Standard and/or common directories on Unix/Linux OSes
et cetera. Even if I had no idea what these folders did, I could guess with good accuracy from their names.
Now I’m taking a good look at Linux, and getting quite confused about how to find my way around the file system.
- /bin contains binaries. But so do /sbin , /usr/bin , /usr/sbin , and probably more that I don’t know about. Which is which?? What is the difference between them? If I want to make a binary and put it somewhere system-wide, where do I put it?
- /media contains external media file systems. But so does /mnt . And neither of them contain anything on my system at the moment; everything seems to be in /dev . What’s the difference? Where are the other partitions on my hard disk, like the C: and D: that were in Windows?
- /home contains the user files and settings. That much is intuitive, but then, what is supposed to go into /usr ? And how come /root is still separate, even though it’s a user with files and settings?
- /lib contains shared libraries, like DLLs. But so does /usr/lib . What’s the difference?
- What is /etc ? Does it really stand for «et cetera», or something else? What kinds of files should go in there — global or local? Is it a catch-all for things no one knew where to put, or is there a particular use case for it?
- What are /opt , /proc , and /var ? What do they stand for and what are they used for? I haven’t seen anything like them in Windows*, and I just can’t figure out what they might be for.
If anyone can think of other standard places that might be good to know about, feel free to add it to the question; hopefully this can be a good reference for people like me, who are starting to get familiar with *nix systems.
*OK, that’s a lie. I’ve seen similar things in WinObj, but obviously not on a regular basis. I still don’t know what these do on Linux, though.
Thanks for keeping a good spirit of learning. This topic is often contentious. See my answer to this question for some extra explanations about the fundamental differences between file system structures in Windows vs Linux.
Don’t think of «usr» as the abbreviation of «user» but «Unix System Resources» (even if it’s probably a backronym since it did contain users’ directories years ago) (linux-training.be/files/books/html/fun/ch09s08.html).
There’s no use trying to justify Unix/Linux/etc’s cryptic directory naming against Windows (Or Mac OS X). It’s just how it is.
As of 2017, the Windows folder structure is a complete mess. C:\Program Files , C:\ProgramData , %HOME%\AppData\Local , %HOME%\AppData\LocalLow , C:\Windows\SystemApps . All examples where one can find executables in Windows. And I will not even talk about configuration files & the registry, I don’t want to get even more depressed. PS: I work primarily in Windows.
3 Answers 3
You can also try man hier .
I’ll try to sum up answers your questions off the top of my head, but I strongly suggest that you read through the FHS:
- /bin is for non-superuser system binaries
- /sbin is for superuser (root) system binaries
- /usr/bin & /usr/sbin are for non-critical shared non-superuser or superuser binaries, respectively
- /mnt is for temporarily mounting a partition
- /media is for mounting many removable media at once
- /dev contains your system device files; it’s a long story 🙂
- The /usr folder, and its subfolders, can be shared with other systems, so that they will have access to the same programs/files installed in one place. Since /usr is typically on a separate filesystem, it doesn’t contain binaries that are necessary to bring the system online.
- /root is separate because it may be necessary to bring the system online without mounting other directories which may be on separate partitions/hard drives/servers
- Yes, /etc stands for «et cetera». Configuration files for the local system are stored there.
- /opt is a place where you can install programs that you download/compile. That way you can keep them separate from the rest of the system, with all of the files in one place.
- /proc contains information about the kernel and running processes
- /var contains variable size files like logs, mail, webpages, etc.
To access a system, you generally don’t need /var, /opt, /usr, /home; some of potentially largest directories on a system.
One of my favorites, which some people don’t use, is /srv. It’s for data that is being hosted via services like http/ftp/samba. I’ve see /var used for this a lot, which isn’t really its purpose.
Good overview addressing the specific questions. Note that some distros use /home/users/username for users and /home/services/servicename for what you mention /src being for. I think this works out better in that it’s more versatile to partition. You can have it on it’s own partition or use the same partition and your user data, which is often what I want to do.
/usr should contain files specific to the applications being on the operating system and/or third-party files. It is not intriniscally sharable! Although LSB argues for these being kept in /opt. /usr/share on the other hand can contain files which are sharable across machines of different architectures / OS versions. These are all just conventions though! It’s quite possible (though a lot of hard work) to use a completely different structure. There are other conventions though — like Oracle’s Optimal Flexible Architecture
Another thing to keep in mind about Unix is the concept that «everything is a file» (or at least looks like one). For example, the stuff in /proc looks like files and directories, but the contents are really created dynamically by the kernel when you access them. This means that you can use the same tools (ls, cat, etc.) to access this information.
@symcbean From the FHS: «. /usr is shareable, read-only data. That means that /usr should be shareable between various FHS-compliant hosts . «. Obviously some files are architecture dependent, and some distributions expect wildly different directory hierarchies. The solution is to do your homework, like a good Admin 🙂
I won’t answer about what they all mean (others have), but give a little historical context.
First, remember that UNIX is getting close to 40 years old, back in the days of paper tape and 300 baud hard-coded terminals to mainframes (Windows XP system is close to 10 year old). Typing was slow and the need for efficiency in typing outweighed a lot of other considerations. That is the reason for the very short basic commands (i.e. ‘ls’, ‘cat’, ‘cc’, ‘dd’, etc.). The same was with the directory structures. The thought was that if the command is more than three or four characters then the name was too long.
The /usr directory originally contained user’s home directories since most of the commands were in /bin and all the device files were in /dev. Later it was thought to make the primary drive (the root filesystem, ‘/’) small for faster boot times. So other structures like /usr/bin, /usr/include and /usr/lib came about, where /usr was a separate «drive». Much later, it was thought to have user’s home directories in /home, yet another drive. And much later than that, to have a /var (short for variable/changable). The /etc directory did mean ‘et cetera’ since that was the catch-all location of all the system configuration files. The /mnt was used as a temporary place to access a drive (often a backup drive). Directories like /opt, /proc and /media came much much later.
There is a lot that is left out (like /usr/local and /net), but this gives a brief description of why the names are ‘less intuitive’.
Common Directories in Linux
Linus Torvalds says that there are so many directories where we can go for getting a more information about linux. These are the common top-level directories associated with the root directory: Common Directories in Linux
/etc
This root directory is one of the most important root directories on your system. The etc folder (short for etcetera) is a common place locate to store system files that are used by your operating system.
For example, the sudoers file highlighted in this screenshot below contains a list of the users and groups that have permission to run sudo or a set of commands as the root user.
Also highlighted below are the «passwd » and «shadow » files. These two files are special for Linux as they show how your system stores the passwords for each user in encrypted formatting called sha512.
/var
The «/var» directory with «var» being short for variable data, is one of the main root folders found on a Linux install. This folder stores data that is frequently accessed or written by services or applications running on the system. For example, log files from running services and applications are written here (/var/log), or other data that is not necessarily associated with a specific user (i.e, databases and the like).
/root
Unlike the /home directory , the /root folder is actually the home for the «root» system user. There isn’t anything more to this folder other than just understanding that this is the home directory for the «root» user. But, it is worth a mention as the logical presumption is that this user would have their data in a directory such as «/home/root» by default.
/tmp
This is a unique root directory found on a Linux install. Short for «temporary», the /tmp directory is volatile and is used to store data that is only needed to be accessed once or twice. Similar to the memory on your computer, once the computer is restarted, the contents of this folder are cleared out.
What’s useful for us in pentesting is that any user can write to this folder by default. Meaning once we have access to a machine, it serves as a good place to store things like our enumeration scripts.
Disclaimer
All tutorials are for informational and educational purposes only and have been made using our own routers, servers, websites and other vulnerable free resources. we do not contain any illegal activity. We believe that ethical hacking, information security and cyber security should be familiar subjects to anyone using digital information and computers. Hacking Truth is against misuse of the information and we strongly suggest against it. Please regard the word hacking as ethical hacking or penetration testing every time this word is used. We do not promote, encourage, support or excite any illegal activity or hacking.