Under /etc: A Simple Guide

October 7th, 2005 by AmirAli Lalji in

If you're new to Linux or know someone who is, here's an explanation of what's in the /etc subdirectory.
Your rating: None Average: 4.4 (8 votes)

Newcomers to Linux, especially those coming from a Windows background, often find files in the /etc directory to be difficult to understand. In this article, I provide a brief explanation of some of these files and their uses. Before we dive into the /etc directory however, I would like to point out that changes to some of these files can render your system unstable or in some circumstances unbootable. I cannot emphasize enough that you should make a backup of these files before making any changes.

Let's dive in:

/etc/exports: this file contains the partition configuration to load NFS (network filesystem). It states how partitions are mounted and shared with other Linux/UNIX systems.

/etc/ftpusers: this file contains the login names of users who are not allowed to log in by way of FTP. For security reasons, it is recommended to add the root user to this file.

/etc/fstab: this file automatically mounts filesystems that are spread across multiple drives or separate partitions. This file is checked when the system boots and filesystems are mounted.

/etc/hosts.[allow, deny]: you can control access to your network by using these files. Adds hosts that you want to grant access to your network to the hosts.allow file; add hosts that you want to deny access to hosts.deny.

/etc/inetd.conf or /etc/xinetd.conf: the inetd file can be called the father of networking services. This file is responsible for starting services such as FTP, telnet and the like. Some Linux distributions come with xinetd.conf, which stands for extended Internet services daemon. This file provides all the functionalities and capabilities of inetd but extends them further.

It is advisable to comment out services you do not use.

/etc/inittab: this file describes what takes place or which processes are started at bootup or at different runlevels. A runlevel is defined as the state in which the Linux box currently is in. Linux has seven runlevels, from 0-6.

/etc/motd: motd stands for message of the day. This file is executed and its contents displayed after a successful login.

/etc/passwd: this file contains user information. Whenever a new user is added, an entry is added to this file containing the user's login name, password and so on. This file is readable by everyone on the system. If the password field contains "x", then encrypted passwords are stored in /etc/shadow, a file that is accessible only by the root user.

/etc/profile: when a user logs in, a number of configuration files are executed, including /etc/profile. This file contains settings and global startup information for the bash shell.

/etc/services: this file works in conjunction with /etc/inetd.conf or /etc/xinetd.conf files (see above). This file determines which port a service mentioned in inetd.conf is to use, for example, FTP/21, TELNET/23 and so on.

/etc/securetty: this file lists TTYs from which root is allowed to log in. For security reasons it is recommended to keep only tty1 for root login.

/etc/shells: this file contains the names of all the shells installed on the system, along with their full path names.

I hope you enjoyed this article and hope it helped in your understanding the /etc directory. You might find other subdirectories beneath the /etc directory that are application specific. /etc/httpd and /etc/sendmail, for example, are for Apache and sendmail, respectively.

Copyright (c) 2003, AmirAli Lalji. Originally published in Linux Gazette issue 94. Copyright (c) 2003, Specialized Systems Consultants, Inc.

AmirAli Lalji is a system administrator/DBA who lives and works in the UK and Portugal.

__________________________


Special Magazine Offer -- Free Gift with Subscription
Receive a free digital copy of Linux Journal's System Administration Special Edition as well as instant online access to current and past issues. CLICK HERE for offer

Linux Journal: delivering readers the advice and inspiration they need to get the most out of their Linux systems since 1994.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
Anonymous's picture

This is why I don't like

On February 6th, 2009 Anonymous (not verified) says:

This is why I don't like Linux, there are just too many configuration text files placed in a common directory that no one knows what they are for! Configuration files should be bundled in the directory that the software is installed! If I want to configure software Z, I goto Z's directory to lookfor z.config. In DOS you have one autoexec.bat and config.sys to edit, in linux you have 10 dozen.

