Glossary - CompTIA Linux+ / LPIC-1 Cert Guide (Exams LX0-103 & LX0-104/101-400 & 102-400) (2016)

CompTIA Linux+ / LPIC-1 Cert Guide (Exams LX0-103 & LX0-104/101-400 & 102-400) (2016)

Glossary

$PATH—When used as a variable, it contains a list of directories that will be searched for executable files when a user enters a command.

. (period)—Shorthand for the source command, a bash shell built-in command that specially runs or loads the content of the file passed as argument in the current shell. See sourcing. Can also refer to the current directory, which can be requested using the pwd command.

absolute file name—A file name that is complete and starts with the name of the root directory, including all directories up to the current file or directory.

absolute path—The location of a file or directory that starts from the root of the filesystem, and therefore begins with a slash character (/).

access control list—In Linux permissions, a system that makes it possible to grant permissions to more than one user and more than one group. Access control lists also allow administrators to set default permissions for specific directories.

accessibility options—A feature provided on desktops that makes it easier for individuals (usually the handicapped) to work with the desktop.

address class ranges—The primary subnets of class A, B, C, D, and E networks.

advanced package tool—A package management system for Debian derived systems that wraps lower level tools and provides easy searching of remote package sources, including downloading any needed dependencies.

aggregate function—An SQL function, such as COUNT OR SUM, that provides a summary of rows returned from a query.

alias—A shell feature typically used to shorten a much longer command and which runs that command when the user enters the alias as if it were a command.

aliasing—To assign an alternate name to an email or group of emails. For example, a support alias might send an email to whoever is currently on the support desk.

Anaconda—The system used on RHEL for automatic installations.

anacron—A service that runs background jobs in roughly scheduled intervals. If the computer is off at the scheduled time, Anacron runs these jobs after the computer is turned on again.

AND—A logical construct that can be used in scripts. In an AND construct, the second command is executed only after successful execution of the first command.

application server—In Kerberos, refers to a server that hosts a Kerberized application. This server needs a keytab file so that the application can authenticate with Kerberos.

APT –See Advanced Package Tool.

archiving—A system that ensures that data can be properly backed up.

ASCII—The American Standard for Information Interchange encodes letters, numbers, punctuation, spaces, and other characters into a number between 0 and 255.

at—A service that can be used to schedule future jobs for one time execution.

attribute—A property that can be set to a file or directory and that will be enforced, no matter which user with which access permission accesses the file. For instance, a file that has the immutable attribute set, cannot be deleted, not even by the root user. The root user does have the capabilities though to change the attribute, which would allow him to delete the file anyway.

auditd—A service running by default on some distributions of Linux and that can be configured to log detailed information about what is happening on some distributions of Linux. Auditing is complementary to system logging and can be used for compliancy reasons. On some distributions of Linux, the auditing system takes care of logging SELinux related messages, which makes it a relatively important system.

audit log—The main log file in /var/log/audit/audit.log, which by default contains all messages that are logged by the auditd service.

autoconfiguration—The process of automatically assigning network configuration such as IP address, hostname, gateway, and subnet addresses.

autofs—A service that takes care of automatically mounting network-based file systems at the moment a specific directory is accessed. This service is useful to ensure the automatic mounting of home directories for users in a centralized user management system, as can be implemented by the LDAP service.

automount—The process started by the autofs service. See autofs for more details.

background—A process running on a system without actively occupying a console. Processes can be started in the background by adding an & after the command that starts the process.

backup—A copy of important data that can be recovered if at any point in time the original data gets lost.

bash—The default shell used on most Linux systems.

Basic Input Output System (BIOS)—The first software that is started when a computer starts on older IBM compatible computers. Settings in the BIOS can be changed by using the BIOS setup program.

binary—A numbering scheme based on bit values that can be on or off. Binary numbers are 0 and 1. Because they are difficult to use, on most occasions decimal, hexadecimal, or octal numbers are used.

binary packages—A collection of applications, documentation, libraries, and configuration files that can be downloaded and run without needing to compile from source.

BIOS—See Basic Input Output System.

bonding—In networking, refers to the technology that allows the creation of a network trunk that consists of multiple bundled network interfaces. Bonding is used for redundancy and performance.

boolean logic—Operations such as OR and AND that operate on the true and false primitives that computers understand, rather than numbers that humans understand.

boot manager—A piece of software that runs when the computer first starts up. The boot manager is responsible for loading the operating system kernel.

boot loader—The program called by the BIOS to start a computer and that takes care of loading the operating system kernel and initramfs.

bounce—To return an email after it has been found to be undeliverable.

broadcast address—A network address on an IPv4 network that is used to send network messages to all hosts on the subnet.

btrfs—A general purpose Linux file system expected to become the default file system on some distributions of Linux in a future release.

buffer—In memory management, refers to the area of memory where unstructured data is stored.

bus—A hardware component that allows other components to connect and talk to each other over a single shared connection rather than each component needing a unique connection to every other component.

cache—In memory management, refers to the area of memory where recently used files are stored. Cache is an important mechanism to speed up reads on servers.

capability—A specific task that can be performed on Linux. User root has access to all capabilities; normal users have access to limited sets of capabilities only. See man 7 capabilities for more information.

CentOS—A Linux distribution that uses all Red Hat packages but has removed the Red Hat logo from all these packages to make it possible to distribute the software for free.

certificate—In PKI cryptography, a certificate contains the public key of the issuer of the certificate. This public key is signed with the certificate of a Certificate Authority, which guarantees its reliability.

Certificate Authority—A commonly known organization that can be used to guarantee the reliability of PKI certificates. The Certificate Authority provides a certificate that can be used to sign public key certificates. Instead of using a commonly known organization, self-signed certificates can be used for internal purposes as well.

CGI—See Common Gateway Interface.

chrony—The new service that offers time synchronization services in some distributions of Linux.

chroot—An environment where a part of the file system is presented as if it were the root of the file system. chroot is used as a security feature that hides the parts of the operating system not required by specific services.

CIFS—See Common Internet File System.

client-server—An application architecture where a user-facing client gets information and instructions from a shared backend server.

cloud—A computing platform that allows for flexible usage of hosted computing resources.

code pages—A table that maps characters in a particular set to a number.

code point—An individual mapping of a character in a code page to a number.

coldplug—A hardware device that needs the computer to be turned off and on to be recognized.

column—In relational databases, a column consists of similar fields from different records. Columns can be used to sort data in a database or table.

command substitution—A shell scripting technique where a command is run and then injected into another command.

Common Gateway Interface (CGI)—A standard for generation of dynamic web pages by using some scripting technology. CGI does not define which specific scripting technology has to be used.

Common Internet File System (CIFS)—The standardized version of the Microsoft Server Message Block (SMB) protocol, which is used to provide access to shared printers, files, and directories in a way that is compatible with Windows servers and clients. CIFS has become the de facto standard for file sharing in IT.

