate a physical network interface card to one of my guest VMs created by KVM. For that, I am trying to enable PCI passthrough of the NIC for the VM. How can I add a PCI device to a guest VM with PCI passthrough on virt-manager?
-
-Modern hypervisors enable efficient resource sharing among multiple guest operating systems by virtualizing and emulating hardware resources. However, such virtualized resource sharing may not always be desirable, or even should be avoided when VM performance is a great concern, or when a VM requires full DMA control of a hardware device. One technique used in this case is so-called "PCI passthrough," where a guest VM is granted an exclusive access to a PCI device (e.g., network/sound/video card). Essentially, PCI passthrough bypasses the virtualization layer, and directly exposes a PCI device to a VM. No other VM can access the PCI device.
-
-### Requirement for Enabling PCI Passthrough ###
-
-If you want to enable PCI passthrough for an HVM guest (e.g., a fully-virtualized VM created by KVM), your system (both CPU and motherboard) must meet the following requirement. If your VM is paravirtualized (created by Xen), you can skip this step.
-
-In order to enable PCI passthrough for an HVM guest VM, your system must support **VT-d** (for Intel processors) or **AMD-Vi** (for AMD processors). Intel's VT-d ("Intel Virtualization Technology for Directed I/O") is available on most high-end Nehalem processors and its successors (e.g., Westmere, Sandy Bridge, Ivy Bridge). Note that VT-d and VT-x are two independent features. A list of Intel/AMD processors with VT-d/AMD-Vi capability can be found [here][1].
-
-After you verify that your host hardware supports VT-d/AMD-Vi, you then need to do two things on your system. First, make sure that VT-d/AMD-Vi is enabled in system BIOS. Second, enable IOMMU on your kernel during booting. The IOMMU service, which is provided by VT-d,/AMD-Vi, protects host memory access by a guest VM, and is a requirement for PCI passthrough for fully-virtualized guest VMs.
-
-To enable IOMMU on the kernel for Intel processors, pass "**intel_iommu=on**" boot parameter on your Linux. Follow [this tutorial][2] to find out how to add a kernel boot parameter via GRUB.
-
-After configuring the boot parameter, reboot your host.
-
-### Add a PCI Device to a VM on Virt-Manager ###
-
-Now we are ready to enable PCI passthrough. In fact, assigning a PCI device to a guest VM is straightforward on virt-manager.
-
-Open the VM's settings on virt-manager, and click on "Add Hardware" button on the left sidebar.
-
-Choose a PCI device to assign from a PCI device list, and click on "Finish" button.
-
-
-
-Finally, power on the guest. At this point, the host PCI device should be directly visible inside the guest VM.
-
-### Troubleshooting ###
-
-If you see either of the following errors while powering on a guest VM, the error may be because VT-d (or IOMMU) is not enabled on your host.
-
- Error starting domain: unsupported configuration: host doesn't support passthrough of host PCI devices
-
-----------
-
- Error starting domain: Unable to read from monitor: Connection reset by peer
-
-Make sure that "**intel_iommu=on**" boot parameter is passed to the kernel during boot as described above.
-
---------------------------------------------------------------------------------
-
-via: http://ask.xmodulo.com/pci-passthrough-virt-manager.html
-
-作者:[Dan Nanni][a]
-译者:[译者ID](https://github.com/译者ID)
-校对:[校对者ID](https://github.com/校对者ID)
-
-本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
-
-[a]:http://ask.xmodulo.com/author/nanni
-[1]:http://wiki.xenproject.org/wiki/VTdHowTo
-[2]:http://xmodulo.com/add-kernel-boot-parameters-via-grub-linux.html
\ No newline at end of file
diff --git a/sources/tech/20150415 Strong SSL Security on nginx.md b/sources/tech/20150415 Strong SSL Security on nginx.md
deleted file mode 100644
index 82b12820ed..0000000000
--- a/sources/tech/20150415 Strong SSL Security on nginx.md
+++ /dev/null
@@ -1,290 +0,0 @@
-Strong SSL Security on nginx
-================================================================================
-[][1]
-
-This tutorial shows you how to set up strong SSL security on the nginx webserver. We do this by disabling SSL Compression to mitigate the CRIME attack, disable SSLv3 and below because of vulnerabilities in the protocol and we will set up a strong ciphersuite that enables Forward Secrecy when possible. We also enable HSTS and HPKP. This way we have a strong and future proof ssl configuration and we get an A on the Qually Labs SSL Test.
-
-TL;DR: [Copy-pastable strong cipherssuites for NGINX, Apache and Lighttpd: https://cipherli.st][2]
-
-This tutorial is tested on a Digital Ocean VPS. If you like this tutorial and want to support my website, use this link to order a Digital Ocean VPS: [https://www.digitalocean.com/?refcode=7435ae6b8212][2]
-
-This tutorial works with the stricter requirements of the SSL Labs test [announced on the 21st of January 2014][4] (It already did before that, if you follow(ed) it you get an A+)
-
-- [This tutorial is also available for Apache][5]
-- [This tutorial is also available for Lighttpd][6]
-- [This tutorial is also available for FreeBSD, NetBSD and OpenBSD over at the BSD Now podcast][7]: [http://www.bsdnow.tv/tutorials/nginx][8]
-
-You can find more info on the topics by following the links below:
-
-- [BEAST Attack][9]
-- [CRIME Attack][10]
-- [FREAK Attack][11]
-- [Heartbleed][12]
-- [Perfect Forward Secrecy][13]
-- [Dealing with RC4 and BEAST][14]
-
-We are going to edit the nginx settings in the file `/etc/nginx/sited-enabled/yoursite.com` (On Ubuntu/Debian) or in `/etc/nginx/conf.d/nginx.conf` (On RHEL/CentOS).
-
-For the entire tutorial, you need to edit the parts between the `server` block for the server config for port 443 (ssl config). At the end of the tutorial you can find the complete config example.
-
-*Make sure you back up the files before editing them!*
-
-### The BEAST attack and RC4 ###
-
-In short, by tampering with an encryption algorithm's CBC - cipher block chaining - mode's, portions of the encrypted traffic can be secretly decrypted. More info on the above link.
-
-Recent browser versions have enabled client side mitigation for the beast attack. The recommendation was to disable all TLS 1.0 ciphers and only offer RC4. However, [RC4 has a growing list of attacks against it],(http://www.isg.rhul.ac.uk/tls/) many of which have crossed the line from theoretical to practical. Moreover, there is reason to believe that the NSA has broken RC4, their so-called "big breakthrough."
-
-Disabling RC4 has several ramifications. One, users with shitty browsers such as Internet Explorer on Windows XP will use 3DES in lieu. Triple-DES is more secure than RC4, but it is significantly more expensive. Your server will pay the cost for these users. Two, RC4 mitigates BEAST. Thus, disabling RC4 makes TLS 1.0 users susceptible to that attack, by moving them to AES-CBC (the usual server-side BEAST "fix" is to prioritize RC4 above all else). I am confident that the flaws in RC4 significantly outweigh the risks from BEAST. Indeed, with client-side mitigation (which Chrome and Firefox both provide), BEAST is a nonissue. But the risk from RC4 only grows: More cryptanalysis will surface over time.
-
-### Factoring RSA-EXPORT Keys (FREAK) ###
-
-FREAK is a man-in-the-middle (MITM) vulnerability discovered by a group of cryptographers at [INRIA, Microsoft Research and IMDEA][15]. FREAK stands for "Factoring RSA-EXPORT Keys."
-
-The vulnerability dates back to the 1990s, when the US government banned selling crypto software overseas, unless it used export cipher suites which involved encryption keys no longer than 512-bits.
-
-It turns out that some modern TLS clients - including Apple's SecureTransport and OpenSSL - have a bug in them. This bug causes them to accept RSA export-grade keys even when the client didn't ask for export-grade RSA. The impact of this bug can be quite nasty: it admits a 'man in the middle' attack whereby an active attacker can force down the quality of a connection, provided that the client is vulnerable and the server supports export RSA.
-
-There are two parts of the attack as the server must also accept "export grade RSA."
-
-The MITM attack works as follows:
-
-- In the client's Hello message, it asks for a standard 'RSA' ciphersuite.
-- The MITM attacker changes this message to ask for 'export RSA'.
-- The server responds with a 512-bit export RSA key, signed with its long-term key.
-- The client accepts this weak key due to the OpenSSL/SecureTransport bug.
-- The attacker factors the RSA modulus to recover the corresponding RSA decryption key.
-- When the client encrypts the 'pre-master secret' to the server, the attacker can now decrypt it to recover the TLS 'master secret'.
-- From here on out, the attacker sees plaintext and can inject anything it wants.
-
-The ciphersuite offered here on this page does not enable EXPORT grade ciphers. Make sure your OpenSSL is updated to the latest available version and urge your clients to also use upgraded software.
-
-### Heartbleed ###
-
-Heartbleed is a security bug disclosed in April 2014 in the OpenSSL cryptography library, which is a widely used implementation of the Transport Layer Security (TLS) protocol. Heartbleed may be exploited regardless of whether the party using a vulnerable OpenSSL instance for TLS is a server or a client. It results from improper input validation (due to a missing bounds check) in the implementation of the DTLS heartbeat extension (RFC6520), thus the bug's name derives from "heartbeat". The vulnerability is classified as a buffer over-read, a situation where more data can be read than should be allowed.
-
-What versions of the OpenSSL are affected by Heartbleed?
-
-Status of different versions:
-
-- OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable
-- OpenSSL 1.0.1g is NOT vulnerable
-- OpenSSL 1.0.0 branch is NOT vulnerable
-- OpenSSL 0.9.8 branch is NOT vulnerable
-
-The bug was introduced to OpenSSL in December 2011 and has been out in the wild since OpenSSL release 1.0.1 on 14th of March 2012. OpenSSL 1.0.1g released on 7th of April 2014 fixes the bug.
-
-By updating OpenSSL you are not vulnerable to this bug.
-
-### SSL Compression (CRIME attack) ###
-
-The CRIME attack uses SSL Compression to do its magic. SSL compression is turned off by default in nginx 1.1.6+/1.0.9+ (if OpenSSL 1.0.0+ used) and nginx 1.3.2+/1.2.2+ (if older versions of OpenSSL are used).
-
-If you are using al earlier version of nginx or OpenSSL and your distro has not backported this option then you need to recompile OpenSSL without ZLIB support. This will disable the use of OpenSSL using the DEFLATE compression method. If you do this then you can still use regular HTML DEFLATE compression.
-
-### SSLv2 and SSLv3 ###
-
-SSL v2 is insecure, so we need to disable it. We also disable SSLv3, as TLS 1.0 suffers a downgrade attack, allowing an attacker to force a connection to use SSLv3 and therefore disable forward secrecy.
-
-Again edit the config file:
-
- ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
-
-### Poodle and TLS-FALLBACK-SCSV ###
-
-SSLv3 allows exploiting of the [POODLE][16] bug. This is one more major reason to disable this.
-
-Google have proposed an extension to SSL/TLS named [TLSFALLBACKSCSV][17] that seeks to prevent forced SSL downgrades. This is automatically enabled if you upgrade OpenSSL to the following versions:
-
-- OpenSSL 1.0.1 has TLSFALLBACKSCSV in 1.0.1j and higher.
-- OpenSSL 1.0.0 has TLSFALLBACKSCSV in 1.0.0o and higher.
-- OpenSSL 0.9.8 has TLSFALLBACKSCSV in 0.9.8zc and higher.
-
-[More info on the NGINX documentation][18]
-
-### The Cipher Suite ###
-
-Forward Secrecy ensures the integrity of a session key in the event that a long-term key is compromised. PFS accomplishes this by enforcing the derivation of a new key for each and every session.
-
-This means that when the private key gets compromised it cannot be used to decrypt recorded SSL traffic.
-
-The cipher suites that provide Perfect Forward Secrecy are those that use an ephemeral form of the Diffie-Hellman key exchange. Their disadvantage is their overhead, which can be improved by using the elliptic curve variants.
-
-The following two ciphersuites are recommended by me, and the latter by [the Mozilla Foundation][19].
-
-The recommended cipher suite:
-
- ssl_ciphers 'AES128+EECDH:AES128+EDH';
-
-The recommended cipher suite for backwards compatibility (IE6/WinXP):
-
- ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
-
-If your version of OpenSSL is old, unavailable ciphers will be discarded automatically. Always use the full ciphersuite above and let OpenSSL pick the ones it supports.
-
-The ordering of a ciphersuite is very important because it decides which algorithms are going to be selected in priority. The recommendation above prioritizes algorithms that provide perfect forward secrecy.
-
-Older versions of OpenSSL may not return the full list of algorithms. AES-GCM and some ECDHE are fairly recent, and not present on most versions of OpenSSL shipped with Ubuntu or RHEL.
-
-#### Prioritization logic ####
-
-- ECDHE+AESGCM ciphers are selected first. These are TLS 1.2 ciphers and not widely supported at the moment. No known attack currently target these ciphers.
-- PFS ciphersuites are preferred, with ECDHE first, then DHE.
-- AES 128 is preferred to AES 256. There has been [discussions][20] on whether AES256 extra security was worth the cost, and the result is far from obvious. At the moment, AES128 is preferred, because it provides good security, is really fast, and seems to be more resistant to timing attacks.
-- In the backward compatible ciphersuite, AES is preferred to 3DES. BEAST attacks on AES are mitigated in TLS 1.1 and above, and difficult to achieve in TLS 1.0. In the non-backward compatible ciphersuite, 3DES is not present.
-- RC4 is removed entirely. 3DES is used for backward compatibility. See discussion in [#RC4_weaknesses][21]
-
-#### Mandatory discards ####
-
-- aNULL contains non-authenticated Diffie-Hellman key exchanges, that are subject to Man-In-The-Middle (MITM) attacks
-- eNULL contains null-encryption ciphers (cleartext)
-- EXPORT are legacy weak ciphers that were marked as exportable by US law
-- RC4 contains ciphers that use the deprecated ARCFOUR algorithm
-- DES contains ciphers that use the deprecated Data Encryption Standard
-- SSLv2 contains all ciphers that were defined in the old version of the SSL standard, now deprecated
-- MD5 contains all the ciphers that use the deprecated message digest 5 as the hashing algorithm
-
-### Extra settings ###
-
-Make sure you also add these lines:
-
- ssl_prefer_server_ciphers on;
- ssl_session_cache shared:SSL:10m;
-
-When choosing a cipher during an SSLv3 or TLSv1 handshake, normally the client's preference is used. If this directive is enabled, the server's preference will be used instead.
-
-- [More info on sslpreferserver_ciphers][22]
-- [More info on ssl_ciphers][23]
-
-### Forward Secrecy & Diffie Hellman Ephemeral Parameters ###
-
-The concept of forward secrecy is simple: client and server negotiate a key that never hits the wire, and is destroyed at the end of the session. The RSA private from the server is used to sign a Diffie-Hellman key exchange between the client and the server. The pre-master key obtained from the Diffie-Hellman handshake is then used for encryption. Since the pre-master key is specific to a connection between a client and a server, and used only for a limited amount of time, it is called Ephemeral.
-
-With Forward Secrecy, if an attacker gets a hold of the server's private key, it will not be able to decrypt past communications. The private key is only used to sign the DH handshake, which does not reveal the pre-master key. Diffie-Hellman ensures that the pre-master keys never leave the client and the server, and cannot be intercepted by a MITM.
-
-All versions of nginx as of 1.4.4 rely on OpenSSL for input parameters to Diffie-Hellman (DH). Unfortunately, this means that Ephemeral Diffie-Hellman (DHE) will use OpenSSL's defaults, which include a 1024-bit key for the key-exchange. Since we're using a 2048-bit certificate, DHE clients will use a weaker key-exchange than non-ephemeral DH clients.
-
-We need generate a stronger DHE parameter:
-
- cd /etc/ssl/certs
- openssl dhparam -out dhparam.pem 4096
-
-And then tell nginx to use it for DHE key-exchange:
-
- ssl_dhparam /etc/ssl/certs/dhparam.pem;
-
-### OCSP Stapling ###
-
-When connecting to a server, clients should verify the validity of the server certificate using either a Certificate Revocation List (CRL), or an Online Certificate Status Protocol (OCSP) record. The problem with CRL is that the lists have grown huge and takes forever to download.
-
-OCSP is much more lightweight, as only one record is retrieved at a time. But the side effect is that OCSP requests must be made to a 3rd party OCSP responder when connecting to a server, which adds latency and potential failures. In fact, the OCSP responders operated by CAs are often so unreliable that browser will fail silently if no response is received in a timely manner. This reduces security, by allowing an attacker to DoS an OCSP responder to disable the validation.
-
-The solution is to allow the server to send its cached OCSP record during the TLS handshake, therefore bypassing the OCSP responder. This mechanism saves a roundtrip between the client and the OCSP responder, and is called OCSP Stapling.
-
-The server will send a cached OCSP response only if the client requests it, by announcing support for the status_request TLS extension in its CLIENT HELLO.
-
-Most servers will cache OCSP response for up to 48 hours. At regular intervals, the server will connect to the OCSP responder of the CA to retrieve a fresh OCSP record. The location of the OCSP responder is taken from the Authority Information Access field of the signed certificate.
-
-- [View my tutorial on enabling OCSP stapling on NGINX][24]
-
-### HTTP Strict Transport Security ###
-
-When possible, you should enable [HTTP Strict Transport Security (HSTS)][25], which instructs browsers to communicate with your site only over HTTPS.
-
-- [View my article on HTST to see how to configure it.][26]
-
-### HTTP Public Key Pinning Extension ###
-
-You should also enable the [HTTP Public Key Pinning Extension][27].
-
-Public Key Pinning means that a certificate chain must include a whitelisted public key. It ensures only whitelisted Certificate Authorities (CA) can sign certificates for `*.example.com`, and not any CA in your browser store.
-
-I've written an article about it that has background theory and configuration examples for Apache, Lighttpd and NGINX: [https://raymii.org/s/articles/HTTPPublicKeyPinningExtension_HPKP.html][28]
-
-### Config Example ###
-
- server {
-
- listen [::]:443 default_server;
-
- ssl on;
- ssl_certificate_key /etc/ssl/cert/raymii_org.pem;
- ssl_certificate /etc/ssl/cert/ca-bundle.pem;
-
- ssl_ciphers 'AES128+EECDH:AES128+EDH:!aNULL';
-
- ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
- ssl_session_cache shared:SSL:10m;
-
- ssl_stapling on;
- ssl_stapling_verify on;
- resolver 8.8.4.4 8.8.8.8 valid=300s;
- resolver_timeout 10s;
-
- ssl_prefer_server_ciphers on;
- ssl_dhparam /etc/ssl/certs/dhparam.pem;
-
- add_header Strict-Transport-Security max-age=63072000;
- add_header X-Frame-Options DENY;
- add_header X-Content-Type-Options nosniff;
-
- root /var/www/;
- index index.html index.htm;
- server_name raymii.org;
-
- }
-
-### Conclusion ###
-
-If you have applied the above config lines you need to restart nginx:
-
- # Check the config first:
- /etc/init.d/nginx configtest
- # Then restart:
- /etc/init.d/nginx restart
-
-Now use the [SSL Labs test][29] to see if you get a nice A. And, of course, have a safe, strong and future proof SSL configuration!
-
-- [Also read the Mozilla page on the subject][30]
-
---------------------------------------------------------------------------------
-
-via: https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html
-
-作者:[Remy van Elst][a]
-译者:[译者ID](https://github.com/译者ID)
-校对:[校对者ID](https://github.com/校对者ID)
-
-本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
-
-[a]:https://raymii.org/
-[1]:https://www.ssllabs.com/ssltest/analyze.html?d=raymii.org
-[2]:https://cipherli.st/
-[3]:https://www.digitalocean.com/?refcode=7435ae6b8212
-[4]:http://blog.ivanristic.com/2014/01/ssl-labs-stricter-security-requirements-for-2014.html
-[5]:https://raymii.org/s/tutorials/Strong_SSL_Security_On_Apache2.html
-[6]:https://raymii.org/s/tutorials/Pass_the_SSL_Labs_Test_on_Lighttpd_%28Mitigate_the_CRIME_and_BEAST_attack_-_Disable_SSLv2_-_Enable_PFS%29.html
-[7]:http://www.bsdnow.tv/episodes/2014_08_20-engineering_nginx
-[8]:http://www.bsdnow.tv/tutorials/nginx
-[9]:https://en.wikipedia.org/wiki/Transport_Layer_Security#BEAST_attack
-[10]:https://en.wikipedia.org/wiki/CRIME_%28security_exploit%29
-[11]:http://blog.cryptographyengineering.com/2015/03/attack-of-week-freak-or-factoring-nsa.html
-[12]:http://heartbleed.com/
-[13]:https://en.wikipedia.org/wiki/Perfect_forward_secrecy
-[14]:https://en.wikipedia.org/wiki/Transport_Layer_Security#Dealing_with_RC4_and_BEAST
-[15]:https://www.smacktls.com/
-[16]:https://raymii.org/s/articles/Check_servers_for_the_Poodle_bug.html
-[17]:https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00
-[18]:http://wiki.nginx.org/HttpSslModule#ssl_protocols
-[19]:https://wiki.mozilla.org/Security/Server_Side_TLS
-[20]:http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg11247.html
-[21]:https://wiki.mozilla.org/Security/Server_Side_TLS#RC4_weaknesses
-[22]:http://wiki.nginx.org/HttpSslModule#ssl_prefer_server_ciphers
-[23]:http://wiki.nginx.org/HttpSslModule#ssl_ciphers
-[24]:https://raymii.org/s/tutorials/OCSP_Stapling_on_nginx.html
-[25]:https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security
-[26]:https://raymii.org/s/tutorials/HTTP_Strict_Transport_Security_for_Apache_NGINX_and_Lighttpd.html
-[27]:https://wiki.mozilla.org/SecurityEngineering/Public_Key_Pinning
-[28]:https://raymii.org/s/articles/HTTP_Public_Key_Pinning_Extension_HPKP.html
-[29]:https://www.ssllabs.com/ssltest/
-[30]:https://wiki.mozilla.org/Security/Server_Side_TLS
\ No newline at end of file
diff --git a/sources/tech/20150417 How to Install Discourse in a Docker Container.md b/sources/tech/20150417 How to Install Discourse in a Docker Container.md
deleted file mode 100644
index c916bda8f2..0000000000
--- a/sources/tech/20150417 How to Install Discourse in a Docker Container.md
+++ /dev/null
@@ -1,160 +0,0 @@
-How to Install Discourse in a Docker Container
-================================================================================
-Hi all, today we'll learn how to install Discourse using Docker Platform. Discourse is the 100% open source discussion platform built for the next decade of the Internet featuring as a mailing list, a discussion forum and a long-form chat room. It is a smart way of attempt to reimagine what a modern, sustainable, fully open-source Internet discussion platform should be today, both from a technology standpoint and a sociology standpoint. Discourse is simple, clean, and straightforward way for discussion. It is really an awesome platform for any kinds of discussions on internet featuring such a cool services out of the box. Docker is an open source platform that provides an open platform to pack, ship and run any application as a lightweight container. Docker containers makes Discourse a lot handy and easy to setup app.
-
-So, here are some quick and easy steps in order to install Discourse inside a Docker environment.
-
-### 1. Installing Docker ###
-
-First of all, we need to make sure that we have Docker installed in our host Operating System. To install, we'll need to the run the following command in a shell or terminal.
-
-#### On Ubuntu ####
-
-Package docker is available in Ubuntu's repository so, we'll be using apt manager to install it in sudo or root mode.
-
- # apt-get install docker
-
-#### On CentOS 7 ####
-
-On CentOS 7 machine, we'll use yum manager to install docker as it is also available in CentOS's repository.
-
- # yum install docker
-
-
-
-### 2. Setting Swap Memory ###
-
-If you have RAM size less than 1 GB then, make sure you upgrade your system to 1 GB or above cause Discourse doesn't get installed in 512 MB RAM. If you are now ready to install Discourse with 1 GB or above, follow the following steps to setup swap memory for you VPS or Server.
-
-We'll create an empty swapfile by running the following command.
-
- # install -o root -g root -m 0600 /dev/null /swapfile
-
-If you want your swap memory to be 1 GB, then do the below step and skip the next step.
-
- # dd if=/dev/zero of=/swapfile bs=1k count=1024k
-
-if you want it to be 2 GB, follow the below. Make sure you skip the above step.
-
- # dd if=/dev/zero of=/swapfile bs=1k count=2048k
-
-Then, we'll point Swap Memory as swapfile .
-
- #mkswap /swapfile
-
-To activate it run the following command.
-
- #swapon /swapfile
-
-Now, we'll add it to the file system table so its there after reboot:
-
- # echo "/swapfile swap swap auto 0 0" | sudo tee -a /etc/fstab
-
-Set the swappiness to 10 so its only uses as an emergency buffer.
-
- # sudo sysctl -w vm.swappiness=10
- # echo vm.swappiness = 10 | sudo tee -a /etc/sysctl.conf
-
-### 3. Installing Discourse ###
-
-After installing Docker in our host machine, we'll now go further towards installing Discourse. We'll now clone Discourse from the official Discourse Github into /var/discourse directory. To do so, we'll need to run the following command.
-
- # mkdir /var/discourse/
-
- # cd /var/discourse/
-
- # git clone https://github.com/discourse/discourse_docker.git /var/discourse/
-
-After cloning the git repository, we'll copy the configuration file for our discourse server.
-
- # cp samples/standalone.yml containers/app.yml
-
-
-
-### 4. Configuring Discourse ###
-
-Next, we'll edit the discourse configuration ie app.yml located inside containers directory using our favorite text editor.
-
- # nano containers/app.yml
-
-Now, we need to set the developer's email address to DISCOURSE_DEVELOPER_EMAILS as follows.
-
- DISCOURSE_DEVELOPER_EMAILS: 'arun@linoxide.com'
-
-Then, we'll set the hostname as the domain name of our server.
-
- DISCOURSE_HOSTNAME: 'discourse.linoxide.com'
-
-Then, set the mail credentials per our SMTP Server hosted in the same discourse machine or vps. The SMTP settings are required to send mail from your Discourse instance
-
- DISCOURSE_SMTP_ADDRESS: smtp.linoxide.com
- DISCOURSE_SMTP_PORT: 587 # (optional)
- DISCOURSE_SMTP_USER_NAME: admin@linoxide.com # (optional)
- DISCOURSE_SMTP_PASSWORD: test123 # (optional)
-
-
-
- Discourse Configuration
-
-If you are using a 1 GB instance, set UNICORN_WORKERS to 2 and db_shared_buffers to 128MB so you have more memory room.
-
-It is compulsory to create a mailing server to run Discourse. If you have a server then its cool, we can use its credentials. If you have no existing mail server, or you don't know what it is? No problem, create a free account on [Mandrill][1] ([Mailgun][2], or [Mailjet][3]), and use the credentials provided in the dashboard.
-
-### 5. Starting Discourse App ###
-
-After configuring the discourse configuration file, we'll surely wanna start our Discourse server. To do so, first we'll launch discourse bootstrap by running the following command under the current directory ie /var/discourse/ .
-
- # ./launcher bootstrap app
-
-
-
-The above command may take some minutes which automatically configures our Discourse environment. Then, after the processes are finished, we'll need to run the following to start our Discourse App.
-
- #./launcher start app
-
-
-
-If everything went as expected accordingly, we'll be able to access our fresh Discourse Web Interface using our favorite Web Browser by pointing the url to http://ip-address/ or http://discourse.linoxide.com/ . Then, we can create a new account and become admin.
-
-
-
-### Maintenance ###
-
-Here below are the usages of the launcher command inside /var/discourse/ directory so that we can commit maintenance and control over the Discourse Docker Container.
-
- Usage: launcher COMMAND CONFIG [--skip-prereqs]
- Commands:
- start: Start/initialize a container
- stop: Stop a running container
- restart: Restart a container
- destroy: Stop and remove a container
- enter: Use nsenter to enter a container
- ssh: Start a bash shell in a running container
- logs: Docker logs for container
- mailtest: Test the mail settings in a container
- bootstrap: Bootstrap a container for the config based on a template
- rebuild: Rebuild a container (destroy old, bootstrap, start new)
- cleanup: Remove all containers that have stopped for > 24 hours
-
- Options:
- --skip-prereqs Don't check prerequisites
- --docker-args Extra arguments to pass when running docker
-
-### Conclusion ###
-
-Hurray! We have successfully installed Discourse with Docker Technology. Docker technology makes Discourse very much easy to install in any Platform with all the requirement fulfilled. We need our own mailing server or credentials of a mailing server to get started with it. It is a great platform for easy modern mailing list, discussion platform.
-
---------------------------------------------------------------------------------
-
-via: http://linoxide.com/how-tos/install-discourse-docker-container/
-
-作者:[Arun Pyasi][a]
-译者:[译者ID](https://github.com/译者ID)
-校对:[校对者ID](https://github.com/校对者ID)
-
-本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
-
-[a]:http://linoxide.com/author/arunp/
-[1]:https://mandrillapp.com/
-[2]:http://www.mailgun.com/
-[3]:https://www.mailjet.com/pricing
\ No newline at end of file
diff --git a/sources/tech/20150417 How to Install Linux Kernel 4.0 from Elrepo or Source on Ubuntu or CentOs.md b/sources/tech/20150417 How to Install Linux Kernel 4.0 from Elrepo or Source on Ubuntu or CentOs.md
deleted file mode 100644
index 3e2c0bd509..0000000000
--- a/sources/tech/20150417 How to Install Linux Kernel 4.0 from Elrepo or Source on Ubuntu or CentOs.md
+++ /dev/null
@@ -1,147 +0,0 @@
-How to Install Linux Kernel 4.0 from Elrepo / Source on Ubuntu / CentOs
-================================================================================
-Hi everyone, today we'll learn how to install the latest Linux Kernel 4.0 from Elrepo and compiling using Source. Linux Kernel 4.0 is the latest Mainline Kernel codenamed ‘Hurr durr I’m a sheep’ till date. It is the kernel released after the stable released of 3.19.4 . April 12 is considered as a big day for all fans of the Open Source movement, as Linus Torvalds announced the release of Linux Kernel 4.0 and its immediate availability. It is considered as a big release as it consists of some awesome features which includes no-reboot patching (Live Patching), New and Updated Drivers, New and Latest Hardware Support and more interesting features with a new version change. But Kernel 4.0 is not considered as a huge release as expected but Linus announced that 4.1 is expected for a bigger release. The Live Patching feature was already integrated with the SUSE Enterprise Linux operating system. Here is the [release announcement][1] you can check for more details about the release.
-
-> **WARNING**: Installing a new kernel may render your system unusable or unstable. If you proceed with the installation using the instructions below, make sure you back up any important data you have to an external hard drive.
-
-### Installing Linux Kernel 4.0 on Ubuntu 15.04 ###
-
-If you are running an Ubuntu 15.04 Distribution of Linux. You can simply install it straight from Ubuntu Kernel site. To install the latest Linux Kernel 4.0 in your Ubuntu 15.04, you'll need to run the following commands under root access in a shell or a terminal.
-
-#### On a 64-bit Ubuntu 15.04 ####
-
- $ wget http://kernel.ubuntu.com/~kernel-ppa/mainline/v4.0-vivid/linux-headers-4.0.0-040000-generic_4.0.0-040000.201504121935_amd64.deb
-
- $ sudo dpkg -i linux-headers-4.0.0*.deb linux-image-4.0.0*.deb
-
-#### On a 32-bit Ubuntu 15.04 ####
-
- $ wget http://kernel.ubuntu.com/~kernel-ppa/mainline/v4.0-vivid/linux-headers-4.0.0-040000-generic_4.0.0-040000.201504121935_i386.deb
-
- $ sudo dpkg -i linux-headers-4.0.0*.deb linux-image-4.0.0*.deb
-
-### Installing Linux Kernel 4.0 on CentOS 7 ###
-
-We can easily install Linux Kernel 4.0 using two ways in CentOS 7 .
-
-1. Installing from Elrepo Repository
-1. Compiling and installing from the Source Code
-
-First we'll gonna go for installing using ELRepo as its the easiest way to do.
-
-#### Installing using Elrepo ####
-
-**1. Downloading and Installing ELRepo**
-
-We'll first gonna download the GPG key of ELRepo and install the relrepo-release package. As we're running CentOS 7, we'll gonna install elrepo-release-7.0-2.el7.elrepo.noarch.rpm using the command below.
-
-Note: If you have a secure boot enabled please see [this page for more information][2].
-
- # rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
- # rpm -Uvh http://www.elrepo.org/elrepo-release-7.0-2.el7.elrepo.noarch.rpm
-
-
-
-**2. Updating Linux Kernel to version 4.0**
-
-Now, we'll gonna install the latest stable kernel 4.0 from the ELRepo repository. To do so, we'll need to enter the following commands in a shell or terminal of the CentOS 7.
-
- # yum --enablerepo=elrepo-kernel install kernel-ml
-
-
-
-The above command will automatically install the Linux Kernel 4.0 build for CentOS 7.
-
-Now, here below is the another way of installing the latest kernel 4.0 by compiling from the source.
-
-#### Compiling and Installing from the Source ####
-
-**1. Installing the Dependencies**
-
-So, first of all we'll need to install the dependencies required to compile the linux kernel. To do so, we'll need to run the following command in a terminal or a shell.
-
- # yum groupinstall "Development Tools"
-
- # yum install gcc ncurses ncurses-devel
-
-
-
-Then, we'll gonna update our whole system.
-
- # yum update
-
-**2. Downloading the source**
-
-We'll now download the latest release linux kernel 4.0 source using wget command from the official repository of Linux Kernel. You can also download the kernel directly from the site [kernel.org][3] using your web browser also.
-
- # cd /tmp/
- # wget https://www.kernel.org/pub/linux/kernel/v4.x/linux-4.0.tar.xz
-
-
-
-**3. Extracting the tarball**
-
-Once the file is downloaded we'll extract it under /usr/src/ directory by running the below command.
-
- # tar -xf linux-4.0.tar.xz -C /usr/src/
- # cd /usr/src/linux-4.0/
-
-
-
-**4. Configuring**
-
-We have two options to configure the Linux Kernel. We can either create a new custom configuration or use the old configuration to build and install the Linux Kernel. It all depends on what you really want.
-
-**For New Kernel Configuration**
-
-Now we'll run the make menuconfig command in the shell or terminal to configure the Linux kernel. Once we've executed the below command a pop up window with all the menus appears. Here we can select our new kernel configuration. If you unfamiliar with these menus, just hit double ESC key to exit.
-
- # make menuconfig
-
-
-
-**For Old Configuration**
-
-If you like to configure your latest kernel with your old configuration then simple type the below command. If you were asked any stuff, you can choose with Y or N or you can simply press Enter to continue.
-
- # make oldconfig
-
-#### Step 5. Compiling the Linux Kernel ####
-
-Next, we'll execute the make command to compile the Kernel 4.0 . The compilation would take at least 20-30 minutes depends on your system configuration.
-
-Note: If you got an error while compiling the kernel saying bc command not found. You can fix that by installing bc using the command **yum install bc** .
-
- # make
-
-
-#### 6. Installing Linux Kernel 4.0 ####
-
-Once the compilation is completed, we'll now finally install the **Kernel** in our Linux System. The below command will create files under /boot directory and also makes a new kernel entry in the Grub Menu.
-
- # make modules_install install
-
-#### 7. Verifying Kernel ####
-
-After installing our latest kernel 4.0 we'll want to verify it. To do so we'll just type the following command on the terminal. If everything went fine, we'll get the kernel version ie. 4.0 enlisted in the output below.
-
- # uname -r
-
-#### Conclusion ####
-
-Hurray, we have successfully installed the latest version of linux kernel ie 4.0 in our CentOS 7 Operating System. Upgrading a linux kernel is always not necessary cause the hardware you got working with the previous version of it may not get working with the newer version. We should make sure that the it includes the features and stuffs that are necessary to make your hardware working. But mostly, the newer stable versions of kernel makes your hardware performance better. So, if you have any questions, comments, feedback please do write on the comment box below and let us know what stuffs needs to be added or improved. Thank You! Enjoy the latest stable version of Linux Kernel 4.0 :-)
-
---------------------------------------------------------------------------------
-
-via: http://linoxide.com/how-tos/install-linux-kernel-4-0-elrepo-source/
-
-作者:[Arun Pyasi][a]
-译者:[译者ID](https://github.com/译者ID)
-校对:[校对者ID](https://github.com/校对者ID)
-
-本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
-
-[a]:http://linoxide.com/author/arunp/
-[1]:http://lkml.iu.edu/hypermail/linux/kernel/1504.1/03198.html
-[2]:http://elrepo.org/tiki/SecureBootKey
-[3]:http://kernel.org/
\ No newline at end of file
diff --git a/sources/tech/20150417 sshuttle--A transparent proxy-based VPN using ssh.md b/sources/tech/20150417 sshuttle--A transparent proxy-based VPN using ssh.md
deleted file mode 100644
index 297f411840..0000000000
--- a/sources/tech/20150417 sshuttle--A transparent proxy-based VPN using ssh.md
+++ /dev/null
@@ -1,93 +0,0 @@
-sshuttle - 一个使用ssh的基于VPN的透明代理
-================================================================================
-sshuttle允许你通过ssh创建一条从你电脑连接到任何远程服务器的VPN连接,只要你的服务器支持python2.3 或则更高的版本, 你必须有本机的root权限,但是你可以在服务端有普通账户即可。
-
-你可以在一台机器上同时运行多次sshuttle来连接到不同的服务器上,这样你就可以一次使用多个VPN, sshuttle可以转发你子网所有流量到VPN中。
-
-
-### 在Ubuntu中安装sshuttle ###
-
-在终端中输入下面的命令
-
- sudo apt-get install sshuttle
-
-### 使用 sshuttle ###
-
-#### sshuttle 语法 ####
-
- sshuttle [options...] [-r [username@]sshserver[:port]] [subnets]
-
-#### Option 细节 ####
-
--r, —remote=[username@]sshserver[:port]
-
-远程主机名和可选的用户名,用于连接远程服务器的ssh端口号。比如example.com、testuser@example.com、testuser@example.com:2222或者example.com:2244。
-
-#### sshuttle 例子 ####
-
-在机器中使用下面的命令:
-
- sudo sshuttle -r username@sshserver 0.0.0.0/0 -vv
-
-当开始后,sshuttle会创建一个ssh会话到通过-r指定的服务器。如果-r被忽略了,它会在本地运行客户端和服务端,这个有时会在测试时有用。
-
-连接到远程服务器后,sshuttle会上传它的(python)源码到远程服务器并执行。那么,你就不需要在远程服务器上安装sshuttle,并且客户端和服务器端间不会存在sshuttle版本冲突。
-
-#### 手册中的更多例子 ####
-
-代理所有的本地连接用于本地测试,没有使用ssh:
-
- $ sudo sshuttle -v 0/0
-
- Starting sshuttle proxy.
- Listening on (‘0.0.0.0′, 12300).
- [local sudo] Password:
- firewall manager ready.
- c : connecting to server...
- s: available routes:
- s: 192.168.42.0/24
- c : connected.
- firewall manager: starting transproxy.
- c : Accept: ‘192.168.42.106':50035 -> ‘192.168.42.121':139.
- c : Accept: ‘192.168.42.121':47523 -> ‘77.141.99.22':443.
- ...etc...
- ^C
- firewall manager: undoing changes.
- KeyboardInterrupt
- c : Keyboard interrupt: exiting.
- c : SW#8:192.168.42.121:47523: deleting
- c : SW#6:192.168.42.106:50035: deleting
-
-测试到远程服务器上的连接,自动猜测主机名和子网:
-
- $ sudo sshuttle -vNHr example.org
-
- Starting sshuttle proxy.
- Listening on (‘0.0.0.0′, 12300).
- firewall manager ready.
- c : connecting to server...
- s: available routes:
- s: 77.141.99.0/24
- c : connected.
- c : seed_hosts: []
- firewall manager: starting transproxy.
- hostwatch: Found: testbox1: 1.2.3.4
- hostwatch: Found: mytest2: 5.6.7.8
- hostwatch: Found: domaincontroller: 99.1.2.3
- c : Accept: ‘192.168.42.121':60554 -> ‘77.141.99.22':22.
- ^C
- firewall manager: undoing changes.
- c : Keyboard interrupt: exiting.
- c : SW#6:192.168.42.121:60554: deleting
-
---------------------------------------------------------------------------------
-
-via: http://www.ubuntugeek.com/sshuttle-a-transparent-proxy-based-vpn-using-ssh.html
-
-作者:[ruchi][a]
-译者:[geekpi](https://github.com/geekpi)
-校对:[校对者ID](https://github.com/校对者ID)
-
-本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
-
-[a]:http://www.ubuntugeek.com/author/ubuntufix
diff --git a/sources/tech/20150423 20 Awesome Docker Containers for a Desktop User.md b/sources/tech/20150423 20 Awesome Docker Containers for a Desktop User.md
new file mode 100644
index 0000000000..060aeb755d
--- /dev/null
+++ b/sources/tech/20150423 20 Awesome Docker Containers for a Desktop User.md
@@ -0,0 +1,237 @@
+20 Awesome Docker Containers for a Desktop User
+================================================================================
+Greetings to everyone, today we'll list out some awesome Desktop Apps that we can run using Docker Containers in our very own Desktop running Docker. Docker is an Open Source project that provides an open platform to pack, ship and run any application as a lightweight container. It has no boundaries of Language support, Frameworks or packaging system and can be run anywhere, anytime from a small home computers to high-end servers. It makes them great building blocks for deploying and scaling web apps, databases, and back-end services without depending on a particular stack or provider. It is basically used by the developers, Ops and Engineers as it is easy, fast and handy tool for testing or deploying their products but we can also use Docker for our Desktop usage to run a desktop apps out of the box.
+
+So here are some awesome 10 Desktop Application Docker images that we can run with Docker.
+
+### 1. Lynx ###
+
+Lynx is a all time favorite text-based web browser which is a lot familiar to most of the people running Linux. It is the oldest web browser currently in general use and development. To run Lynx, run the following command.
+
+ $ docker run -it \
+ --name lynx \
+ jess/lynx
+
+### 2. Irssi ###
+
+Irssi is an awesome IRC Client which is based on Text Interface. To run Irssi using docker, we'll need to run the following commands in a docker installed desktop computer.
+
+ docker run -it --name my-irssi -e TERM -u $(id -u):$(id -g) \
+ -v $HOME/.irssi:/home/user/.irssi:ro \
+ -v /etc/localtime:/etc/localtime:ro \
+ irssi
+
+### 3. Chrome ###
+
+Chrome is an awesome GUI-based web browser developed by Google and is based on Open Source Project Chromium. Google Chrome is widely used, fast and secure web browser that are very much familiar to most of the people who surf internet. We can run Chrome using docker by running the following command.
+
+ $ docker run -it \
+ --net host \
+ --cpuset 0 \
+ --memory 512mb \
+ -v /tmp/.X11-unix:/tmp/.X11-unix \
+ -e DISPLAY=unix$DISPLAY \
+ -v $HOME/Downloads:/root/Downloads \
+ -v $HOME/.config/google-chrome/:/data \
+ -v /dev/snd:/dev/snd --privileged \
+ --name chrome \
+ jess/chrome
+
+### 4. Tor Browser ###
+
+Tor Browser is a web browser which support anonymous features. It enables us freedom to surf website or services blocked by a particular organization or ISPs. It prevents somebody watching our Internet connection from learning what we do on internet and our exact location. To run Tor Browser, run the following command.
+
+ $ docker run -it \
+ -v /tmp/.X11-unix:/tmp/.X11-unix \
+ -e DISPLAY=unix$DISPLAY \
+ -v /dev/snd:/dev/snd --privileged \
+ --name tor-browser \
+ jess/tor-browser
+
+### 5. Firefox Browser ###
+
+Firefox Browser is a free and open source web browser which is developed by Mozilla Foundation. It is run by Gecko and SpiderMonkey engines. Firefox Browser has a lot of new features and is specially known for its performance and security.
+
+ $ docker run -d \
+ --name firefox \
+ -e DISPLAY=$DISPLAY \
+ -v /tmp/.X11-unix:/tmp/.X11-unix \
+ kennethkl/firefox
+
+### 6. Rainbow Stream ###
+
+Rainbow Stream is a terminal based Twitter Client featuring real time tweetstream, compose, search , favorite and much more fun directly from terminal. To run Rainbow Stream, run the following command.
+
+ $ docker run -it \
+ -v /etc/localtime:/etc/localtime \
+ -v $HOME/.rainbow_oauth:/root/.rainbow_oauth \
+ -v $HOME/.rainbow_config.json:/root/.rainbow_config.json \
+ --name rainbowstream \
+ jess/rainbowstream
+
+### 7. Gparted ###
+
+Gparted is an open source software which allows us to partition disks. Now enjoy partitioning from a docker container. To run gparted, we'll need to run the following command.
+
+ $ docker run -it \
+ -v /tmp/.X11-unix:/tmp/.X11-unix \
+ -e DISPLAY=unix$DISPLAY \
+ --device /dev/sda:/dev/sda \ # mount the device to partition
+ --name gparted \
+ jess/gparted
+
+### 8. GIMP Editor ###
+
+GIMP stands for Gnu Image Manipulation Program which is an awesome tool on Linux for graphics, image editing platform. It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring.
+
+ $ docker run -it \
+ --rm -e DISPLAY=$DISPLAY \
+ -v /tmp/.X11-unix:/tmp/.X11-unix \
+ jarfil/gimp-git
+
+### 9. Thunderbird ###
+
+Thunderbird is also a free and open source email application which is developed and maintained by Mozilla Foundation. It has tons of features that an email application software should have. Thunderbird is really easy to setup and customize. To run Thunderbird in a Docker environment, run the following command.
+
+ $ docker run -d \
+ -e DISPLAY \
+ -v /tmp/.X11-unix:/tmp/.X11-unix:ro \
+ -u docker \
+ -v $HOME/docker-data/thunderbird:/home/docker/.thunderbird/ \
+ yantis/thunderbird thunderbird
+
+### 10. Mutt ###
+
+Mutt is a text based email client which has bunches of cool features including color support, IMAP, POP3, SMTP support, mail storing support and much more. To run Mutt out of the box using docker, we'll need to run the following command.
+
+ $ docker run -it \
+ -v /etc/localtime:/etc/localtime \
+ -e GMAIL -e GMAIL_NAME \
+ -e GMAIL_PASS -e GMAIL_FROM \
+ -v $HOME/.gnupg:/home/user/.gnupg \
+ --name mutt \
+ jess/mutt
+
+### 11. Skype ###
+
+Skype is an instant messaging, video calling software which is not open source but can be run awesome in linux. We can run Skype using Docker Containers too. To run Skype using a docker, run the following command.
+
+ $ docker run -it \
+ -v /tmp/.X11-unix:/tmp/.X11-unix:ro \
+ -v /dev/snd:/dev/snd --privileged \
+ -e DISPLAY="unix$DISPLAY" \
+ tianon/skype
+
+### 12. Cathode ###
+
+Cathode is a beautiful fully customizable terminal app with a look inspired by classic computers. We can run Cathode by running the below command.
+
+ $ docker run -it \
+ -v /tmp/.X11-unix:/tmp/.X11-unix \
+ -e DISPLAY=unix$DISPLAY \
+ --name cathode \
+ jess/1995
+
+### 13. LibreOffice ###
+
+LibreOffice is a powerful office suite which is free and open source and is maintained by The Document Foundation. It has clean interface and is a powerful tools that lets us unleash our creativity and grow our productivity. LibreOffice embeds several applications that make it the most powerful Free & Open Source Office suite on the market.
+
+ $docker run \
+ -v $HOME/Documents:/home/libreoffice/Documents:rw \
+ -v /tmp/.X11-unix:/tmp/.X11-unix \
+ -e uid=$(id -u) -e gid=$(id -g) \
+ -e DISPLAY=unix$DISPLAY --name libreoffice \
+ chrisdaish/libreoffice
+
+### 14. Spotify ###
+
+Spotify gives us instant access to millions of songs from old favorites to the latest hits. To listen our favorite songs using docker, run the following command.
+
+ $ docker run -it \
+ -v /tmp/.X11-unix:/tmp/.X11-unix \
+ -e DISPLAY=unix$DISPLAY \
+ -v /dev/snd:/dev/snd --privileged \
+ --name spotify \
+ jess/spotify
+
+### 15. Audacity ###
+
+Audacity is free and open source cross-platform software for recording and editing sounds. Audacity can be used for post-processing of all types of audio, including podcasts by adding effects such as normalization, trimming, and fading in and out. To run Audacity, we'll need to run the following command in a terminal or shell.
+
+ $ docker run --rm \
+ -u $(id -u):$(id -g) \
+ -v /tmp/.X11-unix:/tmp/.X11-unix:ro \
+ -v /dev/snd:/dev/snd \
+ -v "$HOME:$HOME" \
+ -w "$HOME" \
+ -e DISPLAY="unix$DISPLAY" \
+ -e HOME \
+ $(find /dev/snd/ -type c | sed 's/^/--device /') \
+ knickers/audacity
+
+### 16. Eclipse ###
+
+Eclipse is an integrated development environment (IDE). It contains a base workspace and an extensible plug-in system for customizing the environment. It is mostly used to develop Java Based Applications.
+
+ $ docker run -v ~/workspace/:/home/eclipse/workspace/ \
+ -e DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix:ro \
+ -d leesah/eclipse
+
+### 17. VLC Media Player ###
+
+VLC is a free and open source cross-platform multimedia player and framework that plays most multimedia files as well as DVDs, Audio CDs, VCDs, and various streaming protocols. VLC Media Player is developed and maintained by VideoLAN Organization. To run VLC in docker environment, run the following command.
+
+ $ docker run -v\
+ $HOME/Documents:/home/vlc/Documents:rw \
+ -v /dev/snd:/dev/snd --privileged \
+ -v /tmp/.X11-unix:/tmp/.X11-unix \
+ -e uid=$(id -u) -e gid=$(id -g) \
+ -e DISPLAY=unix$DISPLAY --name vlc \
+ chrisdaish/vlc
+
+### 18. Vim Editor ###
+
+Vim is a highly configurable text-based text editor built to enable efficient text editing. It is an improved version of the vi editor distributed with most UNIX systems.
+
+ $ docker run -i -t --name my-vim -v ~/:/home/dev/src haron/vim
+
+### 19. Inkscape ###
+
+Inkscape is a free and open-source vector graphics editor. It can create, edit vector graphics such as illustrations, diagrams, line arts, charts, logos and even complex paintings. Inkscape's primary vector graphics format is Scalable Vector Graphics (SVG) version 1.1. It can import from or export to several other formats as well but all editing workflow must inevitably occur within the constraints of SVG format.
+
+ $docker build -t rasch/inkscape --rm .
+ $ docker run --rm -e DISPLAY \
+ -u inkscaper
+ -v /tmp/.X11-unix:/tmp/.X11-unix \
+ -v $HOME/.Xauthority:/home/inkscaper/.Xauthority \
+ --net=host rasch/inkscape
+
+### 20. Filezilla ###
+
+Filezilla is a free FTP solution application software. It supports FTP, SFTP, FTPS protocols. It is a powerful file management tool for client side. It is an awesome open source FTP project which is highly reliable and easy to use.
+
+ $ xhost +si:localuser:$(whoami)
+ $ docker run \
+ -d \
+ -e DISPLAY \
+ -v /tmp/.X11-unix:/tmp/.X11-unix:ro \
+ -u docker \
+ -v /:/host \
+ -v $HOME/docker-data/filezilla:/home/docker/.config/filezilla/ \
+ yantis/filezilla filezilla
+
+### Conclusion ###
+
+Running desktop application software using Docker is really an awesome experience. Docker is really an awesome platform for fast and easy development, shipping and deployment of software and packages in any place from home to office to production areas. Running desktop apps with docker is a cool way to try out the apps without really installing it into the host filesystem. So, if you have any questions, comments, feedback please do write on the comment box below and let us know what stuffs needs to be added or improved. Thank You! Enjoy with Docker :-)
+
+--------------------------------------------------------------------------------
+
+via: http://linoxide.com/how-tos/20-docker-containers-desktop-user/
+
+作者:[Arun Pyasi][a]
+译者:[译者ID](https://github.com/译者ID)
+校对:[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[a]:http://linoxide.com/author/arunp/
\ No newline at end of file
diff --git a/sources/tech/20150427 15 Things to Do After Installing Ubuntu 15.04 Desktop.md b/sources/tech/20150427 15 Things to Do After Installing Ubuntu 15.04 Desktop.md
new file mode 100644
index 0000000000..179aa139bd
--- /dev/null
+++ b/sources/tech/20150427 15 Things to Do After Installing Ubuntu 15.04 Desktop.md
@@ -0,0 +1,299 @@
+Translating by ZTinoZ
+15 Things to Do After Installing Ubuntu 15.04 Desktop
+================================================================================
+This tutorial is intended for beginners and covers some basic steps on what to do after you have installed Ubuntu 15.04 “Vivid Vervet” Desktop version on your computer in order to customize the system and install basic programs for daily usage.
+
+
+15 Things to Do After Installing Ubuntu 15.04
+
+### 1. Enable Ubuntu Extra Repositories and Update the System ###
+
+The first thing you should take care of after a fresh installation of Ubuntu is to enable Ubuntu Extra Repositories provided by official Canonical Partners and keep an up-to-date system with the last security patches and software updates.
+
+In order to accomplish this step, open from the left Launcher System Settings -> Software and Updates utility and check all Ubuntu Software and Other Software (Canonical Partners) repositories. After you finish hit the Close button and wait for the utility to Reload the cache sources tree.
+
+
+Software Updates
+
+
+Other Software (Canonical Partners)
+
+For a fast and smooth update process, open a Terminal and issue the following command in order to update the system using the new software repositories:
+
+ $ sudo apt-get update
+ $ sudo apt-get upgrade
+
+
+Ubuntu Upgrade
+
+### 2. Install Additional Drivers ###
+
+In order for the system to scan and install additional hardware proprietary drivers, open Software and Updates utility from System Settings, go to Additional Drivers tab and wait for the utility to scan for drivers.
+
+If some drivers matching your hardware are found, check the drivers you want to install and hit the Apply Changes button to install it. In case the proprietary drivers are not working as expected, uninstall them using the Revert button or check Do not use the device and Apply Changes.
+
+
+Install Drivers
+
+### 3. Install Synaptic and Gdebi Package Tools ###
+
+Besides Ubuntu Software Center, Synaptic is a Graphical utility for apt command line through which you can manage repositories or install, remove, search, upgrade and configure software packages. Similar way, Gdebi has the same functionality for local .deb packages. To install this two package managers on your system issue the following command on Terminal:
+
+ $ sudo apt-get install synaptic gdebi
+
+
+Install Synaptic and Gdebi
+
+
+Synaptic Package Manager
+
+### 4. Change System Appearance and Behavior ###
+
+If you want to change Desktop Background or Launcher Icon Size, open System Settings –> Appearance –> Look and personalize the desktop. To move the menu to window title bar, enable workspaces and desktop icons or auto-hide the Launcher visit Behavior tab.
+
+
+System Appearances
+
+### 5. Improve System Security and Privacy ###
+
+
+System Security Enhancement
+
+
+System Security Options
+
+### 5. Disable Unneeded Startup Applications ###
+
+To improve system login speed, reveal hidden Startup Applications by issuing the below command on Terminal, open Startup Applications utility by searching it in Dash and uncheck the unneeded applications during login process.
+
+ $ sudo sed -i ‘s/NoDisplay=true/NoDisplay=false/g’ /etc/xdg/autostart/*.desktop
+
+
+Disable Unwanted Applications
+
+### 6. Add Extended Multimedia Support ###
+
+By default, Ubuntu comes with a minimal support for media files. In order to play various media formats or manipulate video files, install the following multimedia applications:
+
+- VLC
+- Smplayer
+- Audacious
+- QMMP
+- Mixxx
+- XBMC
+- Handbrake
+- Openshot
+
+Use the following command line to install all with one shot:
+
+ $ sudo apt-get install vlc smplayer audacious qmmp mixxx xbmc handbrake openshot
+
+
+Install Media Players
+
+
+Media Player Playlist
+
+Besides this multimedia players also install ubuntu-restricted-extras and Java support packages in order to decode and support other restricted media formats.
+
+ $ sudo apt-get install ubuntu-restricted-extras openjdk-8-jdk
+
+
+Install Ubuntu Extras
+
+To enable DVD Playback and other multimedia codecs issue the following command on Terminal:
+
+ $ sudo apt-get install ffmpeg gstreamer0.10-plugins-bad lame libavcodec-extra
+ $ sudo /usr/share/doc/libdvdread4/install-css.sh
+
+
+Enable Video Codes
+
+### 7. Install Image Applications ###
+
+If you are a photography enthusiast and you want to handle and manipulate images on Ubuntu, probably you want to install the following imaging programs:
+
+- GIMP (alternative for Adobe Photoshop)
+- Darktable
+- Rawtherapee
+- Pinta
+- Shotwell
+- Inkscape (alternative for Adobe Illustrator)
+- Digikam
+- Cheese
+
+This applications can be installed from Ubuntu Software Center or all at once by using the following command line on Terminal:
+
+ $ sudo apt-get install gimp gimp-plugin-registry gimp-data-extras darktable rawtherapee pinta shotwell inkscape
+
+
+Install Image Applications
+
+
+Rawtherapee Tool
+
+### 8. Install Media Burners ###
+
+To mount ISO images or burn a CDs or a DVD, you can choose and install from the following software:
+
+- Brasero Disk Burner
+- K3b
+- Xfburn
+- Furius ISO Mount
+
+ $ sudo apt-get install brasero
+ $ sudo apt-get install k3b
+ $ sudo apt-get install xfburn
+ $ sudo apt-get install furiusisomount
+
+
+Install Media Burners
+
+### 9. Install Archive Applications ###
+
+To handle most of archive formatted files (zip, tar.gz, zip, 7zip rar etc) install the following packages by issuing the below command:
+
+ $ sudo apt-get install unace unrar zip unzip p7zip-full p7zip-rar sharutils rar uudeview mpack arj cabextract file-roller
+
+
+Install Archive Applications
+
+### 10. Install Chat Application ###
+
+If you want to talk to people all over the world, here is a list of the most popular chat applications for Linux:
+
+- Pidgin
+- Skype
+- Xchat
+- Telegram
+- aMSN
+- Viber
+
+You can install most of them from Ubuntu Software Center or by using the command line:
+
+ $ sudo apt-get install pidgin
+ $ sudo apt-get install skype
+ $ sudo apt-get install xchat
+ $ sudo apt-get install amsn
+ $ sudo add-apt-repository ppa:atareao/telegram -y
+ $ sudo apt-get update
+ $ sudo apt-get install telegram
+
+
+Install Chat Applications
+
+To install Viber application on Ubuntu visit [Viber official webpage][1], download the Debian package locally and install the viber.deb application using Gdebi package manager (left click – > Open with -> GDebi Package Installer).
