1FILE-HIERARCHY(7) file-hierarchy FILE-HIERARCHY(7)
2
6 file-hierarchy - File system hierarchy overview
7
9 Operating systems using the systemd(1) system and service manager are
10 organized based on a file system hierarchy inspired by UNIX, more
11 specifically the hierarchy described in the File System Hierarchy[1]
12 specification and hier(7), with various extensions, partially
13 documented in the XDG Base Directory Specification[2] and XDG User
14 Directories[3]. This manual page describes a more generalized, though
15 minimal and modernized subset of these specifications that defines more
16 strictly the suggestions and restrictions systemd makes on the file
17 system hierarchy.
18 Many of the paths described here can be queried with the systemd-
20 path(1) tool.
21
23 /
24 The file system root. Usually writable, but this is not required.
25 Possibly a temporary file system ("tmpfs"). Not shared with other
26 hosts (unless read-only).
27 /boot/
29 The boot partition used for bringing up the system. On EFI systems,
30 this is possibly the EFI System Partition (ESP), also see systemd-
31 gpt-auto-generator(8). This directory is usually strictly local to
32 the host, and should be considered read-only, except when a new
33 kernel or boot loader is installed. This directory only exists on
34 systems that run on physical or emulated hardware that requires
35 boot loaders.
36 /efi/
38 If the boot partition /boot/ is maintained separately from the EFI
39 System Partition (ESP), the latter is mounted here. Tools that need
40 to operate on the EFI system partition should look for it at this
41 mount point first, and fall back to /boot/ — if the former doesn't
42 qualify (for example if it is not a mount point or does not have
43 the correct file system type MSDOS_SUPER_MAGIC).
44 /etc/
46 System-specific configuration. This directory may or may not be
47 read-only. Frequently, this directory is pre-populated with
48 vendor-supplied configuration files, but applications should not
49 make assumptions about this directory being fully populated or
50 populated at all, and should fall back to defaults if configuration
51 is missing.
52 /home/
54 The location for normal user's home directories. Possibly shared
55 with other systems, and never read-only. This directory should only
56 be used for normal users, never for system users. This directory
57 and possibly the directories contained within it might only become
58 available or writable in late boot or even only after user
59 authentication. This directory might be placed on
60 limited-functionality network file systems, hence applications
61 should not assume the full set of file API is available on this
62 directory. Applications should generally not reference this
63 directory directly, but via the per-user $HOME environment
64 variable, or via the home directory field of the user database.
65 /root/
67 The home directory of the root user. The root user's home directory
68 is located outside of /home/ in order to make sure the root user
69 may log in even without /home/ being available and mounted.
70 /srv/
72 The place to store general server payload, managed by the
73 administrator. No restrictions are made how this directory is
74 organized internally. Generally writable, and possibly shared among
75 systems. This directory might become available or writable only
76 very late during boot.
77 /tmp/
79 The place for small temporary files. This directory is usually
80 mounted as a "tmpfs" instance, and should hence not be used for
81 larger files. (Use /var/tmp/ for larger files.) Since the directory
82 is accessible to other users of the system, it is essential that
83 this directory is only written to with the mkstemp(3), mkdtemp(3)
84 and related calls. This directory is usually flushed at boot-up.
85 Also, files that are not accessed within a certain time are usually
86 automatically deleted. If applications find the environment
87 variable $TMPDIR set, they should prefer using the directory
88 specified in it over directly referencing /tmp/ (see environ(7) and
89 IEEE Std 1003.1[4] for details). For further details about this
90 directory, see Using /tmp/ And /var/tmp/ Safely[5].
91
93 /run/
94 A "tmpfs" file system for system packages to place runtime data in.
95 This directory is flushed on boot, and generally writable for
96 privileged programs only. Always writable.
97 /run/log/
99 Runtime system logs. System components may place private logs in
100 this directory. Always writable, even when /var/log/ might not be
101 accessible yet.
102 /run/user/
104 Contains per-user runtime directories, each usually individually
105 mounted "tmpfs" instances. Always writable, flushed at each reboot
106 and when the user logs out. User code should not reference this
107 directory directly, but via the $XDG_RUNTIME_DIR environment
108 variable, as documented in the XDG Base Directory Specification[2].
