document/TranslateProject
2
0
Fork 0
mirror of https://github.com/LCTT/TranslateProject.git synced 2025-01-13 22:30:37 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'LCTT/master'

Browse Source
This commit is contained in:
Xingyu Wang 2019-10-29 09:10:55 +08:00
commit e3e0258267
8 changed files with 922 additions and 352 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

78
sources/news/20191026 Netflix builds a Jupyter Lab alternative, a bug bounty to fight election hacking, Raspberry Pi goes microscopic, and more open source news.md Normal file
View File

@ -0,0 +1,78 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Netflix builds a Jupyter Lab alternative, a bug bounty to fight election hacking, Raspberry Pi goes microscopic, and more open source news)
[#]: via: (https://opensource.com/article/19/10/news-october-26)
[#]: author: (Scott Nesbitt https://opensource.com/users/scottnesbitt)
Netflix builds a Jupyter Lab alternative, a bug bounty to fight election hacking, Raspberry Pi goes microscopic, and more open source news
======
Catch up on the biggest open source headlines from the past two weeks.
![Weekly news roundup with TV][1]
In this edition of our open source news roundup, we take a look at a machine learning tool from Netflix, Microsoft's election software bug bounty, a cost-effective microscope built with Raspberry Pi, and more!
### Netflix release Polynote machine learning tool
While there have been numerous advances in machine learning over the last decade, it's still a difficult, laborious, and sometimes frustrating task. To help make that task easier, Netflix has [released a machine learning notebook environment][2] called Polynote as open source.
Polynote enables "data scientists and AI researchers to integrate Netflixs JVM-based machine learning framework with Python machine learning and visualization libraries". What make Polynote unique is its reproducibility feature, which "takes cells positions in the notebook into account before executing them, helping prevent bad practices that make notebooks difficult to rerun from the top." It's also quite flexible—Polynote works with Apache Spark and supports languages like Python, Scala, and SQL.
You can grab Polynote [off GitHub][3] or learn more about it at the Polynote website.
### Microsoft announces bug bounty program for its election software
Hoping that more eyeballs on its code will make bugs shallow, Microsoft announced a [a bug bounty][4] for its open source ElectionGuard software development kit for voting machines. The goal of the program is to "uncover vulnerabilities and help bolster election security."
The bounty is open to "security professionals, part-time hobbyists, and students." Successful submissions, which must include proofs of concept demonstrating how bugs could compromise the security of voters, are worth up to $15,000 (USD).
If you're interested in participating, you can find ElectionGuard's code on [GitHub][5], and read more about the [bug bounty][6].
### microscoPI: a microscope built on Raspberry Pi
It's not a stretch to say that the Raspberry Pi is one of the most flexible platforms for hardware and software hackers. Micropalaeontologist Martin Tetard saw the potential of the tiny computers in his field of study and [create the microscoPI][7].
The microscoPI is a Raspberry Pi-assisted microscope that can "capture, process, and store images and image analysis results." Using an old adjustable microscope with a movable stage as a base, Tetard added a Raspberry Pi B, a Raspberry Pi camera module, and a small touchscreen to the device. The result is a compact rig that's "completely portable and measuring less than 30 cm (12 inches) in height." The entire setup cost him €159 (about $177 USD).
Tetard has set up [a website][8] for the microscoPI, where you can learn more about it.
#### In other news
* [Happy 15th birthday, Ubuntu][9]
* [Open-Source Arm Puts Robotics Within Reach][10]
* [Apache Rya matures open source triple store database][11]
* [UNICEF Launches Cryptocurrency Fund to Back Open Source Technology][12]
* [Open-source Delta Lake project moves to the Linux Foundation][13]
_Thanks, as always, to Opensource.com staff members and moderators for their help this week._
--------------------------------------------------------------------------------
via: https://opensource.com/article/19/10/news-october-26
作者:[Scott Nesbitt][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/scottnesbitt
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/weekly_news_roundup_tv.png?itok=B6PM4S1i (Weekly news roundup with TV)
[2]: https://venturebeat.com/2019/10/23/netflix-open-sources-polynote-to-simplify-data-science-and-machine-learning-workflows/
[3]: https://github.com/polynote/polynote
[4]: https://thenextweb.com/security/2019/10/21/microsofts-open-source-election-software-now-has-a-bug-bounty-program/
[5]: https://github.com/microsoft/ElectionGuard-SDK
[6]: https://www.microsoft.com/en-us/msrc/bounty
[7]: https://www.geeky-gadgets.com/raspberry-pi-microscope-07-10-2019/
[8]: https://microscopiproject.wordpress.com/
[9]: https://www.omgubuntu.co.uk/2019/10/happy-birthday-ubuntu-2019
[10]: https://hackaday.com/2019/10/17/open-source-arm-puts-robotics-within-reach/
[11]: https://searchdatamanagement.techtarget.com/news/252472464/Apache-Rya-matures-open-source-triple-store-database
[12]: https://www.coindesk.com/unicef-launches-cryptocurrency-fund-to-back-open-source-technology
[13]: https://siliconangle.com/2019/10/16/open-source-delta-lake-project-moves-linux-foundation/

161
sources/talk/20191028 6 signs you might be a Linux user.md Normal file
View File

@ -0,0 +1,161 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (6 signs you might be a Linux user)
[#]: via: (https://opensource.com/article/19/10/signs-linux-user)
[#]: author: (Seth Kenlon https://opensource.com/users/seth)
6 signs you might be a Linux user
======
If you're a heavy Linux user, you'll probably recognize these common
tendencies.
![Tux with binary code background][1]
Linux users are a diverse bunch, but many of us share a few habits. You might not have any of the telltale signs listed in this article, and if you're a new Linux user, you may not recognize many of them... yet.
Here are six signs you might be a Linux user.
### 1\. As far as you know, the world began on January 1, 1970.
There are many rumors about why a Unix computer clock always sets itself back to 1970-01-01 when it resets. But the mundane truth is that the Unix "epoch" serves as a common and simple reference point for synchronization. For example, Halloween is the 304th day of this year in the Julian calendar, but we commonly refer to the holiday as being "on the 31st". We know which 31st we mean because we have common reference points: We know that Halloween is celebrated in October and that October is the 10th month of the year, and we know how many days each preceding month contains. Without these values, we could use traditional methods of timekeeping, such as phases of the moon, to keep track of special seasonal events, but of course, a computer doesn't have that ability.
A computer requires firm and clearly defined values, so the value 1970-01-01T00:00:00Z was chosen as the beginning of the Unix epoch. Any time a [POSIX][2] computer loses track of time, a service like the Network Time Protocol (NTP) can provide it the number of seconds since 1970-01-01T00:00:00Z, which the computer can convert to a human-friendly date.
Date and time are a famously complex thing to track in computing, largely because there are exceptions to nearly standard. A month doesn't always have 30 days, a year doesn't always have 365 days, and even seconds tend to drift a little each year. If you're looking for a fun and frustrating programming exercise, try to program a reliable calendaring application!
### 2\. You think it's a chore to type anything over two letters to get something done.
The most common Unix commands are famously short. In addition to commands like **cd** and **ls** and **mv**, there's one command that literally can't get any shorter: **w** (which shows who is currently logged in according to the **/var/run/utmp** file).
On the one hand, extremely short commands seem unintuitive. A new user probably isn't going to guess that typing **ls** would _list_ directories. Once you learn the commands, though, the shorter they are, the better. If you spend all day in a terminal, the fewer keystrokes you have to type means you can spend more time getting your work done.
Luckily, single-letter commands are far and few between, which means you can use most letters for aliases. For example, I use Emacs often enough that I consider **emacs** too long to type, so I alias it to **e** by adding this line to my **.bashrc** file:
```
`alias e='emacs'`
```
You can also alias commands temporarily. For instance, if you find yourself running [firewall-cmd][3] repeatedly while you troubleshoot a network issue, then you can create an alias just for your current session:
```
$ alias f='firewall-cmd'
$ f
usage: see firewall-cmd man page
No option specified.
```
As long as the terminal is open, your alias persists. Once the terminal is closed, it's forgotten.
### 3\. You think it's a chore to click more than two times to get something done.
Linux users are fond of efficiency. While not every Linux user is always in a hurry to get things done, there are conventions in Linux desktops that seek to reduce the number of actions required to accomplish any given task. Here are some examples.
* In the KDE file manager Dolphin, a single click opens a file or directory. It's assumed that if you want to select a file, you can either click and drag or else Ctrl+Click instead. This may confuse users who are used to double-clicking everything, but once you've tried single-click actions, you usually can't go back to laborious double-clicks.
* On most Linux desktops, a middle-click pastes the most recent contents of the clipboard.
* On many Linux desktops, drag actions can be modified by pressing the Alt, Ctrl, or Shift keys. For instance, Alt+Drag moves a window in KDE, and Ctrl+Drag in GNOME causes a file to be copied instead of moved.
### 4\. You've never performed any action on a computer more than three times because you've already automated it by the third time.
Pardon the hyperbole, but many Linux users expect their computer to work harder than they do. While it takes time to learn how to automate common tasks, it tends to be easier on Linux than on other platforms because the Linux terminal and the Linux operating system are so tightly integrated. The easy things to automate are the actions you already do in a terminal because commands are just strings that you type into an interpreter, and that interpreter (the terminal) doesn't care whether you typed the strings out manually or whether you're just pointing it to a script.
For instance, if you find yourself frequently moving a set of files from one place to another, then you can probably use the same sequence of instructions as a script, which you can trigger with a single command. Imagine you are doing this manually each morning:
```
$ cd Documents
$ trash reports-latest.txt
$ wget myserver.local/reports/daily/report-latest.txt
$ cp report-latest.txt reports_daily/2019-31-10.log
```
It's a simple sequence, but repeating it daily isn't the most efficient way of spending your time. With a little bit of abstraction, you could automate it with a simple script:
```
#!/bin/sh
trash $HOME/Documents/reports-latest.txt
wget myserver.local/reports/daily/report-latest.txt \
-P $HOME/Documents/udpates_daily/`date --iso-8601`.log
cp $HOME/Documents/udpates_daily/`date --iso-8601`.log \
$HOME/Documents/reports-latest.txt
```
You could call your script **get-reports.sh** and launch it manually each morning, or you could even enter it into your crontab so that your computer performs the task without requiring any intervention from you.
This can be confusing for a new user because it's not always obvious what's integrated with what. For instance, if you regularly find yourself opening images and scaling them down by 50%, then you're probably used to doing something like this:
1. Opening up your photo viewer or editor
2. Scaling the image
3. Exporting the image as a modified file
4. Closing the application
If you did this several times a day, you would probably get tired of the repetition. However, because you perform those actions in the graphical user interface (GUI), you would need to know how to script the GUI to automate it. Some applications, like [GIMP][4], have a rich scripting interface, but the process is obviously different than just adapting a bunch of commands and dumping those into a file.
Then again, sometimes there are command-line equivalents to things you do in a GUI. Converting documents from one text format to another can be done with [Pandoc][5], images can be manipulated with [Image Magick][6], music and video can be edited and converted, and so on. It's a matter of knowing what to look for, and usually learning a new (and sometimes complex) command. Scaling images down, however, is notably simpler in the terminal than in a GUI:
```
#!/bin/sh
convert "${1}" -scale 50% `basename "${1}" .jpg`_50.jpg
```
It's worth investigating those bothersome, repetitious tasks. You never know how simple and fast your work is for a computer to do!
### 5\. You distro hop
I'm an ardent Slackware user at home and a RHEL user at work. Actually, that's not true; I'm a Fedora user at work now. Except when I use CentOS. And there was that time I ran [Mageia][7] for a while.
![Debian on a PowerPC64 box, image CC BY SA Claudio Miranda][8]
Debian on a PowerPC64 box
It doesn't matter how great a distribution is; part of the guilty pleasure of being a Linux user is the freedom to be indecisive about which distro you run. At a glance, they're all basically the same, and that's refreshing. But depending on your mood, you might prefer the stability of CentOS to the constant updates of Fedora, or you might truly enjoy the centralized control center of Mageia one day and then frolic in the modularity of raw [Debian][9] configuration files another. And sometimes you turn to an alternate OS altogether.
![OpenBSD, image CC BY SA Claudio Miranda][10]
OpenBSD, not a Linux distro
The point is, Linux distributions are passion projects, and it's fun to be a part of other people's open source passions.
### 6\. You have a passion for open source.
Regardless of your experience, if you're a Linux user, you undoubtedly have a passion for open source. Whether you express that on a daily basis through [Creative Commons artwork][11] or code or you sublimate it and just get your work done in a liberating (and liberated) environment, you're living in and building upon open source. It's because of you that there's an open source community, and the community is richer for having you as a member.
There are lots of things I haven't mentioned. What else betrays you as a Linux user? Let us know in the comments!
--------------------------------------------------------------------------------
via: https://opensource.com/article/19/10/signs-linux-user
作者:[Seth Kenlon][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/seth
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/tux_linux_penguin_code_binary.jpg?itok=TxGxW0KY (Tux with binary code background)
[2]: https://opensource.com/article/19/7/what-posix-richard-stallman-explains
[3]: https://opensource.com/article/19/7/make-linux-stronger-firewalls
[4]: https://www.gimp.org/
[5]: https://opensource.com/article/19/5/convert-markdown-to-word-pandoc
[6]: https://opensource.com/article/17/8/imagemagick
[7]: http://mageia.org
[8]: https://opensource.com/sites/default/files/uploads/debian.png (Debian on a PowerPC64 box)
[9]: http://debian.org
[10]: https://opensource.com/sites/default/files/uploads/openbsd.jpg (OpenBSD)
[11]: http://freesvg.org

83
sources/talk/20191028 Building trust in the Linux community.md Normal file
View File

@ -0,0 +1,83 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Building trust in the Linux community)
[#]: via: (https://opensource.com/article/19/10/trust-linux-community)
[#]: author: (Don Watkins https://opensource.com/users/don-watkins)
Building trust in the Linux community
======
Everyone should be empowered to use whatever software they wish,
regardless of platform.
![Tall building with windows][1]
I recently listened to an interesting interview on [Linux for everyone][2]. Host [Jason Evangelho][3] interviewed [Christopher Scott][4], senior premier field engineer (open source) at Microsoft. Christopher is a Linux advocate who has a unique perspective as an avid Linux user who works for Microsoft. There was a time when there was little trust between Redmond and the Linux world. There are some who fear that Microsofts embrace of Linux is sinister. Christopher is trying to dispel that notion and build trust where mistrust has existed in the past. Listening to the interview invited my curiosity. Anxious to learn more, I contacted Christopher on [Twitter][5] and requested an interview (which has been lightly edited for length and clarity). He graciously agreed.
**Don Watkins:** What is your background?
**Christopher Scott:** In short, Im a geek who loves technology, especially hardware. The first computer I got to spend any time with was our 486SX 20MHz 4MB RAM 171MB HDD IBM-compatible machine. My mom spent $2,500 on the setup at the time, which seemed outrageous. It wasnt long after that I bought Comanche Maximum Overkill (PC Game) and realized I didnt have a CD-ROM drive, nor a compatible sound card, so I bought those and installed them. That started it right there. I had to play games on our Windows 3.1 machine. That was really the focus of my interest in computers growing up: video games. I had the NES in 1984 and an SNES after, along with many other game systems since, but there was always something about PC gaming that caught my attention.
My first love, however, was cars. My dad was into hot rods and such, so I read his magazines growing up. I had high aspirations of building my own first car. After finding college to not be for me and realizing that minimum wage jobs wouldnt secure my future, I went back to school and learned a trade: automotive paint and body repair. I got a job thanks to my instructor and did this for several years, but I wasnt satisfied that most of the jobs were insurance claim-based. I wanted to focus on the attention to detail aspects and make every job come out perfectly, but insurance companies dont pay for that type of detail with a "just good enough" mentality.
I wasnt able to find work in a custom paint and body shop, so I looked to my second love, computers. I found a company that had training courses on Windows 2000 certification preparation. It was outrageously priced at something like $8,000, but I got a student loan (so I could carry that debt with me for many years after) and started class. I didnt get a job immediately after, that took a number of months, but I worked my way into a temp job at Timexs call center in the advanced products division.
I had been at Timex for a year-and-a-half or so when I was able to get a job offer at a "real computer company." It wasnt temp work and it had benefits, so it seemed perfect. This company provided managed IT services for their customers, so I started doing PC and network support over the phone and in person. I met my wife while working for this company, too. Since then, Ive done help desk support, litigation support, SharePoint, Skype for Business, Microsoft Teams, and all of the Office 365 Suite. Today Im a happily married father of three with two grandsons.
**DW**: How did you get started with Linux and open source?
**CS**: Roughly 20 years ago, while I was taking classes on Windows 2000 Server, I started acquiring parts of older machines that were slated for disposal and managed to piece together at least one fully working system with a monitor, keyboard, and mouse. The home computer at the time was running Windows 98 or ME, I cant recall, but I didnt have any OS to put on this older system. Somehow, I stumbled across Mandrake Linux and loaded it up. It all seemed to work okay from what I could tell, so I put an ad in the local newspaper classifieds to see if anyone needed a computer for free. I got exactly one response to that ad. I packed up the computer and took it to their house. I found out it was a family with a special needs son and they wanted to get him learning on the computer. I set it up on the little table they wanted to use as a desk, they thanked me, and I left. I sure hope it was helpful for them. At the time, all I really knew of Linux was that I could have a fully working system without having to go to a store to buy a disk.
Since that point, I would consider myself a Linux hobbyist and enthusiast. I am a distro hopper, always trying out different distros and desktop environments, never making any one of them truly home. Ive always had my heartstrings pulled between Ubuntu-based systems and Fedora. For some reason, I really like **`apt`** and **DEB**, but always loved getting faster updates from Fedora. Ive always appreciated the way open source projects are open to the community for feedback and extra dev support, and how the code is freely available for anyone to use, reuse, and review.
Until recently, I wasnt able to make Linux my primary OS. Ive tried over the years and often it came back to games. They would either not run at all, or ran poorly by comparison, so I ended up returning to Windows. With the improvements to Proton and tools like Lutris, that landscape has changed dramatically. I run Linux on my primary desktop and laptop now. Currently, Pop!_OS and Ubuntu 18.04 respectively, but I do have a soft spot for Manjaro (which is on a third machine).
Admittedly, I do make concessions by having Linux as my primary OS for work. I mostly lean on web-based access to things I need, but I still have a VM for specific applications that wont run outside of Windows and are required for my job. To be clear on this, I dont hate Windows. I dislike some of the things it does and some of the things it doesnt do. Linux, too, has things I like and dislike. My decision on what to run is based on what annoys me the least and what gives me the features and software I want or need. Some distros just dont appeal to me or annoy me in a number of ways that I just cannot get over. Every OS has its pros and cons.
**DW**: What invited you to work for Microsoft?
**CS**: Short answer: A recruiter on LinkedIn. Long answer: Like many people who get into SharePoint, it fell into my lap a number of years ago. Okay, I volunteered, but no one else on the three-person IT team was going to learn it and our CEO wanted it. Fast forward about three years later, I got hired as a SharePoint admin for, what I thought, was a quite large company of 700 users. At that point, I considered Microsoft to be the top option to work for considering thats who owns SharePoint, but I figured that I was five years or so away from being at the level I needed to be to even be considered. After working at this job for a year, I was contacted by a recruiter on LinkedIn. We chatted, I interviewed, and I got hired. Since then, I have jumped technologies to Skype/Teams and now open source software (OSS) and have gone from leading one team to over 20, all in sort of a non-traditional way.
To be more to the point, I wanted to move into an OSS role to see more of what Microsoft is doing in this space, which was something I couldnt see in other roles while supporting other technologies.
**DW**: How are you building trust for the Linux community at Microsoft?
**CS**: The first step is to listen. I cant assume to know, even though I consider myself part of the Linux community, what it would take to build that trust. So, I reached out to get that feedback. My goal is to take action against that feedback as merely an employee looking to make the software landscape better for Linux users who would appreciate the option of running Microsoft software on their chosen platform (as one example).
**DW**: What Microsoft products besides Visual Studio are wins for the Linux and open source community?
**CS**: Honestly, it depends on which part of the community you refer to. For developers, there are other things that were released/open-sourced by Microsoft that carry great benefits, like .NET and C++ libraries. Even [Windows Subsystem for Linux][6] (WSL) and the [new Windows Terminal][7] can be seen as big wins. However, there is another component of the community that wants something that impacts their daily, personal lives (if I were to summarize). In a sense, each individual has taken the stance to decide for themselves what constitutes a win and what doesnt. That issue makes it more difficult at times when they request that Windows or the whole software catalog be open-sourced completely before even considering that Microsoft is doing anything valid.
Essentially, from how I view Microsofts standpoint, the company is focused on the cloud, namely Azure. Who in the Linux and open source community should be targeted that aligns with that? People who manage Linux servers, people who want to use open source software in Azure, and people who develop open source software that can run on Azure. To that market, there have been many wins. The catalog of OSS that runs in the context of Azure is huge.
**DW**: Some tech writers see the Linux kernel replacing the NT kernel. Do you disagree?
**CS**: I do disagree. Theres far too much incompatibility to just replace the underpinnings. Its not realistic, in my opinion.
**DW**: What is the future of Linux at Microsoft?
**CS**: Ill say what I expect and what I hope. I expect continued growth of Linux on Azure, and continued growth in open source used on Azure and written by Microsoft. I hope that this drives further investment into the Linux desktop, essentially, by bringing Windows software to run well on Linux. This topic is what the community wants to see, too, but it will take the customers, the individuals, within the enterprise speaking up to push this to reality.
Would I like to see, as an example, one code base for Office that runs on all desktop platforms whether through Wine or some other compatibility layer? Yes, of course. I think this would be optimal, really. Office for Mac has never seen all the same features as the Windows versions. Everyone should be empowered to use whatever software they wish, regardless of platform. I believe that Microsoft can get there, I just dont know if it will, so thats where I step in to do what I can to try to make this happen. I hope that we can see Linux desktop users have the same options for software from Microsoft as Windows and macOS.
--------------------------------------------------------------------------------
via: https://opensource.com/article/19/10/trust-linux-community
作者:[Don Watkins][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/don-watkins
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/windows_building_sky_scale.jpg?itok=mH6CAX29 (Tall building with windows)
[2]: https://linuxforeveryone.fireside.fm/10-the-microsoft-linux-interview
[3]: https://opensource.com/article/19/9/found-linux-video-gaming
[4]: https://www.linkedin.com/in/christophersscott/
[5]: https://twitter.com/chscott_msft
[6]: https://en.wikipedia.org/wiki/Windows_Subsystem_for_Linux
[7]: https://github.com/Microsoft/Terminal

167
sources/tech/20191015 10 Ways to Customize Your Linux Desktop With GNOME Tweaks Tool.md
View File

@ -1,167 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (10 Ways to Customize Your Linux Desktop With GNOME Tweaks Tool)
[#]: via: (https://itsfoss.com/gnome-tweak-tool/)
[#]: author: (Abhishek Prakash https://itsfoss.com/author/abhishek/)
10 Ways to Customize Your Linux Desktop With GNOME Tweaks Tool
======
![GNOME Tweak Tool Icon][1]
There are several ways you can tweak Ubuntu to customize its looks and behavior. The easiest way I find is by using the [GNOME Tweak tool][2]. It is also known as GNOME Tweaks or simply Tweaks.
I have mentioned it numerous time in my tutorials in the past. Here, I list all the major tweaks you can perform with this tool.
I have used Ubuntu here but the steps should be applicable to any Linux distribution using GNOME desktop environment.
### Install GNOME Tweak tool in Ubuntu 18.04 and other versions
Gnome Tweak tool is available in the [Universe repository in Ubuntu][3] so make sure that you have it enabled in your Software & Updates tool:
![Enable Universe Repository in Ubuntu][4]
After that, you can install GNOME Tweak tool from the software center. Just open the Software Center and search for GNOME Tweaks and install it from there:
![Install GNOME Tweaks Tool from Software Center][5]
Alternatively, you may also use command line to install software with [apt command][6]:
```
sudo apt install gnome-tweaks
```
### Customizing GNOME desktop with Tweaks tool
![][7]
GNOME Tweak tool enables you to do a number of settings changes. Some of these changes like wallpaper changes, startup applications etc are also available in the official System Settings tool. I am going to focus on tweaks that are not available in the Settings by default.
#### 1\. Change themes
You can [install new themes in Ubuntu][8] in various ways. But if you want to change to the newly installed theme, youll have to install GNOME Tweaks tool.
You can find the theme and icon settings in Appearance section. You can browse through the available themes and icons and set the ones you like. The changes take into effect immediately.
![Change Themes With GNOME Tweaks][9]
#### 2\. Disable animation to speed up your desktop
There are subtle animations for application window opening, closing, maximizing etc. You can disable these animations to speed up your system slightly as it will use slightly fewer resources.
![Disable Animations For Slightly Faster Desktop Experience][10]
#### 3\. Control desktop icons
At least in Ubuntu, youll see the Home and Trash icons on the desktop. If you dont like, you can choose to disable it. You can also choose which icons will be displayed on the desktop.
![Control Desktop Icons in Ubuntu][11]
#### 4\. Manage GNOME extensions
I hope you are aware of [GNOME Extensions][12]. These are small plugins for your desktop that extends the functionalities of the GNOME desktop. There are [plenty of GNOME extensions][13] that you can use to get CPU consumption in the top panel, get clipboard history etc.
I have written in detail about [installing and using GNOME extensions][14]. Here, I assume that you are already using them and if thats the case, you can manage them from within GNOME Tweaks.
![Manage GNOME Extensions][15]
#### 5\. Change fonts and scaling factor
You can [install new fonts in Ubuntu][16] and apply the system wide font change using Tweaks tool. You can also change the scaling factor if you think the icons, text are way too small on your desktop.
![Change Fonts and Scaling Factor][17]
#### 6\. Control touchpad behavior like Disable touchpad while typing, Make right click on touchpad working
The GNOME Tweaks also allows you to disable touchpad while typing. This is useful if you type fast on a laptop. The bottom of your palm may touch the touchpad and the cursor moves away to an undesired location on the screen.
Automatically disabling touchpad while typing fixes this problem.
![Disable Touchpad While Typing][18]
Youll also notice that [when you press the bottom right corner of your touchpad for right click, nothing happens][19]. There is nothing wrong with your touchpad. Its a system settings that disables the right clicking this way for any touchpad that doesnt have a real right click button (like the old Thinkpad laptops). Two finger click gives you the right click.
You can also get this back by choosing Area in under Mouse Click Simulation instead of Fingers.
![Fix Right Click Issue][20]
You may have to [restart Ubuntu][21] in order to take the changes in effect. If you are Emacs lover, you can also force keybindings from Emacs.
#### 7\. Change power settings
There is only one power settings here. It allows you to put your laptop in suspend mode when the lid is closed.
![Power Settings in GNOME Tweaks Tool][22]
#### 8\. Decide whats displayed in the top panel
The top panel in your desktop gives shows a few important things. You have the calendar, network icon, system settings and the Activities option.
You can also [display battery percentage][23], add date along with day and time and show week numbers. You can also enable hot corners so that if you take your mouse to the top left corner of the screen, youll get the activities view with all the running applications.
![Top Panel Settings in GNOME Tweaks Tool][24]
If you have the mouse focus on an application window, youll notice that its menu is displayed in the top panel. If you dont like it, you may toggle it off and then the application menu will be available on the application itself.
#### 9\. Configure application window
You can decide if maximize and minimize option (the buttons on the top right corner) will be shown in the application window. You may also change their positioning between left and right.
![Application Window Configuration][25]
There are some other configuration options as well. I dont use them but feel free to explore them on your own.
#### 10\. Configure workspaces
GNOME Tweaks tool also allows you to configure a couple of things around workspaces.
![Configure Workspaces in Ubuntu][26]
**In the end…**
GNOME Tweaks tool is a must have utility for any GNOME user. It helps you configure looks and functionality of the desktop. I find it surprising that this tool is not even in Main repository of Ubuntu. In my opinion, it should be installed by default. Till then, youll have to install GNOME Tweak tool in Ubuntu manually.
If you find some hidden gem in GNOME Tweaks that hasnt been discussed here, why not share it with the rest of us?
--------------------------------------------------------------------------------
via: https://itsfoss.com/gnome-tweak-tool/
作者:[Abhishek Prakash][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://itsfoss.com/author/abhishek/
[b]: https://github.com/lujun9972
[1]: https://i0.wp.com/itsfoss.com/wp-content/uploads/2019/10/gnome-tweak-tool-icon.png?ssl=1
[2]: https://wiki.gnome.org/action/show/Apps/Tweaks?action=show&redirect=Apps%2FGnomeTweakTool
[3]: https://itsfoss.com/ubuntu-repositories/
[4]: https://i2.wp.com/itsfoss.com/wp-content/uploads/2019/03/enable-repositories-ubuntu.png?ssl=1
[5]: https://i2.wp.com/itsfoss.com/wp-content/uploads/2019/10/install-gnome-tweaks-tool.jpg?ssl=1
[6]: https://itsfoss.com/apt-command-guide/
[7]: https://i1.wp.com/itsfoss.com/wp-content/uploads/2019/10/customize-gnome-with-tweak-tool.jpg?ssl=1
[8]: https://itsfoss.com/install-themes-ubuntu/
[9]: https://i2.wp.com/itsfoss.com/wp-content/uploads/2019/10/change-theme-ubuntu-gnome.jpg?ssl=1
[10]: https://i0.wp.com/itsfoss.com/wp-content/uploads/2019/10/disable-animation-ubuntu-gnome.jpg?ssl=1
[11]: https://i1.wp.com/itsfoss.com/wp-content/uploads/2019/10/desktop-icons-ubuntu.jpg?ssl=1
[12]: https://extensions.gnome.org/
[13]: https://itsfoss.com/best-gnome-extensions/
[14]: https://itsfoss.com/gnome-shell-extensions/
[15]: https://i2.wp.com/itsfoss.com/wp-content/uploads/2019/10/manage-gnome-extension-tweaks-tool.jpg?ssl=1
[16]: https://itsfoss.com/install-fonts-ubuntu/
[17]: https://i2.wp.com/itsfoss.com/wp-content/uploads/2019/10/change-fonts-ubuntu-gnome.jpg?ssl=1
[18]: https://i1.wp.com/itsfoss.com/wp-content/uploads/2019/10/disable-touchpad-while-typing-ubuntu.jpg?ssl=1
[19]: https://itsfoss.com/fix-right-click-touchpad-ubuntu/
[20]: https://i0.wp.com/itsfoss.com/wp-content/uploads/2019/10/enable-right-click-ubuntu.jpg?ssl=1
[21]: https://itsfoss.com/schedule-shutdown-ubuntu/
[22]: https://i0.wp.com/itsfoss.com/wp-content/uploads/2019/10/power-settings-gnome-tweaks-tool.jpg?ssl=1
[23]: https://itsfoss.com/display-battery-ubuntu/
[24]: https://i1.wp.com/itsfoss.com/wp-content/uploads/2019/10/top-panel-settings-gnome-tweaks-tool.jpg?ssl=1
[25]: https://i1.wp.com/itsfoss.com/wp-content/uploads/2019/10/windows-configuration-ubuntu-gnome-tweaks.jpg?ssl=1
[26]: https://i2.wp.com/itsfoss.com/wp-content/uploads/2019/10/configure-workspaces-ubuntu.jpg?ssl=1

