1.6. /etc

This directory tree contains all the configuration files for the X Window System. Users should note that many of the files located in this directory are actually symbolic links to the /usr/X11R6 directory tree. Thus, the presence of these files in these locations can not be certain.

The 'X' configuration file. Most modern distributions possess hardware autodetection systems that enable automatic creation of a valid file. Should autodetection fail a configuration file can also be created manually provided that you have sufficient knowledge about your system. It would be considered prudent not to attempt to type out a file from beginning to end. Rather, use common configuration utilities such as xf86config, XF86Setup and xf86cfg to create a workable template. Then, using suitable documentation commence optimization through intuition and/or trial and error. Options that can be configured via this file include X modules to be loaded on startup, keyboard, mouse, monitor and graphic chipset type. Often, commercial distributions will include their own X configuration utilities such as XDrake on Mandrake and also Xconfiguration on Redhat. Below is a sample X configuration file from the reference system

### BEGIN DEBCONF SECTION
# XF86Config-4 (XFree86 server configuration file) generated by dexconf, the
# Debian X Configuration tool, using values from the debconf database.
#
# Edit this file with caution, and see the XF86Config-4 manual page.
# (Type "man XF86Config-4" at the shell prompt.)
#
# If you want your changes to this file preserved by dexconf, only 
# make changes
# before the "### BEGIN DEBCONF SECTION" line above, and/or after the
# "### END DEBCONF SECTION" line below.
#
# To change things within the debconf section, run the command:
#   dpkg-reconfigure xserver-xfree86
# as root.  Also see "How do I add custom sections to a dexconf-
# generated
# XF86Config or XF86Config-4 file?" in /usr/share/doc/xfree86-
# common/FAQ.gz.

Section "Files"
        FontPath        "unix/:7100"                        
# local font server
        # if the local font server has problems, 
# we can fall back on these
        FontPath        "/usr/lib/X11/fonts/misc"
        FontPath        "/usr/lib/X11/fonts/cyrillic"
        FontPath        "/usr/lib/X11/fonts/100dpi/:unscaled"
        FontPath        "/usr/lib/X11/fonts/75dpi/:unscaled"
        FontPath        "/usr/lib/X11/fonts/Type1"
        FontPath        "/usr/lib/X11/fonts/Speedo"
        FontPath        "/usr/lib/X11/fonts/100dpi"
        FontPath        "/usr/lib/X11/fonts/75dpi"
EndSection

Section "Module"
        Load        "GLcore"
        Load        "bitmap"
        Load        "dbe"
        Load        "ddc"
        Load        "dri"
        Load        "extmod"
        Load        "freetype"
        Load        "glx"
        Load        "int10"
        Load        "pex5"
        Load        "record"
        Load        "speedo"
        Load        "type1"
        Load        "vbe"
        Load        "xie"
EndSection

Section "InputDevice"
        Identifier        "Generic Keyboard"
        Driver                "keyboard"
        Option                "CoreKeyboard"
        Option                "XkbRules"        "xfree86"
        Option                "XkbModel"        "pc104"
        Option                "XkbLayout"        "us"
EndSection

Section "InputDevice"
        Identifier        "Configured Mouse"
        Driver                "mouse"
        Option                "CorePointer"
        Option                "Device"                "/dev/psaux"
        Option                "Protocol"                "NetMousePS/2"
        Option                "Emulate3Buttons"        "true"
        Option                "ZAxisMapping"                "4 5"
EndSection

Section "InputDevice"
        Identifier        "Generic Mouse"
        Driver                "mouse"
        Option                "SendCoreEvents"        "true"
        Option                "Device"                "/dev/input/mice"
        Option                "Protocol"                "ImPS/2"
        Option                "Emulate3Buttons"        "true"
        Option                "ZAxisMapping"                "4 5"
EndSection

Section "Device"
        Identifier        "Generic Video Card"
        Driver                "nv"
#        Option                "UseFBDev"                "true"
        Option                "UseFBDev"                "false"
EndSection

Section "Monitor"
        Identifier        "Generic Monitor"
        HorizSync        30-38
        VertRefresh        43-95
        Option                "DPMS"
EndSection

Section "Screen"
        Identifier        "Default Screen"
        Device                "Generic Video Card"
        Monitor                "Generic Monitor"
        DefaultDepth        16
        SubSection "Display"
                Depth                1
                Modes                "800x600" "640x480"
        EndSubSection
        SubSection "Display"
                Depth                4
                Modes                "800x600" "640x480"
        EndSubSection
        SubSection "Display"
                Depth                8
                Modes                "800x600" "640x480"
        EndSubSection
        SubSection "Display"
                Depth                15
                Modes                "800x600" "640x480"
        EndSubSection
        SubSection "Display"
                Depth                16
                Modes                "800x600" "640x480"
        EndSubSection
        SubSection "Display"
                Depth                24
                Modes                "800x600" "640x480"
        EndSubSection
EndSection

Section "ServerLayout"
        Identifier        "Default Layout"
        Screen                "Default Screen"
        InputDevice        "Generic Keyboard"
        InputDevice        "Configured Mouse"
        InputDevice        "Generic Mouse"
EndSection

Section "DRI"
        Mode        0666
EndSection

### END DEBCONF SECTION

As you can see, the layout of the file is quite simple and tends to be quite standard across most distributions. At the top are the locations of the various font files for X (note - X will not start if you do not specify a valid font), next is the "Modules" section. It details what modules are to be loaded upon startup. The most well known extensions are probably GLX (required for 3D rendering of graphics and games) and Xinerama which allows users to expand their desktop over several monitors. Next are the various "Device" sections which describe the type of hardware you have. Improper configuration of these subsections can lead to heartache and trauma with seemingly misplaced keys, bewitched mice and also constant flashing as X attempts to restart in a sometimes never ending loop. In most cases when all else fails the vesa driver seems to be able to initialise most modern video cards. In the "Screen" section it is possible to alter the default startup resolution and depth. Quite often it is possible to alter these attributes on the fly by using the alt-ctrl-+ or alt-ctrl- set of keystrokes. Lastly are the "ServerLayout" and "DRI" sections. Users will almost never touch the "DRI" section and only those who wish to utilise the Xinerama extensions of X will require having to change any of the ServerLayout options.

In general your default keyboard mapping comes from your X server setup. If this setup is insufficient and you are unwilling to go through the process of reconfiguration and/or you are not the superuser you'll need to use the xmodmap program. This is the utility's global configuration file.

The various symbols, types, geometries of keymaps that the X server supports can be found in this directory tree.

Low Bandwidth X (LBX) proxy server configuration files. Applications that would like to take advantage of the Low Bandwidth extension to X (LBX) must make their connections to an lbxproxy. These applications need know nothing about LBX, they simply connect to the lbxproxy as if it were a regular X server. The lbxproxy accepts client connections, multiplexes them over a single connection to the X server, and performs various optimizations on the X protocol to make it faster over low bandwidth and/or high latency connections. It should be noted that such compression will not increase the pace of rendering all that much. Its primary purpose is to reduce network load and thus increase overall network latency. A competing project called DXPC (Differential X Protocol Compression) has been found to be more efficient at this task. Studies have shown though that in almost all cases ssh tunneling of X will produce far better results than through any of these specialised pieces of software.

X proxy services manager initialisation files. proxymngr is responsible for resolving requests from xfindproxy (in the xbase-clients package) and other similar clients, starting new proxies when appropriate, and keeping track of all the available proxy services.

X display manager configuration files. xdm manages a collection of X servers, which may be on the local host or remote machines. It provides services similar to those provided by init, getty, and login on character-based terminals: prompting for login name and password, authenticating the user, and running a session. xdm supports XDMCP (X Display Manager Control Protocol) and can also be used to run a chooser process which presents the user with a menu of possible hosts that offer XDMCP display management. If the xutils package is installed, xdm can use the sessreg utility to register login sessions to the system utmp file; this, however, is not necessary for xdm to function.

This is the master 'xdm' configuration file. It determines where all other 'xdm' configuration files will be located. It is almost certain to be left undisturbed.

GNOME Display Manager configuration files. gdm provides the equivalent of a "login:" prompt for X displays- it pops up a login window and starts an X session. It provides all the functionality of xdm, including XDMCP support for managing remote displays. The greeting window is written using the GNOME libraries and hence looks like a GNOME application- even to the extent of supporting themes! By default, the greeter is run as an unprivileged user for security.

This is the primary configuration file for GDM. Through it, users can specify whether they would like their system to automatically login as a certain user, background startup image and also if they would like to run their machine as somewhat of a terminal server by using the XDMCP protocol.

Home of xfs fonts.

X font server configuration files. xfs is a daemon that listens on a network port and serves X fonts to X servers (and thus to X clients). All X servers have the ability to serve locally installed fonts for themselves, but xfs makes it possible to offload that job from the X server, and/or have a central repository of fonts on a networked machine running xfs so that all the machines running X servers on a network do not require their own set of fonts. xfs may also be invoked by users to, for instance, make available X fonts in user accounts that are not available to the X server or to an already running system xfs.

This is the 'xfs' initialisation file. It specifies the number of clients that are allowed to connect to the 'xfs' server at any one time, the location of log files, default resolution, the location of the fonts, etc.

       
# font server configuration file
# $Xorg: config.cpp,v 1.3 2000/08/17 19:54:19 cpqbld Exp $

# allow a maximum of 10 clients to connect to this font server
client-limit = 10
# when a font server reaches its limit, start up a new one
clone-self = on
# log messages to /var/log/xfs.log (if syslog is not used)
error-file = /var/log/xfs.log
# log errors using syslog
use-syslog = on
# turn off TCP port listening (Unix domain connections are still permitted)
no-listen = tcp
# paths to search for fonts
catalogue = /usr/lib/X11/fonts/misc/,/usr/lib/X11/fonts/cyrillic/,
/usr/lib/X11/fonts/100dpi/:unscaled,/usr/lib/X11/fonts/75dpi/:unscaled,
/usr/lib/X11/fonts/Type1/,/usr/lib/X11/fonts/CID,
/usr/lib/X11/fonts/Speedo/,/usr/lib/X11/fonts/100dpi/,
/usr/lib/X11/fonts/75dpi/
# in decipoints
default-point-size = 120
# x1,y1,x2,y2,...
default-resolutions = 100,100,75,75

# font cache control, specified in kB
cache-hi-mark = 2048
cache-low-mark = 1433
cache-balance = 70

Home of configuration files for twm. The original Tabbed Window Manager.

xinit configuration files. 'xinit' is a configuration method of starting up an X session that is designed to used as part of a script. Normally, this is used at larger sites as part of a tailored login process.

Global xinitrc file, used by all X sessions started by xinit (startx). Its usage is of course overridden by a .xinitrc file located in the home directory of a user.

'adduser' configuration. The adduser command can create new users, groups and add existing users to existing groups. Adding users with adduser is much easier than adding them by hand. Adduser will choose appropriate UID and GID values, create a home directory, copy skeletal user configuration from /etc/skel, allow you to set an initial password and the GECOS field. Optionally a custom script can be executed after this commands. See adduser(8) and adduser.conf(5) for full documentation.

Has parameters to help adjust the software (kernel) time so that it matches the RTC.

This is the aliases file - it says who gets mail for whom. It was originally generated by `eximconfig', part of the exim package distributed with Debian, but it may edited by the mail system administrator. See exim info section for details of the things that can be configured here. An aliases database file (aliases.db) is built from the entries in the aliases files by the newaliases utility.

It is possible for several programs fulfilling the same or similar functions to be installed on a single system at the same time. For example, many systems have several text editors installed at once. This gives choice to the users of a system, allowing each to use a different editor, if desired, but makes it difficult for a program to make a good choice of editor to invoke if the user has not specified a particular preference.

The alternatives system aims to solve this problem. A generic name in the filesystem is shared by all files providing interchangeable functionality. The alternatives system and the system administrator together determine which actual file is referenced by this generic name. For example, if the text editors ed(1) and nvi(1) are both installed on the system, the alternatives system will cause the generic name /usr/bin/editor to refer to /usr/bin/nvi by default. The system administrator can override this and cause it to refer to /usr/bin/ed instead, and the alternatives system will not alter this setting until explicitly requested to do so.

The generic name is not a direct symbolic link to the selected alternative. Instead, it is a symbolic link to a name in the alternatives directory, which in turn is a symbolic link to the actual file referenced. This is done so that the system administrator's changes can be confined within the /etc directory.

This is Debian's next generation front-end for the dpkg package manager. It provides the apt-get utility and APT dselect method that provides a simpler, safer way to install and upgrade packages. APT features complete installation ordering, multiple source capability and several other unique features, see the Users Guide in /usr/share/doc/apt/guide.text.gz

deb cdrom:[Debian GNU/Linux 3.0 r0 _Woody_ - Official i386 Binary-7 (20020718)]/
          unstable contrib main non-US/contrib non-US/main
deb cdrom:[Debian GNU/Linux 3.0 r0 _Woody_ - Official i386 Binary-6 (20020718)]/
          unstable contrib main non-US/contrib non-US/main
deb cdrom:[Debian GNU/Linux 3.0 r0 _Woody_ - Official i386 Binary-5 (20020718)]/
          unstable contrib main non-US/contrib non-US/main
deb cdrom:[Debian GNU/Linux 3.0 r0 _Woody_ - Official i386 Binary-4 (20020718)]/
          unstable contrib main non-US/contrib non-US/main
deb cdrom:[Debian GNU/Linux 3.0 r0 _Woody_ - Official i386 Binary-3 (20020718)]/ 
          unstable contrib main non-US/contrib non-US/main
deb cdrom:[Debian GNU/Linux 3.0 r0 _Woody_ - Official i386 Binary-2 (20020718)]/ 
          unstable contrib main non-US/contrib non-US/main
deb cdrom:[Debian GNU/Linux 3.0 r0 _Woody_ - Official i386 Binary-1 (20020718)]/ 
          unstable contrib main non-US/contrib non-US/main

# deb https://security.debian.org/ stable/updates main

Contains a list of apt-sources from which packages may be installed via APT.

ALSA (Advanced Linux Sound Architecture) configuration file. It is normally created via alsactl or other third-party sound configuration utilities that may be specific to a distribution such as sndconfig from Redhat.

Users denied access to the at daemon. The 'at' command allows user to execute programs at an arbitrary time.

Configuration files for autoconf. 'autoconf' creates scripts to configure source code packages using templates. To create configure from configure.in, run the autoconf program with no arguments. autoconf processes configure.ac with the m4 macro processor, using the Autoconf macros. If you give autoconf an argument, it reads that file instead of configure.ac and writes the configuration script to the standard output instead of to configure. If you give autoconf the argument -, it reads the standard input instead of configure.ac and writes the configuration script on the standard output.

The Autoconf macros are defined in several files. Some of the files are distributed with Autoconf; autoconf reads them first. Then it looks for the optional file acsite.m4 in the directory that contains the distributed Autoconf macro files, and for the optional file aclocal.m4 in the current directory. Those files can contain your site's or the package's own Autoconf macro definitions. If a macro is defined in more than one of the files that autoconf reads, the last definition it reads overrides the earlier ones.

System wide functions and aliases' file for interactive bash shells.

Programmable completion functions for bash 2.05a.

This is the chat script used to dial out to your default service provider.

These directories contain scripts to be executed on a regular basis by the cron daemon.

'cron' configuration file. This file is for the cron table to setup the automatic running of system routines. A cron table can also be established for individual users. The location of these user cron table files will be explained later on.

# /etc/crontab: system-wide crontab
# Unlike any other crontab you don't have to run the `crontab'
# command to install the new version when you edit this file.
# This file also has a username field, that none of the other crontabs do.

SHELL=/bin/sh
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin

# m h dom mon dow user command
25 6 * * * root test -e /usr/sbin/anacron || run-parts --report /etc/cron.daily
47 6 * * 7 root test -e /usr/sbin/anacron || run-parts --report /etc/cron.weekly
52 6 1 * * root test -e /usr/sbin/anacron || run-parts --report /etc/cron.monthly
#

System-wide .login file for csh(1). This file is sourced on all invocations of the shell. It contains commands that are to be executed upon login and sometimes aliases also.

System-wide .logout file for csh(1). This file is sourced on all invocations of the shell. It contains commands that are to be executed upon logout.

System-wide .cshrc file for csh(1). This file is sourced on all invocations of the shell. This file should contain commands to set the command search path, plus other important environment variables. This file should not contain commands that produce output or assume the shell is attached to a tty.

Configuration files for the Common UNIX Printing System (CUPS). Files here are used to define client-specific parameters, such as the default server or default encryption settings.

'deluser' configuration files. The deluser command can remove users and groups and remove users from a given group. Deluser can optionally remove and backup the user's home directory and mail spool or all files on the system owned by him. Optionally a custom script can also be executed after each of the commands.

This daemon sets up the /dev filesystem for use. It creates required symbolic links in /dev and also creates (if so configured, as is the default) symbolic links to the "old" names for devices.

'devfsd' configuration files. This daemon sets up the /dev filesystem for use. It creates required symbolic links in /dev and also creates (if so configured, as is the default) symbolic links to the "old" names for devices.

'dhclient' configuration file and 'dhclient' script files respectively. It configures your system so that it may act as a client on a DHCP based network. It is essential to connect to the Internet nowadays.

#  /etc/dict.conf Written by Bob Hilliard <[email protected]>
#  1998/03/20.  Last revised Sun, 22 Nov 1998 18:10:04 -0500 This is
#  the configuration file for /usr/bin/dict.  In most cases only the
#  server keyword need be specified.  

#  This default configuration will try to access a dictd server on
#  the local host, failing that, it will try the public server.  In
#  many cases this will be slow, so you should comment out the line 
#  for the server that you don't want to use. To use any other 
#  server, enter its IP address in place of "dict.org".  

#  Refer to the dict manpage (man dict) for other options that could
#  be inserted in here.

server localhost 
server dict.org

dict is a client for the Dictionary Server Protocol (DICT), a TCP transaction based query/response protocol that provides access to dictionary definitions from a set of natural language dictionary databases.

Configuration file for the Linux DOS Emulator. DOSEMU is a PC Emulator application that allows Linux to run a DOS operating system in a virtual x86 machine. This allows you to run many DOS applications. It includes the FreeDOS kernel, color text and full keyboard emulation (via hotkeys) via terminal, built-in X support, IBM character set font, graphics capability at the console with most compatible video cards, DPMI support so you can run DOOM, CDROM support, builtin IPX and pktdrvr support. Note - 'dosemu' is simply a ported version of Corel's own PC-DOS.

Part of the exim package. This file contains email addresses to use for outgoing mail. Any local part not in here will be qualified by the system domain as normal. It should contain lines of the form:

ESD configuration files. The Enlightened sound daemon is designed to mix together several digitized audio streams for playback by a single device. Like nasd, artsd and rplay it also has the capability to play sounds remotely.

The control list of systems who want to access the system via NFS, a the list of directories that you would like to share and the permissions allocated on each share.

  # /etc/exports: the access control list for filesystems which may be
  # exported to NFS clients.  See exports(5).
  ## LTS-begin ##

  #
  # The lines between the 'LTS-begin' and the 'LTS-end' were added
  # on: Sun Feb 23 05:54:17 EST 2003 by the ltsp installation script.
  # For more information, visit the ltsp homepage
  # at https://www.ltsp.org
  #

  /opt/ltsp/i386                  192.168.0.0/255.255.255.0(ro,no_root_squash)
  /var/opt/ltsp/swapfiles         192.168.0.0/255.255.255.0(rw,no_root_squash)

  #
  # The following entries need to be uncommented if you want
  # Local App support in ltsp
  #
  #/home                  192.168.0.0/255.255.255.0(rw,no_root_squash)

  ## LTS-end ##

Floppy disk parameter table. Describes what different floppy disk formats look like. Used by setfdprm.

The configuration file for 'mount' and now 'supermount'. It lists the filesystems mounted automatically at startup by the mount -a command (in /etc/rc or equivalent startup file). Under Linux, also contains information about swap areas used automatically by swapon -a.

Determines who might get ftp-access to your machine.

List of ftp users that need to be chrooted.

List of disallowed ftp users.

Lists gateways for 'routed'.

Configures console-logins.

MIME magic patterns as used by the Gnome VFS library.

Similar to /etc/passwd. It lists the configured user groups and who belongs to them.

Old /etc/group file.

Contains encrypted forms of group passwords.

Old /etc/gshadow file.

Contains the hostname of your machine (can be fully qualified or not).

Determines the search order for look-ups (usually hosts bind, i.e. "check /etc/hosts first and then look for a DNS").

This file is used to define a system name and domain combination with a specific IP address. This file needs to always contain an entry for an IP address, if the machine is connected to the network.

  ### etherconf DEBCONF AREA. DO NOT EDIT THIS AREA OR INSERT TEXT BEFORE IT.
  127.0.0.1 localhost ::1 localhost
  ip6-localhost ip6-loopback
  fe00::0 ip6-localnet
  ff00::0 ip6-mcastprefix
  ff02::1 ip6-allnodes
  ff02::2 ip6-allrouters
  ff02::3 ip6-allhosts
  192.168.0.99 debian.localdomain.com debian
  ### END OF DEBCONF AREA. PLACE YOUR EDITS BELOW; THEY WILL BE PRESERVED.
  192.168.0.1 ws001
  

Part of the tcp-wrappers system to control access to your machine's services. It lists hosts that are allowed to access the system and specific daemons.

