How to restrict root user to delete a file or directories
Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Not really, because root is the main administrator account. If you are so worried about files or folders being deleted as root, I would recommend to move them to another storage location, such as a portable hard drive or flash drive.
You can restrict but not stop root from deleting files/directories.
Using the chattr you can make files/dirs immutable, which will render rm etc useless (also true for root). But as stated by corp769, root can use chattr to undo the changes and afterwards is able to remove those files and dirs.
For root, using chattr would be an extra layer, which would at least prevent accidental removal/change.
Anyway: chattr +i file to set immutable flag and chattr -i file to remove. Do have a look at the chattr and lsattr man pages.
Yeah you could definitely do that, but as you said man, root would easily remove the flag, so setting the +i flag would technically be pointless.
That depends. From a security point of view: You are 100% correct. If, on the other hand you want to protect your files from accidental changes (including removal), it could be useful.
I've worked on proprietary Unix machines were just about everything had to be done as root user, certain key files and directories where made immutable just to make sure they were not accidentally removed. This was done after a tested script removed a big chunk of files and directories (script was tested, but this bug wasn't noticed/tested).
So making files/dirs immutable has its uses, even for the root user.
One should be able to stop root from deleting certain files and directories using a SELinux MLS policy.
I doubt you'll find a ready to use drop-in policy example for that on the 'net though.
you can encrypt your home directory thats all you can do, as in ubuntu, try to explore the same thing in your distribution also , and make use know before marking this post as [solved]
Hi,
That depends. From a security point of view: You are 100% correct. If, on the other hand you want to protect your files from accidental changes (including removal), it could be useful.
I've worked on proprietary Unix machines were just about everything had to be done as root user, certain key files and directories where made immutable just to make sure they were not accidentally removed. This was done after a tested script removed a big chunk of files and directories (script was tested, but this bug wasn't noticed/tested).
So making files/dirs immutable has its uses, even for the root user.
I do see your point man, but for me, security comes first.
Root can do on your machine what he wants, because he is root. If you restrict him, he will be able to remove restriction.
I think this is the wrong approach to security. In the first place I would ask me why I have a root that must be restricted. If you can't trust your root then fire him (but change his password before telling him).
For day to day operations one should not need to be root. You create a user with just enough permissions to do your day to day work and use it. On those rare occasions when you really must be root, the su - into it.
If you cannot trust your root user, get rid of him ASAP. It will take him no time at all to Fubar your system if he so wishes. Remember he can see(read) anything on any users account (email, etc). It is really easy to create(and bury) a cron job that checks to see if root(the bad guy)has checked in this week and if not delete/erase random parts of the HD(much worse than if he would delete everything and virtually impossible to find without doing a clean install).
"sudo" is a good tool for giving users restricted root-like privileges for certain tasks. Different users can have different rights as defined in /etc/sudoers so for example you could allow a user to perform limited administration tasks but not to delete system file or directories.
One should be able to stop root from deleting certain files and directories using a SELinux MLS policy.
I doubt you'll find a ready to use drop-in policy example for that on the 'net though.
But how you stop root from temporarily disabling SELinux?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.