Anonymous's picture

When you install an

On February 6th, 2009 Anonymous (not verified) says:

When you install an application in linux, all of the application's files, such as its binaries, manual pages, and any libraries, get smushed together into the file system. Binaries go into any of the various bin or sbin folders in your system, manual pages go into any of the man folders, and libraries go into any of the lib folders. Soon enough your file system becomes a smorgasbord! It would be the same as installing every application on a Windows machine to the same folder. And good luck trying to uninstall anything! You don't know which file belongs to which application.

Here's an example. Lets say I have 3 applications I want to install on my computer: mozilla, php, and mysql. Say each application contains binaries, manuals, and libraries. That's 9 categories of files that I need to put on my file system. There are two ways I can organize them. Either I can put each application its own directory, with three sub-directories bin, man, and lib. Or I can sort all of the applications' files in three root directories, /bin, /man, and /lib.

Linux prefers the latter, but it should be using the former! Why is that? One word: uninstalling. Sorting my files by application allows me to easily remove any application by just deleting a single folder, without any need for any package management solution. Simple and easy.

Anonymous's picture

YES, CAN SOMEONE EXPLAIN WHY

On February 6th, 2009 Anonymous (not verified) says:

YES, CAN SOMEONE EXPLAIN WHY THIS IS SO? Please organize Linux by programs folders!

Anonymous's picture

Yes I totally agree! If

On February 6th, 2009 Anonymous (not verified) says:

Yes I totally agree! If /etc/exports deals with NFS, then call it NFS_partition.config. My point is, if people don't even know what the heck ETC stands for, how the heck are they going to figure out what /etc/fstab stands for? Programmers loves to use abbreviations, the problem is that there are way too many abbreviations in Linux for too many folders, files, etc... Please give configuration files more meaningful names!

Anonymous's picture

This is why I don't like

On February 6th, 2009 Anonymous (not verified) says:

This is why I don't like Linux, there are just too many configuration text files placed in a common directory that no one knows what they are for! Configuration files should be bundled in the directory that the software is installed! If I want to configure software Z, I goto Z's directory to lookfor z.config. In DOS you have one autoexec.bat and config.sys to edit, in linux you have 10 dozen.

Anonymous's picture

Configuration files can't be

On February 6th, 2009 Anonymous (not verified) says:

Configuration files can't be bundled with the install directory because there are different users. Remember LINUX unlike DOS is a multi-user system!

BUT, I agree, they should name it better. If you have tons of software, under /etc

they should have:

software1.config
software2.config
software3.config

Instead with tons of cryptic names!

Anonymous's picture

This is just one directory,

On February 6th, 2009 Anonymous (not verified) says:

This is just one directory, imagine how long will it take you to figure out the other directories. When I install stuff in Windows, I know where they go! program_files/program_name; in Linux I have not a clue.

Anonymous's picture

the /etc directory

On June 4th, 2006 Anonymous (not verified) says:

Thank you for writing this page. The information on the /etc directory and files has been very useful. I've learned a great deal about my system..

Anonymous's picture

What does "etc" stand for?

On October 19th, 2005 Anonymous (not verified) says:

Thanks for the good summary of the use of the /etc directory. But I've always wondered, what does "etc" stand for anyway? And where did it come from? I like to think of it as "Everything That's Configurable", but that's just my own idea. Anyone know?

Anonymous's picture

I want to know too!

On November 3rd, 2005 Anonymous (not verified) says:

Anyone? We're having a tough debate here at work on the subject :)

Anonymous's picture

/etc seems to be comming

On February 17th, 2006 Anonymous (not verified) says:

/etc seems to be comming from "et cetera" (or "etcetera").
http://en.wikipedia.org/wiki/Filesystem_Hierarchy_Standard

/usr means Unix System Resources encording to wikipedia, though, I've learnt it's Shared not System - but I guess both are valid.

Tim's picture

ETC - what it stands for

On March 5th, 2007 Tim (not verified) says:

Read in an old Unix book - "Extended Tool Chest" is what /etc/ stands for, not et cetera. In other words, it's the configuration directory for system config files. There is a system /etc/ directory but is also a concept for directories that hold config files.

Peter B's picture

Good primer for a newbie like me

On October 15th, 2005 Peter B (not verified) says:

Thanks. :-)
A good primer for a newbie like me. I did some googling and found this page with some info on the etc/ directory as well:
http://www.faqs.org/docs/linux_admin/x399.html

Viveka Nathan K's picture

Nice and Useful article

On October 13th, 2005 Viveka Nathan K (not verified) says:

Its a very good article to know /etc, for all.

Anonymous's picture

hmmm

On October 12th, 2005 Anonymous (not verified) says:

This article only listed about 1/20 of what is in the /etc directory. Also, check out the FSH, Filesystem Hierarchy. Its for all of linux's directories with much detail.

Anthony Ettinger's picture

Excellent tutorial on /etc

On October 11th, 2005 Anthony Ettinger (not verified) says:

One question, do you pronouce it "ET-SEE" or "Etcetera" or "E-T-C"?

I personally call it "Etcetera" :-)

Anonymous's picture

It's pronounced "ET-SEE".

On October 11th, 2005 Anonymous (not verified) says:

It's pronounced "ET-SEE".

Anonymous's picture

Only if you are american

On October 17th, 2005 Anonymous (not verified) says:

"E-T-C"++

I have only ever heard Americans calling it "et-see"

Anonymous's picture

We call it ET-SEE because we

On March 5th, 2007 Anonymous (not verified) says:

We call it ET-SEE because we invented it and get to call it what we want.

Anonymous's picture

No, you get to call it what

On July 18th, 2007 Anonymous (not verified) says:

No, you get to call it what the actual developers call it, and they DO NOT call it ETSEE! Do some research and don't claim the work of others as your own.

-anonymous kernel dev.

Anonymous's picture

/etc -- it's not a word, it's a directory

On April 21st, 2008 Anonymous (not verified) says:

ETSEE ETSEE ETSEE -- I'll call it that if I want to, and I often do. When I'm not saying "E - T - C", that is. It's not all that important. Perhaps you need a rest?

Anonymous's picture

Some more detailed info....

On October 11th, 2005 Anonymous (not verified) says:

Hi,

I applaud your intentions, but you could be a bit more clear about what each file actually *is* and what it is for.

/etc/exports - This TEXT FILE Is read by the NFS servers on the local machine to make local disk areas usable by remote NFS clients.

/etc/fstab - This TEXT FILE is read by the mount program when it is used to automatically or manually mount file systems. The mount command is run from startup scripts at boot time. mount can mount local as well as remote disks using information from this file.

/etc/hosts.[allow, deny] - These TEXT FILEs are read by services which were compiled with tcp wrappers (tcpd) support to provide access control. You can allow or deny access to services based on host or network.

/etc/inetd.conf or /etc/xinetd.conf - This TEXT FILE is read by the inetd or xinetd program which is started by startup scripts at boot time. This is a "super-server", which binds to many ports and starts specific servers on an as-needed basis.

...and so on...

The basic point is that most of the files in /etc are not PROGRAMS, but rather configuration files which programs read when they are started. There are also SCRIPTS, usually in rc-subdirectories, but
that is not the subject of this article.

On booting, the kernel starts the init PROGRAM, indicating to it the desired run level. init is a program, which reads the inittab file and based on the desired runlevel starts other programs, including startup scripts and tty managers. The scripts mount filesystems, start inetd, nfs services, and the like.

The tty managers start the login PROGRAM, which reads the /etc/password and /etc/shadow files to authenticate users. If network authentication is used, /etc/password and /etc/shadow might only contain information for daemon ids. Login will start a shell PROGRAM, which will read default configs in /etc and in the user's home directory.

Some daemons are started directly by startup scripts, while others are started from (x)inetd. In some cases, a daemon is written so it can be started either way, requiring an argument to indicate the mode.

