mirror of
https://github.com/LCTT/TranslateProject.git
synced 2024-12-26 21:30:55 +08:00
Merge remote-tracking branch 'LCTT/master'
This commit is contained in:
commit
f679796691
@ -1,69 +1,70 @@
|
||||
[#]: collector: (lujun9972)
|
||||
[#]: translator: (HankChow)
|
||||
[#]: reviewer: ( )
|
||||
[#]: publisher: ( )
|
||||
[#]: url: ( )
|
||||
[#]: reviewer: (wxy)
|
||||
[#]: publisher: (wxy)
|
||||
[#]: url: (https://linux.cn/article-12057-1.html)
|
||||
[#]: subject: (How open source software is fighting COVID-19)
|
||||
[#]: via: (https://opensource.com/article/20/3/open-source-software-covid19)
|
||||
[#]: author: (Jeff Stern https://opensource.com/users/jeffstern)
|
||||
|
||||
开源软件在应对 COVID-19 中的贡献
|
||||
开源软件在应对新冠病毒中的贡献
|
||||
======
|
||||
|
||||
> 在新冠疫情爆发之际,涌现了数以千计的开源项目,今天我们来了解其中四个。
|
||||
|
||||
![symbols showing healthcare][1]
|
||||
![](https://img.linux.net.cn/data/attachment/album/202003/30/210613wchojyc5rrwh8y5k.jpg)
|
||||
|
||||
在当前紧张的疫情环境下,保持专注和积极性是一个很大的挑战。而研究开源社区如何应对这一次疫情爆发,对于我来说却成为了一种宣泄。
|
||||
|
||||
从今年一月底开始,整个开源社区已经贡献了数以千计关于冠状病毒或 COVID-19 的[开源软件库][2],其中涉及的内容包括但不限于数据集、模型、可视化、Web 应用、移动应用,且大多数都使用了 JavaScript 和 Python 编写。
|
||||
从今年一月底开始,整个开源社区已经贡献了数以千计关于冠状病毒或新冠病毒的[开源软件仓库][2],其中涉及的内容包括但不限于数据集、模型、可视化、Web 应用、移动应用,且大多数都使用了 JavaScript 和 Python 编写。
|
||||
|
||||
之前我们分享过一些关于开源硬件厂商在帮助遏制冠状病毒传播方面做的[贡献][3],现在将继续分享四个由开源社区作出的应对冠状病毒和 COVID-19 的项目,这体现了开发者们和整个开源社区在当下对整个世界的影响力。
|
||||
之前我们分享过一些关于[开源硬件创客们在帮助][3]遏制冠状病毒传播方面做的贡献,现在将继续分享四个由开源社区作出的应对冠状病毒和新冠病毒的项目,这体现了开发者们和整个开源社区在当下对整个世界的影响力。
|
||||
|
||||
### 1. PennSignals:CHIME
|
||||
|
||||
![CHIME by PennSignals][4]
|
||||
|
||||
<ruby>COVID-19 流行病医院影响模型<rt>COVID-19 Hospital Impact Model for Epidemics</rt></ruby>([CHIME][5])是由宾夕法尼亚大学 Penn Medicine 机构的数据科学家们建立的开源在线应用,它可以让医院更好地了解本次新型冠状病毒对医院需求的影响。
|
||||
<ruby>新冠病毒流行病医院影响模型<rt>COVID-19 Hospital Impact Model for Epidemics</rt></ruby>([CHIME][5])是由宾夕法尼亚大学 Penn Medicine 机构的数据科学家们建立的开源在线应用,它可以让医院更好地了解本次新型冠状病毒对医院需求的影响。
|
||||
|
||||
医院的管理人员可以通过 CHIME 来大致预测未来几天和几周内将会有多少患者需要住院治疗,并推算 ICU 和呼吸机的需求量。只需要输入当前住院患者数以及一些相关的变量,就可以看到未来几天内需求的变化情况。
|
||||
|
||||
CHIME 主要使用 Python 开发,并通过 [pandas][6] 这个开源库实现了大部分的数据转换和数值计算,最终得出相关的估计值。pandas 的背后有一个强大的团队进行支持,因此它是在数据分析方面被广泛使用的 Python 库之一。和很多其它的开源项目一样,pandas 团队的收入大部分来源于[用户的资金支持][7]。
|
||||
CHIME 主要使用 Python 开发,并通过 [Pandas][6] 这个开源库实现了大部分的数据转换和数值计算,最终得出相关的估计值。Pandas 的背后有一个强大的团队进行支持,它是在数据分析方面被广泛使用的 Python 库之一。和很多其它的开源项目一样,Pandas 团队的收入大部分来源于[用户的资金支持][7]。
|
||||
|
||||
### 2. Locale.ai:Real-time COVID-19 visualization
|
||||
### 2. Locale.ai:实时新冠病毒可视化
|
||||
|
||||
![Locale.ai COVID-19 visualization][8]
|
||||
|
||||
实时显示世界各地病例数量分布的地图可以让我们直观了解 COVID-19 的规模和扩散程度。Locale.ai 就开发了这样一个开源、可交互的 [COVID-19 已知病例可视化分布图][9],这个图会根据最新的可靠数据实时进行更新。
|
||||
实时显示世界各地病例数量分布的地图可以让我们直观了解新冠病毒的规模和扩散程度。Locale.ai 就开发了这样一个开源、可交互的[新冠病毒已知病例可视化分布图][9],这个图会根据最新的可靠数据实时进行更新。
|
||||
|
||||
这个项目有趣的地方在于,它的数据是是通过 GitHub 用户 ExpDev07 创建的[开源 API][10] 进行检索的,这个 API 的数据来源是[约翰·霍普金斯大学的开源数据集][11],而约翰·霍普金斯大学这份聚合了多个来源的数据集则是 GitHub 上 COVID-19 相关的最受欢迎的项目。这就是开源项领域中分支带来的一大好处。
|
||||
这个项目有趣的地方在于,它的数据是是通过 GitHub 用户 ExpDev07 创建的[开源 API][10] 进行检索的,这个 API 的数据来源是[约翰·霍普金斯大学的开源数据集][11],而约翰·霍普金斯大学这份聚合了多个来源的数据集则是 GitHub 上新冠病毒相关的最受欢迎的项目。这就是开源领域中分支带来的一大好处。
|
||||
|
||||
Locale.ai 的这个图表通过 [Vue.js][11] 开发。Vue.js 是一个在 Web 应用开发方面非常流行的框架,它是由[尤雨溪][12]创造并维护的。值得一提的是,尤雨溪是全职参与开源项目维护的少数人之一。
|
||||
Locale.ai 的这个图表通过 [Vue.js][11] 开发。Vue.js 是一个在 Web 应用开发方面非常流行的框架,它是由[尤雨溪][12]创造并维护的。值得一提的是,尤雨溪是少数以全职参与开源项目维护的人之一。
|
||||
|
||||
### 3. BlankerL:DXY-COVID-19-Crawler
|
||||
|
||||
![BlankerL DXY-COVID-19-Crawler][13]
|
||||
|
||||
[DXY-COVID-19-Crawler][14] 建立于今年 1 月份,是开源社区对 COVID-19 最早发起响应的项目之一。当时 COVID-19 主要在中国范围内传播,中国医学界通过[丁香园][15]网站来进行病例的报告和跟踪。为了使这些疫情信息具有更高的可读性和易用性,GitHub 用户 BlankerL 开发了一个爬虫,系统地从丁香园网站获取数据,并通过 API 和数据仓库的方式对外公开。这些数据也被学术研究人员用于研究病毒传播趋势和制作相关的可视化图表。到目前为止,DXY-COVID-19-Crawler 这个项目已经获得了超过 1300 个星标和近 300 次的复刻。
|
||||
[DXY-COVID-19-Crawler][14] 建立于今年 1 月份,是开源社区对新冠病毒最早发起响应的项目之一。当时该病毒主要在中国范围内传播,中国医学界通过[丁香园][15]网站来进行病例的报告和跟踪。为了使这些疫情信息具有更高的可读性和易用性,GitHub 用户 BlankerL 开发了一个爬虫,系统地从丁香园网站获取数据,并通过 API 和数据仓库的方式对外公开。这些数据也被学术研究人员用于研究病毒传播趋势和制作相关的可视化图表。到目前为止,DXY-COVID-19-Crawler 这个项目已经获得了超过 1300 个星标和近 300 次的复刻。
|
||||
|
||||
BlankerL 使用 Python 和 [Beautiful Soup][16] 库开发了这个爬虫。Beautiful Soup 是 Python 开发者用于从页面 HTML DOM 中提取信息的库,它由 Leonard Richardson 维护,这位作者i你另外还全职担任软件架构师。
|
||||
BlankerL 使用 Python 和 [Beautiful Soup][16] 库开发了这个爬虫。Beautiful Soup 是 Python 开发者用于从页面 HTML DOM 中提取信息的库,它由 Leonard Richardson 维护,这位作者另外还全职担任软件架构师。
|
||||
|
||||
### 4. 东京 COVID-19 工作组网站
|
||||
### 4. 东京新冠病毒工作组网站
|
||||
|
||||
![City of Tokyo's COVID-19 Task Force site][17]
|
||||
|
||||
世界各地很多城市都在网络上持续更新当地的 COVID-19 信息。东京都政府则为此创建了一个[综合性的网站][18],让东京当地居民、在东京设有办事处的公司以及到东京的游客了解最新情况,并采取相应的预防措施。
|
||||
世界各地很多城市都在网络上持续更新当地的新冠病毒信息。东京都政府则为此创建了一个[综合性的网站][18],让东京当地居民、在东京设有办事处的公司以及到东京的游客了解最新情况,并采取相应的预防措施。
|
||||
|
||||
这个网站的不同之处在于它是由东京都政府[开源][19]的。这个项目受到了来自 180 多名用户的贡献,日本的[长野市、千叶市、福冈市][20]还对这个网站进行了改造。这个项目是城市公共建设更好地服务大众的有力示范。
|
||||
|
||||
这个开源网站也使用了很多开源技术。通过 [Tidelift][21],我留意到项目中存在了 1365 个依赖项,其中 38 个是由开发者直接使用的依赖项。也就是说,超过一千多个开源项目(包括 [Nuxt.js][22]、[Prettier][23]、[Babel][24]、[Ajv][25] 等等)都为东京向市民共享信息提供了帮助。
|
||||
这个开源网站也使用了很多开源技术。通过 [Tidelift][21],我留意到项目中存在了 1365 个依赖项,而这都是由 38 个由开发者明确使用的直接依赖项所依赖的。也就是说,超过一千多个开源项目(包括 [Nuxt.js][22]、[Prettier][23]、[Babel][24]、[Ajv][25] 等等)都为东京向市民共享信息提供了帮助。
|
||||
|
||||
![Dependencies in Tokyo's COVID-19 Task Force site][26]
|
||||
|
||||
### 其它项目
|
||||
|
||||
除此以外,还有很多[响应 COVID-19 的重要项目][27]正在公开进行当中。在这次研究中,开源社区应对流行病以及利用开源技术开展工作的方式让我深受启发。接下来的一段时间都是应对疫情的关键时期,我们也可以继续在开源社区中寻找到更大的动力。
|
||||
除此以外,还有很多[应对新冠病毒的重要项目][27]正在公开进行当中。在这次研究中,开源社区应对流行病以及利用开源技术开展工作的方式让我深受启发。接下来的一段时间都是应对疫情的关键时期,我们也可以继续在开源社区中寻找到更大的动力。
|
||||
|
||||
如果你也参与到了 COVID-19 相关的开源项目当中,欢迎在评论区分享。
|
||||
如果你也参与到了新冠病毒相关的开源项目当中,欢迎在评论区分享。
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
@ -72,7 +73,7 @@ via: https://opensource.com/article/20/3/open-source-software-covid19
|
||||
作者:[Jeff Stern][a]
|
||||
选题:[lujun9972][b]
|
||||
译者:[HankChow](https://github.com/HankChow)
|
||||
校对:[校对者ID](https://github.com/校对者ID)
|
||||
校对:[wxy](https://github.com/wxy)
|
||||
|
||||
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
|
||||
|
||||
@ -80,7 +81,7 @@ via: https://opensource.com/article/20/3/open-source-software-covid19
|
||||
[b]: https://github.com/lujun9972
|
||||
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/Medical%20costs.jpg?itok=ke57j6cs (symbols showing healthcare)
|
||||
[2]: https://github.com/search?q=coronavirus+OR+covid19
|
||||
[3]: https://opensource.com/article/20/3/open-hardware-covid19
|
||||
[3]: https://linux.cn/article-12047-1.html
|
||||
[4]: https://opensource.com/sites/default/files/uploads/chime_pennsignals.png (CHIME by PennSignals)
|
||||
[5]: http://penn-chime.phl.io/
|
||||
[6]: https://tidelift.com/subscription/pkg/pypi-pandas
|
@ -0,0 +1,82 @@
|
||||
[#]: collector: (lujun9972)
|
||||
[#]: translator: ( )
|
||||
[#]: reviewer: ( )
|
||||
[#]: publisher: ( )
|
||||
[#]: url: ( )
|
||||
[#]: subject: (Know the benefits of cloud-native networking for SASE)
|
||||
[#]: via: (https://www.networkworld.com/article/3534720/know-the-benefits-of-cloud-native-networking-for-sase.html)
|
||||
[#]: author: (Zeus Kerravala https://www.networkworld.com/author/Zeus-Kerravala/)
|
||||
|
||||
Know the benefits of cloud-native networking for SASE
|
||||
======
|
||||
Shlomo Kramer, CEO of Cato Networks discusses the benefits cloud-native networking brings to SASE
|
||||
Metamorworks / Getty Images
|
||||
|
||||
Gartner has positioned secure access service edge (SASE) as the next wave of SD-WANs. While most industry people I talk to agree on the concept of security and networking being brought together, there is some debate surrounding cloud-native versus cloud-managed.
|
||||
|
||||
To get a better understanding of why cloud native matters, I sat down with Shlomo Kramer, CEO of Cato Networks, which designed its SASE service from the ground up for cloud delivery.
|
||||
|
||||
**Last year Gartner coined the term SASE, do you agree or disagree with their premise?**
|
||||
|
||||
[[Get regularly scheduled insights by signing up for Network World newsletters.]][1]
|
||||
|
||||
Well I definitely agree. The manifesto that Cato was founded on was the vision of converging network transport and network security and delivering it as a cloud service. The argument as to why you need SASE is topological in nature because traffic patterns have changed. Network traffic used to be inward bound because people sat at their desks, using corporate workstations and connecting to enterprise applications that resided in the company data centers.
|
||||
|
||||
That meant security was effectively a hard shell placed around a soft core. Security was applied at the edge and protected all the physical locations behind it. Today, the traffic patterns have changed, and the security needs to be applied everywhere. Applications are built in AWS as well as on-premises, workers are in the office, at home and in the hotel or anywhere. So now corporate assets are everywhere so the hard shell no longer works. Security needs to be different and be integrated everywhere so I absolutely agree with the concept of SASE.
|
||||
|
||||
**What are some other challenges with legacy technologies like MPLS and security appliances?**
|
||||
|
||||
**T**he problems with MPLS are well documented, so I won’t spend too much time on this topic other than say every company we talk to wants to move off of MPLS because of high costs, long deployment times and a lack of agility. MPLS does nothing for mobile users or cloud connectivity so organizations need to deploy VPN servers, cloud interconnects and other technologies to connect all of their company resources.
|
||||
|
||||
[][2]
|
||||
|
||||
On the security side, branch appliances have been an enormous problem that we as an industry accepted as the only possible solution. Appliances need to be procured, deployed, maintained, upgraded and retired. All of which takes time and effort. They need to be integrated with one another, which requires more time and skills. Most appliances are managed from separate management consoles making operations complex and challenging. Over time, more appliances are added, which raises the complexity level. Also, when traffic jumps or too many features are turned on, upgrades are often required outside budget cycles. Security professionals often lag behind when applying software patches because updating appliances is risky and needs to be carefully planned, leaving the company at risk.
|
||||
|
||||
I can go on, but _appliances_ as an architecture involve too many headaches and too much cost for companies looking to become leaner and more agile. And by appliances, I also mean VNFs and virtual appliances. It's the same story again. You still need to deploy, manage and scale them. Appliances are a poor choice not because of anyone's solution's limitations but because of the architecture itself.
|
||||
|
||||
**What benefit do cloud-native platforms provide?**
|
||||
|
||||
For Gur (Co-Founder of Cato, Gur Shatz) and myself, who came from the security and networking worlds, we were well acquainted with these problems. As we thought about what the right architecture would be moving forward, the cloud seemed like the obvious choice. We had already seen how cloud computing changed markets for data centers, servers, storage, and applications. We thought the cloud could do the same for security and networking.
|
||||
|
||||
Like AWS for data centers and servers, we wanted to create a utility that would secure and network the complete enterprise, not just sites, but also remote users, cloud data centers, cloud applications, and third-party devices. We wanted enterprises to "tap" into this utility and instantly receive all the advanced security and networking services for the entire organization. It's why we called our SD-WAN device the "Cato Socket," like an electrical socket you plug into. This vision is in line with the SASE definition.
|
||||
|
||||
Instead of appliances, we move the “heavy lifting” involved in security and networking into a global, distributed, cloud-native software platform. By cloud-native software, we mean several things. We actually wrote a [blog on this topic][3] that talks about the value of cloud-native. There are many benefits but in particular, multi-tenancy is game-changing. This allows cloud providers to amortize costs across their customer base, allowing them to deliver offerings at a price point unmatched by one based on purchasing appliances for customers.
|
||||
|
||||
This platform runs our single-pass, security and networking stack that performs all security inspections in parallel. A packet comes in, depacketized and decrypted by our software that then performs all the necessary security inspections in parallel before sending the packet on. This is an incredible change from the way appliances work today. Today, each appliance must depacketize and decrypt packets, run a deep packet inspection (DPI) engine to understand the packet, apply the specific security inspections, and repacketize and re-encrypt for the next appliance to do the same.
|
||||
|
||||
**You’ve also stated that a global private network is necessary, why is that?**
|
||||
|
||||
As for the network, enterprises require predictable, low latency performance everywhere all the time. That's simply not possible with Internet routing today when broadband is used. While the problems of unpredictable latency across global routes or in under-developed Internet regions is well known even within Internet regions, we've seen specific routes have problems.
|
||||
|
||||
How do you overcome latency AND the global connectivity costs of MPLS? Our answer was to leverage the massive build-out in global IP connectivity. By buying massive wholesale SLA-backed capacity across multiple IP backbones, and then dynamically selecting the best backbone at each hop across our network, we could deliver global, low-latency connections at a fraction of the cost of MPLS.
|
||||
|
||||
**The SASE industry is currently filled with start-ups and smaller vendors. Why are the big incumbents struggling to make this shift?**
|
||||
|
||||
** **
|
||||
|
||||
I think it should be evident by now, but existing appliance-based solutions simply can't be converted to become cloud-native. Re-engineering a platform for the cloud requires massive investments in R&D, which will come at the expense of existing and very successful product lines, so beyond engineering, there is also an internal conflict to overcome.
|
||||
|
||||
And that's why the "big incumbents," as you put it, are so threatened by SASE. We all recognize that SASE is the future, but to get that to that future, many of the established solution providers will need to disrupt their existing businesses. That's not easy to do, but what they can do is market.
|
||||
|
||||
We, as an industry, are seeing vendors trying to capitalize on SASE by rebranding their solutions as SASE offerings. Some are appliances without cloud capabilities; others are security services without networking capabilities. For IT to tell the difference between a true SASE platform and a "fake" one, the litmus test is simple: If the center of gravity is in the appliances. If the offer lacks SD-WAN and if there is more than one management console. It's not SASE, and it's not the future. It's a repackaging of the past.
|
||||
|
||||
Join the Network World communities on [Facebook][4] and [LinkedIn][5] to comment on topics that are top of mind.
