System Files
System Files
Copyright(c) Management Analytics, 1995 - All Rights Reserved
Copyright(c), 1990, 1995 Dr. Frederick B. Cohen - All Rights Reserved
By convention, system files under UNIX are stored
under specific names in specific places in the file-structure.
There are a lot of files and directories used for UNIX
system files, and we will only describe those which are most
important to systems administration and protection. Some
filenames depend on the specific UNIX version you are
using, but most of them are uniform across all implementations.
The root directory normally contains the following:
- The `/etc' directory is used to store highly volatile state
information including the list of users, groups,
passwords, terminal connections, operating system parameters, system
startup sequences, the message of the day, and other such things.
- The `/bin' directory is used to store system critical executable
programs, including most of the tools described in this manual.
- The `/lib' directory is used to store system libraries.
- The `/dev' directory is used to store the block-special
and character-special files that represent most of the
peripheral devices and other physical system resources.
- The `/unix' file is the executable code for the operating
system kernel.
- The `/usr' directory is usually used to store the `home'
directories associated with each user's storage area. It is also
used to store other non-system files.
- The `/tmp' directory is a temporary area used for storing
intermediate results.
- The `lost+found' directory in each file-structure is used to
store lists of disk areas which are not useble for storage. This is
normally because of hardware failures, but can occasionally be caused by
software failures.
The `/usr' and `/etc' directories are particularly important
to the systems administrator because they contain many of the critical
configuration and user files. We begin with the
files in /etc:
- `/etc/passwd' contains a list of the Uids of all
authorized users. It lists the Uid, the encrypted
password associated with that Uid, the integer associated with
the Uid, the default group for that Uid upon
login, the name of the user, the directory the user
is placed in upon login, and the program run upon login by
that user.
- `/etc/groups' contains a list of Gids, the integer
associated with them, and the Uids comprising each group.
- `/etc/TIMEZONE' stores the timezone of the computer relative
to Grenich Mean Time, and is used to perform time conversions.
- `/etc/bupsched' lists the times and days at which to notify
the console that it is time to perform a backup. Each
file-system is separately listed in the backup schedule.
- `/etc/fstab' stores a list of the file-systems and how
they are to mounted at system startup. This automates one of the many
startup functions that would otherwise have to be done manually by the
systems administrator at startup.
- `/etc/gettydefs' specifies a set of macros for the treatment
of terminals by the login process. It normally specifies
sequences of baud rates, control parameters, and next entries in the
table.
- `/etc/inittab' specifies how each non-mountable peripheral
device is to be handled in each machine state. Machine states usually
include a powerfail state, a power-up self-test state, a microcode
state, a single-user state, and a multi-user state. Some machines also
have other states determined by the system designers. Inittab is
normally used to turn devices on or off, specify how they are handled by
`/etc/gettydefs', and initialize the terminal before login.
Inittab can also be used to run a non-standard program on a terminal.
For example, it could be used to automatically implement a systems
administration capability, a printer controller, a batch processing
mechanism, or a limited function menu system.
- `/etc/motd' contains a ``message of the day'' that is printed
on each terminal at login.
- `/etc/profile' contains an Sh script that is run at
login before granting the user process control over
the terminal.
- `/etc/stdprofile' contains a standard login profile
copied into each user's directory when they are first added as
users.
- `/etc/termcap' contains a list of the different types of
terminals and how they are interfaced with by terminal control programs.
This allows thousands of different types of terminals to be handled
uniformly by all /unix programs.
The directories in `/usr' are less critical to system operation:
- The `/usr/admin' directory stores systems administration
menus.
- The `/usr/bin' directory stores commonly used binary
executable programs not required for systems operation.
- The `/usr/local' directory is used to store local versions of
programs, and typically has 'bin', 'src', 'lib', and 'include'
directories.
- The `/usr/include' directory contains header files
included by user programs. These files store
configuration or system dependent structures.
- The `/usr/lib' directory stores library files with
commonly used subroutines.
- The `/usr/spool' directory contains spooling areas for
printer queues and other spooled input and output.
- The `/usr/tmp' directory is used for temporary storage of
non-system temporary files.