from small one page howto to huge articles all in one place

search text in:

Which kernel version do you use?

poll results

Last additions:
using iotop to find disk usage hogs

using iotop to find disk usage hogs






average rating: 1.7 (102 votes) (1=very good 6=terrible)

May 25th. 2007:




why adblockers are bad

Workaround and fixes for the current Core Dump Handling vulnerability affected kernels

Workaround and fixes for the current Core Dump Handling vulnerability affected kernels






average rating: 1.4 (42 votes) (1=very good 6=terrible)

April, 26th. 2006:

Druckversion . pdf icon
You are here: System->Tips and Tricks

Changing File Attributes

This tip explains how to use chattr to keep important system files secure. The "change attribute" command, or chattr, can be used to add or change existing file attributes for things such as synchronous updates, tighter file security, and more. However, this command is only available on ext2 or ext3 partitions.

A list of common attributes and their associated flags is listed below. For a more complete list see man chattr.
(A) Don't update atime
(S) synchronous updates
(a) append only
(d) no dump
(i) immutable
(j) data journalling
(t) no tail-merging

Note: The 'j' option can only be used with ext3.

Note: The 'j', 'a' and 'i' options are only available to the superuser.

To set attributes on files, use the chattr command and to view attributes, use the lsattr command.

Code Listing 1: Examples of using chattr and lsattr

// Set the immutable bit on a file so it cannot be changed or removed 
# chattr +i myfile 
# lsattr myfile 
----i-------- myfile 
// Testing the immutable flag by attempting to delete the file 
# rm myfile 
rm: cannot remove `myfile': Operation not permitted 
// Set myfile to append-only 
# chattr +a myfile 
# lsattr myfile 
-----a------- myfile 
# echo testing > myfile 
myfile: Operation not permitted 
# echo testing >> myfile 
// no errors - file was appended to
Some instances where this may be useful is keeping important files safe from deletion. Remember that even root can't delete a file that is immutable or append-only without first explicitly removing that attribute. Using this flag on /etc/passwd or /etc/shadow files keeps them safe from an accidental rm -f and also ensures no new accounts can be added in the event of an exploit. Keeping other files append-only means once they are written, that data can't be changed. Logs are a good candidate for this to keep them from being tampered with. With chattr and lsattr, you now have a few new tools to keep your system secure.


rate this article:
current rating: average rating: 1.6 (160 votes) (1=very good 6=terrible)
Your rating:
Very good (1) Good (2) ok (3) average (4) bad (5) terrible (6)


Support us on Content Nation
rdf newsfeed | rss newsfeed | Atom newsfeed
- Powered by LeopardCMS - Running on Gentoo -
Copyright 2004-2020 Sascha Nitsch Unternehmensberatung GmbH
Valid XHTML1.1 : Valid CSS : buttonmaker
- Level Triple-A Conformance to Web Content Accessibility Guidelines 1.0 -
- Copyright and legal notices -
Time to create this page: 867.7 ms