Preventing single file from deletion

Eisenbart · 04-30-2002, 06:48 AM

Hello everybody!

I have just started to deal with Linux and I am presently making myself familiar with the file access rights ( the chmod thing ). I am not quite sure wether I understood things correctly, but I´m a bit dissappointed as certain things do not seem to be supported.

I find it strange that denying write permission for a file does not prevent it from being deleted; but I found out that you can deny write permission for the directory containing the file.

But this creates another problem, as it allows you to allow or deny deletion for ALL the files in a directory at once. And that brings us to the point:

I want to allow the deletion of any file in a folder except for one single file - how can I accomplish this?

acid_kewpie · 04-30-2002, 07:05 AM

the owner of a file can always delete it, but OTHER users can't. as root, do chmod -w on a file and any other user can't delete it. you could always use chattr +i to set the file as immutable tho, which will prevent any changes at all while it is defined as such

abrakadabra · 04-30-2002, 08:37 AM

Hi,
You can also use chmod with the t option to set the sticky byte on the file you don't want users to delete.

Eisenbart · 04-30-2002, 09:13 AM

Talking of the sticky bit: My distribution ( SuSE ) came with a lousy manual, and although there were several hundred pages about all kinds of stuff, I found no explanation of the sticky bit - could someone please explain the stciky bit to me?

Eisenbart · 04-30-2002, 09:50 AM

@acid_kewpie: I have just tried out what you said:

- The owner of a file can NOT always delete it, only if he has write permission for the directory containing the file

- Using chmod -w on a file does NOT prevent other users from deleting it, it only keeps them from changing its content.

Linux apparently does not regard the deletion of a file as a writing access!

It seems to me that a file can only be prevented from being deleted by disabling the write permission for the directory containing the file - and if this is true, there is a major design error in Linux access rights.

Mik · 05-01-2002, 06:24 AM

They created the sticky bit on files to overcome exactly the sort of problems you are describing. Here is a nice explanation of the sticky bit:

http://linux.oreillynet.com/pub/a/linux/lpt/22_06.html