How to Use Chattr Command in Linux

How to Use Chattr Command in Linux
6 min read
4 weeks ago

The chattr (change attribute) command in Linux is a powerful tool for modifying file attributes on an ext2, ext3, or ext4 filesystem. It allows users to set certain attributes that control how files can be accessed and modified. For instance, the +i option makes a file immutable, meaning it cannot be altered, deleted, or renamed, even by the root user, until the immutable attribute is removed. Other attributes include +a, which allows a file to be opened only in append mode, and +c, which marks the file for compression. This command is particularly useful for system administrators who need to enforce strict access controls and protect critical system files from accidental or malicious changes. However, it must be used with caution, as improper use can restrict access to files in unintended ways.

Prerequisites

  • A server running a Linux operating system.
  • A root password configured on the server.

Basic Syntax

The basic syntax of the chattr command is:

chattr [OPTIONS] [OPERATOR][ATTRIBUTES] FILE

Explanation of Options

  • +: Adds specific attributes to the file.
  • -: Removes specific attributes from the file.
  • =: Sets specified attributes as the only attributes.
  • a: File can only be opened in append mode for writing.
  • A: The atime record is not updated.
  • c: Automatically compresses the file.
  • i: Protects your file from accidental deletion.
  • S: File changes are written synchronously on the disk.

Securing Files from Accidental Deletion

Securing important files is crucial for any system administrator. The chattr command can secure your file so that no user can delete, rename, or modify it.

  1. Create a directory and a file:

    mkdir dir1
    touch file1
    
  2. Print the attributes of both file1 and dir1:

    ls -l
    

    Output:

    drwxr-xr-x 2 root root 4096 May  3 11:56 dir1
    -rw-r--r-- 1 root root    0 May  3 11:56 file1
    
  3. Set the +i flag on both dir1 and file1:

    chattr +i dir1
    chattr +i file1
    
  4. Verify the attribute:

    ls -l
    

    Output:

    drwxr-xr-x 2 root root 4096 May  3 11:56 dir1
    -rw-r--r-- 1 root root    0 May  3 11:56 file1
    
  5. Try to delete the file and directory:

    rm -rf file1 dir1
    

    Output:

    rm: cannot remove ‘file1’: Operation not permitted
    rm: cannot remove ‘dir1’: Operation not permitted
    
  6. Try to rename the file:

    mv file1 file2
    

    Output:

    mv: cannot move ‘file1’ to ‘file2’: Operation not permitted
    
  7. Try to change the permission of the file:

    chmod 777 file1
    

    Output:

    chmod: changing permissions of ‘file1’: Operation not permitted
    

Resetting Attributes on Files

To allow changes and deletion of the file, reset the file attributes set in the previous step:

chattr -i file1 dir1

You can now verify the status of the file and directory:

lsattr

Output:

-------------e-- ./dir1
-------------e-- ./file1

Allowing Data Append Without Modifying Existing Data

To allow users to only append data without modifying existing data, use the +a flag on the file.

  1. Create a new file with content:

    echo "Hi How Are You" > newfile.txt
    
  2. Set the +a attribute on the file:

    chattr +a newfile.txt
    
  3. Try to replace existing content:

    echo "I am replacing" > newfile.txt
    

    Error:

    bash: newfile.txt: Operation not permitted
    
  4. Append new content to the existing file:

    echo "This is new content" >> newfile.txt
    
  5. Verify the content of the file:

    cat newfile.txt
    

    Output:

    Hi How Are You
    This is new content
    

Protecting Directories Recursively

Use the -R flag with +i to protect a directory and its subdirectories recursively.

  1. Create directories and subdirectories:

    mkdir -p test/dir1/dir2
    mkdir -p test/dir3/dir4
    mkdir -p test/dir5/dir6
    
  2. Secure the test directory and all subdirectories:

    chattr -R +i test
    
  3. Try to delete the test directory with all subdirectories:

    rm -rf test/
    

    Error:

    rm: cannot remove ‘test/dir1/dir2’: Permission denied
    rm: cannot remove ‘test/dir5/dir6’: Permission denied
    rm: cannot remove ‘test/dir3/dir4’: Permission denied
    
  4. Reset the attribute from the test directory:

    chattr -R -i test
    
  5. Now you can delete the test directory with all subdirectories.

Conclusion

In this guide, you learned how to protect files and directories with the chattr command. This command is essential for securing important configuration files and enforcing strict access controls in a Linux environment. The chattr command can make files immutable, append-only, and more, making it a critical tool for system administrators.

The lsattr command is also a valuable companion for viewing the attributes of files and directories. Understanding and using these commands effectively will help you safeguard your Linux systems from accidental or unauthorized changes.

In case you have found a mistake in the text, please send a message to the author by selecting the mistake and pressing Ctrl-Enter.
Den W. 1.9K
I'm a passionate tech enthusiast who loves diving into the world of software, programming, and tech reviews.
Comments (0)

    No comments yet

You must be logged in to comment.

Sign In