Files and Filesystem

Linux follows a hierarchical file system, known as the Filesystem Hierarchy Standard (FHS). The parent of every folder is called the root and corresponds to /.

A common Linux philosophy is to think "everything is a file."

  • Regular files 🗃ī¸
  • Folders/Directories 📂
  • Hard Drives (/mnt/) 💾
  • Terminals And Devices (/dev/) 🤖
  • ...

See the first character of the output of ls -l.

Files and Folders starting with . (dot) are hidden 🤐 (ex: .config).

Linux supports multiple filesystems. Ext4 is the default one for many Linux distributions and one of the most widely used.

Common folders

linuxfundamentalspart2 linuxfundamentals

User Home (domicile) 🏡

Each user has their own folder, with their documents...

  • The home of username is commonly at /home/username/
  • See the environment variable $HOME.
  • See the file /etc/passwd for the path of each user home
  • The home folder of root is usually at /root

Binaries ⚒ī¸

Folders are used to store commands and binaries.

  • /bin/: system binaries
  • /usr/bin/: all users binaries
  • /usr/local/bin/: user binaries

System folders 🏭

System configurations are commonly stored in /etc/.

System logs and application logs are usually stored in /var/log/.

Other folders 🧑‍đŸ’ģ

  • /mnt: mounted device/hard drives (D:, USB...)
  • /tmp: a trash folder cleaned on reboot

Common files

linuxfundamentalspart2 linuxfundamentals

Empty file 🧭

The file /dev/null is a sort of "trash file" in which everything you write inside is deleted. It's useful when redirecting error output.

Configuration files 🏭

  • /etc/passwd: username, their UID, their GID, their home folder
  • /etc/shadow (root): users and their hashed password
  • /etc/group: list of groups and their GID
  • /etc/hosts (root): map a domain to an IP, can be edited manually
  • /etc/resolv.conf: automatically filled when selecting a network card. It contains DNS settings and other related settings.


The file /etc/sudoers is a system configuration file defining which commands a user can run as another user, usually root.

For instance, to run any command as root without a password:


Here, tar can be run as user2 without a password:

username ALL=(user2) NOPASSWD:/bin/tar



Partitions are a way to divide a physical storage device, such as a hard drive. They allow us to isolate and enforce individual restrictions.

Partitions are mounted at specific mount points within the FHS. The root partition is often mounted at /. We often have separate partitions for folders such as /home, /tmp, /var or /mnt.

The file /etc/fstab defines the partitions to create at system startup. The /proc/mounts contains all mounted partitions right now.

$ cat /etc/fstab
/dev/sda1 / ext4 defaults    0 2
$ cat /proc/mounts
/dev/sda1 / ext4 rw,relatime 0 0

Related commands đŸ”Ĩ

  • Create a filesystem 🆕: mkfs (mkfs.ext4...)
  • Devices list 📃: fdisk, lsblk
  • Devices data 📌: sudo blkid, df -h
  • List partitions 📚: parted, gparted
  • Create partition 🆕: fdisk, parted, gparted
  • Edit partition ✍ī¸: fdisk, parted, gparted
  • Delete partition 🚮: fdisk, parted, gparted

The mount command is used to mount a partition:

$ sudo mount /path/to/source /path/to/dest
$ sudo mount -t loop rootfs.ext4 # mounted at /mnt/rootfs.ext4/

Edit a filesystem

A filesystem may be stored in a file, such as rootfs.ext4 for an EXT4 filesystem. It could be a backup or something similar.

You can use tools such as mount or debugfs to inspect the filesystem contents and edit them.

To create an empty filesystem for testing:

$ dd if=/dev/zero of=rootfs.ext4 bs=1M count=200 # 200 MB
$ mkfs.ext4 rootfs.ext4                          # format
$ e2fsck -f rootfs.ext4                          # check fs


The most common is to use mount. It unpacks the filesystem allowing us to use any commands we want:

$ sudo mkdir /mnt/tmp_rootfs        # create mount point 
$ sudo mount -o loop rootfs.ext4 /mnt/tmp_rootfs # mount
[do your changes]
$ sudo umount /mnt/tmp_rootfs       # unmount

ī¸âžĄī¸ We can use chroot to change the root directory for commands.


Debugfs is a tool that you can use to edit a filesystem without having to extract it (using mount/umount).

$ debugfs xxx.ext4 [...]    # open fs as read-only
$ debugfs -w xxx.ext4 [...] # open fs as read-write
$ debugfs -f file.cmd [...] # run commands in file
$ debugfs
debugfs> open -w xxx.ext4   # open fs as...
debugfs> ls                 # ls current folder on fs 
debugfs> cd /path/to/dest   # navigate in fs 
debugfs> mkdir folder       # create folder in fs
debugfs> rm file_or_folder  # remove ... in fs
debugfs> # copy local file to fs
debugfs> # ⚠ī¸ The right value cannot be a path.
debugfs> write /local/path/to/file filename
debugfs> # copy file on fs to host
debugfs> dump filename /local/path/to/file 
debugfs> # filename links to /path/to/...
debugfs> symlink filename /path/to/linked/file
debugfs> q                 # quit


Gnome Partition Editor (GParted) is a graphical front-end to the parted command. It allows us to create, edit, resize, or delete partitions.

$ sudo apt-get install gparted
$ sudo gparted
  1. In the top-right corner, select a disk.
  2. Right-click on an existing partition or on the unallocated disk space.
  3. You can select operations such as new to create a new partition.

Each planned operation is pending until confirmation:

GParted Pending

You can apply them using either:

  • Edit > Apply All Operations
  • Right-click on pending operations > Apply All Operations

đŸ‘ģ To-do đŸ‘ģ

Stuff that I found, but never read/used yet.

  • sync command
  • .local/share/Trash
  • .config