Directory Structure
Unix System Resources /usr
Binary Files
usr/bin
- contains binaries and executables that are essential to the entire os
- run these form the command line
ls
,gzip
,curl
/usr/sbin
- contain system binaries that can only be run by the root (super) user
mount
deluser
/usr/libexec
- The
libexec
directory on Unix-like systems, including Linux, is a standard directory used for storing system-specific, architecture-dependent executable files that are meant to be used internally by other programs or system services.
Libraries
/usr/lib
- contains shared libraries (also called shared objects
.so
)
/usr/lib32
- contains 32 bit shared library files
/usr/libx32
- The x32 ABI is a hybrid of 64-bit and 32-bit ABIs, designed to take advantage of the larger register set of 64-bit processors while using 32-bit pointers to reduce memory consumption.
- The
libx32
directory contains libraries compiled specifically for this ABI.
/usr/lib64
- contains 64 bit shared libraries files
Header Files /usr/include
- contains header files for standard c and c++ libraries
- contain header files for system
- also development libraries installed have their header files here
Shared Files /usr/share
The /usr/share
directory is another important system directory on Linux and Unix-like operating systems. It contains architecture-independent (meaning not specific to a particular CPU architecture) data that is shared across different systems. This data is typically read-only and includes files that are not executables or libraries but are used by applications for various purposes.
Here are some key points about the /usr/share
directory:
-
Shared Data: The primary purpose of
/usr/share
is to store data that can be shared among multiple users and applications. This data may include documentation, images, icons, wallpapers, sound files, themes, fonts, and more. -
Application Resources: Many applications store their shared resources in the
/usr/share
directory. This allows multiple applications to use the same data, reducing duplication and saving disk space. -
System-Wide Configuration: Some system-wide configuration files may also be placed in
/usr/share.
However, it's important to note that configuration files that might be modified by users or administrators are usually stored in other directories like/etc
or/usr/local/etc.
-
Architecture-Independent: The contents of
/usr/share
are architecture-independent, meaning they are the same across systems with different CPU architectures. -
Subdirectories: The
/usr/share
directory is organized into various subdirectories, each containing specific types of data. For example:/usr/share/doc
: Contains documentation files for various installed packages./usr/share/icons
: Holds icon sets used by desktop environments./usr/share/fonts
: Stores fonts available for the system./usr/share/sounds
: Contains sound files used by applications or the system./usr/share/application
: Contains desktop entry files used by applications or the system./usr/share/man
: Contains manual entry files used by applications or the system.
-
Read-Only: By convention, the data in
/usr/share
is read-only, meaning it should not be modified by users or applications.
Locally Managed Resources /usr/local
Nearly same copy of /usr
so that the locally build and installed software don't conflict
with the one installed by the system package manager.
Configuration Files /etc
-
Configuration Files: The primary purpose of the
/etc
directory is to store configuration files for various system components and applications. These files control the behavior and settings of the operating system, services, daemons, and installed software. -
System-wide Configuration: Most of the files in
/etc
affect the entire system and apply to all users. The configuration files stored here are typically edited and maintained by system administrators. -
Access Restrictions: Many files in
/etc
have restricted permissions, allowing only privileged users (usually the root user) to read and modify them. This is to prevent unauthorized users from tampering with critical system settings.- Like
imagemagick
image manipulation utility have security configuration permissions here.
- Like
-
/etc/passwd
Contains user account information. /etc/group
Stores group information for users./etc/hosts
Maps IP addresses to hostnames for local DNS resolution./etc/hostname
Stores the system's hostname./etc/resolv.conf
Configures DNS name resolution settings./etc/fstab
Defines filesystems and their mount options./etc/ssh/sshd_config
Configuration file for the OpenSSH server./etc/sudoers
Configures sudo privileges for users.
User Directories /home
/root
Normal Users /home
- On Linux and Unix-like operating systems, the
/home
directory is a central location where user home directories are typically stored. - Each user on the system is assigned a home directory within
/home
, and it serves as the user's private workspace.
Each user directory has following directories:
.config
- User Configuration files,$XDG_CONFIG_HOME
.local
bin
- user binarieslib
- user library fileslibexec
- user binaries used by other binariesetc
- configurationinclude
- include files for binariesshare
- Data shared across applications,$XDG_DATA_HOME
application
- desktop entry files, override/usr/share/application
fonts
- fonts
.cache
- temporary files,$XDG_CACHE_HOME
.icons
.themes
Root User /root
- On Linux and Unix-like operating systems, the
/root
directory is the home directory for the superuser or root user. The root user is the administrative user with full privileges and unrestricted access to all commands and system resources. - The
/root
directory serves as the root user's private workspace, similar to how the/home
directory is used for regular users.
