How do I use the linux flock command to prevent another root process from deleting a file?
I would like to prevent one of my root processes from deleting a certain file. So I came across the flock command, it seems to fit my need, but I didn\'t get its syntax.
-
sudo chattr +i ./file.xmlMarkR is correct chattr'ing the file will prevent it from being deleted:
-(~)-------------------------------------------------------------------------------------------------------(08:40 Mon Mar 29) risk@DockMaster [2135] --> sudo chattr +i junk.txt [sudo] password for risk: -(~)-------------------------------------------------------------------------------------------------------(08:40 Mon Mar 29) risk@DockMaster [2136] --> sudo rm ./junk.txt rm: cannot remove `./junk.txt': Operation not permitted zsh: exit 1 sudo rm ./junk.txt -(~)-------------------------------------------------------------------------------------------------------(08:40 Mon Mar 29) risk@DockMaster [2137] --> sudo rm -f ./junk.txt rm: cannot remove `./junk.txt': Operation not permitted zsh: exit 1 sudo rm -f ./junk.txt -(~)-------------------------------------------------------------------------------------------------------(08:40 Mon Mar 29) risk@DockMaster [2138] -->讨论(0) -
No, flock does NOT prevent anyone from doing anything. Unix locks are ADVISORY, which means that they prevent other processes from also calling flock (or in the case of a shared lock, prevent another process using an exclusive one).
It doesn't stop root, or anyone else, from reading, writing or deleting the file.
In any case, even if it was a mandatory lock, it wouldn't stop the file being deleted, as it's the file being locked not the directory entry.
讨论(0) -
flock is not the right tool for this job. If you have a programme that is deleting files, you should not run that programme as root. You should run it as a different user. Unix has very good support for file permissions, but root is a god account. Root can do everything, and there are no permissions for root.
讨论(0)
加载中...
- 热议问题