109
111 /usr/
112 Vendor-supplied operating system resources. Usually read-only, but
113 this is not required. Possibly shared between multiple hosts. This
114 directory should not be modified by the administrator, except when
115 installing or removing vendor-supplied packages.
116 /usr/bin/
118 Binaries and executables for user commands that shall appear in the
119 $PATH search path. It is recommended not to place binaries in this
120 directory that are not useful for invocation from a shell (such as
121 daemon binaries); these should be placed in a subdirectory of
122 /usr/lib/ instead.
123 /usr/include/
125 C and C++ API header files of system libraries.
126 /usr/lib/
128 Static, private vendor data that is compatible with all
129 architectures (though not necessarily architecture-independent).
130 Note that this includes internal executables or other binaries that
131 are not regularly invoked from a shell. Such binaries may be for
132 any architecture supported by the system. Do not place public
133 libraries in this directory, use $libdir (see below), instead.
134 /usr/lib/arch-id/
136 Location for placing dynamic libraries into, also called $libdir.
137 The architecture identifier to use is defined on Multiarch
138 Architecture Specifiers (Tuples)[6] list. Legacy locations of
139 $libdir are /usr/lib/, /usr/lib64/. This directory should not be
140 used for package-specific data, unless this data is
141 architecture-dependent, too. To query $libdir for the primary
142 architecture of the system, invoke:
143 # systemd-path system-library-arch
145 /usr/share/
147 Resources shared between multiple packages, such as documentation,
148 man pages, time zone information, fonts and other resources.
149 Usually, the precise location and format of files stored below this
150 directory is subject to specifications that ensure
151 interoperability.
152 /usr/share/doc/
154 Documentation for the operating system or system packages.
155 /usr/share/factory/etc/
157 Repository for vendor-supplied default configuration files. This
158 directory should be populated with pristine vendor versions of all
159 configuration files that may be placed in /etc/. This is useful to
160 compare the local configuration of a system with vendor defaults
161 and to populate the local configuration with defaults.
162 /usr/share/factory/var/
164 Similar to /usr/share/factory/etc/, but for vendor versions of
165 files in the variable, persistent data directory /var/.
166
168 /var/
169 Persistent, variable system data. Must be writable. This directory
170 might be pre-populated with vendor-supplied data, but applications
171 should be able to reconstruct necessary files and directories in
172 this subhierarchy should they be missing, as the system might start
173 up without this directory being populated. Persistency is
174 recommended, but optional, to support ephemeral systems. This
175 directory might become available or writable only very late during
176 boot. Components that are required to operate during early boot
177 hence shall not unconditionally rely on this directory.
178 /var/cache/
180 Persistent system cache data. System components may place
181 non-essential data in this directory. Flushing this directory
182 should have no effect on operation of programs, except for
183 increased runtimes necessary to rebuild these caches.
184 /var/lib/
186 Persistent system data. System components may place private data in
187 this directory.
188 /var/log/
190 Persistent system logs. System components may place private logs in
191 this directory, though it is recommended to do most logging via the
192 syslog(3) and sd_journal_print(3) calls.
193 /var/spool/
195 Persistent system spool data, such as printer or mail queues.
196 /var/tmp/
198 The place for larger and persistent temporary files. In contrast to
199 /tmp/, this directory is usually mounted from a persistent physical
200 file system and can thus accept larger files. (Use /tmp/ for
201 smaller files.) This directory is generally not flushed at boot-up,
202 but time-based cleanup of files that have not been accessed for a
203 certain time is applied. The same security restrictions as with
204 /tmp/ apply, and hence only mkstemp(3), mkdtemp(3) or similar calls
205 should be used to make use of this directory. If applications find
206 the environment variable $TMPDIR set, they should prefer using the
207 directory specified in it over directly referencing /var/tmp/ (see
208 environ(7) for details). For further details about this directory,
209 see Using /tmp/ And /var/tmp/ Safely[5].
210
212 /dev/
213 The root directory for device nodes. Usually, this directory is
214 mounted as a "devtmpfs" instance, but might be of a different type
215 in sandboxed/containerized setups. This directory is managed
216 jointly by the kernel and systemd-udevd(8), and should not be
217 written to by other components. A number of special purpose virtual
218 file systems might be mounted below this directory.
