Image of Operating System Concepts
Image of Linux Kernel Development (3rd Edition)
Image of RHCE Red Hat Certified Engineer Linux Study Guide (Exam RH302) (Certification Press)
Image of Advanced Programming in the UNIX Environment, Second Edition (Addison-Wesley Professional Computing Series)

SSSD – System Security Service Daemon

System Security Service (SSSD) was initially developed to be the primary client component for FreeIPA but later became an independent project in its own right. The primary role of SSSD is to provide access to identity and authentication resources through a common framework that can provide caching and offline support to a system. When a user logs into a network with centrally managed accounts, the user information and credentials are automatically stored in an SSSD cache on the user’s system. For offline support, SSSD authenticates the user’s credentials against the local SSSD cache. Authentication through SSSD enables LDAP, NIS, and

Capsh – Capabilities Shell

Linux capability support and use can be explored and constrained with this utility which is available on Fedora and downstream distributions. It also provides some debugging features useful for summarizing capability state. Linux divides the privileges traditionally associated with superuser into distinct units, known as capabilities, which can be independently enabled and disabled. Capabilities are a per-thread attribute. See the capabilities(7) man page for more information. Linux has implemented 7 of the capabilities outlined in the uncompleted (and defunct) POSIX 1003.1e specification, and another 20 plus Linux specific ones. $ capsh –print Current: = Bounding set =cap_chown,cap_dac_override,cap_dac_read_search,cap_fowner,cap_fsetid,cap_kill,cap_setgid,cap_setuid,cap_setpcap,cap_linux_immutable,cap_net_bind_service,cap_net_broadcast,cap_net_admin,cap_net_raw,cap_ipc_lock,cap_ipc_owner,cap_sys_module,cap_sys_rawio,cap_sys_chroot,cap_sys_ptrace,cap_sys_pacct,cap_sys_admin,cap_sys_boot,cap_sys_nice,cap_sys_resource,cap_sys_time,cap_sys_tty_config,cap_mknod,cap_lease,cap_audit_write,cap_audit_control,cap_setfcap,cap_mac_override,cap_mac_admin,cap_syslog,35,36 Securebits: 00/0x0/1’b0 secure-noroot: