New World file system layout: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
mNo edit summary |
||
| (28 intermediate revisions by the same user not shown) | |||
| Line 9: | Line 9: | ||
|/etc | |/etc | ||
|System configuration files. Most are left as they are out-of-the-box | |System configuration files. Most are left as they are out-of-the-box | ||
|- | |||
|/etc/auto* | |||
|Automounter configurations. See [[automounter operation]] | |||
|- | |||
|/etc/cron.d<br/> | |||
/etc/cron.daily | |||
|Directories containing scripts and <code>cron</code> configurations. CSE's contribution here mainly consists of scripts which regularly clean up left-over user session debris — files in <code>/tmp</code>, left-over [[virtual exam environment|virtual exam]] gaols, etc. | |||
|- | |||
|/etc/hosts | |||
|Automatically-generated list of all New World-known hosts and their IP addresses. Installed/updated by <code>cf-agent</code>. Used to avoid having to make DNS queries | |||
|- | |||
|/etc/krb5.conf | |||
|Kerberos configuration which points at UNSW's [[Active Directory]] servers for zID/zPass authentication of logins | |||
|- | |||
|/etc/ldap/ldap.conf | |||
|Configure OpenLDAP libraries and binaries (e.g., <code>ldapsearch</code>) to use CSE's own LDAP server, i.e., the [[UDB]] | |||
|- | |||
|/etc/libnss-ldap.conf<br/> | |||
/etc/pam_ldap.conf (symlink to /etc/ldap/ldap.conf) | |||
|Configure the PAM + NSS modules used for LDAP authorisation to point to CSE's own LDAP server, i.e., the [[UDB]]. See also <code>/etc/nsswitch.conf</code> | |||
|- | |||
|/etc/postfix/main.cf | |||
|Outgoing email configuration | |||
|- | |||
|/etc/sudoers.d/* | |||
|<code>sudo</code> configuration, particularly including <code>[[priv]]</code>-related sudo support | |||
|- | |||
|/etc/X11/xdm/xdm-config<br/> | |||
/etc/X11/xdm/Xresources<br/> | |||
/etc/X11/xdm/Xservers<br/> | |||
/etc/X11/xdm/Xsession-vlab<br/> | |||
/etc/X11/xdm/Xstartup-vlab | |||
|New or changed files to configure graphical login window on lab computers and VLAB, and specific startup scripts for VLAB sessions | |||
|- | |- | ||
|/usr/local/acc | |/usr/local/acc | ||
|Passwords used by <code>[[acc]]</code> to access Active Directory and CSE's own User Database ([[UDB]]) | |||
|- | |- | ||
|/usr/local/bin | |/usr/local/bin | ||
|Symlink to <code>extrafiles/bin</code>, i.e., to teaching-administered <code>bin</code> directory | |||
|- | |- | ||
|/usr/local/etc | |/usr/local/etc | ||
|CSG-administered configuration and miscellaneous files including <code>ARCH</code> (the local host CPU architecture: Intel, AMD, ARM, etc.) | |||
|- | |- | ||
|/usr/local/extrafiles | |/usr/local/extrafiles | ||
|An entire file system sub-tree managed by teaching. Its contents are <code>rsync</code>'d from the [[cfengine]] hub [[holus-bolus]]. See <code>[[/usr/local/extrafiles]]</code> | |||
|- | |- | ||
|/usr/local/extrapackages | |/usr/local/extrapackages | ||
|Teaching-administered lists of additional standard Debian packages to be installed beyond the packages specified by CSG | |||
|- | |- | ||
|/usr/local/games | |/usr/local/games | ||
|Debian standard | |||
|- | |- | ||
|/usr/local/include | |/usr/local/include | ||
|Debian standard | |||
|- | |- | ||
|/usr/local/infrastructure | |/usr/local/infrastructure | ||
|Directories and files maintained by [[CSG]] | |Directories and files maintained by [[CSG]] | ||
|- | |||
|/usr/local/infrastructure/acc | |||
|Duplicate of <code>/usr/local/acc</code> | |||
|- | |||
|/usr/local/infrastructure/bin | |||
|Scripts maintained by [[CSG]]. This directory is used instead of <code>/usr/local/bin</code> to minimise confusion for students. The reasoning is that many of them may already be familiar with looking in <code>/usr/local/bin</code> (which teaching administers) while more savvy users (including CSG) will not have problems with looking for scripts in this current directory | |||
|- | |||
|/usr/local/infrastructure/bin/autofs_*<br/> | |||
/usr/local/infrastructure/bin/cifs_upcall_shim.sh | |||
|Automounter support scripts. See [[automounter operation]] | |||
|- | |||
|/usr/local/infrastructure/bin/classrun*<br/> | |||
/etc/sudoers.d/classrun | |||
|Run teaching's <code>classrun</code> | |||
|- | |||
|/usr/local/infrastructure/bin/get_device_temperature<br/> | |||
/usr/local/infrastructure/bin/getdiskstats<br/> | |||
/usr/local/infrastructure/bin/snmpd_loadaverage<br/> | |||
/usr/local/infrastructure/bin/snmpd_usercount | |||
|Used to extend information the <code>snmpd</code> daemon can return. See <code>/etc/snmp/snmpd.conf</code> | |||
|- | |||
|/usr/local/infrastructure/bin/start* | |||
|vx01 only: Configure user networking and run user VM's in <code>/usr/local/qemu_machines</code> for ZZEN9217. Se also [[ZZEN9217 H6 O.S. Fundamentals for Security: VM platform notes]] | |||
|- | |||
|/usr/local/infrastructure/bin/userresourcelimits.sh | |||
|Applies resource limits (such as PIDs, CPU and memory) to user sessions as the user logs in. See also <code>man systemd-logind</code> and <code>/etc/systemd/logind.conf</code> | |||
|- | |||
|/usr/local/infrastructure/bin/vmexec*<vr/> | |||
/etc/sudoers.d/vmexec* | |||
|Run user-defined virtual machines. See <code>/usr/local/uservms</code> | |||
|- | |||
|/usr/local/infrastructure/bin/vm<br/> | |||
/usr/local/infrastructure/bin/vm.sh<br/> | |||
/etc/sudoers.d/vm | |||
|Run CSG-maintained virtual machines for users. See <code>/usr/local/vmimages</code> | |||
|- | |||
|/usr/local/infrastructure/bin/vncsend*<br/> | |||
/usr/local/infrastructure/bin/vncrecv* | |||
|See [[vncsend]] | |||
|- | |||
|/usr/local/infrastructure/debpkgs_lists | |||
|CSG-managed lists of Debian packages to install | |||
|- | |||
|/usr/local/infrastructure/etc | |||
|CSG-maintained configuration files for CSG-developed systems | |||
|- | |||
|/usr/local/infrastructure/lib | |||
|CSG-maintained library files for CSG-developed systems | |||
|- | |||
|/usr/local/infrastructure/mlalias | |||
|Duplicate of <code>/usr/local/mlalias</code> | |||
|- | |||
|/usr/local/infrastructure/priv | |||
|[[priv]] scripts and "compiled" versions thereof. "priv" is a New World implemention of an [[Old World]] way of allowing users to run scripts as other users (notable root). This is a like <code>sudo</code> and, in fact, Old World-<code>priv</code> scripts can be copied into New World and then, when the New World <code>priv</code> is used to run them, it transparently converts them to work with sudo | |||
|- | |||
|/usr/local/infrastructure/privbin | |||
|Support components of the priv-to-sudo compiler | |||
|- | |||
|/usr/local/infrastructure/vlab | |||
|CSG-developed tools and scripts used to run the VLAB environment | |||
|- | |- | ||
|/usr/local/lib | |/usr/local/lib | ||
|Debian standard | |||
|- | |- | ||
|/usr/local/man | |/usr/local/man | ||
|Debian standard, which is a symlink to <code>share/man</code> which actually, in turn, points into teaching-administered file system space. See <code>/usr/local/share</code> (below) | |||
|- | |- | ||
|/usr/local/mlalias | |/usr/local/mlalias | ||
|Passwords used by <code>[[mlalias]]</code> to access CSE's User Database ([[UDB]]) | |||
|- | |- | ||
|/usr/local/priv | |/usr/local/priv | ||
