Ubuntu – How to prevent users from renaming files while providing write permissions on Linux

administrationcommand linepermissionsrenamevim

For some special purpose, I want to prevent non-root users of the Linux Server from changing or renaming the filenames. However, they can modify and write to the contents of the file. How to do this from command line.

Best Answer

  • Quoting Stephane Chazelas from this answer on Unix & Linux SE.

    To rename a file, write permissions to the file don't matter, renaming a file is a change to the directory, not the file. That's changing the directory entry to have a different name pointing to the file.

    So all you need to do is change the permissions of the directory. For instance:

    chown root: .
    chmod 755 .
    

    That will prevent users from renaming files in there, but also from creating or deleting files. If you still want them to be able to do that, you could instead make the directory writeable but also set the t bit. With that bit set, users (other than the owner of the directory who is not restricted) can only delete or rename the files they own.

    chown root:people-who-can-create-file-here .
    chmod 1775 .
    chown root:people-who-can-modify-the-files file1-that-must-not-be-rename ...
    chmod 664 file1-that-must-not-be-rename ...