Common Unix Printing System (CUPS)—The software responsible for printing on most Linux systems.

compression—A technology used to reduce file sizes, by analyzing redundant patterns and storing them more efficiently. Mainly used to save storage space, reduce network traffic, or increase network transfer rates.

conditional loop—In shell scripting, a set of commands executed only if a specific condition has been met.

conditionals—A piece of shell code that tests for given conditions and executes different code depending on the result of the test.

connection—In configuration of network cards: A set of network configuration parameters associated to a network interface. In network communication: A session between two parties that has been initialized and will exist until the moment that the connection is tiered down.

console—In Linux, the console is the primary terminal where a user works. It is also a specific device with the name /dev/console.

context—In SELinux a context is a label used to define the security attributes of users, processes, ports, and directories. These rules are used in the SELinux policy to define security rules.

context switch—A context switch happens when the CPU switches from executing one task to executing another task.

context type—In SELinux, a context type is used as a label that identifies the SELinux properties of users, processes, and ports.

Create, Read, Update, and Delete (CRUD)—In relational databases (as well as persistent storage), create, read, update, and delete are the four basic operations. In MariaDB databases CRUD is implemented by using the INSERT, SELECT, UPDATE, and DELETE commands. CRUD is universal and occurs in other protocols also. In HTTP for example, CRUD is implemented with the POST, GET, PUT, and DELETE commands.

credentials file—A file that can be used to mount CIFS file systems automatically from the /etc/fstab file. The credentials file is stored in a secure place, like the home directory of user root, and contains the user name and password that are used to mount the remote file system.

cron—A service that runs background jobs at scheduled times.

CRUD—See Create, Read, Update, and Delete.

cryptography—A technique used to protect data. This often happens by converting information to an unreadable state, where keys are used to decipher the scrambled data. Cryptography is not only used to protect files while in transit, but can be used also to secure the authentication procedure.

CUPS—See Common Unix Printing System.

CUPS backend—A piece of the Common Unix Printing System responsible for sending the processed print job to the printer.

daemon—A process that runs in the background and provides some sort of service, either to the local machine or to remote machines.

database—In relational databases, a collection of tables that all together are used to store data.

database schema—A description of all the tables, columns, and relationships of a relational database.

Daylight Saving Time—The source of frustration for developers and systems administrators alike. In summer months, clocks are moved ahead an hour to take advantage of the longer nights.

decimal—A numbering scheme based on the numbers 0-9. This numbering scheme is easy to use for humans, but not so easy for usage in computer environments, which is why alternatively binary, octal, and hexadecimal numbering schemes are frequently used.

default gateway—The gateway used by default for a host. See also gateway.

default route—The router used by default to forward IP packets that have a destination on an external network.

dependency—General: A situation where one item needs another item. Dependencies occur on multiple levels in Linux. In RPM package management, a dependency is a software package that needs to be present for another package to be installed. In systemd, a dependency is a systemd unit that must be loaded before another unit can be loaded.

dependency hell—Refers to the situation in which, for package installation, other packages are needed, which by themselves could require dependencies as well. The problem of dependency hell has been fixed by the introduction of repository based systems.

desktop—A software program that acts as the interface between users and a GUI environment.

destination—In rsyslog, specifies the destination where log messages should be sent to by the logging system. Destinations are often files but can also be input modules, output modules, users, or hosts.

device—A peripheral attached to a computer to perform a specific task.

device file—A file created in the /dev directory and used to represent and interact with a device.

device mapper—A service used by the Linux kernel to communicate with storage devices. Device mapper is used by LVM, multipath, and other devices, but not by regular hard disks. Device files created by device mapper can be found in the /dev/mapper directory.

DHCP—See Dynamic Host Configuration Protocol.

directive—Name for a parameter in the Apache configuration.

direct mount—In automount, refers to an automount performed on a directory that already has to exist before the automount can take place. Direct mounts always have /- as the starting point of the mount and can be created by the root user only.

directory—A folder in the file system that can be used to store files in an organized manner.

directory entries—A piece of the filesystem that stores the list of files in a directory and a pointer to the file’s inode.

display manager—A software program that provides users with a GUI login.

distribution—A Linux version that comes with its own installation program or that is ready for usage. As Linux is a collection of different tools and other components, the Linux distribution gathers these tools and other components, may or may not enhance them, and distributes them so that users don’t have to gather all the different components for themselves.

dmesg—Utility that can be used to read the kernel ring buffer, which contains log messages generated by the Linux kernel.

DNS—See Domain Name System.

DNSSEC—A system used to secure DNS. In DNSSEC keys are used to guarantee the authenticity of a server that is contacted.

DocumentRoot—In Apache, the DocumentRoot defines the location where the Apache web server looks for documents that will be served to the Apache clients.

domain—The Domain Name System, defines a domain hierarchy. In this hierarchy, a domain is a branch object identified by a worldwide unique name such as example.com. Within the domain leaf, objects are typically created to identify resources in a globally unique way.

Domain Name System (DNS)—The system that makes it possible to translate computer names to IP addresses and vice versa. In the Domain Name System, several domain levels are used, resembling a directory structure in a file system.

dotted quad notation—An IPv4 address that consists of four octets.

dracut—A utility used to generate the initramfs, an essential part of the Linux operating system that contains drivers and other vital files required to start a Linux system.

drift—The slowly growing difference between a computer’s clock and the actual time.

driver—A piece of software that allows a kernel to understand how to communicate with a particular device or set of devices.

Dynamic Host Configuration Protocol (DHCP)—A protocol often implemented by a server and that takes care of providing an IP address and other related configuration to clients. Using DHCP makes it possible to use systems in a computer network without the need to configure all of them with the required IP address configuration and related parameters.

dynamic linker (ld.so)—The library on a Linux system responsible for finding dynamic libraries and presenting them to the application that needs them.

dynamic linking—The process of sharing library code between applications rather than requiring each application to keep a copy of the library.

dynamic route—A network route managed by an automatic routing protocol.

EFI—See Extensible Firmware Interface.

embedded database—A database, such as SQLite, that does not need to run as a separate daemon.

enforcing—The SELinux mode where SELinux is fully operational and applies all restrictions that have been configured for a specific system.

environment—The collection of settings that users or processes are using to do their work.

epoch time—In Linux, epoch corresponds to midnight of Thursday, January 1, 1970. Linux time is calculated as the number of seconds that have passed since epoch. This number of seconds is referred to as epoch time. Some utilities write epoch time instead of real clock time.

escaping—In a shell environment, escaping ensures that specific characters are not interpreted by the shell. Escaping may be necessary to show specific characters onscreen, or to ensure that regular expression metacharacters are not interpreted by the bash shell first.

exim—A mail transfer agent that is monolithic like sendmail but easier to configure.

export—In NFS, refers to a directory shared on an NFS server to allow access to other servers.

Ext2, Ext3, and Ext4—Three different versions of the Ext file system. As of now Ext4 is the default file system on some distributions of Linux. It is now considered inadequate for modern storage needs, which is why Ext4 in RHEL 7 has been replaced by XFS as the default file system.

Extensible Firmware Interface (EFI)—A replacement of the Basic Input Output System that is used on older IBM compatible computers as the first program that runs when the computer is started. EFI is the layer between the operating system and the computer firmware.

extended partition—On MBR disks, a maximum of four partitions can be stored in the partition table. To make it possible to go beyond that amount, one of these four partitions can be created as an extended partition. Within an extended partition, logical partitions can be created, which perform just like regular partitions, allowing system administrators to create more partitions.

external command—A command that exists as a file on disk (as opposed to a bash internal “shell built-in” command).

Fedora—The free, community Linux distribution sponsored by Red Hat. In Fedora, new features are provided and tested. Some of these features will be included in later releases of enterprise distributions of Linux.

fiber channel—A storage infrastructure that can be used in SAN environments. Its opponent is iSCSI.

field—In relational databases, fields are used to compose records. A field typically is a name-value pair. Records consist of several fields.

file descriptor—A pointer used by a Linux process to refer to files in use by the process.

file system—A logical structure created on a storage device. In a Linux file system, inodes are used for file system administration, and the actual data is written to blocks.

File System Hierarchy (FSH)—A standard that defines which Linux directories should be used for which purpose. Read man 7 hier (the man page for hier in category 7 of the man pages.) for a specification of the FSH.

File Transfer Protocol (FTP)—A software program that allows users to copy files to and from a remote system. Unfortunately, this process sends data in plain text, making it a poor method.

filesystem—Both the single virtual disk presented to the Linux system and the layout of files on the disks.

firewall—A solution that can be used to filter packets on a network. Firewalls are used to ensure that only authorized traffic can reach a system. A firewall can be offered through the Linux kernel Netfilter functionality but often is also offered as an appliance on the network.

firewalld—The modern service used in RHEL 7 to implement firewalling based on the Linux kernel firewalling framework.

flush—In email, mail queues can be flushed. This is useful if a message could not be sent on the first attempt. By default, the email software will try to send the message again, typically once an hour. By flushing the mail queue, the mail server is triggered and tries to immediately send out the stalled messages. In file systems, flushing refers to the direct write of files to the storage media, instead of writing the files to the file system cache first, from which they are synchronized to the disk platters.

folder—Also referred to as a directory, a structure in the file system used to organize files that belong together.

foreground—Linux processes started by users can be started in the foreground or in the background. If a process has been started as a foreground process, no other processes can be started in the same terminal until the process finishes or is moved to the background.

forwarding—Taking an email destined for person A and automatically sending it to person B.

FQDN—See Fully Qualified Domain Name.

FSH—See File System Hierarchy.

fstab—A configuration file used on Linux to mount file systems automatically when the system starts.

FTP—See File Transfer Protocol.

Fully Qualified Domain Name (FQDN)—In DNS, a complete hostname, including the domains and subdomains, that the host is defined in. server1.example.com is an example of an FQDN.

function—A piece of shell code that is reusable and can be called, optionally with arguments, by users and other shell scripts.

gateway—A host used to allow hosts to communicate with other networks. Also known as a router.

GECOS—Originally stood for General Electric Comprehensive Operating System. In Linux it remains as the Gecos field in the /etc/passwd file, a field that can be used to store personal data about a user on the Linux operating system.

GID—See group identification number.

Global Unique ID (GUID)—An identification number that consists of parts that ensure it is globally unique.

GNOME—A common desktop. See desktop.

Gnu Privacy Guard (GnuPG)—A software suite that allows users to encrypt data and digitally sign files.

GnuPG—See Gnu Privacy Guard,

GPT—See GUID partition table.

Grand Unified Boot Loader (GRUB)—The standard Linux boot manager that can boot many different operating systems.

graphical user interface (GUI)—The term used for Windows-based interfaces.

Greenwich Mean Time (GMT)—The reference time zone by which all other time zones calculate their time as an offset from GMT. A time zone is defined as being a certain number of hours and minutes ahead of, or behind, GMT.

group—A collection of items. In user management, groups are used to assign permissions to multiple users simultaneously. In Linux, every user is a member of at least one group.

group identification number (GID)—A unique number assigned to a group account.

group owner—On Linux, every file and directory has a user owner and a group owner. Group ownership is set when files are created and unless configured otherwise is set to the primary group of the user who creates the file.

GRUB—See Grand Unified Boot Loader.

GRUB2—The boot loader installed on most systems that need to start Linux. GRUB2 provides a boot prompt from which different kernel boot options can be entered, which is useful in case the boot procedure needs to be troubleshot.

GUI—See graphical user interface.

GUID—See Global Unique ID.

GUID partition table—A modern solution to store partitions on a hard disk, as opposed to the older MBR partition table. In GUID partitions a total of 128 partitions can be created, and there is no difference between primary, extended, and logical partitions anymore.

hard link—For storing Linux files, inodes are used. An inode contains the complete administration of the file, including the blocks where the file is stored in. A hard link is a name associated to that inode. A file that doesn’t have at least one hard link is considered a deleted file. To increase file accessibility, more than one hard link can be created for an inode.

hardware—The physical components of a computer, such as CPU, RAM, disk, network card, and so on.

hardware clock—A clock that is on the computer’s motherboard and continues to run when the computer is powered off.

hardware time—The time provided by computer hardware, typically the BIOS clock. When a Linux system boots, it sets the software time based on the hardware time. As hardware time often is inaccurate, most Linux systems use the Network Time Protocol to synchronize the system time with a reliable time source.

HBA—See host bus adapter.

hexadecimal—A 16 based numbering system based on groups of four bytes. Hexadecimal numbers start with the range 0-9, followed by A-F. Because it is much more efficient in computer technology, hexadecimal numbers are frequently used. In IPv6, IP addresses are written as hexadecimal numbers.

host bus adapter (HBA)—An interface card that connects a computer to network and storage devices. Most commonly, a host bus adapter refers to a device that connects the computer to a storage network.

hotplug—A device that can be inserted and recognized while the computer is running.

hypervisor—A piece of computer software, firmware, or hardware that creates and runs virtual machines. In Linux, KVM is used as the common hypervisor software.

ICMP—See Internet Control Message Protocol.

indexes—A database function that stores frequently searched data so that the corresponding row can be quickly found without needing to search the entire table.

indirect mount—In automount, refers to a mount that is effected in a fully automated manner by automount. The directory on which the file system is mounted is created by automount. Indirect mounts can happen completely from user space, which means that no direct kernel interaction or root privileges are required.

inheritance—In permission management, inheritance refers to the situation where new files created in a directory inherit the permission settings from the parent directory.

init—The first process started once the Linux kernel and initramfs have been loaded. From the init process, all other processes are started. In RHEL 7 the init process has been replaced by systemd.

initial RAM disk—A memory backed disk created during the boot phase that contains the computer’s drivers, so that the system can be booted off of the current hardware.

initiator—In iSCSI, the initiator is the iSCSI client. It is the system that wants access to shared storage offered by the iSCSI target system.

initramfs—The initial RAM file system. The initramfs contains drivers and other files needed in the first stages of booting a Linux system. On some distributions of Linux, the initramfs is generated during installation and can be manually re-created using the dracut utility.

inner join—Combining two database tables such that the result contains only results where a match between both tables are found.

inode—The administration of a file. Every Linux file has an inode, and the inode contains all properties of the file, but not the file name.

input module—In rsyslog, a module that allows rsyslog to receive log messages from specific sources.

installation server—A server that can be used to make installation of Linux easier. In an RHEL context, it normally consists of a repository, a DHCP server, and a TFTP server, together with a kickstart file that contains instructions on how the automatic installation has to be performed.

integrated peripherals—A piece of hardware that’s part of the motherboard rather than being something removable or upgradable.

interface—In Linux networking, the set of configuration parameters that can be activated for a specific device. Several interface configurations can exist for a device, but only one interface can be active at the same time for a device.

internal command—A command that is a part of the shell and does not exist as a file on disk.

internationalization—A software method of allowing an application to change out the language used without needing separate versions of the application.

Internet Control Message Protocol (ICMP)—Focuses on allowing networking devices, such as routers, the capability to send error messages.

Internet Printing Protocol—A modern web-based protocol that allows printers to communicate with computers over a network.

Internet Protocol (IP)—Handles the addressing and communication between devices on a network. It defines IP addresses, subnetting, and routing.

IP—See Internet Protocol.

IP address—An Internet Protocol address, used to direct network traffic to a specific host.

iptables—A solution to create firewall rules on the Linux operating system. iptables interfaces with the netfilter Linux kernel firewalling functionality, and it was the default solution to create software firewalls on previous versions of some distributions of Linux. In some distributions of Linux it has been replaced with firewalld.

IPv4—Internet Protocol, version 4. An older version of IP that uses dotted quad notation for IP addresses.

IPv6—Internet Protocol, version 6. A newer version of IP that uses larger IP addresses and enhanced features.

iSCSI—A storage protocol that encapsulates SCSI storage protocol commands in IP packets. This makes it possible to offer access to SCSI devices over the Internet.

ISO-8859 standard—A series of standards that define standard 8-bit code pages for character encoding.

iteration—In shell scripting, an iteration is one time of many that a conditional loop has been processed until the desired result has been reached.

job—In a Linux shell, a job is a task running in the current terminal. Jobs can be started in the foreground as well as the background. Every job is also visible as a process.

journald—The part of systemd that takes care of logging information about events that have been happening. The introduction of journald ensures that information about all services can be logged, regardless of how the service is configured itself to deal with information to be logged.

KDC—See key distribution center.

KDE—A common desktop. See desktop.

Kerberos—A computer network authentication protocol that works on the basis of tickets to allow nodes and users communicating over a nonsecure network to prove their identity. It provides mutual authentication and on Linux is used for authentication of users as well as services.

kernel—The central component of the operating system. It manages I/O requests from software and translates them into data processing instructions for the hardware in the computer.

kernel ring buffer—A part of memory where messages generated by the kernel are stored. The dmesg command can be used to read the contents of the kernel ring buffer.

kernel space—The part of memory reserved for running privileged instructions. Kernel space is typically accessible by the operating system kernel, kernel extensions, and most device drivers. Applications are normally running in user space, which ensures that a faulty application cannot crash the computer system.

kernel virtual machine (KVM)—The Linux kernel module that acts as a hypervisor and makes it possible to run virtual machines directly on top of the Linux kernel.

key-based login—In SSH, uses public/private keys to prove the identity of the user that wants to log in. Key-based login is generally considered more secure than password-based login.

key-value database—A database consisting of a series of keys with corresponding values optimized for fast lookup.

key distribution center (KDC)—The part of the Kerberos configuration that takes care of handing out Kerberos tickets to users who have proven that they are authorized specific services.

keytab—A file used by services in Kerberized environments. The keytab contains the name of the service and the credentials that the server needs for authentication purposes.

kickstart—The system used for automatic installations.

kill—A command that can be used to send a signal to a Linux process. Many signals are defined (see man 7 signal, aka run the “man 7 signal” command to view that man page), but only a few are commonly used, including SIGTERM and SIGKILL, which both are used to stop processes.

KVM—See kernel virtual machine.

label—A name that can be assigned to a file system. Using labels can be a good idea, because once it is assigned, the label never changes, which guarantees that the file system can still be mounted, even if other parameters such as the device name have changed. However, UUIDs are considered safer than labels as the chance of having a duplicate label by accident is much higher than the chance of having a duplicate UUID.

LDAP—See Lightweight Directory Access Protocol.

left join—Combining two database tables, A and B, such that all rows from table A are shown even if there is no match from table B.

libraries—A collection of reusable software components that can be used by multiple applications.

libvirt—An open source API, daemon, and management tool used to manage virtualization. libvirt on RHEL 7 is implemented by libvirtd and used to manage KVMs.

Lightweight Directory Access Protocol (LDAP)—Originally, a protocol used to get information from an X.500 directory (which is a kind of address book). In modern computing environments, LDAP is also the service that provides centralized information that can be used for logging in and other purposes.

line printer remote—An older network printing protocol optimized for less powerful printer hardware.

link—A file, with its own inode, that points to another file.

Linux—A UNIX-like operating system that consists of a kernel that was originally developed by Linus Torvalds (hence the name Linux). A current Linux operating system consists of a kernel, and many open source tools that provide a complete operating system. Linux is packaged in the form of a distribution.

load average—A metric representing the number of processes waiting to be run by the CPU that gives some indication of system load. Load averages are usually given as a weighted average over the past 1, 5, and 15 minutes.

locale—In the context of internationalization and localization, the current language and country being used.

localization—The process of displaying numbers, monetary values, dates, and times in a manner appropriate for the given country and language.

log rotation—A service that ensures that log files cannot grow too big. Log files are monitored according to specific parameters, such as a maximum age or size. Once this parameter is reached, the log file closes and a new log file is opened. Old log files are kept for a limited period and then are removed, often after only a couple of weeks.

logical backup—A backup that consists of the structure of the data but not the actual files containing the data. Logical backups in general are easier to make but require access to the functional program as opposed to a physical backup.

logical extent—The building block used in LVM to create logical volumes. It normally has a size of a few megabytes, which corresponds to the size of the physical extents that are used.

logical partition—A partition created in an extended partition. See extended partition for more details.

logical unit (LUN)—In iSCSI, the item shared through iSCSI. It gives access to the backend storage.

logical volume (LV)—The LVM component that represents a filesystem. A logical volume is comprised of multiple physical extents.

logical volume manager (LVM)—The Linux component that abstracts the layout of filesystems from the actual disks, allowing filesystems to be grown without needing to be contiguous.

login shell—What results when a user signs on to a system as if she were at the console; all appropriate files are read, sourced, and a bash or other shell prompt is presented, and the user is a fully-functional user of the system.

LUN—See logical unit.

LV—See logical volume.

LVM—See logical volume manager.

Mail Delivery Agent—The piece of an email system responsible for final delivery to the recipient of the email.

mail queue—In email, messages that have to be sent are placed in a mail queue. From there the message is picked up by a process that sends out the message. By using mail queues it is possible to handle many messages simultaneously.

Mail Transfer Agent—The piece of an email system responsible for getting the email to a computer that is closer to the final destination.

Mail User Agent—The software used to send and receive emails.

many-to-many relationship—A relationship between two entities that allows each side to have multiple relationships. A parent may have many children, and a child may have many parents.

many-to-one relationship—A relationship between two entities where one side belongs to another. A car has many tires, but a given tire only belongs to one car.

masquerading—In firewalling, the configuration where a computer on the private network uses the public IP address of the router to connect to computers on the Internet. The computer on the Internet sees only the public IP address and therefore cannot connect to the computer on the private network directly. Masquerading makes it possible to share one public IP address between many computers and at the same time is a security feature.

master boot record (MBR)—On a BIOS system, the master boot record is the first 512 bytes on the primary hard disk. It contains a boot loader as well as a partition table that gives access to the different partitions on the hard disk of that computer. It is the first block on disk that is executed on boot to launch the boot manager.

MBR—See master boot record.

MDA—See Message Delivery Agent.

Message Delivery Agent—The part of an email solution that takes care of delivering a message to the right location.

Message Transfer Agent—The part of an email solution that takes care of sending out a message to its intended recipient. On the recipient, the MTA takes care of accepting the message from the sending MTA.

Message User Agent—The part of an email solution used by the user to access and receive messages.

module—A piece of snapin code. Modules are used by several systems on Linux such as the kernel, GRUB2, rsyslog, and more. By using modules, Linux components can be extended easily and adding functionality doesn’t require a total rewrite of the software.

Monkeyboy—See Ross.

mount—To access files on a specific storage device, the storage device needs to be mounted on a directory. This sets up the specified directory as the access point to files on the storage device. Mounts are typically organized by the systems administrator and are not visible to end users.

mount points—A directory on disk to which another filesystem is attached.

MTA—See Message Transfer Agent.

MUA—See Message User Agent.

multi-booting—Using multiple operating systems, selectable by the boot manager, on a single system.

multipath—In a SAN environment, it is important that redundancy is provided to access storage devices. The result is that the same storage device may be seen twice, which makes it unclear to the client which storage device it needs to connect to. To fix this problem, a multipath driver can be used. This driver presents one uniform multipath device, and from this device access to the specific backing device is regulated.

name server—In DNS, the server configured with a database that contains resource records used to answer the DNS queries.

NAT—Network Address Translation; also referred to as masquerading. See masquerading for more details.

netfilter—The part of the Linux kernel that implements firewalling.

netmask—See subnet mask.

Network Address Translation (NAT)—See masquerading.

Network File System (NFS)—A common UNIX solution to export physical file systems to other hosts on the network. The other hosts can mount the exported NFS directory in their local file system.

Network Information System (NIS)—A legacy system used to provide centralized databases on Linux to store information about users, groups, hosts, and more.

network mask—A dotted quad notation used to define the network part of the IP address.

network time—Time provided on the network.

Network Time Protocol (NTP)—A service that allows a computer to query time servers for the purpose of keeping accurate time.

NFS—See Network File System.

nice—A method to change the priority of Linux processes. A negative nice value makes the process more aggressive, giving it a higher priority (which is expressed by a lower priority number!); a positive nice value makes a process less eager, so that it gives priority to other processes.

NIS—See Network Information System.

non-login shell—A shell mode where it is not expected that a user is interacting with the shell.

normalization—A database term where entities are split up into various relationships to reduce duplication. For example, a book may be related to an author so that there is less duplication as an author writes more books.

NTP—See Network Time Protocol.

null client—In email, refers to a mail client where an SMTP service such as Postfix is running but is configured only to allow the client to send outgoing messages. For receiving incoming messages additional services are needed.

null value—A value in a database that represents an unknown value.

numeric mode—A method using octal numbers for setting object permissions.

octal—A numbering scheme that uses the numbers 0-7 only. Used when working with Linux permissions using the umask or the chmod commands.

octet—A portion of an IPv4 address consisting of eight bits (eight values of 0 or 1).

OpenStack—An open source cloud solution that is rapidly becoming the de facto standard in cloud computing and offers infrastructure as a service.

openSUSE—A community distribution sponsored by SUSE Linux GmbH and other companies. It is widely used throughout the world, with thousands of developers. The focus of its development is creating usable open-source tools for software developers and system administrators, while providing a user-friendly desktop, and feature-rich server environment.

OR—A logical operation where the second command is executed only if the first command was not able to execute.

output module—In rsyslog, a module used to send log messages to a specific destination. Output modules make rsyslogd flexible and allow for the usage of log destinations not native to rsyslog.

ownership—In file system permissions, the effective permissions that a user has are based on ownership. Every file has a user owner and a group owner assigned to it.

package—A software bundle used to distribute files such as executables, libraries, and documentation. A package typically contains a compressed archive of files and metadata that includes instructions on how to install those files.

package group—A group of packages that can be installed as such, using the yum group install command.

package managers—Systems such as APT and RPM that install software and keep track of what’s currently installed.

pager—A program that can be used to browse page by page through a text file. The less utility provides one of the most common Linux pagers.

PAM—See pluggable authentication modules.

parent shell—The environment from which a shell script or program is started. Processes or child scripts inherit settings from the parent shell.

partition—A subdivision of a hard disk on which a file system can be created to mount it into the directory structure.

password—A token used in authentication. The password is a secret word that can be set by individual users and is stored in an encrypted way.

passphrase—Basically a password, but longer and more secure than a password.

path—The complete reference to the location of a file.

PE—See physical extent.

peripherals—Devices, such as printers and monitors, that connect to the computer.

permission trios—The permission sets for the object user owner, group owner, and others.

permissions—Attributes that can be set on files or directories to allow users or groups access to these files or directories.

permissive—A mode in SELinux where nothing is blocked, but everything is logged in the audit log. This mode is typically used for troubleshooting SELinux issues.

physical backup—A backup where the files containing the actual data are written to the backup. Physical backups are more difficult to create than logical backups, but at the same time are more reliable.

physical extent—A component of logical volume management. A physical volume, such as a disk, is split into blocks called physical extents. The physical extents form the basis of logical volumes.

physical volume—The foundation building block of an LVM configuration. The physical volume typically corresponds to a partition or a complete disk device.