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
via: https://www.networkworld.com/article/3534720/know-the-benefits-of-cloud-native-networking-for-sase.html
|
||||
|
||||
作者:[Zeus Kerravala][a]
|
||||
选题:[lujun9972][b]
|
||||
译者:[译者ID](https://github.com/译者ID)
|
||||
校对:[校对者ID](https://github.com/校对者ID)
|
||||
|
||||
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
|
||||
|
||||
[a]: https://www.networkworld.com/author/Zeus-Kerravala/
|
||||
[b]: https://github.com/lujun9972
|
||||
[1]: https://www.networkworld.com/newsletters/signup.html
|
||||
[2]: https://www.networkworld.com/blog/itaas-and-the-corporate-storage-technology/?utm_source=IDG&utm_medium=promotions&utm_campaign=HPE22140&utm_content=sidebar (ITAAS and Corporate Storage Strategy)
|
||||
[3]: https://www.catonetworks.com/blog/the-cloud-native-network-what-it-means-and-why-it-matters/
|
||||
[4]: https://www.facebook.com/NetworkWorld/
|
||||
[5]: https://www.linkedin.com/company/network-world
|
@ -0,0 +1,98 @@
|
||||
[#]: collector: (lujun9972)
|
||||
[#]: translator: ( )
|
||||
[#]: reviewer: ( )
|
||||
[#]: publisher: ( )
|
||||
[#]: url: ( )
|
||||
[#]: subject: (SASE might be better than VPNs for quickly ramping up remote access)
|
||||
[#]: via: (https://www.networkworld.com/article/3534501/sase-might-be-better-than-vpns-for-quickly-ramping-up-remote-access.html)
|
||||
[#]: author: (Linda Musthaler https://www.networkworld.com/author/Linda-Musthaler/)
|
||||
|
||||
SASE might be better than VPNs for quickly ramping up remote access
|
||||
======
|
||||
A secure access service edge model can quickly grow remote-worker capacity without requiring enterprises to deploy their own new VPN gear.
|
||||
Getty Images
|
||||
|
||||
The global pandemic now hitting almost every corner of the world is forcing countless millions of people to work from home. In one sense, we’re fortunate to now have the technology that allows us to do that. Between broadband Internet access in the home, corporate VPNs, team workspaces and videoconferencing services, many people can continue to do their jobs as effectively as if they were in their regular office environment.
|
||||
|
||||
That doesn’t mean it’s all smooth sailing for the IT departments that have to enable and support those critical work-from-home services. Depending on the type of network architecture a company has, it can be relatively easy or significantly challenging to support tens of thousands of employees now suddenly working from home.
|
||||
|
||||
[[Get regularly scheduled insights by signing up for Network World newsletters.]][1]
|
||||
|
||||
I recently talked with Mark Casey, CEO of the network infrastructure services provider [Apcela][2], who conveyed the challenges that many large enterprises have. It’s these companies that typically still have a traditional hub-and-spoke kind of WAN anchored in a physical data center. Corporate traffic is backhauled from branch and remote locations (like workers’ homes) to a centralized [data center][3] to pass through a security stack before it is sent to the internet or to cloud services. Unfortunately, this legacy network architecture doesn’t adapt well to the dramatically different traffic patterns resulting from a massive surge in telework.
|
||||
|
||||
When you look at the [VPN][4] architecture in this environment, it’s largely dominated by Cisco with its AnyConnect solution that pairs with the vendor’s ASA [firewall][5] products. Countless large enterprises have these hardware appliances in their on-premises data centers. Whether it’s Cisco equipment or some other vendor’s, the VPN/firewall combination is a real workhorse under normal conditions, but the vast increase in remote workers is causing a strain.
|
||||
|
||||
**VPN capacity is strained**
|
||||
|
||||
A home-based worker brings up a VPN connection that creates a secure tunnel to take him straight into the data center. This might be fine when the company expects 10% to 20% of its employees to work remotely at any given time, but now the numbers might approach 50% or 70%. This creates contention for resources and a poor VPN experience for all. What’s more, workers are routing a bunch of internet traffic to the data center along with traffic destined for on-premise applications like [Microsoft Office 365][6]. This is the landscape that Casey sees every day as he engages with large enterprise organizations.
|
||||
|
||||
“We’ve talked to a number of companies recently that say they need to expand their VPN capacity but the legacy network architecture is holding them back. [Cisco][7], Palo Alto and others are offering free VPN client licenses but the enterprises still need to expand the VPN terminating appliances. It’s hard to quickly scale capacity in this environment,” says Casey. “Whether it’s coronavirus or some other catalyst that puts stress on the legacy network environment, we advocate that enterprises should diversify and shift portions of their network architecture to the cloud. This will give them much more flexibility to provide security and remote access services to their workforce in the long run.”
|
||||
|
||||
[][8]
|
||||
|
||||
**SASE for flexibility and capacity on demand**
|
||||
|
||||
Casey points to the [Secure Access Service Edge][9] (SASE, pronounced “sassy”) framework as a model for re-architecting the enterprise network. SASE is Gartner’s name for a combination of [SD-WAN][10] capabilities with a number of security services that are primarily delivered through a cloud-based delivery model.
|
||||
|
||||
Gartner defines the service edge as an offering that supports the access needs of digital enterprises by combining SD-WAN functions with network security services such as secure web gateway (SWG), cloud access security broker (CASB), and cloud-based firewall. In short, a SASE offering helps simplify network management by offering highly customizable policy-based control that can be tailored by user identity, session context, and application needs for performance and security – and it’s delivered from the cloud.
|
||||
|
||||
Casey explains the concept of a service edge with a geographical example. “Suppose an employee is VPNing into his corporate network from his New York area home, and the data center happens to be in Chicago. Ordinarily the traffic would all be directed to Chicago, but if he’s accessing internet content, it would be optimal to egress that traffic via secure web gateway much more locally to where the user is. It’s better to go to a site in New York where the VPN terminates on a local firewall, and there’s a secure web gateway there so the Internet traffic can be offloaded there instead of backhauling it to Chicago. This site in New York is called the service edge.”
|
||||
|
||||
Casey continues his explanation: “A virtualized version of a company’s firewall sits in the hub. The VPN terminates on the VPN concentrator in the local hub and then the traffic is routed appropriately. That traffic going to the internet goes out through secure web gateway and that traffic that's destined for an application in the data center goes over a private network inside the security parameters. This is essentially another tunnel back to the data center. And that's a great use case for this whole concept of SASE, which is to lift some of your core security components and move them out to the cloud.”
|
||||
|
||||
With the word cloud, people tend to think of AWS or Azure or Google Cloud Platform, but Casey gives cloud a broader definition. “Cloud is Software as a Service, like Salesforce and ServiceNow,” says Casey. “If you’re an enterprise, cloud is an Equinix data center. Cloud is anything that’s not you, and it’s delivered as a service.”
|
||||
|
||||
**The service edge is a powerful hub**
|
||||
|
||||
In Apcela’s parlance, a service edge is called an application hub, or AppHub. Other companies call them communication hubs, cloud hubs, or simply Points of Presence (PoPs). Regardless of the name, the concept is the same.
|
||||
|
||||
These hubs consist of racks of switching and routing equipment that are typically deployed in carrier-neutral co-location centers. Then these data centers are interconnected with high-capacity, low-latency circuits that create a high-performance core network. SD-WAN, VPN and security stacks are typically deployed in the hubs. At the edge of this network, an enterprise can directly connect its own data centers, branch offices, remote and mobile users, and even third-party partners. The leading SASE providers have built hubs, or PoPs, around the world so that organizations and their workers can connect to the closest hub to obtain the communication and security services they need. Each enterprise chooses what services it wants to utilize.
|
||||
|
||||
When considering how to deploy security as a virtual service, Casey says, “You don't necessarily want to put all the security in AWS because then it will work great with AWS, but it won't work for GCP or Azure, and it certainly won't help you for your SaaS applications. So having this hub environment that sits between the application clouds – Salesforce, Office 365, Workday, etc. – and the users and enterprise locations is the perfect location to put these security services. And because the hubs are essentially an Infrastructure as a Service, you're not stuck with having to move to some proprietary cloud-based platform.”
|
||||
|
||||
SASE infrastructure is essentially on demand, so it’s fairly easy for new customers to adopt it. “It’s not complicated,” says Casey. “We have to find a place, somewhere in the world, and cross connect back into an enterprise’s infrastructure to deliver private connectivity. But it's all very cloud-like. It takes the agility of cloud and the speed of cloud and enables you to act quickly.”
|
||||
|
||||
**SASE has VPN capacity pre-built**
|
||||
|
||||
The SASE model allows companies to expand their VPN platforms easily because the capability is all pre-built. Once the service is turned on, the company is well positioned to support thousands of new home-based workers.
|
||||
|
||||
I asked Casey about a realistic timeframe for companies that are new to the SASE approach before they can expect to be up and running with expanded VPN capacity. “I can only speak to the solution Apcela offers, of course, but I’d say it’s a matter of days to weeks, but certainly not months,” he says. “In our case, it depends on their security platform because we leverage virtualized network functions on the security side, so the whole concept of procuring and shipping equipment goes away.” Other vendors might do the deployment in different ways.
|
||||
|
||||
Contrast this approach to the legacy model of installing new hardware in a data center to provide more capacity. By the time the company orders the hardware, gets it shipped to the data center, and then installed and configured, two or three months might pass.
|
||||
|
||||
Another benefit of the SASE framework is that traffic travels over a private core network rather than the public Internet. “The Internet shouldn’t become your new [WAN][11] – certainly not for business and mission-critical platforms. You need a specialized sort of [MPLS][12]-like network for your cloud apps, which is what a SASE platform does,” says Casey. “Traffic is taken off the Internet at the secure edge, put onto a private secure network and routed directly to the appropriate SaaS or IaaS platform data center.”
|
||||
|
||||
Having a private core network is especially important at this time because the public Internet is under great strain due to the traffic and content pattern shifts now that so many people are staying home or working from home. The [strain is so bad][13] that companies like Facebook and Netflix have been asked by the European Commissioner for internal market and services to throttle their services to consume less bandwidth. As Casey says, “You don’t want your corporate traffic to compete for bandwidth against Netflix and all these different videoconferencing services.”
|
||||
|
||||
If your organization is struggling with ramping up work-from-home capacity in a hurry, consider how a SASE service might help you.
|
||||
|
||||
Join the Network World communities on [Facebook][14] and [LinkedIn][15] to comment on topics that are top of mind.