Lastly, many daemons will typically read their configuration only on startup. Changes to their config files are ignored unless the daemon is restarted, or unless it was written with a method to allow it to be notified to re-read it's config file. Typically a 'kill -HUP ' tells a daemon to re-read it's config file. Most simple daemons follow this tradition. However, complex multi-daemon services like NFS sometimes require a special tool. 'exportfs -ra' on many systems tells the NFS service to re-read it's configs.

Hope this helps to clear any confusion. Damn, I can't believe I wrote all that....

- Pete

John's picture

Excellent, more please!

On October 11th, 2005 John (not verified) says:

I was so excited to see this article. I think having an example of a config file with a description of the various entries would be a great second step. Of course, explaining the steps to make a back up first would be a great pre-step. So, right after the "I can not emphasize enough that you should make a back up .." insert:
su This is to switch to the super user or "root" acount then type in the root password.
cp /etc/exports /etc/exports.backup
This creates a copy of the exports file in the same directory. You can repeat this with each file you wish to play with.
Some distro's (like Ubuntu) use sudo, which gives you root access for one command only. In that case the command will be
sudo cp /etc/file /etc/file.backup then you will be asked for the root password.

Anonymous's picture

Two corrections: sudo su

On October 13th, 2005 Anonymous (not verified) says:

Two corrections:

  • sudo su - gives you root access so you can execute as many commands as desired
  • sudo asks you for your own password, not root's

Cheers,
-Adam

Anonymous's picture

"sudo cp /etc/file /etc/file.

On October 11th, 2005 Anonymous (not verified) says:

"sudo cp /etc/file /etc/file.backup then you will be asked for the root password."

Aren't you asked for your own password, and not root's?

Chris B's picture

whose password for sudo?

On October 11th, 2005 Chris B (not verified) says:

Well, it depends on your distro. Some distros setup sudo to use the user's password, others, look for the root user's password.

Anonymous's picture

Sudo would be a bit pointless

On October 13th, 2005 Anonymous (not verified) says:

Sudo would be a bit pointless and more difficult to enforce if everbody already knows the root password.

What distro sets up sudo to use the root password?

Anonymous's picture

Some more detailed info....

On October 11th, 2005 Anonymous (not verified) says:

Hi,

I applaud your intentions, but you could be a bit more clear about what each file actually *is* and what it is for.

/etc/exports - This TEXT FILE Is read by the NFS servers on the local machine to make local disk areas usable by remote NFS clients.

/etc/fstab - This TEXT FILE is read by the mount program when it is used to automatically or manually mount file systems. The mount command is run from startup scripts at boot time. mount can mount local as well as remote disks using information from this file.

/etc/hosts.[allow, deny] - These TEXT FILEs are read by services which were compiled with tcp wrappers (tcpd) support to provide access control. You can allow or deny access to services based on host or network.

/etc/inetd.conf or /etc/xinetd.conf - This TEXT FILE is read by the inetd or xinetd program which is started by startup scripts at boot time. This is a "super-server", which binds to many ports and starts specific servers on an as-needed basis.

...and so on...

The basic point is that most of the files in /etc are not PROGRAMS, but rather configuration files which programs read when they are started. There are also SCRIPTS, usually in rc-subdirectories, but
that is not the subject of this article.

On booting, the kernel starts the init PROGRAM, indicating to it the desired run level. init is a program, which reads the inittab file and based on the desired runlevel starts other programs, including startup scripts and tty managers. The scripts mount filesystems, start inetd, nfs services, and the like.

The tty managers start the login PROGRAM, which reads the /etc/password and /etc/shadow files to authenticate users. If network authentication is used, /etc/password and /etc/shadow might only contain information for daemon ids. Login will start a shell PROGRAM, which will read default configs in /etc and in the user's home directory.

Some daemons are started directly by startup scripts, while others are started from (x)inetd. In some cases, a daemon is written so it can be started either way, requiring an argument to indicate the mode.

