LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices



Reply
 
Search this Thread
Old 05-31-2012, 09:25 AM   #1
vm_devadas
Member
 
Registered: Sep 2006
Location: India
Distribution: Redhat and Suse
Posts: 75

Rep: Reputation: 15
How to prevent symbolic links from deletion


A SLES11 box having custom setup where .profile is a symlink to a central application script. How to prevent users from deleting the .profile file. "chattr +i .profile" will be a quick n easy fix; but it cant be done on symlink, right?
Do you have any easy method to implement this?
 
Old 05-31-2012, 09:35 AM   #2
pan64
Guru
 
Registered: Mar 2012
Location: Hungary
Distribution: debian i686 (solaris)
Posts: 5,146

Rep: Reputation: 1364Reputation: 1364Reputation: 1364Reputation: 1364Reputation: 1364Reputation: 1364Reputation: 1364Reputation: 1364Reputation: 1364Reputation: 1364
move that settings into /etc/profile, and leave $HOME/.profile empty.
 
Old 05-31-2012, 09:40 AM   #3
vm_devadas
Member
 
Registered: Sep 2006
Location: India
Distribution: Redhat and Suse
Posts: 75

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by pan64 View Post
move that settings into /etc/profile, and leave $HOME/.profile empty.


box having custom setup where .profile is a symlink to a central application script
 
Old 05-31-2012, 09:52 AM   #4
pan64
Guru
 
Registered: Mar 2012
Location: Hungary
Distribution: debian i686 (solaris)
Posts: 5,146

Rep: Reputation: 1364Reputation: 1364Reputation: 1364Reputation: 1364Reputation: 1364Reputation: 1364Reputation: 1364Reputation: 1364Reputation: 1364Reputation: 1364
I see. To avoid removing the link from the homes probably you need to set the dir readonly for the user, but it is not a good idea. What about restoring it during the login process?
 
Old 05-31-2012, 09:54 AM   #5
vm_devadas
Member
 
Registered: Sep 2006
Location: India
Distribution: Redhat and Suse
Posts: 75

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by pan64 View Post
What about restoring it during the login process?
I didn't understand what you exactly mean here. My query is simple.
"How to prevent a symbolic link from accidental deletion"
 
Old 05-31-2012, 12:02 PM   #6
pan64
Guru
 
Registered: Mar 2012
Location: Hungary
Distribution: debian i686 (solaris)
Posts: 5,146

Rep: Reputation: 1364Reputation: 1364Reputation: 1364Reputation: 1364Reputation: 1364Reputation: 1364Reputation: 1364Reputation: 1364Reputation: 1364Reputation: 1364
you cannot protect the user's home dir against the user itself. So you would need to set the user's home read only, but in this case the user will not be able to use his own home.
The other solution can be to use SELinux: http://www.google.com/url?sa=t&rct=j...2aQOrw&cad=rja
 
Old 05-31-2012, 02:43 PM   #7
anomie
Senior Member
 
Registered: Nov 2004
Location: Texas
Distribution: RHEL, Scientific Linux, Debian, Fedora, Lubuntu, FreeBSD
Posts: 3,930
Blog Entries: 5

Rep: Reputation: Disabled
Quote:
Originally Posted by vm_devadas
My query is simple.
"How to prevent a symbolic link from accidental deletion"
It's a simple query, but the answer is not so simple.

As mentioned, a user with directory write access can unlink any file (including a symlink) in that directory. (Yes, there are exceptions using MAC or - possibly - filesystem attributes.)

Quote:
Originally Posted by vm_devadas
having custom setup where .profile is a symlink to a central application script
Out of curiosity, what sorts of things does your central application script do? There may be a better solution to this dilemma.
 
  


Reply

Tags
chattr, symlink


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Need solution to prevent deletion of files but allow editing and writing. dsirrine Linux - Newbie 12 12-10-2009 04:06 PM
Prevent editing/truncating file but not deletion (unlink) ruisselet Linux - Software 1 11-18-2009 11:40 AM
Symbolic links Vs Hard links sulekha Linux - General 2 10-02-2008 08:03 AM
Prevent folder deletion, centos 5 danedmo Linux - Newbie 2 10-01-2008 11:40 PM
Symbolic Links suavecu Linux - Software 1 01-11-2006 11:04 PM


All times are GMT -5. The time now is 11:33 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration