Today, I will share 50 important Linux configuration files that every operations engineer should be familiar with. How many do you know?
1 User and Permission Management Related
| File Path | Function and Purpose |
|---|---|
<span><span>/etc/passwd</span></span> |
Stores basic information for all users, such as username, UID, GID, home directory, and default shell. It is the first step for the system to identify users. |
<span>/etc/shadow</span> |
Stores encrypted user passwords and password policies (validity period, minimum modification days, etc.). Readable only by root, enhancing account security. |
<span>/etc/group</span> |
Stores user group information for the system. Used for permission management, controlling user access to files and services. |
<span>/etc/gshadow</span> |
Stores encrypted user group password information. Used to enhance group access control security. |
<span><span>/etc/sudoers</span></span> |
Configures which users/groups can use sudo to execute privileged commands and their permissions. Must be edited using <span>visudo</span> to prevent configuration errors. |
<span><span>/etc/login.defs</span></span> |
Defines default policies for user accounts, such as password validity period, UID range, account expiration time, etc. |
<span><span>/etc/skel/</span></span> |
Stores template files that are copied by default for new users, such as <span>.bashrc</span>, used to initialize user environments. |
<span><span>/etc/security/limits.conf</span></span> |
Sets resource limits for each user or group, such as maximum number of processes and maximum number of open files. Commonly used to prevent resource abuse. |
<span><span>/etc/pam.d/</span></span> |
PAM configuration directory, controlling authentication logic for login, sudo, su, etc. |
<span>/var/log/lastlog</span> |
Binary format, records the last login time, IP, and terminal for all users. Viewable using <span>lastlog</span>. |
2 Network Configuration and Access Control Related
| File Path | Function and Purpose |
|---|---|
<span><span>/etc/hosts</span></span> |
Local DNS mapping, domain name resolution takes precedence over remote DNS. Commonly used for internal network resolution and testing domain names. |
<span><span>/etc/resolv.conf</span></span> |
DNS server configuration file, the system defines domain name resolution through the nameserver specified here. |
<span><span>/etc/hostname</span></span> |
Current hostname configuration, affects command line prompts and host identification. |
<span><span>/etc/nsswitch.conf</span></span> |
Controls the order of sources for resolving hosts, users, and service names (e.g., files, dns, ldap). |
<span><span>/etc/hosts.allow</span></span> |
TCP Wrapper whitelist, allows specific IPs to access certain services. |
<span><span>/etc/hosts.deny</span></span> |
TCP Wrapper blacklist, denies access requests from specific IPs to certain services. |
<span><span>/etc/network/interfaces</span></span> (Ubuntu) |
Legacy network interface configuration file, defines IP, mask, gateway, etc. for network cards. |
<span><span>/etc/sysconfig/network</span></span> (Red Hat) |
Global network configuration (e.g., hostname, default gateway), applicable to early RHEL systems. |
<span><span>/etc/sysconfig/network-scripts/ifcfg-*</span></span> |
Each network card has a configuration file defining parameters like IP, DNS, gateway, etc. |
<span><span>/etc/netplan/*.yaml</span></span> |
Default network configuration system for Ubuntu 18.04 and later, defines network structure using YAML format. |
3 System Boot and Service Management Related
| File Path | Function and Purpose |
|---|---|
<span><span>/etc/fstab</span></span> |
Sets disks, partitions, and network storage to be automatically mounted at system boot. Incorrect entries may prevent the system from booting. |
<span>/etc/rc.local</span> |
Startup script that executes automatically after the system boots. Suitable for executing one-time initialization commands. |
<span><span>/etc/inittab</span></span> |
SysV-style initialization configuration file, mostly replaced by systemd in modern systems. |
<span><span>/etc/systemd/system/*.service</span></span> |
User-defined systemd service unit files, supporting boot startup and custom service management. |
<span><span>/usr/lib/systemd/system/*.service</span></span> |
Default service file path for system services, usually written here by installation packages. Manual modifications are not recommended. |
<span><span>/etc/init.d/</span></span> |
SysV-init service script directory, compatible with older system startup methods. |
<span><span>/etc/default/grub</span></span> |
