애플리케이션 실행을 위해 Linux에서 별도의 사용자 생성

왜? Linux에서 서로 다른 애플리케이션에 대해 별도의 사용자를 만드는 이유

I prefer to have each application service run as its own user in order to have as much isolation between them as possible. If any part of the system gets broken or compromised I'd like to localise the damage as much as possible.

When deploying a production service in Linux you want to configure it as securely as possible. Ideally, you will create a unique Linux user for each service and give them only read and write permission to the exact files they need. You can go even further and create a "system" user that has no home directory, no login shell, and no password. This prevents the user from being able to login and does not provide a home directory for them to store files. If the service was ever compromised this limits the actions an attacker can take with the user running the service.

Technically, it makes no difference, but in the real world it turns out there are long term benefits in keeping user and software accounts in separate parts of the numeric space.
Mostly, it makes it easy to tell what the account is, and if a human should be able to log in.

다음으로 Linux에서 다른 응용 프로그램에 대해 별도의 사용자를 만드는 방법입니다. (우분투의 경우 여기를 클릭하십시오.)

adduser newuser

usermod -aG sudo newuser

For more details see this

• Switching to the newly created user

su - newuser

예: Ubuntu에서 Tomcat용 사용자 생성

1. Create a non-root user to run Tomcat. First create a group called tomcat that runs the server

sudo groupadd tomcat

sudo useradd -s /bin/false -g tomcat -d /opt/tomcat tomcat