On Wed, 3 Aug 2016 22:21:23 +0200, Ralf Mardorf wrote: >I have no knowledge about this domain, but perhaps they are immutable. > >[root@moonstudio tmp]# touch test >[root@moonstudio tmp]# lsattr test >-------------e-- test >[root@moonstudio tmp]# chattr +i test >[root@moonstudio tmp]# lsattr test >----i--------e-- test >[root@moonstudio tmp]# rm -f test >rm: cannot remove 'test': Operation not permitted >[root@moonstudio tmp]# chattr -i test >[root@moonstudio tmp]# rm -f test >[root@moonstudio tmp]# ls test >ls: cannot access 'test': No such file or directory > >*?* > >Assumed they should be immutable, then there might be a reason for >this ;). Bingo! "efivarfs - a (U)EFI variable filesystem The efivarfs filesystem was created to address the shortcomings of using entries in sysfs to maintain EFI variables. The old sysfs EFI variables code only supported variables of up to 1024 bytes. This limitation existed in version 0.99 of the EFI specification, but was removed before any full releases. Since variables can now be larger than a single page, sysfs isn't the best interface for this. Variables can be created, deleted and modified with the efivarfs filesystem. efivarfs is typically mounted like this, mount -t efivarfs none /sys/firmware/efi/efivars Due to the presence of numerous firmware bugs where removing non-standard UEFI variables causes the system firmware to fail to POST, efivarfs files that are not well-known standardized variables are created as immutable files. This doesn't prevent removal - "chattr -i" will work - but it does prevent this kind of failure from being accomplished accidentally." - https://www.kernel.org/doc/Documentation/filesystems/efivarfs.txt