Boot Information /boot
- files needed to boot the system
- like the linux kernel
Virtual Directories /dev
/proc
/sys
Devices /dev
On Linux and Unix-like operating systems, the /dev
directory is a special directory that contains device files. These device files serve as interfaces to access various hardware devices, pseudo-devices, and other kernel-related functionalities. Unlike regular files that store data on disk, device files provide a way to communicate with and control hardware devices and drivers.
Here are some key points about the /dev
directory:
-
Device Files: Device files are used to represent and interact with hardware devices connected to the system. They are part of the special
device file system
that allows users and applications to communicate with devices using simple read and write operations on these files. -
Types of Device Files: There are two main types of device files in the
/dev
directory:- Character Devices: Represent devices that transfer data character-by-character, such as keyboards, mice, terminals, and serial ports. They are accessed through character device files, usually denoted by the letter
c
in the permissions listing (e.g.,/dev/tty
for a terminal device). - Block Devices: Represent devices that transfer data in fixed-size blocks, such as hard drives and solid-state drives. They are accessed through block device files, typically denoted by the letter
b
in the permissions listing (e.g.,/dev/sda
for a hard drive).
- Character Devices: Represent devices that transfer data character-by-character, such as keyboards, mice, terminals, and serial ports. They are accessed through character device files, usually denoted by the letter
-
Pseudo-Devices: Some device files in
/dev
are pseudo-devices, which do not correspond to physical hardware but provide kernel interfaces for various functionalities. Examples include/dev/null
(a null device that discards data),/dev/zero
(a device that generates null bytes), and/dev/random
(a device that generates random data). -
Device Nodes: Device files are also known as
device nodes.
Each device file has a unique major and minor number combination that identifies the corresponding device driver to which it belongs. When a program accesses a device file, the kernel routes the request to the appropriate driver based on these numbers. -
Permissions: Access to device files is controlled by permissions. Typically, only privileged users (root) or users belonging to specific groups are allowed to access certain device files, especially those that have significant control over hardware.
-
Dynamically Created: Device files in
/dev
are often dynamically created and managed by the system. When devices are detected or drivers are loaded, the associated device files are automatically created.
System /sys
- On Linux systems, the
/sys
directory is a virtual filesystem that provides an interface for interacting with the kernel and accessing information about devices, drivers, and other kernel parameters. Similar to/proc,
the files and directories within/sys
are not actual physical files on disk but instead represent kernel objects and attributes. - Device and Driver Information: The main purpose of the
/sys
directory is to expose information related to devices and drivers in the system. Each device and driver has its directory structure under/sys
, providing details about its current state and configuration. - Kernel Parameters: In addition to device and driver information,
/sys
also exposes various kernel parameters that can be read or modified to control the behavior of the kernel and its components. - File Hierarchy: The
/sys
directory is organized hierarchically, with subdirectories representing different aspects of the system, such as:/sys/devices
Contains information about devices in the system, including their drivers and connection topology./sys/class
Provides a view of devices organized by their class, such as block devices, network devices, etc./sys/module
Shows information about kernel modules that are currently loaded./sys/fs
Contains filesystem-related information, such as mount points and file system features./sys/kernel
Contains various kernel-related information and parameters.- and more.
- Read and Write Access: Some files and directories in
/sys
can be read to obtain information, while others can be written to modify kernel parameters or trigger specific actions. - Debugging and Troubleshooting:
/sys
is valuable for debugging and troubleshooting purposes, as it provides insights into how devices and drivers are interacting with the kernel. - Virtual Filesystem: The data exposed in
/sys
is dynamically generated by the kernel when accessed, and any changes made to its attributes are directly reflected in the kernel's behavior.
Processes /proc
On Linux and Unix-like operating systems, the /proc
directory is a virtual filesystem that provides a window into the kernel and processes running on the system. It does not represent physical files stored on disk but rather exposes information and statistics about the running system as a series of files and directories.
