8

I have a file with the following file mode bits (a+rw):

[0] mypc<johndoe>:~>sudo touch /tmp/test    
[0] mypc<johndoe>:~>sudo chmod a+rw /tmp/test
[0] mypc<johndoe>:~>ls -l  /tmp/test
-rw-rw-rw- 1 root root 0 Mar 13 11:09 /tmp/test

Why can't I remove the file?

[0] mypc<johndoe>:~>rm /tmp/test
rm: cannot remove '/tmp/test': Operation not permitted
haba713
  • 297

2 Answers2

14

The /tmp directory is conventionally marked with the restricted deletion flag, which appears as a permission letter t or T in ls output.

Restricted deletion implies several things. In the general case, it implies that only the owner of the file, or the owner of /tmp itself, can delete a file/directory in /tmp.

You can not delete the file, because you are not the owner, which is root. Try running rm with sudo which you probably forgot.

sudo rm /tmp/test

More specifically to Linux alone, the restricted deletion flag (on a world-writable directory such as /tmp) also enables the protected_symlinks, protected_hardlinks, protected_regular, and protected_fifos restrictions, which in such directories respectively prevent users from following symbolic links that they do not own, prevent users making hard links to files that they do not own, prevents users opening FIFOs that they do not own, and prevents users from open existing files that they do not own when they expected to create them.

This will surprise you with permissions errors when doing various further things as root when you do use sudo.

More on these at question like "Hard link permissions behavior different between CentOS 6 and CentOS 7" , "Symbolic link not working as expected when changes user", and "Group permissions for root not working in /tmp".

JdeBP
  • 68,745
Samuel Philipp
  • 315
  • 5
    May also be worth stressing the fundamental point that deleting a file depends on its directory's permissions, not on the file's permissions? – gidds Mar 13 '19 at 14:31
6

The problem seems to be the sticky bit of /tmp.

$ ls -ld /tmp
drwxrwxrwt⃝   1 root  root  1044 Mar 13 12:09 /tmp

https://en.wikipedia.org/wiki/Sticky_bit

When a directory's sticky bit is set, the filesystem treats the files in such directories in a special way so only the file's owner, the directory's owner, or root user can rename or delete the file. Without the sticky bit set, any user with write and execute permissions for the directory can rename or delete contained files, regardless of the file's owner. Typically this is set on the /tmp directory to prevent ordinary users from deleting or moving other users' files.

Stéphane Chazelas
  • 544,893
haba713
  • 297