Default configuration file for the GRUB boot menu, modifications require running <span>update-grub</span> to generate the actual configuration. |
<span><span>/boot/grub2/grub.cfg</span></span> |
Configuration file actually used by the GRUB bootloader. Automatically generated by <span>/etc/default/grub</span>. |
<span><span>/etc/sysctl.conf</span></span> |
Configures kernel parameters, such as TCP cache, connection count, forwarding, etc. Can be loaded using <span>sysctl -p</span>. |
<span><span>/etc/modprobe.d/*.conf</span></span> |
Defines rules for loading or blacklisting kernel modules. For example, disabling USB storage modules. |
4 Logs and System Auditing Related
| File Path | Function and Purpose |
|---|---|
<span><span>/var/log/messages</span></span> |
System log summary (CentOS), contains operational information for services, hardware, network, etc. |
<span>/var/log/syslog</span> |
General system log (Ubuntu/Debian), similar functionality to messages. |
<span>/var/log/auth.log</span> |
Authentication log, records login, sudo usage, password verification, and other operations. |
<span>/var/log/secure</span> |
Authentication log for CentOS, functions similarly to auth.log. |
<span><span>/var/log/dmesg</span></span> |
Records kernel startup information and driver loading, suitable for checking hardware recognition status. |
<span><span>/var/log/boot.log</span></span> |
Service startup output during each system boot process. |
<span><span>/var/log/wtmp</span></span> |
Login and logout history (binary), viewable using <span>last</span>. |
<span><span>/var/log/btmp</span></span> |
Login failure records (binary), viewable using <span>lastb</span> to check for brute force risks. |
<span><span>/var/log/cron</span></span> |
Log of scheduled task executions, an important basis for checking if crontab is running normally. |
<span><span>/var/log/kern.log</span></span> |
Kernel-level log, records device drivers, kernel panic, exceptions, etc. |
5 User Environment and Shell Configuration Related
| File Path | Function and Purpose |
|---|---|
<span><span>/etc/profile</span></span> |
Shell initialization script read by all users upon login, suitable for setting global variables, umask, PATH, etc. |
<span><span>~/.bash_profile</span></span> |
User-level login shell script, executed only once during login shell. |
<span>~/.bashrc</span> |
User-level interactive shell configuration, executed every time a new terminal is opened. |
<span>/etc/bashrc</span> |
Bash shell configuration file for all users, also called by non-interactive shells. |
<span>/etc/environment</span> |
System-level environment variable configuration file, does not parse shell commands, only sets variable values. |
6 Scheduled Tasks and Scheduling Related
| File Path | Function and Purpose |
|---|---|
<span><span>/etc/crontab</span></span> |
System-level scheduled task file, can set the user to which the task belongs, suitable for system service scheduling. |
<span><span>/etc/cron.d/</span></span> |
Directory for crontab configurations for application-level or system-level services, supports custom scripts. |
<span><span>/var/spool/cron/</span></span> |
Directory where scheduled tasks created by users using <span>crontab -e</span> are saved, named after the username. |
7 System Information and Status Viewing Related
| File Path | Function and Purpose |
|---|---|
<span><span>/proc/cpuinfo</span></span> |
Displays information about the current CPU, including model, core count, thread count, frequency, etc. |
<span><span>/proc/meminfo</span></span> |
Displays detailed memory information, including total memory, remaining memory, buffer, cache, etc. |
-
Witnessing the rise and fall of high-rise buildings, Oracle disbands MySQL team, the community version is in jeopardy!
-
The disappearing database giants, now only three remain!
-
Give each language 1GB of memory, let’s see who dies first!
-
The white paper “AI Data Analysis: Development and Application Practice of ChatBI” is officially online (with download)!
-
One-click inspection script for Linux, highly recommended to save!
-
MySQL is in trouble! The father of Vitess, Sugu, “defects” to Postgres to create a new database, is this really going to turn the table?
-
Why after DeepSeek’s rise, people think of massive layoffs instead of implementing a three-day work week?
-
Apple “takes drastic measures” to abandon Java, rewriting key services in its own language Swift: 90% memory reduction, 40% performance increase!
-
Breaking news! The electronic book “Core System Distributed Database Selection Guide” is officially online (with download)!
-
Unlocking the key to data architecture modernization, the electronic book “Real-time Data Warehouse Selection Guide” is officially online!