The permissions system offered by Linux by default is very powerful and offers a solution to the vast majority of problems and needs of users. On other occasions, permissions are not the best solution or do not adapt to our needs, for example when we want a file to be immutable and not even the root user can modify it, in this situation we can use
chattr to protect files and folders in Linux
The
chattr
command allows us to add a series of attributes or flags, so that we can protect files and folders with greater flexibility.
How to protect files and folders in Linux with chattr
The first command we are going to see is: chattr + i
With this command we add the
+i
attribute so that
the file is immutable and cannot be deleted or modified by anyone
, taking into account that even the root user cannot modify or delete it. In the following example we are going to protect a file called passwords.txt:
chattr +i contraseñas.txt
There may also come a time when we want to remove this protection from the file, for this we will use the
-i
attribute with the following command:
chattr -i contraseñas.txt
The second command that interests us is: chattr + a
This command adds the
+a
attribute so that
the content of a file is immutable, but this time it allows you to add new lines
. In other words, the original content of the file remains unchanged, but we can add new lines. To add this attribute to a file we execute the following command:
chattr +a contraseñas.txt
If on the contrary we want to eliminate this attribute, we execute:
chattr -a contraseñas.txt
Finally we will see the command: lsattr
With this command we can see a list of the attributes associated with a file. An example of use would be:
lsattr contraseñas.txt
As we can see chattr can be very useful especially in systems shared with more people or to
protect important files in Linux
. This command has more options but it is not the objective of this article, to know all the functionality of this command, consult its help page from the terminal with the
man chattr
command.
