]> git.ipfire.org Git - thirdparty/systemd.git/blame - man/file-hierarchy.xml
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
verify: use manager_load_startable_unit_or_warn() to load units for verification
[thirdparty/systemd.git] / man / file-hierarchy.xml
CommitLineData
9546c6ed
LP		 1<?xml version='1.0'?> <!--*-nxml-*-->
2<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
12b42c76 3 "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
9546c6ed
LP		 4
5<!--
572eb058
ZJS		 6 SPDX-License-Identifier: LGPL-2.1+
7
9546c6ed
LP		 8 This file is part of systemd.
9
10 Copyright 2014 Lennart Poettering
11
12 systemd is free software; you can redistribute it and/or modify it
13 under the terms of the GNU Lesser General Public License as published by
14 the Free Software Foundation; either version 2.1 of the License, or
15 (at your option) any later version.
16
17 systemd is distributed in the hope that it will be useful, but
18 WITHOUT ANY WARRANTY; without even the implied warranty of
19 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
20 Lesser General Public License for more details.
21
22 You should have received a copy of the GNU Lesser General Public License
23 along with systemd; If not, see <http://www.gnu.org/licenses/>.
24-->
25
26<refentry id="file-hierarchy">
27
798d3a52
ZJS		 28 <refentryinfo>
29 <title>file-hierarchy</title>
30 <productname>systemd</productname>
31
32 <authorgroup>
33 <author>
34 <contrib>Developer</contrib>
35 <firstname>Lennart</firstname>
36 <surname>Poettering</surname>
37 <email>lennart@poettering.net</email>
38 </author>
39 </authorgroup>
40 </refentryinfo>
41
42 <refmeta>
43 <refentrytitle>file-hierarchy</refentrytitle>
44 <manvolnum>7</manvolnum>
45 </refmeta>
46
47 <refnamediv>
48 <refname>file-hierarchy</refname>
49 <refpurpose>File system hierarchy overview</refpurpose>
50 </refnamediv>
51
52 <refsect1>
53 <title>Description</title>
54
55 <para>Operating systems using the
56 <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>
57 system and service manager are organized based on a file system
58 hierarchy inspired by UNIX, more specifically the hierarchy
59 described in the <ulink
f37a53b6 60 url="http://refspecs.linuxfoundation.org/FHS_3.0/fhs-3.0.html">File
798d3a52
ZJS		 61 System Hierarchy</ulink> specification and
62 <citerefentry project='man-pages'><refentrytitle>hier</refentrytitle><manvolnum>7</manvolnum></citerefentry>.
63 This manual page describes a more minimal, modernized subset of
64 these specifications that defines more strictly the suggestions
65 and restrictions systemd makes on the file system
66 hierarchy.</para>
67
cd72d204 68 <para>Many of the paths described here can be queried
798d3a52
ZJS		 69 with the
70 <citerefentry><refentrytitle>systemd-path</refentrytitle><manvolnum>1</manvolnum></citerefentry>
71 tool.</para>
72 </refsect1>
73
74 <refsect1>
75 <title>General Structure</title>
76
77 <variablelist>
78 <varlistentry>
79 <term><filename>/</filename></term>
80 <listitem><para>The file system root. Usually writable, but
81 this is not required. Possibly a temporary file system
82 (<literal>tmpfs</literal>). Not shared with other hosts
83 (unless read-only). </para></listitem>
84 </varlistentry>
85
86 <varlistentry>
87 <term><filename>/boot</filename></term>
88 <listitem><para>The boot partition used for bringing up the
b938cb90 89 system. On EFI systems, this is possibly the EFI System
798d3a52 90 Partition, also see
59512f21 91 <citerefentry><refentrytitle>systemd-gpt-auto-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
798d3a52
ZJS		 92 This directory is usually strictly local to the host, and
93 should be considered read-only, except when a new kernel or
94 boot loader is installed. This directory only exists on
95 systems that run on physical or emulated hardware that
96 requires boot loaders.</para></listitem>
97 </varlistentry>
98
99 <varlistentry>
100 <term><filename>/etc</filename></term>
101 <listitem><para>System-specific configuration. This directory
102 may or may not be read-only. Frequently, this directory is
103 pre-populated with vendor-supplied configuration files, but
104 applications should not make assumptions about this directory
105 being fully populated or populated at all, and should fall
106 back to defaults if configuration is
107 missing.</para></listitem>
108 </varlistentry>
109
110 <varlistentry>
111 <term><filename>/home</filename></term>
112 <listitem><para>The location for normal user's home
113 directories. Possibly shared with other systems, and never
114 read-only. This directory should only be used for normal
115 users, never for system users. This directory and possibly the
116 directories contained within it might only become available or
117 writable in late boot or even only after user authentication.
