Published on 2016 - 07 - 19

Figure illustrates how the Linux filesystem is organized as a hierarchy.

Some of these Linux directories may interest you:

  • /bin—Contains common Linux user commands, such as ls, sort, date, and chmod.
  • /boot—Has the bootable Linux kernel and boot loader configuration files (GRUB).
  • /dev—Contains files representing access points to devices on your systems. These include terminal devices (tty*), floppy disks (fd*), hard disks (hd* or sd*), RAM (ram*), and CD-ROM (cd*). Users can access these devices directly through these device files; however, applications often hide the actual device names from end users.
  • /etc—Contains administrative configuration files. Most of these files are plaintext files that can be edited with any text editor if the user has proper permission.
  • /home—Contains directories assigned to each regular user with a login account. (The root user is an exception, using /root as his or her home directory.)
  • /media—Provides a standard location for automounting devices (removable media in particular). If the medium has a volume name, that name is typically used as the mount point. For example, a USB drive with a volume name of myusb would be mounted on /media/myusb.
  • /lib—Contains shared libraries needed by applications in /bin and /sbin to boot the system.
  • /mnt—A common mount point for many devices before it was supplanted by the standard /media directory. Some bootable Linux systems still use this directory to mount hard disk partitions and remote filesystems. Many people still use this directory to temporarily mount local or remote filesystems that are not mounted permanently.
  • /misc—A directory sometimes used to automount filesystems upon request.
  • /opt—Directory structure available to store add-on application software.
  • /proc—Contains information about system resources.
  • /root—Represents the root user's home directory. The home directory for root does not reside beneath /home for security reasons.
  • /sbin—Contains administrative commands and daemon processes.
  • /tmp—Contains temporary files used by applications.
  • /usr—Contains user documentation, games, graphical files (X11), libraries (lib), and a variety of other commands and files that are not needed during the boot process. The /usr directory is meant for files that don't change after installation (in theory, /usr could be mounted read-only).
  • /var—Contains directories of data used by various applications. In particular, this is where you would place files that you share as an FTP server (/var/ftp) or a web server (/var/www). It also contains all system log files (/var/log) and spool files in /var/spool (such as mail, cups, and news). The /var directory contains directories and files that are meant to change often. On server computers, it is common to create the /var directory as a separate filesystem, using a filesystem type that can be easily expanded.

The filesystems in the DOS and Microsoft Windows operating systems differ from Linux's file structure,

Although similar in many ways, the Linux filesystem has some striking differences from filesystems used in MS-DOS and Windows operating systems. Here are a few:

  • In MS-DOS and Windows filesystems, drive letters represent different storage devices (for example, A: is a floppy drive and C: is a hard disk). In Linux, all storage devices are connected to the filesystem hierarchy. So the fact that all of /usr may be on a separate hard disk or that /mnt/remote1 is a filesystem from another computer is invisible to the user.
  • Slashes, rather than backslashes, are used to separate directory names in Linux. So C:\home\joe in a Microsoft system is /home/joe in a Linux system.
  • Filenames almost always have suffixes in DOS (such as .txt for text files or .doc for word-processing files). Although at times you can use that convention in Linux, three-character suffixes have no required meaning in Linux. They can be useful for identifying a file type. Many Linux applications and desktop environments use file suffixes to determine the contents of a file. In Linux, however, DOS command extensions such as .com, .exe, and .bat don't necessarily signify an executable. (Permission flags make Linux files executable.)
  • Every file and directory in a Linux system has permissions and ownership associated with it. Security varies among Microsoft systems. Because DOS and Microsoft Windows began as single-user systems, file ownership was not built into those systems when they were designed. Later releases added features such as file and folder attributes to address this problem.

Using Metacharacters and Operators

Whether you are listing, moving, copying, removing, or otherwise acting on files in your Linux system, certain special characters, referred to as metacharacters and operators, help you to work with files more efficiently. Metacharacters can help you match one or more files without completely typing each file name. Operators enable you to direct information from one command or file to another command or file.

Using file-matching metacharacters

To save you some keystrokes and to enable you to refer easily to a group of files, the bash shell lets you use metacharacters. Any time you need to refer to a file or directory, such as to list it, open it, or remove it, you can use metacharacters to match the files you want. Here are some useful metacharacters for matching filenames:

  • *—Matches any number of characters.
  • ?—Matches any one character.
  • [...]—Matches any one of the characters between the brackets, which can include a hyphen-separated range of letters or numbers.

The following examples use braces to do pattern matching:

$ ls [abw]*
apple banana watermelon
$ ls [agw]*[ne]
apple grape watermelon

In the first example, any file beginning with a, b, or w is matched. In the second, any file that begins with a, g, or w and also ends with either n or e is matched. You can also include ranges within brackets. For example:

$ ls [a-g]*
apple banana grape grapefruit

Here, any filenames beginning with a letter from a through g are matched.

Using file-redirection metacharacters

Commands receive data from standard input and send it to standard output. Using pipes (described earlier), you can direct standard output from one command to the standard input of another. With files, you can use less than (<) and greater than (>) signs to direct data to and from files. Here are the file-redirection characters:

  • <—Directs the contents of a file to the command. In most cases, this is the default action expected by the command and the use of the character is optional; using less bigfile is the same as less < bigfile.
  • >—Directs the standard output of a command to a file. If the file exists, the content of that file is overwritten.
  • 2>—Directs standard error (error messages) to the file.
  • &>—Directs both standard output and standard error to the file.
  • »—Directs the output of a command to a file, adding the output to the end of the existing file.

Another type of redirection, referred to as here text (also called a here document), enables you to type text that can be used as standard input for a command. Here documents involve entering two less-than characters («) after a command, followed by a word. All typing following that word is taken as user input until the word is repeated on a line by itself. Here is an example:

$ mail root cnegus rjones bdecker «thetext
> I want to tell everyone that there will be a 10 a.m.
> meeting in conference room B. Everyone should attend.
> -- James
> thetext

This example sends a mail message to root, cnegus, rjones, and bdecker usernames. The text entered between «thetext and thetext becomes the content of the message. A common use of here text is to use it with a text editor to create or add to a file from within a script:

/bin/ed /etc/resolv.conf <<resendit

With these lines added to a script run by the root user, the ed text editor adds the IP address of a DNS server to the /etc/resolv.conf file.

Using brace expansion characters

By using curly braces ({}), you can expand out a set of characters across filenames, directory names, or other arguments you give commands. For example, if you want to create a set of files such as memo1 through memo5, you can do that as follows:

$ touch memo{1,2,3,4,5}
$ ls
memo1 memo2 memo3 memo4 memo5

The items that are expanded don't have to be numbers or even single digits. For example, you could use ranges of numbers or digits. You could also use any string of characters, as long as you separate them with commas. Here are some examples:

$ touch {John,Bill,Sally}-{Breakfast,Lunch,Dinner}
$ ls
Bill-Breakfast Bill-Lunch John-Dinner Sally-Breakfast Sally-Lunch
Bill-Dinner John-Breakfast John-Lunch Sally-Dinner
$ rm -f {John,Bill,Sally}-{Breakfast,Lunch,Dinner}
$ touch {a..f}{1..5}
$ ls
a1 a3 a5 b2 b4 c1 c3 c5 d2 d4 e1 e3 e5 f2 f4
a2 a4 b1 b3 b5 c2 c4 d1 d3 d5 e2 e4 f1 f3 f5

In the first example, the use of two sets of braces means John, Bill, and Sally each have filenames associated with Breakfast, Lunch, and Dinner. If I had made a mistake, I could easily recall the command and change touch to rm -f to delete all the files. In the next example, the use of two dots between letters a and f and numbers 1 and 5 specifies the ranges to be used. Notice the files that were created from those few characters.

Listing Files and Directories

The ls command is the most common command used to list information about files and directories. Many options available with the ls command allow you to gather different sets of files and directories, as well as to view different kinds of information about them.

$ ls -la /home/joe
total 158
drwxrwxrwx 2     joe   sales   4096 May 12 13:55 .
drwxr-xr-x 3     root  root    4096 May 10 01:49 ..
-rw------- 1     joe   sales   2204 May 18 21:30 .bash_history
-rw-r--r-- 1     joe   sales     24 May 10 01:50 .bash_logout
-rw-r--r-- 1     joe   sales    230 May 10 01:50 .bash_profile
-rw-r--r-- 1     joe   sales    124 May 10 01:50 .bashrc
drw-r--r-- 1     joe   sales   4096 May 10 01:50 .kde
-rw-rw-r-- 1     joe   sales 149872 May 11 22:49 letter
^          ^     ^     ^     ^      ^            ^
col 1  col 2 col 3 col 4 col 5 col  6        col 7

Here are a few facts about file and directory listings:

  • The number of characters shown for a directory (4096 bytes in these examples) reflects the size of the file containing information about the directory. Although this number can grow above 4096 bytes for a directory that contains lots of files, this number doesn't reflect the size of files contained in that directory.
  • The format of the time and date column can vary. Instead of displaying “May 12,” the date might be displayed as “2011-05-12,” depending upon the distribution and the language setting (LANG variable).
  • On occasion, instead of seeing the execute bit (x) set on an executable file, you may see an s in that spot instead. With an s appearing within either the owner (-rwsr-xr-x) or group (-rwxr-sr-x) permissions, or both (-rwsr-sr-x), the application can be run by any user, but ownership of the running process is assigned to the application's user/group instead of that of the user launching the command. This is referred to as a set UID or set GID program, respectively. For example, the mount command has permissions set as -rwsr-xr-x. This allows any user to run mount to list mounted filesystems (although you still have to be root to use mount to actually mount filesystems from the command line, in most cases).
  • If a t appears at the end of a directory, it indicates that the sticky bit is set for that directory (for example, drwxrwxr-t). By setting the sticky bit on a directory, the directory's owner can allow other users and groups to add files to the directory, but prevent users from deleting each other's files in that directory. With a set GID assigned to a directory, any files created in that directory are assigned the same group as the directory's group. (If you see a capital S or T instead of the execute bits on a directory, it means that the set GID or stick bit permission, respectively, was set, but for some reason the execute bit was not also turned on.)
  • If you see a plus sign at the end of the permission bits (for example, -rw-rw-r--+), it means that extended attributes, such as Access Control Lists (ACLs) or SELinux, are set on the file.

Any file or directory beginning with a dot (.) is considered a hidden file and is not displayed by default with ls. These dot files are typically configuration files or directories that need to be in your home directory, but don't need to be seen in your daily work. The -a lets you see those files.

The -t option displays files in the order in which they were most recently modified. With the -F option, a backslash (/) appears at the end of directory names, an asterisk (*) is added to executable files, and an at sign (@) is shown next to symbolic links.

To show hidden and non-hidden files:

$ ls -a
. apple   docs  grapefruit pointer_to_apple .stuff  watermelon
.. banana grape .hiddendir        .tmpfile

To list all files by time most recently modified:

$ ls -at
.tmpfile .hiddendir ..               docs       watermelon banana
.        .stuff     pointer_to_apple grapefruit apple     grape

To list files and append file-type indicators:

$ ls -F
apple banana docs/ grape grapefruit pointer_to_apple@*

To avoid displaying certain files or directories when you use ls, use the --hide= option. In the next set of examples, any file beginning with g does not appear in the output. Using a -d option on a directory shows information about that directory instead of showing the files and directories the directory contains. The -R option lists all files in the current directory as well as any files or directories that are associated with the original directory. The -S option lists files by size.

To not include any files beginning with the letter g in the list:

$ ls --hide=g*
apple banana docs pointer_to_apple watermelon

To list info about a directory instead of the files it contains:

$ ls -ld $HOME/test/
drwxrwxr-x. 4 joe joe 4096 Dec 18 22:00 /home/joe/test/

Understanding File Permissions and Ownership

The nine bits assigned to each file for permissions define the access that you and others have to your file. Permission bits for a regular file appear as -rwxrwxrwx. Those bits are used to define who can read, write, or execute the file.

Of the nine-bit permissions, the first three bits apply to the owner's permission, the next three apply to the group assigned to the file, and the last three apply to all others. The r stands for read, the w stands for write, and the x stands for execute permissions. If a dash appears instead of the letter, it means that permission is turned off for that associated read, write, or execute bit.

Permission File Directory
Read View what's in the file. See what files and subdirectories it contains.
Write Change the file's content, rename it, or delete it. Add files or subdirectories to the directory. Remove files or directories from the directory.
Execute Run the file as a program. Change to the directory as the current directory, search through the directory, or execute a program from the directory. Access file metadata (file size, time stamps, and so on) of files in that directory.

Changing permissions with chmod (numbers)

If you own a file, you can use the chmod command to change the permission on it as you please. In one method of doing this, each permission (read, write, and execute) is assigned a number—r=4, w=2, and x=1—and you use each set's total number to establish the permission. For example, to make permissions wide open for yourself as owner, you would set the first number to 7 (4+2+1), and then you would give the group and others read-only permission by setting both the second and third numbers to 4 (4+0+0), so that the final number is 744. Any combination of permissions can result from 0 (no permission) through 7 (full permission).

Here are some examples of how to change permission on a file (named file) and what the resulting permission would be:

The following chmod command results in this permission: rwxrwxrwx

# chmod 777 file

The following chmod command results in this permission: rwxr-xr-x

# chmod 755 file

The following chmod command results in this permission: rw-r--r--

# chmod 644 file rw-r--r-

The following chmod command results in this permission: ---------

# chmod 000 file

The chmod command also can be used recursively. For example, suppose you wanted to give an entire directory structure 755 permission (rwxr-xr-x), starting at the $HOME/myapps directory. To do that, you could use the -R option, as follows:

$ chmod -R 755 $HOME/myapps

All files and directories below, and including, the myapps directory in your home directory will have 755 permissions set. Because the numbers approach to setting permission changes all permission bits at once, it's more common to use letters to recursively change permission bits over a large set of files.

