This tutorial explains Linux “chattr” command, options and its usage with examples.
“chattr” attribute is used to prevent accidentally delete of files and folder. You cannot delete the files attribute even though you have full permission over files if they are secured via “chattr”.This is an admin command. Root user only can change the file attributes/Process.
Usage: chattr [ -RVf…i.. ] [ -v version ] [ mode ] files…
The format of a symbolic mode is +-=[acdeijstuADST].
* The operator `+’ causes the selected attributes to be added to the existing attributes of the files
* `-‘ causes them to be removed.
* `=’ causes them to be the only attributes that the files have.
Options
* -R Recursively change attributes of directories and their contents.
* -V Be verbose with chattr’s output and print the program version.
* -f Suppress most error messages.
* -i A file with -i operator can not be modified by anyone except superuser.
-v version
Set the file’s version/generation number.
Here’s the listing of example usage of “chattr” command. :
1. To protect file and make it read only(chattr -i file_name):
If we protect a file with chattr command using “i” option, you can only read this file. All other actions excepts read will be denied including append, edit, rename or delete.
root@sanfoundry-> cat > 1.txt Hi i am x root@sanfoundry-> chmod 777 1.txt root@sanfoundry-> ls -l 1.txt -rwxrwxrwx 1 root root 11 Jun 11 23:50 1.txt root@sanfoundry-> chattr +i 1.txt root@sanfoundry-> cat >> 1.txt bash: 1.txt: Permission denied root@sanfoundry-> rm 1.txt rm: remove write-protected regular file `1.txt'? y rm: cannot remove `1.txt': Operation not permitted
As you can see, after addition of flag “i”, file 1.txt is not being appended, deleted even by the owner, root.
“chattr” “+i” permission can be removed with –i options.
root@sanfoundry-> chattr -i 1.txt root@sanfoundry-> rm 1.txt
2. Make file unable to be open for writing(chattr +a file_name):
If you add “+a” option in the chattr option, you can be able to append in the file, but still not be able to delete it.
root@sanfoundry-> cat > 1.txt Hi i am x root@sanfoundry-> chattr +a 1.txt root@sanfoundry-> cat > 1.txt bash: 1.txt: Operation not permitted root@sanfoundry-> rm 1.txt rm: cannot remove `1.txt': Operation not permitted
“chattr” “+a” permission can be removed with “–a” options.
root@sanfoundry-> chattr -a 1.txt root@sanfoundry-> rm 1.txt
Note:
Main difference between “a” and “i” operators is in “i” you cannot append the file while in “a” you can append the file.
3. To show the operators currently applied on the files and folders(lsattr file_name/folder_name):
root@sanfoundry-> mkdir folder root@sanfoundry-> cd folder/ root@sanfoundry-> touch x y z root@sanfoundry-> ls x y z root@sanfoundry-> chattr -R +i ../folder/ root@sanfoundry-> lsattr ../folder/ ----i--------e- ../folder/y ----i--------e- ../folder/z ----i--------e- ../folder/x
Here as we can see, “lsattr”, has shown all the modes in which the files are in “folder” directory. “-R” is used to change permissions recursively for all the files in the “folder”.
4. To apply “chattr” command recursively over all the files in a folder(chattr -R [operator..] folder_path):
root@sanfoundry-> mkdir folder root@sanfoundry-> cd folder/ root@sanfoundry-> touch x y z root@sanfoundry-> chattr -R +i ../folder/ root@sanfoundry-> rm -r ../folder/ rm: descend into write-protected directory `../folder'? y rm: remove write-protected regular empty file `../folder/y'? y rm: cannot remove `../folder/y': Permission denied rm: remove write-protected regular empty file `../folder/z'? y rm: cannot remove `../folder/z': Permission denied rm: remove write-protected regular empty file `../folder/x'? y rm: cannot remove `../folder/x': Permission denied
To remove the permissions you can use :
root@sanfoundry-> chattr -R -i ../folder/ root@sanfoundry-> cd .. root@sanfoundry-> rm -r folder/
5. To save the file in a compressed mode(chattr +c file_name):
This is a efficient way to save the disk space.
root@sanfoundry-> cat > 1.txt Hi i am x root@sanfoundry-> sudo chattr +c 1.txt
Some more useful Examples of chattr:
* To write the changes in the file synchronously on the disk (chattr +s file_name)
* If this file is deleted, user can ask for undelete with (chattr +u file_name)
* To clear all the bits, set “A” and “c” bits only (chattr =Ac file_name).
Note:
BUGS AND LIMITATIONS
* The `c’, ‘s’, and `u’ attributes are not honored by the ext2 and ext3 file systems.
* The `j’ option is only useful if the file system is mounted as ext3
* The `D’ option is only useful on Linux kernel 2.5.19 and later.
Sanfoundry Global Education & Learning Series – 1000 Linux Tutorials.
- Practice Programming MCQs
- Check Linux Books
- Apply for Programming Internship
- Check Information Technology Books