chattr command to protect files and directories
Change file attributes on a Linux file system using, chattr command to protect files and directories. This is an amazing option to protect your files and directories. chattr attribute is used to stop accidentally delete of files and folder. You cannot delete the files secured via chattr attribute even though you have full permission over files. This is very use full in system files like shadow and passwd files which contains all user information and passwords.
chattr command syntax
# chattr [operator] [switch] [file name]
Protect file using chattr command apply attribute ‘+i’
In this practical example we are going to create an file and directory and provide full permission to created file and directory and apply attributes using chattr command try to delete.
]# touch file1 ]# chmod 777 file1 ]# ls -l total 0 -rwxrwxrwx. 1 root root 0 Jan 17 17:11 file1 ]# chattr +i file1 ]# rm -rf file1 rm: cannot remove ‘file1’: Operation not permitted ]# cat >> file1 -bash: file1: Permission denied
List applied attributes
In order to list the applied attributes, we have to use ‘lsattr’ command
]# lsattr file1 ----i----------- file1
Apply attributes and append the file
As we see above example when we apply an attribute ‘+i’ we can’t append, modify and delete file. Apply attribute ‘+a’ then we can append the file but we can’t delete the file.
Lets see the example
]# chattr +a file1 ]# lsattr file1 -----a---------- file1 ]# cat >> file1 Tech Tutorials chattr attribute testing CTRL+C
chattr attributes to the directory
We can also assign attributes to the directory, in order to apply attribute to the directory user -R operator along with +i option
# chattr -R +i testdir/ # rm -rf testdir/ rm: cannot remove ‘testdir/’: Operation not permitted # touch test touch: cannot touch ‘test’: Permission denied
List applied attributes of directory
To list applied attributes of a directory we have to use ‘lsattr’ command with option ‘-d’
# lsattr -d testdir/ ----i----------- testdir/
Remove applied attributes from file and directory
# lsattr file1 -----a---------- file1 # lsattr -d testdir/ ----i----------- testdir/ # chattr -a file1 # lsattr file1 ---------------- file1 # chattr -R -i testdir/ # lsattr -d testdir/ ---------------- testdir/
Lets see an above example how to remove an applied attributes
if you applied an attribute ‘+i‘ then use ‘-i‘ to remove
Apply an attribute ‘+a‘ then use ‘-a‘ to remove the attribute
You can apply ‘+i‘ and it will not remove when you use ‘-a‘.
chattr command to protect the files and directories, if you have full permission to user:group:others still you can’t delete file and directory when applied with chattr attributes.
Please write your valuable articles