118 This directory might be placed on limited-functionality
119 network file systems, hence applications should not assume the
120 full set of file API is available on this directory.
121 Applications should generally not reference this directory
122 directly, but via the per-user <varname>$HOME</varname>
123 environment variable, or via the home directory field of the
124 user database.</para></listitem>
125 </varlistentry>
126
127 <varlistentry>
128 <term><filename>/root</filename></term>
129 <listitem><para>The home directory of the root user. The root
130 user's home directory is located outside of
131 <filename>/home</filename> in order to make sure the root user
132 may log in even without <filename>/home</filename> being
133 available and mounted.</para></listitem>
134 </varlistentry>
135
136 <varlistentry>
137 <term><filename>/srv</filename></term>
138 <listitem><para>The place to store general server payload,
139 managed by the administrator. No restrictions are made how
140 this directory is organized internally. Generally writable,
141 and possibly shared among systems. This directory might become
142 available or writable only very late during
143 boot.</para></listitem>
144 </varlistentry>
145
146 <varlistentry>
147 <term><filename>/tmp</filename></term>
148 <listitem><para>The place for small temporary files. This
149 directory is usually mounted as a <literal>tmpfs</literal>
150 instance, and should hence not be used for larger files. (Use
151 <filename>/var/tmp</filename> for larger files.) Since the
b938cb90 152 directory is accessible to other users of the system, it is
798d3a52
ZJS		 153 essential that this directory is only written to with the
154 <citerefentry project='man-pages'><refentrytitle>mkstemp</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
155 <citerefentry project='man-pages'><refentrytitle>mkdtemp</refentrytitle><manvolnum>3</manvolnum></citerefentry>
156 and related calls. This directory is usually flushed at
157 boot-up. Also, files that are not accessed within a certain
158 time are usually automatically deleted. If applications find
b938cb90 159 the environment variable <varname>$TMPDIR</varname> set, they
798d3a52
ZJS		 160 should prefer using the directory specified in it over
161 directly referencing <filename>/tmp</filename> (see
162 <citerefentry project='man-pages'><refentrytitle>environ</refentrytitle><manvolnum>7</manvolnum></citerefentry>
163 and
164 <ulink url="http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/V1_chap08.html#tag_08_03">IEEE
165 Std 1003.1</ulink> for details).</para></listitem>
166 </varlistentry>
167
168 </variablelist>
169 </refsect1>
170
171 <refsect1>
172 <title>Runtime Data</title>
173
174 <variablelist>
175 <varlistentry>
176 <term><filename>/run</filename></term>
177 <listitem><para>A <literal>tmpfs</literal> file system for
178 system packages to place runtime data in. This directory is
179 flushed on boot, and generally writable for privileged
180 programs only. Always writable.</para></listitem>
181 </varlistentry>
182
183 <varlistentry>
184 <term><filename>/run/log</filename></term>
185 <listitem><para>Runtime system logs. System components may
186 place private logs in this directory. Always writable, even
187 when <filename>/var/log</filename> might not be accessible
188 yet.</para></listitem>
189 </varlistentry>
190
191 <varlistentry>
192 <term><filename>/run/user</filename></term>
193 <listitem><para>Contains per-user runtime directories, each
194 usually individually mounted <literal>tmpfs</literal>
195 instances. Always writable, flushed at each reboot and when
196 the user logs out. User code should not reference this
197 directory directly, but via the
198 <varname>$XDG_RUNTIME_DIR</varname> environment variable, as
199 documented in the <ulink
200 url="http://standards.freedesktop.org/basedir-spec/basedir-spec-latest.html">XDG
201 Base Directory Specification</ulink>.</para></listitem>
202 </varlistentry>
203 </variablelist>
204 </refsect1>
205
206 <refsect1>
207 <title>Vendor-supplied Operating System Resources</title>
208
209 <variablelist>
210
211 <varlistentry>
212 <term><filename>/usr</filename></term>
213 <listitem><para>Vendor-supplied operating system resources.
214 Usually read-only, but this is not required. Possibly shared
215 between multiple hosts. This directory should not be modified
216 by the administrator, except when installing or removing
217 vendor-supplied packages.</para></listitem>
218 </varlistentry>
219
220 <varlistentry>
221 <term><filename>/usr/bin</filename></term>
b938cb90 222 <listitem><para>Binaries and executables for user commands
798d3a52
ZJS		 223 that shall appear in the <varname>$PATH</varname> search path.
