chattr command in Linux operating system, is technically a file system based command. It’s mostly used to change attributes of a file in directory, and primarily to alter such files that can’t be altered by users without sudo privileges. Means, using this command, sudo users can create such essential files which can’t be deleted, appended, or edited unless the sudo users intend to do so.
Syntax of chattr command in Linux
chattr [ -RVf ] [ -v version ] [ mode ] files…
It’s recommended to use one of the following operators at the beginning of mode string with chattr command:
- ‘+’ : Used for adding new attributed to existing attributes of files.
- ‘-’ : Used for removing selected attributes from files.
- ‘=’ : Used for setting the only attributes for files.
Means, with the inclusion of these operators, the symbolic mode format would be like one here mentioned:
List of commonly used attributes and associated flags
- A set : atime record is not updated.
- S set : changes are updated synchronously on disk.
- a set : indicates that files can only be opened in append mode for writing.
- i set : files can be altered or modified only by superusers, and not the others.
- j set : All files information is updated to ext3 journal before being updated to file itself.
- t set : tail-merging is not allowed.
- d set : No candidate for backups while running dump process.
- u set : used for setting a file to ask users regarding undeletion, when deleted.
Important Note Above mentioned attributes and associated flags can be used not only for files, but for directories as well in order to secure a folder against being deleted. While using chattr command with a directory, it’s suggested to use -R flag if you want to secure all its internal files recursively.
Options available to use with chattr command
Here the list of various options that can be used with chattr command:
- -R : Used for displaying the list of attributes of directories and their contents recursively.
- -V : Displays the version information.
- -a : Used for listing all files in directory along with hidden files (the files which starts with ‘.’).
- -d : Used for listing the directories as regular files instead of their contents.
- -v : Used for displaying the file’s version, generation details, and more.
Examples of chattr command in Linux
1: Turn the file immutable
sudo chattr +i servo.txt
Running this command will make servo.txt file immutable. Means, the file is attributed with read-only attribute and no other operations can be processed.
2: Removing read-only attribute
sudo chattr -i servo.txt
This command will reverse the immutable effect on servo.txt file as applied in first example. So, other operations can easily be done.
3: Setting append-only permission to file
sudo chattr +a servo.txt
This makes the file append-able to other users. Means, the users can add new info to file but can’t delete or edit the existing info.
4: Turning a directory immutable
sudo chattr +R +i ./sudo/var/www/
So, the mentioned directory called www will be restricted to users by adding read-only attribute. Also, the same permissions will be granted to all files within directory as well.
5: Checking existing attributes on files/folder
lsattr [File_Name] or lsattr [Path_To_Folder]