Is there a way to create symbolic links with special permissions so that users cannot delete them?

Thanks,

The ability to delete a file (symbolic links are just pointer files) from a directory, requires write permissions to the directory the file is in. If you take away write permission for those users, they will not be able to delete the file.

If those users really need write permission to that directory, the is another alternative. You can set the "sticky" bit on the directory.

The sticky bit allows users to only delete files they own, even
though many users have write access to the directory.

To set the permissions on the directory, use

chmod 1777 /tmp

permissions will look like this:

ls -ld /tmp
drwxrwxrwt 37 root root 51200 May 2 20:08 /tmp

I have a symlink in /home/samba/public that points to /some/path, my samba directory is read only(dr-xr-xr-x), but the symlink gets created with lrwxrwxrwx permission. I'we recreated the link several times but the permissions are the same lrwxrwxrwx
Is there anything else i should do?

Hey There,

Symlinks will always have those permissions. In the case of symlinks you have to be either the owner or a member of the symlink's group to delete it. Of course, if an upper level directory is keeping you from getting there, that doesn't matter.

If you want to keep someone from accessing your file via the symlink you just need to set the permissions on your file to be restrictive enough, and (unfortunately) if you want them to be able to access it (and it points into your home directory), they would have to be able to access it via the direct path as well (as far as permissions go), so you'd be giving up some security.

Hope that helps out

, Mike

This is not correct in my case because the owner of the symlink is root(lrwxrwxrwx 1 root root), and users are still able to delete them.
I applied the desired secutiry permissions on the target directory, it's just that users ca delete the symlinks and cause (un)intentional problems. Is there any other way to make symlinks undeletable?

It sounds like the key to your problem is in samba.
The base user of samba is root which means it can
can delete any file reguardless of the directory permissions.

Do users need write permission on this share? If
not, make sure smb.conf has this share set with read only = no.

There may be some other settings in samba to look at also,
like force user = pubic.

A work around would be to create a shell script to checks for the
link and recreates if it gets deleted.

#!/bin/bash

# Create deleted symbolic link

LINKNAME=/home/samba/public/link

while [ forever ]
do
if [ ! -e "$LINKNAME" ]
then

ln -s /home/samba/public/orginalfile $LINKNAME

## Wait one minute and check again VERY IMPORTANT LINE
sleep 60 # Could wait 5m (5 minutes, etc) done run too often

done

This could be put in the smbd startup script right after
the "start)" line to execute on reboot.

Replace [symlink] with the correct file name.

rlhartmann you were right in your first post, i had to make the directory the symlink is in read only for users, and now thei can't delete the symlinks.
Thanks everyone for helping.