+
+
+Install Viber
+
+### 11. Install Torrent Software ###
+
+The most popular torrent applications and peer-to-peer file sharing programs for Ubuntu are:
+
+- Deluge
+- Transmission
+- Qbittorrent
+- LinuxDC++
+
+To install your favorite peer-to-peer file sharing application on Ubuntu issue the following command on Terminal.
+
+ $ sudo apt-get install deluge
+ $ sudo apt-get install transmission
+ $ sudo apt-get install qbittorrent
+ $ sudo apt-get install linuxdcpp
+
+
+Install Torrent
+
+### 12. Install Windows Emulator -Wine and Gaming Support – Steam ###
+
+Wine emulator allows you to install and run Windows applications on Linux. On the other hand, Steam is a popular gaming platform for Linux based systems developed by Valve. To install both of them on your machine issue the following command on Terminal or use Ubuntu Software Center.
+
+ $ sudo apt-get install steam wine winetricks
+
+
+Install Wine
+
+### 13. Install Cairo-Dock and Enable Desktop Visual Effects ###
+
+Cairo-Dock is a beautiful and flexible launcher bar for Linux desktops similar to the Mac OS X dock. To install it on Ubuntu, run the following command on Terminal.
+
+ $ sudo apt-get install cairo-dock cairo-dock-plug-ins
+
+
+Install Cairo Dock
+
+
+Add Cairo Dock at Startup
+
+To enable a set of Desktop Effects, such as Cube effect, install Compiz package with the following command:
+
+ $ sudo apt-get install compiz compizconfig-settings-manager compiz-plugins-extra
+
+To activate the Desktop Cube effect, search for ccsm on Dash, open CompizConfig Settings Manager, go to General Options – > Desktop Size and set Horizontal Virtual Size value to 4 and Vertical Virtual Size to 1. Then go back and check Desktop Cube (Disable Desktop Wall) and Rotate Cube boxes (Resolve Conflicts ->Disable Switch to Viewport 1) and press Ctrl+Alt+Left Mouse Click to view the cube effect.
+
+
+Enable Compiz
+
+
+Compiz Settings
+
+
+Compiz Settings Addons
+
+
+Desktop Window Rotating
+
+### 14. Add Extra Browser Support ###
+
+Ubuntu 15.04 comes by default with Mozilla Firefox Web Browser. To install other browsers such as Google Chrome or Opera, visit their official web pages, download the provided .deb packages and install them on your system using the Gdebi Package Installer.
+
+
+Enable Browser Support
+
+
+Opera Browser Support
+
+To install Chromium Open Source browser issue the following command on Terminal.
+
+ $ sudo apt-get install chromium-browser
+
+### 15. Install Tweak Tools ###
+
+Want extra applications for customizing Ubuntu? Then install Unity Tweak Tool and Gnome Tweak Tool by issuing the following commands on Terminal.
+
+ $ sudo apt-get install unity-tweak-tool gnome-tweak-tool
+
+
+Install Tweak Tool
+
+
+Tweak Tool Settings
+
+Another interesting tweak tool is represented by the Ubuntu Tweak package which can be obtained and installed by visiting the webpage: [http://ubuntu-tweak.com/][2].
+
+
+Tweak Tool: System Information
+
+After you have installed all this bunch of software, you might want to clean your system in order to free some space on the hard drive, by issuing the following commands:
+
+ $ sudo apt-get -y autoremove
+ $ sudo apt-get -y autoclean
+ $ sudo apt-get -y clean
+
+This are just a few tweaks and programs that an average user might install and use on Ubuntu 15.04 Desktop for daily basic utilization. For more advanced programs, features and utilities use Ubuntu Software Center or consult Ubuntu Wiki webpage.
+
+--------------------------------------------------------------------------------
+
+via: http://www.tecmint.com/things-to-do-after-installing-ubuntu-15-04-desktop/
+
+作者:[Matei Cezar][a]
+译者:[译者ID](https://github.com/译者ID)
+校对:[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[a]:http://www.tecmint.com/author/cezarmatei/
+[1]:http://www.viber.com/en/products/linux
+[2]:http://ubuntu-tweak.com/
diff --git a/sources/tech/20150429 KDE Plasma 5.3 Released, Here' s How To Upgrade in Kubuntu 15.04.md b/sources/tech/20150429 KDE Plasma 5.3 Released, Here' s How To Upgrade in Kubuntu 15.04.md
new file mode 100644
index 0000000000..43b2adc3dd
--- /dev/null
+++ b/sources/tech/20150429 KDE Plasma 5.3 Released, Here' s How To Upgrade in Kubuntu 15.04.md
@@ -0,0 +1,86 @@
+KDE Plasma 5.3 Released, Here’s How To Upgrade in Kubuntu 15.04
+================================================================================
+**KDE [has announced][1] the stable release of Plasma 5.3, which comes charged with a slate of new power management features. **
+
+Having impressed and excited [with an earlier beta release in April][2], the latest update to the new stable update to the Plasma 5 desktop environments is now considered stable and ready for download.
+
+Plasma 5.3 continues to refine and finesse the new-look KDE desktop. It sees plenty of feature additions for desktop users to enjoy and **almost 400 bug fixes** packed in it should also improvements the performance and overall stability, too.
+
+### What’s New in Plasma 5.3 ###
+
+
+Better Bluetooth Management in Plasma 5.3
+
+While we touched on the majority of the **new features** [in Plasma 5.3 in an earlier article][3] many are worth reiterating.
+
+**Enhanced power management** features and configuration options, including a **new battery applet, energy usage monitor** and **animated changes in screen brightness**, will help KDE last longer on portable devices.
+
+Closing a laptop when an external monitor is connected no longer triggers ‘suspend’. This new behaviour is called ‘**cinema mode**‘ and comes enabled by default, but can be disabled using an option in power management settings.
+
+**Bluetooth functionality is improved**, with a brand new panel applet making connecting and configuring paired bluetooth devices like smartphones, keyboards and speakers easier than ever.
+
+Similarly, **trackpad configuration in KDE is easier** with Plasma 5.3 thanks to a new set-up and settings module.
+
+
+Trackpad, Touchpad. Tomato, Tomayto.
+
+For Plasma widget fans there is a new **Press and Hold** gesture. When enabled this hides the settings handle that appears when on mouseover. Instead making it only appear when long-clicking on widget.
+
+On the topic of widget-y things, several **old Plasmoid favourites are reintroduced** with this release, including a useful system monitor, handy hard-drive stats and a comic reader.
+
+### Learning More & Trying It Out ###
+
+
+
+A full list of everything — and I mean everything — that is new and improved in Plasma 5.3 is listed [in the official change log][4].
+
+Live images that let you try Plasma 5.3 on a Kubuntu base **without affecting your own system** are available from the KDE community:
+
+- [Download KDE Plasma Live Images][5]
+
+If you need super stable system you can use these live images to try the features but stick with the version of KDE that comes with your distribution on your main computer.
+
+However, if you’re happy to experiment — read: can handle any package conflicts or system issues resulting from attempting to upgrade your desktop environment — you can.
+
+### Install Plasma 5.3 in Kubuntu 15.04 ###
+
+
+
+To **install Plasma 5.3 in Kubuntu 15.04** you need to add the KDE Backports PPA, run the Software Updater tool and install any available updates.
+
+The Kubuntu backports PPA may/will also upgrade other parts of the KDE Platform other than Plasma that are installed on your system including KDE applications, frameworks and Kubuntu specific configuration files.
+
+Using the command line is by far the fastest way to upgrade to Plasma 5.3 in Kubuntu:
+
+ sudo add-apt-repository ppa:kubuntu-ppa/backports
+
+ sudo apt-get update && sudo apt-get dist-upgrade
+
+After the upgrade process has completed, and assuming everything went well, you should reboot your computer.
+
+If you’re using an alternative desktop environment, like LXDE, Unity or GNOME, you will need to install the Kubuntu desktop package (you’ll find it in the Ubuntu Software Centre) after running both of the commands above.
+
+To downgrade to the stock version of Plasma in 15.04 you can use the PPA-Purge tool:
+
+ sudo apt-get install ppa-purge
+
+ sudo ppa-purge ppa:kubuntu-ppa/backports
+
+Let us know how your upgrade/testing goes in the comments below and don’t forget to mention the features you hope to see added to the Plasma 5 desktop next.
+
+--------------------------------------------------------------------------------
+
+via: http://www.omgubuntu.co.uk/2015/04/kde-plasma-5-3-released-heres-how-to-upgrade-in-kubuntu-15-04
+
+作者:[Joey-Elijah Sneddon][a]
+译者:[译者ID](https://github.com/译者ID)
+校对:[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[a]:https://plus.google.com/117485690627814051450/?rel=author
+[1]:https://www.kde.org/announcements/plasma-5.3.0.php
+[2]:http://www.omgubuntu.co.uk/2015/04/beta-plasma-5-3-features
+[3]:http://www.omgubuntu.co.uk/2015/04/beta-plasma-5-3-features
+[4]:https://www.kde.org/announcements/plasma-5.2.2-5.3.0-changelog.php
+[5]:https://community.kde.org/Plasma/Live_Images
\ No newline at end of file
diff --git a/sources/tech/20150504 How to Install and Configure 'PowerDNS' (with MariaDB) and 'PowerAdmin' in RHEL or CentOS 7.md b/sources/tech/20150504 How to Install and Configure 'PowerDNS' (with MariaDB) and 'PowerAdmin' in RHEL or CentOS 7.md
new file mode 100644
index 0000000000..e8974ba386
--- /dev/null
+++ b/sources/tech/20150504 How to Install and Configure 'PowerDNS' (with MariaDB) and 'PowerAdmin' in RHEL or CentOS 7.md
@@ -0,0 +1,423 @@
+How to Install and Configure ‘PowerDNS’ (with MariaDB) and ‘PowerAdmin’ in RHEL/CentOS 7
+================================================================================
+PowerDNS is a DNS server running on many Linux/Unix derivatives. It can be configured with different backends including BIND style zone files, relational databases or load balancing/failover algorithms. It can also be setup as a DNS recursor running as a separate process on the server.
+
+The latest version of PowerDNS Authoritative server is 3.4.4, but the one available in the EPEL repository right now is 3.4.3. I would recommend installing the one for the EPEL repository due to the fact that this version is tested in CentOS and Fedora. That way you will also be able to easily update PowerDNS in future.
+
+This article intends to show you how to install and setup master PowerDNS server with a MariaDB backend and the PowerAdmin – a friendly web interface managing tool for PowerDNS.
+
+For the purpose of this article I will be using server with:
+
+ Hostname: centos7.localhost
+ IP Address 192.168.0.102
+
+### Step 1: Installing PowerDNS with MariaDB Backend ###
+
+#### 1. First you need to enable the EPEL repository for your server simply use: ####
+
+ # yum install epel-release.noarch
+
+
+Enable Epel Repository
+
+#### 2. The next step is to install the MariaDB server. This can be easily done by running the following command: ####
+
+ # yum -y install mariadb-server mariadb
+
+
+Install MariaDB Server
+
+#### 3. Next we will configure MySQL to enable and start upon system boot: ####
+
+ # systemctl enable mariadb.service
+ # systemctl start mariadb.service
+
+
+Enable Start MariaDB System Boot
+
+#### 4. Now that the MySQL service is running, we will secure and setup a password for MariaDB by running: ####
+
+ # mysql_secure_installation
+
+#### Follow Instructions ####
+
+ /bin/mysql_secure_installation: line 379: find_mysql_client: command not found
+
+ NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
+ SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
+
+ In order to log into MariaDB to secure it, we'll need the current
+ password for the root user. If you've just installed MariaDB, and
+ you haven't set the root password yet, the password will be blank,
+ so you should just press enter here.
+
+ Enter current password for root (enter for none): Press ENTER
+ OK, successfully used password, moving on...
+
+ Setting the root password ensures that nobody can log into the MariaDB
+ root user without the proper authorisation.
+
+ Set root password? [Y/n] y
+ New password: ← Set New Password
+ Re-enter new password: ← Repeat Above Password
+ Password updated successfully!
+ Reloading privilege tables..
+ ... Success!
+
+
+ By default, a MariaDB installation has an anonymous user, allowing anyone
+ to log into MariaDB without having to have a user account created for
+ them. This is intended only for testing, and to make the installation
+ go a bit smoother. You should remove them before moving into a
+ production environment.
+
+ Remove anonymous users? [Y/n] y ← Choose “y” to disable that user
+ ... Success!
+
+ Normally, root should only be allowed to connect from 'localhost'. This
+ ensures that someone cannot guess at the root password from the network.
+
+ Disallow root login remotely? [Y/n] n ← Choose “n” for no
+ ... skipping.
+
+ By default, MariaDB comes with a database named 'test' that anyone can
+ access. This is also intended only for testing, and should be removed
+ before moving into a production environment.
+
+ Remove test database and access to it? [Y/n] y ← Choose “y” for yes
+ - Dropping test database...
+ ... Success!
+ - Removing privileges on test database...
+ ... Success!
+
+ Reloading the privilege tables will ensure that all changes made so far
+ will take effect immediately.
+
+ Reload privilege tables now? [Y/n] y ← Choose “y” for yes
+ ... Success!
+
+ Cleaning up...
+
+ All done! If you've completed all of the above steps, your MariaDB
+ installation should now be secure.
+
+ Thanks for using MariaDB!
+
+#### 5. Once MariaDB configuration done successfully, we can proceed further with the installation of PowerDNS. This is easily completed by running: ####
+
+ # yum -y install pdns pdns-backend-mysql
+
+
+Install PowerDNS with MariaDB Backend
+
+#### 6. The configuration file for PowerDNS is located in `/etc/pdns/pdns`, but before editing it, we will setup a MySQL database for PowerDNS service. First we will connect to the MySQL server and will create a database with name powerdns: ####
+
+ # mysql -u root -p
+ MariaDB [(none)]> CREATE DATABASE powerdns;
+
+
+Create PowerDNS Database
+
+#### 7. Next, we will create a database user called powerdns: ####
+
+ MariaDB [(none)]> GRANT ALL ON powerdns.* TO 'powerdns'@'localhost' IDENTIFIED BY ‘tecmint123’;
+ MariaDB [(none)]> GRANT ALL ON powerdns.* TO 'powerdns'@'centos7.localdomain' IDENTIFIED BY 'tecmint123';
+ MariaDB [(none)]> FLUSH PRIVILEGES;
+
+
+Create PowerDNS User
+
+**Note**: Replace “tecmint123” with the actual password that you want to use for your setup.
+
+#### 8. We proceed by creating the database tables used by PowerDNS. Execute those block by block: ####
+
+ MariaDB [(none)]> USE powerdns;
+ MariaDB [(none)]> CREATE TABLE domains (
+ id INT auto_increment,
+ name VARCHAR(255) NOT NULL,
+ master VARCHAR(128) DEFAULT NULL,
+ last_check INT DEFAULT NULL,
+ type VARCHAR(6) NOT NULL,
+ notified_serial INT DEFAULT NULL,
+ account VARCHAR(40) DEFAULT NULL,
+ primary key (id)
+ );
+
+
+Create Table Domains for PowerDNS
+
+ MariaDB [(none)]> CREATE UNIQUE INDEX name_index ON domains(name);
+ MariaDB [(none)]> CREATE TABLE records (
+ id INT auto_increment,
+ domain_id INT DEFAULT NULL,
+ name VARCHAR(255) DEFAULT NULL,
+ type VARCHAR(6) DEFAULT NULL,
+ content VARCHAR(255) DEFAULT NULL,
+ ttl INT DEFAULT NULL,
+ prio INT DEFAULT NULL,
+ change_date INT DEFAULT NULL,
+ primary key(id)
+ );
+
+
+Create Index Domains for PowerDNS
+
+ MariaDB [(none)]> CREATE INDEX rec_name_index ON records(name);
+ MariaDB [(none)]> CREATE INDEX nametype_index ON records(name,type);
+ MariaDB [(none)]> CREATE INDEX domain_id ON records(domain_id);
+
+
+Create Index Records
+
+ MariaDB [(none)]> CREATE TABLE supermasters (
+ ip VARCHAR(25) NOT NULL,
+ nameserver VARCHAR(255) NOT NULL,
+ account VARCHAR(40) DEFAULT NULL
+ );
+
+
+Create Table Supermaster
+
+You can now exit the MySQL console by typing:
+
+ MariaDB [(none)]> quit;
+
+#### 9. Finally we can proceed with configuring our PowerDNS in a way that, it will use MySQL as backend. For that purpose open PowerDNS configuration file located at: ####
+
+ # vim /etc/pdns/pdns.conf
+
+In that file look for the lines looking like this:
+
+ #################################
+ # launch Which backends to launch and order to query them in
+ #
+ # launch=
+
+Just after that put the following code:
+
+ launch=gmysql
+ gmysql-host=localhost
+ gmysql-user=powerdns
+ gmysql-password=user-pass
+ gmysql-dbname=powerdns
+
+Change “user-pass” with the actual password that you set earlier. Here is how my configuration looks like:
+
+
+Configure PowerDNS
+
+Save your change and exit from.
+
+#### 10. Now we will start and add PowerDNS to the list of services starting at system boot: ####
+
+ # systemctl enable pdns.service
+ # systemctl start pdns.service
+
+
+Enable and Start PowerDNS
+
+At this point your PowerDNS server is up and running. For more information about PowerDNS you can refer to the manual available at [http://downloads.powerdns.com/documentation/html/index.html][1]
+
+### Step 2: Installing PowerAdmin to Manage PowerDNS ###
+
+#### 11. Now we will install PowerAdmin – a friendly web interface designed to manager PowerDNS servers. Since it is written in PHP, we will need to install PHP and a web server (Apache): ####
+
+ # yum install httpd php php-devel php-gd php-imap php-ldap php-mysql php-odbc php-pear php-xml php-xmlrpc php-mbstring php-mcrypt php-mhash gettext
+
+
+Install Apache PHP
+
+PowerAdmin also requires two PEAR packages:
+
+ # yum -y install php-pear-DB php-pear-MDB2-Driver-mysql
+
+
+Install Pear
+
+You can also refer to the following article for complete instructions how to install LAMP stack in CentOS 7:
+
+- [Install LAMP in CentOS 7][2]
+
+Once the install is complete, we will need to start and set Apache to start at system boot:
+
+ # systemctl enable httpd.service
+ # systemctl start httpd.service
+
+
+Enable Start Apache System Boot
+
+#### 12. Now that all system requirements for running PowerAdmn are met, we can proceed and download the package. Since the default web directory for Apache is /var/www/html/, we will download the package in there. ####
+
+ # cd /var/www/html/
+ # wget http://downloads.sourceforge.net/project/poweradmin/poweradmin-2.1.7.tgz
+ # tar xfv poweradmin-2.1.7.tgz
+
+
+Download PowerAdmin
+
+#### 13. Now, we can now start the web installer of PowerAdmin. Simply open: ####
+
+ http://192.168.0.102/poweradmin-2.1.7/install/
+
+This should bring the first step of the installation:
+
+
+Select Installation Language
+
+The above page will ask you to choose the language for your PowerAdmin. Select the one you wish to use and click the “Go to step 2” button.
+
+#### 14. The installer will expect you to have a PowerDNS database: ####
+
+
+PowerDNS Database
+
+#### 15. Since we already created one, we can proceed to the next step. You will be asked to enter the database details you setup earlier. You will also need to setup Poweradmin administrator password: ####
+
+
+Enter PowerDNS Database Settings
+
+#### 16. Once you have input those, go to step 4. You will create a new user with a limited rights for Poweradmin. The fields that you need to enter here are: ####
+
+- Username - username for hte PowerAdmin.
+- Password – password for the above user.
+- Hostmaster - When creating SOA records and you have not specified hostmaster, this value will be used.
+- Secondary nameserver – the value will be used as primary name server when creating new DNS zones.
+
+
+PowerDNS Configuration Settings
+
+#### 17. On the next step Poweradmin will ask you to create new database user with limited rights on the database tables. It will provide you with the code that you will need to put in a MySQL console: ####
+
+
+Create New Database User
+
+#### 18. Now open a terminal and run: ####
+
+ # mysql -u root -p
+
+Provide your password and execute the code provided by Poweradmin:
+
+ MariaDB [(none)]> GRANT SELECT, INSERT, UPDATE, DELETE
+ ON powerdns.*
+ TO 'powermarin'@'localhost'
+ IDENTIFIED BY '123qweasd';
+
+
+Grant Mysql Permissions to User
+
+#### 19. Now go back to your browser and proceed to the next step. The installer will attempt to create its configuration file in /var/www/html/poweradmin-2.1.7/inc. ####
+
+The file name is config.inc.php. In case the script is not able to write that file you can create it manually by copying the text and putting it in above mentioned file:
+
+
+Configuration Settings of PowerDNS
+
+#### 20. Now go to the last page where you will be informed that the installation is complete and will receive information how to access your Poweradmin install: ####
+
+
+PowerDNS Installation Completed
+
+You can enable URLs used by other dynamic DNS providers by running:
+
+ # cp install/htaccess.dist .htaccess
+
+For that purpose you will need to have mod_rewrite enabled in Apache’s configuration.
+
+#### 21. Now it is important to remove the “install” folder from Poweradmin’s root directory with the following command: ####
+
+ # rm -fr /var/www/html/poweradmin/install/
+
+After that you can access your poweradmin at:
+
+ http://192.168.0.102/poweradmin-2.1.7/
+
+
+PowerDNS Login
+
+After logging you should see the Poweradmin main page:
+
+
+PowerDNS Dashboard
+
+At this point your installation is complete and you are now ready to start managing your DNS zones.
+
+### Step 3: How to Add, Edit and Delete DNS Zones in PowerDNS ###
+
+#### 22. To add new master zone, simply click on the “Add master zone”: ####
+
+
+Add Master Zone
+
+On the next page there are few things that you need to fill:
+
+- Domain – domain for which you will be adding the zone.
+- Owner – sets the owner of the DNS zone.
+- Template – DNS template – leave to none.
+- DNSSEC – Donany Name System Security Extensions (optional -check if you need it).
+
+Click the “Add zone” button to add the DNS zone.
+
+
+Master DNS Zone
+
+Now you can go back to the index page of Poweradmin by clicking the “Index” link. To review all existing DNS zones simply go to “List zones”:
+
+
+Check List of Zones
+
+You should now see a list of available DNS zones:
+
+
+Check List of DNS Zones
+
+#### 23. To edit an existing DNS zone or add new records click the edit icon: ####
+
+
+Edit DNS Zone
+
+On the next page you will see the entries for the DNS zone you have chosen:
+
+
+Domain DNS Zone Entries
+
+#### 24. In here to add new DNS zone you will need to set the following information: ####
+
+- Name – name for the entry. Only add the first part of the domain/subdomain, the rest will be added by Poweradmin.
+- Type – choose the record type.
+- Priority – priority of the record.
+- TTL – Time To Live in seconds.
+
+For the purpose of this article, I will add an A record for subdomain new.example.com that will resolve on IP address 192.168.0.102 with time to live 14400 seconds:
+
+
+Add New DNS Record
+
+Finally click the “Add record” button.
+
+#### 25. If you wish to delete a DNS zone you can go back to the “List zone” page and click on the “Trash” icon next to the DNS zone which you wish to delete: ####
+
+
+Delete DNS Zone
+
+Poweradmin will ask you if you are sure you want to delete the DNS zone. Simply click “Yes” to finish the deletion.
+
+For more detailed instructions how to create, edit and delete zones you can refer to Poweradmin’s documentation at:
+
+[https://github.com/poweradmin/poweradmin/wiki/Documentation][3]
+
+I hope you have find this article interesting and useful. As always if you have any questions or comments please do not hesitate to submit them in the comment section below.
+
+--------------------------------------------------------------------------------
+
+via: http://www.tecmint.com/install-powerdns-poweradmin-mariadb-in-centos-rhel/
+
+作者:[Marin Todorov][a]
+译者:[译者ID](https://github.com/译者ID)
+校对:[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[a]:http://www.tecmint.com/author/marintodorov89/
+[1]:http://downloads.powerdns.com/documentation/html/index.html
+[2]:http://www.tecmint.com/install-lamp-in-centos-7/
+[3]:https://github.com/poweradmin/poweradmin/wiki/Documentation
\ No newline at end of file
diff --git a/sources/tech/20150504 How to access a Linux server behind NAT via reverse SSH tunnel.md b/sources/tech/20150504 How to access a Linux server behind NAT via reverse SSH tunnel.md
new file mode 100644
index 0000000000..d6a1df43c5
--- /dev/null
+++ b/sources/tech/20150504 How to access a Linux server behind NAT via reverse SSH tunnel.md
@@ -0,0 +1,132 @@
+translating by createyuan
+
+How to access a Linux server behind NAT via reverse SSH tunnel
+================================================================================
+You are running a Linux server at home, which is behind a NAT router or restrictive firewall. Now you want to SSH to the home server while you are away from home. How would you set that up? SSH port forwarding will certainly be an option. However, port forwarding can become tricky if you are dealing with multiple nested NAT environment. Besides, it can be interfered with under various ISP-specific conditions, such as restrictive ISP firewalls which block forwarded ports, or carrier-grade NAT which shares IPv4 addresses among users.
+
+### What is Reverse SSH Tunneling? ###
+
+One alternative to SSH port forwarding is **reverse SSH tunneling**. The concept of reverse SSH tunneling is simple. For this, you will need another host (so-called "relay host") outside your restrictive home network, which you can connect to via SSH from where you are. You could set up a relay host using a [VPS instance][1] with a public IP address. What you do then is to set up a persistent SSH tunnel from the server in your home network to the public relay host. With that, you can connect "back" to the home server from the relay host (which is why it's called a "reverse" tunnel). As long as the relay host is reachable to you, you can connect to your home server wherever you are, or however restrictive your NAT or firewall is in your home network.
+
+
+
+### Set up a Reverse SSH Tunnel on Linux ###
+
+Let's see how we can create and use a reverse SSH tunnel. We assume the following. We will be setting up a reverse SSH tunnel from homeserver to relayserver, so that we can SSH to homeserver via relayserver from another computer called clientcomputer. The public IP address of **relayserver** is 1.1.1.1.
+
+On homeserver, open an SSH connection to relayserver as follows.
+
+ homeserver~$ ssh -fN -R 10022:localhost:22 relayserver_user@1.1.1.1
+
+Here the port 10022 is any arbitrary port number you can choose. Just make sure that this port is not used by other programs on relayserver.
+
+The "-R 10022:localhost:22" option defines a reverse tunnel. It forwards traffic on port 10022 of relayserver to port 22 of homeserver.
+
+With "-fN" option, SSH will go right into the background once you successfully authenticate with an SSH server. This option is useful when you do not want to execute any command on a remote SSH server, and just want to forward ports, like in our case.
+
+After running the above command, you will be right back to the command prompt of homeserver.
+
+Log in to relayserver, and verify that 127.0.0.1:10022 is bound to sshd. If so, that means a reverse tunnel is set up correctly.
+
+ relayserver~$ sudo netstat -nap | grep 10022
+
+----------
+
+ tcp 0 0 127.0.0.1:10022 0.0.0.0:* LISTEN 8493/sshd
+
+Now from any other computer (e.g., clientcomputer), log in to relayserver. Then access homeserver as follows.
+
+ relayserver~$ ssh -p 10022 homeserver_user@localhost
+
+One thing to take note is that the SSH login/password you type for localhost should be for homeserver, not for relayserver, since you are logging in to homeserver via the tunnel's local endpoint. So do not type login/password for relayserver. After successful login, you will be on homeserver.
+
+### Connect Directly to a NATed Server via a Reverse SSH Tunnel ###
+
+While the above method allows you to reach **homeserver** behind NAT, you need to log in twice: first to **relayserver**, and then to **homeserver**. This is because the end point of an SSH tunnel on relayserver is binding to loopback address (127.0.0.1).
+
+But in fact, there is a way to reach NATed homeserver directly with a single login to relayserver. For this, you will need to let sshd on relayserver forward a port not only from loopback address, but also from an external host. This is achieved by specifying **GatewayPorts** option in sshd running on relayserver.
+
+Open /etc/ssh/sshd_conf of **relayserver** and add the following line.
+
+ relayserver~$ vi /etc/ssh/sshd_conf
+
+----------
+
+ GatewayPorts clientspecified
+
+Restart sshd.
+
+Debian-based system:
+
+ relayserver~$ sudo /etc/init.d/ssh restart
+
+Red Hat-based system:
+
+ relayserver~$ sudo systemctl restart sshd
+
+Now let's initiate a reverse SSH tunnel from homeserver as follows.
+homeserver~$ ssh -fN -R 1.1.1.1:10022:localhost:22 relayserver_user@1.1.1.1
+
+Log in to relayserver and confirm with netstat command that a reverse SSH tunnel is established successfully.
+
+ relayserver~$ sudo netstat -nap | grep 10022
+
+----------
+
+ tcp 0 0 1.1.1.1:10022 0.0.0.0:* LISTEN 1538/sshd: dev
+
+Unlike a previous case, the end point of a tunnel is now at 1.1.1.1:10022 (relayserver's public IP address), not 127.0.0.1:10022. This means that the end point of the tunnel is reachable from an external host.
+
+Now from any other computer (e.g., clientcomputer), type the following command to gain access to NATed homeserver.
+
+ clientcomputer~$ ssh -p 10022 homeserver_user@1.1.1.1
+
+In the above command, while 1.1.1.1 is the public IP address of relayserver, homeserver_user must be the user account associated with homeserver. This is because the real host you are logging in to is homeserver, not relayserver. The latter simply relays your SSH traffic to homeserver.
+
+### Set up a Persistent Reverse SSH Tunnel on Linux ###
+
+Now that you understand how to create a reverse SSH tunnel, let's make the tunnel "persistent", so that the tunnel is up and running all the time (regardless of temporary network congestion, SSH timeout, relay host rebooting, etc.). After all, if the tunnel is not always up, you won't be able to connect to your home server reliably.
+
+For a persistent tunnel, I am going to use a tool called autossh. As the name implies, this program allows you to automatically restart an SSH session should it breaks for any reason. So it is useful to keep a reverse SSH tunnel active.
+
+As the first step, let's set up [passwordless SSH login][2] from homeserver to relayserver. That way, autossh can restart a broken reverse SSH tunnel without user's involvement.
+
+Next, [install autossh][3] on homeserver where a tunnel is initiated.
+
+From homeserver, run autossh with the following arguments to create a persistent SSH tunnel destined to relayserver.
+
+ homeserver~$ autossh -M 10900 -fN -o "PubkeyAuthentication=yes" -o "StrictHostKeyChecking=false" -o "PasswordAuthentication=no" -o "ServerAliveInterval 60" -o "ServerAliveCountMax 3" -R 1.1.1.1:10022:localhost:22 relayserver_user@1.1.1.1
+
+The "-M 10900" option specifies a monitoring port on relayserver which will be used to exchange test data to monitor an SSH session. This port should not be used by any program on relayserver.
+
+The "-fN" option is passed to ssh command, which will let the SSH tunnel run in the background.
+
+The "-o XXXX" options tell ssh to:
+
+- Use key authentication, not password authentication.
+- Automatically accept (unknown) SSH host keys.
+- Exchange keep-alive messages every 60 seconds.
+- Send up to 3 keep-alive messages without receiving any response back.
+
+The rest of reverse SSH tunneling related options remain the same as before.
+
+If you want an SSH tunnel to be automatically up upon boot, you can add the above autossh command in /etc/rc.local.
+
+### Conclusion ###
+
+In this post, I talked about how you can use a reverse SSH tunnel to access a Linux server behind a restrictive firewall or NAT gateway from outside world. While I demonstrated its use case for a home network, you must be careful when applying it for corporate networks. Such a tunnel can be considered as a breach of a corporate policy, as it circumvents corporate firewalls and can expose corporate networks to outside attacks. There is a great chance it can be misused or abused. So always remember its implication before setting it up.
+
+--------------------------------------------------------------------------------
+
+via: http://xmodulo.com/access-linux-server-behind-nat-reverse-ssh-tunnel.html
+
+作者:[Dan Nanni][a]
+译者:[译者ID](https://github.com/译者ID)
+校对:[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[a]:http://xmodulo.com/author/nanni
+[1]:http://xmodulo.com/go/digitalocean
+[2]:http://xmodulo.com/how-to-enable-ssh-login-without.html
+[3]:http://ask.xmodulo.com/install-autossh-linux.html
diff --git a/sources/tech/20150504 Useful Commands to Create Commandline Chat Server and Remove Unwanted Packages in Linux.md b/sources/tech/20150504 Useful Commands to Create Commandline Chat Server and Remove Unwanted Packages in Linux.md
new file mode 100644
index 0000000000..cbcd668b14
--- /dev/null
+++ b/sources/tech/20150504 Useful Commands to Create Commandline Chat Server and Remove Unwanted Packages in Linux.md
@@ -0,0 +1,184 @@
+translating wi-cuckoo
+Useful Commands to Create Commandline Chat Server and Remove Unwanted Packages in Linux
+================================================================================
+Here we are with the next part of Linux Command Line Tips and Tricks. If you missed our previous post on Linux Tricks you may find it here.
+
+- [5 Linux Command Line Tricks][1]
+
+In this post we will be introducing 6 command Line tips namely create Linux Command line chat using Netcat command, perform addition of a column on the fly from the output of a command, remove orphan packages from Debian and CentOS, get local and remote IP from command Line, get colored output in terminal and decode various color code and last but not the least hash tags implementation in Linux command Line. Lets check them one by one.
+
+
+6 Useful Commandline Tricks and Tips
+
+### 1. Create Linux Commandline Chat Server ###
+
+We all have been using chat service since a long time. We are familiar with Google chat, Hangout, Facebook chat, Whatsapp, Hike and several other application and integrated chat services. Do you know Linux nc command can make your Linux box a chat server with just one line of command.
+What is nc command in Linux and what it does?
+
+nc is the depreciation of Linux netcat command. The nc utility is often referred as Swiss army knife based upon the number of its built-in capabilities. It is used as debugging tool, investigation tool, reading and writing to network connection using TCP/UDP, DNS forward/reverse checking.
+
+It is prominently used for port scanning, file transferring, backdoor and port listening. nc has the ability to use any local unused port and any local network source address.
+
+Use nc command (On Server with IP address: 192.168.0.7) to create a command line messaging server instantly.
+
+ $ nc -l -vv -p 11119
+
+Explanation of the above command switches.
+
+- -v : means Verbose
+- -vv : more verbose
+- -p : The local port Number
+
+You may replace 11119 with any other local port number.
+
+Next on the client machine (IP address: 192.168.0.15) run the following command to initialize chat session to machine (where messaging server is running).
+
+ $ nc 192.168.0.7 11119
+
+
+
+**Note**: You can terminate chat session by hitting ctrl+c key and also nc chat is one-to-one service.
+
+### 2. How to Sum Values in a Column in Linux ###
+
+How to sum the numerical values of a column, generated as an output of a command, on the fly in the terminal.
+
+The output of the ‘ls -l‘ command.
+
+ $ ls -l
+
+
+
+Notice that the second column is numerical which represents number of symbolic links and the 5th column is numerical which represents the size of he file. Say we need to sum the values of fifth column on the fly.
+
+List the content of 5th column without printing anything else. We will be using ‘awk‘ command to do this. ‘$5‘ represents 5th column.
+
+ $ ls -l | awk '{print $5}'
+
+
+
+Now use awk to print the sum of the output of 5th column by pipelining it.
+
+ $ ls -l | awk '{print $5}' | awk '{total = total + $1}END{print total}'
+
+
+
+### How to Remove Orphan Packages in Linux? ###
+
+Orphan packages are those packages that are installed as a dependency of another package and no longer required when the original package is removed.
+
+Say we installed a package gtprogram which was dependent of gtdependency. We can’t install gtprogram unless gtdependency is installed.
+
+When we remove gtprogram it won’t remove gtdependency by default. And if we don’t remove gtdependency, it will remain as Orpahn Package with no connection to any other package.
+
+ # yum autoremove [On RedHat Systems]
+
+
+
+ # apt-get autoremove [On Debian Systems]
+
+
+
+You should always remove Orphan Packages to keep the Linux box loaded with just necessary stuff and nothing else.
+
+### 4. How to Get Local and Public IP Address of Linux Server ###
+
+To get you local IP address run the below one liner script.
+
+ $ ifconfig | grep "inet addr:" | awk '{print $2}' | grep -v '127.0.0.1' | cut -f2 -d:
+
+You must have installed ifconfig, if not, apt or yum the required packages. Here we will be pipelining the output of ifconfig with grep command to find the string “intel addr:”.
+
+We know ifconfig command is sufficient to output local IP Address. But ifconfig generate lots of other outputs and our concern here is to generate only local IP address and nothing else.
+
+ # ifconfig | grep "inet addr:"
+
+
+
+Although the output is more custom now, but we need to filter our local IP address only and nothing else. For this we will use awk to print the second column only by pipelining it with the above script.
+
+ # ifconfig | grep “inet addr:” | awk '{print $2}'
+
+
+
+Clear from the above image that we have customised the output very much but still not what we want. The loopback address 127.0.0.1 is still there in the result.
+
+We use use -v flag with grep that will print only those lines that don’t match the one provided in argument. Every machine have the same loopback address 127.0.0.1, so use grep -v to print those lines that don’t have this string, by pipelining it with above output.
+
+ # ifconfig | grep "inet addr" | awk '{print $2}' | grep -v '127.0.0.1'
+
+
+
+We have almost generated desired output, just replace the string `(addr:)` from the beginning. We will use cut command to print only column two. The column 1 and column 2 are not separated by tab but by `(:)`, so we need to use delimiter `(-d)` by pipelining the above output.
+
+ # ifconfig | grep "inet addr:" | awk '{print $2}' | grep -v '127.0.0.1' | cut -f2 -d:
+
+
+
+Finally! The desired result has been generated.
+
+### 5. How to Color Linux Terminal ###
+
+You might have seen colored output in terminal. Also you would be knowing to enable/disable colored output in terminal. If not you may follow the below steps.
+
+In Linux every user has `'.bashrc'` file, this file is used to handle your terminal output. Open and edit this file with your choice of editor. Note that, this file is hidden (dot beginning of file means hidden).
+
+ $ vi /home/$USER/.bashrc
+
+Make sure that the following lines below are uncommented. ie., it don’t start with a #.
+
+ if [ -x /usr/bin/dircolors ]; then
+ test -r ~/.dircolors && eval "$(dircolors -b ~/.dircolors)" || eval "$(dirc$
+ alias ls='ls --color=auto'
+ #alias dir='dir --color=auto'
+ #alias vdir='vdir --color=auto'
+
+ alias grep='grep --color=auto'
+ alias fgrep='fgrep --color=auto'
+ alias egrep='egrep --color=auto'
+ fi
+
+
+
+Once done! Save and exit. To make the changes taken into effect logout and again login.
+
+Now you will see files and folders are listed in various colors based upon type of file. To decode the color code run the below command.
+
+ $ dircolors -p
+
+Since the output is too long, lets pipeline the output with less command so that we get output one screen at a time.
+
+ $ dircolors -p | less
+
+
+
+### 6. How to Hash Tag Linux Commands and Scripts ###
+
+We are using hash tags on Twitter, Facebook and Google Plus (may be some other places, I have not noticed). These hash tags make it easier for others to search for a hash tag. Very few know that we can use hash tag in Linux command Line.
+
+We already know that `#` in configuration files and most of the programming languages is treated as comment line and is excluded from execution.
+
+Run a command and then create a hash tag of the command so that we can find it later. Say we have a long script that was executed in point 4 above. Now create a hash tag for this. We know ifconfig can be run by sudo or root user hence acting as root.
+
+ # ifconfig | grep "inet addr:" | awk '{print $2}' | grep -v '127.0.0.1' | cut -f2 -d: #myip
+
+The script above has been hash tagged with ‘myip‘. Now search for the hash tag in reverse-i-serach (press ctrl+r), in the terminal and type ‘myip‘. You may execute it from there, as well.
+
+
+
+You may create as many hash tags for every command and find it later using reverse-i-search.
+
+That’s all for now. We have been working hard to produce interesting and knowledgeable contents for you. What do you think how we are doing? Any suggestion is welcome. You may comment in the box below. Keep connected! Kudos.
+
+--------------------------------------------------------------------------------
+
+via: http://www.tecmint.com/linux-commandline-chat-server-and-remove-unwanted-packages/
+
+作者:[Avishek Kumar][a]
+译者:[译者ID](https://github.com/译者ID)
+校对:[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[a]:http://www.tecmint.com/author/avishek/
+[1]:http://www.tecmint.com/5-linux-command-line-tricks/
diff --git a/sources/tech/20150507 Install uGet Download Manager 2.0 in Debian Ubuntu Linux Mint and Fedora.md b/sources/tech/20150507 Install uGet Download Manager 2.0 in Debian Ubuntu Linux Mint and Fedora.md
new file mode 100644
index 0000000000..611fdea333
--- /dev/null
+++ b/sources/tech/20150507 Install uGet Download Manager 2.0 in Debian Ubuntu Linux Mint and Fedora.md
@@ -0,0 +1,134 @@
+Install uGet Download Manager 2.0 in Debian, Ubuntu, Linux Mint and Fedora
+================================================================================
+After a long development period, which includes more than 11 developement releases, finally uGet project team pleased to announce the immediate availability of the latest stable version of uGet 2.0. The latest version includes numerous attractive features, such as a new setting dialog, improved BitTorrent and Metalink support added in the aria2 plugin, as well as better support for uGet RSS messages in the banner, other features include:
+
+- A new “Check for Updates” button informs you about new released versions.
+- Added new languages & updated existing languages.
+- Added a new “Message Banner” that allows developers to easily provide uGet related information to all users.
+- Enhanced the Help Menu by including links to the Documentation, to submit Feedback & Bug Reports and more.
+- Integrated uGet download manager into the two major browsers on the Linux platform, Firefox and Google Chrome.
+- Improved support for Firefox Addon ‘FlashGot’.
+
+### What is uGet ###
+
+uGet (formerly known ad UrlGfe) is an open source, free and very powerful multi-platform GTK based download manager application was written in C language, that released and licensed under GPL. It offers large collection of features such as resuming downloads, multiple download support, categories support with an independent configuration, clipboard monitoring, download scheduler, import URLs from HTML files, integrated Flashgot plugin with Firefox and download torrent and metalink files using aria2 (a command-line download manager) that integrated with uGet.
+
+I have listed down all the key features of uGet Download Manager in detailed explanation.
+
+#### Key Features of uGet Download Manager ####
+
+- Downloads Queue: Place all your downloads into a Queue. As downloads finishes, the remaining queue files will automatically start downloading.
+- Resume Downloads: If in case, your network connection disconnected, don’t worry you can start or resume download where it was left.
+- Download Categories: Support for unlimited categories to manage downloads.
+- Clipboard Monitor: Add the types of files to clipboard that automatically prompt you to download copied files.
+- Batch Downloads: Allows you to easily add unlimited number of files at once for downloading.
+- Multi-Protocol: Allows you to easily download files through HTTP, HTTPS, FTP, BitTorrent and Metalink using arial2 command-line plugin.
+- Multi-Connection: Support for up to 20 simultaneous connections per download using aria2 plugin.
+- FTP Login & Anonymous FTP: Added support for FTP login using username and password, as well as anonymous FTP.
+- Scheduler: Added support for scheduled downloads, now you can schedule all your downloads.
+- FireFox Integration via FlashGot: Integrated FlashGot as an independent supported Firefox extension that handles single or massive selection of files for downloading.
+- CLI / Terminal Support: Offers command line or terminal option to download files.
+- Folder Auto-Creation: If you have provided the save path for the download, but the save path doesn’t exist, uget will automatically create them.
+- Download History Management: Keeps a track of finished download and recycled entries, per list 9,999 files. Entries which are older than the custom limit will be deleted automatically.
+- Multi-Language Support: By default uGet uses English, but it support more than 23 languages.
+- Aria2 Plugin: uGet integrated with Aria2 plugin to give more user friendly GUI.
+
+If you want to know a complete list of available features, see the official uGet [features page][1].
+
+### Install uGet in Debian, Ubuntu, Linux Mint and Fedora ###
+
+The uGet developers added latest version in various repos throughout the Linux platform, so you can able to install or upgrade uGet using supported repository under your Linux distribution.
+
+Currently, a few Linux distributions are not up-to-date, but you can get the status of your distribution by going to the [uGet Download page][2] and selecting your preferred distro from there for more details.
+
+#### On Debian ####
+
+In Debian Testing (Jessie) and Debian Unstable (Sid), you can easily install and update using the official repository on a fairly reliable basis.
+
+ $ sudo apt-get update
+ $ sudo apt-get install uget
+
+#### On Ubuntu & Linux Mint ####
+
+In Ubuntu and Linux Mint, you can install and update uGet using official PPA repository ‘ppa:plushuang-tw/uget-stable‘. By using this PPA, you automatically be kept up-to-date with the latest versions.
+
+ $ sudo add-apt-repository ppa:plushuang-tw/uget-stable
+ $ sudo apt-get update
+ $ sudo apt-get install uget
+
+#### On Fedora ####
+
+In Fedora 20 – 21, latest version of uGet (2.0) available from the official repositories, installing from these repo is fairly reliable.
+
+ $ sudo yum install uget
+
+**Note**: On older versions of Debian, Ubuntu, Linux Mint and Fedora, users can also install uGet. but the available version is 1.10.4. If you are looking for updated version (i.e. 2.0) you need to upgrade your system and add uGet PPA to get latest stable version.
+
+### Installing aria2 plugin ###
+
+[aria2][3] is a excellent command-line download utility, that is used by uGet as a aria2 plugin to add even more great functionality such as downloading torrent files, metalinks, multi-protocol & multi-source download.
+
+By default uGet uses CURL as backend in most of the today’s Linux systems, but the aria2 Plugin replaces CURL with aria2 as the backend.
+
+aria2 is a separate package that needs to be installed separately. You can easily install latest version of aria2 using supported repository under your Linux distribution or you can also use [downloads-aria2][4] that explains how to install aria2 on each distro.
+
+#### On Debian, Ubuntu and Linux Mint ####
+
+Use the official aria2 PPA repository to install latest version of aria2 using the following commands.
+
+ $ sudo add-apt-repository ppa:t-tujikawa/ppa
+ $ sudo apt-get update
+ $ sudo apt-get install aria2
+
+#### On Fedora ####
+
+Fedora’s official repositories already added aria2 package, so you can easily install it using the following yum command.
+
+ $ sudo yum install aria2
+
+#### Starting uGet ####
+
+To start uGet application, from the desktop “Menu” on search bar type “uget“. Refer below screenshot.
+
+
+Start uGet Download Manager
+
+
+uGet Version: 2.0
+
+#### Activate aria2 Plugin in uGet ####
+
+To active the aria2 plugin, from the uGet menu go to Edit –> Settings –> Plug-in tab, from the drop-down select “arial2“.
+
+
+Enable Aria2 Plugin for uGet
+
+### uGet 2.0 Screenshot Tour ###
+
+
+Download Files Using Aria2
+
+
+Download Torrent File Using uGet
+
+
+Batch Downloads Using uGet
+
+uGet source files and RPM packages also available for other Linux distributions and Windows at [download page][5].
+
+--------------------------------------------------------------------------------
+
+via: http://www.tecmint.com/install-uget-download-manager-in-linux/
+
+作者:[Ravi Saive][a]
+译者:[译者ID](https://github.com/译者ID)
+校对:[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
+
+[a]:http://www.tecmint.com/author/admin/
+[1]:http://uget.visuex.com/features
+[2]:http://ugetdm.com/downloads
+[3]:http://www.tecmint.com/install-aria2-a-multi-protocol-command-line-download-manager-in-rhel-centos-fedora/
+[4]:http://ugetdm.com/downloads-aria2
+[5]:http://ugetdm.com/downloads
\ No newline at end of file
diff --git a/sources/tech/20150512 45 Zypper Commands to Manage 'Suse' Linux Package Management.md b/sources/tech/20150512 45 Zypper Commands to Manage 'Suse' Linux Package Management.md
new file mode 100644
index 0000000000..8468a26986
--- /dev/null
+++ b/sources/tech/20150512 45 Zypper Commands to Manage 'Suse' Linux Package Management.md
@@ -0,0 +1,826 @@
+45 Zypper Commands to Manage ‘Suse’ Linux Package Management
+================================================================================
+SUSE (Software and System Entwicklung (Germany) meaning Software and System Development, in English) Linux lies on top of Linux Kernel brought by Novell. SUSE comes in two pack. One of them is called OpenSUSE, which is freely available (free as in speech as well as free as in wine). It is a community driven project packed with latest application support, the latest stable release of OpenSUSE Linux is 13.2.
+
+The other is SUSE Linux Enterprise which is a commercial Linux Distribution designed specially for enterprise and production. SUSE Linux Enterprise edition comes with a variety of Enterprise Applications and features suited for production environment, the latest stable release of SUSE Linux Enterprise Edition is 12.
+
+You may like to check the detailed installation instruction of SUSE Linux Enterprise Server at:
+
+- [Installation of SUSE Linux Enterprise Server 12][1]
+
+Zypper and YaST are the Package Manager for SUSE Linux, which works on top of RPM.
+
+YaST which stands for Yet another Setup Tool is a tool that works on OpenSUSE and SUSE Enterprise edition to administer, setup and configure SUSE Linux.
+
+Zypper is the command line interface of ZYpp package manager for installing, removing and updating SUSE. ZYpp is the package management engine that powers both Zypper and YaST.
+
+Here in this article we will see Zypper in action, which will be installing, updating, removing and doing every other thing a package manager can do. Here we go…
+
+**Important** : Remember all these command are meant for system wide changes hence must be run as root, else the command will fail.
+
+### Getting Basic Help with Zypper ###
+
+1. Run zypper without any option, will give you a list of all global options and commands.
+
+ # zypper
+
+ Usage:
+ zypper [--global-options]
+
+2. To get help on a specific command say ‘in’ (install), run the below commands.
+
+ # zypper help in
+ OR
+ # zypper help install
+
+ install (in) [options] ...
+
+ Install packages with specified capabilities or RPM files with specified
+ location. A capability is NAME[.ARCH][OP], where OP is one
+ of <, <=, =, >=, >.
+
+ Command options:
+ --from Select packages from the specified repository.
+ -r, --repo Load only the specified repository.
+ -t, --type Type of package (package, patch, pattern, product, srcpackage).
+ Default: package.
+ -n, --name Select packages by plain name, not by capability.
+ -C, --capability Select packages by capability.
+ -f, --force Install even if the item is already installed (reinstall),
+ downgraded or changes vendor or architecture.
+ --oldpackage Allow to replace a newer item with an older one.
+ Handy if you are doing a rollback. Unlike --force
+ it will not enforce a reinstall.
+ --replacefiles Install the packages even if they replace files from other,
+ already installed, packages. Default is to treat file conflicts
+ as an error. --download-as-needed disables the fileconflict check.
+ ......
+
+3. Search for a package (say gnome-desktop) before installing.
+
+ # zypper se gnome-desktop
+
+ Retrieving repository 'openSUSE-13.2-Debug' metadata ............................................................[done]
+ Building repository 'openSUSE-13.2-Debug' cache .................................................................[done]
+ Retrieving repository 'openSUSE-13.2-Non-Oss' metadata ......................................................... [done]
+ Building repository 'openSUSE-13.2-Non-Oss' cache ...............................................................[done]
+ Retrieving repository 'openSUSE-13.2-Oss' metadata ..............................................................[done]
+ Building repository 'openSUSE-13.2-Oss' cache ...................................................................[done]
+ Retrieving repository 'openSUSE-13.2-Update' metadata ...........................................................[done]
+ Building repository 'openSUSE-13.2-Update' cache ................................................................[done]
+ Retrieving repository 'openSUSE-13.2-Update-Non-Oss' metadata ...................................................[done]
+ Building repository 'openSUSE-13.2-Update-Non-Oss' cache ........................................................[done]
+ Loading repository data...
+ Reading installed packages...
+
+ S | Name | Summary | Type
+ --+---------------------------------------+-----------------------------------------------------------+-----------
+ | gnome-desktop2-lang | Languages for package gnome-desktop2 | package
+ | gnome-desktop2 | The GNOME Desktop API Library | package
+ | libgnome-desktop-2-17 | The GNOME Desktop API Library | package
+ | libgnome-desktop-3-10 | The GNOME Desktop API Library | package
+ | libgnome-desktop-3-devel | The GNOME Desktop API Library -- Development Files | package
+ | libgnome-desktop-3_0-common | The GNOME Desktop API Library -- Common data files | package
+ | gnome-desktop-debugsource | Debug sources for package gnome-desktop | package
+ | gnome-desktop-sharp2-debugsource | Debug sources for package gnome-desktop-sharp2 | package
+ | gnome-desktop2-debugsource | Debug sources for package gnome-desktop2 | package
+ | libgnome-desktop-2-17-debuginfo | Debug information for package libgnome-desktop-2-17 | package
+ | libgnome-desktop-3-10-debuginfo | Debug information for package libgnome-desktop-3-10 | package
+ | libgnome-desktop-3_0-common-debuginfo | Debug information for package libgnome-desktop-3_0-common | package
+ | libgnome-desktop-2-17-debuginfo-32bit | Debug information for package libgnome-desktop-2-17 | package
+ | libgnome-desktop-3-10-debuginfo-32bit | Debug information for package libgnome-desktop-3-10 | package
+ | gnome-desktop-sharp2 | Mono bindings for libgnome-desktop | package
+ | libgnome-desktop-2-devel | The GNOME Desktop API Library -- Development Files | package
+ | gnome-desktop-lang | Languages for package gnome-desktop | package
+ | libgnome-desktop-2-17-32bit | The GNOME Desktop API Library | package
+ | libgnome-desktop-3-10-32bit | The GNOME Desktop API Library | package
+ | gnome-desktop | The GNOME Desktop API Library | srcpackage
+
+4. Get information on a pattern package (say lamp_server) using following command.
+
+ # zypper info -t pattern lamp_server
+
+ Loading repository data...
+ Reading installed packages...
+
+
+ Information for pattern lamp_server:
+ ------------------------------------
+ Repository: openSUSE-13.2-Update
+ Name: lamp_server
+ Version: 20141007-5.1
+ Arch: x86_64
+ Vendor: openSUSE
+ Installed: No
+ Visible to User: Yes
+ Summary: Web and LAMP Server
+ Description:
+ Software to set up a Web server that is able to serve static, dynamic, and interactive content (like a Web shop). This includes Apache HTTP Server, the database management system MySQL,
+ and scripting languages such as PHP, Python, Ruby on Rails, or Perl.
+ Contents:
+
+ S | Name | Type | Dependency
+ --+-------------------------------+---------+-----------
+ | apache2-mod_php5 | package |
+ | php5-iconv | package |
+ i | patterns-openSUSE-base | package |
+ i | apache2-prefork | package |
+ | php5-dom | package |
+ | php5-mysql | package |
+ i | apache2 | package |
+ | apache2-example-pages | package |
+ | mariadb | package |
+ | apache2-mod_perl | package |
+ | php5-ctype | package |
+ | apache2-doc | package |
+ | yast2-http-server | package |
+ | patterns-openSUSE-lamp_server | package |
+
+5. To open zypper shell session run the below command.
+
+ # zypper shell
+ OR
+ # zypper sh
+
+ zypper> help
+ Usage:
+ zypper [--global-options]
+
+**Note**: On Zypper shell type ‘help‘ to get a list of global options and commands.
+
+### Zypper Repository Management ###
+
+#### Listing Defined Repositories ####
+
+6. Use zypper repos or zypper lr commands to list all the defined repositories.
+
+ # zypper repos
+ OR
+ # zypper lr
+
+ | Alias | Name | Enabled | Refresh
+ --+---------------------------+------------------------------------+---------+--------
+ 1 | openSUSE-13.2-0 | openSUSE-13.2-0 | Yes | No
+ 2 | repo-debug | openSUSE-13.2-Debug | Yes | Yes
+ 3 | repo-debug-update | openSUSE-13.2-Update-Debug | No | Yes
+ 4 | repo-debug-update-non-oss | openSUSE-13.2-Update-Debug-Non-Oss | No | Yes
+ 5 | repo-non-oss | openSUSE-13.2-Non-Oss | Yes | Yes
+ 6 | repo-oss | openSUSE-13.2-Oss | Yes | Yes
+ 7 | repo-source | openSUSE-13.2-Source | No | Yes
+ 8 | repo-update | openSUSE-13.2-Update | Yes | Yes
+ 9 | repo-update-non-oss | openSUSE-13.2-Update-Non-Oss | Yes | Yes
+
+7. List zypper URI on the table.
+
+ # zypper lr -u
+
+ # | Alias | Name | Enabled | Refresh | URI
+ --+---------------------------+------------------------------------+---------+---------+----------------------------------------------------------------
+ 1 | openSUSE-13.2-0 | openSUSE-13.2-0 | Yes | No | cd:///?devices=/dev/disk/by-id/ata-VBOX_CD-ROM_VB2-01700376
+ 2 | repo-debug | openSUSE-13.2-Debug | Yes | Yes | http://download.opensuse.org/debug/distribution/13.2/repo/oss/
+ 3 | repo-debug-update | openSUSE-13.2-Update-Debug | No | Yes | http://download.opensuse.org/debug/update/13.2/
+ 4 | repo-debug-update-non-oss | openSUSE-13.2-Update-Debug-Non-Oss | No | Yes | http://download.opensuse.org/debug/update/13.2-non-oss/
+ 5 | repo-non-oss | openSUSE-13.2-Non-Oss | Yes | Yes | http://download.opensuse.org/distribution/13.2/repo/non-oss/
+ 6 | repo-oss | openSUSE-13.2-Oss | Yes | Yes | http://download.opensuse.org/distribution/13.2/repo/oss/
+ 7 | repo-source | openSUSE-13.2-Source | No | Yes | http://download.opensuse.org/source/distribution/13.2/repo/oss/
+ 8 | repo-update | openSUSE-13.2-Update | Yes | Yes | http://download.opensuse.org/update/13.2/
+ 9 | repo-update-non-oss | openSUSE-13.2-Update-Non-Oss | Yes | Yes | http://download.opensuse.org/update/13.2-non-oss/
+
+8. List repository priority and list by priority.
+
+ # zypper lr -P
+
+ # | Alias | Name | Enabled | Refresh | Priority
+ --+---------------------------+------------------------------------+---------+---------+---------
+ 1 | openSUSE-13.2-0 | openSUSE-13.2-0 | Yes | No | 99
+ 2 | repo-debug | openSUSE-13.2-Debug | Yes | Yes | 99
+ 3 | repo-debug-update | openSUSE-13.2-Update-Debug | No | Yes | 99
+ 4 | repo-debug-update-non-oss | openSUSE-13.2-Update-Debug-Non-Oss | No | Yes | 99
+ 5 | repo-non-oss | openSUSE-13.2-Non-Oss | Yes | Yes | 85
+ 6 | repo-oss | openSUSE-13.2-Oss | Yes | Yes | 99
+ 7 | repo-source | openSUSE-13.2-Source | No | Yes | 99
+ 8 | repo-update | openSUSE-13.2-Update | Yes | Yes | 99
+ 9 | repo-update-non-oss | openSUSE-13.2-Update-Non-Oss | Yes | Yes | 99
+
+#### Refreshing Repositories ####
+
+9. Use commands zypper refresh or zypper ref to refresh zypper repositories.
