사용자 계정 확인

전체 사용자 계정 확인

cat /etc/passwd

 

useradd를 이용해 등록된 사용자만 보기

grep /bin/bash /etc/passwd

 

사용자 계정 설명

adm

시스템 관리자를 위한 별도의 계정

 

lp

로컬 프린터 서버 계정

 

sync

원격지 서버 동기화 계정

 

shutdown

시스템 종료 계정

 

halt

강제 시스템 종료 계정

 

news

뉴스그룹 서버용 계정

 

uucp

유닉스 시스템과 파일 복사를 위한 프로토콜 계정

 

operator

특수목적용 계정으로, 시스템 백업 등 여러 사용자가 시스템을 공통 관리하기 위해 사용되는 계정

 

games

X11(X윈도우) 화면에서 게임을 할 때 사용하는 계정

 

avahi-autoipd

DNS 관련된 계정

avahi-autoipd is a service provided by the Avahi daemon on Linux, which implements network services discovery using the mDNS/DNS-SD (Multicast DNS / DNS Service Discovery) protocol. Specifically, avahi-autoipd is responsible for assigning an Automatic Private IP Addressing (APIPA) address to a network interface when it cannot obtain an IP address from a DHCP server.

 

avahi-autoipd is part of the Avahi service on Linux systems and is responsible for assigning link-local IP addresses (APIPA addresses) when a DHCP server is unavailable. It helps maintain basic network connectivity on local networks and is part of the broader Zero Configuration Networking (zeroconf) system.

 

tss

암호화 키 생성, 플랫폼 무결성 검증과 관련된 TPM 소프트웨어 스택 관리용 계정

The tss user on a Linux system is a system user created to manage the Trusted Platform Module (TPM) software stack. TPM is a hardware component that provides secure generation and storage of cryptographic keys, as well as platform integrity verification.

The tss user is associated with the TrouSerS software (or other TPM-related software), which is the open-source implementation of the TPM Software Stack (TSS). This user is created to run the TPM-related services with minimal privileges for security purposes.

 

The tss user in Linux is a system account created to manage the TPM Software Stack (TSS) and run TPM-related services, ensuring secure interactions with the Trusted Platform Module (TPM). It provides essential security features for cryptography, encryption, and platform integrity in systems with TPM hardware.

 

postfix

메일 전송 관련 계정

The postfix user on a Linux system is a system account created for the Postfix mail transfer agent (MTA). Postfix is a widely used open-source software for routing and delivering email. It’s designed to be secure, fast, and easy to configure, often serving as a replacement for the older Sendmail MTA.

The postfix user is used to run Postfix services and processes with minimal privileges, adhering to the principle of least privilege to enhance security.

 

The postfix user on Linux is a system account created to run the Postfix mail transfer agent (MTA). It ensures that Postfix's email processing tasks are handled securely by limiting privileges, as most Postfix processes run under the postfix user instead of root. This helps enhance the security of the mail server and minimizes the risk of exploitation.

 

saslauth

인증 관련 계정

The saslauth user on a Linux system is a system account associated with the Cyrus SASL (Simple Authentication and Security Layer) authentication library. SASL is a framework that provides authentication and data security services for network protocols such as SMTP, IMAP, and LDAP.

The saslauth user is created to run the SASL authentication daemon (saslauthd), which handles authentication requests from various services and applications. This system account ensures that the saslauthd service runs with minimal privileges, adhering to security best practices.

 

The saslauth user on Linux is a system account used to run the SASL authentication daemon (saslauthd), which provides secure user authentication for various services like email, LDAP, and others. The saslauth user ensures that the saslauthd process runs with minimal privileges, enhancing the overall security of the system by reducing potential attack surfaces.

 

polkitd

시스템 전체 권한 관리용 계정

The polkitd user on a Linux system is a system account used by Polkit (formerly known as PolicyKit), which is a framework for managing system-wide privileges. Polkit is commonly used to handle authorization for actions that require elevated privileges (such as running administrative tasks) in a controlled and secure manner.

 

The polkitd user in Linux is a system account used to run the Polkit daemon (polkitd), which is responsible for managing and making authorization decisions on privileged system actions. By running Polkit with minimal privileges under the polkitd user, the system enhances security while allowing non-root users to perform administrative tasks based on defined policies.

 

nobody

최소 권한이 필요한 프로세스용 계정

The nobody user on a Linux system is a system account used for processes that do not require ownership by a specific user or for which minimal privileges are necessary. This account is commonly used to run services and processes that don’t need access to any critical system resources or files. By running these services under the nobody user, the system limits their access, improving security.

 

The nobody user on Linux is a non-privileged system account used to run processes with minimal system access. It provides an extra layer of security by ensuring that services that don’t need high privileges can only interact with limited parts of the system. This user is commonly used for network-facing services, daemons, or temporary file ownership, and it operates with the least possible permissions to reduce security risks.

 

named

DNS 서버용 계정

The named user on a Linux system is a system account created for running the BIND (Berkeley Internet Name Domain) service, which is one of the most common DNS (Domain Name System) server software packages. The BIND DNS server (often called named, short for name daemon) translates domain names into IP addresses and vice versa.

The named user ensures that the DNS server runs with limited privileges, adhering to the principle of least privilege, which enhances security by minimizing the potential damage that could occur if the DNS service were compromised.

 

The named user on Linux is a system account created to run the BIND DNS server daemon (named) with limited privileges. This enhances the security of the system by ensuring that the DNS service, which is often exposed to the internet, cannot access or modify sensitive files. BIND is one of the most widely used DNS server software packages, and running it under the named user follows the principle of least privilege to reduce security risks.:

+ Recent posts