The sticky bit is set on directories to forbid all the users in the system to rename or delete the directory or the files/directories inside the directory, except the owner and root, even if they have 777 permissions.
To set the sticky bit, use the chmod command.
The sticky bit set on a file has no effect.
In the ls -l or stat output, the sticky bit is displayed with a t or T, in the access rights field:
$ ls -l | grep "^d"
d--------T 2 razvan razvan 4096 2012-07-01 01:41 one
drwxrwxrwt 2 razvan razvan 4096 2012-07-01 01:41 two
How to set the sticky bit:
The sticky bit can be set in the octal ar in the symbolic mode.
Add a 1 in front of the octal representation in the chmod command: chmod 1777 /path/to/dir/ . This sets full access and the sticky bit on the /path/to/dir directory:
$ chmod 1777 ~/my
To remove the sticky bit, set to 0 (zero in octal) the first bit in the chmod octal representation:
$ chmod 0777 ~/my
How to set the sticky bit in the human readable form: use the +t option in the chmod: chmod +t /path/to/dir.
$ chmod +t ~/stickydir
To remove the sticky bit, use the -t argument: chmod -t /path/to/dir:
$ chmod -t ~/stickydir
Testing the sticky bit magic:
Set the sticky bit:
$ chmod +t stickydir/
$ stat -c "%a %A %U %n" stickydir/
1777 drwxrwxrwt razvan stickydir/
$ cd stickydir
$ ls
one two
Switch to the new user and try to delete and rename the files inside the sticky bitted directory:
$ su mike
$ mv one "new_one"
mv: cannot move `one' to `new_one': Operation not permitted
$ rm two
rm: remove write-protected regular empty file `two'? yes
rm: cannot remove `two': Operation not permitted
Leave a Reply