Let's say user has Directory1 and it contains File1 File2 CantBeDeletedFile
How to make so the user would never be allowed to delete the CantBeDeletedFile?
If I change the ownership of Directory1 and remove write permissions users wouldn't be able to delete any file. They also wouldn't be able to add new files etc.
I just want to be able to set some files which would never be deleted.
More specific description.
I am creating user profiles. I am creating application launcher files in their Desktop. So I want to set some launcher files (.desktop) and make them so user can only launch them and they couldn't rename nor delete, just launch.
Currently if user owns the directory which contain any file. He can delete.
If there is no generic way for all *nix, it's a Linux and ext4 FS.
Best Answer
(I dislike intruding users' home, I think they should be allowed to do whatever they want to do with they homes… but anyway…)
This should work on linux (at least). I'm assuming
user
is already a member of the groupuser
. A solution is to change ownership ofDirectory1
and set the sticky bit on the directory:Then use:
Now,
user
won't be able to remove this file due to the sticky bit¹. Theuser
is still able to add/remove their own files inDirectory1
. But notice that they won't be able to deleteDirectory1
because it will never be emptied.—
1. When the sticky bit is enabled on a directory, users (other than the owner) can only remove their own files inside a directory. This is used on directories like
/tmp
whose permissions are1777
=rwxrwxrwt
.