5 Chattr Command Examples in Linux

chattr-command-examples-in-linux
mm
Written By:- Santosh Prasad

Chattr stands for Change Attribute. It is command line utility which is used to set or unset certain attributes to a file in UNIX/Linux system to secure accidental deletion or modification of files and folders even with root user privileges. You can’t delete the files secured via chattr attribute even though you have full permission over files. System files such as shadow and passwd are very useful file which contains all users information and password.

chattr command syntax:

# chattr [operator] [flags] [filename]

Operator

  • + :- Adds the attribute to the existing attribute of the files.
  • :- Removes the attribute to the existing attribute of the files.
  • = :- Keep the existing attributes that the files have.

Chattr Command Example

Here I am going to demonstrate some chattr command example to set or unset attributes to a file and folders. First, I am going to create test directory and example.conf file to set or unset attributes on it.

# mkdir test
# touch example.conf

# ls -l
total 0
-rw-r--r-- 1 root root    0 Apr 21 01:32 example.conf
drwxr-xr-x 2 root root 4096 Apr 21 01:32 test

1. Add attributes on files to secure from deletion

You can use + sign to set attribute and sign to unset attribute. Now set immutable bit on the files with +i flags to prevent anyone from deleting a file.

# chattr +i test/
# chattr +i example.conf

Note: Immutable bit +i can only be set by root user or a user with sudo privileges.

Now lets verify it using ‘lsattr‘ command.

# lsattr
----i----------- ./test
----i----------- ./example.conf

Now try to delete forcefully, rename or change the permissions.

# rm -rvf test/
rm: cannot remove directory `test/': Operation not permitted

# mv test/ test1
mv: cannot move `test/' to `test1': Operation not permitted

# chmod 777 test/
chmod: changing permissions of `test/': Operation not permitted

Do the same for example.conf file and you will get the same message for example.conf file.

2. Unset attribute on files

Above example you have seen how to set attribute to secure file and prevent file from accidental deletion. Now we will see how to unset or reset permissions and allow to make a file and folder changeable using –i flag.

# chattr -i test/ example.conf

After resetting permissions verify the immutable status of files using ‘lsattr‘ command.

# lsattr
------------- ./test
------------- ./example.conf

You can see –i flag has been removed, means you can remove and modify the file and folder.

# rm -rvf test/
removed directory: `test/'

# rm -rvf example.conf
removed `example.conf'

3. Secure /etc/passwd and /etc/shadow files

You can secure your system /etc/passwd and /etc/shadow files setting immutable attribute on it. Setting immutable attribute on these files also disable user account creation.

# chattr +i /etc/passwd
# chattr +i /etc/shadow

Now try to create a new user on system, you will get error message ‘cannot open /etc/passwd‘.

# useradd santosh
useradd: cannot open /etc/passwd

4. Add data into file without modifying existing data of a file

If you want to allow everyone to add the data into a file without changing or modifying data, you can use ‘a‘ attribute with chattr command like below.

# chattr +a test_file.txt
# lsattr test_file.txt
-----a---------- test_file.txt

In append mode, only data can be added into a file.

Now try to replace already existing content on a file test_file.txt, you will get error ‘Operation not permitted‘.

# echo "A site of Linux Power." > test_file.txt
-bash: test_file.txt: Operation not permitted

Now try to add new content on a existing file test_file.txt.

# echo "A site of Linux Power." >> test_file.txt

# cat test_file.txt
looklinux.com
A site of Linux Power.

Unset the append attribute

# chattr -a test_file.txt

5. Secure Directories

You can secure entire directory and its files using –R with +i flag.

# chattr -R +i mydirectory

Now try to delete the directory and its files.

# rm -rf mydirectory/
rm: cannot remove 'mydirectory/': Operation not permitted

Unset permission using -R with -i flag.

# chattr -R -i mydirectory

I hope this article will help you to set and unset attribute on file and folder. To know more about
chatter command use its man pages.

Thanks:)

About Author

mm

Santosh Prasad

Hi! I'm Santosh and I'm here to post some cool article for you. If you have any query and suggestion please comment in comment section.

Other Post by Santosh Prasad

Visit All Post

Related Article

You may also Like

Leave a Comment

Shares