185
sources/tech/20191021 Transition to Nftables.md
View File

@ -1,185 +0,0 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Transition to Nftables)
[#]: via: (https://opensourceforu.com/2019/10/transition-to-nftables/)
[#]: author: (Vijay Marcel D https://opensourceforu.com/author/vijay-marcel/)
Transition to Nftables
======
[![][1]][2]
_Every major distribution in the open source world is moving towards nftables as the default firewall. In short, the venerable Iptables is now dead. This article is a tutorial on how to build nftables._
Currently, there is an iptables-nft backend that is compatible with nftables but soon, even this will not be available. Also, as noted by Red Hat developers, sometimes it may translate the rules incorrectly. Rather than rely on an iptables-to-nftables converter, we need to know how to build our own nftables. In nftables, all the address families come under one rule. Nftables runs in the user space unlike iptables, where every module is in the kernel. It also needs less kernel updates and comes with new features such as maps, families and dictionaries.
**Address families**
Address families determine the types of packets that are processed. There are six address families in nftables and they are:
* ip
* ipv6
* inet
* arp
* bridge
* netdev
In nftables, the ipv4 and ipv6 protocols are combined into one single family called inet. So we do not need to specify two rules one for ipv4 and another for ipv6. If no address family is specified, it will default to ip protocol, i.e., ipv4. Our area of interest lies in the inet family, since most home users will use either ipv4 or ipv6 protocols (see Figure 1).
**Nftables**
A typical nftable rule contains three parts table, chain and rules.
Tables are containers for chains and rules. They are identified by their address families and their names. Chains contain the rules needed for the _inet/arp/bridge/netdev_ protocols and are of three types — filter, NAT and route. Nftable rules can be loaded from a script or they can be typed into a terminal and then saved as a rule-set. For home users, the default chain will be filter. The inet family contains the following hooks:
* Input
* Output
* Forward
* Pre-routing
* Post-routing
**To script or not to script?**
One of the biggest questions is whether we can use a firewall script or not. The answer is: its your choice. Heres some advice if you have hundreds of rules in your firewall, then it is best to use a script, but if you are a typical home user, then you can type the commands in the terminal and then load your rule-set. Each option has its own advantages and disadvantages. In this article, we will type them in the terminal to build our firewall.
Nftables uses a program called nft to add, create, list, delete and load rules. Make sure nftables is installed along with conntrackd and netfilter-persistent, and remove iptables, using the following command:
```
apt-get install nftables conntrackd netfilter-persistent
apt-get purge iptables
```
_nft_ needs to be run as root or use sudo. Use the following commands to list, flush, delete ruleset and load the script respectively.
```
nft list ruleset
nft flush ruleset
nft delete table inet filter
/usr/sbin/nft -f /etc/nftables.conf
```
**Input policy**
The firewall will contain three parts input, forward and output just like in iptables. In the terminal, type the following commands for the input firewall. Make sure you have flushed your rule-set before you begin. Our default policy will be to drop everything. We will use the inet family in the firewall. Add the following rules as root or use sudo:
```
nft add table inet filter
nft add chain inet filter input { type filter hook input priority 0 \; counter \; policy drop \; }
```
You have noticed there is something called _priority 0_. It means giving the rule higher precedence. Hooks typically give higher precedence to the negative integer. Every hook has its own precedence and the filter chain has priority 0. You can check the nftables wiki page to see the priority of each hook.
To know the network interfaces in your computer, run the following command:
```
ip link show
```
It will show the installed network interface, one local host and other Ethernet port or your wireless port. Your Ethernet ports name looks something like this: _enpXsY_ where X and Y are numbers, and the same goes for your wireless port. We have to allow the local host and only allow established incoming connections from the Internet.
Nftables has a feature called verdict statements on how to parse a rule. The verdict statements are _accept, drop, queue, jump, goto, continue_ and _return_. Since the firewall is a simple one, we will use either _accept_ or _drop the packets_ (Figure 2).
```
nft add rule inet filter input iifname lo accept
nft add rule inet filter input iifname enpXsY ct state new, established, related accept
```
Next, we have to add rules to protect us from stealth scans. Not all stealth scans are malicious but most of them are. We have to protect the network from such scans. The first set lists the TCP flags to be tested. Of these flags, the second set lists the flags to be matched with the first.
```
nft add rule inet filter input iifname enpXsY tcp flags \& \(syn\|fin\) == \(syn\|fin\) drop
nft add rule inet filter input iifname enpXsY tcp flags \& \(syn\|rst\) == \(syn\|rst\) drop
nft add rule inet filter input iifname enpXsY tcp flags \& \(fin\|rst\) == \(fin\|rst\) drop
nft add rule inet filter input iifname enpXsY tcp flags \& \(ack\|fin\) == fin drop
nft add rule inet filter input iifname enpXsY tcp flags \& \(ack\|psh\) == psh drop
nft add rule inet filter input iifname enpXsY tcp flags \& \(ack\|urg\) == urg drop
```
Remember, we are typing these commands in the terminal. So we have to add a backslash before some special characters, to make sure the terminal interprets it as it should. If you are using a script, then this isnt required.
**A word of caution regarding ICMP**
The Internet Control Message Protocol (ICMP) is a diagnostic tool and so should not be dropped outright. Any attempt to fully block ICMP is unwise as it will also stop giving error messages to us. Enable only the most important control messages such as echo-request, echo-reply, destination-unreachable and time-exceeded, and reject the rest. Echo-request and echo-reply are part of ping. In the input, we only allow echo reply and in the output, we only allow the echo-request.
```
nft add rule inet filter input iifname enpXsY icmp type { echo-reply, destination-unreachable, time-exceeded } limit rate 1/second accept
nft add rule inet filter input iifname enpXsY ip protocol icmp drop
```
Finally, we are logging and dropping all the invalid packets.
```
nft add rule inet filter input iifname enpXsY ct state invalid log flags all level info prefix \”Invalid-Input: \”
nft add rule inet filter input iifname enpXsY ct state invalid drop
```
**Forward and output policy**
In both the forward and output policies, we will drop packets by default and only accept those that are established connections.
```
nft add chain inet filter forward { type filter hook forward priority 0 \; counter \; policy drop \; }
nft add rule inet filter forward ct state established, related accept
nft add rule inet filter forward ct state invalid drop
nft add chain inet filter output { type filter hook output priority 0 \; counter \; policy drop \; }
```
A typical desktop user needs only Port 80 and 443 to be allowed to access the Internet. Finally, allow acceptable ICMP protocols and drop the invalid packets while logging them.
```
nft add rule inet filter output oifname enpXsY tcp dport { 80, 443 } ct state established accept
nft add rule inet filter output oifname enpXsY icmp type { echo-request, destination-unreachable, time-exceeded } limit rate 1/second accept
nft add rule inet filter output oifname enpXsY ip protocol icmp drop
nft add rule inet filter output oifname enpXsY ct state invalid log flags all level info prefix \”Invalid-Output: \”
nft add rule inet filter output oifname enpXsY ct state invalid drop
```
Now we have to save our rule-set, otherwise it will be lost when we reboot. To do so, run the following command:
```
sudo nft list ruleset. > /etc/nftables.conf
```
We now have to load nftables at boot, for that enables the nftables service in systemd:
```
sudo systemctl enable nftables
```
Next, edit the nftables unit file to remove the Execstop option to avoid flushing the rule-set at every boot. The file is usually located in /etc/systemd/system/sysinit.target.wants/nftables.service. Now restart the nftables:
```
sudo systemctl restart nftables
```
**Logging in rsyslog**
When you log the dropped packets, they go straight to _syslog_, which makes reading your log file quite difficult. It is better to redirect your firewall logs to a separate file. Create a directory called nftables in
_/var/log_ and in it, create two files called _input.log_ and _output.log_ to store the input and output logs, respectively. Make sure rsyslog is installed in your system. Now go to _/etc/rsyslog.d_ and create a file called _nftables.conf_ with the following contents:
```
:msg,regex,”Invalid-Input: “ -/var/log/nftables/Input.log
:msg,regex,”Invalid-Output: “ -/var/log/nftables/Output.log
& stop
```
Now we have to make sure the log is manageable. For that, create another file in _/etc/logrotate.d_ called nftables with the following code:
```
/var/log/nftables/* { rotate 5 daily maxsize 50M missingok notifempty delaycompress compress postrotate invoke-rc.d rsyslog rotate > /dev/null endscript }
```
Restart nftables. You can now check your rule-set. If you feel typing each command in the terminal is bothersome, you can use a script to load the nftables firewall. I hope this article is useful in protecting your system.
--------------------------------------------------------------------------------
via: https://opensourceforu.com/2019/10/transition-to-nftables/
作者:[Vijay Marcel D][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensourceforu.com/author/vijay-marcel/
[b]: https://github.com/lujun9972
[1]: https://i1.wp.com/opensourceforu.com/wp-content/uploads/2017/01/REHfirewall-1.jpg?resize=696%2C481&ssl=1 (REHfirewall)
[2]: https://i1.wp.com/opensourceforu.com/wp-content/uploads/2017/01/REHfirewall-1.jpg?fit=900%2C622&ssl=1

243
sources/tech/20191028 How to remove duplicate lines from files with awk.md Normal file
View File

@ -0,0 +1,243 @@
[#]: collector: (lujun9972)
[#]: translator: ( )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (How to remove duplicate lines from files with awk)
[#]: via: (https://opensource.com/article/19/10/remove-duplicate-lines-files-awk)
[#]: author: (Lazarus Lazaridis https://opensource.com/users/iridakos)
How to remove duplicate lines from files with awk
======
Learn how to use awk '!visited[$0]++' without sorting or changing their
order.
![Coding on a computer][1]
Suppose you have a text file and you need to remove all of its duplicate lines.
### TL;DR
To remove the duplicate lines while _preserving their order in the file_, use:
```
`awk '!visited[$0]++' your_file > deduplicated_file`
```
### How it works
The script keeps an associative array with _indices_ equal to the unique lines of the file and _values_ equal to their occurrences. For each line of the file, if the line occurrences are zero, then it increases them by one and _prints the line_, otherwise, it just increases the occurrences _without printing the line_.
I was not familiar with **awk**, and I wanted to understand how this can be accomplished with such a short script (**awk**ward). I did my research, and here is what is going on:
* The awk "script" **!visited[$0]++** is executed for _each line_ of the input file.
* **visited[]** is a variable of type [associative array][2] (a.k.a. [Map][3]). We don't have to initialize it because **awk** will do it the first time we access it.
* The **$0** variable holds the contents of the line currently being processed.
* **visited[$0]** accesses the value stored in the map with a key equal to **$0** (the line being processed), a.k.a. the occurrences (which we set below).
* The **!** negates the occurrences' value:
* In awk, [any nonzero numeric value or any nonempty string value is true][4].
* By default, [variables are initialized to the empty string][5], which is zero if converted to a number.
* That being said:
* If **visited[$0]** returns a number greater than zero, this negation is resolved to **false**.
* If **visited[$0]** returns a number equal to zero or an empty string, this negation is resolved to **true**.
* The **++** operation increases the variable's value (**visited[$0]**) by one.
* If the value is empty, **awk** converts it to **0** (number) automatically and then it gets increased.
* **Note:** The operation is executed after we access the variable's value.
Summing up, the whole expression evaluates to:
* **true** if the occurrences are zero/empty string
* **false** if the occurrences are greater than zero
**awk** statements consist of a [_pattern-expression_ and an _associated action_][6].
```
`<pattern/expression> { <action> }`
```
If the pattern succeeds, then the associated action is executed. If we don't provide an action, **awk**, by default, **print**s the input.
> An omitted action is equivalent to **{ print $0 }**.
Our script consists of one **awk** statement with an expression, omitting the action. So this:
```
`awk '!visited[$0]++' your_file > deduplicated_file`
```
is equivalent to this:
```
`awk '!visited[$0]++ { print $0 }' your_file > deduplicated_file`
```
For every line of the file, if the expression succeeds, the line is printed to the output. Otherwise, the action is not executed, and nothing is printed.
### Why not use the **uniq** command?
The **uniq** command removes only the _adjacent duplicate lines_. Here's a demonstration:
```
$ cat test.txt
A
A
A
B
B
B
A
A
C
C
C
B
B
A
$ uniq &lt; test.txt
A
B
A
C
B
A
```
### Other approaches
#### Using the sort command
We can also use the following [**sort**][7] command to remove the duplicate lines, but _the line order is not preserved_.
```
`sort -u your_file > sorted_deduplicated_file`
```
#### Using cat, sort, and cut
The previous approach would produce a de-duplicated file whose lines would be sorted based on the contents. [Piping a bunch of commands][8] can overcome this issue:
```
`cat -n your_file | sort -uk2 | sort -nk1 | cut -f2-`
```
##### How it works
Suppose we have the following file:
```
abc
ghi
abc
def
xyz
def
ghi
klm
```
**cat -n test.txt** prepends the order number in each line.
```
1       abc
2       ghi
3       abc
4       def
5       xyz
6       def
7       ghi
8       klm
```
**sort -uk2** sorts the lines based on the second column (**k2** option) and keeps only the first occurrence of the lines with the same second column value (**u** option).
```
1       abc
4       def
2       ghi
8       klm
5       xyz
```
**sort -nk1** sorts the lines based on their first column (**k1** option) treating the column as a number (**-n** option).
```
1       abc
2       ghi
4       def
5       xyz
8       klm
```
Finally, **cut -f2-** prints each line starting from the second column until its end (**-f2-** option: _Note the **-** suffix, which instructs it to include the rest of the line_).
```
abc
ghi
def
xyz
klm
```
### References
* [The GNU awk user's guide][9]
* [Arrays in awk][2]
* [Awk—Truth values][4]
* [Awk expressions][5]
* [How can I delete duplicate lines in a file in Unix?][10]
* [Remove duplicate lines without sorting [duplicate]][11]
* [How does awk '!a[$0]++' work?][12]
That's all. Cat photo.
![Duplicate cat][13]
* * *
_This article originally appeared on the iridakos blog by [Lazarus Lazaridis][14] under a [CC BY-NC 4.0 License][15] and is republished with the author's permission._
--------------------------------------------------------------------------------
via: https://opensource.com/article/19/10/remove-duplicate-lines-files-awk
作者:[Lazarus Lazaridis][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/iridakos
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/code_computer_laptop_hack_work.png?itok=aSpcWkcl (Coding on a computer)
[2]: http://kirste.userpage.fu-berlin.de/chemnet/use/info/gawk/gawk_12.html
[3]: https://en.wikipedia.org/wiki/Associative_array
[4]: https://www.gnu.org/software/gawk/manual/html_node/Truth-Values.html
[5]: https://ftp.gnu.org/old-gnu/Manuals/gawk-3.0.3/html_chapter/gawk_8.html
[6]: http://kirste.userpage.fu-berlin.de/chemnet/use/info/gawk/gawk_9.html
[7]: http://man7.org/linux/man-pages/man1/sort.1.html
[8]: https://stackoverflow.com/a/20639730/2292448
[9]: https://www.gnu.org/software/gawk/manual/html_node/
[10]: https://stackoverflow.com/questions/1444406/how-can-i-delete-duplicate-lines-in-a-file-in-unix
[11]: https://stackoverflow.com/questions/11532157/remove-duplicate-lines-without-sorting
[12]: https://unix.stackexchange.com/questions/159695/how-does-awk-a0-work/159734#159734
[13]: https://opensource.com/sites/default/files/uploads/duplicate-cat.jpg (Duplicate cat)
[14]: https://iridakos.com/about/
[15]: http://creativecommons.org/licenses/by-nc/4.0/

167
translated/tech/20191015 10 Ways to Customize Your Linux Desktop With GNOME Tweaks Tool.md Normal file
View File

