I have a file which I place in new users’ home directories and would like to prevent them from deleting said file. Read access needs to remain possible. The users are not administrators (cannot sudo). I tried by creating a file as root and setting permissions 644, but the user can still delete the file (after a confirmation). I even tried restricting the user to be of SELinux user
user_u, but to no avail. Any ideas of how else I could protect that file?
Here some output of me deleting the file as the restricted user:
[seuser@fedora ~]$ ls -lZ total 4 -rw-r--r--. 1 root root unconfined_u:object_r:user_home_t:s0 8 Jun 28 10:06 specialfile [seuser@fedora ~]$ rm specialfile rm: remove write-protected regular file 'specialfile'? y
and the file is gone.
The user is
[seuser@fedora ~]$ id -Z user_u:user_r:user_t:s0
Thanks for your help.