|Looks like old files | |||
|- | |- | ||
|/usr/local/qemu_machines | |/usr/local/qemu_machines | ||
|Custom QEMU virtual machine images and support scripts. See also <code>/etc/sudoers.d</code> and <code>/usr/local/infrastructure/bin</code> for sudo configurations and start scripts, respectively | |||
|- | |- | ||
|/usr/local/sbin | |/usr/local/sbin | ||
|Debian standard | |||
|- | |- | ||
|/usr/local/share | |/usr/local/share | ||
|Symlink to <code>extrafiles/share</code> | |||
|- | |- | ||
|/usr/local/src | |/usr/local/src | ||
|Debian standard | |||
|- | |- | ||
|/usr/local/tigervnc | |/usr/local/tigervnc | ||
|Version of TigerVNC server as directly downloaded from the TigerVNC website. This is more recent than the version which comes with Debian. Used on [[VLAB]] servers | |||
|- | |- | ||
|/usr/local/uservms | |/usr/local/uservms | ||
|Experimental QEMU virtiual machines used for testing user-created-and-run VM's | |||
|- | |- | ||
|/usr/local/vlab | |/usr/local/vlab | ||
|Support scripts used for starting up the VLAB environment for each user | |||
|- | |- | ||
|/usr/local/vmimages | |/usr/local/vmimages | ||
|CSG-managed VM's used by students | |||
|} | |} | ||
Latest revision as of 12:48, 28 August 2023
New World computers start life as out-of-the-box standard, minimally-configured Debian systems. The vast majority of software and configuration files on these computers is installed from standard Debian repositories by apt. Thus, to a very large extent, where things are in the file system is pretty-much dictated by Debian. This includes binaries, libaries, man pages and configuration files.
CSE-specific files — such as administration scripts, configuration files, teaching-related files., etc. — are largely located under either /etc or /usr/local. Below is a broad outline of what's where, why and how it gets there.
| Path | Discussion |
|---|---|
| /etc | System configuration files. Most are left as they are out-of-the-box |
| /etc/auto* | Automounter configurations. See automounter operation |
| /etc/cron.d /etc/cron.daily |
Directories containing scripts and cron configurations. CSE's contribution here mainly consists of scripts which regularly clean up left-over user session debris — files in /tmp, left-over virtual exam gaols, etc.
|
| /etc/hosts | Automatically-generated list of all New World-known hosts and their IP addresses. Installed/updated by cf-agent. Used to avoid having to make DNS queries
|
| /etc/krb5.conf | Kerberos configuration which points at UNSW's Active Directory servers for zID/zPass authentication of logins |
| /etc/ldap/ldap.conf | Configure OpenLDAP libraries and binaries (e.g., ldapsearch) to use CSE's own LDAP server, i.e., the UDB
|
| /etc/libnss-ldap.conf /etc/pam_ldap.conf (symlink to /etc/ldap/ldap.conf) |
Configure the PAM + NSS modules used for LDAP authorisation to point to CSE's own LDAP server, i.e., the UDB. See also /etc/nsswitch.conf
|
| /etc/postfix/main.cf | Outgoing email configuration |
| /etc/sudoers.d/* | sudo configuration, particularly including priv-related sudo support
|
| /etc/X11/xdm/xdm-config /etc/X11/xdm/Xresources |
New or changed files to configure graphical login window on lab computers and VLAB, and specific startup scripts for VLAB sessions |
| /usr/local/acc | Passwords used by acc to access Active Directory and CSE's own User Database (UDB)
|
| /usr/local/bin | Symlink to extrafiles/bin, i.e., to teaching-administered bin directory
|
| /usr/local/etc | CSG-administered configuration and miscellaneous files including ARCH (the local host CPU architecture: Intel, AMD, ARM, etc.)