PID—See process identification number.

pipe—A structure that can be used to forward the output of one command to be used as input for another command.

pluggable authentication modules (PAM)—A collection of libraries designed to provide the administrator with the means to change how user accounts are authenticated.

policy—See SELinux policy.

port—A number associated with a service. The service listens for incoming network packets assigned to the port number.

Portable Operating System Interface (POSIX)—A standard created to maintain compatibility between operating systems. The standard mainly applies to UNIX and guarantees that different flavors of Linux and UNIX are compatible to one another. The POSIX standard goes relatively deep and defines how exactly programs should operate to maintain optimal compatibility. Other operating systems are partially POSIX compliant as well, including different Windows versions.

positional parameters—The shell variables, $1, $2, and so forth, that represent the arguments passed to a script or function.

POSIX—See Portable Operating System Interface.

port forwarding—A firewalling technique where traffic coming in on a specific port is forwarded to another port, which may be on the same host as well as on a different host.

portmap—The port mapper is a remote procedure call service that needs to run on systems that provide RPC services. Portmapper uses dynamic ports that do not correspond to specific TCP or UDP ports; the service picks a UDP or TCP port that is used as long as the process is active. When restarted, chances are that different ports are used. They need to be mapped to fixed UDP and TCP ports to make it possible to open the firewall for these ports. Portmapper is still used by components of the NFS service.

portal—In iSCSI, a portal is the IP address and ports on which iSCSI target services are available.

Postfix—A mail transfer agent, originally built by IBM, that is split into separate components to enhance security.

primary group—Every Linux user is a member of a primary group. When creating files, the primary group is assigned as the group owner of the file.

primary key—The main index for a database table.

primary partition—In MBR, one of a maximum of four partitions that can be created in the master boot record. See also extended partition.

principal—In Kerberos, refers to the entity that can be identified and verified using Kerberos credentials.

print queue—A list of print jobs waiting to be printed.

print spooler—The component responsible for taking the next job off the print queue and sending it to the printer.

priority—In rsyslog, used to specify the severity of a logged event. Based on the severity, specific actions can be taken.

In process handling, specifies the importance of a process. Process priority is expressed with a number (which can be modified using nice). Processes with a lower priority number are serviced before processes with a higher priority number.

private key—A key used to decrypt data that has been encrypted with the public keys.

privileged user—See root.

proc—A kernel interface that provides access to kernel information and kernel tunables. This interface is available through the /proc file system.

process—A task running on a Linux machine. Roughly, a process corresponds to a program, although one program can start multiple processes.

process identification number (PID)—A unique number used to identify a process running on a Linux system.

protocol—A set of rules used in computing, for instance, in computer networking to establish communications between two computers.

pseudo root file system—In NFSv4, refers to a solution where multiple shares are exported by an NFS server. Instead of mounting each individual share, the NFS client mounts the root file system on the NFS server, which gives access to all shares he is entitled to.

pseudofilesystem—A directory that looks like a regular filesystem, but is not backed by files but resides in RAM. For example, /proc exposes kernel settings and the process listing as a pseudofilesystem.

public key—A key provided to other users and hosts used to encrypt data. This data, when returned to the original host, can be decrypted by the private key.

PV—See physical volume.

queue—In process management, the queue is used for processes waiting before they can be executed.

Qmail—A mail transfer agent written to be secure and easy to use.

RAID—See Redundant Array of Independent Disks.

RCP—See remote copy.

realm—An authentication domain in Kerberos.

real time clock—A hardware component on the motherboard that keeps time even when the computer is off.

reboot—The procedure of stopping the computer and starting it again.

record—In relational databases, a collection of fields that together are used to store data about one object in the database.

recursion—In DNS, recursion happens when one name server isn’t capable of resolving DNS requests and needs to forward the request to another name server. In file systems, recursion refers to including the contents of a subdirectory, as in ls -R.

Red Hat Package Manager—The name for the package format used on Red Hat for software packages, as well as for the package management software. RPM has become the standard for package management on many other Linux distributions as well.

Redundant Array of Independent Disks (RAID)—A method of using regular disks to build a larger and more reliable set of disks, such as by mirroring writes to two separate disks.

reference clock—A clock used as a time source in an NTP time configuration. Typically a reference clock is a highly reliable clock on the Internet, but it can be an internal clock on the computer’s motherboard as well.

regular expression—A search pattern that allows users to search text patterns in a flexible way. Not to be confused with shell metacharacters.

relational database—A database that models entities as tables and allows you to write queries that join and aggregate multiple tables.

relative path—The location of a file specified as an offset from the current working directory.

relay—A mail system that takes mail from one system and sends it to another, rather than delivering the email to a mailbox.

relay host—In email traffic, a host that messages are forwarded to. Relay hosts are used to prevent all clients from having to send out messages for themselves. The advantage of using relay hosts, is that it is much easier to secure them, as security efforts can be focused on one or a limited number of hosts.

remote copy—A software program that allows users to copy files to and from a remote system. Unfortunately, this process sends data in plain text, making it a poor method.

Remote Procedure Calls (RPC)—A method for interprocess communication that allows a program to execute code in another address space. Remote Procedure Calls is an old protocol and as such is still used in the Network File System.

repository—An installation source that contains installable packages as well as an index that contains information about the installable packages so that the installation program yum can compare the version of packages currently installed with the version of packages available in the repository.

Request For Comments (RFC)—A publication that defines a standard, such as a protocol like IP.

resident memory—Memory pages in use by a program.

resolver—The DNS client part that contains a list of DNS servers to contact to resolve DNS queries.

resource record—An entry in the DNS database. Multiple types of resource records exist, of which the Address (A) resource record takes care of translating names to IP addresses.

RFC—See Request For Comments.

rich rules—Rules in firewalld that allow the usage of a more complicated syntax so that more complex rules can be defined.

root—The privileged user account used for system administration tasks. User root has access to all capabilities, which means that permissions don’t apply to the user root, which means that the root user account is virtually unlimited.

root directory—The starting point of the file system hierarchy, noted as /.

root filesystem—The filesystem that contains the root (/) directory.

Ross—See Monkeyboy.

RPC—See Remote Procedure Calls.

RPM—See RedHat Package Manager.

RTC—See real time clock.

runner—In network teaming, refers to the protocol used to send packets over the different interfaces in the network team configuration.

Samba—The name for the Linux service that implements the SMB protocol.

SAN—See Storage Area Network.

scheduler—The part of the Linux kernel that monitors the queue of runnable processes and allocates CPU time to these processes.

Scientific Linux—A Linux distribution based on the Red Hat packages from which the Red Hat logo has been removed. Scientific Linux is primarily used by US government research organizations and is a good choice for people looking for a freely available alternative to Red Hat Enterprise Linux.

secondary group—A group that a user is a member of, but for which membership is not defined in the /etc/passwd file. When creating new files, the secondary group does not automatically become the owner of those files. Users can access files via permissions when using a secondary group.

secure shell—A solution that allows users to open a shell on a remote server, where security is implemented by using public/private key cryptography.

