Comprehensive data protection for all workloads
Post Reply
nitrouz
Novice
Posts: 6
Liked: never
Joined: Jun 09, 2016 1:45 am
Full Name: Josh

Testing - Can delete files flagged as immutable?

Post by nitrouz »

Hi All,

I'm new to linux and using RHEL 8. I am logged into an account which was an admin in order to use as a single use credential for deployment then changed to standard account. This account has ownership over the mounted disk being used. I have files flagged as immutable which I cant delete using rm terminal command. Can confirm the file has the lower case "i" attribute. If i try rmdir --ignore-fail-on-non-empty, the command executes without error but the directory remains with files intact, however I seem to be able to delete the parent directory of the immutable file by trashing it in the GUI and then emptying the trash. How is this possible if the file is meant to be immutable?
Mildur
Product Manager
Posts: 9848
Liked: 2607 times
Joined: May 13, 2017 4:51 pm
Full Name: Fabian K.
Location: Switzerland
Contact:

Re: Testing - Can delete files flagged as immutable?

Post by Mildur » 1 person likes this post

Hi Josh
however I seem to be able to delete the parent directory of the immutable file by trashing it in the GUI and then emptying the trash. How is this possible if the file is meant to be immutable?
Could you please provide more details? Which GUI are you referring to? Ubuntu GNOME or similar? Or the Veeam console?
How is this possible if the file is meant to be immutable?
A root user or a user with sudo permissions can always overwrite the immutable flag for those files. I can only assume that the GUI you mentioned might be somehow bypassing this protection by running commands under a privileged account (which is never possible from the Veeam console).

A general best practice and security recommendation is to use minimal OS install and disable any remote access to the Linux server used as a hardened repository. If SSH, VNC, or similar remote connection methods are disabled, manipulation of the backup files on the file system is not possible anymore over the network in principle, requiring physical local console access.

Best,
Fabian
Product Management Analyst @ Veeam Software
nitrouz
Novice
Posts: 6
Liked: never
Joined: Jun 09, 2016 1:45 am
Full Name: Josh

Re: Testing - Can delete files flagged as immutable?

Post by nitrouz »

Thanks Fabian,

The GUI is the default RHEL Gnome.

I will definitely be locking down remote access. I’m generally curious about how it’s happening without the immutable flag being removed and the user not in sudo. I can’t delete the backup file itself, but the parent directory I can. It doesn’t instil much confidence. I can confirm I cannot delete the job or data from the veeam console (even after removing immutable flag).
Mildur
Product Manager
Posts: 9848
Liked: 2607 times
Joined: May 13, 2017 4:51 pm
Full Name: Fabian K.
Location: Switzerland
Contact:

Re: Testing - Can delete files flagged as immutable?

Post by Mildur »

I cannot comment on what's possible with RHEL Gnome and what's not. From a Veeam perspective, you don't require RHEL Gnome at all.
My suggestion is to ask the same question to RHEL support. "Why does RHEL Gnome allow you to remove root folders that contain immutable files in subfolders?"
Sounds to me like a bug, or the file manager in RHEL Gnome runs with elevated permissions and can delete such files.
I can confirm I cannot delete the job or data from the veeam console (even after removing immutable flag).
Thank you for confirming it for the Veeam console. Immutable backup data cannot be removed. But the backup job must be removable. Backups will then move to "orphaned".
We have an additional lock file (.veeam.N.lock) containing information about backup file immutability. Even if you remove the immutable flag from the backup file, the backup server will still read the immutability information from our lock file.
user guide (How Immutability Works)

Best,
Fabian
Product Management Analyst @ Veeam Software
nitrouz
Novice
Posts: 6
Liked: never
Joined: Jun 09, 2016 1:45 am
Full Name: Josh

Re: Testing - Can delete files flagged as immutable?

Post by nitrouz »

Thanks Fabian, I appreciate your help.
Gostev
Chief Product Officer
Posts: 31814
Liked: 7302 times
Joined: Jan 01, 2006 1:01 am
Location: Baar, Switzerland
Contact:

Re: Testing - Can delete files flagged as immutable?

Post by Gostev »

Just to close on this, our QA was unable to reproduce immutable backup files deletion in the specific scenario outlined above: "RHEL Gnome under regular user who is not in sudo".
nitrouz
Novice
Posts: 6
Liked: never
Joined: Jun 09, 2016 1:45 am
Full Name: Josh

Re: Testing - Can delete files flagged as immutable?

Post by nitrouz »

I cannot delete the files directly under such conditions, however the parent directory containing the files can be deleted.
Gostev
Chief Product Officer
Posts: 31814
Liked: 7302 times
Joined: Jan 01, 2006 1:01 am
Location: Baar, Switzerland
Contact:

Re: Testing - Can delete files flagged as immutable?

Post by Gostev »

In our testing the directory is not actually deleted when using a regular user who is not in sudo.
tyler.jurgens
Veeam Legend
Posts: 410
Liked: 232 times
Joined: Apr 11, 2023 1:18 pm
Full Name: Tyler Jurgens
Contact:

Re: Testing - Can delete files flagged as immutable?

Post by tyler.jurgens »

Fascinating thread. I am curious if @nitrouz was logging into their RHEL Gnome instance with an elevated account and that let them delete the directory.
Tyler Jurgens
Veeam Legend x3 | vExpert ** | VMCE | VCP 2020 | Tanzu Vanguard | VUG Canada Leader | VMUG Calgary Leader
Blog: https://explosive.cloud
Twitter: @Tyler_Jurgens BlueSky: @explosive.cloud
Post Reply

Who is online

Users browsing this forum: Google [Bot] and 39 guests