- What Is the Command Line?
- Accessing the Command Line
- User Accounts
- Reading Documentation
- Understanding the Linux File System Hierarchy
- Navigating the Linux File System
- Working with Permissions
- Working with Files
- Working as Root
- Commonly Used Commands and Programs
- References
Understanding the Linux File System Hierarchy
Linux has inherited from UNIX a well-planned hierarchy for organizing things. It isn’t perfect, but it is generally logical and mostly consistent, although distributions do tend to make some modifications that force some thinking and adaptation when moving between, say, Fedora, Slackware, and Ubuntu. Table 4.1 shows some of the top-level directories that are part of a standard Linux distro.
Table 9.1. Basic Linux Directories
Name |
Description |
/ |
The root directory |
/bin |
Essential commands |
/boot |
Boot loader files, Linux kernel |
/dev |
Device files |
/etc |
System configuration files |
/home |
User home directories |
/lib |
Shared libraries, kernel modules |
/lost+found |
Directory for recovered files (if found after a file system check) |
/media |
Mount point for removable media, such as DVDs and floppy disks |
/mnt |
Usual mount point for local, remote file systems |
/opt |
Add-on software packages |
/proc |
Kernel information, process control |
/root |
Super user (root) home |
/sbin |
System commands (mostly root only) |
/srv |
Holds information relating to services that run on your system |
/sys |
Real-time information on devices used by the kernel |
/tmp |
Temporary files |
/usr |
Software not essential for system operation, such as applications |
/var |
Variable data (such as logs); spooled files |
Knowing these directories can help you find files when you need them. This knowledge can even help you partition hard drives when you install new systems by letting you choose to put certain directories on their own distinct partition, which can be useful for things like isolating directories from one another, such as a server security case like putting a directory like /boot that doesn’t change often on its own partition and making it read-only and unchangeable without specific operations being done by a super user during a maintenance cycle. Desktop users probably won’t need to think about that, but the directory tree is still quite useful to know when you want to find the configuration file for a specific program and set some program options systemwide to affect all users.
Some of the important directories in Table 4.1, such as those containing user and root commands or system configuration files, are discussed in the following sections. You may use and edit files under these directories when you use Ubuntu.
Essential Commands in /bin and /sbin
The /bin directory contains essential commands used by the system for running and booting the system. In general, only the root operator uses the commands in the /sbin directory. The software in both locations is essential to the system; they make the system what it is, and if they are changed or removed, it could cause instability or a complete system failure. Often, the commands in these two directories are statically linked, which means that the commands do not depend on software libraries residing under the /lib or /usr/lib directories. Nearly all the other applications on your system are dynamically linked, meaning that they require the use of external software libraries (also known as shared libraries) to run. This is a feature for both sets of software.
The commands in /bin and /sbin are kept stable to maintain foundational system integrity and do not need to be updated often, if at all. For the security of the system, these commands are kept in a separate location and isolated where changes are more difficult and where it will be more obvious to the system administrator if unauthorized changes are attempted or made.
Application software changes more frequently, and applications often use the same functions that other pieces of application software use. This was the genesis of shared libraries. When a security update is needed for something that is used by more than one program, it has to be updated in only one location, a specific software library. This enables easy and quick security updates that will affect several pieces of non-system-essential software at the same time by updating one shared library, contained in one file on the computer.
Configuration Files in /etc
System configuration files and directories reside under the /etc directory. Some major software packages, such as Apache, OpenSSH, and xinetd, have their own subdirectories in /etc filled with configuration files. Others like crontab or fstab use one file. Examples of system-related configuration files in /etc include the following:
- fstab—The file system table is a text file listing each hard drive, CD-ROM, floppy, or other storage device attached to your PC. The table indexes each device’s partition information with a place in your Linux file system (directory layout) and lists other options for each device when used with Linux (see Chapter 20, “Kernel and Module Management”). Nearly all entries in fstab can be manipulated by root using the mount command.
- modprobe.d/—This folder holds all the instructions to load kernel modules that are required as part of the system startup.
- passwd—The list of users for the system, including special-purpose nonhuman users like syslog and CouchDB, along with user account information.
- sudoers—A list of users or user groups with super user access.
User Directories: /home
The most important data on a non-server Linux system often resides in the user’s directories, found under the /home directory. User directories are named by default according to account usernames, so on a computer where I have an account named matthew, my home directory would generally be found in /home/matthew. This can be changed, and if you’re curious you can read more about it in Chapter 10, “Command-Line Master Class.”
Segregating the system and user data can be helpful in preventing data loss and making the process of backing up easier. For example, having user data reside on a separate file system or mounted from a remote computer on the network might help shield users from data loss in the event of a system hardware failure. For a laptop or desktop computer at home, you might place /home on a separate partition from the rest of the file system, so that if the operating system is upgraded, damaged, or reinstalled, /home would be more likely to survive the event intact.
Using the Contents of the /proc Directory to Interact with the Kernel
The content of the /proc directory is created from memory and exists only while Linux is running. This directory contains special files that either extract information from or send information to the kernel. Many Linux utilities extract information from dynamically created directories and files under this directory, also known as a virtual file system. For example, the free command obtains its information from a file named meminfo:
matthew@seymour:~$ free total used free shared buffers cached Mem: 4055680 2725684 1329996 0 188996 1551464 -/+ buffers/cache: 985224 3070456 Swap: 8787512 0 8787512
This information constantly changes as the system is used. You can get the same information by using the cat command to see the contents of the meminfo file:
matthew@seymour:~$ cat /proc/meminfo MemTotal: 4055680 KB MemFree: 1329692 KB Buffers: 189208 KB Cached: 1551488 KB SwapCached: 0 KB Active: 1222172 KB Inactive: 1192244 KB Active(anon): 684092 KB Inactive(anon): 16 KB Active(file): 538080 KB Inactive(file): 1192228 KB Unevictable: 48 KB Mlocked: 48 KB SwapTotal: 8787512 KB SwapFree: 8787512 KB Dirty: 136 KB Writeback: 0 KB AnonPages: 673760 KB Mapped: 202308 KB Shmem: 10396 KB Slab: 129248 KB SReclaimable: 107356 KB SUnreclaim: 21892 KB KernelStack: 2592 KB PageTables: 30108 KB NFS_Unstable: 0 KB Bounce: 0 KB WritebackTmp: 0 KB CommitLimit: 10815352 KB Committed_AS: 1553172 KB VmallocTotal: 34359738367 KB VmallocUsed: 342300 KB VmallocChunk: 34359387644 KB HardwareCorrupted: 0 KB HugePages_Total: 0 HugePages_Free: 0 HugePages_Rsvd: 0 HugePages_Surp: 0 Hugepagesize: 2048 KB DirectMap4k: 38912 KB DirectMap2M: 4153344 KB
The /proc directory can also be used to dynamically alter the behavior of a running Linux kernel by “echoing” numerical values to specific files under the /proc/sys directory. For example, to “turn on” kernel protection against one type of denial-of-service (DoS) attack known as SYN flooding, use the echo command to send the number 1 to the following /proc path:
matthew@seymour:~$ sudo echo 1 >/proc/sys/net/ipv4/tcp_syncookies
Other ways to use the /proc directory include the following:
- Getting CPU information, such as the family, type, and speed from /proc/cpuinfo.
- Viewing important networking information under /proc/net, such as active interfaces information under /proc/net/dev, routing information in /proc/net/route, and network statistics in /proc/net/netstat.
- Retrieving file system information.
- Reporting media mount point information via USB; for example, the Linux kernel reports what device to use to access files (such as /dev/sda) if a USB camera or hard drive is detected on the system. You can use the dmesg command to see this information.
- Getting the kernel version in /proc/version, performance information such as uptime in /proc/uptime, or other statistics such as CPU load, swap file usage, and processes in /proc/stat.
Working with Shared Data in the /usr Directory
The /usr directory contains software applications, libraries, and other types of shared data for use by anyone on the system. Many Linux system administrators give /usr its own partition. A number of subdirectories under /usr contain manual pages (/usr/share/man), software package shared files (/usr/share/name_of_package , such as /usr/share/emacs), additional application or software package documentation (/usr/share/doc), and an entire subdirectory tree of locally built and installed software, /usr/local.
Temporary File Storage in the /tmp Directory
As its name implies, the /tmp directory is used for temporary file storage; as you use Linux, various programs create files in this directory.
Accessing Variable Data Files in the /var Directory
The /var directory contains subdirectories used by various system services for spooling and logging. Many of these variable data files, such as print spooler queues, are temporary, whereas others, such as system and kernel logs, are renamed and rotated in use. Incoming email is usually directed to files under /var/spool/mail.
Linux also uses /var for other important system services. These include the topmost File Transfer Protocol (FTP) directory under /var/ftp (see Chapter 24, “Remote File Serving with FTP”), and the Apache web server’s initial home page directory for the system, /var/www/html. (See Chapter 22, “Apache Web Server Management,” for more information about using Apache.)