Date: Tue, 16 Apr 2002 10:23:43 -0700
From: Rick Moen rick@linuxmafia.com
To: [name omitted]
Subject: Re: Hello...
User-Agent: Mutt/1.3.27i
[My correspondent had reported "permission denied" errors when
trying to
delete something using the root account.]
The immutable attribute is, of course, just one attribute that
can be
set with chattr. Here's an example of how to use lsattr and
chattr:
uncle-enzo:~# cd /tmp
uncle-enzo:/tmp# chattr +i wrd
uncle-enzo:/tmp# lsattr wrd
---i--------- wrd
uncle-enzo:/tmp# rm wrd
rm: remove write-protected file `wrd'? y
rm: cannot unlink `wrd': Operation not permitted
uncle-enzo:/tmp# chattr -i wrd
uncle-enzo:/tmp# rm wrd
uncle-enzo:/tmp#
There are some other valid bits that chattr can set (see "man chattr"):
a = append-only mode
c = compressed storage
d = dump-omitted (omit this file, when using the dump
command)
j = journaled
s = secret (zero out all its bits, if you delete the file)
S = synchronous-written
u = undeletable
None of those, however, could account for the file being
undeletable by
the root user.
I _hope_ you've tried simply doing "chmod 777" on the file,
right? I
mean, any Unix system will block the root user from deleting a
file
whose permissions mask doesn't give him write permission -- as
with any
other user. The root user's special ability is to _change_ such
rights
masks to give himself write permission, regardless of who owns
the file.
If you've tried all that, and the file remains undeletable by
the root
user, _and_ you've verified that the filesystem hosting it is
mounted
writeable[1], then by definition the filesystem is damaged, and
needs to
be repaired or replaced.
The thing to try, in that case, is the fsck utility
appropriate for
whatever filesystem type it is, e.g., fsck.ext2, fsck.ext3, etc.
You'll
need to unmount it first. (Thus, if it's the root filesystem, you
may
have to do this from a maintenance floppy, CD-ROM, or
maintenance
partition.)
If you've fscked the filesystem, remounted it (in read-write
mode, not
read-only), and the file is _still_ not deletable, then you have
some
type of filesystem corruption that fsck can't handle.
Congratulations!
You'll need to back up the filesystem's data, blow it away,
recreate it,
and then restore.
[1] For example, the fact that root cannot delete a file from
/usr
in my system is not surprising:
uncle-enzo:/tmp# mount
/dev/sda5 on / type ext2 (rw,errors=remount-ro)
proc on /proc type proc (rw)
devpts on /dev/pts type devpts (rw,gid=5,mode=620)
/dev/sdb7 on /var type ext2 (rw,nosuid,nodev,noatime)
/dev/sda8 on /var/log type ext2 (rw,nosuid,nodev,noatime)
/dev/sdb8 on /usr type ext2 (ro,nodev)
/dev/sda9 on /usr/local type ext2 (rw)
/dev/sdb1 on /home type ext2 (rw,nosuid,nodev)
/dev/sdb5 on /tmp type ext2 (rw,noexec,nosuid,nodev,noatime)
uncle-enzo:/tmp#
It's easy to forget about the subtler consequences of mount
options.
For example, sometimes, I forget about the "noexec" option on
/tmp,
and wonder for a few seconds why shell scripts won't work,
there.
(Also, on rare occasions, the "mount" output will remind you
that the
directory you've been fruitlessly trying to delete is an
in-service
mountpoint. D'oh!)
--
Cheers, "Azathoth need not be present to win."
Rick Moen -- Charles O. Baucum, Jr.
rick@linuxmafia.com