In Linux, the “Change Attribute” (chattr) command line utility is used for changing the attributes of a file by applying or removing permission. This command makes the file immutable (unchangeable), so the normal user can not delete it.
The purpose of this guide is to explain the “chattr” command with all practical examples in Linux systems. The supported content of this guide is as follows:
- How Does the “chattr” Command Work in Linux?
- Add/Remove Only Append Permission
- Add/Remove Immutable Permission
- Set Directory Restriction
Let’s start the “chattr” command with practical implementation.
How Does the “chattr” Command Work in Linux?
In Linux, the administrator can manipulate the privilege of the files/directories with the help of the “chattr” command. The syntax of the “chattr” command is as follows:
$ chattr [Operators] [Flags] [filename]
The “chattr” refers to the keyword of the command while the “Operators” and “Flags” supported by this command are explained below:
| Operators | Description |
|---|---|
| + | Adds a specific attribute. |
| – | Removes the specific attribute. |
| = | Keeps the existing attributes. |
Multiple “Flags” with descriptions are explained below:
| Flags | Description |
|---|---|
| i | It makes the file immutable(unchangeable). |
| u | The flag saves content present in the file when it is deleted. |
| a | It opens the file in append mode. |
| s | It ensures the synchronization of files. |
Example 1: How to Add/Remove Only Append Permission?
The “a” flag of the “chattr” command is used to add/remove the append permissions to a specific file. Let’s practice both functionalities of this command:
Grant Append Permissions
The “+” symbol, when used with the “a” flag, allows granting only appending rights.
$ sudo chattr +a office.txt
The “lsattr” utility displays the “append” attribute as applied to the file. Now, if we try to modify its content, the editor will throw an error saying the “Operation not permitted” as shown below:
Remove Append Permission
To remove the append permission, the “-” symbol is used with the “a” option as directed in the command below:
$ sudo chattr -a office.txt
The output confirms the append permission has been removed from the existing file. Now, the users can append as well as modify the file.
Example 2: How to Add/Remove Immutable Permissions?
The immutable file can not be deleted, renamed, or moved. Here, two examples are considered that show how a file can be granted/removed the immutable permissions.
Grant the Immutable Permissions
To make the file immutable in the Linux system, use the “+” symbol with the “i” option of the “chattr” command:
$ sudo chattr +i office.txt
After the immutable permission is applied on the file, let’s try to remove the “office.txt” file by “rm” utility:
$ rm office.txt
The output shows that the existing file can not be removed which verifies that the file is immutable.
Remove the Immutable Permissions
To remove the immutable permission on the “office.txt” file, the “-i” attribute is utilized with the “chattr” command in the below screenshot:
$ sudo chattr -i office.txt
Example 3: How to Set Directory Restriction?
To set the immutable permission on the directory, specify the directory’s name with the “+i” attribute. It changes the permission of the existing attribute and does not allow to modify any file in the directory:
$ sudo chattr +i Org
After making the specified directory “Org” immutable, all the files (not subdirectories) will also have the same permissions.
Check the Immutable Permission
To check the immutable permission of a specified directory; the “rm ” command is utilized to remove the “file.py” present in the “Org” directory. To display the content in the directory, the “ls” command is given below:
$ ls
The output confirms that there is no permission to remove the “file.py” from the system.
Change the Attribute of a Directory Recursively
To change the immutable permission on the directory, specify the “+i” attribute with the directory’s name “Folder”. Additionally, the “-R” option applies the immutable property recursively:
$ sudo chattr -R +i Folder
It changes the permission of the existing attribute. It does not allow modification of any file and subdirectories in the “Folder” directory. Let’s remove the subdirectory “subfolder” through the “rm” utility:
$ sudo rm subfolder
The error authenticates that the immutable property has been applied to all files and subdirectories.
That is all the “chattr” commands in Linux.
Conclusion
In the Linux system, the “chattr” command is utilized to change the existing attribute of a file/directory. This command has multiple flags, including “i” for immutable file, “a” for append mode, and “R” for recursively. These attributes are implemented through “+” and “–” operators for adding and removing from the file. This article has demonstrated the “chattr” command with all possible examples in Linux.
