1FILE-HIERARCHY(7) file-hierarchy FILE-HIERARCHY(7)
2
6 file-hierarchy - File system hierarchy overview
7
9 Operating systems using the systemd(1) system and service manager are
10 organized based on a file system hierarchy inspired by UNIX, more
11 specifically the hierarchy described in the File System Hierarchy[1]
12 specification and hier(7), with various extensions, partially
13 documented in the XDG Base Directory Specification[2] and XDG User
14 Directories[3]. This manual page describes a more generalized, though
15 minimal and modernized subset of these specifications that defines more
16 strictly the suggestions and restrictions systemd makes on the file
17 system hierarchy.
18 Many of the paths described here can be queried with the systemd-
20 path(1) tool.
21
23 /
24 The file system root. Usually writable, but this is not required.
25 Possibly a temporary file system ("tmpfs"). Not shared with other
26 hosts (unless read-only).
27 /boot/
29 The boot partition used for bringing up the system. On EFI systems,
30 this is possibly the EFI System Partition (ESP), also see systemd-
31 gpt-auto-generator(8). This directory is usually strictly local to
32 the host, and should be considered read-only, except when a new
33 kernel or boot loader is installed. This directory only exists on
34 systems that run on physical or emulated hardware that requires
35 boot loaders.
36 /efi/
38 If the boot partition /boot/ is maintained separately from the EFI
39 System Partition (ESP), the latter is mounted here. Tools that need
40 to operate on the EFI system partition should look for it at this
41 mount point first, and fall back to /boot/ — if the former doesn't
42 qualify (for example if it is not a mount point or does not have
43 the correct file system type MSDOS_SUPER_MAGIC).
44 /etc/
46 System-specific configuration. This directory may or may not be
47 read-only. Frequently, this directory is pre-populated with
48 vendor-supplied configuration files, but applications should not
49 make assumptions about this directory being fully populated or
50 populated at all, and should fall back to defaults if configuration
51 is missing.
52 /home/
54 The location for normal user's home directories. Possibly shared
55 with other systems, and never read-only. This directory should only
56 be used for normal users, never for system users. This directory
57 and possibly the directories contained within it might only become
58 available or writable in late boot or even only after user
59 authentication. This directory might be placed on
60 limited-functionality network file systems, hence applications
61 should not assume the full set of file API is available on this
62 directory. Applications should generally not reference this
63 directory directly, but via the per-user $HOME environment
64 variable, or via the home directory field of the user database.
65 /root/
67 The home directory of the root user. The root user's home directory
68 is located outside of /home/ in order to make sure the root user
69 may log in even without /home/ being available and mounted.
70 /srv/
72 The place to store general server payload, managed by the
73 administrator. No restrictions are made how this directory is
74 organized internally. Generally writable, and possibly shared among
75 systems. This directory might become available or writable only
76 very late during boot.
77 /tmp/
79 The place for small temporary files. This directory is usually
80 mounted as a "tmpfs" instance, and should hence not be used for
81 larger files. (Use /var/tmp/ for larger files.) Since the directory
82 is accessible to other users of the system, it is essential that
83 this directory is only written to with the mkstemp(3), mkdtemp(3)
84 and related calls. This directory is usually flushed at boot-up.
85 Also, files that are not accessed within a certain time are usually
86 automatically deleted. If applications find the environment
87 variable $TMPDIR set, they should prefer using the directory
88 specified in it over directly referencing /tmp/ (see environ(7) and
89 IEEE Std 1003.1[4] for details).
90
92 /run/
93 A "tmpfs" file system for system packages to place runtime data in.
94 This directory is flushed on boot, and generally writable for
95 privileged programs only. Always writable.
96 /run/log/
98 Runtime system logs. System components may place private logs in
99 this directory. Always writable, even when /var/log/ might not be
100 accessible yet.
101 /run/user/
103 Contains per-user runtime directories, each usually individually
104 mounted "tmpfs" instances. Always writable, flushed at each reboot
105 and when the user logs out. User code should not reference this
106 directory directly, but via the $XDG_RUNTIME_DIR environment
107 variable, as documented in the XDG Base Directory Specification[2].