224 It is recommended not to place binaries in this directory that
225 are not useful for invocation from a shell (such as daemon
226 binaries); these should be placed in a subdirectory of
227 <filename>/usr/lib</filename> instead.</para></listitem>
228 </varlistentry>
229
230 <varlistentry>
231 <term><filename>/usr/include</filename></term>
232 <listitem><para>C and C++ API header files of system
233 libraries.</para></listitem>
234 </varlistentry>
235
236 <varlistentry>
237 <term><filename>/usr/lib</filename></term>
238 <listitem><para>Static, private vendor data that is compatible
239 with all architectures (though not necessarily
240 architecture-independent). Note that this includes internal
241 executables or other binaries that are not regularly invoked
242 from a shell. Such binaries may be for any architecture
243 supported by the system. Do not place public libraries in this
244 directory, use <varname>$libdir</varname> (see below),
245 instead.</para></listitem>
246 </varlistentry>
247
248 <varlistentry>
249 <term><filename>/usr/lib/<replaceable>arch-id</replaceable></filename></term>
a8eaaee7 250 <listitem><para>Location for placing dynamic libraries into, also
798d3a52
ZJS		 251 called <varname>$libdir</varname>. The architecture identifier
252 to use is defined on <ulink
253 url="https://wiki.debian.org/Multiarch/Tuples">Multiarch
254 Architecture Specifiers (Tuples)</ulink> list. Legacy
255 locations of <varname>$libdir</varname> are
256 <filename>/usr/lib</filename>,
257 <filename>/usr/lib64</filename>. This directory should not be
258 used for package-specific data, unless this data is
259 architecture-dependent, too. To query
260 <varname>$libdir</varname> for the primary architecture of the
ffd86446 261 system, invoke:
ffd86446 262 <programlisting># systemd-path system-library-arch</programlisting></para></listitem>
798d3a52
ZJS		 263
264 </varlistentry>
265
266 <varlistentry>
267 <term><filename>/usr/share</filename></term>
268 <listitem><para>Resources shared between multiple packages,
269 such as documentation, man pages, time zone information, fonts
270 and other resources. Usually, the precise location and format
271 of files stored below this directory is subject to
272 specifications that ensure interoperability.</para></listitem>
273 </varlistentry>
274
275 <varlistentry>
276 <term><filename>/usr/share/doc</filename></term>
277 <listitem><para>Documentation for the operating system or
278 system packages.</para></listitem>
279 </varlistentry>
280
281 <varlistentry>
282 <term><filename>/usr/share/factory/etc</filename></term>
283 <listitem><para>Repository for vendor-supplied default
284 configuration files. This directory should be populated with
285 pristine vendor versions of all configuration files that may
286 be placed in <filename>/etc</filename>. This is useful to
287 compare the local configuration of a system with vendor
288 defaults and to populate the local configuration with
289 defaults.</para></listitem>
290 </varlistentry>
291
292 <varlistentry>
293 <term><filename>/usr/share/factory/var</filename></term>
294
295 <listitem><para>Similar to
b938cb90 296 <filename>/usr/share/factory/etc</filename>, but for vendor
798d3a52
ZJS		 297 versions of files in the variable, persistent data directory
298 <filename>/var</filename>.</para></listitem>
299
300 </varlistentry>
301 </variablelist>
302 </refsect1>
303
304 <refsect1>
305 <title>Persistent Variable System Data</title>
306
307 <variablelist>
308 <varlistentry>
309 <term><filename>/var</filename></term>
310 <listitem><para>Persistent, variable system data. Must be
311 writable. This directory might be pre-populated with
312 vendor-supplied data, but applications should be able to
313 reconstruct necessary files and directories in this
314 subhierarchy should they be missing, as the system might start
315 up without this directory being populated. Persistency is
316 recommended, but optional, to support ephemeral systems. This
317 directory might become available or writable only very late
318 during boot. Components that are required to operate during
319 early boot hence shall not unconditionally rely on this
320 directory.</para></listitem>
321 </varlistentry>
322
323 <varlistentry>
324 <term><filename>/var/cache</filename></term>
325 <listitem><para>Persistent system cache data. System
326 components may place non-essential data in this directory.
327 Flushing this directory should have no effect on operation of
328 programs, except for increased runtimes necessary to rebuild
329 these caches.</para></listitem>
330 </varlistentry>
331
332 <varlistentry>
333 <term><filename>/var/lib</filename></term>
334 <listitem><para>Persistent system data. System components may
335 place private data in this directory.</para></listitem>
336 </varlistentry>
337
338 <varlistentry>
339 <term><filename>/var/log</filename></term>
340 <listitem><para>Persistent system logs. System components may
341 place private logs in this directory, though it is recommended
342 to do most logging via the
343 <citerefentry project='man-pages'><refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum></citerefentry>
344 and
345 <citerefentry><refentrytitle>sd_journal_print</refentrytitle><manvolnum>3</manvolnum></citerefentry>
346 calls.</para></listitem>
347 </varlistentry>
348
349 <varlistentry>
350 <term><filename>/var/spool</filename></term>
351 <listitem><para>Persistent system spool data, such as printer
352 or mail queues.</para></listitem>
353 </varlistentry>
354
355 <varlistentry>
356 <term><filename>/var/tmp</filename></term>
357 <listitem><para>The place for larger and persistent temporary
b938cb90 358 files. In contrast to <filename>/tmp</filename>, this directory
798d3a52
ZJS		 359 is usually mounted from a persistent physical file system and
360 can thus accept larger files. (Use <filename>/tmp</filename>
361 for smaller files.) This directory is generally not flushed at
362 boot-up, but time-based cleanup of files that have not been
363 accessed for a certain time is applied. The same security
364 restrictions as with <filename>/tmp</filename> apply, and
365 hence only
366 <citerefentry project='man-pages'><refentrytitle>mkstemp</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
367 <citerefentry project='man-pages'><refentrytitle>mkdtemp</refentrytitle><manvolnum>3</manvolnum></citerefentry>
368 or similar calls should be used to make use of this directory.
369 If applications find the environment variable
b938cb90 370 <varname>$TMPDIR</varname> set, they should prefer using the
798d3a52
ZJS		 371 directory specified in it over directly referencing
372 <filename>/var/tmp</filename> (see
373 <citerefentry project='man-pages'><refentrytitle>environ</refentrytitle><manvolnum>7</manvolnum></citerefentry>
374 for details). </para></listitem>
375 </varlistentry>
376
377 </variablelist>
378 </refsect1>
379
380 <refsect1>
381 <title>Virtual Kernel and API File Systems</title>
382
383 <variablelist>
384 <varlistentry>
385 <term><filename>/dev</filename></term>
b938cb90 386 <listitem><para>The root directory for device nodes. Usually,
798d3a52
ZJS		 387 this directory is mounted as a <literal>devtmpfs</literal>
388 instance, but might be of a different type in
389 sandboxed/containerized setups. This directory is managed
390 jointly by the kernel and
391 <citerefentry><refentrytitle>systemd-udevd</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
392 and should not be written to by other components. A number of
393 special purpose virtual file systems might be mounted below
394 this directory.</para></listitem>
395 </varlistentry>
396
397 <varlistentry>
398 <term><filename>/dev/shm</filename></term>
399 <listitem><para>Place for POSIX shared memory segments, as
400 created via
3ba3a79d 401 <citerefentry project='die-net'><refentrytitle>shm_open</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
798d3a52
ZJS		 402 This directory is flushed on boot, and is a
403 <literal>tmpfs</literal> file system. Since all users have
404 write access to this directory, special care should be taken
405 to avoid name clashes and vulnerabilities. For normal users,
406 shared memory segments in this directory are usually deleted
b938cb90 407 when the user logs out. Usually, it is a better idea to use
798d3a52
ZJS		 408 memory mapped files in <filename>/run</filename> (for system
409 programs) or <varname>$XDG_RUNTIME_DIR</varname> (for user
a8eaaee7 410 programs) instead of POSIX shared memory segments, since these
798d3a52
ZJS		 411 directories are not world-writable and hence not vulnerable to
412 security-sensitive name clashes.</para></listitem>
413 </varlistentry>
414
415 <varlistentry>
416 <term><filename>/proc</filename></term>
417 <listitem><para>A virtual kernel file system exposing the
418 process list and other functionality. This file system is
419 mostly an API to interface with the kernel and not a place
420 where normal files may be stored. For details, see
421 <citerefentry project='man-pages'><refentrytitle>proc</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
422 A number of special purpose virtual file systems might be
423 mounted below this directory.</para></listitem>
