How to create a file even root user can’t delete it ?
Answers:
Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.
Method 1
Simple answer: You can’t, root can do everything.
You can set the “i” attribute with chattr (at least if you are on ext{2,3,4}) which makes a file unchangeable but root can just unset the attribute and delete the file anyways.
More complex (and ugly hackish workaround):
Put the directory you want unchangeable for root on remote server and mount it via NFS or SMB. If the server does not offer write permissions that locks out the local root account. Of course the local root account could just copy the files over locally, unmount the remote stuff, put the copy in place and change that.
You cannot lock out root from deleting your files. If you cannot trust your root to keep files intact, you are having a social problem, not a technical one.
Method 2
Put it on a CD-rom! 😉
(this should be a comment but I can’t do comments…)
Method 3
Put your file on a readonly filesystem. This may be a remote FS where root is no longer root, a CD-ROM or a removable device that can be write-protected, e.g., a SD card.
Method 4
Long ago I wrote a kernel patch (to 2.2.ancient) where attempting to delete a file called SELFDESTRUCT killed the calling process. This guarded against accidental “rm -rf *”.
Method 5
You can use chattr +i to make a file immutable.
Of course a savvy user with root access could still use chattr -i to remove the immutable attribute and then delete the file, but they could undo any of the other attempts to block access listed here as well.
I would argue that chattr is the correct Unix way to do this.
All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0