New World file system layout: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
mNo edit summary |
||
| Line 21: | Line 21: | ||
|- | |- | ||
|/etc/krb5.conf | |/etc/krb5.conf | ||
|Kerberos configuration which points at UNSW's Active Directory servers for zID/zPass authentication of logins | |Kerberos configuration which points at UNSW's [[Active Directory]] servers for zID/zPass authentication of logins | ||
|- | |- | ||
|/etc/ldap/ldap.conf | |/etc/ldap/ldap.conf | ||
Latest revision as of 12:48, 28 August 2023
New World computers start life as out-of-the-box standard, minimally-configured Debian systems. The vast majority of software and configuration files on these computers is installed from standard Debian repositories by apt. Thus, to a very large extent, where things are in the file system is pretty-much dictated by Debian. This includes binaries, libaries, man pages and configuration files.
CSE-specific files — such as administration scripts, configuration files, teaching-related files., etc. — are largely located under either /etc or /usr/local. Below is a broad outline of what's where, why and how it gets there.
| Path | Discussion |
|---|---|
| /etc | System configuration files. Most are left as they are out-of-the-box |
| /etc/auto* | Automounter configurations. See automounter operation |
| /etc/cron.d /etc/cron.daily |
Directories containing scripts and cron configurations. CSE's contribution here mainly consists of scripts which regularly clean up left-over user session debris — files in /tmp, left-over virtual exam gaols, etc.
|
| /etc/hosts | Automatically-generated list of all New World-known hosts and their IP addresses. Installed/updated by cf-agent. Used to avoid having to make DNS queries
|
| /etc/krb5.conf | Kerberos configuration which points at UNSW's Active Directory servers for zID/zPass authentication of logins |
| /etc/ldap/ldap.conf | Configure OpenLDAP libraries and binaries (e.g., ldapsearch) to use CSE's own LDAP server, i.e., the UDB
|
| /etc/libnss-ldap.conf /etc/pam_ldap.conf (symlink to /etc/ldap/ldap.conf) |
Configure the PAM + NSS modules used for LDAP authorisation to point to CSE's own LDAP server, i.e., the UDB. See also /etc/nsswitch.conf
|
| /etc/postfix/main.cf | Outgoing email configuration |
| /etc/sudoers.d/* | sudo configuration, particularly including priv-related sudo support
|
| /etc/X11/xdm/xdm-config /etc/X11/xdm/Xresources |
New or changed files to configure graphical login window on lab computers and VLAB, and specific startup scripts for VLAB sessions |
| /usr/local/acc | Passwords used by acc to access Active Directory and CSE's own User Database (UDB)
|
| /usr/local/bin | Symlink to extrafiles/bin, i.e., to teaching-administered bin directory
|
| /usr/local/etc | CSG-administered configuration and miscellaneous files including ARCH (the local host CPU architecture: Intel, AMD, ARM, etc.)
|
| /usr/local/extrafiles | An entire file system sub-tree managed by teaching. Its contents are rsync'd from the cfengine hub holus-bolus. See /usr/local/extrafiles
|
| /usr/local/extrapackages | Teaching-administered lists of additional standard Debian packages to be installed beyond the packages specified by CSG |
| /usr/local/games | Debian standard |
| /usr/local/include | Debian standard |
| /usr/local/infrastructure | Directories and files maintained by CSG |
| /usr/local/infrastructure/acc | Duplicate of /usr/local/acc
|
| /usr/local/infrastructure/bin | Scripts maintained by CSG. This directory is used instead of /usr/local/bin to minimise confusion for students. The reasoning is that many of them may already be familiar with looking in /usr/local/bin (which teaching administers) while more savvy users (including CSG) will not have problems with looking for scripts in this current directory
|
| /usr/local/infrastructure/bin/autofs_* /usr/local/infrastructure/bin/cifs_upcall_shim.sh |
Automounter support scripts. See automounter operation |
| /usr/local/infrastructure/bin/classrun* /etc/sudoers.d/classrun |
Run teaching's classrun
|
| /usr/local/infrastructure/bin/get_device_temperature /usr/local/infrastructure/bin/getdiskstats |
Used to extend information the snmpd daemon can return. See /etc/snmp/snmpd.conf
|
| /usr/local/infrastructure/bin/start* | vx01 only: Configure user networking and run user VM's in /usr/local/qemu_machines for ZZEN9217. Se also ZZEN9217 H6 O.S. Fundamentals for Security: VM platform notes
|
| /usr/local/infrastructure/bin/userresourcelimits.sh | Applies resource limits (such as PIDs, CPU and memory) to user sessions as the user logs in. See also man systemd-logind and /etc/systemd/logind.conf
|
| /usr/local/infrastructure/bin/vmexec*<vr/>
/etc/sudoers.d/vmexec* |
Run user-defined virtual machines. See /usr/local/uservms
|
| /usr/local/infrastructure/bin/vm /usr/local/infrastructure/bin/vm.sh |
Run CSG-maintained virtual machines for users. See /usr/local/vmimages
|
| /usr/local/infrastructure/bin/vncsend* /usr/local/infrastructure/bin/vncrecv* |
See vncsend |
| /usr/local/infrastructure/debpkgs_lists | CSG-managed lists of Debian packages to install |
| /usr/local/infrastructure/etc | CSG-maintained configuration files for CSG-developed systems |
| /usr/local/infrastructure/lib | CSG-maintained library files for CSG-developed systems |
| /usr/local/infrastructure/mlalias | Duplicate of /usr/local/mlalias
|
| /usr/local/infrastructure/priv | priv scripts and "compiled" versions thereof. "priv" is a New World implemention of an Old World way of allowing users to run scripts as other users (notable root). This is a like sudo and, in fact, Old World-priv scripts can be copied into New World and then, when the New World priv is used to run them, it transparently converts them to work with sudo
|
| /usr/local/infrastructure/privbin | Support components of the priv-to-sudo compiler |
| /usr/local/infrastructure/vlab | CSG-developed tools and scripts used to run the VLAB environment |
| /usr/local/lib | Debian standard |
| /usr/local/man | Debian standard, which is a symlink to share/man which actually, in turn, points into teaching-administered file system space. See /usr/local/share (below)
|
| /usr/local/mlalias | Passwords used by mlalias to access CSE's User Database (UDB)
|
| /usr/local/priv | Looks like old files |
| /usr/local/qemu_machines | Custom QEMU virtual machine images and support scripts. See also /etc/sudoers.d and /usr/local/infrastructure/bin for sudo configurations and start scripts, respectively
|
| /usr/local/sbin | Debian standard |
| /usr/local/share | Symlink to extrafiles/share
|
| /usr/local/src | Debian standard |
| /usr/local/tigervnc | Version of TigerVNC server as directly downloaded from the TigerVNC website. This is more recent than the version which comes with Debian. Used on VLAB servers |
| /usr/local/uservms | Experimental QEMU virtiual machines used for testing user-created-and-run VM's |
| /usr/local/vlab | Support scripts used for starting up the VLAB environment for each user |
| /usr/local/vmimages | CSG-managed VM's used by students |