How To Protect Important Files And Directories From Modification And Deletion With chattr Command

byLiveStream -
0
 
Protecting Important Files and Directories Against Deletion or Modification using chattr command


chattr stands for "Change attribute"  which means changing the attribute of the files/directories. In linux it is used for files/directories, whereas in other various unix flavors it is also used for changing attribute of the disks, adapters etc.


Let's begin with understanding the command and it's flags


To list out the attributes of a file or a directory


#lsattr (list attribute)


Flags can be used

       -R     Recursively list attributes of directories and their contents.


       -V     Display the program version.


       -a     List all files in directories,


       -d     List  directories  like  other  files, rather than listing their
               contents.


       -v     List the files version/generation number.


Let's create a file and check it's attribute, I'll go with simple cat command





Now let's check whether it is having any attributes attached or not
#lsattr umate



As the above screenshot suggest there is no attribute attached, lets change some of its attribute.


Hey!! wait a min, do we know what options can be used with chattr command?
let's learn it first.


The syntax for chattr command is


#chattr [operator] [option] [file name]



The possible operators are '+'(plus), "-"(minus) and "=" equals to


And the options are as follows


  • If a file is accessed with ‘A‘ attribute set, its time record will  not be updated.
  • If a file is modified with ‘S‘ attribute set, the changes are updates synchronously on the disk.
  • A file is set with ‘a‘ attribute, can only be open in append mode for writing means only updating is allowed.
  • A file is set with ‘i‘ attribute, cannot be modified (immutable). Where no renaming, no execution, no write operations are permitted, only super user can unset the attribute.
  • A file with the attribute ‘d‘, will not participate in  backup when the dump process is run.
  • When a file has ‘u‘ attribute is deleted, its data are saved. This enables the user to ask for its undeletion.
Okay, now then we know our command, let's try protecting our file with "i" immutable option


First i'll give full permission to my file and then we'll go for i option



Let's make it immutable (non-modifiable)





Okay now let's try appending, modifying and even deleting.





To remove this protection we can go for -i option





Similarly, if you want append only mode, where people can add data but cannot modify nor delete the data go for +a option



Try updating the data it will work





modifying the data will fail as follows



To remove this protection go for -a option


Hope this article may help you protecting your important files better


Do comeback for more updates










































































Tags:

Post a Comment

Previous Post Next Post