Page 159 - DCAP106_OPERATING_SYSTEM

Page 159 - DCAP106_OPERATING_SYSTEM_TOOLS

P. 159

Operating System Tools

Notes z z /lib as this contains the libraries that are needed by the commands in /bin.

z z /etc as this contains the systems’ configuration files, including those that are needed
during the boot-up of the system.

Example: A main example of a configuration file inside /etc is fstab (which contains
information about the other file systems to mount at boot time).

9.2.4 The Variable Data Location /var

The var location contains variable data. This location is expected to be used frequently throughout
the life time of your installation. It contains log files, cache data, temporary files, etc.
This is the only reason to give /var its own separate file system. That is, by using a dedicated file
system, it is ensured that flooding the /var location doesn’t damage the root file system (as it is
on a different file system).

9.2.5 The Userland Location /usr

This location includes the day-to-day application files of the system. A specific property of the
location is that, if you are not updating your system, it should be left unmodified. In other words,
you should be able to have only read-only access to the /usr location.
Thus, some larger installations use a network-mounted, read-only /usr location. Having /usr on
a separate file system also has other benefits:
z z If you are performing system administration tasks, you could unmount /usr so that end
users don’t run any programs they shouldn’t during the administrative window.

z z By placing /usr (and some other locations) on separate media, you keep your root file
system small which lowers the chance of having a root file system corruption that will
make booting impossible.

z z You can use a file system that is optimized for fast reading (writing doesn’t require specific
response times).

9.2.6 The Home Location /home

This location includes the home directories of the end user. Inside these directories, these users
have full write access. Outside these directories, users usually have read-only rights (or even no
rights at all). The structure inside a home directory is also not bound to specific rules. In effect,
the users’ home directory is the users’ sole responsibility.

This also signifies that users have the means of filling up their home location as they see fit,
possibly flooding the root file system if /home isn’t on a separate partition. For this reason, using
a separate file system for /home is a good thing.
Another benefit of using a separate file system for /home is when you would decide to switch
distributions. That is, your /home file system can be reused for other Linux distributions.

9.2.7 Permissions

By default, Linux supports a DAC (discretionary access control) permission system. In DAC
permission system, privileges are based on the file ownership as well as user identity. However,
projects exist that enable mandatory access control (MAC) on Linux, which bases privileges on
roles and where the administrator can force security policies on files and processes.

152 LOVELY PROFESSIONAL UNIVERSITY

154 155 156 157 158 159 160 161 162 163 164