Directories of the firmware components

Note: Phoenix Contact recommends operating the PLCnext Control device with an SD card if it supports SD card operation. For some PLCnext Control devices, operation with an SD card is mandatory. Refer to the user manual of your PLCnext Control device.

You can access the controller via SFTP or via SSH, view the directories and files in the Linux file system (on the internal flash memory and on the SD card), and modify them if necessary.

Directories and files that Phoenix Contact provides (also through firmware updates) are stored on the internal flash memory of the controller.

If you make changes to the directories or files, the Linux operating system generates an Overlay File System. It is used to combine contents of a read-only partition with a read-write partition. The read-write partition is stored either at the external SD card or in a dedicated partition of the internal flash memory if no SD card is present.

Major directories on the internal file system

Directory in the root file system	Contents
/usr/local/lib	Directory for storing additional open-source libraries that customized C++ programs use (see C++ programming).
/usr/share/common-licenses	License information on the individual Linux packages of the controller.
/opt/plcnext	Home directory of the `admin` Linux user and working directory of the device firmware. Files written by the application program are stored in this directory if the specified file name does not contain a storage path.
/opt/plcnext/config 2019.9, 2020.0 LTS, 2020.3	Directory for storing configuration files that are not project-specific.
/opt/plcnext/config/System/Um ≥ 2020.6	Directory for storing configuration files of the User Manager. UmSystemUseNotifcation.txt: The file contains the Default System Use Notification that is displayed if you connect to the controller via SSH or SFTP (for example, using WinSCP). Click here for more information.
/opt/plcnext/logs	Directory for storing the log files of the Diagnostic Logger as well as the database of the Notification Logger This directory contains the Output.log file. It contains information on the startup behavior of the firmware, status, and error messages as well as warning notes that help you find the source of error. Click here for more information. In addition, you will find the diagnostic log file of the`plcnextapp` command line tools (plcnextapp.log) as well as the log files of the UA server (uatrace.log, uatrace_1.log).
/opt/plcnext/projects	Directory for storing project directories and files
/opt/plcnext/projects/Default	Directory for storing project directories and files downloaded manually by the user
/opt/plcnext/projects/PCWE	Directory for storing PLCnext Engineer projects PLCnext Engineer exclusively manages all files and subdirectories in this directory. Note: Do not make any changes to this directory.
/opt/plcnext/projects/splc	Directory for storing SPLC data (safety-related controller)
/opt/plcnext/Security	Directory for storing certificates of `IdentityStores` and `TrustStores` , which the WBM manages.
/opt/plcnext/Security/Certificates/https	Directory for storing the HTTPS certificate Note: Certificate setting From firmware 2021.0 LTS Up to firmware 2020.6, the HTTPS certifcate and its related private key were located as files on the file system of the controller. These files have been replaced by symbolic links. Therefore, when updating the firmware, the existing certificate and key files are moved to /opt/plcnext/Security/IdentityStores/HTTPS-self-signed-Backup/. and symbolic links are created at the original location pointing to this backup. On the WBM Certificate Authentication page you can either select to use an existing IdentityStore or to use self-signed certificates. When using an existing IdentityStore the symbolic links are changed and refer now to the specified IdentityStore. When using self-signed certificates a self-signed certificate is generated at /opt/plcnext/Security/IdentityStore/HTTPS-self-signed/. and the symbolic links refer to that IdentityStore. When creating a self-signed certificate via the Certificate Authentication WBM page, the /opt/plcnext/Security/IdentityStores/HTTPS-self-signed-Backup directory is not modified. Up to firmware 2020.6 The HTTPS certificate and its related private key are located as files in the following directories of the controller file system: /opt/plcnext/Security/Certificates/https/https_cert.pem /opt/plcnext/Security/Certificates/https/https_key.pem You can exchange these files by your own certificate and key.
/opt/plcnext/Security/TrustStores	Directory for storing the `TrustStores` configured in WBM. Each subdirectory corresponds to the name of a `TrustStore`. A `TrustStore` directory contains the following subdirectories: trusted: The directory contains CA certificates that are trusted. issuers: The directory contains CA certificates that are not automatically trusted but that are necessary for creating a certificate chain. trusted/crl: The directory contains files with CRLs for the CA certificates. issuers/crl: The directory contains files with CRLs for issuer certificates. Note: The firmware internally uses the /opt/plcnext/Security/TrustStores/Empty/ `TrustStore`. Do not make any changes to the directory, the subdirectories, or the files of the /Empty `TrustStore`.
/opt/plcnext/Security/IdentityStores	Directory for storing the `IdentityStores` configured in the WBM. Each subdirectory corresponds to the name of an IdentityStore. An IdentityStore contains identities (X.509 certificates with associated private key). An IdentityStore directory contains the following files: certificate.pem: The file in PEM format contains the X.509 certificate of the identity. The file may additionally contain several certificates of the certificate chain. key.pem: The file in PEM format contains the private key for the certificate. tpmkey.pem: The file contains the private key linked to the TPM (Trusted Platform Module) of the controller.
/opt/plcnext/apps	All active apps downloaded from the PLCnext Store to the controller are mounted in this directory. Each active app is mounted with the name of the app identifier in a subdirectory. The entire content of the app container is available in this directory (read-only). The PLCnext Store manages the directory. Do not make any changes to this directory.
/opt/plcnext/installed_apps	Directory for storing all installed app containers The directory belongs to the PLCnext Store.
/opt/plcnext/appshome	Directory for storing and managing app data The PLCnext Store and the installed apps manage the directory. Do not make any changes to this directory.
/opt/plcnext/lttng	Directory for storing the default configuration files for tracing via LTTng
/opt/plcnext/lttng_traces	Directory for storing trace files The directory is created during runtime of the trace controller when the trigger function for storing the trace files is called for the first time. Each time the trigger function of the memory is called, a new subdirectory (trace directory) for storing the current trace data is created. The designation of a trace directory is structured as follows: `YYYYMMDD_hhmmss` For example: /opt/plcnext/lttng_traces/20190418_190615/<trace_data> The memory operates as a ring memory. When exceeding the maximum storage space, the oldest trace directory is deleted.
/opt/plcnext/backup	Directory for download changes operations The directory is used for creating a backup of the project directory (/opt/plcnext/projects/). In the event of an error, the contents of the backup directory are restored. The backup directory is created following the first successful project download and following every successful project download.
/opt/plcnext/retaining	Directory for storing remanent data
/opt/plcnext/retaining/backups ≥ 2021.0 LTS	Directory for storing backup files that contain the retain variable values and its corresponding retain CRC along with the project name. Up to 10 backup files are stored before the oldest file is deleted. The criterion is the file name. You can find more information about the backup and restore feature in the topic Extended retain handling.
/opt/plcnext/shadowing	Directory for internal storage of copies of C++ user libraries that have been configured in PLCnext Engineer and downloaded.
/opt/plcnext/profinet	Directory for storing temporary PROFINET files

Using SFTP to access the file system

You can access the file system via the SFTP protocol. Use a suitable SFTP client software for this (for example, WinSCP).

Access to the file system via SFTP requires authentication with a user name and password. The following access data is set by default with administrator rights:

User name: admin
Password: is printed on the PLCnext Control