The chattr command is very useful for making files and folders immutable. The i attribute means a file cannot be modified, deleted, or renamed. It also means no link can be created to the file, the file's metadata cannot be modified, and the file cannot be opened in write mode. The a attribute makes a file only openable in append mode. Generally to make a file immutable, use the command chattr -ia $FILE.
The following script runs
kingme.sh
#!/bin/bash
# Execute with "bash kingme.sh &" as root
while [ 1 ]; do
chattr -ia /root/king.txt 2>/dev/null
echo -n "cyb3rn1nja" > /root/king.txt 2>/dev/null
chattr +ia /root/king.txt 2>/dev/null
done
This method creates a second file system and links a folder to it. Then the file system gets mounted read only and mounted over the original king file. Then the file system gets deleted leaving the link. The king file can be unmounted using the command umount -l king.txt. The file system can be mounted to be writable again using the command mount -o rw,remount /dev/shm/sqashfs.
kingmount.sh
#!/bin/bash
# Execute with "sudo bash kingmount.sh"
# Undo with "umount -l /root/king.txt" or "umount -l /root"
lessecho cyb3rn1nja > /root/king.txt
dd if=/dev/zero of=/dev/shm/root_f bs=1000 count=100
mkfs.ext3 /dev/shm/root_f
mkdir /dev/shm/sqashfs
mount -o loop /dev/shm/root_f /dev/shm/sqashfs/
chmod -R 777 /dev/shm/sqashfs/
lessecho cyb3rn1nja > /dev/shm/sqashfs/king.txt
mount -o ro,remount /dev/shm/sqashfs
mount -o bind /dev/shm/sqashfs/king.txt /root/king.txt
rm -rf /dev/shm/root_f
With Symbolic Link
Creates a clever way of hiding the king file by making a symbolic file to it as a hidden directory.