424 </varlistentry>
425
426 <varlistentry>
427 <term><filename>/proc/sys</filename></term>
428 <listitem><para>A hierarchy below <filename>/proc</filename>
429 that exposes a number of kernel tunables. The primary way to
430 configure the settings in this API file tree is via
431 <citerefentry><refentrytitle>sysctl.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>
b938cb90 432 files. In sandboxed/containerized setups, this directory is
798d3a52
ZJS		 433 generally mounted read-only.</para></listitem>
434 </varlistentry>
435
436 <varlistentry>
437 <term><filename>/sys</filename></term>
438 <listitem><para>A virtual kernel file system exposing
439 discovered devices and other functionality. This file system
440 is mostly an API to interface with the kernel and not a place
441 where normal files may be stored. In sandboxed/containerized
b938cb90 442 setups, this directory is generally mounted read-only. A number
798d3a52
ZJS		 443 of special purpose virtual file systems might be mounted below
444 this directory.</para></listitem>
445 </varlistentry>
446
447 </variablelist>
448 </refsect1>
449
450 <refsect1>
451 <title>Compatibility Symlinks</title>
452
453 <variablelist>
454 <varlistentry>
455 <term><filename>/bin</filename></term>
456 <term><filename>/sbin</filename></term>
457 <term><filename>/usr/sbin</filename></term>
458
459 <listitem><para>These compatibility symlinks point to
460 <filename>/usr/bin</filename>, ensuring that scripts and
461 binaries referencing these legacy paths correctly find their
462 binaries.</para></listitem>
463 </varlistentry>
464
465 <varlistentry>
466 <term><filename>/lib</filename></term>
467
468 <listitem><para>This compatibility symlink points to
469 <filename>/usr/lib</filename>, ensuring that programs
470 referencing this legacy path correctly find their
471 resources.</para></listitem>
472 </varlistentry>
473
474 <varlistentry>
475 <term><filename>/lib64</filename></term>
476
b938cb90 477 <listitem><para>On some architecture ABIs, this compatibility
798d3a52
ZJS		 478 symlink points to <varname>$libdir</varname>, ensuring that
479 binaries referencing this legacy path correctly find their
480 dynamic loader. This symlink only exists on architectures
481 whose ABI places the dynamic loader in this
482 path.</para></listitem>
483 </varlistentry>
484
485 <varlistentry>
486 <term><filename>/var/run</filename></term>
487
488 <listitem><para>This compatibility symlink points to
489 <filename>/run</filename>, ensuring that programs referencing
490 this legacy path correctly find their runtime
491 data.</para></listitem>
492 </varlistentry>
493
494 </variablelist>
495 </refsect1>
496
497 <refsect1>
498 <title>Home Directory</title>
499
500 <para>User applications may want to place files and directories in
501 the user's home directory. They should follow the following basic
502 structure. Note that some of these directories are also
503 standardized (though more weakly) by the <ulink
504 url="http://standards.freedesktop.org/basedir-spec/basedir-spec-latest.html">XDG
505 Base Directory Specification</ulink>. Additional locations for
506 high-level user resources are defined by <ulink
28a0ad81 507 url="https://www.freedesktop.org/wiki/Software/xdg-user-dirs/">xdg-user-dirs</ulink>.</para>
798d3a52
ZJS		 508
509 <variablelist>
510 <varlistentry>
511 <term><filename>~/.cache</filename></term>
512
513 <listitem><para>Persistent user cache data. User programs may
514 place non-essential data in this directory. Flushing this
515 directory should have no effect on operation of programs,
516 except for increased runtimes necessary to rebuild these
517 caches. If an application finds
a8eaaee7 518 <varname>$XDG_CACHE_HOME</varname> set, it should use the
798d3a52
ZJS		 519 directory specified in it instead of this
520 directory.</para></listitem>
521 </varlistentry>
522
523 <varlistentry>
524 <term><filename>~/.config</filename></term>
525
526 <listitem><para>Application configuration and state. When a
b938cb90 527 new user is created, this directory will be empty or not exist
798d3a52
ZJS		 528 at all. Applications should fall back to defaults should their
529 configuration or state in this directory be missing. If an
a8eaaee7 530 application finds <varname>$XDG_CONFIG_HOME</varname> set, it
798d3a52
ZJS		 531 should use the directory specified in it instead of this
532 directory.</para></listitem>
533 </varlistentry>
534
535 <varlistentry>
536 <term><filename>~/.local/bin</filename></term>
537
538 <listitem><para>Executables that shall appear in the user's
539 <varname>$PATH</varname> search path. It is recommended not to
540 place executables in this directory that are not useful for
541 invocation from a shell; these should be placed in a
542 subdirectory of <filename>~/.local/lib</filename> instead.
