Merge pull request #12 from LCTT/master

update
This commit is contained in:
littlebirdnest 2022-11-17 15:06:11 +08:00 committed by GitHub
commit eef6e98fd0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
43 changed files with 4443 additions and 2278 deletions

View File

@ -1,30 +1,34 @@
[#]: collector: (lujun9972)
[#]: translator: (FYJNEVERFOLLOWS )
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
[#]: translator: (FYJNEVERFOLLOWS)
[#]: reviewer: (wxy)
[#]: publisher: (wxy)
[#]: url: (https://linux.cn/article-15246-1.html)
[#]: subject: (Convert audio files with this versatile Linux command)
[#]: via: (https://opensource.com/article/20/2/linux-sox)
[#]: author: (Klaatu https://opensource.com/users/klaatu)
使用这个多功能的 Linux 命令转换音频文件
======
SoX Sound Exchange 甚至可以为您的音频文件添加特效。
![HiFi vintage stereo][1]
我与媒体打交道,当你与任何一种媒体打交道时,你很快就会知道标准化是一种有价值的工具。就像你不会试图在不转换其中一个或另一个的情况下将分数加到小数中一样,我已经了解到组合不同格式的媒体并不是理想的。为了方便用户,大多数爱好者级应用程序使转换过程不可见。然而,对于那些需要控制媒体细节的用户的灵活软件,会通常让你自己提前将媒体转换为所需的格式。我有一些最喜欢的音频转换工具,其中之一就是号称“声音的瑞士军刀” —— [SoX][2]。
> SoX Sound Exchange 甚至可以为你的音频文件添加特效。
![](https://img.linux.net.cn/data/attachment/album/202211/13/104314skttlizoioyeaw3w.jpg)
我工作需要使用音视频媒体,不管你处理哪种媒体,你肯定知道标准化是一种有价值的工具。就像你不会试图把一个分数加到一个小数上而不转换其中一个一样,我已经知道,把不同格式的媒体组合起来并不理想。为了方便用户,大多数爱好者级应用程序使转换过程不可见。然而,对于那些需要控制媒体细节的用户的灵活软件,会通常让你自己提前将媒体转换为所需的格式。我有一些最喜欢的音频转换工具,其中之一就是号称“音频的瑞士军刀” —— [SoX][2]。
### 安装
在 Linux 或 BSD 上,可以从软件存储库或端口树中安装 **sox** 命令(和一些有用的符号链接)。
在 Linux 或 BSD 上,可以从软件存储库或 Ports 树中安装 `sox` 命令(,以及一些有用的符号链接)。
你也可以从 [Sourceforge.net][3] 上安装 SoX。它不经常发布但它的代码库往往是稳定的所以如果你想要最新的功能如 Opus 支持),构建它是容易和安全的。
SoX 主要提供了 **SoX** 命令,但是安装 SoX 也创建了一些有用的符号链接:**play**、**rec** 和 **soxi**
SoX 主要提供了 `sox` 命令,但是创建了一些有用的符号链接:`play`、`rec` 和 `soxi`
### 使用 SoX 获取有关文件的信息
SoX 读取和重写音频数据。它是否存储重写的音频数据取决于你。在有些情况下,你不需要存储转换后的数据,例如,当你将输出直接发送到扬声器进行回放时。然而,在进行任何转换之前,最好首先确定要处理的是什么。
### 使用 SoX 获取文件信息
使用 **soxi** 命令也可以收集音频文件信息。**soxi** 会符号链接到 **soxi--info**
SoX 可以读取和重写音频数据。它是否存储重写的音频数据取决于你。在有些情况下,你不需要存储转换后的数据,例如,当你将输出直接发送到扬声器进行回放时。然而,在进行任何转换之前,最好首先确定要处理的是什么。
使用 `soxi` 命令也可以收集音频文件信息。`soxi` 会符号链接到 `soxi --info`
```
$ soxi countdown.mp3
@ -38,26 +42,28 @@ Bit Rate比特率       : 128k
Sample Encoding编码格式: MPEG audio (layer I, II or III)
```
这个输出可以让你很好地了解音频文件的编码方式、文件长度、文件大小、采样率和通道数。其中一些你可能*认为*你已经知道了,但当客户把媒体带到我面前时,我从不相信这些假设。使用 **soxi** 验证媒体属性。
这个输出可以让你很好地了解音频文件的编码方式、文件长度、文件大小、采样率和通道数。其中一些你可能*认为*你已经知道了,但当客户把媒体带到我面前时,我从不相信这些假设。使用 `soxi` 验证媒体属性。
### 转换文件
在本例中,游戏节目的音频以 MP3 文件的形式展示倒计时。虽然几乎所有的编辑应用程序都接受压缩音频,但它们都没有真正编辑压缩数据。转换是在某个地方发生的,可能是一个秘密的后台任务,也可能是让你保存一份副本的提示。我通常喜欢自己提前完成转换。这样,我可以控制使用的格式。我可以在一夜之间批量制作大量的媒体,而不是浪费宝贵的制作时间,等待编辑应用程序按需浏览它们。
**sox** 命令用于转换音频文件。在 **sox** 流程中有几个阶段:
在本例中一个游戏节目倒计时的音频是以MP3文件的形式提供的。虽然几乎所有的编辑应用程序都接受压缩音频但它们并不是在压缩的数据上进行编辑。转换是在某个地方发生的可能是一个秘密的后台任务也可能提示让你保存一份副本。我通常喜欢自己提前完成转换。这样我可以控制使用的格式。我可以在夜间批量处理大量的媒体而不是浪费宝贵的制作时间等待编辑应用程序按需处理它们。
`sox` 命令用于转换音频文件。在 `sox` 流程中有几个阶段:
* 输入
* 合并
* 特效
* 输出
在命令语法中,特效步骤令人困惑地写到*最后一步*。这意味着 **sox** 流程是这样组成的:
但在命令语法中,特效步骤令人困惑地放到了*最后一步*。这意味着 `sox` 流程是这样组成的:
```
输入 → 合并 → 输出 → 特效
```
### 编码
最简单的转换命令只涉及一个输入文件和一个输出文件。下面是转换 MP3 文件为无损 FLAC 文件的命令:
最简单的转换命令只涉及一个输入文件和一个输出文件。下面是转换 MP3 文件为无损 FLAC 文件的命令:
```
$ sox countdown.mp3 output.flac
@ -75,44 +81,46 @@ Comment注释        : 'Comment=Processed by SoX'
```
#### 特效
特效可以在命令末尾指定。它可以在将数据发送到最终目的地之前更改音频。例如,有时声音太大会在转换过程中造成问题:
特效可以在命令末尾指定。它可以在将数据发送到最终目的地之前更改音频。例如,有时声音太大会在转换过程中造成问题:
```
$ sox bad.wav bad.ogg
sox WARN sox: `bad.ogg' output clipped 126 samples; decrease volume?
```
应用**增益** (gain) 效果通常可以解决此问题:
应用**增益**`gain`效果通常可以解决此问题:
```
`$ sox bad.wav bad.ogg gain -1`
$ sox bad.wav bad.ogg gain -1
```
#### 淡入淡出
另一个常用的效果是**淡入淡出**。此效果允许你定义淡入或淡出的形状,以及你希望淡入淡出效果持续的时间。
另一个常用的效果是**淡入淡出**`fade`)。此效果允许你定义淡入或淡出的类型,以及你希望淡入淡出效果持续的时间。
下面是一个使用倒抛物线的 6 秒淡入示例:
```
`$ sox intro.ogg intro.flac fade p 6`
$ sox intro.ogg intro.flac fade p 6
```
这将对音频的头部应用 3 秒的淡入,并从 8 秒标记开始淡出(介绍音乐只有 11 秒因此在这种情况下淡出也是3秒
这将对音频的头部应用 3 秒的淡入,并从 8 秒标记开始淡出(这段音乐只有 11 秒,因此在这种情况下淡出也是 3 秒):
```
`$ sox intro.ogg intro.flac fade p 3 8`
$ sox intro.ogg intro.flac fade p 3 8
```
**sox** 手册页中列出了不同类型的淡入淡出(正弦、线性、倒抛物线等)以及**淡入淡出提供的选项。
`sox` 手册页中列出了不同类型的淡入淡出(正弦、线性、倒抛物线等)以及淡入淡出提供的选项。
#### 特效语法
每个特效插件都有自己的语法,因此请参阅手册页了解如何调用每个特效插件的详细信息。要做到这一点,你需要一个图形声波编辑器或数字音频工作站,例如 [LMMS][4] 或 [Rosegarden][5]。但是,如果你只想应用一次特效,可以在同一命令中将它们一起列出。
此命令应用 -1 的**增益**效果、1.35 的速度**拉伸**和**淡入淡出**
每个特效插件都有自己的语法,因此请参阅手册页了解如何调用每个特效插件的详细信息。
效果可以在一个命令中以菊花链的方式进行,至少在你想组合它们的范围内是如此。换句话说,没有语法可以只在六秒钟的淡出期间应用一个镶边效果。对于如此精确的东西,你需要一个图形声波编辑器或数字音频工作站,例如 [LMMS][4] 或 [Rosegarden][5]。但是,如果你只想应用一次特效,可以在同一命令中将它们一起列出。
此命令应用了一个 -1 的**增益**效果、1.35 的节奏**拉伸**和**淡出**
```
$ sox intro.ogg output.flac gain -1 stretch 1.35 fade p 0 6
@ -130,38 +138,36 @@ Comment注释        : 'Comment=Processed by SoX'
```
### 组合音频
SoX 还可以通过连接或混合音频文件来组合音频文件。
要连接(或*拼接*)文件合并为一个文件,请在命令中提供多个输入文件:
要连接(或者说*拼接*)文件合并为一个文件,请在命令中提供多个输入文件:
```
`$ sox countdown.mp3 intro.ogg output.flac`
$ sox countdown.mp3 intro.ogg output.flac
```
在本例中,**output.flac** 现在包含 **倒计时** 音频,紧接着是**简介** 音乐。
但是,如果你希望两首曲目同时播放,可以使用 **\--combine mix** 选项:
在本例中,`output.flac` 现在包含 `countdown.mp3` 音频,紧接着是 `intro.ogg` 音乐。
但是,如果你希望两首曲目同时播放,可以使用 `--combine mix` 选项:
```
`$ sox --combine mix countdown.mp3 intro.ogg output.flac`
$ sox --combine mix countdown.mp3 intro.ogg output.flac
```
然而想象一下这两个输入文件的不同之处不仅仅在于它们的编解码器。声音用单声道一个声道录制并不少见但音乐要用立体声至少两个声道来录制。SoX 不会给出默认的解决方案,因此你必须首先自己标准化这两个文件的格式。
然而,想象一下,这两个输入文件的不同之处不仅仅在于它们的编解码器。声音用单声道(一个声道)录制并不少见,但音乐至少要用立体声至少两个声道来录制。SoX 不会给出默认的解决方案,因此你必须首先自己标准化这两个文件的格式。
#### 更改音频文件
选项只与后面列出的文件名相关。例如,此命令中的 **\--channels** 选项将*仅仅*应用于 **input.wav**,而*不被*应用于 **example.ogg****output.flac**
选项与后面列出文件名有关。例如,此命令中的 `--channels` 选项将*仅仅*应用于 `input.wav`,而*不被*应用于 `example.ogg`**output.flac**
```
`$ sox --channels 2 input.wav example.ogg output.flac`
$ sox --channels 2 input.wav example.ogg output.flac
```
这意味着在 SoX 中,选项的位置非常重要。如果你在命令开始时指定一个选项,那么实际上只会覆盖 SoX 自己从输入文件中收集的内容。然而,在*输出文件*名 前的选项决定了 SoX 如何写入音频数据。
要解决以前的不兼容通道问题,你可以首先标准化输入,然后混合:
这意味着在 SoX 中,选项的位置非常重要。如果你在命令开始时指定一个选项,那么实际上只会覆盖 SoX 自己从输入文件中收集的内容。然而,在*输出文件*名前的选项决定了 SoX 如何写入音频数据。
要解决前面的通道不兼容问题,你可以首先标准化输入,然后混合:
```
$ sox countdown.mp3 --channels 2 countdown-stereo.flac gain -1
@ -178,17 +184,16 @@ Sample Encoding编码格式: 16-bit FLAC
Comment注释        : 'Comment=Processed by SoX'
$ sox --combine mix \
countdown-stereo.flac \
intro.ogg \
output.flac
countdown-stereo.flac \
intro.ogg \
output.flac
```
SoX 绝对需要多个命令来执行复杂的操作,因此根据需要创建几个临时和中间文件是正常的。
### 多通道音频
当然,并非所有音频都被限制在一个或两个声道。如果您想将多个音频通道组合成一个文件,可以使用 SoX 和 **\--combine merge** 选项:
当然,并非所有音频都被限制在一个或两个声道。如果你想将多个音频通道组合成一个文件,可以使用 SoX 的 `--combine merge` 选项:
```
$ sox --combine merge countdown.mp3 intro.ogg output.flac
@ -201,7 +206,7 @@ Channels       : 3
### 简单的音频操作
在没有视觉界面的情况下操作音频似乎很奇怪而且对于某些任务来说SoX 绝对不是最好的工具。然而对于许多任务SoX 提供了一个简单而轻量级的工具包。SoX 是一个具有强大潜力的简单命令。有了它,你可以转换音频,操纵通道和波形,甚至生成自己的声音。本文仅简要概述了其功能,因此请阅读其手册页或[在线文档][2],然后看看你能创造什么。
在没有视觉界面的情况下操作音频似乎很奇怪而且对于某些任务来说SoX 绝对不是最好的工具。然而对于许多任务SoX 提供了一个简单而轻量级的工具包。SoX 是一个具有强大潜力的简单命令。有了它,你可以转换音频,操纵通道和波形,甚至生成自己的声音。本文仅简要概述了其功能,因此请阅读其手册页或 [在线文档][2],然后看看你能创造什么。
--------------------------------------------------------------------------------
@ -210,7 +215,7 @@ via: https://opensource.com/article/20/2/linux-sox
作者:[Klaatu][a]
选题:[lujun9972][b]
译者:[FYJNEVERFOLLOWS](https://github.com/FYJNEVERFOLLOWS)
校对:[校对者ID](https://github.com/校对者ID)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出

View File

@ -0,0 +1,231 @@
[#]: subject: "Why do domain names sometimes end with a dot?"
[#]: via: "https://jvns.ca/blog/2022/09/12/why-do-domain-names-end-with-a-dot-/"
[#]: author: "Julia Evans https://jvns.ca/"
[#]: collector: "lujun9972"
[#]: translator: "lxbwolf"
[#]: reviewer: "wxy"
[#]: publisher: "wxy"
[#]: url: "https://linux.cn/article-15254-1.html"
为什么有时候域名的末尾有个点?
======
![](https://img.linux.net.cn/data/attachment/album/202211/15/001222ytut3qvtau32f2p2.jpg)
大家好!今年早些时候,我在写《[DNS 是如何工作的][1]》 时,有人问我——为什么人们有时在域名的末尾加一个点?例如,如果你通过运行 `dig example.com` 查询 `example.com` 的 IP你会看到一下内容
```
$ dig example.com
example.com. 5678 IN A 93.184.216.34
```
执行完 `dig` 命令后,`example.com` 有一个 `.` ——变成了 `example.com.`!发生了什么?
有些 DNS 工具也要求传给它的域名后加一个 `.`:如果你在使用 [miekg/dns][2] 时传给它 `example.com`,它会报错:
```
// trying to send this message will return an error
m := new(dns.Msg)
m.SetQuestion("example.com", dns.TypeA)
```
最初我以为我知道这个问题的答案(“呃,末尾的点意味着域名是完全限定的?”)。这是对的 —— 一个<ruby>完全限定域名<rt>fully qualified domain name</rt></ruby>FQDN是一个末尾有 `.` 的域名!
但是*为什么*末尾的点是有用且重要的呢?
### 在 DNS 的请求/响应中,域名的末尾并没有 “.”
我曾经(错误地)认为 “为什么末尾有一个点?”的答案可能是 “在 DNS 请求/响应中,域名末尾有一个 `.`,所以我们把它放进去,以匹配你的计算机实际发送/接收的内容”。但事实并不是这样!
当计算机发送 DNS 请求/响应时,域名的末尾并没有点。实际上,域名中*没有*点。
域名会被编码成一系列的长度/字符串对。例如,域名 `example.com` 被编码为这 13 个字节。
```
7example3com0
```
编码后的内容一个点也没有。一个 ASCII 域名(如 `example.com`)被转成了各种 DNS 软件的 DNS 请求/响应中使用的格式。
今天我们来讨论域名被转成 DNS 响应的一个地方:区域文件。
### 区域文件中域名末尾的 “.”
一些人管理域名的 DNS 记录的方法是创建一个被称为 “区域文件” 的文本文件,然后配置一些 DNS 服务器软件(如 `nsd``bind`)来为该区域文件中指定的 DNS 记录提供服务。
下面是一个对应 `example.com` 的示例区域文件:
```
orange 300 IN A 1.2.3.4
fruit 300 IN CNAME orange
grape 3000 IN CNAME example.com.
```
在这个文件中,任何不以 `.` 结尾的域名(比如 `orange`)后都会自动加上 `.example.com`。所以 `orange` 成了 `orange.example.com` 的简称。DNS 服务器从它的配置中得知这是一个 `example.com` 的区域文件,所以它知道在所有不以点结尾的名字后面自动添加 `example.com`
我想这里的想法只是为了少打几个字符——如果要打出全称,区域文件会是这样:
```
orange.example.com. 300 IN A 1.2.3.4
fruit.example.com. 300 IN CNAME orange.example.com.
grape.example.com. 3000 IN CNAME example.com.
```
确实多了很多字符。
### 你也可以不通过区域文件来使用 DNS
尽管官方的 DNS RFC[RFC 1035][3])中定义了区域文件格式,但你也可以不通过区域文件来使用 DNS。例如AWS Route 53 就不用区域文件来存储 DNS 记录!你可以通过 Web 界面或 API 来创建记录,我猜他们是用某种数据库而不是一堆文本文件来存储记录。
不过Route 53像许多其他 DNS 工具一样)确实支持导入和导出区域文件,这个功能或许在你更换 DNS 提供商时很有用。
### dig 命令输出中末尾的 “.”
现在我们来讨论下 `dig` 命令的输出:
```
$ dig example.com
; <<>> DiG 9.18.1-1ubuntu1.1-Ubuntu <<>> +all example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10712
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;example.com. IN A
;; ANSWER SECTION:
example.com. 81239 IN A 93.184.216.34
```
有一件奇怪的事是,几乎每一行都以 `;;` 开头,这是怎么回事?`;` 是区域文件中的注释字符!
我想 `dig` 以这种奇怪的方式输出的原因可能是为了方便你粘贴这些内容到区域文件时,不用修改就可以直接用。
这也是 `example.com` 末尾有个 `.` 的原因 —— 区域文件要求域名末尾必须有点(否则它们会被解释为是相对于该区域的)。因此 `dig` 也这么处理了。
我真的希望 dig 有一个 `+human` 选项,以更人性化的方式打印出这些信息,但现在我太懒了,懒得花工夫去实际贡献代码来做这件事(而且我并不擅长 C所以我只能在我的博客上抱怨一下 :)
### curl 命令输出中末尾的 “.”
我们来看下另一个末尾有 `.` 的例子:`curl`
我家里有台计算机名为 `grapefruit`,其上运行着 Web 服务器。当我执行 `curl grapefruit` 时,会输出:
```
$ curl grapefruit
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
......
```
这样运行没问题!但是如果我在域名后加一个 `.` 会怎样呢?它报错了:
```
$ curl grapefruit.
curl: (6) Could not resolve host: grapefruit.
```
发生了什么?为了搞清楚,我们需要先来学习下搜索域:
### 初识搜索域
当我执行 `curl grapefrult` 时,它是怎么被转成一个 DNS 请求的?你可能会认为我的计算机会向域名 `grapefruit` 发送一个请求,对吗?但事实并不是这样。
让我们用 `tcpdump` 来看看到底是什么域名在被查询。
```
$ sudo tcpdump -i any port 53
[...] A? grapefruit.lan. (32)
```
实际上是向 `grapefruit.lan.` 发送的请求。为什么呢?
解释一下:
1. `curl` 调用函数 `getaddrinfo` 来查询 `grapefruit`
2. `getaddrinfo` 查询了我计算机上的文件 `/etc/resolv.conf`
3. `/etc/resolv.conf` 包含两行内容:
```
nameserver 127.0.0.53
search lan
```
4. 因为有 `search lan` 这行内容,所以 `getaddrinfo``grapefruit` 的末尾添加了一个 `lan`,去查询 `grapefruit.lan`
### 什么时候搜索域被使用?
现在我们知道了一些奇怪的事情:当我们查询一个域名时,有时会有一个额外的东西(如 `lan`)被加到最后。但是什么时候会发生这种情况呢?
1. 如果我们在域名**末尾**添加一个 `.`,那么这时不会用到搜索域
2. 如果域名**中间包含**一个 `.`(如 `example.com`),那么默认也不会用到搜索域。但是可以通过修改配置来改变处理逻辑(在 [ndots][4] 里有更详细的说明)
我们现在知道了 `curl grapefruit.``curl grapefruit` 结果不一样的原因——因为一个查询的是 `grapefruit.`,而另一个查询的是 `grapefruit.lan.`
### 我的计算机怎么知道使用哪个搜索域呢?
当我连接路由时,它会通过 DHCP 告诉我它的搜索域是 `lan` —— 它也是通过这个方式给我的计算机分配 IP。
### 所以为什么要在域名末尾加一个点呢?
现在我们已经了解了区域文件和搜索域,下面是我认为的人们要在域名末尾加点的原因:
有两种情况下,域名会被修改,并在末尾添加其他东西。
* 在 `example.com` 的区域文件中,`grapefruit` 会被转为 `grapefruit.example.com`
* 在我的本地网络(我的计算机已经配置了使用搜索域 `lan``grapefruit` 被转为 `grapefruit.lan`
因此,由于域名在某些情况下实际上可能被转成其他名字,人们就在结尾处加一个 `.`,以此来表示 “**这是域名,末尾不需要添加任何东西,这就是全部内容**”。否则会引起混乱。
“这就是全部内容”的技术术语是**“完全限定域名”**,简称为**“FQDN”**。所以 `google.com.` 是一个完全限定域名,而 `google.com` 不是。
我总是要提醒自己这样做的原因,因为我很少使用区域文件和搜索域,所以我经常觉得——“我当然是指 `google.com` 而不是 `google.com.something.else`! 我为什么要指其他东西?那太傻了!”
但是有些人确实在使用区域文件和搜索域(例如 Kubernetes 中使用了搜索域!),所以结尾的 `.` 很有用,可以让人确切的知道,不应该再添加其他东西。
### 什么时候在末尾添加 “.”?
以下是关于何时在域名末尾加 ". " 的几个简单说明:
**需要添加:配置 DNS 时**
在配置 DNS 时,使用完全限定域名从来都不是坏事。你不一定要这样做:非完全限定域名通常也能正常工作,但我从来没有遇到过不接受完全限定域名的 DNS 软件。
有些 DNS 软件需要这样做:现在我为 `jvns.ca` 使用的 DNS 服务器让我在域名的末尾加上 `.`(例如在 CNAME 记录中),并提示如果我不添加,它将在我输入的内容末尾加上 `.jvns.ca`。我不同意这个设计决定,但这不是什么大问题,我只是在最后加一个 `.`
**不需要加:在浏览器中**
令人困惑的是,在浏览器中,在域名结尾处加一个 `.` *不能*正常运行。例如,如果我在浏览器中输入 `https://twitter.com.`,它就会报错。它会返回 404。
我认为这里发生的事情是,它将 HTTP `Host` 标头设置为 `Hosttwitter.com.`,而对端的 Web 服务器则期望 `Hosttwitter.com`
同样地,`https://jvns.ca.` 由于某种原因,返回了一个 SSL 错误。
### 我认为相对域名在过去是比较常见的
最后一件事:我认为“相对”域名(比如我用 `grapefruit` 来指代我家的另一台计算机 `grapefruit.lan`)在过去更常用,因为 DNS 是在大学或其他有大型内部网络的大机构中开发的。
在今天的互联网上,使用“绝对”域名(如 `example.com`)似乎更为普遍。
--------------------------------------------------------------------------------
via: https://jvns.ca/blog/2022/09/12/why-do-domain-names-end-with-a-dot-/
作者:[Julia Evans][a]
选题:[lujun9972][b]
译者:[lxbwolf](https://github.com/lxbwolf)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://jvns.ca/
[b]: https://github.com/lujun9972
[1]: https://wizardzines.com/zines/dns/
[2]: https://github.com/miekg/dns
[3]: https://www.rfc-editor.org/rfc/rfc1035#section-4.1.1
[4]: https://pracucci.com/kubernetes-dns-resolution-ndots-options-and-why-it-may-affect-application-performances.html

View File

@ -0,0 +1,312 @@
[#]: subject: "13 Independent Linux Distros That are Built From Scratch"
[#]: via: "https://itsfoss.com/independent-linux-distros/"
[#]: author: "sreenath https://itsfoss.com/author/sreenath/"
[#]: collector: "lkxed"
[#]: translator: "MuggleWei"
[#]: reviewer: "wxy"
[#]: publisher: "wxy"
[#]: url: "https://linux.cn/article-15251-1.html"
13 个从头开始构建的独立 Linux 发行版
======
![](https://img.linux.net.cn/data/attachment/album/202211/14/095522os6236zrzcgs79e9.jpg)
时至今日,世界上已经有成百上千种不同的 Linux 发行版。
它们中的大多数都可以被划归为三个大类 : Debian、Red HatFedora以及 Arch Linux。
使用基于 Debian/Ubuntu、Red Hat/SUSE 或者 Arch 的 Linux 发行版自然有它们的优势。它们很受大众欢迎,因此它们的包管理器能够提供大量的软件包。
然而,有一些用户更倾向于使用从头开始构建、独立于 DEB/RPM 这类包管理系统之外的发行版。
在这篇文章当中,我们将列出一些优秀的独立 Linux 发行版。
> **注意 :** 显然,下面的列表显然不会包括一些广受欢迎,通常作为创建新发行版的基础的发行版,如 Debian、Ubuntu 和 Fedora 等。此外,列表顺序不分先后,没有特定的排名。
### 1、NixOS
![Image Credits: Distrowatch][1]
NixOS 最初发布于 2003 年NixOS 建立在 Nix 包管理器之上。它每年发布两个版本,通常是在 5 月和 11 月。
NixOS 可能不是一个直接面向新用户或普通用户的发行版。然而,其独特的 [包管理][2] 方法吸引了各种用户。
此外,它仍然支持 32 位系统。
其他特性:
* 构建隔离的包
* 可靠的升级,并且具有回滚功能
* 可重现的系统配置
> **[NixOS][3]**
### 2、Gentoo Linux
![Image Credits: Distrowatch][5]
Geetoo Linux 是一个主要针对操作系统专家的独立 Linux 发行版。它是为那些希望自由定制、微调和优化操作系统以满足其要求的用户而构建。
Gentoo 使用 [Portage 包管理器][6] 来创建和安装软件包通常还允许你针对你的硬件来优化它们。Chrome 的开源版本 **Chromium OS** 便是使用 Gentoo 作为其核心的。
不要忘记Gentoo 是 [仍然支持 32 位架构的发行版][7] 之一。
其他特性:
* 增量更新
* 基于源码的软件管理方法
* 支持 GURUGentoo 用户仓库)的<ruby>层叠<rt> Overlay </rt></ruby>仓库的概念,允许用户添加 Gentoo 尚未提供的软件包
> **[Gentoo Linux][8]**
### 3、Void Linux
![Image Credits: Distrowatch][9]
Void Linux 是一个 [滚动发布的发行版][10],使用 X 二进制软件包系统XBPS来安装和删除软件。它由前 NetBSD 开发者 Juan Romero Pardines 创建。
它使用 runit 而不是 systemd 作为其初始化系统。此外,它还让你可以选择使用多个 [桌面环境][11]。
其他特性:
* 最小化的系统要求
* 官方库也提供非自由软件包
* 支持树莓派
* 集成 OpenBSD 的 LibreSSL
* 支持 musl C 库
* 支持 32 位系统
> **[Void Linux][12]**
### 4、Solus Linux
![solus budgie 2022][14]
Solus 的前身是 EvolveOS它从头开始构建并提供了一些令人兴奋的特性。Solus 的旗舰版本使用自己打造的 Budgie 作为桌面环境。
与本篇文章介绍的其他系统相比Solus 对于新手较为友好。它设法成为 [最好的 Linux 发行版][15] 之一。
它使用 eopkg 作为其包管理系统,支持版滚动发布模型。按照开发人员的说法,开发 Solus 的目标是用于个人电脑。
其他特性:
* 支持 Budgie、Gnome、MATE 和 KDE Plasma
* 各种开箱即用的软件,从而减少设置工作
> **[Solus Linux][16]**
### 5、Mageia
![Image Credits: Distrowatch][17]
Mageia 始于 2010 年,它是 Mandriva Linux 的一个分支。它的目标是成为稳定且安全的桌面和服务器操作系统。
Mageia 是一个社区驱动的项目,由非营利组织和贡献者支持。每年会发布一个大版本。
其他特性:
* 支持 32 位系统
* 支持 KDE Plasma、Gnome 和 XFCE
* 最低的系统要求
> **[Mageia][18]**
### 6、Clear Linux
![Image Credits: Distrowatch][20]
Clear Linux 是一个由英特尔发布的发行版,主要设计考虑是性能和云服务的使用。
有趣的是Clear Linux 升级时是作为一个整体而非去升级单个的软件包。所以,即使你不小心弄乱了系统设置,它也可以正确的启动,执行恢复出厂设置,并让用户重新设置。
它不太适合个人用户使用。但可以作为一个独特的选择而尝试一下。
其他特性:
* 针对英特尔平台的高度调优
* 用户和系统文件之间严格分离
* 持续的漏洞扫描
> **[Clear Linux OS][21]**
### 7、PCLinuxOS
![Image Credits: Distrowatch][22]
PCLinuxOS 是一个 x86_64 的 Linux 发行版,使用 APT/RPM 包管理。你可以使用 KDE Plasma、Mate 以及 XFCE 桌面,它同时还提供了更多特性的社区版本的桌面。
得益于 [Synaptic 包管理器][23],本地安装的 PCLinuxOS 采用了 APT 包管理系统。但你也可以从它的仓库中找到 RPM 包。
其他特性:
* mylivecd 脚本允许用户去生成一个当前已安装的硬件驱动的“快照”(所有的配置、应用、文档等)并且将它压缩为 ISO CD/DVD/USB 镜像
* 额外支持超过 85 种语言
> **[PCLinuxOS][24]**
### 8、4MLinux
![4m linux 2022][25]
[4MLinux][26] 是一个通用的 Linux 发行版,重点聚焦于下面四个 **“M”**
* <ruby>维护<rt>Maintenance</rt></ruby>(系统救援 Live CD
* <ruby>多媒体<rt>Multimedia</rt></ruby>(支持大量的图形、音频和视频格式)
* <ruby>微服务器<rt>Miniserver</rt></ruby>(支持 DNS、FTP、HTTP、MySQL、NFS、Proxy、SMTP、SSH 和 Telnet
* <ruby>神秘<rt>Mystery</rt></ruby>(包含了经典 Linux 游戏的集合)
它具有最低的系统要求,可作为桌面和服务器版本使用.
其他特性:
* 支持大量的图形、音频和视频格式
* 是小型并且通用的 Linux 发行版
> **[4MLinux][27]**
### 9、Tiny Core Linux
![Image Credits: Distrowatch][28]
Tiny Core Linux 专注于使用 BusyBox 和 FLTK 提供一个基础的系统。它不是一个完备的桌面,所以,并不能保证它可以运行于任何系统。
它只是一个启动到非常精简的 X 桌面所需的核心,通常带有有线互联网访问权限。
用户可以很好的控制一切,但对于新 Linux 用户来说,它并不是一个轻松的开箱即用的系统。
其他特性:
* 旨在从启动时创建的内存副本中运行
* 默认情况下,其操作就像像云端 / 互联网客户端一样
* 用户可以使用 appbrowser 来游览库以及下载应用
> **[Tiny Core Linux][29]**
### 10、Linux From ScratchLFS
![Image Credit: Reddit][30]
[Reddit][31]
Linux From ScratchLFS并不是一个系统而是通过手动构建所有组件来安装 Linux 的一种方法。一旦完成,它提供了一个紧凑、灵活和安全的系统,并且可以很好的理解一个基于 Linux 的操作系统内部是如何工作的。
如果你希望去深入理解 Linux 是如何工作的并且探寻其具体细节,那么 Linux From ScratchLFS 是你一定要去尝试,不能错过的一个项目。
其他特性
* 完全从头开始,定制化的构建 Linux 系统
* 极度的灵活性
* 由于从源码开始编译,提供了额外的安全性
> **[Linux From Scratch][32]**
### 11、Slackware
![Image Credits: Distrowatch][33]
Slackware 是现今还在维护的最古老的发行版。最初创建于 1993 年,以 Softlanding Linux 系统为基础,随后,许多的 Linux 发行版都是基于 Slackware。
Slackware 目标是称为最类似于 UNIX 的 Linux 发行版,同时保持简单和稳定。
其他特性:
* 支持 32 位和 64 位系统
* 大量的在线文档
* 从奔腾处理器到最新的机器,它都可以运行
> **[Slackware][34]**
### 12、Alpine Linux
![alpine linux xfce 2022][35]
Alpine Linux 是一个社区开发的操作系统专为路由器、防火墙、VPN、VoIP 盒子和服务器而设计。它是 LEAF 项目的一个分支。
Alpine Linux 使用 apk-tools 包管理器,最初由 shell 脚本编写,而后使用 c 语言重构。它是最小的 Linux 发行版之一,仍然支持 32 位系统,并且是一个可以完全从电脑内存运行的操作系统。
其他特性:
* 提供大小仅为 5MB 的最小容器镜像
* 对于主库,提供 2 年的支持;对于社区库,在下一个稳定版本发布前提供支持
* 使用 musl libc 制作Busybox 使用资源效率高的容器
> **[Alpine Linux][36]**
### 13、KaOS
![Image Credits: Distrowatch][37]
KaOS 是一个受到 Arch 启发,从头开始构建的 Linux 发行版。它使用 [pacman 包管理器][38]。它是按照"*一个桌面环境KDE Plasma一个工具包Qt一个架构X86_64*"的理念构建的。
它的软件库比较有限,但依然为普通用户提供了许多工具。
其他特性:
* 最新的 Plasma 桌面
* 紧密集成的滚动和透明的现代桌面发行版
> **[KaOS][39]**
#### 总结
如果你需要一些独特的体验,那么这些独立 Linux 发行版应该能很好的满足你。
然而,如果你想要用其来替换如 Ubuntu 这样主流的 Linux 发行版作为你的桌面系统……你也许需要三思而后行,上面大多数的发行版(并不代表所有)都不是一个日常使用的桌面系统的理想的选项。
但是话又说回来,如果你对 Linux 发行版充满了经验,那么毫无疑问,你会享受这项冒险的任务的。
*如果你想尝试这些独立发行版的其中一种,哪一个会是你的优先选择呢 ? 请在评论中与我们分享。*
--------------------------------------------------------------------------------
via: https://itsfoss.com/independent-linux-distros/
作者:[sreenath][a]
选题:[lkxed][b]
译者:[MuggleWei](https://github.com/MuggleWei)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux 中国](https://linux.cn/) 荣誉推出
[a]: https://itsfoss.com/author/sreenath/
[b]: https://github.com/lkxed
[1]: https://itsfoss.com/wp-content/uploads/2022/10/nixos-2022.png
[2]: https://itsfoss.com/package-manager/
[3]: https://nixos.org/
[4]: https://itsfoss.com/advanced-linux-distros/
[5]: https://itsfoss.com/wp-content/uploads/2022/08/gentoo-linux-plasma.jpg
[6]: https://wiki.gentoo.org/wiki/Portage
[7]: https://itsfoss.com/32-bit-linux-distributions/
[8]: https://www.gentoo.org/
[9]: https://itsfoss.com/wp-content/uploads/2022/08/void-linux.jpg
[10]: https://itsfoss.com/rolling-release/
[11]: https://itsfoss.com/best-linux-desktop-environments/
[12]: https://voidlinux.org/
[13]: https://itsfoss.com/systemd-free-distros/
[14]: https://itsfoss.com/wp-content/uploads/2022/10/solus-budgie-2022.jpg
[15]: https://itsfoss.com/best-linux-distributions/
[16]: https://getsol.us/home/
[17]: https://itsfoss.com/wp-content/uploads/2022/08/mageia-1.jpg
[18]: https://www.mageia.org/en/
[19]: https://itsfoss.com/32-bit-linux-distributions/
[20]: https://itsfoss.com/wp-content/uploads/2022/08/clear-linux-desktop.png
[21]: https://clearlinux.org/
[22]: https://itsfoss.com/wp-content/uploads/2022/08/pclinuxos.png
[23]: https://itsfoss.com/synaptic-package-manager/
[24]: https://www.pclinuxos.com/
[25]: https://itsfoss.com/wp-content/uploads/2022/10/4m-linux-2022.jpg
[26]: https://itsfoss.com/4mlinux-review/
[27]: http://4mlinux.com/
[28]: https://itsfoss.com/wp-content/uploads/2022/03/tinycore.jpg
[29]: http://www.tinycorelinux.net/
[30]: https://itsfoss.com/wp-content/uploads/2022/08/enable-aur-e1659974408774.png
[31]: https://www.reddit.com/r/linuxmasterrace/comments/udi7ts/decided_to_try_lfs_in_a_vm_started_about_a_week/
[32]: https://www.linuxfromscratch.org/
[33]: https://itsfoss.com/wp-content/uploads/2022/10/slackware-scaled.jpg
[34]: http://www.slackware.com/
[35]: https://itsfoss.com/wp-content/uploads/2022/10/alpine-linux-xfce-2022.png
[36]: https://www.alpinelinux.org/
[37]: https://itsfoss.com/wp-content/uploads/2022/08/kaos-desktop.png
[38]: https://itsfoss.com/pacman-command/
[39]: https://kaosx.us/

View File

@ -0,0 +1,113 @@
[#]: subject: "How to Update or Upgrade Ubuntu Offline without Internet"
[#]: via: "https://www.debugpoint.com/how-to-update-or-upgrade-ubuntu-offline-without-internet/"
[#]: author: "Arindam https://www.debugpoint.com/author/admin1/"
[#]: collector: "lkxed"
[#]: translator: "littlebirdnest"
[#]: reviewer: "wxy"
[#]: publisher: "wxy"
[#]: url: "https://linux.cn/article-15253-1.html"
如何在没有互联网连接的情况下离线更新 Ubuntu
======
![](https://img.linux.net.cn/data/attachment/album/202211/14/232951blxmbe6wn5eympxq.jpg)
> 本指南介绍了如何在没有互联网连接的情况下离线更新 Ubuntu 的步骤。
在很多情况下,你可能需要在没有互联网连接的情况下更新你的 Ubuntu 系统。你可能在外地不方便上网,也可能你需要更新一堆未联网的 Ubuntu不管是哪种情况保持你的系统更新最新的软件包总是需要的。
当然,始终建议通过联网来更新系统。
但有时,出于安全考虑,这是不行的。连接到互联网可能需要给你的系统进行额外的加固,以保护它们免受黑客和恶意软件的攻击。
以下的方法使用 [apt-offline][1] 来解决这些问题,并概述了在没有互联网的情况下离线更新 Ubuntu 的步骤。
### 准备环节
- 一台能连接到网络的 Ubuntu你朋友的、咖啡馆、实验室系统
- 存储了软件包的 U 盘
- 两个系统都安装了 `apt-offline`:一个系统离线,另一个系统联网
### 安装 apt-offline
在两个系统下安装 `apt-offline`。你可以使用以下命令安装:
```
sudo apt install apt-offline
```
如果你想在离线的目标系统安装 `apt-offline`,你可以提前下载到 U 盘里,然后复制到目标系统,再使用下面的命令安装。
Ubuntu 22.04 LTS 和其他版本的下载链接如下所示。你可以选择一个镜像并下载 deb 文件。
> **[下载 .deb 文件 apt-offline][2]**
```
sudo dpkg -i name_of_package.deb
```
### 如何更新 Ubuntu
在离线的目标系统上打开终端,使用以下命令创建一个 .sig 签名文件:
```
sudo apt-offline set ~/offline-data.sig
```
![创建签名文件][4]
在这个刚创建的签名文件中,包含下载所需的软件包的路径和详细信息。
![签名文件的内容][6]
把签名文件复制到 U 盘中,再插到联网的 Ubuntu 系统上。
在联网的 Ubuntu 上创建一个目录(参见下面)来存放这些文件。
打开一个终端,运行以下命令来下载所需的软件包。记得根据你的系统,更改下载目录和 .sig 签名文件的路径。
```
apt-offline get -d ~/offline-data-dir offline-data.sig
```
![下载软件包以离线安装][8]
你可以看到文件相应下载,然后复制整个下载目录到 U 盘,再插到离线的 Ubuntu 系统。
运行以下命令将下载的软件包安装到离线系统,记得根据你的系统更改目录路径。
```
sudo apt-offline install offline-data-dir/
```
![安装软件包][10]
如果一切顺利,你将获得一个更新完的 Ubuntu。
重复以上步骤,就可以保持你的离线 Ubuntu 为最新版本。
希望以上教程能帮到你更新离线的 Ubuntu 系统,如果你遇到任何问题,请在下面的评论框中告诉我。
--------------------------------------------------------------------------------
via: https://www.debugpoint.com/how-to-update-or-upgrade-ubuntu-offline-without-internet/
作者:[Arindam][a]
选题:[lkxed][b]
译者:[littlebirdnest](https://github.com/littlebirdnest)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.debugpoint.com/author/admin1/
[b]: https://github.com/lkxed
[1]: https://github.com/rickysarraf/apt-offline
[2]: https://packages.ubuntu.com/focal/all/apt-offline/download
[3]: https://www.debugpoint.com/wp-content/uploads/2021/03/Create-the-sig-file-1024x204.jpg
[4]: https://www.debugpoint.com/wp-content/uploads/2021/03/Create-the-sig-file.jpg
[5]: https://www.debugpoint.com/wp-content/uploads/2021/03/sig-file-contents-1024x250.jpg
[6]: https://www.debugpoint.com/wp-content/uploads/2021/03/sig-file-contents.jpg
[7]: https://www.debugpoint.com/wp-content/uploads/2021/03/Download-the-packages-to-install-offline-1024x437.jpg
[8]: https://www.debugpoint.com/wp-content/uploads/2021/03/Download-the-packages-to-install-offline.jpg
[9]: https://www.debugpoint.com/wp-content/uploads/2021/03/Installing-packages-offline-update-ubuntu-1024x509.jpg
[10]: https://www.debugpoint.com/wp-content/uploads/2021/03/Installing-packages-offline-update-ubuntu.jpg

View File

@ -0,0 +1,60 @@
[#]: subject: "4 open source editors I use for my writing"
[#]: via: "https://opensource.com/article/22/10/open-source-editors"
[#]: author: "Alan Formy-Duval https://opensource.com/users/alanfdoss"
[#]: collector: "lkxed"
[#]: translator: "Donkey-Hao"
[#]: reviewer: "wxy"
[#]: publisher: "wxy"
[#]: url: "https://linux.cn/article-15248-1.html"
我使用的 4 款开源编辑器
======
![](https://img.linux.net.cn/data/attachment/album/202211/13/153838gs7u2z33qxxfigx3.jpg)
> 分享一些我最喜欢的开源写作工具。
在我的职业生涯中,我已经写过很多东西,主要是作为一名 IT 顾问,创建产品文档作为给的客户可交付成果。这些文档通常针对不同操作系统和软件产品提供说明。
自 2018 年,我开始在 www.opensource.com 上发表关于开源软件的文章。当然,我使用开源软件进行协作。接下来我将介绍我使用过的四款开源编辑器。
### 1、Vi
[Vi][1] 也被称为 `Vim`LCTT 校注此外不确Vi 和 Vim 是两个软件,只是 Vim 取代了 Vi并以 `vi` 的名字运行。),是我学习的第一款开源编辑器。这是我在计算机科学课程中学习的编辑器,并且我所有的 C 语言编程都是通过它完成的。自 1995 年以来,实际上我一直使用它作为命令行编辑器。这款工具有多个迭代版本,以至于我都可以为之写一系列文章了。我只想说,在我的日常使用中,我坚持使用它的基本命令行形式,并进行最小的定制。
### 2、LibreOffice Writer
Writer 是 LibreOffice 开源办公套件的一部分。它是由<ruby>文档基金会<rt>Document Foundation</rt></ruby>维护的全功能文字处理器。它支持行业标准格式,例如开放文档格式 ODF、Open XML 和 MS Office DOC、DOCX。可以在其官方网站上 [了解有关 Writer 的更多信息][2]。
### 3、Ghostwriter
Ghostwriter 是一个用于 [Markdown 的文本编辑器][3]。它有一个很好的实时查看器和语法指南或备忘单功能。[访问官方网站][4] 了解更多内容。
### 4、Gedit
Gedit 是许多 Linux 发行版中的基本图形编辑器,被描述为“用于 GNOME 桌面的小型轻量级文本编辑器”。我最近开始使用它来创建 Asciidoc 格式的文章。使用 Asciidoc 的好处是语法易于管理并可导入到 Drupal 等 Web 渲染系统中。通过 [Gedit Wiki][5] 了解许多提示和技巧。
### 编辑文本
开源世界中有大量编辑软件。随着我继续写作,这个列表可能会增加。我的主要目标是格式简单。我希望我的文章易于在互联网平台上导入、转换和发布。
你的写作风格、功能需求和目标受众将指导你确定首选工具。
--------------------------------------------------------------------------------
via: https://opensource.com/article/22/10/open-source-editors
作者:[Alan Formy-Duval][a]
选题:[lkxed][b]
译者:[Donkey-Hao](https://github.com/Donkey-Hao)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/alanfdoss
[b]: https://github.com/lkxed
[1]: https://opensource.com/article/20/12/vi-text-editor
[2]: https://www.libreoffice.org/discover/writer/
[3]: https://opensource.com/article/21/10/markdown-editors
[4]: https://github.com/KDE/ghostwriter
[5]: https://wiki.gnome.org/Apps/Gedit

View File

@ -0,0 +1,92 @@
[#]: subject: "Linux Mint's Update Manager Now Supports Flatpak"
[#]: via: "https://news.itsfoss.com/linux-mint-update-manager/"
[#]: author: "Sourav Rudra https://news.itsfoss.com/author/sourav/"
[#]: collector: "lkxed"
[#]: translator: "qfzy1233"
[#]: reviewer: "wxy"
[#]: publisher: "wxy"
[#]: url: "https://linux.cn/article-15257-1.html"
Linux Mint 的更新管理器现在支持 Flatpak
======
> Linux Mint 的更新管理器变得更有用了!
![Linux Mint's Update Manager Now Supports Flatpak][1]
Linux Mint 的更新管理器是该发行版的一个重要组成部分,它使新用户可以获得更为方便简易的体验。
最近的一次更新 Linux Mint 21 推出了许多改进,包括更新管理器对 Flatpak 的支持。
**你只需要更新你的系统就可以获得这些改进。**
### ⭐ 更新管理器中支持 Flatpak
![linux mint 21 flatpak support in update manager][2]
是的,你没看错。这终于实现了。
Flatpak 支持已被添加到更新管理器中,用户只需单击几下就能更新 Flatpak 应用程序和运行时。
这将为进一步改善用户体验的统一更新体验提供了帮助。
这对新用户来说很有好处,他们不需要熟悉终端命令就能更新 Flatpak。此外你不需要将 Flatpak 与软件中心集成(对于 GNOME 而言)。
换句话说Linux Mint 团队增强了你使用 Flatpak 应用程序的体验。
**除了对 Flatpak 的支持,本次更新还包括对 Linux Mint 21 的更多增强,这是一个开箱即用的更新。**
这些改进包括:
### 对角栏的改进
![linux mint 21 updated corner bar][3]
Linux Mint 21 中的 <ruby>角栏<rt>Corner Bar</rt></ruby> 添加了两项新特性:
- 能够在角栏设置左键点击和中键点击的动作;你可以配置它以显示桌面、工作区选择器或桌面。
- 一个允许你将鼠标悬停在角栏上以显示桌面的新选项。
### Nemo 的更新
![linux mint 21 updated nemo file manager][4]
Nemo 文件管理器做了一些调整;现在,当文件被选中时,只会高亮显示文件名,而不是图标和文件名。
**如果你还不知道**, 你也可以通过我们建议的一些调整来增强 Nemo 文件管理器的体验:
> **[调整 Linux 中的 Nemo 文件管理器,让它更好用的 15 种方法](https://itsfoss.com/nemo-tweaks/)**
此外,桌面图标被垂直翻转,桌面上下文菜单中添加了一个新的快捷方式,可以快速打开显示设置。
### 更少的密码提示
这是很多人可能喜欢的另一个用户体验调整。
当删除 Flatpak 或任何快捷方式或本地应用程序时,它将不再要求你输入密码。
类似地在新立得LCTT 译注Linux 下的一个包管理工具)和更新管理器的情况下,将使用 pkexec 来记住密码。
这样,用户就不需要每次执行多个操作时都输入密码。
你可以浏览 [Linux Mint 月度博客][5] 以了解其它变化。
--------------------------------------------------------------------------------
via: https://news.itsfoss.com/linux-mint-update-manager/
作者:[Sourav Rudra][a]
选题:[lkxed][b]
译者:[qfzy1233](https://github.com/qfzy1233)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://news.itsfoss.com/author/sourav/
[b]: https://github.com/lkxed
[1]: https://news.itsfoss.com/content/images/size/w1200/2022/11/mint-updater-tool-flatpak-support.png
[2]: https://news.itsfoss.com/content/images/2022/11/Linux_Mint_21_UM_FlatpakSupport.png
[3]: https://news.itsfoss.com/content/images/2022/11/Linux_Mint_21_CornerBar_Update.png
[4]: https://news.itsfoss.com/content/images/2022/11/Linux_Mint_21_Nemo_Updates.png
[5]: https://blog.linuxmint.com/?p=4424
[6]: https://debugpointnews.com/linux-mint-update-flatpak/

View File

@ -0,0 +1,138 @@
[#]: subject: "How to Remove Firefox Snap from Ubuntu (21.10 +)"
[#]: via: "https://www.debugpoint.com/remove-firefox-snap-ubuntu/"
[#]: author: "Arindam https://www.debugpoint.com/author/admin1/"
[#]: collector: "lkxed"
[#]: translator: "geekpi"
[#]: reviewer: "wxy"
[#]: publisher: "wxy"
[#]: url: "https://linux.cn/article-15247-1.html"
如何从 Ubuntu 21.10 及以后版本中删除 Firefox Snap
======
![](https://img.linux.net.cn/data/attachment/album/202211/13/112531vis11sa2z1jbs215.jpg)
> Ubuntu 21.10 “Impish Indri” 及之后的版本将 Firefox Snap 设为默认浏览器。如果你不喜欢 Snap可以通过以下方式将其删除并使用库存版本。
关于 Snap 是否是 APT 的更好替代品,一直存在争议。而许多用户更喜欢 Snap 系统也有一些人非常讨厌它。Ubuntu 和 Canonical 认为它是 Linux 的最佳安装仓库和包管理工具之一。 Snap 被讨厌的主要原因是它的启动很慢。然而,这个论点是另一篇文章的内容。
### 从 Ubuntu 中删除 Firefox Snap 版本
所以,如果你还没有 [听说过这件事][1]Ubuntu 21.10(和所有后续版本)默认提供 Firefox Snap 包。因此,当你从 Ubuntu 21.10 开始安装时,默认的左侧停靠区的快捷方式是 Firefox 的 Snap 版本。你可以使用以下各种方法对其进行验证。
![snap 列表 - Firefox][2]
![Firefox snap 桌面快捷方式][3]
如果你因为 [性能][4] 和存储问题而不喜欢 Snap可以通过以下命令将其删除。
如果已经打开,那么关闭所有 Firefox 实例。
打开一个终端。然后运行以下命令:
```
sudo snap remove firefox
```
等待命令完成。这将从你的系统中删除它的 Snap 可执行文件,并断开 Firefox 与各种系统服务的连接。但是主目录下的 Snap 目录仍然存在。你可以使用以下命令手动删除它:
```
cd ~/snap
rm -r firefox
```
### 安装 Firefox 替代方法
现在,当你删除了 Firefox你可以通过以下方式来使用此浏览器。
#### 方法 1 使用 PPA推荐
在使用此方法之前,请确保如上删除了 Firefox 的 Snap 版本。
有一个 [官方 Firefox PPA][5],由其开发团队维护。你可以将此 PPA 添加到你的软件源中,并使用它来安装最新的 Firefox。
确保使用文本编辑器创建一个首选项文件,以阻止 Ubuntu 在运行 `apt update` 命令时获取 Firefox 的 Snap 版本:
```
sudo gedit /etc/apt/preferences.d/firefox-no-snap
```
将以下行添加到上面的文件并保存:
```
Package: firefox*
Pin: release o=Ubuntu*
Pin-Priority: -1
```
依次使用以下命令。第一个命令将其从你的系统中完全清除它:
```
sudo apt purge firefox
sudo add-apt-repository ppa:mozillateam/firefox
sudo apt-get update
sudo apt install firefox
```
安装完成后,请确保使用以下命令启用自动升级:
```
echo 'Unattended-Upgrade::Allowed-Origins:: "LP-PPA-mozillateam:${distro_codename}";' | sudo tee /etc/apt/apt.conf.d/51unattended-upgrades-firefox
```
重启系统(可选)并使用 deb 版本的 Firefox。
#### 方法 2 使用 Firefox 的压缩可执行文件
你可以从官方网站(链接如下)下载适用于 Ubuntu 和其他 Linux 的 Firefox 可执行文件压缩包。然后解压并双击运行 Firefox 可执行文件。这是最安全的方法。如果你使用此方法,你仍然可以获得更新。
> **[下载 Firefox][6]**
![下载 Firefox 并解压][7]
![然后运行可执行文件][8]
#### 方法 3 使用 Flatpak 版本的 Firefox
你也可以使用 [Flatpak 版本的 Firefox][9],这在 [Ubuntu 中设置 Flatpak][10] 后可用。然后你可以运行以下命令进行安装:
```
flatpak install flathub org.mozilla.firefox
```
#### 方法 4 使用与系统耦合更少的 Snap 版本 Firefox
如果你认为你仍然可以继续使用 Snap 版本,但希望在系统中减少沙盒化,那么你可能需要使用以下命令和 [classic 开关][11] 重新安装 Firefox
```
sudo snap install firefox --classic
```
### 结束语
因此,这是从 Ubuntu 21.10 开始删除 firefox Snap 版本的步骤,以及一些替代方案。我很想知道 Linux Mint 采取了什么措施,因为他们不支持 Snap。此外这些发行版依赖于 Firefox 的 Ubuntu 上游仓库看看它们会做什么很有趣。Debian 维护自己的仓库,但主要是 ESR 版本。
--------------------------------------------------------------------------------
via: https://www.debugpoint.com/remove-firefox-snap-ubuntu/
作者:[Arindam][a]
选题:[lkxed][b]
译者:[geekpi](https://github.com/geekpi)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.debugpoint.com/author/admin1/
[b]: https://github.com/lkxed
[1]: https://bugs.launchpad.net/ubuntu/+source/ubuntu-release-upgrader/+bug/1943840
[2]: https://www.debugpoint.com/wp-content/uploads/2021/09/snap-list-Firefox.jpg
[3]: https://www.debugpoint.com/wp-content/uploads/2021/09/Firefox-snap-desktop-shortcut-1024x490.jpg
[4]: https://www.debugpoint.com/2021/03/clean-up-snap/
[5]: https://launchpad.net/~mozillateam/+archive/ubuntu/ppa
[6]: https://www.mozilla.org/en-US/firefox/new/
[7]: https://www.debugpoint.com/wp-content/uploads/2021/09/Download-Firefox-and-Extract.jpg
[8]: https://www.debugpoint.com/wp-content/uploads/2021/09/And-then-run-the-executable.jpg
[9]: https://flathub.org/apps/details/org.mozilla.firefox
[10]: https://www.debugpoint.com/2018/07/how-to-install-flatpak-apps-ubuntu-linux/
[11]: https://snapcraft.io/docs/snap-confinement

View File

@ -0,0 +1,238 @@
[#]: subject: "How to Install Node.js on RHEL 9"
[#]: via: "https://www.linuxtechi.com/how-to-install-nodejs-on-rhel/"
[#]: author: "James Kiarie https://www.linuxtechi.com/author/james/"
[#]: collector: "lkxed"
[#]: translator: "geekpi"
[#]: reviewer: "wxy"
[#]: publisher: "wxy"
[#]: url: "https://linux.cn/article-15260-1.html"
如何在 RHEL 9 上安装 Node.js
======
![](https://img.linux.net.cn/data/attachment/album/202211/17/092223tdodvvfdnsjiezxv.jpg)
> 在这篇文章中,我们将逐步解释如何在 RHEL 9 系统上安装 Node.js。
[Node.js][1] 基于谷歌的 V8 JavaScript 引擎构建,它是一个自由开源的跨平台 JavaScript 运行时环境主要用于构建服务器端应用。它使用事件驱动和异步模型帮助开发人员构建高度可扩展的数据密集型的实时应用RTA。你可以使用 NodeJS 来构建前端和后端应用。
Node.js 通常用于构建以下应用:
- 聊天应用
- 流媒体应用
- 浏览器游戏
- 命令行工具
- 嵌入式系统
在其技术栈中使用 NodeJS 的顶级公司包括 PayPal、NetFlix 和 Uber 等等。
安装 Node.js 主要有以下三种方式:
- 从 NodeSource 仓库安装 Node.js
- 从发行版的官方仓库安装 Node.js
- 使用 NVM 安装 Node.js
让我们看看如何使用这些方法在 RHEL 9 上安装 Node.js。
先决条件:
- 最小化安装的 RHEL 9 系统
- 具有管理员权限的 [sudo 用户][2]
- 互联网连接
- Red Hat 订阅或本地配置的仓库
### 从 NodeSource 存储库安装 Node.js
[NodeSource][3] 是一家技术公司,旨在帮助组织运行生产就绪的 Node.js 应用,关注资源使用以及增强的安全性和应用程序性能。它提供了最新版本的 Node.js 和 NPM。
要从 NodeSource 安装 Node.js首先按如下所示更新系统包。
```
$ sudo dnf update -y
```
![][5]
接下来,安装这期间所需的构建工具。其中包括 GCC C/C++ 编译器、Perl 和 Python 调试器等等。
```
$ sudo dnf groupinstall 'Development Tools' -y
```
![][6]
接下来,我们将从 NodeSource 安装 Node.js 18.x。为此请下载并运行 NodeSource 设置脚本,如下所示。
```
$ curl -fsSL https://rpm.nodesource.com/setup_18.x | sudo bash -
```
该脚本在其他任务中将 NodeSource 仓库添加到你的系统。
![][7]
在输出的末尾,你将看到一些关于如何安装 Node.js 和 NPM 的附加说明。
![][8]
因此,要安装 Node.js 和 NPMNode 包管理器),请运行以下命令:
```
$ sudo dnf install nodejs -y
```
![][9]
安装完成后,按如下所示验证 Node.js 和 NPM 的版本。
```
$ node -v
$ npm -v
```
![][10]
输出显示我们正在运行 Node v18.12,它是最新的 LTS 版本和 NPM 8.19.2。
### 从官方 RHEL 仓库安装 Node.js
安装 NodeJS 和 NPM 的另一种方法是从发行版的官方仓库中安装它们。但是,这种方法不提供最新版本。
如果你不介意不安装最新版本的 Node 和 NPM。 那么在命令行上运行以下命令。
```
$ sudo dnf update -y
$ sudo dnf install nodejs npm -y
```
![][11]
### 使用 NVM 安装 Node.js
最后,你可以使用 NVMNode 版本管理器)安装 Node.js这是一种用于管理系统上 Node 版本的工具。该工具可帮助开发人员在需要不同版本 Node.js 的不同项目上高效工作。
默认情况下没安装 NVM。你需要通过运行 [官方 GitHub 页面][4] 上提供的 Shell 脚本来安装它。
```
$ curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.2/install.sh | bash
```
这会下载 NVM 并将其保存在主目录的 `.nvm` 目录中。
![][12]
安装后,关闭终端会话并打开一个新终端。然后运行以下命令确认 NVM 已经安装。
```
$ command -v nvm
```
![][13]
接下来,你可以使用以下命令列出所有可用的 Node.js 版本:
```
$ nvm ls-remote
```
![][14]
或者,你可以列出 Node.js 版本的所有最新 LTS 版本,如图所示。
```
$ nvm ls-remote | grep -i latest
```
![][15]
要安装最新版本的 Node.js当前为 v19.0.0),请运行以下命令:
```
$ nvm install node
```
![][16]
然后,你可以验证安装的 Node.js 版本,如下所示。
```
$ node -v
```
![][17]
此外,你可以安装特定版本的 Node.js。例如要安装 v18.2.0,请运行以下命令:
```
$ nvm install v18.12.0
```
![][18]
要列出系统上所有已安装的 NodeJS 版本,请运行以下命令:
```
$ nvm ls
```
第一行带有 “->” 符号的条目指向当前使用的 Node.js 版本。然后是其他版本。
![][19]
要切换到另一个版本的 Node.js请使用以下语法
```
$ nvm use <version>
```
例如,要使用 Node 版本 19.0.0,请运行以下命令:
```
$ nvm use 19.0.0
```
![][20]
再次检查已安装的 Node.js 版本,这次“->” 符号将指向 v19.0.0。
![][21]
### 总结
在本指南中,我们演示了如何使用三种不同的方法安装 Node.js。此外我们还提供了几种使用 NVM 管理 Node 版本的方法。我们希望可以帮助你轻松地在 RHEL 上安装 NodeJS并选择你想要在项目中使用的版本。
--------------------------------------------------------------------------------
via: https://www.linuxtechi.com/how-to-install-nodejs-on-rhel/
作者:[James Kiarie][a]
选题:[lkxed][b]
译者:[geekpi](https://github.com/geekpi)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.linuxtechi.com/author/james/
[b]: https://github.com/lkxed
[1]: https://nodejs.org/en/about/
[2]: https://www.linuxtechi.com/create-sudo-user-on-rhel-rocky-linux-almalinux/
[3]: https://nodesource.com/
[4]: https://github.com/nvm-sh/nvm
[5]: https://www.linuxtechi.com/wp-content/uploads/2022/11/Install-updates-rhel9-system.png
[6]: https://www.linuxtechi.com/wp-content/uploads/2022/11/Install-development-tools-rhel9-dnf-command.png
[7]: https://www.linuxtechi.com/wp-content/uploads/2022/11/Add-NodeSource-Repository-RHEL9.png
[8]: https://www.linuxtechi.com/wp-content/uploads/2022/11/NodeSource-Repository-Output-RHEL9.png
[9]: https://www.linuxtechi.com/wp-content/uploads/2022/11/dnf-install-nodejs-rhel9.png
[10]: https://www.linuxtechi.com/wp-content/uploads/2022/11/Verify-NodeJs-NPM-Version-RHEL9.png
[11]: https://www.linuxtechi.com/wp-content/uploads/2022/11/Install-NodeJS-NPM-RHEL9-Official-Repo.png
[12]: https://www.linuxtechi.com/wp-content/uploads/2022/11/Installing-NodeJS-Using-NVM.png
[13]: https://www.linuxtechi.com/wp-content/uploads/2022/11/nmv-command-interface-rhel9.png
[14]: https://www.linuxtechi.com/wp-content/uploads/2022/11/list-nodejs-using-nvm-command-rhel9.png
[15]: https://www.linuxtechi.com/wp-content/uploads/2022/11/list-latest-nodejs-using-nvm-command-rhel9.png
[16]: https://www.linuxtechi.com/wp-content/uploads/2022/11/Install-latest-nodejs-with-nvm-rhel9.png
[17]: https://www.linuxtechi.com/wp-content/uploads/2022/11/Verify-nodejs-npm-version-with-node-nvm.png
[18]: https://www.linuxtechi.com/wp-content/uploads/2022/11/Install-specific-nodejs-version-nvm-command-rhel9.png
[19]: https://www.linuxtechi.com/wp-content/uploads/2022/11/nvm-ls-command-rhel9.png
[20]: https://www.linuxtechi.com/wp-content/uploads/2022/11/Use-Specific-NodeJs-Version-RHEL9.png
[21]: https://www.linuxtechi.com/wp-content/uploads/2022/11/Check-NodeJS-Version-after-switching-rhel9.png

View File

@ -3,14 +3,16 @@
[#]: author: "Arindam https://www.debugpoint.com/author/admin1/"
[#]: collector: "lkxed"
[#]: translator: "geekpi"
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
[#]: reviewer: "wxy"
[#]: publisher: "wxy"
[#]: url: "https://linux.cn/article-15250-1.html"
如何提高 Ubuntu 和其他 Linux 系统中的扬声器音量
======
**以下是如何在 Ubuntu 和其他 Linux 发行版中提高笔记本和桌面的音量的方法。**
![](https://img.linux.net.cn/data/attachment/album/202211/14/082359euz72h2utucf2v5u.jpg)
> 以下是如何在 Ubuntu 和其他 Linux 发行版中提高笔记本和桌面的音量的方法。
你有没有觉得你的 Ubuntu 笔记本的音量太小,尽管你把音量调到了 100%?我相信你有过。主要原因是:很明显,笔记本电脑的扬声器输出强度比大型扬声器要低。
@ -18,41 +20,41 @@
VLC 和一些媒体播放器允许你将音量提高到 200%。在最新的 Ubuntu 中使用一些设置,你可以将音量进一步提高。
**注意**:在你尝试和使用以下方法之前,请记住,每个扬声器都有其制造商设定的硬件限制。偶尔一次,播放超过 100% 的音频是可以的。但是,连续放大到更高的分贝可能会使输出的音频失真,并且从长远来看可能会损坏你的扬声器。因此,在使用时要小心谨慎,并有所限制。
> **注意**:在你尝试和使用以下方法之前,请记住,每个扬声器都有其制造商设定的硬件限制。偶尔一次,播放超过 100% 的音频是可以的。但是,连续放大到更高的分贝可能会使输出的音频失真,并且从长远来看可能会损坏你的扬声器。因此,在使用时要小心谨慎,并有所限制。
### 在 Ubuntu 和其他发行版中提高扬声器音量
#### 对于最新的 Ubuntu 22.04 及以上版本GNOME
#### 对于最新的 Ubuntu 22.04 及以上版本GNOME
从应用菜单中打开设置,进入声音标签。
从应用菜单中打开<ruby>设置<rt>Settings</rt></ruby>,进入<ruby>声音<rt>Sound</rt></ruby>标签。
启用 “Over Amplification” 开关。在你启用的那一刻,你应该看到音量条被扩大了。
启用 “<ruby>过度放大<rt>Over Amplification</rt></ruby>” 开关。在你启用的那一刻,你应该看到音量条被扩大了。
![在 Ubuntu 中提升音量超过 100%][1]
现在你可以享受音量提升来听音乐了。
#### Fedora, Arch Linux 和其他发行版
#### FedoraArch Linux 和其他发行版
如果你使用带有 GNOME 的 Fedora 工作站,你将看不到上述选项,因为这是 Ubuntu 特有的设置。见下面。
![在 Fedora (GNOME)中,扬声器音量最大为 100%][2]
因此,对于任何其他 Linux 发行版Arch、Fedora、RedHat 等或桌面KDE、Xfce、LXQt 等),打开终端并安装 [PulseAudio Volume Control][3]。
因此,对于任何其他 Linux 发行版Arch、Fedora、RedHat 等或桌面KDE、Xfce、LXQt 等),打开终端并安装 [PulseAudio 音量控制器][3]。
**Fedora、RedHat Linux、OpenSUSE 和相关基于 rpm 的发行版:**
Fedora、RedHat Linux、OpenSUSE 等基于 RPM 的发行版:
```
sudo dnf install pavucontrol
```
**对于 Arch Linux, Manjaro**
对于 Arch Linux、Manjaro
```
sudo pacman -S pavucontrol
```
**基于 Ubuntu 的非 GNOME 发行版**
基于 Ubuntu 的非 GNOME 发行版:
```
sudo apt install pavucontrol
@ -62,7 +64,7 @@ sudo apt install pavucontrol
安装后,从应用菜单中打开 `pavucontrol`,它应该有个 “PulseAudio Volume Control” 菜单项。
![使用PulseAudio音量控制增加音量][4]
![使用 PulseAudio 音量控制增加音量][4]
### 总结
@ -77,7 +79,7 @@ via: https://www.debugpoint.com/boost-speaker-volume-ubuntu/
作者:[Arindam][a]
选题:[lkxed][b]
译者:[geekpi](https://github.com/geekpi)
校对:[校对者ID](https://github.com/校对者ID)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出

