Skip to main content

File Properties Commands

Use chattr Command in Linux

With chattr command, you can make a file 'undeletable' even by root. Here are some common usage of the chattr command in Linux.

The chattr (character attribute) command allows you to set certain attributes by which you can secure files by accidental modification or deletion, even if you're root!

Yes, it can help you avoid encountering the "Oh! NO" moment.

So in this guide, I will share some practical examples of how you can use the chattr command on Linux.

chattr command in Linux

To use the chattr command, all you have to do is follow the simple command syntax:

chattr [operator] [flags] [filename]

Basically, you are given certain options in [operator] and [flags] by which you can tweak the behavior of the chattr command.

So let's have a look at the different options you get in each one starting.

Operator:

In the chatter command, you are given the following operators:

Operator Description
+ Adds an attribute to the file.
- Removes an attribute from the file.
= Will keep the selected attributes as the only attributes that the file has.

Flags:

Here are the flags that can be used to tweak the behavior of the chattr command:

Flag Description
A When used, the access time remains unchanged.
a Enables the append-only mode, where you can modify the file only by appending the additional data, but the file content can't be overridden.
S When used, the changes will be made to the disk synchronously.
i Activates the immutable mode when you can't make any changes to the file unless you have superuser privileges.
j When used, the changes are first made to the ext3 file journal before the file itself.
t It disables tail-merging.
d When used, it makes the dump utility ignore the specified file.
u When a file with the u attribute is deleted, the copy file is generated and can be used to recover the data which was removed unintentionally.
e Extent format attributes means file system is using extents to map file location of the disk. This attribute cannot be changed.

Now, let's look at some practical examples of the chattr command.

Add read-only restriction to file using the chattr command

To set the read-only restriction, all you have to do is utilize the i flag and the file becomes immutable and can not be removed (even by the root!).

For the example, I will be using a simple text file named File.txt which has the following r/w/x permissions:

check read write permissions in Linux

Now, let's execute the chattr command with the i flag with the addition + operator:

sudo chattr +i File.txt

Once you do that, you can use the lsattr command to verify whether the attribute is set as intended:

lsattr File.txt
use lsattr command to check attributes of file

As you can see in the screenshot above, the i attribute has been set. Attribute e is always set (as explained in the table earlier).

And now, if you try to remove the file (even as a root), it won't permit you to do that:

With i attribute set with chattr, even root cannot delete a file

That's nice. But what if you actually want to delete the file? Well, for that, you will have to unset the attribute. Let me show you how.

Unset attributes using the chattr command

To unset the attribute, you will have to execute the chattr command in the following manner:

chattr -[attribute] Filename

Here, you will have to append the attribute you want to unset with the - operator.

For example, earlier, I used the i attribute to make it read-only, so if I have to unset that attribute, I will be using the following:

chattr -i File.txt

Once done, I can remove the file easily:

Set append-only restriction

So if you want to allow everyone to modify the file by appending the data only and restrict them from changing the existing data, here you go.

To set the append-only restriction, you will have to use the a flag with the + operator:

sudo chattr +a File.txt

Once you do that, you won't be able to override the existing data of the file (File.txt) in my case.

For example, here, I used the echoed string without any additional flags which means it should override the existing data by that new string:

Set append-only restriction using the chattr command

Set attributes to directories

You can set any attributes to a directory by using one additional flag -R.

Here, the -R flag will be applied recursively so that every content in the directory can take effect from a single command execution:

sudo chattr -R [attribute] Directory

For example, here, I have set the i attribute to the Test directory:

sudo chattr -R +i Test/

Now, if I try to remove the directory, it will throw an error:

unable to remove directory in linux

And as always, you can unset the attribute as I mentioned earlier in the guide.

Master the file permissions

I assume that if your workflow requires the use of the chattr command, you must be handling various users.

Linux File Permissions and Ownership Explained with Examples
Linux file permissions explained in simpler terms. Also learn how to change the file permissions and ownership in Linux in this detailed beginner’s guide.

And to manage users, there is no better way than using the chage command by which you can tinker with user account expiry itself:

What is SUID, GUID and Sticky Bit in Linux? How to Use Them?
You see an s instead of x in the file permissions? Linux has some special file permissions called SUID, GUID and Sticky Bit. Know more about them.

I hope you will find this guide helpful.

And if you have any doubts or suggestions, let me know in the comments.