543 Care should be taken when placing architecture-dependent
b938cb90 544 binaries in this place, which might be problematic if the home
798d3a52
ZJS		 545 directory is shared between multiple hosts with different
546 architectures.</para></listitem>
547 </varlistentry>
548
549 <varlistentry>
550 <term><filename>~/.local/lib</filename></term>
551
552 <listitem><para>Static, private vendor data that is compatible
553 with all architectures.</para></listitem>
554 </varlistentry>
555
556 <varlistentry>
557 <term><filename>~/.local/lib/<replaceable>arch-id</replaceable></filename></term>
558
559 <listitem><para>Location for placing public dynamic libraries.
b938cb90 560 The architecture identifier to use is defined on <ulink
798d3a52
ZJS		 561 url="https://wiki.debian.org/Multiarch/Tuples">Multiarch
562 Architecture Specifiers (Tuples)</ulink>
563 list.</para></listitem>
564 </varlistentry>
565
566 <varlistentry>
567 <term><filename>~/.local/share</filename></term>
568
569 <listitem><para>Resources shared between multiple packages,
570 such as fonts or artwork. Usually, the precise location and
571 format of files stored below this directory is subject to
572 specifications that ensure interoperability. If an application
a8eaaee7 573 finds <varname>$XDG_DATA_HOME</varname> set, it should use the
798d3a52
ZJS		 574 directory specified in it instead of this
575 directory.</para></listitem>
576 </varlistentry>
577
578 </variablelist>
579 </refsect1>
580
581
582 <refsect1>
583 <title>Unprivileged Write Access</title>
584
585 <para>Unprivileged processes generally lack write access to most
586 of the hierarchy.</para>
587
588 <para>The exceptions for normal users are
589 <filename>/tmp</filename>,
590 <filename>/var/tmp</filename>,
591 <filename>/dev/shm</filename>, as well as the home directory
592 <varname>$HOME</varname> (usually found below
593 <filename>/home</filename>) and the runtime directory
594 <varname>$XDG_RUNTIME_DIR</varname> (found below
595 <filename>/run/user</filename>) of the user, which are all
596 writable.</para>
597
b938cb90 598 <para>For unprivileged system processes, only
798d3a52
ZJS		 599 <filename>/tmp</filename>,
600 <filename>/var/tmp</filename> and
601 <filename>/dev/shm</filename> are writable. If an
b938cb90 602 unprivileged system process needs a private writable directory in
798d3a52
ZJS		 603 <filename>/var</filename> or <filename>/run</filename>, it is
604 recommended to either create it before dropping privileges in the
605 daemon code, to create it via
606 <citerefentry><refentrytitle>tmpfiles.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>
607 fragments during boot, or via the
05311409
LW		 608 <varname>StateDirectory=</varname> and <varname>RuntimeDirectory=</varname>
609 directives of service units (see
798d3a52
ZJS		 610 <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
611 for details).</para>
612 </refsect1>
613
614 <refsect1>
615 <title>Node Types</title>
616
617 <para>Unix file systems support different types of file nodes,
618 including regular files, directories, symlinks, character and
619 block device nodes, sockets and FIFOs.</para>
620
621 <para>It is strongly recommended that <filename>/dev</filename> is
622 the only location below which device nodes shall be placed.
a8eaaee7 623 Similarly, <filename>/run</filename> shall be the only location to
798d3a52
ZJS		 624 place sockets and FIFOs. Regular files, directories and symlinks
625 may be used in all directories.</para>
626 </refsect1>
627
628 <refsect1>
629 <title>System Packages</title>
630
631 <para>Developers of system packages should follow strict rules
632 when placing their own files in the file system. The following
633 table lists recommended locations for specific types of files
634 supplied by the vendor.</para>
635
636 <table>
637 <title>System Package Vendor Files Locations</title>
638 <tgroup cols='2' align='left' colsep='1' rowsep='1'>
639 <colspec colname="directory" />
640 <colspec colname="purpose" />
641 <thead>
642 <row>
643 <entry>Directory</entry>
644 <entry>Purpose</entry>
645 </row>
646 </thead>
647 <tbody>
648 <row>
649 <entry><filename>/usr/bin</filename></entry>
b938cb90 650 <entry>Package executables that shall appear in the <varname>$PATH</varname> executable search path, compiled for any of the supported architectures compatible with the operating system. It is not recommended to place internal binaries or binaries that are not commonly invoked from the shell in this directory, such as daemon binaries. As this directory is shared with most other packages of the system, special care should be taken to pick unique names for files placed here, that are unlikely to clash with other package's files.</entry>
798d3a52
ZJS		 651 </row>
652 <row>
653 <entry><filename>/usr/lib/<replaceable>arch-id</replaceable></filename></entry>
654 <entry>Public shared libraries of the package. As above, be careful with using too generic names, and pick unique names for your libraries to place here to avoid name clashes.</entry>
655 </row>
656 <row>
657 <entry><filename>/usr/lib/<replaceable>package</replaceable></filename></entry>
