Не удаляемые файлы.

April 15th, 2011 | by admin |

Как защитит наиболее важные файлы от случайного удаления или изменения (так что бы даже root не смог их удалить)?

The chflags utility modifies the file flags of the listed files as specified by the flags operand.FreeBSD offers write protection, you need to to set special bit call immutable. Once this bit is setup no one can delete or modify file including root. And only root can clear the File immutable bit.

You must be a root user to setup or clear the immutable bit.
Setup file immutable bit

Use chflags command as follows:
[sourcecode language=”bash”]# chflags schg /tmp/test.doc[/sourcecode]
Try to remove or moify file file with rm or vi:
[sourcecode language=”bash”]# rm -f /tmp/test.doc[/sourcecode]
[sourcecode language=”bash”]rm: /tmp/test.doc: Operation not permitted[/sourcecode]
Now root user is not allowed to remove or modify file. This is useful to protect important file such as /etc/passwd, /etc/master.passwd etc.
Display if file immutable bit is on or off
[sourcecode language=”bash”]ls -lo /tmp/test.doc
-rw-r–r– 1 root wheel schg 19 Jun 29 22:22 /tmp/test.doc[/sourcecode]
Clear or remove file immutable bit
[sourcecode language=”bash”]#chflags noschg /tmp/test.doc[/sourcecode]
Now you can remove or modify file. Please note that immutable flag can be set by root user only. chflags also supports few other interesting flags.

* arch: set the archived flag
* nodump: set the nodump flag
* sappnd: set the system append-only flag
* schg: set the system immutable flag
* sunlnk: set the system undeletable flag
* uappnd: set the user append-only flag
* uchg: set the user immutable flag
* uunlnk: set the user undeletable flag

Putting the letters no before an option causes the flag to be turned off.

Please note Linux also supports immutable flag to write protect files using chattr command.

See man page chflags and ls commands for more information.

Want to stay up to date with the latest Linux tips, news and announcements? Subscribe to our free e-mail newsletter or full RSS feed to get all updates. You can Email this page to a friend.


Protect harddisk-based backup from accidental removal

If you store a backup on hard disk, the risk of rm -rf does exists.

Use chattr command changes the file attributes on a Linux second extended file system so that you will stay away from accidentally removing your backup files with rm -rf.

chattr command write protect the backup directory so that no one can delete it (including root). This is also known as making file immutable. For example your backup directory is /backup, type the following command to write protect directory /backup (only root can set or remove these flags):
[sourcecode language=”bash”]# chattr -R +i /backup[/sourcecode]
To remove immutable flag, type the following command:
[sourcecode language=”bash”]# chattr -R -i /backup[/sourcecode]
If you are using FreeBSD use chflags command to setup immutable flag:
[sourcecode language=”bash”]# chflags -R schg /backup[/sourcecode]
To remove immutable flag, type the following command:
[sourcecode language=”bash”]# chflags -R noschg /backup[/sourcecode]
These commands will keep you from accidentally removing your backup files with rm -rf 😀

Post a Comment