# star cvzf /tmp/home-backup.star.gz -acl artype=exustar /home
a /home/ directory
a /home/john/ directory
a /home/john/.bash_logout 24 bytes, 1 tape blocks
a /home/john/.bash_profile 191 bytes, 1 tape blocks
a /home/john/.bashrc 124 bytes, 1 tape blocks
a /home/john/.gtkrc 120 bytes, 1 tape blocks
...(Lines snipped)...
To restore from this archive:
# star xvzf /tmp/home-backup.star.gz artype= exustar -acl
star: WARNING: skipping leading '/' on filenames.
Release star 1.5a69 (i386-redhat-linux-gnu)
Archtype exustar
Dumpdate 1146974078.733347 (Sat May 6 23:54:38 2006)
Volno 1
Blocksize 20
x home/ directory
x home/john/ directory
x home/john/.bash_logout 24 bytes, 1 tape blocks
x home/john/.bash_profile 191 bytes, 1 tape blocks
x home/john/.bashrc 124 bytes, 1 tape blocks
x home/john/.gtkrc 120 bytes, 1 tape blocks
...(Lines snipped)...
8.3.4. Where Can I Learn More?
The manpages for acl(5) , getfacl , and setfacl
The manpages for star and spax
8.4. Making Files Immutable
Because the root user can override permissions, file permissions alone are not enough to ensure that a file will not be changed. But when a file is made immutable , it cannot be changed by anyone.
8.4.1. How Do I Do That?
To make a file immutable, use the chattr (change attribute) command to add the i attribute to the file:
# chattr +i foo
# date >> foobash: foo: Permission denied
# mv foo baz
mv: cannot move \Qfoo' to \Qbaz': Operation not permitted
# rm foo
rm: cannot remove \Qfoo': Operation not permitted
You can find out if the i attribute has been set by using the lsattr (list-attribute) command:
# lsattr foo
----i-------- foo
The presence of the i in the output indicates that the file foo has been made immutable.
Removing the i attribute causes the file to act normally again:
# chattr -i foo
#
date >>foo
#
mv foo baz
#
rm baz
# ls baz
ls: baz: No such file or directory
8.4.2. How Does It Work?
The immutable capability is provided by the ext2/ext3 filesystems. Each file has an immutable flag that is part of the ext2/ext3 file attributes; when set, the ext2/ext3 code in the kernel will refuse to change the ownership, group, name, or permissions of the file, and will not permit writing, appending, or truncation of the file.
By making configuration files and programs immutable, you can provide a small measure of protection against change. This can be used to guard against accidental changes to configuration files. It can also prevent a program from being subverted to change files it should not; although SELinux provides similar protection, you may add software to your system that is not covered by the SELinux targeted policy.
Do not attempt to upgrade or remove software packages if you've made any of the files belonging to those packages immutable! Doing so may render your system unusable. Be particularly careful if you are using immutable files on a system that has automatic yum updates enabled.
8.4.3. What About...
8.4.3.1. ...making an entire subtree immutable?
The -R option to chattr causes it to operate recursively over all of the files and subdirectories within a directory:
# chattr -R +i /etc
8.4.3.2. ...other file attributes that might be useful?
Although a number of file attributes have been defined for ext2/ext3 filesystems, very few of the interesting ones have been implemented! For example, attributes have been defined to enable per-file automatic data compression, automatic zeroing (enhanced security erasure) of deleted files, and save-for-undeletion, but none of those features have been implemented so far.
But there is one other attribute that is occasionally usefuclass="underline" the append-only attribute, a . When applied to a file by chattr , this attribute provides all of the protection of the immutable attribute, except that it remains possible to append data to the file. This is ideal for logfiles, because it makes it impossible to alter or erase data that has been placed in the logfile.
8.4.4. Where Can I Learn More?
The manpages for chattr and lsattr
8.5. Using sudo to Delegate Privilege
Sometimes it's useful to delegate superuser privilege to a Fedora user; however, giving him the superuser password gives him total control of the system. The sudo system enables superuser privilege to be delegated on a program-by-program basis.
8.5.1. How Do I Do That?
There are two parts to sudo : the /etc/sudoers file, which controls who can do what, and the sudo command, which enables authorized users to run commands with superuser privilege.
To configure /etc/sudoers , use the visudo utility, which will start vi so that you can edit the file. When you are done, it checks the syntax before installing it. If there is a syntax error, visudo will prompt you for a course of action; to see the available options, enter a question mark: