Re: Immutable flag and packages
> > As a trivial example, it would be reasonable to have /etc/fstab
> > marked immutable, while /etc/mtab would be mutable.
>
> To remove or clear the flag you need not just to be superuser, but to be
> running at securelevel 0, which normally requires a reboot to single user
> mode.
During lunch, I verified that I could create a file, mark it immutable,
and not force a modification even as root. I then cleared the immutable
bit and nuked the file. The exact commands ran something like:
# touch /tmp/foobar
# chattr +i /tmp/foobar
# rm -rf /tmp/foobar
(failed)
# vi /tmp/foobar
:w!
(unable to write file)
# chattr -i /tmp/foobar
# rm -rf /tmp/foobar
(success)
I'm currently running 1.3, although I plan to upgrade to hamm within the
next few days. In fact, I was downloading some binary files at the time,
so I *know* that my system continued to function in its normal manner.
I hate to ask a stupid question, but are you sure you aren't thinking
about mounting an entire filesystem as "read-only", not just marking
a single file (or collection of files) as "immutable" under the ext2
extentions?
On a related note, the chattr man page mentions the possibility of
specifying a "version number" for a file. I couldn't get that to
work, possibly because I tried 1.2 instead of an integerized form of
it, but this introduces interesting possibilities for package writers. :-)
Bear Giles
bear@coyotesong.com
--
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: