You want to prevent deleting the parent directory (you can delete the child directory)

Asked 2 years ago, Updated 2 years ago, 115 views

Thank you for your help.The questions will be asked in two stages.Suppose you have the following directory structure:

/parent/user1
/parent/user2
/parent/user3

Each user can delete his or her directory, but they do not want to delete the parent directory.Previously, the path to be deleted due to a script bug was executed with spaces such as /parent//user1.As a result, /parent and all of the following directories have been deleted.So I'm looking for the appropriate permissions, sticky bits, or ACL settings.

Actually, this happened on HDFS, but since HDFS permissions and ACLs are equivalent to Linux's file system, I would like to ask you about Linux and Mac first.

The following commands were executed in the experiment (Mac OS X 10.13.4).

mkdir parent
cd parent
mkdir sub

ll
total0
0 drwxr-xr-x2 keisuke staff 64 Apr 19 13:59 sub/

cd..
ll
total0
0 drwxr-xr-x3keisuke staff96 Apr 19 13:59 parent/

Now set the parent to belong to another user.

 sudo chown root:nobody parent
Password:

ll
total0
0 drwxr-xr-x3 root nobody96 Apr 19 13:59 parent/

Configure additional sticky bits.

 sudo chmod 1777 parent
Password:

ll
total0
0 drwxrwxrwt3 root nobody96 Apr 19 13:59 parent/

While setting the sticky bits, I think I have fully released the permissions.

cd parent
ll
total0
0 drwxr-xr-x2 keisuke staff 64 Apr 19 13:59 sub/

The subdirectory belongs to me.

rm-rf sub
ll
total0

Of course, you can delete it.

cd..
rm-rf parent
ll
total0

I was able to delete the folder owned by root with my permission.

According to Wikipedia, the sticky bit says, "Only the owner of the file, the owner of the directory, or the superuser can rename or delete the file under the directory."If this is the case, the following points will be troubling:

  • Parent could be deleted even though the sticky bit is standing
  • I don't want the parent settings to be reflected in the files and directories under my control

As previously mentioned, it is HDFS (Hadoop's file system) that actually wants to address the problem.Many people are working on this file system.You may have run hdfs dfs-rm-r/parent//myfiles/.../... incorrectly due to a bug in your script (there was a space available, so you deleted everyone's files).We are investigating HDFS permissions, sticky bits, and ACLs to prevent a recurrence.Of course, I also modified the script to check the path before deleting it, but I am thinking of taking drastic measures as there may be some errors in the revision.

Many people in the company work on HDFS.If you know any best practices to prevent accidents, please let me know.

Thank you for your cooperation.

linux filesystems hadoop

2022-09-30 12:02

1 Answers

The permission to delete the parent directory is not determined by the permission or owner of the parent, but by the permission or owner of the directory containing the parent.


2022-09-30 12:02

If you have any answers or tips


© 2024 OneMinuteCode. All rights reserved.