Chris Bannister <cbannis...@slingshot.co.nz> writes: > On Fri, Jun 06, 2014 at 04:45:37PM +0200, Filip wrote: >> >> Removing a directory entries no relation whatsoever to the permissions >> of the file. > > Parse error! Does not compute! :) > > -- > "If you're not careful, the newspapers will have you hating the people > who are being oppressed, and loving the people who are doing the > oppressing." --- Malcolm X
What I mean to say was: The permissions on the file have no bearing on
whether or not you can unlink it's directory entry.
But really, it's a white lie ;-)
Because, it's possible to set the 'immutable' attribute ('chattr +i') on
the file which will prevent anyone from linking or unlinking the file,
and also prevents all write operations. But that is not really part of
the regular permission system, but more of a file system feature. And
it's not something to be casually used by end-users because a regular
user can't change the attribute.
Let's create a file and set the +i attribute:
$ touch imm
$ chattr +i imm
chattr: Operation not permitted while setting flags on imm
$ ls -l imm
-rw-r--r-- 1 filip filip 0 Jun 9 10:37 imm
$ sudo chattr +i imm
$ lsattr imm
----i--------e-- imm
Permissions on the file on on the containing directory look quite
ordinary:
$ ls -ld .
drwxr-xr-x 2 filip filip 4096 Jun 9 09:57 .
$ ls -ld imm
-rw-r--r-- 1 filip filip 0 Jun 9 09:47 imm
Now let's try some operations:
$ echo test >imm
bash: imm: Permission denied
$ mv imm newname
mv: cannot move ‘imm’ to ‘newname’: Operation not permitted
$ rm imm
rm: remove write-protected regular empty file ‘imm’? y
rm: cannot remove ‘imm’: Operation not permitted
$ ln imm newlink
ln: failed to create hard link ‘newlink’ => ‘imm’: Operation not permitted
We are not allowed to do very much with it.
Well at least reading works:
$ cat imm
$
It's an empty file, so the content is not very exciting, but try it
yourself with a file that contains data if you don't believe me ;-)
Now remove the attribute:
$ chattr -i imm
chattr: Operation not permitted while setting flags on imm
$ sudo chattr -i imm
$ lsattr imm
-------------e-- imm
And now we can remove the file:
$ rm imm
$ ls imm
ls: cannot access imm: No such file or directory
pgpawpkSLt_Dq.pgp
Description: PGP signature
