FAQforge

Have you ever executed a command on the shell and noticed the that you had to run it with sudo? Instead of typing the command again with “sudo” in front of it, just run:

sudo !!

which will execute the command that was run before with sudo. Thanks to Planetfox for this tipp.

If the root user stores a file in the home directory of another user or any other directory that is owned by another user, this other user is able to delete the file even if the file is owned by root and has 700 permissions.

Example:

root@workstation:/home/otheruser# ls -la
total 8
drwxr-xr-x 2 otheruser otheruser 4096 Oct 23 11:52 .
drwxr-xr-x 3 root      root      4096 Oct 23 11:51 ..
-rwx------ 1 root      root         0 Oct 23 11:52 root_users_file

If I su now to "otheruser", I'am able to delete the file as "otheruser" is the owner of the directory where "root_users_file" is stored:
<p class="command">root@workstation:/home/otheruser# su otheruser
sh-3.2$ rm root_users_file
rm: remove write-protected regular empty file `root_users_file'? y
sh-3.2$

Now to protect the file from beeing deleted, use the command <span class="system">chattr +i</span>:
<p class="command">chattr +i root_users_file

and then try again to delete the file as “otheruser”, the action will be denied:

root@workstation:/home/otheruser# su otheruser
sh-3.2$ rm root_users_file
rm: remove write-protected regular empty file `root_users_file'? y
rm: cannot remove `root_users_file': Operation not permitted
sh-3.2$

Now even root is not able to delete or edit the file anymore. With the command <span class="system">chattr -i</span> the protection can be removed:
<p class="command">chattr -i root_users_file