Qadry
unixcop Admin

chattr command in Linux with examples

Introduction

The chattr command in Linux is a file system command which used for changing the attributes of a file in a directory. The primary use of this command is to make several files unable to alter for users other than the superuser. As we know Linux is a multi-user operating system, there exist a chance that a user can delete a file that is of much concern to another user, say the administrator. To avoid such kinds of scenarios, Linux provides ‘chattr‘. In short, ‘chattr’ can make a file immutable, undeletable, only appendable and many more! 

Synopsis

chattr [ -RVf ] [ -v version ] [ mode ] files...

At the beginning of a mode string, one of the following operators must appear: 

  • +‘ : Adding selected attributes to the existing attributes of the files.
  • And ‘‘ : Causes selected attributes to b removed.
  • =‘ : Causes selected attributes to be the only attributes that the files have.

The format of symbolic mode is: 

{+|-|=}[aAcCdDeijsStTu]

Following are the list of common attributes and associated flags can be set/unset using the chattr command: 

  • A set : The atime record not updated.
  • S set : The changes updated synchronously on the disk.
  • a set : File can only_be opened in append mode for writing.
  • i set : File cannot modified (immutable), the only superuser can unset the attribute.
  • j set : All of files information is updated to the ext3 journal before being updated to the file itself.
  • t set : No tail-merging allowed.
  • d set : No more candidate for backup when the dump process .
  • u set : When such a file is deleted, its data is saved enabling the user to ask for its undeletion.

So Below are the different options of chattr command: 

  • -R : Used to display the list attributes of directories and their contents recursively.
  • -V : It will display the version of the program.
  • -a : Used to list all the files of a directory which also includes the whose name starts with a Period(‘.’).
  • -d : This option will list the directories as regular files instead of listing their contents.
  • -v : Used to display the file’s version/generation number etc.

Use of chattr Command: The chattr’ can_be used to preserve some system files that are very important and needs to remain in the host PC no matter what. Also to make a directory undeletable or unmodifiable for users other than superuser, this is necessary. The common use of ‘chattr’ is as below:- 

chattr [OPERATOR][Flags] FILE

Use ‘i’ attribute to make a file immutable

The “chattr” command used to make files immutable. Immutable means that the file cannot_be moved, renamed, or deleted.

Here we will give the ‘i’ flag to a file named “unixcop.txt” as an example:

[qadry@unixcop ~]# chattr +i unixcop.txt 
[qadry@unixcop ~]# 
[qadry@unixcop ~]# lsattr 
----i--------------- ./unixcop.txt
[qadry@unixcop ~]# 

You can use the “lsattr” to check the file’s attributes.

As you can see in the screenshot above the ‘i’ attribute has been set and the file has become immutable.

The ‘i’ attribute can also_be used to make directories immutable.

Remove the ‘i’ attribute from the file

Once the ‘i’ attribute has been set the file can only_be changed or deleted once the attribute is removed by the root user. Use the ‘-’ operator with the option to remove the attribute:

[qadry@unixcop ~]# chattr -i unixcop.txt 
[qadry@unixcop ~]# 
[qadry@unixcop ~]# lsattr 
-------------------- ./unixcop.txt
[qadry@unixcop ~]#

use the ‘a’ attribute to open file in append mode

We can use the ‘a’ attribute to open the file in the append mode. In append mode, users can only append Data on a file without changing the data that is already present in the file.

[qadry@unixcop ~]# chattr +a unixcop.txt 
[qadry@unixcop ~]# 
[qadry@unixcop ~]# lsattr 
-----a-------------- ./unixcop.txt
[qadry@unixcop ~]# 

As you can see in the screenshot below when I try to add more data into the text file by using the echo command the terminal gives me an error:

[qadry@unixcop ~]# echo "Hello Unixcop" > unixcop.txt 
-bash: unixcop.txt: Operation not permitted
[qadry@unixcop ~]#

We can append data into the file by using “>>” instead of “>” operator:

[qadry@unixcop ~]# echo "Hello Unixcop" >> unixcop.txt 
[qadry@unixcop ~]# cat unixcop.txt 
Hello Unixcop
[qadry@unixcop ~]#

Making directories secured

The flag +i’ can_be used for a directory(as shown below) to make the directory immutable. Also, the flag -R’ is used here, which makes the call recursive and all the subfiles and directories are made immutable as well.

[qadry@unixcop ~]# chattr -R +i temp/
[qadry@unixcop ~]# rm -rf temp/
rm: cannot remove 'temp/': Operation not permitted
[qadry@unixcop ~]# lsattr -R temp/
-----i--------e------ temp/unixcop_file.txt
[qadry@unixcop ~]# chattr -R -i temp/
[qadry@unixcop ~]# lsattr -R temp/
--------------e------ temp/unixcop_file.txt
[qadry@unixcop ~]# 

Add ‘j’ attribute to update data of the file to ext3 journal

By using the ‘j’ attribute, the data of the files attribute will_be updated to the ext3 journal before the file itself:

[qadry@unixcop ~]# chattr +j unixcop.txt 
[qadry@unixcop ~]# 
[qadry@unixcop ~]# lsattr 
-----j-------------- ./unixcop.txt
[qadry@unixcop ~]# 

Conclusion

The “chattr” command is a very useful tool for administrators. It enables them to modify file permissions which helps in the protection of important files and prevents them from altering.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest articles

x