Linux chattr Command Tutorial for Beginners (5 Examples)

0
88

The chattr command in Linux is a utility that allows users to change file attributes on a filesystem. This command provides enhanced control over files by setting attributes that can modify file behaviors in ways not achievable through regular permissions. For instance, using chattr, one can make a file immutable with the “+i” attribute, preventing it from being modified, deleted, or renamed, even by the root user. Other attributes include “+a”, which permits a file to be opened only in append mode, and “+u”, which ensures that file contents are saved for undeletion. These attributes can be particularly useful for securing critical system files, preventing accidental deletions, and managing files more granularly. The command must be executed with superuser privileges and is typically used by system administrators to enhance the security and integrity of important files within the Linux filesystem.

Often, a Linux computer is used by different users, so it is possible that these users access a common group of files. This opens the door to problems like accidental deletion or editing of important files, which you, as an administrator, definitely don’t want.

In this tutorial, we will explain this tool with some easy-to-understand examples. But before we do that, we should mention that all the examples here have been tested on Ubuntu 24.04 LTS and Debian 12.

The Linux chattr command

The chattr command is used to change file attributes on a Linux file system. Following is its syntax:

chattr [ -RVf ] [ -v version ] [ mode ] files...

And here’s what the man page says about it:

       chattr changes the file attributes on a Linux file system.

       The format of a symbolic mode is +-=[aAcCdDeijsStTu].

       The  operator  '+'  causes  the  selected attributes to be added to the
       existing attributes of the files; '-' causes them to  be  removed;  and
       '=' causes them to be the only attributes that the files have.

       The  letters  'aAcCdDeijsStTu' select the new attributes for the files:
       append only (a), no atime updates (A), compressed (c), no copy on write
       (C), no dump (d), synchronous directory updates (D), extent format (e),
       immutable (i), data journalling (j), secure deletion  (s),  synchronous
       updates  (S),  no tail-merging (t), top of directory hierarchy (T), and
       undeletable (u).

       The following attributes are read-only, and may be listed by  lsattr(1)
       but  not  modified  by  chattr:  compression  error (E), huge file (h),
       indexed directory (I), inline data (N), compression raw access (X), and
       compressed dirty file (Z).

       Not  all  flags  are supported or utilized by all filesystems; refer to
       filesystem-specific man pages such as btrfs(5), ext4(5), and xfs(5) for
       more filesystem-specific details.

The following are some Q&A-styled examples that should give you a good idea of how the chatter command works.

Q1. How to use chattr command?

Suppose you want to make a file read-only. To do so, run the chattr command with the +i option and the file name as input.

For example:

chattr +i test.txt

The following screenshot shows no other operation was successful on the file once it became read-only using chattr.

Note: As you would have already observed, you need to have root privileges to use the chattr command.

Q2. How to remove the read-only restriction imposed by chattr?

This is simple – all you have to do is to use the -i option instead of +i. For example:

chattr -i test.txt

So you can see the read-only factor got removed with the -i option.

Q3. How to provide append-only permission to a file?

Sometimes, you may not want a full restriction on a file. What I mean is that you may want to provide users with append-only access to a file so that new information can be added, but existing information cannot be deleted or edited. This is also possible using Chattr through the +a option.

chattr +a test.txt

So you can see that we could append to the file now but could not edit existing information or delete the file. To reverse this behavior, use the -a option.

chattr -a test.txt

Q4. How to apply a restriction using chattr to all files in a directory?

This can be done using the flag -R, which lets you recursively change attributes of directories and their contents. For example, if you want to make all files inside the test-dir directory as read-only, use the chattr command in the following way:

chattr -R +i ./test-dir/

The following screenshot shows the read-only restriction was successfully applied to all files inside the directory.

Q5. How to check chattr attributes applied on files?

To check if a chattr attribute was successfully applied, we have tried performing operations like editing the file or deleting it. But a separate command lets you easily see if the attributes were applied or not. The command in question is lsattr.

lsattr [FILENAME]

For example, the following screenshot shows lsattr output clearly suggesting the ‘i’ attribute was applied to all files in the directory.

Just to reconfirm, here’s the output after the -i option was used.

As you can see in the screenshot above, the read-only attribute was removed from all files.

Conclusion

You will likely agree that chattr is a must-know command line tool if you are a system admin or manage users on a Linux machine in general. Effectively using the command can save you a lot of hassle. This article should be enough to get you started with the command. Once you’ve practiced the examples we’ve discussed here, head to the tool’s man page to learn more about it.


LEAVE A REPLY

Please enter your comment!
Please enter your name here