- What Is the Command Line?
- Accessing the Command Line
- User Accounts
- Reading Documentation
- Understanding the Linux File System Hierarchy
- Navigating the Linux File System
- Working with Permissions
- Working with Files
- Working as Root
- Commonly Used Commands and Programs
- References
This chapter is from the book
This chapter is from the book
This chapter is from the book
Understanding the Linux File System Hierarchy
Linux has inherited from UNIX a well-planned hierarchy for organizing things. It isn’t perfect, but it is generally logical and mostly consistent, although distributions do tend to make some modifications that force some thinking and adaptation when moving between, say, Fedora, Slackware, and Ubuntu. Table 10.1 shows some of the top-level directories that are part of a standard Linux distro.
Table 10.1 Basic Linux Directories
Directory |
Description |
/ |
The root directory |
/bin |
Essential commands |
/boot |
Boot loader files, Linux kernel |
/dev |
Device files |
/etc |
System configuration files |
/home |
User home directories |
/lib |
Shared libraries, kernel modules |
/lost+found |
Recovered files (if found after a file system check) |
/media |
Mount point for removable media, such as DVDs and floppy disks |
/mnt |
Usual mount point for local, remote file systems, file systems that are additional to the standard, such as a DVD-ROM or another HDD |
/opt |
Add-on software packages |
/proc |
Kernel information, process control |
/root |
Super user (root) home |
/sbin |
System commands (mostly root only) |
/srv |
Information relating to services that run on the system |
/sys |
Real-time information on devices used by the kernel |
/tmp |
Temporary files |
/usr |
Software not essential for system operation, such as applications |
Knowing these directories can help you find files when you need them. This knowledge can even help you partition hard drives when you install new systems; you can choose to put certain directories on their own distinct partition, which can be useful for things like isolating directories from one another (for example, for server security you might put a directory like /boot that doesn’t change often on its own partition and make it read-only and unchangeable without specific operations being done by a super user during a maintenance cycle). Desktop users probably don’t need to think about such operations, but knowing the directory tree is still quite useful when you want to find the configuration file for a specific program and set some program options system-wide to affect all users.
Some of the important directories in Table 10.1, such as those containing user and root commands or system configuration files, are discussed in the following sections. You may use and edit files under these directories when you use Ubuntu.
Essential Commands in /bin and /sbin
The /bin directory contains essential commands used by the system for running and booting the system. In general, only the root operator uses the commands in the /sbin directory. The software in both locations is essential to the system; it makes the system what it is, and changing or removing this software could cause instability or a complete system failure. Often, the commands in these two directories are statically linked, which means the commands do not depend on software libraries residing under the /lib or /usr/lib directories. Nearly all the other applications on your system are dynamically linked, meaning that they require the use of external software libraries (also known as shared libraries) to run. This is a feature for both sets of software.
The commands in /bin and /sbin are kept stable to maintain foundational system integrity and do not need to be updated often, if at all. For the security of the system, these commands are kept in a separate location and isolated so that changes are more difficult and so it will be more obvious to the system administrator if unauthorized changes are attempted or made.
Application software changes more frequently, and applications often use the same functions that other pieces of application software use. This was the genesis of shared libraries. When a security update is needed for something that is used by more than one program, it has to be updated in only one location, a specific software library. This enables easy and quick security updates that will affect several pieces of non-system-essential software at the same time by updating one shared library, contained in one file on the computer.
Configuration Files in /etc
System configuration files and directories reside under the /etc directory. Some major software packages, such as Apache, OpenSSH, and xinetd, have their own subdirectories in /etc, filled with configuration files. Others, like crontab or fstab, use one file. Examples of system-related configuration files in /etc include the following:
fstab—The file system table is a text file that lists each hard drive, CD-ROM, floppy, or other storage device attached to your PC. The table indexes each device’s partition information with a place in your Linux file system (directory layout) and lists other options for each device when used with Linux (see Chapter 22, “Kernel and Module Management”). Nearly all entries in fstab can be manipulated by root using the mount command.
modprobe.d/—This folder holds all the instructions to load kernel modules that are required as part of system startup.
passwd—This file holds the list of users for the system, including special-purpose nonhuman users like syslog and CouchDB, along with user account information.
sudoers—This file holds a list of users or user groups with super user access.
User Directories: /home
The most important data on a nonserver Linux system often resides in the user’s directories, found under the /home directory. User directories are named by default according to account usernames, so on a computer where you have an account named matthew, your home directory would generally be found in /home/matthew. This can be changed, as described in Chapter 11, “Command-Line Master Class, Part 1.”