SELinux—A Linux kernel security module that provides a mechanism for supporting access control security policies.

sendmail—One of the original mail transfer agents.

Server Message Blocks (SMB)—An application level protocol used to provide shared access to files, printers, and serial ports, which on Linux is implemented in the Samba server.

ServerRoot—In Apache, refers to the location where server configuration files are expected to be found.

services—In systemd: Processes that need to be started to provide specific functionality. In firewalld: A configuration of firewall settings used to allow access to specific processes.

SetGID—A special permission set in which a command executes using the privileges of the group owner of the command.

SetUID—A special permission set in which a command executes using the privileges of the user owner of the command.

SGID—See SetGID.

Shadow Suite—A system function that allows for the encrypted passwords on the system to be kept in the much more secure /etc/shadow file instead of the less secure and often publicly available /etc/passwd file. Group passwords are also made more secure, being relocated from the public /etc/group file to the more secure /etc/gshadow file.

share—A directory to which remote access is configured using a remote file system protocol such as NFS or CIFS.

shared object—A library used by multiple applications and linked at runtime by the dynamic linker. Shared object files almost always end in .so.

shebang—Used in a script to indicate which shell should be used for executing the code in the shell script. If no shebang is used, the script code is interpreted by the parent shell, which may lead to errors in some cases. A shebang starts with a #, which is followed by a ! and the complete path name of the shell, such as #!/bin/bash.

shell—The environment from which commands can be executed. Bash is the default shell on Linux, but other shells exist as well.

shell metacharacters—Characters such as *, ?, and [a-z] that allow users to refer to characters in file names in a flexible way.

signal—An instruction that can be sent to a process. Common signals exist, such as SIGTERM and SIGKILL, but the Linux kernel allows a total of 32 different signals to be used. To send a signal to a process, the kill command can be used.

Simple Mail Transfer Protocol (SMTP)—A text based protocol that allows different mail transfer agents to send mail between themselves.

skel template—A directory used to populate a new user account’s home directory with files.

SMB—See Server Message Blocks.

SMTP—See Simple Mail Transfer Protocol.

software time—See system time.

source context—In SELinux, a context is a label that identifies allowed operations. Everything in an SELinux environment has a context. The source context is the context of the processes or users that initiate an action.

source RPM—A package containing source code and the instructions on how to build the source into a binary.

sourcing—Reading in or running a script in the context of the current shell rather than a subshell. Scripts that are sourced can alter the current environment, as opposed to scripts that are executed and affect only a subshell and its environment.

SQL—See Structured Query Language.

SSH—See secure shell.

SSH tunneling—A technique where a secure connection is created using SSH, which can be used to send data in a secured way.

standard error—The default location where a program sends error messages to.

standard input—The default location where a program gets its input from.

standard output—The default location where a program sends its regular output to.

static linking—Taking code from common libraries and making it a part of the runnable application, rather than something brought in from a shared library.

static route—A route defined manually by a network administrator.

STDERR—See standard error.

STDIN—See standard input.

STDOUT—See standard output.

sticky bit—A special permission set that modifies the meaning of the write permission on a directory so that the only user who can delete a file in the directory is the file owner, the directory owner, or the root user. Historically, the sticky bit was used to keep a program resident in memory, not allowing it to be swapped to disk.

Storage Area Network (SAN)—A solution where disk devices are shared at a block level over the network. As such they can be used in the same way as local disk devices on a Linux system. iSCSI and Fiber Channel are the common SAN protocols.

storage backend—In iSCSI, the storage device used on the iSCSI target behind the LUN that provides access to the shared block devices to iSCSI initiators.

stratum 1 server—A network time protocol server that has a reference clock.

strings—A collection of characters, such as “hello,” as opposed to a numeric type like an integer or a date.

Structured Query Language (SQL)—A language used to query and manipulate relational databases.

subdomain—In DNS, a subdivision of any domain. In the domain example.com, example is a subdomain of the top level domain .com.

subnet mask—A logical subdivision of an IP network.

subnetting—The process of using a network mask to define the network part of the IP address.

subshell—A shell started from another shell. Typically, by running a shell script a subshell is started.

SUID—See SetUID.

SUSE—SUSE is the original provider of the enterprise Linux distribution and the most interoperable platform for mission-critical computing.

SUSE Linux Enterprise—SUSE Linux Enterprise or SLE refers to the commercial and supported version of SUSE Linux’s distributions. The SUSE Linux Enterprise suite of options includes SUSE Linux Cloud based on OpenStack, SUSE Linux Storage, SUSE Linux for SAP and many other options.

superblock—A structure on the filesystem that contains pointers to other important parts on the filesystem, such as directories and inodes.

swap—To take memory and put it on to disk so that the system can offer more memory to applications than actually exists on the computer.

swap partition—A slice of the disk dedicated to swap.

swappiness—The willingness of the Linux kernel to move memory pages from physical RAM to swap. Swappiness is set as a parameter in the /proc/sys/vm directory, which can be modified to tune the swap behavior.

symbolic link—A special type of file that contains a reference to another file or directory in the form of an absolute or relative path.

symbolic mode—A method using symbols for setting object permissions.

sysctl—A service used on system startup to allow kernel tunables to be set automatically, or to set kernel tunables manually and to display the parameters currently in use.

sysfs—The kernel interface mounted on the /sys directory and used to provide access to parameters that can be used for managing hardware settings.

systemd—The service manager on RHEL 7. systemd is the first process that starts after the kernel has loaded, and it takes care of starting all other processes and services on a Linux system.

system clock—The clock that the Linux kernel keeps, as opposed to the hardware clock on the motherboard.

system time—The time maintained by the operating system. When a Linux system boots, system time is set to the current hardware time, and while the operating system is running, it is often synchronized using the Network Time Protocol.

table—A collection of rows and columns for a SQL database.

tainted kernel—A kernel in which unsupported kernel modules have been loaded.

target—In systemd: A collection of unit files that can be loaded all together.

target context—The SELinux context set to a target object, such as a port, file, or directory.

TCP—See Transmission Control Protocol.

TCP wrappers—A library designed to allow the administrator the means to secure network-based services by using the /etc/hosts.allow and /etc/hosts.deny configuration files.

teaming—In networking, refers to a technique that allows multiple network interfaces to be joined in a trunked network interface. Network teaming is used for increased performance, as well as increased redundancy.

Telnet—A software program that allows for connection to remote systems. Unfortunately, this connection is sent in plain text, making it a poor method.

terminal—Originally, the screen used by a user to type commands on. On modern Linux systems, pseudo terminals can be used as a replacement. A pseudo terminal offers a shell window from which users enter the commands that need to be executed.

TFTP—See Trivial File Transfer Protocol.

