kazmax - Home Server on Linux

Sticky Bit - Special Access Rights

There are special access rights called sticky bits. On this page, we will explain about sticky bits.

Last Update : October 11, 2020

Sticky Bit - Special Access Rights

  1. What is Sticky Bit
  2. Check the Sticky Bit
  3. Set the sticky bits.
  4. use case

1. What is Sticky Bit

A sticky bit is a special type of access to a directory.

In a sticky bit directory, all users can create and write files and directories, but only the owner (except for root) can delete them.

The /tmp directory is configured with sticky bits.

2. Check the Sticky Bit

Check the Sticky Bit.

# ls -ld /tmp/
drwxrwxrwt 7 root root 4096 Jul 29 04:02 /tmp/

The executable part of the permissions for other accounts is "t". If the directory is set to a sticky bit, the executable part of the directory will show a "t".

3. Set the sticky bits.

To set up a sticky bit, use the "chmod" command.

Settings in Symbol Mode

To set the sticky bit in symbol mode, use the "chmod" command and add "t" to the "other" permissions.

chmod o+t dir

Setting in numeric mode

To set the sticky bit in numeric mode, add "1000" to the number representing the access rights.

chmod 1777 dir

I'm going to check the permissions on the directory

# ls -ld dir
drwxrwxrwt 2 root root 4096 Jul 29 08:41 dir
↑ The execution rights for other accounts are set to "t" and the sticky bits are set.

4. use case

Set up a sticky bit in the directory and see how it works.

Create the "dir" directory and set the sticky bits.

# mkdir dir
# chmod 1777 dir ← Set up a Sticky Bit
# ls -ld dir
drwxrwxrwt 2 root root 4096 Jul 29 08:47 dir← Sticky Bit is set

Create a file with "user1" and change the permissions to 777

# su user1
$ cd dir ← Go to the directory where the sticky bits are located
$ touch test.txt
$ chmod 777 test.txt
$ ls -l test.txt
-rwxrwxrwx 1 user1 user1 0 Jul 29 08:49 test.txt

Notes

The permissions on test.txt are "777", so anyone should be able to delete it.

Try to delete the file with "user2"

# su user2
$ cd dir← Go to the directory where the sticky bits are located
$ ls -l test.txt
-rwxrwxrwx 1 user1 user1 10 Jul 29 08:50 test.txt
$ rm test.txt
rm: cannot remove `test.txt': Operation not permitted

Notes

The sticky bits are set up so you can't delete them even though you have permission to do so.

Unlock the sticky bits.

# chmod o-t dir
# ls -ld dir
drwxrwxrwx 2 root root 4096 Jul 29 08:49 dir← Sticky Bit has been unlocked

Try to delete the file again with "user2"

# su user2
$ cd dir
$ ls -l test.txt
-rwxrwxrwx 1 user1 user1 10 Jul 29 08:50 test.txt

$ rm test.txt   ← The file was deleted without error.
$ ls -l 
total 0          ← The file has been deleted by the "user2" user.

Thus, when the Sticky Bit is not set, you can delete files as usual if you have permissions.