@ -0,0 +1,167 @@
[#]: collector: (lujun9972)
[#]: translator: (wxy)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (10 Ways to Customize Your Linux Desktop With GNOME Tweaks Tool)
[#]: via: (https://itsfoss.com/gnome-tweak-tool/)
[#]: author: (Abhishek Prakash https://itsfoss.com/author/abhishek/)
使用 GNOME 优化工具自定义 Linux 桌面的 10 种方法
======
![GNOME Tweak Tool Icon][1]
你可以通过多种方法来调整 Ubuntu以自定义其外观和行为。我发现最简单的方法是使用 [GNOME 优化工具][2]。它也被称为 GNOME Tweak 或简单地称为 Tweak优化
在过去的教程中,我已经多次介绍过它。在这里,我列出了你可以使用此工具执行的所有主要优化。
我在这里使用的是 Ubuntu但是这些步骤应该适用于使用 GNOME 桌面环境的任何 Linux 发行版。
### 在 Ubuntu 18.04 或其它版本上安装 GNOME 优化工具
Gnome 优化工具可从 [Ubuntu 中的 Universe 存储库][3]中安装,因此请确保已在“软件和更新”工具中启用了该工具:
![在 Ubuntu 中启用 Universe 存储库][4]
之后,你可以从软件中心安装 GNOME 优化工具。只需打开软件中心并搜索 “GNOME Tweaks”并从那里安装它
![从软件中心安装 GNOME 优化工具][5]
或者,你也可以使用命令行通过 [apt 命令][6]安装此软件:
```
sudo apt install gnome-tweaks
```
### 用优化工具定制 GNOME 桌面
![][7]
GNOME 优化工具使你可以进行许多设置更改。其中的某些更改(例如墙纸更改、启动应用程序等)也可以在官方的“系统设置”工具中找到。我将重点介绍默认情况下“设置”中不可用的优化。
#### 1、改变主题
你可以通过各种方式[在 Ubuntu 中安装新主题][8]。但是如果要更改为新安装的主题则必须安装GNOME 优化工具。
你可以在外观部分找到主题和图标设置。你可以浏览可用的主题和图标并设置所需的主题和图标。更改将立即生效。
![通过 GNOME 优化更改主题][9]
#### 2\、禁用动画以提速你的桌面体验
应用程序窗口的打开、关闭、最大化等都有一些细微的动画。你可以禁用这些动画以稍微加快系统的速度,因为它会使用较少的资源。
![禁用动画以获得稍快的桌面体验][10]
#### 3、控制桌面图标
至少在 Ubuntu 中,你会在桌面上看到“主目录”和“垃圾箱”图标。如果你不喜欢,可以选择禁用它。你还可以选择要在桌面上显示的图标。
![在 Ubuntu 中控制桌面图标][11]
#### 4、管理 GNOME 扩展
我想可能知道 [GNOME 扩展][12]。这些是用于桌面的小型“插件”,可扩展 GNOME 桌面的功能。有[大量的 GNOME 扩展][13],可用于在顶部面板中查看 CPU 消耗、获取剪贴板历史记录等。
我已经写了一篇[安装和使用 GNOME 扩展][14]的详细文章。在这里,我假设你已经在使用它们,如果是这种情况,那么可以从 GNOME 优化工具中对其进行管理。
![管理 GNOME 扩展][15]
#### 5、改变字体和缩放比例
你可以[在 Ubuntu 中安装新字体][16],并使用优化工具在系统范围应用字体更改。如果你认为桌面上的图标和文本太小,也可以更改缩放比例。
![更改字体和缩放比例][17]
#### 6、控制触摸板行为例如在键入时禁用触摸板右键单击触摸板即可正常工作
GNOME 优化工具还允许你在键入时禁用触摸板。如果你在笔记本电脑上快速键入,这将很有用。手掌底部可能会触摸触摸板,并导致光标移至屏幕上不需要的位置。
在键入时自动禁用触摸板可解决此问题。
![键入时禁用触摸板][18]
你还会注意到[当你按下触摸板的右下角以进行右键单击时,什么也没有发生][19]。你的触摸板并没有问题。这是一项系统设置,可对没有实体右键按钮的任何触摸板(例如旧的 Thinkpad 笔记本电脑)禁用这种右键单击功能。两指点击可为你提供右键单击操作。
你也可以通过在“鼠标单击模拟”下的“区域”中而不是“手指”中找到它。
![修复右键单击问题][20]
你可能必须[重新启动 Ubuntu][21] 才能生效。如果你是 Emacs 爱好者,还可以从 Emacs 强制进行键盘绑定。
#### 7、改变电源设置
电源这里只有一个设置。盖上盖子后,你可以将笔记本电脑置于挂起模式。
![GNOME 优化工具中的电源设置][22]
#### 8、决定什么显示在顶部面板
桌面的顶部面板显示了一些重要的信息。在这里有日历、网络图标、系统设置和“活动”选项。
你还可以[显示电池百分比][23]、添加日期以及日期和时间,并显示星期数。你还可以启用鼠标热点,以便将鼠标移至屏幕的左上角时可以获得所有正在运行的应用程序的活动视图。
![GNOME 优化工具中的顶部面板设置][24]
如果将鼠标将焦点放在应用程序窗口上,则会注意到其菜单显示在顶部面板中。如果你不喜欢这样,可以将其关闭,然后应用程序菜单将显示应用程序本身。
#### 9、配置应用窗口
你可以决定是否在应用程序窗口中显示最大化和最小化选项(右上角的按钮)。你也可以在左右两边改变它们的位置。
![应用程序窗口配置][25]
还有其他一些配置选项。我不使用它们,但你可以自行探索。
#### 10、配置工作区
GNOME 优化工具还允许你围绕工作区配置一些内容。
![在 Ubuntu 中配置工作区][26]
### 总结
对于任何 GNOME 用户GNOME 优化Tweaks工具都是必备工具。它可以帮助你配置桌面的外观和功能。 我感到惊讶的是,该工具甚至没有出现在 Ubuntu 的主存储库中。我认为应该默认安装它,要不,你将需得在 Ubuntu 中手动安装 GNOME 优化工具。
如果你在 GNOME 优化工具中发现了一些此处没有讨论的隐藏技巧,为什么不与大家分享呢?
--------------------------------------------------------------------------------
via: https://itsfoss.com/gnome-tweak-tool/
作者:[Abhishek Prakash][a]
选题:[lujun9972][b]
译者:[wxy](https://github.com/wxy)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://itsfoss.com/author/abhishek/
[b]: https://github.com/lujun9972
[1]: https://i0.wp.com/itsfoss.com/wp-content/uploads/2019/10/gnome-tweak-tool-icon.png?ssl=1
[2]: https://wiki.gnome.org/action/show/Apps/Tweaks?action=show&redirect=Apps%2FGnomeTweakTool
[3]: https://itsfoss.com/ubuntu-repositories/
[4]: https://i2.wp.com/itsfoss.com/wp-content/uploads/2019/03/enable-repositories-ubuntu.png?ssl=1
[5]: https://i2.wp.com/itsfoss.com/wp-content/uploads/2019/10/install-gnome-tweaks-tool.jpg?ssl=1
[6]: https://itsfoss.com/apt-command-guide/
[7]: https://i1.wp.com/itsfoss.com/wp-content/uploads/2019/10/customize-gnome-with-tweak-tool.jpg?ssl=1
[8]: https://itsfoss.com/install-themes-ubuntu/
[9]: https://i2.wp.com/itsfoss.com/wp-content/uploads/2019/10/change-theme-ubuntu-gnome.jpg?ssl=1
[10]: https://i0.wp.com/itsfoss.com/wp-content/uploads/2019/10/disable-animation-ubuntu-gnome.jpg?ssl=1
[11]: https://i1.wp.com/itsfoss.com/wp-content/uploads/2019/10/desktop-icons-ubuntu.jpg?ssl=1
[12]: https://extensions.gnome.org/
[13]: https://itsfoss.com/best-gnome-extensions/
[14]: https://itsfoss.com/gnome-shell-extensions/
[15]: https://i2.wp.com/itsfoss.com/wp-content/uploads/2019/10/manage-gnome-extension-tweaks-tool.jpg?ssl=1
[16]: https://itsfoss.com/install-fonts-ubuntu/
[17]: https://i2.wp.com/itsfoss.com/wp-content/uploads/2019/10/change-fonts-ubuntu-gnome.jpg?ssl=1
[18]: https://i1.wp.com/itsfoss.com/wp-content/uploads/2019/10/disable-touchpad-while-typing-ubuntu.jpg?ssl=1
[19]: https://itsfoss.com/fix-right-click-touchpad-ubuntu/
[20]: https://i0.wp.com/itsfoss.com/wp-content/uploads/2019/10/enable-right-click-ubuntu.jpg?ssl=1
[21]: https://itsfoss.com/schedule-shutdown-ubuntu/
[22]: https://i0.wp.com/itsfoss.com/wp-content/uploads/2019/10/power-settings-gnome-tweaks-tool.jpg?ssl=1
[23]: https://itsfoss.com/display-battery-ubuntu/
[24]: https://i1.wp.com/itsfoss.com/wp-content/uploads/2019/10/top-panel-settings-gnome-tweaks-tool.jpg?ssl=1
[25]: https://i1.wp.com/itsfoss.com/wp-content/uploads/2019/10/windows-configuration-ubuntu-gnome-tweaks.jpg?ssl=1
[26]: https://i2.wp.com/itsfoss.com/wp-content/uploads/2019/10/configure-workspaces-ubuntu.jpg?ssl=1