Here are some key points about the /proc
directory:
- Pseudofile System: The
/proc
directory is often referred to as apseudofile system
because the files and directories it contains do not correspond to actual files on disk. Instead, they are dynamically generated by the kernel on-the-fly when accessed and provide a real-time view of various system and process-related information. - System and Process Information: Inside
/proc,
you can find various numerical directories (named after process IDs) and files that provide information about the system, such as:/proc/cpuinfo
: Information about the CPU and its capabilities./proc/meminfo
: Memory-related statistics, including total memory, free memory, etc./proc/version
: Kernel version information./proc/sys
: Contains tunable kernel parameters that control various aspects of the system's behavior./proc/loadavg
: Current system load averages./proc/uptime
: Uptime of the system./proc/net
: Information about network-related statistics.- and more.
- Process Information: The
/proc
directory also contains numerical subdirectories named after process IDs (PIDs). Each PID directory contains information about a specific running process, including its command line, status, memory usage, file descriptors, and more. For example:/proc/<PID>/status
: Provides status information for the process with the specified PID./proc/<PID>/cmdline
: Contains the command-line arguments used to launch the process.
-
Interface with the Kernel: The
/proc
filesystem provides an interface through which user-space programs and utilities can communicate with the kernel and access various system statistics and process information in real-time. -
Security: While
/proc
can be very useful for monitoring and understanding system behavior, it also exposes sensitive information. Access to certain files and directories in/proc
might be restricted to prevent unauthorized access to system data.
Variable Data /var
On Linux and Unix-like operating systems, the /var
directory is used to store variable data—data that is expected to change frequently during the system's operation. This data is not critical for the system to function, but it is essential for various services, applications, and system logs.
Here are some key points about the /var
directory:
- Variable Data: The name
/var
stands forvariable,
as the data stored in this directory is expected to change in size and content over time. Unlike directories such as/bin
and/lib,
which contain essential executables and libraries, the data in/var
is not static and can be modified during the system's runtime. - System Logs
/var/log
: One of the primary uses of/var
is to store system logs and log files generated by various services and applications. For example, system logs kept in/var/log
include messages from the kernel, system daemons, application logs, and user-specific logs. - Spool and Cache Data
/var/spool
/var/cache
: The/var/spool
directory is used for storing spool data related to print jobs, mail queues, and other services that use spooling. Additionally, the/var/cache
directory contains cache data that can be regenerated or discarded without affecting the system's functionality. - Temporary Files: Some temporary files generated by programs during their execution might be stored in
/var/tmp
or/var/run
directories. These files are usually cleared upon system restart and are not intended to persist across reboots. - Application Data: Various applications store variable data, such as configuration files, databases, and user-specific files, in subdirectories within
/var.
- State Information
/var/lib
: The/var/lib
directory is used to store state information for applications, including runtime data and databases. - User Mailboxes
/var/mail
: On some systems, user mailboxes can be found in the/var/mail
directory. - Website data
/var/www
:/var/www
directory is a common location used on Linux and Unix-like operating systems to store website data, files, and web applications for serving content via web servers. It is the default directory where web documents and resources are kept on many web server configurations.
It's important to note that the contents of /var
are expected to change frequently, so it is not suitable for mounting on a read-only file system. Also, it is essential to manage log rotation and purging of logs regularly to prevent /var
from consuming excessive disk space.
Temporary Files /tmp
- The
/tmp
directory on Linux and Unix-like operating systems is a location designated for temporary files. It is used to store data that is only needed temporarily and is expected to be deleted or cleared regularly, usually upon system reboot.
Temporary Filesystem /run
The /run
directory on Linux and Unix-like operating systems is a temporary filesystem that holds temporary files and runtime data for various system services. It is typically mounted as a tmpfs
(a memory-based filesystem) during the system's boot process, allowing it to reside in RAM and providing fast access to frequently changing data.
Here are some key points about the /run
directory:
-
Runtime Data: The primary purpose of the
/run
directory is to store runtime data that needs to be accessed or updated frequently during the system's operation. This includes data related to running services and daemons. -
/var/run Symlink: Historically, runtime data was often stored in the
/var/run
directory. However, to support the use oftmpfs
and improve performance, many modern systems use the/run
directory as a separate mount point or symlink it to/var/run.
-
Early Boot Process: The
/run
directory is created early during the system's boot process and is often used by various init systems and services to store their runtime data. -
Lock Files and PIDs: The
/run
directory is commonly used to store lock files (*.lock
) that indicate the exclusiveness of certain resources and process ID (PID) files that contain the process IDs of running daemons. -
Application Sockets: Some applications use the
/run
directory to create Unix domain sockets, which are used for inter-process communication on the local system. -
Stateless Systems: On stateless systems or systems with volatile root filesystems (e.g., some embedded systems), the
/run
directory may be particularly useful since it doesn't rely on persistent storage. -
Cleaning on Boot: Like
/tmp,
the/run
directory may be cleared upon system reboot to ensure that transient data does not persist across reboots.
