Related

GUI for MongoDB needed to mange Meteor app Question Question
Why are snapshots so slow Question Question

Question

What are File/Directory Attributes

Posted April 24, 2020 304 views
Linux BasicsUbuntuCentOS

Hi all,

I recently got asked by a friend why they weren’t able to delete a file from the command line even though they were logged in as root and the permissions were set to 777.

This is what we’ll be talking about in this mini tutorial, Linux’s file/directory attributes and how can we manage them.

Add a comment
By:
KFSys

Related

GUI for MongoDB needed to mange Meteor app Question Question
Why are snapshots so slow Question Question

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer
KFSys April 24, 2020

As we all know, in Linux there are 3 primary permissions - read, write, execute or 4, 2, 1 or r, w, x.

Having said that, as the example above, sometimes even if the file or directory you want to manage by some way has set permissions 777, it’s not possible. It just says you don’t have the right permissions, even though you are logged in as root. This is where this mini tutorial comes in play. We’ll talk about these so called hidden permissions or as they are more commonly known - File/Directory Attributes.

Apart from the file mode bits that control user and group read, write and execute permissions, several file systems support file attributes that enable further customization of allowable file operations :

a: append only
c: compressed
d: no dump
e: extent format
i: immutable
j: data journalling
s: secure deletion
t: no tail-merging
u: undeletable
A: no atime updates
C: no copy on write
D: synchronous directory updates
S: synchronous updates
T: top of directory hierarchy

You can set any of it by using the command chattr. To properly use it, we’ll need to execute it like that :

chattr +i /path/to/file

The above command will make the said fail have the i attribute which is Immutable. If we want to remove the attribute, we’ll need to use the - symbol instead of the + :

chattr -i /path/to/file

There is a command to see all the attributes added to a file, it’s lsattr. You can use it like so :

lsattr /path/to/file

Example

Let’s review a real life example:

You have a log file and some program is clearing it every 1 hour however you want the information in the log file to be kept and only new information to be saved to it. I know, I know, this is why log rotation has been invented but for the sake of the example let’s say we want to keep the logs forever. As this is a very specific case, using the basic 3 permissions in Linux will not be enough. You’ll need to use another method. This is where Attributes come in play, if we take a look at the list above, we’ll notice there is an attribute a which we can use - a: append only.

To achieve our goal, we’ll need to run the following command

chattr +a /path/to/file

There it is, now the file can only have new text written to it!

Regards,
KDSys

Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help