+
+ # zypper refresh
+ OR
+ # zypper ref
+
+ Repository 'openSUSE-13.2-0' is up to date.
+ Repository 'openSUSE-13.2-Debug' is up to date.
+ Repository 'openSUSE-13.2-Non-Oss' is up to date.
+ Repository 'openSUSE-13.2-Oss' is up to date.
+ Repository 'openSUSE-13.2-Update' is up to date.
+ Repository 'openSUSE-13.2-Update-Non-Oss' is up to date.
+ All repositories have been refreshed.
+
+10. To refresh a specific repository say ‘repo-non-oss‘, type:
+
+ # zypper refresh repo-non-oss
+
+ Repository 'openSUSE-13.2-Non-Oss' is up to date.
+ Specified repositories have been refreshed.
+
+11. To force update a repository say ‘repo-non-oss‘, type:
+
+ # zypper ref -f repo-non-oss
+
+ Forcing raw metadata refresh
+ Retrieving repository 'openSUSE-13.2-Non-Oss' metadata ............................................................[done]
+ Forcing building of repository cache
+ Building repository 'openSUSE-13.2-Non-Oss' cache ............................................................[done]
+ Specified repositories have been refreshed.
+
+#### Modifying Repositories ####
+
+Here, we use ‘zypper modifyrepo‘ or ‘zypper mr‘ commands to disable, enable zypper repositories.
+
+12. Before disabling repository, you must know that in Zypper, every repository has its own unique number, that is used to disable or enable a repository.
+
+Let’s say you want to disable repository ‘repo-oss‘, to disable first you need to its number by typing following command.
+
+ # zypper lr
+
+ # | Alias | Name | Enabled | Refresh
+ --+---------------------------+------------------------------------+---------+--------
+ 1 | openSUSE-13.2-0 | openSUSE-13.2-0 | Yes | No
+ 2 | repo-debug | openSUSE-13.2-Debug | Yes | Yes
+ 3 | repo-debug-update | openSUSE-13.2-Update-Debug | No | Yes
+ 4 | repo-debug-update-non-oss | openSUSE-13.2-Update-Debug-Non-Oss | No | Yes
+ 5 | repo-non-oss | openSUSE-13.2-Non-Oss | Yes | Yes
+ 6 | repo-oss | openSUSE-13.2-Oss | No | Yes
+ 7 | repo-source | openSUSE-13.2-Source | No | Yes
+ 8 | repo-update | openSUSE-13.2-Update | Yes | Yes
+ 9 | repo-update-non-oss | openSUSE-13.2-Update-Non-Oss | Yes | Yes
+
+Do you see in the above output, that the repository ‘repo-oss‘ having number 6, to disable this you need to specify number 6 along with following command.
+
+ # zypper mr -d 6
+
+ Repository 'repo-oss' has been successfully disabled.
+
+13. To enable again same repository ‘repo-oss‘, which appears at number 6 (as shown in above example).
+
+ # zypper mr -e 6
+
+ Repository 'repo-oss' has been successfully enabled.
+
+14. Enable auto-refresh and rpm file ‘caching‘ for a repo say ‘repo-non-oss‘ and set its priority to say 85.
+
+ # zypper mr -rk -p 85 repo-non-oss
+
+ Repository 'repo-non-oss' priority has been left unchanged (85)
+ Nothing to change for repository 'repo-non-oss'.
+
+15. Disable rpm file caching for all the repositories.
+
+ # zypper mr -Ka
+
+ RPM files caching has been disabled for repository 'openSUSE-13.2-0'.
+ RPM files caching has been disabled for repository 'repo-debug'.
+ RPM files caching has been disabled for repository 'repo-debug-update'.
+ RPM files caching has been disabled for repository 'repo-debug-update-non-oss'.
+ RPM files caching has been disabled for repository 'repo-non-oss'.
+ RPM files caching has been disabled for repository 'repo-oss'.
+ RPM files caching has been disabled for repository 'repo-source'.
+ RPM files caching has been disabled for repository 'repo-update'.
+ RPM files caching has been disabled for repository 'repo-update-non-oss'.
+
+16. Enable rpm file caching for all the repositories.
+
+ # zypper mr -ka
+
+ RPM files caching has been enabled for repository 'openSUSE-13.2-0'.
+ RPM files caching has been enabled for repository 'repo-debug'.
+ RPM files caching has been enabled for repository 'repo-debug-update'.
+ RPM files caching has been enabled for repository 'repo-debug-update-non-oss'.
+ RPM files caching has been enabled for repository 'repo-non-oss'.
+ RPM files caching has been enabled for repository 'repo-oss'.
+ RPM files caching has been enabled for repository 'repo-source'.
+ RPM files caching has been enabled for repository 'repo-update'.
+ RPM files caching has been enabled for repository 'repo-update-non-oss'.
+
+17. Disable rpm file caching for remote repositories.
+
+ # zypper mr -Kt
+
+ RPM files caching has been disabled for repository 'repo-debug'.
+ RPM files caching has been disabled for repository 'repo-debug-update'.
+ RPM files caching has been disabled for repository 'repo-debug-update-non-oss'.
+ RPM files caching has been disabled for repository 'repo-non-oss'.
+ RPM files caching has been disabled for repository 'repo-oss'.
+ RPM files caching has been disabled for repository 'repo-source'.
+ RPM files caching has been disabled for repository 'repo-update'.
+ RPM files caching has been disabled for repository 'repo-update-non-oss'.
+
+18. Enable rpm file caching for remote repositories.
+
+ # zypper mr -kt
+
+ RPM files caching has been enabled for repository 'repo-debug'.
+ RPM files caching has been enabled for repository 'repo-debug-update'.
+ RPM files caching has been enabled for repository 'repo-debug-update-non-oss'.
+ RPM files caching has been enabled for repository 'repo-non-oss'.
+ RPM files caching has been enabled for repository 'repo-oss'.
+ RPM files caching has been enabled for repository 'repo-source'.
+ RPM files caching has been enabled for repository 'repo-update'.
+ RPM files caching has been enabled for repository 'repo-update-non-oss'.
+
+#### Adding Repositories ####
+
+You may make use of any of the two commands – ‘zypper addrepo‘ or ‘zypper ar‘. You may use repo url or alias to add Repository.
+
+19. Add a repository say “http://download.opensuse.org/update/12.3/”.
+
+ # zypper ar http://download.opensuse.org/update/11.1/ update
+
+ Adding repository 'update' .............................................................................................................................................................[done]
+ Repository 'update' successfully added
+ Enabled : Yes
+ Autorefresh : No
+ GPG check : Yes
+ URI : http://download.opensuse.org/update/11.1/
+
+20. Rename a repository. It will change the alias only. You may use command ‘zypper namerepo‘ or ‘zypper nr‘. To rename aka change alias of a repo that appears at number 10 (zypper lr) to upd8, run the below command.
+
+ # zypper nr 10 upd8
+
+ Repository 'update' renamed to 'upd8'.
+
+#### Removing Repositories ####
+
+21. Remove a repository. It will remove the repository from the system. You may use the command ‘zypper removerepo‘ or ‘zypper rr‘. To remove a repo say ‘upd8‘, run the below command.
+
+ # zypper rr upd8
+
+ # Removing repository 'upd8' .........................................................................................[done]
+ Repository 'upd8' has been removed.
+
+### Package Management using Zypper ###
+
+#### Install a Package with Zypper ####
+
+22. With Zypper, we can install packages based upon capability name. For example, to install a package (say Mozilla Firefox) using capability name.
+
+ # zypper in MozillaFirefox
+
+ Loading repository data...
+ Reading installed packages...
+ Resolving package dependencies...
+
+ The following 128 NEW packages are going to be installed:
+ adwaita-icon-theme at-spi2-atk-common at-spi2-atk-gtk2 at-spi2-core cantarell-fonts cups-libs desktop-file-utils fontconfig gdk-pixbuf-query-loaders gstreamer gstreamer-fluendo-mp3
+ gstreamer-plugins-base gtk2-branding-openSUSE gtk2-data gtk2-immodule-amharic gtk2-immodule-inuktitut gtk2-immodule-thai gtk2-immodule-vietnamese gtk2-metatheme-adwaita
+ gtk2-theming-engine-adwaita gtk2-tools gtk3-data gtk3-metatheme-adwaita gtk3-tools hicolor-icon-theme hicolor-icon-theme-branding-openSUSE libasound2 libatk-1_0-0 libatk-bridge-2_0-0
+ libatspi0 libcairo2 libcairo-gobject2 libcanberra0 libcanberra-gtk0 libcanberra-gtk2-module libcanberra-gtk3-0 libcanberra-gtk3-module libcanberra-gtk-module-common libcdda_interface0
+ libcdda_paranoia0 libcolord2 libdrm2 libdrm_intel1 libdrm_nouveau2 libdrm_radeon1 libFLAC8 libfreebl3 libgbm1 libgdk_pixbuf-2_0-0 libgraphite2-3 libgstapp-1_0-0 libgstaudio-1_0-0
+ libgstpbutils-1_0-0 libgstreamer-1_0-0 libgstriff-1_0-0 libgsttag-1_0-0 libgstvideo-1_0-0 libgthread-2_0-0 libgtk-2_0-0 libgtk-3-0 libharfbuzz0 libjasper1 libjbig2 libjpeg8 libjson-c2
+ liblcms2-2 libLLVM libltdl7 libnsssharedhelper0 libogg0 liborc-0_4-0 libpackagekit-glib2-18 libpango-1_0-0 libpciaccess0 libpixman-1-0 libpulse0 libsndfile1 libsoftokn3 libspeex1
+ libsqlite3-0 libstartup-notification-1-0 libtheoradec1 libtheoraenc1 libtiff5 libvisual libvorbis0 libvorbisenc2 libvorbisfile3 libwayland-client0 libwayland-cursor0 libwayland-server0
+ libX11-xcb1 libxcb-dri2-0 libxcb-dri3-0 libxcb-glx0 libxcb-present0 libxcb-render0 libxcb-shm0 libxcb-sync1 libxcb-util1 libxcb-xfixes0 libXcomposite1 libXcursor1 libXdamage1 libXevie1
+ libXfixes3 libXft2 libXi6 libXinerama1 libxkbcommon-0_4_3 libXrandr2 libXrender1 libxshmfence1 libXtst6 libXv1 libXxf86vm1 Mesa Mesa-libEGL1 Mesa-libGL1 Mesa-libglapi0
+ metatheme-adwaita-common MozillaFirefox MozillaFirefox-branding-openSUSE mozilla-nss mozilla-nss-certs PackageKit-gstreamer-plugin pango-tools sound-theme-freedesktop
+
+ The following 10 recommended packages were automatically selected:
+ gstreamer-fluendo-mp3 gtk2-branding-openSUSE gtk2-data gtk2-immodule-amharic gtk2-immodule-inuktitut gtk2-immodule-thai gtk2-immodule-vietnamese libcanberra0 libpulse0
+ PackageKit-gstreamer-plugin
+
+ 128 new packages to install.
+ Overall download size: 77.2 MiB. Already cached: 0 B After the operation, additional 200.0 MiB will be used.
+ Continue? [y/n/? shows all options] (y): y
+ Retrieving package cantarell-fonts-0.0.16-1.1.noarch (1/128), 74.1 KiB (115.6 KiB unpacked)
+ Retrieving: cantarell-fonts-0.0.16-1.1.noarch.rpm .........................................................................................................................[done (63.4 KiB/s)]
+ Retrieving package hicolor-icon-theme-0.13-2.1.2.noarch (2/128), 40.1 KiB ( 50.5 KiB unpacked)
+ Retrieving: hicolor-icon-theme-0.13-2.1.2.noarch.rpm ...................................................................................................................................[done]
+ Retrieving package sound-theme-freedesktop-0.8-7.1.2.noarch (3/128), 372.6 KiB (460.3 KiB unpacked)
+
+23. Install a package (say gcc) using version.
+
+ # zypper in 'gcc<5.1'
+
+ Loading repository data...
+ Reading installed packages...
+ Resolving package dependencies...
+
+ The following 13 NEW packages are going to be installed:
+ cpp cpp48 gcc gcc48 libasan0 libatomic1-gcc49 libcloog-isl4 libgomp1-gcc49 libisl10 libitm1-gcc49 libmpc3 libmpfr4 libtsan0-gcc49
+
+ 13 new packages to install.
+ Overall download size: 14.5 MiB. Already cached: 0 B After the operation, additional 49.4 MiB will be used.
+ Continue? [y/n/? shows all options] (y): y
+
+24. Install a package (say gcc) for architecture (say i586).
+
+ # zypper in gcc.i586
+
+ Loading repository data...
+ Reading installed packages...
+ Resolving package dependencies...
+
+ The following 13 NEW packages are going to be installed:
+ cpp cpp48 gcc gcc48 libasan0 libatomic1-gcc49 libcloog-isl4 libgomp1-gcc49 libisl10 libitm1-gcc49 libmpc3 libmpfr4 libtsan0-gcc49
+
+ 13 new packages to install.
+ Overall download size: 14.5 MiB. Already cached: 0 B After the operation, additional 49.4 MiB will be used.
+ Continue? [y/n/? shows all options] (y): y
+ Retrieving package libasan0-4.8.3+r212056-2.2.4.x86_64 (1/13), 74.2 KiB (166.9 KiB unpacked)
+ Retrieving: libasan0-4.8.3+r212056-2.2.4.x86_64.rpm .......................................................................................................................[done (79.2 KiB/s)]
+ Retrieving package libatomic1-gcc49-4.9.0+r211729-2.1.7.x86_64 (2/13), 14.3 KiB ( 26.1 KiB unpacked)
+ Retrieving: libatomic1-gcc49-4.9.0+r211729-2.1.7.x86_64.rpm ...............................................................................................................[done (55.3 KiB/s)]
+
+25. Install a package (say gcc) for specific architecture (say i586) and specific version (say <5.1),
+
+ # zypper in 'gcc.i586<5.1'
+
+ Loading repository data...
+ Reading installed packages...
+ Resolving package dependencies...
+
+ The following 13 NEW packages are going to be installed:
+ cpp cpp48 gcc gcc48 libasan0 libatomic1-gcc49 libcloog-isl4 libgomp1-gcc49 libisl10 libitm1-gcc49 libmpc3 libmpfr4 libtsan0-gcc49
+
+ 13 new packages to install.
+ Overall download size: 14.4 MiB. Already cached: 129.5 KiB After the operation, additional 49.4 MiB will be used.
+ Continue? [y/n/? shows all options] (y): y
+ In cache libasan0-4.8.3+r212056-2.2.4.x86_64.rpm (1/13), 74.2 KiB (166.9 KiB unpacked)
+ In cache libatomic1-gcc49-4.9.0+r211729-2.1.7.x86_64.rpm (2/13), 14.3 KiB ( 26.1 KiB unpacked)
+ In cache libgomp1-gcc49-4.9.0+r211729-2.1.7.x86_64.rpm (3/13), 41.1 KiB ( 90.7 KiB unpacked)
+
+26. Install a Package (say libxine) from repository (amarok).
+
+ # zypper in amarok upd:libxine1
+
+ Loading repository data...
+ Reading installed packages...
+ Resolving package dependencies...
+ The following 202 NEW packages are going to be installed:
+ amarok bundle-lang-kde-en clamz cups-libs enscript fontconfig gdk-pixbuf-query-loaders ghostscript-fonts-std gptfdisk gstreamer gstreamer-plugins-base hicolor-icon-theme
+ hicolor-icon-theme-branding-openSUSE htdig hunspell hunspell-tools icoutils ispell ispell-american kde4-filesystem kdebase4-runtime kdebase4-runtime-branding-openSUSE kdelibs4
+ kdelibs4-branding-openSUSE kdelibs4-core kdialog libakonadi4 l
+ .....
+
+27. Install a Package (say git) using name (-n).
+
+ # zypper in -n git
+
+ Loading repository data...
+ Reading installed packages...
+ Resolving package dependencies...
+
+ The following 35 NEW packages are going to be installed:
+ cvs cvsps fontconfig git git-core git-cvs git-email git-gui gitk git-svn git-web libserf-1-1 libsqlite3-0 libXft2 libXrender1 libXss1 perl-Authen-SASL perl-Clone perl-DBD-SQLite perl-DBI
+ perl-Error perl-IO-Socket-SSL perl-MLDBM perl-Net-Daemon perl-Net-SMTP-SSL perl-Net-SSLeay perl-Params-Util perl-PlRPC perl-SQL-Statement perl-Term-ReadKey subversion subversion-perl tcl
+ tk xhost
+
+ The following 13 recommended packages were automatically selected:
+ git-cvs git-email git-gui gitk git-svn git-web perl-Authen-SASL perl-Clone perl-MLDBM perl-Net-Daemon perl-Net-SMTP-SSL perl-PlRPC perl-SQL-Statement
+
+ The following package is suggested, but will not be installed:
+ git-daemon
+
+ 35 new packages to install.
+ Overall download size: 15.6 MiB. Already cached: 0 B After the operation, additional 56.7 MiB will be used.
+ Continue? [y/n/? shows all options] (y): y
+
+28. Install a package using wildcards. For example, install all php5 packages.
+
+ # zypper in php5*
+
+ Loading repository data...
+ Reading installed packages...
+ Resolving package dependencies...
+
+ Problem: php5-5.6.1-18.1.x86_64 requires smtp_daemon, but this requirement cannot be provided
+ uninstallable providers: exim-4.83-3.1.8.x86_64[openSUSE-13.2-0]
+ postfix-2.11.0-5.2.2.x86_64[openSUSE-13.2-0]
+ sendmail-8.14.9-2.2.2.x86_64[openSUSE-13.2-0]
+ exim-4.83-3.1.8.i586[repo-oss]
+ msmtp-mta-1.4.32-2.1.3.i586[repo-oss]
+ postfix-2.11.0-5.2.2.i586[repo-oss]
+ sendmail-8.14.9-2.2.2.i586[repo-oss]
+ exim-4.83-3.1.8.x86_64[repo-oss]
+ msmtp-mta-1.4.32-2.1.3.x86_64[repo-oss]
+ postfix-2.11.0-5.2.2.x86_64[repo-oss]
+ sendmail-8.14.9-2.2.2.x86_64[repo-oss]
+ postfix-2.11.3-5.5.1.i586[repo-update]
+ postfix-2.11.3-5.5.1.x86_64[repo-update]
+ Solution 1: Following actions will be done:
+ do not install php5-5.6.1-18.1.x86_64
+ do not install php5-pear-Auth_SASL-1.0.6-7.1.3.noarch
+ do not install php5-pear-Horde_Http-2.0.1-6.1.3.noarch
+ do not install php5-pear-Horde_Image-2.0.1-6.1.3.noarch
+ do not install php5-pear-Horde_Kolab_Format-2.0.1-6.1.3.noarch
+ do not install php5-pear-Horde_Ldap-2.0.1-6.1.3.noarch
+ do not install php5-pear-Horde_Memcache-2.0.1-7.1.3.noarch
+ do not install php5-pear-Horde_Mime-2.0.2-6.1.3.noarch
+ do not install php5-pear-Horde_Oauth-2.0.0-6.1.3.noarch
+ do not install php5-pear-Horde_Pdf-2.0.1-6.1.3.noarch
+ ....
+
+29. Install a Package (say lamp_server) using pattern (group of packages).
+
+ # zypper in -t pattern lamp_server
+
+ ading repository data...
+ Reading installed packages...
+ Resolving package dependencies...
+
+ The following 29 NEW packages are going to be installed:
+ apache2 apache2-doc apache2-example-pages apache2-mod_perl apache2-prefork patterns-openSUSE-lamp_server perl-Data-Dump perl-Encode-Locale perl-File-Listing perl-HTML-Parser
+ perl-HTML-Tagset perl-HTTP-Cookies perl-HTTP-Daemon perl-HTTP-Date perl-HTTP-Message perl-HTTP-Negotiate perl-IO-HTML perl-IO-Socket-SSL perl-libwww-perl perl-Linux-Pid
+ perl-LWP-MediaTypes perl-LWP-Protocol-https perl-Net-HTTP perl-Net-SSLeay perl-Tie-IxHash perl-TimeDate perl-URI perl-WWW-RobotRules yast2-http-server
+
+ The following NEW pattern is going to be installed:
+ lamp_server
+
+ The following 10 recommended packages were automatically selected:
+ apache2 apache2-doc apache2-example-pages apache2-mod_perl apache2-prefork perl-Data-Dump perl-IO-Socket-SSL perl-LWP-Protocol-https perl-TimeDate yast2-http-server
+
+ 29 new packages to install.
+ Overall download size: 7.2 MiB. Already cached: 1.2 MiB After the operation, additional 34.7 MiB will be used.
+ Continue? [y/n/? shows all options] (y):
+
+30. Install a Package (say nano) and remove a package (say vi) in one go.
+
+ # zypper in nano -vi
+
+ Loading repository data...
+ Reading installed packages...
+ '-vi' not found in package names. Trying capabilities.
+ Resolving package dependencies...
+
+ The following 2 NEW packages are going to be installed:
+ nano nano-lang
+
+ The following package is going to be REMOVED:
+ vim
+
+ The following recommended package was automatically selected:
+ nano-lang
+
+ 2 new packages to install, 1 to remove.
+ Overall download size: 550.0 KiB. Already cached: 0 B After the operation, 463.3 KiB will be freed.
+ Continue? [y/n/? shows all options] (y):
+ ...
+
+31. Install a rpm package (say teamviewer).
+
+ # zypper in teamviewer*.rpm
+
+ Loading repository data...
+ Reading installed packages...
+ Resolving package dependencies...
+
+ The following 24 NEW packages are going to be installed:
+ alsa-oss-32bit fontconfig-32bit libasound2-32bit libexpat1-32bit libfreetype6-32bit libgcc_s1-gcc49-32bit libICE6-32bit libjpeg62-32bit libpng12-0-32bit libpng16-16-32bit libSM6-32bit
+ libuuid1-32bit libX11-6-32bit libXau6-32bit libxcb1-32bit libXdamage1-32bit libXext6-32bit libXfixes3-32bit libXinerama1-32bit libXrandr2-32bit libXrender1-32bit libXtst6-32bit
+ libz1-32bit teamviewer
+
+ The following recommended package was automatically selected:
+ alsa-oss-32bit
+
+ 24 new packages to install.
+ Overall download size: 41.2 MiB. Already cached: 0 B After the operation, additional 119.7 MiB will be used.
+ Continue? [y/n/? shows all options] (y):
+ ..
+
+#### Remove a Package with Zypper ####
+
+32. To remove any package, you can use ‘zypper remove‘ or ‘zypper rm‘ commands. For example, to remove a package (say apache2), run:
+
+ # zypper remove apache2
+ Or
+ # zypper rm apache2
+
+ Loading repository data...
+ Reading installed packages...
+ Resolving package dependencies...
+
+ The following 2 packages are going to be REMOVED:
+ apache2 apache2-prefork
+
+ 2 packages to remove.
+ After the operation, 4.2 MiB will be freed.
+ Continue? [y/n/? shows all options] (y): y
+ (1/2) Removing apache2-2.4.10-19.1 ........................................................................[done]
+ (2/2) Removing apache2-prefork-2.4.10-19.1 ................................................................[done]
+
+#### Updating Packages using Zypper ####
+
+33. Update all packages. You may use commands ‘zypper update‘ or ‘zypper up‘.
+
+ # zypper up
+ OR
+ # zypper update
+
+ Loading repository data...
+ Reading installed packages...
+ Nothing to do.
+
+34. Update specific packages (say apache2 and openssh).
+
+ # zypper up apache2 openssh
+
+ Loading repository data...
+ Reading installed packages...
+ No update candidate for 'apache2-2.4.10-19.1.x86_64'. The highest available version is already installed.
+ No update candidate for 'openssh-6.6p1-5.1.3.x86_64'. The highest available version is already installed.
+ Resolving package dependencies...
+
+ Nothing to do.
+
+35. Install a package say (mariadb) if not installed, if installed update it.
+
+ # zypper in mariadb
+
+ Loading repository data...
+ Reading installed packages...
+ 'mariadb' is already installed.
+ No update candidate for 'mariadb-10.0.13-2.6.1.x86_64'. The highest available version is already installed.
+ Resolving package dependencies...
+
+ Nothing to do.
+
+#### Install Source and Build Dependencies ####
+
+You may use ‘zypper source-install‘ or ‘zypper si‘ commands to build packages from source.
+
+36. Install source packages and build their dependencies for a package (say mariadb).
+
+ # zypper si mariadb
+
+ Reading installed packages...
+ Loading repository data...
+ Resolving package dependencies...
+
+ The following 36 NEW packages are going to be installed:
+ autoconf automake bison cmake cpp cpp48 gcc gcc48 gcc48-c++ gcc-c++ libaio-devel libarchive13 libasan0 libatomic1-gcc49 libcloog-isl4 libedit-devel libevent-devel libgomp1-gcc49 libisl10
+ libitm1-gcc49 libltdl7 libmpc3 libmpfr4 libopenssl-devel libstdc++48-devel libtool libtsan0-gcc49 m4 make ncurses-devel pam-devel readline-devel site-config tack tcpd-devel zlib-devel
+
+ The following source package is going to be installed:
+ mariadb
+
+ 36 new packages to install, 1 source package.
+ Overall download size: 71.5 MiB. Already cached: 129.5 KiB After the operation, additional 183.9 MiB will be used.
+ Continue? [y/n/? shows all options] (y): y
+
+37. Install only the source for a package (say mariadb).
+
+ # zypper in -D mariadb
+
+ Loading repository data...
+ Reading installed packages...
+ 'mariadb' is already installed.
+ No update candidate for 'mariadb-10.0.13-2.6.1.x86_64'. The highest available version is already installed.
+ Resolving package dependencies...
+
+ Nothing to do.
+
+38. Install only the build dependencies for a packages (say mariadb).
+
+ # zypper si -d mariadb
+
+ Reading installed packages...
+ Loading repository data...
+ Resolving package dependencies...
+
+ The following 36 NEW packages are going to be installed:
+ autoconf automake bison cmake cpp cpp48 gcc gcc48 gcc48-c++ gcc-c++ libaio-devel libarchive13 libasan0 libatomic1-gcc49 libcloog-isl4 libedit-devel libevent-devel libgomp1-gcc49 libisl10
+ libitm1-gcc49 libltdl7 libmpc3 libmpfr4 libopenssl-devel libstdc++48-devel libtool libtsan0-gcc49 m4 make ncurses-devel pam-devel readline-devel site-config tack tcpd-devel zlib-devel
+
+ The following package is recommended, but will not be installed due to conflicts or dependency issues:
+ readline-doc
+
+ 36 new packages to install.
+ Overall download size: 33.7 MiB. Already cached: 129.5 KiB After the operation, additional 144.3 MiB will be used.
+ Continue? [y/n/? shows all options] (y): y
+
+#### Zypper in Scripts and Applications ####
+
+39. Install a Package (say mariadb) without interaction of user.
+
+ # zypper --non-interactive in mariadb
+
+ Loading repository data...
+ Reading installed packages...
+ 'mariadb' is already installed.
+ No update candidate for 'mariadb-10.0.13-2.6.1.x86_64'. The highest available version is already installed.
+ Resolving package dependencies...
+
+ Nothing to do.
+
+40. Remove a Package (say mariadb) without interaction of user.
+
+ # zypper --non-interactive rm mariadb
+
+ Loading repository data...
+ Reading installed packages...
+ Resolving package dependencies...
+
+ The following package is going to be REMOVED:
+ mariadb
+
+ 1 package to remove.
+ After the operation, 71.8 MiB will be freed.
+ Continue? [y/n/? shows all options] (y): y
+ (1/1) Removing mariadb-10.0.13-2.6.1 .............................................................................[done]
+
+41. Output zypper in xml.
+
+ # zypper --xmlout
+
+
+
+ Usage:
+ zypper [--global-options] [--command-options] [arguments]
+
+ Global Options
+ ....
+
+42. Generate quiet output at installation.
+
+ # zypper --quiet in mariadb
+
+ The following NEW package is going to be installed:
+ mariadb
+
+ 1 new package to install.
+ Overall download size: 0 B. Already cached: 7.8 MiB After the operation, additional 71.8 MiB will be used.
+ Continue? [y/n/? shows all options] (y):
+ ...
+
+43. Generate quiet output at UN-installation.
+
+ # zypper --quiet rm mariadb
+
+44. Auto agree to Licenses/Agreements.
+
+ # zypper patch --auto-agree-with-licenses
+
+ Loading repository data...
+ Reading installed packages...
+ Resolving package dependencies...
+
+ Nothing to do.
+
+#### Clean Zypper Cache and View History ####
+
+45. If you want to clean zypper cache only, you can use following command.
+
+ # zypper clean
+
+ All repositories have been cleaned up.
+
+If you want to clean metadata and package cache at once you may like to pass –all/-a with zypper as.
+
+ # zypper clean -a
+
+ All repositories have been cleaned up.
+
+46. To view logs of any installed, updated or removed packages through zypper, are logged in /var/log/zypp/history. You may cat it to view or may use filter to get a custom output.
+
+ # cat /var/log/zypp/history
+
+ 2015-05-07 15:43:03|install|boost-license1_54_0|1.54.0-10.1.3|noarch||openSUSE-13.2-0|0523b909d2aae5239f9841316dafaf3a37b4f096|
+ 2015-05-07 15:43:03|install|branding-openSUSE|13.2-3.6.1|noarch||openSUSE-13.2-0|6609def94b1987bf3f90a9467f4f7ab8f8d98a5c|
+ 2015-05-07 15:43:03|install|bundle-lang-common-en|13.2-3.3.1|noarch||openSUSE-13.2-0|ca55694e6fdebee6ce37ac7cf3725e2aa6edc342|
+ 2015-05-07 15:43:03|install|insserv-compat|0.1-12.2.2|noarch||openSUSE-13.2-0|6160de7fbf961a279591a83a1550093a581214d9|
+ 2015-05-07 15:43:03|install|libX11-data|1.6.2-5.1.2|noarch||openSUSE-13.2-0|f1cb58364ba9016c1f93b1a383ba12463c56885a|
+ 2015-05-07 15:43:03|install|libnl-config|3.2.25-2.1.2|noarch||openSUSE-13.2-0|aab2ded312a781e93b739b418e3d32fe4e187020|
+ 2015-05-07 15:43:04|install|wireless-regdb|2014.06.13-1.2|noarch||openSUSE-13.2-0|be8cb16f3e92af12b5ceb977e37e13f03c007bd1|
+ 2015-05-07 15:43:04|install|yast2-trans-en_US|3.1.0-2.1|noarch||openSUSE-13.2-0|1865754e5e0ec3c149ac850b340bcca55a3c404d|
+ 2015-05-07 15:43:04|install|yast2-trans-stats|2.19.0-16.1.3|noarch||openSUSE-13.2-0|b107d2b3e702835885b57b04d12d25539f262d1a|
+ 2015-05-07 15:43:04|install|cracklib-dict-full|2.8.12-64.1.2|x86_64||openSUSE-13.2-0|08bd45dbba7ad44e3a4837f730be76f55ad5dcfa|
+ ......
+
+#### Upgrade Suse Using Zypper ####
+
+47. You can use ‘dist-upgrade‘ option with zypper command to upgrade your current Suse Linux to most recent version.
+
+ # zypper dist-upgrade
+
+ You are about to do a distribution upgrade with all enabled repositories. Make sure these repositories are compatible before you continue. See 'man zypper' for more information about this command.
+ Building repository 'openSUSE-13.2-0' cache .....................................................................[done]
+ Retrieving repository 'openSUSE-13.2-Debug' metadata ............................................................[done]
+ Building repository 'openSUSE-13.2-Debug' cache .................................................................[done]
+ Retrieving repository 'openSUSE-13.2-Non-Oss' metadata ..........................................................[done]
+ Building repository 'openSUSE-13.2-Non-Oss' cache ...............................................................[done]
+
+That’s all for now. Hope this article would help you in managing you SUSE System and Server specially for newbies. If you feel that I left certain commands (Human are erroneous) you may provide us with the feedback in the comments so that we can update the article. Keep Connected, Keep Commenting, Stay tuned. Kudos!
+
+--------------------------------------------------------------------------------
+
+via: http://www.tecmint.com/zypper-commands-to-manage-suse-linux-package-management/
+
+作者:[Avishek Kumar][a]
+译者:[译者ID](https://github.com/译者ID)
+校对:[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
+
+[a]:http://www.tecmint.com/author/avishek/
+[1]:http://www.tecmint.com/installation-of-suse-linux-enterprise-server-12/
\ No newline at end of file
diff --git a/sources/tech/20150512 A Shell Script to Monitor Network, Disk Usage, Uptime, Load Average and RAM Usage in Linux.md b/sources/tech/20150512 A Shell Script to Monitor Network, Disk Usage, Uptime, Load Average and RAM Usage in Linux.md
new file mode 100644
index 0000000000..ae73d6896b
--- /dev/null
+++ b/sources/tech/20150512 A Shell Script to Monitor Network, Disk Usage, Uptime, Load Average and RAM Usage in Linux.md
@@ -0,0 +1,96 @@
+A Shell Script to Monitor Network, Disk Usage, Uptime, Load Average and RAM Usage in Linux
+================================================================================
+The duty of System Administrator is really tough as he/she has to monitor the servers, users, logs, create backup and blah blah blah. For the most repetitive task most of the administrator write a script to automate their day-to-day repetitive task. Here we have written a shell Script that do not aims to automate the task of a typical system admin, but it may be helpful at places and specially for those newbies who can get most of the information they require about their System, Network, Users, Load, Ram, host, Internal IP, External IP, Uptime, etc.
+
+We have taken care of formatting the output (to certain extent). The Script don’t contains any Malicious contents and it can be run using Normal user Account. In-fact it is recommended to run this script as user and not as root.
+
+
+Shell Script to Monitor Linux System Health
+
+You are free to use/modify/redistribute the below piece of code by giving proper credit to Tecmint and Author. We have tried to customize the output to the extent that nothing other than the required output is generated. We have tried to use those variables which are generally not used by Linux System and are probably free.
+
+#### Minimum System Requirement ####
+
+All you need to have is a working Linux box.
+
+#### Dependency ####
+
+There is no dependency required to use this package for a standard Linux Distribution. Moreover the script don’t requires root permission for execution purpose. However if you want to Install it, you need to enter root password once.
+
+#### Security ####
+
+We have taken care to ensure security of the system. Nothing additional package is required/installed. No root access required to run. Moreover code has been released under Apache 2.0 License, that means you are free to edit, modify and re-distribute by keeping Tecmint copyright.
+
+### How Do I Install and Run Script? ###
+
+First, use following [wget command][1] to download the monitor script `"tecmint_monitor.sh"` and make it executable by setting appropriate permissions.
+
+ # wget http://tecmint.com/wp-content/scripts/tecmint_monitor.sh
+ # chmod 755 tecmint_monitor.sh
+
+It is strongly advised to install the script as user and not as root. It will ask for root password and will install the necessary components at required places.
+
+To install `"tecmint_monitor.sh"` script, simple use -i (install) option as shown below.
+
+ /tecmint_monitor.sh -i
+
+Enter root password when prompted. If everything goes well you will get a success message like shown below.
+
+ Password:
+ Congratulations! Script Installed, now run monitor Command
+
+After installation, you can run the script by calling command `'monitor'` from any location or user. If you don’t like to install it, you need to include the location every-time you want to run it.
+
+ # ./Path/to/script/tecmint_monitor.sh
+
+Now run monitor command from anywhere using any user account simply as:
+
+ $ monitor
+
+
+
+As soon as you run the command you get various System related information which are:
+
+- Internet Connectivity
+- OS Type
+- OS Name
+- OS Version
+- Architecture
+- Kernel Release
+- Hostname
+- Internal IP
+- External IP
+- Name Servers
+- Logged In users
+- Ram Usages
+- Swap Usages
+- Disk Usages
+- Load Average
+- System Uptime
+
+Check the installed version of script using -v (version) switch.
+
+ $ monitor -v
+
+ tecmint_monitor version 0.1
+ Designed by Tecmint.com
+ Released Under Apache 2.0 License
+
+### Conclusion ###
+
+This script is working out of the box on a few machines I have checked. It should work the same for you as well. If you find any bug let us know in the comments. This is not the end. This is the beginning. You can take it to any level from here. If you feel like editing the script and carry it further you are free to do so giving us proper credit and also share the updated script with us so that we can update this article by giving you proper credit.
+
+Don’t forget to share your thoughts or your script with us. We will be here to help you. Thank you for all the love you have given us. Keep Connected! Stay tuned.
+
+--------------------------------------------------------------------------------
+
+via: http://www.tecmint.com/linux-server-health-monitoring-script/
+
+作者:[Avishek Kumar][a]
+译者:[译者ID](https://github.com/译者ID)
+校对:[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
+
+[a]:http://www.tecmint.com/author/avishek/
+[1]:http://www.tecmint.com/10-wget-command-examples-in-linux/
\ No newline at end of file
diff --git a/sources/tech/20150512 How To Run Docker Client Inside Windows OS.md b/sources/tech/20150512 How To Run Docker Client Inside Windows OS.md
new file mode 100644
index 0000000000..e2379b70b8
--- /dev/null
+++ b/sources/tech/20150512 How To Run Docker Client Inside Windows OS.md
@@ -0,0 +1,107 @@
+How To Run Docker Client Inside Windows OS
+================================================================================
+Hi everyone, today we'll learn about Docker in Windows Operating System and about the installation of Docker Windows Client in it. Docker Engine uses Linux Specific Kernel features so it cannot use Windows Kernel to run so, the Docker Engine creates a small Virtual Machine running Linux and utilizes its resources and Kernel. The Windows Docker Client uses the virtualized Docker Engine to build, run and manage Docker Containers out of the box. There is an application developed by the Boot2Docker Team called Boot2Docker which creates the virtual machine running a small Linux based on [Tiny Core Linux][1] made specifically to run [Docker][2] containers on Windows. It runs completely from RAM, weighs ~27MB and boots in ~5s (YMMV). So, until the Docker Engine for Windows is developed, we can only run Linux containers in our Windows Machine.
+
+Here is some easy and simple steps which will allow us to install the Docker Client and run containers on top of it.
+
+### 1. Downloading Boot2Docker ###
+
+Now, before we start the installation, we'll need the executable file for Boot2Docker. The latest version of Boot2Docker can be downloaded from [its Github][3]. Here, in this tutorial, we'll download version v1.6.1 from the site. Here, we'll download the file named [docker-install.exe][4] from that page using our favorite Web Browser or Download Manager.
+
+
+
+### 2. Installing Boot2Docker ###
+
+Now, we'll simply run the installer which will install Windows Docker Client, Git for Windows (MSYS-git), VirtualBox, The Boot2Docker Linux ISO, and the Boot2Docker management tool which are essential for the total functioning of Docker Engine out of the box.
+
+
+
+### 3. Running Boot2Docker ###
+
+
+
+After installing the necessary stuffs, we'll run Boot2Docker by simply running the Boot2Docker Start shortcut from the Desktop. This will ask you to enter an SSH key paraphrase that we'll require in future for authentication. It will start a unix shell already configured to manage Docker running inside the virtual machine.
+
+
+
+Now to check whether it is correctly configured or not, simply run docker version as shown below.
+
+ docker version
+
+
+
+### 4. Running Docker ###
+
+As **Boot2Docker Start** automatically starts a shell with environment variables correctly set so we can simply start using Docker right away. **Please note that, if we are Boot2Docker as remote Docker Daemon , then do not type the sudo before the docker commands.**
+
+Now, Let's try the **hello-world** example image which will download the hello-world image, executes it and gives an output "Hello from Docker" message.
+
+ $ docker run hello-world
+
+
+
+### 5. Running Docker using Command Prompt (CMD) ###
+
+Now, if you are wanting to get started with Docker using Command Prompt, you can simply launch the command prompt (CMD.exe). As Boot2Docker requires ssh.exe to be in the PATH, therefore we need to include bin folder of the Git installation to the %PATH% environment variable by running the following command in the command prompt.
+
+ set PATH=%PATH%;"c:\Program Files (x86)\Git\bin"
+
+
+
+After running the above command, we can run the **boot2docker start** command in the command prompt to start the Boot2Docker VM.
+
+ boot2docker start
+
+
+
+**Note**: If you get an error saying machine does not exist then run **boot2docker init** command in it.
+
+Then copy the instructions for cmd.exe shown in the console to set the environment variables to the console window and we are ready to run docker containers as usual.
+
+### 6. Running Docker using PowerShell ###
+
+In order to run Docker on PowerShell, we simply need to launch a PowerShell window then add ssh.exe to our PATH variable.
+
+ $Env:Path = "${Env:Path};c:\Program Files (x86)\Git\bin"
+
+After running the above command, we'll need to run
+
+ boot2docker start
+
+
+
+This will print PowerShell commands to set the environment variables to connect Docker running inside VM. We'll simply run those commands in the PowerShell and we are ready to run docker containers as usual.
+
+### 7. Logging with PUTTY ###
+
+Boot2Docker generates and uses the public or private key pair inside %USERPROFILE%\.ssh directory so to login, we'll need use the private key from this same directory. That private key needs to be converted into the PuTTY 's format. We can use puttygen.exe to do that.
+
+We need to open puttygen.exe and load ("File"->"Load" menu) the private key from %USERPROFILE%\.ssh\id_boot2docker then click on "Save Private Key". Then use the saved file to login with PuTTY using docker@127.0.0.1:2022 .
+
+### 8. Boot2Docker Options ###
+
+The Boot2Docker management tool provides several commands as shown below.
+
+ $ boot2docker
+
+ Usage: boot2docker.exe [] {help|init|up|ssh|save|down|poweroff|reset|restart|config|status|info|ip|shellinit|delete|download|upgrade|version} []
+
+### Conclusion ###
+
+Using Docker with Docker Windows Client is fun. The Boot2Docker management tool is an awesome application developed which enables every Docker containers to run smoothly as running in Linux host. If you are more curious, the username for the boot2docker default user is docker and the password is tcuser. The latest version of boot2docker sets up a host only network adapter which provides access to the container's ports. Typically, it is 192.168.59.103, but it could get changed by Virtualbox's DHCP implementation. If you have any questions, suggestions, feedback please write them in the comment box below so that we can improve or update our contents. Thank you ! Enjoy :-)
+
+--------------------------------------------------------------------------------
+
+via: http://linoxide.com/linux-how-to/run-docker-client-inside-windows-os/
+
+作者:[Arun Pyasi][a]
+译者:[译者ID](https://github.com/译者ID)
+校对:[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
+
+[a]:http://linoxide.com/author/arunp/
+[1]:http://tinycorelinux.net/
+[2]:https://www.docker.io/
+[3]:https://github.com/boot2docker/windows-installer/releases/latest
+[4]:https://github.com/boot2docker/windows-installer/releases/download/v1.6.1/docker-install.exe
\ No newline at end of file
diff --git a/sources/tech/[translating by cvsher]20150417 14 Useful Examples of Linux 'sort' Command--Part 1.md b/sources/tech/[translating by cvsher]20150417 14 Useful Examples of Linux 'sort' Command--Part 1.md
deleted file mode 100644
index ff42945bf8..0000000000
--- a/sources/tech/[translating by cvsher]20150417 14 Useful Examples of Linux 'sort' Command--Part 1.md
+++ /dev/null
@@ -1,132 +0,0 @@
-translating by cvsher
-
-14 Useful Examples of Linux ‘sort’ Command – Part 1
-================================================================================
-Sort is a Linux program used for printing lines of input text files and concatenation of all files in sorted order. Sort command takes blank space as field separator and entire Input file as sort key. It is important to notice that sort command don’t actually sort the files but only print the sorted output, until your redirect the output.
-
-This article aims at deep insight of Linux ‘sort‘ command with 14 useful practical examples that will show you how to use sort command in Linux.
-
-### 1. First we will be creating a text file (tecmint.txt) to execute ‘sort‘ command examples. Our working directory is ‘/home/$USER/Desktop/tecmint. ###
-
-The option ‘-e‘ in the below command enables interpretion of backslash and /n tells echo to write each string to a new line.
-
- $ echo -e "computer\nmouse\nLAPTOP\ndata\nRedHat\nlaptop\ndebian\nlaptop" > tecmint.txt
-
-
-
-### 2. Before we start with ‘sort‘ lets have a look at the contents of the file and the way it look. ###
-
- $ cat tecmint.txt
-
-
-
-### 3. Now sort the content of the file using following command. ###
-
- $ sort tecmint.txt
-
-
-
-**Note**: The above command don’t actually sort the contents of text file but only show the sorted output on terminal.
-
-### 4. Sort the contents of the file ‘tecmint.txt‘ and write it to a file called (sorted.txt) and verify the content by using [cat command][1]. ###
-
- $ sort tecmint.txt > sorted.txt
- $ cat sorted.txt
-
-
-
-### 5. Now sort the contents of text file ‘tecmint.txt‘ in reverse order by using ‘-r‘ switch and redirect output to a file ‘reversesorted.txt‘. Also check the content listing of the newly created file. ###
-
- $ sort -r tecmint.txt > reversesorted.txt
- $ cat reversesorted.txt
-
-
-
-### 6. We are going a create a new file (lsl.txt) at the same location for detailed examples and populate it using the output of ‘ls -l‘ for your home directory. ###
-
- $ ls -l /home/$USER > /home/$USER/Desktop/tecmint/lsl.txt
- $ cat lsl.txt
-
-
-
-Now will see examples to sort the contents on the basis of other field and not the default initial characters.
-
-### 7. Sort the contents of file ‘lsl.txt‘ on the basis of 2nd column (which represents number of symbolic links). ###
-
- $ sort -nk2 lsl.txt
-
-**Note**: The ‘-n‘ option in the above example sort the contents numerically. Option ‘-n‘ must be used when we wanted to sort a file on the basis of a column which contains numerical values.
-
-
-
-### 8. Sort the contents of file ‘lsl.txt‘ on the basis of 9th column (which is the name of the files and folders and is non-numeric). ###
-
- $ sort -k9 lsl.txt
-
-
-
-### 9. It is not always essential to run sort command on a file. We can pipeline it directly on the terminal with actual command. ###
-
- $ ls -l /home/$USER | sort -nk5
-
-
-
-### 10. Sort and remove duplicates from the text file tecmint.txt. Check if the duplicate has been removed or not. ###
-
- $ cat tecmint.txt
- $ sort -u tecmint.txt
-
-
-
-Rules so far (what we have observed):
-
-- Lines starting with numbers are preferred in the list and lies at the top until otherwise specified (-r).
-- Lines starting with lowercase letters are preferred in the list and lies at the top until otherwise specified (-r).
-- Contents are listed on the basis of occurrence of alphabets in dictionary until otherwise specified (-r).
-- Sort command by default treat each line as string and then sort it depending upon dictionary occurrence of alphabets (Numeric preferred; see rule – 1) until otherwise specified.
-
-### 11. Create a third file ‘lsla.txt‘ at the current location and populate it with the output of ‘ls -lA‘ command. ###
-
- $ ls -lA /home/$USER > /home/$USER/Desktop/tecmint/lsla.txt
- $ cat lsla.txt
-
-
-
-Those having understanding of ‘ls‘ command knows that ‘ls -lA’=’ls -l‘ + Hidden files. So most of the contents on these two files would be same.
-
-### 12. Sort the contents of two files on standard output in one go. ###
-
- $ sort lsl.txt lsla.txt
-
-
-
-Notice the repetition of files and folders.
-
-### 13. Now we can see how to sort, merge and remove duplicates from these two files. ###
-
- $ sort -u lsl.txt lsla.txt
-
-
-
-Notice that duplicates has been omitted from the output. Also, you can write the output to a new file by redirecting the output to a file.
-
-### 14. We may also sort the contents of a file or the output based upon more than one column. Sort the output of ‘ls -l‘ command on the basis of field 2,5 (Numeric) and 9 (Non-Numeric). ###
-
- $ ls -l /home/$USER | sort -t "," -nk2,5 -k9
-
-
-
-That’s all for now. In the next article we will cover a few more examples of ‘sort‘ command in detail for you. Till then stay tuned and connected to Tecmint. Keep sharing. Keep commenting. Like and share us and help us get spread.
-
---------------------------------------------------------------------------------
-
-via: http://www.tecmint.com/sort-command-linux/
-
-作者:[Avishek Kumar][a]
-译者:[译者ID](https://github.com/译者ID)
-校对:[校对者ID](https://github.com/校对者ID)
-
-本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
-
-[a]:http://www.tecmint.com/author/avishek/
-[1]:http://www.tecmint.com/13-basic-cat-command-examples-in-linux/
diff --git a/translated/share/20140804 Group Test--Linux Text Editors.md b/translated/share/20140804 Group Test--Linux Text Editors.md
new file mode 100644
index 0000000000..1976cfca32
--- /dev/null
+++ b/translated/share/20140804 Group Test--Linux Text Editors.md
@@ -0,0 +1,320 @@
+组测试: Linux 文本编辑器
+================================================================================
+> Mayank Sharma 测试了5款不仅仅是能处理字的超级文本编辑器。
+
+如果你使用Linux已经有很长一段时间,你知道,不管是编辑一款app的配置文件,一起用shell脚本骇客,或者编写/查看代码,类似LobreOffice的工具并不能满足。尽管字面上看起来意思一样,你不需要一个字处理器来完成这些任务;你需要一个文本编辑器。
+
+在这个组测试中,我们将着眼于5款不仅仅是能胜任繁重文本任务的简陋的文本编辑器。他们能高亮语法,像拼写检查一样轻松处理代码缩进。你可以像你复制/粘贴文本那样容易地使用他们记录宏以及管理代码片段。
+
+得益于能向它们注入足以抗衡其它类型的以文本为中心的应用程序能力的插件,一些简单的文本编辑器甚至超过了它们的设计目标。它们能胜任一个源代码编辑器的任务,甚至是一个集成开发环境。
+
+Emacs和Vim是两款最流行和强大的纯文本编辑器。但是,由于一些原因,我们在这个组测试中并没有包括它们。首先,如果你使用它们中的任何一个,那么恭喜你:你不需要更换了。其次,它们都有陡峭的学习曲线,尤其是那些熟悉了桌面环境的用户:他们很更愿意投入其他有图形界面的文本编辑器。
+
+### 目录: ###
+
+#### Gedit ####
+
+- URL:http://projects.gnome.org/gedit/
+- 版本: 3.10
+- 许可证: GPL
+- Gnome的默认文本编辑器准备好挑战了?
+
+#### Kate ####
+
+- URL: www.kate-editor.org
+- 版本: 3.11
+- 许可证: LGPL/GPL
+- Kate会挑战命运吗?
+
+#### Sublime Text ####
+
+- URL: www.sublimetext.com
+- 版本: 2.0.2
+- 许可证: Proprietary
+- 在自由与黄金心脏土地上的私有软件。
+
+#### UltraEdit ####
+
+- URL: www.ultraedit.com
+- 版本: 4.1.0.4
+- 许可证: Proprietary
+- 它做的足够多去证明它的价值了吗?
+
+#### jEdit ####
+
+- URL: www.jedit.org
+- 版本: 5.1.0
+- 许可证: GPL
+- 基于Java的编辑器是否会扰乱其他编辑器的世界?
+
+
+在展示一个有功能的应用程序和将它们所有的东西曝光给用户之间有一个很好的平衡。Geddit隐藏了它的大部分功能。
+
+### 关键标准 ###
+
+除了Gedit和jEdit以外的所有工具,都是通过推荐的安装方法安装在Fedora和Ubuntu上。前者已经兼容默认的Gnome桌面,后者仍然固执地反对安装在Fedora上。由于这些是相对简单的应用程序,他们没有复杂的依赖,唯一例外的是jEdit,它要求要有Oracle Java。
+
+得益于Gnome和KDE持续的努力,不论他们运行的桌面环境,所有编辑器看起来很好,功能也很正常。这不仅是作为评价的标准,也意味着你不再受制于要找到和你的桌面环境兼容的工具。
+
+除了它们奇特的功能,我们也对所有候选者测试了通用文本编辑功能。然而,它们并没有被设计为模仿现代字处理器的所有功能,我们也不以此评判。
+
+
+
+Kate能搭建为功能丰富的集成开发环境。
+
+### 编程语言支持 ###
+
+UltraEdit 能进行语法高亮,代码折叠以及拥有项目管理的能力。这也有一个罗列源文件中所有函数的功能列表,但并不适用于我们任何的测试代码文件。UltraEdit也支持HTML5,有能添加常用HTML标记的HTML工具栏。
+
+即使Gnome的默认文本编辑器Gedit,也有几个面向编码的功能特性,例如括号匹配,自动缩进以及为包括C, C++, Java, HTML, XML, Python, Perl, 以及许多其它编程语言进行语法高亮。
+
+如果你需要更多的编程辅助,看一下Sublime和Kate。Sublime支持多种编程语言并且(正如流行的那些)能为C#, D, Dylan, Erlang, Groovy, Haskell, Lisp, Lua, MATLAB, OCaml, R, 甚至 SQL 进行语法高亮。如果这还不够,你可以下载插件以支持更多的语言。
+
+另外,它的语法高亮功能提供了多个可定制选项。这个应用程序也会进行括号匹配,确保代码段都正确,Sublime的自动补全功能也支持用户创建的变量。
+
+正如Komodo IDE,Sublime也可滚动浏览显示完整的代码,这对于长代码文件导航和在文件中的不同部分跳转很方便。
+
+Sublime最好的功能之一就是能在编辑器内部为特定语言,例如C++, Python, Ruby等运行代码,当然假设在你的电脑上安装有编译器以及其它系统工具。省时间而且不用再开终端.
+
+你也可以用插件在Kate中开启构建系统功能。另外,你可以为GDB调试器添加一个简单的前端。Kate能和Git,Subversion以及Mercurial版本控制系统一起工作,也提供了一些项目管理的功能。
+
+除了能为超过180中语言进行语法高亮,它支持所有的这些辅助功能,例如括号匹配,自动补全和自动缩进。它也支持代码折叠,甚至在一个程序中折叠函数。
+
+唯一的遗憾的是jEdit,它声称自己是一个程序员的文本编辑器,但它缺少其他的基本功能,例如代码折叠,它甚至不能提示或者不全函数.
+
+**评分:**
+
+- Gedit:3/5
+- Kate:5/5
+- Sublime:5/5
+- UltraEdit3/5
+- jEdit:1/5
+
+
+
+如果你不喜欢Sublime的Charcoal外观,你可以选择它包含的其它22中主题。
+
+### 键盘控制 ###
+
+高级文本编辑器用户希望能完全通过键盘控制和操作,一些应用程序甚至运行他们的用户自定义快捷方式的键盘绑定。
+
+你可以轻松的使用Gedit的扩展键盘快捷键。这里有编辑文件,为普通任务,例如对一个文档进行拼写检查,唤起工具的快捷键。你可以获取应用程序内部的一系列默认快捷键,但并没有图形化的方式去自定义它们。相似的,在Sublime中自定义键绑定,你需要修改他的XML键映射文件。Sublime由于缺少定义键盘快捷键的图形化界面而饱受批评,但长期使用的用户支持当前的基于文件的机制:这给他们更多的控制能力。
+
+UltraEdit为它"一切都可自定义"的座右铭感到自豪,这也包括键盘快捷键。你可以自定义菜单导航的热键,以及定义你自己的访问大量函数的多键键映射。
+
+除了完全可自定义的键盘快捷键以外,jEdit也有为Emacs预定义的键映射。Kate在这方面尤其令人映像深刻。它有简单可访问的自定义键绑定窗口。你可以更改默认的键,或者定义替代的键。另外,Kate也有一个能使用户使用Vi键操作Kate的Vi模式。
+
+**Verdict:**
+
+- Gedit:2/5
+- Kate:5/5
+- Sublime:3/5
+- UltraEdit:4/5
+- jEdit:5/5
+
+### 片段和宏 ###
+
+宏通过自动化重复的步骤帮助你降低花费在编辑和组织数据上的时间,而代码片段通过创建可重用的源代码块为程序员扩展类似的功能。这两者都能节省你的时间。
+
+标准的Gedit安装没有这两种功能中的任何一种,但是你可以通过独立的插件启用这些功能。片段插件随Gedit一起发布,但在Gedit内部启用宏插件之前你需要手动下载和安装(被称为gedit-macropy,托管在GitHub上)。
+
+Kate也同样通过插件的形式启用片段功能。一旦加入,插件也增加了片段的PHP,Bash和Java库。你可以在侧边栏中显示片段列表以便于访问。可以通过右击片段或者快捷键组合方式编辑它的内容。然而,令人惊讶的是,它不支持宏-尽管用户从2002年开始重复要求!
