Essential Linux system files

The whos who of files in a linux system

view on github

List of system files and directories

Table of contents

  1. Root directory details
  2. Boot loader
  3. Kernel
  4. Devices
  5. File systems
  6. systemd
  7. Services
  8. Shells
  9. Networking
  10. Log files (rsyslogd)
  11. Log files (journald)
  12. Users management
  13. Groups management
  14. Sudo access control
  15. System-wide crontab (with username)
  16. User crontabs (no username)
  17. Aptitude files
  18. Alternatives files
  19. Vim files
  20. User files
  21. System installation logs
  22. Miscellaneous

Root directory details

/                        # file system root
├── bin -> /usr/bin      # binaries for common programs (system, administrator, users)
├── boot                 # startup files (boot loader, kernel, config, initial RAM )
├── dev                  # system device files (represent CPU peripheral hardware)
├── etc                  # system configuration files (similar to windows control panel)
├── home                 # users home directories
├── lib -> /usr/lib      # libraries for common programs
├── lost+found           # data recovered during failures
├── media                # mount points for cdrom, usb, etc
├── mnt                  # mount points for external devices
├── opt                  # third party software
├── proc                 # process information pseudo-filesystem (see man page for details)# - kernel data structures accessors# - info on system state and hardware (cpu, memory, partitions, swap, etc)
├── root                 # root user home directory
├── run                  # /var/run -> /run symlink target, wiped out on reboot
├── sbin -> /usr/sbin    # binaries for common programs (system, administrator, users)
├── sys                  # modern sysfs based alternative to procfs (see /proc)
├── tmp                  # temp system files, wiped out on reboot
├── usr                  # user related programs
└── var                  # temporary files created by users

Note : explanations on procfs vs sysfs can be found here.


Boot loader

  • uname -r prints the current kernel version and architecture.
  • <arch> is x64 for 64-bit systems.
path dir description
/boot/efi X EFI partition mountpoint
/boot/efi/EFI/debian/grub<arch>.efi GRUB boot loader executable
/boot/efi/EFI/debian/grub.cfg GRUB config, points to /boot/grub/grub.cfg
/boot/grub/grub.cfg GRUB UEFI menu configuration file
/boot/grub/<arch>-efi/. X GRUB modules
/boot/vmlinuz-$(uname -r) System kernel image
/boot/config-$(uname -r) System kernel config file
/boot/initrd.img-$(uname -r) Initial ramdisk image (initramfs: initial ram filesystem)
/boot/System.map-$(uname -r) Kernel symbol table, resolves symbol names to memory addresses
/etc/default/grub GRUB default options
/etc/grub.d/. X GRUB menu templates (header, theme, etc ...)

Kernel

path dir description
/proc/sys/. X Kernel variables storage
/proc/loadavg Average system load
/proc/filesystems Kernel supported file systems
/lib/modules/$(uname -r)/kernel/fs/. X Kernel supported file systems (exhaustive)
/etc/sysctl.conf Kernel variables default values
/etc/sysctl.d/. X Additional kernel variables
/etc/modules Kernel modules to load at boot time (initially empty)

Devices

path dir description
/dev/disk/. X Links from storage devices to partitions (by id, partuuid, path, uuid)
/dev/block/. X Links from block devices to partitions (major/minor numbers)
/dev/tty* Native terminals
/dev/pts/. X Pseudo terminals (ssh, etc)
/dev/null Writes are discarded, reads return EOF
/dev/zero Writes are discarded, reads return zero-value ASCII characters
/dev/full Writes produces ENOSPC ("disk full"), reads return zero-value ASCII characters
/dev/random Random bytes from the kernel secure pseudorandom number generator
/dev/std* Standard streams for current process
/dev/fd/. X File descriptors for current process

File systems

path dir description
/proc/partitions System partitions list
/etc/mke2fs.conf Default options for new file systems
/etc/fstab Static list of partitions to mount in the file system at startup
/etc/crypttab Static list of encrypted volumes to mount in the file system at startup

systemd

path dir description
/lib/systemd/system/. X Default configuration units
/etc/systemd/system/. X Administrator configuration units (emulate runlevels)
/run/systemd/system/. X Dynamically generated configuration units (EMPTY)
/etc/systemd/system/default.target Symlink to default system target unit in /lib/systemd/system

