[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Google
  Web www.spinics.net

R: root unable to delete

Hi,

just try 

man chattr

You wil got something like...

CHATTR(1)                                               CHATTR(1)

NAME
       chattr - change file attributes on a Linux second extended file
system

SYNOPSIS
       chattr [ -RV ] [ -v version ] [ mode ] files...

DESCRIPTION
       chattr changes the file attributes on a Linux second extended file
system.

       The format of a symbolic mode is +-=[ASacdisu].

       The operator `+' causes the selected attributes to be added to the
existing 	 attributes of the
       files; `-' causes them to be removed; and `=' causes them to be the
only 	 attributes that  the
       files have.

       The  letters `ASacdisu' select the new attributes for the files:
don't update atime (A), syn-
       chronous updates (S), append only (a), compressed (c), immutable (i),
no  	 dump  (d),  secure
       deletion (s), and undeletable (u).

OPTIONS
       -R     Recursively  change  attributes  of  directories  and  their
contents.  	 Symbolic links
              encountered during recursive directory traversals are ignored.

       -V     Be verbose with chattr's output and print the program version.

       -v version
              Set the filesystem version.

ATTRIBUTES
       When a file with the 'A' attribute set is modified, its atime record
is not  	 modified.   This
       avoids a certain amount of disk I/O for laptop systems.

       A  file  with  the  `a'  attribute set can only be open in append
mode for 	 writing.  Only the
       superuser can set or clear this attribute.

       A file with the `c' attribute set is automatically compressed on the
disk by  	 the  kernel.  A
       read  from  this  file returns uncompressed data. A write to this
file 	 compresses data before
       storing them on the disk.

       A file with the `d' attribute set is not candidate for backup when
the  dump	(8)  program  is
       run.

       A  file  with  the `i' attribute cannot be modified: it cannot be
deleted or 	 renamed, no link
       can be created to this file and no data can be written to the file.
Only  the  	 superuser  can
       set or clear this attribute.

       When  a file with the `s' attribute set is deleted, its blocks are
zeroed and 	 written back to
       the disk.

       When a file with the `S' attribute set is modified, the changes are
written 	 synchronously  on
       the disk; this is equivalent to the `sync' mount option applied to a
subset 	 of the files.

       When  a  file with the `u' attribute set is deleted, its contents are
saved.  	 This allows the
       user to ask for its undeletion.

AUTHOR
       chattr was written by Remy Card <card@masi.ibp.fr>, the developer and
maintainer of the  ext2 fs.

BUGS AND LIMITATIONS
       As of ext2 fs 0.5a, the `c' and `u' attribute are not honoured by the
kernel 	code.  As of the
       Linux 2.0 kernel, the 'A' attribute is not yet supported by the
kernel  code.   	(The  noatime
       code is still in testing.)

       These attributes will be implemented in a future ext2 fs version.

AVAILABILITY
       chattr   is  part  of  the  e2fsprogs  package  and  is  available
for  	 anonymous  ftp  from
       tsx-11.mit.edu in /pub/linux/packages/ext2fs.

SEE ALSO
       lsattr(1)

E2fsprogs version 1.18    November 1999                         1

> Mezui me Ze Fredie 
> Saritel S.p.A. - MSP-OS(Managed Services & Platforms- Operations Support
Systems)
> Gruppo Telecom Italia 
> S.S. 148 Pontina Km. 29,100 - 00040 Pomezia (RM) 
> Tel. +39.06.91197.409 
> Voice ext: 6409 
> E-Mail: f.mezuimeze@saritel.it
> "You cannot speak of democracy if you are not ready to play by its rules."

> 
> 
> Le informazioni contenute o allegate alla mail sono classificate - SARITEL
- Uso interno - e sono dirette unicamente al destinatario in indirizzo che
si impegna a mantenere riservate le informazioni relative alla presente.
Chiunque riceva questa mail per errore è tenuto ad informare immediatamente
il mittente ed a distruggere le informazioni in essa contenute. Si ringrazia
per la collaborazione.
> 
> This e-mail contains SARITEL classified information intended only for use
of the address named above. If the reader of this message in not the
intended recipient, please note that dissemination, distribution or copying
of this communication is strictly forbidden. Anyone who receives this
communication in error should destroy it and  inform the sender .Thanks for
the collaboration. 


-----Messaggio originale-----
Da: Administrator [mailto:WebMaster@gcstation.net]
Inviato: giovedì 7 novembre 2002 21.13
A: security-discuss@linuxsecurity.com
Oggetto: root unable to delete


Greetings All,

I had a machine get hacked on RH 7.2
Whoever did it made some changes to files
and did something to the file that does not 
all me to delete the file, when I am logged 
in as root and the file is owned by root and 
is in the group of root and is set as 755 .
I can't even edit and save the changes to the 
file.

Can someone tell me how they did it ?

I have removed the machine and rebuilt it but
I would love to know how it was done.

Thanks all,
Mike




------------------------------------------------------------------------
     To unsubscribe email security-discuss-request@linuxsecurity.com
         with "unsubscribe" in the subject of the message.
------------------------------------------------------------------------
     To unsubscribe email security-discuss-request@linuxsecurity.com
         with "unsubscribe" in the subject of the message.

[Home]     [Fedora Announce]     [Linux Crypto]     [Kernel]     [Netfilter]     [Video for Linux]     [Bugtraq]     [USB]     [Network Security]     [Fedora Security]

Powered by Linux