190
translated/tech/20191021 Transition to Nftables.md Normal file
View File

@ -0,0 +1,190 @@
[#]: collector: (lujun9972)
[#]: translator: (wxy)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: subject: (Transition to Nftables)
[#]: via: (https://opensourceforu.com/2019/10/transition-to-nftables/)
[#]: author: (Vijay Marcel D https://opensourceforu.com/author/vijay-marcel/)
过渡到 nftables
======
![][2]
> 开源世界中的每个主要发行版都正在演进,而将 nftables 作为默认防火墙。换言之,古老的 iptables 现在已经消亡。本文是有关如何构建 nftables 的教程。
当前,有一个与 nftables 兼容的 iptables-nft 后端,但是很快,即使是它也不再提供了。另外,正如 Red Hat 开发人员所指出的那样,有时它可能会错误地转换规则。我们需要知道如何构建自己的 nftables而不是依赖于 iptables 到 nftables 的转换器。在 nftables 中,所有地址族都遵循一个规则。与 iptables 不同nftables 在用户空间中运行iptables 中的每个模块都运行在内核(空间)中。它很少需要更新内核,并具有一些新功能,例如映射,地址族和字典。
### 地址族
地址族确定要处理的数据包的类型。在 nftables 中有六个地址族,它们是:
* ip
* ipv6
* inet
* arp
* bridge
* netdev
在 nftables 中ipv4 和 ipv6 协议被合并为一个称为 inet 的单一地址族。因此,我们不需要指定两个规则:一个用于 ipv4另一个用于 ipv6。如果未指定地址族它将默认为 ip 协议,即 ipv4。我们感兴趣的领域是 inet 系列,因为大多数家庭用户将使用 ipv4 或 ipv6 协议。
### nftables
典型的 nftables 规则包含三个部分:表、链和规则。
表是链和规则的容器。它们由其地址族和名称来标识。链包含 inet/arp/bridge/netdev 等协议所需的规则并具有三种类型过滤器、NAT 和路由。nftables 规则可以从脚本加载也可以在终端键入然后另存为规则集。对于家庭用户默认链为过滤器。inet 系列包含以下钩子:
* Input
* Output
* Forward
* Pre-routing
* Post-routing
### 使用脚本还是不用?
最大的问题之一是我们是否可以使用防火墙脚本。答案是:这是你自己的选择。这里有一些建议:如果防火墙中有数百条规则,那么最好使用脚本,但是如果你是典型的家庭用户,则可以在终端中键入命令,然后加载规则集。每种选择都有其自身的优缺点。在本文中,我们将在终端中键入它们以构建防火墙。
nftables 使用一个名为 `nft` 的程序来添加、创建、列出、删除和加载规则。确保使用以下命令将 nftables 与 conntrackd 和 netfilter-persistent 一起安装,并删除 iptables
```
apt-get install nftables conntrackd netfilter-persistent
apt-get purge iptables
```
`nft` 需要以 root 身份运行或使用 sudo 运行。使用以下命令分别列出、刷新、删除规则集和加载脚本。
```
nft list ruleset
nft flush ruleset
nft delete table inet filter
/usr/sbin/nft -f /etc/nftables.conf
```
### 输入策略
就像 iptables 一样,防火墙将包含三部分:输入(`input`)、转发(`forward`)和输出(`output`)。在终端中,为“输入(`input`)”防火墙键入以下命令。在开始之前,请确保已刷新规则集。我们的默认政策将会删除所有内容。我们将在防火墙中使用 inet 地址族。将以下规则以 root 身份添加或使用 `sudo` 运行:
```
nft add table inet filter
nft add chain inet filter input { type filter hook input priority 0 \; counter \; policy drop \; }
```
你会注意到有一个名为 `priority 0` 的东西。这意味着赋予该规则更高的优先级。挂钩通常赋予负整数,这意味着更高的优先级。每个挂钩都有自己的优先级,过滤器链的优先级为 0。你可以检查 nftables Wiki 页面以查看每个挂钩的优先级。
要了解你计算机中的网络接口,请运行以下命令:
```
ip link show
```
它将显示已安装的网络接口,一个本地主机、另一个以太网端口或无线端口。以太网端口的名称如下所示:`enpXsY`,其中 `X``Y` 是数字,无线端口也是如此。我们必须允许本地主机,并且仅允许从互联网建立的传入连接。
nftables 具有一项称为裁决语句的功能,用于解析规则。裁决语句为 `accept`、`drop`、`queue`、`jump`、`goto`、`continue` 和 `return`。由于这是一个很简单的防火墙,因此我们将使用 `accept``drop` 处理数据包。
```
nft add rule inet filter input iifname lo accept
nft add rule inet filter input iifname enpXsY ct state new, established, related accept
```
接下来,我们必须添加规则以保护我们免受隐秘扫描。并非所有的隐秘扫描都是恶意的,但大多数都是。我们必须保护网络免受此类扫描。第一组规则列出了要测试的 TCP 标志。在这些标志中,第二组列出了要与第一组匹配的标志。
```
nft add rule inet filter input iifname enpXsY tcp flags \& \(syn\|fin\) == \(syn\|fin\) drop
nft add rule inet filter input iifname enpXsY tcp flags \& \(syn\|rst\) == \(syn\|rst\) drop
nft add rule inet filter input iifname enpXsY tcp flags \& \(fin\|rst\) == \(fin\|rst\) drop
nft add rule inet filter input iifname enpXsY tcp flags \& \(ack\|fin\) == fin drop
nft add rule inet filter input iifname enpXsY tcp flags \& \(ack\|psh\) == psh drop
nft add rule inet filter input iifname enpXsY tcp flags \& \(ack\|urg\) == urg drop
```
记住,我们在终端中键入这些命令。因此,我们必须在一些特殊字符之前添加一个反斜杠,以确保终端能够正确解释该斜杠。如果你使用的是脚本,则不需要这样做。
### 关于 ICMP 的警告
互联网控制消息协议ICMP是一种诊断工具因此不应完全丢弃该流量。完全阻止 ICMP 的任何尝试都是不明智的,因为它还会停止向我们提供错误消息。仅启用最重要的控制消息,例如回声请求、回声应答、目的地不可达和超时等消息,并拒绝其余消息。回声请求和回声应答是 `ping` 的一部分。在输入策略中,我们仅允许回声应答、而在输出策略中,我们仅允许回声请求。
```
nft add rule inet filter input iifname enpXsY icmp type { echo-reply, destination-unreachable, time-exceeded } limit rate 1/second accept
nft add rule inet filter input iifname enpXsY ip protocol icmp drop
```
最后,我们记录并丢弃所有无效数据包。
```
nft add rule inet filter input iifname enpXsY ct state invalid log flags all level info prefix \”Invalid-Input: \”
nft add rule inet filter input iifname enpXsY ct state invalid drop
```
### 转发和输出策略
在转发和输出策略中,默认情况下我们将丢弃数据包,仅接受已建立连接的数据包。
```
nft add chain inet filter forward { type filter hook forward priority 0 \; counter \; policy drop \; }
nft add rule inet filter forward ct state established, related accept
nft add rule inet filter forward ct state invalid drop
nft add chain inet filter output { type filter hook output priority 0 \; counter \; policy drop \; }
```
典型的桌面用户只需要端口 80 和 443 即可访问互联网。最后,允许可接受的 ICMP 协议并在记录无效数据包时丢弃它们。
```
nft add rule inet filter output oifname enpXsY tcp dport { 80, 443 } ct state established accept
nft add rule inet filter output oifname enpXsY icmp type { echo-request, destination-unreachable, time-exceeded } limit rate 1/second accept
nft add rule inet filter output oifname enpXsY ip protocol icmp drop
nft add rule inet filter output oifname enpXsY ct state invalid log flags all level info prefix \”Invalid-Output: \”
nft add rule inet filter output oifname enpXsY ct state invalid drop
```
现在我们必须保存我们的规则集,否则重新启动时它将丢失。为此,请运行以下命令:
```
sudo nft list ruleset. > /etc/nftables.conf
```
我们必须在引导时加载 nftables这将在 systemd 中启用 nftables 服务:
```
sudo systemctl enable nftables
```
接下来,编辑 nftables 单元文件以删除 `Execstop` 选项,以避免在每次引导时刷新规则集。该文件通常位于 `/etc/systemd/system/sysinit.target.wants/nftables.service` 中。现在重新启动nftables
```
sudo systemctl restart nftables
```
### 在 rsyslog 中记录日志
当你记录丢弃的数据包时,它们直接进入 syslog这使得读取日志文件非常困难。最好将防火墙日志重定向到单独的文件。在 `/var/log` 目录中创建一个名为 `nftables` 的目录,并在其中创建两个名为 `input.log``output.log` 的文件,分别存储输入和输出日志。确保系统中已安装 rsyslog。现在转到 `/etc/rsyslog.d` 并创建一个名为 `nftables.conf` 的文件,其内容如下:
```
:msg,regex,”Invalid-Input: “ -/var/log/nftables/Input.log
:msg,regex,”Invalid-Output: “ -/var/log/nftables/Output.log
& stop
```
现在,我们必须确保日志是可管理的。为此,使用以下代码在 `/etc/logrotate.d` 中创建另一个名为 `nftables` 的文件:
```
/var/log/nftables/* { rotate 5 daily maxsize 50M missingok notifempty delaycompress compress postrotate invoke-rc.d rsyslog rotate > /dev/null endscript }
```
重新启动 nftables。现在你可以检查你的规则集。如果你觉得在终端中键入每个命令很麻烦则可以使用脚本来加载 nftables 防火墙。我希望本文对保护你的系统有用。
--------------------------------------------------------------------------------
via: https://opensourceforu.com/2019/10/transition-to-nftables/
作者:[Vijay Marcel D][a]
选题:[lujun9972][b]
译者:[wxy](https://github.com/wxy)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensourceforu.com/author/vijay-marcel/
[b]: https://github.com/lujun9972
[1]: https://i1.wp.com/opensourceforu.com/wp-content/uploads/2017/01/REHfirewall-1.jpg?resize=696%2C481&ssl=1 (REHfirewall)
[2]: https://i1.wp.com/opensourceforu.com/wp-content/uploads/2017/01/REHfirewall-1.jpg?fit=900%2C622&ssl=1