How To: Protect a file or directory from being deleted or changed by root

The following article is a guest article that will teach you how to protect a file or directory from being deleted or changed – even by root. This is a handy skill to have as you may have files you want to ensure are never changed.

This time, I’m going to do very little editing – but not out of laziness, but because I really don’t seem to need to do much. I really only need to do some formatting changes and we’ll be good.

Note: I forgot to ask the author if they want me to disclose their name. It’s a little late in the day now, as they’re in another time zone entirely, so when they see this they can let me know if they want their name credited/anything linked from it.

Without further ado…

Protect A File Or Directory:

Sometimes we come across files/directories in Linux that we don’t want to be changed. It won’t be long before we realize making a file “read only” through the GUI of our desktop environment doesn’t work the way we want to because the root user is still able to alter that file.

In this article I’m going to show you how to protect ANY file or directory from being deleted or changed even by the root user. For this example I’ll use xorg.conf which is nvidia’s config file.

Files:

In order to make xorg.conf immortal, as I like to call this process, open terminal and type:

and press enter. To make sure the file has become immutable, which is what the +i stands for, open it as root in your favorite text editor (sudo gedit /etc/X11/xorg.conf). Some text editors will allow you to write new content to the file but they won’t allow you to save the changes because the file is already immutable. Other text editors won’t react to pressing keys and there will be a “read only” string in the title bar next to the file name.

Undoing a file immutable is pretty much the same, with the only difference being that instead of a + you must use a minus symbol:

Directories:

You can also make a directory immutable or even a set of subdirectories. For this example open your home directory in your favorite file manager, then open terminal and type:

Now, here comes a little tricky part that you need to remember for the immutabling of the directories to work: placing a slash after the names tells the shell that dir2 is a directory and not a file. If you type /testdir/dir2, the shell will think dir2 is a file and will return an error.

If you have entered the command correctly, you will see this output:

If you have closed terminal, open it again in your home directory where you just created these two directories and type (exactly the way you see it, with the capital R and V):

-R stands for “recursive”, meaning it will do the same operation to all subdirectories, including dir2.
-V stands for “verbose” which will display what has been done.

In order to test this, simply select test dir and press Delete to try and delete it. You’ll see an error message which means testdir and the dir2 inside it have both become “immortal” and now nobody can delete them, not even root.

Undoing this is the same command, only instead of +i, you must use -i.

Closure:

And there you have it, a fairly well written article that I didn’t do much to other than some basic formatting. If there’s an error, don’t blame me! Ha! It looks right to me and jives with what I know on the subject, but I did not actually go through and test this. I trust the author to know what they’re talking about.

By the way, if you have a favorite subject and want to write an article, it really is that easy. Up in the upper right, click on the ‘contribute’ and I’ve made it even easier. (Don’t worry if it won’t let you pick a category, it’ll go through – and I still have to pick a category for it anyhow. All that does is save it as a draft for me to work on. It certainly doesn’t publish anything without my intervention. That’d just be silly talk!)

Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your own site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.

How To: Enable The Root Account in Ubuntu

This will be a quick and easy article, where I explain how to enable the root account in Ubuntu. It’s easy to enable the root account, but you may not want to. The choice is up to you.

This article really starts here, with a pet peeve. See, Ubuntu doesn’t ship with root enabled by default and it does that for security reasons. If there’s no root account, the root account can’t be compromised. Instead, it relies on sudo for elevating permissions. If you ask at some sites, they’ll give you a lecture instead of telling you how to enable root.

Me? I disagree with that. If you want to know how to enable root, I’ll tell you how to enable root. It’ll likely come with a blurb that tells you why you may want to avoid doing so – but I’ll give you the answer to your question.

About the only time I won’t give you a direct answer is when it’s obvious that you’re asking me to do your homework. I may also not tell people how to do their job. After all, I don’t want incompetence entering the workforce and I don’t want incompetent people staying staying in the field.

I view Linux as not just an OS but also as a bit of a philosophy, a philosophy of constant learning, continued improvement, and a never-ending quest for greater understanding. If someone wants to know how to enable root, I’m damned well going to tell them how to enable root.

Yes, it may lessen their security, and I’ll make sure to tell them that as well. I’ll be sure to tell them why Ubuntu made the choice and what it means if they undo it. It’s their system. If they want to enable root, I will help them do that.

Enable Root in Ubuntu:

Having said all of that above, it’s actually really trivial to enable root in Ubuntu. The first thing you’re going to do is open the terminal. Like always, you can use your keyboard, just press CTRL + ALT + T and your default terminal will open up.

Next, you’ll want to enter the following command:

Now, first it’ll ask for your current user’s password. Enter that. When you enter that, it’ll ask you to set a password for ‘root’. You’ll need to enter that password twice. Once you’re done with that, you’re done with it. That’s literally all it takes.

If you want to test this, you can login as root in TTY. Press CTRL + ALT + F3 and login as root, using the password you just assigned. To get back to your desktop, just press CTRL + ALT + F1 and it should bring you right back. If not, or if you’re not using Ubuntu, you can press and hold the left ALT button and then press the until you’re back at your desktop.

NOTE: This won’t enable GUI login as root. I’ll explain how to do that in a future article. This only enables the root account and nothing more.

If you do enable root, be aware that that means the root account can be compromised and used. Root has all the permissions. All of ’em… So, if the root account is compromised whoever has done so has complete control of the system. You should be aware of this before you make this change. Only make this change if you know what you’re doing and if you’re prepared for the consequences.

Closure:

And there you have it. You have another article in the books, this one explaining how to enable the root account. Think twice before doing so, but it’s your device and you get to make that decision. Just be aware of the consequences of doing so and you should be all set.

Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your own site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.

Linux Tips
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 International License.