219 /dev/shm/
221 Place for POSIX shared memory segments, as created via shm_open(3).
222 This directory is flushed on boot, and is a "tmpfs" file system.
223 Since all users have write access to this directory, special care
224 should be taken to avoid name clashes and vulnerabilities. For
225 normal users, shared memory segments in this directory are usually
226 deleted when the user logs out. Usually, it is a better idea to use
227 memory mapped files in /run/ (for system programs) or
228 $XDG_RUNTIME_DIR (for user programs) instead of POSIX shared memory
229 segments, since these directories are not world-writable and hence
230 not vulnerable to security-sensitive name clashes.
231 /proc/
233 A virtual kernel file system exposing the process list and other
234 functionality. This file system is mostly an API to interface with
235 the kernel and not a place where normal files may be stored. For
236 details, see proc(5). A number of special purpose virtual file
237 systems might be mounted below this directory.
238 /proc/sys/
240 A hierarchy below /proc/ that exposes a number of kernel tunables.
241 The primary way to configure the settings in this API file tree is
242 via sysctl.d(5) files. In sandboxed/containerized setups, this
243 directory is generally mounted read-only.
244 /sys/
246 A virtual kernel file system exposing discovered devices and other
247 functionality. This file system is mostly an API to interface with
248 the kernel and not a place where normal files may be stored. In
249 sandboxed/containerized setups, this directory is generally mounted
250 read-only. A number of special purpose virtual file systems might
251 be mounted below this directory.
252
254 /bin/, /sbin/, /usr/sbin/
255 These compatibility symlinks point to /usr/bin/, ensuring that
256 scripts and binaries referencing these legacy paths correctly find
257 their binaries.
258 /lib/
260 This compatibility symlink points to /usr/lib/, ensuring that
261 programs referencing this legacy path correctly find their
262 resources.
263 /lib64/
265 On some architecture ABIs, this compatibility symlink points to
266 $libdir, ensuring that binaries referencing this legacy path
267 correctly find their dynamic loader. This symlink only exists on
268 architectures whose ABI places the dynamic loader in this path.
269 /var/run/
271 This compatibility symlink points to /run/, ensuring that programs
272 referencing this legacy path correctly find their runtime data.
273
275 User applications may want to place files and directories in the user's
276 home directory. They should follow the following basic structure. Note
277 that some of these directories are also standardized (though more
278 weakly) by the XDG Base Directory Specification[2]. Additional
279 locations for high-level user resources are defined by
280 xdg-user-dirs[3].
281 ~/.cache/
283 Persistent user cache data. User programs may place non-essential
284 data in this directory. Flushing this directory should have no
285 effect on operation of programs, except for increased runtimes
286 necessary to rebuild these caches. If an application finds
287 $XDG_CACHE_HOME set, it should use the directory specified in it
288 instead of this directory.
289 ~/.config/
291 Application configuration and state. When a new user is created,
292 this directory will be empty or not exist at all. Applications
293 should fall back to defaults should their configuration or state in
294 this directory be missing. If an application finds $XDG_CONFIG_HOME
295 set, it should use the directory specified in it instead of this
296 directory.
297 ~/.local/bin/
299 Executables that shall appear in the user's $PATH search path. It
300 is recommended not to place executables in this directory that are
301 not useful for invocation from a shell; these should be placed in a
302 subdirectory of ~/.local/lib/ instead. Care should be taken when
303 placing architecture-dependent binaries in this place, which might
304 be problematic if the home directory is shared between multiple
305 hosts with different architectures.
306 ~/.local/lib/
308 Static, private vendor data that is compatible with all
309 architectures.
310 ~/.local/lib/arch-id/
312 Location for placing public dynamic libraries. The architecture
313 identifier to use is defined on Multiarch Architecture Specifiers
314 (Tuples)[6] list.
315 ~/.local/share/
317 Resources shared between multiple packages, such as fonts or
318 artwork. Usually, the precise location and format of files stored
319 below this directory is subject to specifications that ensure
320 interoperability. If an application finds $XDG_DATA_HOME set, it
321 should use the directory specified in it instead of this directory.