View File

@ -3,45 +3,50 @@
[#]: author: "Arindam https://www.debugpoint.com/author/admin1/"
[#]: collector: "lkxed"
[#]: translator: "geekpi"
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
[#]: reviewer: "wxy"
[#]: publisher: "wxy"
[#]: url: "https://linux.cn/article-15256-1.html"
如何在 Linux 中查找 Systemd 或任何其他 init 系统
如何在 Linux 中确定运行的是那种初始化系统
======
**你可以通过以下方式确定你的 Linux 发行版中是否正在运行系统或任何其他 init 系统。**
![](https://img.linux.net.cn/data/attachment/album/202211/15/183009zafv77ru1afwprr7.jpg)
第一个进程在你启动 Linux 发行版时开始,称为 init初始化的缩写。它的进程标识符为 1即 pid=1。基于 Unix 的系统中的所有进程和应用程序都是这个 init 进程的直接后代。
> 你可以通过以下方式确定你的 Linux 发行版中是否正在运行 systemd 或其它初始化系统。
首个进程在你启动 Linux 发行版时开始运行,它称为初始化进程 init<ruby>初始化<rt>initialization</rt></ruby>的缩写)。它的进程标识符为 1即 pid=1。基于 Unix 的系统中的所有进程和应用程序都是这个初始化进程的后代。
根据功能和特性,存在不同类型的初始化进程。例如,[systemd][1]、Runit、OpenRC、sysVinit 等。其中systemd 是最流行和最现代的一种,被包括 Ubuntu 和 Fedora 在内的所有现代 Linux 发行版使用和采用。
与传统的基于 Unix 的 init 系统相比Systemd 及其性能一直存在争议。但这是另一篇文章的主题
与传统的基于 Unix 的初始化系统相比systemd 及其性能一直存在争议。但这就是另外一个话题了
让我们看看如何确定在 Linux 发行版中运行的是 systemd 还是任何其他 init 系统。
让我们看看如何确定在 Linux 发行版中运行的是 systemd 还是其它初始化系统。
### systemd 还是什么 init 系统?
### systemd 还是其它初始化系统?
不幸的是,没有直接的命令可以找到它。你可以从初始化进程 id=1 追溯它,它基本上是到 `/sbin/init` 的符号链接,即 pid=1。
使用 `[strings][2]` 命令打印嵌入在二进制文件 `/sbin/init` 中的文本并使用以下命令搜索 init。
不幸的是,没有直接的命令可以找到它。你可以从初始化进程追溯它,它基本上是到 `/sbin/init` 的符号链接,即 pid=1。
使用 [strings][2] 命令打印嵌入在二进制文件 `/sbin/init` 中的文本并使用以下命令搜索 `init`
```
strings /sbin/init | grep init
```
**示例 1**:在下面的输出中,它是一个运行 Debian通过 Peppermint OS的 sysVinit 系统。如你所见,它清楚地显示了 init 进程名称。
#### 示例 1
在下面的输出中,它是一个运行 DebianPeppermint OS的 sysVinit 系统。如你所见,它清楚地显示了 `init` 进程名称。
```
strings /sbin/init | grep init
```
![显示使用 init 而不是 systemd 的示例][3]
![显示使用 sysVinit 而不是 systemd 的示例][3]
如果在上述同一个系统中找到 systemd那么不会有任何条目。因此你可以得出结论你正在运行 sysvinit 而不是 systemd。
如果在上述同一个系统中找 `systemd`,那么不会有任何结果。因此,你可以得出结论,你正在运行 sysVinit 而不是 systemd。
**示例 2**:如果你在 systemd 系统中运行上述命令,你可以在输出的第一行轻松看到 systemd 及其版本。
#### 示例 2
如果你在 systemd 系统中运行上述命令,你可以在输出的第一行轻松看到 systemd 及其版本。
```
strings /sbin/init | grep systemd
@ -49,7 +54,9 @@ strings /sbin/init | grep systemd
![显示它使用 systemd 的示例][4]
**示例 3**:你也可以尝试使用 `pstree` 命令打印进程树,它应该会显示第一个进程名称。它应该是 systemd 或 init如下例所示。
#### 示例 3
你也可以尝试使用 `pstree` 命令打印进程树,它应该会显示第一个进程名称。它应该是 `systemd``init`,如下例所示。
```
pstree
@ -68,7 +75,7 @@ via: https://www.debugpoint.com/systemd-or-init/
作者:[Arindam][a]
选题:[lkxed][b]
译者:[geekpi](https://github.com/geekpi)
校对:[校对者ID](https://github.com/校对者ID)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出

