The root account can no longer change permissions or executable files in ESXi 7.0.x
book
Article ID: 344767
calendar_today
Updated On:
Products
VMware vSphere ESXi
Issue/Introduction
In prior releases it was possible for root to change file permissions, rename, move or delete any file in the root filesystem.
The filesystem remains as it was when first booted as this improves security since a compromised system can not be modified beyond the normal read-write configuration files.
Configuration files are identified as those by having the 'sticky' bit file permission bit set (01000).
Any attempt to modify files which are not considered configuration files results in the message: Operation not permitted
For example:
$ vmware -vl VMware ESXi 7.0.0 ...
$ echo $USER root
$ chmod 666 vmtar chmod: vmtar: Operation not permitted
Environment
VMware vSphere ESXi 7.0.0
Resolution
The file System permission changes are restricted by design and can no longer be changed.
This is a functional design change starting from vSphere 7.x