Lets say you have a public folder in your firm and you want everyone to edit the files in that folder except of one. how would you go about protecting that file?
Lets add to the equation the fact that you have scripts running as root on the folder and you want them not to be able to touch that file. any ideas?
lets create a file:
echo `date` > filename
as root do:
chattr +i filename
And that’s it,you cant delete the file, move it, rename it, or save into it any changes, until you remove the ‘i’ settings from it.
So next time you find a file that you cannot modify or delete even as root, check it with lsattr, to make sure its not protected in some other way.
A short update – This will not work on NFS mounted file systems,
you will get the following error:
lsattr: Inappropriate ioctl for device While reading flags on