View File

@ -3,18 +3,20 @@
[#]: author: "Don Watkins https://opensource.com/users/don-watkins"
[#]: collector: "lkxed"
[#]: translator: "Cubik65536"
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
[#]: reviewer: "wxy"
[#]: publisher: "wxy"
[#]: url: "https://linux.cn/article-15261-1.html"
在 VS Code 和 Codium 中使用 Python
在 VS Code 和 Codium 中编写 Python 程序
======
如果你正在寻找一个优秀的、通用的、开源的、带有 Python 集成的代码编辑器,那么你可以尝试一下 Codium。
![][0]
在过去几年内,我有幸和中学生们一起,并带他们入门 [Python 开发][1] 和 Raspberry Pi 400。这一切都很有趣Pi 对于学生和我来说都是一个很好的平台。我们使用了 [Code with Mu][2],并且一切都很成功。我们的 Python 技能随着经验的增长而增长,因此最近我开始寻找给这些学生提供更多东西的方法
> 如果你正在寻找一个优秀的、通用的、开源的、带有 Python 集成的代码编辑器,那么你可以尝试一下 Codium
我参与了一个 Python 课程并在课程中接触了 Microsoft 的 Visual Studio Code。我在课程中学到了很多关于如何为 Python 设置虚拟环境以及如何为 Python 编程配置 VS Code 的知识。在学习过程中,我也认识了 [Codium][3],它本质上是 VS Code但没有 Microsoft 的品牌和遥测。
在过去几年内,我有幸和中学生们一起,并带他们入门 [Python 开发][1] 和树莓派 400。这一切都很有趣树莓派对于学生和我来说都是一个很好的平台。我们使用了 [Code with Mu][2],并且一切都很成功。我们的 Python 技能随着经验的增长而增长,因此最近我开始寻找给这些学生提供更多东西的方法。
我参与了一个 Python 课程并在课程中接触了微软的 Visual Studio Code。我在课程中学到了很多关于如何为 Python 设置虚拟环境,以及如何为 Python 编程配置 VS Code 的知识。在学习过程中,我也认识了 [Codium][3],它基本上是没有微软品牌和遥测的 VS Code。
如果你正在寻找一个优秀的、通用的、开源的、带有 Python 集成的代码编辑器,那么你可以尝试一下 Codium。下面是我在 Linux 系统上为 Python 设置 Codium 的方法。
@ -42,23 +44,23 @@ $ sudo apt install python3.10-venv
接下来,在你的电脑上 [安装 Codium][4]。在 Linux 上,你可以下载一个包并使用你的包管理器安装它,或者 [使用 Flatpak][5]。
在安装好 Codium 之后,打开你的应用程序或活动菜单,输入 “Code” 以启动它。
在安装好 Codium 之后,打开你的应用程序或活动菜单,输入 `code` 以启动它。
### 安装 VS Code Python 扩展
代码其实不是什么特别的东西。它只是一些其他应用程序(编译器或运行时)解释的纯文本。你可以在 Codium 中编写 Python 代码而不需要特殊的扩展。但是,有一个 Python 扩展可以为你带来一些方便的功能。
点击**文件**菜单,选择**首选项**,然后选择**扩展**。在**扩展**面板中,搜索 Python IntelliSense 扩展。
点击<ruby>文件<rt>File</rt></ruby>”菜单,选择“<ruby>首选项<rt>Preferences</rt></ruby>”,然后选择“<ruby>扩展<rt>Extensions</rt></ruby>”。在“<ruby>扩展<rt>Extensions</rt></ruby>面板中,搜索 Python IntelliSense 扩展。
![VS Code 和 Codium 都有一个扩展管理器,它会在页面左侧打开,允许你安装附加模块][6]
![VS Code 和 Codium 都有一个扩展管理器,它会在页面左侧打开,允许你安装附加模块][6]
你已经在 Codium 中设置了 Python。剩下的就是把它用起来。
### 为 VS Code 或 Codium 设置虚拟环境
我们可以创建一个项目目录并将其添加到 Codium 中,这样在工作时,你创建和保存的文件都将默认保存到活动项目目录。这是一种快速的管理方式,可以让你不必经常点击文件保存和打开对话框。
我们可以创建一个项目目录并将其添加到 Codium 中,这样在工作时,你创建和保存的文件都将默认保存到活动项目目录。这是一种快速的管理方式,可以让你不必经常点击文件保存和打开对话框。
在你创建一个虚拟 Python 环境作为工作目录时Codium因为你已经安装了 Python 扩展)会检测到它。当你激活一个虚拟环境文件夹作为活动项目目录时Codium 会自动运行使用虚拟环境所需的激活代码。
在你创建一个虚拟 Python 环境作为工作目录时Codium 会检测到它(因为你已经安装了 Python 扩展。当你激活一个虚拟环境文件夹作为活动项目目录时Codium 会自动运行使用虚拟环境所需的激活代码。
要为 Python 创建一个虚拟环境,请打开终端并输入:
@ -68,16 +70,16 @@ $ python3 -m venv ~/PythonCoding
### 添加项目目录
在 Codium 中,点击**文件**菜单,选择**将文件夹添加到工作区**。打开你刚刚设置的虚拟环境(对我来说,是 `/home/don/PythonCoding`)。
在 Codium 中,点击<ruby>文件<rt>File</rt></ruby>”菜单,选择“<ruby>将文件夹添加到工作区<rt>Add Folder to Workspace</rt></ruby>。打开你刚刚设置的虚拟环境(对我来说,是 `/home/don/PythonCoding`)。
现在你已经准备好写一些 Python 代码了!在你的工作区中创建一个新的 Python 文件并插入一些基本代码。当你输入时你可能会注意到Codium 会为环境包含的 Python 模块提供自动补齐建议。
``` python
```
import sys
print("Codium running Python " + sys.version)
```
现在点击 Codium 窗口右上角的**运行**按钮。这会在窗口底部打开一个控制台面板显示你的代码的输出:
现在点击 Codium 窗口右上角的“运行”按钮。这会在窗口底部打开一个控制台面板显示你的代码的输出:
```
(PythonCode) sh-5.1$ /home/bogus/PythonCode/bin/python
@ -94,7 +96,6 @@ Codium running Python 3.10.6 (main…)[GCC 12.1.0]
Codium 的界面比一些基本的编辑器更复杂,但它有我在学习过程中所需要的东西。如果你需要一个更专业的编辑器,或者你想从当前的编辑器切换到新的编辑器,那么试试 Codium 吧。
--------------------------------------------------------------------------------
via: https://opensource.com/article/22/11/python-vs-code-codium
@ -102,7 +103,7 @@ via: https://opensource.com/article/22/11/python-vs-code-codium
作者:[Don Watkins][a]
选题:[lkxed][b]
译者:[Cubik65536](https://github.com/Cubik65536)
校对:[校对者ID](https://github.com/校对者ID)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
@ -115,3 +116,4 @@ via: https://opensource.com/article/22/11/python-vs-code-codium
[5]: https://flathub.org/apps/details/com.vscodium.codium
[6]: https://opensource.com/sites/default/files/2022-10/codium-extension-python.webp
[7]: https://open-vsx.org/
[0]: https://img.linux.net.cn/data/attachment/album/202211/17/100909py38rj0tqxlyrq0t.jpg

View File

@ -0,0 +1,85 @@
[#]: subject: "Announcing Fedora Linux 37"
[#]: via: "https://fedoramagazine.org/announcing-fedora-37/"
[#]: author: "Matthew Miller https://fedoramagazine.org/author/mattdm/"
[#]: collector: "lujun9972"
[#]: translator: "wxy"
[#]: reviewer: "wxy"
[#]: publisher: "wxy"
[#]: url: "https://linux.cn/article-15258-1.html"
Fedora Linux 37 发布
======
![][1]
今天我很兴奋地与大家分享成千上万的 Fedora 项目贡献者的辛勤工作成果Fedora Linux 37 版本来了!让我们看看这个最新版本给你带来了什么。一如既往,在从以前的版本升级之前,你应该确保你的系统是完全最新的。迫不及待地想开始了吗?在你阅读的同时 [下载][2]
> **[下载 Fedora Linux 37][2]**
### 两个新的版本
Fedora 的各个“<ruby>版本<rt>Edition</rt></ruby>”是针对某一特定“市场”的旗舰产品。在 Fedora Linux 37 中我们增加了两个新版本Fedora CoreOS 是你可能还记得的 Atomic Host 的后续版本。从 Project Atomic 和 CoreOS 的初始的工作中汲取营养,它提供了一种自动更新机制,以托管基于容器的工作负载。通过原子更新和简单的回滚,它为你的基础设施增加了安全感。
Fedora Cloud 也作为一个版本回来了。云计算工作组的活动已经重新开始了。Cloud 版本提供了一个很棒的 Fedora 基础可以在你喜欢的公共或私有云中运行。AMI 将在本周晚些时候在 AWS 市场上提供,在社区频道上现在已经可以使用。请查看 [此网站][3] 以了解可以在其他云供应商或你自己的云上运行的镜像!
### 桌面的改进
Fedora Workstation 专注于桌面体验。像往常一样Fedora Workstation 采用了最新的 GNOME 版本。[GNOME 43][4] 在设置中包括一个新的设备安全面板,为用户提供关于系统中硬件和固件的安全信息。在上一个版本的基础上,更多的 GNOME 核心应用程序被移植到了最新版本的 GTK 工具包,提供了更好的性能和现代的外观。 
在这个版本中,我们做了一些改变,让你的安装变得更精简。我们把 Firefox 浏览器的语言包分成了子包。这意味着如果你不需要本地化,你可以删除 `firefox-langpacks` 包。gettext 的运行包(帮助其他包产生多语言文本的工具)被分割成一个单独的、可选择的子包。
当然我们生产的不仅仅是“版本”。Fedora <ruby>[定制版][5]<rt>Spins</rt></ruby><ruby>[实验室][6]<rt>Labs</rt></ruby> 针对的是不同的受众和使用情况,包括 [Fedora Comp Neuro][7] ,它为计算神经科学提供工具,以及像 [Fedora LXQt][8] 这样的桌面环境,它提供一个轻量级桌面环境。而且,别忘了我们的备用架构。[ARM AArch64、Power 和 S390x][9]。
### 系统管理方面的改进
Fedora Server 现在可以生成一个 KVM 磁盘镜像,使在虚拟机中运行 Server 更加容易。如果你已经禁用了 SELinux没关系 —— 我们仍然爱你!),你可以在影响较小的情况下重新开启它。自动标签现在以并行方式运行,使 “fixfiles” 操作更快。
为了跟上密码学的发展,这个版本引入了一个 `TEST-FEDORA39` 策略,预览了计划在未来版本中的变化。新策略之一是不再使用 SHA-1 签名。研究人员早就知道这种哈希值(就像之前的 MD5 一样)在许多安全方面的使用是不安全的。
在未来,我们可能会将 SHA-1 从 Fedora Linux 可接受的安全算法列表中移除。(正如 `TEST-FEDORA39` 这个名字所暗示的那样,也许最快也要到明年。)不过我们知道如今 SHA-1 哈希值仍然在使用。新的策略可以帮助你现在就测试你的关键应用程序,这样你就可以做好准备。请尝试一下,并让我们知道你在哪里遇到了问题。
说到密码学openssl1.1 包现在已经废弃了。它还能用,但我们建议你更新你的代码,以使用 openssl 3。
### 其他更新
树莓派 4 现在在 Fedora Linux 中得到了正式支持,包括图形加速。在 ARM 的其他方面Fedora Linux 37 放弃了对 ARMv7 架构(也被称为 arm32 或 armhfp的支持。
在我们的“[First][10]”基础上,我们已经更新了关键的编程语言和系统库包,包括 Python 3.11、Golang 1.19、glibc 2.36 和 LLVM 15。
我们很高兴你能试用这个新版本!请到 <https://getfedora.org/> 下载。或者如果你已经在运行 Fedora Linux请按照 [简易升级说明][11]。更多关于 Fedora Linux 37 的新功能的信息,请看 [发行说明][12]。
### 在不太可能发生的情况下...
如果你遇到了问题,请访问我们的 [Ask Fedora][13] 用户支持论坛。这里有一个 [常见问题][14] 的分类。
### 谢谢大家
感谢在这个发布周期为 Fedora 项目做出贡献的成千上万的人。我们很高兴 Fedora 社区有你们。
--------------------------------------------------------------------------------
via: https://fedoramagazine.org/announcing-fedora-37/
作者:[Matthew Miller][a]
选题:[lujun9972][b]
译者:[wxy](https://github.com/wxy)
校对:[wxy](https://github.com/wxy)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://fedoramagazine.org/author/mattdm/
[b]: https://github.com/lujun9972
[1]: https://fedoramag.wpenginepowered.com/wp-content/uploads/2022/11/f37-release-1-816x345.jpg
[2]: https://getfedora.org
[3]: https://getfedora.org/en/cloud/
[4]: https://release.gnome.org/43/
[5]: https://spins.fedoraproject.org/
[6]: https://labs.fedoraproject.org/
[7]: https://labs.fedoraproject.org/en/comp-neuro/
[8]: https://spins.fedoraproject.org/en/lxqt/
[9]: https://alt.fedoraproject.org/alt/
[10]: https://docs.fedoraproject.org/en-US/project/#_first
[11]: https://docs.fedoraproject.org/en-US/quick-docs/upgrading/
[12]: https://docs.fedoraproject.org/en-US/fedora/f37/release-notes/
[13]: https://ask.fedoraproject.org/
[14]: https://ask.fedoraproject.org/c/common-issues/141/none

View File

@ -1,98 +0,0 @@
[#]: subject: "Linux Mint's Update Manager Now Supports Flatpak"
[#]: via: "https://news.itsfoss.com/linux-mint-update-manager/"
[#]: author: "Sourav Rudra https://news.itsfoss.com/author/sourav/"
[#]: collector: "lkxed"
[#]: translator: "qfzy1233"
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
Linux Mint's Update Manager Now Supports Flatpak
======
Linux Mint's Update Manager just got more helpful!
![Linux Mint's Update Manager Now Supports Flatpak][1]
Linux Mint's Update Manager is an essential part of the distro that makes the experience easier for new users.
A recent update has pushed many improvements to Linux Mint 21, including Flatpak support with the update manager.
**You just need to update your system to get these refinements.**
### ⭐ Flatpak Support In Update Manager
![linux mint 21 flatpak support in update manager][2]
Image Credits: The Linux Mint Blog
Yes, you read that right. It is finally happening.
Flatpak support has been added to the Update Manager, letting users update Flatpak applications and runtimes in a few clicks.
This should make way for a unified update experience that further improves the user experience.
It is beneficial for new users who need not be familiar with terminal commands to update Flatpak. Also, you do not require to integrate Flatpak with the software center (for GNOME).
In other words, the Linux Mint team enhanced your experience with Flatpak apps.
**Alongside Flatpak support, the update includes a few more enhancements to Linux Mint 21, which is immediately available as an update.**
Some of the refinements include:
### Improvements To Corner Bar
![linux mint 21 updated corner bar][3]
Image Credits: The Linux Mint Blog
The corner bar on Linux Mint 21 has received two new additions:
- **Ability to set left click and middle click actions to the corner bar; you can configure it to show the desktop, the workspace selector, or the desklets.**
- **A new option lets you hover your mouse on the corner bar to show the desktop.**
### Updates To Nemo
![linux mint 21 updated nemo file manager][4]
Image Credits: The Linux Mint Blog
The Nemo file manager has received a few tweaks; now, when files are selected, only the file names will be highlighted instead of the icon and file name.
**If you did not know**, you could enhance the Nemo file manager experience with some of our suggested tweaks as well:
Furthermore, the desktop icon has been flipped vertically, and a new shortcut has been added to the desktop's context menu to give quick access to the display settings.
### Fewer Password Prompts
This is another user experience tweak that many of you might like.
When removing a Flatpak or any shortcut or local application, it will no longer ask you for a password.
Similarly, in the case of Synaptic and the Update Manager, pkexec will be used to remember the password.
This way, users do not have to enter the password every time they perform multiple operations.
You can refer to [Linux Mint's monthly blog post][5] to learn about other changes.
**Via: [DebugPointNews][6]**
--------------------------------------------------------------------------------
via: https://news.itsfoss.com/linux-mint-update-manager/
作者:[Sourav Rudra][a]
选题:[lkxed][b]
译者:[qfzy1233](https://github.com/qfzy1233)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://news.itsfoss.com/author/sourav/
[b]: https://github.com/lkxed
[1]: https://news.itsfoss.com/content/images/size/w1200/2022/11/mint-updater-tool-flatpak-support.png
[2]: https://news.itsfoss.com/content/images/2022/11/Linux_Mint_21_UM_FlatpakSupport.png
[3]: https://news.itsfoss.com/content/images/2022/11/Linux_Mint_21_CornerBar_Update.png
[4]: https://news.itsfoss.com/content/images/2022/11/Linux_Mint_21_Nemo_Updates.png
[5]: https://blog.linuxmint.com/?p=4424
[6]: https://debugpointnews.com/linux-mint-update-flatpak/

View File

@ -0,0 +1,58 @@
[#]: subject: "KDE Plasma 5.27 Bringing Subtle Outline on Windows"
[#]: via: "https://debugpointnews.com/kde-plasma-5-27-outline-windows/"
[#]: author: "arindam https://debugpointnews.com/author/dpicubegmail-com/"
[#]: collector: "lkxed"
[#]: translator: " "
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
KDE Plasma 5.27 Bringing Subtle Outline on Windows
======
![][1]
**A new feature arriving on the KDE Plasma desktop that enables a subtle outline in Breeze theme window borders for better usability and design.**
A [recent merge request][2] for the upcoming KDE Plasma 5.27 release (for 2023) shows how a nice, subtle window border can make a difference in the overall desktop look.
Today, the drop-shadow distinguishes two overlapped windows in the default Plasma Breeze theme. Thats the only thing that differentiates the edges of two application windows.
Sometimes it becomes difficult to find out the edges when you want to drag the window or do something else, especially in the dark Breeze theme.
In the light theme, its not that difficult, though.
To make it look more professional, the new border gives a pleasant look to the default Breeze theme.
![KDE Plasma new outline comparison][3]
KDE Plasma new outline comparison
The colour of the new window outline is adaptive and not a fixed colour. It adapts based on the wallpaper and the themes default colour. But there is a catch, though. There wont be any settings for this to disable. Because making a switch for this would be irrelevant since its very subtle and should work with all types of KDE customization.
![KDE Plasma - new outline in windows -2][4]
KDE Plasma new outline in windows -2
KDE Plasma 5.27 is currently under development and will be an LTS release. Also, it will be the final release of the Plasma 5 series. Its currently scheduled for Feb 2023.
Via [blog][5]
--------------------------------------------------------------------------------
via: https://debugpointnews.com/kde-plasma-5-27-outline-windows/
作者:[arindam][a]
选题:[lkxed][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://debugpointnews.com/author/dpicubegmail-com/
[b]: https://github.com/lkxed
[1]: https://debugpointnews.com/wp-content/uploads/2022/11/kdenewborder.jpg
[2]: https://invent.kde.org/plasma/breeze/-/merge_requests/241
[3]: https://debugpointnews.com/wp-content/uploads/2022/11/KDE-Plasma-new-outline-comparison.jpg
[4]: https://debugpointnews.com/wp-content/uploads/2022/11/KDE-Plasma-new-outline-in-windows-2.jpg
[5]: https://www.akselmo.dev/2022/10/31/I-made-outlines-for-KDE-Breeze.html

View File

@ -0,0 +1,106 @@
[#]: subject: "Meet Tabby, A New Open-Source Cross-Platform Terminal App"
[#]: via: "https://news.itsfoss.com/tabby/"
[#]: author: "Sourav Rudra https://news.itsfoss.com/author/sourav/"
[#]: collector: "lkxed"
[#]: translator: " "
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
Meet Tabby, A New Open-Source Cross-Platform Terminal App
======
Tabby is a mind-blowing terminal app for a local shell, SSH, and Telnet connections. Let's take a look!
![Meet Tabby, A New Open-Source Cross-Platform Terminal App][1]
There are a lot of terminal apps out there that offer a range of functionalities.
So, what's unique about Tabby?
Tabby is a cross-platform customizable terminal app with SSH integration. It is a terminal emulator that does not try to be a new shell or Cygwin replacement.
Let's take a look at what Tabby aims to be.
### ⭐ An Impressive Customizable Terminal App
![tabby][2]
Formerly known as 'Terminus', [Tabby][3] is a highly customizable cross-platform open-source terminal emulator.
It can connect to SSH servers using its integrated connection manager and offers various customization options in terms of appearance and other functionalities. It also supports plugins; these can be added from the settings menu to add more functionality to the app.
If you have been a user of PowerShell ISE, PuTTY, or the mac terminal, Tabby will suit you as a perfect replacement.
> 💡Tabby is not a lightweight app, so one needs to be careful about system resources.
It is available for Linux, Windows, and macOS. You can also run Tabby as a portable app for Windows.
They also offer an experimental web app, if you are a fan of it, feel free to try it out.
An **integrated SSH client, font ligature, Unicode support, and configurable shortcuts** make Tabby worth trying.
#### Related Read 📖
### Features of Tabby
![tabby ssh][4]
Tabby has an integrated SSH and Telnet client with support for X11, port forwarding and automatic jump host management.
You can customize Tabby's appearance by using various theming and color options.
![tabby themes][5]
For starters, features like these provide an excellent user experience. But it does not end here.
Tabby has a bunch of features to offer; some of the key highlights include:
![tabby tabs][6]
- **Integrated serial terminal**
- **Remember previously opened tabs and supports multi-pane nesting.**
- **Full Unicode Support**
- **Smart Tabs and progress bars for tabs**
- **Optional Quake mode.**
- **Integrated encrypted container for SSH secrets and configuration**
- **Zmodem Transfers**
- **Customizable Hotkeys**
- **Multiple Profiles with Profile Manager**
### 👇 Download and Try Tabby
Keep in mind that Tabby is currently in its early stages and under heavy development.
**It is fun, feature-rich, and engaging, but it may not be for everyone!**
If it does not sound too overwhelming, head to their [GitHub repo][7] and download the latest package for the platform you want.
Various packages such as **.deb, .rpm, .tar.gz, .pacman,** and more are available for Linux.
You can also explore its official website for more info.
[Tabby][3]
💬 Are you willing to give Tabby a try?
--------------------------------------------------------------------------------
via: https://news.itsfoss.com/tabby/
作者:[Sourav Rudra][a]
选题:[lkxed][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://news.itsfoss.com/author/sourav/
[b]: https://github.com/lkxed
[1]: https://news.itsfoss.com/content/images/size/w1200/2022/11/tabby-first-look.png
[2]: https://news.itsfoss.com/content/images/2022/11/Tabby-1.png
[3]: https://tabby.sh
[4]: https://news.itsfoss.com/content/images/2022/11/Tabby_SSH.png
[5]: https://news.itsfoss.com/content/images/2022/11/Tabby_Themes-1.png
[6]: https://news.itsfoss.com/content/images/2022/11/Tabby_MultiPane-1.png
[7]: https://github.com/Eugeny/tabby/releases/tag/v1.0.186

View File

@ -0,0 +1,81 @@
[#]: subject: "4 key differences between Twitter and Mastodon"
[#]: via: "https://opensource.com/article/22/11/twitter-vs-mastodon"
[#]: author: "Don Watkins https://opensource.com/users/don-watkins"
[#]: collector: "lkxed"
[#]: translator: " "
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
4 key differences between Twitter and Mastodon
======
Mastodon is not a corporation. All of its instances are staffed and supported by each server's contributors. Here are a few other advantages.
Social media is not always sociable, and sometimes we need a sufficient impetus to change what we do and what we read. I began using Twitter as a replacement for my RSS reader in 2008, which revolutionized how I read and learned up to that point. Tweets from educators and free and open source (FOSS) advocates worldwide kept me informed and engaged in a learning network that was without equal. That's changed over the past half dozen years, and recently a change in ownership and the shaping of what I read was driven more by an algorithm than by my personal interests and choices. During a yearly meetup of correspondents and editors of Opensource.com a few years ago, [Seth Kenlon][1] suggested giving [Mastodon][2] a try. I joined [Fosstodon][3] in 2019. Fosstodon is a Mastodon instance for a community of like-minded people who enjoy free and open source software.
### Mastodon vs Twitter
Change is not easy. Being a creature of habit, I stayed with my old standby even though it was becoming increasingly tiresome. The threat of its sale in the spring of 2022 invited me to reconsider Fosstodon.
### 1. Favorite instead of like
The Mastodon interface is similar to Twitter. Rather than "liking" a post, you "favorite" a post on Mastodon by clicking the star icon under the post content.
![Favorite button][4]
### 2. Share a post
Re-sharing on my old network is a "retweet," but on Mastodon, it's a "boost." You click the double-arrow icon under the post content to boost a post.
![Boost button][5]
### 3. Mastodon instances
Because anyone can run a Mastodon instance, different instances not only have unique communities (like the ones that form around specific hashtags on Twitter, but Mastodon also has hashtags). Some have a unique set of rules. For instance, unlike my former social network, there were content moderation rules on Fosstodon that seemed strict initially. I made a post unrelated to FOSS software, and my post was removed. I was told it had been removed because I'd not issued a "content warning." That irked me, so I looked for another instance and found a couple more to my liking. One was [Mastodon.social][6], and the other [Scholar.social][7]. The former is a general server with no expectation about what you will post. The latter was an instance dedicated to academics. In all cases, there are well-enforced codes of conduct.
Each instance has rules, and while they differ slightly in the description, they clearly spell out what is and is not acceptable behavior. Fosstodon published its [code of conduct][8], which established the rules and expectations of behavior on the site.
### 4. Open source social networking
If you want to run your own Mastodon instance or help develop one, you'll be happy to know that Mastodon is open source. It uses an AGPLv3 license, and its source code is available as a [Git repository][9]. The software provides a social network server that uses the [ActivityPub][10] protocol to communicate with other servers worldwide.
Mastodon is not a single site on the internet but a series of sites spanning the globe and communicating with each other. This federated network is referred to as the "fediverse." Unlike other social networks, where there's a single owner of the network, Mastodon and other ActivityPub sites are owned by anyone who runs a server.
From a user's perspective, this doesn't matter at first. You can sign up on any Mastodon instance and then connect to all other instances.
There is power to this distributed design, though. If you encounter an instance with a community producing content you'd rather not see, you can block either a single user from that instance or the whole instance.
In the past month, I've returned to Fosstodon primarily because open source is my passion. I enjoy sharing open source content on Fosstodon because the other users of Fosstodon are generally receptive to posts about free and open source software. When I have something to share that's not considered appropriate on Fosstodon, I share it on Scholar.social or Mastodon.social.
Not all instances have topics they focus on, and even those that do often use their topical interests as a guideline rather than grounds for strict removal of posts. If you have a particular interest, you might be able to find a community built around that topic, and you're likely to see that you have an instant audience. Of course, you'll still always be able to communicate with users of other instances, too.
### Try Mastodon
Mastodon is not a corporation. All of its instances are staffed and supported by each server's contributors. Some instances make it easy to support them with Patreon or PayPal.
I have found the fediverse a welcoming place that brings joy back into social networking. Have you joined Mastodon? What are your takeaways? Let us know in the comments.
--------------------------------------------------------------------------------
via: https://opensource.com/article/22/11/twitter-vs-mastodon
作者:[Don Watkins][a]
选题:[lkxed][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/don-watkins
[b]: https://github.com/lkxed
[1]: https://opensource.com/users/seth
[2]: https://joinmastodon.org/
[3]: https://fosstodon.org/about/
[4]: https://opensource.com/sites/default/files/2022-11/favorite-button.webp
[5]: https://opensource.com/sites/default/files/2022-11/boost-button.webp
[6]: https://mastodon.social/about
[7]: https://scholar.social/about/more
[8]: https://hub.fosstodon.org/coc/
[9]: https://github.com/mastodon/mastodon
[10]: https://en.wikipedia.org/wiki/ActivityPub

View File

@ -1,438 +0,0 @@
[#]: subject: (Identify security properties on Linux using checksec)
[#]: via: (https://opensource.com/article/21/6/linux-checksec)
[#]: author: (Gaurav Kamathe https://opensource.com/users/gkamathe)
[#]: collector: (lujun9972)
[#]: translator: (chai001125)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
Identify security properties on Linux using checksec
======
Learn how to use checksec to identify an executable's security
properties, understand what they mean, and know how to use them.
![Target practice][1]
Compiling source code produces a binary. During compilation, you can provide flags to the compiler to enable or disable certain properties on the binary. Some of these properties are relevant to security.
Checksec is a nifty little tool (and shell script) that, among other functions, identifies the security properties that were built into a binary when it was compiled. A compiler might enable some of these properties by default, and you might have to provide specific flags to enable others.
This article explains how to use checksec to identify the security properties on a binary, including:
1. The underlying commands checksec uses to find information on the security properties
2. How to enable security properties using the GNU Compiler Collection (GCC) when compiling a sample binary
## Install checksec
To install checksec on Fedora and other RPM-based systems, use:
```
`$ sudo dnf install checksec`
```
For Debian-based distros, use the equivalent `apt` command.
## The shell script
Checksec is a single-file shell script, albeit a rather large one. An advantage is that you can read through the script quickly and understand all the system commands running to find information about binaries or executables:
```
$ file /usr/bin/checksec
/usr/bin/checksec: Bourne-Again shell script, ASCII text executable, with very long lines
$ wc -l /usr/bin/checksec
2111 /usr/bin/checksec
```
Take checksec for a drive with a binary you probably run daily: the ubiquitous `ls` command. The command's format is `checksec --file=` followed by the absolute path of the `ls` binary:
```
$ checksec --file=/usr/bin/ls
RELRO           STACK CANARY      NX            PIE             RPATH      RUNPATH      Symbols         FORTIFY Fortified       Fortifiable     FILE
Full RELRO      Canary found      NX enabled    PIE enabled     No RPATH   No RUNPATH   No Symbols        Yes   5       17              /usr/bin/ls
```
When you run this in a terminal, you see color-coding that shows what is good and what probably isn't. I say "probably" because even if something is in red, it doesn't necessarily mean things are horrible—it might just mean the distro vendors made some tradeoffs when compiling the binaries.
The first line provides various security properties that are usually available for binaries, like `RELRO`, `STACK CANARY`, `NX`, and so on (I explain in detail below). The second line shows the status of these properties for the given binary (`ls`, in this case). For example, `NX enabled` means some property is enabled for this binary.
## A sample binary
For this tutorial, I'll use the following "hello world" program as the sample binary.
```
#include &lt;stdio.h&gt;
int main()
{
        [printf][2]("Hello World\n");
        return 0;
}
 
```
Note that I did not provide `gcc` with any additional flags during compilation:
```
$ gcc hello.c -o hello
 
$ file hello
hello: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=014b8966ba43e3ae47fab5acae051e208ec9074c, for GNU/Linux 3.2.0, not stripped
$ ./hello
Hello World
```
Run the binary through checksec. Some of the properties are different than with the `ls` command above (on your screen, these may be displayed in red):
```
$ checksec --file=./hello
RELRO           STACK CANARY      NX            PIE             RPATH      RUNPATH      Symbols         FORTIFY Fortified       Fortifiable     FILE
Partial RELRO   No canary found   NX enabled    No PIE          No RPATH   No RUNPATH   85) Symbols       No    0       0./hello
$
```
## Changing the output format
Checksec allows various output formats, which you can specify with `--output`. I'll choose the JSON format and pipe the output to the `jq` utility for pretty printing.
To follow along, [ensure you have `jq` installed][3] because this tutorial uses this output format to quickly grep for specific properties from the output and report `yes` or `no` on each:
```
$ checksec --file=./hello --output=json | jq
{
  "./hello": {
    "relro": "partial",
    "canary": "no",
    "nx": "yes",
    "pie": "no",
    "rpath": "no",
    "runpath": "no",
    "symbols": "yes",
    "fortify_source": "no",
    "fortified": "0",
    "fortify-able": "0"
  }
}
```
## Walking through the security properties
The binary above includes several security properties. I'll compare that binary against the `ls` binary above to examine what is enabled and explain how checksec found this information.
### 1\. Symbols
I'll start with the easy one first. During compilation, certain symbols are included in the binary, mostly for debugging. These symbols are required when you are developing software and require multiple cycles for debugging and fixing things.
These symbols are usually stripped (removed) from the final binary before it's released for general use. This does not affect the binary's execution in any way; it will run just as it would with the symbols. Stripping is often done to save space, as the binary is somewhat lighter once the symbols have been stripped. In closed-source or proprietary software, symbols often are removed because having these symbols in a binary makes it somewhat easy to infer the software's inner workings.
According to checksec, symbols are present in this binary, yet they were not in the `ls` binary. You can also find this information by running the `file` command on the program—you see `not stripped` in the output towards the end:
```
$ checksec --file=/bin/ls --output=json | jq | grep symbols
    "symbols": "no",
$ checksec --file=./hello --output=json | jq | grep symbols
    "symbols": "yes",
$ file hello
hello: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=014b8966ba43e3ae47fab5acae051e208ec9074c, for GNU/Linux 3.2.0, not stripped
```
How did checksec find this information? Well, it provides a handy `--debug` option to show which functions ran. Therefore, running the following command should show you which functions ran within the shell script:
```
`$ checksec --debug --file=./hello`
```
In this tutorial, I'm looking for the underlying commands used to find this information. Since it's a shell script, you can always utilize Bash features. This command will output every command that ran from within the shell script:
```
`$ bash -x /usr/bin/checksec --file=./hello`
```
If you scroll through the output, you should see an `echo_message` followed by the security property's category. Here is what checksec reports about whether the binary contains symbols:
```
\+ readelf -W --symbols ./hello
\+ grep -q '\\.symtab'
\+ echo_message '\033[31m96) Symbols\t\033[m  ' Symbols, ' symbols="yes"' '"symbols":"yes",'
```
To simplify this, checksec utilizes the `readelf` utility to read the binary and provides a special `--symbols` flag that lists all symbols within the binary. Then it greps for a special value, `.symtab`, that provides a count of entries (symbols) it finds. You can try out the following commands on the test binary you compiled above:
```
$ readelf -W --symbols ./hello
$ readelf -W --symbols ./hello | grep -i symtab
```
## How to strip symbols
You can strip symbols after compilation or during compilation.
* **Post compilation:** After compilation, you can use the `strip` utility on the binary to remove the symbols. Confirm it worked using the `file` command, which now shows the output as `stripped`: [code] $ gcc hello.c -o hello
$
$ file hello
hello: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=322037496cf6a2029dcdcf68649a4ebc63780138, for GNU/Linux 3.2.0, not stripped
$
$ strip hello
$
$ file hello
hello: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=322037496cf6a2029dcdcf68649a4ebc63780138, for GNU/Linux 3.2.0, stripped
$
```
## How to strip symbols during compilation
Instead of stripping symbols manually after compilation, you can ask the compiler to do it for you by providing the `-s` argument:
```
$ gcc -s hello.c -o hello
$
$ file hello
hello: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=247de82a8ad84e7d8f20751ce79ea9e0cf4bd263, for GNU/Linux 3.2.0, stripped
$
```
After rerunning checksec, you can see that `symbols` are shown as `no`:
```
$ checksec --file=./hello --output=json | jq | grep symbols
    "symbols": "no",
$
```
### 2\. Canary
Canaries are known values that are placed between a buffer and control data on the _stack_ to monitor buffer overflows. When an application executes, two kinds of memory are assigned to it.  One of them is a _stack_, which is simply a data structure with two operations: `push`, which puts data onto the stack, and `pop`, which removes data from the stack in reverse order. Malicious input could overflow or corrupt the stack with specially crafted input and cause the program to crash:
```
$ checksec --file=/bin/ls --output=json | jq | grep canary
    "canary": "yes",
$
$ checksec --file=./hello --output=json | jq | grep canary
    "canary": "no",
$
```
How does checksec find out if the binary is enabled with a canary? Using the method above, you can narrow it down by running the following command within the shell script:
```
`$ readelf -W -s ./hello | grep -E '__stack_chk_fail|__intel_security_cookie'`
```
#### Enable canary
To protect against these cases, the compiler provides the `-stack-protector-all` flag, which adds extra code to the binary to check for such buffer overflows:
```
$ gcc -fstack-protector-all hello.c -o hello
$ checksec --file=./hello --output=json | jq | grep canary
    "canary": "yes",
```
Checksec shows that the property is now enabled. You can also verify this with:
```
$ readelf -W -s ./hello | grep -E '__stack_chk_fail|__intel_security_cookie'
     2: 0000000000000000     0 FUNC    GLOBAL DEFAULT  UND __stack_chk_fail@GLIBC_2.4 (3)
    83: 0000000000000000     0 FUNC    GLOBAL DEFAULT  UND __stack_chk_fail@@GLIBC_2.4
$
```
### 3\. PIE
PIE stands for position-independent executable. As the name suggests, it's code that is placed somewhere in memory for execution regardless of its absolute address:
```
$ checksec --file=/bin/ls --output=json | jq | grep pie
    "pie": "yes",
$ checksec --file=./hello --output=json | jq | grep pie
    "pie": "no",
```
Often, PIE is enabled only for libraries and not for standalone command-line programs. In the output below, `hello` is shown as `LSB executable`, whereas, the `libc` standard library (`.so`) file is marked `LSB shared object`:
```
$ file hello
hello: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=014b8966ba43e3ae47fab5acae051e208ec9074c, for GNU/Linux 3.2.0, not stripped
$ file /lib64/libc-2.32.so
/lib64/libc-2.32.so: ELF 64-bit LSB shared object, x86-64, version 1 (GNU/Linux), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=4a7fb374097fb927fb93d35ef98ba89262d0c4a4, for GNU/Linux 3.2.0, not stripped
```
Checksec tries to find this information with:
```
$ readelf -W -h ./hello | grep EXEC
  Type:                              EXEC (Executable file)
```
If you try the same command on a shared library instead of `EXEC`, you will see a `DYN`:
```
$ readelf -W -h /lib64/libc-2.32.so | grep DYN
  Type:                              DYN (Shared object file)
```
#### Enable PIE
To enable PIE on a test program, send the following arguments to the compiler:
```
`$ gcc -pie -fpie hello.c -o hello`
```
You can verify PIE is enabled using checksec:
```
$ checksec --file=./hello --output=json | jq | grep pie
    "pie": "yes",
$
```
It should show as a PIE executable with the type changed from `EXEC` to `DYN`:
```
$ file hello
hello: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=bb039adf2530d97e02f534a94f0f668cd540f940, for GNU/Linux 3.2.0, not stripped
$ readelf -W -h ./hello | grep DYN
  Type:                              DYN (Shared object file)
```
### 4\. NX
NX stands for "non-executable." It's often enabled at the CPU level, so an operating system with NX enabled can mark certain areas of memory as non-executable. Often, buffer-overflow exploits put code on the stack and then try to execute it. However, making this writable area non-executable can prevent such attacks. This property is enabled by default during regular compilation using `gcc`:
```
$ checksec --file=/bin/ls --output=json | jq | grep nx
    "nx": "yes",
$ checksec --file=./hello --output=json | jq | grep nx
    "nx": "yes",
```
Checksec determines this information with the command below. `RW` towards the end means the stack is readable and writable; since there is no `E`, it's not executable:
```
$ readelf -W -l ./hello | grep GNU_STACK
  GNU_STACK      0x000000 0x0000000000000000 0x0000000000000000 0x000000 0x000000 RW  0x10
```
#### Disable NX for demo purposes
It's not recommended, but you can disable `NX` when compiling a program by using the `-z execstack` argument:
```
$ gcc -z execstack hello.c -o hello
$ checksec --file=./hello --output=json | jq | grep nx
    "nx": "no",
```
Upon compilation, the stack becomes executable (`RWE`), which allows malicious code to execute:
```
$ readelf -W -l ./hello | grep GNU_STACK
  GNU_STACK      0x000000 0x0000000000000000 0x0000000000000000 0x000000 0x000000 RWE 0x10
```
### 5\. RELRO
RELRO stands for Relocation Read-Only. An Executable Linkable Format (ELF) binary uses a Global Offset Table (GOT) to resolve functions dynamically. When enabled, this security property makes the GOT within the binary read-only, which prevents some form of relocation attacks:
```
$ checksec --file=/bin/ls --output=json | jq | grep relro
    "relro": "full",
$ checksec --file=./hello --output=json | jq | grep relro
    "relro": "partial",
```
Checksec finds this information by using the command below. Here, one of the RELRO properties is enabled; therefore, the binary shows "partial" when verifying via checksec:
```
$ readelf -W -l ./hello | grep GNU_RELRO
  GNU_RELRO      0x002e10 0x0000000000403e10 0x0000000000403e10 0x0001f0 0x0001f0 R   0x1
$ readelf -W -d ./hello | grep BIND_NOW
```
#### Enable full RELRO
To enable full RELRO, use the following command-line arguments when compiling with `gcc`:
```
$ gcc -Wl,-z,relro,-z,now hello.c -o hello
$ checksec --file=./hello --output=json | jq | grep relro
    "relro": "full",
```
Now, the second property is also enabled, making the program full RELRO:
```
$ readelf -W -l ./hello | grep GNU_RELRO
  GNU_RELRO      0x002dd0 0x0000000000403dd0 0x0000000000403dd0 0x000230 0x000230 R   0x1
$ readelf -W -d ./hello | grep BIND_NOW
 0x0000000000000018 (BIND_NOW)          
```
### 6\. Fortify
Fortify is another security property, but it's out of scope for this article. I will leave learning how checksec verifies fortify in binaries and how it's enabled with `gcc` as an exercise for you to tackle.
```
$ checksec --file=/bin/ls --output=json | jq  | grep -i forti
    "fortify_source": "yes",
    "fortified": "5",
    "fortify-able": "17"
$ checksec --file=./hello --output=json | jq  | grep -i forti
    "fortify_source": "no",
    "fortified": "0",
    "fortify-able": "0"
```
## Other checksec features
The topic of security is never-ending, and while it's not possible to cover everything here, I do want to mention a few more features of the `checksec` command that make it a pleasure to work with.
### Run against multiple binaries
You don't have to provide each binary to checksec individually. Instead, you can provide a directory path where multiple binaries reside, and checksec will verify all of them for you in one go:
```
`$ checksec --dir=/usr

