Support immutable files
There are many use cases for permanently immutable files, for example:
- git, OSTree and similar: In content addressable storage systems, individual object files must never be modified. Immutable files would allow hardlinks without risking data integrity by accidental in-place modifications.
- Snapshots/backups: Directory hierarchies with immutable files allow simple and lightweight (although not atomic) snapshotting using hardlinks, e.g., to keep multiple backups.
- Config files: Direct modification is not atomic, which is why atomic replacement using
rename(2)
should be used. Making config files immutable would disallow direct modification. - Executables: Making executables immutable prevents modifying binaries of running processes.
Linux already has support for immutable files via FS_IMMUTABLE_FL
and FS_IOC_SETFLAGS
but that does not make the file permanently immutable. It is also not available to unprivileged users and neither hardlinking nor atomic replacement is supported.
The hardlink use cases could use reflinks instead. However, that's not available on all filesystems.