2

I was searching this site for good answer to my question, the best I could find was this. (I'd guess to put my config in /etc, application in /usr/local/bin and data in either /home/firda/.tunnel or somewhere in /var or /srv or /usr.)

Preface:

I am writing server application in C++. It should stand inbetween other servers, mobile applications and units (small devices e.g. in car). It would generally listen on TCP port (to handle clients = mobile appplications and servers) and UDP port (where data would go from/to ipsec/racoon and/or open port - communication with devices, custom protocol). It does not need root's privileges (port > 1000, e.g. 11235), so, I have decided to set SUID bit and assign the ownership to my account (to make it run under my account even if I start it as root). This is how I deploy it now (from MAKEFILE)

deploy      := /usr/local/bin
user        := firda
name        := tunnel
watchdog    := tunnel-watchdog
names       := $(name) $(watchdog)

deploy:
    cp $(names) $(deploy)/
    chown $(user):$(user) $(patsubst %,$(deploy)/%,$(names))
    chmod a-rwx,u+xs $(patsubst %,$(deploy)/%,$(names))
    $(deploy)/$(watchdog)

and added /usr/local/bin/tunnel-watchdog to /etc/rc.local (tunnel-watchdog just forks to run tunnel and restart it if it dies). When I want to deploy it, I copy the sources to my home directory (/home/firda/tunnel), type make test to build and self-test it (under non-root account), then kill those two running processes (after ps -fu firda to know PIDs) and type make deploy to copy new executables to /usr/local/bin and start it again (under root account).

Questions:

  1. Where to place basic configuration? (/etc/tunnel/config now - specifies port numbers, but now it holds user/unit credentials/settings as well)
  2. Where to place basic runtime configuration-like data (user names, credentials, passwords, cipherkeys, device IDs - all can be remotedly changed by custom TCP protocol). (for now /etc/tunnel/config.tmp is created after some timeout when e.g. user is added, /etc/tunnel/config -> /etc/tunnel/config.bak and /etc/tunnel/config.tmp -> /etc/tunnel/config)
  3. Where to place big persistent read-write data? (this is what needs to be done - all data from all units placed in some big file, but no dBase, custom made virtual store - /home/firda/whatever? /srv/something?)

I know I could place all the files in my home directory (it is my own server which probably won't get distributed to anybody else, ...who knows), but would like to know best practice advice to do it properly (not to cross administrator habbits like disk partitioning and quotas - I'd like to know how it is usually done, how it can be done, which folders are good for some backup system). Thank you.

P.S.: This is not a web server (so far), but I'd guess that answers could be similar. This question may seem duplicate to the one I linked to, but I was not satisfied with the answer, so, rather specified my own application and needs (the question of partitioning, quotas and backups especially).

FEEDBACK:

Filesystem Hierarchy Standard splits directories according to two criteria: read-only (/usr, /etc, /opt and /boot) - all these are for executables and stable configiration, not for data. Second criteria is shareable (platform independent) and unshareable (platform dependent). Data should go in /var tree with one exception added: /srv can be used for both read-only and read-write data (thus perfect for services that want both type of files in one directory).

For now I will probably use /etc for basic configuration (including parameters for changing directories to use), /usr/local/bin for the application and /var/local for my data. (Using /srv could be second option.)

Any comments before we can close this question?

Community
  • 1
firda
  • 123
  • 6

1 Answers1

2

The one document which tries to make sense of all this is the Filesystem Hierarchy Standard; a.k.a. the FHS.

It does not provide an easy straightforward answer to your question, though. There seems to be 3 options:

  1. Use /opt/tunnel and keep all files relating to the application there.
  2. Use the packaging system and package your application as a Debian package. In this case, the document you want is the Debian Policy Manual, especially chapter 9, The Operating System.
  3. Use /usr/local and related /*/local directories. Read the FHS

Option 1 is most common for proprietary and enterprise software, but it is not very much in the spirit of the rest of the system. Option 2 is definitely the best one in terms of having a nice system, but it is a lot of work if you are not used to packaging software. Option 3 is the traditional and historically most common method, and the FHS will be the most help for you here, but you would also probably like to investigate how other people and software (which you otherwise respect) have solved the same problem.

Teddy
  • 5,204
  • 1
  • 23
  • 27
  • I did look in the document (pointed out in the answer I have pointed out on top of my question). `/usr/local/bin` was suggested by the administrator of the system (together with `/etc/rc.local`) but where to put data-files? `/etc/...` looked good for the config file, but data? I was asking here not to read quantas of manuals and suggestions and getting nowhere, because they look like a mess. I'd like answer from some system administrator (configuring backups as well). Thanks for the answer anyway. – firda Aug 09 '14 at 20:41
  • Would it be fine to just create some directory in `/usr/local` like `/usr/local/tunnel` and place my big (changing) files there? – firda Aug 09 '14 at 20:47
  • @firda No, only unchanging files should be in `/usr`; changing files should be below `/var`. There is a `/var/local` directory, I believe. But again, read the FHS and investigate other software. If the data files are primarily served to other systems over the network, `/srv` might also be a good choice. Again, the FHS gives no easy clear-cut answers, so you’ll have to decide yourself. – Teddy Aug 09 '14 at 20:52
  • there is no `/var/local` in the document and I should not add directories according to it. In other words: the document states that I need a game or cannot have my data :-D – firda Aug 09 '14 at 21:08
  • @firda The Debian package `base-files` adds a `/var/local` directory. – Teddy Aug 09 '14 at 21:17
  • OK, thanks, this looks like a good place for my files. – firda Aug 10 '14 at 08:26