  # /etc/hosts.allow: list of hosts that are allowed to access the
  # system.
  # See the manual pages hosts_access(5), hosts_options(5)
  # and /usr/doc/netbase/portmapper.txt.gz
  #
  # Example: ALL: LOCAL @some_netgroup
  # ALL: .foobar.edu EXCEPT terminalserver.foobar.edu
  #
  # If you're going to protect the portmapper use the name "portmap"
  # for the daemon name. Remember that you can only use the keyword
  # "ALL" and IP addresses (NOT host or domain names) for the
  # portmapper. See portmap(8) and /usr/doc/portmap/portmapper.txt.gz
  # for further information.
  bootpd: 0.0.0.0 in.tftpd: 192.168.0.
  portmap: 192.168.0.
  rpc.mountd: 192.168.0.
  rpc.nfsd: 192.168.0.
  gdm: 192.168.0.
  nasd: 192.168.0.
  

part of the tcp-wrappers system to control access to your machine's services. It lists hosts that are not allowed to access the system.

  # Example: ALL: some.host.name, .some.domain
  # ALL EXCEPT in.fingerd: other.host.name, .other.domain
  #
  # If you're going to protect the portmapper use the name "portmap"
  # for the daemon name. Remember that you can only use the keyword
  # "ALL" and IP addresses (NOT host or domain names) for the
  # portmapper. See portmap(8) and /usr/doc/portmap/portmapper.txt.gz
  # for further information.
  #
  # The PARANOID wildcard matches any host whose name does not match
  # its address. You may wish to enable this to ensure any programs
  # that don't validate looked up hostnames still leave understandable
  # logs. In past versions of Debian this has been the default.
  # ALL: PARANOID
  

Apache configuration files. Apache is a versatile, high-performance HTTP server. The most popular server in the world, Apache features a modular design and supports dynamic selection of extension modules at runtime. Its strong points are its range of possible customization, dynamic adjustment of the number of server processes, and a whole range of available modules including many authentication mechanisms, server-parsed HTML, server-side includes, access control, CERN httpd metafiles emulation, proxy caching, etc. Apache also supports multiple virtual homing.

TCP/IP IDENT protocol server. It implements the TCP/IP proposed standard IDENT user identification protocol (RFC 1413). identd operates by looking up specific TCP/IP connections and returning the username of the process owning the connection. It can also return other information besides the username.

  # /etc/identd.conf - an example configuration file


  #-- The syslog facility for error messages
  # syslog:facility = daemon


  #-- User and group (from passwd database) to run as
  server:user = nobody

  #-- Override the group id
  # server:group = kmem

  #-- What port to listen on when started as a daemon or from /etc/inittab
  # server:port = 113

  #-- The socket backlog limit
  # server:backlog = 256

  #-- Where to write the file containing our process id
  # server:pid-file = "/var/run/identd/identd.pid"

  #-- Maximum number of concurrent requests allowed (0 = unlimited)
  # server:max-requests = 0

  #-- Enable some protocol extensions like "VERSION" or "QUIT"
  protocol:extensions = enabled

  #-- Allow multiple queries per connection
  protocol:multiquery = enabled

  #-- Timeout in seconds since connection or last query. Zero = disable
  # protocol:timeout = 120

  #-- Maximum number of threads doing kernel lookups
  # kernel:threads = 8

  #-- Maximum number of queued kernel lookup requests
  # kernel:buffers = 32

  #-- Maximum number of time to retry a kernel lookup in case of failure
  # kernel:attempts = 5



  #-- Disable username lookups (only return uid numbers)
  # result:uid-only = no

  #-- Enable the ".noident" file
  # result:noident = enabled

  #-- Charset token to return in replies
  # result:charset = "US-ASCII"

  #-- Opsys token to return in replies
  # result:opsys = "UNIX"

  #-- Log all request replies to syslog (none == don't)
  # result:syslog-level = none


  #-- Enable encryption (only available if linked with a DES library)
  # result:encrypt = no

  #-- Path to the DES key file (only available if linked with a DES library)
  # encrypt:key-file = "/usr/local/etc/identd.key"


  #-- Include a machine local configuration file
  # include = /etc/identd.conf
  

Configuration of services that are started by the INETD TCP/IP super server. 'inetd' is now deprecated. 'xinetd' has taken its place. See /etc/xinet.conf for further details.

  # /etc/inetd.conf:  see inetd(8) for further information.
  #
  # Internet server configuration database
  #
  #
  # Lines starting with "#:LABEL:" or "#<off>#" should not
  # be changed unless you know what you are doing!
  #
  # If you want to disable an entry so it isn't touched during
  # package updates just comment it out with a single '#' character.
  #
  # Packages should modify this file by using update-inetd(8)
  #
  # <service_name> <sock_type> <proto> 
  # <flags> <user> <server_path>
  # <args>
  #
  #:INTERNAL: Internal services
  #echo stream  tcp nowait root internal
  #echo dgram   udp wait root internal
  #chargen stream tcp   nowait root internal
  #chargen dgram udp    wait root internal
  discard stream tcp nowait root internal
  discard dgram udp wait root internal
  daytime stream tcp nowait root internal
  #daytime dgram udp wait root internal
  time stream tcp nowait root internal
  #time dgram udp wait root internal

  #:STANDARD: These are standard services.
  ftp stream tcp nowait root /usr/sbin/tcpd /usr/sbin/in.ftpd   
  telnet stream tcp nowait telnetd.telnetd /usr/sbin/tcpd 
                                           /usr/sbin/in.telnetd

  #:MAIL: Mail, news and uucp services.
  smtp stream tcp nowait mail /usr/sbin/exim exim -bs
  imap2  stream  tcp nowait root /usr/sbin/tcpd /usr/sbin/imapd
  imap3  stream  tcp nowait root /usr/sbin/tcpd /usr/sbin/imapd

  #:INFO: Info services
  ident stream tcp wait identd /usr/sbin/identd identd
  finger stream tcp nowait nobody /usr/sbin/tcpd 
                                  /usr/sbin/in.fingerd

  #:BOOT: Tftp service is provided primarily for booting.  
  #Most sites run this only on machines acting as "boot servers."
  tftp dgram udp wait nobody /usr/sbin/tcpd 
                             /usr/sbin/in.tftpd -s /tftpboot
  

Boot-time system configuration/initialization script. Tells init how to handle runlevels. It sets the default runlevel. This is run first except when booting in emergency (-b) mode. It also enables a user to startup a getty session on an external device such as the serial ports. To add terminals or dial-in modem lines to a system, just add more lines to /etc/inittab, one for each terminal or dial-in line. For more details, see the manual pages init, inittab, and getty. If a command fails when it starts, and init is configured to restart it, it will use a lot of system resources: init starts it, it fails, init starts it, it fails, and so on. To prevent this, init will keep track of how often it restarts a command, and if the frequency grows to high, it will delay for five minutes before restarting again. /etc/inittab also has some special features that allow init to react to special circumstances. powerwait Allows init to shut the system down, when the power fails. This assumes the use of a UPS, and software that watches the UPS and informs init that the power is off. ctrlaltdel Allows init to reboot the system, when the user presses ctrl-alt-del on the console keyboard. Note that the system administrator can configure the reaction to ctrl-alt-del to be something else instead, e.g., to be ignored, if the system is in a public location. sysinit Command to be run when the system is booted. This command usually cleans up /tmp, for example. The list above is not exhaustive. See your inittab manual page for all possibilities, and for details on how to use the ones above. To set (or reset) initial terminal colours. The following shell script should work for VGA consoles: for n in 1 2 4 5 6 7 8; do setterm -fore yellow -bold on -back blue -store > /dev/tty$n done Substitute your favorite colors, and use /dev/ttyS$n for serial terminals. To make sure they are reset when people log out (if they've been changed) replace the references to getty (or mingetty or uugetty or whatever) in /etc/inittab with references to /sbin/mygetty. #!/bin/sh setterm -fore yellow -bold on -back blue -store > $1 exec /sbin/mingetty $@ An example /etc/inittab is provided below.

  # /etc/inittab: init(8) configuration.
  # $Id: etc.xml,v 1.10 2004/02/03 21:42:57 binh Exp $
  # The default runlevel. id:2:initdefault:
  # Boot-time system configuration/initialization script.
  # This is run first except when booting in emergency (-b) mode.
  si::sysinit:/etc/init.d/rcS
  # What to do in single-user mode.
  ~~:S:wait:/sbin/sulogin
  # /etc/init.d executes the S and K scripts upon change
  # of runlevel.
  #
  # Runlevel 0 is halt.
  # Runlevel 1 is single-user.
  # Runlevels 2-5 are multi-user.
  # Runlevel 6 is reboot.
  l0:0:wait:/etc/init.d/rc 0 l1:1:wait:/etc/init.d/rc 1
  l2:2:wait:/etc/init.d/rc 2 l3:3:wait:/etc/init.d/rc 3
  l4:4:wait:/etc/init.d/rc 4 l5:5:wait:/etc/init.d/rc 5
  l6:6:wait:/etc/init.d/rc 6
  # Normally not reached, but fallthrough in case of emergency.
  z6:6:respawn:/sbin/sulogin
  # What to do when CTRL-ALT-DEL is pressed.
  ca:12345:ctrlaltdel:/sbin/shutdown -t1 -a -r now
  # Action on special keypress (ALT-UpArrow).
  #kb::kbrequest:/bin/echo "Keyboard Request
  #--edit /etc/inittab to let this work."
  # What to do when the power fails/returns.
  pf::powerwait:/etc/init.d/powerfail start
  pn::powerfailnow:/etc/init.d/powerfail now
  po::powerokwait:/etc/init.d/powerfail stop
  # /sbin/getty invocations for the runlevels.
  #
  # The "id" field MUST be the same as the last
  # characters of the device (after "tty").
  #
  # Format:
  # <id>:<runlevels>:<action>:<process>
  #
  # Note that on most Debian systems tty7 is used by the X Window System,
  # so if you want to add more getty's go ahead but skip tty7 if you run X.
  #
  1:2345:respawn:/sbin/getty 38400 tty1 2:23:respawn:/sbin/getty 38400 tty2
  3:23:respawn:/sbin/getty 38400 tty3 4:23:respawn:/sbin/getty 38400 tty4
  5:23:respawn:/sbin/getty 38400 tty5 6:23:respawn:/sbin/getty 38400 tty6
  # Example how to put a getty on a serial line (for a terminal)
  #
  #T0:23:respawn:/sbin/getty -L ttyS0 9600 vt100 
  #T1:23:respawn:/sbin/getty -L ttyS1 9600 vt100
  # Example how to put a getty on a modem line.
  #
  #T3:23:respawn:/sbin/mgetty -x0 -s 57600 ttyS3

  Undocumented features
  
  The letters A-C can be used to spawn a daemon listed in /etc/inittab. For
  example, assuming you want to start getty on a port to receive a call, but
  only after receiving a voice call first (and not all the time). Furthermore,
  you want to be able to receive a data or a fax call and that when you get
  the voice message you'll know which you want. You insert two new lines
  in /etc/inittab, each with its own ID, and each with a runlevel such as A
  for data and B for fax. When you know which you need, you simply spawn the
  appropriate daemon by calling 'telinit A' or 'telinit B'.
  The appropriate getty is put on the line until the first call is received.
  When the caller terminates the connection, the getty drops because, by
  definition, on demand will not respawn. The other two letters, S and Q, are
  special. S brings you system to maintenance mode and is the same as changing
  state to runlevel 1. The Q is used to tell init to reread inittab. The
  /etc/inittab file can be changed as often as required, but will only be read
  under certain circumstances: -One of its processes dies (do you need to
  respawn another?) -On a powerful signal from a power daemon (or a command
  line) -When told to change state by telinit The Q argument tells init to
  reread the /etc/inittab file. Even though it is called the System V runlevel
  system runlevels 7-9 are legitimate runlevels that can be used if necessary.
  The administrator must remember to alter the inittab file though and also to
  create the required rc?.d files.

Global inputrc for libreadline. Readline is a function that gets a line from a user and automatically edits it.

Configuration file for ISA based cards. This standard is virtually redundant in new systems. The 'isapnptools' suite of ISA Plug-And-Play configuration utilities is used to configure such devices. These programs are suitable for all systems, whether or not they include a PnP BIOS. In fact, PnP BIOS adds some complications because it may already activate some cards so that the drivers can find them, and these tools can unconfigure them, or change their settings causing all sorts of nasty effects.

ISDN configuration files.

Output by getty before the login prompt. Usually contains a short description or welcoming message to the system. The contents are up to the system administrator. Debian GNU/\s 3.0 \n \l

Presents the welcome screen to users who login remotely to your machine (whereas /etc/issue determines what a local user sees on login). Debian GNU/%s 3.0 %h

KDE initialization scripts and KDM configuration.

Location for the K Desktop Manager files. kdm manages a collection of X servers, which may be on the local host or remote machines. It provides services similar to those provided by init, getty, and login on character-based terminals: prompting for login name and password, authenticating the user, and running a session. kdm supports XDMCP (X Display Manager Control Protocol) and can also be used to run a chooser process which presents the user with a menu of possible hosts that offer XDMCP display management.

System wide KDE initialization script. Commands here executed every time the KDE environment is loaded. It's a link to /etc/kde2/system.kdeglobals

X libraries.

Local libraries.

Configuration file for the Linux boot loader 'lilo'. 'lilo' is the original OS loader and can load Linux and others. The 'lilo' package normally contains lilo (the installer) and boot-record-images to install Linux, OS/2, DOS and generic Boot Sectors of other Oses. You can use Lilo to manage your Master Boot Record (with a simple text screen, text menu or colorful splash graphics) or call 'lilo' from other boot-loaders to jump-start the Linux kernel.

This file lists locales that you wish to have built. You can find a list of valid supported locales at /usr/share/i18n/SUPPORTED. Other combinations are possible, but may not be well tested. If you change this file, you need to re-run locale-gen.

Locale name alias data base.

Configuration control definitions for the login package. An inordinate number of attributes can be altered via this single file such as the location of mail, delay in seconds after a failed login, enabling display of fail log information, display of unknown username login failures, shell environment variables, etc....

The logrotate utility is designed to simplify the administration of log files on a system which generates a lot of log files. Logrotate allows for the automatic rotation compression, removal and mailing of log files. Logrotate can be set to handle a log file daily, weekly, monthly or when the log file gets to a certain size. Normally, logrotate runs as a daily cron job.

  # see "man logrotate" for details
  # rotate log files weekly
  weekly

  # keep 4 weeks worth of backlogs
  rotate 4

  # create new (empty) log files after rotating old ones
  create

  # uncomment this if you want your log files compressed
  #compress

  # packages drop log rotation information into this directory
  include /etc/logrotate.d

  # no packages own wtmp, or btmp -- we'll rotate them here
  /var/log/wtmp {
      monthly
      create 0664 root utmp
      rotate 1
  }

  /var/log/btmp {
      missingok
      monthly
      create 0664 root utmp
      rotate 1
  }

  # system-specific logs may be configured here

Configuration file for ltrace (Library Call Tracer). It tracks runtime library calls in dynamically linked programs. 'ltrace' is a debugging program which runs a specified command until it exits. While the command is executing, ltrace intercepts and records the dynamic library calls which are called by the executed process and the signals received by that process. It can also intercept and print the system calls executed by the program. The program to be traced need not be recompiled for this, so you can use it on binaries for which you don't have the source handy. You should install ltrace if you need a sysadmin tool for tracking the execution of processes.