Lastly, many daemons will typically read their configuration only on startup. Changes to their config files are ignored unless the daemon is restarted, or unless it was written with a method to allow it to be notified to re-read it's config file. Typically a 'kill -HUP ' tells a daemon to re-read it's config file. Most simple daemons follow this tradition. However, complex multi-daemon services like NFS sometimes require a special tool. 'exportfs -ra' on many systems tells the NFS service to re-read it's configs.

Hope this helps to clear any confusion. Damn, I can't believe I wrote all that....

- Pete

Anonymous's picture

Awesome, More Please!

On October 10th, 2005 Anonymous (not verified) says:

This is what is needed to push us to wider acceptance!

Thank You, Thank you, thank you !

More, More More !

Parth's picture

This page seems to be really

On October 10th, 2005 Parth (not verified) says:

This page seems to be really good at giving an intro to /etc for the newbies... the author can try explaining in detail certain parts like etc/passwd which the user can alter to add/del users. Such things would be helpfull to newbiew :)

Trancelis (verified) or's picture

Nice article :) Note: the

On October 8th, 2005 Trancelis (verified) or (not verified) says:

Nice article :)

Note: the /etc/motd file is not _executed_, it's just printed.

Mathew Drury's picture

Thanks for the /etc primer -

On October 8th, 2005 Mathew Drury (not verified) says:

Thanks for the /etc primer - clear, concise. Great article.

I hope you have plans on covering the rest of the filesystem - it's a fantastic starting point for newbies everywhere.

Admir Trakic's picture

LJ online readers are newbies?

On October 13th, 2005 Admir Trakic (not verified) says:

I'm supprised that the Lj users find this article THAT nifty!?
The contents of this article are trully basic - and can be easily figured out by exploring the *nix machines file tree, instead using the fancy desktop distros.

What is a next article? - man newbie ?

/admir trakic, Cph. DK

twocents's picture

I completely agree with

On October 15th, 2005 twocents (not verified) says:

I completely agree with you...... Some people are so dense they fail to see the value of a quick start guide. That fact that search engines exist to drive non-LJ users to these type of sites.

Please feel free to continue to share your brilliant thoughts, always taking into account the big picture - the sharing of information for all skill levels.

mv /admir trakic, Cph. DK > NULL

kan's picture

/etc stands for

On May 14th, 2006 kan (not verified) says:

does /etc stand for: EssenTial Configure files

D3vi8nt's picture

/etc

On April 11th, 2007 D3vi8nt (not verified) says:

It stands for exntendable tool chest :)

campuscodi's picture

:P

On October 31st, 2007 campuscodi (not verified) says:

10x

Post new comment

Please note that comments may not appear immediately, so there is no need to repost your comment.
The content of this field is kept private and will not be shown publicly.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <pre> <ul> <ol> <li> <dl> <dt> <dd> <i> <b>
  • Lines and paragraphs break automatically.

More information about formatting options

Newsletter

Each week Linux Journal editors will tell you what's hot in the world of Linux. You will receive late breaking news, technical tips and tricks, and links to in-depth stories featured on www.linuxjournal.com.
Sign up for our Email Newsletter

Tech Tip Videos

From the Magazine

July 2009, #183

News Flash: Linux Kernel 3.0 to include an on-the-go Expresso machine interface! Ok, maybe not, but Linux is definitely going mobile, from phones to e-readers. Find out more inside about Android, the Kindle 2, the Western Digital MyBook II, The Bug, and Indamixx (a portable recording studio). And if you've gone mobile and you been wanting more Emacs in your life then check out Conkeror.


To compliment the mobile we've got the stationary: parsing command line options with getopt, checking your Ruby code with metric_fu, and building a secure Squid proxy. How is this stationary you ask? What can we say? It's not. We just wanted to see if anybody actually read this part of the page :) .


All this and more, and all you have to do is get your hot sweaty hands on the latest copy of Linux Journal.





Read this issue