To delete a file or directory, the ownership and permissions are required. Basically the user needs to have write permissions on the file. It doesn't matter whether this user is owner or part of the group ownership of the file in question. But even this is sometimes not enough, as the following example shows.
Our local user "john" has access to the local /log/dev directory and can successfully list all the files in this path:
john@logserver:/log/dev$ ls -la
total 748
-rw-rw-rw- 1 logstash logstash 20932 Feb 9 11:55 app-dev-2022-02-09-10.log.gz
-rw-rw-rw- 1 logstash logstash 55433 Feb 9 12:38 app-dev-2022-02-09-11.log.gz
-rw-rw-rw- 1 logstash logstash 6679 Feb 9 16:29 app-dev-2022-02-09-15.log.gz
-rw-rw-rw- 1 logstash logstash 26099 Feb 9 17:18 app-dev-2022-02-09-16.log.gz
-rw-rw-rw- 1 logstash logstash 12028 Feb 9 18:07 app-dev-2022-02-09-17.log.gz
-rw-rw-rw- 1 logstash logstash 23340 Feb 9 19:53 app-dev-2022-02-09-18.log.gz
-rw-rw-rw- 1 logstash logstash 62450 Feb 9 20:41 app-dev-2022-02-09-19.log.gz
-rw-rw-rw- 1 logstash logstash 122669 Feb 10 10:55 app-dev-2022-02-10-09.log
-rw-rw-rw- 1 logstash logstash 317346 Feb 10 11:49 app-dev-2022-02-10-10.log
-rw-rw-rw- 1 logstash logstash 94678 Feb 10 12:00 app-dev-2022-02-10-11.log
The write permissions are given, as all these files have read-write permissions for owner, group and others (chmod 666). But as soon as john wants to delete a file, the user gets a permission denied:
john@logserver:/log/dev$ rm app-dev-2022-02-09-10.log.gz
rm: remove regular file 'app-dev-2022-02-09-10.log.gz'? y
rm: cannot remove 'app-dev-2022-02-09-10.log.gz': Permission denied
There are some wrong answers which can be found on the Internet, including hints that "only the owner can delete files". That's bogus. That's why the file permissions for others are there in the first place.
Although the file permissions are enough for john to delete the file, there is one more thing to consider: The parent directory. But why?
On this StackExchange question, user jsbillings describes such a situation very well:
Deleting a file means you are making changes to the directory it resides in
By looking at the permissions of the file's parent directory (/log/dev), we can see that "john" does not have write permissions:
root@logserver:~# ls -la /log/
total 64
drwxrwxrwx 7 logstash root 4096 Feb 9 11:16 .
drwxr-xr-x 20 root root 4096 Jan 17 15:55 ..
drwxr-xr-x 2 logstash logstash 4096 Feb 10 13:10 dev
drwx------ 2 root root 16384 Jan 17 15:56 lost+found
drwxr-xr-x 2 logstash logstash 4096 Feb 4 11:00 prod
drwxr-xr-x 2 logstash logstash 12288 Feb 10 13:10 stage
drwxr-xr-x 2 logstash logstash 20480 Feb 10 13:10 test
Only the logstash user (directory owner) is allowed to write/modify the dev directory.
Let's adjust this a bit. We change the group ownership to john (or another group, user john is a member of) and set the write permissions for the group (chmod 775), too:
root@logserver:~# chown logstash:john /log/dev
root@logserver:~# chmod 775 /log/dev
root@logserver:~# ls -la /log/
total 64
drwxrwxrwx 7 logstash root 4096 Feb 9 11:16 .
drwxr-xr-x 20 root root 4096 Jan 17 15:55 ..
drwxrwxr-x 2 logstash john 4096 Feb 10 13:10 dev
drwx------ 2 root root 16384 Jan 17 15:56 lost+found
drwxr-xr-x 2 logstash logstash 4096 Feb 4 11:00 prod
drwxr-xr-x 2 logstash logstash 12288 Feb 10 13:10 stage
drwxr-xr-x 2 logstash logstash 20480 Feb 10 13:10 test
After this ownership and permission change on the parent directory, user "john" can try to delete the file within /log/dev again:
john@logserver:/log/dev$ rm app-dev-2022-02-09-10.log.gz
rm: remove regular file 'app-dev-2022-02-09-10.log.gz'? y
No error this time, and the file is gone:
john@logserver:/log/dev$ ls -la
total 624
-rw-rw-rw- 1 logstash logstash 55433 Feb 9 12:38 app-dev-2022-02-09-11.log.gz
-rw-rw-rw- 1 logstash logstash 6679 Feb 9 16:29 app-dev-2022-02-09-15.log.gz
-rw-rw-rw- 1 logstash logstash 26099 Feb 9 17:18 app-dev-2022-02-09-16.log.gz
-rw-rw-rw- 1 logstash logstash 12028 Feb 9 18:07 app-dev-2022-02-09-17.log.gz
-rw-rw-rw- 1 logstash logstash 23340 Feb 9 19:53 app-dev-2022-02-09-18.log.gz
-rw-rw-rw- 1 logstash logstash 62450 Feb 9 20:41 app-dev-2022-02-09-19.log.gz
-rw-rw-rw- 1 logstash logstash 16791 Feb 10 10:55 app-dev-2022-02-10-09.log.gz
-rw-rw-rw- 1 logstash logstash 317346 Feb 10 11:49 app-dev-2022-02-10-10.log
-rw-rw-rw- 1 logstash logstash 94678 Feb 10 12:00 app-dev-2022-02-10-11.log
ck from Switzerland wrote on Nov 4th, 2022:
Because of the parent directory (/) - or mount point in this case. It also needs write permissions. So you would have to "chmod 777 /" but that's a bad idea.
Anton from wrote on Nov 3rd, 2022:
Then why
under root
touch /test
chmod 0666 /test
or
chmod 666 /test
under user
rm /test
Permission denied
olly on linux from Hamburg wrote on Sep 12th, 2022:
That's exactly I just asking myself. So, the reason is the parent Dir .. Thanx a lot!
AWS Android Ansible Apache Apple Atlassian BSD Backup Bash Bluecoat CMS Chef Cloud Coding Consul Containers CouchDB DB DNS Database Databases Docker ELK Elasticsearch Filebeat FreeBSD Galera Git GlusterFS Grafana Graphics HAProxy HTML Hacks Hardware Icinga Influx Internet Java KVM Kibana Kodi Kubernetes LVM LXC Linux Logstash Mac Macintosh Mail MariaDB Minio MongoDB Monitoring Multimedia MySQL NFS Nagios Network Nginx OSSEC OTRS Office OpenSearch PGSQL PHP Perl Personal PostgreSQL Postgres PowerDNS Proxmox Proxy Python Rancher Rant Redis Roundcube SSL Samba Seafile Security Shell SmartOS Solaris Surveillance Systemd TLS Tomcat Ubuntu Unix VMWare VMware Varnish Virtualization Windows Wireless Wordpress Wyse ZFS Zoneminder