chattr and lsattr – protecting Linux Files

   Share

Lets say you have a public folder in your firm and you want everyone to edit the files in that folder except of one. how would you go about protecting that file?

Lets add to the equation the fact that you have scripts running as root on the folder and you want them not to be able to touch that file. any ideas?

That’s where chattr and lsattr step in, they manage special attributes for files under ext2 and ext3, and the one I’m referring to here is the ‘i’ setting – immutable, for a sample:

lets create a file:
echo `date` > filename

as root do:
chattr +i filename

And that’s it,you cant delete the file, move it, rename it, or save into it any changes, until you remove the ‘i’ settings from it.

So next time you find a file that you cannot modify or delete even as root, check it with lsattr, to make sure its not protected in some other way.

A short update – This will not work on NFS mounted file systems,
you will get the following error:
lsattr: Inappropriate ioctl for device While reading flags on

Technorati Tags: ,

  • Share/Bookmark

Related posts:

  1. Linux Commands – Top 20 Most Used
  2. disable selinux
  3. check smtp from commnad line
  4. Linux Hardware Info
  5. How to Debug Samba Server and solve user connection problems

Leave a Reply