+
+jEdit也有一个启用片段的插件。但是它可以从用户行为中记录宏或者你也可以在BeanShell 脚本语言(BeanShell支持像Perl和JavaScript那样将脚本对象封锁为简单的方法)中写宏。jEdit也有一个可以从jEdit的网站中下载多种宏的插件。
+
+Sublime有创建片段和宏的内建功能,也有为大多数编程语言经常使用的函数多种片段。
+
+在UltraEdit中片段被称为智能模板,正如Sublime你可以根据正在编辑的源代码文件类型插入片段。要完成宏记录功能,UltraEdit还有一个基于JavaScript的集成脚本语言来完成自动任务。你也可以从编辑器的网站中下载用户提交的宏和脚本。
+
+**Verdict:**
+
+- Gedit:3/5
+- Kate:1/5
+- Sublime:5/5
+- UltraEdit:5/5
+- jEdit:5/5
+
+
+
+UltraEdit的用户界面是高度可配置的 — 你可以正如改变其它许多方面那样简单的自定义工具栏和菜单的布局。]
+
+### 易用性 ###
+
+不像一个准系统文本编辑器,文本编辑器的这个功能洋溢着适应大范围用户的功能 - 从文档写作者到程序员。从应用程序剥离相反,他们的开发者在寻找添加更多功能的途径。
+
+尽管第一眼看上去这次组测试中的大部分应用有一个很相似的布局,经过仔细的检查,你会发现一些可用性差异。我们通过用户界面的合理使用来介绍它们的功能和特性,而不是铺天盖地地告诉读者。
+
+### Gedit: 4/5 ###
+
+Gedit有很普通的外观。通过最小化菜单和按钮有一个简单的界面。但这也是一种双刃剑,因为有些用户可能不会发现它真正的潜能。
+
+Gedit可以通过在窗口中能重排和移动的选项卡打开多个文件。用户可以通过使用一个插件选择性地启用旁边或者底部用来显示文件浏览和工具输出的面板。这个应用程序会检测到被其它应用程序更改的文件并可以重新加载这个文件。
+
+为了适配Gnome,在应用程序的最后一个版本中考虑了大量的用户界面。然而它还并不稳定,尽管包括了所有的功能,和菜单交互的一些插件还需要升级。
+
+### Kate: 5/5 ###
+
+尽管用户界面的主要部分和Gedit的相似,Kate可以在两边显示选项卡并且它的菜单更加丰富。该应用程序平易近人,让用户可以挖掘其它功能。
+
+Kate可以在KDE的KIO支持的所有协议上透明地打开和保存文件,包括HTTP, FTP, SSH, SMB 和 WebDAV。你可以用这个应用同时处理多个文件。但不同于大部分应用程序传统的水平选项卡选择栏,Kate在屏幕的两个方向都有选项卡。左侧的侧边栏显示打开文件的索引。需要同时查看一个文件不同部分的程序员也会感激它可以水平或者竖直分隔界面的能力。
+
+### Sublime: 5/5 ###
+
+
+Sublime支持你在不同方式同时查看多达四个文件。当你在zone下,这里也有一个只显示文件和菜单的全屏模式。
+
+这个编辑器还在右边有个小地图,这在长文件中导航非常有用。应用程序为多种编程语言提供多种流行功能的片段,这使得它对于开发者非常有用。另一个精巧的功能是,无论你使用都是文本文档或者代码,都可以交换和随机选择。
+
+### UltraEdit: 3/5 ###
+
+
+UltraEdit在界面的顶部和底部加载了多种工具栏。由于有在文档中跳转的选项卡,两边的面板,以及复杂区别,使得只剩下一点空间给编辑窗口。
+
+使用HTML的网络开发者有很多唾手可得的帮助。你可以通过FTP和SFTP访问远程文件。高级功能,例如记录一个宏以及比较文件,也简单易用。
+
+使用应用程序的Preference窗口,你可以调整应用程序的多个方面,包括颜色主题和类似语法高亮的其它功能。
+
+### jEdit: 3/5 ###
+
+在可用性方面,首先一个不好就是jEdit不能在基于RPM的发行版上安装。导航编辑器需要一些时间来适应,因为它的菜单和其它流行的应用程序顺序不同,而且有些普通桌面用户不熟悉的名字。但是,该应用程序有详细的内部帮助,这有利于缓解学习曲线。
+
+jEdit高亮你所在的当前行,并使你能一多种查看方式分隔窗口。你可以简单地从应用程序中安装和管理插件,除了全宏,jEdit也支持你记录快速临时的宏。
+
+
+
+由于它的Java基础,jEdit在任何桌面环境中都不能给人宾至如归的感觉
+
+### 可用性和支持 ###
+
+在Gedit和Kate之间有很多相似性。两个应用程序都得益于他们各自的父项目,Gnome和KDE,并绑定在各种主流的发行版中。另外两个项目都是交叉平台的,有Windows和Mac OS X版本以及本来的Linux版本。
+
+Gedit托管在Gnome的网络设施上并有一个简单的用户指南,关于多种插件的信息,以及包括邮件列表和IRC通道的常用保持联系方式。你也可以在其它基于Gnome的发行版,例如Ubuntu中找到使用信息。相似地,Kate得益于KDE的资源,并包括详细的用户信息以及邮件列表和IRC通道。你也可以从应用程序中获取相应的离线用户指南。
+
+除了Linux,UltraEdit在Windows和Mac OS X中也可用,虽然在应用程序中并没有包括,但在启动时也有详细的用户指南。为了辅助用户,UltraEdit保存了一个常见问题的数据库,一系列关于多种特定功能的详细信息的有用提示,用户还可以在论坛版块彼此帮助。另外,付费用户也可以通过邮件从开发者中获取支持。
+
+Sublime支持相同数目的平台,但是你需要单独为每种平台购买许可证。开发者通过博客使用户了解正在进行的开发,并积极参加了主持论坛。这个项目支持设施的亮点是提供免费的详细教程和视频课程。Sublime非常可爱。
+
+由于是用java编写的,jEdit在多种平台中都可用。在它的网站上你可以找到一个详细的用户指南以及一些插件帮助文档的链接。然而,这里没有能使用户和其他用户或者开发者交流的途径。
+
+**判定:**
+
+- Gedit: 4/5
+- Kate: 4/5
+- Sublime: 5/5
+- UltraEdit: 3/5
+- jEdit: 2/5
+
+### 附加和插件 ###
+
+不同的用户有不同的需求,一个简单的轻量级应用程序只能做到这么多。这就是为什么需要插件的原因。应用程序依赖于这些小部件来扩展它们的功能集并让更多的用户使用。
+
+UltraEdit是一个另外。它没有第三方插件,但开发者确实支出了例如HtmlTidy的第三方工具已经安装到了UltraEdit。
+
+Gedit附带了好多已安装的插件,你可以从gedit-插件包下载更多的插件。基于和Gedit版本的兼容性,项目网站也有到多个第三方插件的链接。
+
+三个对程序员非常有用的插件是Code Comment,在底部面板增加一个终端的Terminal Plugin以及Session Saver。当你用多个文件开发项目的时候Session Saver相当有用。你可以在选项卡中打开文件,保存会话,当你用一个单击回复的时候,可以按照你保存时的选项卡顺序打开所有的文件。
+
+类似的,你可以通过用内部的插件管理器增加插件来扩展Kate。除了令人映像深刻的项目插件,一些开发者使用的插件包括嵌入式终端,能编译和调试代码,以及对数据库执行SQL查询。
+
+Sublime的插件是用Python写的,文本编辑器包括了一个类似于apt-get,能使用户查找,安装,升级和移除插件包的名为Package Control的工具。通过插件,你可以在Sublime中使用Git版本控制,以及改进JavaScript的JSLint工具。Sublime Linter能指出你代码中的错误,是编码人员必备的插件。
+
+jEdit拥有最令人映像深刻的插件设施。该应用有超过200个插件,可以在它们自己的专用网站中浏览。网站通过不同的类型列举了插件,例如文件管理,版本控制,文本等。你可以在每个类型下找到很多的插件。
+
+一些最好的插件是Android插件,它们提供了和Android项目协同工作的工具;你可以使用TomcatSwitch插件创建和控制外部Jakarta Tomcat服务器进程;以及类似于Vi功能的Vimulator插件。你可以通过使用jEdit的插件管理器安装这些插件。
+
+**评定**
+
+- Gedit: 3/5
+- Kate: 4/5
+- Sublime: 4/5
+- UltraEdit: 1/5
+- jEdit: 5/5
+
+### 纯文本编辑 ###
+
+尽管它们强大的额外功能甚至可能会取代几个流派完全成熟的应用程序,有时候可能只需要使用这些庞大的文本编辑器读写或者编辑简单的纯文本。虽然你可以使用它们中的任何一个输入文本,我们通过普通文本编辑的方便性评价它们。
+
+Gnome的默认文本编辑器Gedit,支持取消和重做机制以及搜索和替换。它可以对多种语言进行拼写检查,并能通过使用Gnome GVFS库访问和编辑远程文件。
+
+你也可以使用Kate进行拼写检查,它也可以让你对任何高亮文本进行Google搜索。它还有一个能可视化告知用户文件中更改过但没有保存的行的行修改系统。另外,它通过允许用户在文件中使用书签简化长文档的导航。
+
+Sublime有很多可选择的编辑命令,例如缩进文本和格式化段落。它的自动保存功能帮助防止用户丢失他们的更改。高级用户还会喜欢基于正则表达式的递归查找和替换功能,以及选择多个不连续的文本块并执行统一操作。
+
+UltraEdit也允许用户在查找和替换功能中使用正则表示,并能通过FTP编辑远程文件。JEdit一个独特的功能是它支持被称为寄存器的不限数目的剪切板。你可以复制文本片段到这些寄存器中,在编辑会话过程中都可用。
+
+**评定:**
+
+- Gedit: 4/5
+- Kate: 5/5
+- Sublime: 5/5
+- UltraEdit: 4/5
+- jEdit: 4/5
+
+### 我们的评比 ###
+
+在这里的所有编辑器都足以替换你已有的文本编辑器去用来编辑文本和调整配置文件。事实上,没准它们会组合起来作为你的集成开发环境。这些应用程序都有各种各样功能,它们的开发者不会考虑剥离功能,而是增加越来越多的功能。
+
+jEdit排在这次测试的最后面。因为它不仅坚持使用专有的Oracle Java运行环境,不能在你的Fedora机器上安装,而且开发者不积极的和用户交互。
+
+UltraEdit做的稍微好一点。这个商业专用工具专注于网络开发者,不为非开发者高级用户提供任何功能,使得它不值得推荐为免费软件的替代品。
+
+排在第三的是Gedit。作为Gnome的默认编辑器,它没有任何内在的错误,但尽管有很多积极的方面,它还是略微被Sublime和Kate超越。开诚布公地说,Kate是比Gedit更通用的编辑器,甚至考虑到他们的插件系统,评分也优于Gnome的默认编辑器。
+
+Sublime和Kate都相当好。他们在我们的大多数测试中表现同样出色。由于不支持宏而落后于Sublime,但键盘友好和能简单定义自定义键绑定又使Kate找回优势。
+
+Kate成功的原因可以归结为它通过最小化学习曲线提供了最大化数目的功能。尽量使用它吧,不仅作为简单文本编辑器使用,或者容易使用语法高亮编辑配置文件,甚至得益于项目管理能力能使用它协作一个复杂的编程项目。
+
+我们不是选择Kate去替换一个类似[在这里插入你最喜欢的专业工具]的全面的集成开发环境。但是它是一个专业工具理想的全面的以及完美的垫脚石。
+
+Kate为能快速响应你的需要而设计,它的界面并不会使你茫然,并且和那些过于复杂的应用一样的有用。
+
+### 1st Kate ###
+
+- Licence LGPL/GPL Version 3.11
+- www.kate-editor.org
+- 拥有超能力,最终温和的文本编辑器。
+- Kate是KDE项目中最有用的应用程序之一。
+
+### 2nd Sublime Text ###
+
+- Licence Proprietary Version 2.0.2
+- www.sublimetext.com
+- 值得你每分钱的专业文本编辑器 - 简单易用,功能全面而且看起来很棒。
+
+### 3rd Gedit ###
+
+- Licence GPL Version 3.10
+- http://projects.gnome.org/gedit
+- 从Gnome中完成。这是一个奇妙的文本编辑器,确实令人钦佩的工作,但这里的竞争实在太大了。
+
+### 4th UltraEdit ###
+
+- Licence Proprietary Version 4.1.0.4
+- www.ultraedit.com
+- 关注于为网络开发者绑定便利,而不为普通用户提供任何特殊功能。
+
+### 5th jEdit ###
+
+- Licence GPL Version 5.1.0
+- www.jedit.org
+- 缺乏支持,不支持Fedora,缺乏好看的界面,jEdit被贬低到最后。
+
+### 你也许希望尝试… ###
+
+随你发行版发布的默认文本编辑器也能帮助你一些高级任务。例如KDE的KWrite和Raspbian的Nano。得益于KDE的katepart组件,KWrite继承了一些Kate的功能,得益于在树莓派上的可用性,Nano也开始重现风头。
+
+如果你希望跟随Linux大师的脚步,你总是可以尝试崇高的文本编辑机Emacs和Vim。想尝试Vim强大的用户首先可以考虑gVim,它通过图形界面展现了Vim的强大。
+
+除了jEdit和Kate,这里还有其他模仿例如Emacs和Vim之类的老派高级编辑器的编辑器,比如JED 编辑器和Joe's Own Editor,这两者都有Emacs的模拟模式。另一方面,如果你在寻找轻量级的代码编辑器,可以看看Bluefish和Geany。他们的存在是为了填补文本编辑器和全面集成的开发平台之间的空隙。
+
+--------------------------------------------------------------------------------
+
+via: http://www.linuxvoice.com/text-editors/
+
+作者:[Ben Everard][a]
+译者:[ictlyh](https://github.com/ictlyh)
+校对:[royaso](https://github.com/royaso)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[a]:http://www.linuxvoice.com/author/ben_everard/
diff --git a/translated/share/20150227 Chess in a Few Bytes.md b/translated/share/20150227 Chess in a Few Bytes.md
deleted file mode 100644
index 60b5598c76..0000000000
--- a/translated/share/20150227 Chess in a Few Bytes.md
+++ /dev/null
@@ -1,114 +0,0 @@
-几 KB 的国际象棋程序
-================================================================================
-当我提及到我用来介绍计算(注:这里翻译的有问题)的是一台 ZX81 电脑时,我已经暴露了我的年龄。ZX81 是一个由英国(UK,the United Kingdom) 开发者(Sincilair 研究所)生产的家庭电脑,它拥有"高达" 1KB 的随机存储器(RAM)。上面的 1kB 并不是打印错误,这个家庭电脑确实只配置有 1KB 的板载内存。但这个内存大小上的限制并没有阻止爱好者制作种类繁多的软件。事实上,这个机器引发了一代编程奇才的出现,这迫使他们掌握让程序在该机上正常运行的方法。这个机器可以通过一个 16 KB 的 RAM 包来进行升级,这就提供了更多的编程可能。但未经扩展的 1KB 机器仍然激励着编程者发布卓越的软件。
-
-
-
-我最喜爱的 ZX81 游戏有: Flight Simulation, 3D Monster Maze, Galaxians, 以及最重要的 1K ZX Chess。 只有最后一个程序是为未扩展的 ZX81 电脑设计的。事实上,David Horne 开发的 1K ZX Chess 只使用了仅仅 672 字节的 RAM(注:如果读者有兴趣,可以看看 [这里](http://users.ox.ac.uk/~uzdm0006/scans/1kchess/)对该程序的代码及解释)。尽管如此,该游戏尽力去实现大多数的国际象棋规则,并提供了一个计算机虚拟对手。虽然一些重要的规则被忽略了(如:王车易位,兵的升变,和吃过路兵)
-(注:参考了[这里](http://zh.wikibooks.org/zh/%E5%9B%BD%E9%99%85%E8%B1%A1%E6%A3%8B/%E8%A7%84%E5%88%99)和[这里](http://en.wikipedia.org/wiki/Rules_of_chess)),但能够和人工智能相对抗,这仍然令人惊讶。这个游戏占据了我逝去的青春里的相当一部分。
-
-1K ZX Chess 保持着在任何计算机上国际象棋的最小实现的地位长达 33 年,直到今年由 BootChess 打破了该记录,紧接着由 Toledo AtomChess 打破。这三个程序都没有实现所有的国际象棋规则,所以为了完整性,我介绍了我最喜爱的,实现了所有国际象棋规则的极小的国际象棋。
-
-Linux 有着一系列极其强大的国际象棋引擎,如 Stockfish, Critter, Togo II, Crafty, GNU Chess, 和 Komodo 。 在这篇文章精选的国际象棋程序虽敌不过一个好的国际象棋程序,但它们展示了使用微不足道的代码库究竟可以实现多少东西。
-----------
-
-
-
-
-
-你可能已经看到了大量有关 BootChess 新闻报道,一个只用 487 字节写就的国际象棋程序,一举打破了先前最小的国际象棋程序,1K ZX Chess 的记录。Óscar Toledo Gutiérrez 拿起外套并决定编写一个更加紧凑的国际象棋游戏。Toledo Atomchess 是仅有 481 字节的 x86 汇编代码,它适合在引导扇区里。 在给定的极小代码库限制下,这个引擎实现了一个适当的国际象棋游戏。
-
-特点包括:
-
-- 基本的象棋移动
-- 象棋盘的 ASCII 文本表现
-- 以代数形式来输入移动(注:如 D2D4)
-- 3 层的搜索深度
-
-显然,为了将这个国际象棋程序压缩到 481 字节中,作者必须做出某些牺牲,这些局限包括:
-
-- 没有兵的升变
-- 没有王车易位
-- 没有吃过路兵
-- 没有移动确认
-
-该作者也使用 C,JavaScript 和 Java 来写这个国际象棋程序,每种实现都非常小。
-
-- 网站: [nanochess.org/chess6.html][1]
-- 开发者: Óscar Toledo Gutiérrez
-- 协议: 对非商业使用免费(Free for non-commercial use)
-- 版本号: -
-
-----------
-
-
-
-
-
-BootChess 是一个国际象棋的极其小巧的计算机实现。这个程序被塞进到仅仅 487 字节里,并可运行在 Windows, Mac OS X 和 Linux 等操作系统。BootChess 的棋盘和棋子单独用文本表示,其中 P 代表兵, Q 用来代表王后,以及输入的任何停顿代表空白方块。
-
-特点包括:
-
-- 象棋棋盘和用户输入的图形化文本表示
-- 引导扇区大小(512 字节)的可玩的象棋游戏
-- 只需 x86 bios 硬件引导程序(没有软件依赖)
-- 所有主要的正规移动包括 double square pawn start(注:这个我没有查到是什么意思)
-- 兵升变为王后(与 1k ZX Chess 相反)
-- 名为 taxiMax > minMax half-ply 的 CPU 人工智能
-- 硬编码的西班牙白子开局
-
-同样,它也存在一些重要的限制。这些遗漏包括:
-
-- 正在推广
-- 吃过路兵
-- 没有王车易位
-- 3 次位置重复和局规则(注:下一步之前,同样的移动出现了两次;可以参考[这里](http://www.netplaces.com/chess-basics/ending-the-game/three-position-repetition.htm))
-- 50 步移动和局规则(注:在连续的50个回合内,双方既没有棋子被吃掉,也没有兵被移动过,则和局;可以参考[这里](http://www.chessvariants.org/d.chess/chess.html))
-- 没有开放或封闭的书籍
-- 一个或多个 minMAX/negaMax 全层人工智能
-
-- 网站: [www.pouet.net/prod.php?which=64962][2]
-- 开发者: Olivier "Baudsurfer/RSi" Poudade
-- 协议: WTFPL v2
-- 版本号: .02
-
-----------
-
-
-
-
-
-Micro-Max 是一个用 C 写就的 133 行象棋源程序。
-
-作者实现了一个 hash 变换表,该引擎检查输入移动的合法性,以及支持 FIDE(注: World Chess Federation 缩写,[这里](https://www.fide.com/)为其官网) 的全部规则,除了正在推广的规则。
-
-特点包括:
-
-- 递归的 negamax 搜索
-- 重新夺回的静态搜索
-- 重新夺回规则的扩展
-- 迭代深化
-- 最好的先走策略 `排序`
-- 存储分数和最佳移动的 Hash 表
-- 完整的 FIDE 规则(不包括正在推广的规则) 和移动合法性检查
-
-同样存在一个简装的 1433个字符的版本,但允许你使用符合 FIDE 规则的正在推广的规则。
-
-- 网站: [home.hccnet.nl/h.g.muller/max-src2.html][3]
-- 开发者: Harm Geert Muller
-- 协议: The MIT License
-- 版本号: 3.2
-
---------------------------------------------------------------------------------
-
-via: http://www.linuxlinks.com/article/20150222033906262/ChessBytes.html
-
-作者:Frazer Kline
-译者:[FSSlc](https://github.com/FSSlc)
-校对:[校对者ID](https://github.com/校对者ID)
-
-本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
-
-[1]:http://nanochess.org/chess6.html
-[2]:http://www.pouet.net/prod.php?which=64962
-[3]:http://home.hccnet.nl/h.g.muller/max-src2.html
\ No newline at end of file
diff --git a/translated/share/20150323 Papyrus--An Open Source Note Manager.md b/translated/share/20150323 Papyrus--An Open Source Note Manager.md
deleted file mode 100644
index 87c80fa0ac..0000000000
--- a/translated/share/20150323 Papyrus--An Open Source Note Manager.md
+++ /dev/null
@@ -1,61 +0,0 @@
-Papyrus:开源笔记管理工具
-================================================================================
-
-
-在上一篇帖子中,我们介绍了[任务管理软件Go For It!][1].今天我们将介绍一款名为**Papyrus的开源笔记软件**
-
-[Papyrus][2] 是[Kaqaz笔记管理][3]的变体并使用了QT5.它不仅有简洁、易用的界面,还具备了较好的安全性。由于强调简洁,我觉得Papyrus与OneNote比较相像。你可以将你的笔记像"纸张"一样分类整理,还可以给他们添加标签进行分组。够简单的吧!
-
-### Papyrus的功能: ###
-
-## Papyrus的功能: ###
-
-虽然Papyrus强调简洁,它依然有很多丰富的功能。他的一些主要功能如下:
-- 按类别和标签管理笔记
-- 高级搜索选项
-- 触屏模式
-- 全屏选项
-- 备份至Dropbox/硬盘
-- 某些页面允许加密
-- 可与其他软件共享笔记
-- 与Dropbox加密同步
-- 除Linux外,还可在Android,Windows和OS X使用
-
-### Install Papyrus ###
-
-Papyrus为Android用户提供了APK安装包。Windows和OS X也有安装文件。Linux用户还可以获取程序的源码。使用Ubuntu及其他基于Ubuntu的发行版可以使用.deb包进行安装。根据你的系统及习惯,你可以从Papyrus的下载页面中获取不同的文件:
-
-- [下载 Papyrus][4]
-
-### 软件截图 ###
-
-以下是此软件的一些截图:
-
-
-
-
-
-
-
-
-
-
-试试Papyrus吧,你会喜欢上它的。
-
-(译者注;此软件暂无中文版)
-
---------------------------------------------------------------------------------
-
-via: http://itsfoss.com/papyrus-open-source-note-manager/
-
-作者:[Abhishek][a]
-译者:[KevinSJ](https://github.com/KevinSJ)
-校对:[校对者ID](https://github.com/校对者ID)
-
-本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
-
-[a]:http://itsfoss.com/author/abhishek/
-[1]:http://itsfoss.com/go-for-it-to-do-app-in-linux/
-[2]:http://aseman.co/en/products/papyrus/
-[3]:https://github.com/sialan-labs/kaqaz/
-[4]:http://aseman.co/en/products/papyrus/
diff --git a/sources/share/20150407 Top 6 Ways To Get Your iTunes Experience On Linux.md b/translated/share/20150407 Top 6 Ways To Get Your iTunes Experience On Linux.md
similarity index 59%
rename from sources/share/20150407 Top 6 Ways To Get Your iTunes Experience On Linux.md
rename to translated/share/20150407 Top 6 Ways To Get Your iTunes Experience On Linux.md
index 194c3307e2..5e5d0e213a 100644
--- a/sources/share/20150407 Top 6 Ways To Get Your iTunes Experience On Linux.md
+++ b/translated/share/20150407 Top 6 Ways To Get Your iTunes Experience On Linux.md
@@ -1,15 +1,29 @@
+六种在 Linux 上带来 iTunes 体验的方法
Top 6 Ways To Get Your iTunes Experience On Linux
================================================================================
+随着你对 Linux 的熟悉(也许会成为你首要使用的操作系统),你最终会寻找能在Linux上有效管理音乐的工具。你首先想到了 iTunes,因为它是近几年最流行的音乐管理工具,但你马上会发现iTunes并没有Linux版本。而且,你会发现还有比 iTunes 更好的音乐管理工具。
As you’re getting used to Linux (potentially as your new main operating system), you’ll eventually try to find a way to efficiently manage your music. iTunes comes to mind because it’s been the most popular way to manage music over the years, but you’ll quickly find out that iTunes isn’t available natively on Linux. Plus, better ways exist to manage your music now that it’s 2015.
+尽管如此,这并不意味着你就不能使用你喜欢的方式管理音乐。Linux 上有很多方式可以让你整理你的音乐库。以下六种,仅供参考:
However, that doesn’t automatically mean that you won’t be able to manage your music the way you want to. There’s plenty of other ways to keep tabs on your music library. Here’s six great ways to get it done.
+### 在WINE上运行iTunes ###
### iTunes via WINE ###
+尽管 iTunes 没有Linux版,你还是可以试试 [使用 WINE 运行 iTunes ][1] 或 PlayOnLinux 的。这些软件给本来只能运行于Windows下的应用程序添加了一个兼容层,这样就能让他们运行在Linux上了,但这样的方法效果十有分限。因此 [并非所有 Windows 应用程序都能使用WINE运行][2] - 但这还是一个值得尝试的方法。
Even if iTunes isn’t available in Linux as a native application, you can still try to [get it to work under WINE][1] or PlayOnLinux. These pieces of software try to add a compatibility layer so that Windows applications work on Linux, but the results are far from perfect. Therefore, [not all Windows applications will run with WINE][2] — but it’s still worth a try.
+各个版本的iTunes结果可能给你不同的结果,但一般都遵循以下方法:
+1. 安装WINE
+1. 在WINE里运行iTunes安装程序
+1. 在网上搜索并解决你遇到的问题。
+
+如果你在安装时遇到无法解决的问题,比如安装程序错误,或者安装好的程序运行不了,那是没办法的,WINE 就是这样
+
+如果你想在 WINE 上运行 iTunes 但恰好运行不了的话,没问题。但如果你还想考虑运行一个原生的Linux的话,还有很多其他选择的。这些音乐管理软件狗能让你很方便的管理你的音乐并直接进行播放,还可以制作播放列表。
+
Each version of iTunes can give you different results, but the general process is as follows:
1. Install WINE
@@ -24,50 +38,65 @@ If you really want to use iTunes and you happen to luck out with WINE, then that
+如果你使用KDE环境,我推荐 Amarok。它具有 [很多管理音乐的特性][4] 而且他还能与KDE桌面环境无缝兼容。它很有很多实用的特性如无缝兼容 Last.FM,文件跟踪,动态播放列表及个吃支持。它甚至会自动在你播放曲目时,自动下载艺术家封面。
+
If you use KDE, then I’d recommend Amarok. It has [plenty of features to manage your music][4] and tight desktop integration with KDE. It also has useful features such as Last.FM integration, file tracking, dynamic playlists, and script support. It can even pull up biographies of artists as you play their songs.
### [Banshee][5] ###
+如果你使用 GNOME 或其他任何基于 GTK 的桌面环境(他们十分常见)的话,我推荐使用使用Bansee作为 [全功能音乐库管理工具][6] 。它的功能与Amarok类似,也与Last.FM无缝兼容,支持网络广播,支持podcast,还有很多其他功能。选择 Amarok 还是 Bansee 要看你使用的桌面环境(这样才能无缝整合)。
+
If you use GNOME or any GTK-based desktop environment (they’re quite common), then I’d recommend Banshee as a [full-featured music library][6] manager. It has a very similar feature set as Amarok, including Last.FM integration, Internet radio support, podcast support, and much more. Amarok and Banshee are really among the top two choices, so which one you choose should depend on which desktop environment you’re using (for integration’s sake).
### [Rhythmbox][7] ###
+Rhythmbox是一个 基于GTK的桌环境下更 [轻量级的音乐库替代品][8]。尽管如此,它也还是有一些特性的。它也支持Last.FM,同时还能无缝播放并与其他如 Nautilus, XChat,及Pidgin 等进行整合。
Rhythmbox as a more [lightweight music library alternative][8] that is best used on GTK-based desktop environments. However, it still has quite a few features. You also get Last.FM support here, plus gapless playback and integration with various other applications such as Nautilus, XChat, and Pidgin.
### [Clementine][9] ###
+另一款叫 Clementine 的软件也值得我推荐,因为它的见面简洁、易用。它支持非常多的第三方服务例如Spotify,Digtal Imported 及Dropbox。Android系统上还有一款用作 Clementine 遥控的app。[Clementine是一个跨平台的][10] , 还支持Mac OS X 及 Windows。
Another application called Clementine also gets my recommendation with its clean and intuitive interface. It has tons of support for third-party services such as Spotify, Digitally Imported, and Dropbox. There’s also an Android app you can use as a remote control for Clementine. [Clementine is cross-platform][10] and available for Windows and Mac OS X.
+这些程序都能很好的管理并播放你的音乐。唯一的问题是这些程序都不支持与 iOS 设备的整合, 而且目前还没有程序能做到这一点。但 iOS 经过很多改进后,已经足以不需要再连接到电脑了。
They all are excellent at managing and playing your music. The only downside to all of these is that there is no iOS device integration, and there’s currently no modern application that can do that. However, iOS has received enough improvements that it’s virtually unnecessary to connect it to a computer anymore.
### [Google Play Music][11] ###
+最后,如果上面的那些程序还不能满足你的需求的花,你可以试试 Google Play Music。这个在线服务也可以用作能播放音乐的音乐库管理工具,但他还有几个额外的好处。你可以上传所有的音乐,并且在所有能上网的设备上获取这些音乐。这也意味着你不需要在电脑或者移动设备之间同步你的音乐(无论是 Android 还是 iOS 设备),因为你可以这些设备中使用Google Play Music。 如果你想要扩展你的去库,你可以订阅 All Access,但这并不是必须的。你不需要支付任何费用也可在你的曲库中储存20,000首
Lastly, if none of those applications satisfy your needs, you can take a look at Google Play Music. This online service acts as a music library manager that can play your music, but it also has some extra benefits. You can upload all your music to it and have access on any device connected to the Internet. That also means that you won’t have to sync your music between your computer and your mobile device (no matter if Android or iOS) because you have access to Google Play Music from both. If you want to expand your library you can get the All Access subscription, but it’s not a requirement. You can use it simply as a music library completely free for up to 20,000 songs.
+#### 靠,居然没有 Spotify ?! ####
#### Wot, no Spotify?! ####
+尽管 Spotify 也是一款管理和听音乐的方法,我不推荐它的唯一原因是它事实上并不让你管理你的音乐。你不能将曲目上传到 Spotify - 只能它们给你提供的曲目。尽管它们提供了很多,但原理都不尽相同。
The only reason why I don’t mention Spotify is that, although it’s also a great way to access and listen to music, it doesn’t really let you manage your own music. You can’t upload trakcs to Spotify — you have to listen to what they give you. Albeit they give you a lot, but it’s nonetheless a different mechanism.
-### You Have Options ###
+### 你还有其他选择 ###
+### You Have Options ###
+
+以上六个软件应该可以在给你带来类似 iTunes 的功能了。这些软件主要是能让你管理和播放你的音乐库,但如果你还需要 iTunes 里的其他特性,其他Linux原生软件或许能满足这类需求。
With these six options, you should be able to get iTunes-like functionality on your desktop. These options focused mainly on managing and playing your music library, but if there are any other features that you need from iTunes, other Linux-native applications can take care of those needs.
+**你通常在Linux上使用哪些音乐?**在下方评论与我们分享吧!
**What music applications do you regularly use on Linux?** Let us know in the comments!
+
--------------------------------------------------------------------------------
via: http://www.makeuseof.com/tag/top-6-ways-get-itunes-experience-linux/
作者:[Danny Stieben][a]
-译者:[译者ID](https://github.com/译者ID)
+译者:[KevinSJ](https://github.com/KevinSJ)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
@@ -83,4 +112,4 @@ via: http://www.makeuseof.com/tag/top-6-ways-get-itunes-experience-linux/
[8]:http://www.makeuseof.com/tag/play-manage-music-collection-rhythmbox-linux/
[9]:https://www.clementine-player.org/
[10]:http://www.makeuseof.com/tag/need-a-lightweight-music-player-without-sacrificing-features-clementine-cross-platform/
-[11]:http://music.google.com/
\ No newline at end of file
+[11]:http://music.google.com/
diff --git a/translated/share/20150429 What are good command line HTTP clients.md b/translated/share/20150429 What are good command line HTTP clients.md
new file mode 100644
index 0000000000..fa9ef01c54
--- /dev/null
+++ b/translated/share/20150429 What are good command line HTTP clients.md
@@ -0,0 +1,110 @@
+什么是好的命令行HTTP客户端?
+==============================================================================
+整体大于各部分之和,这是引自希腊哲学家和科学家的亚里士多德的名言。这句话特别切中Linux。在我看来,Linux最强大的地方之一就是它的协作性。Linux的实用性并不仅仅源自大量的开源程序(命令行)。相反,其协作性来自于这些程序的综合利用,有时是结合更大型的应用。
+
+Unix哲学引发了一场“软件工具”的运动,关注开发简洁,基础,干净,模块化和扩展性好的代码,并可以运用于其他的项目。这种哲学为许多的Linux项目留下了一个重要的元素。
+
+好的开源开发者写程序为了确保该程序尽可能运行正确,同时能与其他程序很好地协作。目标就是使用者拥有一堆方便的工具,每一个力求干不止一件事。许多程序能独立工作得很好。
+
+这篇文章讨论3个开源命令行HTTP客户端。这些客户端可以让你使用命令行从互联网上下载文件。但同时,他们也可以用于许多有意思的地方,如测试,调式和与HTTP服务器或网络应用互动。对于HTTP架构师和API设计人员来说,使用命令行操作HTTP是一个值得花时间学习的技能。如果你需要来回使用API,HTTPie和cURL,这没什么价值。
+
+-------------
+
+
+
+
+
+HTTPie(发音 aych-tee-tee-pie)是一款开源命令行HTTP客户端。它是一个命令行界面,类cURL的工具。
+
+该软件的目标是使得与网络服务器的交互尽可能的人性化。其提供了一个简单的http命令,允许使用简单且自然的语句发送任意的HTTP请求,并显示不同颜色的输出。HTTPie可以用于测试,调式和与HTTP服务器的一般交互。
+
+#### 功能包括:####
+
+- 可表达,直观的语句
+- 格式化,颜色区分的终端输出
+- 内建JSON支持
+- 表单和文件上传
+- HTTPS,代理和认证
+- 任意数据请求
+- 自定义标题 (此处header不确定是否特别意义)
+- 持久会话
+- 类Wget下载
+- Python 2.6,2.7和3.x支持
+- Linux,Mac OS X 和 Windows支持
+- 支持插件
+- 帮助文档
+- 测试覆盖 (直译有点别扭)
+
+- 网站:[httpie.org][1]
+- 开发者: Jakub Roztočil
+- 证书: 开源
+- 版本号: 0.9.2
+
+----------
+
+
+
+
+
+cURL是一个开源命令行工具,用于使用URL语句传输数据,支持DICT, FILE, FTP, FTPS, GOPHER, HTTP, HTTPS,IMAP, IMAPS, LDAP, LDAPS, POP3, POP3S, RTMP, RTSP, SCP, SFTP, SMTP, SMTPS, TELNET和TFTP。
+
+cURL支持SSL证书,HTTP POST,HTTP PUT,FTP上传,HTTP基于表单上传,代理,缓存,用户名+密码认证(Basic, Digest, NTLM, Negotiate, kerberos...),文件传输恢复, 代理通道和一些其他实用窍门的总线负载。(这里的名词我不明白其专业意思)
+
+#### 功能包括:####
+
+- 配置文件支持
+- 一个单独命令行多个URL
+- “globbing”漫游支持: [0-13],{one, two, three}
+- 一个命令上传多个文件
+- 自定义最大传输速度
+- 重定向标准错误输出
+- Metalink支持
+
+- 网站: [curl.haxx.se][2]
+- 开发者: Daniel Stenberg
+- 证书: MIT/X derivate license
+- 版本号: 7.42.0
+
+----------
+
+
+
+
+
+Wget是一个从网络服务器获取信息的开源软件。其名字源于World Wide Web 和 get。Wget支持HTTP,HTTPS和FTP协议,同时也通过HTTP代理获取信息。
+
+Wget可以根据HTML页面的链接,创建远程网络站点的本地版本,是完全重造源站点的目录结构。这种方式被冠名“recursive downloading。”
+
+Wget已经设计可以加快低速或者不稳定的网络连接。
+
+功能包括:
+
+- 使用REST和RANGE恢复中断的下载
+- 使用文件名
+- 多语言的基于NLS的消息文件
+- 选择性地转换下载文档里地绝对链接为相对链接,使得下载文档可以本地相互链接
+- 在大多数类UNIX操作系统和微软Windows上运行
+- 支持HTTP代理
+- 支持HTTP数据缓存
+- 支持持续地HTTP连接
+- 无人照管/后台操作
+- 当远程对比时,使用本地文件时间戳来决定是否需要重新下载文档 (mirroring没想出合适的表达)
+
+- 站点: [www.gnu.org/software/wget/][3]
+- 开发者: Hrvoje Niksic, Gordon Matzigkeit, Junio Hamano, Dan Harkless, and many others
+- 证书: GNU GPL v3
+- 版本号: 1.16.3
+
+--------------------------------------------------------------------------------
+
+via: http://www.linuxlinks.com/article/20150425174537249/HTTPclients.html
+
+作者:Frazer Kline
+译者:[wi-cuckoo](https://github.com/wi-cuckoo)
+校对:[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[1]:http://httpie.org/
+[2]:http://curl.haxx.se/
+[3]:https://www.gnu.org/software/wget/
diff --git a/translated/talk/The history of Android/13 - The history of Android.md b/translated/talk/The history of Android/13 - The history of Android.md
new file mode 100644
index 0000000000..8929f55064
--- /dev/null
+++ b/translated/talk/The history of Android/13 - The history of Android.md
@@ -0,0 +1,104 @@
+安卓编年史
+================================================================================
+
+
+### Android 2.1, update 1——无尽战争的开端 ###
+
+谷歌是第一代iPhone的主要合作伙伴——公司为苹果的移动操作系统提供了谷歌地图,搜索,以及Youtube。在那时,谷歌CEO埃里克·施密特是苹果的董事会成员之一。实际上,在最初的苹果发布会上,施密特是在史蒂夫·乔布斯[之后第一个登台的人][1],他还开玩笑说两家公司如此接近,都可以合并成“AppleGoo”了。
+
+当谷歌开发安卓的时候,两家公司间的关系慢慢变得充满争吵。然而,谷歌很大程度上还是通过拒iPhone关键特性于安卓门外,如双指缩放,来取悦苹果。尽管如此,Nexus One是第一部不带键盘的直板安卓旗舰机,设备被赋予了和iPhone相同的外观因素。Nexus One结合了新软件和谷歌的品牌,这是压倒苹果的最后一根稻草。根据沃尔特·艾萨克森为史蒂夫·乔布斯写的传记,2010年1月在看到了Nexus One之后,这个苹果的CEO震怒了,说道:“如果需要的话我会用尽最后一口气,以及花光苹果在银行里的400亿美元,来纠正这个错误……我要摧毁安卓,因为它完全是偷窃来的产品。我愿意为此进行核战争。”
+
+所有的这些都在秘密地发生,仅在Nexus One发布后的几年后才公诸于众。公众们最早在安卓2.1——推送给Nexus One的一个称作“[2.1 update 1][2]”的更新,发布后一个月左右捕捉到谷歌和苹果间愈演愈烈的分歧气息。这个更新添加了一个功能,正是iOS一直居于安卓之上的功能:双指缩放。
+
+尽管安卓从2.0版本开始就支持多点触控API了,默认的系统应用在乔布斯的命令下依然和这项实用的功能划清界限。在关于Nexus One的和解会议谈崩了之后,谷歌再也没有理由拒双指缩放于安卓门外了。谷歌给设备推送了更新,安卓终于补上了不足之处。
+
+随着谷歌地图,浏览器以及相册中双指缩放的全面启用,谷歌和苹果的智能手机战争也就此拉开序幕。在接下来的几年中,两家公司会变成死敌。双指缩放更新的一个月后,苹果开始了他的征途,起诉了所有使用安卓的公司。HTC,摩托罗拉以及三星都被告上法庭,直到现在都还有一些诉讼还没解决。施密特辞去了苹果董事会的职务。谷歌地图和Youtube被从iPhone中移除,苹果甚至开始打造自己的地图服务。今天,这两位选手几乎是“AppleGoo”竞赛的唯一选手,涉及领域十分广:智能手机,平板,笔记本,电影,TV秀,音乐,书籍,应用,邮件,生产力工具,浏览器,个人助理,云存储,移动广告,即时通讯,地图以及机顶盒……以及不久他们将会在汽车智能,穿戴设备,移动支付,以及客厅娱乐等进行竞争。
+
+### Android 2.2 Froyo——更快更华丽 ###
+
+[安卓2.2][3]在2010年5月,也就是2.1发布后的四个月后亮相。Froyo(冻酸奶)的亮点主要是底层优化,只为更快的速度。Froyo最大的改变是增加了JIT编译。JIT自动在运行时将java字节码转换为原生码,这会给系统全面带来显著的性能改善。
+
+浏览器同样得到了性能改善,这要感谢来自Chrome的V8 Javascript引擎的整合。这是安卓浏览器从Chrome借鉴的许多特性中的第一个,最终系统内置的浏览器会被移动版Chrome彻底替代掉。在那之前,安卓团队还是需要发布一个浏览器。从Chrome借鉴特性是条升级的捷径。
+
+在谷歌专注于让它的平台更快的同时,苹果正在让它的平台更全面。谷歌的竞争对手在一个月前发布了10英寸的iPad,先行进入了平板时代。尽管有些搭载Froyo和Gingerbread的安卓平板发布,谷歌的官方回应——安卓3.0 Honeycomb(蜂巢)以及摩托罗拉Xoom——在9个月后才来到。
+
+
+Froyo底部添加了双图标停靠栏以及全局搜索。
+Ron Amadeo供图
+
+Froyo主屏幕最大的变化是底部的新停靠栏,电话和浏览器图标填充了先前抽屉按钮左右的空白空间。这些新图标都是现有图标的定制白色版本,并且用户没办法自己设置图标。
+
+默认布局移除了所有图标,屏幕上只留下一个使用提示小部件,引导你点击启动器图标以访问你的应用。谷歌搜索小部件得到了一个谷歌logo,同时也是个按钮。点击它可以打开一个搜索界面,你可以限制搜索范围在互联网,应用或是联系人之内。
+
+
+下载页面有了“更新所有”按钮,Flash应用,一个flash驱动的一切皆有可能的网站,以及“移动到SD”按钮。
+[Ryan Paul][4]供图
+
+还有一些优秀的新功能加入了Froyo,安卓市场加入了更多的下载控制。有个新的“更新所有”按钮固定在了下载页面底部。谷歌还添加了自动更新特性,只要应用权限没有改变就能够自动安装应用;尽管如此,自动更新默认是关闭的。
+
+第二张图展示了Adobe Flash播放器,它是Froyo独占的。这个应用作为插件加入了浏览器,让浏览器能够有“完整的网络”体验。在2010年,这意味着网页充满了Flash导航和视频。Flash是安卓相比于iPhone最大的不同之一。史蒂夫·乔布斯展开了一场对抗Flash的圣战,声称它是一个被淘汰的,充满bug的软件,并且苹果不会在iOS上允许它的存在。所以安卓接纳了Flash并且让它在安卓上运行,给予用户在安卓上拥有半可用的flash实现。
+
+在那时,Flash甚至能够让桌面电脑崩溃,所以在移动设备上一直保持打开状态会带来可怕的体验。为了解决这个问题,安卓浏览器上的Flash可以设置为“按需打开”——除非用户点击Flash占位图标,否则不会加载Flash内容。对Flash的支持将会持续到安卓4.1,Adobe在那时放弃并且结束了这个项目。Flash归根到底从未在安卓上完美运行过。而Flash在iPhone这个最流行的移动设备上的缺失,推动了互联网最终放弃了这个平台。
+
+最后一张图片显示的是新增的移动应用到SD卡功能,在那个手机只有512MB内置存储的时代,这个功能十分的必要的。
+
+
+驾驶模式应用。相机现在可以旋转了。
+Ron Amadeo供图
+
+相机应用终于更新支持纵向模式了。相机设置被从抽屉中移出,变成一条半透明的按钮带,放在了快门按钮和其他控制键旁边。这个新设计看起来从Cooliris相册中获得了许多灵感,有着半透明,有弹性的聊天气泡弹出窗口。看到更现代的Cooliris风格UI设计被嫁接到皮革装饰的相机应用确实十分奇怪——从审美上来说一点都不搭。
+
+
+半残缺的Facebook应用是个常见的2x3导航页面的优秀范例。谷歌Goggles被包含了进来但同样是残缺的。
+Ron Amadeo供图
+
+不像在安卓2.0和2.1中包含的Facebook客户端,2.2版本的仍然部分能够工作并且登陆Facebook服务器。Facebook应用是个谷歌那时候设计指南的优秀范例,它建议应用拥有一个含有3x2图标方阵的导航页并作为应用主页。
+
+这是谷歌的第一个标准化尝试,将导航元素从菜单按钮里移到屏幕上,因为用户找不到它们。这个设计很实用,但它在打开应用和使用应用之间增加了额外的障碍。谷歌不久后湖意识到当用户打开一个应用,显示应用内容而不是中间导航页是个更好的主意。以Facebook为例,打开应用直接打开信息订阅会更合适。并且不久后应用设计将会把导航降级到二层位置——先是作为顶部的标签之一,后来谷歌放在了“导航抽屉”,一个含有应用所有功能位置的滑出式面板。
+
+还有个预装到Froyo的是谷歌Goggles,一个视觉搜索应用,它会尝试辨别图片上的主体。它在辨别艺术品,地标以及条形码时很实用,但差不多也就这些了。最先的两个设置屏幕,以及相机界面,这是应用里唯一现在还能运行的了。由于客户端太旧了,实际上你如今并不能完成一个搜索。应用里也没什么太多可看的,也就一个会返回搜索结果页的相机界面而已。
+
+
+Twitter应用,一个充满动画的谷歌和Twitter的合作成果。
+Ron Amadeo供图
+
+Froyo拥有第一个安卓Twitter应用,实际上它是谷歌和Twitter的合作成果。那时,一个Twitter应用是安卓应用阵容里的大缺憾。开发者们更偏爱iPhone,加上苹果占领先机和严格的设计要求,App Store里可选择的应用远比安卓的有优势。但是谷歌需要一个Twitter应用,所以它和Twitter合作组建团队让第一个版本问世。
+
+这个应用代表了谷歌的新设计语言,这以为着它有个中间导航页以及对动画要求的“技术演示”。Twitter应用甚至比Cooliris相册用的动画效果还多——所有东西一直都在动。所有页面顶部和底部的云朵以不同速度持续滚动,底部的Twitter小鸟拍动它的翅膀并且左右移动它的头。
+
+Twitter应用实际上有点Action Bar早期前身的特性,一条顶部对齐的连续控制条在安卓3.0中被引入。沿着所有屏幕的顶部有条拥有Twitter标志和像搜索,刷新和新tweet这样的按钮的蓝色横栏。它和后来的Action Bar之间大的区别在于Twitter/谷歌这里的设计的右上角缺少“上一级”按钮,实际上它在应用里用了完整的第二个栏位显示你当前所在位置。在上面的第二张图里,你可以看到整条带有“Tweets”标签的专用于显示位置的栏(当然,还有持续滚动的云朵)。第二个栏的Twitter标志扮演着另一个导航元素,有时候在当前部分显示额外的下拉区域,有时候显示整个顶级快捷方式集合。
+
+2.3Tweet流看起来和今天的并没有什么不同,除了隐藏的操作按钮(回复,转推等),都在右对齐的箭头按钮里。它们弹出来是一个聊天气泡菜单,看起来就像导航弹窗。仿action bar在新tweet页面有重要作用。它安置着twitter标志,剩余字数统计,以及添加照片,拍照,以及提到联系人按钮。
+
+Twitter应用甚至还有一对主屏幕小部件,大号的那个占据8格,给你新建栏,更新按钮,一条tweet,以及左右箭头来查看更多tweet。小号的显示一条tweet以及回复按钮。点击大号小部件的新建栏立即打开了“新Tweet”主窗口,这让“更新”按钮变得没有价值。
+
+
+Google Talk和新USB对话框。
+Ron Amadeo供图
+
+其他部分,Google Talk(以及没有截图的短信应用)从暗色主题变成了浅色主题,这让它们看起来和现在的更接近现在的,更现代的应用。USB存储界面会在你设备接入电脑的时候从一个简单的对话框进入全屏界面。这个界面现在有个一个异形安卓机器人/USB闪存盘混合体,而不是之前的纯文字设计。
+
+尽管安卓2.2在用户互动方式上没有什么新特性,但大的UI调整会在下两个版本到来。然而在所有的UI工作之前,谷歌希望先改进安卓的核心部分。
+
+----------
+
+
+
+[Ron Amadeo][a] / Ron是Ars Technica的评论编缉,专注于安卓系统和谷歌产品。他总是在追寻新鲜事物,还喜欢拆解事物看看它们到底是怎么运作的。
+
+[@RonAmadeo][t]
+
+--------------------------------------------------------------------------------
+
+via: http://arstechnica.com/gadgets/2014/06/building-android-a-40000-word-history-of-googles-mobile-os/13/
+
+译者:[alim0x](https://github.com/alim0x) 校对:[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[1]:http://www.youtube.com/watch?v=9hUIxyE2Ns8#t=3016
+[2]:http://arstechnica.com/gadgets/2010/02/googles-nexus-one-gets-multitouch/
+[3]:http://arstechnica.com/information-technology/2010/07/android-22-froyo/
+[4]:http://arstechnica.com/information-technology/2010/07/android-22-froyo/
+[a]:http://arstechnica.com/author/ronamadeo
+[t]:https://twitter.com/RonAmadeo
diff --git a/translated/talk/The history of Android/14 - The history of Android.md b/translated/talk/The history of Android/14 - The history of Android.md
new file mode 100644
index 0000000000..ce808f63da
--- /dev/null
+++ b/translated/talk/The history of Android/14 - The history of Android.md
@@ -0,0 +1,82 @@
+安卓编年史
+================================================================================
+### 语音操作——口袋里的超级电脑 ###
+
+2010年8月,作为语音搜索应用的一项新功能,“[语音命令][1]”登陆了安卓市场。语音命令允许用户向他们的手机发出语音命令,然后安卓会试着去理解他们并完成任务。像“导航至[地址]”这样的命令会打开谷歌地图并且开始逐向导航至你所陈述的目的地。你还可以仅仅通过语音来发送短信或电子邮件,拨打电话,打开网站,获取方向,或是在地图上查看一个地点。
+
+注:youtube视频地址
+
+
+语音命令是谷歌新应用设计哲学的顶峰。语音命令是那时候最先进的语音控制软件,秘密在于谷歌并不在设备上做任运算。一般来说,语音识别是对CPU的密集任务要求。实际上,许多语音识别程序仍然有“速度与准确性”设置,用户可以选择他们愿意为语音识别算法运行等待的时间——更多的CPU处理意味着更加准确。
+
+谷歌的创新在于没有劳烦手机上能力有限的处理器来进行语音识别运算。当说出一个命令时,用户的声音会被打包并通过互联网发送到谷歌云服务器。在那里,谷歌超算中心的超级计算机分析并解释语音,然后发送回手机。这是很长的一段旅程,但互联网最终还是有足够快的速度在一两秒内完成像这样的任务。
+
+很多人抛出词语“云计算”来表达“所有东西都被存储在服务器上”,但这才是真正的云计算。谷歌在云端进行这些巨量的运算操作,又因为在这个问题上投入了看似荒唐的CPU资源数目,所以语音识别准确性的唯一限制就是算法本身了。软件不需要由每个用户独立“训练”,因为所有使用语音操作的人无时不刻都在训练它。借助互联网的力量,安卓在你的口袋里放了一部超级电脑,同时相比于已有的解决方案,把语音识别这个工作量从口袋大小的电脑转移到房间大小的电脑上大大提高了准确性。
+
+语音识别作为谷歌的项目已经有一段时间了,它的出现都是因为一个800号码。[1-800-GOOG-411][2]是个谷歌从2007年4月起开通的免费电话信息服务。它就像411信息服务一样工作了多年——用户可以拨打这个号码询问电话号码——但是谷歌免费提供这项服务。查询过程中没有人工的干预,411服务由语音识别和文本语音转换引擎驱动。语音命令就是人们教谷歌如何去听之后三年才有实现的可能。
+
+语音识别是谷歌长远思考的极佳范例——公司并不怕在一个可能成不了商业产品的项目上投资多年。今天,语音识别驱动的产品遍布谷歌。它被用在谷歌搜索应用的输入,安卓的语音输入,以及Google.com。同时它还是Google Glass和[Android Wear][3]的默认输入界面。
+
+谷歌甚至还在输入之外的地方使用语音识别。谷歌的语音识别技术被用在了转述Youtube视频上,它能自动生成字幕供听障用户观看。生成的字幕甚至被谷歌做成了索引,所以你可以搜索某句话在视频的哪里说过。语音是许多产品的未来,并且这项长期计划将谷歌带入了屈指可数的拥有自家语音识别服务的公司行列。大部分其它的语音识别产品,像苹果的Siri和三星设备,被迫使用——并且为其支付了授权费——Nuance的语音识别。
+
+在计算机听觉系统设立运行之后,谷歌下一步将把这项策略应用到计算机视觉上。这就是为什么像Google Goggles,Google图像搜索和[Project Tango][4]这样的项目存在的原因。就像GOOG-411的那段日子,这些项目还处在早期阶段。当[谷歌的机器人部门][5]造出了机器人,它会需要看和听,谷歌的计算机视觉和听觉项目会给谷歌一个先机。
+
+
+Nexus S,第一部三星制造的Nexus手机。
+
+### Android 2.3 Gingerbread——第一次UI大变 ###
+
+Gingerbread(姜饼人)发布于2010年12月,这已是2.2发布整整七个月之后了。尽管如此,等待是值得的,因为安卓2.3整个系统的每个界面几乎都改变了。这是从安卓0.9最初的样式以来第一次重大的更新。2.3开始了一系列持续的改进,试着将安卓从丑陋的小鸭子变成能承载它自己的合适的样子——从美学角度——来对抗iPhone。
+
+说到苹果,六个月前,它发布了iPhone 4和iOS 4,新增了多任务处理和Facetime视频聊天。微软同样也终于重返这场游戏。微软在2010年11月发布了Windows Phone 7,也进入了智能手机时代。
+
+安卓2.3在界面设计上投入了很多精力,但是由于缺乏方向或设计文档,许多应用仅仅止步于获得了一个新的定制主题而已。一些应用用了更扁平的暗色主题,一些用了充满渐变,活泼的暗色主题,其他应用则是高对比度的白色和绿色组合。尽管2.3并没有做到风格统一,Gingerbread还是完成了让系统几乎每个部分变得更现代化的任务。这同样是件好事,因为下一个手机版安卓要在将近一年后才到来。
+
+Gingerbread的首发设备是Nexus S,谷歌的第二部旗舰设备,并且是第一部由三星生产的Nexus设备。尽管今天我们已经习惯了每年都有更新型号的CPU,那时候可不是这个样子。Nexus S有个1GHz Cortex A8处理器,和Nexus One是一样的。GPU从速度来说略微有所变快。Nexus S稍微比Nexus One大一点,拥有800×480分辨率的AMOLED显示屏。
+
+从参数上来说,Nexus S看起来只是个平淡无奇的升级,但他确实开了安卓的许多先河。Nexus S是谷歌第一部没有MicroSD卡槽的旗舰,板载16GB存储。Nexus One只有512MB存储空间,但它有MicroSD卡槽。移除SD卡槽为用户简化了存储管理——现在只有一个存储地点了——但是影响了高级用户的扩展能力。它是谷歌第一部带有NFC的手机,手机背面的一个特殊芯片能够在和其他NFC芯片接触时传输数据。Nexus S暂时只能读取NFC标签,而不能发送数据。
+
+托Gingerbread中一些升级的福,Nexus S是第一部不带有硬件十字方向键或轨迹球安卓手机之一。Nexus S缩减到只有电源,音量以及四个导航键。Nexus S同时还是如今[疯狂的曲面手机][6]的先驱,因为三星给Nexus S配备了一块略微有些弯曲的玻璃。
+
+
+Gingerbread更改了状态栏和壁纸,并且添加了许多新图标。
+Ron Amadeo供图
+
+升级过的“Nexus”动态壁纸作为Nexus S的独占发布。这个壁纸基本上和Nexus One的一样,带有带动画轨迹的光点。在Nexus S上,去除了方阵设计,取而代之的是波浪形的蓝/灰色背景。底部dock有了直角和彩色图标。
+
+
+新通知面板和菜单。
+Ron Amadeo供图
+
+状态栏自0.9的首次登场以来终于得到了重制。状态栏从白色渐变变成纯黑,所有图标重绘成了灰色和绿色。所有东西看起来都更加清爽和现代,这要感谢锐角图标设计和高分辨率。最奇怪的决定可能是从状态栏时钟移除了时间段显示以及信号强度那令人疑惑的灰色。尽管灰色被用在状态栏的许多图标上,而且上面截图有四格灰色信号,安卓实际上指示的是没有信号。绿色格表示信号强度,灰色格指示的是“空”信号格。
+
+Gingerbread的状态栏图标同时还作为网络连接的状态指示。如果你的设备连接到了谷歌的服务器,图标会变绿,如果没有谷歌的连接,图标会是白色的。这让你可以在外出时轻松了解你的网络连接状态。
+
+通知面板的设计从安卓1.5的设计改进而来。我们看到UI部分再次从浅色主题变为暗色主题,有个深灰色顶部,黑色背景以及在灰色底色上的黑色文本。
+
+菜单颜色同样变深了,背景从白色变成了带点透明的黑色。菜单图标和背景的对比并没有它应该有的那么强烈,因为灰色图标的颜色和它们在白色背景上的时候是一样的。要求改变颜色意味着每个开发者都得制作新的图标,所以谷歌在黑色背景上使用了先前就有的灰色。这是系统级别的改变,所以这个新菜单会出现在每个应用中。
+
+----------
+
+
+
+[Ron Amadeo][a] / Ron是Ars Technica的评论编缉,专注于安卓系统和谷歌产品。他总是在追寻新鲜事物,还喜欢拆解事物看看它们到底是怎么运作的。
+
+[@RonAmadeo][t]
+
+--------------------------------------------------------------------------------
+
+via: http://arstechnica.com/gadgets/2014/06/building-android-a-40000-word-history-of-googles-mobile-os/14/
+
+译者:[alim0x](https://github.com/alim0x) 校对:[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[1]:http://arstechnica.com/gadgets/2010/08/google-beefs-up-voice-search-mobile-sync/
+[2]:http://arstechnica.com/business/2007/04/google-rolls-out-free-411-service/
+[3]:http://arstechnica.com/gadgets/2014/03/in-depth-with-android-wear-googles-quantum-leap-of-a-smartwatch-os/
+[4]:http://arstechnica.com/gadgets/2014/02/googles-project-tango-is-a-smartphone-with-kinect-style-computer-vision/
+[5]:http://arstechnica.com/gadgets/2013/12/google-robots-former-android-chief-will-lead-google-robotics-division/
+[6]:http://arstechnica.com/gadgets/2013/12/lg-g-flex-review-form-over-even-basic-function/
+[a]:http://arstechnica.com/author/ronamadeo
+[t]:https://twitter.com/RonAmadeo
diff --git a/translated/tech/20150112 What are useful command-line network monitors on Linux.md b/translated/tech/20150112 What are useful command-line network monitors on Linux.md
new file mode 100644
index 0000000000..37eea5a91b
--- /dev/null
+++ b/translated/tech/20150112 What are useful command-line network monitors on Linux.md
@@ -0,0 +1,135 @@
+ʲôLinuxʵõʽӹ
+===============================================================================
+κιģҵ˵һҪĹܡӵĿǧ𡣱磬ӻĿDZ֤ڵ繩ӦȫܽŲ顢ʹͳƵȡĿ겻ͬʹúܶͬķʽʹð̽ʹͳݣע̽־ȡ
+
+רõϵͳ36524СʱӣɿضʹʽijЩʽijáϵͳԱӦʹһЩ֪ʽľһ**Linuxʵõ**б
+
+### ̽ ###
+
+£ӹ·ϲİǵݣչʾݻ߰ͳݡЩײмӡͬҲܽϸȵļӣDzI/OͷĹ̡
+
+1. **dhcpdump**һʽDHCP̽ߣDHCP/ظûѺõķʽʾDHCPЭϢһŲDHCPعϵʵùߡ
+
+2. **[dsniff][1]**һе̽ϣӵƭͽٳֹܣԡ̽Ϣ롢NSFemailϢַȡ
+
+3. **[httpry][2]**һHTTP̽ڲHTTPͻظģûѺõķʽʾЩϢ
+
+4. **IPTraf**еͳݲ鿴ʵʱʾ桢Ӳ桢ӿڲ桢Эı/ֽץЭƣҲȫDz˵ġ
+
+
+
+5. **[mysql-sniffer][3]**һץȡMySQLصݰĹߡԿɶķʽʾƵȫ
+
+6. **[ngrep][4]**籨ִgrepʵʱץȡģʽʮƱʽķʽƥ䱨ġһԶ쳣м⡢洢߶ʵʱضģʽĽץȡʵùߡ
+
+7. **[p0f][5]**һĻڰָ̽ƲɼߣԿɿʶϵͳNATߴá·ԼTCPصԡ
+
+8. **pktstat**һʽĹߣͨʵʱģʾӴʹԼصЭ飨磬HTTP GET/POSTFTPX11Ϣ
+
+
+
+13. **[iftop][7]**һʹüߣʵʱʾijӵĴʹдʹͨncursesĽӿпӻԷļĸĴ
+
+14. **nethogs**һ̼ӹߣṩصʵʱ/дʹϢncursesʾԼռôĽ̺á
+
+15. **netstat**һʾTCP/UDPջͳϢĹߡӿڷ/ա·ɱЭ/ֵͳϢԡջصܡԴʹʱá
+
+16. **[speedometer][8]**һӻijӿڷ/յĴʹõʷƣһncurses״ͼʾĹߡ
+
+
+
+17. **[sysdig][9]**һLinuxϵͳӵͳһԽӿڵϵͳۺdebugߡģԼߡ/صͳݣ/ȡ
+
+18. **tcptrack**һTCPӼӹߣʾTCPӣԴ/ĿIPַ/˿ڡTCP״̬ʹõȡ
+
+
+
+19. **vnStat**һά˻ڽӿڵʷ/ʹͼ磬ǰÿաÿ£Ϊһ̨ػ̣ռ洢ͳݣӿڴʹʺʹֽ
+
+### ###
+
+ͬǰᵽıļߣĹڼʱġע롱̽ݵУһռӦķӦĿ··ɹʹõĴʡʱϵͳûȱݵȡ
+
+20. **[dnsyo][10]**һDNSߣܹ1500ͬĿŽȺDNSѯDNSŲDNSõʱá
+
+21. **[iperf][11]**һTCP/UDPߣܹôͨ䵥˫TCP/UDP̽õĴڼгЭջʱáһ[netperf][12]ıӵиĹܼõͳݡ
+
+22. **[netcat][13]/socat**ͨõdebugߣԶTCP/UDPֽждͨijűں˶紫˿ڽм
+
+23. **nmap**һж˿ɨ緢ֹߡɻTCP/UDPɨ輼ҿŵĶ˿ڡڱڵIJϵͳ鱾©߽ӳʱá[zmap][14]һƵƷһڻΧɨ蹤ߡ
+
+24. pingһõԹߡͨICMPechoreplyĽǿʵ书ܡڲ·ɵRTTԼԶϵͳǽʱápingıиƯĽ棨磬[noping][15]Э֧֣磬[hping][16]߲̽磬[fping][17]
+
+
+
+25. **[sprobe][18]**һʽƶϱԶIPַƿйߡʹTCPֻƿڼΧܺ·صʱá
+
+26. **traceroute**һִܷӱصԶĵ·/ת·緢ֹߡTTL̽ⱨģռм·ɵICMPϢŲӻ·صʱátracerouteıиõRTTͳƹܣ磬[mtr][19]
+
+### Ӧ־ ###
+
+£ضķӦóΪĿ꣨磬webݿɷĵͨ־ͼ⡣ǰᵽļĹܹӦòͼ
+
+27. **[GoAccess][20]**һApacheNginxĽʽ鿴ڶԻȡ־ķչʾշͻ˲ϵͳͻλáͻڵĶʵʱͳϢԹʽʾ
+
+
+
+28. **[mtop][21]**һMySQL/MariaDBмԽǰݿдIJѯԿӻķʽʾŻMySQLܡгʱá
+
+
+
+29. **[ngxtop][22]**һNginxApacheߣܹtopָķʽӻʾWebwebIJѯ־ļռijĿĵػͳϢ
+
+### Conclusion ###
+
+ƪУչʾʽߣײİļ߲Ӧó֪Ǹߵһ£ѡĸʹһ¡һһ߲ΪÿʹõͨõĽһõϵͳԱӦܾĸ߸ʺϵǰĻϣбԴ
+
+ӭͨظĽбݣ
+
+--------------------------------------------------------------------------------
+
+via: http://xmodulo.com/useful-command-line-network-monitors-linux.html
+
+ߣ[Dan Nanni][a]
+ߣ[wwy-hust](https://github.com/wwy-hust)
+Уԣ[УID](https://github.com/УID)
+
+ [LCTT](https://github.com/LCTT/TranslateProject) ԭ룬[Linuxй](http://linux.cn/) Ƴ
+
+[a]:http://xmodulo.com/author/nanni
+[1]:http://www.monkey.org/~dugsong/dsniff/
+[2]:http://xmodulo.com/monitor-http-traffic-command-line-linux.html
+[3]:https://github.com/zorkian/mysql-sniffer
+[4]:http://ngrep.sourceforge.net/
+[5]:http://lcamtuf.coredump.cx/p0f3/
+[6]:http://xmodulo.com/recommend/firewallbook
+[7]:http://xmodulo.com/how-to-install-iftop-on-linux.html
+[8]:https://excess.org/speedometer/
+[9]:http://xmodulo.com/monitor-troubleshoot-linux-server-sysdig.html
+[10]:http://xmodulo.com/check-dns-propagation-linux.html
+[11]:https://iperf.fr/
+[12]:http://www.netperf.org/netperf/
+[13]:http://xmodulo.com/useful-netcat-examples-linux.html
+[14]:https://zmap.io/
+[15]:http://noping.cc/
+[16]:http://www.hping.org/
+[17]:http://fping.org/
+[18]:http://sprobe.cs.washington.edu/
+[19]:http://xmodulo.com/better-alternatives-basic-command-line-utilities.html#mtr_link
+[20]:http://goaccess.io/
+[21]:http://mtop.sourceforge.net/
+[22]:http://xmodulo.com/monitor-nginx-web-server-command-line-real-time.html
diff --git a/translated/tech/20150215 How to analyze and view Apache web server logs interactively on Linux.md b/translated/tech/20150215 How to analyze and view Apache web server logs interactively on Linux.md
deleted file mode 100644
index 51ad96d272..0000000000
--- a/translated/tech/20150215 How to analyze and view Apache web server logs interactively on Linux.md
+++ /dev/null
@@ -1,167 +0,0 @@
-如何在Linux中以交互方式分析和查看Apache web服务器日志?