Magic local data and configuration file for the file(1) command. Contains the descriptions of various file formats based on which file guesses the type of the file. Insert here your local magic data. Format is described in magic(5).

Initialization file for 'mail'. 'mail' is an intelligent mail processing system which has a command syntax reminiscent of ed with lines replaced by messages. It's basically a command line version of Microsoft Outlook.

'metamail' capabilities file. The mailcap file is read by the metamail program to determine how to display non-text at the local site. The syntax of a mailcap file is quite simple, at least compared to termcap files. Any line that starts with "#" is a comment. Blank lines are ignored. Otherwise, each line defines a single mailcap entry for a single content type. Long lines may be continued by ending them with a backslash character, \. Each individual mailcap entry consists of a content-type specification, a command to execute, and (possibly) a set of optional "flag" values.

The mailcap ordering specifications. The order of entries in the /etc/mailcap file can be altered by editing the /etc/mailcap.order file. Each line of that file specifies a package and an optional mime type. Mailcap entries that match will be placed in the order of this file. Entries that don't match will be placed later.

Mail server hostname. Normally the same as the hostname.

The menu package was inspired by the install-fvwm2-menu program from the old fvwm2 package. However, menu tries to provide a more general interface for menu building. With the update-menus command from this package, no package needs to be modified for every X window manager again, and it provides a unified interface for both text-and X-oriented programs.

When a package that wants to add something to the menu tree gets installed, it will run update-menus in its postinstall script. Update-menus then reads in all menu files in /etc/menu/ /usr/lib/menu and /usr/lib/menu/default, and stores the menu entries of all installed packages in memory. Once that has been done, it will run the menu-methods in /etc/menu-methods/*, and pipe the information about the menu entries to the menu-methods on stdout, so that the menu-methods can read this. Each Window Manager or other program that wants to have the debian menu tree, will supply a menu-method script in /etc/menu-methods/. This menu-method then knows how to generate the startup-file for that window manager. To facilitate this task for the window-manager maintainers, menu provides a install-menu program. This program can generate the startup files for just about every window manager.

Configuration files for use of mgetty as the interface on the serial port. The mgetty routine special routine has special features for handling things such as dial up connections and fax connections.

MIME-TYPES and the extensions that represent them. This file is part of the "mime-support" package. Note: Compression schemes like "gzip", "bzip", and "compress" are not actually "mime-types". They are "encodings" and hence must _not_ have entries in this file to map their extensions. The "mime-type" of an encoded file refers to the type of data that has been encoded, not the type of the encoding.

'minicom' configuration files. 'minicom' is a communication program which somewhat resembles the shareware program TELIX but is free with source code and runs under most unices. Features include dialling directory with auto-redial, support for UUCP-style lock files on serial devices, a separate script language interpreter, capture to file, multiple users with individual configurations, and more.

List of modules to be loaded at startup.

  # /etc/modules: kernel modules to load at boot time.
  #
  # This file should contain the names of kernel modules that are
  # to be loaded at boot time, one per line. Comments begin with
  # a "#", and everything on the line after them are ignored.
  unix
  af_packet
  via-rhine
  cmpci
  ne2k-pci
  nvidia
  

These utilities are intended to make a Linux modular kernel manageable for all users, administrators and distribution maintainers.

Debian default mtools configuration file. The mtools series of commands work with MS-DOS files and directories on floppy disks. This allows you to use Linux with MS-DOS formatted diskettes on DOS and Windows systems.

This file is used by the man_db package to configure the man and cat paths. It is also used to provide a manpath for those without one by examining their PATH environment variable. For details see the manpath(5) man page.

Was formally named /etc/fdprm. See /etc/fdprm for further details.

The message of the day, automatically output after a successful login. Contents are up to the system administrator. Often used for getting information to every user, such as warnings about planned downtimes. Linux debian.localdomain.com 2.4.18 #1 Sat Mar 15 00:17:39 EST 2003 i686 unknown Most of the programs included with the Debian GNU/Linux system are freely redistributable; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law.

List of currently mounted filesystems. Initially set up by the bootup scripts, and updated automatically by the mount command. Used when a list of mounted filesystems is needed, e.g., by the df command. This file is sometimes a symbolic link to /proc/mounts.

List of networks that the system is currently located on. For example, 192.168.0.0.

System Database/Name Service Switch configuration file.

OSS (Open Sound System) configuration file.

This directory is the home of the configuration files for PAMs, Pluggable Authentication Modules.

Holds your postfix configuration files. Postfix is now the MTA of choice among Linux distributions. It is sendmail-compatible, offers improved speed over sendmail, ease of administration and security. It was originally developed by IBM and was called the IBM Secure Mailer and is used in many large commercial networks. It is now the de-facto standard.

The place where your dial-up configuration files are placed. More than likely to be created by the text menu based pppconfig or other GUI based ppp configuration utilities such as kppp or gnome-ppp.

Most programs use a file under the /etc/pam.d/ directory to setup their PAM service modules. This file is and can be used, but is not recommended.

Paper size configuration file.

Default papersize.

This is the 'old' password file, It is kept for compatibility and contains the user database, with fields giving the username, real name, home directory, encrypted password, and other information about each user. The format is documented in the passwd man(ual) page.

root:x:0:0:root:/root:/bin/bash daemon:x:1:1:daemon:/usr/sbin:/bin/sh
bin:x:2:2:bin:/bin:/bin/sh sys:x:3:3:sys:/dev:/bin/sh
sync:x:4:100:sync:/bin:/bin/sync games:x:5:100:games:/usr/games:/bin/sh
man:x:6:100:man:/var/cache/man:/bin/sh lp:x:7:7:lp:/var/spool/lpd:/bin/sh
mail:x:8:8:mail:/var/mail:/bin/sh news:x:9:9:news:/var/spool/news:/bin/sh
uucp:x:10:10:uucp:/var/spool/uucp:/bin/sh proxy:x:13:13:proxy:/bin:/bin/sh
postgres:x:31:32:postgres:/var/lib/postgres:/bin/sh
www-data:x:33:33:www-data:/var/www:/bin/sh
backup:x:34:34:backup:/var/backups:/bin/sh
operator:x:37:37:Operator:/var:/bin/sh
list:x:38:38:SmartList:/var/list:/bin/sh irc:x:39:39:ircd:/var:/bin/sh
gnats:x:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
nobody:x:65534:65534:nobody:/home:/bin/sh
binh:x:1000:1000:,,,:/home/binh:/bin/bash
identd:x:100:65534::/var/run/identd:/bin/false
sshd:x:101:65534::/var/run/sshd:/bin/false gdm:x:102:101:Gnome Display
Manager:/var/lib/gdm:/bin/false
telnetd:x:103:103::/usr/lib/telnetd:/bin/false
dummy:x:1001:1001:,,,:/home/dummy:/bin/bash

Old /etc/passwd file.

Printer configuration (capabilities) file. The definition of all system printers, whether local or remote, is stored in this file. Its layout is similar to that of /etc/termcap but it uses a different syntax.

