I am writing this blog from a ubuntu desktop distro, but there are other versions of ubuntu, ubuntu cloud, ubuntu server and so on. Today basically I am interested in ubuntu server version in particular. We may or may not know the truth that Ubuntu has always been used as a server. The company which developed ubuntu, Canonical is using ubuntu for their server from the begining. So it has been a goal of this ubuntu. Later the desktop and server got their path separated for their own good.
When I installed my first ubuntu LVM, I actually followed the settings blindly, I followed what some random guy wrote on their blog or on youtube. But today I want to shed some light on linux directories. The trick is very simple, the more we can understand what our directories do, the more we can secure them and save our time to debug what went wrong.
/bin directory holds the core binaries like ps, ls, rm, mv, chmod, df etc that an administrators or a regular users may need to use.
/sbin directory contains only system binaries which is very crucial for mounting the rest of the system and recovering the system if it can’t boot. Programs like fsck, ifconfig, mkfs, route, and init here. Usually this commands are run by root users.
/lib directory usually contains core system libraries the system needs to complete the boot process and use the binaries under /bin and /sbin. All of the kernel’s modules are also found here under /lib/modules/.
/usr is intended to store all of the noncritical binaries and libraries for the system in UNIX like operating system. if we keep only the core binaries and libraries in /bin, /sbin, and /lib, we can keep the root partition small. Without any update /usr remains relatively static. So we could add an extra layer of security by mounting it read-only and remount it read-write when performing updates.
/usr/bin directory is similar to /bin, but it stores the rest of the binaries on the system that aren’t considered critical. Commands like man, gzip, nano, and other binaries intended for use both by administrators or regular users stays here.
/usr/sbin directory is similar to /sbin, only it stores binaries for administrator use that aren’t critical to booting. Commands like traceroute, chroot, and ntpdate along with a majority of the daemons that are started by init scripts like Web servers, ntp daemons, and mail servers are stored here.
/usr/lib holds the program libraries that supports in binaries under /usr/bin and /usr/lib.
/usr/local is used for custom service, binary or script of your own to the system.
/opt and /usr/local share the same purpose, it stores of third-party programs. Usually the program that installs under /opt are installed under their own directory (such as, say,
/opt/someprogram) and then create their own bin, sbin, and lib directories under there. On one hand this means we can remove a program by removing that directory under /opt, but at the same time it let our PATH environment variable grow rapidly. This directory stores kernel images, initramfs files, and also the GRUB configuration files.
/boot directory exists so that we can potentially separate it out into its own small mount point. When we want to experiment with LVM or an experimental file system for our root partition, we can format a separate /boot partition as ext2 or ext3 with no software RAID or LVM configured and be sure that our boot loader could read it.
/etc stores all the configuration files for the system and services. For example system startup scripts are stored at /etc/init and /etc/init.d. Keeping /etc separated makes it easy to back it up easily. It also makes the recovery process is easier.
/var directory was separated to store files and directories that could be vary in size and change frequently.
/var/log stores the system logs. Log has this tendency to grow out of control when the system is either under load or has a problem. When logs grow out of control, it fills up all the space of system and cause a crash.
/var/spool directory contains subdirectories that stores information of user crontabs, printer spools, and mail spools. In mail server this directory becomes very important. Like any other var it can grow quite large if the server spools a lot of mail for delivery.
/var/www directory won’t exist on all systems, but a Web server is run it will be the default place for the Web server’s docroot and cgi-bin directories.
/home holds all of the personal files for user accounts on that machine. It can also grow quite large. The advantage of separating this directory is that when we decide to change distributions, we could install the system on the root partition and overwrite what was there but preserve all user settings here.
/dev directory contains all of the device files of the system. These files include disk devices, keyboards, mice, and any other devices the system detects. On classic Linux systems these files. This directory is also pretty static, but on a modern Ubuntu server device files are often created on the fly by the udev program as devices are added or modules are loaded.
/media directory for these devices so it can keep /mnt for temporary mount points for nonremovable media such as floppy disks, CD-ROMs, and USB drives.
/proc is not an actual area on disk but it is a virtual file systems under Linux, It exists in RAM. Every process gets a directory full of live information, under /proc corresponding to its PID.It also stores virtual files related to the kernel process itself. We can query such things as the options passed to the kernel at boot (/proc/cmdline) or view settings for different kernel devices or other settings. A number of the kernel /proc files can also be used to not only read settings, but set them by writing to the corresponding file.
/sys directory is also a virtual file system. The files within /sys provide information about devices and drivers on your system, and the file system was created in part so that these sorts of files would no longer clutter up /proc. As with /proc, not only do many of the files within /sys provide information about parts of the system, but we can also write to various files to change settings on the fly.
/tmp is to store temporary files that don’t have to persist after a reboot. A common problem, though, is that a program might store far too much data in /tmp, and if it is part of the root partition, the entire root partition can fill up. A common culprit is vi. When you open a file with vi, a temporary copy of the file is placed in /tmp. I can’t count the number of times I’ve been paged because a server’s root partition was full, only to find out that a user used vi to open a 500Mb log file and dumped an equivalently sized temporary file under /tmp. I then had to kill the vi session and instruct the user on using a program such as less or more to view large text files.
1. BRACU Ayesha Abed Library
2. Kyle Rankin and Benjamin Mako Hill
3. My boredom 😛