|
| /usr/local/extrafiles | An entire file system sub-tree managed by teaching. Its contents are rsync'd from the cfengine hub holus-bolus. See /usr/local/extrafiles
|
| /usr/local/extrapackages | Teaching-administered lists of additional standard Debian packages to be installed beyond the packages specified by CSG |
| /usr/local/games | Debian standard |
| /usr/local/include | Debian standard |
| /usr/local/infrastructure | Directories and files maintained by CSG |
| /usr/local/infrastructure/acc | Duplicate of /usr/local/acc
|
| /usr/local/infrastructure/bin | Scripts maintained by CSG. This directory is used instead of /usr/local/bin to minimise confusion for students. The reasoning is that many of them may already be familiar with looking in /usr/local/bin (which teaching administers) while more savvy users (including CSG) will not have problems with looking for scripts in this current directory
|
| /usr/local/infrastructure/bin/autofs_* /usr/local/infrastructure/bin/cifs_upcall_shim.sh |
Automounter support scripts. See automounter operation |
| /usr/local/infrastructure/bin/classrun* /etc/sudoers.d/classrun |
Run teaching's classrun
|
| /usr/local/infrastructure/bin/get_device_temperature /usr/local/infrastructure/bin/getdiskstats |
Used to extend information the snmpd daemon can return. See /etc/snmp/snmpd.conf
|
| /usr/local/infrastructure/bin/start* | vx01 only: Configure user networking and run user VM's in /usr/local/qemu_machines for ZZEN9217. Se also ZZEN9217 H6 O.S. Fundamentals for Security: VM platform notes
|
| /usr/local/infrastructure/bin/userresourcelimits.sh | Applies resource limits (such as PIDs, CPU and memory) to user sessions as the user logs in. See also man systemd-logind and /etc/systemd/logind.conf
|
| /usr/local/infrastructure/bin/vmexec*<vr/>
/etc/sudoers.d/vmexec* |
Run user-defined virtual machines. See /usr/local/uservms
|
| /usr/local/infrastructure/bin/vm /usr/local/infrastructure/bin/vm.sh |
Run CSG-maintained virtual machines for users. See /usr/local/vmimages
|
| /usr/local/infrastructure/bin/vncsend* /usr/local/infrastructure/bin/vncrecv* |
See vncsend |
| /usr/local/infrastructure/debpkgs_lists | CSG-managed lists of Debian packages to install |
| /usr/local/infrastructure/etc | CSG-maintained configuration files for CSG-developed systems |
| /usr/local/infrastructure/lib | CSG-maintained library files for CSG-developed systems |
| /usr/local/infrastructure/mlalias | Duplicate of /usr/local/mlalias
|
| /usr/local/infrastructure/priv | priv scripts and "compiled" versions thereof. "priv" is a New World implemention of an Old World way of allowing users to run scripts as other users (notable root). This is a like sudo and, in fact, Old World-priv scripts can be copied into New World and then, when the New World priv is used to run them, it transparently converts them to work with sudo
|
| /usr/local/infrastructure/privbin | Support components of the priv-to-sudo compiler |
| /usr/local/infrastructure/vlab | CSG-developed tools and scripts used to run the VLAB environment |
| /usr/local/lib | Debian standard |
| /usr/local/man | Debian standard, which is a symlink to share/man which actually, in turn, points into teaching-administered file system space. See /usr/local/share (below)
|
| /usr/local/mlalias | Passwords used by mlalias to access CSE's User Database (UDB)
|
| /usr/local/priv | Looks like old files |
| /usr/local/qemu_machines | Custom QEMU virtual machine images and support scripts. See also /etc/sudoers.d and /usr/local/infrastructure/bin for sudo configurations and start scripts, respectively
|
| /usr/local/sbin | Debian standard |
| /usr/local/share | Symlink to extrafiles/share
|
| /usr/local/src | Debian standard |
| /usr/local/tigervnc | Version of TigerVNC server as directly downloaded from the TigerVNC website. This is more recent than the version which comes with Debian. Used on VLAB servers |
| /usr/local/uservms | Experimental QEMU virtiual machines used for testing user-created-and-run VM's |
| /usr/local/vlab | Support scripts used for starting up the VLAB environment for each user |
| /usr/local/vmimages | CSG-managed VM's used by students |