Files and commands to be executed at login or startup time by the Bourne or C shells. These allow the system administrator to set global defaults for all users.

Shells scripts to be executed upon login to the Bourne or C shells. These scripts are normally called from the /etc/profile file.

Protocols definitions file. It describes the various DARPA Internet protocols that are available from the TCP/IP subsystem. It should be consulted instead of using the numbers in the ARPA include files or resorting to guesstimation. This file should be left untouched since changes could result in incorrect IP packages.

Configuration files for PCMCIA devices. Generally only useful to laptop users.

Configuration file for reportbug. Reportbug is primarily designed to report bugs in the Debian distribution. By default it creates an e-mail to the Debian bug tracking system at [email protected] with information about the bug. Using the -bts option you can report bugs to other servers also using ddebbugs such as KDE.org. It is similar to bug but has far greater capabilities while still maintaining simplicity.

These directories contain all the files necessary to control system services and configure runlevels. A skeleton file is provided in /etc/init.d/skeleton

The scripts in this directory are executed once when booting the system, even when booting directly into single user mode. The files are all symbolic links, the real files are located in /etc/init.d/. For a more general discussion of this technique, see /etc/init.d/README.

Configuration of how DNS is to occur is defined in this file. It tells the name resolver libraries where they need to go to find information not found in the /etc/hosts file. This always has at least one nameserver line, but preferably three. The resolver uses each in turn. More than the first three can be included but anything beyond the first three will be ignored. Two lines that appear in the /etc/resolv.conf file are domain and search. Both of these are mutually exclusive options, and where both show up, the last one wins. Other entries beyond the three discussed here are listed in the man pages but aren't often used.

This is not a mistake. This shell script (/etc/rmt) has been provided for compatibility with other Unix-like systems, some of which have utilities that expect to find (and execute) rmt in the /etc directory on remote systems.

The rpc file contains user readable names that can be used in place of rpc program numbers. Each line has the following information: -name of server for the rpc program -rpc program number -aliases Items are separated by any number of blanks and/or tab characters. A ``#'' indicates the beginning of a comment; characters up to the end of the line are not interpreted by routines which search the file.

  # /etc/rpc:
  # $Id: etc.xml,v 1.10 2004/02/03 21:42:57 binh Exp $
  #
  # rpc 88/08/01 4.0 RPCSRC; from 1.12   88/02/07 SMI

  portmapper    100000  portmap sunrpc
  rstatd                100001  rstat rstat_svc rup perfmeter
  rusersd               100002  rusers
  nfs           100003  nfsprog
  ypserv                100004  ypprog
  mountd                100005  mount showmount
  ypbind                100007
  walld         100008  rwall shutdown
  yppasswdd     100009  yppasswd
  etherstatd    100010  etherstat
  rquotad               100011  rquotaprog quota rquota
  sprayd                100012  spray
  3270_mapper   100013
  rje_mapper    100014
  selection_svc 100015  selnsvc
  database_svc  100016
  rexd          100017  rex
  alis          100018
  sched         100019
  llockmgr      100020
  nlockmgr      100021
  x25.inr               100022
  statmon               100023
  status                100024
  bootparam     100026
  ypupdated     100028  ypupdate
  keyserv               100029  keyserver
  tfsd          100037 
  nsed          100038
  nsemntd               100039
  pcnfsd                150001
  amd           300019  amq
  sgi_fam               391002
  ugidd         545580417
  bwnfsd          788585389
  

Samba configuration files. A 'LanManager' like file and printer server for Unix. The Samba software suite is a collection of programs that implements the SMB protocol for unix systems, allowing you to serve files and printers to Windows, NT, OS/2 and DOS clients. This protocol is sometimes also referred to as the LanManager or NetBIOS protocol.

Sane configuration files. SANE stands for "Scanner Access Now Easy" and is an application programming interface (API) that provides standardized access to any raster image scanner hardware (flatbed scanner, hand-held scanner, video- and still-cameras, frame-grabbers, etc.). The SANE API is public domain and its discussion and development is open to everybody. The current source code is written for UNIX (including GNU/Linux) and is available under the GNU General Public License (the SANE API is available to proprietary applications and backends as well, however).

SANE is a universal scanner interface. The value of such a universal interface is that it allows writing just one driver per image acquisition device rather than one driver for each device and application. So, if you have three applications and four devices, traditionally you'd have had to write 12 different programs. With SANE, this number is reduced to seven: the three applications plus the four drivers. Of course, the savings get even bigger as more and more drivers and/or applications are added.

Not only does SANE reduce development time and code duplication, it also raises the level at which applications can work. As such, it will enable applications that were previously unheard of in the UNIX world. While SANE is primarily targeted at a UNIX environment, the standard has been carefully designed to make it possible to implement the API on virtually any hardware or operating system.

While SANE is an acronym for ``Scanner Access Now Easy'' the hope is of course that SANE is indeed sane in the sense that it will allow easy implementation of the API while accommodating all features required by today's scanner hardware and applications. Specifically, SANE should be broad enough to accommodate devices such as scanners, digital still and video cameras, as well as virtual devices like image file filters.

If you're familiar with TWAIN, you may wonder why there is a need for SANE. Simply put, TWAIN does not separate the user-interface from the driver of a device. This, unfortunately, makes it difficult, if not impossible, to provide network transparent access to image acquisition devices (which is useful if you have a LAN full of machines, but scanners connected to only one or two machines; it's obviously also useful for remote-controlled cameras and such). It also means that any particular TWAIN driver is pretty much married to a particular GUI API (be it Win32 or the Mac API). In contrast, SANE cleanly separates device controls from their representation in a user-interface. As a result, SANE has no difficulty supporting command-line driven interfaces or network-transparent scanning. For these reasons, it is unlikely that there will ever be a SANE backend that can talk to a TWAIN driver. The converse is no problem though: it would be pretty straight forward to access SANE devices through a TWAIN source. In summary, if TWAIN had been just a little better designed, there would have been no reason for SANE to exist, but things being the way they are, TWAIN simply isn't SANE.

Identifies secure terminals, i.e., the terminals from which root is allowed to log in. Typically only the virtual consoles are listed, so that it becomes impossible (or at least harder) to gain superuser privileges by breaking into a system over a modem or a network.

Configuration file for libsensors. A set of libraries designed to ascertain current hardware states via motherboard sensor chips. Useful statistics such as core voltages, CPU temperature can be determined through third party utilities that make user of these libraries such as 'gkrellm'. If you do not wish to install these packages you may also utilise the /proc filesystem real-time nature.

Sudoers file. This file must be edited with the 'visudo' command as root. The sudo command allows an authenticated user to execute an authorized command as root. Both the effective UID and GID are set to 0 (you are basically root). It determines which users are authorized and which commands they are authorized to use. Configuration of this command is via this file.

Shadow password file on systems with shadow password software installed (PAMs). Shadow passwords move the encrypted password from /etc/passwd into /etc/shadow; the latter is not readable by anyone except root. This makes it more difficult to crack passwords.

Old /etc/shadow file.

Configuration file for setting system variables, most notably kernel parameters. 'sysctl' is a means of configuring certain aspects of the kernel at run-time, and the /proc/sys/ directory is there so that you don't even need special tools to do it!

Essential to security. This subdirectory allows administrators to impose quota limits, access limits and also to configure PAM environments.

Serial port configuration. Changeable parameters include speed, baud rate, port, irq and type.

