Get your server issues fixed by our experts for a price starting at just 25 USD/Hour. Click here to register and open a ticket with us now!
« previous next »
Pages: [1]   Go Down

Author Topic: Command to Make Important Files Unchangeable in Linux  (Read 1165 times)

0 Members and 1 Guest are viewing this topic.

aravindm

  • Guest
Command to Make Important Files Unchangeable in Linux
« on: March 31, 2018, 03:56:55 pm »
chattr (Change Attribute) is a command line Linux utility that is used to set/unset certain attributes to a file in Linux system to secure accidental deletion or modification of important files and folders, even though you are logged in as a root user.

In Linux native filesystems i.e. ext2, ext3, ext4, btrfs, etc. supports all the flags, though all the flags won’t support to all non-native FS. One cannot delete or modify file/folder once attributes are sets with chattr command, even though one have full permissions on it.

Syntax of chattr

Code: [Select]
# chattr [operator] [flags] [filename]
Attributes and Flags

  • A file is set with ‘i‘ attribute, cannot be modified (immutable). Means no renaming, no symbolic link creation, no execution, no writable, only superuser can unset the attribute.
  • If a file is modified with ‘S‘ attribute set, the changes are updates synchronously on the disk.
  • A file is set with ‘a‘ attribute, can only be open in append mode for writing.
  • When a file has ‘u‘ attribute is deleted, its data are saved. This enables the user to ask for its undeletion.

Operator
  • + : Adds the attribute to the existing attribute of the files.
  • – : Removes the attribute to the existing attribute of the files.
  • = : Keep the existing attributes that the files have.
How to add attributes on files to secure from deletion

For demonstration purpose, we’ve used folder aravind and file important_file.conf respectively. Before setting up attributes, make sure to verify that the existing files have any attributes set using ‘ls -l‘ command. Did you see the results, currently no attribute are set.
Code: [Select]
[root@admin-ahead aravind]# ls -l
total 0
drwxr-xr-x. 2 root root 6 Mar 31 18:02 aravind
-rwxrwxrwx. 1 root root 0 Mar 31 18:42 important_file.conf

To set attribute, we use the + sign and to unset use the – sign with the chattr command. So, let’s set immutable bit on the files with +i flags to prevent anyone from deleting a file, even a root user don’t have permission to delete it.
Code: [Select]
[root@admin-ahead aravind]# chattr +i aravind/
[root@admin-ahead aravind]# chattr +i important_file.conf
Note:

The immutable bit +i can only be set by superuser (i.e root) user or a user with sudo privileges can able to set.
After setting immutable bit, let’s verify the attribute with command ‘lsattr‘.

Code: [Select]
[root@admin-ahead aravind]# lsattr
----i----------- ./aravind
----i----------- ./important_file.conf
Now, tried to delete forcefully, rename or change the permissions, but it won’t allowed says “Operation not permitted“.
 ;)
« Last Edit: March 31, 2018, 05:37:14 pm by aravindm »
Logged
Pages: [1]   Go Up
« previous next »