How to Make File and Directory Undeletable, Even By Root in Linux?

On Unix-like operating systems including Linux, the root is the account or user name that by default can modify all directories and files on a system. In this article, we’ll show how to make directories or files unremovable even by the root user in Linux.

 

To make a file undeletable by any system user, including root, you need to make it unmodifiable using the chattr command. These command changes file attributes on a Linux file system.

 

How to Make File Undeletable in Linux

 

The command below makes /backups/passwd file immutable (or undeletable). This implies that the file can’t be modified in any way: it can’t be deleted or renamed. You can’t even create a link to it and no data can be written to the file as well.

 

Note that you need superuser privileges to set or remove this attribute, using the sudo command:

$ sudo chattr +i /backups/passwd
OR
$ sudo chattr +i -V /backups/passwd

 

To view attributes of a file, use the lsattr command as shown.

$ lsattr /backups/passwd

 

Now try to remove the immutable file, both as a normal user and as a root.

$ rm /backups/passwd
$ sudo rm /backups/passwd

 

How to Recursively Make Directory Undeletable in Linux

 

Using the -R flag, you can recursively change attributes of directories and their contents as follows.

$ sudo chattr +i -RV /backups/

 

To make a file mutable again, use -i sign to remove the above attribute, as follows.

$ sudo chattr -i /backups/ passwd

 

Was this answer helpful? 0 Users Found This Useful (0 Votes)