Segregating the system and user data can be helpful in preventing data loss and making the process of backing up easier. For example, having user data reside on a separate file system or mounted from a remote computer on the network might help shield users from data loss in the event of a system hardware failure. For a laptop or desktop computer at home, you might place /home on a separate partition from the rest of the file system so that if the operating system is upgraded, damaged, or reinstalled, /home would be more likely to survive the event intact.
Using the Contents of the /proc Directory to Interact with the Kernel
The contents of the /proc directory are created from memory and exist only while Linux is running. This directory contains special files that either extract information from or send information to the kernel. Many Linux utilities extract information from dynamically created directories and files under this directory, also known as a virtual file system. For example, the free command obtains its information from a file named meminfo:
matthew@seymour:~$ free
total used free shared buffers cached
Mem: 4055680 2725684 1329996 0 188996 1551464
-/+ buffers/cache: 985224 3070456
Swap: 8787512 0 8787512
This information constantly changes as the system is used. You can get the same information by using the cat command to see the contents of the meminfo file:
matthew@seymour:~$ cat /proc/meminfo MemTotal: 4055680 KB MemFree: 1329692 KB Buffers: 189208 KB Cached: 1551488 KB SwapCached: 0 KB Active: 1222172 KB Inactive: 1192244 KB Active(anon): 684092 KB Inactive(anon): 16 KB Active(file): 538080 KB Inactive(file): 1192228 KB Unevictable: 48 KB Mlocked: 48 KB SwapTotal: 8787512 KB SwapFree: 8787512 KB Dirty: 136 KB Writeback: 0 KB AnonPages: 673760 KB Mapped: 202308 KB Shmem: 10396 KB Slab: 129248 KB SReclaimable: 107356 KB SUnreclaim: 21892 KB KernelStack: 2592 KB PageTables: 30108 KB NFS_Unstable: 0 KB Bounce: 0 KB WritebackTmp: 0 KB CommitLimit: 10815352 KB Committed_AS: 1553172 KB VmallocTotal: 34359738367 KB VmallocUsed: 342300 KB VmallocChunk: 34359387644 KB HardwareCorrupted: 0 KB HugePages_Total: 0 HugePages_Free: 0 HugePages_Rsvd: 0 HugePages_Surp: 0 Hugepagesize: 2048 KB DirectMap4k: 38912 KB DirectMap2M: 4153344 KB
The /proc directory can also be used to dynamically alter the behavior of a running Linux kernel by “echoing” numerical values to specific files under the /proc/sys directory. For example, to “turn on” kernel protection against one type of denial-of-service (DoS) attack known as SYN flooding, use the echo command to send the number 1 to the following /proc path:
matthew@seymour:~$ sudo echo 1 >/proc/sys/net/ipv4/tcp_syncookies
Other ways to use the /proc directory include the following:
Getting CPU information, such as the family, type, and speed from /proc/cpuinfo.
Viewing important networking information under /proc/net, such as active interfaces information in /proc/net/dev, routing information in /proc/net/route, and network statistics in /proc/net/netstat.
Retrieving file system information.
Reporting media mount point information via USB; for example, the Linux kernel reports what device to use to access files (such as /dev/sda) if a USB camera or hard drive is detected on the system. You can use the dmesg command to see this information.
Getting the kernel version in /proc/version, performance information such as uptime in /proc/uptime, or other statistics such as CPU load, swap file usage, and processes in /proc/stat.
Working with Shared Data in the /usr Directory
The /usr directory contains software applications, libraries, and other types of shared data for use by anyone on the system. Many Linux system administrators give /usr its own partition. A number of subdirectories under /usr contain manual pages (/usr/share/man), software package shared files (/usr/share/name_of_package, such as /usr/share/emacs), additional application or software package documentation (/usr/share/doc), and an entire subdirectory tree of locally built and installed software, /usr/local.
Temporary File Storage in the /tmp Directory
As its name implies, the /tmp directory is used for temporary file storage. As you use Linux, various programs create files in this directory. Files in this directory are cleared daily by a cron job and every time the system is booted.
Accessing Variable Data Files in the /var Directory
The /var directory contains subdirectories used by various system services for spooling and logging. Many of these variable data files, such as print spooler queues, are temporary, whereas others, such as system and kernel logs, are renamed and rotated in use. Incoming email is usually directed to files under /var/spool/mail.
Linux also uses /var for other important system services, such as the topmost File Transfer Protocol (FTP) directory under /var/ftp (see Chapter 34, “Remote File Serving with FTP”), and the Apache web server’s initial home page directory for the system, /var/www/html. (See Chapter 25, “Apache Web Server Management,” for more information about using Apache.)