-================================================================================
-
-无论你是在网站托管业务,还是在自己的VPS上运行几个网站,你总会有机会想要显示访客数量例如前几的房客,请求使用的文件(无论是动态或者是静态),带宽的使用,客户端的浏览器,和相关的网站,等等。
-
-
-[GoAccess][1] 是一款用于Apache或者Nginx命令行日志分析和交互式查看器。有了这款工具,你不仅可以浏览到之前提及的相关数据,还可以分析网站服务器日志来进一步挖掘数据 - 然而 **这一切都可以在一个终端窗口实时输出**.由于今天的[大多数web服务器][2]使用一个Debian的衍生版或者基于红帽发行版来作为底层操作系统,我将会告诉你如何在Debian和CentOS中安装和使用GoAccess。
-
-
-### 在Linux系统安装GoAccess ###
-
-
-在Debian,Ubuntu及其衍生版本,运行一下命令来安装GoAccess:
-
- # aptitude install goaccess
-
-在CentOS中,你将需要使你的[EPEL 仓库][3]可用然后执行以下命令:
-
- # yum install goaccess
-
-在Fedora,同样使用yum命令:
-
- # yum install goaccess
-
-
-如果你想从源码安装GoAccess来使后续的功能可用(例如 GeoIP 的位置),为你的操作系统安装[必需的依赖包][4],按以下步骤进行:
-
- # wget http://tar.goaccess.io/goaccess-0.8.5.tar.gz
- # tar -xzvf goaccess-0.8.5.tar.gz
- # cd goaccess-0.8.5/
- # ./configure --enable-geoip
- # make
- # make install
-
-
-以上安装的版本是 0.8.5,但是你也可以在该软件的网站[下载页][5]确认是否是最新版本。
-
-
-由于GoAccess不需要后续的配置,一旦安装你就可以马上使用。
-
-
-### 运行 GoAccess ###
-
-开始使用GoAccess,只需要对它运行你的Apache访问日志。
-
-
-对于Debian及其衍生版本:
-
- # goaccess -f /var/log/apache2/access.log
-
-
-基于红帽的发型版本:
-
- # goaccess -f /var/log/httpd/access_log
-
-
-当你第一次启动GoAccess,你将会看到下方屏幕中选择日期和日志格式。正如前面所述,你可以选择在空格键和F10之间相互切换。至于日期和日志格式,你可能希望参考[Apache 文档][6]来刷新你的记忆。
-
-
-在这个例子中,选择常见日志格式(CLI):
-
-
-
-然后按F10.你将会从屏幕中获得统计数据。为了简约,只显示首部,也就是总结日志文件的摘要,如下图所示:
-
-
-
-
-### 通过 GoAccess来浏览网站服务器统计数据 ###
-
-当你通过向下的剪头滚动页面,你会发现一下章节,按要求进行排序。这里提及的目录顺序可能会根据你的发型版本或者(从源和库)首选的安装方式:
-
-1. 每天唯一访客(具有同样IP,同一日期和统一代理被认为是)
-
-
-
-2. 请求的文件(网页URL)
-
-
-
-
-3. 请求的静态文件(例如,.png文件,.js文件等等)
-
-4. 请求的URLs(每一个URL请求的出处)
-
-5. HTTP 404 不能找到响应的代码
-
-
-
-6. 操作系统
-
-7. 浏览器
-
-8. 主机(客户端IP地址)
-
-
-
-9. HTTP 状态代码
-
-
-
-10. 前几位的推荐站点
-
-11. 在谷歌的搜索引擎使用的排名在前的关键字
-
-
-如果你还想检查已经存档的日志,你可以在GoAccess通过使用管道符号如下。
-
-在Debian及其衍生版本:
-
- # zcat -f /var/log/apache2/access.log* | goaccess
-
-在基于红帽的发型版本:
-
- # cat /var/log/httpd/access* | goaccess
-
-
-如果你需要任何更多关于以上的详细报告(1至11项),直接按下章节序号再按O(大写o),就可以显示出你需要的详细视图。下面的图像显示5-O的输出(先按5,再按O)
-
-
-
-
-如果要现实GeoIP位置信息,打开详细视图的主机部分,如前面所述,你将会看到客户端IP地址所在的位置以及显示web服务器的请求。
-
-
-
-
-
-如果你的系统还尚未达到很忙碌的状态,以上提及的章节将不会显示大量的信息,但是这种情形可以通过在你网站服务器越来越多的请求发生改变。
-
-### 在线保存分析的报告 ###
-
-
-当然有时候你不想每次都实时去检查你的系统状态,但是保存一份在线的分析文件或者打印版是由必要的。要生成一个HTML报告,只需要通过之前提到GoAccess命令输出来简单地重定向道一个HTML文件。然后,你只需通过web浏览器来将这份报告打开即可。
-
-
-
- # zcat -f /var/log/apache2/access.log* | goaccess > /var/www/webserverstats.html
-
-
-一旦报告生成,你将需要点击展开的链接来显示每个类别详细的视图信息:
-
-
-
-注释:youtube视频
-
-
-
-正如我们通过这篇文章讨论,GoAccess是一个非常可贵的工具,它提供给作为百忙之中的系统管理员一份HTTP统计的静态可是报告。虽然GoAccess默认其输出结果为标准输出,但是你也可以将他们保存到JSON,HTML或者CSV文件。这样的转换,GoAccess将作为一个非常有用的工具来监控和显示网站服务器的统计数据。
-
---------------------------------------------------------------------------------
-
-via: http://xmodulo.com/interactive-apache-web-server-log-analyzer-linux.html
-
-作者:[Gabriel Cánepa][a]
-译者:[disylee](https://github.com/译者ID)
-校对:[校对者ID](https://github.com/校对者ID)
-
-本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
-
-[a]:http://xmodulo.com/author/gabriel
-[1]:http://goaccess.io/
-[2]:http://w3techs.com/technologies/details/os-linux/all/all
-[3]:http://xmodulo.com/how-to-set-up-epel-repository-on-centos.html
-[4]:http://goaccess.io/download#dependencies
-[5]:http://goaccess.io/download
-[6]:http://httpd.apache.org/docs/2.4/logs.html
diff --git a/translated/tech/20150304 Monitoring Your Network And Servers With Observium.md b/translated/tech/20150304 Monitoring Your Network And Servers With Observium.md
deleted file mode 100644
index 9c78793904..0000000000
--- a/translated/tech/20150304 Monitoring Your Network And Servers With Observium.md
+++ /dev/null
@@ -1,172 +0,0 @@
-
-使用Observium来监控你的网络和服务器
-================================================================================
-### 简介###
-
-在监控你的服务器,交换机或者物理机器时有过问题吗?, **Observium**可以满足你的需求.作为一个免费的监控系统,可以帮助你远程监控你的服务器.它是一个由PHP编写的基于自动发现SNMP的网络监控平台,支持非常广泛的网络硬件和操作系统,包括 Cisco,Windows,Linux,HP,NetApp等.在此我会通过在Ubuntu12.04上设置一个**Observium**服务器的同时提供相应的步骤.
-
-
-
-目前存在两种不同的**observium**版本.
-
-- Observium 社区版本是一个在QPL开源许可证下的免费工具,这个版本时对于较小部署的最好解决方案. 该版本每6个月得到一次安全性更新.
-- 第2个版本是Observium Professional, 该版本在基于SVN的发布机制下的发行版. 会得到每日安全性更新. 该工具适用于服务提供商和企业级部署.
-
-更多信息可以通过其官网获得[website of Observium][1].
-
-### 系统需求###
-
-为了安装 **Observium**, 需要具有一个最新安装的服务器。**Observium**是在Ubuntu LTS和Debian系统上进行开发的,所以推荐在Ubuntu或Debian上安装**Observium**,因为可能在别的平台上会有一些小问题。
-
-该文章会知道你如何在Ubuntu12.04上进行安装**Observium**。对于小型的**Observium**安装,推荐的基础配置要有256MB内存和双核处理器。
-
-### 安装需求 ###
-
-在安装**Observuim**之前,你需要确认安装所有的依赖关系包。
-
-首先,使用下面的命令更新的服务器:
-
- sudo apt-get update
-
-然后你需要安装运行Observuim 所需的全部包。
-
-Observium需要使用下面所列出的软件才能正确的运行:
-
-- LAMP server
-- fping
-- Net-SNMP 5.4+
-- RRDtool 1.3+
-- Graphviz
-
-对于可选特性的要求:
-
-- Ipmitool - 只有当你想要探寻IPMI(Intelligent Platform Management Interface智能平台管理接口)基板控制器。
-- Libvirt-bin - 只有当你想要使用libvirt进行远程VM主机监控时。
-
- sudo apt-get install libapache2-mod-php5 php5-cli php5-mysql php5-gd php5-mcrypt php5-json php-pear snmp fping mysql-server mysql-client python-mysqldb rrdtool subversion whois mtr-tiny ipmitool graphviz imagemagick libvirt ipmitool
-
-### 为Observium创建MySQL 数据库和用户。
-
-现在你需要登录到MySQL中并为**Observium**创建数据库:
- mysql -u root -p
-
-在用户验证成功之后,你需要按照下面的命令创建该数据库。
-
- CREATE DATABASE observium;
-
-数据库名为**Observium**,稍后你会需要这个信息。
-
-现在你需要创建数据库管理员用户。
-
- CREATE USER observiumadmin@localhost IDENTIFIED BY 'observiumpassword';
-
-接下来,你需要给该管理员用户相应的权限来管理创建的数据库。
-
- GRANT ALL PRIVILEGES ON observium.* TO observiumadmin@localhost;
-
-你需要将权限信息写回到磁盘中来激活新的MySQL用户:
-
- FLUSH PRIVILEGES;
- exit
-
-### 下载并安装 Observium###
-
-现在我们的系统已经准备好了, 可以开始Observium的安装了。
-
-第一步,创建Observium将要使用的文件目录:
- mkdir -p /opt/observium && cd /opt
-
-为了达到本教程的目的,我们将会使用Observium的社区/开源版本。使用下面的命令下载并解压:
-
- wget http://www.observium.org/observium-community-latest.tar.gz
- tar zxvf observium-community-latest.tar.gz
-
-现在进入到Observium目录。
-
- cd observium
-
-将默认的配置文件'**config.php.default**'复制到'**config.php**',并将数据库配置选项填充到配置文件中:
-
- cp config.php.default config.php
- nano config.php
-
-----------
-
- / Database config
- $config['db_host'] = 'localhost';
- $config['db_user'] = 'observiumadmin';
- $config['db_pass'] = 'observiumpassword';
- $config['db_name'] = 'observium';
-
-现在为MySQL数据库设置默认的数据库模式:
- php includes/update/update.php
-
-现在你需要创建一个文件目录来存储rrd文件,并修改其权限以便让apache能将写入到文件中。
-
- mkdir rrd
- chown apache:apache rrd
-
-为了在出现问题时进行问题修理,你需要创建日志文件。
-
- mkdir -p /var/log/observium
- chown apache:apache /var/log/observium
-
-现在你需要为Observium创建虚拟主机配置。
-
-
- DocumentRoot /opt/observium/html/
- ServerName observium.domain.com
- CustomLog /var/log/observium/access_log combined
- ErrorLog /var/log/observium/error_log
-
- AllowOverride All
- Options FollowSymLinks MultiViews
-
-
-
-下一步你需要让你的Apache服务器的rewrite(重写)功能生效。
-
-为了让'mod_rewrite'生效,输入以下命令:
-
- sudo a2enmod rewrite
-
-该模块在下一次Apache服务重启之后就会生效。
-
- sudo service apache2 restart
-
-###配置Observium###
-
-在登入网络接口之前,你需要为Observium创建一个管理员账户(级别10)。
-
- # cd /opt/observium
- # ./adduser.php admin adminpassword 10
- User admin added successfully.
-
-下一步为发现和探寻工作设置一个cron任务,创建一个新的文件‘**/etc/cron.d/observium**’ 并在其中添加以下的内容。
-
- 33 */6 * * * root /opt/observium/discovery.php -h all >> /dev/null 2>&1
- */5 * * * * root /opt/observium/discovery.php -h new >> /dev/null 2>&1
- */5 * * * * root /opt/observium/poller-wrapper.py 1 >> /dev/null 2>&1
-
-重载cron进程来获取系的人物实体。
-
- # /etc/init.d/cron reload
-
-好啦,你已经完成了Observium服务器的安装拉! 使用你的浏览器登录到**http://**,然后上路巴。
-
-
-
-尽情享受吧!
-
---------------------------------------------------------------------------------
-
-via: https://www.unixmen.com/monitoring-network-servers-observium/
-
-作者:[anismaj][a]
-译者:[theo-l](https://github.com/theo-l)
-校对:[校对者ID](https://github.com/校对者ID)
-
-本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
-
-[a]:https://www.unixmen.com/author/anis/
-[1]:http://www.observium.org/
diff --git a/translated/tech/20150310 How To Get Email Alerts for SSH Login on Linux Server.md b/translated/tech/20150310 How To Get Email Alerts for SSH Login on Linux Server.md
deleted file mode 100644
index 7c7e556f31..0000000000
--- a/translated/tech/20150310 How To Get Email Alerts for SSH Login on Linux Server.md
+++ /dev/null
@@ -1,58 +0,0 @@
-在Linux服务器上如何为SSH登陆获取Email警告
-================================================================================
-
-
-让SSH服务器在虚拟私有服务器(VPS)上生效会使得该服务器暴露到互联网中并为黑客活动提供了机会,尤其时当VPS还将root作为主要访问时. VPS应该为每次通过SSH服务器成功登陆尝试配置一个自动的email警告. VPS的服务器所有者应该在任何的SSH服务器访问时得到通知,例如登陆者,登陆时间以及IP地址等信息.这是一个对于服务器拥有者保护服务器避免未知登陆尝试的非常重要的安全关注点.因为如果黑客使用暴力破解方式通过SSH来登陆你的VPS,那么后果很严重.在本文中,我会解释如何在CentOS 6, CentOS 7, RHEL 6 和 RHEL 7上为所有的SSH用户登陆设置一个email警告.
-
-1. 使用root用户登陆到你的服务器:
-
-2. 在全局源定义处配置警告(/etc/bashrc),这样就会对跟用户以及普通用户都生效:
- [root@vps ~]# vi /etc/bashrc
-
-将下面的内容加入到上述文件的尾部。
-
- echo 'ALERT - Root Shell Access (vps.ehowstuff.com) on:' `date` `who` | mail -s "Alert: Root Access from `who | cut -d'(' -f2 | cut -d')' -f1`" recipient@gmail.com
-
-3.你也可以选择性地让警告只对跟用户生效:
-
- [root@vps ~]# vi .bashrc
-
-将下面的内容添加到/root/.bashrc的为尾部:
-
- echo 'ALERT - Root Shell Access (vps.ehowstuff.com) on:' `date` `who` | mail -s "Alert: Root Access from `who | cut -d'(' -f2 | cut -d')' -f1`" recipient@gmail.com
-
-整个配置文件样例:
-
- # .bashrc
-
- # User specific aliases and functions
-
- alias rm='rm -i'
- alias cp='cp -i'
- alias mv='mv -i'
-
- # Source global definitions
- if [ -f /etc/bashrc ]; then
- . /etc/bashrc
- fi
- echo 'ALERT - Root Shell Access (vps.ehowstuff.com) on:' `date` `who` | mail -s "Alert: Root Access from `who | cut -d'(' -f2 | cut -d')' -f1`" recipient@gmail.com
-
-4.你也可以选择性地让警告只对特定的普通用户生效(例如 skytech):
-
- [root@vps ~]# vi /home/skytech/.bashrc
-
-将下面的内容加入到/home/skytech/.bashrc文件尾部:
-
- echo 'ALERT - Root Shell Access (vps.ehowstuff.com) on:' `date` `who` | mail -s "Alert: Root Access from `who | cut -d'(' -f2 | cut -d')' -f1`" recipient@gmail.com
-
---------------------------------------------------------------------------------
-
-via: http://www.ehowstuff.com/how-to-get-email-alerts-for-ssh-login-on-linux-server/
-
-作者:[skytech][a]
-译者:[theo-l](https://github.com/theo-l)
-校对:[校对者ID](https://github.com/校对者ID)
-
-本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
-
-[a]:http://www.ehowstuff.com/author/mhstar/
diff --git a/translated/tech/20150318 Install And Use 'Go For It!' To Do App In Linux.md b/translated/tech/20150318 Install And Use 'Go For It!' To Do App In Linux.md
deleted file mode 100644
index 6fa5899404..0000000000
--- a/translated/tech/20150318 Install And Use 'Go For It!' To Do App In Linux.md
+++ /dev/null
@@ -1,94 +0,0 @@
-在Linux上安装与使用‘Go for it!’备忘软件
-===============================================================================
-
-
-你在Linux桌面是如何管理任务和备忘的?我喜欢[用Ubuntu的粘滞便签][1]很久了。但是我要面对与其他设备同步的麻烦,特别是我的智能手机。这就是我为什么选择使用[Google Keep][2]的原因了。
-
-现在,Google Keep是一款功能丰富的软件,我十分喜爱,而且喜欢到把他叫做[Linux的Evernote][3]地步。但是并不是每个人都喜欢一款功能丰富的备忘录软件。极简主义是目前的主流,很多人喜欢。如果你是极简主义的追求者之一,而且正在寻找一款开源的备忘录软件,那么你应该试一试[Go For It!][4]。
-
-### Go For It!高效的Linux桌面软件 ###
-
-Go For It!是一款简洁的备忘软件,借助定时提醒帮助你专注于工作。所以,你添加一个任务到列表后,可以附上一个定时器。到设定时间后,它就会提醒你去做任务。你可以看看其开发者制作的视频,[Manuel Kehl][5]:
-
-注释:youtube视频,发布的时候可做成一个链接
-
-
-### 安装 Go For It!###
-
-为在Ubuntu 15.04,14.04和其他基于Linux内核的Ubuntu版本,如Linux Mint,初级操作系统Freya等等上面安装 Go For It!请使用这款软件官方的PPA:
-
- sudo add-apt-repository ppa:mank319/go-for-it
- sudo apt-get update
- sudo apt-get install go-for-it
-
-你也可以下载.deb包,Windows安装包和源代码,从下面不同的连接中:
-
-- [Download source code][6]
-- [Download .deb binaries][7]
-- [Download for Windows][8]
-
-### 在Linux桌面使用Go For It!###
-
-Go For It!使用真心方便。你只需添加任务到列表中,任务会自动存入todo.txt文件中。
-
-
-
-默认是为每个任务定时25分钟。
-
-
-
-任务一旦完成,就会被自动存档到done.txt文件中。根据喜好,它会在规定的时间间隔或者任务过期前不久,发送桌面提醒:
-
-
-
-你可以从配置里面修改所有的喜好。
-
-
-
-目前一切都看着挺好。但是在智能手机上使用体验怎样呢?如果你不能使它在不同设备间同步,那这款高效软件就是不完整的。好消息是Go For It!是基于[todo.txt][9]的,这意味着你可以用第三方软件和像Dropbox一样的云服务来使用它。
-
-### 在安卓手机和平板上使用Go For It! ###
-
-在这里你需要做一些工作。首先的首先,在Linux和你的安卓手机上安装Dropbox,如果之前没有安装的话。下一步你要做的就是要配置Go For It!和 **改todo.txt的目录到Dropbox的路径下**。
-
-然后,你得去下载[Simpletask Andriod app][10]。这是免费的应用。安装它。当你第一次运行Simletask的时候,你会被要求关联你的账号到Dropbox:
-
-
-
-一旦你完成了Simpletask与Dropbox的关联,就可以打开应用。如果你已经修改了Go For It的配置,将文件保存到Dropbox上,你就应该可以在Simpletask里看到。而如果你没有看到,点击应用底部的设置,选择Open Todo file的选项:
-
-
-
-现在,你应该可以看到Simpletask同步的任务了。
-
-### 总结 ###
-
-有了Simpletask,你就可以相似地使用它,就像一种[标记语言工具][11]。对于小巧和专注而言,Go For It!是一款不错的备忘软件。一个干净的界面是额外的加分点。拥有它自己的手机应用应该是比较好的,但是我们已经看到了替代的方案。
-
-底层来讲,Go For It!不会运行在后台。这就是说,你不得不让它一直保持运行。它甚至没有一个最小化的按钮,这有一点小小的烦扰。我想要看到的是有一个小的指示程序,运行在后台,并且快速进入主面板,这肯定会提升其可用性。
-
-是该试试Go For It!了,分享一下你们之间的经历。在Linux桌面上,你还使用了哪些其他的备忘软件?比起其他你最喜欢的同类应用,Go For It!怎么样?
-
--------------------------------------------------------------------------------
-
-
-via: http://itsfoss.com/go-for-it-to-do-app-in-linux/
-
-作者:[Abhishek][a]
-译者:[wi-cuckoo](https://github.com/wi-cuckoo)
-校对:[校对者ID](https://github.com/校对者ID)
-
-本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
-
-[a]:http://itsfoss.com/author/abhishek/
-[1]:http://itsfoss.com/indicator-stickynotes-windows-like-sticky-note-app-for-ubuntu/
-[2]:http://itsfoss.com/install-google-keep-ubuntu-1310/
-[3]:http://itsfoss.com/5-evernote-alternatives-linux/
-[4]:http://manuel-kehl.de/projects/go-for-it/
-[5]:http://manuel-kehl.de/about-me/
-[6]:https://github.com/mank319/Go-For-It
-[7]:https://launchpad.net/~mank319/+archive/ubuntu/go-for-it
-[8]:http://manuel-kehl.de/projects/go-for-it/download-windows-version/
-[9]:http://todotxt.com/
-[10]:https://play.google.com/store/apps/details?id=nl.mpcjanssen.todotxtholo&hl=en
-[11]:http://itsfoss.com/install-latex-ubuntu-1404/
diff --git a/translated/tech/20150323 How to set up networking between Docker containers.md b/translated/tech/20150323 How to set up networking between Docker containers.md
new file mode 100644
index 0000000000..3481dd8faa
--- /dev/null
+++ b/translated/tech/20150323 How to set up networking between Docker containers.md
@@ -0,0 +1,160 @@
+如何在 Docker 容器之间设置网络
+================================================================================
+你也许已经知道了,Docker 容器技术是现有的成熟虚拟化技术的一个替代方案。它被企业应用在越来越多的领域中,比如快速部署环境、简化基础设施的配置流程、多客户环境间的互相隔离等等。当你开始在真实的生产环境使用 Docker 容器去部署应用沙箱时,你可能需要用到多个容器部署一套复杂的多层应用系统,其中每个容器负责一个特定的功能(例如负载均衡、LAMP 栈、数据库、UI 等)。
+
+那么问题来了:有多台宿主机,我们事先不知道会在哪台宿主机上创建容器,如果保证在这些宿主机上创建的容器们可以互相联网?
+
+联网技术哪家强?开源方案找 [weave][1]。这个工具可以为你省下不少烦恼。听我的准没错,谁用谁知道。
+
+于是本教程的主题就变成了“**如何使用 weave 在不同主机上的 Docker 容器之间设置网络**”。
+
+### Weave 是如何工作的 ###
+
+
+
+让我们先来看看 weave 怎么工作:先创建一个由多个 peer 组成的对等网络,每个 peer 是一个虚拟路由器容器,叫做“weave 路由器”,它们分布在不同的宿主机上。这个对等网络的每个 peer 之间会维持一个 TCP 链接,用于互相交换拓扑信息,它们也会建立 UDP 链接用于容器间通信。一个 weave 路由器通过桥接技术连接到其他本宿主机上的其他容器。当处于不同宿主机上的两个容器想要通信,一台宿主机上的 weave 路由器通过网桥截获数据包,使用 UDP 协议封装后发给另一台宿主机上的 weave 路由器。
+
+每个 weave 路由器会刷新整个对等网络的拓扑信息,像容器的 MAC 地址(就像交换机的 MAC 地址学习一样获取其他容器的 MAC 地址),因此它可以决定数据包的下一跳是往哪个容器的。weave 能让两个处于不同宿主机的容器进行通信,只要这两台宿主机在 weave 拓扑结构内连到同一个 weave 路由器。另外,weave 路由器还能使用公钥加密技术将 TCP 和 UDP 数据包进行加密。
+
+### 准备工作 ###
+
+在使用 weave 之前,你需要在所有宿主机上安装 Docker[2] 环境,参考[这些][3][教程][4],在 Ubuntu 或 CentOS/Fedora 发行版中安装 Docker。
+
+Docker 环境部署完成后,使用下面的命令安装 weave:
+
+ $ wget https://github.com/zettio/weave/releases/download/latest_release/weave
+ $ chmod a+x weave
+ $ sudo cp weave /usr/local/bin
+
+注意你的 PATH 环境变量要包含 /usr/local/bin 这个路径,请在 /etc/profile 文件中加入一行(LCTT 注:要使环境变量生效,你需要执行这个命令: src /etc/profile):
+
+ export PATH="$PATH:/usr/local/bin"
+
+在每台宿主机上重复上面的操作。
+
+Weave 在 TCP 和 UDP 上都使用 6783 端口,如果你的系统开启了防火墙,请确保这两个端口不会被防火墙挡住。
+
+### 在每台宿主机上开启 Weave 路由器 ###
+
+当你想要让处于在不同宿主机上的容器能够互相通信,第一步要做的就是在每台宿主机上开启 weave 路由器。
+
+第一台宿主机,运行下面的命令,就会创建并开启一个 weave 路由器容器(LCTT 注:前面说过了,weave 路由器也是一个容器):
+
+ $ sudo weave launch
+
+第一次运行这个命令的时候,它会下载一个 weave 镜像,这会花一些时间。下载完成后就会自动运行这个镜像。成功启动后,终端会打印这个 weave 路由器的 ID 号。
+
+下面的命令用于查看路由器状态:
+
+ $ sudo weave status
+
+
+
+第一个 weave 路由器就绪了,目前为止整个 peer 对等网络中只有一个 peer 成员。
+
+你也可以使用 doceker 的命令来查看 weave 路由器的状态:
+
+ $ docker ps
+
+
+
+第二台宿主机部署步骤稍微有点不同,我们需要为这台宿主机的 weave 路由器指定第一台宿主机的 IP 地址,命令如下:
+
+ $ sudo weave launch
+
+当你查看路由器状态,你会看到两个 peer 成员:当前宿主机和第一个宿主机。
+
+
+
+当你开启更多路由器,这个 peer 成员列表会更长。当你新开一个路由器时,要指定前一个宿主机的 IP 地址,请注意不是第一个宿主机的 IP 地址。
+
+现在你已经有了一个 weave 网络了,它由位于不同宿主机的 weave 路由器组成。
+
+### 把不同宿主机上的容器互联起来 ###
+
+接下来要做的就是在不同宿主机上开启 Docker 容器,并使用虚拟网络将它们互联起来。
+
+假设我们创建一个私有网络 10.0.0.0/24 来互联 Docker 容器,并为这些容器随机分配 IP 地址。
+
+如果你想新建一个能加入 weave 网络的容器,你就需要使用 weave 命令来创建,而不是 docker 命令。原因是 weave 命令内部会调用 docker 命令来新建容器然后为它设置网络。
+
+下面的命令是在宿主机 hostA 上建立一个 Ubuntu 容器,然后将它放到 10.0.0.0/24 网络中,分配的 IP 地址为 10.0.0.1:
+
+ hostA:~$ sudo weave run 10.0.0.1/24 -t -i ubuntu
+
+成功运行后,终端会打印出容器的 ID 号。你可以使用这个 ID 来访问这个容器:
+
+ hostA:~$ docker attach
+
+在宿主机 hostB 上,也创建一个 Ubuntu 容器,IP 地址为 10.0.0.2:
+
+ hostB:~$ sudo weave run 10.0.0.2/24 -t -i ubuntu
+
+访问下这个容器的控制台:
+
+ hostB:~$ docker attach
+
+这两个容器能够互相 ping 通,你可以通过容器的控制台检查一下。
+
+
+
+如果你检查一下每个容器的网络配置,你会发现有一块名为“ethwe”的网卡,你分配给容器的 IP 地址出现在它们那里(比如这里分别是 10.0.0.1 和 10.0.0.2)。
+
+
+
+### Weave 的其他高级用法 ###
+
+weave 提供了一些非常巧妙的特性,我在这里作下简单的介绍。
+
+#### 应用分离 ####
+
+使用 weave,你可以创建多个虚拟网络,并为每个网络设置不同的应用。比如你可以为一群容器创建 10.0.0.0/24 网络,为另一群容器创建 10.10.0.0/24 网络,weave 会自动帮你维护这些网络,并将这两个网络互相隔离。另外,你可以灵活地将一个容器从一个网络移到另一个网络而不需要重启容器。举个例子:
+
+首先开启一个容器,运行在 10.0.0.0/24 网络上:
+
+ $ sudo weave run 10.0.0.2/24 -t -i ubuntu
+
+然后让它脱离这个网络:
+
+ $ sudo weave detach 10.0.0.2/24
+
+最后将它加入到 10.10.0.0/24 网络中:
+
+ $ sudo weave attach 10.10.0.2/24
+
+
+
+现在这个容器可以与 10.10.0.0/24 网络上的其它容器进行通信了。当你要把容器加入一个网络,而这个网络暂时不可用时,上面的步骤就很有帮助了。
+
+#### 将 weave 网络与宿主机网络整合起来 ####
+
+有时候你想让虚拟网络中的容器能访问物理主机的网络。或者相反,宿主机需要访问容器。为满足这个功能,weave 允许虚拟网络与宿主机网络整合。
+
+举个例子,在宿主机 hostA 上一个容器运行在 10.0.0.0/24 中,运行使用下面的命令:
+
+ hostA:~$ sudo weave expose 10.0.0.100/24
+
+这个命令把 IP 地址 10.0.0.100 分配给宿主机 hostA,这样一来 hostA 也连到了 10.0.0.0/24 网络上了。很明显,你在为宿主机选择 IP 地址的时候,需要选一个没有被其他容器使用的地址。
+
+现在 hostA 就可以访问 10.0.0.0/24 上的所有容器了,不管这些容器是否位于 hostA 上。好巧妙的设定啊,32 个赞!
+
+### 总结 ###
+
+如你所见,weave 是一个很有用的 docker 网络配置工具。这个教程只是[它强悍功能][5]的冰山一角。如果你想进一步玩玩,你可以试试它的以下功能:多跳路由功能,这个在 multi-cloud 环境(LCTT 注:多云,企业使用多个不同的云服务提供商的产品,比如 IaaS 和 SaaS,来承载不同的业务)下还是很有用的;动态重路由功能是一个很巧妙的容错技术;或者它的分布式 DNS 服务,它允许你为你的容器命名。如果你决定使用这个好东西,欢迎分享你的使用心得。
+
+--------------------------------------------------------------------------------
+
+via: http://xmodulo.com/networking-between-docker-containers.html
+
+作者:[Dan Nanni][a]
+译者:[bazz2](https://github.com/bazz2)
+校对:[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[a]:http://xmodulo.com/author/nanni
+[1]:https://github.com/zettio/weave
+[2]:http://xmodulo.com/recommend/dockerbook
+[3]:http://xmodulo.com/manage-linux-containers-docker-ubuntu.html
+[4]:http://xmodulo.com/docker-containers-centos-fedora.html
+[5]:http://zettio.github.io/weave/features.html
diff --git a/translated/tech/20150330 2 Ways to Create Your Own Docker Base Image.md b/translated/tech/20150330 2 Ways to Create Your Own Docker Base Image.md
deleted file mode 100644
index 63188ebc5b..0000000000
--- a/translated/tech/20150330 2 Ways to Create Your Own Docker Base Image.md
+++ /dev/null
@@ -1,57 +0,0 @@
-创建你自己的Docker基本映像的2中方式
-================================================================================
-欢迎大家,今天我们学习一下docker基本映像以及如何构建我们自己的docker基本映像。[Docker][1]是一个开源项目,为打包,装载和运行任何应用提供开发平台的轻量级容器。它没有语言支持,框架和打包系统的限制,从小型的家用电脑到高端的服务器,在何时何地都可以运行。这使它们成为不依赖于特定栈和供应商,很好的部署和扩展网络应用,数据库和后端服务的构建块。
-
-Docker映像是不可更改的只读层。Docker使用**Union File System**在只读文件系统上增加读写文件系统。但所有更改都发生在最顶层的可写层,最底部,在只读映像上的原始文件仍然不会改变。由于映像不会改变,也就没有状态。基本映像是没有父类的那些映像。Docker基本映像主要的好处是它允许我们有一个独立允许的Linux操作系统。
-
-下面是我们如何可以创建自定义基本映像的方式。
-
-### 1. 使用Tar创建Docker基本映像 ###
-
-我们可以使用tar构建我们自己的基本映像,我们从将要打包为基本映像的运行中的Linux发行版开始构建。这过程可以会有些不同,它取决于我们打算构建的发行版。在Linux的发行版Debian中,已经预装了debootstrap。在开始下面的步骤之前,我们需要安装debootstrap。debootstrap用来获取构建基本系统需要的包。这里,我们构建基于Ubuntu 14.04 "Trusty" 的映像。做这些,我们需要在终端或者shell中运行以下命令。
-
- $ sudo debootstrap trusty trusty > /dev/null
- $ sudo tar -C trusty -c . | sudo docker import - trusty
-
-
-
-上面的命令为当前文件夹创建了一个tar文件并输出到STDOUT中,"docker import - trusty"从STDIN中获取这个tar文件并根据它创建一个名为trusty的基本映像。然后,如下所示,我们将运行映像内部的一条测试命令。
-
- $ docker run trusty cat /etc/lsb-release
-
-[Docker GitHub Repo][2] 中有一些允许我们快速构建基本映像的事例脚本.
-
-### 2. 使用Scratch构建基本映像 ###
-
-在Docker的注册表中,有一个被称为Scratch的使用空tar文件构建的特殊库:
-
- $ tar cv --files-from /dev/null | docker import - scratch
-
-
-
-
-我们可以使用这个映像构建新的小容器:
-
-FROM scratch
-ADD script.sh /usr/local/bin/run.sh
-CMD ["/usr/local/bin/run.sh"]
-
-上面的Docker文件来自一个很小的映像。这里,它首先从一个完全空的文件系统开始,然后它复制新建的/usr/local/bin/run.sh为script.sh,然后运行脚本/usr/local/bin/run.sh。
-
-### 结尾 ###
-
-这这个教程中,我们学习了如果构建一个自定义的Docker基本映像。构建一个docker基本映像是一个很简单的任务,因为这里有很多已经可用的包和脚本。如果我们想要在里面安装想要的东西,构建docker基本映像非常有用。如果有任何疑问,建议或者反馈,请在下面的评论框中写下来。非常感谢!享受吧 :-)
-
---------------------------------------------------------------------------------
-
-via: http://linoxide.com/linux-how-to/2-ways-create-docker-base-image/
-
-作者:[Arun Pyasi][a]
-译者:[ictlyh](https://github.com/ictlyh)
-校对:[校对者ID](https://github.com/校对者ID)
-
-本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
-
-[a]:http://linoxide.com/author/arunp/
-[1]:https://www.docker.com/
-[2]:https://github.com/docker/docker/blob/master/contrib/mkimage-busybox.sh
\ No newline at end of file
diff --git a/translated/tech/20150330 How to secure SSH login with one-time passwords on Linux.md b/translated/tech/20150330 How to secure SSH login with one-time passwords on Linux.md
new file mode 100644
index 0000000000..f3668f14f0
--- /dev/null
+++ b/translated/tech/20150330 How to secure SSH login with one-time passwords on Linux.md
@@ -0,0 +1,178 @@
+使用 SSH 和一次性密码安全登录 Linux
+================================================================================
+有人说,安全不是一个产品,而是一个过程(LCTT 注:安全公司 McAfee 认为,安全风险管理是一个方法论,而不是安全产品的堆叠)。虽然 SSH 协议被设计成使用加密技术来确保安全,但如果使用不当,别人还是能够破坏你的系统:比如弱密码、密钥泄露、使用的 SSH 客户端过时等,都能引发安全问题。
+
+在考虑 SSH 认证方案时,大家普遍认为[公钥认证][1]比密码认证更安全。然而,公钥认证技术并不是为公共环境设置的,如果你在一台公用电脑上使用公钥认证登录 SSH 服务器,你的服务器已经毫无安全可言了,公用的电脑可能会记录你的公钥,或从你的内存中读取公钥。如果你不信任本地电脑,那你最好还是使用其他方式登录服务器。现在就是“一次性密码”派上用场的时候了,就像名字所示,一次性密码只能被使用一次。这种一次性密码非常合适在不安全的环境下发挥作用,就算它被窃取,也无法再次使用。
+
+有个一次性密码方案叫[谷歌认证][2],但在本文中,我要介绍的是另一种 SSH 登录方案:[OTPW][3],它是个一次性密码登录的软件包。不像谷歌认证,OTPW 不需要依赖任何第三方库。
+
+### OTPW 是什么 ###
+
+OTPW 由一次性密码生成器和 PAM 认证规则组成。在 OTPW 中一次性密码由生成器事先生成,然后由用户以某种安全的方式获得(比如打印到纸上)。另一方面,这些密码会通过 Hash 加密保存在 SSH 服务器端。当用户使用一次性密码登录系统时,OTPW 的 PAM 模块认证这些密码,并且保证它们不能再次使用。
+
+### 步骤1:OTPW 的安装和配置 ###
+
+#### 在 Debian, Ubuntu 或 Linux Mint 发行版上 ####
+
+使用 apt-get 安装:
+
+ $ sudo apt-get install libpam-otpw otpw-bin
+
+打开针对 SSH 服务的 PAM 配置文件(/etc/pam.d/sshd),注释掉下面这行(目的是禁用 PAM 的密码认证功能):
+
+ #@include common-auth
+
+添加下面两行(用于打开一次性密码认证功能):
+
+ auth required pam_otpw.so
+ session optional pam_otpw.so
+
+
+
+#### 在 Fedora 或 CentOS/RHEL 发行版上 ####
+
+在基于 RedHat 的发行版中没有编译好的 OTPW,所以我们需要使用源代码来安装它。
+
+首先,安装编译环境:
+
+ $ sudo yum git gcc pam-devel
+ $ git clone https://www.cl.cam.ac.uk/~mgk25/git/otpw
+ $ cd otpw
+
+打开 Makefile 文件,编辑以“PAMLIB=”开头的那行配置:
+
+64 位系统:
+
+ PAMLIB=/usr/lib64/security
+
+32 位系统:
+
+ PAMLIB=/usr/lib/security
+
+编译安装。需要注意的是安装过程会把 SSH 服务重启一下,所以如果你是使用 SSH 连接到服务器,做好被断开连接的准备吧。
+
+ $ make
+ $ sudo make install
+
+现在你需要更新 SELinux 策略,因为 /usr/sbin/sshd 会往你的 home 目录写数据,而 SELinux 默认是不允许这么做的。如果你使用了 SELinux 服务(LCTT 注:使用 getenforce 命令查看结果,如果是 enforcing,就是打开了 SELinux 服务),如果没有使用 SELinux 服务,请跳过这一步。
+
+ $ sudo grep sshd /var/log/audit/audit.log | audit2allow -M mypol
+ $ sudo semodule -i mypol.pp
+
+接下来打开 PAM 配置文件(/etc/pam.d/sshd),注释下面这行(为了禁用密码认证):
+
+ #auth substack password-auth
+
+添加下面两行(用于打开一次性密码认证功能):
+
+ auth required pam_otpw.so
+ session optional pam_otpw.so
+
+#### 步骤2:配置 SSH 服务器,使用一次性密码 ####
+
+打开 /etc/ssh/sshd_config 文件,设置下面三个参数。你要确保下面的参数不会重复存在,否则 SSH 服务器可能会出现异常。
+
+ UsePrivilegeSeparation yes
+ ChallengeResponseAuthentication yes
+ UsePAM yes
+
+你还需要禁用默认的密码认证功能。另外可以选择开启公钥认证功能,那样的话你就可以在没有一次性密码的时候使用公钥进行认证。
+
+ PubkeyAuthentication yes
+ PasswordAuthentication no
+
+重启 SSH 服务器。
+
+Debian, Ubuntu 或 Linux Mint 发行版:
+
+ $ sudo service ssh restart
+
+Fedora 或 CentOS/RHEL 7 发行版:
+
+ $ sudo systemctl restart sshd
+
+#### 步骤3:使用 OTPW 产生一次性密码 ####
+
+之前提到过,你需要事先创建一次性密码,并保存起来。使用 otpw-gen 命令创建密码:
+
+ $ cd ~
+ $ otpw-gen > temporary_password.txt
+
+
+
+这个命令会让你输入密码前缀,当你以后登录的时候,你需要同时输入这个前缀以及一次性密码。密码前缀是另外一层保护,就算你的一次性密码表被泄漏,别人也无法通过暴力破解你的 SSH 密码。
+
+设置好密码前缀后,这个命令会产生 280 个一次性密码,并将它们保存在一个文本文件中(如 temporary_password.txt)。每个密码(默认是 8 个字符)由一个 3 位十进制数索引。你需要将这个密码表打印出来,并随身携带。
+
+
+
+查看 ./.otpw 文件,它存放了一次性密码的 HASH 值。头 3 位十进制数与你随身携带的密码表的索引一一对应,在你登录 SSH 服务器的时候会被用到。
+
+ $ more ~/.otpw
+
+----------
+
+ OTPW1
+ 280 3 12 8
+ 191ai+:ENwmMqwn
+ 218tYRZc%PIY27a
+ 241ve8ns%NsHFmf
+ 055W4/YCauQJkr:
+ 102ZnJ4VWLFrk5N
+ 2273Xww55hteJ8Y
+ 1509d4b5=A64jBT
+ 168FWBXY%ztm9j%
+ 000rWUSdBYr%8UE
+ 037NvyryzcI+YRX
+ 122rEwA3GXvOk=z
+
+### 测试一次性密码登录 SSH 服务器 ###
+
+使用普通的方式登录 SSH 服务器:
+
+ $ ssh user@remote_host
+
+如果 OTPW 成功运行,你会看到一点与平时登录不同的地方:
+
+ Password 191:
+
+现在打开你的密码表,找到索引号为 191 的密码。
+
+ 023 kBvp tq/G 079 jKEw /HRM 135 oW/c /UeB 191 fOO+ PeiD 247 vAnZ EgUt
+
+从上表可知,191 号密码是“fOO+PeiD”。你需要加上密码前缀,比如你设置的前缀是“000”,则你实际需要输入的密码是“000fOO+PeiD”。
+
+成功登录后,你这次输入的密码自动失效。查看 ~/.otpw 文件,你会发现第一行变成“---------------”,这表示 191 号密码失效了。
+
+ OTPW1
+ 280 3 12 8
+ ---------------
+ 218tYRZc%PIY27a
+ 241ve8ns%NsHFmf
+ 055W4/YCauQJkr:
+ 102ZnJ4VWLFrk5N
+ 2273Xww55hteJ8Y
+ 1509d4b5=A64jBT
+ 168FWBXY%ztm9j%
+ 000rWUSdBYr%8UE
+ 037NvyryzcI+YRX
+ 122rEwA3GXvOk=z
+
+### 总结 ###
+
+在这个教程中,我介绍了如何使用 OTPW 工具来设置一次性登录密码。你也许意识到了在这种两个因子的认证方式中,打印一张密码表让人感觉好 low,但是这种方式是最简单的,并且不用依赖任何第三方软件。无论你用哪种方式创建一次性密码,在你需要在一个不被信任的环境登录 SSH 服务器的时候,它们都很有用。你可以就这个主题来分享你的经验和观点。
+
+--------------------------------------------------------------------------------
+
+via: http://xmodulo.com/secure-ssh-login-one-time-passwords-linux.html
+
+作者:[Dan Nanni][a]
+译者:[bazz2](https://github.com/bazz2)
+校对:[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[a]:http://xmodulo.com/author/nanni
+[1]:http://xmodulo.com/how-to-force-ssh-login-via-public-key-authentication.html
+[2]:http://xmodulo.com/two-factor-authentication-ssh-login-linux.html
+[3]:http://www.cl.cam.ac.uk/~mgk25/otpw.html
diff --git a/sources/tech/20150331 How to Install WordPress with Nginx in a Docker Container.md b/translated/tech/20150331 How to Install WordPress with Nginx in a Docker Container.md
similarity index 57%
rename from sources/tech/20150331 How to Install WordPress with Nginx in a Docker Container.md
rename to translated/tech/20150331 How to Install WordPress with Nginx in a Docker Container.md
index 9f74c672f4..849dd4a853 100644
--- a/sources/tech/20150331 How to Install WordPress with Nginx in a Docker Container.md
+++ b/translated/tech/20150331 How to Install WordPress with Nginx in a Docker Container.md
@@ -1,26 +1,26 @@
-How to Install WordPress with Nginx in a Docker Container
+如何在 Docker 容器里的 Nginx 中安装 WordPress
================================================================================
-Hi all, today we'll learn how to install WordPress running Nginx Web Server in a Docker Container. WordPress is an awesome free and open source Content Management System running thousands of websites throughout the globe. [Docker][1] is an Open Source project that provides an open platform to pack, ship and run any application as a lightweight container. It has no boundaries of Language support, Frameworks or packaging system and can be run anywhere, anytime from a small home computers to high-end servers. It makes them great building blocks for deploying and scaling web apps, databases, and back-end services without depending on a particular stack or provider.
+大家好,今天我们来学习一下如何在 Docker 容器上运行的 Nginx Web 服务器中安装 WordPress。WordPress 是一个很好的免费开源的内容管理系统,全球成千上万的网站都在使用它。[Docker][1] 是一个提供开放平台来打包,分发和运行任何应用的开源轻量级容器项目。它没有语言支持,框架或打包系统的限制,可以在从小的家用电脑到高端服务器的任何地方任何时间运行。这让它们成为可以用于部署和扩展网络应用,数据库和后端服务而不必依赖于特定的栈或者提供商的很好的构建块。
-Today, we'll deploy a docker container with the latest WordPress package with necessary prerequisites ie Nginx Web Server, PHP5, MariaDB Server, etc. Here are some short and sweet steps to successfully install a WordPress running Nginx in a Docker Container.
+今天,我们会在 docker 容器上部署最新的 WordPress 软件包,包括需要的前提条件,例如 Nginx Web 服务器、PHP5、MariaDB 服务器等。下面是在运行在 Docker 容器上成功安装 WordPress 的简单步骤。
-### 1. Installing Docker ###
+### 1. 安装 Docker ###
-Before we really start, we'll need to make sure that we have Docker installed in our Linux machine. Here, we are running CentOS 7 as host so, we'll be running yum manager to install docker using the below command.
+在我们真正开始之前,我们需要确保在我们的 Linux 机器上已经安装了 Docker。我们使用的主机是 CentOS 7,因此我们用下面的命令使用 yum 管理器安装 docker。
# yum install docker
-
+
# systemctl restart docker.service
-### 2. Creating WordPress Dockerfile ###
+### 2. 创建 WordPress Docker 文件 ###
-We'll need to create a Dockerfile which will automate the installation of the wordpress and its necessary pre-requisites. This Dockerfile will be used to build the image of WordPress installation we created. This WordPress Dockerfile fetches a CentOS 7 image from the Docker Registry Hub and updates the system with the latest available packages. It then installs the necessary softwares like Nginx Web Server, PHP, MariaDB, Open SSH Server and more which are essential for the Docker Container to work. It then executes a script which will initialize the installation of WordPress out of the box.
+我们需要创建用于自动安装 wordpress 以及前提条件的 docker 文件。这个 docker 文件将用于构建 WordPress 的安装镜像。这个 WordPress docker 文件会从 Docker 库中心获取 CentOS 7 镜像并用最新的可用更新升级系统。然后它会安装必要的软件,例如 Nginx Web 服务器、PHP、MariaDB、Open SSH 服务器以及其它保证 Docker 容器正常运行不可缺少的组件。最后它会执行一个初始化 WordPress 安装的脚本。
# nano Dockerfile
-Then, we'll need to add the following lines of configuration inside that Dockerfile.
+然后,我们需要将下面的配置行添加到 Docker 文件中。
FROM centos:centos7
MAINTAINER The CentOS Project
@@ -48,15 +48,15 @@ Then, we'll need to add the following lines of configuration inside that Dockerf
CMD ["/bin/bash", "/start.sh"]
-
+
-### 3. Creating Start script ###
+### 3. 创建启动 script ###
-After we create our Dockerfile, we'll need to create a script named start.sh which will run and configure our WordPress installation. It will create and configure database, passwords for wordpress. To create it, we'll need to open start.sh with our favorite text editor.
+我们创建了 docker 文件之后,我们需要创建用于运行和配置 WordPress 安装的脚本,名称为 start.sh。它会为 WordPress 创建并配置数据库和密码。用我们喜欢的文本编辑器打开 start.sh。
# nano start.sh
-After opening start.sh, we'll need to add the following lines of configuration into it.
+打开 start.sh 之后,我们要添加下面的配置行到文件中。
#!/bin/bash
@@ -67,7 +67,7 @@ After opening start.sh, we'll need to add the following lines of configuration i
}
__create_user() {
- # Create a user to SSH into as.
+ # 创建用于 SSH 登录的用户
SSH_USERPASS=`pwgen -c -n -1 8`
useradd -G wheel user
echo user:$SSH_USERPASS | chpasswd
@@ -75,7 +75,7 @@ After opening start.sh, we'll need to add the following lines of configuration i
}
__mysql_config() {
- # Hack to get MySQL up and running... I need to look into it more.
+ # 启用并运行 MySQL
yum -y erase mariadb mariadb-server
rm -rf /var/lib/mysql/ /etc/my.cnf
yum -y install mariadb mariadb-server
@@ -86,18 +86,18 @@ After opening start.sh, we'll need to add the following lines of configuration i
}
__handle_passwords() {
- # Here we generate random passwords (thank you pwgen!). The first two are for mysql users, the last batch for random keys in wp-config.php
+ # 在这里我们生成随机密码(感谢 pwgen)。前面两个用于 mysql 用户,最后一个用于 wp-config.php 的随机密钥。
WORDPRESS_DB="wordpress"
MYSQL_PASSWORD=`pwgen -c -n -1 12`
WORDPRESS_PASSWORD=`pwgen -c -n -1 12`
- # This is so the passwords show up in logs.
+ # 这是在日志中显示的密码。
echo mysql root password: $MYSQL_PASSWORD
echo wordpress password: $WORDPRESS_PASSWORD
echo $MYSQL_PASSWORD > /mysql-root-pw.txt
echo $WORDPRESS_PASSWORD > /wordpress-db-pw.txt
- # There used to be a huge ugly line of sed and cat and pipe and stuff below,
- # but thanks to @djfiander's thing at https://gist.github.com/djfiander/6141138
- # there isn't now.
+ # 这里原来是一个包括 sed、cat、pipe 和 stuff 的很长的行,但多亏了
+ # @djfiander 的 https://gist.github.com/djfiander/6141138
+ # 现在没有了
sed -e "s/database_name_here/$WORDPRESS_DB/
s/username_here/$WORDPRESS_DB/
s/password_here/$WORDPRESS_PASSWORD/
@@ -116,7 +116,7 @@ After opening start.sh, we'll need to add the following lines of configuration i
}
__start_mysql() {
- # systemctl start mysqld.service
+ # systemctl 启动 mysqld 服务
mysqladmin -u root password $MYSQL_PASSWORD
mysql -uroot -p$MYSQL_PASSWORD -e "CREATE DATABASE wordpress; GRANT ALL PRIVILEGES ON wordpress.* TO 'wordpress'@'localhost' IDENTIFIED BY '$WORDPRESS_PASSWORD'; FLUSH PRIVILEGES;"
killall mysqld
@@ -127,7 +127,7 @@ After opening start.sh, we'll need to add the following lines of configuration i
supervisord -n
}
- # Call all functions
+ # 调用所有函数
__check
__create_user
__mysql_config
@@ -136,17 +136,17 @@ After opening start.sh, we'll need to add the following lines of configuration i
__start_mysql
__run_supervisor
-
+
-After adding the above configuration, we'll need to save it and then exit.
+增加完上面的配置之后,保存并关闭文件。
-### 4. Creating Configuration files ###
+### 4. 创建配置文件 ###
-Now, we'll need to create configuration file for Nginx Web Server named nginx-site.conf .
+现在,我们需要创建 Nginx Web 服务器的配置文件,命名为 nginx-site.conf。
# nano nginx-site.conf
-Then, we'll add the following configuration to the config file.
+然后,增加下面的配置信息到配置文件。
user nginx;
worker_processes 1;
@@ -230,13 +230,13 @@ Then, we'll add the following configuration to the config file.
}
}
-
+
-Now, we'll create supervisord.conf file and add the following lines as shown below.
+现在,创建 supervisor.conf 文件并添加下面的行。
# nano supervisord.conf
-Then, add the following lines.
+然后,添加以下行。
[unix_http_server]
file=/tmp/supervisor.sock ; (the path to the socket file)
@@ -286,60 +286,60 @@ Then, add the following lines.
events = PROCESS_LOG
result_handler = supervisor_stdout:event_handler
-
+
-After adding, we'll save and exit the file.
+添加完后,保存并关闭文件。
-### 5. Building WordPress Container ###
+### 5. 构建 WordPress 容器 ###
-Now, after done with creating configurations and scripts, we'll now finally use the Dockerfile to build our desired container with the latest WordPress CMS installed and configured according to the configuration. To do so, we'll run the following command in that directory.
+现在,完成了创建配置文件和脚本之后,我们终于要使用 docker 文件来创建安装最新的 WordPress CMS(译者注:Content Management System,内容管理系统)所需要的容器,并根据配置文件进行配置。做到这点,我们需要在对应的目录中运行以下命令。
# docker build --rm -t wordpress:centos7 .
-
+
-### 6. Running WordPress Container ###
+### 6. 运行 WordPress 容器 ###
-Now, to run our newly built container and open port 80 and 22 for Nginx Web Server and SSH access respectively, we'll run the following command.
+现在,执行以下命令运行新构建的容器,并为 Nginx Web 服务器和 SSH 访问打开88 和 22号相应端口 。
# CID=$(docker run -d -p 80:80 wordpress:centos7)
-
+
-To check the process and commands executed inside the container, we'll run the following command.
+运行以下命令检查进程以及容器内部执行的命令。
# echo "$(docker logs $CID )"
-TO check if the port mapping is correct or not, run the following command.
+运行以下命令检查端口映射是否正确。
# docker ps
-
+
-### 7. Web Interface ###
+### 7. Web 界面 ###
-Finally if everything went accordingly, we'll be welcomed with WordPress when pointing the browser to http://ip-address/ or http://mywebsite.com/ .
+最后如果一切正常的话,当我们用浏览器打开 http://ip-address/ 或者 http://mywebsite.com/ 的时候会看到 WordPress 的欢迎界面。
-
+
-Now, we'll go step wise through the web interface and setup wordpress configuration, username and password for the WordPress Panel.
+现在,我们将通过 Web 界面为 WordPress 面板设置 WordPress 的配置、用户名和密码。
-
+
-Then, use the username and password entered above into the WordPress Login page.
+然后,用上面用户名和密码输入到 WordPress 登录界面。
-
+
-### Conclusion ###
+### 总结 ###
-We successfully built and run WordPress CMS under LEMP Stack running in CentOS 7 Operating System as the docker OS. Running WordPress inside a container makes a lot safe and secure to the host system from the security perspective. This article enables one to completely configure WordPress to run under Docker Container with Nginx Web Server. If you have any questions, suggestions, feedback please write them in the comment box below so that we can improve or update our contents. Thank you ! Enjoy :-)
+我们已经成功地在以 CentOS 7 作为 docker OS 的 LEMP 栈上构建并运行了 WordPress CMS。从安全层面来说,在容器中运行 WordPress 对于宿主系统更加安全可靠。这篇文章介绍了在 Docker 容器中运行的 Nginx Web 服务器上使用 WordPress 的完整配置。如果你有任何问题、建议、反馈,请在下面的评论框中写下来,让我们可以改进和更新我们的内容。非常感谢!Enjoy :-)
--------------------------------------------------------------------------------
via: http://linoxide.com/linux-how-to/install-wordpress-nginx-docker-container/
作者:[Arun Pyasi][a]
-译者:[译者ID](https://github.com/译者ID)
+译者:[ictlyh](https://github.com/ictlyh)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
diff --git a/translated/tech/20150409 Install Inkscape - Open Source Vector Graphic Editor.md b/translated/tech/20150409 Install Inkscape - Open Source Vector Graphic Editor.md
new file mode 100644
index 0000000000..f18b10315e
--- /dev/null
+++ b/translated/tech/20150409 Install Inkscape - Open Source Vector Graphic Editor.md
@@ -0,0 +1,95 @@
+安装Inkscape - 开源适量图形编辑器
+================================================================================
+Inkscape是一款开源矢量图形编辑工具,它使用可缩放矢量图形(SVG)图形格式并不同于它的竞争对手如Xara X、Corel Draw和Adobe Illustrator等等。SVG是一个广泛部署、免版税使用的图形格式,由W3C SVG工作组开发和维护。这是一个跨平台工具,完美运行于Linux、Windows和Mac OS上。
+
+Inkscape始于2003年,起初它的bug跟踪系统托管于Sourceforge上但是 后来迁移到了Launchpad上。当前它最新的一个稳定版本是0.91,它不断地在发展和修改中。我们将在本文里了解一下它的突出特点和安装过程。
+
+### 显著特性 ###
+
+让我们直接来了解这款应用程序的显著特性。
+
+#### 创建对象 ####
+
+- 用铅笔工具来画出不同颜色、大小和形状的手绘线,用贝塞尔曲线(笔式)工具来画出直线和曲线,通过书法工具来应用到手写的书法笔画上等等
+- 用文本工具来创建、选择、编辑和格式化文本。在纯文本框、在路径上或在形状里操作文本
+- 有效绘制各种形状,像矩形、椭圆形、圆形、弧线、多边形、星形和螺旋形等等并调整其大小、旋转并修改(圆角化)它们
+- 用简单地命令创建并嵌入位图
+
+#### 对象处理 ####
+
+- 通过交互式操作和调整数值来扭曲、移动、测量、旋转目标
+- 执行力提升并减少了Z-order操作。
+- 对象群组化或取消群组化可以去创建一个虚拟层阶用来编辑或处理
+- 图层采用层次结构树的结构并且能锁定或以各式各样的处理方式来重新布置
+- 分布与对齐指令
+
+#### 填充与边框 ####
+
+- 复制/粘贴风格
+- 取色工具
+- 用RGB, HSL, CMS, CMYK和色盘这四种不同的方式选色
+- 渐层编辑器能创建和管理多停点渐层
+- 定义一个图像或其它选择用来进行花纹填充
+- 用一些预定义泼洒花纹可对边框进行花纹泼洒
+- 通过路径标示器来开始、对折和结束标示
+
+#### 路径上的操作 ####
+
+- 节点编辑:移动节点和贝塞尔曲线掌控,节点的对齐和分布等等
+- 布尔运算(是或否)
+- 运用可变的路径起迄点可简化路径
+- 路径插入和增设连同动态和链接偏移对象
+- 通过路径追踪把位图图像转换成路径(彩色或单色路径)
+
+#### 文本处理 ####
+
+- 所有安装好的外框字体都能用甚至可以从右至左对齐对象
+- 格式化文本、调整字母间距、行间距或列间距
+- 路径上的文本和形状上的文本和路径或形状都可以被编辑和修改
+
+#### 渲染 ####
+
+- Inkscape完全支持抗锯齿显示,这是一种通过柔化边界上的像素从而减少或消除凹凸锯齿的技术。
+- 支持alpha透明显示和PNG格式图片的导出
+
+### 在Ubuntu 14.04和14.10上安装Inkscape ###
+
+为了在Ubuntu上安装Inkscape,我们首先需要 [添加它的稳定版Personal Package Archive][1] (PPA) 至Advanced Package Tool (APT) 库中。打开终端并运行一下命令来添加它的PPA:
+
+ sudo add-apt-repository ppa:inkscape.dev/stable
+
+
+
+PPA添加到APT库中后,我们要用以下命令进行更新:
+
+ sudo apt-get update
+
+
+
+更新好库之后,我们准备用以下命令来完成安装:
+
+ sudo apt-get install inkscape
+
+
+
+恭喜,现在Inkscape已经被安装好了,我们可以充分利用它的丰富功能特点来编辑制作图像了。
+
+
+
+### 结论 ###
+
+Inkscape是一款特点鲜明的图形编辑工具,它给予用户充分发挥自己艺术力的权利。它还是一款自由安装和自定义开源应用并且支持大范围文件类型包括JPEG, PNG, GIF和PDF且不仅这些。访问它的 [官方网站][2] 来获取更多新闻和应用更新。
+
+--------------------------------------------------------------------------------
+
+via: http://linoxide.com/tools/install-inkscape-open-source-vector-graphic-editor/
+
+作者:[Aun Raza][a]
+译者:[ZTinoZ](https://github.com/ZTinoZ)
+校对:[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[a]:http://linoxide.com/author/arunrz/
+[1]:https://launchpad.net/~inkscape.dev/+archive/ubuntu/stable
+[2]:https://inkscape.org/en/
diff --git a/translated/tech/20150413 A Walk Through Some Important Docker Commands.md b/translated/tech/20150413 A Walk Through Some Important Docker Commands.md
new file mode 100644
index 0000000000..6e350c6d1c
--- /dev/null
+++ b/translated/tech/20150413 A Walk Through Some Important Docker Commands.md
@@ -0,0 +1,105 @@
+一些重要Docker命令的简单介绍
+================================================================================
+大家好,今天我们来学习一些在你使用Docker之前需要了解的重要的 Docker 命令。Docker 是一个提供开发平台去打包,装载和运行任何应用的轻量级容器开源项目。它没有语言支持,框架和打包系统的限制,能从一个小的家庭电脑到高端服务器,在任何地方任何时间运行。这使得它们成为不依赖于一个特定的栈或供应商,部署和扩展web应用,数据库和后端服务很好的构建块。
+
+Docker 命令简单易学,也很容易实现或实践。这是一些你运行 Docker 并充分利用它需要知道的简单 Docker 命令。
+
+### 1. 拉取一个 Docker 镜像 ###
+
+由于容器是由 Docker 镜像构建的,首先我们需要拉取一个 docker 镜像来开始。我们可以从 Docker 注册 Hub 获取需要的 docker 镜像。在我们使用 pull 命令拉取任何镜像之前,由于pull命令被标识为恶意命令,我们需要保护我们的系统。为了保护我们的系统不受这个问题影响,我们需要添加 **127.0.0.1 index.docker.io** 到 /etc/hosts 条目。我们可以通过使用喜欢的文本编辑器完成。
+
+ # nano /etc/hosts
+
+现在,增加下面的一行到文件并保存退出。
+
+ 127.0.0.1 index.docker.io
+
+
+
+要拉取一个 docker 进行,我们需要运行下面的命令。
+
+ # docker pull registry.hub.docker.com/busybox
+
+
+
+我们可以检查本地是否有可用的 Docker 镜像。
+
+ # docker images
+
+
+
+### 2. 运行一个 Docker 容器 ###
+
+现在,成功地拉取要求或需要的 Docker 镜像之后,我们当然想运行这个 Docker 镜像。我们可以用 docker run 命令在镜像上运行一个 docker 容器。在 Docker 镜像之上运行一个 docker 容易时我们有很多选项和标记。我们使用 -t 和 -i 标记运行一个 docker 镜像并进入容器,如下面所示。
+
+ # docker run -it busybox
+
+
+
+从上面的命令中,我们进入了容器并可以通过交互 shell 访问它的内容。我们可以键入 **Ctrl-D** 从shell中退出。
+
+现在,在后台运行容器,我们用 -d 标记分离 shell,如下所示。
+
+ # docker run -itd busybox
+
+
+
+如果你想进入到一个正在运行的容器,我们可以使用 attach 命令加一个容器 id。可以使用 **docker ps** 命令获取容器 id。
+
+ # docker attach
+
+
+
+### 3. 查看容器 ###
+
+不论容器是否运行,查看日志文件都很简单。我们可以使用下面的命令去检查是否有 docker 容器在实时运行。
+
+ # docker ps
+
+现在,查看正在运行的或者之前运行的容器的日志,我们需要运行以下的命令。
+
+ # docker ps -a
+
+
+
+### 4. 检查 Docker 容器 ###
+
+我们可以使用 inspect 命令检查一个 Docker 容器的每条信息。
+
+ # docker inspect
+
+
+
+### 5. 杀死或删除命令 ###
+
+我们可以使用 docker id 杀死或者停止进程或 docker 容器,如下所示。
+
+ # docker stop
+
+要停止每个正在运行的容器,我们需要运行下面的命令。
+
+ # docker kill $(docker ps -q)
+
+现在,如我我们希望移除一个 docker 镜像,运行下面的命令。
+
+ # docker rm
+
+如果我们想一次性移除所有 docker 镜像,我们可以运行以下命令。
+
+ # docker rm $(docker ps -aq)
+
+### 结论 ###
+
+这些都是学习充分实现和利用 Docker 很基本的 docker 命令。有了这些命令,Docker 变得很简单,提供给端用户一个简单的计算平台。根据上面的教程,任何人学习 Docker 命令都非常简单。如果你有任何问题,建议,反馈,请写到下面的评论框中以便我们改进和更新内容。多谢!享受吧 :-)
+
+--------------------------------------------------------------------------------
+
+via: http://linoxide.com/linux-how-to/important-docker-commands/
+
+作者:[Arun Pyasi][a]
+译者:[ictlyh](https://github.com/ictlyh)
+校对:[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[a]:http://linoxide.com/author/arunp/
\ No newline at end of file
diff --git a/translated/tech/20150413 How to manage remote MySQL databases on Linux VPS using a GUI tool.md b/translated/tech/20150413 How to manage remote MySQL databases on Linux VPS using a GUI tool.md
new file mode 100644
index 0000000000..580e68e9d7
--- /dev/null
+++ b/translated/tech/20150413 How to manage remote MySQL databases on Linux VPS using a GUI tool.md
@@ -0,0 +1,171 @@
+Translating by demon
+如何使用图形化工具远程管理Linux Vps上的MySql
+================================================================================
+如果你在一个远程的VPS上运行了MYSQL server,你会如何管理你的远程数据库主机呢?基于web的数据库管理工具例如phpMyAdmin或者Adminer可能会是你一个想起的。这些基于web的管理工具需要一个后端的web服务和PHP引擎在正常运行。但是,如果你的VPS仅仅用来做数据库服务(e.g., for a multi-tier app),为临时的数据库管理提供一整套的LAMP是浪费VPS资源的。更糟的是,LAMP带有的HTTP端口可能会成为你VPS资源的安全漏洞。
+
+作为一种选择,你可以使用在一台客户机上运行本地的Mysql客户端,当然,如果没有别的选择,一个纯净的命令行mysql客户端将是你的默认选择。但是命令行客户端的功能是有限的,因此它不适合在生产环境中使用,例如:sql开发,性能调优,模式验证等等。你是否在寻找一个成熟的MYSQL管理工具,那么一个MYSQL的图形化管理工具将会更好的满足你的需求。
+
+什么是MySQL Workbench?
+
+作为一个由Oracle开发的成熟数据库管理工具,mysql workbench不仅仅是一个MySQL客户端。简而言之,Workbench是一个跨平台的(eg:Linux,MacOX,Windows)数据库设计,开发和管理图形工具。社区版本的Msyql Workbench是遵循GPL协议的。作为一个数据库管理者,你可以使用Workbench去配置Mysql服务,管理Mysql用户,完成数据库的备份与还原,监视数据库的健康状况,所有的都在对用户友好的图形化环境下处理。
+
+在这个手册里,让我们演示下如何在Linux下安装和使用Mysql Workbench.
+
+在Linux上安装MySQL Workbench
+
+你可以在任何一个桌面linux机器上运行Mysql Workbench去设置你的数据库管理环境。然而一些Linux发行版(例如:Debian/Ubuntu)在他们的软件源中已经有了Mysql Workbench.从官方源中安装是一个好的方法,因为他们提供了最新的版本。这里介绍了如何设置一个官方的Workbench源和从中安装它。
+
+#### Debian-based Desktop (Debia, Ubuntu, Mint): ####
+
+到其官方站点,选择一个和你环境匹配的DEB file源,并下载安装
+
+For example, on Ubuntu 14.10:
+
+ $ wget http://dev.mysql.com/get/mysql-apt-config_0.3.4-2ubuntu14.10_all.deb
+ $ sudo dpkg -i mysql-apt-config_0.3.4-2ubuntu14.10_all.deb
+
+on Debian 7:
+
+ $ wget http://dev.mysql.com/get/mysql-apt-config_0.3.3-1debian7_all.deb
+ $ sudo dpkg -i mysql-apt-config_0.3.3-1debian7_all.deb
+
+当你安装DEB文件时,你会看到下面的配置菜单,并且选择配置那个Mysql产品
+
+
+
+选择“Utilities”.完成配置后,选择“Apply”去保存配置。然后,更新包索引,并且安装Workbench
+
+ $ sudo apt-get update
+ $ sudo apt-get install mysql-workbench
+
+#### Red Hat-based Desktop (CentOS, Fedora, RHEL): ####
+
+去官网下载并安装适合你Linux环境的RPM源包
+For example, on CentOS 7:
+
+ $ wget http://dev.mysql.com/get/mysql-community-release-el7-5.noarch.rpm
+ $ sudo yum localinstall mysql-community-release-el7-5.noarch.rpm
+
+on Fedora 21:
+
+ $ wget http://dev.mysql.com/get/mysql-community-release-fc21-6.noarch.rpm
+ $ sudo yum localinstall mysql-community-release-fc21-6.noarch.rpm
+
+验证"MySQL Tools Community"源是否被安装
+ $ yum repolis enabled
+
+
+
+安装Workbench
+
+ $ sudo yum install mysql-workbench-community
+
+设置远程数据库的安全连接
+
+接下来是为你运行Mysql服务的VPS设置一个远程连接,当然你可以直接通过图形化的Workbench连接你的远程Mysql服务器(在数据库开放了远程连接后)。然而,这样做有很大的安全风险,因为有些人很容易窃听你的数据库传输信息,并且一个公开的Mysql端口(默认为3306)被作为攻击入口。
+
+一个比较好的方法是关掉远程访问数据库服务功能,(仅允许在127.0.0.1访问)。然后在本地客户机和远程Vps直接设置一个SSH隧道,这样的话,和mysql之间的数据能被安全的传输,仅在它的本地回环接口上。相比较设置一个SSL加密的连接来说,配置SSH隧道需要很少的操作,因为他仅仅需要SSH服务,并且在大多数的VPS上已经部署了。
+
+让我们来看看如何来为一个Mysql Workbench设置一个SSH隧道,这里的设置,不需要你开放远程访问Mysql服务。
+在一个运行了Workbench的本地客户机上,键入下面的命令,替换'user' and 'remote_vps'为你自己的信息
+
+ $ ssh user@remote_vps -L 3306:127.0.0.1:3306 -N
+
+你会被要求输入你VPS的SSH密码,当你成功登陆VPS后,一个SSH隧道将会在本地的3306端口和远程VPS的3306端口将会被建立。这里你不会看到任何信息。
+
+或者你可以选择在后台运行SSH隧道,按CTRL+Z停止当前的命令,然后输入bg并且ENTER
+
+
+
+这样SSH隧道就会在后台运行了。
+
+使用MySQL Workbench远程管理MySQL服务
+
+在建立好SSH隧道后,你可以通过MySQL Workbench去远程连接Mysql服务了。
+
+输入下面命令启动Workbench
+
+ $ mysql-workbench
+
+
+
+点击Workbench页面上面的加号图标去创建一个新的数据库连接,接着会出现下面的连接信息。
+
+- **Connection Name**: any description (e.g., My remote VPS database)
+- **Hostname**: 127.0.0.1
+- **Port**: 3306
+- **Username**: MySQL username (e.g., root)
+
+
+
+注意:因为隧道设置的是127.0.0.1:3306,所以主机名哪里必须是127.0.0.1,而不能是远程VPS的IP地址或者主机名
+
+当你设置好一个新的数据库连接后,你会在Workbench窗口看到一个新的框,点击那个框就会实际去连接远程的MySQL服务了。
+
+
+
+当你设置好一个新的数据库连接后,你会在Workbench窗口看到一个新的框,点击那个框就会实际去连接远程的MySQL服务了。
+
+#### MySQL Server Status ####
+
+当你设置好一个新的数据库连接后,你会在Workbench窗口看到一个新的框,点击那个框就会实际去连接远程的MySQL服务了。
+
+
+
+#### Client Connections ####
+
+连接数是一个极其重要的监视资源,这个菜单显示了每个连接的详细信息。
+
+
+
+#### 用户和权限 ####
+
+这个菜单允许你管理MySQL用户,包括他们的资源限制和权限。
+
+
+
+#### MySQL Server Administration ####
+
+你可以启动或关闭MySQL服务,并且检查它的服务日志。
+
+
+
+#### Database Schema Management ####
+
+可以可视化的查看,更改,检查数据库结构,在“Schemas”标题下选择任何一个数据库或表,然后右击
+
+
+
+
+
+#### Database Query ####
+
+你可以执行任何的语句(只要你的权限允许),并且检查他的结果。
+
+
+
+此外,性能统计数据和报表仅用于MySQL5.6以上的版本。对于5.5及其以下的版本,性能部分会以灰色显示。
+### 结论 ###
+
+简介且直观的选项卡界面,丰富的特性,开源,使MySQL Workbench成为一个非常好的可视化数据库设计和管理工具。为其减分的是它的性能。我注意到在一台运行繁忙的服务器上,Workbench优势会变得异常缓慢,尽管它的性能差强人意,我依然认为MySQL Workbench是MySQL数据库管理员和设计人员必备的工具之一。
+
+你曾在你的生产环境中用过Workbench吗?或者你还有别的GUI工具可以推荐?请分享你的经验吧。
+
+--------------------------------------------------------------------------------
+
+via: http://xmodulo.com/remote-mysql-databases-gui-tool.html
+
+作者:[Dan Nanni][a]
+译者:[译者ID](https://github.com/tyzy313481929译者demon)
+校对:[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[a]:http://xmodulo.com/author/nanni
+[1]:http://xmodulo.com/go/digitalocean
+[2]:http://ask.xmodulo.com/install-phpmyadmin-centos.html
+[3]:http://xmodulo.com/set-web-based-database-management-system-adminer.html
+[4]:http://mysqlworkbench.org/
+[5]:http://dev.mysql.com/downloads/repo/apt/
+[6]:http://dev.mysql.com/downloads/repo/yum/
+[7]:http://xmodulo.com/how-to-allow-remote-access-to-mysql.html
diff --git a/sources/tech/20150413 Linux FAQs with Answers--How to compile ixgbe driver on CentOS, RHEL or Fedora.md b/translated/tech/20150413 Linux FAQs with Answers--How to compile ixgbe driver on CentOS, RHEL or Fedora.md
similarity index 73%
rename from sources/tech/20150413 Linux FAQs with Answers--How to compile ixgbe driver on CentOS, RHEL or Fedora.md
rename to translated/tech/20150413 Linux FAQs with Answers--How to compile ixgbe driver on CentOS, RHEL or Fedora.md
index 972143b392..e5f8f6bcc7 100644
--- a/sources/tech/20150413 Linux FAQs with Answers--How to compile ixgbe driver on CentOS, RHEL or Fedora.md
+++ b/translated/tech/20150413 Linux FAQs with Answers--How to compile ixgbe driver on CentOS, RHEL or Fedora.md
@@ -1,59 +1,62 @@
-Linux FAQs with Answers--How to compile ixgbe driver on CentOS, RHEL or Fedora
+Linux 有问必答 -- 如何在红帽系linux中编译Ixgbe
+
================================================================================
-> **Question**: I want to build and install the latest ixgbe 10G NIC driver. How can I compile ixgbe driver on CentOS, Fedora or RHEL?
+> **提问**:我想要安装最新版的ixgbe 10G网卡驱动。在CentOS, Fedora 或 RHEL中,我应该如何编译ixgbe驱动?
-To use Intel's PCI Express 10G NICs (e.g., 82598, 82599, x540) on your Linux system, you need to install ixgbe driver. While modern Linux distributions come with ixgbe driver pre-installed as a loadable module, the pre-built ixgbe driver is not fully customizable with limited parameters. If you want to enable and customize all available features of the 10G NICs (e.g., RSS, multi-queue, virtual functions, hardware offload), you will need to build the driver from the source.
-Here is how to compile ixgbe driver from the source on Red Hat based platforms (e.g., CentOS, RHEL or Fedora). For Debian based systems, refer to [this guideline][1] instead.
+想要在linux使用Intel的PCI Express 10G网卡(例如,82598,82599,x540),需要安装Ixgbe驱动。如今的Linux发行版都会欲安装ixgbe作为可加载模块,但是预安装的ixgbe驱动不是完整功能版。如果想要开启和定制所有10G网卡(如,RSS,多)的功能,需要源码编译安装。
-### Step One: Install Prerequisites ###
+本文基于红帽系平台(如,CentOS,RHEL或Fedora)。Debian系系统,请看[这篇文章][1]
-First, set up necessary developmen environment and install matching kernel headers.
+
+### 第一步: 安装依赖 ###
+
+首先,安装必要的开发环境和安装匹配的内核头
$ sudo yum install gcc make
$ sudo yum install kernel-devel
-### Step Two: Compile Ixgbe Driver ###
+### 第二步: 编译Ixgbe ###
-Download the latest ixgbe source code from the [official site][2].
+从[官方页面][2]下载最新Ixgbe源码
$ wget http://downloads.sourceforge.net/project/e1000/ixgbe%20stable/3.23.2/ixgbe-3.23.2.tar.gz
-Be sure to check supported kernel versions. For example, the ixgbe driver 3.23.2 supports Linux kernel versions 2.6.18 up to 3.18.1.
+确保检查支持内核版本。例如,Ixgbe3.23.2版本支持Linux内核版本2.6.18以上到3.18.1.
-Extract the tarball and compile it.
+提取压缩包并编译
$ tar -xvf ixgbe-3.23.2.tar.gz
$ cd ixgbe-3.23.2/src
$ make
-If successful, the compiled driver (ixgbe.ko) will be found in the current directory.
+如果成功,编译完成的驱动(ixgbe.ko)可以在当前目录找到。
-You can check the information of the compiled driver by running:
+可以运行这个命令来查看编译信息:
$ modinfo ./ixgbe.ko
-The output will show a list of available parameters of the ixgbe driver.
+将会输出一个Ixgbe驱动的可用参数列表
-### Step Three: Load Ixgbe Driver ###
+### 第三步: 加载 Ixgbe 驱动 ###
-Now you are ready to load the compiled ixgbe driver.
+这步准备加载已经编译好的驱动。
-If the stock ixgbe driver is already loaded on your system, you need to unload it first. Otherwise, you won't be able to load the new ixgbe driver.
+如果系统已经加载了Ixgbe驱动,首先需要卸载掉老版本。否者,新版本不能够加载。
$ sudo rmmod ixgbe.ko
-Then insert the compiled driver in the kernel by running:
+然后插入编译完成的驱动到内核中:
$ sudo insmod ./ixgbe.ko
-Optionally, you can supply any parameters while loading the driver.
+同时,你可以设置启动参数
$ sudo insmod ./ixgbe.ko FdirPballoc=3 RSS=16
-To verify that the driver is loaded successfully, check the output of dmesg command.
+验证驱动是否加载成功,使用dmesg命令,查看其输出
$ dmesg
@@ -165,17 +168,17 @@ To verify that the driver is loaded successfully, check the output of dmesg comm
eth3: no IPv6 routers present
eth4: no IPv6 routers present
-### Step Four: Install Ixgbe Driver ###
+### 第四步: 安装Ixgbe驱动 ###
-Once you have checked that the driver is loaded successfully, go ahead and install the driver on your system.
+当确认驱动已经加载后,就可以安装驱动到系统中了
$ sudo make install
-ixgbe.ko will be installed in the following location.
+ixgbe.ko将会安装在下列目录
/lib/modules//kernel/drivers/net/ixgbe
-At this point, the compiled driver will be loaded automatically upon boot, or you can load it by running:
+此时,编译完蛋程序将在启动时自动加载,也可以通过运行命令加载它:
$ sudo modprobe ixgbe
@@ -186,11 +189,11 @@ At this point, the compiled driver will be loaded automatically upon boot, or yo
via: http://ask.xmodulo.com/compile-ixgbe-driver-centos-rhel-fedora.html
作者:[Dan Nanni][a]
-译者:[译者ID](https://github.com/译者ID)
+译者:[Vic020](http://vicyu.net)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
[a]:http://ask.xmodulo.com/author/nanni
[1]:http://ask.xmodulo.com/download-install-ixgbe-driver-ubuntu-debian.html
-[2]:http://sourceforge.net/projects/e1000/files/ixgbe%20stable/
\ No newline at end of file
+[2]:http://sourceforge.net/projects/e1000/files/ixgbe%20stable/
diff --git a/translated/tech/20150413 Linux FAQs with Answers--How to configure PCI-passthrough on virt-manager.md b/translated/tech/20150413 Linux FAQs with Answers--How to configure PCI-passthrough on virt-manager.md
new file mode 100644
index 0000000000..0344095bc2
--- /dev/null
+++ b/translated/tech/20150413 Linux FAQs with Answers--How to configure PCI-passthrough on virt-manager.md
@@ -0,0 +1,56 @@
+Linux有问必答:如何在虚拟机上配置PCI-passthrough
+================================================================================
+> **提问**:我想要设置一块物理网卡到用KVM创建的虚拟机上。我打算开启网卡的PCI passthrough给这台虚拟机。请问,我如何才能增加一个PCI设备通过PCI直通到虚拟机上?
+
+如今的hypervisor能够高效地在多个虚拟操作系统分享和模拟硬件资源。然而,虚拟资源分享,虚拟机的性能,或者是虚拟机需要硬件DMA的完全控制,不是总能使人满意。一项名叫“PCI passthrough”的技术可以用在一个虚拟机需要独享PCI设备时(例如:network/sound/video card)。本质上,PCI passthrough越过了虚拟层,直接扩展PCI设备到虚拟机。但是其他虚拟机不能同时共享。
+
+
+### 开启“PCI Passthrough”的准备 ###
+
+如果你想要为一台HVM实例开启PCI passthrough(例如,一台KVM创建的full虚拟机),你的母系统(包括CPU和主板)必须满足以下条件。但是如果你的虚拟机是para-V(由Xen创建),你可以挑过这步。
+
+为了开启PCI passthrough,系统需要支持**VT-d** (Intel处理器)或者**AMD-Vi** (AMD处理器)。Intel的VT-D(“英特尔虚拟化技术支持直接I/ O”)是适用于最高端的Nehalem处理器和它的后继者(例如,Westmere、Sandy Bridge的,Ivy Bridge)。注意:VT-d和VT-x是两个独立功能。intel/AMD处理器支持VT-D/AMD-VI功能的列表可以[点击这里][1]。
+
+完成验证你的设备支持VT-d/AMD-Vi后,还有两件事情需要做。首先,确保VT-d/AMD-Vi已经在BIOS中开启。然后,在内核启动过程中开启IOMMU。IOMMU服务,是VT-d,/AMD-Vi提供,可以保护虚拟机访问的主机内存,同时它也是full虚拟机支持PCI passthrough的前提。
+
+Intel处理器中,内核开启IOMMU通过在启动参数中修改“**intel_iommu=on**”。参看[这篇教程][2]获得如何通过GRUB修改内核启动参数。
+
+配置完成启动参数后,重启电脑。
+
+### 添加PCI设备到虚拟机 ###
+
+我们已经完成了开启PCI Passthrough的准备。事实上,只需通过虚拟机管理就可以给虚拟机分配一个PCI设备。
+
+打开虚拟机设置,在左边工具栏点击‘增加硬件’按钮。
+
+选择从PCI设备表一个PCI设备来分配,点击“完成”按钮
+
+
+
+最后,开启实例。目前为止,主机的PCI设备已经可以由虚拟机直接访问了。
+
+### 常见问题 ###
+
+在虚拟机启动时,如果你看见下列任何一个错误,这个错误有可能由于母机VT-d (或 IOMMU)未开启导致。
+
+ Error starting domain: unsupported configuration: host doesn't support passthrough of host PCI devices
+
+----------
+
+ Error starting domain: Unable to read from monitor: Connection reset by peer
+
+请确保"**intel_iommu=on**"启动参数已经按上文叙述开启。
+
+--------------------------------------------------------------------------------
+
+via: http://ask.xmodulo.com/pci-passthrough-virt-manager.html
+
+作者:[Dan Nanni][a]
+译者:[Vic020/VicYu](http://vicyu.net)
+校对:[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[a]:http://ask.xmodulo.com/author/nanni
+[1]:http://wiki.xenproject.org/wiki/VTdHowTo
+[2]:http://xmodulo.com/add-kernel-boot-parameters-via-grub-linux.html
diff --git a/sources/tech/20150417 How to Configure MariaDB Replication on CentOS Linux.md b/translated/tech/20150417 How to Configure MariaDB Replication on CentOS Linux.md
similarity index 58%
rename from sources/tech/20150417 How to Configure MariaDB Replication on CentOS Linux.md
rename to translated/tech/20150417 How to Configure MariaDB Replication on CentOS Linux.md
index a5a717cf46..ca27084edf 100644
--- a/sources/tech/20150417 How to Configure MariaDB Replication on CentOS Linux.md
+++ b/translated/tech/20150417 How to Configure MariaDB Replication on CentOS Linux.md
@@ -1,63 +1,63 @@
-How to Configure MariaDB Replication on CentOS Linux
+如何在 CentOS Linux 中配置 MariADB 复制
================================================================================
-Its a process of creating duplicate versions of a the DB. Replication process is not only copies a database, but also synchronizes changes from master to one of the slaves. But this is does not means that slave databases are identical copy of the master, because replication can be configured that only a schema of tables or columns or rows will be replicated, i.e. a partial replication. The replication ensures that those specific configured objects are kept in sync between the different databases.
+这是一个创建数据库重复版本的过程。复制过程不仅仅是复制一个数据库,同时也包括从主节点到一个从节点的更改同步。但这并不意味着从数据库就是和主数据库完全相同的副本,因为复制可以配置为只有表或者行或者列的一个模式将被复制,例如,局部复制。复制保证了特定的配置对象在不同的数据库之间保持同步。
-### Mariadb Replication Concepts ###
+### Mariadb 复制概念 ###
-**Backups** : Replication can be used for DB backups. For example, you have master -> slave replication. If master is lost (hdd fails, for example) you can restore your db from master.
+**备份** :复制可以用来进行数据库备份。例如,你有主->从复制。如果主节点丢失(比如hdd损坏),你可以从从节点中恢复你的数据库。
-**Scaling** : You can use master -> slave replication for scaling solution. For example, if you have a few big and have SQL query, using replcation you can separate this queries for each replcations nodes. Write SQL should be performed only on master, for read-only queries slave server can be used.
+**扩展** :你可以使用主->从复制作为扩展的解决方案。例如,如果你有一些大的数据库以及SQL查询,使用复制你可以将这些查询单独分到每个复制节点。写SQL应该只在主节点进行,而只读查询可以在从节点上进行。
-**Spreading solution** : You can use replication for distribution. For example, you can distribute different sales data to different databases.
+**传播解决方案** :你可以用复制来进行分发。例如,你可以将不同的销售数据分发到不同的数据库。
-**Failover solution** : For example you have, master -> slave(1) -> slave(2) -> slave(3) replication. You can write script for master monitoring , if master fails, script can quickly change slave(1) new for master master -> slave(1) -> slave(2) and your application will continue working whit out downtime
+**故障解决方案** : 假如你有主节点->从节点1->从节点2->从节点3的复制。你可以为主节点写脚本监控,如果主节点出故障了,脚本可以快速的将从节点1作为新的主节点,有主节点->从节点1->从节点2,你的应用可以继续工作而不会停机。
-### Simple diagrammatic demonstration of replication ###
+### 复制的简单图解示范 ###
-
+
-Before you start good know what is **binary log** and Ibdata1. The binary log contains a record about all changes in the db, data and structure, as well as how long each statement took to execute. Bin log consists set log files and an index. Its means that main SQL statements such as CREATE, ALTER, INSERT, UPDATE and DELETE will be putted to this log, statements, such as SELECT will not be logged. These info can be logged to general query.log file. In simple **Ibdata1** is a file which contains all tables and all info about db.
+开始之前,你应该知道什么是**二进制日志文件**以及 Ibdata1。二进制日志文件中包括关于数据库,数据和结构的所有更改的记录,以及每条语句的执行时间。二进制日志文件包括设置日志文件和一个索引。这意味着主要的SQL语句,例如CREATE, ALTER, INSERT, UPDATE 和 DELETE 会放到这个日志文件中,而例如SELECT语句就不会被记录。这些信息可以被记录到普通的query.log文件。简单的说 **Ibdata1** 是一个包括所有表和所有数据库信息的文件。
-### Master server configuration ###
+### 主服务器配置 ###
-Good to have server updated
+首先升级服务器
sudo yum install update -y && sudo yum install upgrade -y
-We are working on centos 7 server
+我们工作在centos7 服务器上
sudo cat /etc/redhat-release
CentOS Linux release 7.0.1406 (Core)
-Install MariaDB
+安装 MariaDB
sudo yum install mariadb-server -y
-Start MariaDB and enable it to start on boot of the server
+启动 MariaDB 并启用随服务器启动
sudo systemctl start mariadb.service
sudo systemctl enable mariadb.service
-Output:
+输出:
ln -s '/usr/lib/systemd/system/mariadb.service' '/etc/systemd/system/multi-user.target.wants/mariadb.service'
-Check MariaDB status
+检查 MariaDB 状态
sudo service mariadb status
-or use
+或者使用
sudo systemctl is-active mariadb.service
-Output:
+输出:
Redirecting to /bin/systemctl status mariadb.service
mariadb.service - MariaDB database server
Loaded: loaded (/usr/lib/systemd/system/mariadb.service; enabled)
-Set MariaDB password
+设置 MariaDB 密码
mysql -u root
mysql> use mysql;
@@ -65,35 +65,35 @@ Set MariaDB password
mysql> flush privileges;
mysql> exit
-SOME_ROOT_PASSWORD - your root password. I my case I'ill use "q" - password, then try to login:
+SOME_ROOT_PASSWORD - 你的 root 密码。 例如我用"q"作为密码,然后尝试登陆:
sudo mysql -u root -pSOME_ROOT_PASSWORD
-Output:
+输出:
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 5
Server version: 5.5.41-MariaDB MariaDB Server
Copyright (c) 2000, 2014, Oracle, MariaDB Corporation Ab and others.
-Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
+输入 'help;' 或 '\h' 查看帮助信息。 输入 '\c' 清空当前输入语句。
-Lets create database with table with some data
+让我们创建包括一些数据的表的数据库
-Create database/schema
+创建数据库/模式
sudo mysql -u root -pSOME_ROOT_PASSWORD
mysql> create database test_repl;
-Where:
+其中:
- test_repl - Name of shcema which will be replicated
+ test_repl - 将要被复制的模式的名字
-Output:
+输出:
Query OK, 1 row affected (0.00 sec)
-Create Persons table
+创建 Persons 表
mysql> use test_repl;
@@ -105,7 +105,7 @@ Create Persons table
City varchar(255)
);
-Output:
+输出:
mysql> MariaDB [test_repl]> CREATE TABLE Persons (
-> PersonID int,
@@ -116,7 +116,7 @@ Output:
-> );
Query OK, 0 rows affected (0.01 sec)
-Insert some data
+插入一些数据
mysql> INSERT INTO Persons VALUES (1, "LastName1", "FirstName1", "Address1", "City1");
mysql> INSERT INTO Persons VALUES (2, "LastName2", "FirstName2", "Address2", "City2");
@@ -124,15 +124,15 @@ Insert some data
mysql> INSERT INTO Persons VALUES (4, "LastName4", "FirstName4", "Address4", "City4");
mysql> INSERT INTO Persons VALUES (5, "LastName5", "FirstName5", "Address5", "City5");
-Output:
+输出:
Query OK, 5 row affected (0.00 sec)
-Check data
+检查数据
mysql> select * from Persons;
-Output:
+输出:
+----------+-----------+------------+----------+-------+
| PersonID | LastName | FirstName | Address | City |
@@ -145,13 +145,13 @@ Output:
| 5 | LastName5 | FirstName5 | Address5 | City5 |
+----------+-----------+------------+----------+-------+
-### Configure MariaDB for replication ###
+### 配置 MariaDB 重复 ###
-You'll need to edit the my.cnf file on the Master server to enable binary logging and set the server's id. I will use vi text editor, but use can use any suitable for your such as nano, joe etc.
+你需要在主结点服务器上编辑 my.cnf文件来启用二进制日志以及设置服务器id。我会使用vi文本编辑器,但你可以使用任何你喜欢的,例如nano,joe。
sudo vi /etc/my.cnf
-and put to config in [mysqld] section such lines.
+将下面的一些行写到[mysqld]部分。
log-basename=master
@@ -159,21 +159,21 @@ and put to config in [mysqld] section such lines.
binlog-format=row
server_id=1
-Output:
+输出:
-
+
-Then restart MariaDB:
+然后重启 MariaDB:
sudo service mariadb restart
-Login to MariaDB and check binary logs:
+登录到 MariaDB 并查看二进制日志文件:
sudo mysql -u root -pq test_repl
mysql> SHOW MASTER STATUS;
-Output:
+输出:
+--------------------+----------+--------------+------------------+
| File | Position | Binlog_Do_DB | Binlog_Ignore_DB |
@@ -181,23 +181,23 @@ Output:
| mariadb-bin.000002 | 3913 | | |
+--------------------+----------+--------------+------------------+
-**Remember** : "File" and "Position" values. YOU WILL NEED THIS VALUE AT SLAVE SERVER
+**记住** : "File" 和 "Position" 的值。在从节点中你需要使用这些值
-Create user for replication
+创建用来重复的用户
mysql> GRANT REPLICATION SLAVE ON *.* TO replication_user IDENTIFIED BY 'bigs3cret' WITH GRANT OPTION;
mysql> flush privileges;
-Output:
+输出:
Query OK, 0 rows affected (0.00 sec)
Query OK, 0 rows affected (0.00 sec)
-Check user in db
+在数据库中检查用户
mysql> select * from mysql.user WHERE user="replication_user"\G;
-Output:
+输出:
mysql> select * from mysql.user WHERE user="replication_user"\G;
*************************** 1. row ***************************
@@ -207,38 +207,38 @@ Output:
Select_priv: N
.....
-Create DB dump (snapshot of all data which will be replicated) form master
+从主节点创建 DB dump (将要被复制的所有数据的快照)
mysqldump -uroot -pSOME_ROOT_PASSWORD test_repl > full-dump.sql
-Where:
+其中:
- SOME_ROOT_PASSWORD - password for root user that you have setup
- test_repl - name of the data base which will be replicated;
+ SOME_ROOT_PASSWORD - 你设置的root用户的密码
+ test_repl - 将要复制的数据库的名称;
-You need to recover mysql dump (full-dump.sql) at slave server. Its needed for replication.
+你需要在从节点中恢复 mysql dump (full-dump.sql)。重复需要这个。
-### Slave server configuration ###
+### 从节点配置 ###
-All this commands you need to perform at slave server
+所有这些命令需要在从节点中进行
-Lets assume that we have fresh/updated CentOS 7.x server with latest mariaDB server and you can login as root to maria DB server (this was descripbed in first part of the article)
+假设我们已经更新/升级了包括有最新的MariaDB服务器的 CentOS 7.x,而且你可以用root账号登陆到MariaDBs服务器(这在这篇文章的第一部分已经介绍过)
-Login to Maria DB console and create DB
+登陆到Maria 数据库控制台并创建数据库
mysql -u root -pSOME_ROOT_PASSWORD;
mysql> create database test_repl;
mysql> exit;
-Recover data from master at slave server
+在从节点恢复主节点的数据
mysql -u root -pSOME_ROOT_PASSWORD test_repl < full-dump.sql
-Where:
+其中:
-full-dump.sql - its DB Dump that you have create at test server.
+full-dump.sql - 你在测试服务器中创建的DB Dump。
-Login to Maria DB and setup replication
+登录到Maria 数据库并启用复制
mysql> CHANGE MASTER TO
MASTER_HOST='82.196.5.39',
@@ -249,30 +249,30 @@ Login to Maria DB and setup replication
MASTER_LOG_POS=3913,
MASTER_CONNECT_RETRY=10;
-
+
-Where:
+其中:
- MASTER_HOST - IP of the master server.
- MASTER_USER - replication user at master server
- MASTER_PASSWORD - replication user password
- MASTER_PORT - mysql port at master
- MASTER_LOG_FILE - bin-log file name form master
- MASTER_LOG_POS - bin-log position file at master
+ MASTER_HOST - 主节点服务器的IP
+ MASTER_USER - 主节点服务器中的复制用户
+ MASTER_PASSWORD - 复制用户密码
+ MASTER_PORT - 主节点中的mysql端口
+ MASTER_LOG_FILE - 主节点中的二进制日志文件名称
+ MASTER_LOG_POS - 主节点中的二进制日志文件位置
-Start slave mode
+开启从节点模式
mysql> slave start;
-Output:
+输出:
Query OK, 0 rows affected (0.00 sec)
-Check slave status
+检查从节点状态
mysql> show slave status\G;
-Output:
+输出:
*************************** 1. row ***************************
Slave_IO_State: Waiting for master to send event
@@ -317,11 +317,11 @@ Output:
Master_Server_Id: 1
1 row in set (0.00 sec)
-At this step all shoul be ok, and not erros should be here.
+到这里所有步骤都应该没问题,也不应该出现错误。
-### Test the replication ###
+### 测试复制 ###
-At MAIN/MASTER server add some entities to DB
+在主节点服务器中添加一些条目到数据库
mysql -u root -pSOME_ROOT_PASSWORD test_repl
@@ -329,7 +329,7 @@ At MAIN/MASTER server add some entities to DB
mysql> INSERT INTO Persons VALUES (7, "LastName7", "FirstName7", "Address7", "City7");
mysql> INSERT INTO Persons VALUES (8, "LastName8", "FirstName8", "Address8", "City8");
-Then go to the SLAVE server and check replicated data
+到从节点服务器中查看复制数据
mysql -u root -pSOME_ROOT_PASSWORD test_repl
@@ -344,14 +344,14 @@ Then go to the SLAVE server and check replicated data
| 8 | LastName8 | FirstName8 | Address8 | City8 |
+----------+-----------+------------+----------+-------+
-You can see the data is replicated to slave server. Its mean that replication is working. Hope you enjoyed the article. Let us know if you have any questions.
+你可以看到数据已经被复制到从节点。这意味着复制能正常工作。希望你能喜欢这篇文章。如果你有任何问题请告诉我们。
--------------------------------------------------------------------------------
via: http://linoxide.com/how-tos/configure-mariadb-replication-centos-linux/
作者:[Bobbin Zachariah][a]
-译者:[译者ID](https://github.com/译者ID)
+译者:[ictlyh](https://github.com/ictlyh)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
diff --git a/translated/tech/20150417 How to Install Discourse in a Docker Container.md b/translated/tech/20150417 How to Install Discourse in a Docker Container.md
new file mode 100644
index 0000000000..e4dcf8f3c5
--- /dev/null
+++ b/translated/tech/20150417 How to Install Discourse in a Docker Container.md
@@ -0,0 +1,156 @@
+如何在一个Docker容器里安装Discourse
+=============================================================================
+大家好,今天我们将会学习如何利用Docker平台安装Discourse。Discourse是完全开源的讨论平台,为互联网的下一个十年而搭建,拥有一个邮件列表,一个论坛和一个long-form(此处不明白)聊天室。不管从技术角度还是社会学角度,当你试图去重新想象当今一个现代的,可持续的,完全开源的互联网讨论平台该是什么样子,Discourse都是一个不错的途径。Discourse简洁,直接之于讨论。它确实是一个令人称赞的平台,对于互联网上各种各样的讨论来说,提供了在机器之外如此酷的一个服务。Docker是一个开源平台,提供打包,运输和运行任何应用的平台,如一个轻量级容器。Docker容器技术使得Discourse更加方便和容易去建立应用程序。
+
+所以,下面是一些快速且容易的步骤,用来安装Discourse在一个Docker环境里面。
+
+### 1. 安装Docker ###
+
+首先,我们需要确认我们的主机操作系统已经安装了Docker。我们需要在shell或者终端运行以下命令安装Docker。
+
+#### 在Ubuntu上 ####
+
+docker安装包在Ubuntu的仓库里面是可用的,所以我们将会使用apt管理器安装,以sudo或者root模式
+
+ # apt-get docker
+
+#### 在CentOS 7上 ####
+
+在CentOS 7的主机上,我们使用yum管理器安装docker,因为CentOS的仓库里同样有docker安装包
+
+ # yum install docker
+
+
+
+### 2. 设定交换内存 ###
+
+如果你的RAM容量小于1GB,那么确保升级你的系统达到1GB或者以上,否则Discourse不会在512MB的RAM下安装。如果你现在准备好了安装Discourse,根据下面的步骤为你的VPS(Virtual Private Servers)或者服务器设定交换内存
+
+运行下面的命令,创建一个空的交换文件。
+
+ # install -o root -g root -m 0600 /dev/null /swapfile
+
+如果你想你的交换内存达到1GB,那么执行下面的步骤,并且跳过接下来的第二步。
+
+ # dd if=/dev/zero of=/swapfile bs=1k count=1024k
+
+如果你想达到2GB,跳过上面的所有步骤,跟着下面做
+
+ # dd if=/dev/zero of=/swapfile bs=1k count=2014k
+
+接着,我们指定交换内存为swapfile
+
+ #mkswap /swapfile
+
+运行下面的命令激活交换内存
+
+ #swapon /swapfile
+
+现在,我们将其添加到文件系统分区表里,这样重启之后就自动挂载了。
+
+ # echo "/swapfile swap swap auto 0 0" | sudo tee -a /etc/fstab
+
+设置swappiness为10,这样交换内存仅作为一个紧急缓冲区用。
+
+ # sudo sysctl -w vm.swappiness=10
+ # echo vm.swappiness = 10 | sudo tee -a /etc/sysctl.conf
+
+### 3. 安装Discourse ###
+
+在我们的主机上安装Docker后,我们将会安装Discourse。现在,我们从官方的Discourse GitHub仓库克隆一份到/var/discourse目录下。我们需要运行下面的命令完成这一步。
+
+ # mkdir /var/discourse/
+
+ # cd /var/discourse/
+
+ # git clone https://github.com/discourse/discourse_docker.git /var/discourse/
+
+克隆好仓库后,我们会为discourse服务器复制配置文件
+
+ # cp samples/standalone.yml containers/app.yml
+
+
+
+### 4. 配置Discourse ###
+
+接下来,我们用自己喜欢的文本编辑器,编辑容器目录下的discourse配置文件app.yml
+
+ # nano containers/app.yml
+
+现在,我们需要设置开发者的邮箱地址为DISCOURSE_DEVELOPER_EMAILS,如下。
+
+ DISCOURSE_DEVELOPER_EMAILS: 'arun@linoxide.com'
+
+然后,我们会设置主机名为服务器的域名。
+
+ DISCOURSE_HOSTNAME: 'discourse.linoxide.com'
+
+接着,为每个托管在相同discourse主机或者vps上的SMTP服务器设定邮箱证书。SMTP设置需要从你的Discourse发送邮件
+
+ DISCOURSE_SMTP_ADDRESS: smtp.linoxide.com
+ DISCOURSE_SMTP_PORT: 587 # (optional)
+ DISCOURSE_SMTP_USER_NAME: admin@linoxide.com # (optional)
+ DISCOURSE_SMTP_PASSWORD: test123 # (optional)
+
+
+
+ Discourse 配置
+
+如果你在使用一个1GB的Discourse,设定UNICORN_WORKERS为2,db_shared_buffers为128MB,这样你会有更多的内存空间。
+
+运行Discourse需要强制性地创建一个邮件服务器。如果你已经有一个服务器了那就好办多了,我们可以使用它的证书。如果你没有现成的邮件服务器,或者你不知道那是什么。没关系,创建一个免费的帐号在[Mandrill][1] ([Mailgun][2],或者[Mailjet][3]),然后使用面板上提供的证书。
+
+### 5. 启动Discourse应用 ###
+
+配置完discourse的配置文件后,我们当然是想启动Discourse服务器。首先,在/var/discourse/目录下运行下面的命令,加载discourse引导程序。
+
+ # ./launcher bootstrap app
+
+
+
+上述命令可能会花去几分钟时间,会自动配置我们的Discourse环境。然后,该进程完成后,我们需要运行下面的命令启动Discourse App
+
+ #./launch start app
+
+
+
+### 维护 ###
+
+这里往下是/var/discourse/目录里加载命令的使用,这使得我们可以承担维护的任务,通过Docker 容器控制Disourse。(这里不太明白原文表达意思)
+
+ Usage: launcher COMMAND CONFIG [--skip-prereqs]
+ Commands:
+ start: Start/initialize a container
+ stop: Stop a running container
+ restart: Restart a container
+ destroy: Stop and remove a container
+ enter: Use nsenter to enter a container
+ ssh: Start a bash shell in a running container
+ logs: Docker logs for container
+ mailtest: Test the mail settings in a container
+ bootstrap: Bootstrap a container for the config based on a template
+ rebuild: Rebuild a container (destroy old, bootstrap, start new)
+ cleanup: Remove all containers that have stopped for > 24 hours
+
+ Options:
+ --skip-prereqs Don't check prerequisites
+ --docker-args Extra arguments to pass when running docker
+
+### 总结 ###
+
+Hurray!我们已经成功使用Docker技术安装了Discourse。Docker技术使得Discourse十分容易安装在任何平台,并且包含所有的要求。我们需要自己的邮件服务器或者邮件服务器的证书来启动它。对于便捷的现代邮件列表,论坛来说,Discourse是一个伟大的平台。(最后这句有些别扭)
+
+--------------------------------------------------------------------------------
+
+via: http://linoxide.com/how-tos/install-discourse-docker-container/
+
+作者:[Arun Pyasi][a]
+译者:[wi-cuckoo](https://github.com/wi-cuckoo)
+校对:[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[a]:http://linoxide.com/author/arunp/
+[1]:https://mandrillapp.com/
+[2]:http://www.mailgun.com/
+[3]:https://www.mailjet.com/pricing
diff --git a/translated/tech/20150420 Managing file and directory attributes in linux using chattr and lsattr command.md b/translated/tech/20150420 Managing file and directory attributes in linux using chattr and lsattr command.md
new file mode 100644
index 0000000000..0aaef749c8
--- /dev/null
+++ b/translated/tech/20150420 Managing file and directory attributes in linux using chattr and lsattr command.md
@@ -0,0 +1,200 @@
+在Linux中用chattr和lsattr命令管理文件和目录属性
+================================================================================
+为了允许添加数据,防止更改或者删除等,文件和文件夹中设定了一定的控制属性。例如,你可以在关键系统文件或者文件夹中启用属性,然后没有用户,包括root,可以删除或者修改它,不允许比如dump命令等备份工具去备份一个特定的文件或者文件夹,等等。这些属性只可以在ext2,ext3或者ext4文件系统中的文件和文件夹上设定。
+
+有两个命令 **lsattr** 和 **chattr** 用来管理属性。下面是常用属性的列表。
+
+注:表格代码
+
+
+
+
+
+
+|
+ 属性
+ |
+
+ 描述
+ |
+
+
+|
+ a (append)
+ |
+
+ 允许在文件中进行追加操作
+ |
+
+
+|
+ A
+ |
+
+ 这个属性不允许更新文件的访问时间
+ |
+
+
+|
+ c (compressed)
+ |
+
+ 启用这个属性时,文件在磁盘上会自动压缩
+ |
+
+
+|
+ d (dump)
+ |
+
+ 不能使用dump命令备份文件
+ |
+
+
+|
+ D
+ |
+
+ 设置了文件夹的D属性时,更改会在同步保存在磁盘上
+ |
+
+
+|
+ e (extent format)
+ |
+
+ 它表明,该文件使用扩展到映射磁盘上的块
+ |
+
+
+|
+ i (immutable)
+ |
+
+ 在文件上启用这个属性时,我们不能更改,重命名或者删除这个文件
+ |
+
+
+|
+ j (journaling)
+ |
+
+ 设置了这个属性时,文件的数据首先保存在日志中,然后再写入文件
+ |
+
+
+|
+ S (synchronous)
+ |
+
+ 设置了这个属性时,变更或更改同步保存到磁盘上
+ |
+
+
+
+
+chattr属性中可以使用的不同选项 :
+
+- **-R** 递归地修改文件夹和子文件夹的属性
+- **-V** chattr命令的输出伴随版本信息
+- **-f** 压缩大部分错误信息
+
+在chattr中用于设置或者取消属性的 **操作符**
+
+- ‘+’ 符号用来为文件和文件夹设置属性,
+- ‘-‘ 符号用来移除或者取消属性
+- ‘=’ 使它们成为文件有的唯一属性。
+
+**chattr** 和 **lsattr** 命令的基本语法 :
+
+ # chattr
+
+ # lsattr
+
+### 例:1 使用‘i’属性使文件不可更改 ###
+
+ [root@linuxtechi ~]# chattr +i dummy_data
+ [root@linuxtechi ~]# lsattr dummy_data
+ ----i----------- dummy_data
+
+现在试着删除或者修改文件
+
+ [root@linuxtechi ~]# rm -f dummy_data
+ rm: cannot remove ‘dummy_data’: Operation not permitted
+
+ [root@linuxtechi ~]# echo "test" >> dummy_data
+ -bash: dummy_data: Permission denied
+
+### 例:2 移除不可更改属性 ###
+
+ [root@linuxtechi ~]# chattr -i dummy_data
+ [root@linuxtechi ~]# lsattr dummy_data
+ ---------------- dummy_data
+
+### 例:3 在文件中只允许追加操作 ###
+
+ [root@linuxtechi ~]# chattr +a dummy_data
+ [root@linuxtechi ~]# lsattr dummy_data
+ -----a---------- dummy_data
+
+现在试着把fstab文件的内容追加到dummy_data文件
+
+ [root@linuxtechi ~]# cat /etc/fstab >> dummy_data
+ [root@linuxtechi ~]#
+
+### 例 :4 使用 -R 选项和 ‘+i’ 属性使文件夹和它的子文件夹成为安全目录 ###
+
+让我们来新建一个sysadmin文件夹和它的子文件夹
+
+ [root@linuxtechi ~]# mkdir sysadmin
+ [root@linuxtechi ~]# mkdir sysadmin/admim_{1,2,3,4,5}
+ [root@linuxtechi ~]# ls -l sysadmin/
+ total 0
+ drwxr-xr-x. 2 root root 6 Apr 19 09:50 admim_1
+ drwxr-xr-x. 2 root root 6 Apr 19 09:50 admim_2
+ drwxr-xr-x. 2 root root 6 Apr 19 09:50 admim_3
+ drwxr-xr-x. 2 root root 6 Apr 19 09:50 admim_4
+ drwxr-xr-x. 2 root root 6 Apr 19 09:50 admim_5
+
+在sysadmin文件夹递归设置不可更改属性
+
+ [root@linuxtechi ~]# chattr -R +i sysadmin
+
+ [root@linuxtechi ~]# lsattr -R sysadmin/
+ ----i----------- sysadmin/admim_1
+ sysadmin/admim_1:
+ ----i----------- sysadmin/admim_2
+ sysadmin/admim_2:
+ ----i----------- sysadmin/admim_3
+ sysadmin/admim_3:
+ ----i----------- sysadmin/admim_4
+ sysadmin/admim_4:
+ ----i----------- sysadmin/admim_5
+ sysadmin/admim_5:
+ [root@linuxtechi ~]#
+
+现在试着用rm命令删除文件夹
+
+ [root@linuxtechi ~]# rm -rf sysadmin
+ rm: cannot remove ‘sysadmin/admim_1’: Permission denied
+ rm: cannot remove ‘sysadmin/admim_2’: Permission denied
+ rm: cannot remove ‘sysadmin/admim_3’: Permission denied
+ rm: cannot remove ‘sysadmin/admim_4’: Permission denied
+ rm: cannot remove ‘sysadmin/admim_5’: Permission denied
+ [root@linuxtechi ~]#
+
+使用以下命令递归取消属性
+
+ [root@linuxtechi ~]# chattr -R -i sysadmin
+
+--------------------------------------------------------------------------------
+
+via: http://www.linuxtechi.com/file-directory-attributes-in-linux-using-chattr-lsattr-command/
+
+作者:[Pradeep Kumar][a]
+译者:[ictlyh](https://github.com/ictlyh)
+校对:[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[a]:http://www.linuxtechi.com/author/pradeep/
\ No newline at end of file
diff --git a/translated/tech/20150423 How IP forwarding Helps Connecting Private interface to Internet in Linux.md b/translated/tech/20150423 How IP forwarding Helps Connecting Private interface to Internet in Linux.md
new file mode 100644
index 0000000000..a8ba20fff0
--- /dev/null
+++ b/translated/tech/20150423 How IP forwarding Helps Connecting Private interface to Internet in Linux.md
@@ -0,0 +1,75 @@
+Linux 上IP转发如何帮助专用接口连接到互联网
+================================================================================
+大家好,今天我们学习一下在 Linux 上用 iptables 实现从一个网络接口到另一个接口的IP转发或者数据包转发。IP转发的概念是,使 Linux 机器像路由器一样将数据从一个网络发送到另一个网络。所以,它能作为一个**路由器**或者代理服务器,实现从一个连接到多个客户端机器的共享互联网或者网络连接。
+
+这是一些启用IP转发或网络包转发方法的简单步骤。
+
+### 1. 启用 IPv4 转发 ###
+
+首先,我们打算在我们的 Linux 操作系统上启用 IPv4 转发。要做到这点,我们需要用 sudo 模式在 shell 或终端下执行下面的命令。
+
+ $ sudo -s
+
+ # echo 1 > /proc/sys/net/ipv4/ip_forward
+
+
+
+**注意:上面的命令能马上启用ip转发,但只是临时的,直到下一次重启。要永久启用,我们需要使用我们喜欢的文本编辑器打开 /etc/sysctl.conf 文件。**
+
+ # nano /etc/sysctl.conf
+
+然后,增加 **net.ipv4.ip_forward = 1** 到文件中,或者删除那行的注释,保存并退出文件。
+
+ net.ipv4.ip_forward = 1
+
+
+
+运行下面的命令启用更改。
+
+ # sysctl -p /etc/sysctl.conf
+
+
+
+### 2. 配置 Iptables 防火墙 ###
+
+我们需要允许特定的(或者所有的)数据包通过我们的路由器。在这之前,我们要知道连接我们 Linux 的网络设备的接口名称。我们可以通过在终端或者 shell 运行以下命令获得接口名称。
+
+ # ifconfig -a
+
+
+
+这里,在我们的机器中, eth2 是连接到互联网或者网络的网卡接口, wlan2 是我们要使用 iptables 从 eth2 转发数据包的接口。要做到这点,我们需要运行以下命令。
+
+ # iptables -A FORWARD -i wlan2 -o eth2 -j ACCEPT
+
+注意:请用你 Linux 机器中的可用设备名称替换 wlan2 和 eth2。
+
+现在,由于网络过滤器是一个无状态的防火墙,我们要用 iptables 允许已建立的连接通过。要做到这点,我们要运行下面的命令。
+
+ # iptables -A FORWARD -i eth2 -o wlan2 -m state --state ESTABLISHED,RELATED -j ACCEPT
+
+
+
+### 3. 配置 NAT ###
+
+然后,最后我们需要通过执行下面的命令修改发送到互联网的数据包的源地址为 eth2。
+
+ # iptables -t nat -A POSTROUTING -o eth2 -j MASQUERADE
+
+
+
+### 总结 ###
+
+最后,用安装的 iptables 作为防火墙解决方案,我们在我们的 Linux 机器上成功的配置了从一个接口到另一个接口的数据包转发。这篇文章允许你的专用接口连接到互联网,你不需要桥接接口,而是路由从一个接口进来的数据包到另一个接口,就是这些。如果你有任何问题、建议、反馈,请写到下面的评论框中,然后我们可以改进或更新我们的内容。非常感谢!享受吧 :-)
+
+--------------------------------------------------------------------------------
+
+via: http://linoxide.com/firewall/ip-forwarding-connecting-private-interface-internet/
+
+作者:[Arun Pyasi][a]
+译者:[ictlyh](https://github.com/ictlyh)
+校对:[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[a]:http://linoxide.com/author/arunp/
\ No newline at end of file
diff --git a/translated/tech/20150423 How to Change Default Web Browser and Email Client in Ubuntu.md b/translated/tech/20150423 How to Change Default Web Browser and Email Client in Ubuntu.md
new file mode 100644
index 0000000000..5e7413e37d
--- /dev/null
+++ b/translated/tech/20150423 How to Change Default Web Browser and Email Client in Ubuntu.md
@@ -0,0 +1,77 @@
+如何在 Ubuntu 中更改默认浏览器和 Email 客户端
+================================================================================
+Ubuntu 自带了一些已经预装的默认应用程序,包括非常流行的 Mozilla 火狐浏览器和 Thunderbird 的 e-mail 客户端。
+
+
+
+尽管这两个应用都有它们自己的粉丝,但是没有一个应用能符合每个人的口味和需要。我们经常收到邮件或者推文,询问我们怎样可以在 Ubuntu 上更改默认浏览器或者设置处理邮件链接的不同的电子邮件客户端等。
+
+我们在这里不仅讨论如何安装不同的软件,还包括如何给一个特定的文件,链接或者内容类型设置系统处理应用。
+
+在 Ubuntu 中更改默认应用程序,包括浏览器、电子邮件客户端、文本编辑器、音乐和视频播放器都非常的简单。但并不是每个人都知道更改这些的设置面板在哪里,让我们来快速看一下吧。
+
+### 如何在 Ubuntu 上更改默认浏览器 ###
+
+
+
+Mozilla 火狐浏览器是万维网上稳定、开源而且可依赖的窗口,但它并不是每个人的选择。这都没关系。
+
+在 Ubuntu 上使用不同的默认浏览器,首先,显而易见,你需要安装一个新的浏览器。你该怎么做取决于你想要的浏览器:
+
+- 开源浏览器,例如 [Epiphany][1], [Chromium][2] 和 [IceWeasel][3],可以从 Ubuntu 软件中心安装。
+
+- 主流浏览器,例如 [Google Chrome][4], [Opera][5] 和 [Vivaldi][6] 必须从各自项目的官方网站上下载。
+
+不管你选择哪个浏览器,不管你选择怎样安装,完成之后你就可以继续了。
+
+
+
+点击其它应用上的链接,例如及时通讯软件、Twitter 客户端、 e-mail,要更改打开网页的默认浏览器,你需要用到 Ubuntu 系统设置工具。
+
+你可以用多种方法打开系统设置。其中一种最快的方式是点击右上角(RTL系统是左上角)的 Cog 图标并选择‘系统设置’菜单快捷方式。
+
+1. 打开‘系统设置’
+1. 选择‘详细’选项
+1. 在侧边栏选择‘默认应用程序’
+1. 把 ‘Web’ 条目的 ‘火狐’ 改为你想要的选项
+
+就是这样。
+
+### 如何在 Ubuntu 上更改默认的邮件客户端 ###
+
+
+
+Ubuntu 用 Thunderbird 作为默认的邮件应用程序。这意味着 当你点击大部分浏览器、 PDF文件、及时通讯软件等上的 **电子邮件地址或者一个 [mailto 链接][7] 的时候会自动打开** 这个应用。
+
+当然,如果你使用 Thunderbird,这真的很方便。但是我们很多人并非如此; 我们可能**[使用像 Geary 这样的轻量级客户端][8]**,GNOME stalwart Evolution,或者依靠像 Gmail 或者 Outlook 这样的网络邮件服务。
+
+在 Ubuntu 上从 Thunderbird **更改默认邮件客户端** 到另一个应用程序,打开系统设置 > 详细 > 默认应用程序。点击下拉菜单到 ‘Mail’ 并选择从列表中选择你喜欢的客户端。
+
+**在 Ubuntu 上设置 Gmail 为默认的邮件客户端**,你首先需要点击下面的按钮安装 ‘gnome-gmail’ 软件包。安装完后打开系统设置 > 详细 > 默认应用程序。点击下拉菜单到 ‘Mail’ 并选择从列表中选择 ‘Gmail’。
+
+- [在 Ubuntu 上安装 GNOME Gmail][9]
+
+### 更多 ###
+
+上述同样的步骤可以用来设置你双击音乐文件时打开你喜欢的音乐播放器,用比如 VLC 应用程序处理 .avi 和 .mp4 文件,等等。
+
+--------------------------------------------------------------------------------
+
+via: http://www.omgubuntu.co.uk/2015/04/change-your-default-web-browser-in-ubuntu
+
+作者:[Joey-Elijah Sneddon][a]
+译者:[ictlyh](https://github.com/ictlyh)
+校对:[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[a]:https://plus.google.com/117485690627814051450/?rel=author
+[1]:https://wiki.gnome.org/Apps/Web
+[2]:https://apps.ubuntu.com/cat/applications/chromium-browser/
+[3]:https://wiki.debian.org/Iceweasel
+[4]:https://www.google.co.uk/chrome/browser/desktop/
+[5]:http://www.opera.com/computer/linux
+[6]:https://vivaldi.com/#Download
+[7]:http://en.wikipedia.org/wiki/Mailto
+[8]:http://www.omgubuntu.co.uk/2015/03/install-geary-ubuntu-linux-email-update
+[9]:apt://gnome-gmail
\ No newline at end of file
diff --git a/translated/tech/20150427 How to set up NTP server in CentOS.md b/translated/tech/20150427 How to set up NTP server in CentOS.md
new file mode 100644
index 0000000000..3924edd93f
--- /dev/null
+++ b/translated/tech/20150427 How to set up NTP server in CentOS.md
@@ -0,0 +1,165 @@
+如何在 CentOS 中设置 NTP 服务器
+================================================================================
+网络时间协议(NTP)用来同步网络上不同主机的系统时间。所有托管的主机都可以和一个指定的被称为 NTP 服务器的时间服务器同步它们的时间。另一方面一个 NTP 服务器将它的时间和任何公共 NTP 服务器,或者你选定的服务器同步。NTP 托管的所有系统时钟都同步精确到毫秒级。
+
+在一个协作环境中,如果他们不想为 NTP 传输打开防火墙,就有必要设置一个内部 NTP 服务器,然后让员工使用内部服务器而不是公共 NTP 服务器。在这个指南中,我们会介绍如何将一个 CentOS 系统配置为 NTP 服务器。在介绍详细内容之前,让我们先来简单了解一下 NTP 的概念。
+
+### 为什么我们需要 NTP? ###
+
+由于制造工艺多种多样,所有的(非原子)时钟并不按照完全一致的速度行走。有一些时钟走的比较快而有一些走的比较慢。因此经过很长一段时间以后,一个时钟的时间慢慢的偏移于其它,导致有名的 “时钟漂移” 或 “时间漂移”。为了最小化时钟漂移的影响,使用 NTP 的主机应该周期性地和指定的 NTP 服务器交互以保持它们的时钟同步。
+
+在不同的主机之间进行时间同步对于计划备份、[干扰检测][1]日志、[分布式任务调度][2]或者事务订单管理来说是很重要的事情。它甚至可能要求作为日常任务的一部分。
+
+### NTP 层次 ###
+
+NTP 时钟以层次模型组织。层级中的每层被称为一个 *stratum*。stratum 的概念说明了一台机器到授权的时间源有多少 NTP 跳。
+
+
+
+Stratum 0 由没有时间漂移的时钟组成,例如原子时钟。这种时钟不能在网络上直接使用。Stratum N (N > 1) 层服务器从 Stratum N-1 层服务器同步时间。Stratum N 时钟可能通过网络和彼此互联。
+
+NTP 支持多达 15 stratums 的层级。Stratum 16 被认为是没有同步不能使用的。
+
+### 准备 CentOS 服务器 ###
+
+现在让我们来开始在 CentOS 上设置 NTP 服务器。
+
+首先,我们需要保证正确设置了服务器的时区。在 CentOS 7 中,我们可以使用 timedatectl 命令查看和更改服务器的时区(比如,"Australia/Adelaide")
+
+ # timedatectl list-timezones | grep Australia
+ # timedatectl set-timezone Australia/Adelaide
+ # timedatectl
+
+
+
+继续并使用 yum 安装需要的软件
+
+ # yum install ntp
+
+然后我们会添加全球 NTP 服务器用于同步时间。
+
+ # vim /etc/ntp.conf
+
+----------
+
+ server 0.oceania.pool.ntp.org
+ server 1.oceania.pool.ntp.org
+ server 2.oceania.pool.ntp.org
+ server 3.oceania.pool.ntp.org
+
+默认情况下,NTP 服务器的日志保存在 /var/log/messages。如果你希望使用自定义的日志文件,那也可以指定。
+
+ logfile /var/log/ntpd.log
+
+如果你选择自定义日志文件,确保更改了它的属主和 SELinux 环境。
+
+ # chown ntp:ntp /var/log/ntpd.log
+ # chcon -t ntpd_log_t /var/log/ntpd.log
+
+现在初始化 NTP 服务并确保把它添加到了随机启动。
+
+ # systemctl restart ntp
+ # systemctl enable ntp
+
+### 验证 NTP Server 时钟 ###
+
+我们可以使用 ntpq 命令来检查本地服务器的时钟如何通过 NTP 同步。
+
+
+
+下面的表格解释了输出列。
+
+注:表格
+
+
+| remote |
+源在 ntp.conf 中定义。‘*’ 表示当前使用的最好的源;‘+’ 表示可作为 NTP 源的源;‘-’ 标记的源是不可用的。 |
+
+
+| refid |
+和远程服务器时钟同步的时钟的 IP 地址。 |
+
+
+| st |
+Stratum |
+
+
+| t |
+类型。 'u' 表示单播(unicast)。其它值包括本地(local)、多播(multicast)、广播(broadcast)。 |
+
+
+| when |
+自从上次和服务器交互经过的时间(以秒数计)。 |
+
+
+| poll |
+和服务器的轮询频率,以秒数计。 |
+
+
+| reach |
+表示和服务器交互是否有任何错误的十进制数。值 337 表示 100% 成功。 |
+
+
+| delay |
+服务器和远程服务器来回的时间。 |
+
+
+| offset |
+我们服务器和远程服务器的时间差异,以毫秒数计。 |
+
+
+| jitter |
+两个例子之间平局时间差异,以毫秒数计。 |
+
+
+
+### 控制到 NTP 服务器的访问 ###
+
+默认情况下,NTP 服务器允许来自所有主机的查询。如果你想过滤进来的 NTP 同步连接,你可以在你的防火墙中添加规则过滤流量。
+
+ # iptables -A INPUT -s 192.168.1.0/24 -p udp --dport 123 -j ACCEPT
+ # iptables -A INPUT -p udp --dport 123 -j DROP
+
+该规则允许从 192.168.1.0/24 来的 NTP 流量(端口 UDP/123),任何其它网络的流量会被截停。你可以根据需要更改规则。
+
+### 配置 NTP 客户端 ###
+
+#### 1. Linux ####
+
+NTP 客户端主机需要 ntpupdate 软件包和服务器同步时间。可以轻松地使用 yum 或 apt-get 安装这个软件包。安装完软件包之后,用服务器的 IP 地址运行下面的命令。
+
+ # ntpdate
+
+基于 RHEL 和 Debian 的系统命令都相同。
+
+#### 2. Windows ####
+
+如果你正在使用 Windows,在日期和时间设置(Date and Time settings)下查找网络时间(Internet Time)。
+
+#### 3. Cisco 设备 ####
+
+如果你想和 Cisco 设备同步时间,你可以在全局配置模式下使用下面的命令。
+
+ # ntp server
+
+其它有支持 NTP 的卖家有自己的参数用于网络时间。如果你想将设备和 NTP服务器同步时间,请查看设备的说明文档。
+
+### 结论 ###
+
+总而言之,NTP 是在你的所有主机上同步时钟的一个协议。我们已经介绍了如何设置 NTP 服务器并使支持 NTP 的设备和服务器同步时间。
+
+希望能对你有所帮助
+
+--------------------------------------------------------------------------------
+
+via: http://xmodulo.com/setup-ntp-server-centos.html
+
+作者:[Sarmed Rahman][a]
+译者:[ictlyh](https://github.com/ictlyh)
+校对:[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[a]:http://xmodulo.com/author/sarmed
+[1]:http://xmodulo.com/how-to-compile-and-install-snort-from-source-code-on-ubuntu.html
+[2]:http://xmodulo.com/how-to-install-hdfs-and-hadoop-using.html
\ No newline at end of file
diff --git a/translated/tech/20150429 Docker 1.6 Released--How to Upgrade on Fedora or CentOS.md b/translated/tech/20150429 Docker 1.6 Released--How to Upgrade on Fedora or CentOS.md
new file mode 100644
index 0000000000..a07ecad986
--- /dev/null
+++ b/translated/tech/20150429 Docker 1.6 Released--How to Upgrade on Fedora or CentOS.md
@@ -0,0 +1,167 @@
+Docker 1.6 发布 - 如何在Fedora / CentOS上面升级
+=============================================================================
+Docker,一个为软件打包的流行开源容器平台,有了新的发行版1.6,增加了许多新的特性。该版本在Docker注册,引擎,云集,组合和机器方面都有更新。这次发行旨在提升体验,开发者和系统管理员的经验(这里不太确定)。让我们来快速看看有哪些新特性吧。
+
+**Docker Registry (2.0)**是一项推送Docker镜像用于存储和分享的服务,经历过架构的改变,因为面临加载下的体验问题。它仍然向下兼容。Docker Registry的编写语言现在从Python改为Google的Go语言了,为了提升表现力。与Docker引擎1.6结合后,拉取镜像的能力更快了。早先的镜像被队列式地输送,而现在是并行的啦。
+
+**Docker Engine (1.6)**相比之前的版本有很大的提高。目前支持容器与镜像标签。通过标签,你可以附加用户自定义的元数据到镜像和容器上,而镜像和容器反过来可以被其他工具使用。标签对正在运行的应用是不可见的,可以用来加速搜索容器和镜像。
+
+Windows版本的Docker客户端可以连接一个远程的运行linux的Docker引擎。
+
+Docker目前支持日志驱动API,这允许我们发送容器日志给系统如Syslog,或者第三方。这将会使得系统管理员受益。
+
+**Swarm (0.2)**是一个Docker集群工具,将一个Docker主机池转换为一个虚拟主机。在新特性里,容器甚至被放在了可用的节点上。通过添加更多的Docker命令,所有的努力都朝着支持完整的Docker API。将来,使用第三方驱动来集群会成为可能。
+
+**Compose (1.2)** 是一个Docker里定义和运行复杂应用的工具, 也得到了升级。在新版本里,一个可以创建多个子文件,而不是一个没有结构的文件描述一个多容器应用。
+
+通过**Machine (0.2)**,我们可以很容易地在本地计算机,云和数据中心上搭建Docker主机。新的发行版为开发者提供了一个相对干净地驱动界面来写驱动。供应被Machine牢牢地掌握,而不是每个独立的驱动。新的命令被添加,可以用来生成主机的TLS证书,以提高安全性。
+
+### 在Fedora / CentOS 上升级架构 ###
+
+在这一部分里,我们将会学习如何在Fedora和CentOS上升级已有的docker到最新版本。请注意,目前的Docker仅运行在64位的架构上,Fedora和CentOS都源于RedHat,命令的使用是差不多相同的,除了在Fedora20和CentOS6.5里Docker包被叫做“docker-io”。
+
+如果你系统之前没有安装Docker,使用下面命令安装:
+
+ "yum install docker-io" – on Fedora20 / CentOS6.5
+
+ "yum install docker" - on Fedora21 / CentOS7
+
+在升级之前,备份一下docker镜像和容器卷是个不错的主意。
+
+参考[filesystem to a tar archive][1]与[volumes backups, restores or migrations options][2],获取更多信息。
+
+目前,测试系统安装了Docker1.5。样例输出显示是来自一个Fedora20的系统。
+
+验证当前系统安装的Docker版本
+
+ [root@TestNode1 ~]#sudo docker -v
+
+ Docker version 1.5.0, build a8a31ef/1.5.0
+
+如果Docker正在运行,先停掉。
+
+ [root@TestNode1 ~]# sudo systemctl stop docker
+
+升级到最新版使用yum update。但是写这篇文章的时候,仓库并不是最新版本(1.6)。因此你需要使用二进制的升级方法。
+
+ [root@TestNode1 ~]#sudo yum -y update docker-io
+
+ No packages marked for update
+
+ [root@TestNode1 ~]#sudo wget https://get.docker.com/builds/Linux/x86_64/docker-latest -O /usr/bin/docker
+
+ --2015-04-19 13:40:48-- https://get.docker.com/builds/Linux/x86_64/docker-latest
+
+ Resolving get.docker.com (get.docker.com)... 162.242.195.82
+
+ Connecting to get.docker.com (get.docker.com)|162.242.195.82|:443... connected.
+
+ HTTP request sent, awaiting response... 200 OK
+
+ Length: 15443598 (15M) [binary/octet-stream]
+
+ Saving to: /usr/bin/docker
+
+ 100%[======================================>] 15,443,598 8.72MB/s in 1.7s
+
+ 2015-04-19 13:40:50 (8.72 MB/s) - /usr/bin/docker saved
+
+检查更新版本
+
+ [root@TestNode1 ~]#sudo docker -v
+
+ Docker version 1.6.0, build 4749651
+
+重启docker服务
+
+ [root@TestNode1 ~]# sudo systemctl start docker
+
+确认Docker在运行
+
+ [root@TestNode1 ~]# docker images
+
+ REPOSITORY TAG IMAGE ID CREATED VIRTUAL SIZE
+
+ fedora latest 834629358fe2 3 months ago 241.3 MB
+
+ [root@TestNode1 ~]# docker run fedora /bin/echo Hello World
+
+ Hello World
+
+CentOS安装时需要**注意**,在CentOS上安装完Docker后,当你试图启动Docker服务的时候,你可能会得到错误的信息,如下所示
+
+ docker.service - Docker Application Container Engine
+
+ Loaded: loaded (/usr/lib/systemd/system/docker.service; disabled)
+
+ Active: failed (Result: exit-code) since Mon 2015-04-20 03:24:24 EDT; 6h ago
+
+ Docs: http://docs.docker.com
+
+ Process: 21069 ExecStart=/usr/bin/docker -d $OPTIONS $DOCKER_STORAGE_OPTIONS $DOCKER_NETWORK_OPTIONS $ADD_REGISTRY $BLOCK_REGISTRY $INSECURE_REGISTRY (code=exited, status=127)
+
+ Main PID: 21069 (code=exited, status=127)
+
+ Apr 20 03:24:24 centos7 systemd[1]: Starting Docker Application Container E.....
+
+ Apr 20 03:24:24 centos7 docker[21069]: time="2015-04-20T03:24:24-04:00" lev...)"
+
+ Apr 20 03:24:24 centos7 docker[21069]: time="2015-04-20T03:24:24-04:00" lev...)"
+
+ Apr 20 03:24:24 centos7 docker[21069]: /usr/bin/docker: relocation error: /...ce
+
+ Apr 20 03:24:24 centos7 systemd[1]: docker.service: main process exited, co.../a
+
+ Apr 20 03:24:24 centos7 systemd[1]: Failed to start Docker Application Cont...e.
+
+ Apr 20 03:24:24 centos7 systemd[1]: Unit docker.service entered failed state.
+
+这是一个熟知的bug([https://bugzilla.redhat.com/show_bug.cgi?id=1207839][3]),需要一个设备映射的升级,到最新的水平。
+
+ [root@centos7 ~]# rpm -qa device-mapper
+
+ device-mapper-1.02.84-14.el7.x86_64
+
+ [root@centos7 ~]# yum update device-mapper
+
+ [root@centos7 ~]# rpm -qa device-mapper
+
+ device-mapper-1.02.93-3.el7.x86_64
+
+ [root@centos7 ~]# systemctl start docker
+
+### 总结 ###
+
+尽管docker技术出现时间不长,当很快获得了流行。它使得开发者的生活变得容易,运维团队可以快速独立地创建和部署应用。通过公司发布快速的Docker更新,来提升产品质量,满足用户需求,未来对于Docker来说一片光明。
+
+--------------------------------------------------------------------------------
+
+via: http://linoxide.com/linux-how-to/docker-1-6-features-upgrade-fedora-centos/
+
+作者:[B N Poornima][a]
+译者:[wi-cuckoo](https://github.com/wi-cuckoo)
+校对:[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[a]:http://linoxide.com/author/bnpoornima/
+[1]:http://docs.docker.com/reference/commandline/cli/#export
+[2]:http://docs.docker.com/userguide/dockervolumes/#backup-restore-or-migrate-data-volumes
+[3]:https://bugzilla.redhat.com/show_bug.cgi?id=1207839
+[4]:
+[5]:
+[6]:
+[7]:
+[8]:
+[9]:
+[10]:
+[11]:
+[12]:
+[13]:
+[14]:
+[15]:
+[16]:
+[17]:
+[18]:
+[19]:
+[20]:
diff --git a/translated/tech/20150429 How To Integrate Apache2 With Tomcat 7 Using mod_jk Connector.md b/translated/tech/20150429 How To Integrate Apache2 With Tomcat 7 Using mod_jk Connector.md
new file mode 100644
index 0000000000..be9297c370
--- /dev/null
+++ b/translated/tech/20150429 How To Integrate Apache2 With Tomcat 7 Using mod_jk Connector.md
@@ -0,0 +1,138 @@
+如何用mod_jk连接器来集成Apache2和Tomcat 7
+================================================================================
+Apache是最流行的web服务器。通常用来接收客户端的请求并响应。它得到一个URL并将它翻译成一个文件名(或者静态请求),并将文件从本地磁盘中通过因特网返回,或者将它翻译成程序名执行它,接着将输出返回给请求方。如果web服务器不能处理和完成请求,它会返回一个错误信息。
+
+在本篇中,我们会列出Apache的特性以及我们该如何用mod_jk连接器来集成Tomcat7和Tomcat8.
+
+### Apache的特性 ###
+
+如我们所说Apache是最流行的web服务器。下面是流行背后的原因:
+
+- 它是自由工具,你可以很简单地下载和安装
+- 它开放源码因此你可以查看源码,调整它,优化它,并且修复错误和安全漏洞。也可以增加新的功能和模块。
+- 它可以用在只有一两个页面的小网站,或者是有成千上万个页面的大网站,每月处理上百万的常规访问者的请求。它可以同时处理静态和动态内容。
+- 提高的缓存模块(mod_cache、 mod_disk_cache、 mod_mem_cache)。
+- Apache 2 支持 IPv6.
+
+### Tomcat 目录 ###
+
+${tomcat_home} 是tomcat的根目录。你的tomcat安装应该有下面的子目录:
+
+- ${tomcat_home}\conf – 存放不同配置文件的地方
+- ${tomcat_home}\webapps – 包含示例程序
+- ${tomcat_home}\bin – 存放插件的地方
+
+### Mod_jk 模块 ###
+
+mod_jk有两种可接受的方式:二进制或者源码。取决于你运行的web服务器的平台,二进制版本的mod_jk也许可以找到。如果有二进制版本的话建议使用这个。
+
+mod_jk模块在这些平台上开发及测试过:
+
+- Linux、 FreeBSD、 AIX、 HP-UX、 MacOS X、 Solaris ,应该在主流的Unix平台上都支持Apache 1.3 和/或者 2.x。
+- 0-i386 SP4/SP5/SP6a (应该可以于其他的服务包一起工作), Win2K and WinXP and Win98
+- Cygwin (需要你有apache服务器及autoconf/automake支持工具)
+- Netware
+- i5/OS V5R4 (System I) 中的 Apache HTTP Server 2.0.58。 确保已经安装了Apache PTF
+- Tomcat 3.2 到 Tomcat 8.
+
+The mod_jk 需要两个组件:
+
+- **mod_jk.xxx** – Apache HTTP服务器模块,取决于你的操作系统,它可能是mod_jk.so、mod_jk.nlm或者MOD_JK.SRVPGM。
+- **workers.properties** - 描述主机以及处理器使用的端口(Tomcat进程)。在下载的源码内可以在conf目录下找到workers.properties文件。
+
+和Apache HTTP服务器其他的模块一样,mod_jk应该安装在你的Apache服务器下的模块目录下:/usr/lib/apache,你应该更新你的**httpd.conf**文件。
+
+### 安装 ###
+
+它需要非root用户在安装钱使用“sudo”特权。现在我们开始安装,我们将使用下面的命令来安装Apache2和Tomcat:
+
+ sudo apt-get install apache2
+
+ sudo apt-get install tomcat7
+
+ sudo apt-get install tomcat7-admin
+
+下面在我们将会使用下面的命令来创建一个测试程序:
+
+ cd /var/lib/tomcat7/webapps
+ sudo mkdir tomcat-demo
+ sudo mkdir tomcat-demo/goodmoring
+ sudo vim tomcat-demo/helloworld/index.jsp
+
+粘贴下面的代码:
+
+
+
+ Good Morning
+
+
+ Good Morning
+ Today is: <%= new java.util.Date().toString() %>
+
+
+
+一切完毕后,我们将使用下面的命令安装和配置mod_jk:
+
+ sudo apt-get install libapache2-mod-jk
+
+我们将使用下面的命令启用Tomcat的8443转发端口:
+
+ sudo vim /etc/tomcat7/server.xml
+
+我们将解除下面的注释行:
+
+
+
+之后,我们将用下面的命令位Apache创建workers.properties文件:
+
+ sudo vim /etc/apache2/workers.properties
+
+粘贴下面的行:
+
+ # Define 1 real worker using ajp13
+ worker.list=worker
+ # Set properties for worker (ajp13)
+ worker.worker.type=ajp13
+ worker.worker.host=localhost
+ worker.worker.port=8009
+
+现在我们将使用下面的命令来让Apache使用这个worker:
+
+ sudo vim /etc/apache2/mods-available/jk.conf
+
+我们将JkWorkersFile属性成下面这行:
+
+ /etc/apache2/workers.properties
+
+最后配置Apache交给Tomcat处理的URL
+
+ sudo vim /etc/apache2/sites-enabled/000-default
+
+我们将在配置文件中下面的行:
+
+
+ .......................................
+ .......................................
+ JkMount /tomcat-demo* worker1
+
+
+现在用下面的命令重启服务来检查它们的功能:
+
+ sudo /etc/init.d/tomcat7 restart
+ sudo /etc/init.d/apache2 restart
+
+### 总结 ###
+
+在本篇中我们展示了你该如何使用mod_jk连接器配置和安装Apache2以及Tomcat7。
+
+--------------------------------------------------------------------------------
+
+via: http://www.unixmen.com/integrate-apache2-tomcat-7-using-mod_jk-connector/
+
+作者:[anismaj][a]
+译者:[geekpi](https://github.com/geekpi)
+校对:[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](http://linux.cn/) 荣誉推出
+
+[a]:http://www.unixmen.com/author/anis/
diff --git a/translated/tech/20150505 Bodhi Linux Introduces Moksha Desktop.md b/translated/tech/20150505 Bodhi Linux Introduces Moksha Desktop.md
new file mode 100644
index 0000000000..6ad0d04567
--- /dev/null
+++ b/translated/tech/20150505 Bodhi Linux Introduces Moksha Desktop.md
@@ -0,0 +1,39 @@
+Bodhi Linux引入Moksha桌面
+================================================================================
+
+
+基于Ubuntu的轻量级Linux发行版[Bodhi Linux][1]致力于构建其自家的桌面环境,这个全新桌面环境被称之为Moksha(梵文意为‘完全自由’)。Moksha将替换常用的[Enlightenment桌面环境][2]。
+
+### 为何用Moksha替换Englightenment? ###
+
+Bodhi Linux的Jeff Hoogland最近[表示][3]了他对新版Enlightenment的不满。直到E17,Enlightenment都十分稳定,并且能满足轻量级Linux的部署需求。而E18则到处都充满了问题,Bodhi Linux只好弃之不用了。
+
+虽然最新的[Bodhi Linux 3.0发行版][4]仍然使用了E19作为其桌面(除传统模式外,这意味着,对于旧的硬件,仍然会使用E17),Jeff对E19也十分不满。他说道:
+
+>除了性能问题外,对于我个人而言,E19并没有给我带来与E17下相同的工作流程,因为它移除了很多E17的特性。鉴于此,我不得不将我所有的3台Bodhi计算机桌面改成E17——这3台机器都是我高端的了。这不由得让我想到,我们还有多少现存的Bodhi用户也怀着和我同样的感受,所以,我[在我们的用户论坛上开启一个与此相关的讨论][5]。
+
+### Moksha是E17桌面的延续 ###
+
+Moksha将会是Bodhi所热衷的E17桌面的延续。Jeff进一步提到:
+>我们将从整合所有Bodhi修改开始。多年来我们一直都只是给源代码打补丁,并修复桌面所具有的问题。如果该工作完成,我们将开始移植一些E18和E19引入的更为有用的特性,最后,我们将引入一些我们认为会改善最终用户体验的东西。
+
+### Moksha何时发布? ###
+
+下一个Bodhi更新将会是Bodhi 3.1.0,就在今年八月。这个新版本将为所有其缺省ISO带来Moksha。让我们拭目以待,看看Moksha是否是一个好的决定。
+
+--------------------------------------------------------------------------------
+
+via: http://itsfoss.com/bodhi-linux-introduces-moksha-desktop/
+
+作者:[Abhishek][a]
+译者:[GOLinux](https://github.com/GOLinux)
+校对:[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
+
+[a]:http://itsfoss.com/author/abhishek/
+[1]:http://www.bodhilinux.com/
+[2]:https://www.enlightenment.org/
+[3]:http://www.bodhilinux.com/2015/04/28/introducing-the-moksha-desktop/
+[4]:http://itsfoss.com/bodhi-linux-3/
+[5]:http://forums.bodhilinux.com/index.php?/topic/12322-e17-vs-e19-which-are-you-using-and-why/
diff --git a/translated/tech/20150505 How to Manage 'Systemd' Services and Units Using 'Systemctl' in Linux.md b/translated/tech/20150505 How to Manage 'Systemd' Services and Units Using 'Systemctl' in Linux.md
new file mode 100644
index 0000000000..a78dc01820
--- /dev/null
+++ b/translated/tech/20150505 How to Manage 'Systemd' Services and Units Using 'Systemctl' in Linux.md
@@ -0,0 +1,579 @@
+在Linux中使用‘Systemctl’管理‘Systemd’服务和单元
+================================================================================
+Systemctl是一个systemd工具,主要负责控制systemd系统和服务管理器。
+
+Systemd是一个系统管理守护进程、工具和库的集合,用于取代System V初始进程。Systemd的功能是用于集中管理和配置类UNIX系统。
+
+在Linux生态系统中,Systemd被部署到了大多数的标准Linux发行版中,只有位数不多的几个尚未部署。Systemd通常是所有其它守护进程的父进程,但并非总是如此。
+
+
+使用Systemctl管理Linux服务
+
+本文旨在阐明在运行systemd的系统上“如何控制系统和服务”。
+
+### Systemd初体验和Systemctl基础 ###
+
+#### 1. 首先检查你的系统中是否安装有systemd并确定当前安装的版本 ####
+
+ # systemd --version
+
+ systemd 215
+ +PAM +AUDIT +SELINUX +IMA +SYSVINIT +LIBCRYPTSETUP +GCRYPT +ACL +XZ -SECCOMP -APPARMOR
+
+上例中很清楚地表明,我们安装了215版本的systemd。
+
+#### 2. 检查systemd和systemctl的二进制文件和库文件的安装位置 ####
+
+ # whereis systemd
+ systemd: /usr/lib/systemd /etc/systemd /usr/share/systemd /usr/share/man/man1/systemd.1.gz
+
+
+ # whereis systemctl
+ systemctl: /usr/bin/systemctl /usr/share/man/man1/systemctl.1.gz
+
+#### 3. 检查systemd是否运行 ####
+
+ # ps -eaf | grep [s]ystemd
+
+ root 1 0 0 16:27 ? 00:00:00 /usr/lib/systemd/systemd --switched-root --system --deserialize 23
+ root 444 1 0 16:27 ? 00:00:00 /usr/lib/systemd/systemd-journald
+ root 469 1 0 16:27 ? 00:00:00 /usr/lib/systemd/systemd-udevd
+ root 555 1 0 16:27 ? 00:00:00 /usr/lib/systemd/systemd-logind
+ dbus 556 1 0 16:27 ? 00:00:00 /bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation
+
+**注意**:systemd是作为父进程(PID=1)运行的。在上面带(-e)参数的ps命令输出中,选择所有进程,(-
+
+a)选择除会话前导外的所有进程,并使用(-f)参数输出完整格式列表(如 -eaf)。
+
+也请注意上例中后随的方括号和样例剩余部分。方括号表达式是grep的字符类表达式的一部分。
+
+#### 4. 分析systemd启动进程 ####
+
+ # systemd-analyze
+ Startup finished in 487ms (kernel) + 2.776s (initrd) + 20.229s (userspace) = 23.493s
+
+#### 5. 分析启动时各个进程花费的时间 ####
+
+ # systemd-analyze blame
+
+ 8.565s mariadb.service
+ 7.991s webmin.service
+ 6.095s postfix.service
+ 4.311s httpd.service
+ 3.926s firewalld.service
+ 3.780s kdump.service
+ 3.238s tuned.service
+ 1.712s network.service
+ 1.394s lvm2-monitor.service
+ 1.126s systemd-logind.service
+ ....
+
+#### 6. 分析启动时的关键链 ####
+
+ # systemd-analyze critical-chain
+
+ The time after the unit is active or started is printed after the "@" character.
+ The time the unit takes to start is printed after the "+" character.
+
+ multi-user.target @20.222s
+ └─mariadb.service @11.657s +8.565s
+ └─network.target @11.168s
+ └─network.service @9.456s +1.712s
+ └─NetworkManager.service @8.858s +596ms
+ └─firewalld.service @4.931s +3.926s
+ └─basic.target @4.916s
+ └─sockets.target @4.916s
+ └─dbus.socket @4.916s
+ └─sysinit.target @4.905s
+ └─systemd-update-utmp.service @4.864s +39ms
+ └─auditd.service @4.563s +301ms
+ └─systemd-tmpfiles-setup.service @4.485s +69ms
+ └─rhel-import-state.service @4.342s +142ms
+ └─local-fs.target @4.324s
+ └─boot.mount @4.286s +31ms
+ └─systemd-fsck@dev-disk-by\x2duuid-79f594ad\x2da332\x2d4730\x2dbb5f\x2d85d19608096
+ └─dev-disk-by\x2duuid-79f594ad\x2da332\x2d4730\x2dbb5f\x2d85d196080964.device @4
+
+**重要**:Systemctl接受服务(.service),挂载点(.mount),套接口(.socket)和设备(.device)作为单元。
+
+#### 7. 列出所有可用单元 ####
+
+ # systemctl list-unit-files
+
+ UNIT FILE STATE
+ proc-sys-fs-binfmt_misc.automount static
+ dev-hugepages.mount static
+ dev-mqueue.mount static
+ proc-sys-fs-binfmt_misc.mount static
+ sys-fs-fuse-connections.mount static
+ sys-kernel-config.mount static
+ sys-kernel-debug.mount static
+ tmp.mount disabled
+ brandbot.path disabled
+ .....
+
+#### 8. 列出所有运行中单元 ####
+
+ # systemctl list-units
+
+ UNIT LOAD ACTIVE SUB DESCRIPTION
+ proc-sys-fs-binfmt_misc.automount loaded active waiting Arbitrary Executable File Formats File Syste
+ sys-devices-pc...0-1:0:0:0-block-sr0.device loaded active plugged VBOX_CD-ROM
+ sys-devices-pc...:00:03.0-net-enp0s3.device loaded active plugged PRO/1000 MT Desktop Adapter
+ sys-devices-pc...00:05.0-sound-card0.device loaded active plugged 82801AA AC'97 Audio Controller
+ sys-devices-pc...:0:0-block-sda-sda1.device loaded active plugged VBOX_HARDDISK
+ sys-devices-pc...:0:0-block-sda-sda2.device loaded active plugged LVM PV Qzyo3l-qYaL-uRUa-Cjuk-pljo-qKtX-VgBQ8
+ sys-devices-pc...0-2:0:0:0-block-sda.device loaded active plugged VBOX_HARDDISK
+ sys-devices-pl...erial8250-tty-ttyS0.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS0
+ sys-devices-pl...erial8250-tty-ttyS1.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS1
+ sys-devices-pl...erial8250-tty-ttyS2.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS2
+ sys-devices-pl...erial8250-tty-ttyS3.device loaded active plugged /sys/devices/platform/serial8250/tty/ttyS3
+ sys-devices-virtual-block-dm\x2d0.device loaded active plugged /sys/devices/virtual/block/dm-0
+ sys-devices-virtual-block-dm\x2d1.device loaded active plugged /sys/devices/virtual/block/dm-1
+ sys-module-configfs.device loaded active plugged /sys/module/configfs
+ ...
+
+#### 9. 列出所有失败单元 ####
+
+ # systemctl --failed
+
+ UNIT LOAD ACTIVE SUB DESCRIPTION
+ kdump.service loaded failed failed Crash recovery kernel arming
+
+ LOAD = Reflects whether the unit definition was properly loaded.
+ ACTIVE = The high-level unit activation state, i.e. generalization of SUB.
+ SUB = The low-level unit activation state, values depend on unit type.
+
+ 1 loaded units listed. Pass --all to see loaded but inactive units, too.
+ To show all installed unit files use 'systemctl list-unit-files'.
+
+#### 10. 检查某个单元(cron.service)是否启用 ####
+
+ # systemctl is-enabled crond.service
+
+ enabled
+
+#### 11. 检查某个单元或服务是否运行 ####
+
+ # systemctl status firewalld.service
+
+ firewalld.service - firewalld - dynamic firewall daemon
+ Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled)
+ Active: active (running) since Tue 2015-04-28 16:27:55 IST; 34min ago
+ Main PID: 549 (firewalld)
+ CGroup: /system.slice/firewalld.service
+ └─549 /usr/bin/python -Es /usr/sbin/firewalld --nofork --nopid
+
+ Apr 28 16:27:51 tecmint systemd[1]: Starting firewalld - dynamic firewall daemon...
+ Apr 28 16:27:55 tecmint systemd[1]: Started firewalld - dynamic firewall daemon.
+
+### 使用Systemctl控制并管理服务 ###
+
+#### 12. 列出所有服务(包括启用的和禁用的) ####
+
+ # systemctl list-unit-files --type=service
+
+ UNIT FILE STATE
+ arp-ethers.service disabled
+ auditd.service enabled
+ autovt@.service disabled
+ blk-availability.service disabled
+ brandbot.service static
+ collectd.service disabled
+ console-getty.service disabled
+ console-shell.service disabled
+ cpupower.service disabled
+ crond.service enabled
+ dbus-org.fedoraproject.FirewallD1.service enabled
+ ....
+
+#### 13. Linux中如何启动、重启、停止、重载服务以及检查服务(httpd.service)状态 ####
+
+ # systemctl start httpd.service
+ # systemctl restart httpd.service
+ # systemctl stop httpd.service
+ # systemctl reload httpd.service
+ # systemctl status httpd.service
+
+ httpd.service - The Apache HTTP Server
+ Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled)
+ Active: active (running) since Tue 2015-04-28 17:21:30 IST; 6s ago
+ Process: 2876 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=0/SUCCESS)
+ Main PID: 2881 (httpd)
+ Status: "Processing requests..."
+ CGroup: /system.slice/httpd.service
+ ├─2881 /usr/sbin/httpd -DFOREGROUND
+ ├─2884 /usr/sbin/httpd -DFOREGROUND
+ ├─2885 /usr/sbin/httpd -DFOREGROUND
+ ├─2886 /usr/sbin/httpd -DFOREGROUND
+ ├─2887 /usr/sbin/httpd -DFOREGROUND
+ └─2888 /usr/sbin/httpd -DFOREGROUND
+
+ Apr 28 17:21:30 tecmint systemd[1]: Starting The Apache HTTP Server...
+ Apr 28 17:21:30 tecmint httpd[2881]: AH00558: httpd: Could not reliably determine the server's fully q...ssage
+ Apr 28 17:21:30 tecmint systemd[1]: Started The Apache HTTP Server.
+ Hint: Some lines were ellipsized, use -l to show in full.
+
+**注意**:当我们使用systemctl的start,restart,stop和reload命令时,我们不会不会从终端获取到任何输出内容,只有status命令可以打印输出。
+
+#### 14. 如何激活服务并在启动时启用或禁用服务(系统启动时自动启动服务) ####
+
+ # systemctl is-active httpd.service
+ # systemctl enable httpd.service
+ # systemctl disable httpd.service
+
+#### 15. 如何屏蔽(让它不能启动)或显示服务(httpd.service) ####
+
+ # systemctl mask httpd.service
+ ln -s '/dev/null' '/etc/systemd/system/httpd.service'
+
+ # systemctl unmask httpd.service
+ rm '/etc/systemd/system/httpd.service'
+
+#### 16. 使用systemctl命令杀死服务 ####
+
+ # systemctl kill httpd
+ # systemctl status httpd
+
+ httpd.service - The Apache HTTP Server
+ Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled)
+ Active: failed (Result: exit-code) since Tue 2015-04-28 18:01:42 IST; 28min ago
+ Main PID: 2881 (code=exited, status=0/SUCCESS)
+ Status: "Total requests: 0; Current requests/sec: 0; Current traffic: 0 B/sec"
+
+ Apr 28 17:37:29 tecmint systemd[1]: httpd.service: Got notification message from PID 2881, but recepti...bled.
+ Apr 28 17:37:29 tecmint systemd[1]: httpd.service: Got notification message from PID 2881, but recepti...bled.
+ Apr 28 17:37:39 tecmint systemd[1]: httpd.service: Got notification message from PID 2881, but recepti...bled.
+ Apr 28 17:37:39 tecmint systemd[1]: httpd.service: Got notification message from PID 2881, but recepti...bled.
+ Apr 28 17:37:49 tecmint systemd[1]: httpd.service: Got notification message from PID 2881, but recepti...bled.
+ Apr 28 17:37:49 tecmint systemd[1]: httpd.service: Got notification message from PID 2881, but recepti...bled.
+ Apr 28 17:37:59 tecmint systemd[1]: httpd.service: Got notification message from PID 2881, but recepti...bled.
+ Apr 28 17:37:59 tecmint systemd[1]: httpd.service: Got notification message from PID 2881, but recepti...bled.
+ Apr 28 18:01:42 tecmint systemd[1]: httpd.service: control process exited, code=exited status=226
+ Apr 28 18:01:42 tecmint systemd[1]: Unit httpd.service entered failed state.
+ Hint: Some lines were ellipsized, use -l to show in full.
+
+### 使用Systemctl控制并管理挂载点 ###
+
+#### 17. 列出所有系统挂载点 ####
+
+ # systemctl list-unit-files --type=mount
+
+ UNIT FILE STATE
+ dev-hugepages.mount static
+ dev-mqueue.mount static
+ proc-sys-fs-binfmt_misc.mount static
+ sys-fs-fuse-connections.mount static
+ sys-kernel-config.mount static
+ sys-kernel-debug.mount static
+ tmp.mount disabled
+
+#### 18. 挂载、卸载、重新挂载、重载系统挂载点并检查系统中挂载点状态 ####
+
+ # systemctl start tmp.mount
+ # systemctl stop tmp.mount
+ # systemctl restart tmp.mount
+ # systemctl reload tmp.mount
+ # systemctl status tmp.mount
+
+ tmp.mount - Temporary Directory
+ Loaded: loaded (/usr/lib/systemd/system/tmp.mount; disabled)
+ Active: active (mounted) since Tue 2015-04-28 17:46:06 IST; 2min 48s ago
+ Where: /tmp
+ What: tmpfs
+ Docs: man:hier(7)
+
+ http://www.freedesktop.org/wiki/Software/systemd/APIFileSystems
+
+ Process: 3908 ExecMount=/bin/mount tmpfs /tmp -t tmpfs -o mode=1777,strictatime (code=exited, status=0/SUCCESS)
+
+ Apr 28 17:46:06 tecmint systemd[1]: Mounting Temporary Directory...
+ Apr 28 17:46:06 tecmint systemd[1]: tmp.mount: Directory /tmp to mount over is not empty, mounting anyway.
+ Apr 28 17:46:06 tecmint systemd[1]: Mounted Temporary Directory.
+
+#### 19. 在启动时激活、启用或禁用挂载点(系统启动时自动挂载) ####
+
+ # systemctl is-active tmp.mount
+ # systemctl enable tmp.mount
+ # systemctl disable tmp.mount
+
+#### 20. 在Linux中屏蔽(让它不能启动)或显示挂载点 ####
+
+ # systemctl mask tmp.mount
+
+ ln -s '/dev/null' '/etc/systemd/system/tmp.mount'
+
+ # systemctl unmask tmp.mount
+
+ rm '/etc/systemd/system/tmp.mount'
+
+### 使用Systemctl控制并管理套接口 ###
+
+#### 21. 列出所有可用系统套接口 ####
+
+ # systemctl list-unit-files --type=socket
+
+ UNIT FILE STATE
+ dbus.socket static
+ dm-event.socket enabled
+ lvm2-lvmetad.socket enabled
+ rsyncd.socket disabled
+ sshd.socket disabled
+ syslog.socket static
+ systemd-initctl.socket static
+ systemd-journald.socket static
+ systemd-shutdownd.socket static
+ systemd-udevd-control.socket static
+ systemd-udevd-kernel.socket static
+
+ 11 unit files listed.
+
+#### 22. 在Linux中启动、重启、停止、重载套接口并检查其状态####
+
+ # systemctl start cups.socket
+ # systemctl restart cups.socket
+ # systemctl stop cups.socket
+ # systemctl reload cups.socket
+ # systemctl status cups.socket
+
+ cups.socket - CUPS Printing Service Sockets
+ Loaded: loaded (/usr/lib/systemd/system/cups.socket; enabled)
+ Active: active (listening) since Tue 2015-04-28 18:10:59 IST; 8s ago
+ Listen: /var/run/cups/cups.sock (Stream)
+
+ Apr 28 18:10:59 tecmint systemd[1]: Starting CUPS Printing Service Sockets.
+ Apr 28 18:10:59 tecmint systemd[1]: Listening on CUPS Printing Service Sockets.
+
+#### 23. 在启动时激活套接口,并启用或禁用它(系统启动时自启动) ####
+
+ # systemctl is-active cups.socket
+ # systemctl enable cups.socket
+ # systemctl disable cups.socket
+
+#### 24. 屏蔽(使它不能启动)或显示套接口 ####
+
+ # systemctl mask cups.socket
+ ln -s '/dev/null' '/etc/systemd/system/cups.socket'
+
+ # systemctl unmask cups.socket
+ rm '/etc/systemd/system/cups.socket'
+
+### 服务的CPU利用率(分配额) ###
+
+#### 25. 获取当前某个服务的CPU分配额(如httpd) ####
+
+ # systemctl show -p CPUShares httpd.service
+
+ CPUShares=1024
+
+**注意**:各个服务的默认CPU分配份额=1024,你可以增加/减少某个进程的CPU分配份额。
+
+#### 26. 将某个服务(httpd.service)的CPU分配份额限制为2000 CPUShares/ ####
+
+ # systemctl set-property httpd.service CPUShares=2000
+ # systemctl show -p CPUShares httpd.service
+
+ CPUShares=2000
+
+**注意**:当你为某个服务设置CPUShares,会自动创建一个以服务名命名的目录(httpd.service),里面包含了一个名为90-CPUShares.conf的文件,该文件含有CPUShare限制信息,你可以通过以下方式查看该文件:
+
+ # vi /etc/systemd/system/httpd.service.d/90-CPUShares.conf
+
+ [Service]
+ CPUShares=2000
+
+#### 27. 检查某个服务的所有配置细节 ####
+
+ # systemctl show httpd
+
+ Id=httpd.service
+ Names=httpd.service
+ Requires=basic.target
+ Wants=system.slice
+ WantedBy=multi-user.target
+ Conflicts=shutdown.target
+ Before=shutdown.target multi-user.target
+ After=network.target remote-fs.target nss-lookup.target systemd-journald.socket basic.target system.slice
+ Description=The Apache HTTP Server
+ LoadState=loaded
+ ActiveState=active
+ SubState=running
+ FragmentPath=/usr/lib/systemd/system/httpd.service
+ ....
+
+#### 28. 分析某个服务(httpd)的关键链 ####
+
+ # systemd-analyze critical-chain httpd.service
+
+ The time after the unit is active or started is printed after the "@" character.
+ The time the unit takes to start is printed after the "+" character.
+
+ httpd.service +142ms
+ └─network.target @11.168s
+ └─network.service @9.456s +1.712s
+ └─NetworkManager.service @8.858s +596ms
+ └─firewalld.service @4.931s +3.926s
+ └─basic.target @4.916s
+ └─sockets.target @4.916s
+ └─dbus.socket @4.916s
+ └─sysinit.target @4.905s
+ └─systemd-update-utmp.service @4.864s +39ms
+ └─auditd.service @4.563s +301ms
+ └─systemd-tmpfiles-setup.service @4.485s +69ms
+ └─rhel-import-state.service @4.342s +142ms
+ └─local-fs.target @4.324s
+ └─boot.mount @4.286s +31ms
+ └─systemd-fsck@dev-disk-by\x2duuid-79f594ad\x2da332\x2d4730\x2dbb5f\x2d85d196080964.service @4.092s +149ms
+ └─dev-disk-by\x2duuid-79f594ad\x2da332\x2d4730\x2dbb5f\x2d85d196080964.device @4.092s
+
+#### 29. 获取某个服务(httpd)的依赖性列表 ####
+
+ # systemctl list-dependencies httpd.service
+
+ httpd.service
+ ├─system.slice
+ └─basic.target
+ ├─firewalld.service
+ ├─microcode.service
+ ├─rhel-autorelabel-mark.service
+ ├─rhel-autorelabel.service
+ ├─rhel-configure.service
+ ├─rhel-dmesg.service
+ ├─rhel-loadmodules.service
+ ├─paths.target
+ ├─slices.target
+ │ ├─-.slice
+ │ └─system.slice
+ ├─sockets.target
+ │ ├─dbus.socket
+ ....
+
+#### 30. 按等级列出控制组 ####
+
+ # systemd-cgls
+
+ ├─1 /usr/lib/systemd/systemd --switched-root --system --deserialize 23
+ ├─user.slice
+ │ └─user-0.slice
+ │ └─session-1.scope
+ │ ├─2498 sshd: root@pts/0
+ │ ├─2500 -bash
+ │ ├─4521 systemd-cgls
+ │ └─4522 systemd-cgls
+ └─system.slice
+ ├─httpd.service
+ │ ├─4440 /usr/sbin/httpd -DFOREGROUND
+ │ ├─4442 /usr/sbin/httpd -DFOREGROUND
+ │ ├─4443 /usr/sbin/httpd -DFOREGROUND
+ │ ├─4444 /usr/sbin/httpd -DFOREGROUND
+ │ ├─4445 /usr/sbin/httpd -DFOREGROUND
+ │ └─4446 /usr/sbin/httpd -DFOREGROUND
+ ├─polkit.service
+ │ └─721 /usr/lib/polkit-1/polkitd --no-debug
+ ....
+
+#### 31. 按CPU、内存、输入和输出列出控制组 ####
+
+ # systemd-cgtop
+
+ Path Tasks %CPU Memory Input/s Output/s
+
+ / 83 1.0 437.8M - -
+ /system.slice - 0.1 - - -
+ /system.slice/mariadb.service 2 0.1 - - -
+ /system.slice/tuned.service 1 0.0 - - -
+ /system.slice/httpd.service 6 0.0 - - -
+ /system.slice/NetworkManager.service 1 - - - -
+ /system.slice/atop.service 1 - - - -
+ /system.slice/atopacct.service 1 - - - -
+ /system.slice/auditd.service 1 - - - -
+ /system.slice/crond.service 1 - - - -
+ /system.slice/dbus.service 1 - - - -
+ /system.slice/firewalld.service 1 - - - -
+ /system.slice/lvm2-lvmetad.service 1 - - - -
+ /system.slice/polkit.service 1 - - - -
+ /system.slice/postfix.service 3 - - - -
+ /system.slice/rsyslog.service 1 - - - -
+ /system.slice/system-getty.slice/getty@tty1.service 1 - - - -
+ /system.slice/systemd-journald.service 1 - - - -
+ /system.slice/systemd-logind.service 1 - - - -
+ /system.slice/systemd-udevd.service 1 - - - -
+ /system.slice/webmin.service 1 - - - -
+ /user.slice/user-0.slice/session-1.scope 3 - - - -
+
+### 控制系统运行等级 ###
+
+#### 32. 启动系统救援模式 ####
+
+ # systemctl rescue
+
+ Broadcast message from root@tecmint on pts/0 (Wed 2015-04-29 11:31:18 IST):
+
+ The system is going down to rescue mode NOW!
