File attributes
Linux provides us the access control by file and directory permissions on three levels: user, group and other. These file permissions provide the basic level of security and access control. Linux also has advanced access control features like ACLs (Access Control Lists) and attributes. Attributes define properties of files.
The files and directories can have following attributes :
- a (append only) this attribute allows a file to be added to, but not to be removed. It prevents accidental or malicious changes to files that record data, such as log files.
- c (compressed) it causes the kernel to compress data written to the file automatically and uncompress it when it’s read back.
- d (no dump) it makes sure the file is not backed up in backups where the dump utility is used
- e (extent format) it indicates that the file is using extents for mapping the blocks on disk.
- i (immutable) it makes a file immutable, which goes a step beyond simply disabling write access to the file. The file can’t be deleted, links to it can’t be created, and the file can’t be renamed.
- j (data journaling) it ensures that on an Ext3 file system the file is first written to the journal and only after that to the data blocks on the hard disk.
- s (secure deletion) it makes sure that recovery of a file is not possible after it has been deleted.
- t (no tail-merging) Tail-merging is a process in which small data pieces at a file’s end that don’t fill a complete block are merged with similar pieces of data from other files.
- u (undeletable) When a file is deleted, its contents are saved which allows a utility to be developed that works with that information to salvage deleted files.
- A (no atime updates) Linux won’t update the access time stamp when you access a file.
- D (synchronous directory updates) it makes sure that changes to files are written to disk immediately, and not to cache first.
- S (synchronous updates) the changes on a file are written synchronously on the disk.
- T (and top of directory hierarchy) A directory will be deemed to be the top of directory hierarchies for the purposes of the Orlov block allocator.
LSATTR - List File Attributes
$ lsattr | sort -k2
-----a-------e-- ./file1
----i--------e-- ./file2
-------------e-- ./file3
-------------e-- ./file4
-------------e-- ./file5
-------------e-- ./folder1
-------------e-- ./folder2
-------------e-- ./folder3
-------------e-- ./folder4
-------------e-- ./folder5
$ lsattr folder1 | sort -k2
-------------e-- folder1/fileinside1
-------------e-- folder1/fileinside2
-------------e-- folder1/fileinside3
-------------e-- folder1/fileinside4
-------------e-- folder1/fileinside5
$ lsattr -d folder1
-------------e-- folder1
$ lsattr -V
lsattr 1.42.9 (28-Dec-2013)
CHATTR - Change File Attributes
Chattr is a command used to set / unset file attributes in Linux. Using chattr it is possible to make a file immutable. That is, even a root user will be prohibited from deleting the file.
chattr +i filename #set the immutable bit of the file
chattr -i filename #remove the immutable bit of the file
chattr +a filename #set append only bit of the file
chattr -a filename #remove append only bit of the file