LinuxQuestions.org
Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 04-11-2011, 07:36 AM   #1
balebel
LQ Newbie
 
Registered: Apr 2011
Posts: 10

Rep: Reputation: 0
renaming file permission chmod


Hi everybody,
ok, that works to disallow non-owners from renaming the file, but what I would
like to do is disallow EVERYONE ( including the owner of the file ) from
editing, moving, or changing the filename once it is created. the only person
who should be able to make those changes is a special user. any ideas about
how to accomplish that? Thanks.
 
Old 04-11-2011, 07:52 AM   #2
Sjonnie48
Member
 
Registered: Jun 2005
Location: Earth
Distribution: Ubuntu10.04
Posts: 308

Rep: Reputation: 43
This is the same reply as I gave on an earlier similar question from you. Find out what you can do with umask.
Goodluck & success!
 
Old 04-11-2011, 07:54 AM   #3
tronayne
Senior Member
 
Registered: Oct 2003
Location: Northeastern Michigan, where Carhartt is a Designer Label
Distribution: Slackware 32- & 64-bit Stable
Posts: 3,541

Rep: Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060
Not a real good idea but you could simply chmod 700 /bin/chmod (if that's where chmod actually lives).

You may have /usr/bin/chmod as a symbolic link to /bin/chmod (do ls -l /usr/bin/chmod to see).

Doing this most likely will come back to haunt you and you really need to think it through before you do it.
 
Old 04-11-2011, 08:10 AM   #4
balebel
LQ Newbie
 
Registered: Apr 2011
Posts: 10

Original Poster
Rep: Reputation: 0
@Sjonnie48: It's not a question of umask. because the renaming right of a file is included in the 'read' right.
So the 'read' right should be divised. But, that is impossible, so, I used the sticky bit but in my smb.conf I used force user = "folderowner" to change the owner of the file. But it's not working

---------- Post added 04-11-11 at 08:11 AM ----------

@tronayne : I didn't understand your solution, could you please be more deep
 
Old 04-11-2011, 09:27 AM   #5
tronayne
Senior Member
 
Registered: Oct 2003
Location: Northeastern Michigan, where Carhartt is a Designer Label
Distribution: Slackware 32- & 64-bit Stable
Posts: 3,541

Rep: Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060Reputation: 1060
The chmod utility is owned by root and its permission mask is
Code:
ls -l /bin/chmod
-rwxr-xr-x 1 root root 53232 2010-05-11 16:53 /bin/chmod*
That is, read-write-execute for owner (root), read-execute for group (root) and execute for public (everybody else). I would caution, if you do not understand that, you really have no business screwing around with it until you do have a clear understanding of the consequences of doing so.

Changing the mode of /bin/chmod from 755 (which it is by default) to 700 would remove all execute permissions from the group and the public. You could also change the mode to 750 to remove all execute permission from public (so no user except root would be able to change the mode of any file or directory); mode 750 would leave the owner and group permissions in place.

Read man chmod and man 2 chmod for more information. Also read http://en.wikipedia.org/wiki/Filesystem_permissions and the "See Also" links in the Wikipedia article.

Hope this helps some.
 
Old 04-11-2011, 10:39 AM   #6
balebel
LQ Newbie
 
Registered: Apr 2011
Posts: 10

Original Poster
Rep: Reputation: 0
@tronayne: Thank you for your clarification. I did as you mentioned.
chmod 775 /bin/chmod
than
ls -l /bin/chmod
-rwxrwxr-x root root ...
It functioned only one time, ie I finally could delete the file cauz the I have in the group now 'rwx'.
How can let it work every time
 
Old 04-11-2011, 10:41 AM   #7
rfelsburg
Member
 
Registered: Nov 2008
Posts: 52

Rep: Reputation: 18
If you only need to do this for a single, or set number of files then I would use the immutable flag:

chattr +i filename

Keep in mind that removing the ability to rename/move/delete a file will likely render the file unchangeable by anyone who doesn't have that spacial ability.

Last edited by rfelsburg; 04-11-2011 at 10:46 AM.
 
Old 04-11-2011, 10:44 AM   #8
TobiSGD
Moderator
 
Registered: Dec 2009
Location: Germany
Distribution: Whatever fits the task best
Posts: 17,133
Blog Entries: 2

Rep: Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836
Quote:
Originally Posted by balebel View Post
@tronayne: Thank you for your clarification. I did as you mentioned.
chmod 775 /bin/chmod
than
ls -l /bin/chmod
-rwxrwxr-x root root ...
It functioned only one time, ie I finally could delete the file cauz the I have in the group now 'rwx'.
How can let it work every time
I think you misread that post, you should change the permissions from 755 to 700. Than it should work.
 
Old 04-11-2011, 10:49 AM   #9
rfelsburg
Member
 
Registered: Nov 2008
Posts: 52

Rep: Reputation: 18
Perhaps I've missed something here, but how did we get from removing the ability to rename a file to changing the perms on chmod?
 
Old 04-11-2011, 10:53 AM   #10
TobiSGD
Moderator
 
Registered: Dec 2009
Location: Germany
Distribution: Whatever fits the task best
Posts: 17,133
Blog Entries: 2

Rep: Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836
Quote:
Originally Posted by rfelsburg View Post
Perhaps I've missed something here, but how did we get from removing the ability to rename a file to changing the perms on chmod?
To prevent a user from renaming his own files, you first have to make sure that he can't change the permissions on those files. You making chmod unusable would be the first step.
 
Old 04-11-2011, 10:58 AM   #11
rfelsburg
Member
 
Registered: Nov 2008
Posts: 52

Rep: Reputation: 18
Gotcha, seems a bit like crushing peanuts with a steamroller though as the consequences are removing the ability of anyone to use chmod who is not root. As well as still allowing root to change permissions, and it sounded like he wanted everyone to not be able to rename including root.

Thoughts?
 
Old 04-11-2011, 11:00 AM   #12
TobiSGD
Moderator
 
Registered: Dec 2009
Location: Germany
Distribution: Whatever fits the task best
Posts: 17,133
Blog Entries: 2

Rep: Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836
Except a special user, and in any case this has to be root.
 
Old 04-11-2011, 11:05 AM   #13
rfelsburg
Member
 
Registered: Nov 2008
Posts: 52

Rep: Reputation: 18
Fair enough, regardless of what method is used, it will have to be root.

However disallowing chmod use to anyone that is not root, is likely to break quite a bit as you've stated above, and I would hope something simpler like an immutable flag could possibly get the job done without losing functionality within the rest of the system.

Or am I over looking some case of immutable?
 
Old 04-11-2011, 01:02 PM   #14
TobiSGD
Moderator
 
Registered: Dec 2009
Location: Germany
Distribution: Whatever fits the task best
Posts: 17,133
Blog Entries: 2

Rep: Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836Reputation: 4836
You are right, I have not seen your post regarding the immutable-flag, this should be the better way to do something like that.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
i have given chmod 777 permission for access now how to revert that permission mohdsuboor23 Linux - Server 1 12-11-2010 05:19 AM
[SOLVED] What's the difference between chmod 0755 file and chmod 755 file? cola Linux - Newbie 6 04-19-2010 04:29 PM
chmod file strange permission XmaverickX Linux - Server 1 08-31-2009 12:23 PM
using chmod to change file permission kiwidoc Linux - Newbie 3 07-25-2004 06:39 AM
chmod 755 won't change file permission. duffboygrim Linux - General 11 04-29-2004 06:17 PM


All times are GMT -5. The time now is 08:37 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration