Sovereign Filesystem Hierarchy
Complete
Nexus OS replaces the POSIX Filesystem Hierarchy Standard (FHS) with the Sovereign FSH — a clean hierarchy designed around capability-based access, not Unix conventions.
The Five Root Directories
| Path | Purpose | POSIX Equivalent |
|---|---|---|
/Cas | System binaries and libraries (current version) | /usr, /bin, /lib |
/Nexus | Kernel, boot, and system identity | /boot, /etc |
/Cell | Per-process private state | /proc, /tmp (per-process) |
/Bus | Inter-process communication endpoints | /dev, /sys, /run |
/Data | Persistent user and application data | /home, /var |
/Cas — The Current System
/Cas (Content-Addressable System) holds the currently active system binaries:
/Cas/
├── current/
│ ├── bin/ # System binaries (toybox, nip, dinit, etc.)
│ └── lib/ # Shared libraries
└── versions/
└── <hash>/ # Previous system versions (CAS-addressed)The current symlink points to the active version. System updates atomically switch this symlink to point to a new CAS-addressed version. Rollback is instant — just switch the symlink back.
/Nexus — System Identity
/Nexus holds the kernel image, boot configuration, and system identity:
/Nexus/
├── kernel # Rumpk kernel image
├── manifest.bkdl # Boot manifest
├── identity/ # System keys (Ed25519)
└── provchain/ # ProvChain ledgerThis directory is read-only after boot. Only the init system can write here, and only during verified update operations.
/Cell — Process State
Each process (fiber) gets its own /Cell namespace:
/Cell/
├── <fiber-id>/
│ ├── heap/ # Process heap
│ ├── stack/ # Process stack
│ └── tmp/ # Temporary files (cleared on exit)A process cannot see another process's /Cell directory. This provides isolation without containers.
/Bus — Communication
/Bus is the inter-process communication plane:
/Bus/
├── ion/ # ION Ring descriptors
├── hud/ # HUD visual interface endpoints
├── net/ # Network socket endpoints
└── dev/ # Device capability endpointsEverything in /Bus is a communication endpoint, not a "device file" in the Unix sense. You don't open() a device — you request a capability grant and communicate through ION Rings.
/Data — Persistent Storage
/Data holds all persistent user and application data:
/Data/
├── users/ # Per-user data
├── apps/ # Per-application persistent state
└── shared/ # Explicitly shared dataFHS Compatibility
For grafted POSIX applications, Nexus creates compatibility symlinks:
/bin → /Cas/current/bin
/lib → /Cas/current/lib
/tmp → /Cell/<current>/tmp
/home → /Data/users
/etc → /Nexus/config (limited)These symlinks exist only within the Membrane compatibility layer. Native Nexus applications use the Sovereign FSH directly.