A definition of the networks, services and the associated port for each protocol that are available on this system. For example, web services (http) are assigned to port 80 by default. # /etc/services: # $Id: etc.xml,v 1.10 2004/02/03 21:42:57 binh Exp $ # # Network services, Internet style # # Note that it is presently the policy of IANA to assign a single # well-known port number for both TCP and UDP; hence, most entries # here have two entries even if the protocol doesn't support UDP # operations. Updated from RFC 1700, ``Assigned Numbers'' (October # 1994). Not all ports are included, only the more common ones. echo 7/tcp echo 7/udp discard 9/tcp sink null discard 9/udp sink null systat 11/tcp users daytime 13/tcp daytime 13/udp netstat 15/tcp qotd 17/tcp quote msp 18/tcp # message send protocol msp 18/udp # message send protocol chargen 19/tcp ttytst source chargen 19/udp ttytst source ftp-data 20/tcp ftp 21/tcp fsp 21/udp fspd ssh 22/tcp # SSH Remote Login Protocol ssh 22/udp # SSH Remote Login Protocol telnet 23/tcp # 24 - private smtp 25/tcp mail # 26 - unassigned time 37/tcp timserver time 37/udp timserver rlp 39/udp resource # resource location nameserver 42/tcp name # IEN 116 whois 43/tcp nicname re-mail-ck 50/tcp # Remote Mail Checking Protocol re-mail-ck 50/udp # Remote Mail Checking Protocol domain 53/tcp nameserver # name-domain server domain 53/udp nameserver netbios-ns 137/tcp # NETBIOS Name Service netbios-ns 137/udp netbios-dgm 138/tcp # NETBIOS Datagram Service netbios-dgm 138/udp netbios-ssn 139/tcp # NETBIOS session service netbios-ssn 139/udp x11 6000/tcp x11-0 # X windows system x11 6000/udp x11-0 # X windows system

Lists trusted shells. The chsh command allows users to change their login shell only to shells listed in this file. ftpd, the server process that provides FTP services for a machine, will check that the user's shell is listed in /etc/shells and will not let people log in unless the shell is listed there. There are also some display managers that will passively or actively (dependent upon on distribution and display manager being used) refuse a user access to the system unless their shell is one of those listed here.

The default files for each new user are stored in this directory. Each time a new user is added, these skeleton files are copied into their home directory. An average system would have: .alias, .bash_profile, .bashrc and .cshrc files. Other files are left up to the system administrator.

This directory contains configuration files and subdirectories for the setup of system configuration specifics and for the boot process, like 'clock', which sets the timezone, or 'keyboard' which controls the keyboard map. The contents may vary drastically depending on which distribution and what utilities you have installed. For example, on a Redhat or Mandrake based system it is possible to alter an endless array of attributes from the default desktop to whether DMA should be enabled for your IDE devices. On our Debian reference system though this folder is almost expedient containing only two files hwconf and soundcard which are both configured by the Redhat utilities hwconf and sndconfig respectively.

Configuration files for the setup and operation of SLIP (serial line IP) interface. Generally unused nowadays. This protocol has been superceded by the faster and more efficient PPP protocol.

This is the system wide screenrc. You can use this file to change the default behavior of screen system wide or copy it to ~/.screenrc and use it as a starting point for your own settings. Commands in this file are used to set options, bind screen functions to keys, redefine terminal capabilities, and to automatically establish one or more windows at the beginning of your screen session. This is not a comprehensive list of options, look at the screen manual for details on everything that you can put in this file.

A free electronic cataloging system for documentation. It stores metadata specified by the https://www.ibiblio.org/osrt/omf/ (Open Source Metadata Framework) as well as certain metadata extracted directly from documents (such as the table of contents). It provides various functionality pertaining to this metadata to help browsers, such as sorting the registered documents or searching the metadata for documents which satisfy a set of criteria.

'ssh' configuration files. 'ssh' is a secure rlogin/rsh/rcp replacement (OpenSSH). This is the portable version of OpenSSH, a free implementation of the Secure Shell protocol as specified by the IETF secsh working group. 'ssh' (Secure Shell) is a program for logging into a remote machine and for executing commands on a remote machine. It provides secure encrypted communications between two untrusted hosts over an insecure network. X11 connections and arbitrary TCP/IP ports can also be forwarded over the secure channel. It is intended as a replacement for rlogin, rsh and rcp, and can be used to provide applications with a secure communication channel. It should be noted that in some countries, particularly Iraq, and Pakistan, it may be illegal to use any encryption at all without a special permit.

Lists where log files should go, what messages are written to them and the level of verbosity. It is also now possible to filter based on message content, message integrity, message encryption (near future), portability and better network forwarding.

The terminal capability database. Describes the "escape sequences" by which various terminals can be controlled. Programs are written so that instead of directly outputting an escape sequence that only works on a particular brand of terminal, they look up the correct sequence to do whatever it is they want to do in /etc/termcap. As a result most programs work with most kinds of terminals.

local timezone.

Sets environment variables that are used by updatedb which therefore configures the database for 'locate', a utility that locates a pattern in a database of filenames and returns the filenames that match.

  # This file sets environment variables which are used by updatedb

  # filesystems which are pruned from updatedb database
  PRUNEFS="NFS nfs afs proc smbfs autofs auto iso9660 ncpfs coda devpts ftpfs"
  export PRUNEFS
  # paths which are pruned from updatedb database
  PRUNEPATHS="/tmp /usr/tmp /var/tmp /afs /amd /alex /var/spool"
  export PRUNEPATHS
  # netpaths which are added
  NETPATHS=""
  export NETPATHS
  

The configuration file for the svgalib is stored in this directory. svgalib provides graphics capabilities to programs running on the system console, without going through the X Window System. It uses direct access to the video hardware to provide low-level access to the standard VGA and SVGA graphics modes. It only works with some video hardware; so use with caution.

Contains configuration files for both vim and its X based counterpart gvim. A wide range of options can be accessed though these two files such as automatic indentation, syntax highlighting, etc....

The original 'inetd' daemon has now been superceded by the much improved 'xinetd'. 'inetd' should be run at boot time by /etc/init.d/inetd (or /etc/rc.local on some systems). It then listens for connections on certain Internet sockets. When a connection is found on one of its sockets, it decides what service the socket corresponds to, and invokes a program to service the request. After the program is finished, it continues to listen on the socket (except in some cases). Essentially, inetd allows running one daemon to invoke several others, reducing load on the system. Services controlled via xinetd put their configuration files here.

System-wide .zlogin file for zsh(1). This file is sourced only for login shells. It should contain commands that should be executed only in login shells. It should be used to set the terminal type and run a series of external commands (fortune, msgs, from, etc.)

Commands to be executed upon user exit from the zsh. Its control is system-wide but the .zlogout file for zsh(1) does override it in terms of importance.

System-wide .zprofile file for zsh(1). This file is sourced only for login shells (i.e. Shells invoked with "-" as the first character of argv[0], and shells invoked with the -l flag.)

System-wide .zshenv file for zsh(1). This file is sourced on all invocations of the shell. If the -f flag is present or if the NO_RCS option is set within this file, all other initialization files are skipped. This file should contain commands to set the command search path, plus other important environment variables. This file should not contain commands that produce output or assume the shell is attached to a tty.

System-wide .zshrc file for zsh(1). This file is sourced only for interactive shells. It should contain commands to set up aliases, functions, options, key bindings, etc.