How to change Important Files IMMUTABLE (Unchangeable) in Linux
How to change Important Files IMMUTABLE (Unchangeable) in Linux
With the help of the Linux command-line tool chattr (Change Attribute), you can secure crucial files and folders from being accidentally deleted or altered, even when you are logged in as the root user.
Syntax of chattr
Flags
Following are the list of common attributes and associated flags can be set/unset using the chattr command.
- no atime updates (A) : If a file is accessed with ‘A‘ attribute set, its atime record is not updated.
- append only (a) : A file is set with ‘a‘ attribute, can only be open in append mode for writing.
- immutable (i): A file is set with ‘i‘ attribute, cannot be modified (immutable). Means no renaming, no symbolic link creation, no execution, no writable, only superuser can unset the attribute.
- data journalling (j): A file with the ‘j‘ attribute is set, all of its information updated to the ext3 journal before being updated to the file itself.The 'j' option is only useful if the filesystem is mounted as ext3 or ext4.
- no tail-merging (t): A file is set with ‘t‘ attribute, no tail-merging.
- no dump (d): A file with the attribute ‘d‘, will no more candidate for backup when the dump process is run.
- undeletable (u): When a file has ‘u‘ attribute is deleted, its data are saved. This enables the user to ask for its undeletion.
- synchronous updates (S): If a file is modified with ‘S‘ attribute set, the changes are updates synchronously on the disk.
- compressed (c) : A file with the 'c' attribute set is automatically compressed on the disk by the kernel.
- no copy on write (C) : A file with the 'C' attribute set will not be subject to copy-on-write updates. This flag is only supported on file systems which perform copy-on-write.
Operator
- The operator '+' causes the selected attributes to be added to the existing attributes of the files.
- '-' causes them to be removed.
- '=' causes them to be the only attributes that the files have.
Here, we'll go through a few chattr command examples for setting and unsetting attributes on files and folders.
1. How to secure files from deletion by adding attributes
We have used the folder demo and the file file.txt, respectively, for demonstration purposes. Make sure to use the 'lsattr' command to confirm that the existing files have any attributes set before setting up attributes.
With the chattr command, we use the + sign to set an attribute and the - sign to unset it. In order to prohibit anyone from deleting a file even the root user. Let's the immutable bit on the files using the +i flags.
After setting immutable bit, let’s verify the attribute with command ‘lsattr‘.
Now, tried to delete forcefully, rename or change the permissions, but it won’t allowed says “Operation not permitted“.
2. How to unset attributes from files
Using the -i flag, we will see how to reset (unset attribute) permissions and make a file changeable or alterable. In the example above, we saw how to set attributes to secure and guard against inadvertent file deletion.
After resetting permissions, verify the immutable status of files using ‘lsattr‘ command.
You see in the above results that the ‘-i‘ flag removed, that means you can safely remove all the file and folder reside in tecmint folder.
3. How to Secure passwd and shadow file
Setting immutable attribute on files /etc/passwd or /etc/shadow, makes them secure from an accidental removal or tamper and also it will disable user account creation.
Thanks for reading. Please do share..
About Manas Ranjan Tripathy
No comments