View File

@ -2,7 +2,7 @@
[#]: via: "https://fedoramagazine.org/install-powershell-on-fedora-linux/"
[#]: author: "TheEvilSkeletonOzymandias42 https://fedoramagazine.org/author/theevilskeleton/https://fedoramagazine.org/author/ozymandias42/"
[#]: collector: "lujun9972"
[#]: translator: " "
[#]: translator: "cool-summer-021"
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "

View File

@ -1,162 +0,0 @@
[#]: subject: "Diagnose connectivity issues with the Linux ping command"
[#]: via: "https://opensource.com/article/21/10/linux-ping-command"
[#]: author: "Seth Kenlon https://opensource.com/users/seth"
[#]: collector: "lujun9972"
[#]: translator: " "
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
Diagnose connectivity issues with the Linux ping command
======
One of the most fundamental diagnostic tools for networked connectivity
is the ping command.
![World locations with red dots with a sun burst background][1]
Networked computers are so common these days that most of us take it for granted that a computer on one side of a room can contact one on the other side of the room, much less the other side of the world. When it works as designed, networking is what makes the Internet, the cloud, file shares, media streaming, remote administration, printing, and much more possible. When something goes wrong, it can sometimes be challenging to diagnose. One of the most fundamental diagnostic tools for networked connectivity is the `ping` command.
### The basic ping
When you can't reach a computer on your local network, or a server on the Internet, you can ping it. A ping sends an Internet Control Message Protocol (ICMP) packet to a destination IP address. ICMP is, by design, a rudimentary format used mostly for diagnostics: It's essentially a call and response signal.
But there's an order to troubleshooting, and it starts as close to home as possible. When in doubt, first ping your own computer to ensure you're running a networking stack. The computer you're operating is also called your _localhost_, and it has a special IP address assigned for speaking to itself: 12.0.0.1.
The `ping`** **command understands the _localhost_ hostname, its IP address, and a shortcut of just `0`.
You can control how many signals you send with the `-c` (as in _count_)** **option.
```
$ ping 0 -c1
PING 0 (127.0.0.1) 56(84) bytes of data.
64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.069 ms
\--- 0 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.069/0.069/0.069/0.000 ms
```
After you've established that your local networking stack is up and running, you can ping your router. The address of a router usually starts with 192,168, or 10. The exact IP address depends on your router's configuration.
When you don't specify how many pings to send, you can stop `ping` from running with **Ctrl**+**C**.
```
$ ping 192.168.0.1 
PING 192.168.0.1 (192.168.0.1) 56(84) bytes of data.
From 192.168.0.100: icmp_seq=2 Redirect Host(New nexthop: 192.168.0.1)
From 192.168.0.100: icmp_seq=3 Redirect Host(New nexthop: 192.168.0.1)
From 192.168.0.100: icmp_seq=4 Redirect Host(New nexthop: 192.168.0.1)
From 192.168.0.100: icmp_seq=5 Redirect Host(New nexthop: 192.168.0.1)
^C
```
If you can reach your router, that means your wired or wireless connection is working. 
What about other hosts on my network? You can ping all kinds of devices. Not all are guaranteed to respond (some devices drop ICMP packets), but many do. For instance, I can ping my printer:
```
`$ ping 192.168.0.4 `
```
### Pinging beyond your network
Beyond establishing that your own network is working as expected, you can also ping out into the wider world beyond your router. Again, not all servers are permitted to receive, much less respond to, ICMP. However, there are some that do, and a vital server to the working of the Internet is a nameserver.
Google's DNS server is relatively easy to remember, and it does respond to pings:
```
$ ping -c 2 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=116 time=53.3 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=116 time=53.5 ms
\--- 8.8.8.8 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1000ms
rtt min/avg/max/mdev = 53.304/53.424/53.544/0.120 ms
```
When a site has apparently disappeared, you might be able to probe the worldwide DNS network to find out what its host server's address is, and then ping that server. This at least tells you whether the host is down or whether it's just a web server issue.
For example, say you're trying unsuccessfully to reach example.com. First, find the IP address using the `host` command:
```
$ host example.com
example.com has address 93.184.216.34
example.com has IPv6 address 2606:2800:220:1:248:1893:25c8:1946
example.com mail is handled by 0
```
And then ping the website's host by IP:
```
`$ ping 93.184.216.34 -c 1`
```
### Ping and IPv6
Ping works over IPv4 as well as IPv6. Using only one of them explicitly can be enforced by specifying `-4` or `-6`. 
### Packet size
You can change the size of the ICMP packets you're sending with the `-s` option. The default packet size is 56, which translates into 64 ICMP data bytes when combined with the 8-byte header. This command sends 43 bytes:
```
`$ ping -s 35 -c 5 8.8.8.8`
```
You can print a timestamp before each ping report in your terminal with the `-D` option. This provides the UNIX epoch time, plus microseconds:
```
$ ping -D 8.8.8.8 
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
[1634013430.297468] 64 bytes from 8.8.8.8: icmp_seq=1 ttl=116 time=53.3 ms
[1634013431.298738] 64 bytes from 8.8.8.8: icmp_seq=2 ttl=116 time=53.1 ms
```
### Ping time
You can change the time interval between pings using the `-i` option. This changes the ping interval to two seconds:
```
`$ ping -s 2 `
```
You can also stop pinging after some value of time (in seconds) with the `-w` option:
```
`$ ping -w 6`
```
### Variants
There are many implementations of ping. The `iputils` package provides a `ping` command, [Busybox ][2]has a `ping` command, and there's one from BSD and others. There's even a GUI for `ping`: Gping is available for Linux, macOS, and Windows. You can find more information for `gping` on [Github][3]. 
### Learn to ping
The `ping` command is simple, but it can be eyes and ears out on the vast expanse that is your network. Next time you have connectivity issues, let `ping` be the first tool you turn to.
--------------------------------------------------------------------------------
via: https://opensource.com/article/21/10/linux-ping-command
作者:[Seth Kenlon][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/seth
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/world_remote_teams.png?itok=Wk1yBFv6 (World locations with red dots with a sun burst background)
[2]: https://opensource.com/article/21/8/what-busybox
[3]: https://github.com/orf/gping

View File

@ -1,256 +0,0 @@
[#]: subject: "Why do domain names sometimes end with a dot?"
[#]: via: "https://jvns.ca/blog/2022/09/12/why-do-domain-names-end-with-a-dot-/"
[#]: author: "Julia Evans https://jvns.ca/"
[#]: collector: "lujun9972"
[#]: translator: " "
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
Why do domain names sometimes end with a dot?
======
Hello! When I was writing the zine [How DNS Works][1] earlier this year, someone asked me why do people sometimes put a dot at the end of a domain name? For example, if you look up the IP for `example.com` by running `dig example.com`, youll see this:
```
$ dig example.com
example.com. 5678 IN A 93.184.216.34
```
`dig` has put a `.` to the end of `example.com` now its `example.com.`! Whats up with that?
Also, some DNS tools require domains to have a `"."` at the end: if you try to pass `example.com` to [miekg/dns][2], like this, itll fail:
```
// trying to send this message will return an error
m := new(dns.Msg)
m.SetQuestion("example.com", dns.TypeA)
```
Originally I thought I knew the answer to this (“uh, the dot at the end means the domain is fully qualified?“). And thats true a fully qualified domain name is a domain with a “.” at the end!
But that doesnt explain _why_ dots at the end are useful or important.
### in a DNS request/response, domain names dont have a trailing “.”
I once (incorrectly) thought the answer to “why is there a dot at the end?” might be “In a DNS request/response, domain names have a “.” at the end, so we put it in to match what actually gets sent/received by your computer”. But thats not true at all!
When a computer sends a DNS request or response, the domain names in it dont have a trailing dot. Actually, the domain names dont have _any_ dots.
Instead, theyre encoded as a series of length/string pairs. For example, the domain `example.com` is encoded as these 13 bytes:
```
7example3com0
```
So there are no dots at all. Instead, an ASCII domain name (like “example.com”) gets translated into the format used in a DNS request / response by various DNS software.
So lets talk about one place where domain names are translated into DNS responses: zone files.
### the trailing “.” in zone files
One way that some people manage DNS records for a domain is to create a text file called a “zone file” and then configure some DNS server software (like `nsd` or `bind`) to serve the DNS records specified in that zone file.
Heres an imaginary zone file for `example.com`:
```
orange 300 IN A 1.2.3.4
fruit 300 IN CNAME orange
grape 3000 IN CNAME example.com.
```
In this zone file, anything that doesnt end in a `"."` (like `"orange"`) gets `.example.com` added to it. So `"orange"` is shorthand for `"orange.example.com"`. The DNS server knows from its configuration that this is a zone file for `example.com`, so it knows to automatically append `example.com` at the end of any name that doesnt end with a dot.
I assume the idea here is just to save typing you could imagine writing this zone file by fully typing out all of the domain names:
```
orange.example.com. 300 IN A 1.2.3.4
fruit.example.com. 300 IN CNAME orange.example.com.
grape.example.com. 3000 IN CNAME example.com.
```
But thats a lot of typing.
### you dont need zone files to use DNS
Even though the zone file format is defined in the official DNS RFC ([RFC 1035][3]), you dont have to use zone files at all to use DNS. For example, AWS Route 53 doesnt use zone files to store DNS records! Instead you create records through the web interface or API, and I assume they store records in some kind of database and not a bunch of text files.
Route 53 (like many other DNS tools) does support importing and exporting zone files though and it can be a good way to migrate records from one DNS provider to another.
### the trailing “.” in dig
Now, lets talk about `dig`s output:
```
$ dig example.com
; <<>> DiG 9.18.1-1ubuntu1.1-Ubuntu <<>> +all example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 10712
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;example.com. IN A
;; ANSWER SECTION:
example.com. 81239 IN A 93.184.216.34
```
One weird thing about this is that almost every line starts with a `;;`. Whats up with that? Well `;` is the comment character in zone files!
So I think the reason that dig prints out its output in this weird way is so that if you wanted, you could just paste this into a zone file and have it work without any changes.
This also explains why theres a `.` at the end of `example.com.` zone files require a trailing dot at the end of a domain name (because otherwise theyre interpreted as being relative to the zone). So `dig` does too.
I really wish dig had a `+human` flag that printed out all of this information in a more human readable way, but for now Im too lazy to put in the work to actually contribute code to do that (and Im a pretty bad C programmer) so Ill just complain about it on my blog instead :)
### the trailing `"."` in curl
Lets talk about another case where the trailing `"."` shows up: curl!
One of the computers in my house is called “grapefruit”, and its running a webserver. Heres what happens if I run `curl grapefruit`:
```
$ curl grapefruit
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
```
It works! Cool. But what happens if I add a `.` at the end? Suddenly it doesnt work:
```
$ curl grapefruit.
curl: (6) Could not resolve host: grapefruit.
```
Whats going on? To understand, we need to learn about search domains:
### meet search domains
When I run `curl grapefrult`, how does that get translated into a DNS request? You might think that my computer would send a request for the domain `grapefruit`, right? But thats not true.
Lets use `tcpdump` to see what domain is actually being looked up:
```
$ sudo tcpdump -i any port 53
[...] A? grapefruit.lan. (32)
```
Its actually sending a request for `grapefruit.lan`. Whats up with that?
Well, whats going on is that:
1. To look up `grapefruit`, `curl` calls a function called `getaddrinfo`
2. `getaddrinfo` looks in a file on my computer called `/etc/resolv.conf`
3. `/etc/resolv.conf` contains these 2 lines:
```
nameserver 127.0.0.53
search lan
```
4. Because it sees `search lan`, `getaddrinfo` adds a `lan` at the end of `grapefruit` and looks up `grapefruit.lan` instead
### when are search domains used?
Now we know something weird: that when we look up a domain, sometimes an extra thing (like `lan`) will be added to the end. But when does that happen?
1. If we put a `"."` at the **end** of the domain (like `curl grapefruit.`, then search domains arent used
2. If the domain has an `"."` **inside** it (like `example.com` has a dot in it), then by default search domains arent used either. But this can be changed with configuration (see this blog post about [ndots][4] that talks about this more)
So now we know why `curl grapefruit.` has different results than `curl grapefruit` its because one looks up the domain `grapefruit.` and the other one looks up `grapefruit.lan.`
### how does my computer know what search domain to use?
When I connect to my router, it tells me that its search domain is `lan` with DHCP its the same way that my computer gets assigned an IP address.
### so why do people put a dot at the end of domain names?
Now that we know about zone files and search domains, heres why I think people like to put dots at the end of a domain name.
There are two contexts where domain names are modified and get something else added to the end:
* in a zone file for `example.com`, `grapefruit` get translated to `grapefruit.example.com`
* on my local network (with my computer configured to use the search domain `lan`), `grapefruit` gets translated to `grapefruit.lan`
So because domain names can actually be translated to something else in some cases, people like to put a `"."` at the end to communicate “THIS IS THE DOMAIN NAME, NOTHING GETS ADDED AT THE END, THIS IS THE WHOLE THING”. Because otherwise it can get confusing.
The technical term for “THIS IS THE WHOLE THING” is **“fully qualified domain name”** or **“FQDN”**. So `google.com.` is a fully qualified domain name, and `google.com` isnt.
I always have to remind myself for the reasons for this because I rarely use zone files or search domains, so I often feel like “of course I mean `google.com` and not `google.com.something.else`! Why would I mean anything else?? Thats silly!”
But some people do use zone files and search domains (search domains are used in Kubernetes, for example!), so the “.” at the end is useful to make it 100% clear that nothing else should be added.
### when to put a “.” at the end?
Here are a couple of quick notes about when to put a “.” at the end of your domain names:
**Yes: when configuring DNS**
Its never bad to use fully qualified domain names when configuring DNS. You dont always have to: a non-fully-qualified domain name will often work just fine as well, but Ive never met a piece of DNS software that wouldnt accept a fully qualified domain name.
And some DNS software requires it: right now the DNS server I use for `jvns.ca` makes me put a `"."` at the end of domains names (for example in CNAME records) and warns me otherwise itll append `.jvns.ca` to whatever I typed in. I dont agree with this design decision but its not a big deal, I just put a “.” at the end.
**No: in a browser**
Confusingly, it often _doesnt_ work to put a `"."` at the end of a domain name in a browser! For example, if I type `https://twitter.com.` into my browser, it doesnt work! It gives me a 404.
I think whats going on here is that its setting the HTTP Host header to `Host: twitter.com.` and the web server on the other end is expecting `Host: twitter.com`.
Similarly, `https://jvns.ca.` gives me an SSL error for some reason.
### I think relative domain names used to be more common
One last thing: I think that “relative” domain names (like me using `grapefruit` to refer to the other computer in my house, `grapefruit.lan`) used to be more commonly used, because DNS was developed in the context of universities or other big institutions which have big internal networks.
On the internet today, it seems like its more common to use “absolute” domain names (like `example.com`).
--------------------------------------------------------------------------------
via: https://jvns.ca/blog/2022/09/12/why-do-domain-names-end-with-a-dot-/
作者:[Julia Evans][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://jvns.ca/
[b]: https://github.com/lujun9972
[1]: https://wizardzines.com/zines/dns/
[2]: https://github.com/miekg/dns
[3]: https://www.rfc-editor.org/rfc/rfc1035#section-4.1.1
[4]: https://pracucci.com/kubernetes-dns-resolution-ndots-options-and-why-it-may-affect-application-performances.html

View File

@ -1,335 +0,0 @@
[#]: subject: "Execute Commands On Remote Linux Systems Via SSH"
[#]: via: "https://ostechnix.com/execute-commands-on-remote-linux-systems-via-ssh/"
[#]: author: "sk https://ostechnix.com/author/sk/"
[#]: collector: "lkxed"
[#]: translator: "MjSeven"
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
Execute Commands On Remote Linux Systems Via SSH
======
Invoking Commands Or Programs On Remote Machines Over A Secure Network Connection
The other day I was testing how to [keep file permissions intact while copying files or directories][1] to multiple locations and systems. When I wanted to check the file permissions on a remote system, I had to login to that system over SSH and check the attributes. The process of login and log-out from the remote system multiple times was bit annoying to me. I thought it would be better if I could **execute commands on remote Linux systems via SSH**.
Fortunately, I found a workaround to invoke commands and programs on a remote machine over a secure network connection after skimming through the man pages of `ssh` command.
If you ever wondered how to run a command or script on a remote system from your local system itself without logging in to that remote system, here is how to do it.
#### Contents
1. 1. Execute Commands On Remote Linux Systems Via SSH 2. 1.1. Run A Single Command On Remote Systems Over SSH 3. 1.2. Execute Multiple Commands On Remote Hosts Via SSH 4. 1.3. Invoke Commands With Sudo Privileges On Remote Machines Over SSH 5. 1.4. Run Local Scripts On Remote Systems Via SSH 6. 1.5. Save Command Output From Remote Host To Local Host 7. 1.6. Configure SSH Key-based Authentication To Avoid Password Typing
8. 2. Use sshpass While Running Commands On Remote Machines Over SSH 9. 2.1. What Is sshpass? 10. 2.2. Install sshpass In Linux 11. 2.3. Execute Commands On Remote Machines Over SSH With sshpass
12. Conclusion
### 1. Execute Commands On Remote Linux Systems Via SSH
The typical way to run a command or script on a remote system over SSH from the local system is:
```
$ ssh <username@IP_Address-or-Doman_name> <Command-or-Script>
```
Allow me to show you some examples.
#### 1.1. Run A Single Command On Remote Systems Over SSH
Let us say you want to [find Kernel details][2] of your remote Linux system. To do so, simply, run:
```
$ ssh sk@192.168.225.22 uname -a
```
Here,
* sk is the username of my remote system,
* 192.168.225.22 is the IP address of the remote system,
* And `"uname -a"` is the command that I want to run on the remote system from my local system.
**Sample output:**
![Execute Commands On Remote Linux Systems Via SSH][3]
See? I haven't actually logged-in to the remote system, but executed the `uname` command on the remote system over SSH and displayed the output in my local system's Terminal.
You can also specify the command in quotes like below.
```
$ ssh sk@192.168.225.22 "uname -a"
```
Or,
```
$ ssh sk@192.168.225.22 'uname -a'
```
If you have [changed default port of SSH protocol][4], just mention it using **-p** parameter like below.
```
$ ssh -p 2200 sk@192.168.225.22 uname -a
```
#### 1.2. Execute Multiple Commands On Remote Hosts Via SSH
You can also run multiple commands on a remote host by specifying them within quotes like below.
```
$ ssh sk@192.168.225.22 "uname -r && lsb_release -a"
```
Or,
```
$ ssh sk@192.168.225.22 "uname -r ; lsb_release -a"
```
The above commands will display the Kernel version and distribution details of my Ubuntu server.
**Sample output:**
![Run Multiple Commands On Remote Hosts Over SSH On Linux][5]
As one one of our reader mentioned in the comment section below, you should specify multiple commands in quotes. If you don't use quotes, the first command will execute on the remote system and second command will be evaluated on local machine only. The whole command in quotes will be processed remotely as intended.
#### 1.3. Invoke Commands With Sudo Privileges On Remote Machines Over SSH
Some commands requires `"sudo"` privileges to run. For instance, the following command will install **Vim** on my remote system.
```
$ ssh -t sk@192.168.225.22 sudo apt install apache2
```
**Sample output:**
![Run Commands With Sudo Privileges On Remote Machines Over SSH][6]
Did you notice? I have used **-t** flag in the above command. We need to mention this **-t** flag to force pseudo-terminal allocation. This can be used to execute arbitrary screen-based programs on a remote machine, which can be very useful, e.g. when implementing menu services.
Also, I have entered password **twice**. The first time I entered the password of the remote user to access the remote system over SSH from my local system and the second password is required to give sudo permission to the remote user to install application (i.e. apache2 in this case) on the remote system.
Let us check if the Apache service is running using command:
```
$ ssh -t sk@192.168.225.22 sudo systemctl status apache2
sk@192.168.225.22's password:
[sudo] password for sk:
● apache2.service - The Apache HTTP Server
Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
Drop-In: /lib/systemd/system/apache2.service.d
└─apache2-systemd.conf
Active: active (running) since Thu 2019-12-19 11:08:03 UTC; 52s ago
Main PID: 5251 (apache2)
Tasks: 55 (limit: 2318)
CGroup: /system.slice/apache2.service
├─5251 /usr/sbin/apache2 -k start
├─5253 /usr/sbin/apache2 -k start
└─5254 /usr/sbin/apache2 -k start
Dec 19 11:08:03 ubuntuserver systemd[1]: Starting The Apache HTTP Server...
Dec 19 11:08:03 ubuntuserver apachectl[5227]: AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 2409:4072:51f:a1b6:a00:27ff:f
Dec 19 11:08:03 ubuntuserver systemd[1]: Started The Apache HTTP Server.
```
Similarly, we can run any command or script on a remote system over SSH from the local system.
#### 1.4. Run Local Scripts On Remote Systems Via SSH
Let us a create a simple script on our local system to display all the available information about your remote system's distribution name, package management and base details etc.
```
$ vi system_information.sh
```
Add the following lines:
```
#!/bin/bash
#Name: Display System Details
#Owner: OSTechNIx
#----------------------------
echo /etc/*_ver* /etc/*-rel*; cat /etc/*_ver* /etc/*-rel*
```
Press **ESC** key and type **:wq** to save the file and exit.
Now run this script on your remote system over SSH using command:
```
$ ssh sk@192.168.225.22 'bash -s' < system_information.sh
```
**Sample output:**
```
sk@192.168.225.22's password:
/etc/debian_version /etc/lsb-release /etc/os-release
buster/sid
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=18.04
DISTRIB_CODENAME=bionic
DISTRIB_DESCRIPTION="Ubuntu 18.04.2 LTS"
NAME="Ubuntu"
VERSION="18.04.2 LTS (Bionic Beaver)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 18.04.2 LTS"
VERSION_ID="18.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=bionic
UBUNTU_CODENAME=bionic
```
If you don't specify `'bash -s'` in the above command, you will get the details of the remote system but Pseudo-terminal will not be allocated.
#### 1.5. Save Command Output From Remote Host To Local Host
This can be useful if you want to share the output of a command that you run on the remote system over SSH with your support team or colleague.
The following command will run **"du -ah"** on your remote system over SSH and save the output in **diskusage.txt** file in your local system.
```
$ ssh sk@192.168.225.22 du -ah > diskusage.txt
```
You can then analyze the disk usage details by viewing the `diskusage.txt` file using **cat** command or text viewers.
```
$ cat diskusage.txt
4.0K ./.profile
4.0K ./.gnupg/private-keys-v1.d
8.0K ./.gnupg
76K ./data/image.jpg
128K ./data/file.pdf
20K ./data/text.docx
5.9M ./data/audio.mp3
6.1M ./data
0 ./.sudo_as_admin_successful
4.0K ./pacman?inline=false
4.0K ./.bash_logout
4.0K ./.wget-hsts
4.0K ./.bash_history
0 ./.cache/motd.legal-displayed
4.0K ./.cache
4.0K ./deb-pacman_1.0-0.deb
4.0K ./.bashrc
6.2M .
```
#### 1.6. Configure SSH Key-based Authentication To Avoid Password Typing
If you run commands on remote systems often, you may want to configure SSH key-based authentication to skip password typing every time. More details can be found in the following link.
* [How To Configure SSH Key-based Authentication In Linux][7]
After configuring SSH key-based authentication, we can execute commands on Remote machines over SSH without entering the password:
```
$ ssh sk@192.168.225.22 sudo apt update
```
### 2. Use sshpass While Running Commands On Remote Machines Over SSH
If you don't want to configure SSH key-based authentication, you can use **sshpass** utility to run commands on remote machines via without entering password.
#### 2.1. What Is sshpass?
The sshpass utility is designed for running ssh using the keyboard-interactive password authentication mode, but in non-interactive way. To put this in simple terms - sshpass offers non-interactive way to authenticate a SSH session.
SSH uses direct TTY access to make sure that the password is indeed issued by an interactive keyboard user. Sshpass runs ssh in a dedicated tty, fooling it into thinking it is getting the password from an interactive user.
#### 2.2. Install sshpass In Linux
The sshpass utility is available in the default repositories of many Linux distributions. For instance, you can use the following command to install sshpass in Debian, Ubuntu and its derivatives:
```
$ sudo apt install sshpass
```
#### 2.3. Execute Commands On Remote Machines Over SSH With sshpass
sshpass can accept password as an argument, or read the password via an environment variable, or read the password from a text file.
**A word of caution:** All of these methods are **highly insecure**. All system users can see the password in the commands by simply issuing the **ps** command. It is **NOT RECOMMENDED** to use these methods in production. It is better to use key-based authentication instead.
Let us see examples for each method.
**Provide Password as an argument:**
To provide password as an argument, use `-p` option like below.
```
$ sshpass -p <remote-password> ssh remoteuser@ip-address <command-to-execute>
```
**Example:**
```
$ sshpass -p ubuntu ssh ostechnix@192.168.1.30 uname -a
```
Here,
* -p ubuntu - provides the password for the remote system.
* ostechnix@192.168.1.30 - Remote username and IP address.
* 'uname -a' - Command to execute on the remote machine.
**Sample output:**
```
Linux Ubuntu22CT 5.15.60-1-pve #1 SMP PVE 5.15.60-1 (Mon, 19 Sep 2022 17:53:17 +0200) x86_64 x86_64 x86_64 GNU/Linux
```
**Provide Password as an Environment variable:**
In this method, we declare an environment variable called **SSHPASS** with the remote system's password as its value. And then we provide the password with **-e** flag like below:
```
$ SSHPASS=ubuntu sshpass -e ssh ostechnix@192.168.1.30 uname -a
```
**Read Password from a text file:**
Append the password in a text file with echo command:
```
$ echo "ubuntu" > mypassword.txt
```
Now, pass the password file to sshpass lwith **-f**flag like below:
```
$ sshpass -f mypassword.txt ssh ostechnix@192.168.1.30 uname -a
```
![Execute Commands On Remote Machines Over SSH With sshpass][8]
### Conclusion
In this tutorial, we learned a few methods to invoke a command or program on a remote machine over a secure network connection. Among all the methods, the sshpass method is least secure. The users are encouraged to avoid using sshpass in production systems.
--------------------------------------------------------------------------------
via: https://ostechnix.com/execute-commands-on-remote-linux-systems-via-ssh/
作者:[sk][a]
选题:[lkxed][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://ostechnix.com/author/sk/
[b]: https://github.com/lkxed
[1]: https://ostechnix.com/how-to-keep-ownership-and-file-permissions-intact-when-copying-files-or-directories/
[2]: https://ostechnix.com/find-out-the-linux-distribution-name-version-and-kernel-details/
[3]: https://ostechnix.com/wp-content/uploads/2019/12/Execute-Commands-On-Remote-Linux-Systems-Via-SSH.gif
[4]: https://ostechnix.com/how-to-change-apache-ftp-and-ssh-default-port-to-a-custom-port-part-3/
[5]: https://ostechnix.com/wp-content/uploads/2019/12/Run-multiple-commands-on-remote-systems-via-SSH-on-Linux.png
[6]: https://ostechnix.com/wp-content/uploads/2019/12/Run-commands-with-sudo-privileges-on-remote-systems-via-SSH.png
[7]: https://ostechnix.com/configure-ssh-key-based-authentication-linux/
[8]: https://ostechnix.com/wp-content/uploads/2022/09/Execute-Commands-On-Remote-Machines-Over-SSH-With-sshpass.png

View File

@ -1,315 +0,0 @@
[#]: subject: "13 Independent Linux Distros That are Built From Scratch"
[#]: via: "https://itsfoss.com/independent-linux-distros/"
[#]: author: "sreenath https://itsfoss.com/author/sreenath/"
[#]: collector: "lkxed"
[#]: translator: " "
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
13 Independent Linux Distros That are Built From Scratch
======
There are hundreds of Linux distributions available.
But most of them fall into these three categories: Debian, Red Hat (Fedora) and Arch Linux.
Using a distribution based on Debian/Ubuntu, Red Hat/SUSE or Arch Linux has its advantages. They are popular and hence their package manager offers a huge range of software.
However, some users prefer to use Linux distributions built from scratch and be independent of DEB/RPM packaging system.
In this article, we will list some of the best Linux distributions developed independently.
**Note:** Obviously, this list excludes popular options like Debian, Ubuntu, and Fedora, which are used as bases for creating new distros. Moreover, the distributions are in no particular order of ranking.
### 1. NixOS
![Image Credits: Distrowatch][1]
Initially released in 2003, Nix OS is built on top of the Nix Package Manager. It provides two releases every year, usually scheduled in May and November.
NixOS may not be a distribution directly geared to new and average users. However, its unique approach to [package management][2] attracts various kinds of users.
Additionally, 32-bit support systems are also supported.
##### Other Features:
* Builds packages isolated
* Reliable upgrade with rollback feature
* Reproducible system configuration
[NixOS][3]
**Related**: [Advanced Linux Distributions for Expert Linux Users][4]
### 2. Gentoo Linux
![Image Credits: Distrowatch][5]
Gentoo Linux is an independently developed distribution aimed mainly at system experts. It is built for users who want the freedom to customize, fine-tune and optimize the operating system to suit their requirements.
Gentoo uses [Portage package management][6] that lets you create and install packages, often allowing you to optimize them for your hardware. **Chromium OS**, the open-source version of Chrome OS, uses Gentoo at its core.
Not to forget, Gentoo is one of those [distributions that still support 32-bit architectures][7].
##### Other Features:
* Incremental Updates
* Source-based approach to software management
* Concept of overlay repositories like GURU (Gentoos user repository), where users can add packages not yet provided by Gentoo
[Gentoo Linux][8]
### 3. Void Linux
![Image Credits: Distrowatch][9]
Void Linux is a [rolling release distribution][10] with its own X Binary Package System (XBPS) for installing and removing software. It was created by **Juan Romero Pardines**, a former NetBSD developer.
It avoids systemd and instead uses runit as its init system. Furthermore, it gives you the option to use several [desktop environments][11].
##### Other Features:
* Minimal system requirements
* Offers an official repository for non-free packages
* Support for Raspberry Pi
* Integration of OpenBSDs LibreSSL software
* Support for musl C library
* 32-bit support
[Void Linux][12]
**Related:** [Not a Systemd Fan? Here are 13+ Systemd-Free Linux Distributions][13]
### 4. Solus Linux
![solus budgie 2022][14]
Formerly EvolveOS, Solus Linux offers some exciting features while built from scratch. Solus features its own homegrown budgie desktop environment as its flagship version.
Compared to other options, Solus Linux is one of the few independent distributions that new Linux users can use. It manages to be one of the [best Linux distributions][15] available.
It uses eopkg package management with a semi-rolling release model. As per the developers, Solus is exclusively developed for personal computing purposes.
##### Other Features:
* Available in Budgie, Gnome, MATE, and KDE Plasma editions
* Variety of software out of the box, which reduces setup efforts
[Solus Linux][16]
### 5. Mageia
![Image Credits: Distrowatch][17]
Mageia started as a fork of Mandriva Linux back in 2010. It aims to be a stable and secure operating system for desktop and server usage.
Mageia is a community-driven project supported by a non-profit organization and elected contributors. You will notice a major release every year.
##### Other Features
* Supports 32-bit system
* KDE Plasma, Gnome, and XFCE editions are available from the website
* Minimal system requirements
[Mageia][18]
**Related:** **[Linux Distros That Still Support 32-Bit Systems][19]**
### 6. Clear Linux
![Image Credits: Distrowatch][20]
Clear Linux is a distribution by Intel, primarily designed with performance and cloud use cases in mind.
One interesting thing about Clear Linux is the operating system upgrades as a whole rather than individual packages. So, even if you mess up with the system accidentally, it should boot correctly, performing a factory reset to let you set it up again.
It is not geared toward personal use. But it can be a unique choice to try.
##### Other Features:
* Highly tuned for Intel platforms
* A strict separation between User and System files
* Constant vulnerability scanning
[Clear Linux OS][21]
### 7. PCLinuxOS
![Image Credits: Distrowatch][22]
PCLinuxOS is an x86_64 Linux distribution that uses APT-RPM packages. You can get KDE Plasma, Mate, and XFCE desktops, while it also offers several community editions featuring more desktops.
Locally installed versions of PCLinuxOS utilize the APT package management system thanks to [Synaptic package manager][23]. You can also find rpm packages from its repositories.
##### Other Features:
* mylivecd script allows the user to take a snapshot of their current hard drive installation (all settings, applications, documents, etc.) and compress it into an ISO CD/DVD/USB image.
* Additional support for over 85 languages.
[PCLinuxOS][24]
### 8. 4MLinux
![4m linux 2022][25]
[4MLinux][26] is a general-purpose Linux distribution with a strong focus on the following four **“M”**  of computing:
* Maintenance (system rescue Live CD)
* Multimedia (full support for a huge number of image, audio and video formats)
* Miniserver (DNS, FTP, HTTP, MySQL, NFS, Proxy, SMTP, SSH, and Telnet)
* Mystery (meaning a collection of classic Linux games)
It has a minimal system requirement and is available as a desktop and server version.
##### Other Features
* Support for large number of image, audio/video formats
* Small and general-purpose Linux distribution
[4MLinux][27]
### 9. Tiny Core Linux
![Image Credits: Distrowatch][28]
Tiny Core Linux focuses on providing a base system using BusyBox and FLTK. It is not a complete desktop. So, you do not expect it to run on every system.
It represents only the core needed to boot into a very minimal X desktop, typically with wired internet access.
The user gets great control over everything, but it may not be an easy out-of-the-box experience for new Linux users.
##### Other Features
* Designed to run from a RAM copy created at boot time
* By default, operates like a cloud/internet client
* Users can run appbrowser to browse repositories and download applications
[Tiny Core Linux][29]
### 10. Linux From Scratch
![Image Credit: Reddit][30]
[Reddit][31]
Linux From Scratch is a way to install a working Linux system by building all its components manually. Once completed, it provides a compact, flexible and secure system and a greater understanding of the internal workings of the Linux-based operating systems.
If you need to dive deep into how a Linux system works and explore its nuts and bolts, Linux From Scratch is the project you need to try.
##### Other Features
* Customised Linux system, entirely from scratch
* Extremely flexible
* Offers added security because of self compile from source
[Linux From Scratch][32]
### 11. Slackware
![Image Credits: Distrowatch][33]
Slackware is the oldest distribution that is still being maintained. Originally created in 1993, with Softlanding Linux System as base, Slackware later became the base for many Linux distributions.
Slackware aims at producing the most UNIX-like Linux distribution while keeping simplicity and stability.
##### Other Features
* Available for 32-bit and 64-bit systems
* Extensive online documentation
* Can run on Pentium system to latest machines
[Slackware][34]
### 12. Alpine Linux
![alpine linux xfce 2022][35]
Alpine Linux is a community-developed operating system designed for routers, firewalls, VPNs, VoIP boxes, and servers. It began as a fork of the LEAF Project.
Alpine Linux uses apk-tools package management, initially written as a shell script and later written in C programming language. This is a minimal Linux distribution, which still supports 32-bit systems and can be installed as a run-from-RAM operating system.
##### Other Features:
* Provides a minimal container image of just 5 MB in size
* 2-year support for the main repository and support until the next stable release for the community repository
* Made around musl libc and Busybox with resource-efficient containers
[Alpine Linux][36]
### 13. KaOS
![Image Credits: Distrowatch][37]
KaOS is a Linux distribution built from scratch and inspired by Arch Linux. It uses [pacman for package management][38]. It is built with the philosophy “*One Desktop Environment (KDE Plasma), One Toolkit (Qt), One Architecture (x86_64)*“.
It has limited repositories, but still, it offers plenty of tools for a regular user.
##### Other Features:
* Most up-to-date Plasma desktop
* Tightly integrated rolling and transparent distribution for the modern desktop
[KaOS][39]
#### Wrapping Up
If you need a unique experience, these independent Linux distributions should serve the purpose.
However, if you want to replace it with a mainstream distribution like Ubuntu for your desktop…You might want to think twice, considering most of the options (if not all) above are not ideal options for day-to-day desktop usage.
But then again, if you have a fair share of experience with Linux distributions, you can undoubtedly take up the task for an adventure!
*If you were to try one of these indie distros, which one would it be? Share with us in the comments.*
--------------------------------------------------------------------------------
via: https://itsfoss.com/independent-linux-distros/
作者:[sreenath][a]
选题:[lkxed][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://itsfoss.com/author/sreenath/
[b]: https://github.com/lkxed
[1]: https://itsfoss.com/wp-content/uploads/2022/10/nixos-2022.png
[2]: https://itsfoss.com/package-manager/
[3]: https://nixos.org/
[4]: https://itsfoss.com/advanced-linux-distros/
[5]: https://itsfoss.com/wp-content/uploads/2022/08/gentoo-linux-plasma.jpg
[6]: https://wiki.gentoo.org/wiki/Portage
[7]: https://itsfoss.com/32-bit-linux-distributions/
[8]: https://www.gentoo.org/
[9]: https://itsfoss.com/wp-content/uploads/2022/08/void-linux.jpg
[10]: https://itsfoss.com/rolling-release/
[11]: https://itsfoss.com/best-linux-desktop-environments/
[12]: https://voidlinux.org/
[13]: https://itsfoss.com/systemd-free-distros/
[14]: https://itsfoss.com/wp-content/uploads/2022/10/solus-budgie-2022.jpg
[15]: https://itsfoss.com/best-linux-distributions/
[16]: https://getsol.us/home/
[17]: https://itsfoss.com/wp-content/uploads/2022/08/mageia-1.jpg
[18]: https://www.mageia.org/en/
[19]: https://itsfoss.com/32-bit-linux-distributions/
[20]: https://itsfoss.com/wp-content/uploads/2022/08/clear-linux-desktop.png
[21]: https://clearlinux.org/
[22]: https://itsfoss.com/wp-content/uploads/2022/08/pclinuxos.png
[23]: https://itsfoss.com/synaptic-package-manager/
[24]: https://www.pclinuxos.com/
[25]: https://itsfoss.com/wp-content/uploads/2022/10/4m-linux-2022.jpg
[26]: https://itsfoss.com/4mlinux-review/
[27]: http://4mlinux.com/
[28]: https://itsfoss.com/wp-content/uploads/2022/03/tinycore.jpg
[29]: http://www.tinycorelinux.net/
[30]: https://itsfoss.com/wp-content/uploads/2022/08/enable-aur-e1659974408774.png
[31]: https://www.reddit.com/r/linuxmasterrace/comments/udi7ts/decided_to_try_lfs_in_a_vm_started_about_a_week/
[32]: https://www.linuxfromscratch.org/
[33]: https://itsfoss.com/wp-content/uploads/2022/10/slackware-scaled.jpg
[34]: http://www.slackware.com/
[35]: https://itsfoss.com/wp-content/uploads/2022/10/alpine-linux-xfce-2022.png
[36]: https://www.alpinelinux.org/
[37]: https://itsfoss.com/wp-content/uploads/2022/08/kaos-desktop.png
[38]: https://itsfoss.com/pacman-command/
[39]: https://kaosx.us/

View File

@ -1,56 +0,0 @@
[#]: subject: "4 open source editors I use for my writing"
[#]: via: "https://opensource.com/article/22/10/open-source-editors"
[#]: author: "Alan Formy-Duval https://opensource.com/users/alanfdoss"
[#]: collector: "lkxed"
[#]: translator: "Donkey-Hao"
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
4 open source editors I use for my writing
======
I've done a lot of writing throughout my career, mostly as an IT consultant creating product documentation as client deliverables. These documents generally provide instructions on installing various operating systems and software products.
Since 2018, I've contributed to opensource.com with articles about open source software. Of course, I use open source editors to write my pieces. Here are the four open source editors that I have used.
### 1. Vi
[Vi][1], also referred to as Vim, is the first open source editor that I learned. This was the editor taught by my computer science classes and that I used for all of my C programming. I have used it as my de facto command line editor since the mid-1990s. There are so many iterations of this tool that I could write a whole series on them. Suffice it to say that I stick to its basic command line form with minimal customization for my daily use.
### 2. LibreOffice Writer
Writer is part of the open source LibreOffice office suite. It is a full-featured word processor maintained by The Document Foundation. It supports industry-standard formats such as the Open Document Format (ODF), Open XML, and MS Office DOC, DOCX. [Learn more about Writer][2] on its official site.
### 3. Ghostwriter
Ghostwriter is a [text editor for Markdown][3]. It has a nice real-time viewer and syntax guide or cheat sheet feature. [Visit the official website][4] to discover more.
### 4. Gedit
Gedit is the basic graphical editor found in many Linux distributions and is described as "a small and lightweight text editor for the GNOME desktop." I have begun using it lately to create articles in the Asciidoc format. The benefit of using Asciidoc is that the syntax is easily manageable and importable into web rendering systems such as Drupal. [See the Gedit Wiki][5] for many tips and tricks.
### Editing text
An extensive list of editing software is available in the open source world. This list will likely grow as I continue writing. The primary goal for me is simplicity in formatting. I want my articles to be easy to import, convert, and publish in a web-focused platform.
Your writing style, feature needs, and target audience will guide you in determining your preferred tools.
--------------------------------------------------------------------------------
via: https://opensource.com/article/22/10/open-source-editors
作者:[Alan Formy-Duval][a]
选题:[lkxed][b]
译者:[Donkey-Hao](https://github.com/Donkey-Hao)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/alanfdoss
[b]: https://github.com/lkxed
[1]: https://opensource.com/article/20/12/vi-text-editor
[2]: https://www.libreoffice.org/discover/writer/
[3]: https://opensource.com/article/21/10/markdown-editors
[4]: https://github.com/KDE/ghostwriter
[5]: https://wiki.gnome.org/Apps/Gedit

View File

@ -0,0 +1,96 @@
[#]: subject: "Whats new in Fedora Workstation 37"
[#]: via: "https://fedoramagazine.org/whats-new-fedora-37-workstation/"
[#]: author: "Merlin Cooper https://fedoramagazine.org/author/mxanthropocene/"
[#]: collector: "lujun9972"
[#]: translator: "geekpi"
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
Whats new in Fedora Workstation 37
======
![][1]
Fedora Workstation 37 is the latest version of the Fedora Projects desktop operating system, made by a worldwide community dedicated to pushing forward innovation in open source. This article describes some of the new user-facing features in Fedora Workstation 37. Upgrade today from GNOME Software, or by using _[dnf system-upgrade][2]_ in your favourite terminal emulator!
### GNOME 43
Fedora Workstation 37 features the latest version of the GNOME desktop environment which sees more core applications ported to GTK 4, user interface tweaks, and performance tune-ups. Check out the [GNOME 43 release notes][3] for more information!
#### Redesigned Quick Settings menu
![No need to open Settings just to change to and from Dark Mode][4]
The new Quick Settings menu offers more control and convenience. You can now easily switch your Wi-Fi network in the menu instead of being taken to a full-screen dialogue box, change between default and dark modes, and enable Night Light without opening the Settings app. A convenient button for taking screenshots and screencasts is also now present.
#### Core applications
The GNOME core applications included in Fedora Workstation 37 have seen a round of tweaks and improvements.
* Files has been ported to GTK 4, and the user interface has seen many improvements. Here are just some of them:
* It is now adaptive meaning it automatically adjusts to a narrower size, making better use of the available space.
* The list view has been re-architected to make rubber-band selections easier.
* The “Properties” and “Open With…” dialogues have been redesigned.
![Rubber-band selection in Files 43][5]
* Calendar features a new sidebar that shows your upcoming events at a glance. It, along with Contacts, now feature adaptive user interfaces.
* Characters now shows you different skin tone, hair colour, and gender options for emoji.
* The package source selector in Software has been redesigned and moved to a more visible location.
* Maps has been ported to GTK 4.
* Settings includes a new Device Security panel, allowing you to easily see the hardware security features your devices offers or lacks!
![Uh oh!][6]
### New supplemental default wallpapers
Fedora Workstation 37 ships with a new set of supplemental wallpapers. [See how they were made here!][7]
![The six new wallpapers come in both light and dark variants][8]
### Under-the-hood changes throughout Fedora Linux 37
Fedora Linux 37 features many under-the-hood changes. Here are some notable ones:
* The Raspberry Pi 4 single-board computer is now officially supported, including 3D acceleration!
* New installs on BIOS systems will use the GPT disk layout instead of the legacy MBR layout. The installer images will also now use GRUB instead of syslinux to boot on BIOS systems.
* If you disable and then re-enable SELinux, or run the _fixfiles onboot_ command, the file system relabelling processes will now be done in parallel, allowing for a significant speed boost.
* The default fonts for Persian has been changed from DejaVu and Noto Sans Arabic to Vazirmatn, providing a more consistent experience for those who use Fedora Linux in Persian.
### Also check out…
Cool happenings throughout the Fedora Project!
* Fedora CoreOS and Fedora Cloud Base have been promoted to Edition status!
* Preview installer images with a new GUI for Anaconda, the Fedora Linux system installer, will become available in about a week. An article will be published with more details, so watch this space!
--------------------------------------------------------------------------------
via: https://fedoramagazine.org/whats-new-fedora-37-workstation/
作者:[Merlin Cooper][a]
选题:[lujun9972][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://fedoramagazine.org/author/mxanthropocene/
[b]: https://github.com/lujun9972
[1]: https://fedoramag.wpenginepowered.com/wp-content/uploads/2022/10/f37-whats_new-816x345.jpg
[2]: https://docs.fedoraproject.org/en-US/quick-docs/dnf-system-upgrade/
[3]: https://release.gnome.org/43/
[4]: https://fedoramag.wpenginepowered.com/wp-content/uploads/2022/09/ezgif.com-gif-maker1.gif
[5]: https://fedoramag.wpenginepowered.com/wp-content/uploads/2022/09/ezgif.com-gif-maker2.gif
[6]: https://fedoramag.wpenginepowered.com/wp-content/uploads/2022/09/Screenshot-from-2022-09-16-20-25-28-1024x708.png
[7]: https://blog.linuxgrrl.com/2022/06/27/abstract-wallpapers-in-blender-using-geometry-nodes/
[8]: https://fedoramag.wpenginepowered.com/wp-content/uploads/2022/09/dfg-1-1024x679.png

View File

@ -1,91 +0,0 @@
[#]: subject: "Fix scanned images with ImageMagick"
[#]: via: "https://opensource.com/article/22/11/fixing-scanned-images-imagemagick"
[#]: author: "Seth Kenlon https://opensource.com/users/seth"
[#]: collector: "lkxed"
[#]: translator: "geekpi"
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
Fix scanned images with ImageMagick
======
It's easy to correct images, even in batches, with this open source tool.
Years ago while rummaging through the contents of a shelf in a used bookstore, I happened upon a booklet titled "UNIX System Command Summary for Berkeley 4.2 & 4.3 BSD," published by Specialized Systems Consultants. I bought it as a curiosity item because it was nearly 20 years old yet still largely applicable to modern Linux and BSD.
That amused me then and now. A booklet written in 1986 was still largely relevant in 2016, while books on the same shelf about a proprietary OS weren't worth the paper they were printed on. (Think about it: What technology do you think is going to survive a zombie apocalypse?) I've had the booklet on my own bookshelf for several years now, but it occurred to me that it's probably worth doing a little digital preservation of this artifact, so I decided to scan the booklet to create a [CBZ ebook][1].
Scanning was easy, albeit time-consuming, with [Skanlite][2]. After I was finished, however, I discovered that some pages weren't quite level.
![A page of text, including a table of contents and a glossary, that is crooked and distorted][3]
In printing, this is called a registration problem, meaning that the position of what's being printed isn't correctly orientated on the page.
### ImageMagick
[ImageMagick][4] is a non-interactive terminal-based graphics editor. It might seem counterintuitive to try to edit a graphic in a graphic-less environment like a text-only terminal, but it's actually very common. For instance, when you upload an image to use as a profile picture to a web application, it's likely that a script on the application's server processes your image using ImageMagick or its libraries. The advantage of a non-interactive editor is that you can formulate what needs to be done to a sample image, then apply those effects to hundreds of other images at the press of a button.
ImageMagick is generally just as capable as any graphics editor, as long as you take the time to uncover its many functions and how to combine them to achieve the desired effects. In this case, I want to rotate pages that are askew. After searching through ImageMagick's documentation, I discovered that the ImageMagick term for the solution I needed was called deskew. Aligning your terminology with somebody else's terminology is a challenge in anything that you don't already know, so when you approach ImageMagick (or anything), keep in mind that the word you've decided describes a problem or solution may not be the same word used by someone else.
To deskew an image with crooked text using ImageMagick:
```
$ convert page_0052.webp -deskew25% fix_0052.webp
```
The `-deskew` option represents the threshold of acceptable skew. A skew is determined by tracing peaks and valleys of objects that appear to be letters. Depending on how crooked your scan is, you may need more or less than 25% threshold. I've gone as high as 80%, and so far nothing under 25% has had an effect.
Here's the result:
![The same page of text, now with the text properly aligned][5]
Fixed! Applying this to the remaining 55 pages of the document fixed skewed pages while doing nothing to pages that were already straight. In other words, it was safe to run this command on pages that needed no adjustment, thanks to my threshold setting.
### Cropping an image with ImageMagick
After correcting for a skew, and because I scanned more of each page than necessary anyway to prevent accidentally cutting off words, I decided that it made sense to crop my corrected pages. I was happy to keep some space around the margins, but not quite as much as I had. I use the `crop` function of ImageMagick often enough for images on this very website, so I was familiar with the option. However, I needed to determine how to crop each page.
First, I needed the size of the image:
```
$ identify fixed_0052.webp
WEBP 1128x2593 1128x2593+0+08-bit sRGB 114732B 0.020u 0:00.021
```
Knowing the size, I was able to make some estimations about how many pixels I could stand to lose. After a few trial runs, I came up with this:
```
convert fix_0052.webp -gravity Center -crop 950x2450+0+0 crop_0052.webp
```
This isn't an exact fit, but it proved important when I applied it to other images in the booklet. The pages varied in content and scanner placement here and there, so I was happy to give each one a little breathing room.
Here's the corrected and cropped image:
![The same page of text, with the previous fixes applied and crooked white margins around the page cropped out.][6]
### Batch image editing with open source
The beauty of ImageMagick is that once you've figured out the formula for fixing your image, you can apply that fix to all images requiring the same fix. I do this with [GNU Parallel][7], which uses all my CPU cores to finish image correction across hundreds of pages. It doesn't take long, and the results speak for themselves. More importantly, I've got a digital archive of a fun artifact of UNIX history.
--------------------------------------------------------------------------------
via: https://opensource.com/article/22/11/fixing-scanned-images-imagemagick
作者:[Seth Kenlon][a]
选题:[lkxed][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/seth
[b]: https://github.com/lkxed
[1]: https://opensource.com/article/19/3/comic-book-archive-djvu
[2]: https://opensource.com/article/22/2/scan-documents-skanlite-linux-kde
[3]: https://opensource.com/sites/default/files/2022-10/imagemagick-crook_1.png
[4]: https://opensource.com/article/17/8/imagemagick
[5]: https://opensource.com/sites/default/files/2022-10/imagemagick-deskew-fix.png
[6]: https://opensource.com/sites/default/files/2022-10/imagemagick-deskew-crop.png
[7]: http://LINK-TO-SETH-GNU-PARALLEL-REDHAT.COM/SYSADMIN

View File

@ -1,184 +0,0 @@
[#]: subject: "How to Install Node.js on RHEL 9"
[#]: via: "https://www.linuxtechi.com/how-to-install-nodejs-on-rhel/"
[#]: author: "James Kiarie https://www.linuxtechi.com/author/james/"
[#]: collector: "lkxed"
[#]: translator: "geekpi"
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
How to Install Node.js on RHEL 9
======
In this post, we will explain how to install Node.js on RHEL 9 system step-by-step.
Built on Googles V8 Javascript engine, [Node.js][1] is a free and opensource, cross-platform JavaScript runtime that is mostly used for building server-side applications. It uses an event-driven and asynchronous model that helps developers build highly scalable, data-intensive real-time applications (RTAs ). You can use NodeJS to build both front-end and back-end applications.
Node.js is commonly used in building the following applications:
- Chat applications
- Streaming applications
- Browser games
- Command-line tools
- Embedded systems
Top companies that use NodeJS in their tech stacks include PayPal, Netflix, and Uber to mention a few.
There are three main ways of installing Node.JS:
- Installing Node.JS from the NodeSource repository
- Installing Node.JS from the distributions Official repository
- Installing Node.JS using NVM
Let us check out how to install Node.JS on RHEL 9 using each of these methods.
##### Prerequisites
- Minimal Installed RHEL 9 System
- [Sudo User][2] with admin rights
- Internet Connectivity
- Red Hat Subscription or locally configured repository
### Installing Node.js from NodeSource Repository
[NodeSource][3]is a technology company that seeks to help organizations run production-ready Node.Js applications with more focus on resource usage and enhanced security and application performance. It provides the latest versions of Node.JS and NPM.
To install Node.SJ from Nodesource, first, update the system packages as shown.
```
$ sudo dnf update -y
```
Next, install the required build tools which will be required during the installation of Node.JS. These include the GCC c/c++ compiler, Perl, and Python debuggers to mention a few.
```
$ sudo dnf groupinstall 'Development Tools' -y
```
Next, we are going to install Node.JS 18.x from Nodesource. To do this, download and run the NodeSource setup script as follows.
```
$ curl -fsSL https://rpm.nodesource.com/setup_18.x | sudo bash -
```
The script adds the Nodesource repository to your system among other tasks
At the tail end of the output, you will see some additional instructions provided on how to install Node.JS and npm.
Therefore, to install Node.JS and npm (Node Package Manager), run the command:
```
$ sudo dnf install nodejs -y
```
Once the installation is complete, verify the version of Node.JS and NPM as shown.
```
$ node -v
$ npm -v
```
The output shows that we are running Node v18.12 which is the latest LTS release and NPM 8.19.2.
### Installing Node.js from the official RHEL repositories
The other way of installing NodeJS and NPM is by installing them from your distributions official repository. However, this approach does not provide the latest versions.
If you dont mind not installing the latest versions of Node and NPM. , then run the following command on the command line.
```
$ sudo dnf update -y
$ sudo dnf install nodejs npm -y
```
### Installing Node.js using NVM
Lastly, you can install Node.JS using NVM ( Node Version Manager) which is a tool for managing Node versions on your system. The tool helps developers work efficiently on different projects which require different versions of Node.JS
NVM is not installed by default You need to install it by running the Shell script which is available on the [Official GitHub Page][4].
```
$ curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.2/install.sh | bash
```
This downloads and saves nvm in the .nvm directory in your home directory.
Once installed, close your terminal sessions and open a new terminal. Then run the following command to confirm that NVM has been installed.
```
$ command -v nvm
```
Next, you can list all the available versions of Node.JS using the following command:
```
$ nvm ls-remote
```
Alternatively, you can list all the latest LTS releases for Node.JS versions as shown.
```
$ nvm ls-remote | grep -i latest
```
To install the very latest version of Node.JS (currently v19.0.0 ), run the command:
```
$ nvm install node
```
You can then verify the version of Node installed as shown.
```
$ node -v
```
In addition, you can install a specific version of Node. JS. For example, to install v18.2.0, run the command:
```
$ nvm install v18.12.0
```
To list all the installed versions of NodeJS on your system, run the command:
```
$ nvm ls
```
The first entry with the sign ( > ) points to the version of Node.JS that is currently in use. This is then followed by other versions as indicated below
To switch to another version of Node.JS, use the syntax:
```
$ nvm use <version>
```
For example, to use Node version 19.0.0, run the command:
```
$ nvm use 19.0.0
```
Again, check the installed versions of Node.JS, and this time the  ( > ) sign will point to v19.0.0
##### Conclusion
In this guide, we have demonstrated how to install Node.js using three different methods. In addition, we have provided a few ways in which you can manage the Node versions using NVM. We hope that you can now comfortably install NodeJS on RHEL and choose the version that you want to work with on your project.
--------------------------------------------------------------------------------
via: https://www.linuxtechi.com/how-to-install-nodejs-on-rhel/
作者:[James Kiarie][a]
选题:[lkxed][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.linuxtechi.com/author/james/
[b]: https://github.com/lkxed
[1]: https://nodejs.org/en/about/
[2]: https://www.linuxtechi.com/create-sudo-user-on-rhel-rocky-linux-almalinux/
[3]: https://nodesource.com/
[4]: https://github.com/nvm-sh/nvm

View File

@ -0,0 +1,308 @@
[#]: subject: "How to Install Enlightenment Desktop in Arch Linux [Complete Guide]"
[#]: via: "https://www.debugpoint.com/enlightenment-arch-linux-install/"
[#]: author: "Arindam https://www.debugpoint.com/author/admin1/"
[#]: collector: "lkxed"
[#]: translator: " "
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
How to Install Enlightenment Desktop in Arch Linux [Complete Guide]
======
**This guide explains the steps you need to install Enlightenment Desktop in Arch Linux.**
This guide has two parts. The first part deals with installing the base Arch system. The second part is installing the complete Enlightenment desktop environment on top of Arch Linux.
### What is Enlightenment Desktop
[Enlightenment][1] is one of the oldest window manager, compositor for X11 in Linux. It is more than a decade old and one of the first “eye-candy” desktop. It consists of core libraries called EFL (Enlightenment Foundation Libraries) which provides features such as widgets, networking, graphics and more. Enlightenment evolved over the years to be suitable for Mobiles, Wearables, TV UI and of course vanilla desktop environment. It provides a standard menu, icon driven desktop with its own native applications. With the help of a suitable display manager, it can be a full-fledged productive desktop.
### Install Enlightenment Desktop in Arch Linux
#### Part 1: Install Arch Linux
If you have already Arch Linux installed, you can skip this step and directly go to the [installation of Enlightenment Desktop][2] section below.
For a quick Arch Linux base installation, follow the automated archinstall guide, which is present in the below link.
[Arch Installation with automated script (recommended)][3]
if you prefer the older/legacy way of installing Arch, then follow the steps below.
##### Download Arch Linux
Download Arch Linux .iso from the below link. There are magnet and torrent links available. Once you download, write the ISO to a USB drive. And then boot from the drive.
[Download Arch Linux][4]
If you are planning to install it as a virtual machine image via GNOME Boxes, virt-manager then you do not need to write it to a USB drive.
##### Boot and Configure Partitions
After you boot from the Arch Linux iso, you have to run a series of commands to install the base system.
First, run the below command to find out the device identifier.
```
fdisk -l
```
![fdisk -l before][5]
Then with the device identifier, run the below command to start partitioning your disk. Make sure to change `/dev/sda` as per your system.
```
cfdisk /dev/sda
```
Select `label type = dos` in the next prompt.
Select the free space and choose option NEW from the bottom. In this example, I will create three partitions as per below.
```
/dev/sda1 - 1G - for /boot/dev/sda2 - 5G - for root/dev/sda3 - 1G - for swap
```
![cfdisk][6]
In the next screen provide partition size for the boot partition (for this example, I gave 1 GB). Select it as the primary partition.
Repeat the same step for the main root partition of size 5GB.
![Swap partition type change][7]
Create a swap partition using the same steps with size 1G (you may change it as per your need). After you create the swap partition, make sure to choose Type at the bottom and mark it as a swap with the option “Linux Swap/Solaris”.
![final partition list in cfdisk][8]
Once done, write the changes to the disk using the Write option at the bottom. Make sure you take a backup before you write as this is a permanent change in your system.
Run the below command to check before you proceed. You can see in this example, three partitions are listed.
```
fdisk -l
```
![final partition list in fdisk][9]
Run the following commands in sequence to format and create an ext4 file system in the newly created partition above. Make sure you change the /dev/sda1 and /dev/sda2 as per your need.
```
mkfs.ext4 /dev/sda1mkfs.ext4 /dev/sda2mkswap /dev/sda3swapon /dev/sda3
```
After completion, mount the system and create necessary directories.
```
mount /dev/sda2 /mntmkdir /mnt/boot /mnt/var /mnt/homemount /dev/sda1 /mnt/boot
```
Again, make sure you change /dev/sda1, /dev/sda2 and /dev/sda3 as per your system.
![prepare file system][10]
##### Install the base system
I hope you are already connected to the internet. If not, try using a USB dongle or wired internet connection, which Arch installer automatically configure and detect. If you do not have a wired connection available, follow [this guide][11] to configure a wireless or Wi-Fi network using Arch Linux installer.
Run the below commands in sequence to install the base system in the mounted partition. The download size is approx 400 MB.
```
pacman -Syypacstrap /mnt base base-devel linux linux-firmware nano dhcpcd net-tools grub
```
![Install base system][12]
Once complete, generate a file system table, without which you cant boot the system.
```
genfstab -U /mnt >> /mnt/etc/fstab
```
##### Configure the base system
Follow the below commands in sequence to configure the base system. This involves setting up your locale, language, add a login user, and setting up the internet.
```
arch-chroot /mntnano /etc/locale.gen
```
Uncomment the locale of your choice by removing # at the beginning. For this guide, I have chosen en_US.UTF-8 UTF-8. Press CTRL+O, Enter, and CTRL+X to exit from nano.
![change locale][13]
Generate the locale using:
```
locale-gen
```
Setup the language using the below command.
```
echo LANG=en_US.UTF-8 > /etc/locale.confexport LANG=en_US.UTF-8
```
Setup the local time zone.
```
ln -s /usr/share/zoneinfo/America/New_York /etc/localtime
```
Again, you can choose them as per your need. You can list the local timezones via the below commands.
```
ls /usr/share/zoneinfo
ls /usr/share/zoneinfo/America
```
Set up the hardware clock, create a hostname, and enable the DHCP for the internet using the below commands in sequence. You can change `"arindam-pc"` to any hostname as per your desire.
```
hwclock --systohc --utcecho arindam-pc > /etc/hostnamesystemctl enable dhcpcd
```
The next step is to set up the root user password, create an admin user, and add the user in the sudoers file.
Follow the below commands in sequence. Make sure to change the user name from `debugpoint` to something else as per your need.
```
passwd rootuseradd -m -g users -G wheel -s /bin/bash debugpointpasswd debugpoint
```
![create user][14]
Open the sudoers file and add the below lines.
```
nano /etc/sudoers
```
Add below lines. As you already created the root user, the entry should be there.
```
root ALL=(ALL) ALLdebugpoint ALL=(ALL) ALL
```
![update sudoers file][15]
Install grub, setup the initial ramdisk environment, unmount the system using the below commands in sequence.
```
grub-install /dev/sdagrub-mkconfig -o /boot/grub/grub.cfgmkinitcpio -p linuxexit
```
![configure grub][16]
Then reboot your system.
```
umount /mnt/bootumount /mntreboot
```
You have now successfully installed the Arch Linux base system. Its time to install the complete Enlightenment desktop.
![Arch is installed][17]
#### Part 2: Install Enlightenment Desktop in Arch Linux
After reboot, choose Arch Linux from grub. In the Arch Linux prompt, start running the following commands in sequence. These commands install Xorg server, display manager, Enlightenment desktop components and EFL.
For all the commands use default i.e. press enter when asked.
- **Install Xorg. Approx install size is 80 MB.**
```
sudo pacman -S --needed xorg
```
- **Install display manager.** I have used lightdm for this guide. You can choose any alternative display manager of your choice.
```
sudo pacman -S --needed lightdm lightdm-gtk-greeter
```
- **Install desktop**
The Enlightenment desktop requires the [Enlightenment Foundation Library][18] (EFL) and base [enlightenment][19] package. Both are in Arch community repo. You can install them using the below commands.
```
sudo pacman -S efl
```
![Installing EFL][20]
```
sudo pacman -S enlightenment
```
![Installing Enlightenment][21]
Above two are enough for a basic desktop. If you need additional native applications of this desktop, you need to [set up AUR][22] and follow the [instruction here.][23]
Make sure to install the terminal and some additional apps.
```
sudo pacman -S --needed terminology
sudo pacman -S --needed firefox vlc filezilla leafpad xscreensaver archlinux-wallpaper
```
Now its time to enable the display manager and network manager as service. So that next time you log on, they can run automatically by systemd.
```
systemctl enable lightdm
systemctl enable NetworkManager
```
Reboot the system using the reboot command.
```
reboot
```
If all goes well, you should see a login prompt. Login using the ID and password you created above. Then Enlightenment desktop require some initial setup. Follow the onscreen instructions.
And after setup, you should see the nice Enlightenment Desktop.
![Enlightenment Desktop in Arch Linux (version 0.25)][24]
I hope this guide helps you create your own Arch Linux environment with Enlightenment desktop from scratch. If you run into trouble, let me know using the comment box below.
--------------------------------------------------------------------------------
via: https://www.debugpoint.com/enlightenment-arch-linux-install/
作者:[Arindam][a]
选题:[lkxed][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.debugpoint.com/author/admin1/
[b]: https://github.com/lkxed
[1]: https://www.enlightenment.org/
[2]: https://www.debugpoint.com#install-enlightenment-desktop
[3]: https://www.debugpoint.com/archinstall-guide/
[4]: https://www.archlinux.org/download/
[5]: https://www.debugpoint.com/wp-content/uploads/2020/12/fdisk-l-before.jpg
[6]: https://www.debugpoint.com/wp-content/uploads/2020/12/cfdisk.jpg
[7]: https://www.debugpoint.com/wp-content/uploads/2020/12/Swap-parition-type-change.jpg
[8]: https://www.debugpoint.com/wp-content/uploads/2020/12/final-partition-list-in-cfdisk.jpg
[9]: https://www.debugpoint.com/wp-content/uploads/2020/12/final-partition-list-in-fdisk.jpg
[10]: https://www.debugpoint.com/wp-content/uploads/2020/12/prepare-file-system.jpg
[11]: https://www.debugpoint.com/2020/11/connect-wifi-terminal-linux/
[12]: https://www.debugpoint.com/wp-content/uploads/2020/12/Install-base-system.jpg
[13]: https://www.debugpoint.com/wp-content/uploads/2020/12/change-locale.jpg
[14]: https://www.debugpoint.com/wp-content/uploads/2020/12/create-user.jpg
[15]: https://www.debugpoint.com/wp-content/uploads/2020/12/update-sudoers-file.jpg
[16]: https://www.debugpoint.com/wp-content/uploads/2020/12/configure-grub.jpg
[17]: https://www.debugpoint.com/wp-content/uploads/2020/12/Arch-is-installed.jpg
[18]: https://archlinux.org/packages/community/x86_64/efl/
[19]: https://archlinux.org/packages/community/x86_64/enlightenment/
[20]: https://www.debugpoint.com/wp-content/uploads/2021/09/Installing-EFL-2.png
[21]: https://www.debugpoint.com/wp-content/uploads/2021/09/Installing-Enlightenment.png
[22]: https://www.debugpoint.com/2021/01/install-yay-arch/
[23]: https://wiki.archlinux.org/title/enlightenment#From_the_AUR
[24]: https://www.debugpoint.com/wp-content/uploads/2021/09/Enlightenment-Desktop-in-Arch-Linux-version-0.25.jpg

View File

@ -0,0 +1,116 @@
[#]: subject: "How to Upgrade to Linux Mint 21 from Mint 20.3 [Complete Guide]"
[#]: via: "https://www.debugpoint.com/upgrade-linux-mint-21-from-20-3/"
[#]: author: "Arindam https://www.debugpoint.com/author/admin1/"
[#]: collector: "lkxed"
[#]: translator: " "
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
How to Upgrade to Linux Mint 21 from Mint 20.3 [Complete Guide]
======
**This guide gives you all the information you need to Upgrade to Linux Mint 21 (Vanessa) from Linux 20.3.**
Linux Mint 21 Vanessa was recently released with the latest Ubuntu 22.04 base and other additional features. If you are running the earlier Linux Mint 20.3, now it is possible to do a major version upgrade using the graphical tool by Linux Mint.
But before you upgrade, you need to do some housekeeping because major version upgrades always come with a fair amount of risk.
That said, make sure of the following before performing the upgrade.
Before you perform the upgrade, remember the followings:
- The current version upgrade is only possible from Linux Mint 20.3 to Linux Mint 21 Vanessa.
- What does this mean? If you are running Linux Mint 20.2 or Linux Mint 20.1, you can not directly upgrade to 21. Instead, you need to perform `sudo apt update` and `sudo apt upgrade` to reach 20.3. And then follow the steps.
### Things to do before the Upgrade Attempt
- Open the Update Manager and make sure your system is up to date until Linux Mint 20.3.
- Use TImeshift to create a system restore point after you apply all the pending updates in the above step. If something happens, you can always restore it to this point in time.
- Take a backup of all of your home, downloads, documents, pictures and videos folders.
- Disable any third-party PPA that you may have added. You can find those in the `System Settings > Software Sources > PPAs` or `Additional Repositories` tabs.
- Make sure you have a minimum of 10 GB to 15 GB of free disk space in the root file system.
- (Optional) [Prepare a LIVE USB][1] of Linux Mint 20.3 if you cannot boot it after a failed upgrade. It will help to restore via Timeshift.
- (Optional) Finally, do a fresh reboot before you follow the steps.
- Ensure you have a stable internet connection and have around 1.5 hours to give attention to the upgrade process.
### Upgrade to Linux Mint 21 from Linux Mint 20.3 [Graphical Method]
- Open a terminal window and run the following command to install [mintupgrade][2] utility. This is a GUI-based program which Linux Mint modified for major version upgrades. It makes the upgrade easier for general users who are not comfortable with the command prompt.
```
sudo apt install mintupgrade
```
- Now, from the command, run the program.
```
sudo mintupgrade
```
- You should see the following prompt, which tells you the upgrade to Linux Mint 21 is available. Click on Lets Go.
![Upgrade to Linux Mint 21 from 20.3 via mintupgrade tool][3]
- The tool will verify your system for any problems and tell you to fix them. If you see a **FIX** button, click on that to resolve the error (after reading the details in the window).
- It will also give you a list of packages which require a downgrade.
- In the end, you should see a summary of the packages to be downloaded or removed.
- Press OK to start the upgrade process.
![Final Upgrade summary][4]
- The program first downloads the packages. Then start to upgrade each one of the packages. Wait for the process to finish for close to an hour (based on your standard internet speed).
![Upgrading to Mint 21][5]
- After the download and installation, you should see a successful upgrade prompt.
![Successful Upgrade][6]
- Now, reboot the system, and you should be greeted with brand new Linux Mint 21.
### Things to remember during the Upgrade
- Usually, the upgrade process is smooth and should not be an issue. It takes around 1 hour and 15 minutes for a base install.
- The upgrade process may seem stalled sometime up to ~10 minutes, and you may not see any visible progress on the screen other than the progress animation.
- So, you need to wait until it completes all the steps. Alternatively, you can also watch the status in the terminal window.
- If you end up with a broken upgrade system, you can boot from a LIVE Mint USB/CD and restore your system with Timeshift backup.
If the upgrade fails, you may try for a new upgrade via this official [guide][7].
### Post Upgrade Steps
- If you have disabled the third-party PPAs, enable them and do a system update check. You can find the third-party PPs at the `System Settings > Software Sources > PPAs` or `Additional Repositories` tabs.
- Verify whether your documents, pictures and videos are present.
- Also, check if your browser add-ons and extensions are working fine.
- For this version, you should also check whether your **Printer and Bluetooth**are working. Because Mint 21 introduces IPP (a new protocol for printing) and a new Bluetooth manager.
- Finally, you may want to check out the [Top 10 features of Linux Mint 21][8] before you start using it.
### Wrapping Up
It is always better to do a fresh installation if you can afford it. However, upgrades are also acceptable.
I hope this guide helped you to do the Linux Mint upgrade. If you face any issues, let me know using the comment box below.
--------------------------------------------------------------------------------
via: https://www.debugpoint.com/upgrade-linux-mint-21-from-20-3/
作者:[Arindam][a]
选题:[lkxed][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.debugpoint.com/author/admin1/
[b]: https://github.com/lkxed
[1]: https://www.debugpoint.com/etcher-bootable-usb-linux/
[2]: https://www.debugpoint.com/mint-upgrade-tool/
[3]: https://www.debugpoint.com/wp-content/uploads/2022/08/Upgrade-to-Linux-Mint-21-from-20.3-via-mintupgrade-tool.jpg
[4]: https://www.debugpoint.com/wp-content/uploads/2022/08/Final-Upgrade-summary.jpg
[5]: https://www.debugpoint.com/wp-content/uploads/2022/08/Upgrading-to-Mint-21.gif
[6]: https://www.debugpoint.com/wp-content/uploads/2022/08/Successfull-Upgrade.jpg
[7]: https://community.linuxmint.com/tutorial/view/2
[8]: https://www.debugpoint.com/linux-mint-21-features/