108
110 /usr/
111 Vendor-supplied operating system resources. Usually read-only, but
112 this is not required. Possibly shared between multiple hosts. This
113 directory should not be modified by the administrator, except when
114 installing or removing vendor-supplied packages.
115 /usr/bin/
117 Binaries and executables for user commands that shall appear in the
118 $PATH search path. It is recommended not to place binaries in this
119 directory that are not useful for invocation from a shell (such as
120 daemon binaries); these should be placed in a subdirectory of
121 /usr/lib/ instead.
122 /usr/include/
124 C and C++ API header files of system libraries.
125 /usr/lib/
127 Static, private vendor data that is compatible with all
128 architectures (though not necessarily architecture-independent).
129 Note that this includes internal executables or other binaries that
130 are not regularly invoked from a shell. Such binaries may be for
131 any architecture supported by the system. Do not place public
132 libraries in this directory, use $libdir (see below), instead.
133 /usr/lib/arch-id/
135 Location for placing dynamic libraries into, also called $libdir.
136 The architecture identifier to use is defined on Multiarch
137 Architecture Specifiers (Tuples)[5] list. Legacy locations of
138 $libdir are /usr/lib/, /usr/lib64/. This directory should not be
139 used for package-specific data, unless this data is
140 architecture-dependent, too. To query $libdir for the primary
141 architecture of the system, invoke:
142 # systemd-path system-library-arch
144 /usr/share/
146 Resources shared between multiple packages, such as documentation,
147 man pages, time zone information, fonts and other resources.
148 Usually, the precise location and format of files stored below this
149 directory is subject to specifications that ensure
150 interoperability.
151 /usr/share/doc/
153 Documentation for the operating system or system packages.
154 /usr/share/factory/etc/
156 Repository for vendor-supplied default configuration files. This
157 directory should be populated with pristine vendor versions of all
158 configuration files that may be placed in /etc/. This is useful to
159 compare the local configuration of a system with vendor defaults
160 and to populate the local configuration with defaults.
161 /usr/share/factory/var/
163 Similar to /usr/share/factory/etc/, but for vendor versions of
164 files in the variable, persistent data directory /var/.
165
167 /var/
168 Persistent, variable system data. Must be writable. This directory
169 might be pre-populated with vendor-supplied data, but applications
170 should be able to reconstruct necessary files and directories in
171 this subhierarchy should they be missing, as the system might start
172 up without this directory being populated. Persistency is
173 recommended, but optional, to support ephemeral systems. This
174 directory might become available or writable only very late during
175 boot. Components that are required to operate during early boot
176 hence shall not unconditionally rely on this directory.
177 /var/cache/
179 Persistent system cache data. System components may place
180 non-essential data in this directory. Flushing this directory
181 should have no effect on operation of programs, except for
182 increased runtimes necessary to rebuild these caches.
183 /var/lib/
185 Persistent system data. System components may place private data in
186 this directory.
187 /var/log/
189 Persistent system logs. System components may place private logs in
190 this directory, though it is recommended to do most logging via the
191 syslog(3) and sd_journal_print(3) calls.
192 /var/spool/
194 Persistent system spool data, such as printer or mail queues.
195 /var/tmp/
197 The place for larger and persistent temporary files. In contrast to
198 /tmp/, this directory is usually mounted from a persistent physical
199 file system and can thus accept larger files. (Use /tmp/ for
200 smaller files.) This directory is generally not flushed at boot-up,
201 but time-based cleanup of files that have not been accessed for a
202 certain time is applied. The same security restrictions as with
203 /tmp/ apply, and hence only mkstemp(3), mkdtemp(3) or similar calls
204 should be used to make use of this directory. If applications find
205 the environment variable $TMPDIR set, they should prefer using the
206 directory specified in it over directly referencing /var/tmp/ (see
207 environ(7) for details).
208
210 /dev/
211 The root directory for device nodes. Usually, this directory is
212 mounted as a "devtmpfs" instance, but might be of a different type
213 in sandboxed/containerized setups. This directory is managed
214 jointly by the kernel and systemd-udevd(8), and should not be
215 written to by other components. A number of special purpose virtual
216 file systems might be mounted below this directory.
