Is it possible to forbid removal of files but allow creation of them for specific directory in Linux?

linux file-management ubuntu-10.04

I have an application that creates temp files and quickly deletes them. But I'd like to keep those files, is there a way to do that in Linux?


Yes, you can with per process capabilities in Security-Enhanced Linux which has been part of Ubuntu for the last two years. Be prepared for a steep learning curve.


I've found good enough solution with usage of sticky bit and inotify combined. Idea is simple, if we set a sticky bit on a directory, users won't be able to remove files owned by other users but will still be able to write to them if permissions of a file set correctly.

So, we do the following:

$ chmod a+t dir
$ while inotifywait -e close_write dir; do chmod a+rwx dir/*; sudo chown root:root dir/*; done

The first line sets a sticky bit. The second one constantly waits for changes in our directory and just as application finishes with writing to a file, it allows all the users to access it and then changes the owner of that file. Owner doesn't have to be root, it'll work with any other user as well.

So in the end we end up with writable files that application can not delete. Exactly what I needed.

Related

How to assign a keyboard shortcut to an application on Mac OS X?
What is the cleanest way to write an array formula to facilitate the addition of more rows?
Why is Udcast is many times faster than Netcat?
Using cell phone as Internet provider for router
Any way to have Excel 2010 treat a quoted value "08540" as text not number when opening a CSV
Using every Nth image in sequence to create video using FFmpeg
Remove rootkit from Windows XP Pro system
How does a Raspberry Pi 4 truly compare against a modern desktop CPU? [duplicate]
Is DDR3 worth it? [closed]
How can I remove "Positive Finds ads" from Google search results?
Why does "cmd /k" reset/clear/delete command history?
how to completely disable pagefile use wmic