chattr command in Linux with examples

The chattr command in Linux is a file system command which is used for changing the attributes of a file in a directory. The primary use of this command is to make several files unable to alter for users other than the superuser. As we know Linux is a multi-user operating system, there exist a chance that a user can delete a file that is of much concern to another user, say the administrator. To avoid such kinds of scenarios, Linux provides ‘chattr‘. In short, ‘chattr’ can make a file immutable, undeletable, only appendable and many more! 

Synopsis: 

chattr [ -RVf ] [ -v version ] [ mode ] files...

At the beginning of a mode string, one of the following operators must appear: 

• ‘+‘ : Adding selected attributes to the existing attributes of the files.
• ‘–‘ : Causes selected attributes to be removed.
• ‘=‘ : Causes selected attributes to be the only attributes that the files have.

The format of symbolic mode is: 

{+|-|=}[aAcCdDeijsStTu]

Following are the list of common attributes and associated flags can be set/unset using the chattr command: 

• A set : The atime record is not updated.
• S set : The changes are updated synchronously on the disk.
• a set : File can only be opened in append mode for writing.
• i set : File cannot be modified (immutable), the only superuser can unset the attribute.
• j set : All of files information is updated to the ext3 journal before being updated to the file itself.
• t set : No tail-merging is allowed.
• d set : No more candidate for backup when the dump process is run.
• u set : When such a file is deleted, its data is saved enabling the user to ask for its undeletion.

All the commands above are however not qualified to files and can be used on directories (Folders) as well to secure a directory from deletion or any other analogous accidents. However, while securing a directory the flag -R’ is suggested to be used in order to recursively secure all the content in the specified directory. 

Below are the different options of chattr command: 

• -R : It is used to display the list attributes of directories and their contents recursively.
• -V : It will display the version of the program.
• -a : Used to list all the files of a directory which also includes the whose name starts with a Period(‘.’).
• -d : This option will list the directories as regular files instead of listing their contents.
• -v : Used to display the file’s version/generation number etc.

Use of chattr Command: The chattr’ can be used to preserve some system files that are very important and needs to remain in the host PC no matter what. Also to make a directory undeletable or unmodifiable for users other than superuser, this is necessary. The common use of ‘chattr’ is as below:- 

1. Making the file immutable: The command here made the file named file.txt immutable, hence now no operations are possible on this file until the attributes of the file are changed again.
2. Opening the file only in append mode: The flag a’ is used to open the file only in append mode. Consequently, it can only be appended and the previous data can’t be modified.
3. Making directories secured: The flag +i’ can be used for a directory(as shown below) to make the directory immutable. Also, the flag -R’ is used here, which makes the call recursive and all the subfiles and directories are made immutable as well.

Note: lsattr command is used to see the attributes of files in a directory. Here, it should be noted that the e flag in the file is previously set and it means that the file is using extents for mapping blocks on the disk. The extents are filesystem dependent. They are seldom removable.