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
via: https://www.networkworld.com/article/3534501/sase-might-be-better-than-vpns-for-quickly-ramping-up-remote-access.html
|
||||
|
||||
作者:[Linda Musthaler][a]
|
||||
选题:[lujun9972][b]
|
||||
译者:[译者ID](https://github.com/译者ID)
|
||||
校对:[校对者ID](https://github.com/校对者ID)
|
||||
|
||||
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
|
||||
|
||||
[a]: https://www.networkworld.com/author/Linda-Musthaler/
|
||||
[b]: https://github.com/lujun9972
|
||||
[1]: https://www.networkworld.com/newsletters/signup.html
|
||||
[2]: https://www.apcela.com/
|
||||
[3]: https://www.networkworld.com/article/3223692/what-is-a-data-centerhow-its-changed-and-what-you-need-to-know.html
|
||||
[4]: https://www.networkworld.com/article/3268744/understanding-virtual-private-networks-and-why-vpns-are-important-to-sd-wan.html
|
||||
[5]: https://www.networkworld.com/article/3230457/what-is-a-firewall-perimeter-stateful-inspection-next-generation.html
|
||||
[6]: https://techcommunity.microsoft.com/t5/office-365-blog/how-to-quickly-optimize-office-365-traffic-for-remote-staff-amp/ba-p/1214571;
|
||||
[7]: https://blogs.cisco.com/security/cisco-expands-free-security-offerings-to-help-with-rise-in-remote-workers
|
||||
[8]: https://www.networkworld.com/blog/itaas-and-the-corporate-storage-technology/?utm_source=IDG&utm_medium=promotions&utm_campaign=HPE22140&utm_content=sidebar (ITAAS and Corporate Storage Strategy)
|
||||
[9]: https://www.networkworld.com/article/3516503/it-pros-need-to-weigh-in-on-that-sassy-security-model.html
|
||||
[10]: https://www.networkworld.com/article/3031279/sd-wan-what-it-is-and-why-you-ll-use-it-one-day.html
|
||||
[11]: https://www.networkworld.com/article/3248989/what-is-a-wan-wide-area-network-definition-and-examples.html
|
||||
[12]: https://www.networkworld.com/article/2297171/network-security-mpls-explained.html
|
||||
[13]: https://mashable.com/article/eu-netflix-standard-definition-coronavirus/
|
||||
[14]: https://www.facebook.com/NetworkWorld/
|
||||
[15]: https://www.linkedin.com/company/network-world
|
@ -1,5 +1,5 @@
|
||||
[#]: collector: (lujun9972)
|
||||
[#]: translator: (hj24)
|
||||
[#]: translator: ( )
|
||||
[#]: reviewer: ( )
|
||||
[#]: publisher: ( )
|
||||
[#]: url: ( )
|
||||
|
@ -1,194 +0,0 @@
|
||||
[#]: collector: (lujun9972)
|
||||
[#]: translator: (geekpi)
|
||||
[#]: reviewer: ( )
|
||||
[#]: publisher: ( )
|
||||
[#]: url: ( )
|
||||
[#]: subject: (Fish – A Friendly Interactive Shell)
|
||||
[#]: via: (https://fedoramagazine.org/fish-a-friendly-interactive-shell/)
|
||||
[#]: author: (Michal Konečný https://fedoramagazine.org/author/zlopez/)
|
||||
|
||||
Fish – A Friendly Interactive Shell
|
||||
======
|
||||
|
||||
![Fish — A Friendly Interactive Shell][1]
|
||||
|
||||
Are you looking for an alternative to bash? Are you looking for something more user-friendly? Then look no further because you just found the golden fish!
|
||||
|
||||
Fish (friendly interactive shell) is a smart and user-friendly command line shell that works on Linux, MacOS, and other operating systems. Use it for everyday work in your terminal and for scripting. Scripts written in fish are less cryptic than their equivalent bash versions.
|
||||
|
||||
### Fish’s user-friendly features
|
||||
|
||||
* **Suggestions**
|
||||
Fish will suggest commands that you have written before. This boosts productivity when typing same commands often.
|
||||
* **Sane scripting**
|
||||
Fish avoids using cryptic characters. This provides a clearer and friendlier syntax.
|
||||
* **Completion based on man pages**
|
||||
Fish will autocomplete parameters based on the the command’s man page.
|
||||
* **Syntax highlighting**
|
||||
Fish will highlight command syntax to make it visually friendly.
|
||||
|
||||
|
||||
|
||||
### Installation
|
||||
|
||||
#### Fedora Workstation
|
||||
|
||||
Use the _dnf_ command to install fish:
|
||||
|
||||
```
|
||||
$ sudo dnf install fish
|
||||
```
|
||||
|
||||
Make fish your default shell by installing the _util-linux-user_ package and then running the _chsh_ (change shell) command with the appropriate parameters:
|
||||
|
||||
```
|
||||
$ sudo dnf install util-linux-user
|
||||
$ chsh -s /usr/bin/fish
|
||||
```
|
||||
|
||||
You will need to log out and back in for this change to take effect.
|
||||
|
||||
#### Fedora Silverblue
|
||||
|
||||
Because this is not GUI application, you will need to layer it using _rpm-ostree_. Use the following command to install fish on Fedora Silverblue:
|
||||
|
||||
```
|
||||
$ rpm-ostree install fish
|
||||
```
|
||||
|
||||
On Fedora Silverblue you will need to reboot your PC to switch to the new ostree image.
|
||||
|
||||
If you want to make fish your main shell on Fedora Silverblue, the easiest way is to update the _/etc/passwd_ file. Find your user and change _/bin/bash_ to _/usr/bin/fish_.
|
||||
|
||||
You will need [root privileges][2] to edit the _/etc/passwd_ file. Also you will need to log out and back in for this change to take effect.
|
||||
|
||||
### Configuration
|
||||
|
||||
The per-user configuration file for fish is _~/.config/fish/config.fish_. To make configuration changes for all users, edit _/etc/fish/config.fish_ instead.
|
||||
|
||||
The per-user configuration file must be created manually. The installation scripts will not create _~/.config/fish/config.fish_.
|
||||
|
||||
Here are a couple configuration examples shown alongside their bash equivalents to get you started:
|
||||
|
||||
#### Creating aliases
|
||||
|
||||
* _~/.bashrc_: alias ll='ls -lh'
|
||||
* _~/.config/fish/config.fish_: alias ll='ls -lh'
|
||||
|
||||
|
||||
|
||||
#### Setting environment variables
|
||||
|
||||
* _~/.bashrc_: export PATH=$PATH:~/bin
|
||||
* _~/.config/fish/config.fish_: set -gx PATH $PATH ~/bin
|
||||
|
||||
|
||||
|
||||
### Working with fish
|
||||
|
||||
When fish is configured as your default shell, the command prompt will look similar to what is shown in the below image. If you haven’t configured fish to be your default shell, just run the _fish_ command to start it in your current terminal session.
|
||||
|
||||
![][3]
|
||||
|
||||
As you start typing commands, you will notice the syntax highlighting:
|
||||
|
||||
![][4]
|
||||
|
||||
Cool, isn’t it? 🙂
|
||||
|
||||
You will also see commands being suggested as you type. For example, start typing the previous command a second time:
|
||||
|
||||
![][5]
|
||||
|
||||
Notice the gray text that appears as you type. The gray text is fish suggesting the command you wrote before. To autocomplete it, just press **CTRL+F**.
|
||||
|
||||
Get argument suggestions based on the preceding command’s man page by typing a dash (**–**) and then the **TAB** key:
|
||||
|
||||
![][6]
|
||||
|
||||
If you press **TAB** once, it will show you the first few suggestions (or every suggestion, if there are only a few arguments available). If you press **TAB** a second time, it will show you all suggestions. If you press **TAB** three times consecutively, it will switch to interactive mode and you can select an argument using the arrow keys.
|
||||
|
||||
Otherwise, fish works similar to most other shells. The remaining differences are well documented. So it shouldn’t be difficult to find other features that you may be interested in.
|
||||
|
||||
### Make fish even more powerful
|
||||
|
||||
Make the fish even more powerful with [powerline][7]. Powerline adds command execution time, colored git status, current git branch and much more to fish’s interface.
|
||||
|
||||
Before installing powerline for fish, you must install [Oh My Fish][8]. Oh My Fish extends fish’s core infrastructure to enable the installation of additional plugins. The easiest way to install Oh My Fish is to use the _curl_ command:
|
||||
|
||||
```
|
||||
> curl -L https://get.oh-my.fish | fish
|
||||
```
|
||||
|
||||
If you don’t want to pipe the installation commands directly to _curl_, see the installation section of Oh My Fish’s [README][9] for alternative installation methods.
|
||||
|
||||
Fish’s powerline plugin is [bobthefish][7]. Bobthefish requires the _powerline-fonts_ package.
|
||||
|
||||
**On Fedora Workstation**:
|
||||
|
||||
```
|
||||
> sudo dnf install powerline-fonts
|
||||
```
|
||||
|
||||
**On Fedora Silverblue**:
|
||||
|
||||
```
|
||||
> rpm-ostree install powerline-fonts
|
||||
```
|
||||
|
||||
On Fedora Silverblue you will have to reboot to complete the installation of the fonts.
|
||||
|
||||
After you have installed the _powerline-fonts_ package, install _bobthefish_:
|
||||
|
||||
```
|
||||
> omf install bobthefish
|
||||
```
|
||||
|
||||
Now you can experience the full awesomeness of fish with powerline:
|
||||
|
||||
![][10]
|
||||
|
||||
### Additional resources
|
||||
|
||||
Check out these web pages to learn even more about fish:
|
||||
|
||||
* [Official page][11]
|
||||
* [Documentation][12]
|
||||
* [Tutorial][13]
|
||||
* [FAQ][14]
|
||||
* [Web playground][15]
|
||||
* [Mailing lists][16]
|
||||
* [GitHub][17]
|
||||
|
||||
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
via: https://fedoramagazine.org/fish-a-friendly-interactive-shell/
|
||||
|
||||
作者:[Michal Konečný][a]
|
||||
选题:[lujun9972][b]
|
||||
译者:[译者ID](https://github.com/译者ID)
|
||||
校对:[校对者ID](https://github.com/校对者ID)
|
||||
|
||||
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
|
||||
|
||||
[a]: https://fedoramagazine.org/author/zlopez/
|
||||
[b]: https://github.com/lujun9972
|
||||
[1]: https://fedoramagazine.org/wp-content/uploads/2020/03/fish-816x345.jpg
|
||||
[2]: https://fedoramagazine.org/howto-use-sudo/
|
||||
[3]: https://fedoramagazine.org/wp-content/uploads/2020/03/Screenshot-from-2020-03-03-14-00-35.png
|
||||
[4]: https://fedoramagazine.org/wp-content/uploads/2020/03/Screenshot-from-2020-03-03-14-19-24.png
|
||||
[5]: https://fedoramagazine.org/wp-content/uploads/2020/03/Screenshot-from-2020-03-03-14-25-31.png
|
||||
[6]: https://fedoramagazine.org/wp-content/uploads/2020/03/Screenshot-from-2020-03-03-14-58-07.png
|
||||
[7]: https://github.com/oh-my-fish/theme-bobthefish
|
||||
[8]: https://github.com/oh-my-fish/oh-my-fish
|
||||
[9]: https://github.com/oh-my-fish/oh-my-fish/blob/master/README.md#installation
|
||||
[10]: https://fedoramagazine.org/wp-content/uploads/2020/03/Screenshot-from-2020-03-03-15-38-07.png
|
||||
[11]: https://fishshell.com/
|
||||
[12]: https://fishshell.com/docs/current/index.html
|
||||
[13]: https://fishshell.com/docs/current/tutorial.html
|
||||
[14]: https://fishshell.com/docs/current/faq.html
|
||||
[15]: https://rootnroll.com/d/fish-shell/
|
||||
[16]: https://sourceforge.net/projects/fish/lists/fish-users
|
||||
[17]: https://github.com/fish-shell/fish-shell/
|
@ -1,5 +1,5 @@
|
||||
[#]: collector: (lujun9972)
|
||||
[#]: translator: ( )
|
||||
[#]: translator: (geekpi)
|
||||
[#]: reviewer: ( )
|
||||
[#]: publisher: ( )
|
||||
[#]: url: ( )
|
||||
|
@ -0,0 +1,233 @@
|
||||
[#]: collector: (lujun9972)
|
||||
[#]: translator: ( )
|
||||
[#]: reviewer: ( )
|
||||
[#]: publisher: ( )
|
||||
[#]: url: ( )
|
||||
[#]: subject: (Access control lists and external drives on Linux: What you need to know)
|
||||
[#]: via: (https://opensource.com/article/20/3/external-drives-linux)
|
||||
[#]: author: (Seth Kenlon https://opensource.com/users/seth)
|
||||
|
||||
Access control lists and external drives on Linux: What you need to know
|
||||
======
|
||||
Learn how to use external drives correctly on Linux.
|
||||
![Penguin driving a car with a yellow background][1]
|
||||
|
||||
While cloud storage offers many advantages, there's nothing quite like having your data on a physical hard drive. When you save data to a drive, you know exactly where your data is, and it's always available when you need it. When you save data to an external portable drive like a USB thumb drive, it's even better—not only do you know where your data is, but you can take your data with you everywhere you go. If you're new to [Linux][2], or you're trying to use a Linux file system on an external drive, you might find external drives confusing, being prone to permission errors or conflicts, or even losing metadata.
|
||||
|
||||
There are two "right" answers to this:
|
||||
|
||||
### ExFAT
|
||||
|
||||
Formerly, ExFAT was a file system fraught with legal threats from Microsoft because they own the code. They've sued companies and organizations before to defend their ownership of FAT, so it was commonly feared that they could do the same over ExFAT. However, recently. Microsoft made the specifications for ExFAT open source. They didn't provide a driver, unfortunately, but there's an existing drive to make it function on Linux, and, now that developers have access to the full specs, improvements are inevitable.
|
||||
|
||||
The advantage of ExFAT is that it's cross-platform (Windows, Mac, and many portable devices use it), and it's designed without the overhead of file permissions. You can attach a drive formatted as ExFAT to any computer, and all files are available to anyone. Whether that's good or bad depends on your use case, but for portable media, that's often exactly the intent.
|
||||
|
||||
### Access control lists (ACL)
|
||||
|
||||
If you prefer to use a Linux file system on your portable drive, then you can do that, but to make sharing files seamless, you should use access control lists (ACL).
|
||||
|
||||
When you create a file or directory on a drive, there are defaults on your system determining what file permissions it gets. For most cases, those defaults make sense—when you create a file in your home directory, you probably don't want other users to have access to that file. However, when you're creating a file on an external drive, there's a high likelihood that it's because you need to share that file with someone else (even if that someone is you on another computer).
|
||||
|
||||
You can override default permissions for file viewing with an ACL, and you can control default file creation mode by setting a sticky bit. An ACL is a layer of security policies in the extended attributes of directories and files. It allows you to specify exceptions to what the file system permissions indicate. Most notably, this allows you to transcend the single-owner and single-group model of traditional UNIX permissions.
|
||||
|
||||
For instance, while the **seth** (ID 1000) account might own a directory created on my desktop, **seth** (ID 500) on my laptop does not, because the user IDs are different.
|
||||
|
||||
The same could be true for a group. If a directory with group ID 1000 is assigned to a directory on one computer, then a group with an ID 500 or 10922 doesn't have access to it on another computer. But an ACL can add secondary owners and groups to directories and files.
|
||||
|
||||
#### View the current ACL
|
||||
|
||||
Any directory and file on any common Linux filesystem has ACL rules by default. They're stored in extended attributes, a kind of metadata that you don't normally see.
|
||||
|
||||
You can view them in the terminal:
|
||||
|
||||
|
||||
```
|
||||
$ getfacl ./example
|
||||
# file: /run/media/drive/example
|
||||
# owner: seth
|
||||
# group: users
|
||||
user::rwx
|
||||
group::rwx
|
||||
other::r--
|
||||
```
|
||||
|
||||
The commented lines are just for your reference; they tell you the path, and the owner and group, of the file or directory you're viewing information about. The next lines display the rules applied to the file or directory. In this example, the user permissions are set to **rwx**, the group to **r-x**, and other to **r-x**. These permissions are reflected by a normal filesystem list:
|
||||
|
||||
|
||||
```
|
||||
$ ls -lA /run/media/drive
|
||||
drwxrwxr-- 26 seth users 4096 Jan 16 21:04 example
|
||||
$ id
|
||||
uid=1000(seth) gid=100(users) groups=100(users)...
|
||||
```
|
||||
|
||||
As long as user **seth** (UID 1000) or a member of **group** (GID 100) interacts with the **example** directory, full access is granted. Any other account, however, has only read (**r**) permission.
|
||||
|
||||
#### Setting an ACL
|
||||
|
||||
To modify an ACL, you use the **setfacl** command or use a file manager with ACL support. You can be very specific or very generic when setting your ACL.
|
||||
|
||||
To just modify the filesystem permission settings, you can use either **chmod** or **setfacl**. This is a very generic ACL setting because you're not adding anything to the permissions already available to UNIX from the filesystem specification.
|
||||
|
||||
|
||||
```
|
||||
$ setfacl --modify g::r example
|
||||
$ getfacl ./example | grep "group::"
|
||||
group::r--
|
||||
$ ls -l . | grep example
|
||||
drwxr--r-- 26 seth users 4096 Jan 16 21:04 example
|
||||
```
|
||||
|
||||
The same effect is available through **chmod**:
|
||||
|
||||
|
||||
```
|
||||
$ chmod g+x example
|
||||
$ getfacl ./example | grep "group::"
|
||||
group::r-x
|
||||
$ ls -l . | grep example
|
||||
drwxr-xr-- 26 seth users 4096 Jan 16 21:04 example
|
||||
```
|
||||
|
||||
#### Adding users and groups
|
||||
|
||||
To really benefit from an ACL is to use it for permissions outside the scope of native UNIX permissions. If I'm logged into my desktop as **seth** with user ID 1000, and I know that a directory on my portable drive needs to be usable by **seth** with ID 500 on my laptop, then just declaring **seth** as owner isn't enough because the user IDs aren't the same.
|
||||
|
||||
You can add a user or user ID to an access control list:
|
||||
|
||||
|
||||
```
|
||||
$ setfacl --modify u:500:rwx example
|
||||
$ getfacl example
|
||||
# file: /run/media/drive/example
|
||||
# owner: seth
|
||||
# group: users
|
||||
user::rwx
|
||||
user:500:rwx
|
||||
[...]
|
||||
```
|
||||
|
||||
A new entry, specific to user ID 500, has been added to the list. Attaching the drive to another Linux or UNIX computer now allows the user with ID 500 to access the **example** folder.
|
||||
|
||||
You can also add users by account name, or groups by either group name or group ID. The IDs are what really count with permissions, though, so if you're in a mixed environment (RHEL servers and Elementary clients, for example), you should verify the user IDs and group IDs lurking behind accounts that seem, on the surface, identical.
|
||||
|
||||
#### Setting default ACL rules
|
||||
|
||||
If you treat access control as a one-time setting, you'll quickly run into problems once your different user accounts start creating files and directories. Any new file or directory created by each user inherits the system's default permissions (and ACL). This means that once laptop user **seth** with ID 500 creates a file in a directory, it could be off-limits to desktop user **seth** with ID 1000 because the owner of the file is set to UID 500.
|
||||
|
||||
A default ACL can be applied to directories so that files and subdirectories created within them inherit the parent ACL. You can set the default ACL of a directory with the **–default** option:
|
||||
|
||||
|
||||
```
|
||||
$ setfacl --default --modify u:500:rwx example
|
||||
$ setfacl --default --modify u:1000:rwx example
|
||||
$ getfacl --omit-header example
|
||||
user::rwx
|
||||
user:500:rwx
|
||||
group::rw-
|
||||
mask::rwx
|
||||
other::r-x
|
||||
default:user::rwx
|
||||
default:group::rw-
|
||||
default:group:500:rwx
|
||||
default:group:1000:rwx
|
||||
default😷:rwx
|
||||
default:other::r-x
|
||||
```
|
||||
|
||||
When a user creates a new directory within the **example** directory, the inherited ACL is the same as its parent:
|
||||
|
||||
|
||||
```
|
||||
$ cd example
|
||||
$ mkdir penguins
|
||||
$ getfacl --omit-header penguins
|
||||
user::rwx
|
||||
group::rw-
|
||||
group:500:rwx
|
||||
group:1000:rwx
|
||||
mask::rwx
|
||||
other::r-x
|
||||
default:user::rwx
|
||||
default:group::rw-
|
||||
default:group:500:rwx
|
||||
default:group:1000:rwx
|
||||
default😷:rwx
|
||||
default:other::r-x
|
||||
```
|
||||
|
||||
This means that any directory or file created inherits the same ACL, so neither user 500 or 1000 are ever excluded from access.
|
||||
|
||||
#### Pragmatic ACL for external drives
|
||||
|
||||
When using a Linux filesystem for external drives, the easy method of ensuring it works with all the users who expect to use the portable drive is to set an ACL on a single top-level directory.
|
||||
|
||||
For instance, assume you have formatted a USB drive called **mydrive** as an ext4 filesystem. You want your account on your laptop and your desktop, as well as your colleague Alice, to be able to access the files.
|
||||
|
||||
First, create a directory at the top level of the drive:
|
||||
|
||||
|
||||
```
|
||||
$ mkdir /mnt/mydrive/umbrella
|
||||
```
|
||||
|
||||
Then apply an ACL to the top-level directory to grant all-important users access:
|
||||
|
||||
|
||||
```
|
||||
$ setfacl --modify \
|
||||
u:500:rwx,u:1000:rwx,u:alice:rwx \
|
||||
/mnt/mydrive/umbrella
|
||||
```
|
||||
|
||||
Finally, apply a default ACL so that all directories and files created within the top-level directory **umbrella** inherit the same default ACL (note that this command uses the short version of **–modify**):
|
||||
|
||||
|
||||
```
|
||||
$ setfacl --default -m u:500:rwx,u:1000:rwx,u:alice:rwx \
|
||||
/mnt/mydrive/umbrella
|
||||
```
|
||||
|
||||
#### Applying defaults to an existing system
|
||||
|
||||
If you need to apply ACL settings to many files that already exist, you can accomplish that with the **find** command.
|
||||
|
||||
First, find all directories and apply ACL rules:
|
||||
|
||||
|
||||
```
|
||||
$ find /mnt/mydrive/umbrella -type d | \
|
||||
parallel --max-args=6 setfacl \
|
||||
--default -m u:500:rwx,u:1000:rwx,u:alice:rwx
|
||||
```
|
||||
|
||||
It's not wise to indiscriminately set all file permissions to executable, so next, find all files and set permissions to **re**. Files that require an executable bit can be set manually or by file extension:
|
||||
|
||||
|
||||
```
|
||||
$ find /mnt/mydrive/umbrella -type f | \
|
||||
parallel --max-args=6 setfacl \
|
||||
--default -m u:500:rw,u:1000:rw,u:alice:rw
|
||||
```
|
||||
|
||||
Adjust the logic of these commands to suit your individual need (don't run a command that removes the executable bit on **/usr**, for instance, or on a directory containing nothing but executable programs).
|
||||
|
||||
### External drives
|
||||
|
||||
Don't let confusion around external drives on Linux get the best of you, and don't limit yourself to traditional UNIX permissions. Put access control lists to work for you, and feel free to use native journaled Linux filesystems on your portable drives.
