How to prevent directory from being deleted by user?
Suppose a directory dir1
is created by sudo
on Desktop.
sudo mkdir dir1
Then I applied chown
and chmod
as following:
sudo chown root:root dir1
sudo chmod go-rwx dir1
Now dir1
is only accessible with owner root
.
$ ls -ld dir1
drwx------ 2 root root 4096 Jul 29 19:21 dir1
If user ($USER
= pandya
) try to delete dir1
with GUI nautilus (without sudo
), then he can't which is ok.
But if tried to remove with terminal then he can which is not ok:-
-
rm -r
(withoutsudo
):$ rm -r dir1 rm: descend into write-protected directory ‘dir1’? Y rm: remove write-protected directory ‘dir1’? Y $
-
And more easily with
rmdir
! (without sudo):$ rmdir dir1 $
Thus, How to prevent dir1
to be delete with user than not sudo
?
[optional]
My ultimate aim is: Only owner can delete directory, group and other only can read/execute.
What said Class Stacker in his answer is correct, but it didn't solved your problem. To prevent a directory from being deleted by the user which owns all rights to the parent directory (/home/pandya
in your case) you have to use the chattr
command.
Here is an example:
$ sudo mkdir dir1
$ sudo chattr +i dir1
$ rmdir dir1
rmdir: failed to remove ‘dir1’: Operation not permitted
$ rm -r dir1
rm: remove write-protected directory ‘dir1’? y
rm: cannot remove ‘dir1’: Operation not permitted
$ chattr -i dir1
chattr: Permission denied while setting flags on dir1
And in Nautilus:
Please read man chattr
for more info.
Actually, directories are special files.
In a directory /home/user
, the right of creating or removing entires (such as files or directories) is determined by the rights of /home/user
itself, not by the rights of the entries.
In your case, it would be best to provide a subdirectory, such as /home/user/fixed
, and set the rights of that to r-x
. Then, the user will be unable to create or delete files or directories in there. He may still be able to edit, descent, etc based on the rights of the individual files and directories inside /home/user/fixed
.