217 /dev/shm/
219 Place for POSIX shared memory segments, as created via shm_open(3).
220 This directory is flushed on boot, and is a "tmpfs" file system.
221 Since all users have write access to this directory, special care
222 should be taken to avoid name clashes and vulnerabilities. For
223 normal users, shared memory segments in this directory are usually
224 deleted when the user logs out. Usually, it is a better idea to use
225 memory mapped files in /run/ (for system programs) or
226 $XDG_RUNTIME_DIR (for user programs) instead of POSIX shared memory
227 segments, since these directories are not world-writable and hence
228 not vulnerable to security-sensitive name clashes.
229 /proc/
231 A virtual kernel file system exposing the process list and other
232 functionality. This file system is mostly an API to interface with
233 the kernel and not a place where normal files may be stored. For
234 details, see proc(5). A number of special purpose virtual file
235 systems might be mounted below this directory.
236 /proc/sys/
238 A hierarchy below /proc/ that exposes a number of kernel tunables.
239 The primary way to configure the settings in this API file tree is
240 via sysctl.d(5) files. In sandboxed/containerized setups, this
241 directory is generally mounted read-only.
242 /sys/
244 A virtual kernel file system exposing discovered devices and other
245 functionality. This file system is mostly an API to interface with
246 the kernel and not a place where normal files may be stored. In
247 sandboxed/containerized setups, this directory is generally mounted
248 read-only. A number of special purpose virtual file systems might
249 be mounted below this directory.
250
252 /bin/, /sbin/, /usr/sbin/
253 These compatibility symlinks point to /usr/bin/, ensuring that
254 scripts and binaries referencing these legacy paths correctly find
255 their binaries.
256 /lib/
258 This compatibility symlink points to /usr/lib/, ensuring that
259 programs referencing this legacy path correctly find their
260 resources.
261 /lib64/
263 On some architecture ABIs, this compatibility symlink points to
264 $libdir, ensuring that binaries referencing this legacy path
265 correctly find their dynamic loader. This symlink only exists on
266 architectures whose ABI places the dynamic loader in this path.
267 /var/run/
269 This compatibility symlink points to /run/, ensuring that programs
270 referencing this legacy path correctly find their runtime data.
271
273 User applications may want to place files and directories in the user's
274 home directory. They should follow the following basic structure. Note
275 that some of these directories are also standardized (though more
276 weakly) by the XDG Base Directory Specification[2]. Additional
277 locations for high-level user resources are defined by
278 xdg-user-dirs[3].
279 ~/.cache/
281 Persistent user cache data. User programs may place non-essential
282 data in this directory. Flushing this directory should have no
283 effect on operation of programs, except for increased runtimes
284 necessary to rebuild these caches. If an application finds
285 $XDG_CACHE_HOME set, it should use the directory specified in it
286 instead of this directory.
287 ~/.config/
289 Application configuration and state. When a new user is created,
290 this directory will be empty or not exist at all. Applications
291 should fall back to defaults should their configuration or state in
292 this directory be missing. If an application finds $XDG_CONFIG_HOME
293 set, it should use the directory specified in it instead of this
294 directory.
295 ~/.local/bin/
297 Executables that shall appear in the user's $PATH search path. It
298 is recommended not to place executables in this directory that are
299 not useful for invocation from a shell; these should be placed in a
300 subdirectory of ~/.local/lib/ instead. Care should be taken when
301 placing architecture-dependent binaries in this place, which might
302 be problematic if the home directory is shared between multiple
303 hosts with different architectures.
304 ~/.local/lib/
306 Static, private vendor data that is compatible with all
307 architectures.
308 ~/.local/lib/arch-id/
310 Location for placing public dynamic libraries. The architecture
311 identifier to use is defined on Multiarch Architecture Specifiers
312 (Tuples)[5] list.
313 ~/.local/share/
315 Resources shared between multiple packages, such as fonts or
316 artwork. Usually, the precise location and format of files stored
317 below this directory is subject to specifications that ensure
318 interoperability. If an application finds $XDG_DATA_HOME set, it
319 should use the directory specified in it instead of this directory.
