Definitions

A - B - C - D - E - F - G - H - I - J - K - L - M - N - O - P - Q - R - S - T - U - V - W - X - Y - Z

B

bastion host: An intermediate system that can reach other systems, usually to prevent direct connections and with more strict communication paths. Alternative names: jump host, jump server, jump box.

capability: specific functionality within the Linux kernel such as changing file ownership and changing the time clock.
capability bounding set: maximum set of capabilities a process is allowed to have
control group: Set of tasks and their future children that is aggregated into a hierarchical groups, to allow allocating resources (e.g. CPU time, memory, network bandwidth)
core dump: File containing address space (memory) information of process when it terminates unexpectedly

daemon: A daemon on Linux is a process that usually resides in the background and performs a particular role or task for a longer period of time. Examples include printing, web server, mail server, or SSH access.

exploit: commands that may trigger a bug or vulnerability in software or causing unexpected behavior, with the goal to crash software or make it do unanticipated actions

falseticker: A time clock server that was indentified as being not reliable by statistical filtering

initrd: short for initial RAM disk, a mechanism used by Linux to load a temporary root file system into memory, so it can be used during the startup process. It helps getting the right support for hardware loaded, so that the actual root file system can be mounted and used. Initrd is also called early userspace, as it sits inbetween the kernel and userspace.

LUKS: Short for 'Linux Unified Key Setup', disk encryption specification to encrypt disk blocks.

monotonic timer: Timer that starts at a specific event, such as a system boot or activation of service, and not based on actual time.
multi-call binary: A binary or tool that provides multiple different services, which depends on the name it is started with

nonce: Arbitrary number that may only be used once, often used to reduce the risk of replay attacks.

octal mode: Octal mode refers to using octal (base 8, numbers 0-7), a numeral system to represent information. On Linux it is used for representing file permissions to define access. This notation style is sometimes referred to as numeric mode or absolute mode.

personality: Linux uses the personality(2) system call to get or set the personality for a process, which is a kernel execution domain. This personality support may allow running binaries for other platforms, change how signal numbers are mapped to their relation actions, or set memory behaviour.
pseudo-device: A device, typically in /dev, that is not linked to a physical device. Examples include /dev/null, /dev/random, and /dev/zero.

syscall: Short for system call, an interface between the Linux kernel and userspace; Allows processes to communicate and request resources.

journal: System service to collect and store logging data. Related service name is systemd-journal.

umask: numeric value to define the default file creation permissions
userspace: memory area for normal applications and some drivers, usually with one address space per process
UUID: Short for 'Universal Unique Identifier', a 128-bit value used to uniquely identify an object or entity, such as a system or disk

varlink: Method to describe an interface that is readable for humans and computers, such as tcp:127.0.0.1:443 or unix:/run/org.example.ping.

zombie process: A defunct process that has completed execution, but has still an entry in the process table.