The use of /run
has become more prevalent to accommodate modern system designs, such as those used in containerized environments or systems with dynamic configurations. It allows for faster access to runtime data by utilizing memory instead of disk storage and is particularly useful for systems that may not have persistent storage or have limited space available.
Mounting Devices /media
/mnt
/media
On Linux and Unix-like operating systems, the /media
directory is a standard location used as a mount point for removable media devices, such as USB drives, optical discs (CDs/DVDs), external hard drives, and other storage devices. When you connect a removable media device to the system, it is automatically mounted to a subdirectory within /media.
Here are some key points about the /media
directory:
-
Mount Point for Removable Media: The primary purpose of the
/media
directory is to serve as a convenient mount point for accessing the content of removable media devices. When a removable media device is plugged in or inserted, the system automatically mounts it under/media,
making its contents accessible to users. -
Dynamic Mounting: The directories inside
/media
are created dynamically by the system when a removable media device is connected. Each device usually gets its own subdirectory based on the device's label or unique identifier. -
Naming Convention: The subdirectories within
/media
are typically named after the label or identifier of the connected device. For example, a USB drive with the labelUSB_DRIVE
might be mounted at/media/USB_DRIVE.
-
Manual Mounting: In some cases, users may also manually mount removable media devices to
/media
or a subdirectory within it using themount
command. However, modern desktop environments often handle automatic mounting of removable media. -
Unmounting: When the user finishes using the removable media, they can safely unmount it from the system. On some systems, this can be done by simply ejecting or safely removing the device through the desktop environment's interface. Alternatively, users can use the
umount
command to unmount the device. -
Other Media Directories: Some Linux distributions use different directories for automounting removable media, such as
/mnt
or/run/media/<user>.
However,/media
is the most common location on many systems.
It's important to note that the /media
directory is primarily meant for temporarily accessing the content of removable media devices. If you need to permanently mount a filesystem or network share, it's more appropriate to use the /mnt
directory or other appropriate locations depending on the specific use case and system configuration.
/mnt
On Linux and Unix-like operating systems, the /mnt
directory is a standard location intended for temporarily mounting filesystems, network shares, or other storage devices that are not automatically mounted by the system. Unlike the /media
directory, which is used for automatically mounting removable media devices, the /mnt
directory is typically used for manual or one-time mounts.
Here are some key points about the /mnt
directory:
-
Manual Mount Point: The primary purpose of the
/mnt
directory is to provide a location where system administrators or users can manually mount additional filesystems or network shares when needed. It is a general-purpose mount point that can be used for various types of storage devices. -
Temporary Mounts: The
/mnt
directory is suitable for temporary mounts or one-time access to other filesystems or network shares. It is often used for mounting external storage devices, secondary hard drives, NFS shares, or other file systems that are not part of the default system setup. -
No Automatic Mounting: Unlike the
/media
directory, which is often managed by the system for automatic mounting of removable media, the/mnt
directory does not automatically mount any devices or filesystems. Users or administrators need to manually mount devices to this location. -
Mount Subdirectories: To avoid cluttering the
/mnt
directory with multiple mounts, it is common to create subdirectories within/mnt
for each mounted device or network share. For example,/mnt/usb
might be used for a mounted USB drive,/mnt/nfs
for an NFS share, and so on. -
Temporary Usage: It's essential to remember that any filesystems or network shares mounted under
/mnt
are not automatically mounted on subsequent system reboots. These mounts are typically temporary and need to be manually configured or re-mounted as needed. -
System Administrators' Convenience: The
/mnt
directory is particularly useful for system administrators who need to access and manage various storage devices and network shares during system maintenance or troubleshooting.
Third Party Software /opt
The /opt
directory on Linux and Unix-like operating systems is a standard directory used for the installation of optional or third-party software packages. Unlike the system directories such as /usr
and /bin,
which are typically managed by the operating system's package manager and contain essential system files, the /opt
directory is reserved for software that is not part of the core operating system distribution.
