LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 01-21-2007, 03:50 PM   #1
keysorsoze
Member
 
Registered: Apr 2004
Location: Queens, NY
Distribution: Red Hat, Solaris
Posts: 295

Rep: Reputation: 30
Sticky bit on / and /home directories?


Hi! I was wondering if it was possible to set a sticky bit on the / and the /home directories in case of accidentally mistyping an rm -rf command? Can this work and make the directory "immune" to being deleted even by the almighty root?
 
Old 01-21-2007, 04:01 PM   #2
jlliagre
Moderator
 
Registered: Feb 2004
Location: Outside Paris
Distribution: Solaris 11.3, Oracle Linux, Mint
Posts: 9,649

Rep: Reputation: 391Reputation: 391Reputation: 391Reputation: 391
Quote:
Originally Posted by keysorsoze
Hi! I was wondering if it was possible to set a sticky bit on the / and the /home directories
Likely.
Quote:
in case of accidentally mistyping an rm -rf command?
Sticky bit on directories doesn't prevent deleting them. Root is anyway bypassing privilege settings.
Quote:
Can this work and make the directory "immune" to being deleted even by the almighty root?
It won't. To prevent data loss, nothing like backups.
 
Old 01-21-2007, 04:12 PM   #3
keysorsoze
Member
 
Registered: Apr 2004
Location: Queens, NY
Distribution: Red Hat, Solaris
Posts: 295

Original Poster
Rep: Reputation: 30
Thanks for the reply I thought I read somewhere that a sticky bit would not be able to be deleted even by root, guess not. Thanks for filling the void.
 
Old 01-21-2007, 04:46 PM   #4
Emerson
LQ Guru
 
Registered: Nov 2004
Location: Saint Amant, Acadiana
Distribution: Gentoo ~arch
Posts: 5,872

Rep: Reputation: Disabled
You can set immutable flag, then even root has to remove the flag before deleting.
 
Old 01-21-2007, 05:17 PM   #5
keysorsoze
Member
 
Registered: Apr 2004
Location: Queens, NY
Distribution: Red Hat, Solaris
Posts: 295

Original Poster
Rep: Reputation: 30
Ok so the sticky bit will serve as a buffer somewhat until root removes the sticky bit and then will be able to delete the directory?

Such as rm -rf / (root has sticky bit enabled)
system reports error cannot delete /


Now root does a chmod on / and removes sticky bit

rm -rf / = sucess?
 
Old 01-21-2007, 06:01 PM   #6
jlliagre
Moderator
 
Registered: Feb 2004
Location: Outside Paris
Distribution: Solaris 11.3, Oracle Linux, Mint
Posts: 9,649

Rep: Reputation: 391Reputation: 391Reputation: 391Reputation: 391
Quote:
Originally Posted by keysorsoze
Ok so the sticky bit will serve as a buffer somewhat until root removes the sticky bit and then will be able to delete the directory?
Nope, the sticky bit and the immutable flags are different beasts.
The sticky bit is something standard amongst all Unix filesystem permissions, while the immutable flag is something specific to several filesystems (eg. ext2 and ext3 extended attributes).
It is however a good idea to have them set, thanks Emerson to remind it.
Quote:
Such as rm -rf / (root has sticky bit enabled)
system reports error cannot delete /


Now root does a chmod on / and removes sticky bit

rm -rf / = sucess?
With the immutable bit set on / (chattr +i /), that should be OK.

By the way, it seems the Gnu version of rm is breaking the POSIX standards when allowing "rm -rf /" command to execute. Solaris rm is forbidding this same command to run:
Code:
# /bin/rm -rf /
rm of / is not allowed
 
Old 01-21-2007, 06:56 PM   #7
keysorsoze
Member
 
Registered: Apr 2004
Location: Queens, NY
Distribution: Red Hat, Solaris
Posts: 295

Original Poster
Rep: Reputation: 30
Thanks for the help guys I gotta set the immune bit on because I blew a away a system with a syntax error yesterday.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
About Sticky bit... masudur_iiu General 4 09-13-2006 11:23 AM
ProFTPD: Set umask so that directories are created with 'sticky bit' on. dutch2005 Linux - Software 1 09-06-2005 06:06 AM
Sticky Bit tarballed Linux - General 4 07-03-2002 04:54 PM
Sticky bit question...need help rootlinux Linux - General 1 01-26-2002 06:12 PM
sticky bit motiram Linux - General 1 08-01-2001 01:34 PM


All times are GMT -5. The time now is 10:46 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration