On Unix-like operating systems including Linux, root is the account or user name that by default can modify all directories and files on a system.
But have you ever wanted to protect your important files and directories from accidental deletion, even by the superuser or root user on your system?
In this article, we’ll walk you through the steps to make your files and directories undeletable, even by the most powerful root user on your Linux system.
How to Make File Undeletable in Linux (Even by Root)
To make a file undeletable by any system user, including root, you need to make it unmodifiable using the chattr command, which changes the attributes of a file or directory on a Linux file system.
Using the chattr Command
The command below makes /backups/passwd file immutable (or undeletable). This implies that the file can’t be modified in any way: it can’t be deleted or renamed. You can’t even create a link to it and no data can be written to the file as well.
Note that you need superuser privileges to set or remove this attribute, using the sudo command:
sudo chattr +i /backups/passwd OR sudo chattr +i -V /backups/passwd
To view attributes of a file, use the lsattr command as shown.
lsattr /backups/passwd
Now try to remove the immutable file, both as a normal user and as a root using rm command as shown.
rm /backups/passwd sudo rm /backups/passwd
How to Recursively Make Directory Undeletable in Linux
Using the -R
flag, you can recursively change attributes of directories and their contents as follows.
sudo chattr +i -RV /backups/
To make a file mutable again, use -i
sign to remove the above attribute, as follows.
sudo chattr -i /backups/ passwd
For more information, read this article: 5 ‘chattr’ Commands to Make Important Files IMMUTABLE (Unchangeable) in Linux
You will find these related articles useful:
- How to Manage Users and Groups in Linux
- Managing Users & Groups and Enabling sudo Access to Users
- How to Find Files With SUID and SGID Permissions in Linux
- Translate rwx Permissions into Octal Format in Linux
Conclusion
By using the methods outlined in this guide, you can protect your important files and directories from accidental deletion by the root user using the chattr command which adds an extra layer of security to safeguard your data.
How does one reverse this procedure? Use the chattr command again?
@Dragonmouth,
Use
chattr -i
to remove the attribute.