Here are some key points about the /opt
directory:
-
Optional Software: The primary purpose of the
/opt
directory is to provide a location for installing optional software packages that are not part of the base system's distribution. These could be third-party applications or software packages that are installed separately from the operating system's standard packages. -
Self-Contained Packages: Software installed in
/opt
is typically self-contained within its own subdirectory. This helps prevent conflicts with other software installed on the system and keeps the optional packages isolated from the system's core components. -
Directory Structure: Each software package installed in
/opt
typically has its own subdirectory within/opt.
For example, if you install a software package calledexampleapp,
it might have its files stored in/opt/exampleapp.
-
Binaries and Libraries: The
/opt
directory may contain executable binaries, libraries, documentation, configuration files, and other assets specific to the software package being installed. -
No Package Manager Management: Unlike the
/usr
and/bin
directories, which are managed by the package manager and its package database, software installed in/opt
is not typically managed by the system's package manager. The responsibility for installation, updates, and removal lies with the software itself or with additional package management tools provided by the software vendor. -
Multiple Versions: In some cases, software packages may support multiple versions installed side by side in separate
/opt
subdirectories to allow users to choose which version to use. -
Avoid Overwriting System Files: One of the main reasons for using
/opt
is to avoid overwriting or conflicting with system files, as software installed in/opt
is isolated from the rest of the system.
It's essential to check the documentation of the software you're installing to confirm the intended usage of the /opt
directory. Some software may use /opt
for optional components, while others may have different conventions for installation.
Services Data /srv
On Linux and Unix-like operating systems, the /srv
directory is used to store data and files related to services provided by the system. It is intended to hold data specific to individual services, such as websites, FTP servers, or other network services.
Here are some key points about the /srv
directory:
-
Service Data: The primary purpose of the
/srv
directory is to provide a location for storing data and files related to services provided by the system. It is often used to store data generated or used by network services, web servers, and other applications that offer services to users or clients. -
Service-Specific Subdirectories: Within the
/srv
directory, subdirectories are created for individual services. For example, a web server might have its website data in/srv/www,
an FTP server might use/srv/ftp,
and so on. -
Separation from System Data: The
/srv
directory is separate from the system directories like/usr,
/bin,
and/etc,
which contain essential system files and executables. Storing service data in/srv
helps keep the system's essential components separate from the data associated with specific services. -
Filesystem Hierarchy Standard: The use of
/srv
is encouraged by the Filesystem Hierarchy Standard (FHS), a set of guidelines that govern the organization of files and directories on Unix-like systems. -
Service Data Persistence: The data stored in
/srv
is usually meant to be persistent, as opposed to the/tmp
directory, which holds temporary data that may be cleared upon system reboot. -
Service Configuration: While the actual configuration files for services are typically stored in other locations (e.g.,
/etc
), the data managed by the services, such as websites, databases, or user uploads, may be stored in/srv.
-
Custom Setup: The use of
/srv
is not required, and some systems may have different conventions for organizing service data. Some administrators may prefer to store service data in other directories like/var
or/home,
depending on their preferences or system requirements.
Recovery /lost+found
The "/lost+found" directory is a special directory found on Unix-like file systems, including Linux. It is used to store recovered files and directories that are found during the file system's consistency check, which is typically performed after an unexpected system shutdown or a file system error.
Here are some key points about the "/lost+found" directory:
-
File System Consistency Check: File systems like ext2, ext3, ext4, and others have built-in mechanisms to check the consistency of the file system's data structures and metadata. These checks are performed regularly or during system startup to ensure the file system remains in a consistent state.
-
Recovered Files: During a file system consistency check, if the system detects orphaned files or directories (i.e., files or directories that are not associated with any parent directory), it attempts to recover them and places them in the "/lost+found" directory.
-
Unique Directory: The "/lost+found" directory is unique because it is automatically created at the root of the file system when the file system is formatted. It is owned by the root user and typically only accessible by the root user.
-
Human Intervention: Usually, the file system consistency check is automatically performed by the system, and users do not need to interact with the "/lost+found" directory directly. However, in the case of serious file system errors or corruption, the system may prompt the administrator to manually intervene and review the recovered files.
-
Ownership and Permissions: Since the "/lost+found" directory is owned by the root user, regular users do not have permissions to create or delete files directly in this directory. Only the root user or an administrator with root privileges can interact with the "/lost+found" directory.
-
Recovery Process: If you encounter files or directories in the "/lost+found" directory, it's essential to carefully review them before taking any action. Some of the files may have lost their original filenames or metadata, making it necessary to determine their identities and restore them to their proper locations manually.