Protecting Important Files and Directories Against Deletion or Modification using chattr command
How To Protect Important Files And Directories From Modification And Deletion With chattr Command
Hey Guys, it’s been a while I’ve done my last post. But, as it says “It’s better to be late than never”. So, here I’m with my new post.
Today we are going to learn how to protect our files from being modified, updated or even deleted using the chattr command.
chattr stands for “Change attribute” which means changing the attribute of the files/directories. In linux it is used for files/directories, whereas in other various unix flavors it is also used for changing attribute of the disks, adapters etc.
Let’s begin with understanding the command and it’s flags
To list out the attributes of a file or a directory
#lsattr (list attribute)
Flags can be used
-R Recursively list attributes of directories and their contents.
-V Display the program version.
-a List all files in directories,
-d List directories like other files, rather than listing their
contents.
-v List the files version/generation number.
Let’s create a file and check it’s attribute, I’ll go with simple cat command
Now let’s check whether it is having any attributes attached or not
#lsattr umate
As the above screenshot suggest there is no attribute attached, lets change some of its attribute.
Hey!! wait a min, do we know what options can be used with chattr command?
let’s learn it first.
The syntax for chattr command is
#chattr [operator] [option] [file name]
The possible operators are ‘+'(plus), “-“(minus) and “=” equals to
And the options are as follows
- If a file is accessed with ‘A‘ attribute set, its time record will not be updated.
- If a file is modified with ‘S‘ attribute set, the changes are updates synchronously on the disk.
- A file is set with ‘a‘ attribute, can only be open in append mode for writing means only updating is allowed.
- A file is set with ‘i‘ attribute, cannot be modified (immutable). Where no renaming, no execution, no write operations are permitted, only super user can unset the attribute.
- A file with the attribute ‘d‘, will not participate in backup when the dump process is run.
- When a file has ‘u‘ attribute is deleted, its data are saved. This enables the user to ask for its undeletion.
Okay, now then we know our command, let’s try protecting our file with “i” immutable option
First i’ll give full permission to my file and then we’ll go for i option
Let’s make it immutable (non-modifiable)
Okay now let’s try appending, modifying and even deleting.
To remove this protection we can go for -i option
Similarly, if you want append only mode, where people can add data but cannot modify nor delete the data go for +a option
Try updating the data it will work
modifying the data will fail as follows
To remove this protection go for -a option
Hope this article may help you protecting your important files better
Do comeback for more updates
Anonymous
June 18, 2016 at 11:07 amdonnie@mail.postmanllc.net
Mahesh Raparthi
July 31, 2016 at 4:45 pmHi sir,
kind of request you….
please share your realtime issues and anwsers for Linux….
this request from your new and old student…
thanks