322
324 Unprivileged processes generally lack write access to most of the
325 hierarchy.
326 The exceptions for normal users are /tmp/, /var/tmp/, /dev/shm/, as
328 well as the home directory $HOME (usually found below /home/) and the
329 runtime directory $XDG_RUNTIME_DIR (found below /run/user/) of the
330 user, which are all writable.
331 For unprivileged system processes, only /tmp/, /var/tmp/ and /dev/shm/
333 are writable. If an unprivileged system process needs a private
334 writable directory in /var/ or /run/, it is recommended to either
335 create it before dropping privileges in the daemon code, to create it
336 via tmpfiles.d(5) fragments during boot, or via the StateDirectory= and
337 RuntimeDirectory= directives of service units (see systemd.unit(5) for
338 details).
339
341 Unix file systems support different types of file nodes, including
342 regular files, directories, symlinks, character and block device nodes,
343 sockets and FIFOs.
344 It is strongly recommended that /dev/ is the only location below which
346 device nodes shall be placed. Similarly, /run/ shall be the only
347 location to place sockets and FIFOs. Regular files, directories and
348 symlinks may be used in all directories.
349
351 Developers of system packages should follow strict rules when placing
352 their own files in the file system. The following table lists
353 recommended locations for specific types of files supplied by the
354 vendor.
355 Table 1. System Package Vendor Files Locations
357 ┌──────────────────────────┬────────────────────────────┐
358 │Directory │ Purpose │
359 ├──────────────────────────┼────────────────────────────┤
360 │/usr/bin/ │ Package executables that │
361 │ │ shall appear in the $PATH │
362 │ │ executable search path, │
363 │ │ compiled for any of the │
364 │ │ supported architectures │
365 │ │ compatible with the │
366 │ │ operating system. It is │
367 │ │ not recommended to place │
368 │ │ internal binaries or │
369 │ │ binaries that are not │
370 │ │ commonly invoked from the │
371 │ │ shell in this directory, │
372 │ │ such as daemon binaries. │
373 │ │ As this directory is │
374 │ │ shared with most other │
375 │ │ packages of the system, │
376 │ │ special care should be │
377 │ │ taken to pick unique names │
378 │ │ for files placed here, │
379 │ │ that are unlikely to clash │
380 │ │ with other package's │
381 │ │ files. │
382 ├──────────────────────────┼────────────────────────────┤
383 │/usr/lib/arch-id/ │ Public shared libraries of │
384 │ │ the package. As above, be │
385 │ │ careful with using too │
386 │ │ generic names, and pick │
387 │ │ unique names for your │
388 │ │ libraries to place here to │
389 │ │ avoid name clashes. │
390 ├──────────────────────────┼────────────────────────────┤
391 │/usr/lib/package/ │ Private static vendor │
392 │ │ resources of the package, │
393 │ │ including private binaries │
394 │ │ and libraries, or any │
395 │ │ other kind of read-only │
396 │ │ vendor data. │
397 ├──────────────────────────┼────────────────────────────┤
398 │/usr/lib/arch-id/package/ │ Private other vendor │
399 │ │ resources of the package │
400 │ │ that are │
401 │ │ architecture-specific and │
402 │ │ cannot be shared between │
403 │ │ architectures. Note that │
404 │ │ this generally does not │
405 │ │ include private │
406 │ │ executables since binaries │
407 │ │ of a specific architecture │
408 │ │ may be freely invoked from │
409 │ │ any other supported system │
410 │ │ architecture. │
411 ├──────────────────────────┼────────────────────────────┤
412 │/usr/include/package/ │ Public C/C++ APIs of │
413 │ │ public shared libraries of │
414 │ │ the package. │
415 └──────────────────────────┴────────────────────────────┘
416 Additional static vendor files may be installed in the /usr/share/
418 hierarchy to the locations defined by the various relevant
419 specifications.
