%general-entities; ]> install -d /{bin,boot,dev,etc/opt,home,lib,mnt} install -d /{sbin,srv,usr/local,var,opt,proc,sys} install -d /root -m 0750 install -d /tmp /var/tmp -m 1777 install -d /media/{floppy,cdrom} install -d /usr/{bin,include,lib,sbin,share,src} ln -s share/{man,doc,info} /usr install -d /usr/share/{doc,info,locale,man} install -d /usr/share/{misc,terminfo,zoneinfo} install -d /usr/share/man/man{1,2,3,4,5,6,7,8} install -d /usr/local/{bin,etc,include,lib,sbin,share,src} ln -s share/{man,doc,info} /usr/local install -d /usr/local/share/{doc,info,locale,man} install -d /usr/local/share/{misc,terminfo,zoneinfo} install -d /usr/local/share/man/man{1,2,3,4,5,6,7,8} install -d /var/{lock,log,mail,run,spool} install -d /var/{opt,cache,lib/{misc,locate},local} install -d /opt/{bin,doc,include,info} install -d /opt/{lib,man/man{1,2,3,4,5,6,7,8}} The first mode change ensures that not just anybody can enter the /root directory—the same as a normal user would do with his or her home directory. The second mode change makes sure that any user can write to the /tmp and /var/tmp directories, but cannot remove another user's files from them. The latter is prohibited by the so-called sticky bit, the highest bit (1) in the 1777 bit mask.