Is it possible to forbid removal of files but allow creation of them for specific directory in Linux?
I have an application that creates temp files and quickly deletes them. But I'd like to keep those files, is there a way to do that in Linux?
Yes, you can with per process capabilities in Security-Enhanced Linux which has been part of Ubuntu for the last two years. Be prepared for a steep learning curve.
I've found good enough solution with usage of sticky bit and inotify combined. Idea is simple, if we set a sticky bit on a directory, users won't be able to remove files owned by other users but will still be able to write to them if permissions of a file set correctly.
So, we do the following:
$ chmod a+t dir
$ while inotifywait -e close_write dir; do chmod a+rwx dir/*; sudo chown root:root dir/*; done
The first line sets a sticky bit. The second one constantly waits for changes in our directory and just as application finishes with writing to a file, it allows all the users to access it and then changes the owner of that file. Owner doesn't have to be root, it'll work with any other user as well.
So in the end we end up with writable files that application can not delete. Exactly what I needed.