5 Practical chattr Command Examples in Linux

This tutorial explains Linux “chattr” command, options and its usage with examples.

“chattr” command is used to change file attributes on a Linux file systemThis. This post describes “chattr” command used in Linux along with usage examples and/or output.

“chattr” attribute is used to prevent accidentally delete of files and folder. You cannot delete the files attribute even though you have full permission over files if they are secured via “chattr”.This is an admin command. Root user only can change the file attributes/Process.

Usage: chattr [ -RVf…i.. ] [ -v version ] [ mode ] files…

The format of a symbolic mode is +-=[acdeijstuADST].
* The operator `+’ causes the selected attributes to be added to the existing attributes of the files
* `-‘ causes them to be removed.
* `=’ causes them to be the only attributes that the files have.
Options
* -R Recursively change attributes of directories and their contents.
* -V Be verbose with chattr’s output and print the program version.
* -f Suppress most error messages.
* -i A file with -i operator can not be modified by anyone except superuser.
-v version
Set the file’s version/generation number.

Here’s the listing of example usage of “chattr” command. :

1. To protect file and make it read only(chattr -i file_name):
If we protect a file with chattr command using “i” option, you can only read this file. All other actions excepts read will be denied including append, edit, rename or delete.

advertisement
advertisement
root@sanfoundry-> cat > 1.txt 
Hi i am x 
root@sanfoundry-> chmod 777 1.txt 
root@sanfoundry-> ls -l 1.txt 
-rwxrwxrwx 1 root root 11 Jun 11 23:50 1.txt
root@sanfoundry-> chattr +i 1.txt 
root@sanfoundry-> cat >> 1.txt 
bash: 1.txt: Permission denied
root@sanfoundry-> rm 1.txt 
rm: remove write-protected regular file `1.txt'? y
rm: cannot remove `1.txt': Operation not permitted

As you can see, after addition of flag “i”, file 1.txt is not being appended, deleted even by the owner, root.
“chattr” “+i” permission can be removed with –i options.

 root@sanfoundry-> chattr -i 1.txt 
 root@sanfoundry-> rm 1.txt

2. Make file unable to be open for writing(chattr +a file_name):
If you add “+a” option in the chattr option, you can be able to append in the file, but still not be able to delete it.

root@sanfoundry-> cat > 1.txt 
Hi i am x 
root@sanfoundry-> chattr +a 1.txt 
root@sanfoundry-> cat > 1.txt 
bash: 1.txt: Operation not permitted
root@sanfoundry-> rm 1.txt 
rm: cannot remove `1.txt': Operation not permitted

“chattr” “+a” permission can be removed with “–a” options.

 root@sanfoundry-> chattr -a 1.txt  
 root@sanfoundry-> rm 1.txt

Note:
Main difference between “a” and “i” operators is in “i” you cannot append the file while in “a” you can append the file.

3. To show the operators currently applied on the files and folders(lsattr file_name/folder_name):

advertisement
root@sanfoundry-> mkdir folder
root@sanfoundry-> cd folder/
root@sanfoundry-> touch x y z 
root@sanfoundry-> ls
x  y  z
root@sanfoundry-> chattr -R +i ../folder/
root@sanfoundry-> lsattr ../folder/
----i--------e- ../folder/y
----i--------e- ../folder/z
----i--------e- ../folder/x

Here as we can see, “lsattr”, has shown all the modes in which the files are in “folder” directory. “-R” is used to change permissions recursively for all the files in the “folder”.

4. To apply “chattr” command recursively over all the files in a folder(chattr -R [operator..] folder_path):

root@sanfoundry-> mkdir folder
root@sanfoundry-> cd folder/
root@sanfoundry-> touch x y z 
root@sanfoundry-> chattr -R +i ../folder/
 
root@sanfoundry-> rm -r ../folder/
rm: descend into write-protected directory `../folder'? y
rm: remove write-protected regular empty file `../folder/y'? y
rm: cannot remove `../folder/y': Permission denied
rm: remove write-protected regular empty file `../folder/z'? y
rm: cannot remove `../folder/z': Permission denied
rm: remove write-protected regular empty file `../folder/x'? y
rm: cannot remove `../folder/x': Permission denied

To remove the permissions you can use :

advertisement
root@sanfoundry-> chattr -R -i ../folder/
root@sanfoundry-> cd ..
root@sanfoundry-> rm -r folder/

5. To save the file in a compressed mode(chattr +c file_name):
This is a efficient way to save the disk space.

root@sanfoundry-> cat > 1.txt 
Hi i am x  
root@sanfoundry-> sudo chattr +c 1.txt

Some more useful Examples of chattr:
* To write the changes in the file synchronously on the disk (chattr +s file_name)
* If this file is deleted, user can ask for undelete with (chattr +u file_name)
* To clear all the bits, set “A” and “c” bits only (chattr =Ac file_name).

Note:
BUGS AND LIMITATIONS
* The `c’, ‘s’, and `u’ attributes are not honored by the ext2 and ext3 file systems.
* The `j’ option is only useful if the file system is mounted as ext3
* The `D’ option is only useful on Linux kernel 2.5.19 and later.

Sanfoundry Global Education & Learning Series – 1000 Linux Tutorials.

If you wish to look at all Linux commands and their usage examples, go to Linux Commands Tutorial.

advertisement
advertisement
Subscribe to our Newsletters (Subject-wise). Participate in the Sanfoundry Certification contest to get free Certificate of Merit. Join our social networks below and stay updated with latest contests, videos, internships and jobs!

Youtube | Telegram | LinkedIn | Instagram | Facebook | Twitter | Pinterest
Manish Bhojasia - Founder & CTO at Sanfoundry
Manish Bhojasia, a technology veteran with 20+ years @ Cisco & Wipro, is Founder and CTO at Sanfoundry. He lives in Bangalore, and focuses on development of Linux Kernel, SAN Technologies, Advanced C, Data Structures & Alogrithms. Stay connected with him at LinkedIn.

Subscribe to his free Masterclasses at Youtube & discussions at Telegram SanfoundryClasses.