You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2023-06-02 15:05:50
- delgado
- Member
- Registered: 2022-07-14
- Posts: 156
[SOLVED] File "recently-used.xbel"
It is a log of recently used files. There is some kind of standard form gnome / freedesktop.org. Let's say I don't want that:
The file is created if not existing, which is to expect. Then I recreated it read-only, and then read-only owned by root. This bloody thing always re-apperars with new content (see code-block below). Especially the last case is something I do not like at all. Meanwhile, I think it is dconf-service, but not sure; apt says it is neded by gtk3.
How to tame that beast?
$ cat .local/share/recently-used.xbel
'recently-used.xbel' is owned by root now, and contains this line.
$ ls -la .local/share/recently-used.xbel
-r--r--r-- 1 root root 67 2023-06-02 16:01 .local/share/recently-used.xbel
# 20 minutes later
$ ls -la .local/share/recently-used.xbel
-rw------- 1 tom tom 1473 2023-06-02 16:15 .local/share/recently-used.xbelOffline
#2 2023-06-02 16:03:57
- chris2be8
- Member
- Registered: 2018-08-11
- Posts: 265
Re: [SOLVED] File "recently-used.xbel"
The program that re-creates it probably deletes it before re-writing the latest contents into it. If you own .local/share/ then a program, running as you can delete files from it, even if you don't own them.
You might be able to stop this by making .local/share/ owned by root. But this would break anything else trying to create a file in .local/share/
Offline
#3 2023-06-02 16:19:47
- delgado
- Member
- Registered: 2022-07-14
- Posts: 156
Re: [SOLVED] File "recently-used.xbel"
Thanks for the info - I was not aware of that possibilty.
At least there is nothing strange happening, as thought before.
Offline
#4 2023-06-02 17:00:01
- alexkemp
- Member
- Registered: 2018-05-14
- Posts: 292
Re: [SOLVED] File "recently-used.xbel"
I was astonished that an ordinary user can delete a file owned by root, but yes it can (if the dir is owned by the user):
$ echo "a" > tmp.txt
$ la tmp.txt
-rw-r--r-- 1 alexk alexk 2 Jun 2 17:48 tmp.txt
$ chmod 0700 tmp.txt
$ la tmp.txt
-rwx------ 1 alexk alexk 2 Jun 2 17:48 tmp.txt
$ sudo chown root.root tmp.txt
[sudo] password for alexk:
$ la tmp.txt
-rwx------ 1 root root 2 Jun 2 17:48 tmp.txt
$ rm tmp.txt
rm: remove write-protected regular file 'tmp.txt'? y
$ la tmp.txt
ls: cannot access 'tmp.txt': No such file or directoryOffline
#5 2023-06-02 22:22:47
Re: [SOLVED] File "recently-used.xbel"
You might be able to stop this by making .local/share/ owned by root. But this would break anything else trying to create a file in .local/share/
AppArmor is supposed to be able to limit file permissions on a per-executable basis, but first need to figure out what the offending application is.
inotifywait can be used to confirm when files are created/modified, which may help track down the cause.
3.1415P265E589T932E846R64338
Offline
#6 2023-06-02 22:45:01
- steve_v
- Member
- Registered: 2018-01-11
- Posts: 342
Re: [SOLVED] File "recently-used.xbel"
Setting the immutable bit in extended attributes should also work - chattr +i [filename] as root.
Once is happenstance. Twice is coincidence. Three times is enemy action. Four times is Official GNOME Policy.
Offline
#7 2023-06-02 23:18:05
- alexkemp
- Member
- Registered: 2018-05-14
- Posts: 292
Re: [SOLVED] File "recently-used.xbel"
Setting the immutable bit in extended attributes should also work - chattr +i [filename] as root.
Works perfect. Perhaps, a touch too perfect for some scenarios. But perfect to stop ALL deletions.
~$ man chattr
NAME
chattr - change file attributes on a Linux file system
…
ATTRIBUTES
…
i A file with the 'i' attribute cannot be modified: it cannot be deleted or renamed, no link can be created to this
file, most of the file's metadata can not be modified, and the file can not be opened in write mode. Only the supe‐
ruser or a process possessing the CAP_LINUX_IMMUTABLE capability can set or clear this attribute.~$ mkdir TMP
~$ cd TMP
~/TMP$ echo "a" > tmp.txt
~/TMP$ la tmp.txt
-rw-r--r-- 1 alexk alexk 2 Jun 3 00:04 tmp.txt
~/TMP$ sudo chown root.root tmp.txt
[sudo] password for alexk:
~/TMP$ sudo chattr +i tmp.txt
~/TMP$ la tmp.txt
-rw-r--r-- 1 root root 2 Jun 3 00:04 tmp.txt
~/TMP$ chmod 0700 tmp.txt
chmod: changing permissions of 'tmp.txt': Operation not permitted
~/TMP$ sudo chmod 0700 tmp.txt
chmod: changing permissions of 'tmp.txt': Operation not permitted
~/TMP$ rm tmp.txt
rm: cannot remove 'tmp.txt': Operation not permitted
~/TMP$ sudo chattr -i tmp.txt
~/TMP$ sudo chmod 0700 tmp.txt
~/TMP$ la tmp.txt
-rwx------ 1 root root 2 Jun 3 00:04 tmp.txt
~/TMP$ rm tmp.txt
rm: remove write-protected regular file 'tmp.txt'? y
~/TMP$ cd -
/home/alexk
~$ rmdir TMPLast edited by alexkemp (2023-06-02 23:22:33)
Offline
#8 2023-06-03 11:29:28
- delgado
- Member
- Registered: 2022-07-14
- Posts: 156
Re: [SOLVED] File "recently-used.xbel"
Excellent - Thanks a lot, guys!
And something learned again.
Offline
Pages: 1
