How To Make A File Write Protected And Undeletable In FreeBSD?

How To Make A File Write Protected And Undeletable In FreeBSD?

   

This post was last updated on August 1st, 2020 at 10:19 am

FreeBSD operating system has an extra security feature for files called file flags. It provides additional control over files, but not directories. If you set the flag of a file it can not be removed or altered by anyone including root.

The chflag utility can be used to modify the file flags of the listed files as specified by the flag operand. Only root or the owner of a file can enable or disable these flags.

How to write-protect a file

You can write-protect a file by enabling the schg flag on it. To make file1 write-protected, so that no one can edit this file, use the following command in your terminal –

chflags schg file1

To check the current flags set on a file, use –

ls -lo file1

How to enable the undeletable flag on a file

If you enable the undeletable flag on a file. The file can not be deleted by anyone even by root. Set the undeletable flag on a file by using –

chflags sunlink file1

Now again execute the given command to view the flags on a file-

ls -lo file1

Now if you run the command to edit or delete the file1 this says operation not permitted –

To edit or delete this file first you need to turn off these flags.

Remove the immutable or undeletable flag of a file

To disable the write-protected or immutable flag from a file, use the following command  –

chflag noschg file1

Or issue the given command to disable undeletable flag from the file –

chflags nosunlink file1

 Some other files flag in FreeBSD

Apart from these two flags, there are some other flags that can be used by the root user or owner of the file to alter the behavior of a file. A few of them are listed below –

  • arch – set the archived flag
  • sappnd – set the system append-only flag
  • schg – set the system immutable flag
  • sunlnk – set the system undeletable flag
  • uappnd –set the user append-only flag
  • uchg – set the user immutable flag
  • uunlnk –set the user undeletable flag

If you use no before these flags it will disable the flag on a file. To know more about the flags and option that can be used with chflag, see its manual page by using –

man chflag

Conclusion

By enabling a flag you can increase the security of a file. Now if you want something to say on this topic then share your thought with us in the comments below.

Previous GParted wont open despite already installed.
Next [ubuntu] error: internal error: libxenlight state driver is not active

About author

You might also like

How To 0 Comments

How To Run A Process In Background In Linux/Unix?

This post was last updated on August 1st, 2020 at 02:11 pmIn a Linux/Unix system, a process is an instance of a program that is running on a computer. When

Linux Topics 0 Comments

How To List The All Enabled Repositories In Linux?

This post was last updated on August 1st, 2020 at 01:28 pmA software repository is a database of software packages stored on a remote server. Generally, these packages are retrieved

FreeBSD Topics 0 Comments

Understanding Ports Skeleton In FreeBSD

This post was last updated on August 1st, 2020 at 12:09 pmIn FreeBSD, there are two ways to install software packages: pkg and ports collection. The pkg is used to

0 Comments

No Comments Yet!

You can be first to comment this post!

Leave a Reply