View File

@ -0,0 +1,218 @@
[#]: subject: "Audit your sharding database algorithm"
[#]: via: "https://opensource.com/article/22/11/audit-sharding-database"
[#]: author: "Yacine Si Tayeb, PhD https://opensource.com/users/y2so"
[#]: collector: "lkxed"
[#]: translator: " "
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
Audit your sharding database algorithm
======
This demonstration of ShardingSphere 5.2.0 elaborates on the implementation logic for auditing data sharding with specific SQL examples.
Thanks to the [ShardingSphere community's][1] continuous review and feedback to develop features such as [data sharding][2] and read/write splitting, our team found that some users create many shards when using the data sharding feature.
In such cases, there can be 1,000 physical tables corresponding to a sharding logical table, which disturbs users.
For instance, a `SELECT * FROM t_order` statement will lead to a full-route, which is obviously not the case for [OLTP][3]. This SQL can be placed in another Proxy to avoid blocking other requests.
However, if users are not familiar with Proxy or how to write a `where` condition and don't know that sharding is not supported in this condition, a full-route is still required.
A full-route can lower the performance of Proxy and even result in the failure of a reasonable request. Imagine that there are 1,000 shards in a physical database. If they are executed in parallel, 1,000 connections are needed, and if in serial, the request can lead to a timeout. For this reason, community users asked whether the unreasonable request could be intercepted directly.
Our team considered the issue for a while. One option is to simply block the full-route operation. Doing so requires a check in the code and adding a switch to the configuration file. On the other hand, if the user later needs to set a table to read-only or requires the update operation to carry a `limit`, does that mean the code and configuration change again? This approach obviously goes against the pluggable logic of Proxy.
In response to the above problems, the recently released [Apache ShardingSphere 5.2.0][4] provides users with auditing for the SQL sharding function. The audit can either be an interception operation or a statistical operation. Similar to the sharding and unique key generation algorithms, the audit algorithm is plugin-oriented, user-defined, and configurable.
Next, I will elaborate on the implementation logic for auditing data sharding with specific SQL examples.
### Audit for sharding interface
The entrance to Apache ShardingSphere's audit is in the `org.apache.shardingsphere.infra.executor.check.SQLCheckEngine` class, which will invoke the `check` method of the `SQLChecker` interface. Currently, the ShardingSphere audit contains an audit for permission (verify username and password) and an audit for sharding.
This example focuses on the parent interface implemented in the `ShardingAuditChecker` of audit for sharding.
![Audit for sharding design][5]
You can learn its working principles quickly by viewing the `check` code of `org.apache.shardingsphere.sharding.checker.audit.ShardingAuditChecker`.
```
public interface ShardingAuditAlgorithm extends ShardingSphereAlgorithm {/**
     * Sharding audit algorithm SQL check.
     *
     * @param sqlStatementContext SQL statement context
     * @param parameters SQL parameters
     * @param grantee grantee
     * @param database database
     * @return SQL check result
     */
    SQLCheckResult CHECK(SQLStatementContext<?> sqlStatementContext, List<Object> parameters, Grantee grantee, ShardingSphereDatabase DATABASE);
}
```
This method obtains the audit strategies of all the sharding tables involved and invokes the audit algorithms configured in each sharding table audit strategy. An exception is displayed to the user if an audit algorithm fails to pass.
Some users may wonder what `disableAuditNames` does here. The sharding audit also allows users to skip this process. In some cases, users may need to execute SQL that should have been blocked by the audit, and they are aware of the impact of this SQL.
Users can utilize the `Hint: disableAuditNames` to skip audit interception, which will be described with practical examples later. The Proxy Administrators can configure `allowHintDisable` to control whether to allow users to skip this process. The default value is `true`, indicating that a Hint-based skip is permitted.
### Audit for sharding algorithm
The audit for sharding algorithm interface `org.apache.shardingsphere.sharding.spi.ShardingAuditAlgorithm` is inherited from SPI class `ShardingSphereAlgorithm`. It inherits `type` and `props` properties and defines its own `check` method. If you want to customize your audit algorithm, just implement the interface and add it to `INF.services`.
![Implement audit for sharding][6]
```
public interface ShardingAuditAlgorithm extends ShardingSphereAlgorithm {/**
     * Sharding audit algorithm SQL check.
     *
     * @param sqlStatementContext SQL statement context
     * @param parameters SQL parameters
     * @param grantee grantee
     * @param database database
     * @return SQL check result
     */
    SQLCheckResult CHECK(SQLStatementContext<?> sqlStatementContext, List<Object> parameters, Grantee grantee, ShardingSphereDatabase DATABASE);
}
```
Apache ShardingSphere implements a general audit for sharding algorithm `org.apache.shardingsphere.sharding.algorithm.audit.DMLShardingConditionsShardingAuditAlgorithm`, namely the above-mentioned SQL statement that intercepts the full-route.
The algorithm makes decisions by determining whether the sharding condition is `null`. Of course, it won't intercept broadcast tables and non-sharding tables.
```
public final class DMLShardingConditionsShardingAuditAlgorithm implements ShardingAuditAlgorithm {
    @Getter
    private Properties props;
    @Override
    public void init(final Properties props){
        this.props = props;}
    @SuppressWarnings({"rawtypes","unchecked"})
    @Override
    public SQLCheckResult CHECK(final SQLStatementContext<?> sqlStatementContext, final List<Object> parameters, final Grantee grantee, final ShardingSphereDatabase DATABASE){IF(sqlStatementContext.getSqlStatement() instanceof DMLStatement){
            ShardingRule rule =DATABASE.getRuleMetaData().getSingleRule(ShardingRule.class);IF(rule.isAllBroadcastTables(sqlStatementContext.getTablesContext().getTableNames())|| sqlStatementContext.getTablesContext().getTableNames().stream().noneMatch(rule::isShardingTable)){RETURNNEW SQLCheckResult(TRUE,"");}
            ShardingConditionEngine shardingConditionEngine = ShardingConditionEngineFactory.createShardingConditionEngine(sqlStatementContext,DATABASE, rule);IF(shardingConditionEngine.createShardingConditions(sqlStatementContext, parameters).isEmpty()){RETURNNEW SQLCheckResult(FALSE,"Not allow DML operation without sharding conditions");}}RETURNNEW SQLCheckResult(TRUE,"");}
    @Override
    public String getType(){RETURN"DML_SHARDING_CONDITIONS";}}
```
I'd like to introduce another audit for the sharding algorithm: `LimitRequiredShardingAuditAlgorithm`. This algorithm can intercept SQL without carrying a `limit` in the `update` and `delete` operations.
As this algorithm is less universal, it is not currently integrated into Apache ShardingSphere. As you can see, it is very easy to implement a custom algorithm, which is why the audit for sharding framework is needed. Thanks to its plugin-oriented architecture, ShardingSphere boasts great scalability.
```
public final class LimitRequiredShardingAuditAlgorithm implements ShardingAuditAlgorithm {
    @Getter
    private Properties props;
    @Override
    public void init(final Properties props){
        this.props = props;}
    @SuppressWarnings({"rawtypes","unchecked"})
    @Override
    public SQLCheckResult CHECK(final SQLStatementContext<?> sqlStatementContext, final List<Object> parameters, final Grantee grantee, final ShardingSphereDatabase DATABASE){IF(sqlStatementContext instanceof UpdateStatementContext && !((MySQLUpdateStatement) sqlStatementContext.getSqlStatement()).getLimit().isPresent()){RETURNNEW SQLCheckResult(FALSE,"Not allow update without limit");}IF(sqlStatementContext instanceof DeleteStatementContext && !((MySQLDeleteStatement) sqlStatementContext.getSqlStatement()).getLimit().isPresent()){RETURNNEW SQLCheckResult(FALSE,"Not allow delete without limit");}RETURNNEW SQLCheckResult(TRUE,"");}
    @Override
    public String getType(){RETURN"LIMIT_REQUIRED";}}
```
### Use audit for sharding
Audit for sharding requires you to configure an audit strategy for logical tables. To help you get started quickly, its configuration is the same as that of the sharding algorithm and the sharding key value generator.
There is an algorithm definition and strategy definition, and a default audit strategy is also supported. If the audit strategy is configured in the logical table, it affects only that logical table.
If `defaultAuditStrategy` is configured in the logical table, it takes effect for all the logical tables under the sharding rule. `Auditors` are similar to `ShardingAlgorithms`, `auditStrategy` to `databaseStrategy`, and `defaultAuditStrategy` to `defaultDatabaseStrategy` or `defaultTableStrategy`.
Please refer to the following example. Only the configuration of the audit for sharding is displayed. You must configure the sharding algorithm and data source yourself.
```
rules:- !SHARDINGTABLES:
      t_order:
        actualDataNodes: ds_${0..1}.t_order_${0..1}
        auditStrategy:
          auditorNames:- sharding_key_required_auditor
          allowHintDisable: TRUE
    defaultAuditStrategy:
      auditorNames:- sharding_key_required_auditor
      allowHintDisable: TRUE
    auditors:
      sharding_key_required_auditor:TYPE: DML_SHARDING_CONDITIONS
```
**Step 1**: Execute a query operation. An error is displayed as the audit strategy for intercepting the full-database route is configured.
```
mysql>SELECT*FROM t_order;
ERROR 13000(44000): SQLCHECK failed, error message: NOT allow DML operation WITHOUT sharding conditions
```
**Step 2**: Add `HINT`. The name of the `HINT` is `/* ShardingSphere hint: disableAuditNames */`and `disableAuditNames` is followed by the `auditorsNames` configured in the preceding command.
If multiple names exist, separate them with spaces such as`/* ShardingSphere hint: disableAuditNames=auditName1 auditName2*/`. After using `HINT`, you can see that the SQL operation is successfully executed.
```
mysql>/* ShardingSphere hint: disableAuditNames=sharding_key_required_auditor */SELECT*FROM t_order;
+----------+---------+------------+--------+| order_id | user_id | address_id |STATUS|+----------+---------+------------+--------+|30|20|10|20||32|22|10|20|+----------+---------+------------+--------+2ROWSINSET(0.01 sec)
```
**Note**: `HINT` requires you to modify the `server.yaml` configuration of Proxy. In addition, if you are using MySQL terminal to connect to Proxy directly, you need to add the `-c` property—otherwise, `HINT` comments will be filtered out of the MySQL terminal and will not be parsed by Proxy on the backend.
```
rules:- !SQL_PARSER
    sqlCommentParseEnabled: TRUE
    sqlStatementCache:
      initialCapacity: 2000
      maximumSize: 65535
    parseTreeCache:
      initialCapacity: 128
      maximumSize: 1024
props:
  proxy-hint-enabled: TRUE
mysql -uroot -proot -h127.0.0.1 -P3307  -c
```
### DistSQL with audit for sharding
As you can see from the [release notes][7], Apache ShardingSphere 5.2.0 supports the following [DistSQL][8] with audit for sharding function:
```
CREATE SHARDING AUDITOR
ALTER SHARDING AUDITOR
SHOW SHARDING AUDIT ALGORITHMS
The following DistSQL will be supported IN future releases:
DROP SHARDING AUDITOR
SHOW UNUSED SHARDING AUDIT ALGORITHMS
CREATE SHARDING TABLE RULE # including AUDIT_STRATEGY
```
This post introduced how audit for sharding works with specific examples. I believe you already have a basic understanding of this function and can use it whenever you need or use a custom algorithm.
You are also welcome to submit general algorithms to the community. If you have any ideas to contribute or encounter issues with your ShardingSphere, feel free to post them on [GitHub][9].
This article originally appeared on [ShardingSphere 5.2.0: Audit for sharding intercepts unreasonable requests in multi-shards scenarios][10] and is republished with permission.
--------------------------------------------------------------------------------
via: https://opensource.com/article/22/11/audit-sharding-database
作者:[Yacine Si Tayeb, PhD][a]
选题:[lkxed][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/y2so
[b]: https://github.com/lkxed
[1]: https://shardingsphere.apache.org/
[2]: https://opensource.com/article/21/12/apache-shardingsphere
[3]: https://shardingsphere.apache.org/blog/en/material/2022_04_26_how_to_use_shardingsphere-proxy_in_real_production_scenarios_your_quick_start_guide/
[4]: https://faun.pub/apache-shardingsphere-5-2-0-is-released-bringing-new-cloud-native-possibilities-8d674d964a93?source=your_stories_page-------------------------------------
[5]: https://opensource.com/sites/default/files/2022-10/Audit-for-sharding.png
[6]: https://opensource.com/sites/default/files/2022-10/implement-audit-algorithm_0.png
[7]: https://github.com/apache/shardingsphere/releases/tag/5.2.0
[8]: https://shardingsphere.apache.org/document/5.1.0/en/concepts/distsql/
[9]: https://github.com/apache/shardingsphere
[10]: https://blog.devgenius.io/shardingsphere-5-2-0-audit-for-sharding-intercepts-unreasonable-requests-in-multi-shards-scenarios-9a113312062b

View File

@ -0,0 +1,65 @@
[#]: subject: "How to Install LibreOffice Base Database in Ubuntu and Other Linux"
[#]: via: "https://www.debugpoint.com/install-libreoffice-base-ubuntu/"
[#]: author: "Arindam https://www.debugpoint.com/author/admin1/"
[#]: collector: "lkxed"
[#]: translator: "geekpi"
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
How to Install LibreOffice Base Database in Ubuntu and Other Linux
======
**Heres how to install the LibreOffice Base database module in Ubuntu and other Linux distributions.**
The popular free and open-source office suite LibreOffice consists of six individual components. However, the default installation of LibreOffice in Ubuntu and related distributions only include five of them:
- Calc
- Writer
- Impress
- Draw
- Math
Due to some reason, the database module LibreOffice Base is not included. So, heres how you can install it separately in Ubuntu and other distros.
### Install LibreOffice Base in Ubuntu and Other Linux
You can use either the Software app or use the terminal to install `libreoffice-base` package. I would recommend using the terminal to install it. Open a terminal window and run the following command to install it.
```
sudo apt install libreoffice-base
```
If you prefer Software or any other GUI-based installer, search for “libreoffice-base” and hit install.
For **Fedora and RPM-based distros**, use the following command:
```
sudo dnf install libreoffice-base
```
And if you installed LibreOffice in **Arch Linux** either [libreoffice-fresh][1] or [libreoffice-still][2] package, then no action is required. LibreOffice Base is already included in those two packages. So, you are good to go.
On another note, if you want to check out how to install the latest LibreOffice, check out [this guide][3].
![Install Libreoffice Base in Ubuntu][4]
Finally, after installation, you can find out the LibreOffice Base in the application menu.
--------------------------------------------------------------------------------
via: https://www.debugpoint.com/install-libreoffice-base-ubuntu/
作者:[Arindam][a]
选题:[lkxed][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.debugpoint.com/author/admin1/
[b]: https://github.com/lkxed
[1]: https://archlinux.org/packages/extra/x86_64/libreoffice-fresh/
[2]: https://archlinux.org/packages/extra/x86_64/libreoffice-still/
[3]: https://www.debugpoint.com/install-latest-libreoffice-ubuntu-linux/
[4]: https://www.debugpoint.com/wp-content/uploads/2022/11/Install-Libreoffice-Base-in-Ubuntu.jpg

View File

@ -0,0 +1,176 @@
[#]: subject: "How to Install Elementary OSs Pantheon Desktop in Arch Linux"
[#]: via: "https://www.debugpoint.com/pantheon-arch-linux-install/"
[#]: author: "Arindam https://www.debugpoint.com/author/admin1/"
[#]: collector: "lkxed"
[#]: translator: " "
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
How to Install Elementary OSs Pantheon Desktop in Arch Linux
======
**Pantheon is the default desktop environment for the elementary OS. This quick guide explains the steps to install the Pantheon desktop environment in Arch Linux.**
Pantheon is a beautiful desktop environment used by the elementary OS. It is based on GTK3 (GTK4 porting in progress) and Vala and is a nice and clean desktop that provides you with a refined experience of a Linux desktop.
The desktop is primarily used by the elementary OS. Elementary OS provides a modified version of Pantheon desktop, which is based on the GNOME software base.
The elementary OS is based on the Ubuntu LTS release. Hence it is super easy to install the Pantheon desktop in ubuntu-based distributions. That means if you want to experience Pantheon without installing elementary OS its just one or two commands to install it in Ubuntu.
In Fedora, you can also install using group packages. However, a distro called [Ultramarine Linux][1] provides it by default with a Fedora base.
But, installing Pantheon in Arch Linux requires some work. It is not straightforward with a simple pacman command and wont work out of the box at all. Some configuration is required and might break your system.
Here I give you the guideline and steps to install Pantheon Desktop in Arch Linux.
**Warning:**Things may not go well the first time, so I suggest you do it on a virtual machine before installing it on a physical system. Because installing Pantheon in Arch is not as streamlined as installing GNOME, Xfce, and KDE Plasma desktop in Arch Linux. It requires some additional manual configuration as well.
Here are the steps to install Pantheon Desktop in Arch Linux.
### Install Pantheon Desktop in Arch Linux
#### Step 1: Install Base System
Make sure you install the Arch Linux base system by following the automated [archinstall script using this guide][2]. If youre already running an Arch installation, you can skip this step and follow the next step.
#### Step 2: Update Your System
Open a terminal in your Arch installation. And make sure the system is up to date by running the below command:
```
pacman -Syu
```
#### Step 3: Instal yay AUR Helper
Many packages that are required for Pantheon are not available in the Arch official repository. They are available in Arch User Repo (AUR). Hence you need to install yay for additional packages. Follow [this guide to install yay AUR helper][3].
#### Step 4: Install Pantheon Desktop in Arch Linux
Install the following packages using the below command. These are required packages available in the Arch official repository consisting of all necessary components, wingpanel, icons, and wallpapers.
- [pantheon][4]
- lightdm-pantheon-greeter
- sound-theme-elementary
- switchboard
- lightdm-gtk-greeter
- elementary-icon-theme
- elementary-wallpapers
- pantheon-applications-menu
- wingpanel-indicator-session
- wingpanel-indicator-datetime
```
pacman -S --needed pantheon lightdm-pantheon-greeter sound-theme-elementary switchboard lightdm-gtk-greeter elementary-icon-theme elementary-wallpapers pantheon-applications-menu wingpanel-indicator-session wingpanel-indicator-datetime inter-font firefox
```
Install the following packages from the user repository. These are some additional packages that are not available in the Arch official repository. And these might take some time to install.
- pantheon-session-git
- gnome-settings-daemon-elementary
- pantheon-default-settings
- switchboard-plug-pantheon-tweaks-git
- urutau-icons-git
- pantheon-dock-git
```
yay -S pantheon-session-git pantheon-default-settings switchboard-plug-pantheon-tweaks-git urutau-icons-git pantheon-dock-git
```
The next step is to install the display server and manager. Use `lightdm` as the display manager for Pantheon in Arch. I tried using other display managers with Pantheon but that didnt end well.
```
pacman -S --needed xorg lightdm
```
#### Step 5: Configure
The default greeter needs some modifications. Run the below command to check the available sessions.
```
ls -1 /usr/share/xgreeters
```
![greeters list][5]
Open the lightdm configuration file and change the greeter-session to io.elementary.greeter.
```
sudo nano /etc/lightdm/lightdm.conf
greeter-session=io.elementary.greeter
```
Save and close the file (CTRL+O, ENTER and CTRL+X).
![lightdm conf][6]
Enable the display manager and network manager in systemd.
```
systemctl enable lightdmsystemctl enable NetworkManager
```
Reboot the system.
```
systemctl reboot
```
If all went well, you should see the following login screen (I know, it doesnt look cool at all, anyway). Change the session from the top dropdown and log in with the username and password.
![Login screen - Pantheon in Arch][7]
#### Step 6: Post-Install Configuration
When I first logged in to my test system, many things didnt work. Heres a list of items and their possible solutions.
a) **Wallpaper**: The wallpaper module seems not to be working at all. So, there was no wallpaper by default. Even the “Change Wallpaper” option is not opening. If you face this, install `dconf` editor and change the wallpaper via the below steps.
```
pacman -S --needed dconf-editor
```
Then Launch the dconf editor from the menu. Navigate to `"org > gnome > desktop > background > picture-uri"`. Turn off the default value and add the custom value `file:////usr/share/backgrounds/Ashim DSilva.jpg`. You can use any other image as well. Save and close.
![Change background property using dconf-editor][8]
b) **Icons**: Change the icons via `Settings > Tweaks.` Then change the icon and cursors to urutau-icons.
After all the configurations and installation, you should be all set with the Pantheon Desktop in Arch Linux. Heres a screenshot of my test machine.
![Pantheon Desktop in Arch Linux][9]
### Closing Notes
I hope this guide helps you eventually install the Pantheon desktop in Arch Linux. It took me a couple of days to finally able to fit the pieces together and make them work.
Although some small features are still not working, a workable Pantheon desktop is still available.
The only thing that surprises me is the performance of Pantheon in Arch. The elementary OS installation is not that fast in my same test machine. But the Pantheon base is faster in Arch than a vanilla elementary OS. However, if you would like Pantheon, give it a go.
If you face any errors, let me know using the comment box below.
--------------------------------------------------------------------------------
via: https://www.debugpoint.com/pantheon-arch-linux-install/
作者:[Arindam][a]
选题:[lkxed][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.debugpoint.com/author/admin1/
[b]: https://github.com/lkxed
[1]: https://www.debugpoint.com/ultramarine-linux-36/
[2]: https://www.debugpoint.com/archinstall-guide/
[3]: https://www.debugpoint.com/install-yay-arch/
[4]: https://wiki.archlinux.org/index.php/Pantheon
[5]: https://www.debugpoint.com/wp-content/uploads/2021/02/greeters-list.jpg
[6]: https://www.debugpoint.com/wp-content/uploads/2021/02/lightdm-conf.jpg
[7]: https://www.debugpoint.com/wp-content/uploads/2021/02/Login-screen-Pantheon-in-Arch.jpg
[8]: https://www.debugpoint.com/wp-content/uploads/2021/02/Change-background-property-using-dconf-editor.jpg
[9]: https://www.debugpoint.com/wp-content/uploads/2021/02/Pantheon-Desktop-in-Arch-Linux-1.jpg

View File

@ -0,0 +1,191 @@
[#]: subject: "Drop swap for zram on Linux"
[#]: via: "https://opensource.com/article/22/11/zram-swap-linux"
[#]: author: "David Both https://opensource.com/users/dboth"
[#]: collector: "lkxed"
[#]: translator: " "
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
Drop swap for zram on Linux
======
Zram is a tool for creating an in-RAM compressed cache, specifically for use as swap space.
I spend a lot of time playing (I mean working) on my computers, and I've found a lot of interesting things. One that has most recently come to my attention is the `zram0` device. I first noticed it when working on one of my Opensource.com articles several months ago. It showed up in the output from the `lsblk` command:
```
# lsblk
NAME          MAJ:MIN RM   SIZE RO TYPE MOUNTPOINTS
sda             8:00 931.5G  0 disk
├─sda1          8:10   600M  0 part
[...]
zram0         252:00     8G  0 disk [SWAP]
```
It's identified as swap space, which is what first piqued my curiosity, so I did some exploration. Zram was originally called "compcache," which stands for "compressed cache." It turns out that zram is a tool for creating an in-RAM compressed cache, specifically for use as swap space.
But Why?
When I began researching zram, all I found were a couple of basic articles about using zram for swap space. At first, this seemed a bit counterintuitive to me. After all, if you're running out of RAM and you swap pages into a virtual drive in RAM, what's gained?
I then found the Fedora Project wiki page that proposed the use of [Swap on zram][1]. The proposal says: "Swap is useful, except when it's slow. zram is a RAM drive that uses compression. Create a swap-on-zram during start-up. And no longer use swap partitions by default."
The rest of the page is about details, benefits, side effects, and feedback.
### Zram for swap space on Linux
Using zram for swap space is intended to do the same thing as regular partition-based or file-based swap space. When memory pressure becomes too great, some of the least recently used data is moved to swap space. On average, it's compressed to about 50% of its original size, and placed in zram space in RAM. This is much faster than storing those memory pages on a hard drive and frees up the RAM it was using for other use.
### Saving on swap
I tried to find revised recommendations for how much swap or zram swap to configure. This led me back to a reassessment of swap, and my previous article, [What's the right amount of swap space for a modern Linux system?][2] As far as I can tell from the most current documentation for RHEL and Fedora, the recommended amount of swap space has not changed. That documentation, however, ignores the use of zram.
However, the tables in that previous article still provide a good starting point for swap space allocation when using older releases of Linux that don't use zram or in cases where zram has been disabled.
The documents I found for the Zram feature are inconsistent in terms of how zram is allocated with respect to RAM size, and the amount of space allocated to zram swap.
Due to the lack of authoritative documentation, I performed some experiments to empirically determine the algorithm used to allocate zram swap. I used my own physical and virtual systems for this. The results are interesting and do not match any documentation I've so far found.
The default size of zram is 8 GB on all systems large enough to support that, but it's typically reduced significantly on hosts with small amounts of RAM. On one virtual machine (VM) I use for testing, with access to 4 GB of RAM, the zram virtual swap space is allocated to 3.8 GB. One old Dell I have contains 8 GB of RAM, and the zram is set to 7.6 GB. When RAM is reduced to 2 GB, Zram is reduced to 1.9 GB.
All physical and virtual hosts I have with more than 8 GB of RAM show exactly 8 GB of zram. This includes my primary workstation with 64 GB of RAM and other hosts with 16 GB or 32 GB of RAM.
Based on these few data points, I can draw the conclusion that the current default settings are for 8 GB of zram at most, and for zram to be 95% of RAM on hosts with 8 GB or less.
I have read a number of articles that mention other sizes for zram swap, even up to 100% of RAM, but those all seem to be theoretical rather than reality.
Your distribution may be different, but here are the actual zram swap allocations for Fedora and similar distributions:
- **RAM ⇐ 8 GB:** 0.95 × RAM
- **RAM > 8 GB:** 8 GB
Be aware that the zram swap size algorithm is not based on any recommendations for the "best" swap size for any given real-world system or application. This zram swap allocation is a rather probabilistic approach to what should work well on a wide range of Linux hosts. However, the fact that the maximum zram swap size is configured for 8 GB and the fact that I have always recommended 8 GB as the maximum amount of traditional swap, I think I can say it's reflective of the optimum sizes for zram swap.
### Managing zram swap
Zram defaults are stored in the `/usr/lib/systemd/zram-generator.conf` configuration file. The following is from one of my test VMs with 5097 GB of RAM allocated.
```
# cat /usr/lib/systemd/zram-generator.conf
# This config file enables a /dev/zram0 device with the default settings:
# - size - same as available RAM or 8GB, whichever is less
# - compression - most likely lzo-rle
#
# To disable, uninstall zram-generator-defaults or create empty
# /etc/systemd/zram-generator.conf file.
[zram0]zram-size= min(ram, 8192)
```
You can change the default Zram swap size in the last line of the `zram-generator.conf` configuration file. I recommend against doing that, unless you can definitively show a reason for doing so, and test your results once you make any changes. Like many other configuration defaults in Linux, the zram ones have been well-tested and are appropriate for most use cases.
### Monitor zram
The zramctl utility can be used to view the current state of zram.
```
# zramctl
NAME       ALGORITHM DISKSIZE DATA COMPR TOTAL STREAMS MOUNTPOINT
/dev/zram0 lzo-rle       4.8G   4K   80B   12K       4[SWAP]
```
The traditional `swapon` command can also be used to view swap including zram used as swap:
```
# swapon --show
NAME       TYPE      SIZE USED PRIO
/dev/zram0 partition 4.8G   0B  100
```
One thing to be aware of is that `zramctl` does not report on zram when it contains no data, so the results contain null output. Tools like `lsblk`, `swapon`, `top`, `free`, `htop`, and so on, do show zram even when it contains no data.
### Deactivate zram
The `swapoff -a` command turns off `zram` swap as well as traditional HDD or SSD storage used as swap. The `swapon -a` command does not show zram when it is empty. Use `zramctl /dev/zram0` instead.
```
# swapon --show# lsblk
NAME          MAJ:MIN RM  SIZE RO TYPE MOUNTPOINTS
sda             8:00  120G  0 disk
├─sda1          8:10    1G  0 part /boot/efi
├─sda2          8:20    1G  0 part /boot
└─sda3          8:30  118G  0 part
  ├─vg01-root 253:00   10G  0 lvm  /
  ├─vg01-swap 253:10    3G  0 lvm  [SWAP]
  ├─vg01-usr  253:10   30G  0 lvm  /usr
  ├─vg01-home 253:20   10G  0 lvm  /home
  ├─vg01-var  253:30   30G  0 lvm  /var
  └─vg01-tmp  253:40   10G  0 lvm  /tmp
sr0            11:01 1024M  0 rom
zram0         252:00    0B  0 disk
# zramctl## zramctl /dev/zram0
NAME       ALGORITHM DISKSIZE DATA COMPR TOTAL STREAMS MOUNTPOINT
/dev/zram0 lzo-rle         0B   0B    0B    0B       4
```
Note that `/dev/zram0` doesn't show up in these commands as swap space until it's being used for that purpose. This caused me some confusion until my experiments showed it to be the case.
### Creating Zram Swap
Zram itself has been around for about 20 years, but has only been in use as swap space on some distributions for the last year or two. The current Linux installation on some or all of your hosts may not have been created with zram for swap. If that's the case, it can be easily remedied.
For Fedora 32, the last release prior to the default use of zram for swap, it only takes three easy commands.
First, verify the presence of the `zram-swap.service` file, installed as part of the `zram` RPM package.
```
# systemctl status zram-swap
● zram-swap.service - Enable compressed swap in memory using zram
     Loaded: loaded (/usr/lib/systemd/system/zram-swap.service; disabled; vendor preset: disabled)
     Active: inactive (dead)
```
Next, install the `zram-generator-defaults` and `zram-generator` packages.
```
# dnf install zram-generator-defaults zram-generator
```
Enable and start the zram-swap service:
```
# systemctl enable zram-swap.service# systemctl start zram-swap.service
```
And then verify that `zram0` exists, and is being used as swap space:
```
# lsblk
NAME          MAJ:MIN RM  SIZE RO TYPE MOUNTPOINT
sda             8:00  120G  0 disk
├─sda1          8:10    2G  0 part /boot
└─sda2          8:20  118G  0 part
  ├─vg01-root 253:00   10G  0 lvm  /
  ├─vg01-swap 253:10    3G  0 lvm  [SWAP]
  ├─vg01-usr  253:20   35G  0 lvm  /usr
  ├─vg01-tmp  253:30   15G  0 lvm  /tmp
  ├─vg01-var  253:40   35G  0 lvm  /var
  └─vg01-home 253:50   20G  0 lvm  /home
sr0            11:01 1024M  0 rom
zram0         252:00  7.5G  0 disk [SWAP]
```
### Improve swap with zram
That's all there is to it. It was easy with Fedora. Different distributions will likely be just as easy, with some possible different details in the package names and commands. Give zram swap a try on your computer. In my next article, I'll demonstrate some further zram options.
--------------------------------------------------------------------------------
via: https://opensource.com/article/22/11/zram-swap-linux
作者:[David Both][a]
选题:[lkxed][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/dboth
[b]: https://github.com/lkxed
[1]: https://fedoraproject.org/wiki/Changes/SwapOnZRAM
[2]: https://opensource.com/article/19/2/swap-space-poll

View File

@ -0,0 +1,118 @@
[#]: subject: "How to switch from Twitter to Mastodon"
[#]: via: "https://opensource.com/article/22/11/switch-twitter-mastodon"
[#]: author: "Jessica Cherry https://opensource.com/users/cherrybomb"
[#]: collector: "lkxed"
[#]: translator: " "
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
How to switch from Twitter to Mastodon
======
Mastodon is an open source microblogging community.
Like many people, I find social media somewhat exciting and also...a bit much. Sometimes you get deep-fried in algorithms, tracking data, and ads catered especially for you. You lack administrative control over what you want to see, especially on the old platforms many of us are used to. As usual, you must look to open source to fix the problem. And that's exactly what [Mastodon][1], an open source microblogging community, does.
With Mastodon social, not only are you working with open source software, but everything is decentralized, which means you can pick what you want to see partly based on the instance you want to occupy. Mastodon uses separate instances, each with its own code of conduct, privacy options, and moderation policies. That means that when you join an instance, you're less likely to see the stuff you're not interested in and more likely to see messages from people who share your interests.
However, you can also interact with other instances. All Mastodon installs have the potential to be "federated" in what its users call the "fediverse."
### What is the fediverse?
The fediverse is an ensemble of federated (or interconnected) servers. The word comes from the mix of "federated" and "universe." You can use this for all sorts of web publishing, from social networking to websites to file hosting. While each instance is hosted independently, they can talk to each other.
### So how can I sign up for Mastodon?
First, go to [Mastodon.social][2] to sign up.
On the right-hand side of the screen, there are **Sign in** and **Create account** buttons.
![Sign-in or Create Account interface][3]
However, because anyone can run a Mastodon server, there are many instances, and some servers are already home to a community with interests that may align with your own. As I've said, you'll have access to the whole fediverse no matter what, but it can be nice to start on a server where people already "speak your language" (that can be literal, too, because you can add a filter to find a server in your native language).
To find a server, click the **Find another server** button.
![Signing up interface][4]
When you click that button, you're brought to the [Join Mastodon page][5], with a button to list available servers.
![Getting started interface][6]
As you scroll down, you can pick a topic on the left to help you find where you would like to be hosted.
![Topic list][7]
I'm all about open source, so let's see what we have in the technology topic.
![Technology topics][8]
As you can see, there's a large index with many waiting lists. In this case, it looks like Don Watkins, a fellow Opensource.com author, has chosen an instance that works for himself and our talented group. So I'll skip ahead and tell you where I'm going: There's a free open source software server known as [Fosstodon][9], and I've chosen to sign up there so I can share my articles freely.
Here are the sign-in steps.
First, enter your information:
![Steps for signing in][10]
Next, you get a message about a confirmation email:
![Confirmation message][11]
When you get to your email, click the **Verify** button, and the system prompts you to confirm your login information.
This server does have an application process to join. This process isn't just for safety reasons but also for privacy. Once approved, you get this amazing email!
![Welcome message][12]
I kept my handle from other social media venues, so it's easy to move back and forth from one place to another and cross-post with replication and API calls.
### Complete control
Now that I have a new profile, I can change preferences on what emails I receive, allowing for more control over what I see. This is a good way to give me more power over my media intake, and it's greatly appreciated. Once I click **Preferences**, Mastodon offers me cool appearance, language information, and many other options.
![Appearance settings][13]
Next, I can click notifications and limit what I see and what I get notified for, so I can opt for less noise.
![Notifications settings][14]
This complete control of my media without algorithmic intervention is great. You can also set up featured hashtags for what you want on your profile to follow long-term projects or allow people to find you by following those hashtags. You also have the options for filters, followers, and so much more.
### Final notes
This open source social media is a great way to find your group of people and broadly interact with those in a broad universe of interests. Controlling media intake is great for some balance in your life, and you can opt-in to contributing by checking the [contributor rules][15].
In addition to the control over your own social media experience, you also gain phone apps that work on all devices, including Toot for iPhone and Tusky for Android.
Long story short: I think we should all get ready for a new open source world of social media.
--------------------------------------------------------------------------------
via: https://opensource.com/article/22/11/switch-twitter-mastodon
作者:[Jessica Cherry][a]
选题:[lkxed][b]
译者:[译者ID](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/cherrybomb
[b]: https://github.com/lkxed
[1]: https://opensource.com/article/22/11/twitter-vs-mastodon
[2]: https://mastodon.social/
[3]: https://opensource.com/sites/default/files/2022-11/1signin-createaccount.png
[4]: https://opensource.com/sites/default/files/2022-11/2signingup.png
[5]: https://joinmastodon.org/servers
[6]: https://opensource.com/sites/default/files/2022-11/3gettingstarted.png
[7]: https://opensource.com/sites/default/files/2022-11/4topics.png
[8]: https://opensource.com/sites/default/files/2022-11/5techtopic.png
[9]: https://fosstodon.org/
[10]: https://opensource.com/sites/default/files/2022-11/6signin.jpg
[11]: https://opensource.com/sites/default/files/2022-11/7confirmation.png
[12]: https://opensource.com/sites/default/files/2022-11/8welcome.png
[13]: https://opensource.com/sites/default/files/2022-11/9appearance.png
[14]: https://opensource.com/sites/default/files/2022-11/10notifications.png
[15]: https://github.com/mastodon/mastodon/blob/main/CONTRIBUTING.md

View File

@ -0,0 +1,80 @@
[#]: subject: "Learn Python: 7 of my favorite resources"
[#]: via: "https://opensource.com/article/22/11/learn-python"
[#]: author: "Don Watkins https://opensource.com/users/don-watkins"
[#]: collector: "lkxed"
[#]: translator: "Cubik65536"
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
学习 Python我最喜欢的 7 个资源
======
这些年来,我通过这些开源资源提高了我的 Python 技能。
我最近决定进一步学习 Python以便提高我的教学技能拓宽我的学生的视野。在这个过程中我发现了这些优秀的资源让我学习新的代码并提高了对 Python 的整体理解。
### 1. 教你的孩子编程
我的 Python 之旅大约是 7 年前开始的,当时我发现了 Apple LOGO 和 Python 中的 [Turtle 模块][1] 之间的联系。当时使用的 Linux 计算机的默认 Python 版本为 Python 2.7,我很快发现我想使用 Python 3。我成功地安装了它并开始使用 Turtle 模块编写一些简单的程序。在阅读 Dr. Bryson Payne 的 [教你的孩子编程][2] 之后,我意识到 Python 不仅仅是 Turtle。那时我安装了 [IDLE][3]。
### 2. IDLE
在使用 IDLE 工作的过程中,交互式界面优化了我的体验,并让我有足够的信心来考虑向学生教授 Python。我志愿帮助我社区中的一群在家学习的孩子很快我发现自己在教授一个有十六个孩子的班级我很高兴他们的父母同意帮助我否则我想我会被压垮。这个经历激发了我学习更多的欲望以便我可以教授更多。
### 3. Mu 编辑器
2018 年春天,我参加了 PyConUS。我听了一场由中学老师 [Nicholas Tollervey][4] 主讲的演讲,他为学龄前儿童编写了一个 Python 开发环境。[Mu 编辑器][5] 内置了一个可以帮助我找到代码中的错误的 linter。Mu 帮助我提高了我的编码技能,我也能够与学生分享这些技能,他们也从中受益。
我的自信和经验增长后,我希望与更多的学生分享 Python 之旅。我与其他人合作撰写了一个申请书,以教授一个使用树莓派 4 和 Python 的课程。疫情打断了这个计划。在此期间,树莓派基金会发布了 Pi 400。2021 年春天,我使用了前一年开发的材料和一个来自当地图书馆的慷慨的资助,来 [教授两组][6] 学生如何编程。这个活动非常成功并在今年再次举办。
### 4. Codium
几年前,我了解到微软的 Visual Studio Code 是一个可以在 Linux 上使用的开源代码编辑器。我最近才了解到,如何在 VS Code 中配置和使用 Python 虚拟环境。我的问题在 Opensource.com 上一篇 [关于虚拟环境的文章][7] 中得到了解答,这让我可以知道如何在 Linux 计算机上设置和配置 Python 虚拟环境。大约在同一时间,我发现了 [Codium][8],一个围绕 VS Code 构建的社区项目。
现在我希望与我的学生分享 VS Codium 的体验,并让他们对 Python 的理解不再局限于 Turtle 模块。这种学习的热情让我寻找开源且可以在互联网上随意获得的教学资源。
### 5. 简单解释 Python
[使用 Python 自动化繁琐的事情][9] 这本书是我最喜欢的一本书。现在,作者已经发布了 [Python 编程练习,简单解释][10]。这两本书都可以免费在线阅读,并且都采用了知识共享许可证。
### 6. Python for Everyone
Dr. Charles Severance 在 2017 年发布了 [Python for Everyone][11],我非常推荐这本书。他为像我这样的有抱负的程序员提供了简短的课程。课程的代码可以在 [GitHub][12] 上找到,所以你可以下载它并在自己的计算机或学校网络上安装它。
### 7. Python 视频
最近,我了解到 Opensource.com 的成员 [Jay LaCroix][13] 在 YouTube 上有一系列精彩的视频,其中包括 28 个免费视频,从 Python 基础开始,涵盖了 [Python 编程][14] 的全面介绍。最重要的是,他使用的是 Linux 计算机,因此他的课程特别适合 Linux 编程环境。这些视频的其中一个收获是学习如何使用 [nano][15] 作为编程环境,它默认情况下包含在大多数 Linux 发行版中。
### 你的学习之路
此处提到的这七个资源帮助我成长为一名程序员,它们都是开源的并可以与其他人分享。你是如何提高编程技能的?你有什么要分享的吗?在评论中告诉我们。
--------------------------------------------------------------------------------
via: https://opensource.com/article/22/11/learn-python
作者:[Don Watkins][a]
选题:[lkxed][b]
译者:[Cubik65536](https://github.com/Cubik65536)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/don-watkins
[b]: https://github.com/lkxed
[1]: https://opensource.com/article/21/9/logo-python-turtle
[2]: https://opensource.com/education/15/9/review-bryson-payne-teach-your-kids-code
[3]: https://docs.python.org/3/library/idle.html
[4]: https://us.pycon.org/2018/speaker/profile/194/
[5]: https://opensource.com/article/20/9/teach-python-mu
[6]: https://opensource.com/article/21/6/teach-python-raspberry-pi
[7]: https://opensource.com/article/20/10/venv-python
[8]: https://opensource.com/article/22/11/python-vs-code-codium
[9]: https://automatetheboringstuff.com/#toc
[10]: https://inventwithpython.com/pythongently/
[11]: https://www.py4e.com/lessons
[12]: https://github.com/csev/py4e
[13]: https://opensource.com/users/jlacroix
[14]: https://youtube.com/playlist?list=PLT98CRl2KxKGIazPd2nQEPbG7sQpT8LEj
[15]: https://opensource.com/article/20/12/gnu-nano

View File

@ -0,0 +1,460 @@
[#]: subject: (Identify security properties on Linux using checksec)
[#]: via: (https://opensource.com/article/21/6/linux-checksec)
[#]: author: (Gaurav Kamathe https://opensource.com/users/gkamathe)
[#]: collector: (lujun9972)
[#]: translator: (chai001125)
[#]: reviewer: ( )
[#]: publisher: ( )
[#]: url: ( )
在 Linux 上使用 Checksec 识别二进制文件的安全属性
======
>这篇文章能让你了解如何使用 Checksec ,来识别一个可执行文件的安全属性,了解安全属性的含义,并知道如何使用它们。
![Target practice][1]
编译源代码会生成一个二进制文件(即 .o 文件)。在编译期间,你可以向 `gcc` 编译器提供 <ruby>标志<rt> flags </rt></ruby>,以启用或禁用二进制文件的某些属性,这些属性与安全性相关。
Checksec 是一个漂亮的小工具,同时它也是一个 shell 脚本。Checksec 可以识别编译时构建到二进制文件中的安全属性。编译器可能会默认启用一些安全属性,你也可以提供特定的标志,来启用其他的安全属性。
本文将介绍如何使用 Checksec ,来识别二进制文件的安全属性,包括:
1. Checksec 在查找有关安全属性的信息时,使用了什么**底层的命令**
2. 在将源代码编译成二进制文件时,如何使用<ruby> GNU 编译器套件<rt> GNU Compiler Collection </rt></ruby>(即 GCC) ,来**启用安全属性**。
## 安装 checksec
要在 Fedora 和其他基于 RPM 的 Linux 系统上,安装 Checksec请使用以下命令
```
$ sudo dnf install checksec
```
对于基于 Debian 的 Linux 发行版,使用对应的 `apt` 命令,来安装 Checksec。
```
$ sudo apt install checksec
```
## shell 脚本
在安装完 Checksec 后,能够发现 Checksec 是一个**单文件**的 shell 脚本,它位于 `/usr/bin/checksec`并且这个文件挺大的。Checksec 的一个优点是你可以通过快速通读这个 shell 脚本,从而了解 Checksec 的执行原理、明白所有能查找有关二进制文件或可执行文件的安全属性的**系统命令**
```
$ file /usr/bin/checksec
/usr/bin/checksec: Bourne-Again shell script, ASCII text executable, with very long lines
$ wc -l /usr/bin/checksec
2111 /usr/bin/checksec
```
以下的命令展示了如何对你每天都会使用的:`ls` 命令的二进制文件,进行 Checksec。Checksec 命令的格式是:`checksec --file=`,后面再跟上二进制文件的绝对路径:
```
$ checksec --file=/usr/bin/ls
RELRO           STACK CANARY      NX            PIE             RPATH      RUNPATH      Symbols         FORTIFY Fortified       Fortifiable     FILE
Full RELRO      Canary found      NX enabled    PIE enabled     No RPATH   No RUNPATH   No Symbols        Yes   5       17              /usr/bin/ls
```
当你在终端中对某个二进制文件运行 Checksec 时,你会看到安全属性有颜色上的区分,显示什么是好的安全属性(绿色),什么可能不是好的安全属性(红色)。我在这里说 **“可能”** 是因为即使有些安全属性是红色的,也不一定意味着这个二进制文件很糟糕,它可能只是表明发行版供应商在编译二进制文件时做了一些权衡,从而舍弃了部分安全属性。
Checksec 输出的第一行提供了二进制文件的各种安全属性,例如 `RELRO`、`STACK CANARY`、`NX` 等(我将在后文进行详细解释)。第二行打印出给定二进制文件(本例中为 `ls`)在这些安全属性的状态(例如,`NX enabled` 表示为堆栈中的数据没有执行权限)。
## 示例二进制文件
在本文中我将使用以下的“hello world”程序作为示例二进制文件。
```
#include <stdio.h>
int main()
{
printf("Hello World\n");
return 0;
}
 
```
请注意,在编译源文件 `hello.c` 的时候,我没有给 `gcc` 提供任何额外的标志:
```
$ gcc hello.c -o hello
 
$ file hello
hello: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=014b8966ba43e3ae47fab5acae051e208ec9074c, for GNU/Linux 3.2.0, not stripped
$ ./hello
Hello World
```
使用 Checksec 运行二进制文件 `hello`,打印的某些安全属性的状态,与上面的 `ls` 二进制文件的结果不同(在你的屏幕上,某些属性可能显示为红色):
```
$ checksec --file=./hello
RELRO           STACK CANARY      NX            PIE             RPATH      RUNPATH      Symbols         FORTIFY Fortified       Fortifiable     FILE
Partial RELRO   No canary found   NX enabled    No PIE          No RPATH   No RUNPATH   85) Symbols       No    0       0./hello
$
```
LCTT 译注:在我的 Ubuntu 22.04 虚拟机,使用 11.3.0 版本的 gcc结果与上述不太相同利用默认参数进行编译会得到 RELRO、PIE、NX 保护是全开的情况。
## 更改 Checksec 的输出格式
Checksec 允许自定义各种输出格式,你可以使用 `--output` 来自定义输出格式。我将选择的输出格式是 JSON 格式,并将输出结果通过管道传输到 `jq` 实用程序,来得到漂亮的打印。
接下来,确保你已安装好了 [`jq`][3],因为本教程会使用 `jq`,从 Checksec 的输出结果中,用 `grep` 来快速得到某一特定的安全属性状态,并报告该安全属性是否启动(启动为 `yes`,未启动为 `no`
```
$ checksec --file=./hello --output=json | jq
{
  "hello": {
    "relro": "partial",
    "canary": "no",
    "nx": "yes",
    "pie": "no",
    "rpath": "no",
    "runpath": "no",
    "symbols": "yes",
    "fortify_source": "no",
    "fortified": "0",
    "fortify-able": "0"
  }
}
```
## 看一看所有的安全属性
上面的二进制文件 `hello` 包括几个安全属性。我将该二进制文件与 `ls` 的二进制文件进行比较,以检查启用的安全属性有何不同,并解释 Checksec 是如何找到此信息。
### 1\. 符号Symbol
我先从简单的讲起。在编译期间,某些 <ruby>符号<rt> symbols </rt></ruby>包含在二进制文件中,这些符号主要用作于调试。开发软件时,需要用到这些符号,来调试和修复 bug。
这些符号通常会从供用户普遍使用的最终二进制文件中删除。删除这些符号不会影响到二进制文件的执行。删除符号通常是为了节省空间,因为一旦符号被删除了,二进制文件就会稍微小一些。在闭源或专有软件中,符号通常都会被删除,因为把这些符号放在二进制文件中,可以很容易地推断出软件的内部工作原理。
根据 Checksec 的结果,在二进制文件 `hello` 中有符号,但在 `ls` 的二进制文件中不会有符号。同样地,你还可以用 `file` 命令,来找到符号的信息,在二进制文件 `hello` 的输出结果的最后,看到 `not stripped`,表明二进制文件 `hello` 有符号:
```
$ checksec --file=/bin/ls --output=json | jq | grep symbols
    "symbols": "no",
$ checksec --file=./hello --output=json | jq | grep symbols
    "symbols": "yes",
$ file hello
hello: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=014b8966ba43e3ae47fab5acae051e208ec9074c, for GNU/Linux 3.2.0, not stripped
```
Checksec 是如何找到符号的信息呢Checksec 提供了一个方便的 `--debug` 选项,来显示运行了哪些函数。因此,运行以下的命令,会显示在 shell 脚本中运行了哪些函数:
```
$ checksec --debug --file=./hello
```
在本教程中,我试图寻找 Checksec 查找安全属性信息时,使用了什么**底层命令**。由于 Checksec 是一个 shell 脚本,因此你始终可以使用 Bash 功能。以下的命令将输出从 shell 脚本中运行的每个命令:
```
$ bash -x /usr/bin/checksec --file=./hello
```
如果你滚动浏览上述的输出结果的话,你会看到 `echo_message` 后面有各个安全属性的类别。以下显示了 Checksec 检测二进制文件是否包含符号时,运行的底层命令:
```
\+ readelf -W --symbols ./hello
\+ grep -q '\\.symtab'
\+ echo_message '\033[31m96) Symbols\t\033[m  ' Symbols, ' symbols="yes"' '"symbols":"yes",'
```
上面的输出显示Checksec 利用 `readelf`,来读取二进制文件,并提供一个特殊 `--symbols` 标志,来列出二进制文件中的所有符号。然后它会查找一个特殊值:`.symtab`,它提供了所能找到的条目的计数(即符号的个数)。你可以在上面编译的测试二进制文件 `hello` 上,尝试以下命令,得到与 Checksec 查看二进制文件类似的符号信息:
```
$ readelf -W --symbols ./hello
$ readelf -W --symbols ./hello | grep -i symtab
```
LCTT 译注:也可以通过直接查看 `/usr/bin/checksec` 下的 Checksec 源文件。
## 如何删除符号
你可以在编译后或编译时删除符号。
* **编译后:** 在编译后,你可以使用 `strip`,手动地来删除二进制文件的符号。删除后,使用 `file` 命令,来检验是否还有符号,现在显示 `stripped`,表明二进制文件 `hello` 无符号了:
```
$ gcc hello.c -o hello
$
$ file hello
hello: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=322037496cf6a2029dcdcf68649a4ebc63780138, for GNU/Linux 3.2.0, not stripped
$
$ strip hello
$
$ file hello
hello: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=322037496cf6a2029dcdcf68649a4ebc63780138, for GNU/Linux 3.2.0, stripped
$
```
## 如何在编译时删除符号
你也可以在编译时,用 `-s` 参数让 gcc 编译器帮你自动地删除符号:
```
$ gcc -s hello.c -o hello
$
$ file hello
hello: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=247de82a8ad84e7d8f20751ce79ea9e0cf4bd263, for GNU/Linux 3.2.0, stripped
$
```
重新运行 Checksec你可以看到现在二进制文件 `hello``symbols` 这一属性的值是`no`
```
$ checksec --file=./hello --output=json | jq | grep symbols
    "symbols": "no",
$
```
### 2\. Canary堆栈溢出哨兵
Canary 是放置在缓冲区和<ruby>_栈_<rt> stack </rt></ruby> 上的控制数据之间的已知值,它用于监视缓冲区是否溢出。当应用程序执行时,会为其分配两种内存,其中之一就是 _栈_。栈是一个具有两个操作的数据结构:第一个操作 `push`,将数据压入堆栈;第二个操作 `pop`,以后进先出的顺序从栈中弹出数据。恶意的输入可能会导致栈溢出,或使用特制的输入破坏栈,并导致程序崩溃:
```
$ checksec --file=/bin/ls --output=json | jq | grep canary
    "canary": "yes",
$
$ checksec --file=./hello --output=json | jq | grep canary
    "canary": "no",
$
```
Checksec 是如何确定二进制文件是否启用了 Canary 的呢?使用上述同样的方法,得到 Checksec 在检测二进制文件是否启用 Canary 时,运行的底层命令:
```
$ readelf -W -s ./hello | grep -E '__stack_chk_fail|__intel_security_cookie'
```
#### 启用 Canary
为了防止栈溢出等情况,编译器提供了 `-stack-protector-all` 标志,它向二进制文件添加了额外的代码,来检查缓冲区是否溢出:
```
$ gcc -fstack-protector-all hello.c -o hello
$ checksec --file=./hello --output=json | jq | grep canary
    "canary": "yes",
```
Checksec 显示 Canary 属性现已启用。你还可以通过以下方式,来验证这一点:
```
$ readelf -W -s ./hello | grep -E '__stack_chk_fail|__intel_security_cookie'
     2: 0000000000000000     0 FUNC    GLOBAL DEFAULT  UND __stack_chk_fail@GLIBC_2.4 (3)
    83: 0000000000000000     0 FUNC    GLOBAL DEFAULT  UND __stack_chk_fail@@GLIBC_2.4
$
```
### 3\. 位置无关可执行文件PIE
PIE(Position-Independent Executable的意思是与位置无关的可执行文件。顾名思义它指的是放置在内存中某处执行的代码不管其绝对地址的位置即代码段、数据段地址随机化ASLR
```
$ checksec --file=/bin/ls --output=json | jq | grep pie
    "pie": "yes",
$ checksec --file=./hello --output=json | jq | grep pie
    "pie": "no",
```
通常PIE 仅对 <ruby><rt> libraries </rt></ruby>启用,并不对独立命令行程序启用 PIE。在下面的输出中`hello` 显示为 `LSB executable`,而 `libc` 标准库 (`.so`) 文件被标记为 `LSB shared object`
```
$ file hello
hello: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=014b8966ba43e3ae47fab5acae051e208ec9074c, for GNU/Linux 3.2.0, not stripped
$ file /lib64/libc-2.32.so
/lib64/libc-2.32.so: ELF 64-bit LSB shared object, x86-64, version 1 (GNU/Linux), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=4a7fb374097fb927fb93d35ef98ba89262d0c4a4, for GNU/Linux 3.2.0, not stripped
```
Checksec 查找是否启用 PIE 的底层命令如下:
```
$ readelf -W -h ./hello | grep EXEC
  Type:                              EXEC (Executable file)
```
如果你在共享库上尝试相同的命令,你将看到 `DYN`,而不是`EXEC`
```
$ readelf -W -h /lib64/libc-2.32.so | grep DYN
  Type:                              DYN (Shared object file)
```
#### 启用 PIE
要在测试程序 `hello.c` 上启用 PIE请在编译时使用以下命令
```
$ gcc -pie -fpie hello.c -o hello`
```
你可以使用 Checksec来验证 PIE 是否已启用:
```
$ checksec --file=./hello --output=json | jq | grep pie
    "pie": "yes",
$
```
现在,应该会显示为<ruby> PIE 可执行<rt> pie executable </rt></ruby>,其类型从 `EXEC` 更改为 `DYN`
```
$ file hello
hello: ELF 64-bit LSB pie executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=bb039adf2530d97e02f534a94f0f668cd540f940, for GNU/Linux 3.2.0, not stripped
$ readelf -W -h ./hello | grep DYN
  Type:                              DYN (Shared object file)
```
### 4\. NX堆栈禁止执行
NX 代表 <ruby>不可执行<rt> non-executable </rt></ruby>。它通常在 CPU 层面上启用,因此启用 NX 的操作系统可以将某些内存区域标记为不可执行。通常,缓冲区溢出漏洞将恶意代码放在堆栈上,然后尝试执行它。但是,让堆栈这些可写区域变得不可执行,可以防止这种攻击。在使用 `gcc` 对源程序进行编译时,默认启用此安全属性:
```
$ checksec --file=/bin/ls --output=json | jq | grep nx
    "nx": "yes",
$ checksec --file=./hello --output=json | jq | grep nx
    "nx": "yes",
```
Checksec 使用以下底层命令,来确定是否启用了 NX。在尾部的 `RW` 表示堆栈是可读可写的;因为没有 `E`,所以堆栈是不可执行的:
```
$ readelf -W -l ./hello | grep GNU_STACK
  GNU_STACK      0x000000 0x0000000000000000 0x0000000000000000 0x000000 0x000000 RW  0x10
```
#### 演示如何禁用 NX
我们不建议禁用 NX但你可以在编译程序时使用 `-z execstack` 参数,来禁用 NX
```
$ gcc -z execstack hello.c -o hello
$ checksec --file=./hello --output=json | jq | grep nx
    "nx": "no",
```
编译后,堆栈会变为可读可写可执行(`RWE`),允许在堆栈上的恶意代码执行:
```
$ readelf -W -l ./hello | grep GNU_STACK
  GNU_STACK      0x000000 0x0000000000000000 0x0000000000000000 0x000000 0x000000 RWE 0x10
```
### 5\. RELROGOT写保护
RELRO 代表 <ruby>重定位只读<rt> Relocation Read-Only </rt></ruby>。可执行链接格式 (ELF) 二进制文件使用全局偏移表(GOT),来动态地解析函数。启用 RELRO 后,会设置二进制文件中的 GOT 表为只读,从而防止重定位攻击:
```
$ checksec --file=/bin/ls --output=json | jq | grep relro
    "relro": "full",
$ checksec --file=./hello --output=json | jq | grep relro
    "relro": "partial",
```
Checksec 使用以下底层命令,来查找是否启用 RELRO。在二进制文件 `hello` 仅启用了 RELRO 属性中的一个属性,因此,在 Checksec 验证时显示“partial”
```
$ readelf -W -l ./hello | grep GNU_RELRO
  GNU_RELRO      0x002e10 0x0000000000403e10 0x0000000000403e10 0x0001f0 0x0001f0 R   0x1
$ readelf -W -d ./hello | grep BIND_NOW
```
#### 启用 full RELRO
要启用 full RELRO请在 `gcc` 编译时,使用以下命令行参数:
```
$ gcc -Wl,-z,relro,-z,now hello.c -o hello
$ checksec --file=./hello --output=json | jq | grep relro
    "relro": "full",
```
现在, RELRO 中的第二个属性也被启用,使程序变成 full RELRO
```
$ readelf -W -l ./hello | grep GNU_RELRO
  GNU_RELRO      0x002dd0 0x0000000000403dd0 0x0000000000403dd0 0x000230 0x000230 R   0x1
$ readelf -W -d ./hello | grep BIND_NOW
 0x0000000000000018 (BIND_NOW)      
```
### 6\. Fortify
Fortify 是另一个安全属性但它超出了本文的范围。Checksec 是如何在二进制文件中验证 Fortify以及如何在 `gcc` 编译时启用 Fortify作为你需要解决的课后练习。
```
$ checksec --file=/bin/ls --output=json | jq  | grep -i forti
    "fortify_source": "yes",
    "fortified": "5",
    "fortify-able": "17"
$ checksec --file=./hello --output=json | jq  | grep -i forti
    "fortify_source": "no",
    "fortified": "0",
    "fortify-able": "0"
```
## 其他的 Checksec 功能
关于安全性的话题是永无止境的,不可能在本文涵盖所有关于安全性的内容,但我还想提一下 Checksec 命令的一些其他功能,这些功能也很好用。
### 对多个二进制文件运行 Checksec
你不必对每个二进制文件都进行一次 Checksec。相反你可以提供多个二进制文件所在的目录路径Checksec 将一次性为你验证所有文件:
```
$ checksec --dir=/usr
```
### 对进程运行 Checksec
Checksec 除了能检查二进制文件的安全属性Checksec 还能对程序起作用。以下的命令用于查找你系统上所有正在运行的程序的安全属性。如果你希望 Checksec 检查所有正在运行的进程,可以使用 `--proc-all`,或者你也可以使用进程名称,选择特定的进程进行检查:
```
$ checksec --proc-all
$ checksec --proc=bash
```
### 对内核运行 Checksec
除了本文介绍的用 Checksec 检查用户态应用程序的安全属性之外,你还可以使用它来检查系统内置的 <ruby>内核属性<rt> kernel properties </rt></ruby>
```
$ checksec --kernel
```
## 快来试一试 Checksec 吧
Checksec 是一个能了解哪些用户空间和内核的安全属性被启用的好方法。现在,你就可以开始使用 Checksec来了解每个安全属性是什么并明白启用每个安全属性的原因以及它能阻止的攻击类型。
--------------------------------------------------------------------------------
via: https://opensource.com/article/21/6/linux-checksec
作者:[Gaurav Kamathe][a]
选题:[lujun9972][b]
译者:[chai001125](https://github.com/chai001125)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/gkamathe
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/lead-images/target-security.png
[2]: http://www.opengroup.org/onlinepubs/009695399/functions/printf.html
[3]: https://stedolan.github.io/jq/download/

View File

@ -0,0 +1,152 @@
[#]: subject: "Diagnose connectivity issues with the Linux ping command"
[#]: via: "https://opensource.com/article/21/10/linux-ping-command"
[#]: author: "Seth Kenlon https://opensource.com/users/seth"
[#]: collector: "lujun9972"
[#]: translator: "chai001125"
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
使用 Linux ping 命令诊断网络连接问题
======
>在本文中我们将讨论网络连接最基本的诊断工具之一——ping 命令。
![World locations with red dots with a sun burst background][1]
如今,联网计算机变得十分普遍,以至于我们大多数人都理所当然地认为,房间一侧的计算机可以连接上房间另一侧的计算机,更不用说能连接上世界的另一端的计算机了。如此,网络使 Internet、云、文件共享、媒体流、远程管理、打印等服务成为可能。但是当网络出现问题时有时很难诊断到底是其中哪一环节出现了问题。下面我们就来介绍网络连接最基本的诊断工具之一——`ping` 命令。
### 基本的 ping 命令
当你无法访问本地网络上的计算机或 Internet 上的服务器时,你可以 `ping` 它的 IP 地址。`ping` 将 <ruby> Internet 控制报文协议<rt> Internet Control Message Protocol </rt></ruby>(ICMP) 数据包发送到目标 IP 地址。当我们要对网路连接状况进行判断时ICMP 是个非常有用的协议,本质上 ICMP 是一个响应和应答信号。
让我们由近及远地进行故障排除。请先 `ping` 你自己的计算机,以确保你的计算机正在运行 <ruby>网络栈<rt> networking stack </rt></ruby>。你正在操作的计算机称为 <ruby> _主机_<rt> localhost </rt></ruby>本地回环地址是127.0.0.1。
`ping` 命令能用主机的 <ruby>主机名<rt> hostname </rt></ruby>、IP 地址(即 127.0.0.1)或者仅仅用简写 `0`,来表示 _主机_
你可以使用 `-c`选项,来控制发送数据包的 <ruby>次数<rt> count </rt></ruby>
```
$ ping 0 -c 1
PING 0 (127.0.0.1) 56(84) bytes of data.
64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.069 ms
\--- 0 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.069/0.069/0.069/0.000 ms
```
在你确认本地网络栈已启动并运行后,接下来,你可以 `ping` 你的路由器的 IP 地址。路由器的 IP 地址通常以 192168 或 10 开头。实际的 IP 地址取决于路由器的配置。
当你没有指定要发送多少次请求时,你可以用 **Ctrl**+**C**,来终止 `ping` 的运行。
```
$ ping 192.168.0.1 
PING 192.168.0.1 (192.168.0.1) 56(84) bytes of data.
From 192.168.0.100: icmp_seq=2 Redirect Host(New nexthop: 192.168.0.1)
From 192.168.0.100: icmp_seq=3 Redirect Host(New nexthop: 192.168.0.1)
From 192.168.0.100: icmp_seq=4 Redirect Host(New nexthop: 192.168.0.1)
From 192.168.0.100: icmp_seq=5 Redirect Host(New nexthop: 192.168.0.1)
^C
```
如果你能 `ping` 通路由器,则表示你的有线或无线连接能正常工作。
对于你的局域网上的其他主机呢?你可以 `ping` 各种设备,但是并非所有设备都能保证响应,因为一些设备会丢弃 ICMP 数据包,但许多设备会做出响应。例如,我可以 `ping` 我的打印机:
```
`$ ping 192.168.0.4 `
```
### Ping 路由器以外的其他服务器
在确定你自己的网络内部都能连通以后,你还可以 `ping` 通到路由器以外的其他服务器。同样地,并非所有服务器都能接收 ICMP 数据包,更不用说响应 ICMP 数据包了。然而,也有一些服务器可以接收并响应 ICMP 数据包,而在互联网中的一个重要服务器是 <ruby>**域名服务器**<rt> nameserver </rt></ruby>
Google 的 <ruby>域名解析服务器<rt> DNS server </rt></ruby>的 IP 地址很容易记住,而且它会响应 `ping` 请求:
```
$ ping -c 2 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=116 time=53.3 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=116 time=53.5 ms
\--- 8.8.8.8 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1000ms
rtt min/avg/max/mdev = 53.304/53.424/53.544/0.120 ms
```
当你连不上一个网站时,你可以查询全球 DNS 网络,以找出其主机服务器的地址,然后 `ping` 该服务器。这至少可以告诉你,网站不通的原因是主机已关闭,或者只是 Web 服务器问题。
例如,假设你尝试访问 example.com但是发现失败了。首先使用 `host` 命令找到 example.com 的 IP 地址:
```
$ host example.com
example.com has address 93.184.216.34
example.com has IPv6 address 2606:2800:220:1:248:1893:25c8:1946
example.com mail is handled by 0
```
然后,`ping` 该网站的的 IP 地址:
```
`$ ping 93.184.216.34 -c 1`
```
### Ping 使用 IPv6
`ping` 不仅可以使用 IPv4还能使用 IPv6。可以通过指定 `-4``-6` 选项,来只使用 IPv4 或 IPv6。
### Ping 设置数据包大小
你可以使用 `-s` 选项,来更改要发送的 ICMP 数据包的 <ruby>大小<rt> size </rt></ruby>。默认的数据大小为 56 字节,加上 8 字节包头,总共得到 64 字节的 ICMP 数据包。以下的示例将发送的 ICMP 数据包大小修改为 35+8=43 个字节:
```
`$ ping -s 35 -c 5 8.8.8.8`
```
你可以使用 `-D` 选项,使得在终端中的每个 ping 回复之前,先打印出当前的时间戳。该时间戳为 UNIX 时间戳,加上微秒:
```
$ ping -D 8.8.8.8 
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
[1634013430.297468] 64 bytes from 8.8.8.8: icmp_seq=1 ttl=116 time=53.3 ms
[1634013431.298738] 64 bytes from 8.8.8.8: icmp_seq=2 ttl=116 time=53.1 ms
```
### Ping 设置时间间隔/长短
你可以使用 `-i` 选项,来更改两次 `ping` 请求之间的 <ruby>时间间隔<rt> interval </rt></ruby>。以下的示例将 `ping` 间隔更改为 2 秒:
```
`$ ping -i 2 `
```
你也可以使用 `-w` 选项,来在一段时间后终止 `ping`
```
`$ ping -w 6`
```
### 使用 ping 的工具
使用 `ping` 的工具有很多。例如,`iputils` 包提供了 `ping` 命令;[Busybox][2] 也有`ping` 命令BSD 也有;甚至还有一个用于 `ping` 的 GUIGping它可用于 Linux、macOS 和 Windows。你可以在 [Github][3] 上找到更多有关 `gping` 的信息。
### 一起来学习吧
`ping` 命令很简单,但它可以帮你诊断网络连接问题。下次再遇到网络连接问题时,让 `ping` 命令成为你解决问题的第一个工具吧。
--------------------------------------------------------------------------------
via: https://opensource.com/article/21/10/linux-ping-command
作者:[Seth Kenlon][a]
选题:[lujun9972][b]
译者:[chai001125](https://github.com/chai001125)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/seth
[b]: https://github.com/lujun9972
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/world_remote_teams.png?itok=Wk1yBFv6 (World locations with red dots with a sun burst background)
[2]: https://opensource.com/article/21/8/what-busybox
[3]: https://github.com/orf/gping

