Linux 区分“普通”可执行文件和用于系统维护和/或管理任务的可执行文件。后者位于此处或 - 不太重要的 - 位于 /usr/sbin 中。本地安装的系统管理程序应放置在 /usr/local/sbin 中。
通常,在 /usr 被知晓已挂载(没有问题时)之后执行的程序会放置在 /usr/sbin 中。此目录包含对系统运行至关重要的二进制文件。这些文件包括系统管理以及维护和硬件配置程序。您可能会在这里找到 lilo、fdisk、init、ifconfig 等程序。
另一个包含系统二进制文件的目录是 /usr/sbin。此目录包含其他对系统管理员有用的二进制文件。您将在这里找到系统的网络守护程序以及其他(通常)只有系统管理员才能访问,但系统维护和修复不需要的其他二进制文件。通常,这些目录永远不是普通用户的 $PATH 的一部分,而只是 root 用户的 $PATH 的一部分(PATH 是一个环境变量,用于控制系统尝试查找命令的位置顺序)。
FSSTND 指出
/sbin should contain only binaries essential for booting, restoring, recovering, and/or repairing the system in addition to the binaries in /bin. |
Linux 文件系统层次结构的一个特殊怪癖是,最初 /sbin 二进制文件保存在 /etc 中。
Deciding what things go into "sbin" directories is simple: if a normal (not a system administrator) user will ever run it directly, then it must be placed in one of the "bin" directories. Ordinary users should not have to place any of the sbin directories in their path. For example, files such as chfn which users only occasionally use must still be placed in /usr/bin. ping, although it is absolutely necessary for root (network recovery and diagnosis) is often used by users and must live in /bin for that reason. We recommend that users have read and execute permission for everything in /sbin except, perhaps, certain setuid and setgid programs. The division between /bin and /sbin was not created for security reasons or to prevent users from seeing the operating system, but to provide a good partition between binaries that everyone uses and ones that are primarily used for administration tasks. There is no inherent security advantage in making /sbin off-limits for users. |
FSSTND 合规性要求 /sbin 中必须包含以下命令或指向命令的符号链接。
shutdown Command to bring the system down.
|
如果安装了相应的子系统,则以下文件或指向文件的符号链接必须位于 /sbin 中
fastboot Reboot the system without checking the disks (optional)
fasthalt Stop the system without checking the disks (optional)
fdisk Partition table manipulator (optional)
fsck File system check and repair utility (optional)
fsck.* File system check and repair utility for a specific filesystem (optional)
getty The getty program (optional)
halt Command to stop the system (optional)
ifconfig Configure a network interface (optional)
init Initial process (optional)
mkfs Command to build a filesystem (optional)
mkfs.* Command to build a specific filesystem (optional)
mkswap Command to set up a swap area (optional)
reboot Command to reboot the system (optional)
route IP routing table utility (optional)
swapon Enable paging and swapping (optional)
swapoff Disable paging and swapping (optional)
update Daemon to periodically flush filesystem buffers (optional)
|