+
+#### 33. 进入紧急模式 ####
+
+ # systemctl emergency
+
+ Welcome to emergency mode! After logging in, type "journalctl -xb" to view
+ system logs, "systemctl reboot" to reboot, "systemctl default" to try again
+ to boot into default mode.
+
+#### 34. 列出当前使用的运行等级 ####
+
+ # systemctl get-default
+
+ multi-user.target
+
+#### 35. 启动运行等级5,即图形模式 ####
+
+ # systemctl isolate runlevel5.target
+ OR
+ # systemctl isolate graphical.target
+
+#### 36. 启动运行等级3,即多用户模式(命令行) ####
+
+ # systemctl isolate runlevel3.target
+ OR
+ # systemctl isolate multiuser.target
+
+#### 36. 设置多用户模式或图形模式为默认运行等级 ####
+
+ # systemctl set-default runlevel3.target
+
+ # systemctl set-default runlevel5.target
+
+#### 37. 重启、停止、挂起、休眠系统或使系统进入混合睡眠 ####
+
+ # systemctl reboot
+
+ # systemctl halt
+
+ # systemctl suspend
+
+ # systemctl hibernate
+
+ # systemctl hybrid-sleep
+
+对于不知运行等级为何物的人,说明如下。
+
+- Runlevel 0 : 关闭系统
+- Runlevel 1 : 救援?维护模式
+- Runlevel 3 : 多用户,无图形系统
+- Runlevel 4 : 多用户,无图形系统
+- Runlevel 5 : 多用户,图形化系统
+- Runlevel 6 : 关闭并重启机器
+
+到此为止吧。保持连线,进行评论。别忘了在下面的评论中为我们提供一些有价值的反馈哦。喜欢我们、与我们分享,求扩散。
+
+--------------------------------------------------------------------------------
+
+via: http://www.tecmint.com/manage-services-using-systemd-and-systemctl-in-linux/
+
+作者:[Avishek Kumar][a]
+译者:[GOLinux](https://github.com/GOLinux)
+校对:[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
+
+[a]:http://www.tecmint.com/author/avishek/
diff --git a/translated/tech/20150506 First Step Guide for Learning Shell Scripting.md b/translated/tech/20150506 First Step Guide for Learning Shell Scripting.md
new file mode 100644
index 0000000000..af71b8f4ca
--- /dev/null
+++ b/translated/tech/20150506 First Step Guide for Learning Shell Scripting.md
@@ -0,0 +1,460 @@
+Shell脚本学习初次操作指南
+================================================================================
+
+
+通常,当人们提到“shell脚本语言”时,浮现在他们脑海中是bash,ksh,sh或者其它相类似的linux/unix脚本语言。脚本语言是与计算机交流的另外一种途径。使用图形化窗口界面(不管是windows还是linux都无所谓)用户可以移动鼠标并点击各种对象,比如按钮、列表、选框等等。但这种方式在每次用户想要计算机/服务器完成相同任务时(比如说批量转换照片,或者下载新的电影、mp3等)却是十分不方便。要想让所有这些事情变得简单并且自动化,我们可以使用shell脚本。
+
+某些编程语言,像pascal、foxpro、C、java之类,在执行前需要先进行编译。它们需要合适的编译器来让我们的代码完成某个任务。
+
+而其它一些编程语言,像php、javascript、visualbasic之类,则不需要编译器,因此它们需要解释器,而我们不需要编译代码就可以运行程序。
+
+shell脚本也像解释器一样,但它通常用于调用外部已编译的程序。然后,它会捕获输出结果、退出代码并根据情况进行处理。
+
+Linux世界中最为流行的shell脚本语言之一,就是bash。而我认为(这是我自己的看法)原因在于,默认情况下bash shell可以让用户便捷地通过历史命令(先前执行过的)导航,与之相反的是,ksh则要求对.profile进行一些调整,或者记住一些“魔术”组合键来查阅历史并修正命令。
+
+好了,我想这些介绍已经足够了,剩下来哪个环境最适合你,就留给你自己去判断吧。从现在开始,我将只讲bash及其脚本。在下面的例子中,我将使用CentOS 6.6和bash-4.1.2。请确保你有相同版本,或者更高版本。
+
+### Shell脚本流 ###
+
+shell脚本语言就跟和几个人聊天类似。你只需把所有命令想象成能帮你做事的那些人,只要你用正确的方式来请求他们去做。比如说,你想要写文档。首先,你需要纸。然后,你需要把内容说给某个人听,让他帮你写。最后,你想要把它存放到某个地方。或者说,你想要造一所房子,因而你需要请合适的人来清空场地。在他们说“事情干完了”,那么另外一些工程师就可以帮你来砌墙。最后,当这些工程师们也告诉你“事情干完了”的时候,你就可以叫油漆工来给房子粉饰了。如果你让油漆工在墙砌好前就来粉饰,会发生什么呢?我想,他们会开始发牢骚了。几乎所有这些像人一样的命令都会说话,如果它们完成了工作而没有发生什么问题,那么它们就会告诉“标准输出”。如果它们不能做你叫它们做的事——它们会告诉“标准错误”。这样,最后,所有的命令都通过“标准输入”来听你的话。
+
+快速实例——当你打开linux终端并写一些文本时——你正通过“标准输入”和bash说话。那么,让我们来问问bash shell **who am i**吧。
+
+ root@localhost ~]# who am i <--- you speaking through the standard input to bash shell
+ root pts/0 2015-04-22 20:17 (192.168.1.123) <--- bash shell answering to you through the standard output
+
+现在,让我们说一些bash听不懂的问题:
+
+ [root@localhost ~]# blablabla <--- 哈,你又在和标准输入说话了
+ -bash: blablabla: command not found <--- bash通过标准错误在发牢骚了
+
+“:”之前的第一个单词通常是向你发牢骚的命令。实际上,这些流中的每一个都有它们自己的索引号:
+
+- 标准输入(**stdin**) - 0
+- 标准输出(**stdout**) - 1
+- 标准错误(**stderr**) - 2
+
+如果你真的想要知道哪个输出命令说了些什么——你需要重定向(在命令后使用大于号“>”和流索引)那次发言到文件:
+
+ [root@localhost ~]# blablabla 1> output.txt
+ -bash: blablabla: command not found
+
+在本例中,我们试着重定向1(**stdout**)流到名为output.txt的文件。让我们来看对该文件内容所做的事情吧,使用cat命令可以做这事:
+
+ [root@localhost ~]# cat output.txt
+ [root@localhost ~]#
+
+看起来似乎是空的。好吧,现在让我们来重定向2(**stderr**)流:
+
+ [root@localhost ~]# blablabla 2> error.txt
+ [root@localhost ~]#
+
+好吧,我们看到牢骚话没了。让我们检查一下那个文件:
+
+ [root@localhost ~]# cat error.txt
+ -bash: blablabla: command not found
+ [root@localhost ~]#
+
+果然如此!我们看到,所有牢骚话都被记录到errors.txt文件里头去了。
+
+有时候,命令会同时产生**stdout**和**stderr**。要重定向它们到不同的文件,我们可以使用以下语句:
+
+ command 1>out.txt 2>err.txt
+
+要缩短一点语句,我们可以忽略“1”,因为默认情况下**stdout**会被重定向:
+
+ command >out.txt 2>err.txt
+
+好吧,让我们试试做些“坏事”。让我们用rm命令把file1和folder1给删了吧:
+
+ [root@localhost ~]# rm -vf folder1 file1 > out.txt 2>err.txt
+
+现在来检查以下输出文件:
+
+ [root@localhost ~]# cat out.txt
+ removed `file1'
+ [root@localhost ~]# cat err.txt
+ rm: cannot remove `folder1': Is a directory
+ [root@localhost ~]#
+
+正如我们所看到的,不同的流被分离到了不同的文件。有时候,这也不似很方便,因为我们想要查看出现错误时,在某些操作前面或后面所连续发生的事情。要实现这一目的,我们可以重定向两个流到同一个文件:
+
+ command >>out_err.txt 2>>out_err.txt
+
+注意:请注意,我使用“>>”替代了“>”。它允许我们附加到文件,而不是覆盖文件。
+
+我们可以重定向一个流到另一个:
+
+ command >out_err.txt 2>&1
+
+让我来解释一下吧。所有命令的标准输出将被重定向到out_err.txt,错误输出将被重定向到1-st流(上面已经解释过了),而该流会被重定向到同一个文件。让我们看这个实例:
+
+ [root@localhost ~]# rm -fv folder2 file2 >out_err.txt 2>&1
+ [root@localhost ~]# cat out_err.txt
+ rm: cannot remove `folder2': Is a directory
+ removed `file2'
+ [root@localhost ~]#
+
+看着这些组合的输出,我们可以将其说明为:首先,**rm**命令试着将folder2删除,而它不会成功,因为linux要求**-r**键来允许**rm**命令删除文件夹,而第二个file2会被删除。通过为**rm**提供**-v**(详情)键,我们让rm命令告诉我们每个被删除的文件或文件夹。
+
+这些就是你需要知道的,关于重定向的几乎所有内容了。我是说几乎,因为还有一个更为重要的重定向工具,它称之为“管道”。通过使用|(管道)符号,我们通常重定向**stdout**流。
+
+比如说,我们有这样一个文本文件:
+
+ [root@localhost ~]# cat text_file.txt
+ This line does not contain H e l l o word
+ This lilne contains Hello
+ This also containd Hello
+ This one no due to HELLO all capital
+ Hello bash world!
+
+而我们需要找到其中某些带有“Hello”的行,Linux中有个**grep**命令可以完成该工作:
+
+ [root@localhost ~]# grep Hello text_file.txt
+ This lilne contains Hello
+ This also containd Hello
+ Hello bash world!
+ [root@localhost ~]#
+
+当我们有个文件,想要在里头搜索的时候,这用起来很不错。当如果我们需要在另一个命令的输出中查找某些东西,这又该怎么办呢?是的,当然,我们可以重定向输出到文件,然后再在文件里头查找:
+
+ [root@localhost ~]# fdisk -l>fdisk.out
+ [root@localhost ~]# grep "Disk /dev" fdisk.out
+ Disk /dev/sda: 8589 MB, 8589934592 bytes
+ Disk /dev/mapper/VolGroup-lv_root: 7205 MB, 7205814272 bytes
+ Disk /dev/mapper/VolGroup-lv_swap: 855 MB, 855638016 bytes
+ [root@localhost ~]#
+
+如果你打算grep一些双引号引起来带有空格的内容呢!
+
+注意: fdisk命令显示关于Linux操作系统磁盘驱动器的信息
+
+就像我们看到的,这种方式很不方便,因为我们不一会儿就把临时文件空间给搞乱了。要完成该任务,我们可以使用管道。它们允许我们重定向一个命令的**stdout**到另一个命令的**stdin**流:
+
+ [root@localhost ~]# fdisk -l | grep "Disk /dev"
+ Disk /dev/sda: 8589 MB, 8589934592 bytes
+ Disk /dev/mapper/VolGroup-lv_root: 7205 MB, 7205814272 bytes
+ Disk /dev/mapper/VolGroup-lv_swap: 855 MB, 855638016 bytes
+ [root@localhost ~]#
+
+如你所见,我们不需要任何临时文件就获得了相同的结果。我们把**fdisk stdout**重定向到了**grep stdin**。
+
+**注意** : 管道重定向总是从左至右的。
+
+还有几个其它重定向,但是我们将把它们放在后面讲。
+
+### 在shell中显示自定义信息 ###
+
+正如我们所知道的,通常,与shell的交流以及shell内的交流是以对话的方式进行的。因此,让我们创建一些真正的脚本吧,这些脚本也会和我们讲话。这会让你学到一些简单的命令,并对脚本的概念有一个更好的理解。
+
+假设我们是某个公司的总服务台经理,我们想要创建某个shell脚本来注册呼叫信息:电话号码、用户名以及问题的简要描述。我们打算把这些信息存储到普通文本文件data.txt中,以便今后统计。脚本它自己就是以对话的方式工作,这会让总服务台的工作人员的小日子过得轻松点。那么,首先我们需要显示问题。对于现实信息,我们可以用echo和printf命令。这两个都是用来显示信息的,但是printf更为强大,因为我们可以通过它很好地格式化输出,我们可以让它右对齐、左对齐或者为信息留出专门的空间。让我们从一个简单的例子开始吧。要创建文件,请使用你喜欢的文本编辑器(kate,nano,vi,……),然后创建名为note.sh的文件,里面写入这些命令:
+
+ echo "Phone number ?"
+
+### Script执行 ###
+
+在保存文件后,我们可以使用bash命令来运行,把我们的文件作为它的参数:
+
+ [root@localhost ~]# bash note.sh
+ Phone number ?
+
+实际上,这样来执行脚本是很不方便的。如果不使用**bash**命令作为前缀来执行,会更舒服一些。要让脚本可执行,我们可以使用**chmod**命令:
+
+ [root@localhost ~]# ls -la note.sh
+ -rw-r--r--. 1 root root 22 Apr 23 20:52 note.sh
+ [root@localhost ~]# chmod +x note.sh
+ [root@localhost ~]# ls -la note.sh
+ -rwxr-xr-x. 1 root root 22 Apr 23 20:52 note.sh
+ [root@localhost ~]#
+
+
+
+**注意** : ls命令显示了当前文件夹内的文件。通过添加-la键,它会显示更多文件信息。
+
+如我们所见,在**chmod**命令执行前,脚本只有读(r)和写(w)权限。在执行**chmod +x**后,它就获得了执行(x)权限。(关于权限的更多细节,我会在下一篇文章中讲述。)现在,我们只需这么来运行:
+
+ [root@localhost ~]# ./note.sh
+ Phone number ?
+
+在脚本名前,我添加了./组合。.(点)在unix世界中意味着当前位置(当前文件夹),/(斜线)是文件夹分隔符。(在Windows系统中,我们使用\(反斜线)实现同样功能)所以,这整个组合的意思是说:“从当前文件夹执行note.sh脚本”。我想,如果我用完整路径来运行这个脚本的话,你会更加清楚一些:
+
+ [root@localhost ~]# /root/note.sh
+ Phone number ?
+ [root@localhost ~]#
+
+它也能工作。
+
+如果所有linux用户都有相同的默认shell,那就万事OK。如果我们只是执行该脚本,默认的用户shell就会用于解析脚本内容并运行命令。不同的shell有着一丁点不同的语法、内部命令等等,所以,为了保证我们的脚本会使用**bash**,我们应该添加**#!/bin/bash**到文件首行。这样,默认的用户shell将调用**/bin/bash**,而只有在那时候,脚本中的命令才会被执行:
+
+ [root@localhost ~]# cat note.sh
+ #!/bin/bash
+ echo "Phone number ?"
+
+直到现在,我们才100%确信**bash**会用来解析我们的脚本内容。让我们继续。
+
+### 读取输入 ###
+
+在现实信息后,脚本会等待用户回答。那儿有个**read**命令用来接收用户的回答:
+
+ #!/bin/bash
+ echo "Phone number ?"
+ read phone
+
+在执行后,脚本会等待用户输入,直到用户按[ENTER]键:
+
+ [root@localhost ~]# ./note.sh
+ Phone number ?
+ 12345 <--- 这儿是我输入的内容
+ [root@localhost ~]#
+
+你输入的所有东西都会被存储到变量**phone**中,要显示变量的值,我们同样可以使用**echo**命令:
+
+ [root@localhost ~]# cat note.sh
+ #!/bin/bash
+ echo "Phone number ?"
+ read phone
+ echo "You have entered $phone as a phone number"
+ [root@localhost ~]# ./note.sh
+ Phone number ?
+ 123456
+ You have entered 123456 as a phone number
+ [root@localhost ~]#
+
+在**bash** shell中,我们使用**$**(美元)符号作为变量标示,除了读入到变量和其它为数不多的时候(将在今后说明)。
+
+好了,现在我们准备添加剩下的问题了:
+
+ #!/bin/bash
+ echo "Phone number?"
+ read phone
+ echo "Name?"
+ read name
+ echo "Issue?"
+ read issue
+ [root@localhost ~]# ./note.sh
+ Phone number?
+ 123
+ Name?
+ Jim
+ Issue?
+ script is not working.
+ [root@localhost ~]#
+
+### 使用流重定向 ###
+
+太完美了!剩下来就是重定向所有东西到文件data.txt了。作为字段分隔符,我们将使用/(斜线)符号。
+
+**注意** : 你可以选择任何你认为是最好,但是确保文件内容不会包含这些符号在内。它会导致在文本行中产生额外字段。
+
+别忘了使用“>>”来代替“>”,因为我们想要将输出内容附加到文件末!
+
+ [root@localhost ~]# tail -2 note.sh
+ read issue
+ echo "$phone/$name/$issue">>data.txt
+ [root@localhost ~]# ./note.sh
+ Phone number?
+ 987
+ Name?
+ Jimmy
+ Issue?
+ Keybord issue.
+ [root@localhost ~]# cat data.txt
+ 987/Jimmy/Keybord issue.
+ [root@localhost ~]#
+
+**注意** : **tail**命令显示了文件的最后**-n**行。
+
+搞定。让我们再来运行一次看看:
+
+ [root@localhost ~]# ./note.sh
+ Phone number?
+ 556
+ Name?
+ Janine
+ Issue?
+ Mouse was broken.
+ [root@localhost ~]# cat data.txt
+ 987/Jimmy/Keybord issue.
+ 556/Janine/Mouse was broken.
+ [root@localhost ~]#
+
+我们的文件在增长,让我们在每行前面加个日期吧,这对于今后摆弄这些统计数据时会很有用。要实现这功能,我们可以使用date命令,并指定某种格式,因为我不喜欢默认格式:
+
+ [root@localhost ~]# date
+ Thu Apr 23 21:33:14 EEST 2015 <---- date命令的默认输出
+ [root@localhost ~]# date "+%Y.%m.%d %H:%M:%S"
+ 2015.04.23 21:33:18 <---- 格式化后的输出
+
+有几种方式可以读取命令输出到变脸,在这种简单的情况下,我们将使用`(反引号):
+
+ [root@localhost ~]# cat note.sh
+ #!/bin/bash
+ now=`date "+%Y.%m.%d %H:%M:%S"`
+ echo "Phone number?"
+ read phone
+ echo "Name?"
+ read name
+ echo "Issue?"
+ read issue
+ echo "$now/$phone/$name/$issue">>data.txt
+ [root@localhost ~]# ./note.sh
+ Phone number?
+ 123
+ Name?
+ Jim
+ Issue?
+ Script hanging.
+ [root@localhost ~]# cat data.txt
+ 2015.04.23 21:38:56/123/Jim/Script hanging.
+ [root@localhost ~]#
+
+嗯…… 我们的脚本看起来有点丑啊,让我们来美化一下。如果你要手动读取**read**命令,你会发现read命令也可以显示一些信息。要实现该功能,我们应该使用-p键加上信息:
+
+ [root@localhost ~]# cat note.sh
+ #!/bin/bash
+ now=`date "+%Y.%m.%d %H:%M:%S"`
+ read -p "Phone number: " phone
+ read -p "Name: " name
+ read -p "Issue: " issue
+ echo "$now/$phone/$name/$issue">>data.txt
+
+你可以直接从控制台查找到各个命令的大量有趣的信息,只需输入:**man read, man echo, man date, man ……**
+
+同意吗?它看上去是好多了!
+
+ [root@localhost ~]# ./note.sh
+ Phone number: 321
+ Name: Susane
+ Issue: Mouse was stolen
+ [root@localhost ~]# cat data.txt
+ 2015.04.23 21:38:56/123/Jim/Script hanging.
+ 2015.04.23 21:43:50/321/Susane/Mouse was stolen
+ [root@localhost ~]#
+
+光标在消息的后面(不是在新的一行中),这有点意思。
+
+循环
+
+是时候来改进我们的脚本了。如果用户一整天都在接电话,如果每次都要去运行,这岂不是很麻烦?让我们让这些活动都永无止境地循环去吧:
+
+ [root@localhost ~]# cat note.sh
+ #!/bin/bash
+ while true
+ do
+ read -p "Phone number: " phone
+ now=`date "+%Y.%m.%d %H:%M:%S"`
+ read -p "Name: " name
+ read -p "Issue: " issue
+ echo "$now/$phone/$name/$issue">>data.txt
+ done
+
+我已经交换了**read phone**和**now=`date`**行。这是因为我想要在输入电话号码后再获得时间。如果我把它放在循环**- the**的首行,变量就会在数据存储到文件中后获得时间。而这并不好,因为下一次呼叫可能在20分钟后,甚至更晚。
+
+ [root@localhost ~]# ./note.sh
+ Phone number: 123
+ Name: Jim
+ Issue: Script still not works.
+ Phone number: 777
+ Name: Daniel
+ Issue: I broke my monitor
+ Phone number: ^C
+ [root@localhost ~]# cat data.txt
+ 2015.04.23 21:38:56/123/Jim/Script hanging.
+ 2015.04.23 21:43:50/321/Susane/Mouse was stolen
+ 2015.04.23 21:47:55/123/Jim/Script still not works.
+ 2015.04.23 21:48:16/777/Daniel/I broke my monitor
+ [root@localhost ~]#
+
+注意: 要从无限循环中退出,你可以按[Ctrl]+[C]键。Shell会显示^表示Ctrl键。
+
+### 使用管道重定向 ###
+
+让我们添加更多功能到我们的“弗兰肯斯坦”,我想要脚本在每次呼叫后显示某个统计数据。比如说,我想要查看各个号码呼叫了我几次。对于这个,我们应该cat文件data.txt:
+
+ [root@localhost ~]# cat data.txt
+ 2015.04.23 21:38:56/123/Jim/Script hanging.
+ 2015.04.23 21:43:50/321/Susane/Mouse was stolen
+ 2015.04.23 21:47:55/123/Jim/Script still not works.
+ 2015.04.23 21:48:16/777/Daniel/I broke my monitor
+ 2015.04.23 22:02:14/123/Jimmy/New script also not working!!!
+ [root@localhost ~]#
+
+现在,所有输出我们都可以重定向到**cut**命令,让**cut**来把每行切成一块一块(我们使用分隔符“/”),然后打印第二个字段:
+
+ [root@localhost ~]# cat data.txt | cut -d"/" -f2
+ 123
+ 321
+ 123
+ 777
+ 123
+ [root@localhost ~]#
+
+现在,我们可以把这个输出重定向打另外一个命令**sort**:
+
+ [root@localhost ~]# cat data.txt | cut -d"/" -f2|sort
+ 123
+ 123
+ 123
+ 321
+ 777
+ [root@localhost ~]#
+
+然后只留下唯一的行。要统计唯一条目,只需添加**-c**键到**uniq**命令:
+
+ [root@localhost ~]# cat data.txt | cut -d"/" -f2 | sort | uniq -c
+ 3 123
+ 1 321
+ 1 777
+ [root@localhost ~]#
+
+只要把这个添加到我们的循环的最后:
+
+ #!/bin/bash
+ while true
+ do
+ read -p "Phone number: " phone
+ now=`date "+%Y.%m.%d %H:%M:%S"`
+ read -p "Name: " name
+ read -p "Issue: " issue
+ echo "$now/$phone/$name/$issue">>data.txt
+ echo "===== We got calls from ====="
+ cat data.txt | cut -d"/" -f2 | sort | uniq -c
+ echo "--------------------------------"
+ done
+
+运行:
+
+ [root@localhost ~]# ./note.sh
+ Phone number: 454
+ Name: Malini
+ Issue: Windows license expired.
+ ===== We got calls from =====
+ 3 123
+ 1 321
+ 1 454
+ 1 777
+ --------------------------------
+ Phone number: ^C
+
+
+
+当前场景贯穿了几个熟知的步骤:
+
+- 显示消息
+- 获取用户输入
+- 存储值到文件
+- 处理存储的数据
+
+但是,如果用户有点责任心,他有时候需要输入数据,有时候需要统计,或者可能要在存储的数据中查找一些东西呢?对于这些事情,我们需要使用switches/cases,并知道怎样来很好地格式化输出。这对于在shell中“画”表格的时候很有用。
+
+--------------------------------------------------------------------------------
+
+via: http://linoxide.com/linux-shell-script/guide-start-learning-shell-scripting-scratch/
+
+作者:[Petras Liumparas][a]
+译者:[GOLinux](https://github.com/GOLinux)
+校对:[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
+
+[a]:http://linoxide.com/author/petrasl/
diff --git a/translated/tech/20150506 How to Setup OpenERP (Odoo) on CentOS 7.x.md b/translated/tech/20150506 How to Setup OpenERP (Odoo) on CentOS 7.x.md
new file mode 100644
index 0000000000..0cd972b425
--- /dev/null
+++ b/translated/tech/20150506 How to Setup OpenERP (Odoo) on CentOS 7.x.md
@@ -0,0 +1,112 @@
+如何在CentOS 7.x中安装OpenERP(Odoo)
+================================================================================
+各位好,这篇教程关于的是如何在CentOS 7中安装Odoo(就是我们所知的OpenERP)。你是不是在考虑为你的业务安装一个不错的ERP(企业资源规划)软件?那么OpenERP就是你寻找的最好的程序,因为它是一款为你的商务提供杰出特性的自由开源软件。
+
+[OpenERP][1]是一款自由开源的传统的OpenERP(企业资源规划),它包含了开源CRM、网站构建、电子商务、项目管理、计费账务、销售点、人力资源、市场、生产、采购管理以及其他模块用于提高效率及销售。Odoo可以作为独立程序,但是它可以无缝集成因此你可以在安装数个程序后得到一个全功能的开源ERP。
+
+因此,下面是在你的CentOS上安装OpenERP的步骤。
+
+### 1. 安装 PostgreSQL ###
+
+首先,首先我们需要更新CentOS 7的软件包来确保是最新的包,补丁和安全更新。要更新我们的系统,我们要在shell下运行下面的命令。
+
+ # yum clean all
+ # yum update
+
+现在我们要安装PostgreSQL,因为OpenERP使用PostgreSQL作为他的数据库。要安装它,我们需要运行下面的命令。
+
+ # yum install postgresql postgresql-server postgresql-libs
+
+
+
+、安装完成后,我们需要用下面的命令初始化数据库。
+
+ # postgresql-setup initdb
+
+
+
+我们接着设置PostgreSQL来使它每次开机启动。
+
+ # systemctl enable postgresql
+ # systemctl start postgresql
+
+因为我们还没有为用户“postgresql”设置密码,我们现在设置。
+
+ # su - postgres
+ $ psql
+ postgres=# \password postgres
+ postgres=# \q
+ # exit
+
+
+
+### 2. 设置Odoo仓库 ###
+
+在初始化数据库初始化完成后,我们要添加EPEL(企业版Linux的额外包)到我们的CentOS中。Odoo(或者OpenERP)依赖于Python运行时以及其他包没有包含在标准仓库中。这样我们要位企业版Linux添加额外的包仓库支持来解决Odoo所需要的依赖。要安装完成,我们需要运行下面的命令。
+
+ # yum install epel-release
+
+
+
+现在,安装EPEL后,我们现在使用yum-config-manager添加Odoo(OpenERp)的仓库。
+
+ # yum install yum-utils
+
+ # yum-config-manager --add-repo=https://nightly.odoo.com/8.0/nightly/rpm/odoo.repo
+
+
+
+### 3. 安装Odoo 8 (OpenERP) ###
+
+在CentOS 7中添加Odoo 8(OpenERP)的仓库后。我们使用下面的命令来安装Odoo 8(OpenERP)。
+
+ # yum install -y odoo
+
+上面的命令会安装odoo以及必须的依赖的包。
+
+
+
+现在我们使用下面的命令在每次启动后启动Odoo服务。
+
+ # systemctl enable odoo
+ # systemctl start odoo
+
+
+
+### 4. 防火墙允许 ###
+
+因为Odoo使用8069端口,我们需要在防火墙中允许远程访问。我们使用下面的命令来在防火墙中允许8069防火墙。
+
+ # firewall-cmd --zone=public --add-port=8069/tcp --permanent
+ # firewall-cmd --reload
+
+
+
+**注意:默认上,只有本地的连接才允许。如果我们要允许PostgreSQL的远程访问,我们需要在pg_hba.conf添加下面图片中一行**
+
+ # nano /var/lib/pgsql/data/pg_hba.conf
+
+
+
+### 5. Web接口 ###
+
+我们已经在CentOS 7中安装了最新的Odoo 8(OpenERP),我们可以在浏览器中输入http://ip-address:8069来访问Odoo。 接着,我们要做的第一件事就是创建一个新的数据库和新的密码。注意,主密码默认是管理员密码。接着,我们可以在面板中输入用户名和密码。
+
+
+
+### 总结 ###
+
+Odoo 8(OpenERP)是世界上最好的开源ERP程序。我们做了一件出色的工作来安装它因为OpenERP是由许多模块组成的针对商务和公司的完整ERP程序。因此,如果你有任何问题、建议、反馈请在下面的评论栏写下。谢谢你!享受OpenERP(Odoo 8)吧 :-)
+
+--------------------------------------------------------------------------------
+
+via: http://linoxide.com/linux-how-to/setup-openerp-odoo-centos-7/
+
+作者:[Arun Pyasi][a]
+译者:[geekpi](https://github.com/geekpi)
+校对:[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
+
+[a]:http://linoxide.com/author/arunp/
+[1]:https://www.odoo.com/
diff --git a/translated/tech/20150506 Linux FAQs with Answers--How to disable entering password for default keyring to unlock on Ubuntu desktop.md b/translated/tech/20150506 Linux FAQs with Answers--How to disable entering password for default keyring to unlock on Ubuntu desktop.md
new file mode 100644
index 0000000000..2871298396
--- /dev/null
+++ b/translated/tech/20150506 Linux FAQs with Answers--How to disable entering password for default keyring to unlock on Ubuntu desktop.md
@@ -0,0 +1,54 @@
+Linux有问必答——Ubuntu桌面上如何禁用默认的密钥环解锁密码输入
+================================================================================
+>**问题**:当我启动我的Ubuntu桌面时,出现了一个弹出对话框,要求我输入密码来解锁默认的密钥环。我怎样才能禁用这个“解锁默认密钥环”弹出窗口,并自动解锁我的密钥环?
+
+密钥环被认为是用来以加密方式存储你的登录信息的本地数据库。各种桌面应用(如浏览器、电子邮件客户端)使用密钥环来安全地存储并管理你的登录凭证、机密、密码、证书或密钥。对于那些需要检索存储在密钥环中的信息的应用程序,需要解锁该密钥环。
+
+Ubuntu桌面所使用的GNOME密钥环被整合到了桌面登录中,该密钥环会在你验证进入桌面后自动解锁。但是,如果你设置了自动登录桌面或者是从休眠中唤醒,你默认的密钥环仍然可能“被锁定”的。在这种情况下,你会碰到这一提示:
+
+>“为密钥环‘默认密钥环’输入密码来解锁。某个应用想要访问密钥环‘默认密钥环’,但它被锁定了。”
+>
+
+
+如果你想要避免在每次弹出对话框出现时输入密码来解锁默认密钥环,那么你可以这样做。
+
+在做之前,请先了解禁用密码提示后可能出现的结果。通过自动解锁默认密钥环,你可以让任何使用你桌面的人无需知道你的密码而能获取你的密钥环(以及存储在密钥环中的任何信息)。
+
+### 禁用默认密钥环解锁密码 ###
+
+打开Dash,然后输入“密码”来启动“密码和密钥”应用。
+
+
+
+或者,使用seahorse命令从命令行启动图形界面。
+
+ $ seahorse
+
+在左侧面板中,右击“默认密钥环”,并选择“修改密码”。
+
+
+
+输入你的当前登录密码。
+
+
+在设置“默认”密钥环新密码的密码框中留空。
+
+
+
+在询问是否不加密存储密码对话框中点击“继续”。
+
+
+
+搞定。从今往后,那个该死的解锁密钥环提示对话框再也不会来烦你了。
+
+--------------------------------------------------------------------------------
+
+via: http://ask.xmodulo.com/disable-entering-password-unlock-default-keyring.html
+
+作者:[Dan Nanni][a]
+译者:[GOLinux](https://github.com/GOLinux)
+校对:[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
+
+[a]:http://ask.xmodulo.com/author/nanni
diff --git a/translated/tech/20150506 Linux FAQs with Answers--How to install Shrew Soft IPsec VPN client on Linux.md b/translated/tech/20150506 Linux FAQs with Answers--How to install Shrew Soft IPsec VPN client on Linux.md
new file mode 100644
index 0000000000..abe1d3943d
--- /dev/null
+++ b/translated/tech/20150506 Linux FAQs with Answers--How to install Shrew Soft IPsec VPN client on Linux.md
@@ -0,0 +1,98 @@
+Linux有问必答——Linux上如何安装Shrew Soft IPsec VPN
+================================================================================
+> **Question**: I need to connect to an IPSec VPN gateway. For that, I'm trying to use Shrew Soft VPN client, which is available for free. How can I install Shrew Soft VPN client on [insert your Linux distro]?
+> **问题**:我需要连接到一个IPSec VPN网关,鉴于此,我尝试使用Shrew Soft VPN客户端,它是一个免费版本。我怎样才能安装Shrew Soft VPN客户端到[插入你的Linux发行版]?
+
+市面上有许多商业VPN网关,同时附带有他们自己的专有VPN客户端软件。虽然也有许多开源的VPN服务器/客户端备选方案,但它们通常缺乏复杂的IPsec支持,比如互联网密钥交换(IKE),这是一个标准的IPsec协议,用于加固VPN密钥交换和验证安全。Shrew Soft VPN是一个免费的IPsec VPN客户端,它支持多种验证方法、密钥交换、加密以及防火墙穿越选项。
+
+下面介绍如何安装Shrew Soft VPN客户端到Linux平台。
+
+首先,从[官方站点][1]下载它的源代码。
+
+### 安装Shrew VPN客户端到Debian, Ubuntu或者Linux Mint ###
+
+Shrew Soft VPN客户端图形界面要求使用Qt 4.x。所以,作为依赖,你需要安装其开发文件。
+
+ $ sudo apt-get install cmake libqt4-core libqt4-dev libqt4-gui libedit-dev libssl-dev checkinstall flex bison
+ $ wget https://www.shrew.net/download/ike/ike-2.2.1-release.tbz2
+ $ tar xvfvj ike-2.2.1-release.tbz2
+ $ cd ike
+ $ cmake -DCMAKE_INSTALL_PREFIX=/usr -DQTGUI=YES -DETCDIR=/etc -DNATT=YES .
+ $ make
+ $ sudo make install
+ $ cd /etc/
+ $ sudo mv iked.conf.sample iked.conf
+
+### 安装Shrew VPN客户端到CentOS, Fedora或者RHEL ###
+
+与基于Debian的系统类似,在编译前你需要安装一堆依赖包,包括Qt4。
+
+ $ sudo yum install qt-devel cmake gcc-c++ openssl-devel libedit-devel flex bison
+ $ wget https://www.shrew.net/download/ike/ike-2.2.1-release.tbz2
+ $ tar xvfvj ike-2.2.1-release.tbz2
+ $ cd ike
+ $ cmake -DCMAKE_INSTALL_PREFIX=/usr -DQTGUI=YES -DETCDIR=/etc -DNATT=YES .
+ $ make
+ $ sudo make install
+ $ cd /etc/
+ $ sudo mv iked.conf.sample iked.conf
+
+在基于Red Hat的系统中,最后一步需要用文本编辑器打开/etc/ld.so.conf文件,并添加以下行。
+
+ $ sudo vi /etc/ld.so.conf
+
+----------
+
+ include /usr/lib/
+
+重新加载运行时绑定的共享库文件,以容纳新安装的共享库:
+
+ $ sudo ldconfig
+
+### 启动Shrew VPN客户端 ###
+
+首先,启动IKE守护进程(iked)。该守护进作为VPN客户端程通过IKE协议与远程主机经由IPSec通信。
+
+ $ sudo iked
+
+
+
+现在,启动qikea,它是一个IPsec VPN客户端前端。该GUI应用允许你管理远程站点配置并初始化VPN连接。
+
+
+
+要创建一个新的VPN配置,点击“添加”按钮,然后填入VPN站点配置。创建配置后,你可以通过点击配置来初始化VPN连接。
+
+
+
+### 故障排除 ###
+
+1. 我在运行iked时碰到了如下错误。
+
+ iked: error while loading shared libraries: libss_ike.so.2.2.1: cannot open shared object file: No such file or directory
+
+要解决该问题,你需要更新动态链接器来容纳libss_ike库。对于此,请添加库文件的位置路径到/etc/ld.so.conf文件中,然后运行ldconfig命令。
+
+ $ sudo ldconfig
+
+验证libss_ike是否添加到了库路径:
+
+ $ ldconfig -p | grep ike
+
+----------
+
+ libss_ike.so.2.2.1 (libc6,x86-64) => /lib/libss_ike.so.2.2.1
+ libss_ike.so (libc6,x86-64) => /lib/libss_ike.so
+
+--------------------------------------------------------------------------------
+
+via: http://ask.xmodulo.com/install-shrew-soft-ipsec-vpn-client-linux.html
+
+作者:[Dan Nanni][a]
+译者:[GOLinux](https://github.com/GOLinux)
+校对:[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
+
+[a]:http://ask.xmodulo.com/author/nanni
+[1]:https://www.shrew.net/download/ike
diff --git a/translated/tech/20150506 Linux FAQs with Answers--How to install autossh on Linux.md b/translated/tech/20150506 Linux FAQs with Answers--How to install autossh on Linux.md
new file mode 100644
index 0000000000..e83c23e9f3
--- /dev/null
+++ b/translated/tech/20150506 Linux FAQs with Answers--How to install autossh on Linux.md
@@ -0,0 +1,78 @@
+Linux有问必答--如何安装autossh
+================================================================================
+> **提问**: 我打算在linux上安装autossh,我应该怎么做呢?
+
+[autossh][1] 是一款开源工具,可以帮助管理SSH会话,自动重连和停止转发流量。autossh会假定目标主机已经设定[无密码SSH登陆][2],以便autossh可以重连断开的SSH会话而不用用户操作。
+
+只要你建立[反向SSH隧道][3]或者[挂载基于SSH的远程文件夹][4],autossh迟早会派上用场。基本上只要需要维持SSH会话,autossh肯定是有用的。
+
+
+
+
+下面有许多linux发行版autossh的安装方法。
+
+### Debian 或 Ubuntu 系统 ###
+
+autossh已经加入基于Debian系统的基础库,所以可以很方便的安装。
+
+ $ sudo apt-get install autossh
+
+### Fedora 系统 ###
+
+Fedora库同样包含autossh包,使用yum安装。
+
+ $ sudo yum install autossh
+
+### CentOS 或 RHEL 系统 ###
+
+CentOS/RHEL 6 或早期版本, 需要开启第三库[Repoforge库][5], 然后才能使用yum安装.
+
+ $ sudo yum install autossh
+
+CentOS/RHEL 7以后,autossh 已经不在Repoforge库中. 你需要从源码编译安装(例子在下面).
+
+
+### Arch Linux 系统 ###
+
+ $ sudo pacman -S autossh
+
+### Debian 或 Ubuntu 系统中从源码编译安装###
+
+如果你想要使用最新版本的autossh,你可以自己编译源码安装
+
+ $ sudo apt-get install gcc make
+ $ wget http://www.harding.motd.ca/autossh/autossh-1.4e.tgz
+ $ tar -xf autossh-1.4e.tgz
+ $ cd autossh-1.4e
+ $ ./configure
+ $ make
+ $ sudo make install
+
+### CentOS, Fedora 或 RHEL 系统中从源码编译安装###
+
+在CentOS/RHEL 7以后,autossh不在是预编译包。所以你不得不从源码编译安装。
+
+ $ sudo yum install wget gcc make
+ $ wget http://www.harding.motd.ca/autossh/autossh-1.4e.tgz
+ $ tar -xf autossh-1.4e.tgz
+ $ cd autossh-1.4e
+ $ ./configure
+ $ make
+ $ sudo make install
+
+--------------------------------------------------------------------------------
+
+via: http://ask.xmodulo.com/install-autossh-linux.html
+
+作者:[Dan Nanni][a]
+译者:[Vic020/VicYu](http://vicyu.net)
+校对:[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
+
+[a]:http://ask.xmodulo.com/author/nanni
+[1]:http://www.harding.motd.ca/autossh/
+[2]:http://xmodulo.com/how-to-enable-ssh-login-without.html
+[3]:http://xmodulo.com/access-linux-server-behind-nat-reverse-ssh-tunnel.html
+[4]:http://xmodulo.com/how-to-mount-remote-directory-over-ssh-on-linux.html
+[5]:http://xmodulo.com/how-to-set-up-rpmforge-repoforge-repository-on-centos.html
diff --git a/translated/tech/20150511 Fix Various Update Errors In Ubuntu 14.04.md b/translated/tech/20150511 Fix Various Update Errors In Ubuntu 14.04.md
new file mode 100644
index 0000000000..3780b4f948
--- /dev/null
+++ b/translated/tech/20150511 Fix Various Update Errors In Ubuntu 14.04.md
@@ -0,0 +1,151 @@
+修复Ubuntu 14.04中各种更新错误
+================================================================================
+
+
+在Ubuntu更新中,谁没有碰见个错误?在Ubuntu和其它基于Ubuntu的Linux发行版中,更新错误很常见,也为数不少。这些错误出现的原因多种多样,修复起来也很简单。在本文中,我们将见到Ubuntu中各种类型频繁发生的更新错误以及它们的修复方法。
+
+### 合并列表问题 ###
+
+当你在终端中运行更新命令时,你可能会碰到这个错误“[合并列表错误][1]”,就像下面这样:
+
+> E:Encountered a section with no Package: header,
+>
+> E:Problem with MergeList /var/lib/apt/lists/archive.ubuntu.com_ubuntu_dists_precise_universe_binary-i386_Packages,
+>
+> E:The package lists or status file could not be parsed or opened.’
+
+可以使用以下命令来修复该错误:
+
+ sudo rm -r /var/lib/apt/lists/*
+ sudo apt-get clean && sudo apt-get update
+
+### 下载仓库信息失败 -1 ###
+
+实际上,有两种类型的[下载仓库信息失败错误][2]。如果你的错误是这样的:
+
+> W:Failed to fetch bzip2:/var/lib/apt/lists/partial/in.archive.ubuntu.com_ubuntu_dists_oneiric_restricted_binary-i386_Packages Hash Sum mismatch,
+>
+> W:Failed to fetch bzip2:/var/lib/apt/lists/partial/in.archive.ubuntu.com_ubuntu_dists_oneiric_multiverse_binary-i386_Packages Hash Sum mismatch,
+>
+> E:Some index files failed to download. They have been ignored, or old ones used instead
+
+那么,你可以用以下命令修复:
+
+ sudo rm -rf /var/lib/apt/lists/*
+ sudo apt-get update
+
+### 下载仓库信息失败 -2 ###
+
+下载仓库信息失败的另外一种类型是由于PPA过时导致的。通常,当你运行更新管理器,并看到这样的错误时:
+
+
+
+你可以运行sudo apt-get update来查看哪个PPA更新失败,你可以把它从源列表中删除。你可以按照这个截图指南来[修复下载仓库信息失败错误][3]。
+
+### 下载包文件失败错误 ###
+
+一个类似的错误是[下载包文件失败错误][4],像这样:
+
+
+
+该错误很容易修复,只需修改软件源为主服务器即可。转到软件和更新,在那里你可以修改下载服务器为主服务器:
+
+
+
+### 部分更新错误 ###
+
+在终端中运行更新会出现[部分更新错误][5]:
+
+> Not all updates can be installed
+>
+> Run a partial upgrade, to install as many updates as possible
+
+在终端中运行以下命令来修复该错误:
+
+ sudo apt-get install -f
+
+### 加载共享库时发生错误 ###
+
+该错误更多是安装错误,而不是更新错误。如果尝试从源码安装程序,你可能会碰到这个错误:
+
+> error while loading shared libraries:
+>
+> cannot open shared object file: No such file or directory
+
+该错误可以通过在终端中运行以下命令来修复:
+
+ sudo /sbin/ldconfig -v
+
+你可以在这里查找到更多详细内容[加载共享库时发生错误][6]。
+
+### 无法获取锁/var/cache/apt/archives/lock ###
+
+在另一个程序在使用APT时,会发生该错误。假定你正在Ubuntu软件中心安装某个东西,然后你又试着在终端中运行apt。
+
+> E: Could not get lock /var/cache/apt/archives/lock – open (11: Resource temporarily unavailable)
+>
+> E: Unable to lock directory /var/cache/apt/archives/
+
+通常,只要你把所有其它使用apt的程序关了,这个问题就会好的。但是,如果问题持续,可以使用以下命令:
+
+ sudo rm /var/lib/apt/lists/lock
+
+如果上面的命令不起作用,可以试试这个命令:
+
+ sudo killall apt-get
+
+关于该错误的更多信息,可以在[这里][7]找到。
+
+### GPG错误: 下列签名无法验证 ###
+
+在添加一个PPA时,可能会导致以下错误[GPG错误: 下列签名无法验证][8],这通常发生在终端中运行更新时:
+
+> W: GPG error: http://repo.mate-desktop.org saucy InRelease: The following signatures couldn’t be verified because the public key is not available: NO_PUBKEY 68980A0EA10B4DE8
+
+我们所要做的,就是获取系统中的这个公钥,从信息中获取密钥号。在上述信息中,密钥号为68980A0EA10B4DE8。该密钥可通过以下方式使用:
+
+ sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 68980A0EA10B4DE8
+
+在添加密钥后,再次运行更新就没有问题了。
+
+### BADSIG错误 ###
+
+另外一个与签名相关的Ubuntu更新错误是[BADSIG错误][9],它看起来像这样:
+
+> W: A error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://extras.ubuntu.com precise Release: The following signatures were invalid: BADSIG 16126D3A3E5C1192 Ubuntu Extras Archive Automatic Signing Key
+>
+> W: GPG error: http://ppa.launchpad.net precise Release:
+>
+> The following signatures were invalid: BADSIG 4C1CBC1B69B0E2F4 Launchpad PPA for Jonathan French W: Failed to fetch http://extras.ubuntu.com/ubuntu/dists/precise/Release
+
+要修复该BADSIG错误,请在终端中使用以下命令:
+
+ sudo apt-get clean
+ cd /var/lib/apt
+ sudo mv lists oldlist
+ sudo mkdir -p lists/partial
+ sudo apt-get clean
+ sudo apt-get update
+
+本文汇集了你可能会碰到的**Ubuntu更新错误**,我希望这会对你处理这些错误有所帮助。你在Ubuntu中是否也碰到过其它更新错误呢?请在下面的评论中告诉我,我会试着写个快速指南。
+
+--------------------------------------------------------------------------------
+
+via: http://itsfoss.com/fix-update-errors-ubuntu-1404/
+
+作者:[Abhishek][a]
+译者:[GOLinux](https://github.com/GOLinux)
+校对:[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
+
+[a]:http://itsfoss.com/author/abhishek/
+[1]:http://itsfoss.com/how-to-fix-problem-with-mergelist/
+[2]:http://itsfoss.com/solve-ubuntu-error-failed-to-download-repository-information-check-your-internet-connection/
+[3]:http://itsfoss.com/failed-to-download-repository-information-ubuntu-13-04/
+[4]:http://itsfoss.com/fix-failed-download-package-files-error-ubuntu/
+[5]:http://itsfoss.com/fix-partial-upgrade-error-elementary-os-luna-quick-tip/
+[6]:http://itsfoss.com/solve-open-shared-object-file-quick-tip/
+[7]:http://itsfoss.com/fix-ubuntu-install-error/
+[8]:http://itsfoss.com/solve-gpg-error-signatures-verified-ubuntu/
+[9]:http://itsfoss.com/solve-badsig-error-quick-tip/
diff --git a/translated/tech/20150512 Linux FAQs with Answers--How to view torrent file content on Linux.md b/translated/tech/20150512 Linux FAQs with Answers--How to view torrent file content on Linux.md
new file mode 100644
index 0000000000..8b5ba22907
--- /dev/null
+++ b/translated/tech/20150512 Linux FAQs with Answers--How to view torrent file content on Linux.md
@@ -0,0 +1,62 @@
+Linux有问必答——Linux上如何查看torrent文件内容
+================================================================================
+> **问题**: 我从网站上下载了一个torrent文件。Linux上有没有工具让我查看torrent文件的内容?例如,我想知道torrent里面都有什么文件。
+
+torrent文件(也就是扩展名为**.torrent**的文件)是BitTorrent元数据文件,里面存储了BitTorrent客户端用来从BitTorrent点对点网络下载共享文件的信息(如,追踪器URL、文件列表、大小、校验和、创建日期等)。在单个torrent文件里面,可以列出一个或多个文件用于共享。
+
+torrent文件内容由BEncode编码为BitTorrent数据序列化格式,因此,要查看torrent文件的内容,你需要相应的解码器。
+
+事实上,任何图形化的BitTorrent客户端(如Transmission或uTorrent)都带有BEncode解码器,所以,你可以用它们直接打开来查看torrent文件的内容。然而,如果你不想要使用BitTorrent客户端来检查torrent文件,你可以试试这个命令行torrent查看器,它叫[dumptorrent][1]。
+
+**dumptorrent**命令可以使用内建的BEncode解码器打印torrent文件的详细信息(如,文件名、大小、跟踪器URL、创建日期、信息散列等等)。
+
+### 安装DumpTorrent到Linux ###
+
+要安装dumptorrent到Linux,你可以从源代码来构建它。
+
+在Debian、Ubuntu或Linux Mint上:
+
+ $ sudo apt-get install gcc make
+ $ wget http://downloads.sourceforge.net/project/dumptorrent/dumptorrent/1.2/dumptorrent-1.2.tar.gz
+ $ tar -xvf dumptorrent-1.2.tar.gz
+ $ cd dumptorrent-1.2
+ $ make
+ $ sudo cp dumptorrent /usr/local/bin
+
+在CentOS、Fedora或RHEL上:
+
+ $ sudo yum install gcc make
+ $ wget http://downloads.sourceforge.net/project/dumptorrent/dumptorrent/1.2/dumptorrent-1.2.tar.gz
+ $ tar -xvf dumptorrent-1.2.tar.gz
+ $ cd dumptorrent-1.2
+ $ make
+ $ sudo cp dumptorrent /usr/local/bin
+
+确保你的路径中[包含][2]了/usr/local/bin。
+
+### 查看torrent的内容 ###
+
+要检查torrent的内容,只需要运行dumptorrent,并将torrent文件作为参数执行。这会打印出torrent的概要,包括文件名、大小和跟踪器URL。
+
+ $ dumptorrent
+
+
+要查看torrent的完整内容,请添加“-v”选项。它会打印更多关于torrent的详细信息,包括信息散列、片长度、创建日期、创建者,以及完整的声明列表。
+
+ $ dumptorrent -v
+
+
+
+--------------------------------------------------------------------------------
+
+via: http://ask.xmodulo.com/view-torrent-file-content-linux.html
+
+作者:[Dan Nanni][a]
+译者:[GOLinux](https://github.com/GOLinux)
+校对:[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
+
+[a]:http://ask.xmodulo.com/author/nanni
+[1]:http://dumptorrent.sourceforge.net/
+[2]:http://ask.xmodulo.com/change-path-environment-variable-linux.html
diff --git a/translated/tech/[translated]Linux grep command with 14 different examples.md b/translated/tech/[translated]Linux grep command with 14 different examples.md
new file mode 100644
index 0000000000..cff151dd09
--- /dev/null
+++ b/translated/tech/[translated]Linux grep command with 14 different examples.md
@@ -0,0 +1,174 @@
+###概述:###
+
+所有类linux系统都会提供一个名为**grep(global regular expression print)**的搜索工具。grep命令在基于模式对一个或多个文件内容进行搜索的情况下是非常有用的。一个模式可以是单个字符、多个字符、单个单词、或者是一个句子。
+
+当命令匹配到执行命令时指定的模式时,grep会将包含模式的一行输出,但是并不对原文件内容进行修改。
+
+在本文中,我们将会讨论到14个grep命令的例子。
+
+###1 在文件中查找模式(单词)###
+
+在/etc/passwd文件中查找单词“linuxtechi”
+
+ root@Linux-world:~# grep linuxtechi /etc/passwd
+ linuxtechi:x:1000:1000:linuxtechi,,,:/home/linuxtechi:/bin/bash
+ root@Linux-world:~#
+
+###2 在多个文件中查找模式。###
+
+ root@Linux-world:~# grep linuxtechi /etc/passwd /etc/shadow /etc/gshadow
+ /etc/passwd:linuxtechi:x:1000:1000:linuxtechi,,,:/home/linuxtechi:/bin/bash
+ /etc/shadow:linuxtechi:$6$DdgXjxlM$4flz4JRvefvKp0DG6re:16550:0:99999:7:::/etc/gshadow:adm:*::syslog,linuxtechi
+ /etc/gshadow:cdrom:*::linuxtechi
+ /etc/gshadow:sudo:*::linuxtechi
+ /etc/gshadow:dip:*::linuxtechi
+ /etc/gshadow:plugdev:*::linuxtechi
+ /etc/gshadow:lpadmin:!::linuxtechi
+ /etc/gshadow:linuxtechi:!::
+ /etc/gshadow:sambashare:!::linuxtechi
+ root@Linux-world:~#
+
+###3 使用-l参数列出包含指定模式的文件的文件名。###
+
+ root@Linux-world:~# grep -l linuxtechi /etc/passwd /etc/shadow /etc/fstab /etc/mtab
+ /etc/passwd
+ /etc/shadow
+ root@Linux-world:~#
+
+###4 使用-n参数,在文件中查找指定模式及其相关的行号###
+
+ root@Linux-world:~# grep -n linuxtechi /etc/passwd
+ 39:linuxtechi:x:1000:1000:linuxtechi,,,:/home/linuxtechi:/bin/bash
+ root@Linux-world:~#
+
+root@Linux-world:~# grep -n root /etc/passwd /etc/shadow
+
+
+
+###5 使用-v参数输出不包含指定模式的行###
+
+输出/etc/passwd文件中所有不含单词“linuxtechi”的行
+
+ root@Linux-world:~# grep -v linuxtechi /etc/passwd
+
+
+
+###6 使用^符号输出所有以某指定模式开头的行###
+
+Bash脚本将^符号当作特殊字符处理,用于指定一行或者一个单词的开始。例如输出/etc/passes文件中所有以“root”开头的行
+
+ root@Linux-world:~# grep ^root /etc/passwd
+ root:x:0:0:root:/root:/bin/bash
+ root@Linux-world:~#
+
+###7 使用 $ 符号输出所有以指定模式结尾的行。###
+
+输出/etc/passwd文件中所有以“bash”结尾的行。
+
+ root@Linux-world:~# grep bash$ /etc/passwd
+ root:x:0:0:root:/root:/bin/bash
+ linuxtechi:x:1000:1000:linuxtechi,,,:/home/linuxtechi:/bin/bash
+ root@Linux-world:~#
+
+Bash脚本将美元($)符号当作特殊字符,用于指定一行或者一个单词的结尾。
+
+###8 使用 -r 参数递归的查找特定模式###
+
+
+ root@Linux-world:~# grep -r linuxtechi /etc/
+ /etc/subuid:linuxtechi:100000:65536
+ /etc/group:adm:x:4:syslog,linuxtechi
+ /etc/group:cdrom:x:24:linuxtechi
+ /etc/group:sudo:x:27:linuxtechi
+ /etc/group:dip:x:30:linuxtechi
+ /etc/group:plugdev:x:46:linuxtechi
+ /etc/group:lpadmin:x:115:linuxtechi
+ /etc/group:linuxtechi:x:1000:
+ /etc/group:sambashare:x:131:linuxtechi
+ /etc/passwd-:linuxtechi:x:1000:1000:linuxtechi,,,:/home/linuxtechi:/bin/bash
+ /etc/passwd:linuxtechi:x:1000:1000:linuxtechi,,,:/home/linuxtechi:/bin/bash
+ ............................................................................
+
+上面的命令将会递归的在/etc目录中查找“linuxtechi”单词
+
+###9 使用grep查找文件中所有的空行
+
+ root@Linux-world:~# grep ^$ /etc/shadow
+ root@Linux-world:~#
+
+由于/etc/shadow文件中没有空行,所以没有任何输出
+
+###10 使用“grep -i”参数查找模式###
+
+grep命令的-i参数在查找时忽略字符的大小写。
+
+我们来看一个例子,在paswd文件中查找“LinuxTechi”单词。
+
+ nextstep4it@localhost:~$ grep -i LinuxTechi /etc/passwd
+ linuxtechi:x:1001:1001::/home/linuxtechi:/bin/bash
+ nextstep4it@localhost:~$
+
+###11 使用-e参数查找多个模式###
+
+例如,我想在一条grep命令中查找‘linuxtechi’和‘root’单词,使用-e参数,我们可以查找多个模式。
+
+ root@Linux-world:~# grep -e "linuxtechi" -e "root" /etc/passwd
+ root:x:0:0:root:/root:/bin/bash
+ linuxtechi:x:1000:1000:linuxtechi,,,:/home/linuxtechi:/bin/bash
+ root@Linux-world:~#
+
+###12 使用“grep -f”从一个文件中获取待查找的模式###
+
+首先,在当前目录中创建一个搜索模式文件“grep_pattern”,我想文件中输入的如下内容。
+
+ root@Linux-world:~# cat grep_pattern
+ ^linuxtechi
+ root
+ false$
+ root@Linux-world:~#
+
+现在,试试使用grep_pattern文件进行搜索
+
+ root@Linux-world:~# grep -f grep_pattern /etc/passwd
+
+
+
+###13 使用-c参数计算模式匹配的数量###
+
+继续上面例子,我们在grep命令中使用-c命令计算匹配指定模式的数量
+
+ root@Linux-world:~# grep -c -f grep_pattern /etc/passwd
+ 22
+ root@Linux-world:~#
+
+###14 输出匹配指定模式行的前或者后面N行###
+
+a)使用-B参数输出匹配行的前4行
+
+ root@Linux-world:~# grep -B 4 "games" /etc/passwd
+
+
+
+b)使用-A参数输出匹配行的后4行
+
+ root@Linux-world:~# grep -A 4 "games" /etc/passwd
+
+
+
+c)使用-C参数输出匹配行的前后各4行
+
+ root@Linux-world:~# grep -C 4 "games" /etc/passwd
+
+
+
+--------------------------------------------------------------------------------
+
+via: http://www.linuxtechi.com/linux-grep-command-with-14-different-examples/
+
+作者:[Pradeep Kumar][a]
+译者:[cvsher](https://github.com/cvsher)
+校对:[校对者ID](https://github.com/校对者ID)
+
+本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创翻译,[Linux中国](https://linux.cn/) 荣誉推出
+
+[a]:http://www.linuxtechi.com/author/pradeep/