b938cb90 658 <entry>Private static vendor resources of the package, including private binaries and libraries, or any other kind of read-only vendor data.</entry>
798d3a52
ZJS		 659 </row>
660 <row>
661 <entry><filename>/usr/lib/<replaceable>arch-id</replaceable>/<replaceable>package</replaceable></filename></entry>
662 <entry>Private other vendor resources of the package that are architecture-specific and cannot be shared between architectures. Note that this generally does not include private executables since binaries of a specific architecture may be freely invoked from any other supported system architecture.</entry>
663 </row>
664 <row>
665 <entry><filename>/usr/include/<replaceable>package</replaceable></filename></entry>
666 <entry>Public C/C++ APIs of public shared libraries of the package.</entry>
667 </row>
668 </tbody>
669 </tgroup>
670 </table>
671
672 <para>Additional static vendor files may be installed in the
b938cb90 673 <filename>/usr/share</filename> hierarchy to the locations
798d3a52
ZJS		 674 defined by the various relevant specifications.</para>
675
b938cb90 676 <para>During runtime, and for local configuration and state,
798d3a52
ZJS		 677 additional directories are defined:</para>
678
679 <table>
680 <title>System Package Variable Files Locations</title>
681 <tgroup cols='2' align='left' colsep='1' rowsep='1'>
682 <colspec colname="directory" />
683 <colspec colname="purpose" />
684 <thead>
685 <row>
686 <entry>Directory</entry>
687 <entry>Purpose</entry>
688 </row>
689 </thead>
690 <tbody>
691 <row>
692 <entry><filename>/etc/<replaceable>package</replaceable></filename></entry>
693 <entry>System-specific configuration for the package. It is recommended to default to safe fallbacks if this configuration is missing, if this is possible. Alternatively, a <citerefentry><refentrytitle>tmpfiles.d</refentrytitle><manvolnum>5</manvolnum></citerefentry> fragment may be used to copy or symlink the necessary files and directories from <filename>/usr/share/factory</filename> during boot, via the <literal>L</literal> or <literal>C</literal> directives.</entry>
694 </row>
695 <row>
696 <entry><filename>/run/<replaceable>package</replaceable></filename></entry>
0458de11 697 <entry>Runtime data for the package. Packages must be able to create the necessary subdirectories in this tree on their own, since the directory is flushed automatically on boot. Alternatively, a <citerefentry><refentrytitle>tmpfiles.d</refentrytitle><manvolnum>5</manvolnum></citerefentry> fragment may be used to create the necessary directories during boot, or the <varname>RuntimeDirectory=</varname> directive of service units may be used to create them at service startup (see <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry> for details).</entry>
798d3a52
ZJS		 698 </row>
699 <row>
700 <entry><filename>/run/log/<replaceable>package</replaceable></filename></entry>
701 <entry>Runtime log data for the package. As above, the package needs to make sure to create this directory if necessary, as it will be flushed on every boot.</entry>
702 </row>
703 <row>
704 <entry><filename>/var/cache/<replaceable>package</replaceable></filename></entry>
0458de11 705 <entry>Persistent cache data of the package. If this directory is flushed, the application should work correctly on next invocation, though possibly slowed down due to the need to rebuild any local cache files. The application must be capable of recreating this directory should it be missing and necessary. To create an empty directory, a <citerefentry><refentrytitle>tmpfiles.d</refentrytitle><manvolnum>5</manvolnum></citerefentry> fragment or the <varname>CacheDirectory=</varname> directive of service units (see <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>) may be used.</entry>
798d3a52
ZJS		 706 </row>
707 <row>
708 <entry><filename>/var/lib/<replaceable>package</replaceable></filename></entry>
0458de11 709 <entry>Persistent private data of the package. This is the primary place to put persistent data that does not fall into the other categories listed. Packages should be able to create the necessary subdirectories in this tree on their own, since the directory might be missing on boot. To create an empty directory, a <citerefentry><refentrytitle>tmpfiles.d</refentrytitle><manvolnum>5</manvolnum></citerefentry> fragment or the <varname>StateDirectory=</varname> directive of service units (see <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>) may be used.</entry>
798d3a52
ZJS		 710 </row>
711 <row>
712 <entry><filename>/var/log/<replaceable>package</replaceable></filename></entry>
0458de11 713 <entry>Persistent log data of the package. As above, the package should make sure to create this directory if necessary, possibly using <citerefentry><refentrytitle>tmpfiles.d</refentrytitle><manvolnum>5</manvolnum></citerefentry> or <varname>LogsDirectory=</varname> (see <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>), as it might be missing.</entry>
798d3a52
ZJS		 714 </row>
715 <row>
716 <entry><filename>/var/spool/<replaceable>package</replaceable></filename></entry>