420 During runtime, and for local configuration and runtime state,
422 additional directories are defined:
423 Table 2. System Package Variable Files Locations
425 ┌────────────────────┬────────────────────────────┐
426 │Directory │ Purpose │
427 ├────────────────────┼────────────────────────────┤
428 │/etc/package/ │ System-specific │
429 │ │ configuration for the │
430 │ │ package. It is recommended │
431 │ │ to default to safe │
432 │ │ fallbacks if this │
433 │ │ configuration is missing, │
434 │ │ if this is possible. │
435 │ │ Alternatively, a │
436 │ │ tmpfiles.d(5) fragment may │
437 │ │ be used to copy or symlink │
438 │ │ the necessary files and │
439 │ │ directories from │
440 │ │ /usr/share/factory/ during │
441 │ │ boot, via the "L" or "C" │
442 │ │ directives. │
443 ├────────────────────┼────────────────────────────┤
444 │/run/package/ │ Runtime data for the │
445 │ │ package. Packages must be │
446 │ │ able to create the │
447 │ │ necessary subdirectories │
448 │ │ in this tree on their own, │
449 │ │ since the directory is │
450 │ │ flushed automatically on │
451 │ │ boot. Alternatively, a │
452 │ │ tmpfiles.d(5) fragment may │
453 │ │ be used to create the │
454 │ │ necessary directories │
455 │ │ during boot, or the │
456 │ │ RuntimeDirectory= │
457 │ │ directive of service units │
458 │ │ may be used to create them │
459 │ │ at service startup (see │
460 │ │ systemd.unit(5) for │
461 │ │ details). │
462 ├────────────────────┼────────────────────────────┤
463 │/run/log/package/ │ Runtime log data for the │
464 │ │ package. As above, the │
465 │ │ package needs to make sure │
466 │ │ to create this directory │
467 │ │ if necessary, as it will │
468 │ │ be flushed on every boot. │
469 ├────────────────────┼────────────────────────────┤
470 │/var/cache/package/ │ Persistent cache data of │
471 │ │ the package. If this │
472 │ │ directory is flushed, the │
473 │ │ application should work │
474 │ │ correctly on next │
475 │ │ invocation, though │
476 │ │ possibly slowed down due │
477 │ │ to the need to rebuild any │
478 │ │ local cache files. The │
479 │ │ application must be │
480 │ │ capable of recreating this │
481 │ │ directory should it be │
482 │ │ missing and necessary. To │
483 │ │ create an empty directory, │
484 │ │ a tmpfiles.d(5) fragment │
485 │ │ or the CacheDirectory= │
486 │ │ directive of service units │
487 │ │ (see systemd.unit(5)) may │
488 │ │ be used. │
489 ├────────────────────┼────────────────────────────┤
490 │/var/lib/package/ │ Persistent private data of │
491 │ │ the package. This is the │
492 │ │ primary place to put │
493 │ │ persistent data that does │
494 │ │ not fall into the other │
495 │ │ categories listed. │
496 │ │ Packages should be able to │
497 │ │ create the necessary │
498 │ │ subdirectories in this │
499 │ │ tree on their own, since │
500 │ │ the directory might be │
501 │ │ missing on boot. To create │
502 │ │ an empty directory, a │
503 │ │ tmpfiles.d(5) fragment or │
504 │ │ the StateDirectory= │
505 │ │ directive of service units │
506 │ │ (see systemd.unit(5)) may │
507 │ │ be used. │
508 ├────────────────────┼────────────────────────────┤
509 │/var/log/package/ │ Persistent log data of the │
510 │ │ package. As above, the │
511 │ │ package should make sure │
512 │ │ to create this directory │
513 │ │ if necessary, possibly │
514 │ │ using tmpfiles.d(5) or │
515 │ │ LogsDirectory= (see │
516 │ │ systemd.unit(5)), as it │
517 │ │ might be missing. │
518 ├────────────────────┼────────────────────────────┤
519 │/var/spool/package/ │ Persistent spool/queue │
520 │ │ data of the package. As │
521 │ │ above, the package should │
522 │ │ make sure to create this │
523 │ │ directory if necessary, as │
524 │ │ it might be missing. │
525 └────────────────────┴────────────────────────────┘
526
528 Programs running in user context should follow strict rules when
529 placing their own files in the user's home directory. The following
530 table lists recommended locations in the home directory for specific
531 types of files supplied by the vendor if the application is installed
532 in the home directory. (Note, however, that user applications installed
533 system-wide should follow the rules outlined above regarding placing
534 vendor files.)
535 Table 3. User Package Vendor File Locations
537 ┌──────────────────────────────┬────────────────────────────┐
538 │Directory │ Purpose │
539 ├──────────────────────────────┼────────────────────────────┤
540 │~/.local/bin/ │ Package executables that │
541 │ │ shall appear in the $PATH │
542 │ │ executable search path. It │
543 │ │ is not recommended to │
544 │ │ place internal executables │
545 │ │ or executables that are │
546 │ │ not commonly invoked from │
547 │ │ the shell in this │
548 │ │ directory, such as daemon │
549 │ │ executables. As this │
550 │ │ directory is shared with │
551 │ │ most other packages of the │
552 │ │ user, special care should │
553 │ │ be taken to pick unique │
554 │ │ names for files placed │
555 │ │ here, that are unlikely to │
556 │ │ clash with other package's │
557 │ │ files. │
558 ├──────────────────────────────┼────────────────────────────┤
559 │~/.local/lib/arch-id/ │ Public shared libraries of │
560 │ │ the package. As above, be │
561 │ │ careful with using too │
562 │ │ generic names, and pick │
563 │ │ unique names for your │
564 │ │ libraries to place here to │
565 │ │ avoid name clashes. │
566 ├──────────────────────────────┼────────────────────────────┤
567 │~/.local/lib/package/ │ Private, static vendor │
568 │ │ resources of the package, │
569 │ │ compatible with any │
570 │ │ architecture, or any other │
571 │ │ kind of read-only vendor │
572 │ │ data. │
573 ├──────────────────────────────┼────────────────────────────┤
574 │~/.local/lib/arch-id/package/ │ Private other vendor │
575 │ │ resources of the package │
576 │ │ that are │
577 │ │ architecture-specific and │
578 │ │ cannot be shared between │
579 │ │ architectures. │
580 └──────────────────────────────┴────────────────────────────┘
581 Additional static vendor files may be installed in the ~/.local/share/
583 hierarchy to the locations defined by the various relevant
584 specifications.
585 During runtime, and for local configuration and state, additional
587 directories are defined:
588 Table 4. User Package Variable File Locations
590 ┌──────────────────────────┬────────────────────────────┐
591 │Directory │ Purpose │
592 ├──────────────────────────┼────────────────────────────┤
593 │~/.config/package/ │ User-specific │
594 │ │ configuration and state │
595 │ │ for the package. It is │
596 │ │ required to default to │
597 │ │ safe fallbacks if this │
598 │ │ configuration is missing. │
599 ├──────────────────────────┼────────────────────────────┤
600 │$XDG_RUNTIME_DIR/package/ │ User runtime data for the │
601 │ │ package. │
602 ├──────────────────────────┼────────────────────────────┤
603 │~/.cache/package/ │ Persistent cache data of │
604 │ │ the package. If this │
605 │ │ directory is flushed, the │
606 │ │ application should work │
607 │ │ correctly on next │
608 │ │ invocation, though │
609 │ │ possibly slowed down due │
610 │ │ to the need to rebuild any │
611 │ │ local cache files. The │
612 │ │ application must be │
613 │ │ capable of recreating this │
614 │ │ directory should it be │
615 │ │ missing and necessary. │
616 └──────────────────────────┴────────────────────────────┘
617
619 systemd(1), hier(7), systemd-path(1), systemd-gpt-auto-generator(8),
620 sysctl.d(5), tmpfiles.d(5), pkg-config(1), systemd.unit(5)
621
623 1. File System Hierarchy
624 http://refspecs.linuxfoundation.org/FHS_3.0/fhs-3.0.html
625 2. XDG Base Directory Specification
627 http://standards.freedesktop.org/basedir-spec/basedir-spec-latest.html
628 3. XDG User Directories
630 https://www.freedesktop.org/wiki/Software/xdg-user-dirs/
631 4. IEEE Std 1003.1
633 http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap08.html#tag_08_03
634 5. Using /tmp/ And /var/tmp/ Safely
636 https://systemd.io/TEMPORARY_DIRECTORIES
637 6. Multiarch Architecture Specifiers (Tuples)
639 https://wiki.debian.org/Multiarch/Tuples
640systemd 246 FILE-HIERARCHY(7)