Services

path dir description
/etc/services Accepted connections by network service (service name / protocol / port number)
/etc/ssh/. X Host public / private keys + SSH client and server config
/etc/pam.d/. X Configuration files of authentication modules

Shells

path dir description
/bin/bash Default shell, use for shebang and users creation
/bin/sh -> /bin/dash Lightweight shell, no history available, no nothing
/etc/shells List of valid login shells for the system
/etc/profile System-wide .profile file for bash
/etc/bash.bashrc System-wide .bashrc file for bash
/etc/login.defs Login configuration options
--> retries, timeouts, events logs, default commands options ...

Networking

path dir description
/etc/resolv.conf DNS configuration file: local domain + name servers
/etc/host.conf Name resolver configuration file
/etc/hosts List of machines to be contacted over the network without using DNS
/etc/hostname Static hostname (used to initialize the kernel at boot)
/etc/nsswitch.conf Sequential order of names resolvers to contact when process need host name resolution
/etc/protocols Supported internet protocols
/etc/networks IP networks name to addresses mappings

Log files (rsyslogd)

path dir description
/var/log/kern.log Kernel startup logs
/var/log/auth.log Users sessions history logs
/var/log/daemon.log Services activity logs
/var/log/syslog System startup logs
/etc/logrotate.conf Configuration of logs rotation (limiting amount of logs)

Log files (journald)

path dir description
/var/log/journal/.../system* System activity logs (binary data)
/var/log/journal/.../user-<id>* User activity logs (binary data)

Users management

path dir description
/var/run/utmp List of connected users
/etc/default/useradd Default values for useradd
/etc/passwd List of users, edit with useradd, usermod, userdel only
/etc/shadow Shadowed password files for users
/etc/skel/. X Default config files for new users
/etc/adduser.conf Default values for adduser
/etc/deluser.conf Default values for deluser

Groups management

path dir description
/etc/group List of groups, edit with groupadd, groupmod, groupdel only
/etc/gshadow Shadowed passwords files for groups

Sudo access control

path dir description
/etc/sudoers Use visudo to edit this file
/etc/sudo.conf sudo front end options

System-wide crontab (with username)

path dir description
/etc/cron.d/. X Crontabs with unusual scheduling
/etc/crontab System crontab, schedules execution of hourly, daily, etc... jobs
/etc/cron.hourly X Jobs to execute every hour
/etc/cron.daily X Jobs to execute every day
/etc/cron.weekly X Jobs to execute every week
/etc/cron.monthly X Jobs to execute every month

User crontabs (no username)

path dir description
/var/spool/cron/crontabs/. X User crontab files, edit using the crontab command

Aptitude files

path dir description
/etc/apt/sources.list Default apt data sources, formatted
/etc/apt/sources.list.d/. X Additional apt data sources, see man sources.list
/etc/apt/keyrings X PGP public keys for downloaded packages authentication
/usr/share/keyrings X Alternative location for PGP public keys
/var/log/dpkg.log Logging of dpkg status messages

Alternatives files

path dir description
/etc/alternatives/. X Directory containing all the symlinks for alternatives
/etc/apt/sources.list.d/. X Directory containing alternatives description files

Vim files

path dir description
$HOME/.vimrc ...
$HOME/.vim/colors/dante.vim ...

User files

path dir description
$HOME/.profile Executed by bash for login shells
$HOME/.bashrc Executed by bash for non-login shells
$HOME/.bash_profile
$HOME/.bash_login

System installation logs

path dir description
/var/log/installer/lsb-release Logs installer version
/var/log/installer/hardware-summary Logs detected hardware
/var/log/installer/syslog Logs installer messages
/var/log/installer/status Logs packages installed during installation
/var/log/installer/partman Logs initial system partitioning

Miscellaneous

path dir description
/usr/share/dict/american-english List of 102401 known words (dictionary)
/var/spool/mail/. X Local users mail boxes (plain text files)
/var/cache/locate/locatedb Default locate database