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
via: https://opensource.com/article/20/3/external-drives-linux
|
||||
|
||||
作者:[Seth Kenlon][a]
|
||||
选题:[lujun9972][b]
|
||||
译者:[译者ID](https://github.com/译者ID)
|
||||
校对:[校对者ID](https://github.com/校对者ID)
|
||||
|
||||
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
|
||||
|
||||
[a]: https://opensource.com/users/seth
|
||||
[b]: https://github.com/lujun9972
|
||||
[1]: https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/car-penguin-drive-linux-yellow.png?itok=twWGlYAc (Penguin driving a car with a yellow background)
|
||||
[2]: https://opensource.com/resources/linux
|
@ -0,0 +1,117 @@
|
||||
[#]: collector: (lujun9972)
|
||||
[#]: translator: ( )
|
||||
[#]: reviewer: ( )
|
||||
[#]: publisher: ( )
|
||||
[#]: url: ( )
|
||||
[#]: subject: (Using data from spreadsheets in Fedora with Python)
|
||||
[#]: via: (https://fedoramagazine.org/using-data-from-spreadsheets-in-fedora-with-python/)
|
||||
[#]: author: (Paul W. Frields https://fedoramagazine.org/author/pfrields/)
|
||||
|
||||
Using data from spreadsheets in Fedora with Python
|
||||
======
|
||||
|
||||
![][1]
|
||||
|
||||
[Python][2] is one of the most popular and powerful programming languages available. Because it’s free and open source, it’s available to everyone — and most Fedora systems come with the language already installed. Python is useful for a wide variety of tasks, but among them is processing comma-separated value (**CSV**) data. CSV files often start off life as tables or spreadsheets. This article shows how to get started working with CSV data in Python 3.
|
||||
|
||||
CSV data is precisely what it sounds like. A CSV file includes one row of data at a time, with data values separated by commas. Each row is defined by the same _fields_. Short CSV files are often easily read and understood. But longer data files, or those with more fields, may be harder to parse with the naked eye, so computers work better in those cases.
|
||||
|
||||
Here’s a simple example where the fields are _Name_, _Email_, and _Country_. In this example, the CSV data includes a field definition as the first row, although that is not always the case.
|
||||
|
||||
```
|
||||
Name,Email,Country
|
||||
John Q. Smith,jqsmith@example.com,USA
|
||||
Petr Novak,pnovak@example.com,CZ
|
||||
Bernard Jones,bjones@example.com,UK
|
||||
```
|
||||
|
||||
### Reading CSV from spreadsheets
|
||||
|
||||
Python helpfully includes a _csv_ module that has functions for reading and writing CSV data. Most spreadsheet applications, both native like Excel or Numbers, and web-based such as Google Sheets, can export CSV data. In fact, many other services that can publish tabular reports will also export as CSV (PayPal for instance).
|
||||
|
||||
The Python _csv_ module has a built in reader method called _DictReader_ that can deal with each data row as an ordered dictionary (OrderedDict). It expects a file object to access the CSV data. So if our file above is called _example.csv_ in the current directory, this code snippet is one way to get at this data:
|
||||
|
||||
```
|
||||
f = open('example.csv', 'r')
|
||||
from csv import DictReader
|
||||
d = DictReader(f)
|
||||
data = []
|
||||
for row in d:
|
||||
data.append(row)
|
||||
```
|
||||
|
||||
Now the _data_ object in memory is a list of OrderedDict objects :
|
||||
|
||||
```
|
||||
[OrderedDict([('Name', 'John Q. Smith'),
|
||||
('Email', 'jqsmith@example.com'),
|
||||
('Country', 'USA')]),
|
||||
OrderedDict([('Name', 'Petr Novak'),
|
||||
('Email', 'pnovak@example.com'),
|
||||
('Country', 'CZ')]),
|
||||
OrderedDict([('Name', 'Bernard Jones'),
|
||||
('Email', 'bjones@example.com'),
|
||||
('Country', 'UK')])]
|
||||
```
|
||||
|
||||
Referencing each of these objects is easy:
|
||||
|
||||
```
|
||||
>>> print(data[0]['Country'])
|
||||
USA
|
||||
>>> print(data[2]['Email'])
|
||||
bjones@example.com
|
||||
```
|
||||
|
||||
By the way, if you have to deal with a CSV file with no header row of field names, the _DictReader_ class lets you define them. In the example above, add the _fieldnames_ argument and pass a sequence of the names:
|
||||
|
||||
```
|
||||
d = DictReader(f, fieldnames=['Name', 'Email', 'Country'])
|
||||
```
|
||||
|
||||
### A real world example
|
||||
|
||||
I recently wanted to pick a random winner from a long list of individuals. The CSV data I pulled from spreadsheets was a simple list of names and email addresses.
|
||||
|
||||
Fortunately, Python also has a helpful _random_ module good for generating random values. The _randrange_ function in the _Random_ class from that module was just what I needed. You can give it a regular range of numbers — like integers — and a step value between them. The function then generates a random result, meaning I could get a random integer (or row number!) back within the total number of rows in my data.
|
||||
|
||||
So this small program worked well:
|
||||
|
||||
```
|
||||
from csv import DictReader
|
||||
from random import Random
|
||||
|
||||
d = DictReader(open('mydata.csv'))
|
||||
data = []
|
||||
for row in d:
|
||||
data.append(row)
|
||||
|
||||
r = Random()
|
||||
winner = data[r.randrange(0, len(data), 1)]
|
||||
print('The winner is:', winner['Name'])
|
||||
print('Email address:', winner['Email'])
|
||||
```
|
||||
|
||||
Obviously this example is extremely simple. Spreadsheets themselves include sophisticated ways to analyze data. However, if you want to do something outside the realm of your spreadsheet app, Python may be just the trick!
|
||||
|
||||
* * *
|
||||
|
||||
_Photo by [Isaac Smith][3] on [Unsplash][4]._
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
via: https://fedoramagazine.org/using-data-from-spreadsheets-in-fedora-with-python/
|
||||
|
||||
作者:[Paul W. Frields][a]
|
||||
选题:[lujun9972][b]
|
||||
译者:[译者ID](https://github.com/译者ID)
|
||||
校对:[校对者ID](https://github.com/校对者ID)
|
||||
|
||||
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
|
||||
|
||||
[a]: https://fedoramagazine.org/author/pfrields/
|
||||
[b]: https://github.com/lujun9972
|
||||
[1]: https://fedoramagazine.org/wp-content/uploads/2020/03/spreadsheets-python-816x345.jpg
|
||||
[2]: https://python.org
|
||||
[3]: https://unsplash.com/@isaacmsmith?utm_source=unsplash&utm_medium=referral&utm_content=creditCopyText
|
||||
[4]: https://unsplash.com/s/photos/spreadsheets?utm_source=unsplash&utm_medium=referral&utm_content=creditCopyText
|
68
sources/tech/20200330 Why I switched from Mac to Linux.md
Normal file
68
sources/tech/20200330 Why I switched from Mac to Linux.md
Normal file
@ -0,0 +1,68 @@
|
||||
[#]: collector: (lujun9972)
|
||||
[#]: translator: ( )
|
||||
[#]: reviewer: ( )
|
||||
[#]: publisher: ( )
|
||||
[#]: url: ( )
|
||||
[#]: subject: (Why I switched from Mac to Linux)
|
||||
[#]: via: (https://opensource.com/article/20/3/mac-linux)
|
||||
[#]: author: (Lee Tusman https://opensource.com/users/leeto)
|
||||
|
||||
Why I switched from Mac to Linux
|
||||
======
|
||||
After 25 years, Lee made the switch to Linux and couldn't be happier.
|
||||
Here's what he uses.
|
||||
![Code going into a computer.][1]
|
||||
|
||||
In 1994, my family bought a Macintosh Performa 475 as a home computer. I had used Macintosh SE computers in school and learned to type with [Mavis Beacon Teaches Typing][2], so I've been a Mac user for well over 25 years. Back in the mid-1990s, I was attracted to its ease of use. It didn't start with a DOS command prompt; it opened to a friendly desktop. It was playful. And even though there was a lot less software for Macintosh than PCs, I thought the Mac ecosystem was better, just on the strength of KidPix and Hypercard, which I still think of as the unsurpassed, most intuitive _creative stack_.
|
||||
|
||||
Even so, I still had the feeling that Mac was an underdog compared to Windows. I remember thinking the company could disappear one day. Flash-forward decades later, and Apple is a behemoth, a trillion-dollar company. But as it evolved, it changed significantly. Some changes have been for the better, such as better stabilization, simpler hardware choices, increased security, and more accessibility options. Other changes annoyed me—not all at once, but slowly. Most significantly, I am annoyed by Apple's closed ecosystem—the difficulty of accessing photos without iPhoto; the necessity of using iTunes; and the enforced bundling of the Apple store ecosystem even when I don't want to use it.
|
||||
|
||||
Over time, I found myself working largely in the terminal. I used iTerm2 and the [Homebrew][3] package manager. I couldn't get all my Linux software to work, but much of it did. I thought I had the best of both worlds: the macOS graphical operating system and user interface alongside the ability to jump into a quick terminal session.
