50 Must‑Know Linux Configuration Files for Sysadmins

1 User and Permission Management

/etc/passwd

: Stores basic user information such as username, UID, GID, home directory, and default shell. /etc/shadow: Holds encrypted passwords and password policies; readable only by root. /etc/group: Contains group definitions for permission control. /etc/gshadow: Stores encrypted group passwords for enhanced security. /etc/sudoers: Configures which users or groups may run sudo; edited with visudo to avoid syntax errors. /etc/login.defs: Sets default account policies like password expiry, UID ranges, and account expiration. /etc/skel/: Template files copied to new user accounts (e.g., .bashrc) to initialise the environment. /etc/security/limits.conf: Defines per‑user or per‑group resource limits such as maximum processes and open files. /etc/pam.d/: PAM configuration directory controlling authentication for login, sudo, su, etc. /var/log/lastlog: Binary log of each user’s last login time, IP, and terminal; viewable with lastlog.

2 Network Configuration and Access Control

/etc/hosts

: Local DNS mapping that overrides remote DNS. /etc/resolv.conf: Defines DNS server addresses. /etc/hostname: Sets the system’s hostname. /etc/nsswitch.conf: Determines the order of sources for hostname, user, and service lookups. /etc/hosts.allow: TCP Wrapper whitelist for allowing specific IPs. /etc/hosts.deny: TCP Wrapper blacklist for denying specific IPs. /etc/network/interfaces: Legacy network interface definitions on Ubuntu. /etc/sysconfig/network: Global network settings on Red‑Hat‑based systems. /etc/sysconfig/network-scripts/ifcfg-*: Per‑interface configuration files. /etc/netplan/*.yaml: Modern Ubuntu network configuration using YAML.

3 System Startup and Service Management

/etc/fstab

: Filesystems to mount automatically at boot; errors can prevent system startup. /etc/rc.local: Legacy script executed once after boot. /etc/inittab: SysV init configuration (largely superseded by systemd). /etc/systemd/system/*.service: User‑defined systemd unit files for custom services. /usr/lib/systemd/system/*.service: Default systemd service files provided by packages; manual edits are discouraged. /etc/init.d/: Directory of SysV‑init scripts for compatibility with older systems. /etc/default/grub: GRUB default configuration; changes require running update-grub. /boot/grub2/grub.cfg: Generated GRUB configuration actually used by the bootloader. /etc/sysctl.conf: Kernel parameter settings; apply with sysctl -p. /etc/modprobe.d/*.conf: Rules for loading or blacklisting kernel modules.

4 Logging and System Auditing

/var/log/messages

: General system log on CentOS. /var/log/syslog: General system log on Debian/Ubuntu. /var/log/auth.log: Authentication events such as logins and sudo usage. /var/log/secure: Equivalent to auth.log on CentOS. /var/log/dmesg: Kernel boot messages and driver loading information. /var/log/boot.log: Service output during system boot. /var/log/wtmp: Binary record of login and logout history; view with last. /var/log/btmp: Binary record of failed login attempts; view with lastb. /var/log/cron: Log of cron job executions. /var/log/kern.log: Kernel‑level messages, including driver errors and panics.

5 User Environment and Shell Configuration

/etc/profile

: Global shell initialization script read by all users at login. ~/.bash_profile: User‑specific login shell script executed once per login session. ~/.bashrc: User‑specific interactive shell configuration executed for each new terminal. /etc/bashrc: System‑wide Bash configuration applied to all users, including non‑interactive shells. /etc/environment: System‑wide environment variable definitions; does not interpret shell syntax.

6 Cron and Scheduling

/etc/crontab

: System‑wide crontab file that includes a user field for each job. /etc/cron.d/: Directory for additional crontab files used by applications or the system. /var/spool/cron/: Per‑user crontab files created via crontab -e, named after the user.

7 System Information and Status

/proc/cpuinfo

: Displays CPU model, core count, thread count, and frequency. /proc/meminfo: Provides detailed memory statistics including total, free, buffers, and cache.