320
322 Unprivileged processes generally lack write access to most of the
323 hierarchy.
324 The exceptions for normal users are /tmp/, /var/tmp/, /dev/shm/, as
326 well as the home directory $HOME (usually found below /home/) and the
327 runtime directory $XDG_RUNTIME_DIR (found below /run/user/) of the
328 user, which are all writable.
329 For unprivileged system processes, only /tmp/, /var/tmp/ and /dev/shm/
331 are writable. If an unprivileged system process needs a private
332 writable directory in /var/ or /run/, it is recommended to either
333 create it before dropping privileges in the daemon code, to create it
334 via tmpfiles.d(5) fragments during boot, or via the StateDirectory= and
335 RuntimeDirectory= directives of service units (see systemd.unit(5) for
336 details).
337
339 Unix file systems support different types of file nodes, including
340 regular files, directories, symlinks, character and block device nodes,
341 sockets and FIFOs.
342 It is strongly recommended that /dev/ is the only location below which
344 device nodes shall be placed. Similarly, /run/ shall be the only
345 location to place sockets and FIFOs. Regular files, directories and
346 symlinks may be used in all directories.
347
349 Developers of system packages should follow strict rules when placing
350 their own files in the file system. The following table lists
351 recommended locations for specific types of files supplied by the
352 vendor.
353 Table 1. System Package Vendor Files Locations
355 ┌──────────────────────────┬────────────────────────────┐
356 │Directory │ Purpose │
357 ├──────────────────────────┼────────────────────────────┤
358 │/usr/bin/ │ Package executables that │
359 │ │ shall appear in the $PATH │
360 │ │ executable search path, │
361 │ │ compiled for any of the │
362 │ │ supported architectures │
363 │ │ compatible with the │
364 │ │ operating system. It is │
365 │ │ not recommended to place │
366 │ │ internal binaries or │
367 │ │ binaries that are not │
368 │ │ commonly invoked from the │
369 │ │ shell in this directory, │
370 │ │ such as daemon binaries. │
371 │ │ As this directory is │
372 │ │ shared with most other │
373 │ │ packages of the system, │
374 │ │ special care should be │
375 │ │ taken to pick unique names │
376 │ │ for files placed here, │
377 │ │ that are unlikely to clash │
378 │ │ with other package's │
379 │ │ files. │
380 ├──────────────────────────┼────────────────────────────┤
381 │/usr/lib/arch-id/ │ Public shared libraries of │
382 │ │ the package. As above, be │
383 │ │ careful with using too │
384 │ │ generic names, and pick │
385 │ │ unique names for your │
386 │ │ libraries to place here to │
387 │ │ avoid name clashes. │
388 ├──────────────────────────┼────────────────────────────┤
389 │/usr/lib/package/ │ Private static vendor │
390 │ │ resources of the package, │
391 │ │ including private binaries │
392 │ │ and libraries, or any │
393 │ │ other kind of read-only │
394 │ │ vendor data. │
395 ├──────────────────────────┼────────────────────────────┤
396 │/usr/lib/arch-id/package/ │ Private other vendor │
397 │ │ resources of the package │
398 │ │ that are │
399 │ │ architecture-specific and │
400 │ │ cannot be shared between │
401 │ │ architectures. Note that │
402 │ │ this generally does not │
403 │ │ include private │
404 │ │ executables since binaries │
405 │ │ of a specific architecture │
406 │ │ may be freely invoked from │
407 │ │ any other supported system │
408 │ │ architecture. │
409 ├──────────────────────────┼────────────────────────────┤
410 │/usr/include/package/ │ Public C/C++ APIs of │
411 │ │ public shared libraries of │
412 │ │ the package. │
413 └──────────────────────────┴────────────────────────────┘
414 Additional static vendor files may be installed in the /usr/share/
416 hierarchy to the locations defined by the various relevant
417 specifications.