|
||||
|
||||
Later, I began using Raspberry Pi computers booting Raspbian. I also collected a number of very old laptops rescued from the trash at universities, so, by necessity, I decided to try out various Linux distros. While none of them became my main machine, I started to really enjoy using Linux. I began to consider what it would be like to try running a Linux distro as my daily driver, but I thought the Macbook's comfort and ease, especially the hardware's size and weight, would be hard to find in a non-Mac laptop.
|
||||
|
||||
## Time to make the switch?
|
||||
|
||||
About two years ago, I began using a Dell for work. It was a larger laptop with an integrated GPU, and dual-booted Linux and Windows. I used it for game development, 3D modeling, some machine learning, and basic programming in C# and Java. I considered making it my primary machine, but I loved the portability of my Macbook Air, and continued to use that as well.
|
||||
|
||||
Last fall, I started to notice my Air was running hot, and the fan was coming on more often. My primary machine was starting to show its age. For years, I used the Mac's terminal to access Darwin's Unix-like operating system, and I was spending more and more time bouncing between the terminal and my web browser. Was it time to make the switch?
|
||||
|
||||
I began exploring the possibilities for a Macbook-like Linux laptop. After doing some research, reading reviews and message boards, I went with the long-celebrated Dell XPS 13 Developer Edition 7390, opting for the 10th Generation i7. I chose it because I love the feel of the Macbook (and especially the slim Macbook Air), and reviews of the XPS 13 suggested it seemed it was similar, with really positive reviews of the trackpad and keyboard.
|
||||
|
||||
Most importantly, it came loaded with Ubuntu. While it's easy enough to get a PC, wipe it, and install a new Linux distro, I was attracted to the cohesive operating system and hardware, but one that allowed a lot of the customization we know and love in Linux. So when there was a sale, I took the plunge and purchased it.
|
||||
|
||||
## What it's like to run Linux daily
|
||||
|
||||
I've been using the XPS 13 for three months and my dual-booted Linux work laptop for two years. At first, I thought I'd want to spend more time finding an alternate desktop environment or window manager that was more Mac-like, such as [Enlightenment][4]. I tried several, but I have to say, I like the simplicity of running [GNOME][5] out of the box. For one thing, it's minimal; there's not much GUI to get caught up in. In fact, it's intuitive and the [overview][6] takes only a couple minutes to read.
|
||||
|
||||
I can access my applications through the application dash bar or a grid button to get to the application view. To access my file system, I click on the **Files** icon in the dash. To open the GNOME terminal, I type **Ctrl+Alt+T** or just **Alt+Tab** to switch between an open application and an open terminal. It's also easy to define your own [custom hotkey shortcuts][7].
|
||||
|
||||
Beyond this, there's not much else to say. Unlike the Mac's desktop, there's not a lot to get lost in, which means there's less to distract me from my work or the applications I want to run. I didn't realize all the options or how much time I spent navigating windows on my Mac. In Linux, there are just files, applications, and the terminal.
|
||||
|
||||
I installed the [i3 tiling window manager][8] to do a test run. I had a few issues configuring it because I type in [Dvorak][9], and i3 doesn't adapt to the alternate keyboard configuration. I think with more effort, I could figure out a new keyboard mapping in i3, but the main thing I was looking for was simple tiling.
|
||||
|
||||
I looked up GNOME's tiling capabilities and was pleasantly surprised. You press the **Super** key (for me, it's the key with the Windows logo—which I should cover with a sticker!) and then a modifier key. For example, pressing **Super+Left** moves your current window to a tile on the left side of the screen. **Super+Right** moves to the right half. **Super+Up** maximizes the current window. **Super+Down** reverts to the previous size. You can move between app windows with **Alt+Tab**. This is all default behavior and can be customized in the Keyboard settings.
|
||||
|
||||
Plugging in headphones or connecting to HDMI works the way you expect. Sometimes, I open the Sound settings to switch between the HDMI sound output or my external audio cable, just as I would on a Mac or PC. The trackpad is responsive, and I haven't noticed any difference from the Macbook's. When I plug in a three-button mouse, it works instantly, even with my Bluetooth mouse and keyboard.
|
||||
|
||||
### Software
|
||||
|
||||
I installed Atom, VLC, Keybase, Brave Browser, Krita, Blender, and Thunderbird in a matter of minutes. I installed other software with the Apt package manager in the terminal (as normal), which offers many more packages than the Homebrew package manager for macOS.
|
||||
|
||||
### Music
|
||||
|
||||
I have a variety of options for listening to music. I use Spotify and [PyRadio][10] to stream music. [Rhythmbox][11] is installed by default on Ubuntu; the simple music player launches instantly and without any bloat. Simply click on the menu, choose **Add Music**, and navigate to a directory of audio tracks (it searches recursively). You can also stream podcasts or online radio easily.
|
||||
|
||||
### Text and PDFs
|
||||
|
||||
I tend to write in Markdown in [Neovim][12] with some plugins, then convert my document using Pandoc to whatever final format is needed. For a nice Markdown editor with preview, I downloaded [Ghostwriter][13], a minimal-focus writing application.
|
||||
|
||||
If someone sends me a Microsoft Word document, I can open it using the default LibreOffice Writer application.
|
||||
|
||||
Occasionally, I have to sign a document. This is easy with macOS's Preview application and my signature in PNG format, and I needed a Linux equivalent. I found that the default PDF viewer app didn't have the annotation tools I needed. The LibreOffice Draw program was acceptable but not particularly easy to use, and it occasionally crashed. Based on some research, I installed [Xournal][14], which has the simple annotation tools I need to add dates, text, and my signature and is fairly comparable to Mac's Preview app. It works exactly as needed.
|
||||
|
||||
### Importing images from my phone
|
||||
|
||||
I have an iPhone. To get my images off the phone, there are a number of methods to sync and access your files. If you have a different phone, your process may be different. Here's my method:
|
||||
|
||||
1. Install gvfs-backends with **sudo apt install gvfs-backends**, which is part of the GNO
|
@ -0,0 +1,98 @@
|
||||
[#]: collector: (lujun9972)
|
||||
[#]: translator: ( )
|
||||
[#]: reviewer: ( )
|
||||
[#]: publisher: ( )
|
||||
[#]: url: ( )
|
||||
[#]: subject: (Rambox is an All-in-one Messenger for Linux)
|
||||
[#]: via: (https://itsfoss.com/rambox/)
|
||||
[#]: author: (Ankush Das https://itsfoss.com/author/ankush/)
|
||||
|
||||
Rambox is an All-in-one Messenger for Linux
|
||||
======
|
||||
|
||||
_**Brief: Rambox is an all-in-one messenger that lets you combine multiple services like Discord, Slack, Facebook Messenger and hundreds of more such services in one place.**_
|
||||
|
||||
### Rambox: Add multiple messaging Services in a single app
|
||||
|
||||
![][1]
|
||||
|
||||
Rambox is one of the best ways to manage multiple services for communication through a single app installed. You can use [multiple messaging services][2] like Facebook Messenger, Gmail chats, AOL, Discord, Google Duo, [Viber][3] and a lot more from the same interface.
|
||||
|
||||
This way, you don’t need to install individual apps or keep them opened in browser all the time. You can use a master password to lock the Rambox application. You can also use do not disturb feature.
|
||||
|
||||
Rambox offers an [open source community edition][4] which is free to use. The paid pro version gives you access to 600+ apps while the community addition has 99+ apps. Pro version has additional features like themes, hibernation, ad-block, spell check and premium support.
|
||||
|
||||
Don’t worry. The open source community edition itself is quite useful and you may not even need those pro features.
|
||||
|
||||
### Features of Rambox
|
||||
|
||||
![][5]
|
||||
|
||||
While you should find most of the essential features in the open-source edition, you might notice some of them limited to the pro version.
|
||||
|
||||
Here, I’ve mentioned all the essential features available:
|
||||
|
||||
* You get about 100 apps/services to choose from in the open-source edition
|
||||
* Ability to protect the app with a single Master password lock
|
||||
* Ability to lock each session that you load up
|
||||
* Do Not Disturb mode
|
||||
* Ability to sync apps and configuration across multiple devices.
|
||||
* You can create and add custom apps
|
||||
* Support for keyboard shortcuts
|
||||
* Ability to enable/disable apps without needing to delete them
|
||||
* JS & CSS injection support to tweak the styling of apps
|
||||
* Ad-block (**pro version**)
|
||||
* Hibernation support (**pro version**)
|
||||
* Theme support (**pro version**)
|
||||
* Mobile view **(pro version)**
|
||||
* Spell check **(pro version)**
|
||||
* Work hours – to schedule a time for incoming notifications **(pro version)**
|
||||
* Proxies support **(pro version)**
|
||||
|
||||
|
||||
|
||||
In addition to what I’ve listed here, you might find some more features in the Rambox Pro edition. To know more about it, you can refer to the [official list of features][6].
|
||||
|
||||
It is also worth noting that you cannot have more than 3 active simultaneous device connections.
|
||||
|
||||
### Installing Rambox on Linux
|
||||
|
||||
You can easily get started using Rambox using the **.AppImage** file available on the [official download page][4]. If you’re curious, you can refer our guide on how to [use the AppImage file on Linux][7].
|
||||
|
||||
In either case, you can also get it from the [Snap store][8]. Also, feel free to check their [GitHub releases section][9] for **.deb / .rpm** or other packages.
|
||||
|
||||
[Download Rambox Community Edition][4]
|
||||
|
||||
### Wrapping Up
|
||||
|
||||
It can be a little overwhelming to have a lot of apps installed using Rambox. So, I’d suggest you monitor the RAM usage when adding more apps and using them for work.
|
||||
|
||||
There is also a similar app called [Franz][10] which is also part open source and part premium like Rambox.
|
||||
|
||||
Even though solutions like Rambox or Franz are quite useful, they aren’t always resource-friendly, specially if you start using tens of services at the same time. So, keep an eye on your system resources (if you notice a performance impact).
|
||||
|
||||
Otherwise, it’s an impressive app that does the work that you’d expect. Have you tried it out? Feel free to let me know your thoughts!
