Making files on ZFS Immutable (even by root!)
By DarrenMoffat on Aug 14, 2008
First lets look at the normal POSIX file permissions and show who we are and what privileges our shell is running with:
# ls -l /tank/fs/hamlet.txt -rw-rw-rw- 1 root root 211179 Aug 14 13:00 /tank/fs/hamlet.txt # pcred $$ 100618: e/r/suid=0 e/r/sgid=0 groups: 0 1 2 3 4 5 6 7 8 9 12 # ppriv $$ 100618: -zsh flags =
E: all I: all P: all L: all
So we are running as root and have all privileges in our process and are passing all on to our children. We also own the file (and it is on a local ZFS filesystem not over NFS), and it is writable by us and our group, everyone in fact. So lets try and modify it:
# echo "SCRIBBLE" > /tank/fs/hamlet.txt zsh: not owner: /tank/fs/hamlet.txt
That didn't work lets try and delete it, but first check the permissions of the containing directory:
# ls -ld /tank/fs drwxr-xr-x 2 root root 3 Aug 14 13:00 /tank/fs # rm /tank/fs/hamlet.txt rm: /tank/fs/hamlet.txt: override protection 666 (yes/no)? y rm: /tank/fs/hamlet.txt not removed: Not owner
That is very strange, so what is going on here ?
Before I started this I made the file immutable. That means that regardless of what privileges(5) the process has and what POSIX permissions or NFSv4/ZFS ACL it has we can't delete it change it nor can we even change the POSIX permissions or the ACL. So how did we do that ? Without good old friend chmod:
# chmod S+ci /tank/fs/hamlet.txtOr more verbosely:
# chmod chmod S+v immutable /tank/fs/hamlet.txt
See chmod(1) for more details. For those of you running OpenSolaris 2008.05 releases then you need to change the default PATH to have /usr/bin in front of /usr/gnu/bin or use the full path to /usr/bin/chmod. This is because these extensions are only part of the OpenSolaris chmod command not the GNU version. The same applies to my previous posting on the extended output from ls.