How to Prevent Directory Deletion by User

chmodcommand linepermissionsrm

Suppose a directory dir1 is created by sudo on Desktop.

sudo mkdir dir1

Then I applied chown and chmod as following:

sudo chown root:root dir1
sudo chmod go-rwx dir1

Now dir1 is only accessible with owner root.

$ ls -ld dir1
drwx------ 2 root root 4096 Jul 29 19:21 dir1

If user ($USER = pandya) try to delete dir1 with GUI nautilus (without sudo), then he can't which is ok.

enter image description here

But if tried to remove with terminal then he can which is not ok:-

  • rm -r (without sudo):

     $ rm -r dir1
     rm: descend into write-protected directory ‘dir1’? Y
     rm: remove write-protected directory ‘dir1’? Y
     $
    
  • And more easily with rmdir ! (without sudo):

    $ rmdir dir1
    $ 
    

Thus, How to prevent dir1 to be delete with user than not sudo?

[optional]
My ultimate aim is: Only owner can delete directory, group and other only can read/execute.

Best Answer

What said Class Stacker in his answer is correct, but it didn't solved your problem. To prevent a directory from being deleted by the user which owns all rights to the parent directory (/home/pandya in your case) you have to use the chattr command.

Here is an example:

$ sudo mkdir dir1
$ sudo chattr +i dir1
$ rmdir dir1
rmdir: failed to remove ‘dir1’: Operation not permitted
$ rm -r dir1
rm: remove write-protected directory ‘dir1’? y
rm: cannot remove ‘dir1’: Operation not permitted
$ chattr -i dir1
chattr: Permission denied while setting flags on dir1

And in Nautilus:

enter image description here

Please read man chattr for more info.

Related Question