418 During runtime, and for local configuration and state, additional
420 directories are defined:
421 Table 2. System Package Variable Files Locations
423 ┌────────────────────┬────────────────────────────┐
424 │Directory │ Purpose │
425 ├────────────────────┼────────────────────────────┤
426 │/etc/package/ │ System-specific │
427 │ │ configuration for the │
428 │ │ package. It is recommended │
429 │ │ to default to safe │
430 │ │ fallbacks if this │
431 │ │ configuration is missing, │
432 │ │ if this is possible. │
433 │ │ Alternatively, a │
434 │ │ tmpfiles.d(5) fragment may │
435 │ │ be used to copy or symlink │
436 │ │ the necessary files and │
437 │ │ directories from │
438 │ │ /usr/share/factory/ during │
439 │ │ boot, via the "L" or "C" │
440 │ │ directives. │
441 ├────────────────────┼────────────────────────────┤
442 │/run/package/ │ Runtime data for the │
443 │ │ package. Packages must be │
444 │ │ able to create the │
445 │ │ necessary subdirectories │
446 │ │ in this tree on their own, │
447 │ │ since the directory is │
448 │ │ flushed automatically on │
449 │ │ boot. Alternatively, a │
450 │ │ tmpfiles.d(5) fragment may │
451 │ │ be used to create the │
452 │ │ necessary directories │
453 │ │ during boot, or the │
454 │ │ RuntimeDirectory= │
455 │ │ directive of service units │
456 │ │ may be used to create them │
457 │ │ at service startup (see │
458 │ │ systemd.unit(5) for │
459 │ │ details). │
460 ├────────────────────┼────────────────────────────┤
461 │/run/log/package/ │ Runtime log data for the │
462 │ │ package. As above, the │
463 │ │ package needs to make sure │
464 │ │ to create this directory │
465 │ │ if necessary, as it will │
466 │ │ be flushed on every boot. │
467 ├────────────────────┼────────────────────────────┤
468 │/var/cache/package/ │ Persistent cache data of │
469 │ │ the package. If this │
470 │ │ directory is flushed, the │
471 │ │ application should work │
472 │ │ correctly on next │
473 │ │ invocation, though │
474 │ │ possibly slowed down due │
475 │ │ to the need to rebuild any │
476 │ │ local cache files. The │
477 │ │ application must be │
478 │ │ capable of recreating this │
479 │ │ directory should it be │
480 │ │ missing and necessary. To │
481 │ │ create an empty directory, │
482 │ │ a tmpfiles.d(5) fragment │
483 │ │ or the CacheDirectory= │
484 │ │ directive of service units │
485 │ │ (see systemd.unit(5)) may │
486 │ │ be used. │
487 ├────────────────────┼────────────────────────────┤
488 │/var/lib/package/ │ Persistent private data of │
489 │ │ the package. This is the │
490 │ │ primary place to put │
491 │ │ persistent data that does │
492 │ │ not fall into the other │
493 │ │ categories listed. │
494 │ │ Packages should be able to │
495 │ │ create the necessary │
496 │ │ subdirectories in this │
497 │ │ tree on their own, since │
498 │ │ the directory might be │
499 │ │ missing on boot. To create │
500 │ │ an empty directory, a │
501 │ │ tmpfiles.d(5) fragment or │
502 │ │ the StateDirectory= │
503 │ │ directive of service units │
504 │ │ (see systemd.unit(5)) may │
505 │ │ be used. │
506 ├────────────────────┼────────────────────────────┤
507 │/var/log/package/ │ Persistent log data of the │
508 │ │ package. As above, the │
509 │ │ package should make sure │
510 │ │ to create this directory │
511 │ │ if necessary, possibly │
512 │ │ using tmpfiles.d(5) or │
513 │ │ LogsDirectory= (see │
514 │ │ systemd.unit(5)), as it │
515 │ │ might be missing. │
516 ├────────────────────┼────────────────────────────┤
517 │/var/spool/package/ │ Persistent spool/queue │
518 │ │ data of the package. As │
519 │ │ above, the package should │
520 │ │ make sure to create this │
521 │ │ directory if necessary, as │
522 │ │ it might be missing. │
523 └────────────────────┴────────────────────────────┘
524
526 Programs running in user context should follow strict rules when
527 placing their own files in the user's home directory. The following
528 table lists recommended locations in the home directory for specific
529 types of files supplied by the vendor if the application is installed
530 in the home directory. (Note, however, that user applications installed
531 system-wide should follow the rules outlined above regarding placing
532 vendor files.)
533 Table 3. User Package Vendor File Locations
535 ┌──────────────────────────────┬────────────────────────────┐
536 │Directory │ Purpose │
537 ├──────────────────────────────┼────────────────────────────┤
538 │~/.local/bin/ │ Package executables that │
539 │ │ shall appear in the $PATH │
540 │ │ executable search path. It │
541 │ │ is not recommended to │
542 │ │ place internal executables │
543 │ │ or executables that are │
544 │ │ not commonly invoked from │
545 │ │ the shell in this │
546 │ │ directory, such as daemon │
547 │ │ executables. As this │
548 │ │ directory is shared with │
549 │ │ most other packages of the │
550 │ │ user, special care should │
551 │ │ be taken to pick unique │
552 │ │ names for files placed │
553 │ │ here, that are unlikely to │
554 │ │ clash with other package's │
555 │ │ files. │
556 ├──────────────────────────────┼────────────────────────────┤
557 │~/.local/lib/arch-id/ │ Public shared libraries of │
558 │ │ the package. As above, be │
559 │ │ careful with using too │
560 │ │ generic names, and pick │
561 │ │ unique names for your │
562 │ │ libraries to place here to │
563 │ │ avoid name clashes. │
564 ├──────────────────────────────┼────────────────────────────┤
565 │~/.local/lib/package/ │ Private, static vendor │
566 │ │ resources of the package, │
567 │ │ compatible with any │
568 │ │ architecture, or any other │
569 │ │ kind of read-only vendor │
570 │ │ data. │
571 ├──────────────────────────────┼────────────────────────────┤
572 │~/.local/lib/arch-id/package/ │ Private other vendor │
573 │ │ resources of the package │
574 │ │ that are │
575 │ │ architecture-specific and │
576 │ │ cannot be shared between │
577 │ │ architectures. │
578 └──────────────────────────────┴────────────────────────────┘
579 Additional static vendor files may be installed in the ~/.local/share/
581 hierarchy to the locations defined by the various relevant
582 specifications.
583 During runtime, and for local configuration and state, additional
585 directories are defined:
586 Table 4. User Package Variable File Locations
588 ┌──────────────────────────┬────────────────────────────┐
589 │Directory │ Purpose │
590 ├──────────────────────────┼────────────────────────────┤
591 │~/.config/package/ │ User-specific │
592 │ │ configuration and state │
593 │ │ for the package. It is │
594 │ │ required to default to │
595 │ │ safe fallbacks if this │
596 │ │ configuration is missing. │
597 ├──────────────────────────┼────────────────────────────┤
598 │$XDG_RUNTIME_DIR/package/ │ User runtime data for the │
599 │ │ package. │
600 ├──────────────────────────┼────────────────────────────┤
601 │~/.cache/package/ │ Persistent cache data of │
602 │ │ the package. If this │
603 │ │ directory is flushed, the │
604 │ │ application should work │
605 │ │ correctly on next │
606 │ │ invocation, though │
607 │ │ possibly slowed down due │
608 │ │ to the need to rebuild any │
609 │ │ local cache files. The │
610 │ │ application must be │
611 │ │ capable of recreating this │
612 │ │ directory should it be │
613 │ │ missing and necessary. │
614 └──────────────────────────┴────────────────────────────┘
615
617 systemd(1), hier(7), systemd-path(1), systemd-gpt-auto-generator(8),
618 sysctl.d(5), tmpfiles.d(5), pkg-config(1), systemd.unit(5)
619
621 1. File System Hierarchy
622 http://refspecs.linuxfoundation.org/FHS_3.0/fhs-3.0.html
623 2. XDG Base Directory Specification
625 http://standards.freedesktop.org/basedir-spec/basedir-spec-latest.html
626 3. XDG User Directories
628 https://www.freedesktop.org/wiki/Software/xdg-user-dirs/
629 4. IEEE Std 1003.1
631 http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap08.html#tag_08_03
632 5. Multiarch Architecture Specifiers (Tuples)
634 https://wiki.debian.org/Multiarch/Tuples
635systemd 239 FILE-HIERARCHY(7)