717 <entry>Persistent spool/queue data of the package. As above, the package should make sure to create this directory if necessary, as it might be missing.</entry>
718 </row>
719 </tbody>
720 </tgroup>
721 </table>
722 </refsect1>
723
724 <refsect1>
725 <title>User Packages</title>
726
727 <para>Programs running in user context should follow strict rules
728 when placing their own files in the user's home directory. The
729 following table lists recommended locations in the home directory
730 for specific types of files supplied by the vendor if the
b938cb90 731 application is installed in the home directory. (Note, however,
798d3a52
ZJS		 732 that user applications installed system-wide should follow the
733 rules outlined above regarding placing vendor files.)</para>
734
735 <table>
736 <title>User Package Vendor File Locations</title>
737 <tgroup cols='2' align='left' colsep='1' rowsep='1'>
738 <colspec colname="directory" />
739 <colspec colname="purpose" />
740 <thead>
741 <row>
742 <entry>Directory</entry>
743 <entry>Purpose</entry>
744 </row>
745 </thead>
746 <tbody>
747 <row>
748 <entry><filename>~/.local/bin</filename></entry>
b938cb90 749 <entry>Package executables that shall appear in the <varname>$PATH</varname> executable search path. It is not recommended to place internal executables or executables that are not commonly invoked from the shell in this directory, such as daemon executables. As this directory is shared with most other packages of the user, special care should be taken to pick unique names for files placed here, that are unlikely to clash with other package's files.</entry>
798d3a52
ZJS		 750 </row>
751 <row>
752 <entry><filename>~/.local/lib/<replaceable>arch-id</replaceable></filename></entry>
753 <entry>Public shared libraries of the package. As above, be careful with using too generic names, and pick unique names for your libraries to place here to avoid name clashes.</entry>
754 </row>
755 <row>
756 <entry><filename>~/.local/lib/<replaceable>package</replaceable></filename></entry>
757 <entry>Private, static vendor resources of the package, compatible with any architecture, or any other kind of read-only vendor data.</entry>
758 </row>
759 <row>
760 <entry><filename>~/.local/lib/<replaceable>arch-id</replaceable>/<replaceable>package</replaceable></filename></entry>
761 <entry>Private other vendor resources of the package that are architecture-specific and cannot be shared between architectures.</entry>
762 </row>
763 </tbody>
764 </tgroup>
765 </table>
766
767 <para>Additional static vendor files may be installed in the
b938cb90 768 <filename>~/.local/share</filename> hierarchy to the locations
798d3a52
ZJS		 769 defined by the various relevant specifications.</para>
770
b938cb90 771 <para>During runtime, and for local configuration and state,
798d3a52
ZJS		 772 additional directories are defined:</para>
773
774 <table>
775 <title>User Package Variable File Locations</title>
776 <tgroup cols='2' align='left' colsep='1' rowsep='1'>
777 <colspec colname="directory" />
778 <colspec colname="purpose" />
779 <thead>
780 <row>
781 <entry>Directory</entry>
782 <entry>Purpose</entry>
783 </row>
784 </thead>
785 <tbody>
786 <row>
787 <entry><filename>~/.config/<replaceable>package</replaceable></filename></entry>
788 <entry>User-specific configuration and state for the package. It is required to default to safe fallbacks if this configuration is missing.</entry>
789 </row>
790 <row>
791 <entry><filename><varname>$XDG_RUNTIME_DIR</varname>/<replaceable>package</replaceable></filename></entry>
792 <entry>User runtime data for the package.</entry>
793 </row>
794 <row>
795 <entry><filename>~/.cache/<replaceable>package</replaceable></filename></entry>
b938cb90 796 <entry>Persistent cache data of the package. If this directory is flushed, the application should work correctly on next invocation, though possibly slowed down due to the need to rebuild any local cache files. The application must be capable of recreating this directory should it be missing and necessary.</entry>
798d3a52
ZJS		 797 </row>
798 </tbody>
799 </tgroup>
800 </table>
801 </refsect1>
802
803 <refsect1>
804 <title>See Also</title>
805 <para>
806 <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
807 <citerefentry project='man-pages'><refentrytitle>hier</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
808 <citerefentry><refentrytitle>systemd-path</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
59512f21 809 <citerefentry><refentrytitle>systemd-gpt-auto-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
798d3a52
ZJS		 810 <citerefentry><refentrytitle>sysctl.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
811 <citerefentry><refentrytitle>tmpfiles.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
812 <citerefentry project='die-net'><refentrytitle>pkg-config</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
813 <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
814 </para>
815 </refsect1>
9546c6ed
LP		 816
817</refentry>
Unnamed repository; edit this file 'description' to name the repository.