TGT—See ticket granting ticket.

thrashing—When memory is swapped back and forth from disk too often, the system is slowed down.

thread—A thread can be used as a subdivision of a process. Many processes are single threaded, which means that it is basically one entity that needs to be serviced. On a multicore or multi-CPU computer system, it makes sense working with multithreaded processes. If that is the case, the different cores can be used to handle the different threads, which allows a process to benefit from multicore or multithreaded environments.

ticket granting ticket (TGT)—In a Kerberos environment, a small encrypted identification file that a Kerberos user or service may use to get access to services in a Kerberized environment.

time stamp—An identifier that can be used on files, database records, and other types of data to identify when the last modification has been applied. Many services rely on time stamps. To ensure that time stamped based systems work properly, time synchronization needs to be configured.

time synchronization—A system that ensures that multiple servers are using the exact same time. To accomplish time synchronization, it is common to use an external time server, as defined in the Network Time Protocol (NTP).

time to live (TTL)—In IP traffic, the time to live defines how long a packet must stay alive until it is discarded. Time to live is expressed as the number of routers that can be passed as a maximum. In DNS, time to live refers to the maximum amount of time that DNS information is allowed to be kept in cache before it needs to be requested again.

time zone—A set of locations that share a common time, measured in an offset from the universal coordinated time.

TLS—See Transport Layer Security.

top level domain—In Domain Name System, the top level domain identifies the highest level of DNS domain names. Originally there was a limited amount of top level domains available (such as .com, .org, and .net), but this amount has recently been extended.

Transmission Control Protocol (TCP)—Focuses on the transport of data packages. TCP differs from UDP in that the data packages are considered “reliable” because TCP performs error checking to make sure all data packages arrive at the destination.

Transport Layer Security (TLS)—A cryptographic protocol created to ensure secured communications over a computer network. In TLS public and private keys are used, as well as certificates that authenticate the counterparty.

Trivial File Transfer Protocol (TFTP)—A service used on installation servers and in other environments. The server that needs to be installed will boot from the network card, using PXE boot. The DHCP server is the first to answer to this PXE boot, by providing an IP address. Next, the DHCP server redirects the request to the TFTP server, which provides a boot image.

TTL—See time to live.

TTY—A program that provides a virtual terminal on Linux. Every terminal still has a TTY name, which is either tty1-6 for virtual TTYs, or /dev/pts/0-nn for pseudo terminals.

UCS-2—A format that attempts to define all characters in 2 bytes (65,536 combinations).

Udev—A service that works together with the Linux kernel to initialize hardware.

UDP—See User Datagram Protocol.

UEFI—Unified Extensible Firmware Interface. See Extensible Firmware Interface.

UID—See user identification number.

ulimit—A feature that allows the administrator to limit access to system resources for users and groups.

umask—An octal value that defines the default permissions as a shell property.

umask value—A value applied to the default permissions for files and directories when creating a new file or directory. The umask modifies the permissions placed on the new file or directory.

unbound—The name of the DNS service on RHEL 7 that can be used as a caching only DNS name server.

unit—In systemd, refers to an item managed by systemd. Different types of units exist, including service, path, mount, and target units.

Universal Time Coordinated (UTC)—A time standard that is globally the same, no matter which specific time zone a user is in. Universal Time Coordinated corresponds to Greenwich Mean Time.

Universal Unique ID (UUID)—An identification number that consists of a long random hexadecimal number and is globally unique.

unmount—The process that needs to be performed to decouple a storage device from the directory it is mounted on.

unprivileged user—A regular non-root user account, to which access restrictions as applied by permissions do apply.

Upstart—The system used in RHEL 6 to start services during system initialization. It is similar in features to systemd as an improvement over init.

UPG—See user private group.

user—An entity used on Linux to provide access to specific system resources. Users can be used to represent people, but many services also have a dedicated user account, which allows the service to run with the specific permissions needed for that service.

User Datagram Protocol (UDP)—Focuses on the transport of data packages. It is often contrasted with TCP as they both perform similar functions. UDP differs from TCP in that the data packages are sent “connectionless,” so no error checking is performed.

user identification number (UID)—A unique number assigned to a user account.

user private group (UPG)—A technique in which new users are assigned their own private group that matches their user name.

user space—The area of memory accessible by application software that has been started with non-root privileges.

UTC—See Universal Time Coordinated.

UTF-16—A character encoding format that encodes all characters in a variable width using blocks of 16 bits. That is, characters are either 2 or 4 bytes each.

UTF-8—A character encoding format that encodes all characters in a variable width using blocks of 8 bits. That is, characters are from 1-4 bytes long. UTF-8 is also backward compatible to 8 bit ASCII.

UUID—See Universal Unique ID.

variable—A label that corresponds to a location in memory that contains a specific value that can be changed dynamically. In scripting, variables are frequently used to allow the script to be flexible.

version control system—Software that tracks changes to files over time and can be used to see history or revert to older versions of a file.

Vfat—The Linux kernel driver used to access FAT based file systems. FAT is a commonly used file system in Windows environments. The Linux Vfat driver allows usage of this file system.

VG—See volume group.

virsh—A shell interface that allows for management of KVM virtual machines and their environment.

virtual host—In the Apache web server, a collection of configuration settings used to address a web server. What makes it a virtual host is that one installation of the Apache web server can be configured with multiple virtual hosts, which allows administrators to run multiple websites on one Apache server.

virtual machine guest—An emulated computer that runs on a virtual machine host. The guest thinks it is running on real hardware.

virtual machine host—A server that runs multiple guests. The guests don’t know other guests are running on the same hardware. Most computers don’t run at full capacity so you’re getting more use out of a smaller number of servers.

virtual memory—Memory given to a computer but that can be transparently moved to disk by the kernel if needed.

volume group—A collection of physical volumes in a logical volume manager system. You can then split up the volume group into logical volumes on which you make filesystems.

want—An indication for a systemd unit file that it is supposed to be started from a specific systemd target.

Web Server Gateway Interface (WSGI)—A specification for a uniform interface between web servers and web server applications or framework for the Python programming language.

wildcard—The * metacharacter, which in a shell environment is referred to an unlimited amount of any characters.

window manager—A software program that controls the look and feel of a GUI environment.

WSGI—See Web Server Gateway Interface.

XFS—A high-performance 64-bit file system created in 1993 by SGI and is the default file system in some distributions.

xinetd—The Internet Superservice. This is a service that listens for incoming connections on other managed services. These managed services are started by xinetd when their service is needed, and they are be shut down when they are needed no longer.

Xorg—A software program that acts as a server, allowing client programs to display graphically. This program interfaces with hardware devices such as the video card, mouse, and keyboard.

Yellowdog Update Manager (YUM)—The meta package handler that on RHEL 7 is used to install packages from yum repositories.

Yum—See Yellowdog Update Manager.

zone—In firewalld, a collection of one or more network interfaces that specific firewalld rules are associated with.