03-07-2014
Quote:
Originally Posted by
palani13dec
Is there any way to create a file in linux that root user also can't delete?
You cannot prevent root from being root.
Some filesystems like ext3 have extended options you can set for a file to make it undeletable even by root. Root can also
turn this bit back off.
You cannot prevent root from being root.
If your security plan, depends on preventing root from being root, it's fatally flawed.
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Is there a way to create or better yet modify a user account so it has the same privs as root? (6 Replies)
Discussion started by: xadamz23
6 Replies
2. Red Hat
Hi,
Is it possible to create a user in Linux 8.0 with all the attribute and the privilages of super user (root). Without using root as the logg in name.
Thanx (6 Replies)
Discussion started by: kayode
6 Replies
3. UNIX for Advanced & Expert Users
Hi all,
I am using Sun Solaris 9 .In this system normal users unable to create files from the command line.I added these users in bin,adm and even root group i found them unable to create a file. (1 Reply)
Discussion started by: mallesh
1 Replies
4. AIX
hello
I would like to create another user like root
With smit user, I have duplicate all the configuration from root to root2 (groupe, secondary group, administrative, etc...)
But when I connect with root2, i don't go to all directory: "permission denied !"
I don't understand where is the... (10 Replies)
Discussion started by: pascalbout
10 Replies
5. Shell Programming and Scripting
Hi All,
I have directory under /opt/test.
The ownership of the test directory is root:root.
I have login to the server as test user.
I need to have some script to create a directory inside /opt/test.
This script will be called as test user.
When I try to execute... (4 Replies)
Discussion started by: kalpeer
4 Replies
6. UNIX for Dummies Questions & Answers
I've tried to figure this out.
I'm only about 6 mos into my AIX admin duties, but I've got a "security" problem I can't figure out.
I've created a sub directory as follows:
drwx------ 2 root system 256 Apr 13 16:02 mike
I've logged in another session with the following user:
$ id... (2 Replies)
Discussion started by: mpheine
2 Replies
7. Solaris
Hi All,
I am trying to uninstall jdk 1.5 from my Solaris 10 64 bit but some how was not successful.so tried to delete the folder of jdk from /usr but its throughing error as:
Unable to remove directory jdk: Read-only file system
Even I tried to create a dir in /usr but its not allowing me... (4 Replies)
Discussion started by: Pshah
4 Replies
8. AIX
please give me any suggestion, how can i create user as root privilege. (please give me very safest way because i have production servers) (5 Replies)
Discussion started by: reply.ravi
5 Replies
9. UNIX for Advanced & Expert Users
Hi!! one strange problem occurred with my RHEL 5 box.
i'm having logs folder with ownership of non-root user. Created some files with root user under logs folder.
here is the scene:
-rw-r----- 1 root root 1048227 Feb 28 12:34 SystemOut_13.02.28_12.34.10.log
-rw-r----- 1 root root ... (6 Replies)
Discussion started by: sukhdip
6 Replies
10. UNIX for Dummies Questions & Answers
Hi All,
I need to give an user sudo ability to root.
We have also generated RSA key but unable to proceed further.
For example after a user logs into the server normally and when he executes below command
$ssh root@server_name
This should take you to root prompt #
Please help me.... (3 Replies)
Discussion started by: Rockyc3400
3 Replies
LEARN ABOUT SUSE
pmvarrun
pmvarrun(8) pam_mount pmvarrun(8)
Name
pmvarrun - updates /var/run/pam_mount/user
Syntax
pmvarrun -u user [options]
Description
A separate program is needed so that /var/run/pam_mount/user may be created with a pam_mount-specific security context (otherwise SELinux
policy will conflict with gdm, which also creates file in /var/run).
pmvarrun is flexible and can run in a number of different security setups:
root-root
When pmvarrun is invoked as root, /var/run/pam_mount's permission settings can be as strict as needed; usually (0755,root,root) is a good
pick as it gives users the debug control over their refcount. Refcount files are given their respective owners (chowned to the user who
logs in).
user-user
When invoked as the user who logs in, /var/run/pam_mount needs appropriate permissions to create a file, which means the write bit must be
set. It is also highly suggested to set the sticky bit in this case, so other users do not tamper with your refcount.
root-user
Some programs or login helpers incorrectly call the PAM stack in a way that the login phase is done as root and the logout phase as a nor-
mal user. Nevertheless, pmvarrun supports this, and the same permissions as in root-root can be used. While the user may not be able to
unlink his file from /var/run/pam_mount, it will be truncated to indicate the same state.
Options
--help, -h
Display help.
--user user, -u user
User to handle, must be a valid username.
--operation number, -o number
Increase volume count by number.
-d Turn on debugging.
Files
/var/run/pam_mount/user
Author
This manpage was originally written by Bastian Kleineidam <calvin@debian.org> for the Debian distribution of libpam-mount but may be used
by others.
See /usr/share/doc/packages/pam_mount/AUTHORS for the list of original authors of pam_mount.
pam_mount 2008-10-08 pmvarrun(8)