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
via: https://itsfoss.com/rambox/
|
||||
|
||||
作者:[Ankush Das][a]
|
||||
选题:[lujun9972][b]
|
||||
译者:[译者ID](https://github.com/译者ID)
|
||||
校对:[校对者ID](https://github.com/校对者ID)
|
||||
|
||||
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
|
||||
|
||||
[a]: https://itsfoss.com/author/ankush/
|
||||
[b]: https://github.com/lujun9972
|
||||
[1]: https://i0.wp.com/itsfoss.com/wp-content/uploads/2020/03/rambox-ce.jpg?ssl=1
|
||||
[2]: https://itsfoss.com/best-messaging-apps-linux/
|
||||
[3]: https://itsfoss.com/viber-linux-client-beta-install/
|
||||
[4]: https://rambox.pro/#ce
|
||||
[5]: https://i0.wp.com/itsfoss.com/wp-content/uploads/2020/03/rambox-preferences.png?ssl=1
|
||||
[6]: https://rambox.pro/#features
|
||||
[7]: https://itsfoss.com/use-appimage-linux/
|
||||
[8]: https://snapcraft.io/rambox
|
||||
[9]: https://github.com/ramboxapp/community-edition/releases
|
||||
[10]: https://itsfoss.com/franz-messaging-app/
|
194
translated/tech/20200309 Fish - A Friendly Interactive Shell.md
Normal file
194
translated/tech/20200309 Fish - A Friendly Interactive Shell.md
Normal file
@ -0,0 +1,194 @@
|
||||
[#]: collector: (lujun9972)
|
||||
[#]: translator: (geekpi)
|
||||
[#]: reviewer: ( )
|
||||
[#]: publisher: ( )
|
||||
[#]: url: ( )
|
||||
[#]: subject: (Fish – A Friendly Interactive Shell)
|
||||
[#]: via: (https://fedoramagazine.org/fish-a-friendly-interactive-shell/)
|
||||
[#]: author: (Michal Konečný https://fedoramagazine.org/author/zlopez/)
|
||||
|
||||
Fish – 一个友好的交互式 Shell
|
||||
======
|
||||
|
||||
![Fish — A Friendly Interactive Shell][1]
|
||||
|
||||
你是否正在寻找 bash 的替代品?你是否在寻找更人性化的东西?再往前看看,因为你刚发现了 fish!
|
||||
|
||||
Fish(友好的交互式 shell)是一个智能且用户友好的命令行 shell,可在 Linux、MacOS 和其他操作系统上运行。将其用于终端的日常工作和脚本编写。用 fish 编写的脚本比相同的 bash 版本具有更少的神秘性。
|
||||
|
||||
### Fish 的用户友好功能
|
||||
|
||||
* **建议**
|
||||
Fish 会建议你之前写过的命令。当经常输入相同命令时,这可以提高生产率。
|
||||
* **健全的脚本**
|
||||
Fish 避免使用隐秘字符。这提供了更清晰和更友好的语法。
|
||||
* **基于手册页的补全**
|
||||
Fish 会根据命令的手册页自动补全参数。
|
||||
* **语法高亮**
|
||||
Fish 会高亮显示命令语法以使其在视觉上友好。
|
||||
|
||||
|
||||
|
||||
### 安装
|
||||
|
||||
#### Fedora 工作站
|
||||
|
||||
使用 _dnf_ 命令安装 fish:
|
||||
|
||||
```
|
||||
$ sudo dnf install fish
|
||||
```
|
||||
|
||||
安装 _util-linux-user_ 包,然后使用适当的参数运行 _chsh_(更改 shell 程序)命令,将 fish 设置为默认 shell 程序:
|
||||
|
||||
```
|
||||
$ sudo dnf install util-linux-user
|
||||
$ chsh -s /usr/bin/fish
|
||||
```
|
||||
|
||||
你需要注销然后重新登录,更改才能生效。
|
||||
|
||||
#### Fedora Silverblue
|
||||
|
||||
由于它不是 GUI 应用,因此你需要使用 _rpm-ostree_ 安装。使用以下命令在 Fedora Silverblue 上安装 fish:
|
||||
|
||||
```
|
||||
$ rpm-ostree install fish
|
||||
```
|
||||
|
||||
在 Fedora Silverblue 上,你需要重启 PC 才能切换到新的 ostree 镜像。
|
||||
|
||||
如果你想在 Fedora Silverblue 用 fish 作为主要 shell,最简单的方法是更新 _/etc/passwd_ 文件。找到你的用户,并将 _/bin/bash_ 更改为 _/usr/bin/fish_。
|
||||
|
||||
、你需要 [root 权限][2]来编辑 _/etc/passwd_ 文件。另外,你需要注销并重新登录才能使更改生效。
|
||||
|
||||
### 配置
|
||||
|
||||
fish 的用户配置文件在 _~/.config/fish/config.fish_。要更改所有用户的配置,请编辑 _/etc/fish/config.fish_。
|
||||
|
||||
每个用户的配置文件必须手动创建。安装脚本不会创建 _〜/ .config / fish / config.fish_。
|
||||
|
||||
以下是几个配置示例以及它们的 bash 等效项,以帮助你入门:
|
||||
|
||||
#### 创建别名
|
||||
|
||||
* _~/.bashrc_: alias ll='ls -lh'
|
||||
* _~/.config/fish/config.fish_: alias ll='ls -lh'
|
||||
|
||||
|
||||
|
||||
#### 设置环境变量
|
||||
|
||||
* _~/.bashrc_: export PATH=$PATH:~/bin
|
||||
* _~/.config/fish/config.fish_: set -gx PATH $PATH ~/bin
|
||||
|
||||
|
||||
|
||||
### 使用 fish 工作
|
||||
|
||||
将 fish 配置为默认 shell 程序后,命令提示符将类似于下图所示。如果尚未将 fish 配置为默认 shell,只需运行 _fish_ 命令以在当前终端会话中启动。
|
||||
|
||||
![][3]
|
||||
|
||||
在你开始输入命令时,你会注意到语法高亮显示:
|
||||
|
||||
![][4]
|
||||
|
||||
很酷,不是吗?🙂
|
||||
|
||||
你还将在输入时看到建议的命令。例如,再次开始输入上一个命令:
|
||||
|
||||
![][5]
|
||||
|
||||
注意输入时出现的灰色文本。灰色文本显示建议之前编写的命令。要自动补全,只需按 **CTRL+F**。
|
||||
|
||||
通过输入连接号(**–**)然后使用 **TAB** 键,它会根据前面命令的手册页获取参数建议:
|
||||
|
||||
![][6]
|
||||
|
||||
如果你按一次 **TAB**,它将显示前几个建议(或所有建议,如果只有少量参数可用)。如果再次按 **TAB**,它将显示所有建议。如果连续三次按 **TAB**,它将切换到交互模式,你可以使用箭头键选择一个参数。
|
||||
|
||||
除此之外,fish 的工作与大多数其他 shell 相似。其他差异已经写在文档中。因此,找到你可能感兴趣的其他功能应该不难。
|
||||
|
||||
### 让 fish 变得更强大
|
||||
|
||||
使用 [powerline][7] 使 fish 变得更强大。Powerline 将命令执行时间、彩色化 git 状态、当前 git 分支等添加到了 fish 的界面中。
|
||||
|
||||
在安装 powerline 之前,你必须先安装 [Oh My Fish][8]。Oh My Fish 扩展了 fish 的核心基础架构,以支持安装其他插件。安装 Oh My Fish 的最简单方法是使用 _curl_ 命令:
|
||||
|
||||
```
|
||||
> curl -L https://get.oh-my.fish | fish
|
||||
```
|
||||
|
||||
如果你不想直接将安装命令管道传给 _fish_,请参见 Oh My Fish 的 [README][9] 的安装部分,以了解其他安装方法。
|
||||
|
||||
Fish 的 powerline 插件是 [bobthefish][7]。Bobthefish 需要 _powerline-fonts_ 包。
|
||||
|
||||
**在Fedora工作站上**:
|
||||
|
||||
```
|
||||
> sudo dnf install powerline-fonts
|
||||
```
|
||||
|
||||
**在 Fedora Silverblue 上**:
|
||||
|
||||
```
|
||||
> rpm-ostree install powerline-fonts
|
||||
```
|
||||
|
||||
在 Fedora Silverblue 上,你必须重启以完成字体的安装。
|
||||
|
||||
安装 _powerline-fonts_ 之后,安装 _bobthefish_:
|
||||
|
||||
```
|
||||
> omf install bobthefish
|
||||
```
|
||||
|
||||
现在你可以通过 powerline 体验 fish 的全部奇妙之处:
|
||||
|
||||
![][10]
|
||||
|
||||
### 额外的资源
|
||||
|
||||
查看这些网页,了解更多 fish 内容:
|
||||
|
||||
* [官网][11]
|
||||
* [文档][12]
|
||||
* [教程][13]
|
||||
* [常见问题][14]
|
||||
* [在线体验][15]
|
||||
* [邮件列表][16]
|
||||
* [GitHub][17]
|
||||
|
||||
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
via: https://fedoramagazine.org/fish-a-friendly-interactive-shell/
|
||||
|
||||
作者:[Michal Konečný][a]
|
||||
选题:[lujun9972][b]
|
||||
译者:[geekpi](https://github.com/geekpi)
|
||||
校对:[校对者ID](https://github.com/校对者ID)
|
||||
|
||||
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
|
||||
|
||||
[a]: https://fedoramagazine.org/author/zlopez/
|
||||
[b]: https://github.com/lujun9972
|
||||
[1]: https://fedoramagazine.org/wp-content/uploads/2020/03/fish-816x345.jpg
|
||||
[2]: https://fedoramagazine.org/howto-use-sudo/
|
||||
[3]: https://fedoramagazine.org/wp-content/uploads/2020/03/Screenshot-from-2020-03-03-14-00-35.png
|
||||
[4]: https://fedoramagazine.org/wp-content/uploads/2020/03/Screenshot-from-2020-03-03-14-19-24.png
|
||||
[5]: https://fedoramagazine.org/wp-content/uploads/2020/03/Screenshot-from-2020-03-03-14-25-31.png
|
||||
[6]: https://fedoramagazine.org/wp-content/uploads/2020/03/Screenshot-from-2020-03-03-14-58-07.png
|
||||
[7]: https://github.com/oh-my-fish/theme-bobthefish
|
||||
[8]: https://github.com/oh-my-fish/oh-my-fish
|
||||
[9]: https://github.com/oh-my-fish/oh-my-fish/blob/master/README.md#installation
|
||||
[10]: https://fedoramagazine.org/wp-content/uploads/2020/03/Screenshot-from-2020-03-03-15-38-07.png
|
||||
[11]: https://fishshell.com/
|
||||
[12]: https://fishshell.com/docs/current/index.html
|
||||
[13]: https://fishshell.com/docs/current/tutorial.html
|
||||
[14]: https://fishshell.com/docs/current/faq.html
|
||||
[15]: https://rootnroll.com/d/fish-shell/
|
||||
[16]: https://sourceforge.net/projects/fish/lists/fish-users
|
||||
[17]: https://github.com/fish-shell/fish-shell/
|
Loading…
Reference in New Issue
Block a user