View File

@ -0,0 +1,350 @@
[#]: subject: "Execute Commands On Remote Linux Systems Via SSH"
[#]: via: "https://ostechnix.com/execute-commands-on-remote-linux-systems-via-ssh/"
[#]: author: "sk https://ostechnix.com/author/sk/"
[#]: collector: "lkxed"
[#]: translator: "MjSeven"
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
通过 SSH 在远程 Linux 系统上执行命令
======
通过安全的网络连接在远程计算机上调用命令或程序
有一天,我正在测试如何在[将文件或目录复制到多个位置和系统时保持完整的文件权限][1]。当我想检查远程系统上的文件权限时,我必须通过 SSH 登录它并检查属性。从远程系统多次登录和注销的过程让我有点烦,我想,如果我可以**在远程 Linux 系统上通过 SSH 执行命令**就好了。
幸运的是,在浏览了 `ssh` 命令的手册页后,我找到了一个解决办法。
如果你想知道如何本地运行远程系统上运行命令或脚本,而不登录到远程系统,下面的内容会告诉你如何做。
### 1. 通过 SSH 在远程 Linux 系统上执行命令
从本地系统通过 SSH 在远程系统上运行命令或脚本的典型方法是:
```bash
$ ssh <username@IP_Address-or-Doman_name> <Command-or-Script>
```
允许我给你们举几个例子。
#### 1.1. 通过 SSH 在远程系统上运行单个命令
假设你想要[查找远程 Linux 系统的内核详细信息][2]。为此,只需运行:
```bash
$ ssh sk@192.168.225.22 uname -a
```
这里,
* sk 是远程系统的用户名,
* 192.168.225.22 是远程系统的 IP 地址,
* `"uname -a"` 是我想在远程系统上运行的命令。
**示例输出:**
![通过 SSH 在远程 Linux 系统上执行命令][3]
看到没?我并没有实际登录到远程系统,但通过 SSH 在远程系统上执行了 `uname` 命令,并在本地系统的终端上显示了输出。
你还可以像下面这样用引号指定命令。
```
$ ssh sk@192.168.225.22 "uname -a"
```
或者,
```
$ ssh sk@192.168.225.22 'uname -a'
```
如果你已经[更改了 SSH 协议的默认端口][4],只需使用 **-p** 参数指定它。
```bash
$ ssh -p 2200 sk@192.168.225.22 uname -a
```
#### 1.2. 通过 SSH 在远程主机上执行多个命令
你还可以在远程主机上运行多个命令,方法是将它们放在引号中。
```bash
$ ssh sk@192.168.225.22 "uname -r && lsb_release -a"
```
或者:
```
$ ssh sk@192.168.225.22 "uname -r ; lsb_release -a"
```
上面的命令将显示我的 Ubuntu 服务器的内核版本和发行版详细信息。
**示例输出:**
![在 Linux 上通过 SSH 在远程主机上运行多个命令][5]
正如一位读者在下面的评论部分提到的那样,你应该用引号指定多个命令。如果不使用引号,第一个命令将在远程系统上执行,第二个命令将仅在本地计算机上执行。整个带引号的命令将按预期在远程计算机上运行。
**提示:**了解 `"&&"``";"` 在命令中的区别:
`"&&"` 操作符只有在第一个命令成功时才执行第二个命令。
示例:
```
sudo apt-get update && sudo apt-get upgrade
```
在上述示例中,如果第一个命令成功,才会执行 `sudo apt-get upgrade`。否则,它将不会运行。
`";"` 操作符会执行第二个命令,无论第一个命令是成功还是失败。
示例:
```
sudo apt-get update ; sudo apt-get upgrade
```
在上述示例中,即使第一个命令失败,`sudo apt-get upgrade` 也会执行。
#### 1.3. 通过 SSH 在远程机器上调用有 Sudo 权限的命令
有些命令需要 `"sudo"` 权限才能运行。例如,以下命令将在我的远程系统上安装 **apache2**
```bash
$ ssh -t sk@192.168.225.22 sudo apt install apache2
```
**示例输出:**
![通过 SSH 在远程机器上运行有 Sudo 权限的命令][6]
注意到了吗?我在上面的命令中使用了 **-t** 标志,我们需要使用它来强制进行伪终端分配。它用于在远程机器上执行任意基于屏幕的程序,这非常有用。例如,在实现菜单服务时。
另外,我输入了**两次**密码。第一次是远程用户的密码,以便从本地系统通过 SSH 访问远程系统,第二次是为了向远程用户赋予 sudo 权限,以便安装应用程序(在本例中为 apache2
让我们用以下命令检查 Apache 服务是否正在运行:
```bash
$ ssh -t sk@192.168.225.22 sudo systemctl status apache2
sk@192.168.225.22's password:
[sudo] password for sk:
● apache2.service - The Apache HTTP Server
Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
Drop-In: /lib/systemd/system/apache2.service.d
└─apache2-systemd.conf
Active: active (running) since Thu 2019-12-19 11:08:03 UTC; 52s ago
Main PID: 5251 (apache2)
Tasks: 55 (limit: 2318)
CGroup: /system.slice/apache2.service
├─5251 /usr/sbin/apache2 -k start
├─5253 /usr/sbin/apache2 -k start
└─5254 /usr/sbin/apache2 -k start
Dec 19 11:08:03 ubuntuserver systemd[1]: Starting The Apache HTTP Server...
Dec 19 11:08:03 ubuntuserver apachectl[5227]: AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 2409:4072:51f:a1b6:a00:27ff:f
Dec 19 11:08:03 ubuntuserver systemd[1]: Started The Apache HTTP Server.
```
同样的,我们可以通过 SSH 在本地系统上运行远程系统上的任何命令或脚本。
#### 1.4. 通过 SSH 在远程系统上运行本地脚本
让我们在本地系统上创建一个简单的脚本来显示关于远程系统的发行版名称、包管理和基本细节等。
```bash
$ vi system_information.sh
```
添加以下行:
```bash
#!/bin/bash
#Name: Display System Details
#Owner: OSTechNIx
#----------------------------
echo /etc/*_ver* /etc/*-rel*; cat /etc/*_ver* /etc/*-rel*
```
按下 **ESC** 键,输入 **:wq** 保存退出。
现在,通过 SSH 命令在远程系统上运行这个脚本:
```bash
$ ssh sk@192.168.225.22 'bash -s' < system_information.sh
```
**示例输出:**
```bash
sk@192.168.225.22's password:
/etc/debian_version /etc/lsb-release /etc/os-release
buster/sid
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=18.04
DISTRIB_CODENAME=bionic
DISTRIB_DESCRIPTION="Ubuntu 18.04.2 LTS"
NAME="Ubuntu"
VERSION="18.04.2 LTS (Bionic Beaver)"
ID=ubuntu
ID_LIKE=debian
PRETTY_NAME="Ubuntu 18.04.2 LTS"
VERSION_ID="18.04"
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
VERSION_CODENAME=bionic
UBUNTU_CODENAME=bionic
```
如果你没有在上面的命令中指定 `bash -s`,你将获得远程系统的详细信息,但伪终端不会被分配。
#### 1.5. 将远程主机的命令输出保存到本地主机
如果你希望与支持团队或同事共享远程系统上运行的命令输出,那么这非常有用。
以下命令将通过 SSH 在远程系统运行 **"du -ah"**,并将输出保存在本地系统的 **diskusage** 文件中。
```bash
$ ssh sk@192.168.225.22 du -ah > diskusage.txt
```
然后,你可以通过使用 **cat** 命令或文本编辑器查看 `diskusage.txt` 文件来分析磁盘使用细节。
```bash
$ cat diskusage.txt
4.0K ./.profile
4.0K ./.gnupg/private-keys-v1.d
8.0K ./.gnupg
76K ./data/image.jpg
128K ./data/file.pdf
20K ./data/text.docx
5.9M ./data/audio.mp3
6.1M ./data
0 ./.sudo_as_admin_successful
4.0K ./pacman?inline=false
4.0K ./.bash_logout
4.0K ./.wget-hsts
4.0K ./.bash_history
0 ./.cache/motd.legal-displayed
4.0K ./.cache
4.0K ./deb-pacman_1.0-0.deb
4.0K ./.bashrc
6.2M .
```
#### 1.6. 配置 SSH 密钥认证,避免输入密码
如果你经常在远程系统上运行命令,你可能需要配置基于 SSH 密钥的身份验证,以便每次跳过密码输入。更多细节可以在以下链接中找到。
* [Linux 系统下如何配置 SSH 密钥认证][7]
配置了基于 SSH 密钥的认证后,我们可以通过 SSH 在远程机器上执行命令,从而不需要输入密码:
```bash
$ ssh sk@192.168.225.22 sudo apt update
```
### 2. 通过 sshpass 在远程机器上运行命令
如果你不想配置基于 SSH 密钥的身份验证,你可以使用 **sshpass** 实用程序。
#### 2.1. 什么是 sshpass?
sshpass 是为使用键盘交互密码身份验证模式运行 ssh 而设计的但它以非交互的方式。简单来说sshpass 提供了非交互式的方式来验证 SSH 会话。
SSH 使用直接 TTY 访问来确保密码确实是由交互式键盘用户发出的。Sshpass 在一个专用 tty 中运行 ssh让它误以为从交互用户那里获得了密码。
#### 2.2. 在 Linux 中安装 sshpass
在许多 Linux 发行版的默认仓库中都有 sshpass 实用程序。例如,在 Debian、Ubuntu 及其衍生版本中,你可以使用下面的命令来安装 sshpass
```bash
$ sudo apt install sshpass
```
#### 2.3. 通过 SSH 和 sshpass 在远程机器上执行命令
Sshpass 可以接受 password 作为参数,或者通过环境变量读取密码,也可以从文本文件中读取密码。
**警告:**所有这些方法都是**高度不安全的**。所有系统用户都可以通过 **ps** 命令看到命令中的密码。**不建议**在生产中使用这些方法。最好使用基于密钥的身份验证。
让我们看看每种方法的示例。
**将密码作为参数提供:**
将密码作为参数提供,使用 `-p` 选项,如下所示:
```bash
$ sshpass -p <remote-password> ssh remoteuser@ip-address <command-to-execute>
```
**示例:**
```bash
$ sshpass -p ubuntu ssh ostechnix@192.168.1.30 uname -a
```
其中,
* -p ubuntu - 提供远程系统的密码。
* ostechnix@192.168.1.30 - 远程系统用户名和地址。
* 'uname -a' - 要在远程计算机上执行的命令。
**示例输出:**
```bash
Linux Ubuntu22CT 5.15.60-1-pve #1 SMP PVE 5.15.60-1 (Mon, 19 Sep 2022 17:53:17 +0200) x86_64 x86_64 x86_64 GNU/Linux
```
**密码作为环境变量提供:**
在这个方法中,我们声明一个名为 **SSHPASS** 的环境变量,用远程环境的密码作为其值。然后我们使用 **-e** 标志,如下所示:
```bash
$ SSHPASS=ubuntu sshpass -e ssh ostechnix@192.168.1.30 uname -a
```
**从文本文件中读取密码:**
使用 echo 命令在文本文件中追加密码:
```bash
$ echo "ubuntu" > mypassword.txt
```
现在,将密码文件传递给带有 **-f** 标志的 sshpass如下所示
```bash
$ sshpass -f mypassword.txt ssh ostechnix@192.168.1.30 uname -a
```
![通过 SSH 和 sshpass 在远程机器上执行命令][8]
### 总结
在本教程中我们学习了一些通过安全的网络连接在远程计算机上调用命令或程序的方法。在所有的方法中sshpass 方法是最不安全的,建议用户避免在生产系统中使用它。
--------------------------------------------------------------------------------
via: https://ostechnix.com/execute-commands-on-remote-linux-systems-via-ssh/
作者:[sk][a]
选题:[lkxed][b]
译者:[MjSeven](https://github.com/MjSeven)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://ostechnix.com/author/sk/
[b]: https://github.com/lkxed
[1]: https://ostechnix.com/how-to-keep-ownership-and-file-permissions-intact-when-copying-files-or-directories/
[2]: https://ostechnix.com/find-out-the-linux-distribution-name-version-and-kernel-details/
[3]: https://ostechnix.com/wp-content/uploads/2019/12/Execute-Commands-On-Remote-Linux-Systems-Via-SSH.gif
[4]: https://ostechnix.com/how-to-change-apache-ftp-and-ssh-default-port-to-a-custom-port-part-3/
[5]: https://ostechnix.com/wp-content/uploads/2019/12/Run-multiple-commands-on-remote-systems-via-SSH-on-Linux.png
[6]: https://ostechnix.com/wp-content/uploads/2019/12/Run-commands-with-sudo-privileges-on-remote-systems-via-SSH.png
[7]: https://ostechnix.com/configure-ssh-key-based-authentication-linux/
[8]: https://ostechnix.com/wp-content/uploads/2022/09/Execute-Commands-On-Remote-Machines-Over-SSH-With-sshpass.png

View File

@ -1,113 +0,0 @@
[#]: subject: "How to Update or Upgrade Ubuntu Offline without Internet"
[#]: via: "https://www.debugpoint.com/how-to-update-or-upgrade-ubuntu-offline-without-internet/"
[#]: author: "Arindam https://www.debugpoint.com/author/admin1/"
[#]: collector: "lkxed"
[#]: translator: "littlebirdnest"
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
如何在没有网络的情况下,离线更新或升级 Ubuntu
======
**此教程关于如何一步一步在没有网络的情况下升级ubuntu**
在有些情况下你可能需要离线更新ubuntu又或者你可能在远程状态下需要更新一堆未联网的ubuntu总的来说你想要升级最新的系统
当然,始终建议通过联网升级系统。
但有时,离线更新系统,有助于网络安全,远离黑客和恶意软件
以下的方法使用[apt-offline][1]来解决这些问题离线更新ubuntu
### 准备环节
- 一台能连接到网络的ubuntu你朋友的咖啡馆实验室系统
- 装了安装包的u盘
- 两个系统都安装了 apt-offline.一个系统离线,另一个系统联网
### 安装 apt-offline
在两个系统下安装apt-offline
你可以使用以下命令安装 apt-offline。
```
sudo apt install apt-offline
```
如果你想装离线安装 apt-offline 你可以提前下载到u盘里然后拷出来再使用下面的命令
Ubuntu 22.04 LTS 和其他版本的下载链接如下所示。您可以选择一个镜像并下载 deb 文件。
[下载 .deb 文件 apt-offline][2]
```
sudo dpkg -i name_of_package.deb
```
### 如何更新ubuntu
离线打开终端,且使用以下命令创建一个.sig签名文件
```
sudo apt-offline set ~/offline-data.sig
```
[![Create the sig file][3]][4]
这个刚创建的签名文件中,包含下载所需的包路径和详细信息。
[![sig file contents][5]][6]
把签名文件拷到u盘中再插到有网的ubuntu
创建有一个目录去装这些文件
打开一个终端,运行以下命令,记得根据你的系统,更改下载目录和.sig签名文件的路径
```
apt-offline get -d ~/offline-data-dir offline-data.sig
```
[![Download the packages to install offline][7]][8]
更新离线的Ubuntu
文件下载完拷贝整个目录再插到没联网的ubuntu
然后运行以下命令将下载的包装到离线系统,记得根据你的系统更改目录路径
```
sudo apt-offline install offline-data-dir/
```
[![Installing packages - offline update ubuntu][9]][10]
如果一切顺利你将获得一个更新完的ubuntu
重复食用以上步骤就可以保持你的离线ubuntu是最新版
希望以上教程能帮到你更新离线的ubnuntu系统如果您遇到任何问题请在下面的评论框中告诉我。
--------------------------------------------------------------------------------
via: https://www.debugpoint.com/how-to-update-or-upgrade-ubuntu-offline-without-internet/
作者:[Arindam][a]
选题:[lkxed][b]
译者:[littlebirdnest](https://github.com/译者ID)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.debugpoint.com/author/admin1/
[b]: https://github.com/lkxed
[1]: https://github.com/rickysarraf/apt-offline
[2]: https://packages.ubuntu.com/focal/all/apt-offline/download
[3]: https://www.debugpoint.com/wp-content/uploads/2021/03/Create-the-sig-file-1024x204.jpg
[4]: https://www.debugpoint.com/wp-content/uploads/2021/03/Create-the-sig-file.jpg
[5]: https://www.debugpoint.com/wp-content/uploads/2021/03/sig-file-contents-1024x250.jpg
[6]: https://www.debugpoint.com/wp-content/uploads/2021/03/sig-file-contents.jpg
[7]: https://www.debugpoint.com/wp-content/uploads/2021/03/Download-the-packages-to-install-offline-1024x437.jpg
[8]: https://www.debugpoint.com/wp-content/uploads/2021/03/Download-the-packages-to-install-offline.jpg
[9]: https://www.debugpoint.com/wp-content/uploads/2021/03/Installing-packages-offline-update-ubuntu-1024x509.jpg
[10]: https://www.debugpoint.com/wp-content/uploads/2021/03/Installing-packages-offline-update-ubuntu.jpg

View File

@ -1,131 +0,0 @@
[#]: subject: "How to Remove Firefox Snap from Ubuntu (21.10 +)"
[#]: via: "https://www.debugpoint.com/remove-firefox-snap-ubuntu/"
[#]: author: "Arindam https://www.debugpoint.com/author/admin1/"
[#]: collector: "lkxed"
[#]: translator: "geekpi"
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
如何从 Ubuntu (21.10 +) 中删除 Firefox Snap
======
**Ubuntu 21.10 Impish Indri 及之后的版本将 Firefox Snap 设为默认浏览器。如果你不喜欢 Snap可以通过以下方式将其删除并使用库存版本。**
关于 Snap 是否是 apt 的更好替代品,一直存在争议。而许多用户更喜欢它的系统,也有一些人非常讨厌 snap。 Ubuntu 和 Canonical 认为它是 Linux 的最佳安装仓库和包管理工具之一。 Snap 被讨厌的主要原因是它的启动很慢。然而,这个论点是另一篇文章的内容。
### 从 Ubuntu 中删除 Firefox Snap 版本
所以,如果你还没有[听说过这个故事][1]Ubuntu 21.10(和所有后续版本)默认提供 Firefox Snap 包。因此,当你从 Ubuntu 21.10 开始安装时,默认的 left-dock 快捷方式是 Firefox 的 snap 版本。你可以使用以下各种方法对其进行验证。
![snap 列表 - Firefox][2]
![Firefox snap 桌面快捷方式][3]
如果你因为[性能][4]和存储问题而不喜欢 Snap可以通过以下命令将其删除。
- 如果打开,那么关闭所有 Firefox 实例。
- 打开一个终端。然后运行以下命令。
```
sudo snap remove firefox
```
- 等待命令完成。这将从你的系统中删除 snap 可执行文件,并断开 Firefox 与各种系统服务的连接。但是主 snap 目录仍然存在。你可以使用以下命令手动删除它。
```
cd ~/snaprm -r firefox
```
### 安装 Firefox 替代方法
现在,当你删除 Firefox 时,你可以通过以下选项来使用此浏览器。
#### 方法 1 使用 PPA推荐
- 在使用此方法之前,请确保如上删除了 Firefox 的 snap 版本。
- 有一个[官方 Firefox PPA][5],由其开发团队维护。你可以将此 PPA 添加到你的软件源中,并使用它来安装最新的 Firefox。
- 确保使用文本编辑器创建一个首选项文件,以阻止 Ubuntu 在运行 apt update 命令时获取 Firefox 的 snap 版本。
```
sudo gedit /etc/apt/preferences.d/firefox-no-snap
```
- 将以下行添加到上面的文件并保存。
```
Package: firefox*Pin: release o=Ubuntu*Pin-Priority: -1
```
- 依次使用以下命令。第一个命令将其从你的系统中完全删除。
```
sudo apt purge firefox
sudo add-apt-repository ppa:mozillateam/firefox
sudo apt-get update
sudo apt install firefox
```
- 安装完成后,请确保使用以下命令启用自动升级。
```
echo 'Unattended-Upgrade::Allowed-Origins:: "LP-PPA-mozillateam:${distro_codename}";' | sudo tee /etc/apt/apt.conf.d/51unattended-upgrades-firefox
```
- 重启系统(可选)并享受 deb 版本的 Firefox。
#### 方法 2 使用 Firefox 的压缩可执行文件
- 你可以从官方网站(下面的链接)下载适用于 Ubuntu 和其他 Linux 的压缩 Firefox 可执行文件。然后解压并双击运行 firefox 可执行文件。这是最安全的方法。如果你使用此方法,你仍然可以获得更新。
[下载 Firefox][6]
![下载 Firefox 并解压][7]
![然后运行可执行文件][8]
#### 方法 3 使用 Flatpak 版本的 Firefox
- 你也可以使用 [Flatpak 版本的 Firefox][9],这在 [Ubuntu 中设置 Flatpak][10] 后可用。然后你可以运行以下命令进行安装。
```
flatpak install flathub org.mozilla.firefox
```
#### 方法 4 使用与系统耦合更少的 Snap 版本 Firefox
- 如果你认为你仍然可以继续使用 Snap 版本但希望在系统中减少沙盒,那么你可能需要使用以下命令和 [classic 开关][11]重新安装 Firefox。
```
sudo snap install firefox --classic
```
### 结束语
因此,这是从 Ubuntu 21.10 开始删除 firefox snap 版本的步骤。以及一些替代品。我很想知道 Linux Mint 采取了什么措施,因为他们与 Snap 不兼容。。此外,这些发行版依赖于 Firefox 的 Ubuntu 上游仓库,看看它们会做什么很有趣。 Debian 维护自己的仓库,但主要是 ESR 版本。
--------------------------------------------------------------------------------
via: https://www.debugpoint.com/remove-firefox-snap-ubuntu/
作者:[Arindam][a]
选题:[lkxed][b]
译者:[geekpi](https://github.com/geekpi)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.debugpoint.com/author/admin1/
[b]: https://github.com/lkxed
[1]: https://bugs.launchpad.net/ubuntu/+source/ubuntu-release-upgrader/+bug/1943840
[2]: https://www.debugpoint.com/wp-content/uploads/2021/09/snap-list-Firefox.jpg
[3]: https://www.debugpoint.com/wp-content/uploads/2021/09/Firefox-snap-desktop-shortcut-1024x490.jpg
[4]: https://www.debugpoint.com/2021/03/clean-up-snap/
[5]: https://launchpad.net/~mozillateam/+archive/ubuntu/ppa
[6]: https://www.mozilla.org/en-US/firefox/new/
[7]: https://www.debugpoint.com/wp-content/uploads/2021/09/Download-Firefox-and-Extract.jpg
[8]: https://www.debugpoint.com/wp-content/uploads/2021/09/And-then-run-the-executable.jpg
[9]: https://flathub.org/apps/details/org.mozilla.firefox
[10]: https://www.debugpoint.com/2018/07/how-to-install-flatpak-apps-ubuntu-linux/
[11]: https://snapcraft.io/docs/snap-confinement

View File

@ -0,0 +1,91 @@
[#]: subject: "Fix scanned images with ImageMagick"
[#]: via: "https://opensource.com/article/22/11/fixing-scanned-images-imagemagick"
[#]: author: "Seth Kenlon https://opensource.com/users/seth"
[#]: collector: "lkxed"
[#]: translator: "geekpi"
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
使用 ImageMagick 修复扫描图像
======
使用这个开源工具,即使是批量校正图像也很容易。
多年前,在翻阅一家旧书店的书架上的内容时,我偶然发现了一本名为 《UNIX System Command Summary for Berkeley 4.2 & 4.3 BSD》 的小册子,由 Specialized Systems Consultants 出版。我买它是出于好奇,因为它已经有将近 20 年的历史了,但仍然在很大程度上适用于现代 Linux 和 BSD。
这让我当时和现在都很开心。一本写于 1986 年的小册子在 2016 年仍然很重要,而同一个书架上关于专有操作系统的书籍并不值得印刷它们的纸张。(想一想:你认为什么技术可以在僵尸末日中幸存下来?)这本小册子已经放在我自己的书架上好几年了,但我突然想到可能值得对这个作品做一点数字保存,所以我决定扫描这本小册子来创建一本 [CBZ 电子书][1]。
使用 [Skanlite][2] 进行扫描很容易,但很耗时。然而,当我完成后,我发现有些页面不是很平整。
![A page of text, including a table of contents and a glossary, that is crooked and distorted][3]
在打印中,这称为配准问题,这意味着打印内容的位置在页面上的方向不正确。
### ImageMagick
[ImageMagick][4] 是基于终端的非交互式图形编辑器。尝试在无图形环境(如纯文本终端)中编辑图形似乎违反直觉,但实际上很常见。例如,当你将图像上传到 Web 应用用作个人资料图片时,应用服务器上的脚本可能会使用 ImageMagick 或其库处理你的图像。非交互式编辑器的优点是你可以制定需要对示例图像执行的操作,然后只需按一下按钮即可将这些效果应用于数百个其他图像。
ImageMagick 通常与其他图形编辑器一样强大,只要你花时间了解它的许多功能以及如何组合它们以实现所需的效果。在这种情况下,我想旋转歪斜的页面。在搜索了 ImageMagick 的文档后,我发现我需要的解决方案的 ImageMagick 术语称为纠偏。将你的术语与其他人的术语保持一致对于你不知道的任何事情都是一个挑战,因此当你使用 ImageMagick或其他任何东西请记住你描述问题或解决方案的用词可能和别人不一样。
要使用 ImageMagick 对带有弯曲文本的图像进行校正:
```
$ convert page_0052.webp -deskew25% fix_0052.webp
```
`-deskew` 选项表示可接受偏差的阈值。通过跟踪看似字母的对象的峰谷来确定倾斜。根据扫描的弯曲程度,你可能需要多于或少于 25% 的阈值。我已经达到了 80%,到目前为止,低于 25% 没用效果。
结果如下:
![The same page of text, now with the text properly aligned][5]
修复了!将其应用于文档的剩余 55 页以修复倾斜的页面,而对已经笔直的页面不做任何事情。换句话说,由于我的阈值设置,在不需要调整的页面上运行此命令是安全的。
### 使用 ImageMagick 裁剪图像
在纠正了歪斜之后,因为无论如何我扫描的每一页都比必要的要多,以防止意外切断单词,我认为裁剪我纠正的页面是有意义的。我很高兴在页边空白处保留一些空间,但没有以前那么多。我经常使用 ImageMagick 的“裁剪”功能来处理这个网站上的图像,所以我很熟悉这个选项。但是,我需要确定如何裁剪每一页。
首先,我需要图像的大小:
```
$ identify fixed_0052.webp
WEBP 1128x2593 1128x2593+0+08-bit sRGB 114732B 0.020u 0:00.021
```
知道尺寸后,我能够对我可以承受的丢失多少像素做出一些估计。经过几次试运行,我得到了这个:
```
convert fix_0052.webp -gravity Center -crop 950x2450+0+0 crop_0052.webp
```
这并不完全适合,但当我将它应用于册子中的其他图像时,它被证明很重要。这些页面的内容和扫描仪位置各不相同,所以我很高兴给每一页一点空余空间。
这是校正和裁剪的图像:
![The same page of text, with the previous fixes applied and crooked white margins around the page cropped out.][6]
### 使用开源批量编辑图像
ImageMagick 的美妙之处在于,当你确定了修复图像的公式,你就可以将该修复应用于需要相同修复的所有图像。我使用 [GNU Parallel][7] 执行此操作,它使用我所有的 CPU 内核来完成数百页的图像校正。这并不需要很长时间,而且结果不言而喻。更重要的是,我已经有了一个 UNIX 历史上有趣作品的数字档案。
--------------------------------------------------------------------------------
via: https://opensource.com/article/22/11/fixing-scanned-images-imagemagick
作者:[Seth Kenlon][a]
选题:[lkxed][b]
译者:[geekpi](https://github.com/geekpi)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://opensource.com/users/seth
[b]: https://github.com/lkxed
[1]: https://opensource.com/article/19/3/comic-book-archive-djvu
[2]: https://opensource.com/article/22/2/scan-documents-skanlite-linux-kde
[3]: https://opensource.com/sites/default/files/2022-10/imagemagick-crook_1.png
[4]: https://opensource.com/article/17/8/imagemagick
[5]: https://opensource.com/sites/default/files/2022-10/imagemagick-deskew-fix.png
[6]: https://opensource.com/sites/default/files/2022-10/imagemagick-deskew-crop.png
[7]: http://LINK-TO-SETH-GNU-PARALLEL-REDHAT.COM/SYSADMIN

View File

@ -0,0 +1,103 @@
[#]: subject: "How to Fix: sudo Command Not Found Error"
[#]: via: "https://www.debugpoint.com/sudo-command-not-found/"
[#]: author: "Arindam https://www.debugpoint.com/author/admin1/"
[#]: collector: "lkxed"
[#]: translator: "geekpi"
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
如何修复“sudo Command Not Found” 错误
======
**以下是你如何在 Debian、Ubuntu 和其他发行版中修复 “sudo command not found” 错误的方法**。
有时,当你第一次设置或安装 [Linux 发行版][1]时,你在用 sudo 尝试一些命令时,会出现 “sudo command not found” 的错误。
sudo 命令是 “superuser do” 的缩写它是一个允许用户以管理员权限执行命令的程序。sudo 命令帮助你像管理员用户一样运行程序/命令。
此外,用 sudo 运行命令的用户必须是 sudo 组的一部分。
你看到这个错误的主要原因是该软件包本身没有安装。然而,大多数现代 Linux 发行版都默认提供了这个功能,但有些则没有。
下面是解决这个问题需要遵循的步骤。
#### 故障排除#1
- 首先,安装 sudo 包来解决这个问题。打开一个终端,刷新你的系统,并运行以下命令来安装 sudo。
对于 Ubuntu、Debian 和相关发行版:
```
su -apt updateapt install sudo
```
对于 Arch Linux
```
pacman -S sudo
```
对于 Fedora、RHEL 等:
```
su -dnf updatednf install sudo
```
- 上述安装完成后,你必须使用以下命令将用户添加到 `sudo` 组中。
`usermod -aG sudo <yourusername>`
- 然后从终端运行 `visudo`,并运行以下行。按 CTRL+O 和 CTRL+X 来保存和退出。
![使用 visudo 更新 sudoers 文件][2]
- 退出并再次登录使变化生效。
#### 故障排除#2
在做了上述改变之后,如果你仍然收到错误信息,那么请按照以下步骤操作。
确保你的 `$PATH` 变量包含 `sudo` 可执行文件的正确路径。如果 `sudo` 已经安装,但 `$PATH` 不正确,你也会得到这个错误。理想情况下,你的路径应该包含以下所有的路径。
```
echo $PATH
```
```
/usr/local/bin:/usr/local/sbin:/usr/bin:/usr/sbin
```
要改变路径变量,使用以下命令。例如,如果 `/usr/bin` 不存在,那么你可以通过以下方式添加它。
```
export PATH=$PATH:/usr/bin
```
然后注销并登录查看效果。
### 总结
我希望这个指南能帮助你解决 Linux 发行版中的 sudo 错误。表面上的解决方案很简单,真的。
如果有帮助,或者如果你有任何问题,请在下面留言,。
[参考][3]
--------------------------------------------------------------------------------
via: https://www.debugpoint.com/sudo-command-not-found/
作者:[Arindam][a]
选题:[lkxed][b]
译者:[geekpi](https://github.com/geekpi)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.debugpoint.com/author/admin1/
[b]: https://github.com/lkxed
[1]: https://www.debugpoint.com/category/distributions
[2]: https://www.debugpoint.com/wp-content/uploads/2022/09/Updating-the-sudoers-file-using-visudo.jpg
[3]: https://linux.die.net/man/8/sudo

View File

@ -0,0 +1,119 @@
[#]: subject: "How to Fix: bash wget Command Not Found Error"
[#]: via: "https://www.debugpoint.com/wget-not-found-error/"
[#]: author: "Arindam https://www.debugpoint.com/author/admin1/"
[#]: collector: "lkxed"
[#]: translator: "geekpi"
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
如何修复“bash wget Command Not Found” 错误
======
**以下是你如何在 Debian、Ubuntu 和其他发行版中修复 “bash: wget command not found” 的错误。**
著名的 wget 工具被用来通过终端从 URL 下载任何文件。它是 Linux 终端中最流行和最快速的工具之一。
作为一个 GNU 工具wget 带来了一些奇妙的功能。你可以实现任何项目,如从网上提取信息、下载文件、暂停/恢复等。
然而,许多 [Linux 发行版][1]在默认安装时并没有附带这个工具。因此,当你想用 wget 下载一些文件时,你会得到 wget 命令未找到的错误。
修复它其实很容易。
### 修复 wget 命令未找到
你所需要做的就是打开终端,运行以下命令来安装 wget。
对于 Ubuntu, Linux Mint, elementaryOS, Debian 和相关发行版:
```
sudo apt install wget
```
Arch Linux
```
pacman -S wget
```
对于 Fedora虽然它默认包括
```
sudo dnf install wget
```
安装后,你可以使用 wget 程序。你也可以通过检查其版本来验证它是否正确安装。
```
wget --version
```
### 如何使用 wget
下面是一些关于如何使用 wget 程序的例子。
命令的语法如下:
```
wget [选项]… [URL]…
```
例如,如果我想下载 Ubuntu 的 ISO 文件,那么我可以运行下面的命令,用直接的 URL 下载。
```
wget https://releases.ubuntu.com/22.04.1/ubuntu-22.04.1-desktop-amd64.iso
```
![如何使用 wget 的例子][2]
同样,你也可以使用上述命令下载,或者,通过下面描述的几个开关组合。你也可以通过 `wget --help` 命令得到这个。
```
-t, --tries=NUMBER 设置重试次数为 NUMBER0 为不限)。
--retry-connrefused 即使连接被拒绝,也要重试。
--retry-on-http-error=ERRORS 逗号分隔的 HTTP 错误列表,以便重试。
-O, --output-document=FILE 将文件写入 FILE 中
--nc, --no-clobber 跳过那些会下载到现有文件的下载(覆盖它们)
--no-netrc 不要试图从 .netrc 中获取证书。
-c, --continue 继续已部分下载的文件
--start-pos=OFFSET 从 0 开始 OFFSET 位置开始下载
--progress=TYPE 选择进度表类型
--show-progress 在任何详细模式下显示进度条
--N, --timestamping 不重新检索文件,除非比本地文件新。
--no-if-modified-since 在时间戳模式下不使用条件性的 if-modified-since 获取请求
--no-use-server-timestamps 不以服务器上的时间戳来设置本地文件的时间戳。
--S, --server-response 打印服务器响应
--spider 不下载任何东西
-T, --timeout=SECONDS 设置所有的超时值为 SECONDS
--dns-timeout=SECS 将 DNS 查询超时设置为 SECS
--connect-timeout=SECS 将连接超时设置为 SECS
--read-timeout=SECS 设置读取超时为 SECS
--w, --wait=SECONDS 在两次检索之间等待 SECONDS适用于检索的 URL 超过 1个
--wait retry=SECONDS 在检索的重试之间等待1...SECONDS适用于检索的 URL 超过 1 个)。
--random-wait 在两次检索之间等待 0.5WAIT...1.5WAIT 秒(适用于检索的 URL 超过 1 个)
```
### 总结
我希望这个指南能帮助你解决 Linux 发行版中的 wget 错误。明显的方案是非常简单的。
如果有帮助或者你有任何问题,请在下面留言。
[参考][3]
--------------------------------------------------------------------------------
via: https://www.debugpoint.com/wget-not-found-error/
作者:[Arindam][a]
选题:[lkxed][b]
译者:[geekpi](https://github.com/geekpi)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.debugpoint.com/author/admin1/
[b]: https://github.com/lkxed
[1]: https://www.debugpoint.com/category/distributions
[2]: https://www.debugpoint.com/wp-content/uploads/2022/09/Sample-example-of-how-to-use-wget.jpg
[3]: https://www.gnu.org/software/wget/

View File

@ -0,0 +1,171 @@
[#]: subject: "How to Install FFmpeg in Ubuntu and Other Linux"
[#]: via: "https://www.debugpoint.com/install-ffmpeg-ubuntu/"
[#]: author: "Arindam https://www.debugpoint.com/author/admin1/"
[#]: collector: "lkxed"
[#]: translator: "Cubik65536"
[#]: reviewer: " "
[#]: publisher: " "
[#]: url: " "
如何在 Ubuntu 和其他 Linux 发行版中安装 FFmpeg
======
**本教程讲述了在 Ubuntu 和其他 Linux 系统中安装 FFmpeg 所需的步骤。**
FFmpeg 是一系列用于操作多媒体文件的库和软件程序。整个 ffmpeg 是一组强大的库,允许您转换,推流和操作音频和视频文件。许多前端 Linux 应用程序将其用作后端并依赖它。例如,屏幕录制应用程序可能需要 ffmpeg 将录制的流转换为 gif 图像。
主流的应用程序和服务,如 VLC 媒体播放器YouTubeBlenderKodiShotcut 和 Handbrake 等,都使用 FFmpeg。
趣事NASA 2020 年发射的毅力号火星探测器使用 FFmpeg 完成和处理图像和视频,然后将其发送回地球!
### 关于 ffmpeg 包
[FFmped][1] 是一个强大的命令行工具。它支持 LinuxWindows 和 macOS并支持多种架构。它是用 C 和汇编编写的,提供了强大的性能和跨平台实用性。
#### 核心
FFmpeg 的核心是命令行实用程序。它们可以在命令行上使用,也可以从任何编程语言中调用。例如,您可以从 shell 程序python 脚本等程序中使用它们。
- **ffmpeg**:用于转换音频和视频流,包括来自 TV 卡等 LIVE 流的源
- **ffplay**:此软件包中捆绑的媒体播放器,用于播放媒体
- **ffprobe**:命令行工具,用于显示媒体信息 - 可以以 txtmcsvxmljson 格式输出
### FFmpeg 安装
安装 FFmpeg 在 Ubuntu 和其他 Linux 发行版中很容易。打开终端并运行以下命令以安装。
#### Ubuntu 以及相似的发行版
``` bash
sudo apt install ffmpeg
```
#### Fedora
对于 Fedora Linux您需要添加 [RPM Fusion repo][2]。Fedora 官方仓库没有 FFmpeg 包。
``` bash
sudo dnf install https://download1.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm
```
``` bash
sudo dnf install https://download1.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-
```
``` bash
sudo dnf install ffmpeg
```
#### Arch Linux
``` bash
pacman -S ffmpeg
```
在安装完成后,您可以使用以下命令验证安装。
``` bash
ffmpeg --version
```
![Ubuntu Linux 中安装的 FFmpeg][3]
### 示例ffmpeg 的基础用法
首先,让我给你一个简单的例子。考虑以下示例。它只是将 mp4 文件转换为 mkv 文件。
- **转换基本视频文件**
``` bash
ffmpeg -i big_buck_bunny.mp4 big_buck_bunny.mkv
```
当然,这是最简单的方法,但它不完整,因为它没有转换所需的视频文件的比特率,分辨率和其他属性。
- **转换一个音频文件**
第二,您可以使用类似的命令转换音频文件。
``` bash
ffmpeg -i sunny_day.ogg sunny_day.mp3
```
- **使用音频和视频编解码器转换**
最后,以下示例可以使用指定的编解码器转换视频文件。参数 `-c``a``v` 分别定义音频和视频。下面的命令使用 `libvpx` 视频和 `libvorbis` 音频编解码器进行转换。
``` bash
ffmpeg -i big_buck_bunny.mp4 -c:v libvpx -c:a libvorbis big_buck_bunny.webm
```
### 如何找出系统中可用的编解码器,编码器和解码器?
#### 列出所有编解码器
要列出所有可用的编解码器,请运行以下命令。
``` bash
ffmpeg -codecs
```
该命令列出了所有可用的编解码器及其功能,是否支持解码或编码等。此外,它们根据下表的位置进行标识。
``` plain
D..... = Decoding supported
.E.... = Encoding supported
..V... = Video codec
..A... = Audio codec
..S... = Subtitle codec
...I.. = Intra frame-only codec
....L. = Lossy compression
.....S = Lossless compression
```
![FFmpeg 编码器列表][4]
### 列出所有编码器
通过以下命令列出所有编码器。
``` bash
ffmpeg -encoders
```
#### 列出所有解码器
同样的,您可以通过以下命令获取解码器列表。
``` bash
ffmpeg -decoders
```
#### 详细信息
你还可以使用参数 -h 获取编码器或解码器的更多详细信息。
``` bash
ffmpeg -h decoder=mp3
```
### 总结
我希望你学会了 FFmpeg 和它的命令的基础知识。您可以通过[官方文档][5]了解更多有关该程序的信息。
--------------------------------------------------------------------------------
via: https://www.debugpoint.com/install-ffmpeg-ubuntu/
作者:[Arindam][a]
选题:[lkxed][b]
译者:[Cubik65536](https://github.com/Cubik65536)
校对:[校对者ID](https://github.com/校对者ID)
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
[a]: https://www.debugpoint.com/author/admin1/
[b]: https://github.com/lkxed
[1]: https://ffmpeg.org/
[2]: https://www.debugpoint.com/2020/07/enable-rpm-fusion-fedora-rhel-centos/
[3]: https://www.debugpoint.com/wp-content/uploads/2022/06/FFmpeg-installed-in-Ubuntu-Linux.jpg
[4]: https://www.debugpoint.com/wp-content/uploads/2022/06/FFmpeg-Codec-list.jpg
[5]: https://ffmpeg.org/documentation.html