Changing permissions with chmod (letters)

You can also turn file permissions on and off using plus (+) and minus (–) signs, respectively, along with letters to indicate what changes and for whom. Using letters, for each file you can change permission for the user (u), group (g), other (o), and all users (a). What you would change includes the read (r), write (w), and execute (x) bits. For example, start with a file that has all permissions open (rwxrwxrwx). Run the following chmod commands using minus sign options. The resulting permissions are shown to the right of each command:
The following chmod command results in this permission: r-xr-xr-x

$ chmod a-w file

The following chmod command results in this permission: rwxrwxrw-

$ chmod o-x file

The following chmod command results in this permission: rwx------

$ chmod go-rwx file

Likewise, the following examples start with all permissions closed (---------). The plus sign is used with chmod to turn permissions on:

The following chmod command results in this permission: rw-------

$ chmod u+rw files

The following chmod command results in this permission: --x--x--x

$ chmod a+x files

The following chmod command results in this permission: r-xr-x---

$ chmod ug+rx files

Using letters to change permission recursively with chmod generally works better than using numbers because you can change bits selectively, instead of changing all permission bits at once. For example, suppose that you want to remove write permission for “other” without changing any other permission bits on a set of files and directories. You could do the following:

$ chmod -R o-w $HOME/myapps

This example recursively removes write permissions for “other” on any files and directories below the myapps directory. If you had used numbers such as 644, execute permission would be turned off for directories; using 755, execute permission would be turned on for regular files. Using o-w, only one bit is turned off and all other bits are left alone.

Setting default file permission with umask

When you create a file as a regular user, it's given permission rw-rw-r-- by default. A directory is given the permission rwxrwxr-x. For the root user, file and directory permission are rw-r--r-- and rwxr-xr-x, respectively. These default values are determined by the value of umask. Type umask to see what your umask value is. For example:

$ umask

If you ignore the leading zero for the moment, the umask value masks what is considered to be fully opened permissions for a file 666 or a directory 777. The umask value of 002 results in permission for a directory of 775(7-0,7-0,7-2) (rwxrwxr-x). That same umask results in a file permission of 664(6-0,6-0,6-2) (rw-rw-r--).

To temporarily change your umask value, run the umask command. Then try creating some files and directories to see how the umask value affects how permissions are set. For example:

$ umask 777 ; touch file01 ; mkdir dir01 ; ls -ld file01 dir01
d---------. 2 joe joe 6 Dec 19 11:03 dir01
----------. 1 joe joe 0 Dec 19 11:02 file01
$ umask 000 ; touch file02 ; mkdir dir02 ; ls -ld file02 dir02
drwxrwxrwx. 2 joe joe 6 Dec 19 11:00 dir02/
-rw-rw-rw-. 1 joe joe 0 Dec 19 10:59 file02
$ umask 022 ; touch file03 ; mkdir dir03 ; ls -ld file03 dir03
drwxr-xr-x. 2 joe joe 6 Dec 19 11:07 dir03
-rw-r--r--. 1 joe joe 0 Dec 19 11:07 file03

If you want to permanently change your umask value, add a umask command to the .bashrc file in your home directory (near the end of that file). The next time you open a shell, your umask is set to whatever value you chose.

Changing file ownership

As a regular user, you cannot change ownership of files or directories to have them belong to another user. You can change ownership as the root user. For example, suppose you created a file called memo.txt, while you were root user, in the user joe's home directory. Here's how you could change it to be owned by joe:

# chown joe /home/joe/memo.txt
# ls -l /home/joe/memo.txt
-rw-r--r--. 1 joe root 0 Dec 19 11:23 /home/joe/memo.txt

Notice that the chown command changed the user to joe but left the group as root. To change both user and group to joe, you could type the following instead:

# chown joe:joe /home/joe/memo.txt
# ls -l /home/joe/memo.txt
-rw-r--r--. 1 joe joe 0 Dec 19 11:23 /home/joe/memo.txt

The chown command can be use recursively as well. Using the recursive option (-R) is helpful if you need to change a whole directory structure to ownership by a particular user. For example, if you inserted a USB drive, which is mounted on the /media/myusb directory, and wanted to give full ownership of the contents of that drive to the user joe, you could type the following:

# chown -R joe:joe /media/myusb